[SCM] Samba Shared Repository - branch master updated
Jelmer Vernooij
jelmer at samba.org
Sun Jun 13 10:19:42 MDT 2010
The branch, master has been updated
via 7b7213f... s4-provision: Use logger in provision backends.
via 5105821... s4-test: Use smb.conf path set in environment rather than using command-line options.
via 46037a8... Remove unused version options for subunitrun.
via 74ed48a... Friendlier message.
via d9d0d54... upgradeprovision: Use logging infrastructure.
via 3552ad3... upgrade: Properly cancel/commit transactions in a couple more places.
via 956a256... s4-python: Start using standard python logging infrastructure rather than simple messaging callbacks.
from f0afda1... Fix aio_read detection for -lrt
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7b7213f1eedfbb68217fa760edaa3392dab5f507
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Sun Jun 13 17:43:25 2010 +0200
s4-provision: Use logger in provision backends.
commit 51058213cb183bcb127f5bb275cbb781efc55e35
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Sun Jun 13 16:38:24 2010 +0200
s4-test: Use smb.conf path set in environment rather than using
command-line options.
This is the first step towards supporting custom test runners.
commit 46037a816091506c4c89df6141d57b281728b395
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Sun Jun 13 16:02:26 2010 +0200
Remove unused version options for subunitrun.
commit 74ed48aa1cf6169757a397ad89dfe88736b0468b
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Sun Jun 13 15:57:44 2010 +0200
Friendlier message.
commit d9d0d54475c1bf78ce1c45f139097cd30029ccaa
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Sun Jun 13 15:32:41 2010 +0200
upgradeprovision: Use logging infrastructure.
commit 3552ad3ab13a97c28925713dcea01d1e01df8868
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Sun Jun 13 15:13:12 2010 +0200
upgrade: Properly cancel/commit transactions in a couple more places.
commit 956a256faa035fbc43dbd37273d1c5d62aee0735
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Sun Jun 13 15:05:50 2010 +0200
s4-python: Start using standard python logging infrastructure rather
than simple messaging callbacks.
-----------------------------------------------------------------------
Summary of changes:
source4/auth/gensec/tests/bindings.py | 4 +-
source4/dsdb/samdb/ldb_modules/tests/samba3sam.py | 29 +-
source4/lib/ldb/tests/python/dsdb_schema_info.py | 4 +-
source4/scripting/bin/rebuildextendeddn | 9 +-
source4/scripting/bin/subunitrun | 6 +-
source4/scripting/bin/upgradeprovision | 293 ++++++++++---------
source4/scripting/python/samba/ntacls.py | 2 +-
source4/scripting/python/samba/provision.py | 171 ++++++------
source4/scripting/python/samba/provisionbackend.py | 37 ++--
source4/scripting/python/samba/tests/__init__.py | 13 +-
.../scripting/python/samba/tests/dcerpc/bare.py | 12 +-
source4/scripting/python/samba/tests/provision.py | 5 +-
source4/scripting/python/samba/tests/samdb.py | 3 +-
source4/scripting/python/samba/upgrade.py | 17 +-
source4/scripting/python/samba/upgradehelpers.py | 30 +-
source4/selftest/tests.sh | 16 +-
source4/setup/provision | 19 +-
source4/setup/upgrade_from_s3 | 18 +-
18 files changed, 355 insertions(+), 333 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/auth/gensec/tests/bindings.py b/source4/auth/gensec/tests/bindings.py
index f88fa82..b9d80e4 100644
--- a/source4/auth/gensec/tests/bindings.py
+++ b/source4/auth/gensec/tests/bindings.py
@@ -25,14 +25,14 @@ the functionality, that's already done in other tests.
import unittest
from samba import gensec
-from samba.tests import cmdline_loadparm
+from samba.tests import env_loadparm
class CredentialsTests(unittest.TestCase):
def setUp(self):
settings = {}
settings["target_hostname"] = "localhost"
- settings["lp_ctx"] = cmdline_loadparm
+ settings["lp_ctx"] = env_loadparm()
self.gensec = gensec.Security.start_client(settings)
def test_info(self):
diff --git a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py
index cc1a86e..aa428d1 100644
--- a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py
+++ b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py
@@ -24,13 +24,12 @@
import os
import ldb
-from ldb import SCOPE_DEFAULT, SCOPE_BASE, SCOPE_SUBTREE
+from ldb import SCOPE_DEFAULT, SCOPE_BASE
from samba import Ldb, substitute_var
-from samba.tests import LdbTestCase, TestCaseInTempDir, cmdline_loadparm
+from samba.tests import TestCaseInTempDir, env_loadparm
import samba.dcerpc.security
import samba.ndr
from samba.auth import system_session
-from samba import param
datadir = os.path.join(os.path.dirname(__file__),
"../../../../../testdata/samba3")
@@ -60,9 +59,10 @@ class MapBaseTestCase(TestCaseInTempDir):
"modules": "*:"})
def setUp(self):
- cmdline_loadparm.set("sid generator", "backend")
- cmdline_loadparm.set("workgroup", "TESTS")
- cmdline_loadparm.set("netbios name", "TESTS")
+ self.lp = env_loadparm()
+ self.lp.set("sid generator", "backend")
+ self.lp.set("workgroup", "TESTS")
+ self.lp.set("netbios name", "TESTS")
super(MapBaseTestCase, self).setUp()
def make_dn(basedn, rdn):
@@ -79,8 +79,9 @@ class MapBaseTestCase(TestCaseInTempDir):
class Target:
"""Simple helper class that contains data for a specific SAM
connection."""
- def __init__(self, basedn, dn):
- self.db = Ldb(lp=cmdline_loadparm, session_info=system_session())
+
+ def __init__(self, basedn, dn, lp):
+ self.db = Ldb(lp=lp, session_info=system_session())
self.basedn = basedn
self.basedn_casefold = ldb.Dn(self.db, basedn).get_casefold()
self.substvars = {"BASEDN": self.basedn}
@@ -106,8 +107,8 @@ class MapBaseTestCase(TestCaseInTempDir):
def modify_ldif(self, ldif):
self.db.modify_ldif(self.subst(ldif))
- self.samba4 = Target("dc=vernstok,dc=nl", make_s4dn)
- self.samba3 = Target("cn=Samba3Sam", make_dn)
+ self.samba4 = Target("dc=vernstok,dc=nl", make_s4dn, self.lp)
+ self.samba3 = Target("cn=Samba3Sam", make_dn, self.lp)
self.samba3.connect()
self.samba4.connect()
@@ -129,13 +130,13 @@ class Samba3SamTestCase(MapBaseTestCase):
def setUp(self):
super(Samba3SamTestCase, self).setUp()
- ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session())
+ ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session())
self.samba3.setup_data("samba3.ldif")
ldif = read_datafile("provision_samba3sam.ldif")
ldb.add_ldif(self.samba4.subst(ldif))
self.setup_modules(ldb, self.samba3, self.samba4)
del ldb
- self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session())
+ self.ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session())
def test_search_non_mapped(self):
"""Looking up by non-mapped attribute"""
@@ -296,12 +297,12 @@ class MapTestCase(MapBaseTestCase):
def setUp(self):
super(MapTestCase, self).setUp()
- ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session())
+ ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session())
ldif = read_datafile("provision_samba3sam.ldif")
ldb.add_ldif(self.samba4.subst(ldif))
self.setup_modules(ldb, self.samba3, self.samba4)
del ldb
- self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session())
+ self.ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session())
def test_map_search(self):
"""Running search tests on mapped data."""
diff --git a/source4/lib/ldb/tests/python/dsdb_schema_info.py b/source4/lib/ldb/tests/python/dsdb_schema_info.py
index f0c8c14..976d670 100755
--- a/source4/lib/ldb/tests/python/dsdb_schema_info.py
+++ b/source4/lib/ldb/tests/python/dsdb_schema_info.py
@@ -198,7 +198,7 @@ systemOnly: FALSE
########################################################################################
if not "DC_SERVER" in os.environ.keys():
- raise AssertionError, "Please supply TARGET_DC in environment"
+ raise AssertionError("Please supply TARGET_DC in environment")
ldb_url = os.environ["DC_SERVER"]
ldb_options = []
@@ -211,7 +211,7 @@ if not "://" in ldb_url:
ldb_options = ["modules:paged_searches"]
ldb = Ldb(url=ldb_url,
- lp=samba.tests.cmdline_loadparm,
+ lp=samba.tests.env_loadparm(),
session_info=system_session(),
credentials=samba.tests.cmdline_credentials,
options=ldb_options)
diff --git a/source4/scripting/bin/rebuildextendeddn b/source4/scripting/bin/rebuildextendeddn
index eed3a17..1154b7c 100755
--- a/source4/scripting/bin/rebuildextendeddn
+++ b/source4/scripting/bin/rebuildextendeddn
@@ -23,7 +23,6 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
-import getopt
import optparse
import os
import sys
@@ -33,14 +32,12 @@ sys.path.insert(0, "bin/python")
import samba
from samba.credentials import DONT_USE_KERBEROS
from samba.auth import system_session
-from samba import Ldb, substitute_var, valid_netbios_name, check_all_substituted
-from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \
- timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE
+from samba import Ldb
+from ldb import SCOPE_SUBTREE, SCOPE_BASE
import ldb
import samba.getopt as options
-from samba.samdb import SamDB
from samba import param
-from samba.provision import ProvisionPaths, ProvisionNames, provision_paths_from_lp
+from samba.provision import ProvisionNames, provision_paths_from_lp
from samba.schema import get_dnsyntax_attributes, get_linked_attributes
parser = optparse.OptionParser("provision [options]")
diff --git a/source4/scripting/bin/subunitrun b/source4/scripting/bin/subunitrun
index 7b9f20e..a6337e5 100755
--- a/source4/scripting/bin/subunitrun
+++ b/source4/scripting/bin/subunitrun
@@ -35,14 +35,10 @@ from subunit.run import SubunitTestRunner
parser = optparse.OptionParser("subunitrun [options] <tests>")
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
-sambaopts = options.SambaOptions(parser)
-parser.add_option_group(sambaopts)
-parser.add_option_group(options.VersionOptions(parser))
args = parser.parse_args()[1]
-samba.tests.cmdline_loadparm = sambaopts.get_loadparm()
-samba.tests.cmdline_credentials = credopts.get_credentials(samba.tests.cmdline_loadparm)
+samba.tests.cmdline_credentials = credopts.get_credentials(samba.tests.env_loadparm())
runner = SubunitTestRunner()
program = TestProgram(module=None, argv=[sys.argv[0]] + args, testRunner=runner)
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision
index 066fbe4..b7582d0 100755
--- a/source4/scripting/bin/upgradeprovision
+++ b/source4/scripting/bin/upgradeprovision
@@ -22,9 +22,10 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-import shutil
+import logging
import optparse
import os
+import shutil
import sys
import tempfile
# Allow to run from s4 source directory (without installing samba)
@@ -35,12 +36,13 @@ import samba.getopt as options
from samba.credentials import DONT_USE_KERBEROS
from samba.auth import system_session, admin_session
from samba import Ldb, version
-from ldb import SCOPE_SUBTREE, SCOPE_BASE, \
- FLAG_MOD_REPLACE, FLAG_MOD_ADD, FLAG_MOD_DELETE,\
- MessageElement, Message, Dn
+from ldb import (SCOPE_SUBTREE, SCOPE_BASE, FLAG_MOD_REPLACE,
+ FLAG_MOD_ADD, FLAG_MOD_DELETE, MessageElement, Message, Dn)
from samba import param
from samba.misc import messageEltFlagToString
-from samba.provision import find_setup_dir, get_domain_descriptor, get_config_descriptor, secretsdb_self_join,set_gpo_acl,getpolicypath,create_gpo_struct, ProvisioningError
+from samba.provision import (find_setup_dir, get_domain_descriptor,
+ get_config_descriptor, secretsdb_self_join, set_gpo_acl,
+ getpolicypath, create_gpo_struct, ProvisioningError)
from samba.schema import get_linked_attributes, Schema, get_schema_descriptor
from samba.dcerpc import security
from samba.ndr import ndr_unpack
@@ -119,22 +121,22 @@ parser.add_option("--full", help="Perform full upgrade of the samdb (schema, con
opts = parser.parse_args()[0]
-whatToLog = define_what_to_log(opts)
+handler = logging.StreamHandler(sys.stdout)
+upgrade_logger = logging.getLogger("upgradeprovision")
+upgrade_logger.addHandler(handler)
-def messageprovision(text):
- """Print a message if quiet is not set
+provision_logger = logging.getLogger("provision")
+provision_logger.addHandler(handler)
- :param text: Message to print """
- if opts.debugprovision or opts.debugall:
- print text
+whatToLog = define_what_to_log(opts)
-def message(what,text):
+def message(what, text):
"""Print a message if this message type has been selected to be printed
:param what: Category of the message
:param text: Message to print """
if (whatToLog & what) or what <= 0:
- print text
+ upgrade_logger.info("%s", text)
if len(sys.argv) == 1:
opts.interactive = True
@@ -198,10 +200,10 @@ def sanitychecks(credentials,session_info,names,paths):
sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp,options=["modules:samba_dsdb"])
sam_ldb.set_session_info(session)
- res = sam_ldb.search(expression="objectClass=ntdsdsa",base=str(names.configdn),
- scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"])
+ res = sam_ldb.search(expression="objectClass=ntdsdsa", base=str(names.configdn),
+ scope=SCOPE_SUBTREE, attrs=["dn"], controls=["search_options:1:2"])
if len(res) == 0:
- print "No DC found, your provision is most probalby hardly broken !"
+ print "No DC found, your provision is most probably hardly broken !"
return False
elif len(res) != 1:
print "Found %d domain controllers, for the moment upgradeprovision is not able to handle upgrade on \
@@ -327,7 +329,7 @@ def update_secrets(newpaths, paths, creds, session):
:param creds: credential for the authentification
:param session: session for connexion"""
- message(SIMPLE,"update secrets.ldb")
+ message(SIMPLE, "update secrets.ldb")
newsecrets_ldb = Ldb(newpaths.secrets, session_info=session,
credentials=creds,lp=lp)
secrets_ldb = Ldb(paths.secrets, session_info=session,
@@ -370,9 +372,9 @@ def update_secrets(newpaths, paths, creds, session):
delta = secrets_ldb.msg_diff(empty,reference[0])
for att in hashAttrNotCopied.keys():
delta.remove(att)
- message(CHANGE,"Entry %s is missing from secrets.ldb"%reference[0].dn)
+ message(CHANGE, "Entry %s is missing from secrets.ldb"%reference[0].dn)
for att in delta:
- message(CHANGE," Adding attribute %s"%att)
+ message(CHANGE, " Adding attribute %s"%att)
delta.dn = reference[0].dn
secrets_ldb.add(delta)
@@ -384,7 +386,7 @@ def update_secrets(newpaths, paths, creds, session):
delta.remove(att)
for att in delta:
if att == "name":
- message(CHANGE,"Found attribute name on %s, must rename the DN "%(current[0].dn))
+ message(CHANGE, "Found attribute name on %s, must rename the DN "%(current[0].dn))
identic_rename(secrets_ldb,reference[0].dn)
else:
delta.remove(att)
@@ -397,7 +399,7 @@ def update_secrets(newpaths, paths, creds, session):
delta.remove(att)
for att in delta:
if att != "dn":
- message(CHANGE," Adding/Changing attribute %s to %s"%(att,current[0].dn))
+ message(CHANGE, " Adding/Changing attribute %s to %s"%(att,current[0].dn))
delta.dn = current[0].dn
secrets_ldb.modify(delta)
@@ -416,16 +418,16 @@ def dump_denied_change(dn,att,flagtxt,current,reference):
if att != "objectSid" :
i = 0
for e in range(0,len(current)):
- message(CHANGE,"old %d : %s"%(i,str(current[e])))
+ message(CHANGE, "old %d : %s"%(i,str(current[e])))
i+=1
if reference != None:
i = 0
for e in range(0,len(reference)):
- message(CHANGE,"new %d : %s"%(i,str(reference[e])))
+ message(CHANGE, "new %d : %s"%(i,str(reference[e])))
i+=1
else:
- message(CHANGE,"old : %s"%str(ndr_unpack( security.dom_sid,current[0])))
- message(CHANGE,"new : %s"%str(ndr_unpack( security.dom_sid,reference[0])))
+ message(CHANGE, "old : %s"%str(ndr_unpack( security.dom_sid,current[0])))
+ message(CHANGE, "new : %s"%str(ndr_unpack( security.dom_sid,reference[0])))
def handle_special_add(sam_ldb,dn,names):
@@ -451,7 +453,7 @@ def handle_special_add(sam_ldb,dn,names):
if dntoremove != None:
res = sam_ldb.search(expression="objectClass=*",base=dntoremove, scope=SCOPE_BASE,attrs=["dn"],controls=["search_options:1:2"])
if len(res) > 0:
- message(CHANGE,"Existing object %s must be replaced by %s, removing old object"%(dntoremove,str(dn)))
+ message(CHANGE, "Existing object %s must be replaced by %s, removing old object"%(dntoremove,str(dn)))
sam_ldb.delete(res[0]["dn"])
@@ -501,11 +503,11 @@ def add_missing_object(newsam_ldb, sam_ldb, dn, names, basedn, hash, index):
for att in dn_syntax_att:
depend_on_yet_tobecreated = check_dn_nottobecreated(hash,index,delta.get(str(att)))
if depend_on_yet_tobecreated != None:
- message(CHANGE,"Object %s depends on %s in attribute %s, delaying the creation"
+ message(CHANGE, "Object %s depends on %s in attribute %s, delaying the creation"
%(str(dn),depend_on_yet_tobecreated,str(att)))
return False
delta.dn = dn
- message(CHANGE,"Object %s will be added"%dn)
+ message(CHANGE, "Object %s will be added"%dn)
sam_ldb.add(delta,["relax:0"])
return True
@@ -579,14 +581,18 @@ def check_diff_name(newpaths, paths, creds, session, basedn, names, ischema):
newsam_ldb = Ldb(newpaths.samdb, session_info=session, credentials=creds,lp=lp)
sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp, options=["modules:samba_dsdb"])
sam_ldb.transaction_start()
- if ischema:
- reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"])
- current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"])
+ try:
+ if ischema:
+ reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"])
+ current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"])
+ else:
+ reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"])
+ current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"])
+ except:
+ sam_ldb.transaction_cancel()
+ raise
else:
- reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"])
- current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"])
-
- sam_ldb.transaction_commit()
+ sam_ldb.transaction_commit()
# Create a hash for speeding the search of new object
for i in range(0,len(reference)):
hash_new[str(reference[i]["dn"]).lower()] = reference[i]["dn"]
@@ -628,58 +634,62 @@ def check_diff_name(newpaths, paths, creds, session, basedn, names, ischema):
sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp, options=["modules:samba_dsdb"])
sam_ldb.transaction_start()
- # XXX: This needs to be wrapped in try/except so we
- # abort on exceptions.
- message(SIMPLE,"There are %d missing objects"%(len(listMissing)))
- add_missing_entries(newsam_ldb,sam_ldb,names,basedn,listMissing)
- changed = 0
- for dn in listPresent:
- reference = newsam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"])
- current = sam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"])
- if ((str(current[0].dn) != str(reference[0].dn)) and (str(current[0].dn).upper() == str(reference[0].dn).upper())):
- message(CHANGE,"Name are the same but case change, let's rename %s to %s"%(str(current[0].dn),str(reference[0].dn)))
- identic_rename(sam_ldb,reference[0].dn)
+ try:
+ # XXX: This needs to be wrapped in try/except so we
+ # abort on exceptions.
+ message(SIMPLE, "There are %d missing objects"%(len(listMissing)))
+ add_missing_entries(newsam_ldb,sam_ldb,names,basedn,listMissing)
+ changed = 0
+ for dn in listPresent:
+ reference = newsam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"])
current = sam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"])
+ if ((str(current[0].dn) != str(reference[0].dn)) and (str(current[0].dn).upper() == str(reference[0].dn).upper())):
+ message(CHANGE, "Name are the same but case change, let's rename %s to %s"%(str(current[0].dn),str(reference[0].dn)))
+ identic_rename(sam_ldb,reference[0].dn)
+ current = sam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"])
- delta = sam_ldb.msg_diff(current[0],reference[0])
- for att in hashAttrNotCopied.keys():
- delta.remove(att)
- for att in backlinked:
- delta.remove(att)
- delta.remove("parentGUID")
- nb = 0
-
- for att in delta:
- msgElt = delta.get(att)
- if att == "dn":
- continue
- if att == "name":
+ delta = sam_ldb.msg_diff(current[0],reference[0])
+ for att in hashAttrNotCopied.keys():
delta.remove(att)
- continue
- if not handle_security_desc(ischema,att,msgElt,hashallSD,current,reference):
+ for att in backlinked:
delta.remove(att)
- continue
- if (not hashOverwrittenAtt.has_key(att) or not (hashOverwrittenAtt.get(att)&2^msgElt.flags())):
- if hashOverwrittenAtt.has_key(att) and hashOverwrittenAtt.get(att)==never:
+ delta.remove("parentGUID")
+ nb = 0
+
+ for att in delta:
+ msgElt = delta.get(att)
+ if att == "dn":
+ continue
+ if att == "name":
delta.remove(att)
continue
- if not handle_special_case(att,delta,reference,current,ischema) and msgElt.flags()!=FLAG_MOD_ADD:
- if opts.debugchange or opts.debugall:
- try:
- dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],reference[0][att])
- except:
- # FIXME: Should catch an explicit exception here
- dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],None)
+ if not handle_security_desc(ischema,att,msgElt,hashallSD,current,reference):
delta.remove(att)
- delta.dn = dn
- if len(delta.items()) >1:
- attributes=",".join(delta.keys())
- message(CHANGE,"%s is different from the reference one, changed attributes: %s"%(dn,attributes))
- changed = changed + 1
- sam_ldb.modify(delta)
-
- sam_ldb.transaction_commit()
- message(SIMPLE,"There are %d changed objects"%(changed))
+ continue
+ if (not hashOverwrittenAtt.has_key(att) or not (hashOverwrittenAtt.get(att)&2^msgElt.flags())):
+ if hashOverwrittenAtt.has_key(att) and hashOverwrittenAtt.get(att)==never:
+ delta.remove(att)
+ continue
+ if not handle_special_case(att,delta,reference,current,ischema) and msgElt.flags()!=FLAG_MOD_ADD:
+ if opts.debugchange or opts.debugall:
+ try:
+ dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],reference[0][att])
+ except:
+ # FIXME: Should catch an explicit exception here
+ dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],None)
+ delta.remove(att)
+ delta.dn = dn
+ if len(delta.items()) >1:
+ attributes=",".join(delta.keys())
+ message(CHANGE, "%s is different from the reference one, changed attributes: %s"%(dn,attributes))
+ changed = changed + 1
+ sam_ldb.modify(delta)
+ except:
+ sam_ldb.transaction_cancel()
+ raise
+ else:
+ sam_ldb.transaction_commit()
+ message(SIMPLE, "There are %d changed objects"%(changed))
return hashallSD
@@ -723,57 +733,62 @@ def update_sd(paths, creds, session, names):
sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp,options=["modules:samba_dsdb"])
sam_ldb.transaction_start()
- # First update the SD for the rootdn
- sam_ldb.set_session_info(session)
- res = sam_ldb.search(expression="objectClass=*", base=str(names.rootdn), scope=SCOPE_BASE,\
- attrs=["dn", "whenCreated"], controls=["search_options:1:2"])
- delta = Message()
- delta.dn = Dn(sam_ldb,str(res[0]["dn"]))
- descr = get_domain_descriptor(names.domainsid)
- delta["nTSecurityDescriptor"] = MessageElement(descr, FLAG_MOD_REPLACE, "nTSecurityDescriptor")
- sam_ldb.modify(delta,["recalculate_sd:0"])
- # Then the config dn
- res = sam_ldb.search(expression="objectClass=*",base=str(names.configdn), scope=SCOPE_BASE,attrs=["dn","whenCreated"],controls=["search_options:1:2"])
- delta = Message()
- delta.dn = Dn(sam_ldb,str(res[0]["dn"]))
- descr = get_config_descriptor(names.domainsid)
- delta["nTSecurityDescriptor"] = MessageElement(descr, FLAG_MOD_REPLACE, "nTSecurityDescriptor" )
- sam_ldb.modify(delta,["recalculate_sd:0"])
- # Then the schema dn
- res = sam_ldb.search(expression="objectClass=*",base=str(names.schemadn), scope=SCOPE_BASE,attrs=["dn","whenCreated"],controls=["search_options:1:2"])
- delta = Message()
--
Samba Shared Repository
More information about the samba-cvs
mailing list