mirror of
https://github.com/samba-team/samba.git
synced 2025-01-12 09:18:10 +03:00
s4-provision Remove setup_path, setup_dir and find_setup_dir
We now have a reliable way to know the current location of the templates: dyn_SETUPDIR, which is updated for both the in-build and installed binaries. This replaces the function arguments and the distributed resolution of the setup directory with one 'global' function (imported as required). This also removes the ability to specify an alternate setup directory on the command line, as this was rarely if ever used and never tested. Andrew Bartlett
This commit is contained in:
parent
4ae013c01b
commit
d1e5a73806
source4
param
scripting
bin
python/samba
setup
@ -131,8 +131,6 @@ NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
|
||||
if (settings->targetdir != NULL)
|
||||
PyDict_SetItemString(parameters, "targetdir",
|
||||
PyString_FromString(settings->targetdir));
|
||||
PyDict_SetItemString(parameters, "setup_dir",
|
||||
PyString_FromString(dyn_SETUPDIR));
|
||||
PyDict_SetItemString(parameters, "hostname",
|
||||
PyString_FromString(settings->netbios_name));
|
||||
PyDict_SetItemString(parameters, "domain",
|
||||
@ -364,8 +362,6 @@ struct ldb_context *provision_get_schema(TALLOC_CTX *mem_ctx, struct loadparm_co
|
||||
|
||||
parameters = PyDict_New();
|
||||
|
||||
PyDict_SetItemString(parameters, "setup_dir",
|
||||
PyString_FromString(dyn_SETUPDIR));
|
||||
if (override_prefixmap) {
|
||||
PyDict_SetItemString(parameters, "override_prefixmap",
|
||||
PyString_FromStringAndSize((const char *)override_prefixmap->data,
|
||||
|
@ -22,6 +22,7 @@
|
||||
#include "param/param.h"
|
||||
#include "param/loadparm.h"
|
||||
#include "lib/talloc/pytalloc.h"
|
||||
#include "dynconfig/dynconfig.h"
|
||||
|
||||
/* There's no Py_ssize_t in 2.4, apparently */
|
||||
#if PY_MAJOR_VERSION == 2 && PY_MINOR_VERSION < 5
|
||||
@ -419,9 +420,16 @@ static PyObject *py_default_path(PyObject *self)
|
||||
return PyString_FromString(lp_default_path());
|
||||
}
|
||||
|
||||
static PyObject *py_setup_dir(PyObject *self)
|
||||
{
|
||||
return PyString_FromString(dyn_SETUPDIR);
|
||||
}
|
||||
|
||||
static PyMethodDef pyparam_methods[] = {
|
||||
{ "default_path", (PyCFunction)py_default_path, METH_NOARGS,
|
||||
"Returns the default smb.conf path." },
|
||||
{ "setup_dir", (PyCFunction)py_setup_dir, METH_NOARGS,
|
||||
"Returns the compiled in location of provision tempates." },
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
|
@ -44,7 +44,7 @@ from ldb import (SCOPE_SUBTREE, SCOPE_BASE,
|
||||
FLAG_MOD_REPLACE, FLAG_MOD_ADD, FLAG_MOD_DELETE,
|
||||
MessageElement, Message, Dn)
|
||||
from samba import param, dsdb, Ldb
|
||||
from samba.provision import (find_setup_dir, get_domain_descriptor,
|
||||
from samba.provision import (get_domain_descriptor,
|
||||
get_config_descriptor,
|
||||
ProvisioningError, get_last_provision_usn,
|
||||
get_max_usn, update_provision_usn)
|
||||
@ -182,9 +182,6 @@ smbconf = lp.configfile
|
||||
|
||||
creds = credopts.get_credentials(lp)
|
||||
creds.set_kerberos_state(DONT_USE_KERBEROS)
|
||||
setup_dir = opts.setupdir
|
||||
if setup_dir is None:
|
||||
setup_dir = find_setup_dir()
|
||||
|
||||
|
||||
|
||||
@ -1442,9 +1439,6 @@ def sync_calculated_attributes(samdb, names):
|
||||
increment_calculated_keyversion_number(samdb, names.rootdn,
|
||||
hash["msDs-KeyVersionNumber"])
|
||||
|
||||
def setup_path(file):
|
||||
return os.path.join(setup_dir, file)
|
||||
|
||||
# Synopsis for updateprovision
|
||||
# 1) get path related to provision to be update (called current)
|
||||
# 2) open current provision ldbs
|
||||
@ -1586,7 +1580,6 @@ if __name__ == '__main__':
|
||||
# From here start the big steps of the program
|
||||
# 1) First get files paths
|
||||
paths = get_paths(param, smbconf=smbconf)
|
||||
paths.setup = setup_dir
|
||||
# Get ldbs with the system session, it is needed for searching
|
||||
# provision parameters
|
||||
session = system_session()
|
||||
@ -1631,7 +1624,7 @@ if __name__ == '__main__':
|
||||
message(SIMPLE, "Creating a reference provision")
|
||||
provisiondir = tempfile.mkdtemp(dir=paths.private_dir,
|
||||
prefix="referenceprovision")
|
||||
newprovision(names, setup_dir, creds, session, smbconf, provisiondir,
|
||||
newprovision(names, creds, session, smbconf, provisiondir,
|
||||
provision_logger)
|
||||
|
||||
# TODO
|
||||
@ -1680,7 +1673,7 @@ if __name__ == '__main__':
|
||||
new_ldbs.startTransactions()
|
||||
|
||||
# 12)
|
||||
schema = Schema(setup_path, names.domainsid, schemadn=str(names.schemadn))
|
||||
schema = Schema(names.domainsid, schemadn=str(names.schemadn))
|
||||
# We create a closure that will be invoked just before schema reload
|
||||
def schemareloadclosure():
|
||||
basesam = Ldb(paths.samdb, session_info=session, credentials=creds, lp=lp,
|
||||
|
@ -27,7 +27,7 @@ import ldb, samba, sys, os, uuid
|
||||
from samba.ndr import ndr_pack
|
||||
from samba.dcerpc import security, drsuapi, misc, nbt
|
||||
from samba.credentials import Credentials, DONT_USE_KERBEROS
|
||||
from samba.provision import secretsdb_self_join, provision, FILL_DRS, find_setup_dir
|
||||
from samba.provision import secretsdb_self_join, provision, FILL_DRS
|
||||
from samba.schema import Schema
|
||||
from samba.net import Net
|
||||
import logging
|
||||
@ -100,7 +100,6 @@ class dc_join(object):
|
||||
|
||||
ctx.acct_dn = "CN=%s,OU=Domain Controllers,%s" % (ctx.myname, ctx.base_dn)
|
||||
|
||||
ctx.setup_dir = find_setup_dir()
|
||||
ctx.tmp_samdb = None
|
||||
|
||||
ctx.SPNs = [ "HOST/%s" % ctx.myname,
|
||||
@ -245,9 +244,7 @@ class dc_join(object):
|
||||
|
||||
def create_tmp_samdb(ctx):
|
||||
'''create a temporary samdb object for schema queries'''
|
||||
def setup_path(file):
|
||||
return os.path.join(ctx.setup_dir, file)
|
||||
ctx.tmp_schema = Schema(setup_path, security.dom_sid(ctx.domsid),
|
||||
ctx.tmp_schema = Schema(security.dom_sid(ctx.domsid),
|
||||
schemadn=ctx.schema_dn)
|
||||
ctx.tmp_samdb = SamDB(session_info=system_session(), url=None, auto_connect=False,
|
||||
credentials=ctx.creds, lp=ctx.lp, global_schema=False,
|
||||
@ -424,7 +421,7 @@ class dc_join(object):
|
||||
logger.addHandler(logging.StreamHandler(sys.stdout))
|
||||
smbconf = ctx.lp.configfile
|
||||
|
||||
presult = provision(ctx.setup_dir, logger, system_session(), None,
|
||||
presult = provision(logger, system_session(), None,
|
||||
smbconf=smbconf, targetdir=ctx.targetdir, samdb_fill=FILL_DRS,
|
||||
realm=ctx.realm, rootdn=ctx.root_dn, domaindn=ctx.base_dn,
|
||||
schemadn=ctx.schema_dn,
|
||||
|
@ -86,20 +86,9 @@ DEFAULTSITE = "Default-First-Site-Name"
|
||||
LAST_PROVISION_USN_ATTRIBUTE = "lastProvisionUSN"
|
||||
|
||||
|
||||
def find_setup_dir():
|
||||
"""Find the setup directory used by provision."""
|
||||
if in_source_tree():
|
||||
# In source tree
|
||||
return os.path.join(source_tree_topdir(), "source4/setup")
|
||||
else:
|
||||
import sys
|
||||
for prefix in [sys.prefix,
|
||||
os.path.join(os.path.dirname(__file__), "../../../../..")]:
|
||||
for suffix in ["share/setup", "share/samba/setup", "setup"]:
|
||||
ret = os.path.normpath(os.path.join(prefix, suffix))
|
||||
if os.path.isdir(ret):
|
||||
return ret
|
||||
raise Exception("Unable to find setup directory.")
|
||||
def setup_path(file):
|
||||
"""Return an absolute path to the provision tempate file specified by file"""
|
||||
return os.path.join(samba.param.setup_dir(), file)
|
||||
|
||||
# Descriptors of naming contexts and other important objects
|
||||
|
||||
@ -560,7 +549,7 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None,
|
||||
return names
|
||||
|
||||
|
||||
def make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole,
|
||||
def make_smbconf(smbconf, hostname, domain, realm, serverrole,
|
||||
targetdir, sid_generator="internal", eadb=False, lp=None):
|
||||
"""Create a new smb.conf file based on a couple of basic settings.
|
||||
"""
|
||||
@ -672,7 +661,7 @@ def setup_name_mappings(samdb, idmap, sid, domaindn, root_uid, nobody_uid,
|
||||
idmap.setup_name_mapping(sid + "-513", idmap.TYPE_GID, users_gid)
|
||||
|
||||
|
||||
def setup_samdb_partitions(samdb_path, setup_path, logger, lp, session_info,
|
||||
def setup_samdb_partitions(samdb_path, logger, lp, session_info,
|
||||
provision_backend, names, schema, serverrole,
|
||||
erase=False):
|
||||
"""Setup the partitions for the SAM database.
|
||||
@ -720,7 +709,7 @@ def setup_samdb_partitions(samdb_path, setup_path, logger, lp, session_info,
|
||||
})
|
||||
|
||||
logger.info("Setting up sam.ldb rootDSE")
|
||||
setup_samdb_rootdse(samdb, setup_path, names)
|
||||
setup_samdb_rootdse(samdb, names)
|
||||
except Exception:
|
||||
samdb.transaction_cancel()
|
||||
raise
|
||||
@ -815,12 +804,11 @@ def secretsdb_self_join(secretsdb, domain,
|
||||
secretsdb.add(msg)
|
||||
|
||||
|
||||
def secretsdb_setup_dns(secretsdb, setup_path, names, private_dir, realm,
|
||||
def secretsdb_setup_dns(secretsdb, names, private_dir, realm,
|
||||
dnsdomain, dns_keytab_path, dnspass):
|
||||
"""Add DNS specific bits to a secrets database.
|
||||
|
||||
:param secretsdb: Ldb Handle to the secrets database
|
||||
:param setup_path: Setup path function
|
||||
:param machinepass: Machine password
|
||||
"""
|
||||
try:
|
||||
@ -839,14 +827,13 @@ def secretsdb_setup_dns(secretsdb, setup_path, names, private_dir, realm,
|
||||
})
|
||||
|
||||
|
||||
def setup_secretsdb(paths, setup_path, session_info, backend_credentials, lp):
|
||||
def setup_secretsdb(paths, session_info, backend_credentials, lp):
|
||||
"""Setup the secrets database.
|
||||
|
||||
:note: This function does not handle exceptions and transaction on purpose,
|
||||
it's up to the caller to do this job.
|
||||
|
||||
:param path: Path to the secrets database.
|
||||
:param setup_path: Get the path to a setup file.
|
||||
:param session_info: Session info.
|
||||
:param credentials: Credentials
|
||||
:param lp: Loadparm context
|
||||
@ -897,11 +884,10 @@ def setup_secretsdb(paths, setup_path, session_info, backend_credentials, lp):
|
||||
raise
|
||||
|
||||
|
||||
def setup_privileges(path, setup_path, session_info, lp):
|
||||
def setup_privileges(path, session_info, lp):
|
||||
"""Setup the privileges database.
|
||||
|
||||
:param path: Path to the privileges database.
|
||||
:param setup_path: Get the path to a setup file.
|
||||
:param session_info: Session info.
|
||||
:param credentials: Credentials
|
||||
:param lp: Loadparm context
|
||||
@ -914,11 +900,10 @@ def setup_privileges(path, setup_path, session_info, lp):
|
||||
privilege_ldb.load_ldif_file_add(setup_path("provision_privilege.ldif"))
|
||||
|
||||
|
||||
def setup_registry(path, setup_path, session_info, lp):
|
||||
def setup_registry(path, session_info, lp):
|
||||
"""Setup the registry.
|
||||
|
||||
:param path: Path to the registry database
|
||||
:param setup_path: Function that returns the path to a setup.
|
||||
:param session_info: Session information
|
||||
:param credentials: Credentials
|
||||
:param lp: Loadparm context
|
||||
@ -931,11 +916,10 @@ def setup_registry(path, setup_path, session_info, lp):
|
||||
reg.diff_apply(provision_reg)
|
||||
|
||||
|
||||
def setup_idmapdb(path, setup_path, session_info, lp):
|
||||
def setup_idmapdb(path, session_info, lp):
|
||||
"""Setup the idmap database.
|
||||
|
||||
:param path: path to the idmap database
|
||||
:param setup_path: Function that returns a path to a setup file
|
||||
:param session_info: Session information
|
||||
:param credentials: Credentials
|
||||
:param lp: Loadparm context
|
||||
@ -949,11 +933,10 @@ def setup_idmapdb(path, setup_path, session_info, lp):
|
||||
return idmap_ldb
|
||||
|
||||
|
||||
def setup_samdb_rootdse(samdb, setup_path, names):
|
||||
def setup_samdb_rootdse(samdb, names):
|
||||
"""Setup the SamDB rootdse.
|
||||
|
||||
:param samdb: Sam Database handle
|
||||
:param setup_path: Obtain setup path
|
||||
"""
|
||||
setup_add_ldif(samdb, setup_path("provision_rootdse_add.ldif"), {
|
||||
"SCHEMADN": names.schemadn,
|
||||
@ -965,7 +948,7 @@ def setup_samdb_rootdse(samdb, setup_path, names):
|
||||
|
||||
|
||||
def setup_self_join(samdb, names, machinepass, dnspass,
|
||||
domainsid, next_rid, invocationid, setup_path,
|
||||
domainsid, next_rid, invocationid,
|
||||
policyguid, policyguid_dc, domainControllerFunctionality,
|
||||
ntdsguid):
|
||||
"""Join a host to its own domain."""
|
||||
@ -1069,7 +1052,7 @@ def create_default_gpo(sysvolpath, dnsdomain, policyguid, policyguid_dc):
|
||||
create_gpo_struct(policy_path)
|
||||
|
||||
|
||||
def setup_samdb(path, setup_path, session_info, provision_backend, lp, names,
|
||||
def setup_samdb(path, session_info, provision_backend, lp, names,
|
||||
logger, domainsid, domainguid, policyguid, policyguid_dc, fill,
|
||||
adminpass, krbtgtpass, machinepass, invocationid, dnspass, ntdsguid,
|
||||
serverrole, am_rodc=False, dom_for_fun_level=None, schema=None,
|
||||
@ -1102,12 +1085,12 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, names,
|
||||
forestFunctionality = dom_for_fun_level
|
||||
|
||||
# Also wipes the database
|
||||
setup_samdb_partitions(path, setup_path, logger=logger, lp=lp,
|
||||
setup_samdb_partitions(path, logger=logger, lp=lp,
|
||||
provision_backend=provision_backend, session_info=session_info,
|
||||
names=names, serverrole=serverrole, schema=schema)
|
||||
|
||||
if schema is None:
|
||||
schema = Schema(setup_path, domainsid, schemadn=names.schemadn)
|
||||
schema = Schema(domainsid, schemadn=names.schemadn)
|
||||
|
||||
# Load the database, but don's load the global schema and don't connect
|
||||
# quite yet
|
||||
@ -1287,7 +1270,6 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, names,
|
||||
next_rid=next_rid,
|
||||
policyguid=policyguid,
|
||||
policyguid_dc=policyguid_dc,
|
||||
setup_path=setup_path,
|
||||
domainControllerFunctionality=domainControllerFunctionality,
|
||||
ntdsguid=ntdsguid)
|
||||
|
||||
@ -1383,7 +1365,7 @@ def setsysvolacl(samdb, netlogon, sysvol, gid, domainsid, dnsdomain, domaindn,
|
||||
set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp)
|
||||
|
||||
|
||||
def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
def provision(logger, session_info, credentials, smbconf=None,
|
||||
targetdir=None, samdb_fill=FILL_FULL, realm=None, rootdn=None,
|
||||
domaindn=None, schemadn=None, configdn=None, serverdn=None,
|
||||
domain=None, hostname=None, hostip=None, hostip6=None, domainsid=None,
|
||||
@ -1401,9 +1383,6 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
:note: caution, this wipes all existing data!
|
||||
"""
|
||||
|
||||
def setup_path(file):
|
||||
return os.path.join(setup_dir, file)
|
||||
|
||||
if domainsid is None:
|
||||
domainsid = security.random_sid()
|
||||
else:
|
||||
@ -1466,11 +1445,11 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
data = open(smbconf, 'r').read()
|
||||
data = data.lstrip()
|
||||
if data is None or data == "":
|
||||
make_smbconf(smbconf, setup_path, hostname, domain, realm,
|
||||
make_smbconf(smbconf, hostname, domain, realm,
|
||||
serverrole, targetdir, sid_generator, useeadb,
|
||||
lp=lp)
|
||||
else:
|
||||
make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole,
|
||||
make_smbconf(smbconf, hostname, domain, realm, serverrole,
|
||||
targetdir, sid_generator, useeadb, lp=lp)
|
||||
|
||||
if lp is None:
|
||||
@ -1510,21 +1489,21 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
|
||||
ldapi_url = "ldapi://%s" % urllib.quote(paths.s4_ldapi_path, safe="")
|
||||
|
||||
schema = Schema(setup_path, domainsid, invocationid=invocationid,
|
||||
schema = Schema(domainsid, invocationid=invocationid,
|
||||
schemadn=names.schemadn)
|
||||
|
||||
if backend_type == "ldb":
|
||||
provision_backend = LDBBackend(backend_type, paths=paths,
|
||||
setup_path=setup_path, lp=lp, credentials=credentials,
|
||||
lp=lp, credentials=credentials,
|
||||
names=names, logger=logger)
|
||||
elif backend_type == "existing":
|
||||
provision_backend = ExistingBackend(backend_type, paths=paths,
|
||||
setup_path=setup_path, lp=lp, credentials=credentials,
|
||||
lp=lp, credentials=credentials,
|
||||
names=names, logger=logger,
|
||||
ldap_backend_forced_uri=ldap_backend_forced_uri)
|
||||
elif backend_type == "fedora-ds":
|
||||
provision_backend = FDSBackend(backend_type, paths=paths,
|
||||
setup_path=setup_path, lp=lp, credentials=credentials,
|
||||
lp=lp, credentials=credentials,
|
||||
names=names, logger=logger, domainsid=domainsid,
|
||||
schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
|
||||
slapd_path=slapd_path,
|
||||
@ -1534,7 +1513,7 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
ldap_backend_forced_uri=ldap_backend_forced_uri)
|
||||
elif backend_type == "openldap":
|
||||
provision_backend = OpenLDAPBackend(backend_type, paths=paths,
|
||||
setup_path=setup_path, lp=lp, credentials=credentials,
|
||||
lp=lp, credentials=credentials,
|
||||
names=names, logger=logger, domainsid=domainsid,
|
||||
schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
|
||||
slapd_path=slapd_path,
|
||||
@ -1556,24 +1535,24 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
share_ldb.load_ldif_file_add(setup_path("share.ldif"))
|
||||
|
||||
logger.info("Setting up secrets.ldb")
|
||||
secrets_ldb = setup_secretsdb(paths, setup_path,
|
||||
secrets_ldb = setup_secretsdb(paths,
|
||||
session_info=session_info,
|
||||
backend_credentials=provision_backend.secrets_credentials, lp=lp)
|
||||
|
||||
try:
|
||||
logger.info("Setting up the registry")
|
||||
setup_registry(paths.hklm, setup_path, session_info,
|
||||
setup_registry(paths.hklm, session_info,
|
||||
lp=lp)
|
||||
|
||||
logger.info("Setting up the privileges database")
|
||||
setup_privileges(paths.privilege, setup_path, session_info, lp=lp)
|
||||
setup_privileges(paths.privilege, session_info, lp=lp)
|
||||
|
||||
logger.info("Setting up idmap db")
|
||||
idmap = setup_idmapdb(paths.idmapdb, setup_path,
|
||||
idmap = setup_idmapdb(paths.idmapdb,
|
||||
session_info=session_info, lp=lp)
|
||||
|
||||
logger.info("Setting up SAM db")
|
||||
samdb = setup_samdb(paths.samdb, setup_path, session_info,
|
||||
samdb = setup_samdb(paths.samdb, session_info,
|
||||
provision_backend, lp, names, logger=logger,
|
||||
domainsid=domainsid, schema=schema, domainguid=domainguid,
|
||||
policyguid=policyguid, policyguid_dc=policyguid_dc,
|
||||
@ -1640,7 +1619,7 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
raise
|
||||
|
||||
if serverrole == "domain controller":
|
||||
secretsdb_setup_dns(secrets_ldb, setup_path, names,
|
||||
secretsdb_setup_dns(secrets_ldb, names,
|
||||
paths.private_dir, realm=names.realm,
|
||||
dnsdomain=names.dnsdomain,
|
||||
dns_keytab_path=paths.dns_keytab, dnspass=dnspass)
|
||||
@ -1651,15 +1630,15 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
|
||||
# Only make a zone file on the first DC, it should be
|
||||
# replicated with DNS replication
|
||||
create_zone_file(lp, logger, paths, targetdir, setup_path,
|
||||
create_zone_file(lp, logger, paths, targetdir,
|
||||
dnsdomain=names.dnsdomain, hostip=hostip, hostip6=hostip6,
|
||||
hostname=names.hostname, realm=names.realm,
|
||||
domainguid=domainguid, ntdsguid=names.ntdsguid)
|
||||
|
||||
create_named_conf(paths, setup_path, realm=names.realm,
|
||||
create_named_conf(paths, realm=names.realm,
|
||||
dnsdomain=names.dnsdomain, private_dir=paths.private_dir)
|
||||
|
||||
create_named_txt(paths.namedtxt, setup_path,
|
||||
create_named_txt(paths.namedtxt,
|
||||
realm=names.realm, dnsdomain=names.dnsdomain,
|
||||
private_dir=paths.private_dir,
|
||||
keytab_name=paths.dns_keytab)
|
||||
@ -1674,19 +1653,19 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
else:
|
||||
set_provision_usn(samdb, 0, maxUSN)
|
||||
|
||||
create_krb5_conf(paths.krb5conf, setup_path,
|
||||
create_krb5_conf(paths.krb5conf,
|
||||
dnsdomain=names.dnsdomain, hostname=names.hostname,
|
||||
realm=names.realm)
|
||||
logger.info("A Kerberos configuration suitable for Samba 4 has been "
|
||||
"generated at %s", paths.krb5conf)
|
||||
|
||||
if serverrole == "domain controller":
|
||||
create_dns_update_list(lp, logger, paths, setup_path)
|
||||
create_dns_update_list(lp, logger, paths)
|
||||
|
||||
provision_backend.post_setup()
|
||||
provision_backend.shutdown()
|
||||
|
||||
create_phpldapadmin_config(paths.phpldapadminconfig, setup_path,
|
||||
create_phpldapadmin_config(paths.phpldapadminconfig,
|
||||
ldapi_url)
|
||||
except Exception:
|
||||
secrets_ldb.transaction_cancel()
|
||||
@ -1745,7 +1724,7 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
|
||||
return result
|
||||
|
||||
|
||||
def provision_become_dc(setup_dir=None, smbconf=None, targetdir=None,
|
||||
def provision_become_dc(smbconf=None, targetdir=None,
|
||||
realm=None, rootdn=None, domaindn=None, schemadn=None, configdn=None,
|
||||
serverdn=None, domain=None, hostname=None, domainsid=None,
|
||||
adminpass=None, krbtgtpass=None, domainguid=None, policyguid=None,
|
||||
@ -1757,7 +1736,7 @@ def provision_become_dc(setup_dir=None, smbconf=None, targetdir=None,
|
||||
logger = logging.getLogger("provision")
|
||||
samba.set_debug_level(debuglevel)
|
||||
|
||||
res = provision(setup_dir, logger, system_session(), None,
|
||||
res = provision(logger, system_session(), None,
|
||||
smbconf=smbconf, targetdir=targetdir, samdb_fill=FILL_DRS,
|
||||
realm=realm, rootdn=rootdn, domaindn=domaindn, schemadn=schemadn,
|
||||
configdn=configdn, serverdn=serverdn, domain=domain,
|
||||
@ -1768,23 +1747,21 @@ def provision_become_dc(setup_dir=None, smbconf=None, targetdir=None,
|
||||
return res
|
||||
|
||||
|
||||
def create_phpldapadmin_config(path, setup_path, ldapi_uri):
|
||||
def create_phpldapadmin_config(path, ldapi_uri):
|
||||
"""Create a PHP LDAP admin configuration file.
|
||||
|
||||
:param path: Path to write the configuration to.
|
||||
:param setup_path: Function to generate setup paths.
|
||||
"""
|
||||
setup_file(setup_path("phpldapadmin-config.php"), path,
|
||||
{"S4_LDAPI_URI": ldapi_uri})
|
||||
|
||||
|
||||
def create_zone_file(lp, logger, paths, targetdir, setup_path, dnsdomain,
|
||||
def create_zone_file(lp, logger, paths, targetdir, dnsdomain,
|
||||
hostip, hostip6, hostname, realm, domainguid,
|
||||
ntdsguid):
|
||||
"""Write out a DNS zone file, from the info in the current database.
|
||||
|
||||
:param paths: paths object
|
||||
:param setup_path: Setup path function.
|
||||
:param dnsdomain: DNS Domain name
|
||||
:param domaindn: DN of the Domain
|
||||
:param hostip: Local IPv4 IP
|
||||
@ -1867,7 +1844,7 @@ def create_zone_file(lp, logger, paths, targetdir, setup_path, dnsdomain,
|
||||
os.system(rndc + " unfreeze " + lp.get("realm"))
|
||||
|
||||
|
||||
def create_dns_update_list(lp, logger, paths, setup_path):
|
||||
def create_dns_update_list(lp, logger, paths):
|
||||
"""Write out a dns_update_list file"""
|
||||
# note that we use no variable substitution on this file
|
||||
# the substitution is done at runtime by samba_dnsupdate
|
||||
@ -1875,13 +1852,12 @@ def create_dns_update_list(lp, logger, paths, setup_path):
|
||||
setup_file(setup_path("spn_update_list"), paths.spn_update_list, None)
|
||||
|
||||
|
||||
def create_named_conf(paths, setup_path, realm, dnsdomain,
|
||||
def create_named_conf(paths, realm, dnsdomain,
|
||||
private_dir):
|
||||
"""Write out a file containing zone statements suitable for inclusion in a
|
||||
named.conf file (including GSS-TSIG configuration).
|
||||
|
||||
:param paths: all paths
|
||||
:param setup_path: Setup path function.
|
||||
:param realm: Realm name
|
||||
:param dnsdomain: DNS Domain name
|
||||
:param private_dir: Path to private directory
|
||||
@ -1900,13 +1876,12 @@ def create_named_conf(paths, setup_path, realm, dnsdomain,
|
||||
setup_file(setup_path("named.conf.update"), paths.namedconf_update)
|
||||
|
||||
|
||||
def create_named_txt(path, setup_path, realm, dnsdomain, private_dir,
|
||||
def create_named_txt(path, realm, dnsdomain, private_dir,
|
||||
keytab_name):
|
||||
"""Write out a file containing zone statements suitable for inclusion in a
|
||||
named.conf file (including GSS-TSIG configuration).
|
||||
|
||||
:param path: Path of the new named.conf file.
|
||||
:param setup_path: Setup path function.
|
||||
:param realm: Realm name
|
||||
:param dnsdomain: DNS Domain name
|
||||
:param private_dir: Path to private directory
|
||||
@ -1921,12 +1896,11 @@ def create_named_txt(path, setup_path, realm, dnsdomain, private_dir,
|
||||
})
|
||||
|
||||
|
||||
def create_krb5_conf(path, setup_path, dnsdomain, hostname, realm):
|
||||
def create_krb5_conf(path, dnsdomain, hostname, realm):
|
||||
"""Write out a file containing zone statements suitable for inclusion in a
|
||||
named.conf file (including GSS-TSIG configuration).
|
||||
|
||||
:param path: Path of the new named.conf file.
|
||||
:param setup_path: Setup path function.
|
||||
:param dnsdomain: DNS Domain name
|
||||
:param hostname: Local hostname
|
||||
:param realm: Realm name
|
||||
|
@ -42,7 +42,6 @@ from samba import Ldb, read_and_sub_file, setup_file
|
||||
from samba.credentials import Credentials, DONT_USE_KERBEROS
|
||||
from samba.schema import Schema
|
||||
|
||||
|
||||
class SlapdAlreadyRunning(Exception):
|
||||
|
||||
def __init__(self, uri):
|
||||
@ -53,12 +52,10 @@ class SlapdAlreadyRunning(Exception):
|
||||
|
||||
|
||||
class ProvisionBackend(object):
|
||||
|
||||
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
|
||||
def __init__(self, backend_type, paths=None, lp=None,
|
||||
credentials=None, names=None, logger=None):
|
||||
"""Provision a backend for samba4"""
|
||||
self.paths = paths
|
||||
self.setup_path = setup_path
|
||||
self.lp = lp
|
||||
self.credentials = credentials
|
||||
self.names = names
|
||||
@ -107,11 +104,11 @@ class LDBBackend(ProvisionBackend):
|
||||
|
||||
class ExistingBackend(ProvisionBackend):
|
||||
|
||||
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
|
||||
def __init__(self, backend_type, paths=None, lp=None,
|
||||
credentials=None, names=None, logger=None, ldapi_uri=None):
|
||||
|
||||
super(ExistingBackend, self).__init__(backend_type=backend_type,
|
||||
paths=paths, setup_path=setup_path, lp=lp,
|
||||
paths=paths, lp=lp,
|
||||
credentials=credentials, names=names, logger=logger,
|
||||
ldap_backend_forced_uri=ldapi_uri)
|
||||
|
||||
@ -132,14 +129,14 @@ class ExistingBackend(ProvisionBackend):
|
||||
|
||||
class LDAPBackend(ProvisionBackend):
|
||||
|
||||
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
|
||||
def __init__(self, backend_type, paths=None, lp=None,
|
||||
credentials=None, names=None, logger=None, domainsid=None,
|
||||
schema=None, hostname=None, ldapadminpass=None,
|
||||
slapd_path=None, ldap_backend_extra_port=None,
|
||||
ldap_backend_forced_uri=None, ldap_dryrun_mode=False):
|
||||
|
||||
super(LDAPBackend, self).__init__(backend_type=backend_type,
|
||||
paths=paths, setup_path=setup_path, lp=lp,
|
||||
paths=paths, lp=lp,
|
||||
credentials=credentials, names=names, logger=logger)
|
||||
|
||||
self.domainsid = domainsid
|
||||
@ -286,13 +283,14 @@ class LDAPBackend(ProvisionBackend):
|
||||
|
||||
class OpenLDAPBackend(LDAPBackend):
|
||||
|
||||
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
|
||||
def __init__(self, backend_type, paths=None, lp=None,
|
||||
credentials=None, names=None, logger=None, domainsid=None,
|
||||
schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
|
||||
ldap_backend_extra_port=None, ldap_dryrun_mode=False,
|
||||
ol_mmr_urls=None, nosync=False, ldap_backend_forced_uri=None):
|
||||
from samba.provision import setup_path
|
||||
super(OpenLDAPBackend, self).__init__( backend_type=backend_type,
|
||||
paths=paths, setup_path=setup_path, lp=lp,
|
||||
paths=paths, lp=lp,
|
||||
credentials=credentials, names=names, logger=logger,
|
||||
domainsid=domainsid, schema=schema, hostname=hostname,
|
||||
ldapadminpass=ldapadminpass, slapd_path=slapd_path,
|
||||
@ -311,26 +309,26 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
self.olcdir = os.path.join(self.ldapdir, "slapd.d")
|
||||
self.olcseedldif = os.path.join(self.ldapdir, "olc_seed.ldif")
|
||||
|
||||
self.schema = Schema(self.setup_path, self.domainsid,
|
||||
self.schema = Schema(self.domainsid,
|
||||
schemadn=self.names.schemadn, files=[
|
||||
setup_path("schema_samba4.ldif")])
|
||||
|
||||
def setup_db_config(self, dbdir):
|
||||
"""Setup a Berkeley database.
|
||||
|
||||
:param setup_path: Setup path function.
|
||||
:param dbdir: Database directory.
|
||||
"""
|
||||
from samba.provision import setup_path
|
||||
if not os.path.isdir(os.path.join(dbdir, "bdb-logs")):
|
||||
os.makedirs(os.path.join(dbdir, "bdb-logs"), 0700)
|
||||
if not os.path.isdir(os.path.join(dbdir, "tmp")):
|
||||
os.makedirs(os.path.join(dbdir, "tmp"), 0700)
|
||||
|
||||
setup_file(self.setup_path("DB_CONFIG"),
|
||||
setup_file(setup_path("DB_CONFIG"),
|
||||
os.path.join(dbdir, "DB_CONFIG"), {"LDAPDBDIR": dbdir})
|
||||
|
||||
def provision(self):
|
||||
from samba.provision import ProvisioningError
|
||||
from samba.provision import ProvisioningError, setup_path
|
||||
# Wipe the directories so we can start
|
||||
shutil.rmtree(os.path.join(self.ldapdir, "db"), True)
|
||||
|
||||
@ -348,11 +346,11 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
refint_attributes = refint_attributes + " " + att
|
||||
|
||||
memberof_config += read_and_sub_file(
|
||||
self.setup_path("memberof.conf"), {
|
||||
setup_path("memberof.conf"), {
|
||||
"MEMBER_ATTR": att,
|
||||
"MEMBEROF_ATTR" : lnkattr[att] })
|
||||
|
||||
refint_config = read_and_sub_file(self.setup_path("refint.conf"),
|
||||
refint_config = read_and_sub_file(setup_path("refint.conf"),
|
||||
{ "LINK_ATTRS" : refint_attributes})
|
||||
|
||||
attrs = ["linkID", "lDAPDisplayName"]
|
||||
@ -389,13 +387,13 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
for url in url_list:
|
||||
serverid = serverid + 1
|
||||
mmr_serverids_config += read_and_sub_file(
|
||||
self.setup_path("mmr_serverids.conf"), {
|
||||
setup_path("mmr_serverids.conf"), {
|
||||
"SERVERID": str(serverid),
|
||||
"LDAPSERVER": url })
|
||||
rid = serverid * 10
|
||||
rid = rid + 1
|
||||
mmr_syncrepl_schema_config += read_and_sub_file(
|
||||
self.setup_path("mmr_syncrepl.conf"), {
|
||||
setup_path("mmr_syncrepl.conf"), {
|
||||
"RID" : str(rid),
|
||||
"MMRDN": self.names.schemadn,
|
||||
"LDAPSERVER" : url,
|
||||
@ -403,7 +401,7 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
|
||||
rid = rid + 1
|
||||
mmr_syncrepl_config_config += read_and_sub_file(
|
||||
self.setup_path("mmr_syncrepl.conf"), {
|
||||
setup_path("mmr_syncrepl.conf"), {
|
||||
"RID" : str(rid),
|
||||
"MMRDN": self.names.configdn,
|
||||
"LDAPSERVER" : url,
|
||||
@ -411,7 +409,7 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
|
||||
rid = rid + 1
|
||||
mmr_syncrepl_user_config += read_and_sub_file(
|
||||
self.setup_path("mmr_syncrepl.conf"), {
|
||||
setup_path("mmr_syncrepl.conf"), {
|
||||
"RID" : str(rid),
|
||||
"MMRDN": self.names.domaindn,
|
||||
"LDAPSERVER" : url,
|
||||
@ -426,31 +424,31 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
olc_serverids_config = ""
|
||||
olc_syncrepl_seed_config = ""
|
||||
olc_mmr_config += read_and_sub_file(
|
||||
self.setup_path("olc_mmr.conf"), {})
|
||||
setup_path("olc_mmr.conf"), {})
|
||||
rid = 500
|
||||
for url in url_list:
|
||||
serverid = serverid + 1
|
||||
olc_serverids_config += read_and_sub_file(
|
||||
self.setup_path("olc_serverid.conf"), {
|
||||
setup_path("olc_serverid.conf"), {
|
||||
"SERVERID" : str(serverid), "LDAPSERVER" : url })
|
||||
|
||||
rid = rid + 1
|
||||
olc_syncrepl_config += read_and_sub_file(
|
||||
self.setup_path("olc_syncrepl.conf"), {
|
||||
setup_path("olc_syncrepl.conf"), {
|
||||
"RID" : str(rid), "LDAPSERVER" : url,
|
||||
"MMR_PASSWORD": mmr_pass})
|
||||
|
||||
olc_syncrepl_seed_config += read_and_sub_file(
|
||||
self.setup_path("olc_syncrepl_seed.conf"), {
|
||||
setup_path("olc_syncrepl_seed.conf"), {
|
||||
"RID" : str(rid), "LDAPSERVER" : url})
|
||||
|
||||
setup_file(self.setup_path("olc_seed.ldif"), self.olcseedldif,
|
||||
setup_file(setup_path("olc_seed.ldif"), self.olcseedldif,
|
||||
{"OLC_SERVER_ID_CONF": olc_serverids_config,
|
||||
"OLC_PW": self.ldapadminpass,
|
||||
"OLC_SYNCREPL_CONF": olc_syncrepl_seed_config})
|
||||
# end olc
|
||||
|
||||
setup_file(self.setup_path("slapd.conf"), self.slapdconf,
|
||||
setup_file(setup_path("slapd.conf"), self.slapdconf,
|
||||
{"DNSDOMAIN": self.names.dnsdomain,
|
||||
"LDAPDIR": self.ldapdir,
|
||||
"DOMAINDN": self.names.domaindn,
|
||||
@ -476,18 +474,18 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
if not os.path.exists(os.path.join(self.ldapdir, "db", "samba", "cn=samba")):
|
||||
os.makedirs(os.path.join(self.ldapdir, "db", "samba", "cn=samba"), 0700)
|
||||
|
||||
setup_file(self.setup_path("cn=samba.ldif"),
|
||||
setup_file(setup_path("cn=samba.ldif"),
|
||||
os.path.join(self.ldapdir, "db", "samba", "cn=samba.ldif"),
|
||||
{ "UUID": str(uuid.uuid4()),
|
||||
"LDAPTIME": timestring(int(time.time()))} )
|
||||
setup_file(self.setup_path("cn=samba-admin.ldif"),
|
||||
setup_file(setup_path("cn=samba-admin.ldif"),
|
||||
os.path.join(self.ldapdir, "db", "samba", "cn=samba", "cn=samba-admin.ldif"),
|
||||
{"LDAPADMINPASS_B64": b64encode(self.ldapadminpass),
|
||||
"UUID": str(uuid.uuid4()),
|
||||
"LDAPTIME": timestring(int(time.time()))} )
|
||||
|
||||
if self.ol_mmr_urls is not None:
|
||||
setup_file(self.setup_path("cn=replicator.ldif"),
|
||||
setup_file(setup_path("cn=replicator.ldif"),
|
||||
os.path.join(self.ldapdir, "db", "samba", "cn=samba", "cn=replicator.ldif"),
|
||||
{"MMR_PASSWORD_B64": b64encode(mmr_pass),
|
||||
"UUID": str(uuid.uuid4()),
|
||||
@ -496,7 +494,7 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
mapping = "schema-map-openldap-2.3"
|
||||
backend_schema = "backend-schema.schema"
|
||||
|
||||
f = open(self.setup_path(mapping), 'r')
|
||||
f = open(setup_path(mapping), 'r')
|
||||
backend_schema_data = self.schema.convert_to_openldap(
|
||||
"openldap", f.read())
|
||||
assert backend_schema_data is not None
|
||||
@ -567,14 +565,14 @@ class OpenLDAPBackend(LDAPBackend):
|
||||
|
||||
class FDSBackend(LDAPBackend):
|
||||
|
||||
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
|
||||
def __init__(self, backend_type, paths=None, lp=None,
|
||||
credentials=None, names=None, logger=None, domainsid=None,
|
||||
schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
|
||||
ldap_backend_extra_port=None, ldap_dryrun_mode=False, root=None,
|
||||
setup_ds_path=None):
|
||||
|
||||
super(FDSBackend, self).__init__(backend_type=backend_type,
|
||||
paths=paths, setup_path=setup_path, lp=lp,
|
||||
paths=paths, lp=lp,
|
||||
credentials=credentials, names=names, logger=logger,
|
||||
domainsid=domainsid, schema=schema, hostname=hostname,
|
||||
ldapadminpass=ldapadminpass, slapd_path=slapd_path,
|
||||
@ -600,7 +598,7 @@ class FDSBackend(LDAPBackend):
|
||||
self.index_ldif = os.path.join(self.ldapdir, "fedorads-index.ldif")
|
||||
self.samba_ldif = os.path.join(self.ldapdir, "fedorads-samba.ldif")
|
||||
|
||||
self.samba3_schema = self.setup_path(
|
||||
self.samba3_schema = setup_path(
|
||||
"../../examples/LDAP/samba.schema")
|
||||
self.samba3_ldif = os.path.join(self.ldapdir, "samba3.ldif")
|
||||
|
||||
@ -614,7 +612,6 @@ class FDSBackend(LDAPBackend):
|
||||
raise Exception("Unable to convert Samba 3 schema.")
|
||||
|
||||
self.schema = Schema(
|
||||
self.setup_path,
|
||||
self.domainsid,
|
||||
schemadn=self.names.schemadn,
|
||||
files=[setup_path("schema_samba4.ldif"), self.samba3_ldif],
|
||||
@ -622,13 +619,13 @@ class FDSBackend(LDAPBackend):
|
||||
"1001:1.3.6.1.4.1.7165.2.2"])
|
||||
|
||||
def provision(self):
|
||||
from samba.provision import ProvisioningError
|
||||
from samba.provision import ProvisioningError, setup_path
|
||||
if self.ldap_backend_extra_port is not None:
|
||||
serverport = "ServerPort=%d" % self.ldap_backend_extra_port
|
||||
else:
|
||||
serverport = ""
|
||||
|
||||
setup_file(self.setup_path("fedorads.inf"), self.fedoradsinf,
|
||||
setup_file(setup_path("fedorads.inf"), self.fedoradsinf,
|
||||
{"ROOT": self.root,
|
||||
"HOSTNAME": self.hostname,
|
||||
"DNSDOMAIN": self.names.dnsdomain,
|
||||
@ -639,28 +636,28 @@ class FDSBackend(LDAPBackend):
|
||||
"LDAPMANAGERPASS": self.ldapadminpass,
|
||||
"SERVERPORT": serverport})
|
||||
|
||||
setup_file(self.setup_path("fedorads-partitions.ldif"),
|
||||
setup_file(setup_path("fedorads-partitions.ldif"),
|
||||
self.partitions_ldif,
|
||||
{"CONFIGDN": self.names.configdn,
|
||||
"SCHEMADN": self.names.schemadn,
|
||||
"SAMBADN": self.sambadn,
|
||||
})
|
||||
|
||||
setup_file(self.setup_path("fedorads-sasl.ldif"), self.sasl_ldif,
|
||||
setup_file(setup_path("fedorads-sasl.ldif"), self.sasl_ldif,
|
||||
{"SAMBADN": self.sambadn,
|
||||
})
|
||||
|
||||
setup_file(self.setup_path("fedorads-dna.ldif"), self.dna_ldif,
|
||||
setup_file(setup_path("fedorads-dna.ldif"), self.dna_ldif,
|
||||
{"DOMAINDN": self.names.domaindn,
|
||||
"SAMBADN": self.sambadn,
|
||||
"DOMAINSID": str(self.domainsid),
|
||||
})
|
||||
|
||||
setup_file(self.setup_path("fedorads-pam.ldif"), self.pam_ldif)
|
||||
setup_file(setup_path("fedorads-pam.ldif"), self.pam_ldif)
|
||||
|
||||
lnkattr = self.schema.linked_attributes()
|
||||
|
||||
refint_config = open(self.setup_path("fedorads-refint-delete.ldif"), 'r').read()
|
||||
refint_config = open(setup_path("fedorads-refint-delete.ldif"), 'r').read()
|
||||
memberof_config = ""
|
||||
index_config = ""
|
||||
argnum = 3
|
||||
@ -668,15 +665,15 @@ class FDSBackend(LDAPBackend):
|
||||
for attr in lnkattr.keys():
|
||||
if lnkattr[attr] is not None:
|
||||
refint_config += read_and_sub_file(
|
||||
self.setup_path("fedorads-refint-add.ldif"),
|
||||
setup_path("fedorads-refint-add.ldif"),
|
||||
{ "ARG_NUMBER" : str(argnum),
|
||||
"LINK_ATTR" : attr })
|
||||
memberof_config += read_and_sub_file(
|
||||
self.setup_path("fedorads-linked-attributes.ldif"),
|
||||
setup_path("fedorads-linked-attributes.ldif"),
|
||||
{ "MEMBER_ATTR" : attr,
|
||||
"MEMBEROF_ATTR" : lnkattr[attr] })
|
||||
index_config += read_and_sub_file(
|
||||
self.setup_path("fedorads-index.ldif"), { "ATTR" : attr })
|
||||
setup_path("fedorads-index.ldif"), { "ATTR" : attr })
|
||||
argnum += 1
|
||||
|
||||
open(self.refint_ldif, 'w').write(refint_config)
|
||||
@ -692,11 +689,11 @@ class FDSBackend(LDAPBackend):
|
||||
attr = "nsUniqueId"
|
||||
|
||||
index_config += read_and_sub_file(
|
||||
self.setup_path("fedorads-index.ldif"), { "ATTR" : attr })
|
||||
setup_path("fedorads-index.ldif"), { "ATTR" : attr })
|
||||
|
||||
open(self.index_ldif, 'w').write(index_config)
|
||||
|
||||
setup_file(self.setup_path("fedorads-samba.ldif"), self.samba_ldif, {
|
||||
setup_file(setup_path("fedorads-samba.ldif"), self.samba_ldif, {
|
||||
"SAMBADN": self.sambadn,
|
||||
"LDAPADMINPASS": self.ldapadminpass
|
||||
})
|
||||
@ -706,7 +703,7 @@ class FDSBackend(LDAPBackend):
|
||||
|
||||
# Build a schema file in Fedora DS format
|
||||
backend_schema_data = self.schema.convert_to_openldap("fedora-ds",
|
||||
open(self.setup_path(mapping), 'r').read())
|
||||
open(setup_path(mapping), 'r').read())
|
||||
assert backend_schema_data is not None
|
||||
f = open(os.path.join(self.ldapdir, backend_schema), 'w')
|
||||
try:
|
||||
|
@ -62,13 +62,14 @@ def get_schema_descriptor(domain_sid):
|
||||
|
||||
class Schema(object):
|
||||
|
||||
def __init__(self, setup_path, domain_sid, invocationid=None, schemadn=None,
|
||||
def __init__(self, domain_sid, invocationid=None, schemadn=None,
|
||||
files=None, override_prefixmap=None, additional_prefixmap=None):
|
||||
from samba.provision import setup_path
|
||||
|
||||
"""Load schema for the SamDB from the AD schema files and
|
||||
samba4_schema.ldif
|
||||
|
||||
:param samdb: Load a schema into a SamDB.
|
||||
:param setup_path: Setup path function.
|
||||
:param schemadn: DN of the schema
|
||||
|
||||
Returns the schema data loaded, to avoid double-parsing when then
|
||||
@ -182,13 +183,11 @@ def get_dnsyntax_attributes(schemadn,schemaldb):
|
||||
return attributes
|
||||
|
||||
|
||||
def ldb_with_schema(setup_dir=None,
|
||||
schemadn="cn=schema,cn=configuration,dc=example,dc=com",
|
||||
def ldb_with_schema(schemadn="cn=schema,cn=configuration,dc=example,dc=com",
|
||||
domainsid=None,
|
||||
override_prefixmap=None):
|
||||
"""Load schema for the SamDB from the AD schema files and samba4_schema.ldif
|
||||
|
||||
:param setup_dir: Setup path
|
||||
:param schemadn: DN of the schema
|
||||
:param serverdn: DN of the server
|
||||
|
||||
@ -197,12 +196,9 @@ def ldb_with_schema(setup_dir=None,
|
||||
operate without a remote or local schema.
|
||||
"""
|
||||
|
||||
def setup_path(file):
|
||||
return os.path.join(setup_dir, file)
|
||||
|
||||
if domainsid is None:
|
||||
domainsid = security.random_sid()
|
||||
else:
|
||||
domainsid = security.dom_sid(domainsid)
|
||||
return Schema(setup_path, domainsid, schemadn=schemadn,
|
||||
return Schema(domainsid, schemadn=schemadn,
|
||||
override_prefixmap=override_prefixmap)
|
||||
|
@ -20,15 +20,10 @@
|
||||
"""Tests for samba.provision."""
|
||||
|
||||
import os
|
||||
from samba.provision import setup_secretsdb, findnss, ProvisionPaths, find_setup_dir
|
||||
from samba.provision import setup_secretsdb, findnss, ProvisionPaths
|
||||
import samba.tests
|
||||
from samba.tests import env_loadparm, TestCase
|
||||
|
||||
setup_dir = find_setup_dir()
|
||||
def setup_path(file):
|
||||
return os.path.join(setup_dir, file)
|
||||
|
||||
|
||||
def create_dummy_secretsdb(path, lp=None):
|
||||
"""Create a dummy secrets database for use in tests.
|
||||
|
||||
@ -43,7 +38,7 @@ def create_dummy_secretsdb(path, lp=None):
|
||||
paths.private_dir = os.path.dirname(path)
|
||||
paths.keytab = "no.keytab"
|
||||
paths.dns_keytab = "no.dns.keytab"
|
||||
secrets_ldb = setup_secretsdb(paths, setup_path, None, None, lp=lp)
|
||||
secrets_ldb = setup_secretsdb(paths, None, None, lp=lp)
|
||||
secrets_ldb.transaction_commit()
|
||||
return secrets_ldb
|
||||
|
||||
@ -59,7 +54,7 @@ class ProvisionTestCase(samba.tests.TestCaseInTempDir):
|
||||
paths.private_dir = os.path.dirname(path)
|
||||
paths.keytab = "no.keytab"
|
||||
paths.dns_keytab = "no.dns.keytab"
|
||||
ldb = setup_secretsdb(paths, setup_path, None, None, lp=env_loadparm())
|
||||
ldb = setup_secretsdb(paths, None, None, lp=env_loadparm())
|
||||
try:
|
||||
self.assertEquals("LSA Secrets",
|
||||
ldb.searchone(basedn="CN=LSA Secrets", attribute="CN"))
|
||||
|
@ -25,7 +25,7 @@ import uuid
|
||||
|
||||
from samba.auth import system_session
|
||||
from samba.provision import (setup_samdb, guess_names, make_smbconf,
|
||||
find_setup_dir, provision_paths_from_lp)
|
||||
provision_paths_from_lp)
|
||||
from samba.provision import DEFAULT_POLICY_GUID, DEFAULT_DC_POLICY_GUID
|
||||
from samba.provision.backend import ProvisionBackend
|
||||
from samba.tests import TestCaseInTempDir
|
||||
@ -41,9 +41,6 @@ class SamDBTestCase(TestCaseInTempDir):
|
||||
provisioning tests (which need a Sam).
|
||||
"""
|
||||
|
||||
def setup_path(self, relpath):
|
||||
return os.path.join(find_setup_dir(), relpath)
|
||||
|
||||
def setUp(self):
|
||||
super(SamDBTestCase, self).setUp()
|
||||
invocationid = str(uuid.uuid4())
|
||||
@ -64,7 +61,7 @@ class SamDBTestCase(TestCaseInTempDir):
|
||||
policyguid_dc = DEFAULT_DC_POLICY_GUID
|
||||
|
||||
smbconf = os.path.join(self.tempdir, "smb.conf")
|
||||
make_smbconf(smbconf, self.setup_path, hostname, domain, dnsdomain,
|
||||
make_smbconf(smbconf, hostname, domain, dnsdomain,
|
||||
serverrole, self.tempdir)
|
||||
|
||||
self.lp = param.LoadParm()
|
||||
@ -81,14 +78,14 @@ class SamDBTestCase(TestCaseInTempDir):
|
||||
logger = logging.getLogger("provision")
|
||||
|
||||
provision_backend = ProvisionBackend("ldb", paths=paths,
|
||||
setup_path=self.setup_path, lp=self.lp, credentials=None,
|
||||
lp=self.lp, credentials=None,
|
||||
names=names, logger=logger)
|
||||
|
||||
schema = Schema(self.setup_path, domainsid, invocationid=invocationid,
|
||||
schema = Schema(domainsid, invocationid=invocationid,
|
||||
schemadn=names.schemadn, serverdn=names.serverdn,
|
||||
am_rodc=False)
|
||||
|
||||
self.samdb = setup_samdb(path, self.setup_path, session_info,
|
||||
self.samdb = setup_samdb(path, session_info,
|
||||
provision_backend, self.lp, names, logger,
|
||||
domainsid, domainguid, policyguid, policyguid_dc, False,
|
||||
"secret", "secret", "secret", invocationid, "secret",
|
||||
|
@ -377,7 +377,7 @@ def import_registry(samba4_registry, samba3_regdb):
|
||||
key_handle.set_value(value_name, value_type, value_data)
|
||||
|
||||
|
||||
def upgrade_provision(samba3, setup_dir, logger, credentials, session_info,
|
||||
def upgrade_provision(samba3, logger, credentials, session_info,
|
||||
smbconf, targetdir):
|
||||
oldconf = samba3.get_conf()
|
||||
|
||||
@ -420,7 +420,7 @@ def upgrade_provision(samba3, setup_dir, logger, credentials, session_info,
|
||||
else:
|
||||
machinepass = None
|
||||
|
||||
result = provision(setup_dir=setup_dir, logger=logger,
|
||||
result = provision(logger=logger,
|
||||
session_info=session_info, credentials=credentials,
|
||||
targetdir=targetdir, realm=realm, domain=domainname,
|
||||
domainguid=domainguid, domainsid=domainsid,
|
||||
|
@ -348,14 +348,13 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf, lp)
|
||||
return names
|
||||
|
||||
|
||||
def newprovision(names, setup_dir, creds, session, smbconf, provdir, logger):
|
||||
def newprovision(names, creds, session, smbconf, provdir, logger):
|
||||
"""Create a new provision.
|
||||
|
||||
This provision will be the reference for knowing what has changed in the
|
||||
since the latest upgrade in the current provision
|
||||
|
||||
:param names: List of provision parameters
|
||||
:param setup_dir: Directory where the setup files are stored
|
||||
:param creds: Credentials for the authentification
|
||||
:param session: Session object
|
||||
:param smbconf: Path to the smb.conf file
|
||||
@ -366,7 +365,7 @@ def newprovision(names, setup_dir, creds, session, smbconf, provdir, logger):
|
||||
shutil.rmtree(provdir)
|
||||
os.mkdir(provdir)
|
||||
logger.info("Provision stored in %s", provdir)
|
||||
provision(setup_dir, logger, session, creds, smbconf=smbconf,
|
||||
provision(logger, session, creds, smbconf=smbconf,
|
||||
targetdir=provdir, samdb_fill=FILL_FULL, realm=names.realm,
|
||||
domain=names.domain, domainguid=names.domainguid,
|
||||
domainsid=str(names.domainsid), ntdsguid=names.ntdsguid,
|
||||
|
@ -35,7 +35,7 @@ import samba.ntacls
|
||||
from samba.credentials import DONT_USE_KERBEROS
|
||||
from samba.auth import system_session
|
||||
import samba.getopt as options
|
||||
from samba.provision import provision, FILL_FULL, FILL_NT4SYNC, FILL_DRS, find_setup_dir, ProvisioningError
|
||||
from samba.provision import provision, FILL_FULL, FILL_NT4SYNC, FILL_DRS, ProvisioningError
|
||||
from samba.dsdb import (
|
||||
DS_DOMAIN_FUNCTION_2000,
|
||||
DS_DOMAIN_FUNCTION_2003,
|
||||
@ -52,8 +52,6 @@ parser.add_option_group(options.VersionOptions(parser))
|
||||
credopts = options.CredentialsOptions(parser)
|
||||
parser.add_option_group(credopts)
|
||||
parser.add_option("--interactive", help="Ask for names", action="store_true")
|
||||
parser.add_option("--setupdir", type="string", metavar="DIR",
|
||||
help="directory with setup files")
|
||||
parser.add_option("--domain", type="string", metavar="DOMAIN",
|
||||
help="set domain")
|
||||
parser.add_option("--domain-guid", type="string", metavar="GUID",
|
||||
@ -205,10 +203,6 @@ creds = credopts.get_credentials(lp)
|
||||
|
||||
creds.set_kerberos_state(DONT_USE_KERBEROS)
|
||||
|
||||
setup_dir = opts.setupdir
|
||||
if setup_dir is None:
|
||||
setup_dir = find_setup_dir()
|
||||
|
||||
samdb_fill = FILL_FULL
|
||||
if opts.blank:
|
||||
samdb_fill = FILL_NT4SYNC
|
||||
@ -241,7 +235,7 @@ else:
|
||||
|
||||
session = system_session()
|
||||
try:
|
||||
provision(setup_dir, logger,
|
||||
provision(logger,
|
||||
session, creds, smbconf=smbconf, targetdir=opts.targetdir,
|
||||
samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain,
|
||||
domainguid=opts.domain_guid, domainsid=opts.domain_sid,
|
||||
|
@ -26,18 +26,14 @@ sys.path.insert(0, "bin/python")
|
||||
import samba
|
||||
import samba.getopt as options
|
||||
from samba.auth import system_session
|
||||
from samba.provision import find_setup_dir
|
||||
from samba.upgrade import upgrade_provision
|
||||
from samba.samba3 import Samba3
|
||||
|
||||
parser = optparse.OptionParser("upgrade_from_s3 [options] <libdir> <smbconf>")
|
||||
sambaopts = options.SambaOptions(parser)
|
||||
parser.add_option_group(sambaopts)
|
||||
parser.add_option_group(options.VersionOptions(parser))
|
||||
credopts = options.CredentialsOptions(parser)
|
||||
parser.add_option_group(credopts)
|
||||
parser.add_option("--setupdir", type="string", metavar="DIR",
|
||||
help="directory with setup files")
|
||||
parser.add_option("--quiet", help="Be quiet")
|
||||
parser.add_option("--blank",
|
||||
help="do not add users or groups, just the structure")
|
||||
@ -73,14 +69,10 @@ samba3 = Samba3(libdir, smbconf)
|
||||
|
||||
logger.info("Provisioning")
|
||||
|
||||
setup_dir = opts.setupdir
|
||||
if setup_dir is None:
|
||||
setup_dir = find_setup_dir()
|
||||
|
||||
lp = sambaopts.get_loadparm()
|
||||
smbconf = lp.configfile
|
||||
creds = credopts.get_credentials(lp)
|
||||
|
||||
upgrade_provision(samba3, setup_dir, logger, credentials=creds,
|
||||
upgrade_provision(samba3, logger, credentials=creds,
|
||||
session_info=system_session(), smbconf=smbconf,
|
||||
targetdir=opts.targetdir)
|
||||
|
Loading…
Reference in New Issue
Block a user