-#!/usr/bin/python
+#!/usr/bin/env python
# Unix SMB/CIFS implementation.
# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008
-#
+#
# Based on the original in EJS:
# Copyright (C) Andrew Tridgell <tridge@samba.org> 2005
-#
+#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
-#
+#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
-#
+#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
__docformat__ = "restructuredText"
import os
+import sys
-def _in_source_tree():
+def in_source_tree():
"""Check whether the script is being run from the source dir. """
- return os.path.exists("%s/../../../samba4-skip" % os.path.dirname(__file__))
+ return os.path.exists("%s/../../../selftest/skip" % os.path.dirname(__file__))
# When running, in-tree, make sure bin/python is in the PYTHONPATH
-if _in_source_tree():
- import sys
+if in_source_tree():
srcdir = "%s/../../.." % os.path.dirname(__file__)
sys.path.append("%s/bin/python" % srcdir)
default_ldb_modules_dir = "%s/bin/modules/ldb" % srcdir
import ldb
-import credentials
-import glue
+from samba._ldb import Ldb as _Ldb
-class Ldb(ldb.Ldb):
- """Simple Samba-specific LDB subclass that takes care
+class Ldb(_Ldb):
+ """Simple Samba-specific LDB subclass that takes care
of setting up the modules dir, credentials pointers, etc.
-
- Please note that this is intended to be for all Samba LDB files,
- not necessarily the Sam database. For Sam-specific helper
+
+ Please note that this is intended to be for all Samba LDB files,
+ not necessarily the Sam database. For Sam-specific helper
functions see samdb.py.
"""
- def __init__(self, url=None, session_info=None, credentials=None,
- modules_dir=None, lp=None):
- """Open a Samba Ldb file.
+
+ def __init__(self, url=None, lp=None, modules_dir=None, session_info=None,
+ credentials=None, flags=0, options=None):
+ """Opens a Samba Ldb file.
:param url: Optional LDB URL to open
+ :param lp: Optional loadparm object
+ :param modules_dir: Optional modules directory
:param session_info: Optional session information
:param credentials: Optional credentials, defaults to anonymous.
- :param modules_dir: Modules directory, if not the default.
- :param lp: Loadparm object, optional.
+ :param flags: Optional LDB flags
+ :param options: Additional options (optional)
This is different from a regular Ldb file in that the Samba-specific
- modules-dir is used by default and that credentials and session_info
+ modules-dir is used by default and that credentials and session_info
can be passed through (required by some modules).
"""
- super(Ldb, self).__init__()
if modules_dir is not None:
self.set_modules_dir(modules_dir)
elif default_ldb_modules_dir is not None:
self.set_modules_dir(default_ldb_modules_dir)
-
- if credentials is not None:
- self.set_credentials(credentials)
+ elif lp is not None:
+ self.set_modules_dir(os.path.join(lp.get("modules dir"), "ldb"))
if session_info is not None:
self.set_session_info(session_info)
- glue.ldb_register_samba_handlers(self)
+ if credentials is not None:
+ self.set_credentials(credentials)
if lp is not None:
self.set_loadparm(lp)
- def msg(l,text):
+ # This must be done before we load the schema, as these handlers for
+ # objectSid and objectGUID etc must take precedence over the 'binary
+ # attribute' declaration in the schema
+ self.register_samba_handlers()
+
+ # TODO set debug
+ def msg(l, text):
print text
#self.set_debug(msg)
- if url is not None:
- self.connect(url)
+ self.set_utf8_casefold()
- def set_credentials(self, credentials):
- glue.ldb_set_credentials(self, credentials)
+ # Allow admins to force non-sync ldb for all databases
+ if lp is not None:
+ nosync_p = lp.get("nosync", "ldb")
+ if nosync_p is not None and nosync_p == True:
+ flags |= ldb.FLG_NOSYNC
- def set_session_info(self, session_info):
- glue.ldb_set_session_info(self, session_info)
+ self.set_create_perms(0600)
- def set_loadparm(self, lp_ctx):
- glue.ldb_set_loadparm(self, lp_ctx)
+ if url is not None:
+ self.connect(url, flags, options)
- def searchone(self, attribute, basedn=None, expression=None,
+ def searchone(self, attribute, basedn=None, expression=None,
scope=ldb.SCOPE_BASE):
"""Search for one attribute as a string.
-
+
:param basedn: BaseDN for the search.
:param attribute: Name of the attribute
:param expression: Optional search expression.
assert len(values) == 1
return self.schema_format_value(attribute, values.pop())
- def erase(self):
- """Erase this ldb, removing all records."""
- # delete the specials
- for attr in ["@INDEXLIST", "@ATTRIBUTES", "@SUBCLASSES", "@MODULES",
- "@OPTIONS", "@PARTITION", "@KLUDGEACL"]:
- try:
- self.delete(attr)
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
- # Ignore missing dn errors
- pass
+ def erase_users_computers(self, dn):
+ """Erases user and computer objects from our AD.
+
+ This is needed since the 'samldb' module denies the deletion of primary
+ groups. Therefore all groups shouldn't be primary somewhere anymore.
+ """
+
+ try:
+ res = self.search(base=dn, scope=ldb.SCOPE_SUBTREE, attrs=[],
+ expression="(|(objectclass=user)(objectclass=computer))")
+ except ldb.LdbError, (errno, _):
+ if errno == ldb.ERR_NO_SUCH_OBJECT:
+ # Ignore no such object errors
+ return
+ else:
+ raise
+
+ try:
+ for msg in res:
+ self.delete(msg.dn, ["relax:0"])
+ except ldb.LdbError, (errno, _):
+ if errno != ldb.ERR_NO_SUCH_OBJECT:
+ # Ignore no such object errors
+ raise
+
+ def erase_except_schema_controlled(self):
+ """Erase this ldb.
+
+ :note: Removes all records, except those that are controlled by
+ Samba4's schema.
+ """
basedn = ""
- # and the rest
- for msg in self.search(basedn, ldb.SCOPE_SUBTREE,
- "(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))",
- ["distinguishedName"]):
+
+ # Try to delete user/computer accounts to allow deletion of groups
+ self.erase_users_computers(basedn)
+
+ # Delete the 'visible' records, and the invisble 'deleted' records (if this DB supports it)
+ for msg in self.search(basedn, ldb.SCOPE_SUBTREE,
+ "(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))",
+ [], controls=["show_deleted:0", "show_recycled:0"]):
try:
- self.delete(msg.dn)
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
- # Ignore no such object errors
- pass
+ self.delete(msg.dn, ["relax:0"])
+ except ldb.LdbError, (errno, _):
+ if errno != ldb.ERR_NO_SUCH_OBJECT:
+ # Ignore no such object errors
+ raise
- res = self.search(basedn, ldb.SCOPE_SUBTREE, "(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))", ["distinguishedName"])
+ res = self.search(basedn, ldb.SCOPE_SUBTREE,
+ "(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))", [], controls=["show_deleted:0", "show_recycled:0"])
assert len(res) == 0
- def erase_partitions(self):
- """Erase an ldb, removing all records."""
- res = self.search("", ldb.SCOPE_BASE, "(objectClass=*)",
- ["namingContexts"])
- assert len(res) == 1
- if not "namingContexts" in res[0]:
- return
- for basedn in res[0]["namingContexts"]:
- previous_remaining = 1
- current_remaining = 0
-
- k = 0
- while ++k < 10 and (previous_remaining != current_remaining):
- # and the rest
- try:
- res2 = self.search(basedn, ldb.SCOPE_SUBTREE, "(|(objectclass=*)(distinguishedName=*))", ["distinguishedName"])
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
+ # delete the specials
+ for attr in ["@SUBCLASSES", "@MODULES",
+ "@OPTIONS", "@PARTITION", "@KLUDGEACL"]:
+ try:
+ self.delete(attr, ["relax:0"])
+ except ldb.LdbError, (errno, _):
+ if errno != ldb.ERR_NO_SUCH_OBJECT:
# Ignore missing dn errors
- return
+ raise
- previous_remaining = current_remaining
- current_remaining = len(res2)
- for msg in res2:
- try:
- self.delete(msg.dn)
- # Ignore no such object errors
- except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _):
- pass
- # Ignore not allowed on non leaf errors
- except ldb.LdbError, (LDB_ERR_NOT_ALLOWED_ON_NON_LEAF, _):
- pass
+ def erase(self):
+ """Erase this ldb, removing all records."""
+ self.erase_except_schema_controlled()
+
+ # delete the specials
+ for attr in ["@INDEXLIST", "@ATTRIBUTES"]:
+ try:
+ self.delete(attr, ["relax:0"])
+ except ldb.LdbError, (errno, _):
+ if errno != ldb.ERR_NO_SUCH_OBJECT:
+ # Ignore missing dn errors
+ raise
def load_ldif_file_add(self, ldif_path):
"""Load a LDIF file.
"""
self.add_ldif(open(ldif_path, 'r').read())
- def add_ldif(self, ldif):
+ def add_ldif(self, ldif, controls=None):
"""Add data based on a LDIF string.
:param ldif: LDIF text.
"""
for changetype, msg in self.parse_ldif(ldif):
assert changetype == ldb.CHANGETYPE_NONE
- self.add(msg)
+ self.add(msg, controls)
- def modify_ldif(self, ldif):
+ def modify_ldif(self, ldif, controls=None):
"""Modify database based on a LDIF string.
:param ldif: LDIF text.
"""
for changetype, msg in self.parse_ldif(ldif):
- self.modify(msg)
+ if changetype == ldb.CHANGETYPE_ADD:
+ self.add(msg, controls)
+ else:
+ self.modify(msg, controls)
def substitute_var(text, values):
- """substitute strings of the form ${NAME} in str, replacing
- with substitutions from subobj.
-
+ """Substitute strings of the form ${NAME} in str, replacing
+ with substitutions from values.
+
:param text: Text in which to subsitute.
:param values: Dictionary with keys and values.
"""
def check_all_substituted(text):
- """Make sure that all substitution variables in a string have been replaced.
+ """Check that all substitution variables in a string have been replaced.
+
If not, raise an exception.
-
+
:param text: The text to search for substitution variables
"""
if not "${" in text:
return
-
+
var_start = text.find("${")
var_end = text.find("}", var_start)
-
- raise Exception("Not all variables substituted: %s" % text[var_start:var_end+1])
+
+ raise Exception("Not all variables substituted: %s" %
+ text[var_start:var_end+1])
+
+
+def read_and_sub_file(file_name, subst_vars):
+ """Read a file and sub in variables found in it
+
+ :param file_name: File to be read (typically from setup directory)
+ param subst_vars: Optional variables to subsitute in the file.
+ """
+ data = open(file_name, 'r').read()
+ if subst_vars is not None:
+ data = substitute_var(data, subst_vars)
+ check_all_substituted(data)
+ return data
+
+
+def setup_file(template, fname, subst_vars=None):
+ """Setup a file in the private dir.
+
+ :param template: Path of the template file.
+ :param fname: Path of the file to create.
+ :param subst_vars: Substitution variables.
+ """
+ if os.path.exists(fname):
+ os.unlink(fname)
+
+ data = read_and_sub_file(template, subst_vars)
+ f = open(fname, 'w')
+ try:
+ f.write(data)
+ finally:
+ f.close()
def valid_netbios_name(name):
"""Check whether a name is valid as a NetBIOS name. """
- # FIXME: There are probably more constraints here.
- # crh has a paragraph on this in his book (1.4.1.1)
+ # See crh's book (1.4.1.1)
if len(name) > 15:
return False
+ for x in name:
+ if not x.isalnum() and not x in " !#$%&'()-.@^_{}~":
+ return False
return True
-version = glue.version
+
+def ensure_external_module(modulename, location):
+ """Add a location to sys.path if an external dependency can't be found.
+
+ :param modulename: Module name to import
+ :param location: Location to add to sys.path (can be relative to
+ ${srcdir}/lib)
+ """
+ try:
+ __import__(modulename)
+ except ImportError:
+ if in_source_tree():
+ sys.path.insert(0,
+ os.path.join(os.path.dirname(__file__),
+ "../../../../lib", location))
+ __import__(modulename)
+ else:
+ sys.modules[modulename] = __import__(
+ "samba.external.%s" % modulename, fromlist=["samba.external"])
+
+from samba import _glue
+version = _glue.version
+interface_ips = _glue.interface_ips
+set_debug_level = _glue.set_debug_level
+get_debug_level = _glue.get_debug_level
+unix2nttime = _glue.unix2nttime
+nttime2string = _glue.nttime2string
+nttime2unix = _glue.nttime2unix
+unix2nttime = _glue.unix2nttime
+generate_random_password = _glue.generate_random_password
git.samba.org / nivanova / samba-autobuild / .git / blobdiff