diff options
-rwxr-xr-x | source4/scripting/bin/rebuildextendeddn | 9 | ||||
-rwxr-xr-x | source4/scripting/bin/upgradeprovision | 9 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision.py | 140 | ||||
-rw-r--r-- | source4/scripting/python/samba/tests/samdb.py | 3 | ||||
-rw-r--r-- | source4/scripting/python/samba/upgrade.py | 17 | ||||
-rwxr-xr-x | source4/scripting/python/samba/upgradehelpers.py | 16 | ||||
-rwxr-xr-x | source4/setup/provision | 19 |
7 files changed, 108 insertions, 105 deletions
diff --git a/source4/scripting/bin/rebuildextendeddn b/source4/scripting/bin/rebuildextendeddn index eed3a17edf..1154b7cb46 100755 --- a/source4/scripting/bin/rebuildextendeddn +++ b/source4/scripting/bin/rebuildextendeddn @@ -23,7 +23,6 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # -import getopt import optparse import os import sys @@ -33,14 +32,12 @@ sys.path.insert(0, "bin/python") import samba from samba.credentials import DONT_USE_KERBEROS from samba.auth import system_session -from samba import Ldb, substitute_var, valid_netbios_name, check_all_substituted -from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \ - timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE +from samba import Ldb +from ldb import SCOPE_SUBTREE, SCOPE_BASE import ldb import samba.getopt as options -from samba.samdb import SamDB from samba import param -from samba.provision import ProvisionPaths, ProvisionNames, provision_paths_from_lp +from samba.provision import ProvisionNames, provision_paths_from_lp from samba.schema import get_dnsyntax_attributes, get_linked_attributes parser = optparse.OptionParser("provision [options]") diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision index 066fbe469c..518bba68c7 100755 --- a/source4/scripting/bin/upgradeprovision +++ b/source4/scripting/bin/upgradeprovision @@ -35,12 +35,13 @@ import samba.getopt as options from samba.credentials import DONT_USE_KERBEROS from samba.auth import system_session, admin_session from samba import Ldb, version -from ldb import SCOPE_SUBTREE, SCOPE_BASE, \ - FLAG_MOD_REPLACE, FLAG_MOD_ADD, FLAG_MOD_DELETE,\ - MessageElement, Message, Dn +from ldb import (SCOPE_SUBTREE, SCOPE_BASE, FLAG_MOD_REPLACE, + FLAG_MOD_ADD, FLAG_MOD_DELETE, MessageElement, Message, Dn) from samba import param from samba.misc import messageEltFlagToString -from samba.provision import find_setup_dir, get_domain_descriptor, get_config_descriptor, secretsdb_self_join,set_gpo_acl,getpolicypath,create_gpo_struct, ProvisioningError +from samba.provision import (find_setup_dir, get_domain_descriptor, + get_config_descriptor, secretsdb_self_join, set_gpo_acl, + getpolicypath, create_gpo_struct, ProvisioningError) from samba.schema import get_linked_attributes, Schema, get_schema_descriptor from samba.dcerpc import security from samba.ndr import ndr_unpack diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index c8e082a876..876ca67dcf 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -507,9 +507,8 @@ def setup_name_mappings(samdb, idmap, sid, domaindn, root_uid, nobody_uid, idmap.setup_name_mapping(sid + "-513", idmap.TYPE_GID, users_gid) -def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, - provision_backend, names, schema, - serverrole, +def setup_samdb_partitions(samdb_path, setup_path, logger, lp, session_info, + provision_backend, names, schema, serverrole, erase=False): """Setup the partitions for the SAM database. @@ -541,7 +540,7 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, samdb.transaction_start() try: - message("Setting up sam.ldb partitions and settings") + logger.info("Setting up sam.ldb partitions and settings") setup_add_ldif(samdb, setup_path("provision_partitions.ldif"), { "SCHEMADN": ldb.Dn(schema.ldb, names.schemadn).get_casefold(), "CONFIGDN": ldb.Dn(schema.ldb, names.configdn).get_casefold(), @@ -555,7 +554,7 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, "SERVER_ROLE": serverrole }) - message("Setting up sam.ldb rootDSE") + logger.info("Setting up sam.ldb rootDSE") setup_samdb_rootdse(samdb, setup_path, names) except: samdb.transaction_cancel() @@ -841,13 +840,10 @@ def setup_gpo(sysvolpath, dnsdomain, policyguid, policyguid_dc): create_gpo_struct(policy_path) -def setup_samdb(path, setup_path, session_info, provision_backend, lp, - names, message, - domainsid, domainguid, policyguid, policyguid_dc, - fill, adminpass, krbtgtpass, - machinepass, invocationid, dnspass, ntdsguid, - serverrole, am_rodc, dom_for_fun_level=None, - schema=None): +def setup_samdb(path, setup_path, session_info, provision_backend, lp, names, + logger, domainsid, domainguid, policyguid, policyguid_dc, fill, + adminpass, krbtgtpass, machinepass, invocationid, dnspass, ntdsguid, + serverrole, am_rodc, dom_for_fun_level=None, schema=None): """Setup a complete SAM Database. :note: This will wipe the main SAM database file! @@ -860,8 +856,8 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, if dom_for_fun_level is None: dom_for_fun_level = DS_DOMAIN_FUNCTION_2003 if dom_for_fun_level < DS_DOMAIN_FUNCTION_2003: - message("You want to run SAMBA 4 on a domain and forest function level" - " lower than Windows 2003 (Native). This is not recommended") + logger.warning("Running SAMBA 4 on a domain and forest function level" + " lower than Windows 2003 (Native) is not recommended.") if dom_for_fun_level > domainControllerFunctionality: raise ProvisioningError("You want to run SAMBA 4 on a domain and forest function level which itself is higher than its actual DC function level (2008). This won't work!") @@ -870,7 +866,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, forestFunctionality = dom_for_fun_level # Also wipes the database - setup_samdb_partitions(path, setup_path, message=message, lp=lp, + setup_samdb_partitions(path, setup_path, logger=logger, lp=lp, provision_backend=provision_backend, session_info=session_info, names=names, serverrole=serverrole, schema=schema) @@ -883,7 +879,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, credentials=provision_backend.credentials, lp=lp, global_schema=False, am_rodc=am_rodc) - message("Pre-loading the Samba 4 and AD schema") + logger.info("Pre-loading the Samba 4 and AD schema") # Load the schema from the one we computed earlier samdb.set_schema_from_ldb(schema.ldb) @@ -910,7 +906,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, samdb.set_invocation_id(invocationid) samdb.set_ntds_settings_dn("CN=NTDS Settings,%s" % names.serverdn) - message("Adding DomainDN: %s" % names.domaindn) + logger.info("Adding DomainDN: %s" % names.domaindn) #impersonate domain admin admin_session_info = admin_session(lp, str(domainsid)) @@ -942,7 +938,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, "SAMBA_VERSION_STRING": version }) - message("Adding configuration container") + logger.info("Adding configuration container") descr = b64encode(get_config_descriptor(domainsid)) setup_add_ldif(samdb, setup_path("provision_configuration_basedn.ldif"), { "CONFIGDN": names.configdn, @@ -950,7 +946,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, }) # The LDIF here was created when the Schema object was constructed - message("Setting up sam.ldb schema") + logger.info("Setting up sam.ldb schema") samdb.add_ldif(schema.schema_dn_add, controls=["relax:0"]) samdb.modify_ldif(schema.schema_dn_modify) samdb.write_prefixes_from_schema() @@ -958,7 +954,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"), {"SCHEMADN": names.schemadn}) - message("Reopening sam.ldb with new schema") + logger.info("Reopening sam.ldb with new schema") except: samdb.transaction_cancel() raise @@ -973,7 +969,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, try: samdb.invocation_id = invocationid - message("Setting up sam.ldb configuration data") + logger.info("Setting up sam.ldb configuration data") setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), { "CONFIGDN": names.configdn, "NETBIOSNAME": names.netbiosname, @@ -987,25 +983,25 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, "DOMAIN_FUNCTIONALITY": str(domainFunctionality) }) - message("Setting up display specifiers") + logger.info("Setting up display specifiers") display_specifiers_ldif = read_ms_ldif(setup_path('display-specifiers/DisplaySpecifiers-Win2k8R2.txt')) display_specifiers_ldif = substitute_var(display_specifiers_ldif, {"CONFIGDN": names.configdn}) check_all_substituted(display_specifiers_ldif) samdb.add_ldif(display_specifiers_ldif) - message("Adding users container") + logger.info("Adding users container") setup_add_ldif(samdb, setup_path("provision_users_add.ldif"), { "DOMAINDN": names.domaindn}) - message("Modifying users container") + logger.info("Modifying users container") setup_modify_ldif(samdb, setup_path("provision_users_modify.ldif"), { "DOMAINDN": names.domaindn}) - message("Adding computers container") + logger.info("Adding computers container") setup_add_ldif(samdb, setup_path("provision_computers_add.ldif"), { "DOMAINDN": names.domaindn}) - message("Modifying computers container") + logger.info("Modifying computers container") setup_modify_ldif(samdb, setup_path("provision_computers_modify.ldif"), { "DOMAINDN": names.domaindn}) - message("Setting up sam.ldb data") + logger.info("Setting up sam.ldb data") setup_add_ldif(samdb, setup_path("provision.ldif"), { "CREATTIME": str(int(time.time() * 1e7)), # seconds -> ticks "DOMAINDN": names.domaindn, @@ -1023,7 +1019,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, "CONFIGDN": names.configdn, "SCHEMADN": names.schemadn}) if fill == FILL_FULL: - message("Setting up sam.ldb users and groups") + logger.info("Setting up sam.ldb users and groups") setup_add_ldif(samdb, setup_path("provision_users.ldif"), { "DOMAINDN": names.domaindn, "DOMAINSID": str(domainsid), @@ -1032,7 +1028,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, "KRBTGTPASS_B64": b64encode(krbtgtpass), }) - message("Setting up self join") + logger.info("Setting up self join") setup_self_join(samdb, names=names, invocationid=invocationid, dnspass=dnspass, machinepass=machinepass, @@ -1106,7 +1102,7 @@ def setsysvolacl(samdb, netlogon, sysvol, gid, domainsid, dnsdomain, domaindn, set_gpo_acl(sysvol,dnsdomain,domainsid,domaindn,samdb,lp) -def provision(setup_dir, message, session_info, +def provision(setup_dir, logger, session_info, credentials, smbconf=None, targetdir=None, samdb_fill=FILL_FULL, realm=None, rootdn=None, domaindn=None, schemadn=None, configdn=None, @@ -1212,12 +1208,12 @@ def provision(setup_dir, message, session_info, if hostip is None: hostips = samba.interface_ips(lp, False) if len(hostips) == 0: - message("No external IPv4 address has been found: I use the loopback.") + logger.warning("No external IPv4 address has been found. Using loopback.") hostip = '127.0.0.1' else: hostip = hostips[0] if len(hostips) > 1: - message("More than one IPv4 address found: I use " + hostip + ".") + logger.warning("More than one IPv4 address found. Using %s.", hostip) if hostip6 is None: try: @@ -1251,20 +1247,20 @@ def provision(setup_dir, message, session_info, paths=paths, setup_path=setup_path, lp=lp, credentials=credentials, names=names, - message=message) + message=logger.info) elif backend_type == "existing": provision_backend = ExistingBackend(backend_type, paths=paths, setup_path=setup_path, lp=lp, credentials=credentials, names=names, - message=message, + message=logger.info, ldapi_url=ldapi_url) elif backend_type == "fedora-ds": provision_backend = FDSBackend(backend_type, paths=paths, setup_path=setup_path, lp=lp, credentials=credentials, names=names, - message=message, + message=logger.info, domainsid=domainsid, schema=schema, hostname=hostname, @@ -1279,7 +1275,7 @@ def provision(setup_dir, message, session_info, paths=paths, setup_path=setup_path, lp=lp, credentials=credentials, names=names, - message=message, + message=logger.info, domainsid=domainsid, schema=schema, hostname=hostname, @@ -1297,32 +1293,32 @@ def provision(setup_dir, message, session_info, # only install a new shares config db if there is none if not os.path.exists(paths.shareconf): - message("Setting up share.ldb") + logger.info("Setting up share.ldb") share_ldb = Ldb(paths.shareconf, session_info=session_info, lp=lp) share_ldb.load_ldif_file_add(setup_path("share.ldif")) - message("Setting up secrets.ldb") + logger.info("Setting up secrets.ldb") secrets_ldb = setup_secretsdb(paths.secrets, setup_path, session_info=session_info, backend_credentials=provision_backend.secrets_credentials, lp=lp) - message("Setting up the registry") + logger.info("Setting up the registry") setup_registry(paths.hklm, setup_path, session_info, lp=lp) - message("Setting up the privileges database") + logger.info("Setting up the privileges database") setup_privileges(paths.privilege, setup_path, session_info, lp=lp) - message("Setting up idmap db") + logger.info("Setting up idmap db") idmap = setup_idmapdb(paths.idmapdb, setup_path, session_info=session_info, lp=lp) - message("Setting up SAM db") + logger.info("Setting up SAM db") samdb = setup_samdb(paths.samdb, setup_path, session_info, provision_backend, lp, names, - message, + logger=logger, domainsid=domainsid, schema=schema, domainguid=domainguid, policyguid=policyguid, policyguid_dc=policyguid_dc, @@ -1335,15 +1331,15 @@ def provision(setup_dir, message, session_info, if serverrole == "domain controller": if paths.netlogon is None: - message("Existing smb.conf does not have a [netlogon] share, but you are configuring a DC.") - message("Please either remove %s or see the template at %s" % + logger.info("Existing smb.conf does not have a [netlogon] share, but you are configuring a DC.") + logger.info("Please either remove %s or see the template at %s" % (paths.smbconf, setup_path("provision.smb.conf.dc"))) assert paths.netlogon is not None if paths.sysvol is None: - message("Existing smb.conf does not have a [sysvol] share, but you" + logger.info("Existing smb.conf does not have a [sysvol] share, but you" " are configuring a DC.") - message("Please either remove %s or see the template at %s" % + logger.info("Please either remove %s or see the template at %s" % (paths.smbconf, setup_path("provision.smb.conf.dc"))) assert paths.sysvol is not None @@ -1361,7 +1357,7 @@ def provision(setup_dir, message, session_info, setsysvolacl(samdb, paths.netlogon, paths.sysvol, wheel_gid, domainsid, names.dnsdomain, names.domaindn, lp) - message("Setting up sam.ldb rootDSE marking as synchronized") + logger.info("Setting up sam.ldb rootDSE marking as synchronized") setup_modify_ldif(samdb, setup_path("provision_rootdse_modify.ldif")) secretsdb_self_join(secrets_ldb, domain=names.domain, @@ -1384,7 +1380,7 @@ def provision(setup_dir, message, session_info, # Only make a zone file on the first DC, it should be replicated # with DNS replication - create_zone_file(lp, message, paths, targetdir, setup_path, + create_zone_file(lp, logger.info, paths, targetdir, setup_path, dnsdomain=names.dnsdomain, hostip=hostip, hostip6=hostip6, hostname=names.hostname, realm=names.realm, domainguid=domainguid, ntdsguid=names.ntdsguid) @@ -1395,18 +1391,18 @@ def provision(setup_dir, message, session_info, create_named_txt(paths.namedtxt, setup_path, realm=names.realm, dnsdomain=names.dnsdomain, private_dir=paths.private_dir, keytab_name=paths.dns_keytab) - message("See %s for an example configuration include file for BIND" % paths.namedconf) - message("and %s for further documentation required for secure DNS " - "updates" % paths.namedtxt) + logger.info("See %s for an example configuration include file for BIND", paths.namedconf) + logger.info("and %s for further documentation required for secure DNS " + "updates", paths.namedtxt) create_krb5_conf(paths.krb5conf, setup_path, dnsdomain=names.dnsdomain, hostname=names.hostname, realm=names.realm) - message("A Kerberos configuration suitable for Samba 4 has been " - "generated at %s" % paths.krb5conf) + logger.info("A Kerberos configuration suitable for Samba 4 has been " + "generated at %s", paths.krb5conf) if serverrole == "domain controller": - create_dns_update_list(lp, message, paths, setup_path) + create_dns_update_list(lp, logger.info, paths, setup_path) provision_backend.post_setup() provision_backend.shutdown() @@ -1424,33 +1420,35 @@ def provision(setup_dir, message, session_info, os.chmod(dns_keytab_path, 0640) os.chown(dns_keytab_path, -1, paths.bind_gid) except OSError: - message("Failed to chown %s to bind gid %u" % (dns_keytab_path, - paths.bind_gid)) + logger.info("Failed to chown %s to bind gid %u", dns_keytab_path, + paths.bind_gid) - message("Please install the phpLDAPadmin configuration located at %s into /etc/phpldapadmin/config.php" % paths.phpldapadminconfig) + logger.info("Please install the phpLDAPadmin configuration located at %s into /etc/phpldapadmin/config.php", + paths.phpldapadminconfig) - message("Once the above files are installed, your Samba4 server will be ready to use") - message("Server Role: %s" % serverrole) - message("Hostname: %s" % names.hostname) - message("NetBIOS Domain: %s" % names.domain) - message("DNS Domain: %s" % names.dnsdomain) - message("DOMAIN SID: %s" % str(domainsid)) + logger.info("Once the above files are installed, your Samba4 server will be ready to use") + logger.info("Server Role: %s" % serverrole) + logger.info("Hostname: %s" % names.hostname) + logger.info("NetBIOS Domain: %s" % names.domain) + logger.info("DNS Domain: %s" % names.dnsdomain) + logger.info("DOMAIN SID: %s" % str(domainsid)) if samdb_fill == FILL_FULL: - message("Admin password: %s" % adminpass) + logger.info("Admin password: %s" % adminpass) if provision_backend.type is not "ldb": if provision_backend.credentials.get_bind_dn() is not None: - message("LDAP Backend Admin DN: %s" % provision_backend.credentials.get_bind_dn()) + logger.info("LDAP Backend Admin DN: %s" % provision_backend.credentials.get_bind_dn()) else: - message("LDAP Admin User: %s" % provision_backend.credentials.get_username()) + logger.info("LDAP Admin User: %s" % provision_backend.credentials.get_username()) - message("LDAP Admin Password: %s" % provision_backend.credentials.get_password()) + logger.info("LDAP Admin Password: %s" % provision_backend.credentials.get_password()) if provision_backend.slapd_command_escaped is not None: # now display slapd_command_file.txt to show how slapd must be started next time - message("Use later the following commandline to start slapd, then Samba:") - message(provision_backend.slapd_command_escaped) - message("This slapd-Commandline is also stored under: " + provision_backend.ldapdir + "/ldap_backend_startup.sh") + logger.info("Use later the following commandline to start slapd, then Samba:") + logger.info(provision_backend.slapd_command_escaped) + logger.info("This slapd-Commandline is also stored under: %s/ldap_backend_startup.sh", + provision_backend.ldapdir) result = ProvisionResult() diff --git a/source4/scripting/python/samba/tests/samdb.py b/source4/scripting/python/samba/tests/samdb.py index 73be13ca2a..9645c0464b 100644 --- a/source4/scripting/python/samba/tests/samdb.py +++ b/source4/scripting/python/samba/tests/samdb.py @@ -17,6 +17,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # from samba.auth import system_session +import logging import os from samba.provision import setup_samdb, guess_names, make_smbconf, find_setup_dir from samba.tests import TestCaseInTempDir @@ -78,7 +79,7 @@ class SamDBTestCase(TestCaseInTempDir): self.samdb = setup_samdb(path, self.setup_path, session_info, provision_backend, self.lp, names, - lambda x: None, domainsid, + logging.getLogger("samdb"), domainsid, domainguid, policyguid, False, "secret", "secret", "secret", invocationid, diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py index b20cecf77d..c2134ddc70 100644 --- a/source4/scripting/python/samba/upgrade.py +++ b/source4/scripting/python/samba/upgrade.py @@ -367,7 +367,7 @@ def import_registry(samba4_registry, samba3_regdb): key_handle.set_value(value_name, value_type, value_data) -def upgrade_provision(samba3, setup_dir, message, credentials, session_info, +def upgrade_provision(samba3, setup_dir, logger, credentials, session_info, smbconf, targetdir): oldconf = samba3.get_conf() @@ -387,27 +387,30 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, if domainname is None: domainname = secrets_db.domains()[0] - message("No domain specified in smb.conf file, assuming '%s'" % domainname) + logger.warning("No domain specified in smb.conf file, assuming '%s'", + domainname) if realm is None: if oldconf.get("domain logons") == "True": - message("No realm specified in smb.conf file and being a DC. That upgrade path doesn't work! Please add a 'realm' directive to your old smb.conf to let us know which one you want to use (generally it's the upcased DNS domainname).") + logger.warning("No realm specified in smb.conf file and being a DC. That upgrade path doesn't work! Please add a 'realm' directive to your old smb.conf to let us know which one you want to use (generally it's the upcased DNS domainname).") return else: realm = domainname.upper() - message("No realm specified in smb.conf file, assuming '%s'" % realm) + logger.warning("No realm specified in smb.conf file, assuming '%s'", + realm) domainguid = secrets_db.get_domain_guid(domainname) domainsid = secrets_db.get_sid(domainname) if domainsid is None: - message("Can't find domain secrets for '%s'; using random SID" % domainname) + logger.warning("Can't find domain secrets for '%s'; using random SID", + domainname) if netbiosname is not None: machinepass = secrets_db.get_machine_password(netbiosname) else: machinepass = None - result = provision(setup_dir=setup_dir, message=message, + result = provision(setup_dir=setup_dir, logger=logger, session_info=session_info, credentials=credentials, targetdir=targetdir, realm=realm, domain=domainname, domainguid=domainguid, domainsid=domainsid, @@ -433,7 +436,7 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, #FIXME: import_sam_account(result.samdb, user, domaindn, domainsid) if hasattr(passdb, 'ldap_url'): - message("Enabling Samba3 LDAP mappings for SAM database") + logger.info("Enabling Samba3 LDAP mappings for SAM database") enable_samba3sam(result.samdb, passdb.ldap_url) diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py index ce1b3e3736..a9b020285e 100755 --- a/source4/scripting/python/samba/upgradehelpers.py +++ b/source4/scripting/python/samba/upgradehelpers.py @@ -106,7 +106,7 @@ def find_provision_key_parameters(param, credentials, session_info, paths, names.configdn = current[0]["configurationNamingContext"] configdn = str(names.configdn) names.schemadn = current[0]["schemaNamingContext"] - if not (ldb.Dn(samdb, basedn) == (ldb.Dn(samdb, current[0]["defaultNamingContext"][0]))): + if ldb.Dn(samdb, basedn) != ldb.Dn(samdb, current[0]["defaultNamingContext"][0]): raise ProvisioningError("basedn in %s (%s) and from %s (%s) is not the same ..." % (paths.samdb, str(current[0]["defaultNamingContext"][0]), paths.smbconf, basedn)) names.domaindn=current[0]["defaultNamingContext"] @@ -161,7 +161,7 @@ def find_provision_key_parameters(param, credentials, session_info, paths, return names -def newprovision(names,setup_dir,creds,session,smbconf,provdir,messagefunc): +def newprovision(names, setup_dir, creds, session, smbconf, provdir, logger): """Create a new provision. This provision will be the reference for knowing what has changed in the @@ -179,8 +179,8 @@ def newprovision(names,setup_dir,creds,session,smbconf,provdir,messagefunc): shutil.rmtree(provdir) os.chdir(os.path.join(setup_dir,"..")) os.mkdir(provdir) - messagefunc("Provision stored in %s"%provdir) - provision(setup_dir, messagefunc, session, creds, smbconf=smbconf, + logger.info("Provision stored in %s", provdir) + provision(setup_dir, logger, session, creds, smbconf=smbconf, targetdir=provdir, samdb_fill=FILL_FULL, realm=names.realm, domain=names.domain, domainguid=names.domainguid, domainsid=str(names.domainsid), ntdsguid=names.ntdsguid, @@ -196,7 +196,7 @@ def newprovision(names,setup_dir,creds,session,smbconf,provdir,messagefunc): ldap_dryrun_mode=None, useeadb=True) -def dn_sort(x,y): +def dn_sort(x, y): """Sorts two DNs in the lexicographical order it and put higher level DN before. @@ -213,13 +213,13 @@ def dn_sort(x,y): len1 = len(tab1)-1 len2 = len(tab2)-1 # Note: python range go up to upper limit but do not include it - for i in range(0,minimum): - ret = cmp(tab1[len1-i],tab2[len2-i]) + for i in range(0, minimum): + ret = cmp(tab1[len1-i], tab2[len2-i]) if ret != 0: return ret else: if i == minimum-1: - assert len1!=len2,"PB PB PB"+" ".join(tab1)+" / "+" ".join(tab2) + assert len1 != len2, "PB PB PB"+" ".join(tab1)+" / "+" ".join(tab2) if len1 > len2: return 1 else: diff --git a/source4/setup/provision b/source4/setup/provision index 78965c6957..4027c85e59 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -22,6 +22,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # +import logging import optparse import sys import tempfile @@ -121,10 +122,12 @@ parser.add_option("--ldap-dryrun-mode", help="Configure LDAP backend, but do not opts = parser.parse_args()[0] -def message(text): - """print a message if quiet is not set.""" - if not opts.quiet: - print text +logger = logging.getLogger("provision") +logger.addHandler(logging.StreamHandler(sys.stdout)) +if opts.quiet: + logger.setLevel(logging.WARNING) +else: + logger.setLevel(logging.INFO) if len(sys.argv) == 1: opts.interactive = True @@ -175,7 +178,7 @@ else: sys.exit(1) if not opts.adminpass: - message("Administrator password will be set randomly!") + logger.info("Administrator password will be set randomly!") lp = sambaopts.get_loadparm() smbconf = lp.configfile @@ -222,14 +225,14 @@ elif opts.use_xattrs == "auto": except: # XXX: Should catch a specific exception here if lp.get("posix:eadb") is None: - message("Notice: you are not root or your system do not support xattr, tdb backend for attributes has been selected") - message(" if you intend to use this provision in production you'd better rerun the script as root on a system supporting xattr") + logger.info("Notice: you are not root or your system do not support xattr, tdb backend for attributes has been selected") + logger.info(" if you intend to use this provision in production you'd better rerun the script as root on a system supporting xattr") file.close() session = system_session() try: - provision(setup_dir, message, + provision(setup_dir, logger, session, creds, smbconf=smbconf, targetdir=opts.targetdir, samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain, domainguid=opts.domain_guid, domainsid=opts.domain_sid, |