The branch, master has been updated via 2cf83f7 samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2 via 3c51e18 samba_upgradeprovision: Do not update privileges.ldb any more (unchanged since 2009) via 396df64 scripting: Make tdb_copy a common util function in samba.tdb_util via 2c2759e scripting: Make tdb_copy use the python subprocess module from 06780ae samba_upgradeprovision: Remove options to fix FS ACLs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 2cf83f7c645e4b216cf6f23857fd72ec0e6ca7a6 Author: Andrew Bartlett <abart...@samba.org> Date: Sun Feb 17 18:15:52 2013 +1100 samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2 This is really important, because copying a file will both ignore locks held by another process and break any locks we hold (due to POSIX brain-damage regarding multiple fds on one file in a process). By leaving this to tdbbackup in a child, both of these issues are avoided. Andrew Bartlett Reviewed-by: Matthieu Patou <m...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Tue Feb 19 07:48:18 CET 2013 on sn-devel-104 commit 3c51e18a0cd1cb4b54cd29e312abd7cc2c0fbc98 Author: Andrew Bartlett <abart...@samba.org> Date: Sun Feb 17 18:41:00 2013 +1100 samba_upgradeprovision: Do not update privileges.ldb any more (unchanged since 2009) This update was only a total oblitoration of the existing database and not a merge, and the shutil.copy would both disregard and break locks on the database that are held at this point. Andrew Bartlett Reviewed-by: Matthieu Patou <m...@samba.org> commit 396df64ef6f2c66c35989ecda3e564d5578fe9f3 Author: Andrew Bartlett <abart...@samba.org> Date: Sun Feb 17 18:14:06 2013 +1100 scripting: Make tdb_copy a common util function in samba.tdb_util This will allow samba_upgradeprovision to also call it. Andrew Bartlett Reviewed-by: Matthieu Patou <m...@samba.org> commit 2c2759e408d9c45c2aee0c2578f45edd246afec3 Author: Andrew Bartlett <abart...@samba.org> Date: Sun Feb 17 17:57:42 2013 +1100 scripting: Make tdb_copy use the python subprocess module This makes the code more robust to spaces in the file names (etc). Andrew Bartlett Reviewed-by: Matthieu Patou <m...@samba.org> ----------------------------------------------------------------------- Summary of changes: source4/scripting/bin/samba_upgradeprovision | 51 ++++++++----------- .../scripting/python/samba/provision/sambadns.py | 23 +-------- source4/scripting/python/samba/tdb_util.py | 41 ++++++++++++++++ 3 files changed, 66 insertions(+), 49 deletions(-) create mode 100644 source4/scripting/python/samba/tdb_util.py Changeset truncated at 500 lines: diff --git a/source4/scripting/bin/samba_upgradeprovision b/source4/scripting/bin/samba_upgradeprovision index 570f783..25c3ac2 100755 --- a/source4/scripting/bin/samba_upgradeprovision +++ b/source4/scripting/bin/samba_upgradeprovision @@ -40,6 +40,7 @@ import samba.getopt as options from base64 import b64encode from samba.credentials import DONT_USE_KERBEROS from samba.auth import system_session, admin_session +from samba import tdb_util from ldb import (SCOPE_SUBTREE, SCOPE_BASE, FLAG_MOD_REPLACE, FLAG_MOD_ADD, FLAG_MOD_DELETE, MessageElement, Message, Dn, LdbError) @@ -1470,7 +1471,7 @@ def simple_update_basesamdb(newpaths, paths, names): :param names: List of key provision parameters""" message(SIMPLE, "Copy samdb") - shutil.copy(newpaths.samdb, paths.samdb) + tdb_util.tdb_copy(newpaths.samdb, paths.samdb) message(SIMPLE, "Update partitions filename if needed") schemaldb = os.path.join(paths.private_dir, "schema.ldb") @@ -1482,31 +1483,19 @@ def simple_update_basesamdb(newpaths, paths, names): os.mkdir(samldbdir) os.chmod(samldbdir, 0700) if os.path.isfile(schemaldb): - shutil.copy(schemaldb, os.path.join(samldbdir, + tdb_util.tdb_copy(schemaldb, os.path.join(samldbdir, "%s.ldb"%str(names.schemadn).upper())) os.remove(schemaldb) if os.path.isfile(usersldb): - shutil.copy(usersldb, os.path.join(samldbdir, + tdb_util.tdb_copy(usersldb, os.path.join(samldbdir, "%s.ldb"%str(names.rootdn).upper())) os.remove(usersldb) if os.path.isfile(configldb): - shutil.copy(configldb, os.path.join(samldbdir, + tdb_util.tdb_copy(configldb, os.path.join(samldbdir, "%s.ldb"%str(names.configdn).upper())) os.remove(configldb) -def update_privilege(ref_private_path, cur_private_path): - """Update the privilege database - - :param ref_private_path: Path to the private directory of the reference - provision. - :param cur_private_path: Path to the private directory of the current - (and to be updated) provision.""" - message(SIMPLE, "Copy privilege") - shutil.copy(os.path.join(ref_private_path, "privilege.ldb"), - os.path.join(cur_private_path, "privilege.ldb")) - - def update_samdb(ref_samdb, samdb, names, provisionUSNs, schema, prereloadfunc): """Upgrade the SAM DB contents for all the provision partitions @@ -1543,12 +1532,12 @@ def backup_provision(paths, dir, only_db): """ if paths.sysvol and not only_db: copytree_with_xattrs(paths.sysvol, os.path.join(dir, "sysvol")) - shutil.copy2(paths.samdb, dir) - shutil.copy2(paths.secrets, dir) - shutil.copy2(paths.idmapdb, dir) - shutil.copy2(paths.privilege, dir) + tdb_util.tdb_copy(paths.samdb, os.path.join(dir, os.path.basename(paths.samdb))) + tdb_util.tdb_copy(paths.secrets, os.path.join(dir, os.path.basename(paths.secrets))) + tdb_util.tdb_copy(paths.idmapdb, os.path.join(dir, os.path.basename(paths.idmapdb))) + tdb_util.tdb_copy(paths.privilege, os.path.join(dir, os.path.basename(paths.privilege))) if os.path.isfile(os.path.join(paths.private_dir,"eadb.tdb")): - shutil.copy2(os.path.join(paths.private_dir,"eadb.tdb"), dir) + tdb_util.tdb_copy(os.path.join(paths.private_dir,"eadb.tdb"), os.path.join(dir, "eadb.tdb")) shutil.copy2(paths.smbconf, dir) shutil.copy2(os.path.join(paths.private_dir,"secrets.keytab"), dir) @@ -1558,11 +1547,15 @@ def backup_provision(paths, dir, only_db): schemaldb = os.path.join(paths.private_dir, "schema.ldb") configldb = os.path.join(paths.private_dir, "configuration.ldb") usersldb = os.path.join(paths.private_dir, "users.ldb") - shutil.copy2(schemaldb, dir) - shutil.copy2(usersldb, dir) - shutil.copy2(configldb, dir) + tdb_util.tdb_copy(schemaldb, os.path.join(dir, "schema.ldb")) + tdb_util.tdb_copy(usersldb, os.path.join(dir, "configuration.ldb")) + tdb_util.tdb_copy(configldb, os.path.join(dir, "users.ldb")) else: - shutil.copytree(samldbdir, os.path.join(dir, "sam.ldb.d")) + os.mkdir(os.path.join(dir, "sam.ldb.d"), 0700) + + for ldb in os.listdir(samldbdir): + tdb_util.tdb_copy(os.path.join(samldbdir, ldb), + os.path.join(dir, "sam.ldb.d", ldb)) def sync_calculated_attributes(samdb, names): @@ -1593,8 +1586,9 @@ def sync_calculated_attributes(samdb, names): # 6) get reference provision paths # 7) open reference provision ldbs # 8) setup helpers data that will help the update process -# 9) update the privilege ldb by copying the one of referecence provision to -# the current provision +# 9) (SKIPPED) we no longer update the privilege ldb by copying the one of referecence provision to +# the current provision, because a shutil.copy would break the transaction locks both databases are under +# and this database has not changed between 2009 and Samba 4.0.3 in Feb 2013 (at least) # 10)get the oemInfo field, this field contains information about the different # provision that have been done # 11)Depending on whether oemInfo has the string "alpha9" or alphaxx (x as an @@ -1816,8 +1810,7 @@ if __name__ == '__main__': populate_links(new_ldbs.sam, names.schemadn) # List of attribute with ASN DN synthax) populate_dnsyntax(new_ldbs.sam, names.schemadn) - # 9) - update_privilege(newpaths.private_dir, paths.private_dir) + # 9) (now skipped, was copy of privileges.ldb) # 10) oem = getOEMInfo(ldbs.sam, str(names.rootdn)) # Do some modification on sam.ldb diff --git a/source4/scripting/python/samba/provision/sambadns.py b/source4/scripting/python/samba/provision/sambadns.py index 740dd38..4522683 100644 --- a/source4/scripting/python/samba/provision/sambadns.py +++ b/source4/scripting/python/samba/provision/sambadns.py @@ -27,6 +27,7 @@ import time import ldb from base64 import b64encode import samba +from samba.tdb_util import tdb_copy from samba.ndr import ndr_pack, ndr_unpack from samba import setup_file from samba.dcerpc import dnsp, misc, security @@ -738,22 +739,6 @@ def create_zone_file(lp, logger, paths, targetdir, dnsdomain, os.system(rndc + " unfreeze " + lp.get("realm")) -def tdb_copy(logger, file1, file2): - """Copy tdb file using tdbbackup utility and rename it - """ - # Find the location of tdbbackup tool - dirs = ["bin", samba.param.bin_dir()] + os.getenv('PATH').split(os.pathsep) - for d in dirs: - toolpath = os.path.join(d, "tdbbackup") - if os.path.exists(toolpath): - break - status = os.system("%s -s '.dns' %s" % (toolpath, file1)) - if status == 0: - os.rename("%s.dns" % file1, file2) - else: - raise Exception("Error copying %s" % file1) - - def create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid): """Create a copy of samdb and give write permissions to named for dns partitions """ @@ -816,13 +801,11 @@ def create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid): # Copy root, config, schema partitions (and any other if any) # Since samdb is open in the current process, copy them in a child process try: - tdb_copy(logger, - os.path.join(private_dir, "sam.ldb"), + tdb_copy(os.path.join(private_dir, "sam.ldb"), os.path.join(dns_dir, "sam.ldb")) for nc in partfile: pfile = partfile[nc] - tdb_copy(logger, - os.path.join(private_dir, pfile), + tdb_copy(os.path.join(private_dir, pfile), os.path.join(dns_dir, pfile)) except: logger.error( diff --git a/source4/scripting/python/samba/tdb_util.py b/source4/scripting/python/samba/tdb_util.py new file mode 100644 index 0000000..d967434 --- /dev/null +++ b/source4/scripting/python/samba/tdb_util.py @@ -0,0 +1,41 @@ +# Unix SMB/CIFS implementation. +# tdb util helpers +# +# Copyright (C) Kai Blin <k...@samba.org> 2011 +# Copyright (C) Amitay Isaacs <ami...@gmail.com> 2011 +# Copyright (C) Andrew Bartlett <abart...@samba.org> 2013 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import samba +import subprocess +import os + +def tdb_copy(file1, file2): + """Copy tdb file using tdbbackup utility and rename it + """ + # Find the location of tdbbackup tool + dirs = ["bin", samba.param.bin_dir()] + os.getenv('PATH').split(os.pathsep) + for d in dirs: + toolpath = os.path.join(d, "tdbbackup") + if os.path.exists(toolpath): + break + + tdbbackup_cmd = [toolpath, "-s", ".copy.tdb", file1] + status = subprocess.call(tdbbackup_cmd, close_fds=True, shell=False) + + if status == 0: + os.rename("%s.copy.tdb" % file1, file2) + else: + raise Exception("Error copying %s" % file1) -- Samba Shared Repository