diff options
| author | Jeremy Allison <jra@samba.org> | 2008-12-18 15:40:05 -0800 | 
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2008-12-18 15:40:05 -0800 | 
| commit | 4283ae489b6e227beba196e8a315a9727f03cc07 (patch) | |
| tree | 7308561653b9e52eab8fc13181c0ad41ae2da208 /source4/scripting/python | |
| parent | f9bb8fbe832409893b17f2113d7b35b9ffe91540 (diff) | |
| parent | d031472227b44d040698e6dff52dc79028fde854 (diff) | |
| download | samba-4283ae489b6e227beba196e8a315a9727f03cc07.tar.gz samba-4283ae489b6e227beba196e8a315a9727f03cc07.tar.bz2 samba-4283ae489b6e227beba196e8a315a9727f03cc07.zip | |
Merge branch 'master' of ssh://jra@git.samba.org/data/git/samba
Diffstat (limited to 'source4/scripting/python')
| -rw-r--r-- | source4/scripting/python/samba/provision.py | 31 | ||||
| -rw-r--r-- | source4/scripting/python/samba/samba3.py | 77 | 
2 files changed, 64 insertions, 44 deletions
| diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 823d5e6ff6..3711ed7bab 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -432,17 +432,18 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info,      """      assert session_info is not None -    samdb = SamDB(samdb_path, session_info=session_info,  -                  credentials=credentials, lp=lp) - -    # Wipes the database      try: +        samdb = SamDB(samdb_path, session_info=session_info,  +                      credentials=credentials, lp=lp) +        # Wipes the database          samdb.erase()      except:          os.unlink(samdb_path) - -    samdb = SamDB(samdb_path, session_info=session_info,  -                  credentials=credentials, lp=lp) +        samdb = SamDB(samdb_path, session_info=session_info,  +                      credentials=credentials, lp=lp) +         # Wipes the database +        samdb.erase() +              #Add modules to the list to activate them by default      #beware often order is important @@ -459,8 +460,9 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info,                      "ranged_results",                      "anr",                      "server_sort", -                    "extended_dn",                      "asq", +                    "extended_dn_store", +                    "extended_dn_in",                      "rdn_name",                      "objectclass",                      "samldb", @@ -470,7 +472,8 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info,      tdb_modules_list = [                      "subtree_rename",                      "subtree_delete", -                    "linked_attributes"] +                    "linked_attributes", +                    "extended_dn_out_ldb"]      modules_list2 = ["show_deleted",                      "partition"] @@ -488,11 +491,11 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info,      if ldap_backend_type == "fedora-ds":          backend_modules = ["nsuniqueid", "paged_searches"]          # We can handle linked attributes here, as we don't have directory-side subtree operations -        tdb_modules_list = ["linked_attributes"] +        tdb_modules_list = ["linked_attributes", "extended_dn_out_dereference"]      elif ldap_backend_type == "openldap": -        backend_modules = ["normalise", "entryuuid", "paged_searches"] +        backend_modules = ["entryuuid", "paged_searches"]          # OpenLDAP handles subtree renames, so we don't want to do any of these things -        tdb_modules_list = None +        tdb_modules_list = ["extended_dn_out_dereference"]      elif ldap_backend is not None:          raise "LDAP Backend specified, but LDAP Backend Type not specified"      elif serverrole == "domain controller": @@ -650,7 +653,7 @@ def setup_registry(path, setup_path, session_info, credentials, lp):      reg = registry.Registry()      hive = registry.open_ldb(path, session_info=session_info,                            credentials=credentials, lp_ctx=lp) -    reg.mount_hive(hive, "HKEY_LOCAL_MACHINE") +    reg.mount_hive(hive, registry.HKEY_LOCAL_MACHINE)      provision_reg = setup_path("provision.reg")      assert os.path.exists(provision_reg)      reg.diff_apply(provision_reg) @@ -827,6 +830,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,          message("Setting up sam.ldb AD schema")          setup_add_ldif(samdb, setup_path("schema.ldif"),                          {"SCHEMADN": names.schemadn}) +        setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"),  +                       {"SCHEMADN": names.schemadn})          message("Setting up sam.ldb configuration data")          setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), { diff --git a/source4/scripting/python/samba/samba3.py b/source4/scripting/python/samba/samba3.py index 0e0c29dac8..a3dac27709 100644 --- a/source4/scripting/python/samba/samba3.py +++ b/source4/scripting/python/samba/samba3.py @@ -25,9 +25,28 @@ REGISTRY_VALUE_PREFIX = "SAMBA_REGVAL"  REGISTRY_DB_VERSION = 1  import os +import struct  import tdb +def fetch_uint32(tdb, key): +    try: +        data = tdb[key] +    except KeyError: +        return None +    assert len(data) == 4 +    return struct.unpack("<L", data)[0] + + +def fetch_int32(tdb, key): +    try: +        data = tdb[key] +    except KeyError: +        return None +    assert len(data) == 4 +    return struct.unpack("<l", data)[0] + +  class TdbDatabase(object):      """Simple Samba 3 TDB database reader."""      def __init__(self, file): @@ -60,7 +79,7 @@ class Registry(TdbDatabase):      def keys(self):          """Return list with all the keys.""" -        return [k.rstrip("\x00") for k in self.tdb.keys() if not k.startswith(REGISTRY_VALUE_PREFIX)] +        return [k.rstrip("\x00") for k in self.tdb.iterkeys() if not k.startswith(REGISTRY_VALUE_PREFIX)]      def subkeys(self, key):          """Retrieve the subkeys for the specified key. @@ -71,7 +90,6 @@ class Registry(TdbDatabase):          data = self.tdb.get("%s\x00" % key)          if data is None:              return [] -        import struct          (num, ) = struct.unpack("<L", data[0:4])          keys = data[4:].split("\0")          assert keys[-1] == "" @@ -89,7 +107,6 @@ class Registry(TdbDatabase):          if data is None:              return {}          ret = {} -        import struct          (num, ) = struct.unpack("<L", data[0:4])          data = data[4:]          for i in range(num): @@ -115,16 +132,16 @@ class PolicyDatabase(TdbDatabase):          :param file: Path to the file to open.          """          super(PolicyDatabase, self).__init__(file) -        self.min_password_length = self.tdb.fetch_uint32("min password length\x00") -        self.password_history = self.tdb.fetch_uint32("password history\x00") -        self.user_must_logon_to_change_password = self.tdb.fetch_uint32("user must logon to change pasword\x00") -        self.maximum_password_age = self.tdb.fetch_uint32("maximum password age\x00") -        self.minimum_password_age = self.tdb.fetch_uint32("minimum password age\x00") -        self.lockout_duration = self.tdb.fetch_uint32("lockout duration\x00") -        self.reset_count_minutes = self.tdb.fetch_uint32("reset count minutes\x00") -        self.bad_lockout_minutes = self.tdb.fetch_uint32("bad lockout minutes\x00") -        self.disconnect_time = self.tdb.fetch_int32("disconnect time\x00") -        self.refuse_machine_password_change = self.tdb.fetch_uint32("refuse machine password change\x00") +        self.min_password_length = fetch_uint32(self.tdb, "min password length\x00") +        self.password_history = fetch_uint32(self.tdb, "password history\x00") +        self.user_must_logon_to_change_password = fetch_uint32(self.tdb, "user must logon to change pasword\x00") +        self.maximum_password_age = fetch_uint32(self.tdb, "maximum password age\x00") +        self.minimum_password_age = fetch_uint32(self.tdb, "minimum password age\x00") +        self.lockout_duration = fetch_uint32(self.tdb, "lockout duration\x00") +        self.reset_count_minutes = fetch_uint32(self.tdb, "reset count minutes\x00") +        self.bad_lockout_minutes = fetch_uint32(self.tdb, "bad lockout minutes\x00") +        self.disconnect_time = fetch_int32(self.tdb, "disconnect time\x00") +        self.refuse_machine_password_change = fetch_uint32(self.tdb, "refuse machine password change\x00")          # FIXME: Read privileges as well @@ -143,14 +160,14 @@ MEMBEROF_PREFIX = "MEMBEROF/"  class GroupMappingDatabase(TdbDatabase):      """Samba 3 group mapping database reader."""      def _check_version(self): -        assert self.tdb.fetch_int32("INFO/version\x00") in (GROUPDB_DATABASE_VERSION_V1, GROUPDB_DATABASE_VERSION_V2) +        assert fetch_int32(self.tdb, "INFO/version\x00") in (GROUPDB_DATABASE_VERSION_V1, GROUPDB_DATABASE_VERSION_V2)      def groupsids(self):          """Retrieve the SIDs for the groups in this database.          :return: List with sids as strings.          """ -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith(GROUP_PREFIX):                  yield k[len(GROUP_PREFIX):].rstrip("\0") @@ -164,14 +181,13 @@ class GroupMappingDatabase(TdbDatabase):          data = self.tdb.get("%s%s\0" % (GROUP_PREFIX, sid))          if data is None:              return data -        import struct          (gid, sid_name_use) = struct.unpack("<lL", data[0:8])          (nt_name, comment, _) = data[8:].split("\0")          return (gid, sid_name_use, nt_name, comment)      def aliases(self):          """Retrieve the aliases in this database.""" -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith(MEMBEROF_PREFIX):                  yield k[len(MEMBEROF_PREFIX):].rstrip("\0") @@ -189,17 +205,17 @@ IDMAP_VERSION_V2 = 2  class IdmapDatabase(TdbDatabase):      """Samba 3 ID map database reader."""      def _check_version(self): -        assert self.tdb.fetch_int32("IDMAP_VERSION\0") == IDMAP_VERSION_V2 +        assert fetch_int32(self.tdb, "IDMAP_VERSION\0") == IDMAP_VERSION_V2      def uids(self):          """Retrieve a list of all uids in this database.""" -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith(IDMAP_USER_PREFIX):                  yield int(k[len(IDMAP_USER_PREFIX):].rstrip("\0"))      def gids(self):          """Retrieve a list of all gids in this database.""" -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith(IDMAP_GROUP_PREFIX):                  yield int(k[len(IDMAP_GROUP_PREFIX):].rstrip("\0")) @@ -222,11 +238,11 @@ class IdmapDatabase(TdbDatabase):      def get_user_hwm(self):          """Obtain the user high-water mark.""" -        return self.tdb.fetch_uint32(IDMAP_HWM_USER) +        return fetch_uint32(self.tdb, IDMAP_HWM_USER)      def get_group_hwm(self):          """Obtain the group high-water mark.""" -        return self.tdb.fetch_uint32(IDMAP_HWM_GROUP) +        return fetch_uint32(self.tdb, IDMAP_HWM_GROUP)  class SecretsDatabase(TdbDatabase): @@ -244,7 +260,7 @@ class SecretsDatabase(TdbDatabase):          return self.tdb.get("SECRETS/DOMGUID/%s" % host)      def ldap_dns(self): -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith("SECRETS/LDAP_BIND_PW/"):                  yield k[len("SECRETS/LDAP_BIND_PW/"):].rstrip("\0") @@ -253,7 +269,7 @@ class SecretsDatabase(TdbDatabase):          :return: Iterator over the names of domains in this database.          """ -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith("SECRETS/SID/"):                  yield k[len("SECRETS/SID/"):].rstrip("\0") @@ -264,10 +280,10 @@ class SecretsDatabase(TdbDatabase):          return self.tdb.get("SECRETS/AFS_KEYFILE/%s" % host)      def get_machine_sec_channel_type(self, host): -        return self.tdb.fetch_uint32("SECRETS/MACHINE_SEC_CHANNEL_TYPE/%s" % host) +        return fetch_uint32(self.tdb, "SECRETS/MACHINE_SEC_CHANNEL_TYPE/%s" % host)      def get_machine_last_change_time(self, host): -        return self.tdb.fetch_uint32("SECRETS/MACHINE_LAST_CHANGE_TIME/%s" % host) +        return fetch_uint32(self.tdb, "SECRETS/MACHINE_LAST_CHANGE_TIME/%s" % host)      def get_machine_password(self, host):          return self.tdb.get("SECRETS/MACHINE_PASSWORD/%s" % host) @@ -279,7 +295,7 @@ class SecretsDatabase(TdbDatabase):          return self.tdb.get("SECRETS/$DOMTRUST.ACC/%s" % host)      def trusted_domains(self): -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith("SECRETS/$DOMTRUST.ACC/"):                  yield k[len("SECRETS/$DOMTRUST.ACC/"):].rstrip("\0") @@ -296,7 +312,7 @@ SHARE_DATABASE_VERSION_V2 = 2  class ShareInfoDatabase(TdbDatabase):      """Samba 3 Share Info database reader."""      def _check_version(self): -        assert self.tdb.fetch_int32("INFO/version\0") in (SHARE_DATABASE_VERSION_V1, SHARE_DATABASE_VERSION_V2) +        assert fetch_int32(self.tdb, "INFO/version\0") in (SHARE_DATABASE_VERSION_V1, SHARE_DATABASE_VERSION_V2)      def get_secdesc(self, name):          """Obtain the security descriptor on a particular share. @@ -492,12 +508,12 @@ class LdapSam(object):  class TdbSam(TdbDatabase):      """Samba 3 TDB passdb backend reader."""      def _check_version(self): -        self.version = self.tdb.fetch_uint32("INFO/version\0") or 0 +        self.version = fetch_uint32(self.tdb, "INFO/version\0") or 0          assert self.version in (0, 1, 2)      def usernames(self):          """Iterate over the usernames in this Tdb database.""" -        for k in self.tdb.keys(): +        for k in self.tdb.iterkeys():              if k.startswith(TDBSAM_USER_PREFIX):                  yield k[len(TDBSAM_USER_PREFIX):].rstrip("\0") @@ -506,7 +522,6 @@ class TdbSam(TdbDatabase):      def __getitem__(self, name):          data = self.tdb["%s%s\0" % (TDBSAM_USER_PREFIX, name)]          user = SAMUser(name) -        import struct          def unpack_string(data):              (length, ) = struct.unpack("<L", data[:4]) | 
