Beispiel #1
0
def import_wins(samba4_winsdb, samba3_winsdb):
    """Import settings from a Samba3 WINS database.

    :param samba4_winsdb: WINS database to import to
    :param samba3_winsdb: WINS database to import from
    """

    version_id = 0

    for (name, (ttl, ips, nb_flags)) in samba3_winsdb.items():
        version_id += 1

        type = int(name.split("#", 1)[1], 16)

        if type == 0x1C:
            rType = 0x2
        elif type & 0x80:
            if len(ips) > 1:
                rType = 0x2
            else:
                rType = 0x1
        else:
            if len(ips) > 1:
                rType = 0x3
            else:
                rType = 0x0

        if ttl > time.time():
            rState = 0x0  # active
        else:
            rState = 0x1  # released

        nType = ((nb_flags & 0x60) >> 5)

        samba4_winsdb.add({
            "dn": "name=%s,type=0x%s" % tuple(name.split("#")),
            "type": name.split("#")[1],
            "name": name.split("#")[0],
            "objectClass": "winsRecord",
            "recordType": str(rType),
            "recordState": str(rState),
            "nodeType": str(nType),
            "expireTime": ldb.timestring(ttl),
            "isStatic": "0",
            "versionID": str(version_id),
            "address": ips
        })

    samba4_winsdb.add({
        "dn": "cn=VERSION",
        "cn": "VERSION",
        "objectClass": "winsMaxVersion",
        "maxVersion": str(version_id)
    })
Beispiel #2
0
def import_wins(samba4_winsdb, samba3_winsdb):
    """Import settings from a Samba3 WINS database.

    :param samba4_winsdb: WINS database to import to
    :param samba3_winsdb: WINS database to import from
    """

    version_id = 0

    for (name, (ttl, ips, nb_flags)) in samba3_winsdb.items():
        version_id += 1

        type = int(name.split("#", 1)[1], 16)

        if type == 0x1C:
            rType = 0x2
        elif type & 0x80:
            if len(ips) > 1:
                rType = 0x2
            else:
                rType = 0x1
        else:
            if len(ips) > 1:
                rType = 0x3
            else:
                rType = 0x0

        if ttl > time.time():
            rState = 0x0  # active
        else:
            rState = 0x1  # released

        nType = (nb_flags & 0x60) >> 5

        samba4_winsdb.add(
            {
                "dn": "name={0!s},type=0x{1!s}".format(*tuple(name.split("#"))),
                "type": name.split("#")[1],
                "name": name.split("#")[0],
                "objectClass": "winsRecord",
                "recordType": str(rType),
                "recordState": str(rState),
                "nodeType": str(nType),
                "expireTime": ldb.timestring(ttl),
                "isStatic": "0",
                "versionID": str(version_id),
                "address": ips,
            }
        )

    samba4_winsdb.add(
        {"dn": "cn=VERSION", "cn": "VERSION", "objectClass": "winsMaxVersion", "maxVersion": str(version_id)}
    )
Beispiel #3
0
 def test_timestring(self):
     self.assertEqual("19700101000000.0Z", ldb.timestring(0))
     self.assertEqual("20071119191012.0Z", ldb.timestring(1195499412))
Beispiel #4
0
 def test_timestring(self):
     self.assertEqual("19700101000000.0Z", ldb.timestring(0))
     self.assertEqual("20071119191012.0Z", ldb.timestring(1195499412))
Beispiel #5
0
    def provision(self):
        # Wipe the directories so we can start
        shutil.rmtree(os.path.join(self.paths.ldapdir, "db"), True)

        #Allow the test scripts to turn off fsync() for OpenLDAP as for TDB and LDB
        nosync_config = ""
        if self.nosync:
            nosync_config = "dbnosync"
        
        lnkattr = self.schema.linked_attributes()
        refint_attributes = ""
        memberof_config = "# Generated from Samba4 schema\n"
        for att in  lnkattr.keys():
            if lnkattr[att] is not None:
                refint_attributes = refint_attributes + " " + att 
            
                memberof_config += read_and_sub_file(self.setup_path("memberof.conf"),
                                                 { "MEMBER_ATTR" : att ,
                                                   "MEMBEROF_ATTR" : lnkattr[att] })
            
        refint_config = read_and_sub_file(self.setup_path("refint.conf"),
                                      { "LINK_ATTRS" : refint_attributes})
    
        attrs = ["linkID", "lDAPDisplayName"]
        res = self.schema.ldb.search(expression="(&(objectclass=attributeSchema)(searchFlags:1.2.840.113556.1.4.803:=1))", base=self.names.schemadn, scope=SCOPE_ONELEVEL, attrs=attrs)
        index_config = ""
        for i in range (0, len(res)):
            index_attr = res[i]["lDAPDisplayName"][0]
            if index_attr == "objectGUID":
                index_attr = "entryUUID"
            
            index_config += "index " + index_attr + " eq\n"

        # generate serverids, ldap-urls and syncrepl-blocks for mmr hosts
        mmr_on_config = ""
        mmr_replicator_acl = ""
        mmr_serverids_config = ""
        mmr_syncrepl_schema_config = "" 
        mmr_syncrepl_config_config = "" 
        mmr_syncrepl_user_config = "" 
       
    
        if self.ol_mmr_urls is not None:
            # For now, make these equal
            mmr_pass = self.ldapadminpass
        
            url_list=filter(None,self.ol_mmr_urls.split(' ')) 
            if (len(url_list) == 1):
                url_list=filter(None,self.ol_mmr_urls.split(',')) 
                     
            
                mmr_on_config = "MirrorMode On"
                mmr_replicator_acl = "  by dn=cn=replicator,cn=samba read"
                serverid=0
                for url in url_list:
                    serverid=serverid+1
                    mmr_serverids_config += read_and_sub_file(self.setup_path("mmr_serverids.conf"),
                                                          { "SERVERID" : str(serverid),
                                                            "LDAPSERVER" : url })
                    rid=serverid*10
                    rid=rid+1
                    mmr_syncrepl_schema_config += read_and_sub_file(self.setup_path("mmr_syncrepl.conf"),
                                                                {  "RID" : str(rid),
                                                                   "MMRDN": self.names.schemadn,
                                                                   "LDAPSERVER" : url,
                                                                   "MMR_PASSWORD": mmr_pass})
                
                    rid=rid+1
                    mmr_syncrepl_config_config += read_and_sub_file(self.setup_path("mmr_syncrepl.conf"),
                                                                {  "RID" : str(rid),
                                                                   "MMRDN": self.names.configdn,
                                                                   "LDAPSERVER" : url,
                                                                   "MMR_PASSWORD": mmr_pass})
                
                    rid=rid+1
                    mmr_syncrepl_user_config += read_and_sub_file(self.setup_path("mmr_syncrepl.conf"),
                                                              {  "RID" : str(rid),
                                                                 "MMRDN": self.names.domaindn,
                                                                 "LDAPSERVER" : url,
                                                                 "MMR_PASSWORD": mmr_pass })
        # OpenLDAP cn=config initialisation
        olc_syncrepl_config = ""
        olc_mmr_config = "" 
        # if mmr = yes, generate cn=config-replication directives
        # and olc_seed.lif for the other mmr-servers
        if self.ol_mmr_urls is not None:
            serverid=0
            olc_serverids_config = ""
            olc_syncrepl_seed_config = ""
            olc_mmr_config += read_and_sub_file(self.setup_path("olc_mmr.conf"),{})
            rid=1000
            for url in url_list:
                serverid=serverid+1
                olc_serverids_config += read_and_sub_file(self.setup_path("olc_serverid.conf"),
                                                      { "SERVERID" : str(serverid),
                                                        "LDAPSERVER" : url })
            
                rid=rid+1
                olc_syncrepl_config += read_and_sub_file(self.setup_path("olc_syncrepl.conf"),
                                                     {  "RID" : str(rid),
                                                        "LDAPSERVER" : url,
                                                        "MMR_PASSWORD": mmr_pass})
            
                olc_syncrepl_seed_config += read_and_sub_file(self.setup_path("olc_syncrepl_seed.conf"),
                                                          {  "RID" : str(rid),
                                                             "LDAPSERVER" : url})
                
            setup_file(self.setup_path("olc_seed.ldif"), self.paths.olcseedldif,
                       {"OLC_SERVER_ID_CONF": olc_serverids_config,
                        "OLC_PW": self.ldapadminpass,
                        "OLC_SYNCREPL_CONF": olc_syncrepl_seed_config})
        # end olc
                
        setup_file(self.setup_path("slapd.conf"), self.paths.slapdconf,
                   {"DNSDOMAIN": self.names.dnsdomain,
                    "LDAPDIR": self.paths.ldapdir,
                    "DOMAINDN": self.names.domaindn,
                    "CONFIGDN": self.names.configdn,
                    "SCHEMADN": self.names.schemadn,
                    "MEMBEROF_CONFIG": memberof_config,
                    "MIRRORMODE": mmr_on_config,
                    "REPLICATOR_ACL": mmr_replicator_acl,
                    "MMR_SERVERIDS_CONFIG": mmr_serverids_config,
                    "MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
                    "MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
                    "MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
                    "OLC_SYNCREPL_CONFIG": olc_syncrepl_config,
                    "OLC_MMR_CONFIG": olc_mmr_config,
                    "REFINT_CONFIG": refint_config,
                    "INDEX_CONFIG": index_config,
                    "NOSYNC": nosync_config})
        
        setup_db_config(self.setup_path, os.path.join(self.paths.ldapdir, "db", "user"))
        setup_db_config(self.setup_path, os.path.join(self.paths.ldapdir, "db", "config"))
        setup_db_config(self.setup_path, os.path.join(self.paths.ldapdir, "db", "schema"))
    
        if not os.path.exists(os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba")):
            os.makedirs(os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba"), 0700)
        
        setup_file(self.setup_path("cn=samba.ldif"), 
                   os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba.ldif"),
                   { "UUID": str(uuid.uuid4()), 
                     "LDAPTIME": timestring(int(time.time()))} )
        setup_file(self.setup_path("cn=samba-admin.ldif"), 
                   os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba", "cn=samba-admin.ldif"),
                   {"LDAPADMINPASS_B64": b64encode(self.ldapadminpass),
                    "UUID": str(uuid.uuid4()), 
                    "LDAPTIME": timestring(int(time.time()))} )
    
        if self.ol_mmr_urls is not None:
            setup_file(self.setup_path("cn=replicator.ldif"),
                       os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba", "cn=replicator.ldif"),
                       {"MMR_PASSWORD_B64": b64encode(mmr_pass),
                        "UUID": str(uuid.uuid4()),
                        "LDAPTIME": timestring(int(time.time()))} )
        

        mapping = "schema-map-openldap-2.3"
        backend_schema = "backend-schema.schema"

        backend_schema_data = self.schema.ldb.convert_schema_to_openldap("openldap", open(self.setup_path(mapping), 'r').read())
        assert backend_schema_data is not None
        open(os.path.join(self.paths.ldapdir, backend_schema), 'w').write(backend_schema_data)

        # now we generate the needed strings to start slapd automatically,
        # first ldapi_uri...
        if self.ldap_backend_extra_port is not None:
            # When we use MMR, we can't use 0.0.0.0 as it uses the name
            # specified there as part of it's clue as to it's own name,
            # and not to replicate to itself
            if self.ol_mmr_urls is None:
                server_port_string = "ldap://0.0.0.0:%d" % self.ldap_backend_extra_port
            else:
                server_port_string = "ldap://" + self.names.hostname + "." + self.names.dnsdomain +":%d" % self.ldap_backend_extra_port
        else:
            server_port_string = ""

        # Prepare the 'result' information - the commands to return in particular
        self.slapd_provision_command = [self.slapd_path]

        self.slapd_provision_command.append("-F" + self.paths.olcdir)

        self.slapd_provision_command.append("-h")

        # copy this command so we have two version, one with -d0 and only ldapi, and one with all the listen commands
        self.slapd_command = list(self.slapd_provision_command)
    
        self.slapd_provision_command.append(self.ldapi_uri)
        self.slapd_provision_command.append("-d0")

        uris = self.ldapi_uri
        if server_port_string is not "":
            uris = uris + " " + server_port_string

        self.slapd_command.append(uris)

        # Set the username - done here because Fedora DS still uses the admin DN and simple bind
        self.credentials.set_username("samba-admin")
    
        # If we were just looking for crashes up to this point, it's a
        # good time to exit before we realise we don't have OpenLDAP on
        # this system
        if self.ldap_dryrun_mode:
            sys.exit(0)

        # Finally, convert the configuration into cn=config style!
        if not os.path.isdir(self.paths.olcdir):
            os.makedirs(self.paths.olcdir, 0770)

            retcode = subprocess.call([self.slapd_path, "-Ttest", "-f", self.paths.slapdconf, "-F", self.paths.olcdir], close_fds=True, shell=False)

#            We can't do this, as OpenLDAP is strange.  It gives an error
#            output to the above, but does the conversion sucessfully...
#
#            if retcode != 0:
#                raise ProvisioningError("conversion from slapd.conf to cn=config failed")

            if not os.path.exists(os.path.join(self.paths.olcdir, "cn=config.ldif")):
                raise ProvisioningError("conversion from slapd.conf to cn=config failed")

            # Don't confuse the admin by leaving the slapd.conf around
            os.remove(self.paths.slapdconf)        
Beispiel #6
0
    def provision(self):
        # Wipe the directories so we can start
        shutil.rmtree(os.path.join(self.paths.ldapdir, "db"), True)

        #Allow the test scripts to turn off fsync() for OpenLDAP as for TDB and LDB
        nosync_config = ""
        if self.nosync:
            nosync_config = "dbnosync"
        
        lnkattr = self.schema.linked_attributes()
        refint_attributes = ""
        memberof_config = "# Generated from Samba4 schema\n"
        for att in  lnkattr.keys():
            if lnkattr[att] is not None:
                refint_attributes = refint_attributes + " " + att 
            
                memberof_config += read_and_sub_file(self.setup_path("memberof.conf"),
                                                 { "MEMBER_ATTR" : att ,
                                                   "MEMBEROF_ATTR" : lnkattr[att] })
            
        refint_config = read_and_sub_file(self.setup_path("refint.conf"),
                                      { "LINK_ATTRS" : refint_attributes})
    
        attrs = ["linkID", "lDAPDisplayName"]
        res = self.schema.ldb.search(expression="(&(objectclass=attributeSchema)(searchFlags:1.2.840.113556.1.4.803:=1))", base=self.names.schemadn, scope=SCOPE_ONELEVEL, attrs=attrs)
        index_config = ""
        for i in range (0, len(res)):
            index_attr = res[i]["lDAPDisplayName"][0]
            if index_attr == "objectGUID":
                index_attr = "entryUUID"
            
            index_config += "index " + index_attr + " eq\n"

        # generate serverids, ldap-urls and syncrepl-blocks for mmr hosts
        mmr_on_config = ""
        mmr_replicator_acl = ""
        mmr_serverids_config = ""
        mmr_syncrepl_schema_config = "" 
        mmr_syncrepl_config_config = "" 
        mmr_syncrepl_user_config = "" 
       
    
        if self.ol_mmr_urls is not None:
            # For now, make these equal
            mmr_pass = self.ldapadminpass
        
            url_list=filter(None,self.ol_mmr_urls.split(' ')) 
            if (len(url_list) == 1):
                url_list=filter(None,self.ol_mmr_urls.split(',')) 
                     
            
                mmr_on_config = "MirrorMode On"
                mmr_replicator_acl = "  by dn=cn=replicator,cn=samba read"
                serverid=0
                for url in url_list:
                    serverid=serverid+1
                    mmr_serverids_config += read_and_sub_file(self.setup_path("mmr_serverids.conf"),
                                                          { "SERVERID" : str(serverid),
                                                            "LDAPSERVER" : url })
                    rid=serverid*10
                    rid=rid+1
                    mmr_syncrepl_schema_config += read_and_sub_file(self.setup_path("mmr_syncrepl.conf"),
                                                                {  "RID" : str(rid),
                                                                   "MMRDN": self.names.schemadn,
                                                                   "LDAPSERVER" : url,
                                                                   "MMR_PASSWORD": mmr_pass})
                
                    rid=rid+1
                    mmr_syncrepl_config_config += read_and_sub_file(self.setup_path("mmr_syncrepl.conf"),
                                                                {  "RID" : str(rid),
                                                                   "MMRDN": self.names.configdn,
                                                                   "LDAPSERVER" : url,
                                                                   "MMR_PASSWORD": mmr_pass})
                
                    rid=rid+1
                    mmr_syncrepl_user_config += read_and_sub_file(self.setup_path("mmr_syncrepl.conf"),
                                                              {  "RID" : str(rid),
                                                                 "MMRDN": self.names.domaindn,
                                                                 "LDAPSERVER" : url,
                                                                 "MMR_PASSWORD": mmr_pass })
        # OpenLDAP cn=config initialisation
        olc_syncrepl_config = ""
        olc_mmr_config = "" 
        # if mmr = yes, generate cn=config-replication directives
        # and olc_seed.lif for the other mmr-servers
        if self.ol_mmr_urls is not None:
            serverid=0
            olc_serverids_config = ""
            olc_syncrepl_seed_config = ""
            olc_mmr_config += read_and_sub_file(self.setup_path("olc_mmr.conf"),{})
            rid=1000
            for url in url_list:
                serverid=serverid+1
                olc_serverids_config += read_and_sub_file(self.setup_path("olc_serverid.conf"),
                                                      { "SERVERID" : str(serverid),
                                                        "LDAPSERVER" : url })
            
                rid=rid+1
                olc_syncrepl_config += read_and_sub_file(self.setup_path("olc_syncrepl.conf"),
                                                     {  "RID" : str(rid),
                                                        "LDAPSERVER" : url,
                                                        "MMR_PASSWORD": mmr_pass})
            
                olc_syncrepl_seed_config += read_and_sub_file(self.setup_path("olc_syncrepl_seed.conf"),
                                                          {  "RID" : str(rid),
                                                             "LDAPSERVER" : url})
                
            setup_file(self.setup_path("olc_seed.ldif"), self.paths.olcseedldif,
                       {"OLC_SERVER_ID_CONF": olc_serverids_config,
                        "OLC_PW": self.ldapadminpass,
                        "OLC_SYNCREPL_CONF": olc_syncrepl_seed_config})
        # end olc
                
        setup_file(self.setup_path("slapd.conf"), self.paths.slapdconf,
                   {"DNSDOMAIN": self.names.dnsdomain,
                    "LDAPDIR": self.paths.ldapdir,
                    "DOMAINDN": self.names.domaindn,
                    "CONFIGDN": self.names.configdn,
                    "SCHEMADN": self.names.schemadn,
                    "MEMBEROF_CONFIG": memberof_config,
                    "MIRRORMODE": mmr_on_config,
                    "REPLICATOR_ACL": mmr_replicator_acl,
                    "MMR_SERVERIDS_CONFIG": mmr_serverids_config,
                    "MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
                    "MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
                    "MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
                    "OLC_SYNCREPL_CONFIG": olc_syncrepl_config,
                    "OLC_MMR_CONFIG": olc_mmr_config,
                    "REFINT_CONFIG": refint_config,
                    "INDEX_CONFIG": index_config,
                    "NOSYNC": nosync_config})
        
        setup_db_config(self.setup_path, os.path.join(self.paths.ldapdir, "db", "user"))
        setup_db_config(self.setup_path, os.path.join(self.paths.ldapdir, "db", "config"))
        setup_db_config(self.setup_path, os.path.join(self.paths.ldapdir, "db", "schema"))
    
        if not os.path.exists(os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba")):
            os.makedirs(os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba"), 0700)
        
        setup_file(self.setup_path("cn=samba.ldif"), 
                   os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba.ldif"),
                   { "UUID": str(uuid.uuid4()), 
                     "LDAPTIME": timestring(int(time.time()))} )
        setup_file(self.setup_path("cn=samba-admin.ldif"), 
                   os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba", "cn=samba-admin.ldif"),
                   {"LDAPADMINPASS_B64": b64encode(self.ldapadminpass),
                    "UUID": str(uuid.uuid4()), 
                    "LDAPTIME": timestring(int(time.time()))} )
    
        if self.ol_mmr_urls is not None:
            setup_file(self.setup_path("cn=replicator.ldif"),
                       os.path.join(self.paths.ldapdir, "db", "samba",  "cn=samba", "cn=replicator.ldif"),
                       {"MMR_PASSWORD_B64": b64encode(mmr_pass),
                        "UUID": str(uuid.uuid4()),
                        "LDAPTIME": timestring(int(time.time()))} )
        

        mapping = "schema-map-openldap-2.3"
        backend_schema = "backend-schema.schema"

        backend_schema_data = self.schema.ldb.convert_schema_to_openldap("openldap", open(self.setup_path(mapping), 'r').read())
        assert backend_schema_data is not None
        open(os.path.join(self.paths.ldapdir, backend_schema), 'w').write(backend_schema_data)

        # now we generate the needed strings to start slapd automatically,
        # first ldapi_uri...
        if self.ldap_backend_extra_port is not None:
            # When we use MMR, we can't use 0.0.0.0 as it uses the name
            # specified there as part of it's clue as to it's own name,
            # and not to replicate to itself
            if self.ol_mmr_urls is None:
                server_port_string = "ldap://0.0.0.0:%d" % self.ldap_backend_extra_port
            else:
                server_port_string = "ldap://" + self.names.hostname + "." + self.names.dnsdomain +":%d" % self.ldap_backend_extra_port
        else:
            server_port_string = ""

        # Prepare the 'result' information - the commands to return in particular
        self.slapd_provision_command = [self.slapd_path]

        self.slapd_provision_command.append("-F" + self.paths.olcdir)

        self.slapd_provision_command.append("-h")

        # copy this command so we have two version, one with -d0 and only ldapi, and one with all the listen commands
        self.slapd_command = list(self.slapd_provision_command)
    
        self.slapd_provision_command.append(self.ldapi_uri)
        self.slapd_provision_command.append("-d0")

        uris = self.ldapi_uri
        if server_port_string is not "":
            uris = uris + " " + server_port_string

        self.slapd_command.append(uris)

        # Set the username - done here because Fedora DS still uses the admin DN and simple bind
        self.credentials.set_username("samba-admin")
    
        # If we were just looking for crashes up to this point, it's a
        # good time to exit before we realise we don't have OpenLDAP on
        # this system
        if self.ldap_dryrun_mode:
            sys.exit(0)

        # Finally, convert the configuration into cn=config style!
        if not os.path.isdir(self.paths.olcdir):
            os.makedirs(self.paths.olcdir, 0770)

            retcode = subprocess.call([self.slapd_path, "-Ttest", "-f", self.paths.slapdconf, "-F", self.paths.olcdir], close_fds=True, shell=False)

#            We can't do this, as OpenLDAP is strange.  It gives an error
#            output to the above, but does the conversion sucessfully...
#
#            if retcode != 0:
#                raise ProvisioningError("conversion from slapd.conf to cn=config failed")

            if not os.path.exists(os.path.join(self.paths.olcdir, "cn=config.ldif")):
                raise ProvisioningError("conversion from slapd.conf to cn=config failed")

            # Don't confuse the admin by leaving the slapd.conf around
            os.remove(self.paths.slapdconf)