The branch, master has been updated via 7b7213f... s4-provision: Use logger in provision backends. via 5105821... s4-test: Use smb.conf path set in environment rather than using command-line options. via 46037a8... Remove unused version options for subunitrun. via 74ed48a... Friendlier message. via d9d0d54... upgradeprovision: Use logging infrastructure. via 3552ad3... upgrade: Properly cancel/commit transactions in a couple more places. via 956a256... s4-python: Start using standard python logging infrastructure rather than simple messaging callbacks. from f0afda1... Fix aio_read detection for -lrt
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 7b7213f1eedfbb68217fa760edaa3392dab5f507 Author: Jelmer Vernooij <jel...@samba.org> Date: Sun Jun 13 17:43:25 2010 +0200 s4-provision: Use logger in provision backends. commit 51058213cb183bcb127f5bb275cbb781efc55e35 Author: Jelmer Vernooij <jel...@samba.org> Date: Sun Jun 13 16:38:24 2010 +0200 s4-test: Use smb.conf path set in environment rather than using command-line options. This is the first step towards supporting custom test runners. commit 46037a816091506c4c89df6141d57b281728b395 Author: Jelmer Vernooij <jel...@samba.org> Date: Sun Jun 13 16:02:26 2010 +0200 Remove unused version options for subunitrun. commit 74ed48aa1cf6169757a397ad89dfe88736b0468b Author: Jelmer Vernooij <jel...@samba.org> Date: Sun Jun 13 15:57:44 2010 +0200 Friendlier message. commit d9d0d54475c1bf78ce1c45f139097cd30029ccaa Author: Jelmer Vernooij <jel...@samba.org> Date: Sun Jun 13 15:32:41 2010 +0200 upgradeprovision: Use logging infrastructure. commit 3552ad3ab13a97c28925713dcea01d1e01df8868 Author: Jelmer Vernooij <jel...@samba.org> Date: Sun Jun 13 15:13:12 2010 +0200 upgrade: Properly cancel/commit transactions in a couple more places. commit 956a256faa035fbc43dbd37273d1c5d62aee0735 Author: Jelmer Vernooij <jel...@samba.org> Date: Sun Jun 13 15:05:50 2010 +0200 s4-python: Start using standard python logging infrastructure rather than simple messaging callbacks. ----------------------------------------------------------------------- Summary of changes: source4/auth/gensec/tests/bindings.py | 4 +- source4/dsdb/samdb/ldb_modules/tests/samba3sam.py | 29 +- source4/lib/ldb/tests/python/dsdb_schema_info.py | 4 +- source4/scripting/bin/rebuildextendeddn | 9 +- source4/scripting/bin/subunitrun | 6 +- source4/scripting/bin/upgradeprovision | 293 ++++++++++--------- source4/scripting/python/samba/ntacls.py | 2 +- source4/scripting/python/samba/provision.py | 171 ++++++------ source4/scripting/python/samba/provisionbackend.py | 37 ++-- source4/scripting/python/samba/tests/__init__.py | 13 +- .../scripting/python/samba/tests/dcerpc/bare.py | 12 +- source4/scripting/python/samba/tests/provision.py | 5 +- source4/scripting/python/samba/tests/samdb.py | 3 +- source4/scripting/python/samba/upgrade.py | 17 +- source4/scripting/python/samba/upgradehelpers.py | 30 +- source4/selftest/tests.sh | 16 +- source4/setup/provision | 19 +- source4/setup/upgrade_from_s3 | 18 +- 18 files changed, 355 insertions(+), 333 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/auth/gensec/tests/bindings.py b/source4/auth/gensec/tests/bindings.py index f88fa82..b9d80e4 100644 --- a/source4/auth/gensec/tests/bindings.py +++ b/source4/auth/gensec/tests/bindings.py @@ -25,14 +25,14 @@ the functionality, that's already done in other tests. import unittest from samba import gensec -from samba.tests import cmdline_loadparm +from samba.tests import env_loadparm class CredentialsTests(unittest.TestCase): def setUp(self): settings = {} settings["target_hostname"] = "localhost" - settings["lp_ctx"] = cmdline_loadparm + settings["lp_ctx"] = env_loadparm() self.gensec = gensec.Security.start_client(settings) def test_info(self): diff --git a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py index cc1a86e..aa428d1 100644 --- a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py +++ b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py @@ -24,13 +24,12 @@ import os import ldb -from ldb import SCOPE_DEFAULT, SCOPE_BASE, SCOPE_SUBTREE +from ldb import SCOPE_DEFAULT, SCOPE_BASE from samba import Ldb, substitute_var -from samba.tests import LdbTestCase, TestCaseInTempDir, cmdline_loadparm +from samba.tests import TestCaseInTempDir, env_loadparm import samba.dcerpc.security import samba.ndr from samba.auth import system_session -from samba import param datadir = os.path.join(os.path.dirname(__file__), "../../../../../testdata/samba3") @@ -60,9 +59,10 @@ class MapBaseTestCase(TestCaseInTempDir): "modules": "*:"}) def setUp(self): - cmdline_loadparm.set("sid generator", "backend") - cmdline_loadparm.set("workgroup", "TESTS") - cmdline_loadparm.set("netbios name", "TESTS") + self.lp = env_loadparm() + self.lp.set("sid generator", "backend") + self.lp.set("workgroup", "TESTS") + self.lp.set("netbios name", "TESTS") super(MapBaseTestCase, self).setUp() def make_dn(basedn, rdn): @@ -79,8 +79,9 @@ class MapBaseTestCase(TestCaseInTempDir): class Target: """Simple helper class that contains data for a specific SAM connection.""" - def __init__(self, basedn, dn): - self.db = Ldb(lp=cmdline_loadparm, session_info=system_session()) + + def __init__(self, basedn, dn, lp): + self.db = Ldb(lp=lp, session_info=system_session()) self.basedn = basedn self.basedn_casefold = ldb.Dn(self.db, basedn).get_casefold() self.substvars = {"BASEDN": self.basedn} @@ -106,8 +107,8 @@ class MapBaseTestCase(TestCaseInTempDir): def modify_ldif(self, ldif): self.db.modify_ldif(self.subst(ldif)) - self.samba4 = Target("dc=vernstok,dc=nl", make_s4dn) - self.samba3 = Target("cn=Samba3Sam", make_dn) + self.samba4 = Target("dc=vernstok,dc=nl", make_s4dn, self.lp) + self.samba3 = Target("cn=Samba3Sam", make_dn, self.lp) self.samba3.connect() self.samba4.connect() @@ -129,13 +130,13 @@ class Samba3SamTestCase(MapBaseTestCase): def setUp(self): super(Samba3SamTestCase, self).setUp() - ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) + ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session()) self.samba3.setup_data("samba3.ldif") ldif = read_datafile("provision_samba3sam.ldif") ldb.add_ldif(self.samba4.subst(ldif)) self.setup_modules(ldb, self.samba3, self.samba4) del ldb - self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) + self.ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session()) def test_search_non_mapped(self): """Looking up by non-mapped attribute""" @@ -296,12 +297,12 @@ class MapTestCase(MapBaseTestCase): def setUp(self): super(MapTestCase, self).setUp() - ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) + ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session()) ldif = read_datafile("provision_samba3sam.ldif") ldb.add_ldif(self.samba4.subst(ldif)) self.setup_modules(ldb, self.samba3, self.samba4) del ldb - self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) + self.ldb = Ldb(self.ldburl, lp=self.lp, session_info=system_session()) def test_map_search(self): """Running search tests on mapped data.""" diff --git a/source4/lib/ldb/tests/python/dsdb_schema_info.py b/source4/lib/ldb/tests/python/dsdb_schema_info.py index f0c8c14..976d670 100755 --- a/source4/lib/ldb/tests/python/dsdb_schema_info.py +++ b/source4/lib/ldb/tests/python/dsdb_schema_info.py @@ -198,7 +198,7 @@ systemOnly: FALSE ######################################################################################## if not "DC_SERVER" in os.environ.keys(): - raise AssertionError, "Please supply TARGET_DC in environment" + raise AssertionError("Please supply TARGET_DC in environment") ldb_url = os.environ["DC_SERVER"] ldb_options = [] @@ -211,7 +211,7 @@ if not "://" in ldb_url: ldb_options = ["modules:paged_searches"] ldb = Ldb(url=ldb_url, - lp=samba.tests.cmdline_loadparm, + lp=samba.tests.env_loadparm(), session_info=system_session(), credentials=samba.tests.cmdline_credentials, options=ldb_options) diff --git a/source4/scripting/bin/rebuildextendeddn b/source4/scripting/bin/rebuildextendeddn index eed3a17..1154b7c 100755 --- a/source4/scripting/bin/rebuildextendeddn +++ b/source4/scripting/bin/rebuildextendeddn @@ -23,7 +23,6 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # -import getopt import optparse import os import sys @@ -33,14 +32,12 @@ sys.path.insert(0, "bin/python") import samba from samba.credentials import DONT_USE_KERBEROS from samba.auth import system_session -from samba import Ldb, substitute_var, valid_netbios_name, check_all_substituted -from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \ - timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE +from samba import Ldb +from ldb import SCOPE_SUBTREE, SCOPE_BASE import ldb import samba.getopt as options -from samba.samdb import SamDB from samba import param -from samba.provision import ProvisionPaths, ProvisionNames, provision_paths_from_lp +from samba.provision import ProvisionNames, provision_paths_from_lp from samba.schema import get_dnsyntax_attributes, get_linked_attributes parser = optparse.OptionParser("provision [options]") diff --git a/source4/scripting/bin/subunitrun b/source4/scripting/bin/subunitrun index 7b9f20e..a6337e5 100755 --- a/source4/scripting/bin/subunitrun +++ b/source4/scripting/bin/subunitrun @@ -35,14 +35,10 @@ from subunit.run import SubunitTestRunner parser = optparse.OptionParser("subunitrun [options] <tests>") credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) -sambaopts = options.SambaOptions(parser) -parser.add_option_group(sambaopts) -parser.add_option_group(options.VersionOptions(parser)) args = parser.parse_args()[1] -samba.tests.cmdline_loadparm = sambaopts.get_loadparm() -samba.tests.cmdline_credentials = credopts.get_credentials(samba.tests.cmdline_loadparm) +samba.tests.cmdline_credentials = credopts.get_credentials(samba.tests.env_loadparm()) runner = SubunitTestRunner() program = TestProgram(module=None, argv=[sys.argv[0]] + args, testRunner=runner) diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision index 066fbe4..b7582d0 100755 --- a/source4/scripting/bin/upgradeprovision +++ b/source4/scripting/bin/upgradeprovision @@ -22,9 +22,10 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. -import shutil +import logging import optparse import os +import shutil import sys import tempfile # Allow to run from s4 source directory (without installing samba) @@ -35,12 +36,13 @@ import samba.getopt as options from samba.credentials import DONT_USE_KERBEROS from samba.auth import system_session, admin_session from samba import Ldb, version -from ldb import SCOPE_SUBTREE, SCOPE_BASE, \ - FLAG_MOD_REPLACE, FLAG_MOD_ADD, FLAG_MOD_DELETE,\ - MessageElement, Message, Dn +from ldb import (SCOPE_SUBTREE, SCOPE_BASE, FLAG_MOD_REPLACE, + FLAG_MOD_ADD, FLAG_MOD_DELETE, MessageElement, Message, Dn) from samba import param from samba.misc import messageEltFlagToString -from samba.provision import find_setup_dir, get_domain_descriptor, get_config_descriptor, secretsdb_self_join,set_gpo_acl,getpolicypath,create_gpo_struct, ProvisioningError +from samba.provision import (find_setup_dir, get_domain_descriptor, + get_config_descriptor, secretsdb_self_join, set_gpo_acl, + getpolicypath, create_gpo_struct, ProvisioningError) from samba.schema import get_linked_attributes, Schema, get_schema_descriptor from samba.dcerpc import security from samba.ndr import ndr_unpack @@ -119,22 +121,22 @@ parser.add_option("--full", help="Perform full upgrade of the samdb (schema, con opts = parser.parse_args()[0] -whatToLog = define_what_to_log(opts) +handler = logging.StreamHandler(sys.stdout) +upgrade_logger = logging.getLogger("upgradeprovision") +upgrade_logger.addHandler(handler) -def messageprovision(text): - """Print a message if quiet is not set +provision_logger = logging.getLogger("provision") +provision_logger.addHandler(handler) - :param text: Message to print """ - if opts.debugprovision or opts.debugall: - print text +whatToLog = define_what_to_log(opts) -def message(what,text): +def message(what, text): """Print a message if this message type has been selected to be printed :param what: Category of the message :param text: Message to print """ if (whatToLog & what) or what <= 0: - print text + upgrade_logger.info("%s", text) if len(sys.argv) == 1: opts.interactive = True @@ -198,10 +200,10 @@ def sanitychecks(credentials,session_info,names,paths): sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp,options=["modules:samba_dsdb"]) sam_ldb.set_session_info(session) - res = sam_ldb.search(expression="objectClass=ntdsdsa",base=str(names.configdn), - scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"]) + res = sam_ldb.search(expression="objectClass=ntdsdsa", base=str(names.configdn), + scope=SCOPE_SUBTREE, attrs=["dn"], controls=["search_options:1:2"]) if len(res) == 0: - print "No DC found, your provision is most probalby hardly broken !" + print "No DC found, your provision is most probably hardly broken !" return False elif len(res) != 1: print "Found %d domain controllers, for the moment upgradeprovision is not able to handle upgrade on \ @@ -327,7 +329,7 @@ def update_secrets(newpaths, paths, creds, session): :param creds: credential for the authentification :param session: session for connexion""" - message(SIMPLE,"update secrets.ldb") + message(SIMPLE, "update secrets.ldb") newsecrets_ldb = Ldb(newpaths.secrets, session_info=session, credentials=creds,lp=lp) secrets_ldb = Ldb(paths.secrets, session_info=session, @@ -370,9 +372,9 @@ def update_secrets(newpaths, paths, creds, session): delta = secrets_ldb.msg_diff(empty,reference[0]) for att in hashAttrNotCopied.keys(): delta.remove(att) - message(CHANGE,"Entry %s is missing from secrets.ldb"%reference[0].dn) + message(CHANGE, "Entry %s is missing from secrets.ldb"%reference[0].dn) for att in delta: - message(CHANGE," Adding attribute %s"%att) + message(CHANGE, " Adding attribute %s"%att) delta.dn = reference[0].dn secrets_ldb.add(delta) @@ -384,7 +386,7 @@ def update_secrets(newpaths, paths, creds, session): delta.remove(att) for att in delta: if att == "name": - message(CHANGE,"Found attribute name on %s, must rename the DN "%(current[0].dn)) + message(CHANGE, "Found attribute name on %s, must rename the DN "%(current[0].dn)) identic_rename(secrets_ldb,reference[0].dn) else: delta.remove(att) @@ -397,7 +399,7 @@ def update_secrets(newpaths, paths, creds, session): delta.remove(att) for att in delta: if att != "dn": - message(CHANGE," Adding/Changing attribute %s to %s"%(att,current[0].dn)) + message(CHANGE, " Adding/Changing attribute %s to %s"%(att,current[0].dn)) delta.dn = current[0].dn secrets_ldb.modify(delta) @@ -416,16 +418,16 @@ def dump_denied_change(dn,att,flagtxt,current,reference): if att != "objectSid" : i = 0 for e in range(0,len(current)): - message(CHANGE,"old %d : %s"%(i,str(current[e]))) + message(CHANGE, "old %d : %s"%(i,str(current[e]))) i+=1 if reference != None: i = 0 for e in range(0,len(reference)): - message(CHANGE,"new %d : %s"%(i,str(reference[e]))) + message(CHANGE, "new %d : %s"%(i,str(reference[e]))) i+=1 else: - message(CHANGE,"old : %s"%str(ndr_unpack( security.dom_sid,current[0]))) - message(CHANGE,"new : %s"%str(ndr_unpack( security.dom_sid,reference[0]))) + message(CHANGE, "old : %s"%str(ndr_unpack( security.dom_sid,current[0]))) + message(CHANGE, "new : %s"%str(ndr_unpack( security.dom_sid,reference[0]))) def handle_special_add(sam_ldb,dn,names): @@ -451,7 +453,7 @@ def handle_special_add(sam_ldb,dn,names): if dntoremove != None: res = sam_ldb.search(expression="objectClass=*",base=dntoremove, scope=SCOPE_BASE,attrs=["dn"],controls=["search_options:1:2"]) if len(res) > 0: - message(CHANGE,"Existing object %s must be replaced by %s, removing old object"%(dntoremove,str(dn))) + message(CHANGE, "Existing object %s must be replaced by %s, removing old object"%(dntoremove,str(dn))) sam_ldb.delete(res[0]["dn"]) @@ -501,11 +503,11 @@ def add_missing_object(newsam_ldb, sam_ldb, dn, names, basedn, hash, index): for att in dn_syntax_att: depend_on_yet_tobecreated = check_dn_nottobecreated(hash,index,delta.get(str(att))) if depend_on_yet_tobecreated != None: - message(CHANGE,"Object %s depends on %s in attribute %s, delaying the creation" + message(CHANGE, "Object %s depends on %s in attribute %s, delaying the creation" %(str(dn),depend_on_yet_tobecreated,str(att))) return False delta.dn = dn - message(CHANGE,"Object %s will be added"%dn) + message(CHANGE, "Object %s will be added"%dn) sam_ldb.add(delta,["relax:0"]) return True @@ -579,14 +581,18 @@ def check_diff_name(newpaths, paths, creds, session, basedn, names, ischema): newsam_ldb = Ldb(newpaths.samdb, session_info=session, credentials=creds,lp=lp) sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp, options=["modules:samba_dsdb"]) sam_ldb.transaction_start() - if ischema: - reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"]) - current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"]) + try: + if ischema: + reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"]) + current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"]) + else: + reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"]) + current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"]) + except: + sam_ldb.transaction_cancel() + raise else: - reference = newsam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"]) - current = sam_ldb.search(expression="objectClass=*",base=basedn, scope=SCOPE_SUBTREE,attrs=["dn"],controls=["search_options:1:2"]) - - sam_ldb.transaction_commit() + sam_ldb.transaction_commit() # Create a hash for speeding the search of new object for i in range(0,len(reference)): hash_new[str(reference[i]["dn"]).lower()] = reference[i]["dn"] @@ -628,58 +634,62 @@ def check_diff_name(newpaths, paths, creds, session, basedn, names, ischema): sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp, options=["modules:samba_dsdb"]) sam_ldb.transaction_start() - # XXX: This needs to be wrapped in try/except so we - # abort on exceptions. - message(SIMPLE,"There are %d missing objects"%(len(listMissing))) - add_missing_entries(newsam_ldb,sam_ldb,names,basedn,listMissing) - changed = 0 - for dn in listPresent: - reference = newsam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"]) - current = sam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"]) - if ((str(current[0].dn) != str(reference[0].dn)) and (str(current[0].dn).upper() == str(reference[0].dn).upper())): - message(CHANGE,"Name are the same but case change, let's rename %s to %s"%(str(current[0].dn),str(reference[0].dn))) - identic_rename(sam_ldb,reference[0].dn) + try: + # XXX: This needs to be wrapped in try/except so we + # abort on exceptions. + message(SIMPLE, "There are %d missing objects"%(len(listMissing))) + add_missing_entries(newsam_ldb,sam_ldb,names,basedn,listMissing) + changed = 0 + for dn in listPresent: + reference = newsam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"]) current = sam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"]) + if ((str(current[0].dn) != str(reference[0].dn)) and (str(current[0].dn).upper() == str(reference[0].dn).upper())): + message(CHANGE, "Name are the same but case change, let's rename %s to %s"%(str(current[0].dn),str(reference[0].dn))) + identic_rename(sam_ldb,reference[0].dn) + current = sam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"]) - delta = sam_ldb.msg_diff(current[0],reference[0]) - for att in hashAttrNotCopied.keys(): - delta.remove(att) - for att in backlinked: - delta.remove(att) - delta.remove("parentGUID") - nb = 0 - - for att in delta: - msgElt = delta.get(att) - if att == "dn": - continue - if att == "name": + delta = sam_ldb.msg_diff(current[0],reference[0]) + for att in hashAttrNotCopied.keys(): delta.remove(att) - continue - if not handle_security_desc(ischema,att,msgElt,hashallSD,current,reference): + for att in backlinked: delta.remove(att) - continue - if (not hashOverwrittenAtt.has_key(att) or not (hashOverwrittenAtt.get(att)&2^msgElt.flags())): - if hashOverwrittenAtt.has_key(att) and hashOverwrittenAtt.get(att)==never: + delta.remove("parentGUID") + nb = 0 + + for att in delta: + msgElt = delta.get(att) + if att == "dn": + continue + if att == "name": delta.remove(att) continue - if not handle_special_case(att,delta,reference,current,ischema) and msgElt.flags()!=FLAG_MOD_ADD: - if opts.debugchange or opts.debugall: - try: - dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],reference[0][att]) - except: - # FIXME: Should catch an explicit exception here - dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],None) + if not handle_security_desc(ischema,att,msgElt,hashallSD,current,reference): delta.remove(att) - delta.dn = dn - if len(delta.items()) >1: - attributes=",".join(delta.keys()) - message(CHANGE,"%s is different from the reference one, changed attributes: %s"%(dn,attributes)) - changed = changed + 1 - sam_ldb.modify(delta) - - sam_ldb.transaction_commit() - message(SIMPLE,"There are %d changed objects"%(changed)) + continue + if (not hashOverwrittenAtt.has_key(att) or not (hashOverwrittenAtt.get(att)&2^msgElt.flags())): + if hashOverwrittenAtt.has_key(att) and hashOverwrittenAtt.get(att)==never: + delta.remove(att) + continue + if not handle_special_case(att,delta,reference,current,ischema) and msgElt.flags()!=FLAG_MOD_ADD: + if opts.debugchange or opts.debugall: + try: + dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],reference[0][att]) + except: + # FIXME: Should catch an explicit exception here + dump_denied_change(dn,att,messageEltFlagToString(msgElt.flags()),current[0][att],None) + delta.remove(att) + delta.dn = dn + if len(delta.items()) >1: + attributes=",".join(delta.keys()) + message(CHANGE, "%s is different from the reference one, changed attributes: %s"%(dn,attributes)) + changed = changed + 1 + sam_ldb.modify(delta) + except: + sam_ldb.transaction_cancel() + raise + else: + sam_ldb.transaction_commit() + message(SIMPLE, "There are %d changed objects"%(changed)) return hashallSD @@ -723,57 +733,62 @@ def update_sd(paths, creds, session, names): sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp,options=["modules:samba_dsdb"]) sam_ldb.transaction_start() - # First update the SD for the rootdn - sam_ldb.set_session_info(session) - res = sam_ldb.search(expression="objectClass=*", base=str(names.rootdn), scope=SCOPE_BASE,\ - attrs=["dn", "whenCreated"], controls=["search_options:1:2"]) - delta = Message() - delta.dn = Dn(sam_ldb,str(res[0]["dn"])) - descr = get_domain_descriptor(names.domainsid) - delta["nTSecurityDescriptor"] = MessageElement(descr, FLAG_MOD_REPLACE, "nTSecurityDescriptor") - sam_ldb.modify(delta,["recalculate_sd:0"]) - # Then the config dn - res = sam_ldb.search(expression="objectClass=*",base=str(names.configdn), scope=SCOPE_BASE,attrs=["dn","whenCreated"],controls=["search_options:1:2"]) - delta = Message() - delta.dn = Dn(sam_ldb,str(res[0]["dn"])) - descr = get_config_descriptor(names.domainsid) - delta["nTSecurityDescriptor"] = MessageElement(descr, FLAG_MOD_REPLACE, "nTSecurityDescriptor" ) - sam_ldb.modify(delta,["recalculate_sd:0"]) - # Then the schema dn - res = sam_ldb.search(expression="objectClass=*",base=str(names.schemadn), scope=SCOPE_BASE,attrs=["dn","whenCreated"],controls=["search_options:1:2"]) - delta = Message() -- Samba Shared Repository