From cc30cb5e24160d107b67936d71f54645d9b3d23f Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 25 Dec 2007 16:36:23 -0600 Subject: r26592: Finish fixing the samba3dump script. (This used to be commit 85679f3fc98238f90280f9f10d42550d71eeb918) --- source4/scripting/bin/samba3dump | 240 +++++++++++++++---------------- source4/scripting/python/samba/samba3.py | 63 ++++++-- 2 files changed, 170 insertions(+), 133 deletions(-) (limited to 'source4/scripting') diff --git a/source4/scripting/bin/samba3dump b/source4/scripting/bin/samba3dump index 0aa54d91cc..157a708ff6 100755 --- a/source4/scripting/bin/samba3dump +++ b/source4/scripting/bin/samba3dump @@ -1,8 +1,8 @@ #!/usr/bin/python # -# Dump Samba3 data -# Copyright Jelmer Vernooij 2005-2007 -# Released under the GNU GPL v3 or later +# Dump Samba3 data +# Copyright Jelmer Vernooij 2005-2007 +# Released under the GNU GPL v3 or later # import optparse @@ -13,160 +13,154 @@ import samba.samba3 parser = optparse.OptionParser("provision []") parser.add_option("--format", type="choice", metavar="FORMAT", - choices=["full", "summary"]) + choices=["full", "summary"]) opts, args = parser.parse_args() if opts.format is None: - opts.format = "summary" + opts.format = "summary" def print_header(txt): - print "\n%s" % txt - print "==========================================" + print "\n%s" % txt + print "=" * len(txt) def print_samba3_policy(pol): - print_header("Account Policies") - print "Min password length: %d" % pol.min_password_length - print "Password history length: %d" % pol.password_history - if pol.user_must_logon_to_change_password: - print "User must logon to change password: %d" % pol.user_must_logon_to_change_password - if pol.maximum_password_age: - print "Maximum password age: %d" % pol.maximum_password_age - if pol.minimum_password_age: - print "Minimum password age: %d" % pol.minimum_password_age - if pol.lockout_duration: - print "Lockout duration: %d" % pol.lockout_duration - if pol.reset_count_minutes: - print "Reset Count Minutes: %d" % pol.reset_count_minutes - if pol.bad_lockout_minutes: - print "Bad Lockout Minutes: %d" % pol.bad_lockout_minutes - if pol.disconnect_time: - print "Disconnect Time: %d" % pol.disconnect_time - if pol.refuse_machine_password_change: - print "Refuse Machine Password Change: %d" % pol.refuse_machine_password_change - -def print_samba3_sam(samba3): - print_header("SAM Database") - - for a in samba3.samaccounts: - print "%d: %s" % a.user_rid, a.username - -def print_samba3_shares(samba3): - print_header("Configured shares") - for s in samba3.shares: - print "--- %s ---" % s.name - - for p in s.parameters: - print "\t%s = %s" % (p.name, p.value) - - print "" + print_header("Account Policies") + print "Min password length: %d" % pol.min_password_length + print "Password history length: %d" % pol.password_history + if pol.user_must_logon_to_change_password: + print "User must logon to change password: %d" % pol.user_must_logon_to_change_password + if pol.maximum_password_age: + print "Maximum password age: %d" % pol.maximum_password_age + if pol.minimum_password_age: + print "Minimum password age: %d" % pol.minimum_password_age + if pol.lockout_duration: + print "Lockout duration: %d" % pol.lockout_duration + if pol.reset_count_minutes: + print "Reset Count Minutes: %d" % pol.reset_count_minutes + if pol.bad_lockout_minutes: + print "Bad Lockout Minutes: %d" % pol.bad_lockout_minutes + if pol.disconnect_time: + print "Disconnect Time: %d" % pol.disconnect_time + if pol.refuse_machine_password_change: + print "Refuse Machine Password Change: %d" % pol.refuse_machine_password_change + +def print_samba3_sam(samdb): + print_header("SAM Database") + + for user in samdb: + print "%s" % user + +def print_samba3_shares(shares): + print_header("Configured shares") + for s in shares: + print "--- %s ---" % s.name + + for p in s: + print "\t%s = %s" % (p.key, p.value) + + print "" def print_samba3_secrets(secrets): - print_header("Secrets") - - if secrets.get_auth_user(): - print "IPC Credentials:" - if secrets.get_auth_user(): - print " User: %s\n" % secrets.get_auth_user() - if secrets.get_auth_password(): - print " Password: %s\n" % secrets.get_auth_password() - if secrets.get_auth_domain(): - print " Domain: %s\n" % secrets.get_auth_domain() - - if len(list(secrets.ldap_dns())) > 0: - print "LDAP passwords:" - for dn in secrets.ldap_dns(): - print "\t%s -> %s" % (dn, secrets.get_ldap_bind_pw(dn)) - print "" - - print "Domains:" - for domain in secrets.domains(): - print "\t--- %s ---" % domain - print "\tSID: %s" % secrets.get_sid(domain) - print "\tGUID: %s" % secrets.get_dom_guid(domain) - print "\tPlaintext pwd: %s" % secrets.get_machine_password(domain) - if secrets.get_machine_last_change_time(domain): - print "\tLast Changed: %lu" % secrets.get_machine_last_change_time(domain) - if secrets.get_machine_sec_channel_type(domain): - print "\tSecure Channel Type: %d\n" % secrets.get_machine_sec_channel_type(domain) - - print "Trusted domains:" - for td in secrets.trusted_domains(): - print td + print_header("Secrets") + + if secrets.get_auth_user(): + print "IPC Credentials:" + if secrets.get_auth_user(): + print " User: %s\n" % secrets.get_auth_user() + if secrets.get_auth_password(): + print " Password: %s\n" % secrets.get_auth_password() + if secrets.get_auth_domain(): + print " Domain: %s\n" % secrets.get_auth_domain() + + if len(list(secrets.ldap_dns())) > 0: + print "LDAP passwords:" + for dn in secrets.ldap_dns(): + print "\t%s -> %s" % (dn, secrets.get_ldap_bind_pw(dn)) + print "" + + print "Domains:" + for domain in secrets.domains(): + print "\t--- %s ---" % domain + print "\tSID: %s" % secrets.get_sid(domain) + print "\tGUID: %s" % secrets.get_dom_guid(domain) + print "\tPlaintext pwd: %s" % secrets.get_machine_password(domain) + if secrets.get_machine_last_change_time(domain): + print "\tLast Changed: %lu" % secrets.get_machine_last_change_time(domain) + if secrets.get_machine_sec_channel_type(domain): + print "\tSecure Channel Type: %d\n" % secrets.get_machine_sec_channel_type(domain) + + print "Trusted domains:" + for td in secrets.trusted_domains(): + print td def print_samba3_regdb(regdb): - print_header("Registry") + print_header("Registry") - for k in regdb.keys(): - print "%s" % k - for v in regdb.values(k): - print "\t%s: type %d, length %d" % (v.name, v.type, v.data.length) + for k in regdb.keys(): + print "%s" % k + for v in regdb.values(k): + print "\t%s: type %d, length %d" % (v.name, v.type, v.data.length) def print_samba3_winsdb(winsdb): - print_header("WINS Database") + print_header("WINS Database") - for name in winsdb: - (ttl, ips, nb_flags) = winsdb[name] - print "%s, nb_flags: %s, ttl: %lu, %d ips, fst: %s" % (name, nb_flags, ttl, len(ips), ips[0]) + for name in winsdb: + (ttl, ips, nb_flags) = winsdb[name] + print "%s, nb_flags: %s, ttl: %lu, %d ips, fst: %s" % (name, nb_flags, ttl, len(ips), ips[0]) def print_samba3_groupmappings(groupdb): - print_header("Group Mappings") - - for sid in groupdb.groupsids(): - print "\t--- Group: %s ---" % g.nt_name - print "\tComment: %s" % g.comment - print "\tGID: %d" % g.gid - print "\tSID Name Use: %d" % g.sid_name_use - print "\tSID: %s\n" % g.sid + print_header("Group Mappings") + + for sid in groupdb.groupsids(): + print "\t--- Group: %s ---" % sid def print_samba3_aliases(groupdb): - for a in groupdb.aliases: - print "\t--- Alias: %s ---" % a.sid - for m in a.members: - print "\t%s" % m + for sid in groupdb.aliases(): + print "\t--- Alias: %s ---" % sid def print_samba3_idmapdb(idmapdb): - print_header("Winbindd SID<->GID/UID mappings") + print_header("Winbindd SID<->GID/UID mappings") - print "User High Water Mark: %d" % idmapdb.user_hwm - print "Group High Water Mark: %d\n" % idmapdb.group_hwm + print "User High Water Mark: %d" % idmapdb.get_user_hwm() + print "Group High Water Mark: %d\n" % idmapdb.get_group_hwm() - for e in idmapdb.mappings: - if e.type == e.IDMAP_GROUP: - print "%s -> GID %d" % (e.sid, e.unix_id) - else: - print "%s -> UID %d" % (e.sid, e.unix_id) + for uid in idmapdb.uids(): + print "%s -> UID %d" % (idmapdb.get_user_sid(uid), uid) + + for gid in idmapdb.gids(): + print "%s -> GID %d" % (idmapdb.get_group_sid(gid), gid) def print_samba3(samba3): - print_samba3_policy(samba3.get_policy_db()) - print_samba3_winsdb(samba3.get_wins_db()) - print_samba3_regdb(samba3.get_registry()) - print_samba3_secrets(samba3.get_secrets_db()) - groupdb = samba3.get_groupmapping_db() - print_samba3_groupmappings(groupdb) - print_samba3_aliases(groupdb) - print_samba3_idmapdb(samba3.get_idmap_db()) - print_samba3_shares(samba3) - print_samba3_sam(samba3) + print_samba3_policy(samba3.get_policy_db()) + print_samba3_winsdb(samba3.get_wins_db()) + print_samba3_regdb(samba3.get_registry()) + print_samba3_secrets(samba3.get_secrets_db()) + print_samba3_idmapdb(samba3.get_idmap_db()) + print_samba3_sam(samba3.get_sam_db()) + groupdb = samba3.get_groupmapping_db() + print_samba3_groupmappings(groupdb) + print_samba3_aliases(groupdb) + print_samba3_shares(samba3.get_shares()) def print_samba3_summary(samba3): - print "WINS db entries: %d" % len(samba3.get_wins_db()) - print "Registry key count: %d" % len(samba3.get_registry()) - groupdb = samba3.get_groupmapping_db() - print "Groupmap count: %d" % len(list(groupdb.groupsids())) - print "Alias count: %d" % len(list(groupdb.aliases())) - idmapdb = samba3.get_idmap_db() - print "Idmap count: %d" % (len(list(idmapdb.uids())) + len(list(idmapdb.gids()))) + print "WINS db entries: %d" % len(samba3.get_wins_db()) + print "Registry key count: %d" % len(samba3.get_registry()) + groupdb = samba3.get_groupmapping_db() + print "Groupmap count: %d" % len(list(groupdb.groupsids())) + print "Alias count: %d" % len(list(groupdb.aliases())) + idmapdb = samba3.get_idmap_db() + print "Idmap count: %d" % (len(list(idmapdb.uids())) + len(list(idmapdb.gids()))) libdir = args[0] if len(args) > 1: - smbconf = args[2] + smbconf = args[2] else: - smbconf = os.path.join(libdir, "smb.conf") + smbconf = os.path.join(libdir, "smb.conf") samba3 = samba.samba3.Samba3(libdir, smbconf) if opts.format == "summary": - print_samba3_summary(samba3) + print_samba3_summary(samba3) elif opts.format == "full": - print_samba3(samba3) + print_samba3(samba3) diff --git a/source4/scripting/python/samba/samba3.py b/source4/scripting/python/samba/samba3.py index 40443bd8ba..d125e3164b 100644 --- a/source4/scripting/python/samba/samba3.py +++ b/source4/scripting/python/samba/samba3.py @@ -222,7 +222,7 @@ SHARE_DATABASE_VERSION_V2 = 2 class ShareInfoDatabase: def __init__(self, file): self.tdb = tdb.Tdb(file, flags=os.O_RDONLY) - assert self.tdb.fetch_int32("INFO/version") in (SHARE_DATABASE_VERSION_V1, SHARE_DATABASE_VERSION_V2) + assert self.tdb.fetch_int32("INFO/version\0") in (SHARE_DATABASE_VERSION_V1, SHARE_DATABASE_VERSION_V2) def get_secdesc(self, name): secdesc = self.tdb.get("SECDESC/%s" % name) @@ -232,6 +232,19 @@ class ShareInfoDatabase: def close(self): self.tdb.close() + +class Shares: + def __init__(self, lp, shareinfo): + self.lp = lp + self.shareinfo = shareinfo + + def __len__(self): + return len(self.lp) - 1 + + def __iter__(self): + return self.lp.__iter__() + + ACB_DISABLED = 0x00000001 ACB_HOMDIRREQ = 0x00000002 ACB_PWNOTREQ = 0x00000004 @@ -323,7 +336,7 @@ class SmbpasswdFile: return self.users[name] def __iter__(self): - return iter(self.entries) + return iter(self.users) def close(self): # For consistency pass @@ -346,6 +359,8 @@ class TdbSam: if k.startswith(TDBSAM_USER_PREFIX): yield k[len(TDBSAM_USER_PREFIX):].rstrip("\0") + __iter__ = usernames + def close(self): self.tdb.close() @@ -409,24 +424,52 @@ class Samba3: def __init__(self, libdir, smbconfpath): self.smbconfpath = smbconfpath self.libdir = libdir + import param + self.lp = param.ParamFile() + self.lp.read(self.smbconfpath) + + def libdir_path(self, path): + if path[0] == "/" or path[0] == ".": + return path + return os.path.join(self.libdir, path) + + def get_conf(self): + return self.lp + + def get_sam_db(self): + lp = self.get_conf() + backends = str(lp.get("passdb backend")).split(" ") + if backends[0].startswith("smbpasswd"): + if ":" in backends[0]: + return SmbpasswdFile(self.libdir_path(backends[0][len("smbpasswd:"):])) + return SmbpasswdFile(self.libdir_path("smbpasswd")) + elif backends[0].startswith("tdbsam"): + if ":" in backends[0]: + return TdbSam(self.libdir_path(backends[0][len("tdbsam:"):])) + return TdbSam(self.libdir_path("passdb.tdb")) + else: + raise NotImplementedError("unsupported passdb backend %s" % backends[0]) def get_policy_db(self): - return PolicyDatabase(os.path.join(self.libdir, "account_policy.tdb")) + return PolicyDatabase(self.libdir_path("account_policy.tdb")) def get_registry(self): - return Registry(os.path.join(self.libdir, "registry.tdb")) + return Registry(self.libdir_path("registry.tdb")) def get_secrets_db(self): - return SecretsDatabase(os.path.join(self.libdir, "secrets.tdb")) + return SecretsDatabase(self.libdir_path("secrets.tdb")) - def get_shares_db(self): - return ShareInfoDatabase(os.path.join(self.libdir, "share_info.tdb")) + def get_shareinfo_db(self): + return ShareInfoDatabase(self.libdir_path("share_info.tdb")) def get_idmap_db(self): - return IdmapDatabase(os.path.join(self.libdir, "winbindd_idmap.tdb")) + return IdmapDatabase(self.libdir_path("winbindd_idmap.tdb")) def get_wins_db(self): - return WinsDatabase(os.path.join(self.libdir, "wins.dat")) + return WinsDatabase(self.libdir_path("wins.dat")) + + def get_shares(self): + return Shares(self.get_conf(), self.get_shareinfo_db()) def get_groupmapping_db(self): - return GroupMappingDatabase(os.path.join(self.libdir, "group_mapping.tdb")) + return GroupMappingDatabase(self.libdir_path("group_mapping.tdb")) -- cgit