如何基于现有的docker-compose在testContainers中运行samba服务器
问题描述 投票:0回答:1
我有以下 docker-compose 文件用于本地开发:
version: '3.4'
networks:
mynetwork:
services:
samba:
image: instantlinux/samba-dc:latest
container_name: samba-dc
cap_add:
- CAP_SYS_ADMIN
hostname: my.org
environment:
DOMAIN_ACTION: provision
REALM: my.org
volumes:
- etc:/etc/samba
- lib:/var/lib/samba
ports:
- "53:53"
- "53:53/udp"
- "88:88"
- "88:88/udp"
- "389:389"
secrets:
- samba-admin-password
volumes:
etc:
lib:
secrets:
samba-admin-password:
file: secrets.yaml
现在我尝试使用具有与上面提到的相同依赖项的 testContainers 来实现集成测试:
@Testcontainers
@SpringBootTest(webEnvironment = RANDOM_PORT)
@ActiveProfiles("test")
class MyTestContainersTestBase {
@Test
fun test() {
val mapper = ObjectMapper(YAMLFactory())
val secretPathOnHost = "C:\\work\\myProject\\docker\\secrets.yaml"
val secretsFile = File(secretPathOnHost)
val secretsData: Map<String, Any> = mapper.readValue(secretsFile, object : TypeReference<Map<String, Any>>() {})
// Extract the secret from the parsed data
val adminPassword = (secretsData["data"] as Map<*, *>?)!!["ADMIN_PASSWORD_SECRET"] as String?
val secretPathInContainer = "/run/secrets/samba-admin-password";
// Create and start the container
val ldapContainer = GenericContainer("instantlinux/samba-dc:latest")
.withEnv("DOMAIN_ACTION", "provision")
.withEnv("REALM", "my.company")
.withEnv("ADMIN_PASSWORD_SECRET", adminPassword) // Set the extracted secret as an environment variable
.withEnv("LOG_LEVEL", "0")
.withEnv("ALLOW_DNS_UPDATES", "secure")
.withEnv("BIND_INTERFACES_ONLY", "yes ")
.withEnv("DOMAIN_ACTION", "provision")
.withEnv("DOMAIN_LOGONS", "yes")
.withEnv("DOMAIN_MASTER", "no")
.withEnv("INTERFACES", "lo eth0")
.withEnv("NETBIOS_NAME", "")
.withEnv("SERVER_STRING", "Samba Domain Controller")
.withEnv("TZ", "UTC")
.withEnv("WINBIND_USE_DEFAULT_DOMAIN", "yes")
.withEnv("WORKGROUP", "AD")
.withExposedPorts(53, 88, 389)
.withFileSystemBind(secretPathOnHost, secretPathInContainer, BindMode.READ_ONLY)
ldapContainer.start()
print("qwerty")
Thread.sleep(100000000)
}
}
2023-09-18 18:47:50 INFO 2023-09-18 15:47:50,489 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2108: Looking up IPv4 addresses
2023-09-18 18:47:50 INFO 2023-09-18 15:47:50,490 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2125: Looking up IPv6 addresses
2023-09-18 18:47:50 WARNING 2023-09-18 15:47:50,490 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2132: No IPv6 address will be assigned
2023-09-18 18:47:51 INFO 2023-09-18 15:47:51,384 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2274: Setting up share.ldb
2023-09-18 18:47:51 INFO 2023-09-18 15:47:51,483 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2278: Setting up secrets.ldb
2023-09-18 18:47:51 INFO 2023-09-18 15:47:51,621 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2283: Setting up the registry
2023-09-18 18:47:51 INFO 2023-09-18 15:47:51,965 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2286: Setting up the privileges database
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,103 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2289: Setting up idmap db
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,199 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2296: Setting up SAM db
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,218 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #880: Setting up sam.ldb partitions and settings
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,220 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #892: Setting up sam.ldb rootDSE
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,233 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1305: Pre-loading the Samba 4 and AD schema
2023-09-18 18:47:52 Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
2023-09-18 18:47:52
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,281 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1383: Adding DomainDN: DC=my,DC=company
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,313 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1415: Adding configuration container
2023-09-18 18:47:52 INFO 2023-09-18 15:47:52,343 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1430: Setting up sam.ldb schema
2023-09-18 18:47:58 INFO 2023-09-18 15:47:58,549 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1448: Setting up sam.ldb configuration data
2023-09-18 18:47:59 INFO 2023-09-18 15:47:59,007 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1489: Setting up display specifiers
2023-09-18 18:48:02 INFO 2023-09-18 15:48:02,859 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1497: Modifying display specifiers and extended rights
2023-09-18 18:48:02 INFO 2023-09-18 15:48:02,963 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1504: Adding users container
2023-09-18 18:48:02 INFO 2023-09-18 15:48:02,967 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1510: Modifying users container
2023-09-18 18:48:02 INFO 2023-09-18 15:48:02,970 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1513: Adding computers container
2023-09-18 18:48:02 INFO 2023-09-18 15:48:02,974 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1519: Modifying computers container
2023-09-18 18:48:02 INFO 2023-09-18 15:48:02,978 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1523: Setting up sam.ldb data
2023-09-18 18:48:03 INFO 2023-09-18 15:48:03,238 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1553: Setting up well known security principals
2023-09-18 18:48:03 INFO 2023-09-18 15:48:03,325 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1567: Setting up sam.ldb users and groups
2023-09-18 18:48:03 INFO 2023-09-18 15:48:03,576 pid:18 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1575: Setting up self join
2023-09-18 18:48:04 Repacking database from v1 to v2 format (first record CN=ms-DFS-Namespace-v2,CN=Schema,CN=Configuration,DC=my,DC=company)
2023-09-18 18:48:04 Repack: re-packed 10000 records so far
2023-09-18 18:48:04 Repacking database from v1 to v2 format (first record CN=group-Display,CN=C0A,CN=DisplaySpecifiers,CN=Configuration,DC=my,DC=company)
2023-09-18 18:48:04 Repacking database from v1 to v2 format (first record CN=a86fe12a-0f62-4e2a-b271-d27f601f8182,CN=Operations,CN=DomainUpdates,CN=System,DC=my,DC=company)
2023-09-18 18:48:04 set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
2023-09-18 18:48:04 ERROR(runtime): uncaught exception - (3221225506, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
2023-09-18 18:48:04 File "/usr/lib/python3.10/site-packages/samba/netcmd/__init__.py", line 186, in _run
2023-09-18 18:48:04 return self.run(*args, **kwargs)
2023-09-18 18:48:04 File "/usr/lib/python3.10/site-packages/samba/netcmd/domain.py", line 493, in run
2023-09-18 18:48:04 result = provision(self.logger,
2023-09-18 18:48:04 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 2325, in provision
2023-09-18 18:48:04 provision_fill(samdb, secrets_ldb, logger, names, paths,
2023-09-18 18:48:04 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 1965, in provision_fill
2023-09-18 18:47:48 Set timezone
2023-09-18 18:48:04 setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid,
2023-09-18 18:48:04 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 1742, in setsysvolacl
2023-09-18 18:48:04 _setntacl(sysvol)
2023-09-18 18:48:04 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 1736, in _setntacl
2023-09-18 18:48:04 return setntacl(
2023-09-18 18:48:04 File "/usr/lib/python3.10/site-packages/samba/ntacls.py", line 228, in setntacl
2023-09-18 18:48:04 smbd.set_nt_acl(
2023-09-18 18:50:30 INFO 2023-09-18 15:50:30,949 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2108: Looking up IPv4 addresses
2023-09-18 18:50:30 INFO 2023-09-18 15:50:30,950 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2125: Looking up IPv6 addresses
2023-09-18 18:50:30 WARNING 2023-09-18 15:50:30,950 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2132: No IPv6 address will be assigned
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,455 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2278: Setting up secrets.ldb
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,525 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2283: Setting up the registry
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,575 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2286: Setting up the privileges database
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,698 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2289: Setting up idmap db
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,777 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #2296: Setting up SAM db
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,797 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #880: Setting up sam.ldb partitions and settings
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,798 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #892: Setting up sam.ldb rootDSE
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,813 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1305: Pre-loading the Samba 4 and AD schema
2023-09-18 18:50:31 Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
2023-09-18 18:50:31
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,880 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1383: Adding DomainDN: DC=my,DC=company
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,905 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1415: Adding configuration container
2023-09-18 18:50:31 INFO 2023-09-18 15:50:31,929 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1430: Setting up sam.ldb schema
2023-09-18 18:50:36 INFO 2023-09-18 15:50:36,063 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1448: Setting up sam.ldb configuration data
2023-09-18 18:50:36 INFO 2023-09-18 15:50:36,267 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1489: Setting up display specifiers
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,585 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1497: Modifying display specifiers and extended rights
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,651 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1504: Adding users container
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,653 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1510: Modifying users container
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,654 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1513: Adding computers container
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,656 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1519: Modifying computers container
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,658 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1523: Setting up sam.ldb data
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,876 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1553: Setting up well known security principals
2023-09-18 18:50:39 INFO 2023-09-18 15:50:39,947 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1567: Setting up sam.ldb users and groups
2023-09-18 18:50:40 INFO 2023-09-18 15:50:40,187 pid:17 /usr/lib/python3.10/site-packages/samba/provision/__init__.py #1575: Setting up self join
2023-09-18 18:50:40 Repacking database from v1 to v2 format (first record CN=ACS-Identity-Name,CN=Schema,CN=Configuration,DC=my,DC=company)
2023-09-18 18:50:40 Repack: re-packed 10000 records so far
2023-09-18 18:50:40 Repacking database from v1 to v2 format (first record CN=nTDSConnection-Display,CN=41F,CN=DisplaySpecifiers,CN=Configuration,DC=my,DC=company)
2023-09-18 18:50:40 Repacking database from v1 to v2 format (first record CN=ipsecISAKMPPolicy{7238523D-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,DC=my,DC=company)
2023-09-18 18:50:41 set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
2023-09-18 18:50:41 ERROR(runtime): uncaught exception - (3221225506, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
2023-09-18 18:50:41 File "/usr/lib/python3.10/site-packages/samba/netcmd/__init__.py", line 186, in _run
2023-09-18 18:50:41 return self.run(*args, **kwargs)
2023-09-18 18:50:41 File "/usr/lib/python3.10/site-packages/samba/netcmd/domain.py", line 493, in run
2023-09-18 18:50:41 result = provision(self.logger,
2023-09-18 18:50:41 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 2325, in provision
2023-09-18 18:50:41 provision_fill(samdb, secrets_ldb, logger, names, paths,
2023-09-18 18:50:41 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 1965, in provision_fill
2023-09-18 18:50:41 setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid,
2023-09-18 18:50:41 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 1742, in setsysvolacl
2023-09-18 18:50:41 _setntacl(sysvol)
2023-09-18 18:50:41 File "/usr/lib/python3.10/site-packages/samba/provision/__init__.py", line 1736, in _setntacl
2023-09-18 18:50:41 return setntacl(
2023-09-18 18:50:41 File "/usr/lib/python3.10/site-packages/samba/ntacls.py", line 228, in setntacl
2023-09-18 18:50:41 smbd.set_nt_acl(
我认为最重要的部分是:
ERROR(runtime): uncaught exception - (3221225506, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
我不明白根本原因。你能帮我修一下吗?
1个回答
0
投票
投票
set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
ERROR(runtime): uncaught exception - (3221225506, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
这表明服务器上存在某种访问控制设置,可能是由于 Samba 容器本身的配置或其与
TestContainers确保正确指定 Samba 配置。将您的设置与“Samba / 设置 ACL / 设置标准 UNIX 权限”
进行比较检查卷
/etc/samba/var/lib/sambaSamba 管理员密码似乎是在文件
secrets.yamlsecrets.yamlchmodchown仔细检查
ADMIN_PASSWORD_SECRET并检查为什么您在配置中设置了两次
DOMAIN_ACTION在您的
docker-composeCAP_SYS_ADMINwithCreateContainerCmdModifier例如:
ldapContainer.withCreateContainerCmdModifier(cmd -> cmd.withCapAdd(new Capability[]{Capability.SYS_ADMIN}));
最新问题
- 如果分支只是指针,git 如何记住分支所采取的路径?
- 为什么“cout”对于“unsigned char”来说很奇怪?
- 单击按钮插入 Access 数据库
- Flutter atan2 旋转线角度计算 - 90 度偏移问题
- 在 .NET MAUI 8 中从其自己的类中获取自定义控件的宽度?
- 当Top-K、Top-P和Temperature一起使用进行NLP解码时,实际的执行顺序是怎样的?
- MudBlazor MudNumericField 带千位分隔符
- 如何为我的 React Native expo Web 项目设置元标记?
- 在微服务架构中使用跨服务引用字段验证对象
- React Native App 的 Facebook 登录实现失败
- Python 跳过一半的 while 循环及其内部的 while 循环,但在嵌套的 while 循环之后运行代码
- 在 Firefox Nightly 中使用 wait mapAsync 下载 WebGPU 缓冲区速度慢了 5000 倍
- 如何制作一个顶部 2 列、下面 3 列的表格。我尝试了很多次,试图寻找在线教程,但找不到任何
- JavaScript YAML 解析器 [已关闭]
- 如果数据库表中不存在列,则排除或忽略实体模型的属性
- Flutter/Dart 中抛出错误和异常的方法和区别
- C 中通过不透明指针对第一个结构成员进行严格别名
- 在 R Markdown 报告中打印循环内容而不更改文本格式
- 如何使用 Xcode Trailing Closure Syntax 而不是参数来获取片段?
- 如何连接到 Rust 中的 MariaDB 数据库(在 W10 上)
© www.soinside.com 2019 - 2024. All rights reserved.