diff options
-rw-r--r-- | source4/scripting/python/samba/netcmd/domainlevel.py | 8 | ||||
-rw-r--r-- | source4/scripting/python/samba/netcmd/dsacl.py | 2 | ||||
-rw-r--r-- | source4/scripting/python/samba/netcmd/fsmo.py | 20 | ||||
-rw-r--r-- | source4/scripting/python/samba/netcmd/pwsettings.py | 2 | ||||
-rw-r--r-- | source4/scripting/python/samba/ntacls.py | 19 | ||||
-rwxr-xr-x | source4/scripting/python/samba/upgradehelpers.py | 49 |
6 files changed, 51 insertions, 49 deletions
diff --git a/source4/scripting/python/samba/netcmd/domainlevel.py b/source4/scripting/python/samba/netcmd/domainlevel.py index 1874191e1f..ecd835ddd2 100644 --- a/source4/scripting/python/samba/netcmd/domainlevel.py +++ b/source4/scripting/python/samba/netcmd/domainlevel.py @@ -76,20 +76,20 @@ class cmd_domainlevel(Command): samdb = SamDB(url=H, session_info=system_session(), credentials=creds, lp=lp) - domain_dn = SamDB.domain_dn(samdb) + domain_dn = samdb.domain_dn() res_forest = samdb.search("CN=Partitions,CN=Configuration," + domain_dn, scope=ldb.SCOPE_BASE, attrs=["msDS-Behavior-Version"]) - assert(len(res_forest) == 1) + assert len(res_forest) == 1 res_domain = samdb.search(domain_dn, scope=ldb.SCOPE_BASE, attrs=["msDS-Behavior-Version", "nTMixedDomain"]) - assert(len(res_domain) == 1) + assert len(res_domain) == 1 res_dc_s = samdb.search("CN=Sites,CN=Configuration," + domain_dn, scope=ldb.SCOPE_SUBTREE, expression="(objectClass=nTDSDSA)", attrs=["msDS-Behavior-Version"]) - assert(len(res_dc_s) >= 1) + assert len(res_dc_s) >= 1 try: level_forest = int(res_forest[0]["msDS-Behavior-Version"][0]) diff --git a/source4/scripting/python/samba/netcmd/dsacl.py b/source4/scripting/python/samba/netcmd/dsacl.py index 17982b8119..0149d375be 100644 --- a/source4/scripting/python/samba/netcmd/dsacl.py +++ b/source4/scripting/python/samba/netcmd/dsacl.py @@ -105,7 +105,7 @@ class cmd_ds_acl_set(Command): return ndr_unpack(security.descriptor, desc) def get_domain_sid(self, samdb): - res = samdb.search(base=SamDB.domain_dn(samdb), + res = samdb.search(base=samdb.domain_dn(), expression="(objectClass=*)", scope=SCOPE_BASE) return ndr_unpack( security.dom_sid,res[0]["objectSid"][0]) diff --git a/source4/scripting/python/samba/netcmd/fsmo.py b/source4/scripting/python/samba/netcmd/fsmo.py index bcf80ce290..688602012b 100644 --- a/source4/scripting/python/samba/netcmd/fsmo.py +++ b/source4/scripting/python/samba/netcmd/fsmo.py @@ -65,10 +65,10 @@ all=all of the above"""), "1", ldb.FLAG_MOD_REPLACE, "becomeRidMaster") elif role == "pdc": - domain_dn = SamDB.domain_dn(samdb) + domain_dn = samdb.domain_dn() res = samdb.search(domain_dn, scope=ldb.SCOPE_BASE, attrs=["objectSid"]) - assert(len(res) == 1) + assert len(res) == 1 sid = res[0]["objectSid"][0] m["becomePdc"]= ldb.MessageElement( sid, ldb.FLAG_MOD_REPLACE, @@ -93,9 +93,9 @@ all=all of the above"""), def seize_role(self, role, samdb, force): res = samdb.search("", scope=ldb.SCOPE_BASE, attrs=["dsServiceName"]) - assert(len(res) == 1) + assert len(res) == 1 serviceName = res[0]["dsServiceName"][0] - domain_dn = SamDB.domain_dn(samdb) + domain_dn = samdb.domain_dn() m = ldb.Message() if role == "rid": m.dn = ldb.Dn(samdb, self.rid_dn) @@ -138,7 +138,7 @@ all=all of the above"""), samdb = SamDB(url=host, session_info=system_session(), credentials=creds, lp=lp) - domain_dn = SamDB.domain_dn(samdb) + domain_dn = samdb.domain_dn() self.infrastructure_dn = "CN=Infrastructure," + domain_dn self.naming_dn = "CN=Partitions,CN=Configuration," + domain_dn self.schema_dn = "CN=Schema,CN=Configuration," + domain_dn @@ -146,27 +146,27 @@ all=all of the above"""), res = samdb.search(self.infrastructure_dn, scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"]) - assert(len(res) == 1) + assert len(res) == 1 self.infrastructureMaster = res[0]["fSMORoleOwner"][0] res = samdb.search(domain_dn, scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"]) - assert(len(res) == 1) + assert len(res) == 1 self.pdcEmulator = res[0]["fSMORoleOwner"][0] res = samdb.search(self.naming_dn, scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"]) - assert(len(res) == 1) + assert len(res) == 1 self.namingMaster = res[0]["fSMORoleOwner"][0] res = samdb.search(self.schema_dn, scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"]) - assert(len(res) == 1) + assert len(res) == 1 self.schemaMaster = res[0]["fSMORoleOwner"][0] res = samdb.search(self.rid_dn, scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"]) - assert(len(res) == 1) + assert len(res) == 1 self.ridMaster = res[0]["fSMORoleOwner"][0] if subcommand == "show": diff --git a/source4/scripting/python/samba/netcmd/pwsettings.py b/source4/scripting/python/samba/netcmd/pwsettings.py index dda009ae06..8748bc5e0d 100644 --- a/source4/scripting/python/samba/netcmd/pwsettings.py +++ b/source4/scripting/python/samba/netcmd/pwsettings.py @@ -72,7 +72,7 @@ class cmd_pwsettings(Command): samdb = SamDB(url=H, session_info=system_session(), credentials=creds, lp=lp) - domain_dn = SamDB.domain_dn(samdb) + domain_dn = samdb.domain_dn() res = samdb.search(domain_dn, scope=ldb.SCOPE_BASE, attrs=["pwdProperties", "pwdHistoryLength", "minPwdLength", "minPwdAge", "maxPwdAge"]) diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py index 16e9463f09..478a5125bf 100644 --- a/source4/scripting/python/samba/ntacls.py +++ b/source4/scripting/python/samba/ntacls.py @@ -26,17 +26,19 @@ from samba.ndr import ndr_pack, ndr_unpack class XattrBackendError(Exception): """A generic xattr backend error.""" -def checkset_backend(lp,backend,eadbfile): + +def checkset_backend(lp, backend, eadbfile): if backend is not None: if backend == "native": lp.set("posix:eadb","") elif backend == "tdb": if eadbfile != None: - lp.set("posix:eadb",eadbfile) + lp.set("posix:eadb", eadbfile) else: - os.path.abspath(os.path.join(lp.get("private dir"),"eadb.tdb")) + os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb")) else: - raise XattrBackendError("Unvalid xattr backend choice %s"%backend) + raise XattrBackendError("Invalid xattr backend choice %s"%backend) + def getntacl(lp, file, backend=None, eadbfile=None): checkset_backend(lp, backend, eadbfile) @@ -59,9 +61,9 @@ def getntacl(lp, file, backend=None, eadbfile=None): def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None): checkset_backend(lp, backend, eadbfile) - ntacl=xattr.NTACL() + ntacl = xattr.NTACL() ntacl.version = 1 - sid=security.dom_sid(domsid) + sid = security.dom_sid(domsid) sd = security.descriptor.from_sddl(sddl, sid) ntacl.info = sd eadbname = lp.get("posix:eadb") @@ -130,6 +132,7 @@ def ldapmask2filemask(ldm): return filemask + def dsacl2fsacl(dssddl, domsid): """ @@ -148,8 +151,8 @@ def dsacl2fsacl(dssddl, domsid): aces = ref.dacl.aces for i in range(0, len(aces)): ace = aces[i] - if not ace.type & security.SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT and str(ace.trustee) != security.SID_BUILTIN_PREW2K: - # if fdescr.type & security.SEC_DESC_DACL_AUTO_INHERITED: + if not ace.type & security.SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT and str(ace.trustee) != security.SID_BUILTIN_PREW2K: + # if fdescr.type & security.SEC_DESC_DACL_AUTO_INHERITED: ace.flags = ace.flags | security.SEC_ACE_FLAG_OBJECT_INHERIT | security.SEC_ACE_FLAG_CONTAINER_INHERIT if str(ace.trustee) == security.SID_CREATOR_OWNER: # For Creator/Owner the IO flag is set as this ACE has only a sense for child objects diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py index 3da739b139..50439efbc7 100755 --- a/source4/scripting/python/samba/upgradehelpers.py +++ b/source4/scripting/python/samba/upgradehelpers.py @@ -97,7 +97,10 @@ def find_provision_key_parameters(param, credentials, session_info, paths, # That's a bit simplistic but it's ok as long as we have only 3 # partitions - current = samdb.search(expression="(objectClass=*)",base="", scope=SCOPE_BASE, attrs=["defaultNamingContext", "schemaNamingContext","configurationNamingContext","rootDomainNamingContext"]) + current = samdb.search(expression="(objectClass=*)", + base="", scope=SCOPE_BASE, + attrs=["defaultNamingContext", "schemaNamingContext", + "configurationNamingContext","rootDomainNamingContext"]) names.configdn = current[0]["configurationNamingContext"] configdn = str(names.configdn) @@ -108,12 +111,13 @@ def find_provision_key_parameters(param, credentials, session_info, paths, names.domaindn=current[0]["defaultNamingContext"] names.rootdn=current[0]["rootDomainNamingContext"] # default site name - res3= samdb.search(expression="(objectClass=*)",base="CN=Sites,"+configdn, scope=SCOPE_ONELEVEL, attrs=["cn"]) + res3 = samdb.search(expression="(objectClass=*)", + base="CN=Sites,"+configdn, scope=SCOPE_ONELEVEL, attrs=["cn"]) names.sitename = str(res3[0]["cn"]) # dns hostname and server dn - res4= samdb.search(expression="(CN=%s)"%names.netbiosname,base="OU=Domain Controllers,"+basedn, \ - scope=SCOPE_ONELEVEL, attrs=["dNSHostName"]) + res4 = samdb.search(expression="(CN=%s)" % names.netbiosname, + base="OU=Domain Controllers,"+basedn, scope=SCOPE_ONELEVEL, attrs=["dNSHostName"]) names.hostname = str(res4[0]["dNSHostName"]).replace("."+names.dnsdomain,"") server_res = samdb.search(expression="serverReference=%s"%res4[0].dn, attrs=[], base=configdn) @@ -164,32 +168,27 @@ def newprovision(names,setup_dir,creds,session,smbconf,provdir,messagefunc): :param session: Session object :param smbconf: Path to the smb.conf file :param provdir: Directory where the provision will be stored - :param messagefunc: A function for displaying the message of the provision""" + :param messagefunc: A function for displaying the message of the provision + """ if os.path.isdir(provdir): shutil.rmtree(provdir) os.chdir(os.path.join(setup_dir,"..")) os.mkdir(provdir) messagefunc("Provision stored in %s"%provdir) - provision(setup_dir, messagefunc, - session, creds, smbconf=smbconf, targetdir=provdir, - samdb_fill=FILL_FULL, realm=names.realm, domain=names.domain, - domainguid=names.domainguid, domainsid=str(names.domainsid),ntdsguid=names.ntdsguid, - policyguid=names.policyid,policyguid_dc=names.policyid_dc,hostname=names.netbiosname, - hostip=None, hostip6=None, - invocationid=names.invocation, adminpass=names.adminpass, - krbtgtpass=None, machinepass=None, - dnspass=None, root=None, nobody=None, - wheel=None, users=None, - serverrole="domain controller", - ldap_backend_extra_port=None, - backend_type=None, - ldapadminpass=None, - ol_mmr_urls=None, - slapd_path=None, - setup_ds_path=None, - nosync=None, - dom_for_fun_level=names.domainlevel, - ldap_dryrun_mode=None,useeadb=True) + provision(setup_dir, messagefunc, session, creds, smbconf=smbconf, + targetdir=provdir, samdb_fill=FILL_FULL, realm=names.realm, + domain=names.domain, domainguid=names.domainguid, + domainsid=str(names.domainsid), ntdsguid=names.ntdsguid, + policyguid=names.policyid, policyguid_dc=names.policyid_dc, + hostname=names.netbiosname, hostip=None, hostip6=None, + invocationid=names.invocation, adminpass=names.adminpass, + krbtgtpass=None, machinepass=None, dnspass=None, root=None, + nobody=None, wheel=None, users=None, + serverrole="domain controller", ldap_backend_extra_port=None, + backend_type=None, ldapadminpass=None, ol_mmr_urls=None, + slapd_path=None, setup_ds_path=None, nosync=None, + dom_for_fun_level=names.domainlevel, + ldap_dryrun_mode=None, useeadb=True) def dn_sort(x,y): |