[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Tue Mar 12 01:42:03 UTC 2019
The branch, master has been updated
via 1364ae3aeb9 gpo: Backup a policy folder containing GPE.INI
via 52e0160116c gpo: During restore clobber GPT.INI with a blank version
via 75cf7283984 gpo: Parse GPT.INI with Latin-1
via 70681d41ac2 gpo: Add test for saving gPCXXXExtensionNames in backup
via f301b20e375 gpo: Restore gPCMachineExtensionNames and gPCUserExtensionNames
via 2e231541b48 py3: io.open takes a numeric buffering argument at index 2
via bcb0270c6bc gpo: Add tests to make sure that an empty gplink works
via 5514b98f1d6 gpo: Ensure that gplink works when empty
via d959bea2a8f modules: Add dependency on tirpc to vfs_nfs4acl_xattr
via afd5d34f5e1 libsmb: Use sid_parse()
via d7de2f77485 lib: Remove "struct sid_parse_ret" again
via e18610a197a lib: Make sid_parse return the parsed length
via a27c39c2c9f Avoid NULL pointer dereference in SMBsendend handler
via 0a804d38c4a s4/scripting/autoidl: p3 exception syntax
via 287abca7c83 test/blackbox: py3 compatible print in documentation.
via 561b654bc5b s4/scripting: MORE py3 compatible print functions
via 4a231855dd4 selftest/filter-subunit: use py3 print
via ed562c04802 selftest/format-subunit-json: remove useless py2 print
via abf2e7c4a5d pidl/s4/python: call export "export" in py exceptions
from 7caf2cbdf11 libsmb: Use tevent_req_simple_finish_ntstatus
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1364ae3aeb9cf49c5516497f0b02f0ed4c5c147f
Author: Garming Sam <garming at catalyst.net.nz>
Date: Fri Mar 8 11:22:55 2019 +1300
gpo: Backup a policy folder containing GPE.INI
The GPE.INI file does not appear to be documented anywhere in the
protocol specifications and seems to be due to legacy code. It appears
that it used to be how the gPCUserExtensionNames and
gPCMachineExtensionNames were maintained without the requirement for
LDAP.
All we do is ignore the parsing of this file and copy it over as binary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13825
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Mar 12 01:41:32 UTC 2019 on sn-devel-144
commit 52e0160116c39ac0b4759851bcbacd561bd26c0b
Author: Garming Sam <garming at catalyst.net.nz>
Date: Tue Feb 26 17:01:19 2019 +1300
gpo: During restore clobber GPT.INI with a blank version
Generally speaking, there is not much value to keeping this file. The
display name does not ever seem to be used and the version only applies
to the original domain or DC it was on. The command line option to
revert this behaviour is mostly for the tests or for having a straight
1:1 backup-restore for pure restoration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13806
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 75cf728398421435186559306b0962c70f333c6e
Author: Garming Sam <garming at catalyst.net.nz>
Date: Tue Feb 26 15:35:44 2019 +1300
gpo: Parse GPT.INI with Latin-1
For some reason the French version of RSAT turns accents into ISO-8859-1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13806
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 70681d41ac2fb6d401157952077aaa8b8f800a2e
Author: Garming Sam <garming at catalyst.net.nz>
Date: Thu Feb 21 15:15:09 2019 +1300
gpo: Add test for saving gPCXXXExtensionNames in backup
The test only checks that the LDAP values are equal before and after.
The format and specifics should be up to the implementation -- and be
amenable to changes later. As long as the extension doesn't match
.SAMBABACKUP or .xml, it won't be detected by the tools.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13627
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f301b20e3752e9316561bb5761962639fda2bf60
Author: Garming Sam <garming at catalyst.net.nz>
Date: Wed Feb 20 16:51:04 2019 +1300
gpo: Restore gPCMachineExtensionNames and gPCUserExtensionNames
After creating a backup and calling 'gpo restore', this makes it so that
restoring a GPO will instantly enable it for use.
There might be some cases where we might not want to do this, but for now just do it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13627
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2e231541b48fc97ca013079585ef556efda6cb95
Author: Garming Sam <garming at catalyst.net.nz>
Date: Thu Feb 21 15:11:39 2019 +1300
py3: io.open takes a numeric buffering argument at index 2
It's unsure why this doesn't fail generically, but it fails on my machine sometimes...
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit bcb0270c6bcd6c9268c4807030d9c5945624540e
Author: Garming Sam <garming at catalyst.net.nz>
Date: Wed Feb 20 14:11:13 2019 +1300
gpo: Add tests to make sure that an empty gplink works
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13564
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 5514b98f1d6611b99923ad98e8d55985c6620b70
Author: Garming Sam <garming at catalyst.net.nz>
Date: Wed Feb 20 13:43:42 2019 +1300
gpo: Ensure that gplink works when empty
It appears that RSAT can leave a space in the gPLink field, which we need to handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13564
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit d959bea2a8f2c6ec773c9bbf09037aa7bf85d494
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Mar 8 04:35:39 2019 +0000
modules: Add dependency on tirpc to vfs_nfs4acl_xattr
This is done as a new subsystem (either filled or empty) rather than via string
manipulation.
This will fix compile error on fedora.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
commit afd5d34f5e1d13ba88448b3b94d353aa8361d1a9
Author: Volker Lendecke <vl at samba.org>
Date: Mon Mar 11 17:16:34 2019 +0100
libsmb: Use sid_parse()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit d7de2f77485bf623f8ca0edc5c0fb823ed9bc1e2
Author: Volker Lendecke <vl at samba.org>
Date: Mon Mar 11 17:11:06 2019 +0100
lib: Remove "struct sid_parse_ret" again
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit e18610a197aab80a32cae8c1e09b96496679bbad
Author: Volker Lendecke <vl at samba.org>
Date: Mon Mar 11 16:55:57 2019 +0100
lib: Make sid_parse return the parsed length
Use a temporary struct as a return value to make the compiler catch all
callers. If we just changed bool->ssize_t, this would just generate a
warning. struct sid_parse_ret will go away in the next commit
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit a27c39c2c9fd3161f5bf3ae5dba687c8d49519ef
Author: Michael Hanselmann <public at hansmi.ch>
Date: Wed Mar 6 23:44:23 2019 +0100
Avoid NULL pointer dereference in SMBsendend handler
The "reply_sendend" function wouldn't check whether the connection had
any pending message state. A client sending an out-of-order SMBsendend
message would trigger a NULL pointer dereference.
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0a804d38c4a7fed7aef6c357091ec5790bec7873
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sat Mar 9 14:40:50 2019 +1300
s4/scripting/autoidl: p3 exception syntax
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 287abca7c83eadb1592a4b1721bb2d55c46a2930
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sat Mar 9 13:49:13 2019 +1300
test/blackbox: py3 compatible print in documentation.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 561b654bc5bc2f5e614c5c2ab378193ca94d481a
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sat Mar 9 13:48:29 2019 +1300
s4/scripting: MORE py3 compatible print functions
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4a231855dd4df8c428bb8e63fd2be2bf1a4c8000
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sat Mar 9 13:27:16 2019 +1300
selftest/filter-subunit: use py3 print
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit ed562c048022416a89aa55be3d8203db5a32b340
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Fri Mar 8 21:06:26 2019 +1300
selftest/format-subunit-json: remove useless py2 print
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit abf2e7c4a5d7b107d842e11c821dbdebf5df27bb
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sun Feb 24 22:49:10 2019 +1300
pidl/s4/python: call export "export" in py exceptions
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libcli/security/dom_sid.h | 2 +-
libcli/security/util_sid.c | 6 +-
pidl/lib/Parse/Pidl/Samba4/Python.pm | 2 +-
python/samba/gp_parse/gp_csv.py | 2 +-
python/samba/gp_parse/gp_ini.py | 11 +++
python/samba/netcmd/gpo.py | 61 ++++++++++++--
python/samba/tests/blackbox/check_output.py | 2 +-
python/samba/tests/samba_tool/gpo.py | 122 ++++++++++++++++++++++++++--
selftest/filter-subunit | 6 +-
selftest/format-subunit-json | 1 -
source3/lib/smbldap.c | 4 +-
source3/lib/tldap_util.c | 4 +-
source3/libads/ldap.c | 14 ++--
source3/libsmb/clifsinfo.c | 19 +----
source3/modules/vfs_default.c | 4 +-
source3/modules/wscript_build | 19 +++--
source3/smbd/message.c | 6 ++
source3/torture/torture.c | 10 ++-
source4/dsdb/common/util.c | 13 +--
source4/scripting/bin/autoidl | 22 ++---
source4/scripting/bin/fullschema | 9 +-
source4/scripting/bin/get-descriptors | 9 +-
source4/scripting/bin/minschema | 47 ++++++-----
source4/scripting/bin/sambaundoguididx | 8 +-
source4/scripting/bin/smbstatus | 19 +++--
source4/scripting/devel/addlotscontacts | 4 +-
source4/scripting/devel/crackname | 10 +--
source4/scripting/devel/getncchanges | 8 +-
source4/torture/unix/whoami.c | 26 +++---
29 files changed, 331 insertions(+), 139 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index abaf305f96a..57108ce2a9c 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -112,7 +112,7 @@ bool sid_split_rid(struct dom_sid *sid, uint32_t *rid);
bool sid_peek_rid(const struct dom_sid *sid, uint32_t *rid);
bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid *sid, uint32_t *rid);
void sid_copy(struct dom_sid *dst, const struct dom_sid *src);
-bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid);
+ssize_t sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid);
int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2);
NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
struct dom_sid **sids, uint32_t *num);
diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c
index 531d3809565..e47ed04c30f 100644
--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@@ -300,7 +300,7 @@ void sid_copy(struct dom_sid *dst, const struct dom_sid *src)
Parse a on-the-wire SID to a struct dom_sid.
*****************************************************************/
-bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid)
+ssize_t sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid)
{
DATA_BLOB in = data_blob_const(inbuf, len);
enum ndr_err_code ndr_err;
@@ -308,9 +308,9 @@ bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid)
ndr_err = ndr_pull_struct_blob_all(
&in, NULL, sid, (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- return false;
+ return -1;
}
- return true;
+ return ndr_size_dom_sid(sid, 0);
}
/*****************************************************************
diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm
index 26a1d9b4fc6..6a2d12c9c45 100644
--- a/pidl/lib/Parse/Pidl/Samba4/Python.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm
@@ -1235,7 +1235,7 @@ sub PythonType($$$$)
$self->pidl("PyObject *in = NULL;");
$self->pidl("$typename *out = NULL;");
$self->pidl("");
- $self->pidl("if (!PyArg_ParseTupleAndKeywords(args, kwargs, \"OiO:import\",");
+ $self->pidl("if (!PyArg_ParseTupleAndKeywords(args, kwargs, \"OiO:export\",");
$self->indent;
$self->pidl("discard_const_p(char *, kwnames),");
$self->pidl("&mem_ctx_obj,");
diff --git a/python/samba/gp_parse/gp_csv.py b/python/samba/gp_parse/gp_csv.py
index 9e188db47b5..e436c1b5bd2 100644
--- a/python/samba/gp_parse/gp_csv.py
+++ b/python/samba/gp_parse/gp_csv.py
@@ -96,7 +96,7 @@ class GPAuditCsvParser(GPParser):
def write_binary(self, filename):
from io import open
- with open(filename, 'w', self.encoding) as f:
+ with open(filename, 'w', encoding=self.encoding) as f:
# In this case "binary" means "utf-8", so we let Python do that.
writer = csv.writer(f, quoting=csv.QUOTE_MINIMAL)
writer.writerow(self.header)
diff --git a/python/samba/gp_parse/gp_ini.py b/python/samba/gp_parse/gp_ini.py
index 58aee88a1e1..590b71b9a6c 100644
--- a/python/samba/gp_parse/gp_ini.py
+++ b/python/samba/gp_parse/gp_ini.py
@@ -105,6 +105,17 @@ class GPIniParser(GPParser):
class GPTIniParser(GPIniParser):
encoding = 'utf-8'
+ def parse(self, contents):
+ try:
+ super(GPTIniParser, self).parse(contents)
+ except UnicodeDecodeError:
+ # Required dict_type in Python 2.7
+ self.ini_conf = ConfigParser(dict_type=collections.OrderedDict)
+ self.ini_conf.optionxform = str
+
+ # Fallback to Latin-1 which RSAT appears to use
+ self.ini_conf.readfp(StringIO(contents.decode('iso-8859-1')))
+
class GPScriptsIniParser(GPIniParser):
def build_xml_parameter(self, section_xml, section, key_ini, val_ini):
diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index 95fe5d6d439..5a0258196c3 100644
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -93,6 +93,10 @@ def gplink_options_string(value):
def parse_gplink(gplink):
'''parse a gPLink into an array of dn and options'''
ret = []
+
+ if gplink.strip() == '':
+ return ret
+
a = gplink.split(']')
for g in a:
if not g:
@@ -167,7 +171,9 @@ def get_gpo_info(samdb, gpo=None, displayname=None, dn=None,
'flags',
'name',
'displayName',
- 'gPCFileSysPath'],
+ 'gPCFileSysPath',
+ 'gPCMachineExtensionNames',
+ 'gPCUserExtensionNames'],
controls=['sd_flags:1:%d' % sd_flags])
except Exception as e:
if gpo is not None:
@@ -255,6 +261,12 @@ def find_parser(name, flags=re.IGNORECASE):
return GPScriptsIniParser()
if re.match('psscripts.ini$', name, flags=flags):
return GPScriptsIniParser()
+ if re.match('GPE\.INI$', name, flags=flags):
+ # This file does not appear in the protocol specifications!
+ #
+ # It appears to be a legacy file used to maintain gPCUserExtensionNames
+ # and gPCMachineExtensionNames. We should just copy the file as binary.
+ return GPParser()
if re.match('.*\.ini$', name, flags=flags):
return GPIniParser()
if re.match('.*\.pol$', name, flags=flags):
@@ -326,7 +338,8 @@ def copy_directory_remote_to_local(conn, remotedir, localdir):
def copy_directory_local_to_remote(conn, localdir, remotedir,
- ignore_existing=False):
+ ignore_existing_dir=False,
+ keep_existing_files=False):
if not conn.chkpath(remotedir):
conn.mkdir(remotedir)
l_dirs = [localdir]
@@ -347,9 +360,16 @@ def copy_directory_local_to_remote(conn, localdir, remotedir,
try:
conn.mkdir(r_name)
except NTSTATUSError:
- if not ignore_existing:
+ if not ignore_existing_dir:
raise
else:
+ if keep_existing_files:
+ try:
+ conn.loadfile(r_name)
+ continue
+ except NTSTATUSError:
+ pass
+
data = open(l_name, 'rb').read()
conn.savefile(r_name, data)
@@ -656,7 +676,7 @@ class cmd_getlink(GPOCommand):
except Exception:
raise CommandError("Container '%s' does not exist" % container_dn)
- if msg['gPLink']:
+ if 'gPLink' in msg and msg['gPLink']:
self.outf.write("GPO(s) linked to DN %s\n" % container_dn)
gplist = parse_gplink(str(msg['gPLink'][0]))
for g in gplist:
@@ -1072,6 +1092,12 @@ class cmd_backup(GPOCommand):
self.outf.write('\nEntities:\n')
self.outf.write(ents)
+ # Backup the enabled GPO extension names
+ for ext in ('gPCMachineExtensionNames', 'gPCUserExtensionNames'):
+ if ext in msg:
+ with open(os.path.join(gpodir, ext + '.SAMBAEXT'), 'wb') as f:
+ f.write(msg[ext][0])
+
@staticmethod
def generalize_xml_entities(outf, sourcedir, targetdir):
entities = {}
@@ -1284,7 +1310,9 @@ class cmd_restore(cmd_create):
takes_options = [
Option("-H", help="LDB URL for database or target server", type=str),
Option("--tmpdir", help="Temporary directory for copying policy files", type=str),
- Option("--entities", help="File defining XML entities to insert into DOCTYPE header", type=str)
+ Option("--entities", help="File defining XML entities to insert into DOCTYPE header", type=str),
+ Option("--restore-metadata", help="Keep the old GPT.INI file and associated version number",
+ default=False, action="store_true")
]
def restore_from_backup_to_local_dir(self, sourcedir, targetdir, dtd_header=''):
@@ -1356,7 +1384,7 @@ class cmd_restore(cmd_create):
self.outf.write('WARNING: Falling back to simple copy-restore.\n')
def run(self, displayname, backup, H=None, tmpdir=None, entities=None, sambaopts=None, credopts=None,
- versionopts=None):
+ versionopts=None, restore_metadata=None):
dtd_header = ''
@@ -1393,10 +1421,29 @@ class cmd_restore(cmd_create):
self.restore_from_backup_to_local_dir(backup, self.gpodir,
dtd_header)
+ keep_new_files = not restore_metadata
+
# Copy GPO files over SMB
copy_directory_local_to_remote(self.conn, self.gpodir,
self.sharepath,
- ignore_existing=True)
+ ignore_existing_dir=True,
+ keep_existing_files=keep_new_files)
+
+ gpo_dn = get_gpo_dn(self.samdb, self.gpo_name)
+
+ # Restore the enabled extensions
+ for ext in ('gPCMachineExtensionNames', 'gPCUserExtensionNames'):
+ ext_file = os.path.join(backup, ext + '.SAMBAEXT')
+ if os.path.exists(ext_file):
+ with open(ext_file, 'rb') as f:
+ data = f.read()
+
+ m = ldb.Message()
+ m.dn = gpo_dn
+ m[ext] = ldb.MessageElement(data, ldb.FLAG_MOD_REPLACE,
+ ext)
+
+ self.samdb.modify(m)
except Exception as e:
import traceback
diff --git a/python/samba/tests/blackbox/check_output.py b/python/samba/tests/blackbox/check_output.py
index 30f46ab05c7..7f1e4d16a2a 100644
--- a/python/samba/tests/blackbox/check_output.py
+++ b/python/samba/tests/blackbox/check_output.py
@@ -32,7 +32,7 @@ class TimeoutHelper():
with Timeout(3):
foobar("Request 1")
except TimeoutHelper.Timeout:
- print "Timeout"
+ print("Timeout")
"""
class Timeout(Exception):
diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py
index a760a98808e..5cf68f808d4 100644
--- a/python/samba/tests/samba_tool/gpo.py
+++ b/python/samba/tests/samba_tool/gpo.py
@@ -19,9 +19,11 @@
#
import os
+import ldb
import samba
from samba.tests.samba_tool.base import SambaToolCmdTest
import shutil
+from samba.netcmd.gpo import get_gpo_dn, get_gpo_info
def has_difference(path1, path2, binary=True, xml=True, sortlines=False):
@@ -113,6 +115,39 @@ class GpoCmdTestCase(SambaToolCmdTest):
(result, out, err) = self.runsubcmd("gpo", "aclcheck", "-H", "ldap://%s" % os.environ["SERVER"], "-U%s%%%s" % (os.environ["USERNAME"], os.environ["PASSWORD"]))
self.assertCmdSuccess(result, out, err, "Ensuring gpo checked successfully")
+ def test_getlink_empty(self):
+ self.samdb = self.getSamDB("-H", "ldap://%s" % os.environ["DC_SERVER"],
+ "-U%s%%%s" % (os.environ["DC_USERNAME"],
+ os.environ["DC_PASSWORD"]))
+
+ container_dn = 'OU=gpo_test_link,%s' % self.samdb.get_default_basedn()
+
+ self.samdb.add({
+ 'dn': container_dn,
+ 'objectClass': 'organizationalUnit'
+ })
+
+ (result, out, err) = self.runsubcmd("gpo", "getlink", container_dn,
+ "-H", "ldap://%s" % os.environ["SERVER"],
+ "-U%s%%%s" % (os.environ["USERNAME"],
+ os.environ["PASSWORD"]))
+ self.assertCmdSuccess(result, out, err, "Ensuring gpo link fetched successfully")
+
+ # Microsoft appears to allow an empty space character after deletion of
+ # a GPO. We should be able to handle this.
+ m = ldb.Message()
+ m.dn = ldb.Dn(self.samdb, container_dn)
+ m['gPLink'] = ldb.MessageElement(' ', ldb.FLAG_MOD_REPLACE, 'gPLink')
+ self.samdb.modify(m)
+
+ (result, out, err) = self.runsubcmd("gpo", "getlink", container_dn,
+ "-H", "ldap://%s" % os.environ["SERVER"],
+ "-U%s%%%s" % (os.environ["USERNAME"],
+ os.environ["PASSWORD"]))
+ self.assertCmdSuccess(result, out, err, "Ensuring gpo link fetched successfully")
+
+ self.samdb.delete(container_dn)
+
def test_backup_restore_compare_binary(self):
"""Restore from a static backup and compare the binary contents"""
@@ -134,7 +169,8 @@ class GpoCmdTestCase(SambaToolCmdTest):
temp_path, "--entities",
self.entity_file, "-U%s%%%s" %
(os.environ["USERNAME"],
- os.environ["PASSWORD"]))
+ os.environ["PASSWORD"]),
+ "--restore-metadata")
gpo_guid = "{%s}" % out.split("{")[1].split("}")[0]
@@ -187,7 +223,8 @@ class GpoCmdTestCase(SambaToolCmdTest):
temp_path, "--entities",
self.entity_file, "-U%s%%%s" %
(os.environ["USERNAME"],
- os.environ["PASSWORD"]))
+ os.environ["PASSWORD"]),
+ "--restore-metadata")
gpo_guid = "{%s}" % out.split("{")[1].split("}")[0]
gpo_guid1 = gpo_guid
@@ -208,7 +245,8 @@ class GpoCmdTestCase(SambaToolCmdTest):
os.environ["SERVER"], "--tmpdir",
temp_path, "-U%s%%%s" %
(os.environ["USERNAME"],
- os.environ["PASSWORD"]))
+ os.environ["PASSWORD"]),
+ "--restore-metadata")
gpo_guid = "{%s}" % out.split("{")[1].split("}")[0]
gpo_guid2 = gpo_guid
@@ -270,7 +308,8 @@ class GpoCmdTestCase(SambaToolCmdTest):
temp_path, "--entities",
self.entity_file, "-U%s%%%s" %
(os.environ["USERNAME"],
- os.environ["PASSWORD"]))
+ os.environ["PASSWORD"]),
+ "--restore-metadata")
gpo_guid = "{%s}" % out.split("{")[1].split("}")[0]
gpo_guid1 = gpo_guid
@@ -289,7 +328,8 @@ class GpoCmdTestCase(SambaToolCmdTest):
temp_path, "--entities",
self.entity_file, "-U%s%%%s" %
(os.environ["USERNAME"],
- os.environ["PASSWORD"]))
+ os.environ["PASSWORD"]),
+ "--restore-metadata")
gpo_guid = "{%s}" % out.split("{")[1].split("}")[0]
gpo_guid2 = gpo_guid
@@ -369,7 +409,8 @@ class GpoCmdTestCase(SambaToolCmdTest):
temp_path, "--entities",
alt_entity_file, "-U%s%%%s" %
(os.environ["USERNAME"],
- os.environ["PASSWORD"]))
+ os.environ["PASSWORD"]),
+ "--restore-metadata")
self.assertCmdSuccess(result, out, err, "Ensuring gpo restored successfully")
@@ -407,6 +448,75 @@ class GpoCmdTestCase(SambaToolCmdTest):
shutil.rmtree(temp_path)
shutil.rmtree(new_path)
+ def test_backup_with_extension_attributes(self):
+ self.samdb = self.getSamDB("-H", "ldap://%s" % os.environ["DC_SERVER"],
+ "-U%s%%%s" % (os.environ["DC_USERNAME"],
+ os.environ["DC_PASSWORD"]))
+
+ temp_path = os.path.join(self.tempdir, 'temp')
+ os.mkdir(temp_path)
+
+ extensions = {
+ # Taken from "source4/setup/provision_group_policy.ldif" on domain
+ 'gPCMachineExtensionNames': '[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]',
+ 'gPCUserExtensionNames': '[{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]'
+ }
+
+ gpo_dn = get_gpo_dn(self.samdb, self.gpo_guid)
+ for ext in extensions:
+ data = extensions[ext]
+
+ m = ldb.Message()
+ m.dn = gpo_dn
+ m[ext] = ldb.MessageElement(data, ldb.FLAG_MOD_REPLACE, ext)
+
+ self.samdb.modify(m)
+
+ try:
+ (result, out, err) = self.runsubcmd("gpo", "backup", self.gpo_guid,
+ "-H", "ldap://%s" %
+ os.environ["SERVER"],
+ "--tmpdir", temp_path)
+
+ self.assertCmdSuccess(result, out, err, "Ensuring gpo fetched successfully")
+
+ guid = "{%s}" % out.split("{")[1].split("}")[0]
+
+ temp_path = os.path.join(temp_path, 'policy', guid)
+
+ (result, out, err) = self.runsubcmd("gpo", "restore", "RESTORE_EXT",
+ temp_path,
+ "-H", "ldap://%s" %
+ os.environ["SERVER"], "--tmpdir",
+ self.tempdir, "-U%s%%%s" %
+ (os.environ["USERNAME"],
+ os.environ["PASSWORD"]),
+ "--restore-metadata")
+
+ self.assertCmdSuccess(result, out, err, "Ensuring gpo restored successfully")
+
+ gpo_guid = "{%s}" % out.split("{")[1].split("}")[0]
+
+ msg = get_gpo_info(self.samdb, gpo_guid)
+ self.assertEqual(len(msg), 1)
+
+ for ext in extensions:
+ self.assertTrue(ext in msg[0])
+ self.assertEqual(extensions[ext], str(msg[0][ext][0]))
+
+ finally:
+ if gpo_guid:
+ (result, out, err) = self.runsubcmd("gpo", "del", gpo_guid,
+ "-H", "ldap://%s" %
+ os.environ["SERVER"],
+ "-U%s%%%s" %
+ (os.environ["USERNAME"],
+ os.environ["PASSWORD"]))
+ self.assertCmdSuccess(result, out, err, "Ensuring gpo deleted successfully")
+
+ shutil.rmtree(os.path.join(self.tempdir, "policy"))
+ shutil.rmtree(os.path.join(self.tempdir, 'temp'))
+
def setUp(self):
"""set up a temporary GPO to work with"""
super(GpoCmdTestCase, self).setUp()
diff --git a/selftest/filter-subunit b/selftest/filter-subunit
index 4340439dd3b..d67fbaceb51 100755
--- a/selftest/filter-subunit
+++ b/selftest/filter-subunit
@@ -61,9 +61,9 @@ if opts.perf_test_output:
if getattr(opts, bad_opt):
bad_options.append(bad_opt)
if bad_options:
- print >>sys.stderr, ("--perf-test-output is incompatible with --%s" %
- (', --'.join(x.replace('_', '-')
- for x in bad_options)))
+ print("--perf-test-output is incompatible with --%s" %
+ (', --'.join(x.replace('_', '-') for x in bad_options)),
+ file=sys.stderr)
sys.exit(1)
if opts.expected_failures:
diff --git a/selftest/format-subunit-json b/selftest/format-subunit-json
index 6f100e78445..a3ece648e3a 100644
--- a/selftest/format-subunit-json
+++ b/selftest/format-subunit-json
@@ -19,7 +19,6 @@ def json_formatter(src_f, dest_f):
for line in src_f:
line = line.strip()
- print >>sys.stderr, line
if line[:14] == 'elapsed-time: ':
name, time = line[14:].rsplit(':', 1)
results[name] = float(time)
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 5a67ab79058..7a96714ad1a 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -278,7 +278,7 @@ void smbldap_set_bind_callback(struct smbldap_state *state,
struct dom_sid *sid)
{
DATA_BLOB blob;
- bool ret;
+ ssize_t ret;
if (!smbldap_talloc_single_blob(talloc_tos(), ld, msg, attrib,
&blob)) {
@@ -286,7 +286,7 @@ void smbldap_set_bind_callback(struct smbldap_state *state,
}
ret = sid_parse(blob.data, blob.length, sid);
TALLOC_FREE(blob.data);
- return ret;
+ return (ret != -1);
}
static int ldapmsg_destructor(LDAPMessage **result) {
diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c
index 3938fca901f..78ed42be179 100644
--- a/source3/lib/tldap_util.c
+++ b/source3/lib/tldap_util.c
@@ -88,11 +88,13 @@ bool tldap_pull_binsid(struct tldap_message *msg, const char *attribute,
struct dom_sid *sid)
{
DATA_BLOB val;
+ ssize_t ret;
if (!tldap_get_single_valueblob(msg, attribute, &val)) {
return false;
}
- return sid_parse(val.data, val.length, sid);
+ ret = sid_parse(val.data, val.length, sid);
+ return (ret != -1);
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list