[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Mon Nov 1 21:17:01 UTC 2021
The branch, master has been updated
via 5199eb14123 gp: Apply Firewalld Policy
via cd73e410134 gp: Test Firewalld Group Policy Apply
via d3eb2a5de91 gp: Add Firewalld ADMX templates
from 494eb0c22a6 debug: Add new smb.conf option "debug syslog format"
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 5199eb14123b26b02d3a4d10d514b37688f9b580
Author: David Mulder <dmulder at suse.com>
Date: Thu Oct 14 15:36:52 2021 -0600
gp: Apply Firewalld Policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Nov 1 21:16:43 UTC 2021 on sn-devel-184
commit cd73e4101347f1e3c1bb865f9a9c361b3771fd34
Author: David Mulder <dmulder at suse.com>
Date: Tue Oct 12 12:54:09 2021 -0600
gp: Test Firewalld Group Policy Apply
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d3eb2a5de91c7c57fe07d983722c7c21e927ddde
Author: David Mulder <dmulder at suse.com>
Date: Wed Oct 6 12:46:26 2021 -0600
gp: Add Firewalld ADMX templates
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libgpo/admx/en-US/samba.adml | 81 ++++++++++++++++++
libgpo/admx/samba.admx | 17 ++++
python/samba/gp_firewalld_ext.py | 158 +++++++++++++++++++++++++++++++++++
python/samba/tests/bin/firewall-cmd | 110 ++++++++++++++++++++++++
python/samba/tests/gpo.py | 111 ++++++++++++++++++++++++
source4/scripting/bin/samba-gpupdate | 2 +
6 files changed, 479 insertions(+)
create mode 100644 python/samba/gp_firewalld_ext.py
create mode 100755 python/samba/tests/bin/firewall-cmd
Changeset truncated at 500 lines:
diff --git a/libgpo/admx/en-US/samba.adml b/libgpo/admx/en-US/samba.adml
index a954c41a7d0..7bac33c4554 100755
--- a/libgpo/admx/en-US/samba.adml
+++ b/libgpo/admx/en-US/samba.adml
@@ -3127,6 +3127,78 @@ Example: 192.9.200.1 192.168.2.61</string>
U Insert the string "1 user" or "<n> users" where <n> is the number of current users logged in.
v Insert the version of the OS, that is, the build-date and such.</string>
+ <string id="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9">Firewalld</string>
+ <string id="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978">Zones</string>
+ <string id="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978_Help">A list of zones to create. Existing zones on the host will be unaffected.
+
+Rule creation for zones is handled in the Rules setting.</string>
+ <string id="POL_B21F349F_4BF6_473E_8452_047D714F156C">Rules</string>
+ <string id="POL_B21F349F_4BF6_473E_8452_047D714F156C_Help">A JSON dictionary, containing zones paired with a list of rules.
+
+For example, to create rules for the Work and Home zones, specify the following JSON:
+
+{
+ "work": [
+ {"rule": {"family": "ipv4"}, "source address": "172.25.1.7", "service name": "ftp", "reject": {}},
+ {"rule": {}, "source address": "172.25.1.8", "service name": "ftp", "reject": {}}
+ ],
+ "home": [
+ {"rule": {}, "protocol value": "icmp", "reject": {}},
+ {"rule": {"family": "ipv4"}, "source address": "192.168.1.2/32", "service name": "telnet", "accept": {"limit value": "1/m"}}
+ ]
+}
+
+An improperly formatted JSON will be ignored.
+
+The rule structure loosely follows the Firewalld Rich Language Documentation.
+
+General rule structure:
+{
+ "rule": {
+ "family": "ipv4 | ipv6",
+ "priority": "priority"
+ },
+ "source [not] address | mac | ipset": "address[/mask] | mac-address | ipset",
+ "destination [not] adress": "address[/mask]",
+ "service name": "service name",
+ "port": {
+ "port": "port value",
+ "protocol": "tcp | udp"
+ }
+ "protocol value": "protocol value",
+ "icmp-block name": "icmptype name",
+ "Masquerade": true|false,
+ "icmp-type": "icmptype name",
+ "forward-port": {
+ "port": "port value",
+ "protocol": "tcp | udp",
+ "to-port": "port value",
+ "to-addr": "address"
+ },
+ "source-port": {
+ "port": "port value",
+ "protocol": "tcp | udp"
+ },
+ "log": {
+ "prefix": "prefix text",
+ "level": "emerg | alert | crit | error | warning | notice | info | debug",
+ "limit value": "rate/duration"
+ },
+ "audit": {
+ "limit value": "rate/duration"
+ },
+ "accept" : {
+ "limit value": "rate/duration"
+ } | "reject": {
+ "type": "reject type",
+ "limit value": "rate/duration"
+ } | "drop": {
+ "limit value": "rate/duration"
+ } | "mark": {
+ "set": "mark[/mask]",
+ "limit value": "rate/duration"
+ }
+}</string>
</stringTable>
<presentationTable>
<presentation id="POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061">
@@ -4645,6 +4717,15 @@ Example: 192.9.200.1 192.168.2.61</string>
<defaultValue>Welcome to \s \r \l</defaultValue>
</textBox>
</presentation>
+ <presentation id="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978">
+ <listBox refId="LST_5B9AE80A_6529_4313_A9A1_764DF5320930">Firewalld Zones</listBox>
+ </presentation>
+ <presentation id="POL_B21F349F_4BF6_473E_8452_047D714F156C">
+ <textBox refId="TXT_76109A0B_AA79_4F69_ADFC_2B3CA52763D2">
+ <label>Firewalld Rules</label>
+ <defaultValue>{}</defaultValue>
+ </textBox>
+ </presentation>
</presentationTable>
</resources>
</policyDefinitionResources>
diff --git a/libgpo/admx/samba.admx b/libgpo/admx/samba.admx
index d09956d5394..8db67966e39 100755
--- a/libgpo/admx/samba.admx
+++ b/libgpo/admx/samba.admx
@@ -20,6 +20,9 @@
<category displayName="$(string.CAT_10827749_64ED_5052_87F7_E81AD421856A)" name="CAT_10827749_64ED_5052_87F7_E81AD421856A">
<parentCategory ref="CAT_3338C1DD_8A00_4273_8547_158D8B8C19E9"/>
</category>
+ <category name="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9" displayName="$(string.CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9)">
+ <parentCategory ref="CAT_7D8D7DC8_5A9D_4BE1_8227_F09CDD5AFFC6" />
+ </category>
</categories>
<policies>
<policy name="POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061" class="Both" displayName="$(string.POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061)" explainText="$(string.POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061_Help)" presentation="$(presentation.POL_9320E11F_AC80_4A7D_A5C8_1C0F3F727061)" key="Software\Policies\Samba\Unix Settings">
@@ -2528,5 +2531,19 @@
<text id="TXT_8075D9EA_6E15_4B2A_833A_B918EE90856F" key="Software\Policies\Samba\Unix Settings\Messages" valueName="issue" />
</elements>
</policy>
+ <policy name="POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978" class="Machine" displayName="$(string.POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978)" explainText="$(string.POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978_Help)" presentation="$(presentation.POL_ADABE9E0_FFF9_4FFE_A105_03E646C79978)" key="Software\Policies\Samba\Unix Settings\Firewalld" valueName="Zones">
+ <parentCategory ref="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9" />
+ <supportedOn ref="SUPPORTED_SAMBA_4_16" />
+ <elements>
+ <list id="LST_5B9AE80A_6529_4313_A9A1_764DF5320930" key="Software\Policies\Samba\Unix Settings\Firewalld\Zones" />
+ </elements>
+ </policy>
+ <policy name="POL_B21F349F_4BF6_473E_8452_047D714F156C" class="Machine" displayName="$(string.POL_B21F349F_4BF6_473E_8452_047D714F156C)" explainText="$(string.POL_B21F349F_4BF6_473E_8452_047D714F156C_Help)" presentation="$(presentation.POL_B21F349F_4BF6_473E_8452_047D714F156C)" key="Software\Policies\Samba\Unix Settings\Firewalld" valueName="Rules">
+ <parentCategory ref="CAT_371A8FF5_990F_47DD_B200_D436AC28A4F9" />
+ <supportedOn ref="SUPPORTED_SAMBA_4_16" />
+ <elements>
+ <text id="TXT_76109A0B_AA79_4F69_ADFC_2B3CA52763D2" key="Software\Policies\Samba\Unix Settings\Firewalld\Rules" valueName="Rules" />
+ </elements>
+ </policy>
</policies>
</policyDefinitions>
diff --git a/python/samba/gp_firewalld_ext.py b/python/samba/gp_firewalld_ext.py
new file mode 100644
index 00000000000..0fbd87371e0
--- /dev/null
+++ b/python/samba/gp_firewalld_ext.py
@@ -0,0 +1,158 @@
+# gp_firewalld_ext samba gpo policy
+# Copyright (C) David Mulder <dmulder at suse.com> 2021
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import os
+from subprocess import Popen, PIPE
+from hashlib import blake2b
+from shutil import which
+import json
+from samba.gpclass import gp_pol_ext
+
+def firewall_cmd(*args):
+ fw_cmd = which('firewall-cmd')
+ if fw_cmd is not None:
+ cmd = [fw_cmd]
+ cmd.extend(list(args))
+
+ p = Popen(cmd, stdout=PIPE, stderr=PIPE)
+ stdoutdata, _ = p.communicate()
+ return p.returncode, stdoutdata
+ else:
+ return -1, 'firewall-cmd not found'
+
+def rule_segment_parse(name, rule_segment):
+ if isinstance(rule_segment, str):
+ return ('%s=%s' % (name, rule_segment)) + ' '
+ else:
+ return '%s %s ' % (name,
+ ' '.join(['%s=%s' % (k, v) for k, v in rule_segment.items()]))
+
+class gp_firewalld_ext(gp_pol_ext):
+ def __str__(self):
+ return 'Security/Firewalld'
+
+ def apply_zone(self, zone):
+ ret = firewall_cmd('--permanent', '--new-zone=%s' % zone)[0]
+ if ret != 0:
+ self.logger.error('Failed to add new zone %s' % zone)
+ else:
+ self.gp_db.store(str(self), 'zone:%s' % zone, zone)
+ # Default to matching the interface(s) for the default zone
+ ret, out = firewall_cmd('--list-interfaces')
+ if ret != 0:
+ self.logger.error('Failed to set interfaces for zone: %s' % zone)
+ for interface in out.strip().split():
+ ret = firewall_cmd('--permanent', '--zone=%s' % zone,
+ '--add-interface=%s' % interface.decode())
+ if ret != 0:
+ self.logger.error('Failed to set interfaces for zone: %s' % \
+ zone)
+
+ def apply_rules(self, rule_dict):
+ for zone, rules in rule_dict.items():
+ for rule in rules:
+ if 'rule' in rule:
+ rule_parsed = rule_segment_parse('rule', rule['rule'])
+ else:
+ rule_parsed = 'rule '
+ for segment in ['source', 'destination', 'service', 'port',
+ 'protocol', 'icmp-block', 'masquerade',
+ 'icmp-type', 'forward-port', 'source-port',
+ 'log', 'audit']:
+ names = [s for s in rule.keys() if s.startswith(segment)]
+ for name in names:
+ rule_parsed += rule_segment_parse(name, rule[name])
+ actions = set(['accept', 'reject', 'drop', 'mark'])
+ segments = set(rule.keys())
+ action = actions.intersection(segments)
+ if len(action) == 1:
+ rule_parsed += rule_segment_parse(list(action)[0],
+ rule[list(action)[0]])
+ else:
+ self.logger.error('Invalid firewall rule syntax')
+ ret = firewall_cmd('--permanent', '--zone=%s' % zone,
+ '--add-rich-rule', rule_parsed.strip())[0]
+ if ret != 0:
+ self.logger.error('Failed to add firewall rule: %s' % \
+ rule_parsed)
+ else:
+ rhash = blake2b(rule_parsed.encode()).hexdigest()
+ self.gp_db.store(str(self), 'rule:%s:%s' % (zone, rhash),
+ rule_parsed)
+
+ def process_group_policy(self, deleted_gpo_list, changed_gpo_list):
+ for guid, settings in deleted_gpo_list:
+ self.gp_db.set_guid(guid)
+ if str(self) in settings:
+ for attribute, value in settings[str(self)].items():
+ if attribute.startswith('zone'):
+ ret = firewall_cmd('--permanent',
+ '--delete-zone=%s' % value)[0]
+ if ret != 0:
+ self.logger.error('Failed to remove zone: %s' % \
+ value)
+ else:
+ self.gp_db.delete(str(self), attribute)
+ elif attribute.startswith('rule'):
+ _, zone, _ = attribute.split(':')
+ ret = firewall_cmd('--permanent', '--zone=%s' % zone,
+ '--remove-rich-rule', value)[0]
+ if ret != 0:
+ self.logger.error('Failed to remove firewall'
+ ' rule: %s' % value)
+ else:
+ self.gp_db.delete(str(self), attribute)
+ self.gp_db.commit()
+
+ for gpo in changed_gpo_list:
+ if gpo.file_sys_path:
+ section = 'Software\\Policies\\Samba\\Unix Settings\\Firewalld'
+ self.gp_db.set_guid(gpo.name)
+ pol_file = 'MACHINE/Registry.pol'
+ path = os.path.join(gpo.file_sys_path, pol_file)
+ pol_conf = self.parse(path)
+ if not pol_conf:
+ continue
+ for e in pol_conf.entries:
+ if e.keyname.startswith(section):
+ if e.keyname.endswith('Rules'):
+ self.apply_rules(json.loads(e.data))
+ elif e.keyname.endswith('Zones'):
+ if e.valuename == '**delvals.':
+ continue
+ self.apply_zone(e.data)
+ self.gp_db.commit()
+
+ def rsop(self, gpo):
+ output = {}
+ pol_file = 'MACHINE/Registry.pol'
+ section = 'Software\\Policies\\Samba\\Unix Settings\\Firewalld'
+ if gpo.file_sys_path:
+ path = os.path.join(gpo.file_sys_path, pol_file)
+ pol_conf = self.parse(path)
+ if not pol_conf:
+ return output
+ for e in pol_conf.entries:
+ if e.keyname.startswith(section):
+ if e.keyname.endswith('Zone'):
+ if 'Zones' not in output.keys():
+ output['Zones'] = []
+ output['Zones'].append(e.data)
+ elif e.keyname.endswith('Rules'):
+ if 'Rules' not in output.keys():
+ output['Rules'] = []
+ output['Rules'].append(json.loads(e.data))
+ return output
diff --git a/python/samba/tests/bin/firewall-cmd b/python/samba/tests/bin/firewall-cmd
new file mode 100755
index 00000000000..503ae9a772c
--- /dev/null
+++ b/python/samba/tests/bin/firewall-cmd
@@ -0,0 +1,110 @@
+#!/usr/bin/python3
+import optparse
+import os, sys, re
+import pickle
+try:
+ from firewall.core.rich import Rich_Rule
+except ImportError:
+ Rich_Rule = None
+
+sys.path.insert(0, "bin/python")
+
+if __name__ == "__main__":
+ parser = optparse.OptionParser('firewall-cmd [options]')
+ parser.add_option('--list-interfaces', default=False, action="store_true")
+ parser.add_option('--permanent', default=False, action="store_true")
+ parser.add_option('--new-zone')
+ parser.add_option('--get-zones', default=False, action="store_true")
+ parser.add_option('--delete-zone')
+ parser.add_option('--zone')
+ parser.add_option('--add-interface')
+ parser.add_option('--add-rich-rule')
+ parser.add_option('--remove-rich-rule')
+ parser.add_option('--list-rich-rules', default=False, action="store_true")
+
+ (opts, args) = parser.parse_args()
+
+ # Use a dir we can write to in the testenv
+ if 'LOCAL_PATH' in os.environ:
+ data_dir = os.path.realpath(os.environ.get('LOCAL_PATH'))
+ else:
+ data_dir = os.path.dirname(os.path.realpath(__file__))
+ dump_file = os.path.join(data_dir, 'firewall-cmd.dump')
+ if os.path.exists(dump_file):
+ with open(dump_file, 'rb') as r:
+ data = pickle.load(r)
+ else:
+ data = {}
+
+ if opts.list_interfaces:
+ if not opts.zone: # default zone dummy interface
+ print('eth0')
+ else:
+ assert 'zone_interfaces' in data
+ assert opts.zone in data['zone_interfaces'].keys()
+ for interface in data['zone_interfaces'][opts.zone]:
+ sys.stdout.write('%s ' % interface)
+ print()
+ elif opts.new_zone:
+ if 'zones' not in data:
+ data['zones'] = []
+ data['zones'].append(opts.new_zone)
+ elif opts.get_zones:
+ if 'zones' in data:
+ for zone in data['zones']:
+ sys.stdout.write('%s ' % zone)
+ print()
+ elif opts.delete_zone:
+ assert 'zones' in data
+ assert opts.delete_zone in data['zones']
+ data['zones'].remove(opts.delete_zone)
+ if len(data['zones']) == 0:
+ del data['zones']
+ if 'zone_interfaces' in data and opts.zone in data['zone_interfaces'].keys():
+ del data['zone_interfaces'][opts.zone]
+ elif opts.add_interface:
+ assert opts.zone
+ assert 'zones' in data
+ assert opts.zone in data['zones']
+ if 'zone_interfaces' not in data:
+ data['zone_interfaces'] = {}
+ if opts.zone not in data['zone_interfaces'].keys():
+ data['zone_interfaces'][opts.zone] = []
+ data['zone_interfaces'][opts.zone].append(opts.add_interface)
+ elif opts.add_rich_rule:
+ assert opts.zone
+ if 'rules' not in data:
+ data['rules'] = {}
+ if opts.zone not in data['rules']:
+ data['rules'][opts.zone] = []
+ # Test rule parsing if firewalld is installed
+ if Rich_Rule:
+ # Parsing failure will throw an exception
+ data['rules'][opts.zone].append(str(Rich_Rule(rule_str=opts.add_rich_rule)))
+ else:
+ data['rules'][opts.zone].append(opts.add_rich_rule)
+ elif opts.remove_rich_rule:
+ assert opts.zone
+ assert 'rules' in data
+ assert opts.zone in data['rules'].keys()
+ if Rich_Rule:
+ rich_rule = str(Rich_Rule(rule_str=opts.remove_rich_rule))
+ assert rich_rule in data['rules'][opts.zone]
+ data['rules'][opts.zone].remove(rich_rule)
+ else:
+ assert opts.remove_rich_rule in data['rules'][opts.zone]
+ data['rules'][opts.zone].remove(opts.remove_rich_rule)
+ elif opts.list_rich_rules:
+ assert opts.zone
+ assert 'rules' in data
+ assert opts.zone in data['rules'].keys()
+ for rule in data['rules'][opts.zone]:
+ print(rule)
+
+ if opts.permanent:
+ if data == {}:
+ if os.path.exists(dump_file):
+ os.unlink(dump_file)
+ else:
+ with open(dump_file, 'wb') as w:
+ pickle.dump(data, w)
diff --git a/python/samba/tests/gpo.py b/python/samba/tests/gpo.py
index 05f12312c6e..35399a63043 100644
--- a/python/samba/tests/gpo.py
+++ b/python/samba/tests/gpo.py
@@ -44,6 +44,7 @@ from samba.gp_gnome_settings_ext import gp_gnome_settings_ext
from samba.gp_cert_auto_enroll_ext import gp_cert_auto_enroll_ext
from samba.gp_firefox_ext import gp_firefox_ext
from samba.gp_chromium_ext import gp_chromium_ext
+from samba.gp_firewalld_ext import gp_firewalld_ext
import logging
from samba.credentials import Credentials
from samba.gp_msgs_ext import gp_msgs_ext
@@ -61,6 +62,7 @@ from samba.gpclass import get_dc_hostname
from samba import Ldb
from samba.auth import system_session
import json
+from shutil import which
realm = os.environ.get('REALM')
policies = realm + '/POLICIES'
@@ -6832,6 +6834,43 @@ b"""
}
"""
+firewalld_reg_pol = \
+b"""
+<?xml version="1.0" encoding="utf-8"?>
+<PolFile num_entries="6" signature="PReg" version="1">
+ <Entry type="4" type_name="REG_DWORD">
+ <Key>Software\Policies\Samba\Unix Settings\Firewalld</Key>
+ <ValueName>Zones</ValueName>
+ <Value>1</Value>
+ </Entry>
+ <Entry type="4" type_name="REG_DWORD">
+ <Key>Software\Policies\Samba\Unix Settings\Firewalld</Key>
+ <ValueName>Rules</ValueName>
+ <Value>1</Value>
+ </Entry>
+ <Entry type="1" type_name="REG_SZ">
+ <Key>Software\Policies\Samba\Unix Settings\Firewalld\Rules</Key>
+ <ValueName>Rules</ValueName>
+ <Value>{"work": [{"rule": {"family": "ipv4"}, "source address": "172.25.1.7", "service name": "ftp", "reject": {}}]}</Value>
+ </Entry>
+ <Entry type="1" type_name="REG_SZ">
+ <Key>Software\Policies\Samba\Unix Settings\Firewalld\Zones</Key>
+ <ValueName>**delvals.</ValueName>
+ <Value> </Value>
+ </Entry>
+ <Entry type="1" type_name="REG_SZ">
+ <Key>Software\Policies\Samba\Unix Settings\Firewalld\Zones</Key>
+ <ValueName>work</ValueName>
+ <Value>work</Value>
+ </Entry>
+ <Entry type="1" type_name="REG_SZ">
+ <Key>Software\Policies\Samba\Unix Settings\Firewalld\Zones</Key>
+ <ValueName>home</ValueName>
+ <Value>home</Value>
+ </Entry>
+</PolFile>
+"""
+
def days2rel_nttime(val):
seconds = 60
minutes = 60
@@ -8805,3 +8844,75 @@ class GPOTests(tests.TestCase):
# Unstage the Registry.pol file
unstage_file(reg_pol)
+
+ def test_gp_firewalld_ext(self):
+ local_path = self.lp.cache_path('gpo_cache')
+ guid = '{31B2F340-016D-11D2-945F-00C04FB984F9}'
+ reg_pol = os.path.join(local_path, policies, guid,
+ 'MACHINE/REGISTRY.POL')
+ logger = logging.getLogger('gpo_tests')
+ cache_dir = self.lp.get('cache directory')
+ store = GPOStorage(os.path.join(cache_dir, 'gpo.tdb'))
+
+ machine_creds = Credentials()
+ machine_creds.guess(self.lp)
+ machine_creds.set_machine_account()
+
+ # Initialize the group policy extension
+ ext = gp_firewalld_ext(logger, self.lp, machine_creds,
+ machine_creds.get_username(), store)
+
+ ads = gpo.ADS_STRUCT(self.server, self.lp, machine_creds)
--
Samba Shared Repository
More information about the samba-cvs
mailing list