search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
vfs_ceph_new: Remove unused symbol for ceph_readdir
[Samba.git] / source4 / param / provision.c
bloba084aec08e26052960950e56b0ab740e079b8528
1 /*
2 Unix SMB/CIFS implementation.
3 Samba utility functions
4 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008-2009
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "lib/replace/system/python.h"
22 #include "python/py3compat.h"
23 #include <ldb.h>
24 #include <pyldb.h>
25 #include "includes.h"
26 #include "librpc/ndr/libndr.h"
27 #include "param/provision.h"
28 #include "param/secrets.h"
29 #include <pytalloc.h>
30 #include "python/modules.h"
31 #include "param/pyparam.h"
32 #include "dynconfig/dynconfig.h"
33
34 static bool dict_insert(PyObject* dict,
35 const char* key,
36 PyObject* value)
37 {
38 if (value == NULL) {
39 return false;
40 }
41 if (PyDict_SetItemString(dict, key, value) == -1) {
42 Py_XDECREF(value);
43 return false;
44 }
45 Py_XDECREF(value);
46 return true;
47 }
48
49 static PyObject *provision_module(void)
50 {
51 PyObject *name = PyUnicode_FromString("samba.provision");
52 PyObject *mod = NULL;
53 if (name == NULL)
54 return NULL;
55 mod = PyImport_Import(name);
56 Py_CLEAR(name);
57 return mod;
58 }
59
60 static PyObject *schema_module(void)
61 {
62 PyObject *name = PyUnicode_FromString("samba.schema");
63 PyObject *mod = NULL;
64 if (name == NULL)
65 return NULL;
66 mod = PyImport_Import(name);
67 Py_CLEAR(name);
68 return mod;
69 }
70
71 static PyObject *ldb_module(void)
72 {
73 PyObject *name = PyUnicode_FromString("ldb");
74 PyObject *mod = NULL;
75 if (name == NULL)
76 return NULL;
77 mod = PyImport_Import(name);
78 Py_CLEAR(name);
79 return mod;
80 }
81
82 static PyObject *PyLdb_FromLdbContext(struct ldb_context *ldb_ctx)
83 {
84 PyLdbObject *ret;
85 PyObject *ldb_mod = ldb_module();
86 PyTypeObject *ldb_ctx_type;
87 if (ldb_mod == NULL)
88 return NULL;
89
90 ldb_ctx_type = (PyTypeObject *)PyObject_GetAttrString(ldb_mod, "Ldb");
91
92 ret = (PyLdbObject *)ldb_ctx_type->tp_alloc(ldb_ctx_type, 0);
93 if (ret == NULL) {
94 PyErr_NoMemory();
95 Py_XDECREF(ldb_ctx_type);
96 return NULL;
97 }
98 ret->mem_ctx = talloc_new(NULL);
99 ret->ldb_ctx = talloc_reference(ret->mem_ctx, ldb_ctx);
100 Py_XDECREF(ldb_ctx_type);
101 return (PyObject *)ret;
102 }
103
104 static PyObject *call_wrapper(PyObject *callable, PyObject *kwargs)
105 {
106 /*
107 * Helper for calls with zero non-keyword arguments.
108 */
109 PyObject *empty = PyTuple_New(0), *result = NULL;
110 SMB_ASSERT(empty);
111 result = PyObject_Call(callable, empty, kwargs);
112 Py_XDECREF(empty);
113 return result;
114 }
115
116 NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
117 struct provision_settings *settings,
118 struct provision_result *result)
119 {
120 const char *configfile;
121 PyObject *provision_mod = NULL, *provision_dict = NULL;
122 PyObject *provision_fn = NULL, *py_result = NULL;
123 PyObject *parameters = NULL, *py_lp_ctx = NULL, *py_domaindn = NULL;
124
125 struct ldb_context *samdb;
126 NTSTATUS status = NT_STATUS_OK;
127
128 DEBUG(0,("Provision for Become-DC test using python\n"));
129
130 Py_Initialize();
131 py_update_path(); /* Put the samba path at the start of sys.path */
132
133 provision_mod = provision_module();
134
135 if (provision_mod == NULL) {
136 PyErr_Print();
137 DEBUG(0, ("Unable to import provision Python module.\n"));
138 return NT_STATUS_UNSUCCESSFUL;
139 }
140
141 provision_dict = PyModule_GetDict(provision_mod);
142
143 if (provision_dict == NULL) {
144 DEBUG(0, ("Unable to get dictionary for provision module\n"));
145 return NT_STATUS_UNSUCCESSFUL;
146 }
147
148 provision_fn = PyDict_GetItemString(provision_dict, "provision_become_dc");
149 if (provision_fn == NULL) {
150 PyErr_Print();
151 DEBUG(0, ("Unable to get provision_become_dc function\n"));
152 return NT_STATUS_UNSUCCESSFUL;
153 }
154
155 DEBUG(0,("New Server in Site[%s]\n",
156 settings->site_name));
157
158 DEBUG(0,("DSA Instance [%s]\n"
159 "\tinvocationId[%s]\n",
160 settings->ntds_dn_str,
161 settings->invocation_id == NULL?"None":GUID_string(mem_ctx, settings->invocation_id)));
162
163 DEBUG(0,("Paths under targetdir[%s]\n",
164 settings->targetdir));
165 parameters = PyDict_New();
166
167 configfile = lpcfg_configfile(lp_ctx);
168 if (configfile != NULL) {
169 if (!dict_insert(parameters, "smbconf",
170 PyUnicode_FromString(configfile))) {
171 status = NT_STATUS_UNSUCCESSFUL;
172 goto out;
173 }
174 }
175
176 if (!dict_insert(parameters,
177 "rootdn",
178 PyUnicode_FromString(settings->root_dn_str))) {
179 status = NT_STATUS_UNSUCCESSFUL;
180 goto out;
181 }
182 if (settings->targetdir != NULL) {
183 if (!dict_insert(parameters,
184 "targetdir",
185 PyUnicode_FromString(settings->targetdir))) {
186 status = NT_STATUS_UNSUCCESSFUL;
187 goto out;
188 }
189 }
190 if (!dict_insert(parameters,
191 "hostname",
192 PyUnicode_FromString(settings->netbios_name))) {
193 status = NT_STATUS_UNSUCCESSFUL;
194 goto out;
195 }
196 if (!dict_insert(parameters,
197 "domain",
198 PyUnicode_FromString(settings->domain))) {
199 status = NT_STATUS_UNSUCCESSFUL;
200 goto out;
201 }
202 if (!dict_insert(parameters,
203 "realm",
204 PyUnicode_FromString(settings->realm))) {
205 status = NT_STATUS_UNSUCCESSFUL;
206 goto out;
207 }
208 if (settings->root_dn_str) {
209 if (!dict_insert(parameters,
210 "rootdn",
211 PyUnicode_FromString(settings->root_dn_str))) {
212 status = NT_STATUS_UNSUCCESSFUL;
213 goto out;
214 }
215 }
216
217 if (settings->domain_dn_str) {
218 if (!dict_insert(parameters,
219 "domaindn",
220 PyUnicode_FromString(settings->domain_dn_str))) {
221 status = NT_STATUS_UNSUCCESSFUL;
222 goto out;
223 }
224 }
225
226 if (settings->schema_dn_str) {
227 if (!dict_insert(parameters,
228 "schemadn",
229 PyUnicode_FromString(settings->schema_dn_str))) {
230 status = NT_STATUS_UNSUCCESSFUL;
231 goto out;
232 }
233 }
234 if (settings->config_dn_str) {
235 if (!dict_insert(parameters,
236 "configdn",
237 PyUnicode_FromString(settings->config_dn_str))) {
238 status = NT_STATUS_UNSUCCESSFUL;
239 goto out;
240 }
241 }
242 if (settings->server_dn_str) {
243 if (!dict_insert(parameters,
244 "serverdn",
245 PyUnicode_FromString(settings->server_dn_str))) {
246 status = NT_STATUS_UNSUCCESSFUL;
247 goto out;
248 }
249 }
250 if (settings->site_name) {
251 if (!dict_insert(parameters,
252 "sitename",
253 PyUnicode_FromString(settings->site_name))) {
254 status = NT_STATUS_UNSUCCESSFUL;
255 goto out;
256 }
257 }
258
259 if (!dict_insert(parameters,
260 "machinepass",
261 PyUnicode_FromString(settings->machine_password))){
262 status = NT_STATUS_UNSUCCESSFUL;
263 goto out;
264 }
265
266 if (!dict_insert(parameters,
267 "debuglevel",
268 PyLong_FromLong(DEBUGLEVEL))) {
269 status = NT_STATUS_UNSUCCESSFUL;
270 goto out;
271 }
272
273 if (!dict_insert(parameters,
274 "use_ntvfs",
275 PyLong_FromLong(settings->use_ntvfs))) {
276 status = NT_STATUS_UNSUCCESSFUL;
277 goto out;
278 }
279
280 py_result = call_wrapper(provision_fn, parameters);
281
282 if (py_result == NULL) {
283 status = NT_STATUS_UNSUCCESSFUL;
284 goto out;
285 }
286
287 py_domaindn = PyObject_GetAttrString(py_result, "domaindn");
288 result->domaindn = talloc_strdup(mem_ctx, PyUnicode_AsUTF8(py_domaindn));
289
290 /* FIXME paths */
291 py_lp_ctx = PyObject_GetAttrString(py_result, "lp");
292 if (py_lp_ctx == NULL) {
293 DEBUG(0, ("Missing 'lp' attribute\n"));
294 status = NT_STATUS_UNSUCCESSFUL;
295 goto out;
296 }
297 result->lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
298
299 samdb = pyldb_Ldb_AsLdbContext(PyObject_GetAttrString(py_result, "samdb"));
300 if (samdb == NULL) {
301 DEBUG(0, ("Missing 'samdb' attribute\n"));
302 status = NT_STATUS_UNSUCCESSFUL;
303 goto out;
304 }
305 result->samdb = samdb;
306 status = NT_STATUS_OK;
307 out:
308 Py_CLEAR(parameters);
309 Py_CLEAR(provision_mod);
310 Py_CLEAR(provision_fn);
311 Py_CLEAR(provision_dict);
312 Py_CLEAR(py_result);
313 Py_CLEAR(py_lp_ctx);
314 Py_CLEAR(py_domaindn);
315 if (!NT_STATUS_IS_OK(status)) {
316 PyErr_Print();
317 PyErr_Clear();
318 }
319 return status;
320 }
321
322 static PyObject *py_dom_sid_FromSid(struct dom_sid *sid)
323 {
324 PyObject *mod_security = NULL, *dom_sid_Type = NULL, *result = NULL;
325
326 mod_security = PyImport_ImportModule("samba.dcerpc.security");
327 if (mod_security == NULL) {
328 return NULL;
329 }
330
331 dom_sid_Type = PyObject_GetAttrString(mod_security, "dom_sid");
332 if (dom_sid_Type == NULL) {
333 Py_DECREF(mod_security);
334 return NULL;
335 }
336
337 result = pytalloc_reference((PyTypeObject *)dom_sid_Type, sid);
338 Py_DECREF(mod_security);
339 Py_DECREF(dom_sid_Type);
340 return result;
341 }
342
343 NTSTATUS provision_store_self_join(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
344 struct tevent_context *event_ctx,
345 struct provision_store_self_join_settings *settings,
346 const char **error_string)
347 {
348 int ret;
349 PyObject *provision_mod = NULL, *provision_dict = NULL;
350 PyObject *provision_fn = NULL, *py_result = NULL;
351 PyObject *parameters = NULL;
352 struct ldb_context *ldb = NULL;
353 TALLOC_CTX *tmp_mem = talloc_new(mem_ctx);
354
355 NTSTATUS status = NT_STATUS_OK;
356 *error_string = NULL;
357
358 if (!tmp_mem) {
359 status = NT_STATUS_UNSUCCESSFUL;
360 goto out;
361 }
362
363 /* Create/Open the secrets database */
364 ldb = secrets_db_create(tmp_mem, lp_ctx);
365 if (!ldb) {
366 *error_string
367 = talloc_asprintf(mem_ctx,
368 "Could not open secrets database");
369 status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
370 goto out;
371 }
372
373 ret = ldb_transaction_start(ldb);
374
375 if (ret != LDB_SUCCESS) {
376 *error_string
377 = talloc_asprintf(mem_ctx,
378 "Could not start transaction on secrets database: %s", ldb_errstring(ldb));
379 status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
380 goto out;
381 }
382
383 Py_Initialize();
384 py_update_path(); /* Put the samba path at the start of sys.path */
385 provision_mod = provision_module();
386
387 if (provision_mod == NULL) {
388 *error_string
389 = talloc_asprintf(mem_ctx, "Unable to import provision Python module.");
390 status = NT_STATUS_UNSUCCESSFUL;
391 goto out;
392 }
393
394 provision_dict = PyModule_GetDict(provision_mod);
395
396 if (provision_dict == NULL) {
397 *error_string
398 = talloc_asprintf(mem_ctx, "Unable to get dictionary for provision module");
399 status = NT_STATUS_UNSUCCESSFUL;
400 goto out;
401 }
402
403 provision_fn = PyDict_GetItemString(provision_dict, "secretsdb_self_join");
404 if (provision_fn == NULL) {
405 *error_string
406 = talloc_asprintf(mem_ctx, "Unable to get provision_become_dc function");
407 status = NT_STATUS_UNSUCCESSFUL;
408 goto out;
409 }
410
411 parameters = PyDict_New();
412
413 if(!dict_insert(parameters,
414 "secretsdb",
415 PyLdb_FromLdbContext(ldb))){
416 status = NT_STATUS_UNSUCCESSFUL;
417 goto out;
418 }
419 if (!dict_insert(parameters,
420 "domain",
421 PyUnicode_FromString(settings->domain_name))) {
422 status = NT_STATUS_UNSUCCESSFUL;
423 goto out;
424 }
425 if (settings->realm != NULL) {
426 if (!dict_insert(parameters,
427 "realm",
428 PyUnicode_FromString(settings->realm))) {
429 status = NT_STATUS_UNSUCCESSFUL;
430 goto out;
431 }
432 }
433 if (!dict_insert(parameters,
434 "machinepass",
435 PyUnicode_FromString(settings->machine_password))) {
436 status = NT_STATUS_UNSUCCESSFUL;
437 goto out;
438 }
439 if (!dict_insert(parameters,
440 "netbiosname",
441 PyUnicode_FromString(settings->netbios_name))) {
442 status = NT_STATUS_UNSUCCESSFUL;
443 goto out;
444 }
445
446
447 if (!dict_insert(parameters,
448 "domainsid",
449 py_dom_sid_FromSid(settings->domain_sid))) {
450 status = NT_STATUS_UNSUCCESSFUL;
451 goto out;
452 }
453
454 if (!dict_insert(parameters,
455 "secure_channel_type",
456 PyLong_FromLong(settings->secure_channel_type))) {
457 status = NT_STATUS_UNSUCCESSFUL;
458 goto out;
459 }
460
461 if (!dict_insert(parameters,
462 "key_version_number",
463 PyLong_FromLong(settings->key_version_number))) {
464 status = NT_STATUS_UNSUCCESSFUL;
465 goto out;
466 }
467
468 py_result = call_wrapper(provision_fn, parameters);
469
470 if (py_result == NULL) {
471 ldb_transaction_cancel(ldb);
472 status = NT_STATUS_UNSUCCESSFUL;
473 goto out;
474 }
475
476 ret = ldb_transaction_commit(ldb);
477 if (ret != LDB_SUCCESS) {
478 *error_string
479 = talloc_asprintf(mem_ctx,
480 "Could not commit transaction on secrets database: %s", ldb_errstring(ldb));
481 status = NT_STATUS_INTERNAL_DB_ERROR;
482 goto out;
483 }
484
485 status = NT_STATUS_OK;
486 out:
487 talloc_free(tmp_mem);
488 Py_CLEAR(parameters);
489 Py_CLEAR(provision_mod);
490 Py_CLEAR(provision_dict);
491 Py_CLEAR(py_result);
492 if (!NT_STATUS_IS_OK(status)) {
493 PyErr_Print();
494 PyErr_Clear();
495 }
496 return status;
497 }
498
499
500 struct ldb_context *provision_get_schema(TALLOC_CTX *mem_ctx,
501 struct loadparm_context *lp_ctx,
502 const char *schema_dn,
503 DATA_BLOB *override_prefixmap)
504 {
505 PyObject *schema_mod, *schema_dict, *schema_fn, *py_result, *parameters;
506 PyObject *py_ldb = NULL;
507 struct ldb_context *ldb_result = NULL;
508 Py_Initialize();
509 py_update_path(); /* Put the samba path at the start of sys.path */
510
511 schema_mod = schema_module();
512
513 if (schema_mod == NULL) {
514 PyErr_Print();
515 DEBUG(0, ("Unable to import schema Python module.\n"));
516 return NULL;
517 }
518
519 schema_dict = PyModule_GetDict(schema_mod);
520
521 if (schema_dict == NULL) {
522 DEBUG(0, ("Unable to get dictionary for schema module\n"));
523 return NULL;
524 }
525
526 schema_fn = PyDict_GetItemString(schema_dict, "ldb_with_schema");
527 if (schema_fn == NULL) {
528 PyErr_Print();
529 DEBUG(0, ("Unable to get schema_get_ldb function\n"));
530 return NULL;
531 }
532
533 parameters = PyDict_New();
534
535 if (schema_dn) {
536 if (!dict_insert(parameters,
537 "schemadn",
538 PyUnicode_FromString(schema_dn))) {
539 return NULL;
540 }
541 }
542
543 if (override_prefixmap) {
544 if (!dict_insert(parameters,
545 "override_prefixmap",
546 PyBytes_FromStringAndSize(
547 (const char *)override_prefixmap->data,
548 override_prefixmap->length))) {
549 return NULL;
550 }
551 }
552
553 py_result = call_wrapper(schema_fn, parameters);
554
555 Py_DECREF(parameters);
556
557 if (py_result == NULL) {
558 PyErr_Print();
559 PyErr_Clear();
560 return NULL;
561 }
562
563 py_ldb = PyObject_GetAttrString(py_result, "ldb");
564 Py_DECREF(py_result);
565 ldb_result = pyldb_Ldb_AsLdbContext(py_ldb);
566 if (talloc_reference(mem_ctx, ldb_result) == NULL) {
567 ldb_result = NULL;
568 }
569 Py_DECREF(py_ldb);
570 return ldb_result;
571 }
Samba GIT mirror