s4-python: Fix some formatting issues.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Tue Sep 13 03:51:13 CEST 2011 on sn-devel-104
author: Jelmer Vernooij <jelmer@samba.org> 2011-09-13 01:27:50 +0200
committer: Jelmer Vernooij <jelmer@samba.org> 2011-09-13 03:51:13 +0200
commit: 0ee22a2dec1716e0d5c0a6aee612f635800af5ef (patch)
tree: aafed35c9f424a95da86652740a33b31f2bc6076 /source4/setup
parent: df1d3dc777b48bc9bc10f3eb44dec90db490a899 (diff)
download: samba-0ee22a2dec1716e0d5c0a6aee612f635800af5ef.tar.gz
samba-0ee22a2dec1716e0d5c0a6aee612f635800af5ef.tar.bz2
samba-0ee22a2dec1716e0d5c0a6aee612f635800af5ef.zip
1 files changed, 163 insertions, 156 deletions
diff --git a/source4/setup/provision b/source4/setup/provision
index 39ef62d4b3..315de78821 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -7,17 +7,17 @@
 #
 # Based on the original in EJS:
 # Copyright (C) Andrew Tridgell 2005
-#   
+#
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 3 of the License, or
 # (at your option) any later version.
-#   
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
-#   
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
@@ -35,13 +35,19 @@ import samba.ntacls
 from samba.credentials import DONT_USE_KERBEROS
 from samba.auth import system_session
 import samba.getopt as options
-from samba.provision import provision, FILL_FULL, FILL_NT4SYNC, FILL_DRS, ProvisioningError
+from samba.provision import (
+    provision,
+    FILL_FULL,
+    FILL_NT4SYNC,
+    FILL_DRS,
+    ProvisioningError,
+    )
 from samba.dsdb import (
-	DS_DOMAIN_FUNCTION_2000,
-	DS_DOMAIN_FUNCTION_2003,
-	DS_DOMAIN_FUNCTION_2008,
-	DS_DOMAIN_FUNCTION_2008_R2,
-	)
+    DS_DOMAIN_FUNCTION_2000,
+    DS_DOMAIN_FUNCTION_2003,
+    DS_DOMAIN_FUNCTION_2008,
+    DS_DOMAIN_FUNCTION_2008_R2,
+    )
 
 # how do we make this case insensitive??
 
@@ -53,72 +59,72 @@ credopts = options.CredentialsOptions(parser)
 parser.add_option_group(credopts)
 parser.add_option("--interactive", help="Ask for names", action="store_true")
 parser.add_option("--domain", type="string", metavar="DOMAIN",
-				  help="set domain")
-parser.add_option("--domain-guid", type="string", metavar="GUID", 
-		help="set domainguid (otherwise random)")
-parser.add_option("--domain-sid", type="string", metavar="SID", 
-		help="set domainsid (otherwise random)")
-parser.add_option("--ntds-guid", type="string", metavar="GUID", 
-		  help="set NTDS object GUID (otherwise random)")
-parser.add_option("--invocationid", type="string", metavar="GUID", 
-		  help="set invocationid (otherwise random)")
-parser.add_option("--host-name", type="string", metavar="HOSTNAME", 
-		help="set hostname")
-parser.add_option("--host-ip", type="string", metavar="IPADDRESS", 
-		help="set IPv4 ipaddress")
-parser.add_option("--host-ip6", type="string", metavar="IP6ADDRESS", 
-		help="set IPv6 ipaddress")
-parser.add_option("--adminpass", type="string", metavar="PASSWORD", 
-		help="choose admin password (otherwise random)")
-parser.add_option("--krbtgtpass", type="string", metavar="PASSWORD", 
-		help="choose krbtgt password (otherwise random)")
-parser.add_option("--machinepass", type="string", metavar="PASSWORD", 
-		help="choose machine password (otherwise random)")
+                  help="set domain")
+parser.add_option("--domain-guid", type="string", metavar="GUID",
+        help="set domainguid (otherwise random)")
+parser.add_option("--domain-sid", type="string", metavar="SID",
+        help="set domainsid (otherwise random)")
+parser.add_option("--ntds-guid", type="string", metavar="GUID",
+          help="set NTDS object GUID (otherwise random)")
+parser.add_option("--invocationid", type="string", metavar="GUID",
+          help="set invocationid (otherwise random)")
+parser.add_option("--host-name", type="string", metavar="HOSTNAME",
+        help="set hostname")
+parser.add_option("--host-ip", type="string", metavar="IPADDRESS",
+        help="set IPv4 ipaddress")
+parser.add_option("--host-ip6", type="string", metavar="IP6ADDRESS",
+        help="set IPv6 ipaddress")
+parser.add_option("--adminpass", type="string", metavar="PASSWORD",
+        help="choose admin password (otherwise random)")
+parser.add_option("--krbtgtpass", type="string", metavar="PASSWORD",
+        help="choose krbtgt password (otherwise random)")
+parser.add_option("--machinepass", type="string", metavar="PASSWORD",
+        help="choose machine password (otherwise random)")
 parser.add_option("--dns-backend", type="choice", metavar="NAMESERVER-BACKEND",
-		  choices=["SAMBA", "BIND9", "BIND9_DLZ"],
+          choices=["SAMBA", "BIND9", "BIND9_DLZ"],
         help="The DNS server backend. SAMBA is the builtin name server (experimental), BIND9 uses bind9 text database to store zone information (default), BIND9_DLZ uses samba4 AD to store zone information (recommended)")
-parser.add_option("--dnspass", type="string", metavar="PASSWORD", 
-		help="choose dns password (otherwise random)")
-parser.add_option("--ldapadminpass", type="string", metavar="PASSWORD", 
-		help="choose password to set between Samba and it's LDAP backend (otherwise random)")
-parser.add_option("--root", type="string", metavar="USERNAME", 
-		help="choose 'root' unix username")
-parser.add_option("--nobody", type="string", metavar="USERNAME", 
-		help="choose 'nobody' user")
-parser.add_option("--wheel", type="string", metavar="GROUPNAME", 
-		help="choose 'wheel' privileged group")
-parser.add_option("--users", type="string", metavar="GROUPNAME", 
-		help="choose 'users' group")
+parser.add_option("--dnspass", type="string", metavar="PASSWORD",
+        help="choose dns password (otherwise random)")
+parser.add_option("--ldapadminpass", type="string", metavar="PASSWORD",
+        help="choose password to set between Samba and it's LDAP backend (otherwise random)")
+parser.add_option("--root", type="string", metavar="USERNAME",
+        help="choose 'root' unix username")
+parser.add_option("--nobody", type="string", metavar="USERNAME",
+        help="choose 'nobody' user")
+parser.add_option("--wheel", type="string", metavar="GROUPNAME",
+        help="choose 'wheel' privileged group")
+parser.add_option("--users", type="string", metavar="GROUPNAME",
+        help="choose 'users' group")
 parser.add_option("--quiet", help="Be quiet", action="store_true")
 parser.add_option("--blank", action="store_true",
-		help="do not add users or groups, just the structure")
-parser.add_option("--ldap-backend-extra-port", type="int", metavar="LDAP-BACKEND-EXTRA-PORT", 
-		help="Additional TCP port for LDAP backend server (to use for replication)")
-parser.add_option("--ldap-backend-forced-uri", type="string", metavar="LDAP-BACKEND-FORCED-URI", 
-		help="Force the LDAP backend connection to be to a particular URI.  Use this ONLY for 'existing' backends, or when debugging the interaction with the LDAP backend and you need to intercept the LDAP traffic")
-parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE", 
-		help="LDAP backend type (fedora-ds or openldap)",
-		choices=["fedora-ds", "openldap"])
+        help="do not add users or groups, just the structure")
+parser.add_option("--ldap-backend-extra-port", type="int", metavar="LDAP-BACKEND-EXTRA-PORT",
+        help="Additional TCP port for LDAP backend server (to use for replication)")
+parser.add_option("--ldap-backend-forced-uri", type="string", metavar="LDAP-BACKEND-FORCED-URI",
+        help="Force the LDAP backend connection to be to a particular URI.  Use this ONLY for 'existing' backends, or when debugging the interaction with the LDAP backend and you need to intercept the LDAP traffic")
+parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE",
+        help="LDAP backend type (fedora-ds or openldap)",
+        choices=["fedora-ds", "openldap"])
 parser.add_option("--ldap-backend-nosync", help="Configure LDAP backend not to call fsync() (for performance in test environments)", action="store_true")
 parser.add_option("--server-role", type="choice", metavar="ROLE",
-		  choices=["domain controller", "dc", "member server", "member", "standalone"],
-		help="The server role (domain controller | dc | member server | member | standalone). Default is standalone.")
+          choices=["domain controller", "dc", "member server", "member", "standalone"],
+        help="The server role (domain controller | dc | member server | member | standalone). Default is standalone.")
 parser.add_option("--function-level", type="choice", metavar="FOR-FUN-LEVEL",
-		  choices=["2000", "2003", "2008", "2008_R2"],
-		help="The domain and forest function level (2000 | 2003 | 2008 | 2008_R2 - always native). Default is (Windows) 2003 Native.")
+          choices=["2000", "2003", "2008", "2008_R2"],
+        help="The domain and forest function level (2000 | 2003 | 2008 | 2008_R2 - always native). Default is (Windows) 2003 Native.")
 parser.add_option("--next-rid", type="int", metavar="NEXTRID", default=1000,
-		help="The initial nextRid value (only needed for upgrades).  Default is 1000.")
-parser.add_option("--partitions-only", 
-		help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true")
-parser.add_option("--targetdir", type="string", metavar="DIR", 
-		          help="Set target directory")
+        help="The initial nextRid value (only needed for upgrades).  Default is 1000.")
+parser.add_option("--partitions-only",
+        help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true")
+parser.add_option("--targetdir", type="string", metavar="DIR",
+                  help="Set target directory")
 parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER",
                 help="List of LDAP-URLS [ ldap://<FQHN>:<PORT>/  (where <PORT> has to be different than 389!) ] separated with comma (\",\") for use with OpenLDAP-MMR (Multi-Master-Replication), e.g.: \"ldap://s4dc1:9000,ldap://s4dc2:9000\"")
-parser.add_option("--slapd-path", type="string", metavar="SLAPD-PATH", 
-		help="Path to slapd for LDAP backend [e.g.:'/usr/local/libexec/slapd']. Required for Setup with LDAP-Backend. OpenLDAP Version >= 2.4.17 should be used.") 
-parser.add_option("--setup-ds-path", type="string", metavar="SETUP_DS-PATH", 
-		help="Path to setup-ds.pl script for Fedora DS LDAP backend [e.g.:'/usr/sbin/setup-ds.pl']. Required for Setup with Fedora DS backend.") 
-parser.add_option("--use-xattrs", type="choice", choices=["yes","no","auto"], help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto")
+parser.add_option("--slapd-path", type="string", metavar="SLAPD-PATH",
+        help="Path to slapd for LDAP backend [e.g.:'/usr/local/libexec/slapd']. Required for Setup with LDAP-Backend. OpenLDAP Version >= 2.4.17 should be used.")
+parser.add_option("--setup-ds-path", type="string", metavar="SETUP_DS-PATH",
+        help="Path to setup-ds.pl script for Fedora DS LDAP backend [e.g.:'/usr/sbin/setup-ds.pl']. Required for Setup with Fedora DS backend.")
+parser.add_option("--use-xattrs", type="choice", choices=["yes", "no", "auto"], help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto")
 parser.add_option("--ldap-dryrun-mode", help="Configure LDAP backend, but do not run any binaries and exit early.  Used only for the test environment.  DO NOT USE", action="store_true")
 
 opts = parser.parse_args()[0]
@@ -126,81 +132,82 @@ opts = parser.parse_args()[0]
 logger = logging.getLogger("provision")
 logger.addHandler(logging.StreamHandler(sys.stdout))
 if opts.quiet:
-	logger.setLevel(logging.WARNING)
+    logger.setLevel(logging.WARNING)
 else:
-	logger.setLevel(logging.INFO)
+    logger.setLevel(logging.INFO)
 
 if len(sys.argv) == 1:
-	opts.interactive = True
+    opts.interactive = True
 
 if opts.interactive:
-	from getpass import getpass
-	import socket
-	def ask(prompt, default=None):
-		if default is not None:
-			print "%s [%s]: " % (prompt,default),
-		else:
-			print "%s: " % (prompt,),
-		return sys.stdin.readline().rstrip("\n") or default
-	try:
-		default = socket.getfqdn().split(".", 1)[1].upper()
-	except IndexError:
-		default = None
-	opts.realm = ask("Realm", default)
-	if opts.realm in (None, ""):
-		print >>sys.stderr, "No realm set!"
-		sys.exit(1)
+    from getpass import getpass
+    import socket
 
-	try:
-		default = opts.realm.split(".")[0]
-	except IndexError:
-		default = None
-	opts.domain = ask("Domain", default)
-	if opts.domain is None:
-		print >> sys.stderr, "No domain set!"
-		sys.exit(1)
+    def ask(prompt, default=None):
+        if default is not None:
+            print "%s [%s]: " % (prompt, default),
+        else:
+            print "%s: " % (prompt,),
+        return sys.stdin.readline().rstrip("\n") or default
+    try:
+        default = socket.getfqdn().split(".", 1)[1].upper()
+    except IndexError:
+        default = None
+    opts.realm = ask("Realm", default)
+    if opts.realm in (None, ""):
+        print >>sys.stderr, "No realm set!"
+        sys.exit(1)
 
-	opts.server_role = ask("Server Role (dc, member, standalone)", "dc")
-	for i in range(3):
-		opts.adminpass = getpass("Administrator password: ")
-		if not opts.adminpass:
-			print >>sys.stderr, "Invalid administrator password."
-		else:
-			break
+    try:
+        default = opts.realm.split(".")[0]
+    except IndexError:
+        default = None
+    opts.domain = ask("Domain", default)
+    if opts.domain is None:
+        print >> sys.stderr, "No domain set!"
+        sys.exit(1)
+
+    opts.server_role = ask("Server Role (dc, member, standalone)", "dc")
+    for i in range(3):
+        opts.adminpass = getpass("Administrator password: ")
+        if not opts.adminpass:
+            print >>sys.stderr, "Invalid administrator password."
+        else:
+            break
 else:
-	if opts.realm in (None, ""):
-		opts.realm = sambaopts._lp.get('realm')
-	if opts.realm is None or opts.domain is None:
-		if opts.realm is None:
-			print >>sys.stderr, "No realm set!"
-		if opts.domain is None:
-			print >> sys.stderr, "No domain set!"
-		parser.print_usage()
-		sys.exit(1)
+    if opts.realm in (None, ""):
+        opts.realm = sambaopts._lp.get('realm')
+    if opts.realm is None or opts.domain is None:
+        if opts.realm is None:
+            print >>sys.stderr, "No realm set!"
+        if opts.domain is None:
+            print >> sys.stderr, "No domain set!"
+        parser.print_usage()
+        sys.exit(1)
 
 if not opts.adminpass:
-	logger.info("Administrator password will be set randomly!")
+    logger.info("Administrator password will be set randomly!")
 
 lp = sambaopts.get_loadparm()
 smbconf = lp.configfile
 
 if opts.server_role == "dc":
-	server_role = "domain controller"
+    server_role = "domain controller"
 elif opts.server_role == "member":
-	server_role = "member server"
+    server_role = "member server"
 else:
-	server_role = opts.server_role
+    server_role = opts.server_role
 
 if opts.function_level is None:
-	dom_for_fun_level = None
+    dom_for_fun_level = None
 elif opts.function_level == "2000":
-	dom_for_fun_level = DS_DOMAIN_FUNCTION_2000
+    dom_for_fun_level = DS_DOMAIN_FUNCTION_2000
 elif opts.function_level == "2003":
-	dom_for_fun_level = DS_DOMAIN_FUNCTION_2003
+    dom_for_fun_level = DS_DOMAIN_FUNCTION_2003
 elif opts.function_level == "2008":
-	dom_for_fun_level = DS_DOMAIN_FUNCTION_2008
+    dom_for_fun_level = DS_DOMAIN_FUNCTION_2008
 elif opts.function_level == "2008_R2":
-	dom_for_fun_level = DS_DOMAIN_FUNCTION_2008_R2
+    dom_for_fun_level = DS_DOMAIN_FUNCTION_2008_R2
 
 creds = credopts.get_credentials(lp)
 
@@ -214,50 +221,50 @@ elif opts.partitions_only:
 
 eadb = True
 if opts.use_xattrs == "yes":
-	eadb = False
+    eadb = False
 elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"):
-	file = tempfile.NamedTemporaryFile()
-	try:
-		samba.ntacls.setntacl(lp, file.name, 
-			"O:S-1-5-32G:S-1-5-32", "S-1-5-32", "native")
-		eadb = False
-	except:
-		logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. "
-			    "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
-	file.close()
+    file = tempfile.NamedTemporaryFile()
+    try:
+        samba.ntacls.setntacl(lp, file.name,
+            "O:S-1-5-32G:S-1-5-32", "S-1-5-32", "native")
+        eadb = False
+    except:
+        logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. "
+                "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
+    file.close()
 
 
 if opts.ldap_backend_type == "existing":
-	if opts.ldap_backend_forced_uri is not None:
-		logger.warn("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at %s" % opts.ldap_backend_forced_uri)
-	else:
-		logger.info("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at the default location")
+    if opts.ldap_backend_forced_uri is not None:
+        logger.warn("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at %s" % opts.ldap_backend_forced_uri)
+    else:
+        logger.info("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at the default location")
 else:
-	if opts.ldap_backend_forced_uri is not None:
-		logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend.  This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less prone to unexpected failure or interaction" % opts.ldap_backend_forced_uri)
-	
+    if opts.ldap_backend_forced_uri is not None:
+        logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend.  This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less prone to unexpected failure or interaction" % opts.ldap_backend_forced_uri)
+
 session = system_session()
 try:
-	provision(logger,
-		  session, creds, smbconf=smbconf, targetdir=opts.targetdir,
-		  samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain,
-		  domainguid=opts.domain_guid, domainsid=opts.domain_sid,
-		  hostname=opts.host_name,
-		  hostip=opts.host_ip, hostip6=opts.host_ip6,
-		  ntdsguid=opts.ntds_guid,
-		  invocationid=opts.invocationid, adminpass=opts.adminpass,
-		  krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass,
-		  dns_backend=opts.dns_backend,
-		  dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
-		  wheel=opts.wheel, users=opts.users,
-		  serverrole=server_role, dom_for_fun_level=dom_for_fun_level,
-		  ldap_backend_extra_port=opts.ldap_backend_extra_port,
-		  ldap_backend_forced_uri=opts.ldap_backend_forced_uri,
-		  backend_type=opts.ldap_backend_type,
-		  ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls,
-		  slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path,
-		  nosync=opts.ldap_backend_nosync, ldap_dryrun_mode=opts.ldap_dryrun_mode, 
-		  useeadb=eadb, next_rid=opts.next_rid, lp=lp)
+    provision(logger,
+          session, creds, smbconf=smbconf, targetdir=opts.targetdir,
+          samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain,
+          domainguid=opts.domain_guid, domainsid=opts.domain_sid,
+          hostname=opts.host_name,
+          hostip=opts.host_ip, hostip6=opts.host_ip6,
+          ntdsguid=opts.ntds_guid,
+          invocationid=opts.invocationid, adminpass=opts.adminpass,
+          krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass,
+          dns_backend=opts.dns_backend,
+          dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
+          wheel=opts.wheel, users=opts.users,
+          serverrole=server_role, dom_for_fun_level=dom_for_fun_level,
+          ldap_backend_extra_port=opts.ldap_backend_extra_port,
+          ldap_backend_forced_uri=opts.ldap_backend_forced_uri,
+          backend_type=opts.ldap_backend_type,
+          ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls,
+          slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path,
+          nosync=opts.ldap_backend_nosync, ldap_dryrun_mode=opts.ldap_dryrun_mode,
+          useeadb=eadb, next_rid=opts.next_rid, lp=lp)
 except ProvisioningError, e:
-	print str(e)
-	sys.exit(1)
+    print str(e)
+    sys.exit(1)
author	Jelmer Vernooij <jelmer@samba.org>	2011-09-13 01:27:50 +0200
committer	Jelmer Vernooij <jelmer@samba.org>	2011-09-13 03:51:13 +0200
commit	0ee22a2dec1716e0d5c0a6aee612f635800af5ef (patch)
tree	aafed35c9f424a95da86652740a33b31f2bc6076 /source4/setup
parent	df1d3dc777b48bc9bc10f3eb44dec90db490a899 (diff)
download	samba-0ee22a2dec1716e0d5c0a6aee612f635800af5ef.tar.gz samba-0ee22a2dec1716e0d5c0a6aee612f635800af5ef.tar.bz2 samba-0ee22a2dec1716e0d5c0a6aee612f635800af5ef.zip