From f3bc54a8f1a405bfd8886bd46a1c2ca1b47acae7 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Thu, 5 Nov 2009 22:29:55 -0600 Subject: [PATCH] s4:provision - Added LDBBackend and ExistingBackend. --- source4/scripting/python/samba/provision.py | 22 +++--- .../python/samba/provisionbackend.py | 72 ++++++++++++------- 2 files changed, 62 insertions(+), 32 deletions(-) diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 1726932d0a5..86e7cec6ab3 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -52,7 +52,7 @@ import urllib from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError from ms_display_specifiers import read_ms_ldif from schema import Schema -from provisionbackend import ProvisionBackend, FDSBackend, OpenLDAPBackend +from provisionbackend import LDBBackend, ExistingBackend, FDSBackend, OpenLDAPBackend from signal import SIGTERM from dcerpc.misc import SEC_CHAN_BDC, SEC_CHAN_WKSTA @@ -1233,7 +1233,19 @@ def provision(setup_dir, message, session_info, schema = Schema(setup_path, domainsid, schemadn=names.schemadn, serverdn=names.serverdn) - if backend_type == "fedora-ds": + if backend_type == "ldb": + provision_backend = LDBBackend(backend_type, + paths=paths, setup_path=setup_path, + lp=lp, credentials=credentials, + names=names, + message=message) + elif backend_type == "existing": + provision_backend = ExistingBackend(backend_type, + paths=paths, setup_path=setup_path, + lp=lp, credentials=credentials, + names=names, + message=message) + elif backend_type == "fedora-ds": provision_backend = FDSBackend(backend_type, paths=paths, setup_path=setup_path, lp=lp, credentials=credentials, @@ -1260,12 +1272,6 @@ def provision(setup_dir, message, session_info, ldap_dryrun_mode=ldap_dryrun_mode, ol_mmr_urls=ol_mmr_urls, nosync=nosync) - elif backend_type == "ldb" or backend_type == "existing": - provision_backend = ProvisionBackend(backend_type, - paths=paths, setup_path=setup_path, - lp=lp, credentials=credentials, - names=names, - message=message) else: raise ProvisioningError("Unknown LDAP backend type selected") diff --git a/source4/scripting/python/samba/provisionbackend.py b/source4/scripting/python/samba/provisionbackend.py index dfadac1e1b9..7ef556c123c 100644 --- a/source4/scripting/python/samba/provisionbackend.py +++ b/source4/scripting/python/samba/provisionbackend.py @@ -61,6 +61,7 @@ class ProvisionBackend(object): self.paths = paths self.setup_path = setup_path self.lp = lp + self.credentials = credentials self.names = names self.message = message @@ -69,30 +70,6 @@ class ProvisionBackend(object): # Set a default - the code for "existing" below replaces this self.ldap_backend_type = backend_type - if self.type is "ldb": - self.credentials = None - self.secrets_credentials = None - - # Wipe the old sam.ldb databases away - shutil.rmtree(paths.samdb + ".d", True) - return - - self.ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.ldapdir, "ldapi"), safe="") - - if self.type == "existing": - #Check to see that this 'existing' LDAP backend in fact exists - ldapi_db = Ldb(self.ldapi_uri, credentials=credentials) - search_ol_rootdse = ldapi_db.search(base="", scope=SCOPE_BASE, - expression="(objectClass=OpenLDAProotDSE)") - - # If we have got here, then we must have a valid connection to the LDAP server, with valid credentials supplied - self.credentials = credentials - # This caused them to be set into the long-term database later in the script. - self.secrets_credentials = credentials - - self.ldap_backend_type = "openldap" #For now, assume existing backends at least emulate OpenLDAP - return - def setup(self): pass @@ -106,6 +83,51 @@ class ProvisionBackend(object): pass +class LDBBackend(ProvisionBackend): + def __init__(self, backend_type, paths=None, setup_path=None, lp=None, credentials=None, + names=None, message=None): + + super(LDBBackend, self).__init__( + backend_type=backend_type, + paths=paths, setup_path=setup_path, + lp=lp, credentials=credentials, + names=names, + message=message) + + def setup(self): + self.credentials = None + self.secrets_credentials = None + + # Wipe the old sam.ldb databases away + shutil.rmtree(self.paths.samdb + ".d", True) + + +class ExistingBackend(ProvisionBackend): + def __init__(self, backend_type, paths=None, setup_path=None, lp=None, credentials=None, + names=None, message=None): + + super(ExistingBackend, self).__init__( + backend_type=backend_type, + paths=paths, setup_path=setup_path, + lp=lp, credentials=credentials, + names=names, + message=message) + + self.ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.ldapdir, "ldapi"), safe="") + + def setup(self): + #Check to see that this 'existing' LDAP backend in fact exists + ldapi_db = Ldb(self.ldapi_uri, credentials=self.credentials) + search_ol_rootdse = ldapi_db.search(base="", scope=SCOPE_BASE, + expression="(objectClass=OpenLDAProotDSE)") + + # If we have got here, then we must have a valid connection to the LDAP server, with valid credentials supplied + # This caused them to be set into the long-term database later in the script. + self.secrets_credentials = self.credentials + + self.ldap_backend_type = "openldap" #For now, assume existing backends at least emulate OpenLDAP + + class LDAPBackend(ProvisionBackend): def __init__(self, backend_type, paths=None, setup_path=None, lp=None, credentials=None, names=None, message=None, @@ -135,6 +157,8 @@ class LDAPBackend(ProvisionBackend): self.ldap_backend_extra_port = ldap_backend_extra_port self.ldap_dryrun_mode = ldap_dryrun_mode + self.ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.ldapdir, "ldapi"), safe="") + def setup(self): # we will shortly start slapd with ldapi for final provisioning. first check with ldapsearch -> rootDSE via self.ldapi_uri # if another instance of slapd is already running -- 2.34.1