s4-param Remove 'sam database' parameter

This now just relies on the private dir parameter, which remains.

Andrew Bartlett

source4/NEWS

@@ -56,8 +56,7 @@ that can be either 'domain controller', 'member server' or 'standalone'. Note th
 member server support does not work yet.
 
 The following parameters have been removed:
-- passdb backend: accounts are now stored in a LDB-based SAM database, 
+- passdb backend: accounts are now stored in a LDB-based SAM database
-	see 'sam database' below.
 - update encrypted
 - public
 - guest ok
@@ -401,12 +400,6 @@ The following parameters have been added:
 
 	Default: smb rpc nbt wrepl ldap cldap web kdc
 
-+ sam database
-	Location of the SAM (account database) database. This should be a 
-	LDB URL.
-
-	Default: set at compile-time
-
 + spoolss database
 	Spoolss (printer) DCE/RPC server database. This should be a LDB URL.
 

source4/dsdb/samdb/samdb.c

@@ -104,7 +104,7 @@ struct ldb_context *samdb_connect(TALLOC_CTX *mem_ctx,
 	struct cli_credentials *credentials;
 	int ret;
 
-	url  = lpcfg_sam_url(lp_ctx);
+	url  = "sam.ldb";
 	credentials = samdb_credentials(lp_ctx);
 
 	ldb = ldb_wrap_find(url, ev_ctx, lp_ctx, session_info, credentials, flags);

source4/param/loadparm.c

@@ -94,7 +94,6 @@ struct loadparm_global
 	char *szAutoServices;
 	char *szPasswdChat;
 	char *szShareBackend;
-	char *szSAM_URL;
 	char *szIDMAP_URL;
 	char *szSECRETS_URL;
 	char *szSPOOLSS_URL;
@@ -372,7 +371,6 @@ static struct parm_struct parm_table[] = {
 	{"null passwords", P_BOOL, P_GLOBAL, GLOBAL_VAR(bNullPasswords), NULL, NULL},
 	{"obey pam restrictions", P_BOOL, P_GLOBAL, GLOBAL_VAR(bObeyPamRestrictions), NULL, NULL},
 	{"password server", P_LIST, P_GLOBAL, GLOBAL_VAR(szPasswordServers), NULL, NULL},
-	{"sam database", P_STRING, P_GLOBAL, GLOBAL_VAR(szSAM_URL), NULL, NULL},
 	{"idmap database", P_STRING, P_GLOBAL, GLOBAL_VAR(szIDMAP_URL), NULL, NULL},
 	{"secrets database", P_STRING, P_GLOBAL, GLOBAL_VAR(szSECRETS_URL), NULL, NULL},
 	{"spoolss database", P_STRING, P_GLOBAL, GLOBAL_VAR(szSPOOLSS_URL), NULL, NULL},
@@ -655,7 +653,6 @@ FN_GLOBAL_INTEGER(web_port, web_port)
 FN_GLOBAL_BOOL(tls_enabled, tls_enabled)
 FN_GLOBAL_STRING(logfile, logfile)
 FN_GLOBAL_STRING(share_backend, szShareBackend)
-FN_GLOBAL_STRING(sam_url, szSAM_URL)
 FN_GLOBAL_STRING(idmap_url, szIDMAP_URL)
 FN_GLOBAL_STRING(secrets_url, szSECRETS_URL)
 FN_GLOBAL_STRING(spoolss_url, szSPOOLSS_URL)
@@ -2437,7 +2434,6 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
 	lpcfg_do_global_parameter(lp_ctx, "auth methods:member server", "anonymous sam winbind");
 	lpcfg_do_global_parameter(lp_ctx, "auth methods:standalone", "anonymous sam_ignoredomain");
 	lpcfg_do_global_parameter(lp_ctx, "private dir", dyn_PRIVATE_DIR);
-	lpcfg_do_global_parameter(lp_ctx, "sam database", "sam.ldb");
 	lpcfg_do_global_parameter(lp_ctx, "idmap database", "idmap.ldb");
 	lpcfg_do_global_parameter(lp_ctx, "secrets database", "secrets.ldb");
 	lpcfg_do_global_parameter(lp_ctx, "spoolss database", "spoolss.ldb");

source4/param/pyparam.c

@@ -272,6 +272,12 @@ static PyObject *py_lp_dump(PyObject *self, PyObject *args)
 	Py_RETURN_NONE;
 }
 
+static PyObject *py_samdb_url(PyObject *self)
+{
+	struct loadparm_context *lp_ctx = PyLoadparmContext_AsLoadparmContext(self);
+	return PyString_FromFormat("tdb://%s/sam.ldb", lpcfg_private_dir(lp_ctx));
+}
+
 
 static PyMethodDef py_lp_ctx_methods[] = {
 	{ "load", (PyCFunction)py_lp_ctx_load, METH_VARARGS, 
@@ -298,6 +304,9 @@ static PyMethodDef py_lp_ctx_methods[] = {
 		"S.services() -> list" },
 	{ "dump", (PyCFunction)py_lp_dump, METH_VARARGS, 
 		"S.dump(stream, show_defaults=False)" },
+	{ "samdb_url", (PyCFunction)py_samdb_url, METH_NOARGS,
+	        "S.samdb_url() -> string\n"
+	        "Returns the current URL for sam.ldb." },
 	{ NULL }
 };
 

source4/scripting/bin/samba_dnsupdate

@@ -222,7 +222,7 @@ def get_subst_vars():
     global lp, am_rodc
     vars = {}
 
-    samdb = SamDB(url=lp.get("sam database"), session_info=system_session(),
+    samdb = SamDB(url=lp.samdb_url(), session_info=system_session(),
                   lp=lp)
 
     vars['DNSDOMAIN'] = lp.get('realm').lower()

source4/scripting/bin/samba_spnupdate

@@ -103,9 +103,9 @@ try:
     else:
         credentials = None
 
-    samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), credentials=credentials, lp=lp)
+    samdb = SamDB(url=lp.samdb_url(), session_info=system_session(), credentials=credentials, lp=lp)
 except ldb.LdbError, (num, msg):
-    print("Unable to open sam database %s : %s" % (lp.get("sam database"), msg))
+    print("Unable to open sam database %s : %s" % (lp.samdb_url(), msg))
     sys.exit(1)
 
 

source4/scripting/python/samba/hostconfig.py

@@ -37,7 +37,7 @@ class Hostconfig(object):
         :param session_info: Session info to use
         :param credentials: Credentials to access the SamDB with
         """
-        return SamDB(url=self.lp.get("sam database"),
+        return SamDB(url=self.lp.samdb_url(),
                      session_info=session_info, credentials=credentials,
                      lp=self.lp)
 

source4/scripting/python/samba/provision/__init__.py

@@ -432,7 +432,7 @@ def check_install(lp, session_info, credentials):
     """
     if lp.get("realm") == "":
         raise Exception("Realm empty")
-    samdb = Ldb(lp.get("sam database"), session_info=session_info,
+    samdb = Ldb(lp.samdb_url(), session_info=session_info,
             credentials=credentials, lp=lp)
     if len(samdb.search("(cn=Administrator)")) != 1:
         raise ProvisioningError("No administrator account found")
@@ -517,8 +517,7 @@ def provision_paths_from_lp(lp, dnsdomain):
     paths.keytab = "secrets.keytab"
 
     paths.shareconf = os.path.join(paths.private_dir, "share.ldb")
-    paths.samdb = os.path.join(paths.private_dir,
+    paths.samdb = os.path.join(paths.private_dir, "sam.ldb")
-        lp.get("sam database") or "samdb.ldb")
     paths.idmapdb = os.path.join(paths.private_dir,
         lp.get("idmap database") or "idmap.ldb")
     paths.secrets = os.path.join(paths.private_dir,

source4/scripting/python/samba/samdb.py

@@ -46,7 +46,7 @@ class SamDB(samba.Ldb):
         if not auto_connect:
             url = None
         elif url is None and lp is not None:
-            url = lp.get("sam database")
+            url = lp.samdb_url()
 
         super(SamDB, self).__init__(url=url, lp=lp, modules_dir=modules_dir,
             session_info=session_info, credentials=credentials, flags=flags,

source4/torture/libnet/libnet_BecomeDC.c

@@ -44,7 +44,7 @@ bool torture_net_become_dc(struct torture_context *torture)
 	struct ldb_message *msg;
 	int ldb_ret;
 	uint32_t i;
-	char *sam_ldb_path;
+	char *private_dir;
 	const char *address;
 	struct nbt_name name;
 	const char *netbios_name;
@@ -144,13 +144,13 @@ bool torture_net_become_dc(struct torture_context *torture)
 	talloc_unlink(s, ldb);
 
 	lp_ctx = libnet_vampire_cb_lp_ctx(s);
-	sam_ldb_path = talloc_asprintf(s, "%s/%s", location, "private/sam.ldb");
+	private_dir = talloc_asprintf(s, "%s/%s", location, "private");
-	lpcfg_set_cmdline(lp_ctx, "sam database", sam_ldb_path);
+	lpcfg_set_cmdline(lp_ctx, "private dir", private_dir);
-	torture_comment(torture, "Reopen the SAM LDB with system credentials and all replicated data: %s\n", sam_ldb_path);
+	torture_comment(torture, "Reopen the SAM LDB with system credentials and all replicated data: %s\n", private_dir);
 	ldb = samdb_connect(s, torture->ev, lp_ctx, system_session(lp_ctx), 0);
 	torture_assert_goto(torture, ldb != NULL, ret, cleanup,
 				      talloc_asprintf(torture,
-				      "Failed to open '%s'\n", sam_ldb_path));
+				      "Failed to open '%s/sam.ldb'\n", private_dir));
 
 	torture_assert_goto(torture, dsdb_uses_global_schema(ldb), ret, cleanup,
 						"Uses global schema");