summaryrefslogtreecommitdiffstats
path: root/source4/scripting
Commit message (Collapse)AuthorAgeFilesLines
...
* devel-script: add options for RODC and partial replica for replicate flagsMatthieu Patou2013-01-221-1/+21
| | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Jan 22 00:12:17 CET 2013 on sn-devel-104
* devel-scripts: ask with WRIT_REP by defaultMatthieu Patou2013-01-211-0/+1
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* devel-getncchange: try to find the dest_dsa automaticallyMatthieu Patou2013-01-211-3/+19
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbcheck: look in hasMasterNCs as well for determining the instance type of a NCMatthieu Patou2013-01-211-2/+10
| | | | | | Forest of level 2000 don't hve the msDS-hasMasterNCs parameter Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually ↵Andrew Bartlett2013-01-101-21/+22
| | | | | | | | | | | | | | them This allows the script to be used to create/remove the samba-specific dns-SERVER account when we do not need to create the in-directory partition. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
* samba-tool classicupgrade: Do not print the admin password during upgradeAndrew Bartlett2013-01-101-1/+10
| | | | | | | | | | | | This changes the code to only set and show a new password if no admin user is found during the upgrade. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 10 16:55:23 CET 2013 on sn-devel-104
* s4-dbcheck: Allow forcing an override of an old @MODULES recordAndrew Bartlett2013-01-102-4/+29
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_dnsupdate: set KRB5_CONFIG for nsupdate commandBjörn Baumbach2013-01-091-4/+5
| | | | | | | | | Let nslookup use krb5.conf, which is set in our KRB5_CONFIG. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool Add --service argument to samba-tool ntacl get/setAndrew Bartlett2013-01-081-6/+10
| | | | | | | | | | | This also ensures a VFS connect is done to the correct service. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 8 03:39:21 CET 2013 on sn-devel-104
* pysmbd: Change to keyword based argumentsAndrew Bartlett2013-01-071-4/+4
| | | | Reviewed-by: Jeremy Allison <jra@samba.org>
* scripting-provision: Set sysvol ACLs on the sysvol shareAndrew Bartlett2013-01-071-14/+23
| | | | | | | | | | This allows us to correctly load any modules that have been specified by the smb.conf for [sysvol] and issue a VFS connect operation which may be required by some VFS modules. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
* scripting-ntacls: Optionally allow the service to be specified.Andrew Bartlett2013-01-071-6/+6
| | | | | | | | | | Providing a service allows a VFS connect to be issued on the correct service, and so ensures that the correct modules are loaded rather than just what is specified in [globals]. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:scripting/python: always treat the highwatermark as opaque (bug #9508)Stefan Metzmacher2013-01-013-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Domain ↵Stefan Metzmacher2012-12-112-0/+15
| | | | | | | | | | Controllers,... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Dec 11 07:05:39 CET 2012 on sn-devel-104
* s4:provision: set the correct nTSecurityDescriptor on CN=Users,... (bug #9481)Stefan Metzmacher2012-12-112-1/+18
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Computers,... (bug ↵Stefan Metzmacher2012-12-112-1/+19
| | | | | | | #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Builtin,... (bug #9481)Stefan Metzmacher2012-12-112-0/+60
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on CN=Infrastructure,... ↵Stefan Metzmacher2012-12-112-2/+14
| | | | | | | (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on ↵Stefan Metzmacher2012-12-112-0/+18
| | | | | | | CN=Sites,CN=Configuration... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: set the correct nTSecurityDescriptor on ↵Stefan Metzmacher2012-12-112-0/+20
| | | | | | | CN=Partitions,CN=Configuration... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* samba-tool processes: Make the output a bit neaterRicky Nance2012-12-081-5/+5
| | | | | | | Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Sat Dec 8 03:34:29 CET 2012 on sn-devel-104
* scripting: Handle missing LDAP entries in samba-tool domain classicupgradeAndrew Bartlett2012-12-061-0/+6
| | | | Reported-by: Thomas Simmons <twsnnva@gmail.com>
* s4:python/ntacl: add 'as_sddl' option to dsacl2fsacl()Stefan Metzmacher2012-12-031-1/+4
| | | | | | | | This allows the caller to ask for a security.descriptor instead of sddl by passing 'as_sddl=False'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:python/ntacl: allow string or objects for sd/sid in setntacl()Stefan Metzmacher2012-12-031-3/+14
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:samba-tool/gpo: fix the operation order when creating gposStefan Metzmacher2012-12-031-13/+20
| | | | | | | | | | | | | | We should do it like the windows GUI. 1. create the LDAP objects 2. query the security_descriptor of the groupPolicyContainer 3. create the gPCFileSysPath via smb 4. set the security_descriptor of gPCFileSysPath 5. copy the files and directories into gPCFileSysPath 6. modify the groupPolicyContainer and link gPCFileSysPath Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:samba-tool/gpo: use 'gPCFileSysPath' when deleting gposStefan Metzmacher2012-12-031-4/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:samba-tool/gpo: use the dns_domain from the server when creating gposStefan Metzmacher2012-12-031-2/+14
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:samba_upgradeprovision: use the sd_flags:1:15 control with an empty sdStefan Metzmacher2012-11-301-7/+14
| | | | | | | | The sd_flags:1:15 control together with an empty security_descriptor has the same effect as the recalculate_sd:0 control (which is samba only). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:provision: add get_empty_descriptor()Stefan Metzmacher2012-11-302-0/+6
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:tests/samba_tool/gpo.py: fix accidential line breakMichael Adam2012-11-301-2/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:tests/samba_tool/gpo.py: add test_show_as_admin()Stefan Metzmacher2012-11-301-0/+5
| | | | | | | | This calls samba-tool gpo show as admin (which should be able to see the full nTSecurityDescriptor. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: let get_gpo_info explicitly ask for the full ↵Stefan Metzmacher2012-11-301-2/+4
| | | | | | | ntSecurityDescriptor Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: only ask for OWNER/GROUP/DACL when validating the ↵Stefan Metzmacher2012-11-301-5/+6
| | | | | | | nTSecurityDescriptor Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: the nTSecurityDescriptor may not be visible for the ↵Stefan Metzmacher2012-11-301-3/+7
| | | | | | | current user Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: s/ntSecurityDescriptor/nTSecurityDescriptorStefan Metzmacher2012-11-301-5/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* web_server: Load SWAT if it is available.Jelmer Vernooij2012-11-231-3/+31
| | | | | | | Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Fri Nov 23 01:39:38 CET 2012 on sn-devel-104
* s4/web_server: Fix typo in URL.Jelmer Vernooij2012-11-221-1/+1
| | | | | Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Thu Nov 22 01:37:02 CET 2012 on sn-devel-104
* samba-tool dns: Don't use "localhost" to connect to local hostKai Blin2012-11-161-0/+2
| | | | | | | | | | | | | | Calling "samba-tool dns <cmd> localhost" provokes a stacktrace. This just makes 'samba-tool dns <cmd> localhost' work and doesn't fix the underlying issue, but I don't see it causing any harm (unless you don't have an ipv4 localhost, I guess). Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Nov 16 13:18:14 CET 2012 on sn-devel-104
* s4:samba-tool: Fix samba-tool fsmo --role=schemaArvid Requate2012-11-161-1/+1
| | | | | | | | | | | | | | | | | Fix traceback: samba-tool fsmo --role=schema --force ERROR(<type 'exceptions.TypeError'>): uncaught exception - argument 2 must be string, not ldb.Dn File "/usr/lib/python2.6/dist-packages/samba/netcmd/__init__.py", line 168, in _run return self.run(*args, **kwargs) File "/usr/lib/python2.6/dist-packages/samba/netcmd/fsmo.py", line 160, in run self.seize_role(role, samdb, force) File "/usr/lib/python2.6/dist-packages/samba/netcmd/fsmo.py", line 119, in seize_role m.dn = ldb.Dn(samdb, self.schema_dn) Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 16 00:40:24 CET 2012 on sn-devel-104
* samba-tool: Add new samba-tool gpo aclcheck and testAndrew Bartlett2012-11-162-0/+73
| | | | Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* scripting ntacls: Do not place a SACL in the GPO filesystem ACLAndrew Bartlett2012-11-141-1/+0
| | | | | | | | | | | On a new GPO created on windows, the SACL is not used. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Nov 14 00:34:50 CET 2012 on sn-devel-104
* smbd: Remove NT4 compatability handling in posix -> NT ACL conversionAndrew Bartlett2012-11-131-6/+6
| | | | | | | | | | | | | | | | | NT4 is long dead, and we should not change which ACL we return based on what we think the client is. The reason we should not do this, is that if we are using vfs_acl_xattr then the hash will break if we do. Additionally, it would require that the python VFS interface set the global remote_arch to fake up being a modern client. This instead seems cleaner and removes untested code (the tests are updated to then handle the results of the modern codepath). The supporting 'acl compatability' parameter is also removed. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
* s4:samba-tool/testparm: report a CommandError if loading of the config file ↵Stefan Metzmacher2012-11-131-1/+4
| | | | | | | | fails Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Add --tmpdir to 'samba-tool gpo create' testAndrew Bartlett2012-11-132-3/+9
| | | | | | | | | | | | | | | | This was the cause of the flakey test, and was only noticed when multiple different users ran autobuild at the same time on the same server. We use shutil.rmtree to wipe the directory before the tests finishes as required by the TestCaseInTempDir class. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Nov 13 10:50:56 CET 2012 on sn-devel-104
* selftest: Avoid returning errors (rather than failures) in gpo testAndrew Bartlett2012-11-131-2/+4
| | | | | | | | This should help find the real cause of the flakey test, if it ever returns. Andrew Bartlett Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* selftest: Avoid test cross-contamination in samba.tests.posixaclAndrew Bartlett2012-11-121-81/+59
| | | | | | | | | | | This creates a new xattr.tdb per unit test, which avoids once and for all the issue of dev/inode reuse. For test_setposixacl_dir_getntacl_smbd the file ownership also set specifically. Andrew Bartlett Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* selftest: Add tests for expected behaviour on directories as well as filesAndrew Bartlett2012-11-111-0/+197
| | | | | | | | | | | | | | | | | This is important because it covers the codepath which had the talloc error fixed by commit 60cf4cb5a630506747431ecbf00d890509baf2f3 (vfs_acl_common: In add_directory_inheritable_components allocate on psd as parent) Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Nov 11 15:48:10 CET 2012 on sn-devel-104
* pysmbd: Add SMB_ACL_EXECUTE to the mask set by make_simple_acl()Andrew Bartlett2012-11-121-2/+2
| | | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Make samba.tests.ntacl also use TestCaseInTempDirAndrew Bartlett2012-11-121-37/+31
| | | | | | | | | | | This follows on from the successful conversion of samba.tests.posixacl. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Rework ldap attribute fetch in classicupgrade for missing attributesAndrew Bartlett2012-11-121-17/+24
| | | | | | | | | | | | | | Is is not required that these additional attributes be filled in, so catch KeyError in both the nsswitch and ldap backend case. We rework get_posix_attr_from_ldap_backend() so it raises KeyError rather than trying to return None, and does not ignore other errors. Andrew Bartlett Tested-by: Chirana Gheorghita Eugeniu Theodor <office@adaptcom.ro> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
generated by cgit (git 2.34.1) at 2024-09-29 01:35:50 +0000