summaryrefslogtreecommitdiffstats
path: root/source4/scripting
Commit message (Collapse)AuthorAgeFilesLines
...
* scripting: Rework samba.upgradehelpers.get_diff_sddls to be get_diff_sdsAndrew Bartlett2013-03-041-11/+10
| | | | | | | | | This moves the SDDL conversion inside the get_diff_sds function and prepares for removing inherited ACEs from the SD before comparison. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_upgradeprovision: Remove auto-detection of pre-alpha9 databasesAndrew Bartlett2013-03-041-5/+6
| | | | | | | | | These are incredibly rare, and administrators running such databases not only ask the Samba Team for help personally, they can read --help. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Remove incomplete check for IPv6 link-local addresses.Landon Fuller2013-03-021-3/+1
| | | | | | | | | | | | | This has been superceded by a check for link-local addresses in get_interfaces() Signed-Off-By: Landon Fuller <landonf@bikemonkey.org> Reviewed-By: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 2 08:38:54 CET 2013 on sn-devel-104
* Move python modules from source4/scripting/python/ to python/.Jelmer Vernooij2013-03-02114-31384/+1
| | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 2 03:57:34 CET 2013 on sn-devel-104
* build: Rename samba_python waf node to avoid duplicate nameAndrew Bartlett2013-03-021-1/+1
| | | | | | This makes it clearer when debuging build issues. Andrew Bartlett
* ntdb: switch between secrets.tdb and secrets.ntdb depending on 'use ntdb'Rusty Russell2013-02-203-5/+8
| | | | | | | | | | | Since we open with dbwrap, it auto-converts old tdbs (which it will rename to secrets.tdb.bak once it's done). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Wed Feb 20 07:09:19 CET 2013 on sn-devel-104
* samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2Andrew Bartlett2013-02-191-13/+17
| | | | | | | | | | | | | | | This is really important, because copying a file will both ignore locks held by another process and break any locks we hold (due to POSIX brain-damage regarding multiple fds on one file in a process). By leaving this to tdbbackup in a child, both of these issues are avoided. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Feb 19 07:48:18 CET 2013 on sn-devel-104
* samba_upgradeprovision: Do not update privileges.ldb any more (unchanged ↵Andrew Bartlett2013-02-191-16/+4
| | | | | | | | | | | | since 2009) This update was only a total oblitoration of the existing database and not a merge, and the shutil.copy would both disregard and break locks on the database that are held at this point. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org>
* scripting: Make tdb_copy a common util function in samba.tdb_utilAndrew Bartlett2013-02-193-20/+43
| | | | | | | | This will allow samba_upgradeprovision to also call it. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org>
* scripting: Make tdb_copy use the python subprocess moduleAndrew Bartlett2013-02-191-7/+9
| | | | | | | | This makes the code more robust to spaces in the file names (etc). Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org>
* samba_upgradeprovision: Remove options to fix FS ACLsAndrew Bartlett2013-02-192-271/+205
| | | | | | | | | | | | samba-tool ntacl sysvolreset handles this better, and makes this tool much less confusing internally. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Feb 19 06:06:41 CET 2013 on sn-devel-104
* samba-tool/domain provision: add support for utf-8 passwords for --adminpassStefan Metzmacher2013-02-041-0/+1
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Feb 4 18:54:32 CET 2013 on sn-devel-104
* samba-tool/user setpassword: fix help messageStefan Metzmacher2013-02-041-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:scripting/python: add support for utf-8 passwords from the command lineStefan Metzmacher2013-02-041-1/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* selftest: add a test that demonstrates how new ACL blob code helpsChristian Ambach2013-02-041-0/+17
| | | | | | | | this test shows that a change to POSIX ACL->SD mapping behavior does not invalidate the stored SD Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: detect dns_backend for the reference provisionStefan Metzmacher2013-01-272-10/+11
| | | | | | | | | | | | | If we have a DomainDnsZone partition, we use BIND9_DLZ as backend and fix errors in the ForestDnsZone and DomainDnsZone partitions. Note: this should work fine also for SAMBA_INTERNAL. If the current setup doesn't use dns specific partitions (e.g. alpha13 setups) we pass dns_backend=BIND9_FLATFILE. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: setup names.dns_backendStefan Metzmacher2013-01-271-0/+26
| | | | | | | | | | | | | If we have a DomainDnsZone partition: - we use BIND9_DLZ as backend if a dns-<netbiosname> account is available - otherwise, we use SAMBA_INTERNAL else: - we use BIND9_FLATFILE if a dns or dns-<netbiosname> account is available - otherwise, we use NONE Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: fix the nTSecurityDescriptor on more containers (bug ↵Stefan Metzmacher2013-01-271-36/+92
| | | | | | | #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: fix nTSecurityDescriptor of containers in the DnsZones (bug #9481)Stefan Metzmacher2013-01-271-11/+19
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: fix nTSecurityDescriptor attributes of CN=*,${CONFIGDN} (bug #9481)Stefan Metzmacher2013-01-271-0/+21
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: fix nTSecurityDescriptor of CN={LostAndFound,System},${DOMAINDN} ↵Stefan Metzmacher2013-01-271-0/+4
| | | | | | | (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: setup names.name_map['DnsAdmins']Stefan Metzmacher2013-01-271-0/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: introduce names.name_map = {}Stefan Metzmacher2013-01-271-0/+1
| | | | | | | | This will be used to translated names in SDDL values, which are not wellknown, e.g. 'DnsAdmins'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add get_dns_{forest,domain}_microsoft_dns_descriptor()Stefan Metzmacher2013-01-272-0/+16
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add get_config_ntds_quotas_descriptor()Stefan Metzmacher2013-01-272-0/+8
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add get_{config,domain}_delete_protected*_descriptor()Stefan Metzmacher2013-01-272-0/+40
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* schema.py: add optional name_map={} to get_schema_descriptor()Stefan Metzmacher2013-01-271-1/+1
| | | | | | | | This is not used, but makes the prototype compatible with the other get_*_descriptor() functions. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add optional name_map={} argument to get_*_descriptor()Stefan Metzmacher2013-01-271-32/+30
| | | | | | | | This will allow subsitute non-wellkown names in the SDDL, e.g. 'DnsAdmins'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: import/export get_dns_partition_descriptor()Stefan Metzmacher2013-01-271-1/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: setup names.dns{forest,domain}dnStefan Metzmacher2013-01-271-1/+22
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: fix resetting of 'nTSecurityDescriptor' on schema ↵Stefan Metzmacher2013-01-271-1/+1
| | | | | | | | | | objects Without this schema_data_modify() will reject updates to schema objects by default. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: don't reset 'whenCreated' when resetting ↵Stefan Metzmacher2013-01-271-2/+0
| | | | | | | 'nTSecurityDescriptor' Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbckecker: fix nTSecurityDescriptor values from before 4.0.0rc6 (bug #9481)Stefan Metzmacher2013-01-271-2/+181
| | | | | | | | | They inherited effective ACE for the wrong object classes. For SACL ACEs the problem was also present in 4.0.0. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* devel-script: add options for RODC and partial replica for replicate flagsMatthieu Patou2013-01-221-1/+21
| | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Jan 22 00:12:17 CET 2013 on sn-devel-104
* devel-scripts: ask with WRIT_REP by defaultMatthieu Patou2013-01-211-0/+1
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* devel-getncchange: try to find the dest_dsa automaticallyMatthieu Patou2013-01-211-3/+19
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbcheck: look in hasMasterNCs as well for determining the instance type of a NCMatthieu Patou2013-01-211-2/+10
| | | | | | Forest of level 2000 don't hve the msDS-hasMasterNCs parameter Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually ↵Andrew Bartlett2013-01-101-21/+22
| | | | | | | | | | | | | | them This allows the script to be used to create/remove the samba-specific dns-SERVER account when we do not need to create the in-directory partition. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
* samba-tool classicupgrade: Do not print the admin password during upgradeAndrew Bartlett2013-01-101-1/+10
| | | | | | | | | | | | This changes the code to only set and show a new password if no admin user is found during the upgrade. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 10 16:55:23 CET 2013 on sn-devel-104
* s4-dbcheck: Allow forcing an override of an old @MODULES recordAndrew Bartlett2013-01-102-4/+29
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_dnsupdate: set KRB5_CONFIG for nsupdate commandBjörn Baumbach2013-01-091-4/+5
| | | | | | | | | Let nslookup use krb5.conf, which is set in our KRB5_CONFIG. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool Add --service argument to samba-tool ntacl get/setAndrew Bartlett2013-01-081-6/+10
| | | | | | | | | | | This also ensures a VFS connect is done to the correct service. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 8 03:39:21 CET 2013 on sn-devel-104
* pysmbd: Change to keyword based argumentsAndrew Bartlett2013-01-071-4/+4
| | | | Reviewed-by: Jeremy Allison <jra@samba.org>
* scripting-provision: Set sysvol ACLs on the sysvol shareAndrew Bartlett2013-01-071-14/+23
| | | | | | | | | | This allows us to correctly load any modules that have been specified by the smb.conf for [sysvol] and issue a VFS connect operation which may be required by some VFS modules. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
* scripting-ntacls: Optionally allow the service to be specified.Andrew Bartlett2013-01-071-6/+6
| | | | | | | | | | Providing a service allows a VFS connect to be issued on the correct service, and so ensures that the correct modules are loaded rather than just what is specified in [globals]. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:scripting/python: always treat the highwatermark as opaque (bug #9508)Stefan Metzmacher2013-01-013-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Domain ↵Stefan Metzmacher2012-12-112-0/+15
| | | | | | | | | | Controllers,... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Dec 11 07:05:39 CET 2012 on sn-devel-104
* s4:provision: set the correct nTSecurityDescriptor on CN=Users,... (bug #9481)Stefan Metzmacher2012-12-112-1/+18
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Computers,... (bug ↵Stefan Metzmacher2012-12-112-1/+19
| | | | | | | #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Builtin,... (bug #9481)Stefan Metzmacher2012-12-112-0/+60
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
generated by cgit (git 2.34.1) at 2025-06-14 10:50:09 +0000