From 14c5f968e1f99ceabc5a42d9a38a00ea137b00ea Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 7 Mar 2008 10:57:52 +1100 Subject: Rework provision scripts for more testing This fixes up some issues with testdir (was not honoured) and increases test coverage. We now check all the major provision modes. In doing so, to make it possible to call from the multiple layers of 'sh', I have allowed 'dc' to alias 'domain controller' and 'member' to alias 'member server'. Fighting shell quoting in the test system was just too hard... Also fix upgrade.py Andrew Bartlett (This used to be commit 0923de12282b0e063dd73bc3e056dd5c3663c190) --- source4/param/loadparm.c | 2 ++ source4/scripting/python/samba/provision.py | 29 ++++++++++++++++------------- source4/scripting/python/samba/upgrade.py | 5 +---- source4/setup/provision | 20 ++++++++++++-------- source4/setup/provision.smb.conf.dc | 4 ++-- source4/setup/provision.smb.conf.member | 4 ++-- source4/setup/provision.smb.conf.standalone | 4 ++-- source4/setup/tests/blackbox_provision.sh | 5 ++++- 8 files changed, 41 insertions(+), 32 deletions(-) diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c index 65ce7595fc..a1d29b0771 100644 --- a/source4/param/loadparm.c +++ b/source4/param/loadparm.c @@ -316,7 +316,9 @@ static const struct enum_list enum_smb_signing_vals[] = { static const struct enum_list enum_server_role[] = { {ROLE_STANDALONE, "standalone"}, {ROLE_DOMAIN_MEMBER, "member server"}, + {ROLE_DOMAIN_MEMBER, "member"}, {ROLE_DOMAIN_CONTROLLER, "domain controller"}, + {ROLE_DOMAIN_CONTROLLER, "dc"}, {-1, NULL} }; diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 37c4c5b082..25c1a995ef 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -572,9 +572,7 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, :note: This will wipe the main SAM database file! """ - assert serverrole in ("domain controller", "member server") - - erase = (fill != FILL_DRS) + erase = (fill != FILL_DRS) # Also wipes the database setup_samdb_partitions(path, setup_path, schemadn=schemadn, configdn=configdn, @@ -796,17 +794,22 @@ def provision(setup_dir, message, session_info, if not os.path.exists(os.path.join(targetdir, "etc")): os.mkdir(os.path.join(targetdir, "etc")) - if smbconf is None: - smbconf = os.path.join(targetdir, os.path.join("etc", "smb.conf")) + smbconf = os.path.join(targetdir, os.path.join("etc", "smb.conf")) # only install a new smb.conf if there isn't one there already + if not os.path.exists(smbconf): message("Setting up smb.conf") - assert serverrole is not None + if serverrole is None: + serverrole = "standalone" + + assert serverrole in ("domain controller", "member server", "standalone") if serverrole == "domain controller": smbconfsuffix = "dc" elif serverrole == "member server": smbconfsuffix = "member" + elif serverrole == "standalone": + smbconfsuffix = "standalone" assert domain is not None assert realm is not None @@ -827,8 +830,8 @@ def provision(setup_dir, message, session_info, setup_file(setup_path("provision.smb.conf.%s" % smbconfsuffix), smbconf, { "HOSTNAME": hostname, - "DOMAIN_CONF": domain, - "REALM_CONF": realm, + "DOMAIN": domain, + "REALM": realm, "SERVERROLE": serverrole, "NETLOGONPATH": netlogon, "SYSVOLPATH": sysvol, @@ -841,7 +844,7 @@ def provision(setup_dir, message, session_info, if serverrole is None: serverrole = lp.get("server role") - assert serverrole in ("domain controller", "member server") + assert serverrole in ("domain controller", "member server", "standalone") if invocationid is None and serverrole == "domain controller": invocationid = uuid.random() @@ -851,6 +854,10 @@ def provision(setup_dir, message, session_info, assert realm is not None realm = realm.upper() + if lp.get("realm").upper() != realm.upper(): + raise Exception("realm '%s' in %s must match chosen realm '%s'" % + (lp.get("realm"), smbconf, realm)) + dnsdomain = realm.lower() paths = provision_paths_from_lp(lp, dnsdomain) @@ -896,10 +903,6 @@ def provision(setup_dir, message, session_info, message("Provisioning for %s in realm %s" % (domain, realm)) message("Using administrator password: %s" % adminpass) - if lp.get("realm").upper() != realm.upper(): - raise Exception("realm '%s' in smb.conf must match chosen realm '%s'" % - (lp.get("realm"), realm)) - # only install a new shares config db if there is none if not os.path.exists(paths.shareconf): message("Setting up share.ldb") diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py index 01b62ff984..c5086846d8 100644 --- a/source4/scripting/python/samba/upgrade.py +++ b/source4/scripting/python/samba/upgrade.py @@ -218,11 +218,9 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, lp, else: serverrole = "member server" - lp.set("server role", serverrole) domainname = oldconf.get("workgroup") if domainname: domainname = str(domainname) - lp.set("workgroup", domainname) realm = oldconf.get("realm") netbiosname = oldconf.get("netbios name") @@ -235,7 +233,6 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, lp, if realm is None: realm = domainname.lower() message("No realm specified in smb.conf file, assuming '%s'\n" % realm) - lp.set("realm", realm) domainguid = secrets_db.get_domain_guid(domainname) domainsid = secrets_db.get_sid(domainname) @@ -247,7 +244,7 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, lp, else: machinepass = None - domaindn = provision(lp=lp, setup_dir=setup_dir, message=message, + domaindn = provision(setup_dir=setup_dir, message=message, samdb_fill=FILL_DRS, paths=paths, session_info=session_info, credentials=credentials, realm=realm, domain=domainname, domainsid=domainsid, domainguid=domainguid, diff --git a/source4/setup/provision b/source4/setup/provision index 606443a6ed..629bfa10e0 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -88,7 +88,7 @@ parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TY parser.add_option("--aci", type="string", metavar="ACI", help="An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server. You must provide at least a realm and domain") parser.add_option("--server-role", type="choice", metavar="ROLE", - choices=["domain controller", "member server"], + choices=["domain controller", "dc", "member server", "member", "standalone"], help="Set server role to provision for (default standalone)") parser.add_option("--partitions-only", help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true") @@ -110,14 +110,18 @@ if opts.realm is None or opts.domain is None: parser.print_usage() sys.exit(1) -# cope with an initially blank smb.conf - -if sambaopts.get_loadparm_path() is not None: - smbconf = sambaopts.get_loadparm_path() +smbconf = sambaopts.get_loadparm_path() if opts.aci is not None: print "set ACI: %s" % opts.aci +if opts.server_role == "dc": + server_role = "domain controller" +elif opts.server_role == "member": + server_role = "member server" +else: + server_role = opts.server_role + creds = credopts.get_credentials() setup_dir = opts.setupdir @@ -131,8 +135,8 @@ elif opts.partitions_only: samdb_fill = FILL_DRS provision(setup_dir, message, - system_session(), creds, smbconf=smbconf, - samdb_fill=samdb_fill, realm=opts.realm, + system_session(), creds, smbconf=smbconf, targetdir=opts.targetdir, + samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain, domainguid=opts.domain_guid, domainsid=opts.domain_sid, policyguid=opts.policy_guid, hostname=opts.host_name, hostip=opts.host_ip, hostguid=opts.host_guid, @@ -140,7 +144,7 @@ provision(setup_dir, message, krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass, dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody, nogroup=opts.nogroup, wheel=opts.wheel, users=opts.users, - aci=opts.aci, serverrole=opts.server_role, + aci=opts.aci, serverrole=server_role, ldap_backend=opts.ldap_backend, ldap_backend_type=opts.ldap_backend_type) diff --git a/source4/setup/provision.smb.conf.dc b/source4/setup/provision.smb.conf.dc index e77e699028..ad06be4301 100644 --- a/source4/setup/provision.smb.conf.dc +++ b/source4/setup/provision.smb.conf.dc @@ -1,7 +1,7 @@ [globals] netbios name = ${HOSTNAME} - workgroup = ${DOMAIN_CONF} - realm = ${REALM_CONF} + workgroup = ${DOMAIN} + realm = ${REALM} server role = ${SERVERROLE} ${PRIVATEDIR_LINE} ${LOCKDIR_LINE} diff --git a/source4/setup/provision.smb.conf.member b/source4/setup/provision.smb.conf.member index 1d9191d8c2..0d742fb903 100644 --- a/source4/setup/provision.smb.conf.member +++ b/source4/setup/provision.smb.conf.member @@ -1,7 +1,7 @@ [globals] netbios name = ${HOSTNAME} - workgroup = ${DOMAIN_CONF} - realm = ${REALM_CONF} + workgroup = ${DOMAIN} + realm = ${REALM} server role = ${SERVERROLE} ${PRIVATEDIR_LINE} ${LOCKDIR_LINE} diff --git a/source4/setup/provision.smb.conf.standalone b/source4/setup/provision.smb.conf.standalone index 1d9191d8c2..0d742fb903 100644 --- a/source4/setup/provision.smb.conf.standalone +++ b/source4/setup/provision.smb.conf.standalone @@ -1,7 +1,7 @@ [globals] netbios name = ${HOSTNAME} - workgroup = ${DOMAIN_CONF} - realm = ${REALM_CONF} + workgroup = ${DOMAIN} + realm = ${REALM} server role = ${SERVERROLE} ${PRIVATEDIR_LINE} ${LOCKDIR_LINE} diff --git a/source4/setup/tests/blackbox_provision.sh b/source4/setup/tests/blackbox_provision.sh index 0aed7bb8b7..83c045e40d 100755 --- a/source4/setup/tests/blackbox_provision.sh +++ b/source4/setup/tests/blackbox_provision.sh @@ -27,7 +27,10 @@ testit() { return $status } -testit "simple" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple +testit "simple-default" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-default +testit "simple-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-dc +testit "simple-member" $PYTHON ./setup/provision $CONFIGURATION --server-role="member" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-member +testit "simple-standalone" $PYTHON ./setup/provision $CONFIGURATION --server-role="standalone" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-standalone reprovision() { $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision" -- cgit