Author: metze Date: 2007-01-15 14:17:26 +0000 (Mon, 15 Jan 2007) New Revision: 20806
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20806 Log: make it possible to configure the secrets.ldb url via "secrets database = my_secrets.ldb" metze Modified: branches/SAMBA_4_0/source/param/loadparm.c branches/SAMBA_4_0/source/param/secrets.c branches/SAMBA_4_0/source/scripting/libjs/provision.js branches/SAMBA_4_0/source/torture/libnet/libnet_BecomeDC.c Changeset: Modified: branches/SAMBA_4_0/source/param/loadparm.c =================================================================== --- branches/SAMBA_4_0/source/param/loadparm.c 2007-01-15 13:54:21 UTC (rev 20805) +++ branches/SAMBA_4_0/source/param/loadparm.c 2007-01-15 14:17:26 UTC (rev 20806) @@ -107,6 +107,7 @@ char *szConfigFile; char *szShareBackend; char *szSAM_URL; + char *szSECRETS_URL; char *szSPOOLSS_URL; char *szWINS_CONFIG_URL; char *szWINS_URL; @@ -403,6 +404,7 @@ {"obey pam restrictions", P_BOOL, P_GLOBAL, &Globals.bObeyPamRestrictions, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"password server", P_LIST, P_GLOBAL, &Globals.szPasswordServers, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD | FLAG_DEVELOPER}, {"sam database", P_STRING, P_GLOBAL, &Globals.szSAM_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, + {"secrets database", P_STRING, P_GLOBAL, &Globals.szSECRETS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"spoolss database", P_STRING, P_GLOBAL, &Globals.szSPOOLSS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"wins config database", P_STRING, P_GLOBAL, &Globals.szWINS_CONFIG_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"wins database", P_STRING, P_GLOBAL, &Globals.szWINS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -610,6 +612,7 @@ do_parameter("auth methods", "anonymous sam_ignoredomain", NULL); do_parameter("private dir", dyn_PRIVATE_DIR, NULL); do_parameter("sam database", "sam.ldb", NULL); + do_parameter("secrets database", "secrets.ldb", NULL); do_parameter("spoolss database", "spoolss.ldb", NULL); do_parameter("wins config database", "wins_config.ldb", NULL); do_parameter("wins database", "wins.ldb", NULL); @@ -833,6 +836,7 @@ _PUBLIC_ FN_GLOBAL_STRING(lp_configfile, &Globals.szConfigFile) _PUBLIC_ FN_GLOBAL_STRING(lp_share_backend, &Globals.szShareBackend) _PUBLIC_ FN_GLOBAL_STRING(lp_sam_url, &Globals.szSAM_URL) +_PUBLIC_ FN_GLOBAL_STRING(lp_secrets_url, &Globals.szSECRETS_URL) _PUBLIC_ FN_GLOBAL_STRING(lp_spoolss_url, &Globals.szSPOOLSS_URL) _PUBLIC_ FN_GLOBAL_STRING(lp_wins_config_url, &Globals.szWINS_CONFIG_URL) _PUBLIC_ FN_GLOBAL_STRING(lp_wins_url, &Globals.szWINS_URL) Modified: branches/SAMBA_4_0/source/param/secrets.c =================================================================== --- branches/SAMBA_4_0/source/param/secrets.c 2007-01-15 13:54:21 UTC (rev 20805) +++ branches/SAMBA_4_0/source/param/secrets.c 2007-01-15 14:17:26 UTC (rev 20806) @@ -96,6 +96,7 @@ struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx) { char *path; + const char *url; struct ldb_context *ldb; BOOL existed; const char *init_ldif = @@ -103,11 +104,16 @@ "computerName: CASE_INSENSITIVE\n" \ "flatname: CASE_INSENSITIVE\n"; - path = private_path(mem_ctx, "secrets.ldb"); + url = lp_secrets_url(); + if (!url || !url[0]) { + return NULL; + } + + path = private_path(mem_ctx, url); if (!path) { return NULL; } - + existed = file_exist(path); /* Secrets.ldb *must* always be local. If we call for a Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js =================================================================== --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-01-15 13:54:21 UTC (rev 20805) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-01-15 14:17:26 UTC (rev 20806) @@ -381,7 +381,7 @@ paths.hkpd = "hkpd.ldb"; paths.hkpt = "hkpt.ldb"; paths.samdb = lp.get("sam database"); - paths.secrets = "secrets.ldb"; + paths.secrets = lp.get("secrets database"); paths.keytab = "secrets.keytab"; paths.dns = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".zone"; paths.winsdb = "wins.ldb"; @@ -484,6 +484,20 @@ ok = samdb.transaction_commit(); assert(ok); + message("Setting up " + paths.secrets + "\n"); + setup_ldb("secrets.ldif", info, paths.secrets); + + tmp = lp.get("secrets database"); + ok = lp.set("secrets database", paths.secrets); + assert(ok); + + message("Setting up keytabs\n"); + var keytab_ok = credentials_update_all_keytabs(); + assert(keytab_ok); + + ok = lp.set("secrets database", tmp); + assert(ok); + return true; } @@ -529,11 +543,14 @@ message("Setting up share.ldb\n"); setup_ldb("share.ldif", info, paths.shareconf); } + message("Setting up secrets.ldb\n"); setup_ldb("secrets.ldif", info, paths.secrets); + message("Setting up keytabs\n"); var keytab_ok = credentials_update_all_keytabs(); assert(keytab_ok); + message("Setting up hklm.ldb\n"); setup_ldb("hklm.ldif", info, paths.hklm); Modified: branches/SAMBA_4_0/source/torture/libnet/libnet_BecomeDC.c =================================================================== --- branches/SAMBA_4_0/source/torture/libnet/libnet_BecomeDC.c 2007-01-15 13:54:21 UTC (rev 20805) +++ branches/SAMBA_4_0/source/torture/libnet/libnet_BecomeDC.c 2007-01-15 14:17:26 UTC (rev 20806) @@ -96,6 +96,8 @@ #define TORTURE_NETBIOS_NAME "smbtorturedc" #define TORTURE_SAMDB_LDB "test_samdb.ldb" +#define TORTURE_SECRETS_LDB "test_secrets.ldb" +#define TORTURE_SECRETS_KEYTAB "test_secrets.keytab" struct test_become_dc_state { struct libnet_context *ctx; @@ -198,6 +200,8 @@ "\n" "var paths = provision_default_paths(subobj);\n" "paths.samdb = \"%s\";\n" + "paths.secrets = \"%s\";\n" + "paths.keytab = \"%s\";\n" "\n" "var system_session = system_session();\n" "\n" @@ -205,14 +209,16 @@ "assert(ok);\n" "\n" "return 0;\n", - p->forest->root_dn_str, - p->domain->dn_str, - p->forest->config_dn_str, - p->forest->schema_dn_str, - p->dest_dsa->netbios_name, - p->dest_dsa->dns_name, - p->dest_dsa->site_name, - TORTURE_SAMDB_LDB); + p->forest->root_dn_str, /* subobj.ROOTDN */ + p->domain->dn_str, /* subobj.DOMAINDN */ + p->forest->config_dn_str, /* subobj.CONFIGDN */ + p->forest->schema_dn_str, /* subobj.SCHEMADN */ + p->dest_dsa->netbios_name, /* subobj.HOSTNAME */ + p->dest_dsa->dns_name, /* subobj.DNSNAME */ + p->dest_dsa->site_name, /* subobj.DEFAULTSITE */ + TORTURE_SAMDB_LDB, /* paths.samdb */ + TORTURE_SECRETS_LDB, /* paths.secrets */ + TORTURE_SECRETS_KEYTAB); /* paths.keytab */ NT_STATUS_HAVE_NO_MEMORY(ejs); ret = test_run_ejs(ejs);