summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rwxr-xr-xsource4/setup/provision273
-rw-r--r--source4/setup/wscript_build6
2 files changed, 0 insertions, 279 deletions
diff --git a/source4/setup/provision b/source4/setup/provision
deleted file mode 100755
index 6cb4674b21..0000000000
--- a/source4/setup/provision
+++ /dev/null
@@ -1,273 +0,0 @@
-#!/usr/bin/env python
-#
-# Unix SMB/CIFS implementation.
-# provision a Samba4 server
-# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008
-# Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008
-#
-# Based on the original in EJS:
-# Copyright (C) Andrew Tridgell 2005
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-
-import logging
-import optparse
-import sys
-import tempfile
-
-# Find right directory when running from source tree
-sys.path.insert(0, "bin/python")
-
-import samba
-import samba.ntacls
-import os
-from samba.credentials import DONT_USE_KERBEROS
-from samba.auth import system_session
-import samba.getopt as options
-from samba.provision import (
- provision,
- FILL_FULL,
- FILL_NT4SYNC,
- FILL_DRS,
- ProvisioningError,
- )
-from samba.dsdb import (
- DS_DOMAIN_FUNCTION_2000,
- DS_DOMAIN_FUNCTION_2003,
- DS_DOMAIN_FUNCTION_2008,
- DS_DOMAIN_FUNCTION_2008_R2,
- )
-
-# how do we make this case insensitive??
-
-parser = optparse.OptionParser("provision [options]")
-sambaopts = options.SambaOptions(parser)
-parser.add_option_group(sambaopts)
-parser.add_option_group(options.VersionOptions(parser))
-credopts = options.CredentialsOptions(parser)
-parser.add_option_group(credopts)
-parser.add_option("--interactive", help="Ask for names", action="store_true")
-parser.add_option("--domain", type="string", metavar="DOMAIN",
- help="set domain")
-parser.add_option("--domain-guid", type="string", metavar="GUID",
- help="set domainguid (otherwise random)")
-parser.add_option("--domain-sid", type="string", metavar="SID",
- help="set domainsid (otherwise random)")
-parser.add_option("--ntds-guid", type="string", metavar="GUID",
- help="set NTDS object GUID (otherwise random)")
-parser.add_option("--invocationid", type="string", metavar="GUID",
- help="set invocationid (otherwise random)")
-parser.add_option("--host-name", type="string", metavar="HOSTNAME",
- help="set hostname")
-parser.add_option("--host-ip", type="string", metavar="IPADDRESS",
- help="set IPv4 ipaddress")
-parser.add_option("--host-ip6", type="string", metavar="IP6ADDRESS",
- help="set IPv6 ipaddress")
-parser.add_option("--adminpass", type="string", metavar="PASSWORD",
- help="choose admin password (otherwise random)")
-parser.add_option("--krbtgtpass", type="string", metavar="PASSWORD",
- help="choose krbtgt password (otherwise random)")
-parser.add_option("--machinepass", type="string", metavar="PASSWORD",
- help="choose machine password (otherwise random)")
-parser.add_option("--dns-backend", type="choice", metavar="NAMESERVER-BACKEND",
- choices=["SAMBA_INTERNAL", "BIND9_FLATFILE", "BIND9_DLZ", "NONE"],
- help="The DNS server backend. SAMBA_INTERNAL is the builtin name server, " \
- "BIND9_FLATFILE uses bind9 text database to store zone information, " \
- "BIND9_DLZ uses samba4 AD to store zone information (default), " \
- "NONE skips the DNS setup entirely (not recommended)",
- default="BIND9_DLZ")
-parser.add_option("--dnspass", type="string", metavar="PASSWORD",
- help="choose dns password (otherwise random)")
-parser.add_option("--ldapadminpass", type="string", metavar="PASSWORD",
- help="choose password to set between Samba and it's LDAP backend (otherwise random)")
-parser.add_option("--root", type="string", metavar="USERNAME",
- help="choose 'root' unix username")
-parser.add_option("--nobody", type="string", metavar="USERNAME",
- help="choose 'nobody' user")
-parser.add_option("--wheel", type="string", metavar="GROUPNAME",
- help="choose 'wheel' privileged group")
-parser.add_option("--users", type="string", metavar="GROUPNAME",
- help="choose 'users' group")
-parser.add_option("--quiet", help="Be quiet", action="store_true")
-parser.add_option("--blank", action="store_true",
- help="do not add users or groups, just the structure")
-parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE",
- help="Test initialisation support for unsupported LDAP backend type (fedora-ds or openldap) DO NOT USE",
- choices=["fedora-ds", "openldap"])
-parser.add_option("--server-role", type="choice", metavar="ROLE",
- choices=["domain controller", "dc", "member server", "member", "standalone"],
- help="The server role (domain controller | dc | member server | member | standalone). Default is dc.",
- default="domain controller")
-parser.add_option("--function-level", type="choice", metavar="FOR-FUN-LEVEL",
- choices=["2000", "2003", "2008", "2008_R2"],
- help="The domain and forest function level (2000 | 2003 | 2008 | 2008_R2 - always native). Default is (Windows) 2003 Native.",
- default="2003")
-parser.add_option("--next-rid", type="int", metavar="NEXTRID", default=1000,
- help="The initial nextRid value (only needed for upgrades). Default is 1000.")
-parser.add_option("--partitions-only",
- help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true")
-parser.add_option("--targetdir", type="string", metavar="DIR",
- help="Set target directory")
-parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER",
- help="List of LDAP-URLS [ ldap://<FQHN>:<PORT>/ (where <PORT> has to be different than 389!) ] separated with comma (\",\") for use with OpenLDAP-MMR (Multi-Master-Replication), e.g.: \"ldap://s4dc1:9000,ldap://s4dc2:9000\"")
-parser.add_option("--use-xattrs", type="choice", choices=["yes", "no", "auto"], help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto")
-parser.add_option("--use-ntvfs", action="store_true", help="Use NTVFS for the fileserver (default = no)")
-parser.add_option("--use-rfc2307", action="store_true", help="Use AD to store posix attributes (default = no)")
-
-opts = parser.parse_args()[0]
-
-logger = logging.getLogger("provision")
-logger.addHandler(logging.StreamHandler(sys.stdout))
-if opts.quiet:
- logger.setLevel(logging.WARNING)
-else:
- logger.setLevel(logging.INFO)
-
-if len(sys.argv) == 1:
- opts.interactive = True
-
-if opts.interactive:
- from getpass import getpass
- import socket
-
- def ask(prompt, default=None):
- if default is not None:
- print "%s [%s]: " % (prompt, default),
- else:
- print "%s: " % (prompt,),
- return sys.stdin.readline().rstrip("\n") or default
- try:
- default = socket.getfqdn().split(".", 1)[1].upper()
- except IndexError:
- default = None
- opts.realm = ask("Realm", default)
- if opts.realm in (None, ""):
- print >>sys.stderr, "No realm set!"
- sys.exit(1)
-
- try:
- default = opts.realm.split(".")[0]
- except IndexError:
- default = None
- opts.domain = ask("Domain", default)
- if opts.domain is None:
- print >> sys.stderr, "No domain set!"
- sys.exit(1)
-
- opts.server_role = ask("Server Role (dc, member, standalone)", "dc")
-
- opts.dns_backend = ask("DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE)", "BIND9_DLZ")
- if opts.dns_backend in (None, ''):
- print >> sys.stderr, "No DNS backend set!"
- sys.exit(1)
-
- while True:
- adminpass = getpass("Administrator password: ")
- if not adminpass:
- print >>sys.stderr, "Invalid administrator password."
- else:
- adminpassverify = getpass("Retype password: ")
- if not adminpass == adminpassverify:
- print >>sys.stderr, "Sorry, passwords do not match."
- else:
- opts.adminpass = adminpass
- break
-
-else:
- if opts.realm in (None, ""):
- opts.realm = sambaopts._lp.get('realm')
- if opts.realm is None or opts.domain is None:
- if opts.realm is None:
- print >>sys.stderr, "No realm set!"
- if opts.domain is None:
- print >> sys.stderr, "No domain set!"
- parser.print_usage()
- sys.exit(1)
-
-if not opts.adminpass:
- logger.info("Administrator password will be set randomly!")
-
-lp = sambaopts.get_loadparm()
-smbconf = lp.configfile
-
-if opts.function_level == "2000":
- dom_for_fun_level = DS_DOMAIN_FUNCTION_2000
-elif opts.function_level == "2003":
- dom_for_fun_level = DS_DOMAIN_FUNCTION_2003
-elif opts.function_level == "2008":
- dom_for_fun_level = DS_DOMAIN_FUNCTION_2008
-elif opts.function_level == "2008_R2":
- dom_for_fun_level = DS_DOMAIN_FUNCTION_2008_R2
-
-creds = credopts.get_credentials(lp)
-
-creds.set_kerberos_state(DONT_USE_KERBEROS)
-
-samdb_fill = FILL_FULL
-if opts.blank:
- samdb_fill = FILL_NT4SYNC
-elif opts.partitions_only:
- samdb_fill = FILL_DRS
-
-if opts.targetdir is not None:
- if not os.path.isdir(opts.targetdir):
- os.mkdir(opts.targetdir)
-
-eadb = True
-
-if opts.use_xattrs == "yes":
- eadb = False
-elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"):
- if opts.targetdir:
- file = tempfile.NamedTemporaryFile(dir=os.path.abspath(opts.targetdir))
- else:
- file = tempfile.NamedTemporaryFile(dir=os.path.abspath(os.path.dirname(lp.get("private dir"))))
- try:
- try:
- samba.ntacls.setntacl(lp, file.name,
- "O:S-1-5-32G:S-1-5-32", "S-1-5-32", "native")
- eadb = False
- except Exception:
- logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. ")
- finally:
- file.close()
-
-if eadb:
- logger.info("not using extended attributes to store ACLs and other metadata. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
-
-session = system_session()
-try:
- result = provision(logger,
- session, creds, smbconf=smbconf, targetdir=opts.targetdir,
- samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain,
- domainguid=opts.domain_guid, domainsid=opts.domain_sid,
- hostname=opts.host_name,
- hostip=opts.host_ip, hostip6=opts.host_ip6,
- ntdsguid=opts.ntds_guid,
- invocationid=opts.invocationid, adminpass=opts.adminpass,
- krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass,
- dns_backend=opts.dns_backend,
- dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
- wheel=opts.wheel, users=opts.users,
- serverrole=opts.server_role, dom_for_fun_level=dom_for_fun_level,
- backend_type=opts.ldap_backend_type,
- ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls,
- useeadb=eadb, next_rid=opts.next_rid, lp=lp, use_ntvfs=(opts.use_ntvfs),
- use_rfc2307=(opts.use_rfc2307))
-except ProvisioningError, e:
- print str(e)
- sys.exit(1)
-
-result.report_logger(logger)
diff --git a/source4/setup/wscript_build b/source4/setup/wscript_build
index 2513f28af7..cb83e3e246 100644
--- a/source4/setup/wscript_build
+++ b/source4/setup/wscript_build
@@ -1,14 +1,8 @@
#!/usr/bin/env python
-from samba_utils import MODE_755
-
bld.INSTALL_WILDCARD('${SETUPDIR}', 'ad-schema/*.txt')
bld.INSTALL_WILDCARD('${SETUPDIR}', 'display-specifiers/*.txt')
-bld.INSTALL_FILES('${SBINDIR}', 'provision', chmod=MODE_755, python_fixup=True)
-
-bld.SAMBA_SCRIPT('provision', pattern='provision', installdir='.')
-
bld.INSTALL_FILES('${SETUPDIR}', 'dns_update_list')
bld.INSTALL_FILES('${SETUPDIR}', 'spn_update_list')