Patch for LDB SAMBA python bindings

Jelmer Vernooij jelmer at samba.org
Fri Oct 30 05:32:03 MDT 2009


Hi Matthias,

On Thu, 2009-10-29 at 08:53 +0100, Matthias Dieter Wallnöfer wrote:
> Regarding the file permissions: ldb sets them per default to 0666. s4 
> uses 0600. I really don't see the need to add a default value for 
> "set_create_perms" which could also be just 0666 since the method is 
> located in the generic LDB bindings. We really need to call it since our 
> s4 isn't the default!
I'm not arguing we shouldn't be calling set_create_perms. Python is
different from C in that it supports optional arguments. I'm suggesting
this is a good place to use this feature, to avoid set_create_perms()
from being called twice on a given ldb file if mode 0600 is
indesirable. 

What is the public API for setting the wrap_url useful for exactly? Who
would call it?

Cheers,

Jelmer

> Jelmer Vernooij wrote:
> > Hi Matthias,
> >
> > On Mon, Oct 26, 2009 at 11:35:28PM +0100, Matthias Dieter Wallnöfer wrote:
> >    
> >> what do you think about this patch? If it fits I would like to push it soon.
> >>      
> > Again, please avoid doing multiple different things in a single patch. It makes the patch harder to review and likely to be rejected entirely if one of the
> > items in the patch is wrong.
> >
> > Please avoid mentioning that some functions return None - this is implied if
> > there is no return value type specified.
> >
> > Since Python supports optional arguments, can you perhaps make the mode of
> > the LDB file an optional argument that defaults to 0600 ?
> >
> > What is the public API for setting the wrap_url useful for exactly? Who
> > would call it?
> >
> > Cheers,
> >
> > Jelmer
> >
> >    
> >> From: Matthias Dieter Walln??fer<mwallnoefer at yahoo.de>
> >> Date: Fri, 23 Oct 2009 13:16:54 +0000 (+0200)
> >> Subject: s4:LDB bindings - Work to make the python wrap connection more like the C wrap connection
> >> X-Git-Url: http://repo.or.cz/w/Samba/mdw.git?a=commitdiff_plain;h=5172606b5251078049cb1531abc205fc2af2c17d
> >>
> >> s4:LDB bindings - Work to make the python wrap connection more like the C wrap connection
> >>
> >> - Adds a call for setting the wrap URL on the LDB context
> >> - Add create permissions also on python bindings
> >> - Reorder some function bodies in "pyglue" to match the order in "ldb_wrap_connect"
> >> ---
> >>
> >> diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c
> >> index 71203d3..65a23f3 100644
> >> --- a/source4/scripting/python/pyglue.c
> >> +++ b/source4/scripting/python/pyglue.c
> >> @@ -102,6 +102,27 @@ static PyObject *py_set_debug_level(PyObject *self, PyObject *args)
> >>   	Py_RETURN_NONE;
> >>   }
> >>
> >> +static PyObject *py_ldb_set_session_info(PyObject *self, PyObject *args)
> >> +{
> >> +	PyObject *py_session_info, *py_ldb;
> >> +	struct auth_session_info *info;
> >> +	struct ldb_context *ldb;
> >> +	if (!PyArg_ParseTuple(args, "OO",&py_ldb,&py_session_info))
> >> +		return NULL;
> >> +
> >> +	PyErr_LDB_OR_RAISE(py_ldb, ldb);
> >> +	/*if (!PyAuthSession_Check(py_session_info)) {
> >> +		PyErr_SetString(PyExc_TypeError, "Expected session info object");
> >> +		return NULL;
> >> +	}*/
> >> +
> >> +	info = PyAuthSession_AsSession(py_session_info);
> >> +
> >> +	ldb_set_opaque(ldb, "sessionInfo", info);
> >> +
> >> +	Py_RETURN_NONE;
> >> +}
> >> +
> >>   static PyObject *py_ldb_set_credentials(PyObject *self, PyObject *args)
> >>   {
> >>   	PyObject *py_creds, *py_ldb;
> >> @@ -144,24 +165,17 @@ static PyObject *py_ldb_set_loadparm(PyObject *self, PyObject *args)
> >>   	Py_RETURN_NONE;
> >>   }
> >>
> >> -
> >> -static PyObject *py_ldb_set_session_info(PyObject *self, PyObject *args)
> >> +static PyObject *py_ldb_set_wrap_url(PyObject *self, PyObject *args)
> >>   {
> >> -	PyObject *py_session_info, *py_ldb;
> >> -	struct auth_session_info *info;
> >> +	PyObject *py_ldb;
> >> +	char *wrap_url;
> >>   	struct ldb_context *ldb;
> >> -	if (!PyArg_ParseTuple(args, "OO",&py_ldb,&py_session_info))
> >> +	if (!PyArg_ParseTuple(args, "Os",&py_ldb,&wrap_url))
> >>   		return NULL;
> >>
> >>   	PyErr_LDB_OR_RAISE(py_ldb, ldb);
> >> -	/*if (!PyAuthSession_Check(py_session_info)) {
> >> -		PyErr_SetString(PyExc_TypeError, "Expected session info object");
> >> -		return NULL;
> >> -	}*/
> >> -
> >> -	info = PyAuthSession_AsSession(py_session_info);
> >>
> >> -    	ldb_set_opaque(ldb, "sessionInfo", info);
> >> +	ldb_set_opaque(ldb, "wrap_url", wrap_url);
> >>
> >>   	Py_RETURN_NONE;
> >>   }
> >> @@ -455,15 +469,18 @@ static PyMethodDef py_misc_methods[] = {
> >>   		"Generate random password with specified length." },
> >>   	{ "unix2nttime", (PyCFunction)py_unix2nttime, METH_VARARGS,
> >>   		"unix2nttime(timestamp) ->  nttime" },
> >> -	{ "ldb_set_credentials", (PyCFunction)py_ldb_set_credentials, METH_VARARGS,
> >> -		"ldb_set_credentials(ldb, credentials) ->  None\n"
> >> -		"Set credentials to use when connecting." },
> >>   	{ "ldb_set_session_info", (PyCFunction)py_ldb_set_session_info, METH_VARARGS,
> >> -		"ldb_set_session_info(ldb, session_info)\n"
> >> +		"ldb_set_session_info(ldb, session_info) ->  None\n"
> >>   		"Set session info to use when connecting." },
> >> +	{ "ldb_set_credentials", (PyCFunction)py_ldb_set_credentials, METH_VARARGS,
> >> +		"ldb_set_credentials(ldb, credentials) ->  None\n"
> >> +		"Set credentials to use when connecting." },
> >>   	{ "ldb_set_loadparm", (PyCFunction)py_ldb_set_loadparm, METH_VARARGS,
> >> -		"ldb_set_loadparm(ldb, session_info)\n"
> >> +		"ldb_set_loadparm(ldb, session_info) ->  None\n"
> >>   		"Set loadparm context to use when connecting." },
> >> +	{ "ldb_set_wrap_url", (PyCFunction)py_ldb_set_wrap_url, METH_VARARGS,
> >> +		"ldb_set_wrap_url(ldb, wrap_url)\n"
> >> +		"Set wrap URL to use when connecting." },
> >>   	{ "samdb_set_domain_sid", (PyCFunction)py_samdb_set_domain_sid, METH_VARARGS,
> >>   		"samdb_set_domain_sid(samdb, sid)\n"
> >>   		"Set SID of domain to use." },
> >> diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py
> >> index 57cefdd..8b6e6fb 100644
> >> --- a/source4/scripting/python/samba/__init__.py
> >> +++ b/source4/scripting/python/samba/__init__.py
> >> @@ -103,18 +103,28 @@ class Ldb(ldb.Ldb):
> >>               if nosync_p is not None and nosync_p == true:
> >>                   flags |= FLG_NOSYNC
> >>
> >> +        # we usually want Samba databases to be private. If we later find we
> >> +        # need one public, we will have to change this here
> >> +        self.set_create_perms(0600)
> >> +
> >>           if url is not None:
> >>               self.connect(url, flags, options)
> >>
> >> -    def set_credentials(self, credentials):
> >> -        glue.ldb_set_credentials(self, credentials)
> >> +            # setup for leak detection
> >> +            self.set_wrap_url(url)
> >>
> >>       def set_session_info(self, session_info):
> >>           glue.ldb_set_session_info(self, session_info)
> >>
> >> +    def set_credentials(self, credentials):
> >> +        glue.ldb_set_credentials(self, credentials)
> >> +
> >>       def set_loadparm(self, lp_ctx):
> >>           glue.ldb_set_loadparm(self, lp_ctx)
> >>
> >> +    def set_wrap_url(self, wrap_url):
> >> +        glue.ldb_set_wrap_url(self, wrap_url)
> >> +
> >>       def searchone(self, attribute, basedn=None, expression=None,
> >>                     scope=ldb.SCOPE_BASE):
> >>           """Search for one attribute as a string.
> >>      
> >
> >    
> 


-- 
Jelmer Vernooij <jelmer at samba.org> - http://samba.org/~jelmer/
Jabber: jelmer at jabber.fsfe.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091030/d7f585b5/attachment.pgp>


More information about the samba-technical mailing list