From f34afbf8a4af4665a0964dc8c71ae57815c60554 Mon Sep 17 00:00:00 2001 From: Gary Lockyer Date: Thu, 19 Dec 2019 16:31:24 +1300 Subject: [PATCH 1/2] test upgradedns: ensure lmdb lock files linked Add tests to check that the '-lock' files for the dns partitions as well as the data files are linked when running samba_dnsupgrade --dns-backend=BIND9_DLZ failure to create these links can cause corruption of the corresponding data file. Changes to python/samba/tests/__init__.py adding run_command manually copied from commit b27817d491794a292278832e3f59f955f418a6cb BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett (cherry picked from commit f0cebbe4dd0317e2abfcbe252977383e6f37f3bd) --- python/samba/tests/__init__.py | 17 +++++ python/samba/tests/samba_upgradedns_lmdb.py | 75 +++++++++++++++++++++ selftest/knownfail.d/bug-14199 | 1 + source4/selftest/tests.py | 2 + 4 files changed, 95 insertions(+) create mode 100644 python/samba/tests/samba_upgradedns_lmdb.py create mode 100644 selftest/knownfail.d/bug-14199 diff --git a/python/samba/tests/__init__.py b/python/samba/tests/__init__.py index bc336f7f153..af343b369e2 100644 --- a/python/samba/tests/__init__.py +++ b/python/samba/tests/__init__.py @@ -391,6 +391,23 @@ class BlackboxTestCase(TestCaseInTempDir): raise BlackboxProcessError(retcode, line, stdoutdata, stderrdata) return stdoutdata + # + # Run a command without checking the return code, returns the tuple + # (ret, stdout, stderr) + # where ret is the return code + # stdout is a string containing the commands stdout + # stderr is a string containing the commands stderr + def run_command(self, line): + line = self._make_cmdline(line) + use_shell = not isinstance(line, list) + p = subprocess.Popen(line, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + shell=use_shell) + stdoutdata, stderrdata = p.communicate() + retcode = p.returncode + return (retcode, stdoutdata.decode('UTF8'), stderrdata.decode('UTF8')) + # Generate a random password that can be safely passed on the command line # i.e. it does not contain any shell meta characters. def random_password(self, count=32): diff --git a/python/samba/tests/samba_upgradedns_lmdb.py b/python/samba/tests/samba_upgradedns_lmdb.py new file mode 100644 index 00000000000..048993152e2 --- /dev/null +++ b/python/samba/tests/samba_upgradedns_lmdb.py @@ -0,0 +1,75 @@ +# Unix SMB/CIFS implementation. +# Copyright (C) Catalyst IT Ltd. 2019 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +from samba.tests.samba_tool.base import SambaToolCmdTest +import os +import shutil + + +class UpgradeDnsLmdbTestCase(SambaToolCmdTest): + """ + Tests for dns upgrade on a lmdb backend + """ + + def setUp(self): + super(UpgradeDnsLmdbTestCase, self).setUp() + self.tempsambadir = os.path.join(self.tempdir, "samba") + os.mkdir(self.tempsambadir) + + # provision a domain + # + # returns the tuple (ret, stdout, stderr) + def provision(self): + command = ( + "samba-tool " + "domain provision " + "--realm=foo.example.com " + "--domain=FOO " + "--targetdir=%s " + "--backend-store=mdb " + "--use-ntvfs " % self.tempsambadir) + return self.run_command(command) + + # upgrade a domains dns to BIND9 + # + # returns the tuple (ret, stdout, stderr) + def upgrade_dns(self): + command = ( + "samba_upgradedns " + "--dns-backend=BIND9_DLZ " + "--configfile %s/etc/smb.conf" % self.tempsambadir) + return self.run_command(command) + + def tearDown(self): + super(UpgradeDnsLmdbTestCase, self).tearDown() + shutil.rmtree(self.tempsambadir) + + def test_lmdb_lock_files_linked_on_upgrade_to_bind9_dlz(self): + """ + Ensure that links are created for the lock files as well as the + data files + """ + self.provision() + self.upgrade_dns() + directory = ("%s/bind-dns/dns/sam.ldb.d" % self.tempsambadir) + for filename in os.listdir(directory): + if filename.endswith(".ldb") and "DNSZONES" in filename: + lock_file = ("%s/%s-lock" % (directory, filename)) + self.assertTrue( + os.path.isfile(lock_file), + msg=("Lock file %s/%s-lock for %s, does not exist" % + (directory, filename, filename))) diff --git a/selftest/knownfail.d/bug-14199 b/selftest/knownfail.d/bug-14199 new file mode 100644 index 00000000000..f9508910b79 --- /dev/null +++ b/selftest/knownfail.d/bug-14199 @@ -0,0 +1 @@ +^samba.tests.samba_upgradedns_lmdb.samba.tests.samba_upgradedns_lmdb. diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index 2ec0bee923b..14176d6c953 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -649,6 +649,8 @@ planpythontestsuite("none", "samba.tests.samba_tool.provision_password_check") planpythontestsuite("none", "samba.tests.samba_tool.help") planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.samba_tool.passwordsettings") +planpythontestsuite("none", "samba.tests.samba_upgradedns_lmdb") + # Run these against chgdcpass to share the runtime load planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.sites") planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.dnscmd") -- 2.17.1 From fbac88bdb40b74f725ee00134f4accc9bbf64dfe Mon Sep 17 00:00:00 2001 From: Gary Lockyer Date: Thu, 19 Dec 2019 16:31:46 +1300 Subject: [PATCH 2/2] upgradedns: ensure lmdb lock files linked Ensure that the '-lock' files for the dns partitions as well as the data files are linked when running samba_dnsupgrade --dns-backend=BIND9_DLZ failure to create these links can cause corruption of the corresponding data file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett (cherry picked from commit 0bd479140c18ab79479ced4f25f366744c3afe18) --- python/samba/provision/sambadns.py | 12 +++++++++++- selftest/knownfail.d/bug-14199 | 1 - 2 files changed, 11 insertions(+), 2 deletions(-) delete mode 100644 selftest/knownfail.d/bug-14199 diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py index e2b6fcd0c28..7b491141c23 100644 --- a/python/samba/provision/sambadns.py +++ b/python/samba/provision/sambadns.py @@ -852,10 +852,20 @@ def create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid): os.link(os.path.join(samldb_dir, metadata_file), os.path.join(dns_samldb_dir, metadata_file)) os.link(os.path.join(private_dir, domainzone_file), - os.path.join(dns_dir, domainzone_file)) + os.path.join(dns_dir, domainzone_file)) + if backend_store == "mdb": + # If the file is an lmdb data file need to link the + # lock file as well + os.link(os.path.join(private_dir, domainzone_file + "-lock"), + os.path.join(dns_dir, domainzone_file + "-lock")) if forestzone_file: os.link(os.path.join(private_dir, forestzone_file), os.path.join(dns_dir, forestzone_file)) + if backend_store == "mdb": + # If the database file is an lmdb data file need to link the + # lock file as well + os.link(os.path.join(private_dir, forestzone_file + "-lock"), + os.path.join(dns_dir, forestzone_file + "-lock")) except OSError: logger.error( "Failed to setup database for BIND, AD based DNS cannot be used") diff --git a/selftest/knownfail.d/bug-14199 b/selftest/knownfail.d/bug-14199 deleted file mode 100644 index f9508910b79..00000000000 --- a/selftest/knownfail.d/bug-14199 +++ /dev/null @@ -1 +0,0 @@ -^samba.tests.samba_upgradedns_lmdb.samba.tests.samba_upgradedns_lmdb. -- 2.17.1