summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2007-12-24 13:04:33 -0600
committerStefan Metzmacher <metze@samba.org>2007-12-26 11:57:04 -0600
commit95b1f554b2c57a9f975a0cc27ca51bec6c7594d6 (patch)
treed7ad7acc55c859e5a018666d0deed19f9e5efcd9
parent6c9a2a3c52592e12d9cb0b312dbeee4311aa0c24 (diff)
downloadsamba-95b1f554b2c57a9f975a0cc27ca51bec6c7594d6.tar.gz
samba-95b1f554b2c57a9f975a0cc27ca51bec6c7594d6.tar.bz2
samba-95b1f554b2c57a9f975a0cc27ca51bec6c7594d6.zip
r26587: Fix reading Samba 3 WINS database and initial work on group db, aliases and secrets.
(This used to be commit c7c4cf258ac7975b409d26c9386838d4780c756f)
-rw-r--r--source4/scripting/python/samba/samba3.py160
-rw-r--r--source4/scripting/python/samba/tests/samba3.py55
-rw-r--r--source4/scripting/python/samba/upgrade.py21
3 files changed, 196 insertions, 40 deletions
diff --git a/source4/scripting/python/samba/samba3.py b/source4/scripting/python/samba/samba3.py
index 8225eacd58..509ee29c1d 100644
--- a/source4/scripting/python/samba/samba3.py
+++ b/source4/scripting/python/samba/samba3.py
@@ -73,6 +73,9 @@ class PolicyDatabase:
# FIXME: Read privileges as well
+ def close(self):
+ self.tdb.close()
+
GROUPDB_DATABASE_VERSION_V1 = 1 # native byte format.
GROUPDB_DATABASE_VERSION_V2 = 2 # le format.
@@ -88,6 +91,20 @@ MEMBEROF_PREFIX = "MEMBEROF/"
class GroupMappingDatabase:
def __init__(self, file):
self.tdb = tdb.Tdb(file, flags=os.O_RDONLY)
+ assert self.tdb.fetch_int32("INFO/version\x00") in (GROUPDB_DATABASE_VERSION_V1, GROUPDB_DATABASE_VERSION_V2)
+
+ def groupsids(self):
+ for k in self.tdb.keys():
+ if k.startswith(GROUP_PREFIX):
+ yield k[len(GROUP_PREFIX):].rstrip("\0")
+
+ def aliases(self):
+ for k in self.tdb.keys():
+ if k.startswith(MEMBEROF_PREFIX):
+ yield k[len(MEMBEROF_PREFIX):].rstrip("\0")
+
+ def close(self):
+ self.tdb.close()
# High water mark keys
@@ -102,40 +119,56 @@ class IdmapDatabase:
self.tdb = tdb.Tdb(file, flags=os.O_RDONLY)
assert self.tdb.fetch_int32("IDMAP_VERSION") == IDMAP_VERSION
+ def close(self):
+ self.tdb.close()
+
class SecretsDatabase:
def __init__(self, file):
self.tdb = tdb.Tdb(file, flags=os.O_RDONLY)
- self.domains = {}
- for k, v in self.tdb.items():
- if k == "SECRETS/AUTH_PASSWORD":
- self.auth_password = v
- elif k == "SECRETS/AUTH_DOMAIN":
- self.auth_domain = v
- elif k == "SECRETS/AUTH_USER":
- self.auth_user = v
- elif k.startswith("SECRETS/SID/"):
- pass # FIXME
- elif k.startswith("SECRETS/DOMGUID/"):
- pass # FIXME
- elif k.startswith("SECRETS/LDAP_BIND_PW/"):
- pass # FIXME
- elif k.startswith("SECRETS/AFS_KEYFILE/"):
- pass # FIXME
- elif k.startswith("SECRETS/MACHINE_SEC_CHANNEL_TYPE/"):
- pass # FIXME
- elif k.startswith("SECRETS/MACHINE_LAST_CHANGE_TIME/"):
- pass # FIXME
- elif k.startswith("SECRETS/MACHINE_PASSWORD/"):
- pass # FIXME
- elif k.startswith("SECRETS/$MACHINE.ACC/"):
- pass # FIXME
- elif k.startswith("SECRETS/$DOMTRUST.ACC/"):
- pass # FIXME
- elif k == "INFO/random_seed":
- self.random_seed = v
- else:
- raise "Unknown key %s in secrets database" % k
+
+ def get_auth_password(self):
+ return self.tdb.get("SECRETS/AUTH_PASSWORD")
+
+ def get_auth_domain(self):
+ return self.tdb.get("SECRETS/AUTH_DOMAIN")
+
+ def get_auth_user(self):
+ return self.tdb.get("SECRETS/AUTH_USER")
+
+ def get_dom_guid(self, host):
+ return self.tdb.get("SECRETS/DOMGUID/%s" % host)
+
+ def get_ldap_bind_pw(self, host):
+ return self.tdb.get("SECRETS/LDAP_BIND_PW/%s" % host)
+
+ def get_afs_keyfile(self, host):
+ return self.tdb.get("SECRETS/AFS_KEYFILE/%s" % host)
+
+ def get_machine_sec_channel_type(self, host):
+ return self.tdb.get("SECRETS/MACHINE_SEC_CHANNEL_TYPE/%s" % host)
+
+ def get_machine_last_change_time(self, host):
+ return self.tdb.get("SECRETS/MACHINE_LAST_CHANGE_TIME/%s" % host)
+
+ def get_machine_password(self, host):
+ return self.tdb.get("SECRETS/MACHINE_PASSWORD/%s" % host)
+
+ def get_machine_acc(self, host):
+ return self.tdb.get("SECRETS/$MACHINE.ACC/%s" % host)
+
+ def get_domtrust_acc(self, host):
+ return self.tdb.get("SECRETS/$DOMTRUST.ACC/%s" % host)
+
+ def get_random_seed(self):
+ return self.tdb.get("INFO/random_seed")
+
+ def get_sid(self, host):
+ return self.tdb.get("SECRETS/SID/%s" % host.upper())
+
+ def close(self):
+ self.tdb.close()
+
SHARE_DATABASE_VERSION_V1 = 1
SHARE_DATABASE_VERSION_V2 = 2
@@ -149,6 +182,8 @@ class ShareInfoDatabase:
secdesc = self.tdb.get("SECDESC/%s" % name)
# FIXME: Run ndr_pull_security_descriptor
+ def close(self):
+ self.tdb.close()
ACB_DISABLED = 0x00000001
ACB_HOMDIRREQ = 0x00000002
@@ -190,16 +225,79 @@ class Smbpasswd:
def __init__(self, file):
pass
+TDBSAM_FORMAT_STRING_V0 = "ddddddBBBBBBBBBBBBddBBwdwdBwwd"
+TDBSAM_FORMAT_STRING_V1 = "dddddddBBBBBBBBBBBBddBBwdwdBwwd"
+TDBSAM_FORMAT_STRING_V2 = "dddddddBBBBBBBBBBBBddBBBwwdBwwd"
+TDBSAM_USER_PREFIX = "USER_"
+
class TdbSam:
def __init__(self, file):
self.tdb = tdb.Tdb(file, flags=os.O_RDONLY)
+ self.version = self.tdb.fetch_uint32("INFO/version") or 0
+ assert self.version in (0, 1, 2)
+
+ def usernames(self):
+ for k in self.tdb.keys():
+ if k.startswith(TDBSAM_USER_PREFIX):
+ yield k[len(TDBSAM_USER_PREFIX):].rstrip("\0")
+
+ def close(self):
+ self.tdb.close()
+
+
+def shellsplit(text):
+ """Very simple shell-like line splitting.
+
+ :param text: Text to split.
+ :return: List with parts of the line as strings.
+ """
+ ret = list()
+ inquotes = False
+ current = ""
+ for c in text:
+ if c == "\"":
+ inquotes = not inquotes
+ elif c in ("\t", "\n", " ") and not inquotes:
+ ret.append(current)
+ current = ""
+ else:
+ current += c
+ if current != "":
+ ret.append(current)
+ return ret
class WinsDatabase:
def __init__(self, file):
- pass
+ self.entries = {}
+ f = open(file, 'r')
+ assert f.readline().rstrip("\n") == "VERSION 1 0"
+ for l in f.readlines():
+ if l[0] == "#": # skip comments
+ continue
+ entries = shellsplit(l.rstrip("\n"))
+ print entries
+ name = entries[0]
+ ttl = int(entries[1])
+ i = 2
+ ips = []
+ while "." in entries[i]:
+ ips.append(entries[i])
+ i+=1
+ nb_flags = entries[i]
+ assert not name in self.entries, "Name %s exists twice" % name
+ self.entries[name] = (ttl, ips, nb_flags)
+ f.close()
+
+ def __getitem__(self, name):
+ return self.entries[name]
+ def __len__(self):
+ return len(self.entries)
+
+ def close(self): # for consistency
+ pass
class Samba3:
def __init__(self, smbconfpath, libdir):
diff --git a/source4/scripting/python/samba/tests/samba3.py b/source4/scripting/python/samba/tests/samba3.py
index 0d56ca9117..92d11d11d4 100644
--- a/source4/scripting/python/samba/tests/samba3.py
+++ b/source4/scripting/python/samba/tests/samba3.py
@@ -18,7 +18,8 @@
#
import unittest
-from samba.samba3 import GroupMappingDatabase, Registry, PolicyDatabase
+from samba.samba3 import (GroupMappingDatabase, Registry, PolicyDatabase, SecretsDatabase, TdbSam,
+ WinsDatabase)
import os
DATADIR=os.path.join(os.path.dirname(__file__), "../../../../../testdata/samba3")
@@ -59,3 +60,55 @@ class GroupsTestCase(unittest.TestCase):
def setUp(self):
self.groupdb = GroupMappingDatabase(os.path.join(DATADIR, "group_mapping.tdb"))
+ def tearDown(self):
+ self.groupdb.close()
+
+ def test_group_length(self):
+ self.assertEquals(13, len(list(self.groupdb.groupsids())))
+
+ def test_groupsids(self):
+ sids = list(self.groupdb.groupsids())
+ self.assertTrue("S-1-5-32-544" in sids)
+
+ def test_alias_length(self):
+ self.assertEquals(0, len(list(self.groupdb.aliases())))
+
+
+class SecretsDbTestCase(unittest.TestCase):
+ def setUp(self):
+ self.secretsdb = SecretsDatabase(os.path.join(DATADIR, "secrets.tdb"))
+
+ def tearDown(self):
+ self.secretsdb.close()
+
+ def test_get_sid(self):
+ self.assertTrue(self.secretsdb.get_sid("BEDWYR") is not None)
+
+
+class TdbSamTestCase(unittest.TestCase):
+ def setUp(self):
+ self.samdb = TdbSam(os.path.join(DATADIR, "passdb.tdb"))
+
+ def tearDown(self):
+ self.samdb.close()
+
+ def test_usernames(self):
+ self.assertEquals(3, len(list(self.samdb.usernames())))
+
+
+class WinsDatabaseTestCase(unittest.TestCase):
+ def setUp(self):
+ self.winsdb = WinsDatabase(os.path.join(DATADIR, "wins.dat"))
+
+ def test_length(self):
+ self.assertEquals(22, len(self.winsdb))
+
+ def test_first_entry(self):
+ self.assertEqual((1124185120, ["192.168.1.5"], "64R"), self.winsdb["ADMINISTRATOR#03"])
+
+ def tearDown(self):
+ self.winsdb.close()
+
+# FIXME: smbpasswd
+# FIXME: idmapdb
+# FIXME: Shares
diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py
index 3168fedf2d..4f2ab46ef0 100644
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@@ -530,14 +530,7 @@ data: %d
if ldapurl is not None:
message("Enabling Samba3 LDAP mappings for SAM database")
- samdb.modify("""
-dn: @MODULES
-changetype: modify
-replace: @LIST
-@LIST: samldb,operational,objectguid,rdn_name,samba3sam
-""")
-
- samdb.add({"dn": "@MAP=samba3sam", "@MAP_URL": ldapurl})
+ enable_samba3sam(samdb)
return ret
@@ -551,3 +544,15 @@ def upgrade_verify(subobj, samba3, paths, message):
assert(len(msg) >= 1)
# FIXME
+
+
+
+def enable_samba3sam(samdb):
+ samdb.modify("""
+dn: @MODULES
+changetype: modify
+replace: @LIST
+@LIST: samldb,operational,objectguid,rdn_name,samba3sam
+""")
+
+ samdb.add({"dn": "@MAP=samba3sam", "@MAP_URL": ldapurl})