Patch for LDB SAMBA python bindings
Jelmer Vernooij
jelmer at samba.org
Fri Oct 30 05:32:03 MDT 2009
Hi Matthias,
On Thu, 2009-10-29 at 08:53 +0100, Matthias Dieter Wallnöfer wrote:
> Regarding the file permissions: ldb sets them per default to 0666. s4
> uses 0600. I really don't see the need to add a default value for
> "set_create_perms" which could also be just 0666 since the method is
> located in the generic LDB bindings. We really need to call it since our
> s4 isn't the default!
I'm not arguing we shouldn't be calling set_create_perms. Python is
different from C in that it supports optional arguments. I'm suggesting
this is a good place to use this feature, to avoid set_create_perms()
from being called twice on a given ldb file if mode 0600 is
indesirable.
What is the public API for setting the wrap_url useful for exactly? Who
would call it?
Cheers,
Jelmer
> Jelmer Vernooij wrote:
> > Hi Matthias,
> >
> > On Mon, Oct 26, 2009 at 11:35:28PM +0100, Matthias Dieter Wallnöfer wrote:
> >
> >> what do you think about this patch? If it fits I would like to push it soon.
> >>
> > Again, please avoid doing multiple different things in a single patch. It makes the patch harder to review and likely to be rejected entirely if one of the
> > items in the patch is wrong.
> >
> > Please avoid mentioning that some functions return None - this is implied if
> > there is no return value type specified.
> >
> > Since Python supports optional arguments, can you perhaps make the mode of
> > the LDB file an optional argument that defaults to 0600 ?
> >
> > What is the public API for setting the wrap_url useful for exactly? Who
> > would call it?
> >
> > Cheers,
> >
> > Jelmer
> >
> >
> >> From: Matthias Dieter Walln??fer<mwallnoefer at yahoo.de>
> >> Date: Fri, 23 Oct 2009 13:16:54 +0000 (+0200)
> >> Subject: s4:LDB bindings - Work to make the python wrap connection more like the C wrap connection
> >> X-Git-Url: http://repo.or.cz/w/Samba/mdw.git?a=commitdiff_plain;h=5172606b5251078049cb1531abc205fc2af2c17d
> >>
> >> s4:LDB bindings - Work to make the python wrap connection more like the C wrap connection
> >>
> >> - Adds a call for setting the wrap URL on the LDB context
> >> - Add create permissions also on python bindings
> >> - Reorder some function bodies in "pyglue" to match the order in "ldb_wrap_connect"
> >> ---
> >>
> >> diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c
> >> index 71203d3..65a23f3 100644
> >> --- a/source4/scripting/python/pyglue.c
> >> +++ b/source4/scripting/python/pyglue.c
> >> @@ -102,6 +102,27 @@ static PyObject *py_set_debug_level(PyObject *self, PyObject *args)
> >> Py_RETURN_NONE;
> >> }
> >>
> >> +static PyObject *py_ldb_set_session_info(PyObject *self, PyObject *args)
> >> +{
> >> + PyObject *py_session_info, *py_ldb;
> >> + struct auth_session_info *info;
> >> + struct ldb_context *ldb;
> >> + if (!PyArg_ParseTuple(args, "OO",&py_ldb,&py_session_info))
> >> + return NULL;
> >> +
> >> + PyErr_LDB_OR_RAISE(py_ldb, ldb);
> >> + /*if (!PyAuthSession_Check(py_session_info)) {
> >> + PyErr_SetString(PyExc_TypeError, "Expected session info object");
> >> + return NULL;
> >> + }*/
> >> +
> >> + info = PyAuthSession_AsSession(py_session_info);
> >> +
> >> + ldb_set_opaque(ldb, "sessionInfo", info);
> >> +
> >> + Py_RETURN_NONE;
> >> +}
> >> +
> >> static PyObject *py_ldb_set_credentials(PyObject *self, PyObject *args)
> >> {
> >> PyObject *py_creds, *py_ldb;
> >> @@ -144,24 +165,17 @@ static PyObject *py_ldb_set_loadparm(PyObject *self, PyObject *args)
> >> Py_RETURN_NONE;
> >> }
> >>
> >> -
> >> -static PyObject *py_ldb_set_session_info(PyObject *self, PyObject *args)
> >> +static PyObject *py_ldb_set_wrap_url(PyObject *self, PyObject *args)
> >> {
> >> - PyObject *py_session_info, *py_ldb;
> >> - struct auth_session_info *info;
> >> + PyObject *py_ldb;
> >> + char *wrap_url;
> >> struct ldb_context *ldb;
> >> - if (!PyArg_ParseTuple(args, "OO",&py_ldb,&py_session_info))
> >> + if (!PyArg_ParseTuple(args, "Os",&py_ldb,&wrap_url))
> >> return NULL;
> >>
> >> PyErr_LDB_OR_RAISE(py_ldb, ldb);
> >> - /*if (!PyAuthSession_Check(py_session_info)) {
> >> - PyErr_SetString(PyExc_TypeError, "Expected session info object");
> >> - return NULL;
> >> - }*/
> >> -
> >> - info = PyAuthSession_AsSession(py_session_info);
> >>
> >> - ldb_set_opaque(ldb, "sessionInfo", info);
> >> + ldb_set_opaque(ldb, "wrap_url", wrap_url);
> >>
> >> Py_RETURN_NONE;
> >> }
> >> @@ -455,15 +469,18 @@ static PyMethodDef py_misc_methods[] = {
> >> "Generate random password with specified length." },
> >> { "unix2nttime", (PyCFunction)py_unix2nttime, METH_VARARGS,
> >> "unix2nttime(timestamp) -> nttime" },
> >> - { "ldb_set_credentials", (PyCFunction)py_ldb_set_credentials, METH_VARARGS,
> >> - "ldb_set_credentials(ldb, credentials) -> None\n"
> >> - "Set credentials to use when connecting." },
> >> { "ldb_set_session_info", (PyCFunction)py_ldb_set_session_info, METH_VARARGS,
> >> - "ldb_set_session_info(ldb, session_info)\n"
> >> + "ldb_set_session_info(ldb, session_info) -> None\n"
> >> "Set session info to use when connecting." },
> >> + { "ldb_set_credentials", (PyCFunction)py_ldb_set_credentials, METH_VARARGS,
> >> + "ldb_set_credentials(ldb, credentials) -> None\n"
> >> + "Set credentials to use when connecting." },
> >> { "ldb_set_loadparm", (PyCFunction)py_ldb_set_loadparm, METH_VARARGS,
> >> - "ldb_set_loadparm(ldb, session_info)\n"
> >> + "ldb_set_loadparm(ldb, session_info) -> None\n"
> >> "Set loadparm context to use when connecting." },
> >> + { "ldb_set_wrap_url", (PyCFunction)py_ldb_set_wrap_url, METH_VARARGS,
> >> + "ldb_set_wrap_url(ldb, wrap_url)\n"
> >> + "Set wrap URL to use when connecting." },
> >> { "samdb_set_domain_sid", (PyCFunction)py_samdb_set_domain_sid, METH_VARARGS,
> >> "samdb_set_domain_sid(samdb, sid)\n"
> >> "Set SID of domain to use." },
> >> diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py
> >> index 57cefdd..8b6e6fb 100644
> >> --- a/source4/scripting/python/samba/__init__.py
> >> +++ b/source4/scripting/python/samba/__init__.py
> >> @@ -103,18 +103,28 @@ class Ldb(ldb.Ldb):
> >> if nosync_p is not None and nosync_p == true:
> >> flags |= FLG_NOSYNC
> >>
> >> + # we usually want Samba databases to be private. If we later find we
> >> + # need one public, we will have to change this here
> >> + self.set_create_perms(0600)
> >> +
> >> if url is not None:
> >> self.connect(url, flags, options)
> >>
> >> - def set_credentials(self, credentials):
> >> - glue.ldb_set_credentials(self, credentials)
> >> + # setup for leak detection
> >> + self.set_wrap_url(url)
> >>
> >> def set_session_info(self, session_info):
> >> glue.ldb_set_session_info(self, session_info)
> >>
> >> + def set_credentials(self, credentials):
> >> + glue.ldb_set_credentials(self, credentials)
> >> +
> >> def set_loadparm(self, lp_ctx):
> >> glue.ldb_set_loadparm(self, lp_ctx)
> >>
> >> + def set_wrap_url(self, wrap_url):
> >> + glue.ldb_set_wrap_url(self, wrap_url)
> >> +
> >> def searchone(self, attribute, basedn=None, expression=None,
> >> scope=ldb.SCOPE_BASE):
> >> """Search for one attribute as a string.
> >>
> >
> >
>
--
Jelmer Vernooij <jelmer at samba.org> - http://samba.org/~jelmer/
Jabber: jelmer at jabber.fsfe.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091030/d7f585b5/attachment.pgp>
More information about the samba-technical
mailing list