The branch, v4-0-test has been updated via f123190fb49302968a231639848023a72dfdf2bc (commit) from 5268649b7ef60a2caae9cdf66dfeaf6d2037aba3 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log ----------------------------------------------------------------- commit f123190fb49302968a231639848023a72dfdf2bc Author: Jelmer Vernooij <[EMAIL PROTECTED]> Date: Sun May 11 15:15:27 2008 +0200 Remove obsolete provisioning library. ----------------------------------------------------------------------- Summary of changes: source/scripting/libjs/provision.js | 1254 ----------------------------------- 1 files changed, 0 insertions(+), 1254 deletions(-) delete mode 100644 source/scripting/libjs/provision.js Changeset truncated at 500 lines: diff --git a/source/scripting/libjs/provision.js b/source/scripting/libjs/provision.js deleted file mode 100644 index 51e2785..0000000 --- a/source/scripting/libjs/provision.js +++ /dev/null @@ -1,1254 +0,0 @@ -/* - backend code for provisioning a Samba4 server - Copyright Andrew Tridgell 2005 - Released under the GNU GPL version 3 or later -*/ - -sys = sys_init(); - -/* - return true if the current install seems to be OK -*/ -function install_ok(session_info, credentials) -{ - var lp = loadparm_init(); - var ldb = ldb_init(); - ldb.session_info = session_info; - ldb.credentials = credentials; - if (lp.get("realm") == "") { - return false; - } - var ok = ldb.connect(lp.get("sam database")); - if (!ok) { - return false; - } - var res = ldb.search("(cn=Administrator)"); - if (res.error != 0 || res.msgs.length != 1) { - return false; - } - return true; -} - -/* - find a user or group from a list of possibilities -*/ -function findnss() -{ - var i; - assert(arguments.length >= 2); - var nssfn = arguments[0]; - for (i=1;i<arguments.length;i++) { - if (nssfn(arguments[i]) != undefined) { - return arguments[i]; - } - } - printf("Unable to find user/group for %s\n", arguments[1]); - assert(i<arguments.length); -} - -/* - add a foreign security principle - */ -function add_foreign(ldb, subobj, sid, desc) -{ - var add = sprintf(" -dn: CN=%s,CN=ForeignSecurityPrincipals,%s -objectClass: top -objectClass: foreignSecurityPrincipal -description: %s -", - sid, subobj.DOMAINDN, desc); - /* deliberately ignore errors from this, as the records may - already exist */ - ldb.add(add); -} - - -/* - setup a mapping between a sam name and a unix name - */ -function setup_name_mapping(info, ldb, sid, unixname) -{ - var attrs = new Array("dn"); - var res = ldb.search(sprintf("objectSid=%s", sid), - info.subobj.DOMAINDN, ldb.SCOPE_SUBTREE, attrs); - if (res.error != 0 || res.msgs.length != 1) { - info.message("Failed to find record for objectSid %s\n", sid); - return false; - } - var mod = sprintf(" -dn: %s -changetype: modify -replace: unixName -unixName: %s -", - res.msgs[0].dn, unixname); - var ok = ldb.modify(mod); - if (ok.error != 0) { - info.message("name mapping for %s failed - %s\n", - sid, ldb.errstring()); - return false; - } - return true; -} - -/* - return current time as a nt time string -*/ -function nttime() -{ - return "" + sys.nttime(); -} - -/* - return current time as a ldap time string -*/ -function ldaptime() -{ - return sys.ldaptime(sys.nttime()); -} - -/* - return a date string suitable for a dns zone serial number -*/ -function datestring() -{ - var t = sys.ntgmtime(sys.nttime()); - return sprintf("%04u%02u%02u%02u", - t.tm_year+1900, t.tm_mon+1, t.tm_mday, t.tm_hour); -} - -/* - return first host IP -*/ -function hostip() -{ - var list = sys.interfaces(); - return list[0]; -} - - -/* - return first part of hostname -*/ -function hostname() -{ - var s = split(".", sys.hostname()); - return s[0]; -} - -/* the ldb is in bad shape, possibly due to being built from an - incompatible previous version of the code, so delete it - completely */ -function ldb_delete(info, ldb) -{ - info.message("Deleting " + ldb.filename + "\n"); - var lp = loadparm_init(); - sys.unlink(sprintf("%s/%s", lp.get("private dir"), ldb.filename)); - ldb.transaction_cancel(); - ldb.close(); - var ok = ldb.connect(ldb.filename); - ldb.transaction_start(); - assert(ok); -} - -/* - erase an ldb, removing all records -*/ -function ldb_erase(info, ldb) -{ - var res; - - /* delete the specials */ - ldb.del("@INDEXLIST"); - ldb.del("@ATTRIBUTES"); - ldb.del("@OPTIONS"); - ldb.del("@MODULES"); - ldb.del("@PARTITION"); - ldb.del("@KLUDGEACL"); - - /* and the rest */ - attrs = new Array("dn"); - var basedn = ""; - var res = ldb.search("(&(|(objectclass=*)(distinguishedName=*))(!([EMAIL PROTECTED])))", basedn, ldb.SCOPE_SUBTREE, attrs); - var i; - if (res.error != 0) { - ldb_delete(info, ldb); - return; - } - for (i=0;i<res.msgs.length;i++) { - ldb.del(res.msgs[i].dn); - } - - var res = ldb.search("(&(|(objectclass=*)(distinguishedName=*))(!([EMAIL PROTECTED])))", basedn, ldb.SCOPE_SUBTREE, attrs); - if (res.error != 0 || res.msgs.length != 0) { - ldb_delete(info, ldb); - return; - } - assert(res.msgs.length == 0); -} - -/* - erase an ldb, removing all records -*/ -function ldb_erase_partitions(info, ldb, ldapbackend) -{ - var rootDSE_attrs = new Array("namingContexts"); - var lp = loadparm_init(); - var j; - - var res = ldb.search("(objectClass=*)", "", ldb.SCOPE_BASE, rootDSE_attrs); - if (res.error != 0) { - info.message("rootdse search failed: " + res.errstr + "\n"); - assert(res.error == 0); - } - assert(res.msgs.length == 1); - if (typeof(res.msgs[0].namingContexts) == "undefined") { - return; - } - for (j=0; j<res.msgs[0].namingContexts.length; j++) { - var anything = "(|(objectclass=*)(distinguishedName=*))"; - var attrs = new Array("distinguishedName"); - var basedn = res.msgs[0].namingContexts[j]; - var k; - var previous_remaining = 1; - var current_remaining = 0; - - if (ldapbackend && (basedn == info.subobj.DOMAINDN)) { - /* Only delete objects that were created by provision */ - anything = "(objectcategory=*)"; - } - - for (k=0; k < 10 && (previous_remaining != current_remaining); k++) { - /* and the rest */ - var res2 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs); - var i; - if (res2.error != 0) { - if (res2.error == 32) { - break; - } else { - info.message("ldb search(2) failed: " + res2.errstr + "\n"); - continue; - } - } - previous_remaining = current_remaining; - current_remaining = res2.msgs.length; - for (i=0;i<res2.msgs.length;i++) { - ldb.del(res2.msgs[i].dn); - } - - var res3 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs); - if (res3.error != 0) { - info.message("ldb search(3) failed: " + res3.errstr + "\n"); - continue; - } - if (res3.msgs.length != 0) { - info.message("Failed to delete all records under " + basedn + ", " + res3.msgs.length + " records remaining\n"); - } - } - } -} - -function open_ldb(info, dbname, erase) -{ - var ldb = ldb_init(); - ldb.session_info = info.session_info; - ldb.credentials = info.credentials; - ldb.filename = dbname; - - var connect_ok = ldb.connect(dbname); - if (!connect_ok) { - var lp = loadparm_init(); - sys.unlink(sprintf("%s/%s", lp.get("private dir"), dbname)); - connect_ok = ldb.connect(dbname); - assert(connect_ok); - } - - ldb.transaction_start(); - - if (erase) { - ldb_erase(info, ldb); - } - return ldb; -} - - -/* - setup a ldb in the private dir - */ -function setup_add_ldif(ldif, info, ldb, failok) -{ - var lp = loadparm_init(); - var src = lp.get("setup directory") + "/" + ldif; - - var data = sys.file_load(src); - data = substitute_var(data, info.subobj); - - var add_res = ldb.add(data); - if (add_res.error != 0) { - info.message("ldb load failed: " + add_res.errstr + "\n"); - if (!failok) { - assert(add_res.error == 0); - } - } - return (add_res.error == 0); -} - -function setup_modify_ldif(ldif, info, ldb, failok) -{ - var lp = loadparm_init(); - var src = lp.get("setup directory") + "/" + ldif; - - var data = sys.file_load(src); - data = substitute_var(data, info.subobj); - - var mod_res = ldb.modify(data); - if (mod_res.error != 0) { - info.message("ldb load failed: " + mod_res.errstr + "\n"); - if (!failok) { - assert(mod_res.error == 0); - } - } - return (mod_res.error == 0); -} - - -function setup_ldb(ldif, info, dbname) -{ - var erase = true; - var failok = false; - - if (arguments.length >= 4) { - erase = arguments[3]; - } - if (arguments.length == 5) { - failok = arguments[4]; - } - var ldb = open_ldb(info, dbname, erase); - if (setup_add_ldif(ldif, info, ldb, failok)) { - var commit_ok = ldb.transaction_commit(); - if (!commit_ok) { - info.message("ldb commit failed: " + ldb.errstring() + "\n"); - assert(commit_ok); - } - } -} - -/* - setup a ldb in the private dir - */ -function setup_ldb_modify(ldif, info, ldb) -{ - var lp = loadparm_init(); - - var src = lp.get("setup directory") + "/" + ldif; - - var data = sys.file_load(src); - data = substitute_var(data, info.subobj); - - var mod_res = ldb.modify(data); - if (mod_res.error != 0) { - info.message("ldb load failed: " + mod_res.errstr + "\n"); - return (mod_res.error == 0); - } - return (mod_res.error == 0); -} - -/* - setup a file in the private dir - */ -function setup_file(template, message, fname, subobj) -{ - var lp = loadparm_init(); - var f = fname; - var src = lp.get("setup directory") + "/" + template; - - if (! sys.stat(src)) { - message("Template file not found: %s\n",src); - assert(0); - } - - sys.unlink(f); - - var data = sys.file_load(src); - data = substitute_var(data, subobj); - - ok = sys.file_save(f, data); - if (!ok) { - message("failed to create file: " + f + "\n"); - assert(ok); - } -} - -function provision_default_paths(subobj) -{ - /* subobj.DNSDOMAIN isn't available at this point */ - var dnsdomain = strlower(subobj.REALM); - var lp = loadparm_init(); - var paths = new Object(); - paths.smbconf = lp.filename() - paths.shareconf = lp.get("private dir") + "/" + "share.ldb"; - paths.samdb = lp.get("sam database"); - paths.idmapdb = lp.get("idmap database"); - paths.secrets = lp.get("secrets database"); - paths.templates = lp.get("private dir") + "/" + "templates.ldb"; - paths.keytab = "secrets.keytab"; - paths.dns_keytab = "dns.keytab"; - paths.dns_keytab_abs = lp.get("private dir") + "/" + paths.dns_keytab; - paths.dns = lp.get("private dir") + "/" + dnsdomain + ".zone"; - paths.named_conf = lp.get("private dir") + "/named.conf"; - paths.winsdb = "wins.ldb"; - paths.ldapdir = lp.get("private dir") + "/ldap"; - - paths.s4_ldapi_socket = lp.get("private dir") + "/ldapi"; - paths.phpldapadminconfig = lp.get("private dir") + "/phpldapadmin-config.php"; - - paths.sysvol = lp.get("sysvol", "path"); - - if (paths.sysvol == undefined) { - paths.sysvol = lp.get("lock dir") + "/sysvol"; - } - - paths.netlogon = lp.get("netlogon", "path"); - - if (paths.netlogon == undefined) { - paths.netlogon = paths.sysvol + "/" + dnsdomain + "/scripts"; - } - - return paths; -} - - -/* - setup reasonable name mappings for sam names to unix names -*/ -function setup_name_mappings(info, ldb) -{ - var lp = loadparm_init(); - var attrs = new Array("objectSid"); - var subobj = info.subobj; - - res = ldb.search("objectSid=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs); - assert(res.error == 0); - assert(res.msgs.length == 1 && res.msgs[0].objectSid != undefined); - var sid = res.msgs[0].objectSid; - - /* add some foreign sids if they are not present already */ - add_foreign(ldb, subobj, "S-1-5-7", "Anonymous"); - add_foreign(ldb, subobj, "S-1-1-0", "World"); - add_foreign(ldb, subobj, "S-1-5-2", "Network"); - add_foreign(ldb, subobj, "S-1-5-18", "System"); - add_foreign(ldb, subobj, "S-1-5-11", "Authenticated Users"); - - /* some well known sids */ - setup_name_mapping(info, ldb, "S-1-5-7", subobj.NOBODY); - setup_name_mapping(info, ldb, "S-1-1-0", subobj.NOGROUP); - setup_name_mapping(info, ldb, "S-1-5-2", subobj.NOGROUP); - setup_name_mapping(info, ldb, "S-1-5-18", subobj.ROOT); - setup_name_mapping(info, ldb, "S-1-5-11", subobj.USERS); - setup_name_mapping(info, ldb, "S-1-5-32-544", subobj.WHEEL); - setup_name_mapping(info, ldb, "S-1-5-32-545", subobj.USERS); - setup_name_mapping(info, ldb, "S-1-5-32-546", subobj.NOGROUP); - setup_name_mapping(info, ldb, "S-1-5-32-551", subobj.BACKUP); - - /* and some well known domain rids */ - setup_name_mapping(info, ldb, sid + "-500", subobj.ROOT); - setup_name_mapping(info, ldb, sid + "-518", subobj.WHEEL); - setup_name_mapping(info, ldb, sid + "-519", subobj.WHEEL); - setup_name_mapping(info, ldb, sid + "-512", subobj.WHEEL); - setup_name_mapping(info, ldb, sid + "-513", subobj.USERS); - setup_name_mapping(info, ldb, sid + "-520", subobj.WHEEL); - - return true; -} - -function provision_fix_subobj(subobj, paths) -{ - var ldb = ldb_init(); - - subobj.REALM = strupper(subobj.REALM); - subobj.HOSTNAME = strlower(subobj.HOSTNAME); - subobj.DOMAIN = strupper(subobj.DOMAIN); - subobj.NETBIOSNAME = strupper(subobj.HOSTNAME); - subobj.DNSDOMAIN = strlower(subobj.REALM); - subobj.DNSNAME = sprintf("%s.%s", - strlower(subobj.HOSTNAME), - subobj.DNSDOMAIN); - var rdn_list = split(".", subobj.DNSDOMAIN); - subobj.DOMAINDN = "DC=" + join(",DC=", rdn_list); - subobj.ROOTDN = subobj.DOMAINDN; - subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN; - subobj.SCHEMADN = "CN=Schema," + subobj.CONFIGDN; - - subobj.MACHINEPASS_B64 = ldb.encode(subobj.MACHINEPASS); - subobj.KRBTGTPASS_B64 = ldb.encode(subobj.KRBTGTPASS); - subobj.ADMINPASS_B64 = ldb.encode(subobj.ADMINPASS); - subobj.DNSPASS_B64 = ldb.encode(subobj.DNSPASS); - - subobj.SAM_LDB = "tdb://" + paths.samdb; - subobj.SECRETS_KEYTAB = paths.keytab; - subobj.DNS_KEYTAB = paths.dns_keytab; - subobj.DNS_KEYTAB_ABS = paths.dns_keytab_abs; - - subobj.LDAPDIR = paths.ldapdir; - var ldap_path_list = split("/", paths.ldapdir); -- Samba Shared Repository