1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00

s4-provision Remove setup_path, setup_dir and find_setup_dir

We now have a reliable way to know the current location of the
templates: dyn_SETUPDIR, which is updated for both the in-build and
installed binaries.

This replaces the function arguments and the distributed resolution of
the setup directory with one 'global' function (imported as required).

This also removes the ability to specify an alternate setup directory
on the command line, as this was rarely if ever used and never tested.

Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2011-02-05 10:34:51 +11:00 committed by Andrew Tridgell
parent 4ae013c01b
commit d1e5a73806
13 changed files with 125 additions and 187 deletions

View File

@ -131,8 +131,6 @@ NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
if (settings->targetdir != NULL)
PyDict_SetItemString(parameters, "targetdir",
PyString_FromString(settings->targetdir));
PyDict_SetItemString(parameters, "setup_dir",
PyString_FromString(dyn_SETUPDIR));
PyDict_SetItemString(parameters, "hostname",
PyString_FromString(settings->netbios_name));
PyDict_SetItemString(parameters, "domain",
@ -364,8 +362,6 @@ struct ldb_context *provision_get_schema(TALLOC_CTX *mem_ctx, struct loadparm_co
parameters = PyDict_New();
PyDict_SetItemString(parameters, "setup_dir",
PyString_FromString(dyn_SETUPDIR));
if (override_prefixmap) {
PyDict_SetItemString(parameters, "override_prefixmap",
PyString_FromStringAndSize((const char *)override_prefixmap->data,

View File

@ -22,6 +22,7 @@
#include "param/param.h"
#include "param/loadparm.h"
#include "lib/talloc/pytalloc.h"
#include "dynconfig/dynconfig.h"
/* There's no Py_ssize_t in 2.4, apparently */
#if PY_MAJOR_VERSION == 2 && PY_MINOR_VERSION < 5
@ -419,9 +420,16 @@ static PyObject *py_default_path(PyObject *self)
return PyString_FromString(lp_default_path());
}
static PyObject *py_setup_dir(PyObject *self)
{
return PyString_FromString(dyn_SETUPDIR);
}
static PyMethodDef pyparam_methods[] = {
{ "default_path", (PyCFunction)py_default_path, METH_NOARGS,
"Returns the default smb.conf path." },
{ "setup_dir", (PyCFunction)py_setup_dir, METH_NOARGS,
"Returns the compiled in location of provision tempates." },
{ NULL }
};

View File

@ -44,7 +44,7 @@ from ldb import (SCOPE_SUBTREE, SCOPE_BASE,
FLAG_MOD_REPLACE, FLAG_MOD_ADD, FLAG_MOD_DELETE,
MessageElement, Message, Dn)
from samba import param, dsdb, Ldb
from samba.provision import (find_setup_dir, get_domain_descriptor,
from samba.provision import (get_domain_descriptor,
get_config_descriptor,
ProvisioningError, get_last_provision_usn,
get_max_usn, update_provision_usn)
@ -182,9 +182,6 @@ smbconf = lp.configfile
creds = credopts.get_credentials(lp)
creds.set_kerberos_state(DONT_USE_KERBEROS)
setup_dir = opts.setupdir
if setup_dir is None:
setup_dir = find_setup_dir()
@ -1442,9 +1439,6 @@ def sync_calculated_attributes(samdb, names):
increment_calculated_keyversion_number(samdb, names.rootdn,
hash["msDs-KeyVersionNumber"])
def setup_path(file):
return os.path.join(setup_dir, file)
# Synopsis for updateprovision
# 1) get path related to provision to be update (called current)
# 2) open current provision ldbs
@ -1586,7 +1580,6 @@ if __name__ == '__main__':
# From here start the big steps of the program
# 1) First get files paths
paths = get_paths(param, smbconf=smbconf)
paths.setup = setup_dir
# Get ldbs with the system session, it is needed for searching
# provision parameters
session = system_session()
@ -1631,7 +1624,7 @@ if __name__ == '__main__':
message(SIMPLE, "Creating a reference provision")
provisiondir = tempfile.mkdtemp(dir=paths.private_dir,
prefix="referenceprovision")
newprovision(names, setup_dir, creds, session, smbconf, provisiondir,
newprovision(names, creds, session, smbconf, provisiondir,
provision_logger)
# TODO
@ -1680,7 +1673,7 @@ if __name__ == '__main__':
new_ldbs.startTransactions()
# 12)
schema = Schema(setup_path, names.domainsid, schemadn=str(names.schemadn))
schema = Schema(names.domainsid, schemadn=str(names.schemadn))
# We create a closure that will be invoked just before schema reload
def schemareloadclosure():
basesam = Ldb(paths.samdb, session_info=session, credentials=creds, lp=lp,

View File

@ -27,7 +27,7 @@ import ldb, samba, sys, os, uuid
from samba.ndr import ndr_pack
from samba.dcerpc import security, drsuapi, misc, nbt
from samba.credentials import Credentials, DONT_USE_KERBEROS
from samba.provision import secretsdb_self_join, provision, FILL_DRS, find_setup_dir
from samba.provision import secretsdb_self_join, provision, FILL_DRS
from samba.schema import Schema
from samba.net import Net
import logging
@ -100,7 +100,6 @@ class dc_join(object):
ctx.acct_dn = "CN=%s,OU=Domain Controllers,%s" % (ctx.myname, ctx.base_dn)
ctx.setup_dir = find_setup_dir()
ctx.tmp_samdb = None
ctx.SPNs = [ "HOST/%s" % ctx.myname,
@ -245,9 +244,7 @@ class dc_join(object):
def create_tmp_samdb(ctx):
'''create a temporary samdb object for schema queries'''
def setup_path(file):
return os.path.join(ctx.setup_dir, file)
ctx.tmp_schema = Schema(setup_path, security.dom_sid(ctx.domsid),
ctx.tmp_schema = Schema(security.dom_sid(ctx.domsid),
schemadn=ctx.schema_dn)
ctx.tmp_samdb = SamDB(session_info=system_session(), url=None, auto_connect=False,
credentials=ctx.creds, lp=ctx.lp, global_schema=False,
@ -424,7 +421,7 @@ class dc_join(object):
logger.addHandler(logging.StreamHandler(sys.stdout))
smbconf = ctx.lp.configfile
presult = provision(ctx.setup_dir, logger, system_session(), None,
presult = provision(logger, system_session(), None,
smbconf=smbconf, targetdir=ctx.targetdir, samdb_fill=FILL_DRS,
realm=ctx.realm, rootdn=ctx.root_dn, domaindn=ctx.base_dn,
schemadn=ctx.schema_dn,

View File

@ -86,20 +86,9 @@ DEFAULTSITE = "Default-First-Site-Name"
LAST_PROVISION_USN_ATTRIBUTE = "lastProvisionUSN"
def find_setup_dir():
"""Find the setup directory used by provision."""
if in_source_tree():
# In source tree
return os.path.join(source_tree_topdir(), "source4/setup")
else:
import sys
for prefix in [sys.prefix,
os.path.join(os.path.dirname(__file__), "../../../../..")]:
for suffix in ["share/setup", "share/samba/setup", "setup"]:
ret = os.path.normpath(os.path.join(prefix, suffix))
if os.path.isdir(ret):
return ret
raise Exception("Unable to find setup directory.")
def setup_path(file):
"""Return an absolute path to the provision tempate file specified by file"""
return os.path.join(samba.param.setup_dir(), file)
# Descriptors of naming contexts and other important objects
@ -560,7 +549,7 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None,
return names
def make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole,
def make_smbconf(smbconf, hostname, domain, realm, serverrole,
targetdir, sid_generator="internal", eadb=False, lp=None):
"""Create a new smb.conf file based on a couple of basic settings.
"""
@ -672,7 +661,7 @@ def setup_name_mappings(samdb, idmap, sid, domaindn, root_uid, nobody_uid,
idmap.setup_name_mapping(sid + "-513", idmap.TYPE_GID, users_gid)
def setup_samdb_partitions(samdb_path, setup_path, logger, lp, session_info,
def setup_samdb_partitions(samdb_path, logger, lp, session_info,
provision_backend, names, schema, serverrole,
erase=False):
"""Setup the partitions for the SAM database.
@ -720,7 +709,7 @@ def setup_samdb_partitions(samdb_path, setup_path, logger, lp, session_info,
})
logger.info("Setting up sam.ldb rootDSE")
setup_samdb_rootdse(samdb, setup_path, names)
setup_samdb_rootdse(samdb, names)
except Exception:
samdb.transaction_cancel()
raise
@ -815,12 +804,11 @@ def secretsdb_self_join(secretsdb, domain,
secretsdb.add(msg)
def secretsdb_setup_dns(secretsdb, setup_path, names, private_dir, realm,
def secretsdb_setup_dns(secretsdb, names, private_dir, realm,
dnsdomain, dns_keytab_path, dnspass):
"""Add DNS specific bits to a secrets database.
:param secretsdb: Ldb Handle to the secrets database
:param setup_path: Setup path function
:param machinepass: Machine password
"""
try:
@ -839,14 +827,13 @@ def secretsdb_setup_dns(secretsdb, setup_path, names, private_dir, realm,
})
def setup_secretsdb(paths, setup_path, session_info, backend_credentials, lp):
def setup_secretsdb(paths, session_info, backend_credentials, lp):
"""Setup the secrets database.
:note: This function does not handle exceptions and transaction on purpose,
it's up to the caller to do this job.
:param path: Path to the secrets database.
:param setup_path: Get the path to a setup file.
:param session_info: Session info.
:param credentials: Credentials
:param lp: Loadparm context
@ -897,11 +884,10 @@ def setup_secretsdb(paths, setup_path, session_info, backend_credentials, lp):
raise
def setup_privileges(path, setup_path, session_info, lp):
def setup_privileges(path, session_info, lp):
"""Setup the privileges database.
:param path: Path to the privileges database.
:param setup_path: Get the path to a setup file.
:param session_info: Session info.
:param credentials: Credentials
:param lp: Loadparm context
@ -914,11 +900,10 @@ def setup_privileges(path, setup_path, session_info, lp):
privilege_ldb.load_ldif_file_add(setup_path("provision_privilege.ldif"))
def setup_registry(path, setup_path, session_info, lp):
def setup_registry(path, session_info, lp):
"""Setup the registry.
:param path: Path to the registry database
:param setup_path: Function that returns the path to a setup.
:param session_info: Session information
:param credentials: Credentials
:param lp: Loadparm context
@ -931,11 +916,10 @@ def setup_registry(path, setup_path, session_info, lp):
reg.diff_apply(provision_reg)
def setup_idmapdb(path, setup_path, session_info, lp):
def setup_idmapdb(path, session_info, lp):
"""Setup the idmap database.
:param path: path to the idmap database
:param setup_path: Function that returns a path to a setup file
:param session_info: Session information
:param credentials: Credentials
:param lp: Loadparm context
@ -949,11 +933,10 @@ def setup_idmapdb(path, setup_path, session_info, lp):
return idmap_ldb
def setup_samdb_rootdse(samdb, setup_path, names):
def setup_samdb_rootdse(samdb, names):
"""Setup the SamDB rootdse.
:param samdb: Sam Database handle
:param setup_path: Obtain setup path
"""
setup_add_ldif(samdb, setup_path("provision_rootdse_add.ldif"), {
"SCHEMADN": names.schemadn,
@ -965,7 +948,7 @@ def setup_samdb_rootdse(samdb, setup_path, names):
def setup_self_join(samdb, names, machinepass, dnspass,
domainsid, next_rid, invocationid, setup_path,
domainsid, next_rid, invocationid,
policyguid, policyguid_dc, domainControllerFunctionality,
ntdsguid):
"""Join a host to its own domain."""
@ -1069,7 +1052,7 @@ def create_default_gpo(sysvolpath, dnsdomain, policyguid, policyguid_dc):
create_gpo_struct(policy_path)
def setup_samdb(path, setup_path, session_info, provision_backend, lp, names,
def setup_samdb(path, session_info, provision_backend, lp, names,
logger, domainsid, domainguid, policyguid, policyguid_dc, fill,
adminpass, krbtgtpass, machinepass, invocationid, dnspass, ntdsguid,
serverrole, am_rodc=False, dom_for_fun_level=None, schema=None,
@ -1102,12 +1085,12 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, names,
forestFunctionality = dom_for_fun_level
# Also wipes the database
setup_samdb_partitions(path, setup_path, logger=logger, lp=lp,
setup_samdb_partitions(path, logger=logger, lp=lp,
provision_backend=provision_backend, session_info=session_info,
names=names, serverrole=serverrole, schema=schema)
if schema is None:
schema = Schema(setup_path, domainsid, schemadn=names.schemadn)
schema = Schema(domainsid, schemadn=names.schemadn)
# Load the database, but don's load the global schema and don't connect
# quite yet
@ -1287,7 +1270,6 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, names,
next_rid=next_rid,
policyguid=policyguid,
policyguid_dc=policyguid_dc,
setup_path=setup_path,
domainControllerFunctionality=domainControllerFunctionality,
ntdsguid=ntdsguid)
@ -1383,7 +1365,7 @@ def setsysvolacl(samdb, netlogon, sysvol, gid, domainsid, dnsdomain, domaindn,
set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp)
def provision(setup_dir, logger, session_info, credentials, smbconf=None,
def provision(logger, session_info, credentials, smbconf=None,
targetdir=None, samdb_fill=FILL_FULL, realm=None, rootdn=None,
domaindn=None, schemadn=None, configdn=None, serverdn=None,
domain=None, hostname=None, hostip=None, hostip6=None, domainsid=None,
@ -1401,9 +1383,6 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
:note: caution, this wipes all existing data!
"""
def setup_path(file):
return os.path.join(setup_dir, file)
if domainsid is None:
domainsid = security.random_sid()
else:
@ -1466,11 +1445,11 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
data = open(smbconf, 'r').read()
data = data.lstrip()
if data is None or data == "":
make_smbconf(smbconf, setup_path, hostname, domain, realm,
make_smbconf(smbconf, hostname, domain, realm,
serverrole, targetdir, sid_generator, useeadb,
lp=lp)
else:
make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole,
make_smbconf(smbconf, hostname, domain, realm, serverrole,
targetdir, sid_generator, useeadb, lp=lp)
if lp is None:
@ -1510,21 +1489,21 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
ldapi_url = "ldapi://%s" % urllib.quote(paths.s4_ldapi_path, safe="")
schema = Schema(setup_path, domainsid, invocationid=invocationid,
schema = Schema(domainsid, invocationid=invocationid,
schemadn=names.schemadn)
if backend_type == "ldb":
provision_backend = LDBBackend(backend_type, paths=paths,
setup_path=setup_path, lp=lp, credentials=credentials,
lp=lp, credentials=credentials,
names=names, logger=logger)
elif backend_type == "existing":
provision_backend = ExistingBackend(backend_type, paths=paths,
setup_path=setup_path, lp=lp, credentials=credentials,
lp=lp, credentials=credentials,
names=names, logger=logger,
ldap_backend_forced_uri=ldap_backend_forced_uri)
elif backend_type == "fedora-ds":
provision_backend = FDSBackend(backend_type, paths=paths,
setup_path=setup_path, lp=lp, credentials=credentials,
lp=lp, credentials=credentials,
names=names, logger=logger, domainsid=domainsid,
schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
slapd_path=slapd_path,
@ -1534,7 +1513,7 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
ldap_backend_forced_uri=ldap_backend_forced_uri)
elif backend_type == "openldap":
provision_backend = OpenLDAPBackend(backend_type, paths=paths,
setup_path=setup_path, lp=lp, credentials=credentials,
lp=lp, credentials=credentials,
names=names, logger=logger, domainsid=domainsid,
schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
slapd_path=slapd_path,
@ -1556,24 +1535,24 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
share_ldb.load_ldif_file_add(setup_path("share.ldif"))
logger.info("Setting up secrets.ldb")
secrets_ldb = setup_secretsdb(paths, setup_path,
secrets_ldb = setup_secretsdb(paths,
session_info=session_info,
backend_credentials=provision_backend.secrets_credentials, lp=lp)
try:
logger.info("Setting up the registry")
setup_registry(paths.hklm, setup_path, session_info,
setup_registry(paths.hklm, session_info,
lp=lp)
logger.info("Setting up the privileges database")
setup_privileges(paths.privilege, setup_path, session_info, lp=lp)
setup_privileges(paths.privilege, session_info, lp=lp)
logger.info("Setting up idmap db")
idmap = setup_idmapdb(paths.idmapdb, setup_path,
idmap = setup_idmapdb(paths.idmapdb,
session_info=session_info, lp=lp)
logger.info("Setting up SAM db")
samdb = setup_samdb(paths.samdb, setup_path, session_info,
samdb = setup_samdb(paths.samdb, session_info,
provision_backend, lp, names, logger=logger,
domainsid=domainsid, schema=schema, domainguid=domainguid,
policyguid=policyguid, policyguid_dc=policyguid_dc,
@ -1640,7 +1619,7 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
raise
if serverrole == "domain controller":
secretsdb_setup_dns(secrets_ldb, setup_path, names,
secretsdb_setup_dns(secrets_ldb, names,
paths.private_dir, realm=names.realm,
dnsdomain=names.dnsdomain,
dns_keytab_path=paths.dns_keytab, dnspass=dnspass)
@ -1651,15 +1630,15 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
# Only make a zone file on the first DC, it should be
# replicated with DNS replication
create_zone_file(lp, logger, paths, targetdir, setup_path,
create_zone_file(lp, logger, paths, targetdir,
dnsdomain=names.dnsdomain, hostip=hostip, hostip6=hostip6,
hostname=names.hostname, realm=names.realm,
domainguid=domainguid, ntdsguid=names.ntdsguid)
create_named_conf(paths, setup_path, realm=names.realm,
create_named_conf(paths, realm=names.realm,
dnsdomain=names.dnsdomain, private_dir=paths.private_dir)
create_named_txt(paths.namedtxt, setup_path,
create_named_txt(paths.namedtxt,
realm=names.realm, dnsdomain=names.dnsdomain,
private_dir=paths.private_dir,
keytab_name=paths.dns_keytab)
@ -1674,19 +1653,19 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
else:
set_provision_usn(samdb, 0, maxUSN)
create_krb5_conf(paths.krb5conf, setup_path,
create_krb5_conf(paths.krb5conf,
dnsdomain=names.dnsdomain, hostname=names.hostname,
realm=names.realm)
logger.info("A Kerberos configuration suitable for Samba 4 has been "
"generated at %s", paths.krb5conf)
if serverrole == "domain controller":
create_dns_update_list(lp, logger, paths, setup_path)
create_dns_update_list(lp, logger, paths)
provision_backend.post_setup()
provision_backend.shutdown()
create_phpldapadmin_config(paths.phpldapadminconfig, setup_path,
create_phpldapadmin_config(paths.phpldapadminconfig,
ldapi_url)
except Exception:
secrets_ldb.transaction_cancel()
@ -1745,7 +1724,7 @@ def provision(setup_dir, logger, session_info, credentials, smbconf=None,
return result
def provision_become_dc(setup_dir=None, smbconf=None, targetdir=None,
def provision_become_dc(smbconf=None, targetdir=None,
realm=None, rootdn=None, domaindn=None, schemadn=None, configdn=None,
serverdn=None, domain=None, hostname=None, domainsid=None,
adminpass=None, krbtgtpass=None, domainguid=None, policyguid=None,
@ -1757,7 +1736,7 @@ def provision_become_dc(setup_dir=None, smbconf=None, targetdir=None,
logger = logging.getLogger("provision")
samba.set_debug_level(debuglevel)
res = provision(setup_dir, logger, system_session(), None,
res = provision(logger, system_session(), None,
smbconf=smbconf, targetdir=targetdir, samdb_fill=FILL_DRS,
realm=realm, rootdn=rootdn, domaindn=domaindn, schemadn=schemadn,
configdn=configdn, serverdn=serverdn, domain=domain,
@ -1768,23 +1747,21 @@ def provision_become_dc(setup_dir=None, smbconf=None, targetdir=None,
return res
def create_phpldapadmin_config(path, setup_path, ldapi_uri):
def create_phpldapadmin_config(path, ldapi_uri):
"""Create a PHP LDAP admin configuration file.
:param path: Path to write the configuration to.
:param setup_path: Function to generate setup paths.
"""
setup_file(setup_path("phpldapadmin-config.php"), path,
{"S4_LDAPI_URI": ldapi_uri})
def create_zone_file(lp, logger, paths, targetdir, setup_path, dnsdomain,
def create_zone_file(lp, logger, paths, targetdir, dnsdomain,
hostip, hostip6, hostname, realm, domainguid,
ntdsguid):
"""Write out a DNS zone file, from the info in the current database.
:param paths: paths object
:param setup_path: Setup path function.
:param dnsdomain: DNS Domain name
:param domaindn: DN of the Domain
:param hostip: Local IPv4 IP
@ -1867,7 +1844,7 @@ def create_zone_file(lp, logger, paths, targetdir, setup_path, dnsdomain,
os.system(rndc + " unfreeze " + lp.get("realm"))
def create_dns_update_list(lp, logger, paths, setup_path):
def create_dns_update_list(lp, logger, paths):
"""Write out a dns_update_list file"""
# note that we use no variable substitution on this file
# the substitution is done at runtime by samba_dnsupdate
@ -1875,13 +1852,12 @@ def create_dns_update_list(lp, logger, paths, setup_path):
setup_file(setup_path("spn_update_list"), paths.spn_update_list, None)
def create_named_conf(paths, setup_path, realm, dnsdomain,
def create_named_conf(paths, realm, dnsdomain,
private_dir):
"""Write out a file containing zone statements suitable for inclusion in a
named.conf file (including GSS-TSIG configuration).
:param paths: all paths
:param setup_path: Setup path function.
:param realm: Realm name
:param dnsdomain: DNS Domain name
:param private_dir: Path to private directory
@ -1900,13 +1876,12 @@ def create_named_conf(paths, setup_path, realm, dnsdomain,
setup_file(setup_path("named.conf.update"), paths.namedconf_update)
def create_named_txt(path, setup_path, realm, dnsdomain, private_dir,
def create_named_txt(path, realm, dnsdomain, private_dir,
keytab_name):
"""Write out a file containing zone statements suitable for inclusion in a
named.conf file (including GSS-TSIG configuration).
:param path: Path of the new named.conf file.
:param setup_path: Setup path function.
:param realm: Realm name
:param dnsdomain: DNS Domain name
:param private_dir: Path to private directory
@ -1921,12 +1896,11 @@ def create_named_txt(path, setup_path, realm, dnsdomain, private_dir,
})
def create_krb5_conf(path, setup_path, dnsdomain, hostname, realm):
def create_krb5_conf(path, dnsdomain, hostname, realm):
"""Write out a file containing zone statements suitable for inclusion in a
named.conf file (including GSS-TSIG configuration).
:param path: Path of the new named.conf file.
:param setup_path: Setup path function.
:param dnsdomain: DNS Domain name
:param hostname: Local hostname
:param realm: Realm name

View File

@ -42,7 +42,6 @@ from samba import Ldb, read_and_sub_file, setup_file
from samba.credentials import Credentials, DONT_USE_KERBEROS
from samba.schema import Schema
class SlapdAlreadyRunning(Exception):
def __init__(self, uri):
@ -53,12 +52,10 @@ class SlapdAlreadyRunning(Exception):
class ProvisionBackend(object):
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
def __init__(self, backend_type, paths=None, lp=None,
credentials=None, names=None, logger=None):
"""Provision a backend for samba4"""
self.paths = paths
self.setup_path = setup_path
self.lp = lp
self.credentials = credentials
self.names = names
@ -107,11 +104,11 @@ class LDBBackend(ProvisionBackend):
class ExistingBackend(ProvisionBackend):
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
def __init__(self, backend_type, paths=None, lp=None,
credentials=None, names=None, logger=None, ldapi_uri=None):
super(ExistingBackend, self).__init__(backend_type=backend_type,
paths=paths, setup_path=setup_path, lp=lp,
paths=paths, lp=lp,
credentials=credentials, names=names, logger=logger,
ldap_backend_forced_uri=ldapi_uri)
@ -132,14 +129,14 @@ class ExistingBackend(ProvisionBackend):
class LDAPBackend(ProvisionBackend):
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
def __init__(self, backend_type, paths=None, lp=None,
credentials=None, names=None, logger=None, domainsid=None,
schema=None, hostname=None, ldapadminpass=None,
slapd_path=None, ldap_backend_extra_port=None,
ldap_backend_forced_uri=None, ldap_dryrun_mode=False):
super(LDAPBackend, self).__init__(backend_type=backend_type,
paths=paths, setup_path=setup_path, lp=lp,
paths=paths, lp=lp,
credentials=credentials, names=names, logger=logger)
self.domainsid = domainsid
@ -286,13 +283,14 @@ class LDAPBackend(ProvisionBackend):
class OpenLDAPBackend(LDAPBackend):
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
def __init__(self, backend_type, paths=None, lp=None,
credentials=None, names=None, logger=None, domainsid=None,
schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
ldap_backend_extra_port=None, ldap_dryrun_mode=False,
ol_mmr_urls=None, nosync=False, ldap_backend_forced_uri=None):
from samba.provision import setup_path
super(OpenLDAPBackend, self).__init__( backend_type=backend_type,
paths=paths, setup_path=setup_path, lp=lp,
paths=paths, lp=lp,
credentials=credentials, names=names, logger=logger,
domainsid=domainsid, schema=schema, hostname=hostname,
ldapadminpass=ldapadminpass, slapd_path=slapd_path,
@ -311,26 +309,26 @@ class OpenLDAPBackend(LDAPBackend):
self.olcdir = os.path.join(self.ldapdir, "slapd.d")
self.olcseedldif = os.path.join(self.ldapdir, "olc_seed.ldif")
self.schema = Schema(self.setup_path, self.domainsid,
self.schema = Schema(self.domainsid,
schemadn=self.names.schemadn, files=[
setup_path("schema_samba4.ldif")])
def setup_db_config(self, dbdir):
"""Setup a Berkeley database.
:param setup_path: Setup path function.
:param dbdir: Database directory.
"""
from samba.provision import setup_path
if not os.path.isdir(os.path.join(dbdir, "bdb-logs")):
os.makedirs(os.path.join(dbdir, "bdb-logs"), 0700)
if not os.path.isdir(os.path.join(dbdir, "tmp")):
os.makedirs(os.path.join(dbdir, "tmp"), 0700)
setup_file(self.setup_path("DB_CONFIG"),
setup_file(setup_path("DB_CONFIG"),
os.path.join(dbdir, "DB_CONFIG"), {"LDAPDBDIR": dbdir})
def provision(self):
from samba.provision import ProvisioningError
from samba.provision import ProvisioningError, setup_path
# Wipe the directories so we can start
shutil.rmtree(os.path.join(self.ldapdir, "db"), True)
@ -348,11 +346,11 @@ class OpenLDAPBackend(LDAPBackend):
refint_attributes = refint_attributes + " " + att
memberof_config += read_and_sub_file(
self.setup_path("memberof.conf"), {
setup_path("memberof.conf"), {
"MEMBER_ATTR": att,
"MEMBEROF_ATTR" : lnkattr[att] })
refint_config = read_and_sub_file(self.setup_path("refint.conf"),
refint_config = read_and_sub_file(setup_path("refint.conf"),
{ "LINK_ATTRS" : refint_attributes})
attrs = ["linkID", "lDAPDisplayName"]
@ -389,13 +387,13 @@ class OpenLDAPBackend(LDAPBackend):
for url in url_list:
serverid = serverid + 1
mmr_serverids_config += read_and_sub_file(
self.setup_path("mmr_serverids.conf"), {
setup_path("mmr_serverids.conf"), {
"SERVERID": str(serverid),
"LDAPSERVER": url })
rid = serverid * 10
rid = rid + 1
mmr_syncrepl_schema_config += read_and_sub_file(
self.setup_path("mmr_syncrepl.conf"), {
setup_path("mmr_syncrepl.conf"), {
"RID" : str(rid),
"MMRDN": self.names.schemadn,
"LDAPSERVER" : url,
@ -403,7 +401,7 @@ class OpenLDAPBackend(LDAPBackend):
rid = rid + 1
mmr_syncrepl_config_config += read_and_sub_file(
self.setup_path("mmr_syncrepl.conf"), {
setup_path("mmr_syncrepl.conf"), {
"RID" : str(rid),
"MMRDN": self.names.configdn,
"LDAPSERVER" : url,
@ -411,7 +409,7 @@ class OpenLDAPBackend(LDAPBackend):
rid = rid + 1
mmr_syncrepl_user_config += read_and_sub_file(
self.setup_path("mmr_syncrepl.conf"), {
setup_path("mmr_syncrepl.conf"), {
"RID" : str(rid),
"MMRDN": self.names.domaindn,
"LDAPSERVER" : url,
@ -426,31 +424,31 @@ class OpenLDAPBackend(LDAPBackend):
olc_serverids_config = ""
olc_syncrepl_seed_config = ""
olc_mmr_config += read_and_sub_file(
self.setup_path("olc_mmr.conf"), {})
setup_path("olc_mmr.conf"), {})
rid = 500
for url in url_list:
serverid = serverid + 1
olc_serverids_config += read_and_sub_file(
self.setup_path("olc_serverid.conf"), {
setup_path("olc_serverid.conf"), {
"SERVERID" : str(serverid), "LDAPSERVER" : url })
rid = rid + 1
olc_syncrepl_config += read_and_sub_file(
self.setup_path("olc_syncrepl.conf"), {
setup_path("olc_syncrepl.conf"), {
"RID" : str(rid), "LDAPSERVER" : url,
"MMR_PASSWORD": mmr_pass})
olc_syncrepl_seed_config += read_and_sub_file(
self.setup_path("olc_syncrepl_seed.conf"), {
setup_path("olc_syncrepl_seed.conf"), {
"RID" : str(rid), "LDAPSERVER" : url})
setup_file(self.setup_path("olc_seed.ldif"), self.olcseedldif,
setup_file(setup_path("olc_seed.ldif"), self.olcseedldif,
{"OLC_SERVER_ID_CONF": olc_serverids_config,
"OLC_PW": self.ldapadminpass,
"OLC_SYNCREPL_CONF": olc_syncrepl_seed_config})
# end olc
setup_file(self.setup_path("slapd.conf"), self.slapdconf,
setup_file(setup_path("slapd.conf"), self.slapdconf,
{"DNSDOMAIN": self.names.dnsdomain,
"LDAPDIR": self.ldapdir,
"DOMAINDN": self.names.domaindn,
@ -476,18 +474,18 @@ class OpenLDAPBackend(LDAPBackend):
if not os.path.exists(os.path.join(self.ldapdir, "db", "samba", "cn=samba")):
os.makedirs(os.path.join(self.ldapdir, "db", "samba", "cn=samba"), 0700)
setup_file(self.setup_path("cn=samba.ldif"),
setup_file(setup_path("cn=samba.ldif"),
os.path.join(self.ldapdir, "db", "samba", "cn=samba.ldif"),
{ "UUID": str(uuid.uuid4()),
"LDAPTIME": timestring(int(time.time()))} )
setup_file(self.setup_path("cn=samba-admin.ldif"),
setup_file(setup_path("cn=samba-admin.ldif"),
os.path.join(self.ldapdir, "db", "samba", "cn=samba", "cn=samba-admin.ldif"),
{"LDAPADMINPASS_B64": b64encode(self.ldapadminpass),
"UUID": str(uuid.uuid4()),
"LDAPTIME": timestring(int(time.time()))} )
if self.ol_mmr_urls is not None:
setup_file(self.setup_path("cn=replicator.ldif"),
setup_file(setup_path("cn=replicator.ldif"),
os.path.join(self.ldapdir, "db", "samba", "cn=samba", "cn=replicator.ldif"),
{"MMR_PASSWORD_B64": b64encode(mmr_pass),
"UUID": str(uuid.uuid4()),
@ -496,7 +494,7 @@ class OpenLDAPBackend(LDAPBackend):
mapping = "schema-map-openldap-2.3"
backend_schema = "backend-schema.schema"
f = open(self.setup_path(mapping), 'r')
f = open(setup_path(mapping), 'r')
backend_schema_data = self.schema.convert_to_openldap(
"openldap", f.read())
assert backend_schema_data is not None
@ -567,14 +565,14 @@ class OpenLDAPBackend(LDAPBackend):
class FDSBackend(LDAPBackend):
def __init__(self, backend_type, paths=None, setup_path=None, lp=None,
def __init__(self, backend_type, paths=None, lp=None,
credentials=None, names=None, logger=None, domainsid=None,
schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
ldap_backend_extra_port=None, ldap_dryrun_mode=False, root=None,
setup_ds_path=None):
super(FDSBackend, self).__init__(backend_type=backend_type,
paths=paths, setup_path=setup_path, lp=lp,
paths=paths, lp=lp,
credentials=credentials, names=names, logger=logger,
domainsid=domainsid, schema=schema, hostname=hostname,
ldapadminpass=ldapadminpass, slapd_path=slapd_path,
@ -600,7 +598,7 @@ class FDSBackend(LDAPBackend):
self.index_ldif = os.path.join(self.ldapdir, "fedorads-index.ldif")
self.samba_ldif = os.path.join(self.ldapdir, "fedorads-samba.ldif")
self.samba3_schema = self.setup_path(
self.samba3_schema = setup_path(
"../../examples/LDAP/samba.schema")
self.samba3_ldif = os.path.join(self.ldapdir, "samba3.ldif")
@ -614,7 +612,6 @@ class FDSBackend(LDAPBackend):
raise Exception("Unable to convert Samba 3 schema.")
self.schema = Schema(
self.setup_path,
self.domainsid,
schemadn=self.names.schemadn,
files=[setup_path("schema_samba4.ldif"), self.samba3_ldif],
@ -622,13 +619,13 @@ class FDSBackend(LDAPBackend):
"1001:1.3.6.1.4.1.7165.2.2"])
def provision(self):
from samba.provision import ProvisioningError
from samba.provision import ProvisioningError, setup_path
if self.ldap_backend_extra_port is not None:
serverport = "ServerPort=%d" % self.ldap_backend_extra_port
else:
serverport = ""
setup_file(self.setup_path("fedorads.inf"), self.fedoradsinf,
setup_file(setup_path("fedorads.inf"), self.fedoradsinf,
{"ROOT": self.root,
"HOSTNAME": self.hostname,
"DNSDOMAIN": self.names.dnsdomain,
@ -639,28 +636,28 @@ class FDSBackend(LDAPBackend):
"LDAPMANAGERPASS": self.ldapadminpass,
"SERVERPORT": serverport})
setup_file(self.setup_path("fedorads-partitions.ldif"),
setup_file(setup_path("fedorads-partitions.ldif"),
self.partitions_ldif,
{"CONFIGDN": self.names.configdn,
"SCHEMADN": self.names.schemadn,
"SAMBADN": self.sambadn,
})
setup_file(self.setup_path("fedorads-sasl.ldif"), self.sasl_ldif,
setup_file(setup_path("fedorads-sasl.ldif"), self.sasl_ldif,
{"SAMBADN": self.sambadn,
})
setup_file(self.setup_path("fedorads-dna.ldif"), self.dna_ldif,
setup_file(setup_path("fedorads-dna.ldif"), self.dna_ldif,
{"DOMAINDN": self.names.domaindn,
"SAMBADN": self.sambadn,
"DOMAINSID": str(self.domainsid),
})
setup_file(self.setup_path("fedorads-pam.ldif"), self.pam_ldif)
setup_file(setup_path("fedorads-pam.ldif"), self.pam_ldif)
lnkattr = self.schema.linked_attributes()
refint_config = open(self.setup_path("fedorads-refint-delete.ldif"), 'r').read()
refint_config = open(setup_path("fedorads-refint-delete.ldif"), 'r').read()
memberof_config = ""
index_config = ""
argnum = 3
@ -668,15 +665,15 @@ class FDSBackend(LDAPBackend):
for attr in lnkattr.keys():
if lnkattr[attr] is not None:
refint_config += read_and_sub_file(
self.setup_path("fedorads-refint-add.ldif"),
setup_path("fedorads-refint-add.ldif"),
{ "ARG_NUMBER" : str(argnum),
"LINK_ATTR" : attr })
memberof_config += read_and_sub_file(
self.setup_path("fedorads-linked-attributes.ldif"),
setup_path("fedorads-linked-attributes.ldif"),
{ "MEMBER_ATTR" : attr,
"MEMBEROF_ATTR" : lnkattr[attr] })
index_config += read_and_sub_file(
self.setup_path("fedorads-index.ldif"), { "ATTR" : attr })
setup_path("fedorads-index.ldif"), { "ATTR" : attr })
argnum += 1
open(self.refint_ldif, 'w').write(refint_config)
@ -692,11 +689,11 @@ class FDSBackend(LDAPBackend):
attr = "nsUniqueId"
index_config += read_and_sub_file(
self.setup_path("fedorads-index.ldif"), { "ATTR" : attr })
setup_path("fedorads-index.ldif"), { "ATTR" : attr })
open(self.index_ldif, 'w').write(index_config)
setup_file(self.setup_path("fedorads-samba.ldif"), self.samba_ldif, {
setup_file(setup_path("fedorads-samba.ldif"), self.samba_ldif, {
"SAMBADN": self.sambadn,
"LDAPADMINPASS": self.ldapadminpass
})
@ -706,7 +703,7 @@ class FDSBackend(LDAPBackend):
# Build a schema file in Fedora DS format
backend_schema_data = self.schema.convert_to_openldap("fedora-ds",
open(self.setup_path(mapping), 'r').read())
open(setup_path(mapping), 'r').read())
assert backend_schema_data is not None
f = open(os.path.join(self.ldapdir, backend_schema), 'w')
try:

View File

@ -62,13 +62,14 @@ def get_schema_descriptor(domain_sid):
class Schema(object):
def __init__(self, setup_path, domain_sid, invocationid=None, schemadn=None,
def __init__(self, domain_sid, invocationid=None, schemadn=None,
files=None, override_prefixmap=None, additional_prefixmap=None):
from samba.provision import setup_path
"""Load schema for the SamDB from the AD schema files and
samba4_schema.ldif
:param samdb: Load a schema into a SamDB.
:param setup_path: Setup path function.
:param schemadn: DN of the schema
Returns the schema data loaded, to avoid double-parsing when then
@ -182,13 +183,11 @@ def get_dnsyntax_attributes(schemadn,schemaldb):
return attributes
def ldb_with_schema(setup_dir=None,
schemadn="cn=schema,cn=configuration,dc=example,dc=com",
def ldb_with_schema(schemadn="cn=schema,cn=configuration,dc=example,dc=com",
domainsid=None,
override_prefixmap=None):
"""Load schema for the SamDB from the AD schema files and samba4_schema.ldif
:param setup_dir: Setup path
:param schemadn: DN of the schema
:param serverdn: DN of the server
@ -197,12 +196,9 @@ def ldb_with_schema(setup_dir=None,
operate without a remote or local schema.
"""
def setup_path(file):
return os.path.join(setup_dir, file)
if domainsid is None:
domainsid = security.random_sid()
else:
domainsid = security.dom_sid(domainsid)
return Schema(setup_path, domainsid, schemadn=schemadn,
return Schema(domainsid, schemadn=schemadn,
override_prefixmap=override_prefixmap)

View File

@ -20,15 +20,10 @@
"""Tests for samba.provision."""
import os
from samba.provision import setup_secretsdb, findnss, ProvisionPaths, find_setup_dir
from samba.provision import setup_secretsdb, findnss, ProvisionPaths
import samba.tests
from samba.tests import env_loadparm, TestCase
setup_dir = find_setup_dir()
def setup_path(file):
return os.path.join(setup_dir, file)
def create_dummy_secretsdb(path, lp=None):
"""Create a dummy secrets database for use in tests.
@ -43,7 +38,7 @@ def create_dummy_secretsdb(path, lp=None):
paths.private_dir = os.path.dirname(path)
paths.keytab = "no.keytab"
paths.dns_keytab = "no.dns.keytab"
secrets_ldb = setup_secretsdb(paths, setup_path, None, None, lp=lp)
secrets_ldb = setup_secretsdb(paths, None, None, lp=lp)
secrets_ldb.transaction_commit()
return secrets_ldb
@ -59,7 +54,7 @@ class ProvisionTestCase(samba.tests.TestCaseInTempDir):
paths.private_dir = os.path.dirname(path)
paths.keytab = "no.keytab"
paths.dns_keytab = "no.dns.keytab"
ldb = setup_secretsdb(paths, setup_path, None, None, lp=env_loadparm())
ldb = setup_secretsdb(paths, None, None, lp=env_loadparm())
try:
self.assertEquals("LSA Secrets",
ldb.searchone(basedn="CN=LSA Secrets", attribute="CN"))

View File

@ -25,7 +25,7 @@ import uuid
from samba.auth import system_session
from samba.provision import (setup_samdb, guess_names, make_smbconf,
find_setup_dir, provision_paths_from_lp)
provision_paths_from_lp)
from samba.provision import DEFAULT_POLICY_GUID, DEFAULT_DC_POLICY_GUID
from samba.provision.backend import ProvisionBackend
from samba.tests import TestCaseInTempDir
@ -41,9 +41,6 @@ class SamDBTestCase(TestCaseInTempDir):
provisioning tests (which need a Sam).
"""
def setup_path(self, relpath):
return os.path.join(find_setup_dir(), relpath)
def setUp(self):
super(SamDBTestCase, self).setUp()
invocationid = str(uuid.uuid4())
@ -64,7 +61,7 @@ class SamDBTestCase(TestCaseInTempDir):
policyguid_dc = DEFAULT_DC_POLICY_GUID
smbconf = os.path.join(self.tempdir, "smb.conf")
make_smbconf(smbconf, self.setup_path, hostname, domain, dnsdomain,
make_smbconf(smbconf, hostname, domain, dnsdomain,
serverrole, self.tempdir)
self.lp = param.LoadParm()
@ -81,14 +78,14 @@ class SamDBTestCase(TestCaseInTempDir):
logger = logging.getLogger("provision")
provision_backend = ProvisionBackend("ldb", paths=paths,
setup_path=self.setup_path, lp=self.lp, credentials=None,
lp=self.lp, credentials=None,
names=names, logger=logger)
schema = Schema(self.setup_path, domainsid, invocationid=invocationid,
schema = Schema(domainsid, invocationid=invocationid,
schemadn=names.schemadn, serverdn=names.serverdn,
am_rodc=False)
self.samdb = setup_samdb(path, self.setup_path, session_info,
self.samdb = setup_samdb(path, session_info,
provision_backend, self.lp, names, logger,
domainsid, domainguid, policyguid, policyguid_dc, False,
"secret", "secret", "secret", invocationid, "secret",

View File

@ -377,7 +377,7 @@ def import_registry(samba4_registry, samba3_regdb):
key_handle.set_value(value_name, value_type, value_data)
def upgrade_provision(samba3, setup_dir, logger, credentials, session_info,
def upgrade_provision(samba3, logger, credentials, session_info,
smbconf, targetdir):
oldconf = samba3.get_conf()
@ -420,7 +420,7 @@ def upgrade_provision(samba3, setup_dir, logger, credentials, session_info,
else:
machinepass = None
result = provision(setup_dir=setup_dir, logger=logger,
result = provision(logger=logger,
session_info=session_info, credentials=credentials,
targetdir=targetdir, realm=realm, domain=domainname,
domainguid=domainguid, domainsid=domainsid,

View File

@ -348,14 +348,13 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf, lp)
return names
def newprovision(names, setup_dir, creds, session, smbconf, provdir, logger):
def newprovision(names, creds, session, smbconf, provdir, logger):
"""Create a new provision.
This provision will be the reference for knowing what has changed in the
since the latest upgrade in the current provision
:param names: List of provision parameters
:param setup_dir: Directory where the setup files are stored
:param creds: Credentials for the authentification
:param session: Session object
:param smbconf: Path to the smb.conf file
@ -366,7 +365,7 @@ def newprovision(names, setup_dir, creds, session, smbconf, provdir, logger):
shutil.rmtree(provdir)
os.mkdir(provdir)
logger.info("Provision stored in %s", provdir)
provision(setup_dir, logger, session, creds, smbconf=smbconf,
provision(logger, session, creds, smbconf=smbconf,
targetdir=provdir, samdb_fill=FILL_FULL, realm=names.realm,
domain=names.domain, domainguid=names.domainguid,
domainsid=str(names.domainsid), ntdsguid=names.ntdsguid,

View File

@ -35,7 +35,7 @@ import samba.ntacls
from samba.credentials import DONT_USE_KERBEROS
from samba.auth import system_session
import samba.getopt as options
from samba.provision import provision, FILL_FULL, FILL_NT4SYNC, FILL_DRS, find_setup_dir, ProvisioningError
from samba.provision import provision, FILL_FULL, FILL_NT4SYNC, FILL_DRS, ProvisioningError
from samba.dsdb import (
DS_DOMAIN_FUNCTION_2000,
DS_DOMAIN_FUNCTION_2003,
@ -52,8 +52,6 @@ parser.add_option_group(options.VersionOptions(parser))
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
parser.add_option("--interactive", help="Ask for names", action="store_true")
parser.add_option("--setupdir", type="string", metavar="DIR",
help="directory with setup files")
parser.add_option("--domain", type="string", metavar="DOMAIN",
help="set domain")
parser.add_option("--domain-guid", type="string", metavar="GUID",
@ -205,10 +203,6 @@ creds = credopts.get_credentials(lp)
creds.set_kerberos_state(DONT_USE_KERBEROS)
setup_dir = opts.setupdir
if setup_dir is None:
setup_dir = find_setup_dir()
samdb_fill = FILL_FULL
if opts.blank:
samdb_fill = FILL_NT4SYNC
@ -241,7 +235,7 @@ else:
session = system_session()
try:
provision(setup_dir, logger,
provision(logger,
session, creds, smbconf=smbconf, targetdir=opts.targetdir,
samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain,
domainguid=opts.domain_guid, domainsid=opts.domain_sid,

View File

@ -26,18 +26,14 @@ sys.path.insert(0, "bin/python")
import samba
import samba.getopt as options
from samba.auth import system_session
from samba.provision import find_setup_dir
from samba.upgrade import upgrade_provision
from samba.samba3 import Samba3
parser = optparse.OptionParser("upgrade_from_s3 [options] <libdir> <smbconf>")
sambaopts = options.SambaOptions(parser)
parser.add_option_group(sambaopts)
parser.add_option_group(options.VersionOptions(parser))
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
parser.add_option("--setupdir", type="string", metavar="DIR",
help="directory with setup files")
parser.add_option("--quiet", help="Be quiet")
parser.add_option("--blank",
help="do not add users or groups, just the structure")
@ -73,14 +69,10 @@ samba3 = Samba3(libdir, smbconf)
logger.info("Provisioning")
setup_dir = opts.setupdir
if setup_dir is None:
setup_dir = find_setup_dir()
lp = sambaopts.get_loadparm()
smbconf = lp.configfile
creds = credopts.get_credentials(lp)
upgrade_provision(samba3, setup_dir, logger, credentials=creds,
upgrade_provision(samba3, logger, credentials=creds,
session_info=system_session(), smbconf=smbconf,
targetdir=opts.targetdir)