| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This is exactly a copy of user/keytrust.py to computer_keytrust.py
with a title-case-preserving `s/user/computer/`.
It works. The Computer model differs from the User model in that it
appends a '$' to the end of account names if it senses the lack,
otherwise these commands are using the same code paths.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
This allows manipulation of key credential links for users.
See `man -l bin/default/docs-xml/manpages/samba-tool.8` for
documentation.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Helpful in development.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Often we [think we] know that all exceptions of a certain type should
be formatted as CommandErrors (i.e., the traceback is suppressed, and
the message is assumed intelligible). Rather than riddling .run() with
try...except blocks to do this, we can
@exception_to_command_error(ModelError)
def run(...)
which makes any ModelError into a CommandError in that samba-tool command.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13613
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Rowland Penny <rpenny@samba.org>
|
|
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
ERROR(<class AttributeError>): uncaught exception - RootLogger object has no attribute notice
File "/samba/bin/python/samba/netcmd/__init__.py", line 387, in _run
return self.run(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/samba/bin/python/samba/netcmd/domain/backup.py", line 698, in run
logger.notice("back-up has no sysvol data")
^^^^^^^^^^^^^
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15852
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15661
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Mar 29 08:25:39 UTC 2025 on atb-devel-224
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
These have been useless since 2011.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
The expat parser comes with the Python standard library, so we can use
it to check the entities work, rather than relying on a fragile
regular expression.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
In some circumstances sysvol is not wanted in a backup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15661
Signed-off-by: Thomas Karlsson <thomas.karlsson@relea.se>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
Per https://www.w3.org/TR/xml/#sec-entity-decl (and MS references)
there is always some whitespace between '<!ENTITY' and the name, and
between the name and whatever is next. Also, it is valid XML to have
newlines inside entity declarations, like this:
<!ENTITY
bubble
"*S-1-5-113"
>
We used to create such files, so we should allow them.
There is a kind of entity that has '%' before the name, and there are
non-ascii names, which we continue not to support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15829
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
This was broken with commit ce56d336f234febfd4cb3da11dd584842c24ce1d
but we didn't notice because the test was already broken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15829
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
When the policy exists already, there is no exception and the code
tries to use the "data" variable, but it doesn't exist because it was
only defined in the exception handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15774
Signed-off-by: Andreas Hasenack <andreas.hasenack@canonical.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
It is almost certain that we are not going to run out of files, as
they get garbage collected anyway, but in some circumstances these can
fill your screen with "ResourceWarning: unclosed file" messages, which
hides the real messages.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
This is not needed and has the potential to loose
information if the sddl code wouldn't have all features
implemented.
No intended change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14927
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
experimental
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15815
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 17 18:33:15 UTC 2025 on atb-devel-224
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
These are now redundant as all samba-tool sub-commands handle
-V/--version automatically.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
This means in
bin/samba-tool spn -h -V
the -V takes precedence over the -h, as with the 'net' tool.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15770
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
Before `samba-tool -V` would give you the version,
but `samba-tool spn -V` would complain.
An ad-hoc selection of sub-commands already supported --version,
depending on whether VersionOptions was manually added to the
takes_options dict. The .run() methods of these subcommands all take a
'versionopts' keyword argument, but never use it. If it was set (i.e.,
argv contained "--version"), the process never gets to .run(), so the
value of versionopts.version is always None in run(). After this
commit we can remove VersionOptions/versionopts from sub-commands.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15770
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15770
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
Increasing this value greatly improve the performances of schema
upgrade for large domains (>200k entries).
The value 200000 is chosen because it is already used in join.py, and
should be sufficient for known domains.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15795
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Removes all supplemental groups from a user, what is commonly
wanted when a user is disabled.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jule Anger <janger@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Thu Jan 23 19:51:05 UTC 2025 on atb-devel-224
|
|
toggle_userAccountFlags() can only handle one user.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
filter() is a Python built-in function to filter iterables.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
Seems to be copied from samba-tool user setpassword command.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
testparm explicitly fails if $piddir or $lockdir does not exist.
However, the daemons which actually use these directories, will
create it on demand, there is no need to fail even simple testparm
operations if the dirs are not there.
This change lets to (pre)configure samba without bothering to
pre-create the directories which are overwise needed only to fulfil
testparm criteria.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
|
|
We maybe thought we were checking that sha1 was in hashlib, but we were
only checking that hashlib is in the Python library (`hashlib.sha1()`
would not raise ImportError).
The documentation says hashlib always contains sha1 -- if that
changes, it is better we know by failing noisily with the import error
at the top of the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15756
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
Because we know we have _glue.crypt, and we know it raises exceptions
rather than returning None, we can simplify the checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15756
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
Under some circumstances rootdse returns an operations error with
"Operation unavailable without authentication" instead of insufficient
access rights.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Dec 20 00:00:02 UTC 2024 on atb-devel-224
|
|
Since processes can run under the UID of the logged in user, it's required
to make sure that the users have the permissions here.
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Tue Dec 10 11:40:27 UTC 2024 on atb-devel-224
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Oct 31 00:23:09 UTC 2024 on atb-devel-224
|
|
10^(-7) seconds
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15692
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Oct 4 04:01:22 UTC 2024 on atb-devel-224
|
|
GPOs containing GPWL (Wireless/Wired Protocol Extension) policies could not be deleted with samba-tool
as those policies were stored as subentries of the GPO and only the main root was deleted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15387
RN: Fix for inability to delete GPOs containing GPWL policies using samba-tool
Signed-off-by: Kacper Boström <kacper@kacper.se>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Sep 24 17:11:53 UTC 2024 on atb-devel-224
|
|
Fix typo in "samba-tool user add" error message when adding a user with
NIS features : the argument for the uid number is --uid-number and not
--uidNumber.
RN: Fix typo in samba-tool error message.
Signed-off-by: Lyanis Souidi <lyanis.souidi@u-pec.fr>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
This makes our intent clear, and avoids accidental attempts to use these
objects after they have been ‘disconnect()’ed.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
We have bindings for stringifying GUIDs, so I intended to replace this
rather complicated code with that, but it turns out that this method
has been unused since 5d42260eecfd4f26cc82637ce1bc989083c9eb9d in 2013.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
`pw.encode('utf-16-le')` is always bytes.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
`assert` can be optimised away if python is run with `-O`.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 11 05:32:28 UTC 2024 on atb-devel-224
|
|
This allows to verify the backup tarball contents with:
sha256sum -c SHA256SUM
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We also have ldapi, other sockets or pipes around, we don't want to
add. This will be relevant for adding checksums later.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
option
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
