The branch, master has been updated via 258dc02 s4:role transfer - use always type "enum drepl_role_master" for role specifications via d613f91 s4:samba3sam LDB module - correctly print out an unsigned value via 2163c7a s4:samba3sam LDB module - make the "pw_uid"/"pw_gid" conversion a bit clearer via e9f019e s4:dsdb tests - make use of "ldb.get_domain_sid()" via 7545b5b s4:dsdb/tests/python/sam.py - we don't need the domain SID via 02addbc s4:torture/drs/python/fsmo.py - fix comments and an error message from 847b909 s4-samba-tool: removed old C implementation of samba-tool drs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 258dc02a9db9280b43d336eecf4a63df790c1945 Author: Matthias Dieter Wallnöfer <m...@samba.org> Date: Sat Nov 27 14:40:53 2010 +0100 s4:role transfer - use always type "enum drepl_role_master" for role specifications Autobuild-User: Matthias Dieter Wallnöfer <m...@samba.org> Autobuild-Date: Sat Nov 27 16:03:43 CET 2010 on sn-devel-104 commit d613f91a74be13cde375ad742b9dab3af2a75935 Author: Matthias Dieter Wallnöfer <m...@samba.org> Date: Sat Nov 27 14:17:53 2010 +0100 s4:samba3sam LDB module - correctly print out an unsigned value Here we can print it out as unsigned since we are generating a string attribute. commit 2163c7a2985b750218661552760400ce485bf894 Author: Matthias Dieter Wallnöfer <m...@samba.org> Date: Sat Nov 27 14:07:31 2010 +0100 s4:samba3sam LDB module - make the "pw_uid"/"pw_gid" conversion a bit clearer And remove the "long" specifier since at least on the major platforms (Linux, BSD and Solaris) these types are defined as "uint32_t". commit e9f019e28c267b35c1f5e5a232751c2ca920e1e5 Author: Matthias Dieter Wallnöfer <m...@samba.org> Date: Sat Nov 27 12:32:22 2010 +0100 s4:dsdb tests - make use of "ldb.get_domain_sid()" commit 7545b5b3db77d3696fb725b1655b82c164647289 Author: Matthias Dieter Wallnöfer <m...@samba.org> Date: Sat Nov 27 12:21:59 2010 +0100 s4:dsdb/tests/python/sam.py - we don't need the domain SID commit 02addbc40d0812d6398d4a9388c5879ae5bae284 Author: Matthias Dieter Wallnöfer <m...@samba.org> Date: Sat Nov 27 12:08:03 2010 +0100 s4:torture/drs/python/fsmo.py - fix comments and an error message ----------------------------------------------------------------------- Summary of changes: source4/dsdb/repl/drepl_fsmo.c | 5 ++--- source4/dsdb/repl/drepl_service.h | 2 ++ source4/dsdb/samdb/ldb_modules/rootdse.c | 2 +- source4/dsdb/samdb/ldb_modules/samba3sam.c | 11 ++++++++--- source4/dsdb/tests/python/acl.py | 6 +----- source4/dsdb/tests/python/ldap.py | 6 +----- source4/dsdb/tests/python/ldap_syntaxes.py | 9 ++------- source4/dsdb/tests/python/sam.py | 5 ----- source4/dsdb/tests/python/sec_descriptor.py | 6 +----- source4/librpc/idl/irpc.idl | 2 +- source4/torture/drs/python/fsmo.py | 6 +++--- 11 files changed, 22 insertions(+), 38 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/repl/drepl_fsmo.c b/source4/dsdb/repl/drepl_fsmo.c index ad655f7..98bc1c1 100644 --- a/source4/dsdb/repl/drepl_fsmo.c +++ b/source4/dsdb/repl/drepl_fsmo.c @@ -30,8 +30,7 @@ #include "smbd/service.h" #include "dsdb/repl/drepl_service.h" #include "param/param.h" -#include "lib/messaging/irpc.h" -#include "librpc/gen_ndr/ndr_irpc.h" +#include "librpc/gen_ndr/irpc.h" static void drepl_role_callback(struct dreplsrv_service *service, WERROR werr, @@ -59,7 +58,7 @@ static bool fsmo_master_cmp(struct ldb_dn *ntds_dn, struct ldb_dn *role_owner_dn see which role is we are asked to assume, initialize data and send request */ WERROR dreplsrv_fsmo_role_check(struct dreplsrv_service *service, - uint32_t role) + enum drepl_role_master role) { struct ldb_dn *role_owner_dn, *fsmo_role_dn, *ntds_dn; TALLOC_CTX *tmp_ctx = talloc_new(service); diff --git a/source4/dsdb/repl/drepl_service.h b/source4/dsdb/repl/drepl_service.h index 48b084f..ffff0bf 100644 --- a/source4/dsdb/repl/drepl_service.h +++ b/source4/dsdb/repl/drepl_service.h @@ -233,6 +233,8 @@ struct dreplsrv_service { bool am_rodc; }; +enum drepl_role_master; + #include "dsdb/repl/drepl_out_helpers.h" #include "dsdb/repl/drepl_service_proto.h" diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 5eac74f..e7ea765 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -1154,7 +1154,7 @@ static int rootdse_add(struct ldb_module *module, struct ldb_request *req) static int rootdse_become_master(struct ldb_module *module, struct ldb_request *req, - uint32_t role) + enum drepl_role_master role) { struct drepl_takeFSMORole r; struct messaging_context *msg; diff --git a/source4/dsdb/samdb/ldb_modules/samba3sam.c b/source4/dsdb/samdb/ldb_modules/samba3sam.c index 318d605..e9830c9 100644 --- a/source4/dsdb/samdb/ldb_modules/samba3sam.c +++ b/source4/dsdb/samdb/ldb_modules/samba3sam.c @@ -106,7 +106,8 @@ static void generate_sambaPrimaryGroupSID(struct ldb_module *module, const char sidstring = dom_sid_string(remote_mp, sid); talloc_free(sid); - ldb_msg_add_fmt(remote_mp, "sambaPrimaryGroupSID", "%s-%d", sidstring, ldb_msg_find_attr_as_uint(local, "primaryGroupID", 0)); + ldb_msg_add_fmt(remote_mp, "sambaPrimaryGroupSID", "%s-%u", sidstring, + ldb_msg_find_attr_as_uint(local, "primaryGroupID", 0)); talloc_free(sidstring); } @@ -151,7 +152,9 @@ static struct ldb_val lookup_gid(struct ldb_module *module, TALLOC_CTX *ctx, con return *talloc_zero(ctx, struct ldb_val); } - retval.data = (uint8_t *)talloc_asprintf(ctx, "%ld", (unsigned long)pwd->pw_gid); + /* "pw_gid" is per POSIX definition "unsigned". + * But write it out as "signed" for LDAP compliance. */ + retval.data = (uint8_t *)talloc_asprintf(ctx, "%d", (int) pwd->pw_gid); retval.length = strlen((char *)retval.data); return retval; @@ -168,7 +171,9 @@ static struct ldb_val lookup_uid(struct ldb_module *module, TALLOC_CTX *ctx, con return *talloc_zero(ctx, struct ldb_val); } - retval.data = (uint8_t *)talloc_asprintf(ctx, "%ld", (unsigned long)pwd->pw_uid); + /* "pw_uid" is per POSIX definition "unsigned". + * But write it out as "signed" for LDAP compliance. */ + retval.data = (uint8_t *)talloc_asprintf(ctx, "%d", (int) pwd->pw_uid); retval.length = strlen((char *)retval.data); return retval; diff --git a/source4/dsdb/tests/python/acl.py b/source4/dsdb/tests/python/acl.py index 9a0e754..c540e7e 100755 --- a/source4/dsdb/tests/python/acl.py +++ b/source4/dsdb/tests/python/acl.py @@ -59,15 +59,11 @@ creds.set_gensec_features(creds.get_gensec_features() | gensec.FEATURE_SEAL) class AclTests(samba.tests.TestCase): - def find_domain_sid(self, ldb): - res = ldb.search(base=self.base_dn, expression="(objectClass=*)", scope=SCOPE_BASE) - return ndr_unpack(security.dom_sid,res[0]["objectSid"][0]) - def setUp(self): super(AclTests, self).setUp() self.ldb_admin = ldb self.base_dn = ldb.domain_dn() - self.domain_sid = self.find_domain_sid(self.ldb_admin) + self.domain_sid = security.dom_sid(ldb.get_domain_sid()) self.user_pass = "samba123@" self.configuration_dn = self.ldb_admin.get_config_basedn().get_linearized() print "baseDN: %s" % self.base_dn diff --git a/source4/dsdb/tests/python/ldap.py b/source4/dsdb/tests/python/ldap.py index f11176b..f23de8d 100755 --- a/source4/dsdb/tests/python/ldap.py +++ b/source4/dsdb/tests/python/ldap.py @@ -62,10 +62,6 @@ creds = credopts.get_credentials(lp) class BasicTests(unittest.TestCase): - def find_domain_sid(self): - res = self.ldb.search(base=self.base_dn, expression="(objectClass=*)", scope=SCOPE_BASE) - return ndr_unpack( security.dom_sid,res[0]["objectSid"][0]) - def setUp(self): super(BasicTests, self).setUp() self.ldb = ldb @@ -73,7 +69,7 @@ class BasicTests(unittest.TestCase): self.base_dn = ldb.domain_dn() self.configuration_dn = ldb.get_config_basedn().get_linearized() self.schema_dn = ldb.get_schema_basedn().get_linearized() - self.domain_sid = self.find_domain_sid() + self.domain_sid = security.dom_sid(ldb.get_domain_sid()) print "baseDN: %s\n" % self.base_dn diff --git a/source4/dsdb/tests/python/ldap_syntaxes.py b/source4/dsdb/tests/python/ldap_syntaxes.py index f1f30c7..54198d7 100644 --- a/source4/dsdb/tests/python/ldap_syntaxes.py +++ b/source4/dsdb/tests/python/ldap_syntaxes.py @@ -51,10 +51,6 @@ creds = credopts.get_credentials(lp) class SyntaxTests(unittest.TestCase): - def _find_domain_sid(self): - res = self.ldb.search(base=self.base_dn, expression="(objectClass=*)", scope=SCOPE_BASE) - return ndr_unpack( security.dom_sid,res[0]["objectSid"][0]) - def setUp(self): super(SyntaxTests, self).setUp() self.ldb = ldb @@ -62,7 +58,6 @@ class SyntaxTests(unittest.TestCase): self.schema_dn = ldb.get_schema_basedn().get_linearized() self._setup_dn_string_test() self._setup_dn_binary_test() - self.domain_sid = self._find_domain_sid() def _setup_dn_string_test(self): """Testing DN+String syntax""" @@ -279,7 +274,7 @@ name: """ + object_name + """ # add object with SID instead of DN object_name4 = "obj-DN-String4" + time.strftime("%s", time.gmtime()) ldif = self._get_object_ldif(object_name4, self.dn_string_class_name, self.dn_string_class_ldap_display_name, - self.dn_string_attribute, ": S:5:ABCDE:<SID=%s>" % self.domain_sid) + self.dn_string_attribute, ": S:5:ABCDE:<SID=%s>" % self.ldb.get_domain_sid()) try: self.ldb.add_ldif(ldif) except LdbError, (num, _): @@ -365,7 +360,7 @@ name: """ + object_name + """ # add object with SID instead of DN object_name4 = "obj-DN-Binary4" + time.strftime("%s", time.gmtime()) ldif = self._get_object_ldif(object_name4, self.dn_binary_class_name, self.dn_binary_class_ldap_display_name, - self.dn_binary_attribute, ": B:4:1234:<SID=%s>" % self.domain_sid) + self.dn_binary_attribute, ": B:4:1234:<SID=%s>" % self.ldb.get_domain_sid()) try: self.ldb.add_ldif(ldif) except LdbError, (num, _): diff --git a/source4/dsdb/tests/python/sam.py b/source4/dsdb/tests/python/sam.py index 836015b..9e50c62 100755 --- a/source4/dsdb/tests/python/sam.py +++ b/source4/dsdb/tests/python/sam.py @@ -66,15 +66,10 @@ creds = credopts.get_credentials(lp) class SamTests(unittest.TestCase): - def find_domain_sid(self): - res = self.ldb.search(base=self.base_dn, expression="(objectClass=*)", scope=SCOPE_BASE) - return ndr_unpack( security.dom_sid,res[0]["objectSid"][0]) - def setUp(self): super(SamTests, self).setUp() self.ldb = ldb self.base_dn = ldb.domain_dn() - self.domain_sid = self.find_domain_sid() print "baseDN: %s\n" % self.base_dn diff --git a/source4/dsdb/tests/python/sec_descriptor.py b/source4/dsdb/tests/python/sec_descriptor.py index 54e2444..17fed0e 100755 --- a/source4/dsdb/tests/python/sec_descriptor.py +++ b/source4/dsdb/tests/python/sec_descriptor.py @@ -60,10 +60,6 @@ creds.set_gensec_features(creds.get_gensec_features() | gensec.FEATURE_SEAL) class DescriptorTests(samba.tests.TestCase): - def find_domain_sid(self, ldb): - res = ldb.search(base=self.base_dn, expression="(objectClass=*)", scope=SCOPE_BASE) - return ndr_unpack( security.dom_sid,res[0]["objectSid"][0]) - def get_users_domain_dn(self, name): return "CN=%s,CN=Users,%s" % (name, self.base_dn) @@ -188,7 +184,7 @@ showInAdvancedViewOnly: TRUE self.base_dn = ldb.domain_dn() self.configuration_dn = self.ldb_admin.get_config_basedn().get_linearized() self.schema_dn = self.ldb_admin.get_schema_basedn().get_linearized() - self.domain_sid = self.find_domain_sid(self.ldb_admin) + self.domain_sid = security.dom_sid(self.ldb_admin.get_domain_sid()) print "baseDN: %s" % self.base_dn ################################################################################################ diff --git a/source4/librpc/idl/irpc.idl b/source4/librpc/idl/irpc.idl index 334c102..ed331c7 100644 --- a/source4/librpc/idl/irpc.idl +++ b/source4/librpc/idl/irpc.idl @@ -176,7 +176,7 @@ import "misc.idl", "security.idl", "nbt.idl", "netlogon.idl"; } drepl_role_master; WERROR drepl_takeFSMORole( - [in] uint32 role + [in] drepl_role_master role ); /* diff --git a/source4/torture/drs/python/fsmo.py b/source4/torture/drs/python/fsmo.py index 067ee2a..30120cc 100644 --- a/source4/torture/drs/python/fsmo.py +++ b/source4/torture/drs/python/fsmo.py @@ -101,7 +101,7 @@ class DrsFsmoTestCase(samba.tests.TestCase): cmd_line = "%s fsmo transfer --role=%s --host=ldap://%s:389 %s" % (net_cmd, role, DC, cmd_line_auth) ret = os.system(cmd_line) - self.assertEquals(ret, 0, "Transferring schema to %s has failed!" % (DC)) + self.assertEquals(ret, 0, "Transferring role %s to %s has failed!" % (role, DC)) pass def _wait_for_role_transfer(self, ldb_dc, role_dn, master): @@ -128,7 +128,7 @@ class DrsFsmoTestCase(samba.tests.TestCase): def _role_transfer(self, role, role_dn): """Triggers transfer of role from DC1 to DC2 and vice versa so the role goes back to the original dc""" - # dc2 gets the schema master role from dc1 + # dc2 gets the role from dc1 print "Testing for %s role transfer from %s to %s" % (role, self.dnsname_dc1, self.dnsname_dc2) self._net_fsmo_role_transfer(DC=self.dnsname_dc2, role=role) @@ -139,7 +139,7 @@ class DrsFsmoTestCase(samba.tests.TestCase): self.assertTrue(res, "Transferring %s role to %s has failed, master is: %s!"%(role, self.dsServiceName_dc2, master)) - # dc1 gets back the schema master role from dc2 + # dc1 gets back the role from dc2 print "Testing for %s role transfer from %s to %s" % (role, self.dnsname_dc2, self.dnsname_dc1) self._net_fsmo_role_transfer(DC=self.dnsname_dc1, role=role) # check if the role is transfered -- Samba Shared Repository