sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC

Browse Source 
The name samba_dsdb is not ideal, but it matches the primary ldb
module we use, and more importantly it avoids having '4' in the name.
We should slowly avoid using the term samba4 in long-term places like
the smb.conf because it is confusing to users given we are shipping
Samba 4.0 as an AD DC as well as all the other supported roles (domain
member/standalone server/classic DC)

Additionally, samba4 will be an odd name when we eventually release
Samba 5.0!

samba4 remains accepted as an alias to ensure existing smb.conf files
load, but to allow changes here in the future, we set the value during
the smb.conf load, and not during the provision when we are an AD DC.

This simplifies the default smb.conf for the vast majority of our
users and reduces the number of things listed in smb.conf files that
we later have to work around if we wish to change the
name/implementation of the passdb glue module again.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep  4 04:45:16 CEST 2012 on sn-devel-104
This commit is contained in:
Andrew Bartlett 2012-09-04 10:27:50 +10:00
parent 68f68d0152
commit 9983ad7a80
7 changed files with 296 additions and 291 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
selftest/target/Samba4.pm
View File

@ -603,8 +603,6 @@ sub provision_raw_step1($$)
dreplsrv:periodic_startup_interval = 0
dsdb:schema update allowed = yes
passdb backend = samba4
vfs objects = dfs_samba4 acl_xattr fake_acls xattr_tdb streams_depot
# remove this again, when our smb2 client library

1
source3/param/loadparm.c
View File

@ -4914,6 +4914,7 @@ static bool lp_load_ex(const char *pszFname,
lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
}
}
lp_do_parameter(-1, "passdb backend", "samba_dsdb");
}
bAllowIncludeRegistry = true;

547
source3/passdb/pdb_samba4.c → source3/passdb/pdb_samba_dsdb.c
View File

File diff suppressed because it is too large Load Diff

8
source3/passdb/wscript_build
View File

@ -37,13 +37,13 @@ bld.SAMBA3_MODULE('pdb_wbc_sam',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_wbc_sam'),
enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_wbc_sam'))
bld.SAMBA3_MODULE('pdb_samba4',
bld.SAMBA3_MODULE('pdb_samba_dsdb',
subsystem='pdb',
source='pdb_samba4.c',
source='pdb_samba_dsdb.c',
init_function='',
deps='IDMAP samdb',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_samba4') and bld.AD_DC_BUILD_IS_ENABLED(),
enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_samba4') and bld.AD_DC_BUILD_IS_ENABLED())
internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_samba_dsdb') and bld.AD_DC_BUILD_IS_ENABLED(),
enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_samba_dsdb') and bld.AD_DC_BUILD_IS_ENABLED())
bld.SAMBA3_PYTHON('pypassdb',
source='py_passdb.c',

2
source3/wscript
View File

@ -1473,7 +1473,7 @@ main() {
if conf.CONFIG_SET('AD_DC_BUILD_IS_ENABLED'):
default_static_modules.extend(TO_LIST('pdb_samba4 auth_samba4 vfs_dfs_samba4'))
default_static_modules.extend(TO_LIST('pdb_samba_dsdb auth_samba4 vfs_dfs_samba4'))
if Options.options.with_acl_support and conf.CONFIG_SET('HAVE_POSIX_ACLS'):
default_static_modules.extend(TO_LIST('vfs_posixacl'))

4
source4/scripting/python/samba/netcmd/ntacl.py
View File

@ -152,8 +152,8 @@ class cmd_ntacl_sysvolreset(Command):
s3conf = s3param.get_context()
s3conf.load(lp.configfile)
# ensure we are using the right samba4 passdb backend, no matter what
s3conf.set("passdb backend", "samba4:%s" % samdb.url)
# ensure we are using the right samba_dsdb passdb backend, no matter what
s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url)
LA_sid = security.dom_sid(str(domain_sid)
+"-"+str(security.DOMAIN_RID_ADMINISTRATOR))

23
source4/scripting/python/samba/provision/__init__.py
View File

@ -613,7 +613,6 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir,
realm = realm.upper()
global_settings = {
"passdb backend": "samba4",
"netbios name": netbiosname,
"workgroup": domain,
"realm": realm,
@ -660,6 +659,8 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir,
shares["sysvol"] = os.path.join(lp.get("state directory"), "sysvol")
shares["netlogon"] = os.path.join(shares["sysvol"], realm.lower(),
"scripts")
else:
global_settings["passdb backend"] = "samba_dsdb"
f = open(smbconf, 'w')
try:
@ -1415,11 +1416,11 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain
# This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf
s3conf = s3param.get_context()
s3conf.load(lp.configfile)
# ensure we are using the right samba4 passdb backend, no matter what
s3conf.set("passdb backend", "samba4:%s" % samdb.url)
# ensure we are using the right samba_dsdb passdb backend, no matter what
s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url)
passdb.reload_static_pdb()
# ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb
# ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb
s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
# now ensure everything matches correctly, to avoid wierd issues
@ -1428,10 +1429,10 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain
domain_info = s4_passdb.domain_info()
if domain_info["dom_sid"] != domainsid:
raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
if domain_info["dns_domain"].upper() != dnsdomain.upper():
raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
try:
@ -1536,9 +1537,9 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn,
# This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf
s3conf = s3param.get_context()
s3conf.load(lp.configfile)
# ensure we are using the right samba4 passdb backend, no matter what
s3conf.set("passdb backend", "samba4:%s" % samdb.url)
# ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb
# ensure we are using the right samba_dsdb passdb backend, no matter what
s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url)
# ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb
s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
# now ensure everything matches correctly, to avoid wierd issues
@ -1547,10 +1548,10 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn,
domain_info = s4_passdb.domain_info()
if domain_info["dom_sid"] != domainsid:
raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
if domain_info["dns_domain"].upper() != dnsdomain.upper():
raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
# Set the SYSVOL_ACL on the sysvol folder and subfolder (first level)
for direct_db_access in [True, False]: