From 52e0160116c39ac0b4759851bcbacd561bd26c0b Mon Sep 17 00:00:00 2001 From: Garming Sam Date: Tue, 26 Feb 2019 17:01:19 +1300 Subject: [PATCH] gpo: During restore clobber GPT.INI with a blank version Generally speaking, there is not much value to keeping this file. The display name does not ever seem to be used and the version only applies to the original domain or DC it was on. The command line option to revert this behaviour is mostly for the tests or for having a straight 1:1 backup-restore for pure restoration. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13806 Signed-off-by: Garming Sam Reviewed-by: Andrew Bartlett --- python/samba/netcmd/gpo.py | 23 ++++++++++++++++++----- python/samba/tests/samba_tool/gpo.py | 21 ++++++++++++++------- 2 files changed, 32 insertions(+), 12 deletions(-) diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py index b082b34302d..3c87592f123 100644 --- a/python/samba/netcmd/gpo.py +++ b/python/samba/netcmd/gpo.py @@ -332,7 +332,8 @@ def copy_directory_remote_to_local(conn, remotedir, localdir): def copy_directory_local_to_remote(conn, localdir, remotedir, - ignore_existing=False): + ignore_existing_dir=False, + keep_existing_files=False): if not conn.chkpath(remotedir): conn.mkdir(remotedir) l_dirs = [localdir] @@ -353,9 +354,16 @@ def copy_directory_local_to_remote(conn, localdir, remotedir, try: conn.mkdir(r_name) except NTSTATUSError: - if not ignore_existing: + if not ignore_existing_dir: raise else: + if keep_existing_files: + try: + conn.loadfile(r_name) + continue + except NTSTATUSError: + pass + data = open(l_name, 'rb').read() conn.savefile(r_name, data) @@ -1296,7 +1304,9 @@ class cmd_restore(cmd_create): takes_options = [ Option("-H", help="LDB URL for database or target server", type=str), Option("--tmpdir", help="Temporary directory for copying policy files", type=str), - Option("--entities", help="File defining XML entities to insert into DOCTYPE header", type=str) + Option("--entities", help="File defining XML entities to insert into DOCTYPE header", type=str), + Option("--restore-metadata", help="Keep the old GPT.INI file and associated version number", + default=False, action="store_true") ] def restore_from_backup_to_local_dir(self, sourcedir, targetdir, dtd_header=''): @@ -1368,7 +1378,7 @@ class cmd_restore(cmd_create): self.outf.write('WARNING: Falling back to simple copy-restore.\n') def run(self, displayname, backup, H=None, tmpdir=None, entities=None, sambaopts=None, credopts=None, - versionopts=None): + versionopts=None, restore_metadata=None): dtd_header = '' @@ -1405,10 +1415,13 @@ class cmd_restore(cmd_create): self.restore_from_backup_to_local_dir(backup, self.gpodir, dtd_header) + keep_new_files = not restore_metadata + # Copy GPO files over SMB copy_directory_local_to_remote(self.conn, self.gpodir, self.sharepath, - ignore_existing=True) + ignore_existing_dir=True, + keep_existing_files=keep_new_files) gpo_dn = get_gpo_dn(self.samdb, self.gpo_name) diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py index 11843a1987b..5cf68f808d4 100644 --- a/python/samba/tests/samba_tool/gpo.py +++ b/python/samba/tests/samba_tool/gpo.py @@ -169,7 +169,8 @@ class GpoCmdTestCase(SambaToolCmdTest): temp_path, "--entities", self.entity_file, "-U%s%%%s" % (os.environ["USERNAME"], - os.environ["PASSWORD"])) + os.environ["PASSWORD"]), + "--restore-metadata") gpo_guid = "{%s}" % out.split("{")[1].split("}")[0] @@ -222,7 +223,8 @@ class GpoCmdTestCase(SambaToolCmdTest): temp_path, "--entities", self.entity_file, "-U%s%%%s" % (os.environ["USERNAME"], - os.environ["PASSWORD"])) + os.environ["PASSWORD"]), + "--restore-metadata") gpo_guid = "{%s}" % out.split("{")[1].split("}")[0] gpo_guid1 = gpo_guid @@ -243,7 +245,8 @@ class GpoCmdTestCase(SambaToolCmdTest): os.environ["SERVER"], "--tmpdir", temp_path, "-U%s%%%s" % (os.environ["USERNAME"], - os.environ["PASSWORD"])) + os.environ["PASSWORD"]), + "--restore-metadata") gpo_guid = "{%s}" % out.split("{")[1].split("}")[0] gpo_guid2 = gpo_guid @@ -305,7 +308,8 @@ class GpoCmdTestCase(SambaToolCmdTest): temp_path, "--entities", self.entity_file, "-U%s%%%s" % (os.environ["USERNAME"], - os.environ["PASSWORD"])) + os.environ["PASSWORD"]), + "--restore-metadata") gpo_guid = "{%s}" % out.split("{")[1].split("}")[0] gpo_guid1 = gpo_guid @@ -324,7 +328,8 @@ class GpoCmdTestCase(SambaToolCmdTest): temp_path, "--entities", self.entity_file, "-U%s%%%s" % (os.environ["USERNAME"], - os.environ["PASSWORD"])) + os.environ["PASSWORD"]), + "--restore-metadata") gpo_guid = "{%s}" % out.split("{")[1].split("}")[0] gpo_guid2 = gpo_guid @@ -404,7 +409,8 @@ class GpoCmdTestCase(SambaToolCmdTest): temp_path, "--entities", alt_entity_file, "-U%s%%%s" % (os.environ["USERNAME"], - os.environ["PASSWORD"])) + os.environ["PASSWORD"]), + "--restore-metadata") self.assertCmdSuccess(result, out, err, "Ensuring gpo restored successfully") @@ -484,7 +490,8 @@ class GpoCmdTestCase(SambaToolCmdTest): os.environ["SERVER"], "--tmpdir", self.tempdir, "-U%s%%%s" % (os.environ["USERNAME"], - os.environ["PASSWORD"])) + os.environ["PASSWORD"]), + "--restore-metadata") self.assertCmdSuccess(result, out, err, "Ensuring gpo restored successfully") -- 2.34.1