| 1 | #!/usr/bin/perl
|
|---|
| 2 | # Bootstrap Samba and run a number of tests against it.
|
|---|
| 3 | # Copyright (C) 2005-2012 Jelmer Vernooij <jelmer@samba.org>
|
|---|
| 4 | # Published under the GNU GPL, v3 or later.
|
|---|
| 5 |
|
|---|
| 6 | import os
|
|---|
| 7 | import sys
|
|---|
| 8 |
|
|---|
| 9 |
|
|---|
| 10 | def bindir_path(bindir, path):
|
|---|
| 11 | """Find the executable to use.
|
|---|
| 12 |
|
|---|
| 13 | :param bindir: Directory with binaries
|
|---|
| 14 | :param path: Name of the executable to run
|
|---|
| 15 | :return: Full path to the executable to run
|
|---|
| 16 | """
|
|---|
| 17 | valpath = os.path.join(bindir, path)
|
|---|
| 18 | if os.path.isfile(valpath):
|
|---|
| 19 | return valpath
|
|---|
| 20 | return path
|
|---|
| 21 |
|
|---|
| 22 |
|
|---|
| 23 | def mk_realms_stanza(realm, dnsname, domain, kdc_ipv4):
|
|---|
| 24 | """Create a realms stanza for use in a krb5.conf file.
|
|---|
| 25 |
|
|---|
| 26 | :param realm: Real name
|
|---|
| 27 | :param dnsname: DNS name matching the realm
|
|---|
| 28 | :param domain: Domain name
|
|---|
| 29 | :param kdc_ipv4: IPv4 address of the KDC
|
|---|
| 30 | :return: String with stanza
|
|---|
| 31 | """
|
|---|
| 32 | return """\
|
|---|
| 33 | %(realm)s = {
|
|---|
| 34 | kdc = %(kdc_ipv4)s:88
|
|---|
| 35 | admin_server = %(kdc_ipv4)s:88
|
|---|
| 36 | default_domain = %(dnsname)s
|
|---|
| 37 | }
|
|---|
| 38 | %(dnsname)s = {
|
|---|
| 39 | kdc = %(kdc_ipv4)s:88
|
|---|
| 40 | admin_server = %(kdc_ipv4)s:88
|
|---|
| 41 | default_domain = %(dnsname)s
|
|---|
| 42 | }
|
|---|
| 43 | %(domain)s = {
|
|---|
| 44 | kdc = %(kdc_ipv4)s:88
|
|---|
| 45 | admin_server = %(kdc_ipv4)s:88
|
|---|
| 46 | default_domain = %(dnsname)s
|
|---|
| 47 | }
|
|---|
| 48 |
|
|---|
| 49 | """ % {
|
|---|
| 50 | "kdc_ipv4": kdc_ipv4, "dnsname": dnsname, "realm": realm, "domain": domain}
|
|---|
| 51 |
|
|---|
| 52 |
|
|---|
| 53 | def write_krb5_conf(f, realm, dnsname, domain, kdc_ipv4, tlsdir=None,
|
|---|
| 54 | other_realms_stanza=None):
|
|---|
| 55 | """Write a krb5.conf file.
|
|---|
| 56 |
|
|---|
| 57 | :param f: File-like object to write to
|
|---|
| 58 | :param realm: Realm
|
|---|
| 59 | :param dnsname: DNS domain name
|
|---|
| 60 | :param domain: Domain name
|
|---|
| 61 | :param kdc_ipv4: IPv4 address of KDC
|
|---|
| 62 | :param tlsdir: Optional TLS directory
|
|---|
| 63 | :param other_realms_stanza: Optional extra raw text for [realms] section
|
|---|
| 64 | """
|
|---|
| 65 | f.write("""\
|
|---|
| 66 | #Generated krb5.conf for %(realm)s
|
|---|
| 67 |
|
|---|
| 68 | [libdefaults]
|
|---|
| 69 | \tdefault_realm = %(realm)s
|
|---|
| 70 | \tdns_lookup_realm = false
|
|---|
| 71 | \tdns_lookup_kdc = false
|
|---|
| 72 | \tticket_lifetime = 24h
|
|---|
| 73 | \tforwardable = yes
|
|---|
| 74 | \tallow_weak_crypto = yes
|
|---|
| 75 | """ % {"realm": realm})
|
|---|
| 76 |
|
|---|
| 77 | f.write("\n[realms]\n")
|
|---|
| 78 | f.write(mk_realms_stanza(realm, dnsname, domain, kdc_ipv4))
|
|---|
| 79 | if other_realms_stanza:
|
|---|
| 80 | f.write(other_realms_stanza)
|
|---|
| 81 |
|
|---|
| 82 | if tlsdir:
|
|---|
| 83 | f.write("""
|
|---|
| 84 | [appdefaults]
|
|---|
| 85 | pkinit_anchors = FILE:%(tlsdir)s/ca.pem
|
|---|
| 86 |
|
|---|
| 87 | [kdc]
|
|---|
| 88 | enable-pkinit = true
|
|---|
| 89 | pkinit_identity = FILE:%(tlsdir)s/kdc.pem,%(tlsdir)s/key.pem
|
|---|
| 90 | pkinit_anchors = FILE:%(tlsdir)s/ca.pem
|
|---|
| 91 |
|
|---|
| 92 | """ % {"tlsdir": tlsdir})
|
|---|
| 93 |
|
|---|
| 94 |
|
|---|
| 95 | def cleanup_child(pid, name, outf=None):
|
|---|
| 96 | """Cleanup a child process.
|
|---|
| 97 |
|
|---|
| 98 | :param pid: Parent pid process to be passed to waitpid()
|
|---|
| 99 | :param name: Name to use when referring to process
|
|---|
| 100 | :param outf: File-like object to write to (defaults to stderr)
|
|---|
| 101 | :return: Child pid
|
|---|
| 102 | """
|
|---|
| 103 | if outf is None:
|
|---|
| 104 | outf = sys.stderr
|
|---|
| 105 | (childpid, status) = os.waitpid(pid, os.WNOHANG)
|
|---|
| 106 | if childpid == 0:
|
|---|
| 107 | pass
|
|---|
| 108 | elif childpid < 0:
|
|---|
| 109 | outf.write("%s child process %d isn't here any more.\n" % (name, pid))
|
|---|
| 110 | return childpid
|
|---|
| 111 | elif status & 127:
|
|---|
| 112 | if status & 128:
|
|---|
| 113 | core_status = 'with'
|
|---|
| 114 | else:
|
|---|
| 115 | core_status = 'without'
|
|---|
| 116 | outf.write("%s child process %d, died with signal %d, %s coredump.\n" % (name, childpid, (status & 127), core_status))
|
|---|
| 117 | else:
|
|---|
| 118 | outf.write("%s child process %d exited with value %d.\n" % (name, childpid, status >> 8))
|
|---|
| 119 | return childpid
|
|---|
| 120 |
|
|---|
| 121 |
|
|---|
| 122 | def get_interface(netbiosname):
|
|---|
| 123 | """Return interface id for a particular server.
|
|---|
| 124 | """
|
|---|
| 125 | netbiosname = netbiosname.lower()
|
|---|
| 126 |
|
|---|
| 127 | interfaces = {
|
|---|
| 128 | "localnt4dc2": 2,
|
|---|
| 129 | "localnt4member3": 3,
|
|---|
| 130 | "localshare4": 4,
|
|---|
| 131 | "localserver5": 5,
|
|---|
| 132 | "localktest6": 6,
|
|---|
| 133 | "maptoguest": 7,
|
|---|
| 134 |
|
|---|
| 135 | # 11-16 used by selftest.pl for client interfaces
|
|---|
| 136 | "localdc": 21,
|
|---|
| 137 | "localvampiredc": 22,
|
|---|
| 138 | "s4member": 23,
|
|---|
| 139 | "localrpcproxy": 24,
|
|---|
| 140 | "dc5": 25,
|
|---|
| 141 | "dc6": 26,
|
|---|
| 142 | "dc7": 27,
|
|---|
| 143 | "rodc": 28,
|
|---|
| 144 | "localadmember": 29,
|
|---|
| 145 | "addc": 30,
|
|---|
| 146 | "localsubdc": 31,
|
|---|
| 147 | "chgdcpass": 32,
|
|---|
| 148 | }
|
|---|
| 149 |
|
|---|
| 150 | # update lib/socket_wrapper/socket_wrapper.c
|
|---|
| 151 | # #define MAX_WRAPPED_INTERFACES 32
|
|---|
| 152 | # if you wish to have more than 32 interfaces
|
|---|
| 153 | return interfaces[netbiosname]
|
|---|
