diff options
-rw-r--r-- | source4/scripting/python/samba/provision/__init__.py | 22 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision/backend.py | 6 | ||||
-rwxr-xr-x | source4/scripting/python/samba/upgradehelpers.py | 6 | ||||
-rwxr-xr-x | source4/setup/provision | 25 | ||||
-rwxr-xr-x | source4/setup/tests/blackbox_provision-backend.sh | 10 |
5 files changed, 21 insertions, 48 deletions
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index a8a5a572a6..be0e903cd9 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -1641,10 +1641,10 @@ def provision(logger, session_info, credentials, smbconf=None, dns_backend=None, dnspass=None, invocationid=None, machinepass=None, ntdsguid=None, root=None, nobody=None, users=None, wheel=None, backup=None, aci=None, - serverrole=None, dom_for_fun_level=None, ldap_backend_extra_port=None, - ldap_backend_forced_uri=None, backend_type=None, sitename=None, - ol_mmr_urls=None, ol_olc=None, setup_ds_path=None, slapd_path=None, - nosync=False, ldap_dryrun_mode=False, useeadb=False, am_rodc=False, + serverrole=None, dom_for_fun_level=None, + backend_type=None, sitename=None, + ol_mmr_urls=None, ol_olc=None, slapd_path=None, + useeadb=False, am_rodc=False, lp=None): """Provision samba4 @@ -1759,30 +1759,24 @@ def provision(logger, session_info, credentials, smbconf=None, lp=lp, credentials=credentials, names=names, logger=logger) elif backend_type == "existing": + # If support for this is ever added back, then the URI will need to be specified again provision_backend = ExistingBackend(backend_type, paths=paths, lp=lp, credentials=credentials, names=names, logger=logger, - ldap_backend_forced_uri=ldap_backend_forced_uri) + ldap_backend_forced_uri=None) elif backend_type == "fedora-ds": provision_backend = FDSBackend(backend_type, paths=paths, lp=lp, credentials=credentials, names=names, logger=logger, domainsid=domainsid, schema=schema, hostname=hostname, ldapadminpass=ldapadminpass, slapd_path=slapd_path, - ldap_backend_extra_port=ldap_backend_extra_port, - ldap_dryrun_mode=ldap_dryrun_mode, root=root, - setup_ds_path=setup_ds_path, - ldap_backend_forced_uri=ldap_backend_forced_uri) + root=root) elif backend_type == "openldap": provision_backend = OpenLDAPBackend(backend_type, paths=paths, lp=lp, credentials=credentials, names=names, logger=logger, domainsid=domainsid, schema=schema, hostname=hostname, ldapadminpass=ldapadminpass, - slapd_path=slapd_path, - ldap_backend_extra_port=ldap_backend_extra_port, - ldap_dryrun_mode=ldap_dryrun_mode, ol_mmr_urls=ol_mmr_urls, - nosync=nosync, - ldap_backend_forced_uri=ldap_backend_forced_uri) + slapd_path=slapd_path, ol_mmr_urls=ol_mmr_urls) else: raise ValueError("Unknown LDAP backend type selected") diff --git a/source4/scripting/python/samba/provision/backend.py b/source4/scripting/python/samba/provision/backend.py index f9dbba85f6..4ab827b545 100644 --- a/source4/scripting/python/samba/provision/backend.py +++ b/source4/scripting/python/samba/provision/backend.py @@ -133,7 +133,7 @@ class LDAPBackend(ProvisionBackend): credentials=None, names=None, logger=None, domainsid=None, schema=None, hostname=None, ldapadminpass=None, slapd_path=None, ldap_backend_extra_port=None, - ldap_backend_forced_uri=None, ldap_dryrun_mode=False): + ldap_backend_forced_uri=None, ldap_dryrun_mode=True): super(LDAPBackend, self).__init__(backend_type=backend_type, paths=paths, lp=lp, @@ -286,7 +286,7 @@ class OpenLDAPBackend(LDAPBackend): def __init__(self, backend_type, paths=None, lp=None, credentials=None, names=None, logger=None, domainsid=None, schema=None, hostname=None, ldapadminpass=None, slapd_path=None, - ldap_backend_extra_port=None, ldap_dryrun_mode=False, + ldap_backend_extra_port=None, ldap_dryrun_mode=True, ol_mmr_urls=None, nosync=False, ldap_backend_forced_uri=None): from samba.provision import setup_path super(OpenLDAPBackend, self).__init__( backend_type=backend_type, @@ -568,7 +568,7 @@ class FDSBackend(LDAPBackend): def __init__(self, backend_type, paths=None, lp=None, credentials=None, names=None, logger=None, domainsid=None, schema=None, hostname=None, ldapadminpass=None, slapd_path=None, - ldap_backend_extra_port=None, ldap_dryrun_mode=False, root=None, + ldap_backend_extra_port=None, ldap_dryrun_mode=True, root=None, setup_ds_path=None): from samba.provision import setup_path diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py index 043f629ce5..3d1aa7a23a 100755 --- a/source4/scripting/python/samba/upgradehelpers.py +++ b/source4/scripting/python/samba/upgradehelpers.py @@ -266,11 +266,11 @@ def newprovision(names, creds, session, smbconf, provdir, logger): invocationid=names.invocation, adminpass=names.adminpass, krbtgtpass=None, machinepass=None, dnspass=None, root=None, nobody=None, wheel=None, users=None, - serverrole="domain controller", ldap_backend_extra_port=None, + serverrole="domain controller", backend_type=None, ldapadminpass=None, ol_mmr_urls=None, - slapd_path=None, setup_ds_path=None, nosync=None, + slapd_path=None, dom_for_fun_level=names.domainlevel, dns_backend=dns_backend, - ldap_dryrun_mode=None, useeadb=True) + useeadb=True) def dn_sort(x, y): diff --git a/source4/setup/provision b/source4/setup/provision index bae86ee658..1d847decef 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -102,14 +102,9 @@ parser.add_option("--users", type="string", metavar="GROUPNAME", parser.add_option("--quiet", help="Be quiet", action="store_true") parser.add_option("--blank", action="store_true", help="do not add users or groups, just the structure") -parser.add_option("--ldap-backend-extra-port", type="int", metavar="LDAP-BACKEND-EXTRA-PORT", - help="Additional TCP port for LDAP backend server (to use for replication)") -parser.add_option("--ldap-backend-forced-uri", type="string", metavar="LDAP-BACKEND-FORCED-URI", - help="Force the LDAP backend connection to be to a particular URI. Use this ONLY for 'existing' backends, or when debugging the interaction with the LDAP backend and you need to intercept the LDAP traffic") parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE", - help="LDAP backend type (fedora-ds or openldap)", + help="Test initialisation support for unsupported LDAP backend type (fedora-ds or openldap) DO NOT USE", choices=["fedora-ds", "openldap"]) -parser.add_option("--ldap-backend-nosync", help="Configure LDAP backend not to call fsync() (for performance in test environments)", action="store_true") parser.add_option("--server-role", type="choice", metavar="ROLE", choices=["domain controller", "dc", "member server", "member", "standalone"], help="The server role (domain controller | dc | member server | member | standalone). Default is dc.") @@ -126,10 +121,7 @@ parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER", help="List of LDAP-URLS [ ldap://<FQHN>:<PORT>/ (where <PORT> has to be different than 389!) ] separated with comma (\",\") for use with OpenLDAP-MMR (Multi-Master-Replication), e.g.: \"ldap://s4dc1:9000,ldap://s4dc2:9000\"") parser.add_option("--slapd-path", type="string", metavar="SLAPD-PATH", help="Path to slapd for LDAP backend [e.g.:'/usr/local/libexec/slapd']. Required for Setup with LDAP-Backend. OpenLDAP Version >= 2.4.17 should be used.") -parser.add_option("--setup-ds-path", type="string", metavar="SETUP_DS-PATH", - help="Path to setup-ds.pl script for Fedora DS LDAP backend [e.g.:'/usr/sbin/setup-ds.pl']. Required for Setup with Fedora DS backend.") parser.add_option("--use-xattrs", type="choice", choices=["yes", "no", "auto"], help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto") -parser.add_option("--ldap-dryrun-mode", help="Configure LDAP backend, but do not run any binaries and exit early. Used only for the test environment. DO NOT USE", action="store_true") opts = parser.parse_args()[0] @@ -248,16 +240,6 @@ elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"): "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.") file.close() - -if opts.ldap_backend_type == "existing": - if opts.ldap_backend_forced_uri is not None: - logger.warn("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at %s" % opts.ldap_backend_forced_uri) - else: - logger.info("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at the default location") -else: - if opts.ldap_backend_forced_uri is not None: - logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend. This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less prone to unexpected failure or interaction" % opts.ldap_backend_forced_uri) - session = system_session() try: provision(logger, @@ -273,12 +255,9 @@ try: dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody, wheel=opts.wheel, users=opts.users, serverrole=server_role, dom_for_fun_level=dom_for_fun_level, - ldap_backend_extra_port=opts.ldap_backend_extra_port, - ldap_backend_forced_uri=opts.ldap_backend_forced_uri, backend_type=opts.ldap_backend_type, ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls, - slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path, - nosync=opts.ldap_backend_nosync, ldap_dryrun_mode=opts.ldap_dryrun_mode, + slapd_path=opts.slapd_path, useeadb=eadb, next_rid=opts.next_rid, lp=lp) except ProvisioningError, e: print str(e) diff --git a/source4/setup/tests/blackbox_provision-backend.sh b/source4/setup/tests/blackbox_provision-backend.sh index 58fde63469..96ff753ace 100755 --- a/source4/setup/tests/blackbox_provision-backend.sh +++ b/source4/setup/tests/blackbox_provision-backend.sh @@ -12,13 +12,13 @@ shift 1 . `dirname $0`/../../../testprogs/blackbox/subunit.sh -testit "openldap-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --ldap-dryrun-mode --slapd-path=/dev/null -testit "openldap-mmr-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls="ldap://s4dc1.test:9000,ldap://s4dc2.test:9000" --ldap-dryrun-mode --slapd-path=/dev/null --username=samba-admin --password=linux --adminpass=linux --ldapadminpass=linux -testit "fedora-ds-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --ldap-dryrun-mode --slapd-path=/dev/null +testit "openldap-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --slapd-path=/dev/null +testit "openldap-mmr-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls="ldap://s4dc1.test:9000,ldap://s4dc2.test:9000" --slapd-path=/dev/null --username=samba-admin --password=linux --adminpass=linux --ldapadminpass=linux +testit "fedora-ds-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --slapd-path=/dev/null reprovision() { - $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --ldap-dryrun-mode --slapd-path=/dev/null - $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --ldap-dryrun-mode --slapd-path=/dev/null + $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --slapd-path=/dev/null + $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --slapd-path=/dev/null } testit "reprovision-backend" reprovision |