search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
gpoupdate: Do not DEBUG(0) every scan interval
[Samba.git] / source4 / dsdb / gpo / gpo_update.c
blobef0f3ff218c5c90cc97ee062f2aca5c284070249
1 /*
2 Unix SMB/CIFS mplementation.
3 GPO update service
4
5 Copyright (C) Luke Morrison 2013
6
7 Inspired by dns_updates.c written by Andrew Trigell 2009
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/
21
22 */
23
24 #include "includes.h"
25 #include "dsdb/samdb/samdb.h"
26 #include "auth/auth.h"
27 #include "smbd/service.h"
28 #include "lib/messaging/irpc.h"
29 #include "param/param.h"
30 #include "system/filesys.h"
31 #include "dsdb/common/util.h"
32 #include "libcli/composite/composite.h"
33 #include "libcli/security/dom_sid.h"
34 #include "librpc/gen_ndr/ndr_irpc.h"
35 #include "libds/common/roles.h"
36
37 struct gpoupdate_service {
38 struct auth_session_info *system_session_info;
39 struct task_server *task;
40
41 /* status for periodic sysvol/GPO scan update - >sysvscan */
42 struct {
43 uint32_t interval;
44 struct tevent_timer *te;
45 struct tevent_req *subreq;
46 NTSTATUS status;
47 } sysvscan;
48 };
49
50 /*
51 Called when the sysvol scan has finished
52 */
53 static void gpoupdate_sysvscan_done(struct tevent_req *subreq)
54 {
55 struct gpoupdate_service *service = tevent_req_callback_data(subreq,
56 struct
57 gpoupdate_service);
58 int ret;
59 int sys_errno;
60
61 service->sysvscan.subreq = NULL;
62
63 ret = samba_runcmd_recv(subreq, &sys_errno);
64 TALLOC_FREE(subreq);
65 if (ret != 0) {
66 service->sysvscan.status =
67 map_nt_error_from_unix_common(sys_errno);
68 } else {
69 service->sysvscan.status = NT_STATUS_OK;
70 }
71
72 if (!NT_STATUS_IS_OK(service->sysvscan.status)) {
73 DEBUG(0, (__location__ ": Failed GPO update - %s\n",
74 nt_errstr(service->sysvscan.status)));
75 } else {
76 DEBUG(3, ("Completed GPO update check OK\n"));
77 }
78 }
79
80 static NTSTATUS gpoupdate_sysvscan_schedule(struct gpoupdate_service *service);
81
82 static void gpoupdate_scan_apply(struct gpoupdate_service *service);
83
84 static void gpoupdate_sysvscan_handler_te(struct tevent_context *ev,
85 struct tevent_timer *te,
86 struct timeval t, void *ptr)
87 {
88 struct gpoupdate_service *service =
89 talloc_get_type(ptr, struct gpoupdate_service);
90
91 gpoupdate_scan_apply(service);
92 gpoupdate_sysvscan_schedule(service);
93 }
94
95 static NTSTATUS gpoupdate_sysvscan_schedule(struct gpoupdate_service *service)
96 {
97 /* For the moment the interval is hard coded to 5 sec */
98 service->sysvscan.te =
99 tevent_add_timer(service->task->event_ctx, service,
100 timeval_current_ofs(service->sysvscan.interval, 0),
101 gpoupdate_sysvscan_handler_te, service);
102 NT_STATUS_HAVE_NO_MEMORY(service->sysvscan.te);
103 return NT_STATUS_OK;
104 }
105
106 static void gpoupdate_scan_apply(struct gpoupdate_service *service)
107 {
108 const char *const *gpo_update_command =
109 lpcfg_gpo_update_command(service->task->lp_ctx);
110 const char *smbconf = lpcfg_configfile(service->task->lp_ctx);
111 /* /home/john/samba/samba/source4/scripting/bin/gpoupdate */
112 TALLOC_FREE(service->sysvscan.subreq);
113 DEBUG(3, ("Calling GPO update script\n"));
114 service->sysvscan.subreq = samba_runcmd_send(service,
115 service->task->event_ctx,
116 timeval_current_ofs(20, 0),
117 2, 0,
118 gpo_update_command,
119 smbconf, NULL);
120 if (service->sysvscan.subreq == NULL) {
121 DEBUG(0,
122 (__location__
123 ": samba_runcmd_send() failed with no memory\n"));
124 return;
125 }
126 tevent_req_set_callback(service->sysvscan.subreq,
127 gpoupdate_sysvscan_done, service);
128 }
129
130 static void gpoupdate_task_init(struct task_server *task)
131 {
132 NTSTATUS status;
133 struct gpoupdate_service *service;
134
135 if (lpcfg_server_role(task->lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC) {
136 /* not useful for non-DC */
137 return;
138 }
139
140 task_server_set_title(task, "task[gpoupdate]");
141
142 service = talloc_zero(task, struct gpoupdate_service);
143 if (!service) {
144 task_server_terminate(task,
145 "gpoupdate_task_init: out of memory",
146 true);
147 return;
148 }
149 service->task = task;
150 task->private_data = service;
151
152 service->system_session_info = system_session(service->task->lp_ctx);
153 if (!service->system_session_info) {
154 task_server_terminate(task,
155 "gpoupdate: Failed to obtain server credentials\n",
156 true);
157 return;
158 }
159
160 service->sysvscan.interval = lpcfg_parm_int(task->lp_ctx, NULL, "gpoupdate", "config interval", 900); /* in seconds */
161 status = gpoupdate_sysvscan_schedule(service);
162 if (!NT_STATUS_IS_OK(status)) {
163 task_server_terminate(task, talloc_asprintf(task,
164 "gpoupdate: Failed to update sysvol scan schedule: %s\n",
165 nt_errstr(status)),
166 true);
167 return;
168 }
169 }
170
171 NTSTATUS server_service_gpoupdate_init(TALLOC_CTX *ctx);
172
173 /*
174 register ourselves as a available server
175 */
176 NTSTATUS server_service_gpoupdate_init(TALLOC_CTX *ctx)
177 {
178 struct service_details details = {
179 .inhibit_fork_on_accept = true,
180 .inhibit_pre_fork = true
181 };
182 return register_server_service(ctx, "gpoupdate",
183 gpoupdate_task_init,
184 &details);
185 }
Samba GIT mirror