summaryrefslogtreecommitdiff
path: root/python/samba/gpclass.py
AgeCommit message (Collapse)AuthorFilesLines
2021-03-11samba-gpupdate: Check sysvol download paths in case-insensitive wayDavid Mulder1-2/+3
https://bugzilla.samba.org/show_bug.cgi?id=14665 Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Björn Baumbach <bb@sernet.de>
2021-03-08gpo: Improve the samba-gpupdate --rsop outputDavid Mulder1-1/+8
Use the CSE name based on the class name, not the module name. Also ignore the Local Policy gpo. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-19gpo: Add gp_xml_ext parser for group policyDavid Mulder1-0/+9
This adds an extension parser for parsing xml files in the sysvol. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02python2 reduction: Merge remaining compat code into commonDavid Mulder1-1/+1
The remaining compat code (get_string, get_bytes, cmp) are useful helper routines which we should simply merge into common (especially since there is some duplication here). Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): David Mulder <dmulder@samba.org> Autobuild-Date(master): Fri Oct 2 14:49:36 UTC 2020 on sn-devel-184
2020-09-02gpo: Pass necessary parameters to rsopDavid Mulder1-1/+1
These parameters were missed by mistake when exts were modified to be initialized within the rsop command. Fixes an exception thrown when executing samba-gpupdate --rsop: Traceback (most recent call last): File "/usr/sbin/samba-gpupdate", line 99, in <module> rsop(lp, creds, gp_extensions, opts.target) File "/usr/lib64/python3.8/site-packages/samba/gpclass.py", line 512, in rsop ext = ext(logger, lp, creds, store) NameError: name 'logger' is not defined Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-09-02gpo: Test rsop function for successDavid Mulder1-2/+2
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-08-27gpo: Fix unapply failure when multiple extensions runDavid Mulder1-0/+3
When multiple Group Policy Extensions are present, only the last executed extension saves it's changes to the Group Policy Database, due to the database being loaded seperately for each extension. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-08-24python compat: remove ConfigParserDavid Mulder1-3/+3
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-08-19s3:client: Turn off smb signing for message opAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-19python: Set smb signing via the creds APIAndreas Schneider1-0/+7
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-11python compat: remove StringIODouglas Bagnall1-1/+1
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Noel Power <npower@samba.org>
2020-08-06gpo: Remove unused gp_ext_setter codeDavid Mulder1-31/+0
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): David Mulder <dmulder@samba.org> Autobuild-Date(master): Thu Aug 6 18:01:49 UTC 2020 on sn-devel-184
2020-08-06gpo: Add --rsop option to samba-gpupdateDavid Mulder1-0/+38
This command prints the Resultant Set of Policy for applicable GPOs, for either the Computer or User policy (depending on the target specified). Policy specific output must be implemented for each client side extension. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-08-06gpo: Properly decode utf-8/16 inf files from bytesDavid Mulder1-3/+3
This code was python 2 specific (string handling has changed dramatically in python 3), and didn't correctly decode utf-16 in python3. We should instead read the file as bytes, then attempt a utf-8 decode (the default), and try utf-16 if encountering a decode failure. The existing code actually throws an exception on the initial file read when the data is utf-16, since it tries to decode the bytes to a utf-8 string. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-06-23Create Registry.pol group policy extension parserDavid Mulder1-2/+12
Create a parent class for parsing Registry.pol files by group policy extensions. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-01-17python/gpclass: Convert gpclass to use s3 SMB Python bindingsTim Beale1-3/+7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-10python/samba: PY3 port gpo.apply smbtorture testNoel Power1-8/+9
1) configparser.set requires string values 2) self.gp_db.store() etc. neex to pass str object for xml.etree.ElementTree.Element text attribute which needs to be text 3) tdb delete method needs bytes key 4) configparser.write needs a file opened in text mode Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-10-23python/samba: use PY3 version of ConfigParserNoel Power1-1/+1
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-10-08gpo PEP8: balance whitespace around equalsDouglas Bagnall1-1/+1
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: David Mulder <dmulder@suse.com> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpupdate: Add the --force optionDavid Mulder1-11/+16
This option forces the reapplication of policy, and works the same as MS 'gpupdate /force' Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Remove unused apply_log_pop() and list() funcsDavid Mulder1-50/+0
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: add unapply to the gp_sec_extDavid Mulder1-0/+4
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Calculate deleted gpos and unapply themDavid Mulder1-1/+8
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Use the new process_group_policy() for unapplyDavid Mulder1-17/+11
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: avoid quadratic behaviour in guid retrievalDouglas Bagnall1-6/+6
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: David Mulder <dmulder@suse.com> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Create a function for returning applied settingsDavid Mulder1-0/+39
This returns a list of guids for gpos applied plus settings applied and their previous values. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: apply_map should not be required for gp_extDavid Mulder1-4/+0
The apply_map function should not be a requirement to implement the gp_ext class, since only the gp_sec_ext uses it now. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Move policy application to the gp_extDavid Mulder1-25/+1
Policy specific setting application should be handled by the group policy extension, not the read/parse handler. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Remove unused gp_ext.list() functionDavid Mulder1-4/+0
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Implement process_group_policy() gp_ext funcDavid Mulder1-18/+25
MS spec describes the policy callback as a function called ProcessGroupPolicy which accepts a pDeletedGPOList and a pChangedGPOList param. The Group Policy Client Side Extension then iterates over the deleted, then the changed gpo lists and applies/unapplies policy. We should do this also. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Initialize gp_ext variables in constructorDavid Mulder1-7/+6
Initialize variables for the gp_ext in the constructor instead of passing them via the parse function. This is a dependency of the "gpo: Implement process_group_policy() gp_ext func" patch, since the parse() function is now called by the ext, instead of by gpupdate within apply_gp(). The parse() function should only take the path variable, to simplify writing Client Side Extensions. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: Initialize SamDB in the gp_sec_extDavid Mulder1-11/+11
The SamDB is only used by the gp_sec_ext, and isn't needed elsewhere, so initialize it where we need it and avoid passing it around everywhere. It makes the most sense to put this in the setter class that uses it, so pass our creds down so we have access to it, then initialize it there. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08gpo: abstract methods are defined in the parent classDavid Mulder1-12/+0
These methods don't need redefined in the child class. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-09-03python/samba/tests: Use io.StringIO for py3 and StringIO.StrinIO for py2Noel Power1-1/+1
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-08-24PEP8: fix E713: test for membership should be 'not in'Joe Guo1-2/+2
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E502: the backslash is redundant between bracketsJoe Guo1-2/+2
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E305: expected 2 blank lines after class or function definition, ↵Joe Guo1-0/+2
found 1 Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E302: expected 2 blank lines, found 1Joe Guo1-0/+20
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E261: at least two spaces before inline commentJoe Guo1-1/+1
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E227: missing whitespace around bitwise or shift operatorJoe Guo1-1/+1
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E226: missing whitespace around arithmetic operatorJoe Guo1-3/+3
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E225: missing whitespace around operatorJoe Guo1-1/+1
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E211: whitespace before '('Joe Guo1-2/+1
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-24PEP8: fix E128: continuation line under-indented for visual indentJoe Guo1-3/+3
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-07-12gpo: Don't duplicate guids in the apply logDavid Mulder1-3/+5
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-12gpo: add list_gp_extensions for listing registered gp extensionsDavid Mulder1-0/+13
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-12gpo: add unregister_gp_extension for unregistering gp extensionsDavid Mulder1-0/+12
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-12gpo: add register_gp_extension for registering gp extensionsDavid Mulder1-0/+48
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-12gpo: Offline policy application via cacheDavid Mulder1-28/+7
Read policy files from the cache, rather than the sysvol. This enables offline policy apply. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-12gpo: Read GPO versions locally, not from sysvolDavid Mulder1-3/+53
Non-kdc clients cannot read directly from the sysvol, so we need to store the GPT.INI file locally to read each gpo version. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-07 08:43:38 +0000