[PATCH 4/7] s4:provision - Moved Samba provisioning operations into provision_samba().
Endi S. Dewata
edewata at redhat.com
Fri Jan 29 15:57:32 MST 2010
---
source4/scripting/python/samba/provision.py | 150 ++++++++++++++++-----------
1 files changed, 91 insertions(+), 59 deletions(-)
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 20acaa7..02bfd26 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -189,6 +189,7 @@ class ProvisionResult(object):
self.paths = None
self.domaindn = None
self.lp = None
+ self.secrets_ldb = None
self.samdb = None
def check_install(lp, session_info, credentials):
@@ -1096,6 +1097,8 @@ def provision(setup_dir, message, session_info,
def setup_path(file):
return os.path.join(setup_dir, file)
+ result = ProvisionResult()
+
if domainsid is None:
domainsid = security.random_sid()
else:
@@ -1128,14 +1131,6 @@ def provision(setup_dir, message, session_info,
if backend_type == "fedora-ds":
sid_generator = "backend"
- root_uid = findnss_uid([root or "root"])
- nobody_uid = findnss_uid([nobody or "nobody"])
- users_gid = findnss_gid([users or "users"])
- if wheel is None:
- wheel_gid = findnss_gid(["wheel", "adm"])
- else:
- wheel_gid = findnss_gid([wheel])
-
if targetdir is not None:
if (not os.path.exists(os.path.join(targetdir, "etc"))):
os.makedirs(os.path.join(targetdir, "etc"))
@@ -1237,6 +1232,85 @@ def provision(setup_dir, message, session_info,
provision_backend.init()
provision_backend.start()
+ provision_samba(result=result, paths=paths, message=message,
+ session_info=session_info, lp=lp, names=names, setup_path=setup_path,
+ provision_backend=provision_backend,
+ domainsid=domainsid, schema=schema, domainguid=domainguid,
+ policyguid=policyguid, policyguid_dc=policyguid_dc,
+ samdb_fill=samdb_fill,
+ adminpass=adminpass, krbtgtpass=krbtgtpass,
+ invocationid=invocationid,
+ machinepass=machinepass, dnspass=dnspass,
+ ntdsguid=ntdsguid, serverrole=serverrole,
+ dom_for_fun_level=dom_for_fun_level,
+ root=root, nobody=nobody, users=users, wheel=wheel,
+ domaindn=domaindn, hostip=hostip, hostip6=hostip6)
+
+ provision_backend.post_setup()
+ provision_backend.shutdown()
+
+ create_phpldapadmin_config(paths.phpldapadminconfig, setup_path,
+ ldapi_url)
+
+ #Now commit the secrets.ldb to disk
+ result.secrets_ldb.transaction_commit()
+
+ message("Please install the phpLDAPadmin configuration located at %s into /etc/phpldapadmin/config.php" % paths.phpldapadminconfig)
+
+ message("Once the above files are installed, your Samba4 server will be ready to use")
+ message("Server Role: %s" % serverrole)
+ message("Hostname: %s" % names.hostname)
+ message("NetBIOS Domain: %s" % names.domain)
+ message("DNS Domain: %s" % names.dnsdomain)
+ message("DOMAIN SID: %s" % str(domainsid))
+
+ if samdb_fill == FILL_FULL:
+ message("Admin password: %s" % adminpass)
+
+ if provision_backend.type is not "ldb":
+ if provision_backend.credentials.get_bind_dn() is not None:
+ message("LDAP Admin DN: %s" % provision_backend.credentials.get_bind_dn())
+ else:
+ message("LDAP Admin User: %s" % provision_backend.credentials.get_username())
+
+ message("LDAP Admin Password: %s" % provision_backend.credentials.get_password())
+
+ if provision_backend.slapd_command_escaped is not None:
+ # now display slapd_command_file.txt to show how slapd must be started next time
+ message("Use later the following commandline to start slapd, then Samba:")
+ message(provision_backend.slapd_command_escaped)
+ message("This slapd-Commandline is also stored under: " + provision_backend.ldapdir + "/ldap_backend_startup.sh")
+
+
+ result.domaindn = domaindn
+ result.paths = paths
+ result.lp = lp
+ return result
+
+
+def provision_samba(result, paths, message,
+ session_info, lp, names, setup_path,
+ provision_backend,
+ domainsid, schema, domainguid,
+ policyguid, policyguid_dc,
+ samdb_fill,
+ adminpass, krbtgtpass,
+ invocationid,
+ machinepass, dnspass,
+ ntdsguid, serverrole,
+ dom_for_fun_level,
+ root, nobody, users, wheel,
+ domaindn, hostip, hostip6):
+
+ root_uid = findnss_uid([root or "root"])
+ nobody_uid = findnss_uid([nobody or "nobody"])
+ users_gid = findnss_gid([users or "users"])
+
+ if wheel is None:
+ wheel_gid = findnss_gid(["wheel", "adm"])
+ else:
+ wheel_gid = findnss_gid([wheel])
+
# only install a new shares config db if there is none
if not os.path.exists(paths.shareconf):
message("Setting up share.ldb")
@@ -1246,7 +1320,7 @@ def provision(setup_dir, message, session_info,
message("Setting up secrets.ldb")
- secrets_ldb = setup_secretsdb(paths.secrets, setup_path,
+ result.secrets_ldb = setup_secretsdb(paths.secrets, setup_path,
session_info=session_info,
backend_credentials=provision_backend.secrets_credentials, lp=lp)
@@ -1262,7 +1336,7 @@ def provision(setup_dir, message, session_info,
lp=lp)
message("Setting up SAM db")
- samdb = setup_samdb(paths.samdb, setup_path, session_info,
+ result.samdb = setup_samdb(paths.samdb, setup_path, session_info,
provision_backend, lp, names,
message,
domainsid=domainsid,
@@ -1293,19 +1367,19 @@ def provision(setup_dir, message, session_info,
os.makedirs(paths.netlogon, 0755)
if samdb_fill == FILL_FULL:
- setup_name_mappings(samdb, idmap, str(domainsid), names.domaindn,
+ setup_name_mappings(result.samdb, idmap, str(domainsid), names.domaindn,
root_uid=root_uid, nobody_uid=nobody_uid,
users_gid=users_gid, wheel_gid=wheel_gid)
if serverrole == "domain controller":
# Set up group policies (domain policy and domain controller policy)
- setup_gpo(paths,names,samdb,policyguid,policyguid_dc,domainsid)
- setsysvolacl(samdb,names,paths.netlogon,paths.sysvol,wheel_gid,domainsid,lp)
+ setup_gpo(paths,names,result.samdb,policyguid,policyguid_dc,domainsid)
+ setsysvolacl(result.samdb,names,paths.netlogon,paths.sysvol,wheel_gid,domainsid,lp)
message("Setting up sam.ldb rootDSE marking as synchronized")
- setup_modify_ldif(samdb, setup_path("provision_rootdse_modify.ldif"))
+ setup_modify_ldif(result.samdb, setup_path("provision_rootdse_modify.ldif"))
- secretsdb_self_join(secrets_ldb, domain=names.domain,
+ secretsdb_self_join(result.secrets_ldb, domain=names.domain,
realm=names.realm,
dnsdomain=names.dnsdomain,
netbiosname=names.netbiosname,
@@ -1314,12 +1388,12 @@ def provision(setup_dir, message, session_info,
secure_channel_type=SEC_CHAN_BDC)
if serverrole == "domain controller":
- secretsdb_setup_dns(secrets_ldb, setup_path,
+ secretsdb_setup_dns(result.secrets_ldb, setup_path,
realm=names.realm, dnsdomain=names.dnsdomain,
dns_keytab_path=paths.dns_keytab,
dnspass=dnspass)
- domainguid = samdb.searchone(basedn=domaindn, attribute="objectGUID")
+ domainguid = result.samdb.searchone(basedn=domaindn, attribute="objectGUID")
assert isinstance(domainguid, str)
# Only make a zone file on the first DC, it should be replicated
@@ -1344,48 +1418,6 @@ def provision(setup_dir, message, session_info,
realm=names.realm)
message("A Kerberos configuration suitable for Samba 4 has been generated at %s" % paths.krb5conf)
- provision_backend.post_setup()
- provision_backend.shutdown()
-
- create_phpldapadmin_config(paths.phpldapadminconfig, setup_path,
- ldapi_url)
-
- #Now commit the secrets.ldb to disk
- secrets_ldb.transaction_commit()
-
- message("Please install the phpLDAPadmin configuration located at %s into /etc/phpldapadmin/config.php" % paths.phpldapadminconfig)
-
- message("Once the above files are installed, your Samba4 server will be ready to use")
- message("Server Role: %s" % serverrole)
- message("Hostname: %s" % names.hostname)
- message("NetBIOS Domain: %s" % names.domain)
- message("DNS Domain: %s" % names.dnsdomain)
- message("DOMAIN SID: %s" % str(domainsid))
- if samdb_fill == FILL_FULL:
- message("Admin password: %s" % adminpass)
- if provision_backend.type is not "ldb":
- if provision_backend.credentials.get_bind_dn() is not None:
- message("LDAP Backend Admin DN: %s" % provision_backend.credentials.get_bind_dn())
- else:
- message("LDAP Admin User: %s" % provision_backend.credentials.get_username())
-
- message("LDAP Admin Password: %s" % provision_backend.credentials.get_password())
-
- if provision_backend.slapd_command_escaped is not None:
- # now display slapd_command_file.txt to show how slapd must be started next time
- message("Use later the following commandline to start slapd, then Samba:")
- message(provision_backend.slapd_command_escaped)
- message("This slapd-Commandline is also stored under: " + provision_backend.ldapdir + "/ldap_backend_startup.sh")
-
-
- result = ProvisionResult()
- result.domaindn = domaindn
- result.paths = paths
- result.lp = lp
- result.samdb = samdb
- return result
-
-
def provision_become_dc(setup_dir=None,
smbconf=None, targetdir=None, realm=None,
--
1.6.6
------=_Part_68415_58125355.1265837901273
Content-Type: text/x-patch;
name=0005-s4-provision-Moved-helper-functions-into-provisionut.patch
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=0005-s4-provision-Moved-helper-functions-into-provisionut.patch
More information about the samba-technical
mailing list