source: trunk/server/source4/param/provision.c

Last change on this file was 745, checked in by Silvan Scherrer, 13 years ago

Samba Server: updated trunk to 3.6.0
File size: 10.9 KB
RevLine 
[745]1/*
2 Unix SMB/CIFS implementation.
3 Samba utility functions
4 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008-2009
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19*/
20
21#include <Python.h>
22#include <ldb.h>
23#include <pyldb.h>
24#include "includes.h"
25#include "librpc/ndr/libndr.h"
26#include "param/provision.h"
27#include "param/secrets.h"
28#include "lib/talloc/pytalloc.h"
29#include "scripting/python/modules.h"
30#include "param/pyparam.h"
31#include "dynconfig/dynconfig.h"
32
33static PyObject *provision_module(void)
34{
35 PyObject *name = PyString_FromString("samba.provision");
36 if (name == NULL)
37 return NULL;
38 return PyImport_Import(name);
39}
40
41static PyObject *schema_module(void)
42{
43 PyObject *name = PyString_FromString("samba.schema");
44 if (name == NULL)
45 return NULL;
46 return PyImport_Import(name);
47}
48
49static PyObject *ldb_module(void)
50{
51 PyObject *name = PyString_FromString("ldb");
52 if (name == NULL)
53 return NULL;
54 return PyImport_Import(name);
55}
56
57static PyObject *PyLdb_FromLdbContext(struct ldb_context *ldb_ctx)
58{
59 PyLdbObject *ret;
60 PyObject *ldb_mod = ldb_module();
61 PyTypeObject *ldb_ctx_type;
62 if (ldb_mod == NULL)
63 return NULL;
64
65 ldb_ctx_type = (PyTypeObject *)PyObject_GetAttrString(ldb_mod, "Ldb");
66
67 ret = (PyLdbObject *)ldb_ctx_type->tp_alloc(ldb_ctx_type, 0);
68 if (ret == NULL) {
69 PyErr_NoMemory();
70 return NULL;
71 }
72 ret->mem_ctx = talloc_new(NULL);
73 ret->ldb_ctx = talloc_reference(ret->mem_ctx, ldb_ctx);
74 return (PyObject *)ret;
75}
76
77NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
78 struct provision_settings *settings,
79 struct provision_result *result)
80{
81 const char *configfile;
82 PyObject *provision_mod, *provision_dict, *provision_fn, *py_result, *parameters, *py_lp_ctx;
83
84 DEBUG(0,("Provision for Become-DC test using python\n"));
85
86 Py_Initialize();
87 py_update_path(); /* Put the samba path at the start of sys.path */
88
89 provision_mod = provision_module();
90
91 if (provision_mod == NULL) {
92 PyErr_Print();
93 DEBUG(0, ("Unable to import provision Python module.\n"));
94 return NT_STATUS_UNSUCCESSFUL;
95 }
96
97 provision_dict = PyModule_GetDict(provision_mod);
98
99 if (provision_dict == NULL) {
100 DEBUG(0, ("Unable to get dictionary for provision module\n"));
101 return NT_STATUS_UNSUCCESSFUL;
102 }
103
104 provision_fn = PyDict_GetItemString(provision_dict, "provision_become_dc");
105 if (provision_fn == NULL) {
106 PyErr_Print();
107 DEBUG(0, ("Unable to get provision_become_dc function\n"));
108 return NT_STATUS_UNSUCCESSFUL;
109 }
110
111 DEBUG(0,("New Server in Site[%s]\n",
112 settings->site_name));
113
114 DEBUG(0,("DSA Instance [%s]\n"
115 "\tinvocationId[%s]\n",
116 settings->ntds_dn_str,
117 settings->invocation_id == NULL?"None":GUID_string(mem_ctx, settings->invocation_id)));
118
119 DEBUG(0,("Paths under targetdir[%s]\n",
120 settings->targetdir));
121 parameters = PyDict_New();
122
123 configfile = lpcfg_configfile(lp_ctx);
124 if (configfile != NULL) {
125 PyDict_SetItemString(parameters, "smbconf",
126 PyString_FromString(configfile));
127 }
128
129 PyDict_SetItemString(parameters, "rootdn",
130 PyString_FromString(settings->root_dn_str));
131 if (settings->targetdir != NULL)
132 PyDict_SetItemString(parameters, "targetdir",
133 PyString_FromString(settings->targetdir));
134 PyDict_SetItemString(parameters, "hostname",
135 PyString_FromString(settings->netbios_name));
136 PyDict_SetItemString(parameters, "domain",
137 PyString_FromString(settings->domain));
138 PyDict_SetItemString(parameters, "realm",
139 PyString_FromString(settings->realm));
140 if (settings->root_dn_str)
141 PyDict_SetItemString(parameters, "rootdn",
142 PyString_FromString(settings->root_dn_str));
143
144 if (settings->domain_dn_str)
145 PyDict_SetItemString(parameters, "domaindn",
146 PyString_FromString(settings->domain_dn_str));
147
148 if (settings->schema_dn_str)
149 PyDict_SetItemString(parameters, "schemadn",
150 PyString_FromString(settings->schema_dn_str));
151
152 if (settings->config_dn_str)
153 PyDict_SetItemString(parameters, "configdn",
154 PyString_FromString(settings->config_dn_str));
155
156 if (settings->server_dn_str)
157 PyDict_SetItemString(parameters, "serverdn",
158 PyString_FromString(settings->server_dn_str));
159
160 if (settings->site_name)
161 PyDict_SetItemString(parameters, "sitename",
162 PyString_FromString(settings->site_name));
163
164 PyDict_SetItemString(parameters, "machinepass",
165 PyString_FromString(settings->machine_password));
166
167
168 PyDict_SetItemString(parameters, "debuglevel", PyInt_FromLong(DEBUGLEVEL));
169
170 py_result = PyEval_CallObjectWithKeywords(provision_fn, NULL, parameters);
171
172 Py_DECREF(parameters);
173
174 if (py_result == NULL) {
175 PyErr_Print();
176 PyErr_Clear();
177 return NT_STATUS_UNSUCCESSFUL;
178 }
179
180 result->domaindn = talloc_strdup(mem_ctx, PyString_AsString(PyObject_GetAttrString(py_result, "domaindn")));
181
182 /* FIXME paths */
183 py_lp_ctx = PyObject_GetAttrString(py_result, "lp");
184 if (py_lp_ctx == NULL) {
185 DEBUG(0, ("Missing 'lp' attribute"));
186 return NT_STATUS_UNSUCCESSFUL;
187 }
188 result->lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
189 result->samdb = PyLdb_AsLdbContext(PyObject_GetAttrString(py_result, "samdb"));
190
191 return NT_STATUS_OK;
192}
193
194static PyObject *py_dom_sid_FromSid(struct dom_sid *sid)
195{
196 PyObject *mod_security, *dom_sid_Type;
197
198 mod_security = PyImport_ImportModule("samba.dcerpc.security");
199 if (mod_security == NULL)
200 return NULL;
201
202 dom_sid_Type = PyObject_GetAttrString(mod_security, "dom_sid");
203 if (dom_sid_Type == NULL)
204 return NULL;
205
206 return py_talloc_reference((PyTypeObject *)dom_sid_Type, sid);
207}
208
209NTSTATUS provision_store_self_join(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
210 struct tevent_context *event_ctx,
211 struct provision_store_self_join_settings *settings,
212 const char **error_string)
213{
214 int ret;
215 PyObject *provision_mod, *provision_dict, *provision_fn, *py_result, *parameters, *py_sid;
216 struct ldb_context *ldb;
217 TALLOC_CTX *tmp_mem = talloc_new(mem_ctx);
218 if (!tmp_mem) {
219 return NT_STATUS_NO_MEMORY;
220 }
221
222 /* Open the secrets database */
223 ldb = secrets_db_connect(tmp_mem, lp_ctx);
224 if (!ldb) {
225 *error_string
226 = talloc_asprintf(mem_ctx,
227 "Could not open secrets database");
228 talloc_free(tmp_mem);
229 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
230 }
231
232 ret = ldb_transaction_start(ldb);
233
234 if (ret != LDB_SUCCESS) {
235 *error_string
236 = talloc_asprintf(mem_ctx,
237 "Could not start transaction on secrets database: %s", ldb_errstring(ldb));
238 talloc_free(tmp_mem);
239 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
240 }
241
242 Py_Initialize();
243 py_update_path(); /* Put the samba path at the start of sys.path */
244 provision_mod = provision_module();
245
246 if (provision_mod == NULL) {
247 PyErr_Print();
248 *error_string
249 = talloc_asprintf(mem_ctx, "Unable to import provision Python module.");
250 talloc_free(tmp_mem);
251 return NT_STATUS_UNSUCCESSFUL;
252 }
253
254 provision_dict = PyModule_GetDict(provision_mod);
255
256 if (provision_dict == NULL) {
257 *error_string
258 = talloc_asprintf(mem_ctx, "Unable to get dictionary for provision module");
259 talloc_free(tmp_mem);
260 return NT_STATUS_UNSUCCESSFUL;
261 }
262
263 provision_fn = PyDict_GetItemString(provision_dict, "secretsdb_self_join");
264 if (provision_fn == NULL) {
265 PyErr_Print();
266 *error_string
267 = talloc_asprintf(mem_ctx, "Unable to get provision_become_dc function");
268 talloc_free(tmp_mem);
269 return NT_STATUS_UNSUCCESSFUL;
270 }
271
272 parameters = PyDict_New();
273
274 PyDict_SetItemString(parameters, "secretsdb",
275 PyLdb_FromLdbContext(ldb));
276 PyDict_SetItemString(parameters, "domain",
277 PyString_FromString(settings->domain_name));
278 if (settings->realm != NULL) {
279 PyDict_SetItemString(parameters, "realm",
280 PyString_FromString(settings->realm));
281 }
282 PyDict_SetItemString(parameters, "machinepass",
283 PyString_FromString(settings->machine_password));
284 PyDict_SetItemString(parameters, "netbiosname",
285 PyString_FromString(settings->netbios_name));
286
287 py_sid = py_dom_sid_FromSid(settings->domain_sid);
288 if (py_sid == NULL) {
289 Py_DECREF(parameters);
290 goto failure;
291 }
292
293 PyDict_SetItemString(parameters, "domainsid",
294 py_sid);
295
296 PyDict_SetItemString(parameters, "secure_channel_type",
297 PyInt_FromLong(settings->secure_channel_type));
298
299 PyDict_SetItemString(parameters, "key_version_number",
300 PyInt_FromLong(settings->key_version_number));
301
302 py_result = PyEval_CallObjectWithKeywords(provision_fn, NULL, parameters);
303
304 Py_DECREF(parameters);
305
306 if (py_result == NULL) {
307 goto failure;
308 }
309
310 ret = ldb_transaction_commit(ldb);
311 if (ret != LDB_SUCCESS) {
312 *error_string
313 = talloc_asprintf(mem_ctx,
314 "Could not commit transaction on secrets database: %s", ldb_errstring(ldb));
315 talloc_free(tmp_mem);
316 return NT_STATUS_INTERNAL_DB_ERROR;
317 }
318
319 talloc_free(tmp_mem);
320
321 return NT_STATUS_OK;
322
323failure:
324 ldb_transaction_cancel(ldb);
325 talloc_free(tmp_mem);
326
327 PyErr_Print();
328 PyErr_Clear();
329 return NT_STATUS_UNSUCCESSFUL;
330}
331
332
333struct ldb_context *provision_get_schema(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
334 DATA_BLOB *override_prefixmap)
335{
336 PyObject *schema_mod, *schema_dict, *schema_fn, *py_result, *parameters;
337
338 Py_Initialize();
339 py_update_path(); /* Put the samba path at the start of sys.path */
340
341 schema_mod = schema_module();
342
343 if (schema_mod == NULL) {
344 PyErr_Print();
345 DEBUG(0, ("Unable to import schema Python module.\n"));
346 return NULL;
347 }
348
349 schema_dict = PyModule_GetDict(schema_mod);
350
351 if (schema_dict == NULL) {
352 DEBUG(0, ("Unable to get dictionary for schema module\n"));
353 return NULL;
354 }
355
356 schema_fn = PyDict_GetItemString(schema_dict, "ldb_with_schema");
357 if (schema_fn == NULL) {
358 PyErr_Print();
359 DEBUG(0, ("Unable to get schema_get_ldb function\n"));
360 return NULL;
361 }
362
363 parameters = PyDict_New();
364
365 if (override_prefixmap) {
366 PyDict_SetItemString(parameters, "override_prefixmap",
367 PyString_FromStringAndSize((const char *)override_prefixmap->data,
368 override_prefixmap->length));
369 }
370
371 py_result = PyEval_CallObjectWithKeywords(schema_fn, NULL, parameters);
372
373 Py_DECREF(parameters);
374
375 if (py_result == NULL) {
376 PyErr_Print();
377 PyErr_Clear();
378 return NULL;
379 }
380
381 return PyLdb_AsLdbContext(PyObject_GetAttrString(py_result, "ldb"));
382}
Note: See TracBrowser for help on using the repository browser.