Hello community,
here is the log from the commit of package yast2-samba-provision for
openSUSE:Factory checked in at 2019-07-31 14:23:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-samba-provision (Old)
and /work/SRC/openSUSE:Factory/.yast2-samba-provision.new.4126 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-samba-provision"
Wed Jul 31 14:23:02 2019 rev:3 rq:714456 version:1.0.4
Changes:
--------
---
/work/SRC/openSUSE:Factory/yast2-samba-provision/yast2-samba-provision.changes
2018-11-01 14:42:58.130886115 +0100
+++
/work/SRC/openSUSE:Factory/.yast2-samba-provision.new.4126/yast2-samba-provision.changes
2019-07-31 14:23:07.262443253 +0200
@@ -1,0 +2,28 @@
+Wed Jul 10 08:59:29 UTC 2019 - Samuel Cabrero <[email protected]>
+
+- Catch and show internal python exceptions; (bsc#1140548);
+- 1.0.4
+
+-------------------------------------------------------------------
+Fri May 31 12:40:00 UTC 2019 - Stasiek Michalski <[email protected]>
+
+- Add metainfo (fate#319035)
+- Revamp spec
+- Replace GenericName with Comment
+- 1.0.3
+
+-------------------------------------------------------------------
+Wed May 22 14:54:28 UTC 2019 - Samuel Cabrero <[email protected]>
+
+- Call samba python API using yast python binding; (bsc#1117597);
+ (CVE-2018-17956)
+- Show a dialog with provision details or errors; (bsc#1132676);
+- Enable and start services after provision
+- 1.0.2
+
+-------------------------------------------------------------------
+Wed Nov 7 17:34:23 UTC 2018 - [email protected]
+
+- Remove TM mark.
+
+-------------------------------------------------------------------
Old:
----
yast2-samba-provision-1.0.1.tar.bz2
New:
----
yast2-samba-provision-1.0.4.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-samba-provision.spec ++++++
--- /var/tmp/diff_new_pack.0RwLUt/_old 2019-07-31 14:23:07.766442966 +0200
+++ /var/tmp/diff_new_pack.0RwLUt/_new 2019-07-31 14:23:07.770442963 +0200
@@ -1,7 +1,7 @@
#
# spec file for package yast2-samba-provision
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,55 +12,54 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: yast2-samba-provision
-Version: 1.0.1
+Version: 1.0.4
Release: 0
+Summary: YaST2 - Samba AD DC provision
+License: GPL-2.0-only
+Group: System/YaST
+Url: https://github.com/yast/yast-samba-provision
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0: %{name}-%{version}.tar.bz2
BuildRequires: perl-XML-Writer
BuildRequires: update-desktop-files
BuildRequires: yast2 >= 3.3.8
-BuildRequires: yast2-devtools >= 3.1.46
+BuildRequires: yast2-devtools >= 4.2.2
BuildRequires: yast2-perl-bindings
BuildRequires: yast2-testsuite
Requires: yast2 >= 3.3.8
-
-BuildArch: noarch
-
Requires: yast2-network
+Requires: yast2-python3-bindings >= 4.0.8
Requires: yast2-ruby-bindings >= 3.3.1
-Summary: YaST2 - Samba AD DC provision
-License: GPL-2.0-only
-Group: System/YaST
+BuildArch: noarch
%description
This package contains the YaST2 component to configure samba as an Active
-Directory (TM) Domain Controller.
+Directory Domain Controller.
%prep
-%setup -n %{name}-%{version}
+%setup -q
%build
%yast_build
%install
%yast_install
+%yast_metainfo
%files
-%defattr(-,root,root)
-%dir %{yast_yncludedir}/samba-provision
-%{yast_yncludedir}/samba-provision/*
-%{yast_clientdir}/samba-provision.rb
-%{yast_moduledir}/SambaProvision.rb
-%{yast_desktopdir}/samba-provision.desktop
+%{yast_yncludedir}
+%{yast_clientdir}
+%{yast_moduledir}
+%{yast_desktopdir}
+%{yast_metainfodir}
%doc %{yast_docdir}
%changelog
++++++ yast2-samba-provision-1.0.1.tar.bz2 ->
yast2-samba-provision-1.0.4.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-samba-provision-1.0.1/package/yast2-samba-provision.changes
new/yast2-samba-provision-1.0.4/package/yast2-samba-provision.changes
--- old/yast2-samba-provision-1.0.1/package/yast2-samba-provision.changes
2018-10-31 18:19:00.000000000 +0100
+++ new/yast2-samba-provision-1.0.4/package/yast2-samba-provision.changes
2019-07-10 16:48:01.000000000 +0200
@@ -1,4 +1,32 @@
-------------------------------------------------------------------
+Wed Jul 10 08:59:29 UTC 2019 - Samuel Cabrero <[email protected]>
+
+- Catch and show internal python exceptions; (bsc#1140548);
+- 1.0.4
+
+-------------------------------------------------------------------
+Fri May 31 12:40:00 UTC 2019 - Stasiek Michalski <[email protected]>
+
+- Add metainfo (fate#319035)
+- Revamp spec
+- Replace GenericName with Comment
+- 1.0.3
+
+-------------------------------------------------------------------
+Wed May 22 14:54:28 UTC 2019 - Samuel Cabrero <[email protected]>
+
+- Call samba python API using yast python binding; (bsc#1117597);
+ (CVE-2018-17956)
+- Show a dialog with provision details or errors; (bsc#1132676);
+- Enable and start services after provision
+- 1.0.2
+
+-------------------------------------------------------------------
+Wed Nov 7 17:34:23 UTC 2018 - [email protected]
+
+- Remove TM mark.
+
+-------------------------------------------------------------------
Wed Oct 31 17:17:35 UTC 2018 - Samuel Cabrero <[email protected]>
- Fix required packages after samba-kdc renamed to samba-ad-dc
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-samba-provision-1.0.1/package/yast2-samba-provision.spec
new/yast2-samba-provision-1.0.4/package/yast2-samba-provision.spec
--- old/yast2-samba-provision-1.0.1/package/yast2-samba-provision.spec
2018-10-31 18:19:00.000000000 +0100
+++ new/yast2-samba-provision-1.0.4/package/yast2-samba-provision.spec
2019-07-10 16:48:01.000000000 +0200
@@ -12,54 +12,54 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: yast2-samba-provision
-Version: 1.0.1
+Version: 1.0.4
Release: 0
+Summary: YaST2 - Samba AD DC provision
+Group: System/YaST
+License: GPL-2.0
+Url: https://github.com/yast/yast-samba-provision
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0: %{name}-%{version}.tar.bz2
-Group: System/YaST
-License: GPL-2.0
BuildRequires: yast2 >= 3.3.8
-BuildRequires: yast2-perl-bindings
-BuildRequires: yast2-devtools >= 3.1.46
-BuildRequires: yast2-testsuite
-BuildRequires: perl-XML-Writer
-BuildRequires: update-desktop-files
+BuildRequires: yast2-perl-bindings
+BuildRequires: yast2-devtools >= 4.2.2
+BuildRequires: yast2-testsuite
+BuildRequires: perl-XML-Writer
+BuildRequires: update-desktop-files
Requires: yast2 >= 3.3.8
-
-BuildArchitectures: noarch
-
Requires: yast2-ruby-bindings >= 3.3.1
-requires: yast2-network
+Requires: yast2-python3-bindings >= 4.0.8
+Requires: yast2-network
-Summary: YaST2 - Samba AD DC provision
+BuildArch: noarch
%description
This package contains the YaST2 component to configure samba as an Active
-Directory (TM) Domain Controller.
+Directory Domain Controller.
%prep
-%setup -n %{name}-%{version}
+%setup -q
%build
%yast_build
%install
%yast_install
+%yast_metainfo
%files
-%defattr(-,root,root)
-%dir %{yast_yncludedir}/samba-provision
-%{yast_yncludedir}/samba-provision/*
-%{yast_clientdir}/samba-provision.rb
-%{yast_moduledir}/SambaProvision.rb
-%{yast_desktopdir}/samba-provision.desktop
+%{yast_yncludedir}
+%{yast_clientdir}
+%{yast_moduledir}
+%{yast_desktopdir}
+%{yast_metainfodir}
%doc %{yast_docdir}
+%changelog
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-samba-provision-1.0.1/src/Makefile.am
new/yast2-samba-provision-1.0.4/src/Makefile.am
--- old/yast2-samba-provision-1.0.1/src/Makefile.am 2018-10-31
18:19:00.000000000 +0100
+++ new/yast2-samba-provision-1.0.4/src/Makefile.am 2019-07-10
16:48:01.000000000 +0200
@@ -1,7 +1,8 @@
# Sources for samba-client
module_DATA = \
- modules/SambaProvision.rb
+ modules/SambaProvision.rb \
+ modules/SambaToolDomainAPI.py
client_DATA = \
clients/samba-provision.rb
@@ -23,7 +24,7 @@
schemafiles_DATA =
desktop_DATA = \
- desktop/samba-provision.desktop
+ desktop/org.opensuse.yast.SambaProvision.desktop
EXTRA_DIST = $(module_DATA) $(client_DATA) $(ynclude_DATA) $(scrconf_DATA)
$(agent_SCRIPTS) $(schemafiles_DATA) $(desktop_DATA)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-samba-provision-1.0.1/src/desktop/org.opensuse.yast.SambaProvision.desktop
new/yast2-samba-provision-1.0.4/src/desktop/org.opensuse.yast.SambaProvision.desktop
---
old/yast2-samba-provision-1.0.1/src/desktop/org.opensuse.yast.SambaProvision.desktop
1970-01-01 01:00:00.000000000 +0100
+++
new/yast2-samba-provision-1.0.4/src/desktop/org.opensuse.yast.SambaProvision.desktop
2019-07-10 16:48:01.000000000 +0200
@@ -0,0 +1,27 @@
+[Desktop Entry]
+Type=Application
+Categories=Settings;System;Qt;X-SuSE-YaST;X-SuSE-YaST-Net_advanced;
+
+X-KDE-ModuleType=Library
+X-KDE-HasReadOnlyMode=true
+X-SuSE-YaST-Call=samba-provision
+
+X-SuSE-YaST-Group=Net_advanced
+X-SuSE-YaST-Argument=
+X-SuSE-YaST-RootOnly=true
+X-SuSE-YaST-AutoInst=all
+X-SuSE-YaST-Geometry=
+X-SuSE-YaST-SortKey=
+X-SuSE-YaST-AutoInstResource=samba-provision
+X-SuSE-YaST-AutoInstClonable=true
+X-SuSE-YaST-AutoInstRequires=lan
+X-SuSE-YaST-AutoInstSchema=samba-provision.rnc
+X-SuSE-YaST-Keywords=authentication,samba,windows
+
+Icon=yast-samba-server
+Exec=xdg-su -c "/sbin/yast2 samba-provision"
+
+Name=YaST Active Directory Domain Controller
+GenericName=Active Directory Domain Controller
+Comment=Provision an Active Directory Domain Controller
+StartupNotify=true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-samba-provision-1.0.1/src/desktop/samba-provision.desktop
new/yast2-samba-provision-1.0.4/src/desktop/samba-provision.desktop
--- old/yast2-samba-provision-1.0.1/src/desktop/samba-provision.desktop
2018-10-31 18:19:00.000000000 +0100
+++ new/yast2-samba-provision-1.0.4/src/desktop/samba-provision.desktop
1970-01-01 01:00:00.000000000 +0100
@@ -1,26 +0,0 @@
-[Desktop Entry]
-Type=Application
-Categories=Settings;System;Qt;X-SuSE-YaST;X-SuSE-YaST-Net_advanced;
-
-X-KDE-ModuleType=Library
-X-KDE-HasReadOnlyMode=true
-X-SuSE-YaST-Call=samba-provision
-
-X-SuSE-YaST-Group=Net_advanced
-X-SuSE-YaST-Argument=
-X-SuSE-YaST-RootOnly=true
-X-SuSE-YaST-AutoInst=all
-X-SuSE-YaST-Geometry=
-X-SuSE-YaST-SortKey=
-X-SuSE-YaST-AutoInstResource=samba-provision
-X-SuSE-YaST-AutoInstClonable=true
-X-SuSE-YaST-AutoInstRequires=lan
-X-SuSE-YaST-AutoInstSchema=samba-provision.rnc
-X-SuSE-YaST-Keywords=authentication,samba,windows
-
-Icon=yast-samba-server
-Exec=xdg-su -c "/sbin/yast2 samba-provision"
-
-Name=Provision an Active Directory Domain Controller
-GenericName=Configure an Active Directory Domain Controller
-StartupNotify=true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-samba-provision-1.0.1/src/include/samba-provision/wizards.rb
new/yast2-samba-provision-1.0.4/src/include/samba-provision/wizards.rb
--- old/yast2-samba-provision-1.0.1/src/include/samba-provision/wizards.rb
2018-10-31 18:19:00.000000000 +0100
+++ new/yast2-samba-provision-1.0.4/src/include/samba-provision/wizards.rb
2019-07-10 16:48:01.000000000 +0200
@@ -80,7 +80,7 @@
}
Wizard.CreateDialog
- Wizard.SetDesktopTitleAndIcon("samba-provision")
+ Wizard.SetDesktopTitleAndIcon("org.opensuse.yast.SambaProvision")
ret = Sequencer.Run(aliases, sequence)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-samba-provision-1.0.1/src/modules/SambaProvision.rb
new/yast2-samba-provision-1.0.4/src/modules/SambaProvision.rb
--- old/yast2-samba-provision-1.0.1/src/modules/SambaProvision.rb
2018-10-31 18:19:00.000000000 +0100
+++ new/yast2-samba-provision-1.0.4/src/modules/SambaProvision.rb
2019-07-10 16:48:01.000000000 +0200
@@ -14,6 +14,8 @@
Yast.import "SambaConfig"
Yast.import "Kerberos"
Yast.import "DNS"
+ Yast.import "SambaToolDomainAPI"
+ Yast.import "Service"
@operation = ""
@parent_domain_name = ""
@@ -36,16 +38,18 @@
caption = _("Provisioning Samba Active Directory Domain controller...")
- no_stages = 3
+ no_stages = 4
stages = [
_("Write the settings"),
_("Provision"),
- _("Write kerberos settings")
+ _("Write kerberos settings"),
+ _("Start services")
]
steps = [
_("Writting the settings..."),
_("Provisioning..."),
- _("Writting kerberos settings...")
+ _("Writting kerberos settings..."),
+ _("Starting services...")
]
if @dns
@@ -79,15 +83,25 @@
# Provision
Progress.NextStage
+ result = false
+ output = ""
+
case @operation
when "new_forest"
- if !write_provision
- Report.Error(_("Error provisioning database. Check logs for
details."))
+ result, output = write_provision
+ if !result
+ headline = _("An error occurred while provisioning new domain.")
+ msg = RichText(Opt(:plainText), output)
+ Popup.LongText(headline, msg, 60, 20)
return false
end
when "new_dc"
- if !write_join
- Report.Error(_("Error joining to domain. Check logs for details."))
+ result, output = write_join
+ if !result
+ headline = _("An error occurred while joining to domain.")
+ msg = RichText(Opt(:plainText), output)
+ Popup.LongText(headline, msg, 60, 20)
+ return false
end
end
@@ -110,6 +124,22 @@
SCR.Execute(path(".target.bash"), "/sbin/netconfig update")
end
+ headline = _("Provision result")
+ msg = RichText(Opt(:plainText), output)
+ Popup.LongText(headline, msg, 60, 20)
+
+ Progress.NextStage
+
+ if !Service.Adjust("samba-ad-dc", "enable")
+ # translators: error message, do not change winbind
+ Report.Error(_("Cannot enable samba-ad-dc service."))
+ return false
+ end
+ if !Service.Start("samba-ad-dc")
+ Report.Error(_("Cannot start samba-ad-dc daemon."))
+ return false
+ end
+
# Final stage
Progress.Finish
@@ -156,22 +186,14 @@
domain = SambaConfig.GlobalGetStr("workgroup", "")
realm = SambaConfig.GlobalGetStr("realm", "")
- cmd = "samba-tool domain provision " +
- "--server-role=dc " +
- "--realm='#{realm}' " +
- "--domain='#{domain}' " +
- "--adminpass='#{@admin_password}' " +
- "--function-level='#{@forest_level}' " +
- "--dns-backend='#{@dns_backend}' "
-
- if @rfc2307
- cmd += " --use-rfc2307"
- end
+ result, output = SambaToolDomainAPI.provision(realm,
+ domain,
+ admin_password,
+ forest_level,
+ dns_backend,
+ rfc2307)
- output = SCR.Execute(path(".target.bash_output"), cmd)
- Builtins.y2milestone("Samba provision result: #{output}")
-
- output["exit"] == 0
+ return result, output
end
@@ -179,15 +201,12 @@
domain = SambaConfig.GlobalGetStr("realm", "").downcase
role = @rodc ? "RODC" : "DC"
- cmd = "samba-tool domain join #{domain} #{role} " +
- "--dns-backend='#{@dns_backend}' " +
- "--username=\"#{credentials_username}\" " +
- "--password=\"#{credentials_password}\" "
-
- output = SCR.Execute(path(".target.bash_output"), cmd)
- Builtins.y2milestone("Samba domain join result: #{output}")
-
- output["exit"] == 0
+ result, output = SambaToolDomainAPI.join(domain,
+ role,
+ dns_backend,
+ credentials_username,
+ credentials_password)
+ return result, output
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-samba-provision-1.0.1/src/modules/SambaToolDomainAPI.py
new/yast2-samba-provision-1.0.4/src/modules/SambaToolDomainAPI.py
--- old/yast2-samba-provision-1.0.1/src/modules/SambaToolDomainAPI.py
1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-samba-provision-1.0.4/src/modules/SambaToolDomainAPI.py
2019-07-10 16:48:01.000000000 +0200
@@ -0,0 +1,99 @@
+from io import StringIO
+from yast import ycpbuiltins
+import sys
+
+class YaSTIO(StringIO):
+ def __init__(self, outf):
+ super(YaSTIO, self).__init__()
+ self.outf = outf
+
+ def write(self, s):
+ super(YaSTIO, self).write(s)
+ self.outf(s)
+
+from samba.netcmd import domain as dm
+from samba.getopt import SambaOptions, CredentialsOptions
+from samba.logger import get_samba_logger
+from optparse import OptionParser
+from samba.netcmd import CommandError
+from yast import Declare
+
+@Declare('string', 'string', 'string', 'string', 'string', 'string', 'boolean')
+def provision(realm, domain, adminpass, function_level, dns_backend,
use_rfc2307):
+ '''Provision a domain
+ param string realm The realm name
+ param string domain NetBIOS domain name to use
+ param string adminpass Choose an admin password
+ param string function_level The domain and forest function level (2000 |
2003 | 2008 | 2008_R2)
+ param string dns_backend The DNS server backend
+ param boolean use_rfc2307 Use AD to store posix attributes
+ return string Error message, or an empty string
+ '''
+ parser = OptionParser()
+ sambaopts = SambaOptions(parser)
+ lp = sambaopts.get_loadparm()
+ lp.set('realm', realm)
+
+ outlog = YaSTIO(ycpbuiltins.y2debug)
+ errlog = YaSTIO(ycpbuiltins.y2error)
+
+ provision = dm.cmd_domain_provision(errf=errlog)
+ provision.raw_argv = []
+ provision.logger = get_samba_logger(name="provision",
+ stream=outlog,
+ verbose=True,
+ quiet=False,
+ fmt="%(message)s")
+
+ try:
+ provision.run(sambaopts=sambaopts,
+ domain=domain,
+ adminpass=adminpass,
+ function_level=function_level,
+ dns_backend=dns_backend,
+ server_role="dc")
+ except Exception as e:
+ template = "{0} exception:\n{1}"
+ message = template.format(type(e).__name__, str(e))
+ return [False, message]
+ return [True, outlog.getvalue()]
+
+@Declare('string', 'string', 'string', 'string', 'string', 'string')
+def join(domain, role, dns_backend, username, password):
+ '''Join domain as either member or backup domain controller
+ param string domain NetBIOS domain name to use
+ param string role possible values: MEMBER, DC, RODC, SUBDOMAIN
+ param string dns_backend The DNS server backend
+ param string username Username
+ param string password Password
+ return string Error message, or an empty string
+ '''
+ parser = OptionParser()
+ sambaopts = SambaOptions(parser)
+ credopts = CredentialsOptions(parser)
+ credopts.creds.parse_string(username)
+ credopts.creds.set_password(password)
+ credopts.ask_for_password = False
+ credopts.machine_pass = False
+
+ outlog = YaSTIO(ycpbuiltins.y2debug)
+ errlog = YaSTIO(ycpbuiltins.y2error)
+
+ join = dm.cmd_domain_join(errf=errlog)
+ join.logger = get_samba_logger(name="provision",
+ stream=outlog,
+ verbose=True,
+ quiet=False,
+ fmt="%(message)s")
+
+ try:
+ join.run(sambaopts=sambaopts,
+ credopts=credopts,
+ domain=domain,
+ role=role,
+ dns_backend=dns_backend)
+ except Exception as e:
+ template = "{0} exception:\n{1}"
+ message = template.format(type(e).__name__, str(e))
+ return [False, message]
+ return [True, outlog.getvalue()]
