import os, re
from subprocess import Popen, PIPE
-from samba.gp.gpclass import gp_pol_ext, drop_privileges
-from base64 import b64encode
+from samba.gp.gpclass import gp_pol_ext, drop_privileges, gp_file_applier
from hashlib import blake2b
from tempfile import NamedTemporaryFile
from samba.gp.util.logging import log
### autogenerated by samba ###
'''
-class gp_scripts_ext(gp_pol_ext):
+class gp_scripts_ext(gp_pol_ext, gp_file_applier):
def __str__(self):
return 'Unix Settings/Scripts'
def process_group_policy(self, deleted_gpo_list, changed_gpo_list, cdir=None):
for guid, settings in deleted_gpo_list:
- self.gp_db.set_guid(guid)
if str(self) in settings:
for attribute, script in settings[str(self)].items():
- if os.path.exists(script):
- os.unlink(script)
- self.gp_db.delete(str(self), attribute)
- self.gp_db.commit()
+ self.unapply(guid, attribute, script)
for gpo in changed_gpo_list:
if gpo.file_sys_path:
'%s\\Monthly Scripts' % reg_key : '/etc/cron.monthly',
'%s\\Weekly Scripts' % reg_key : '/etc/cron.weekly',
'%s\\Hourly Scripts' % reg_key : '/etc/cron.hourly' }
- self.gp_db.set_guid(gpo.name)
pol_file = 'MACHINE/Registry.pol'
path = os.path.join(gpo.file_sys_path, pol_file)
pol_conf = self.parse(path)
if not pol_conf:
continue
+ policies = {}
for e in pol_conf.entries:
if e.keyname in sections.keys() and e.data.strip():
- cron_dir = sections[e.keyname] if not cdir else cdir
- attribute = '%s:%s' % (e.keyname,
- b64encode(e.data.encode()).decode())
- old_val = self.gp_db.retrieve(str(self), attribute)
- if not old_val:
- with NamedTemporaryFile(prefix='gp_', mode="w+",
- delete=False, dir=cron_dir) as f:
- contents = '#!/bin/sh\n%s' % intro
- contents += '%s\n' % e.data
- f.write(contents)
- os.chmod(f.name, 0o700)
- self.gp_db.store(str(self), attribute, f.name)
- self.gp_db.commit()
+ if e.keyname not in policies:
+ policies[e.keyname] = []
+ policies[e.keyname].append(e.data)
+ def applier_func(keyname, entries):
+ ret = []
+ cron_dir = sections[keyname] if not cdir else cdir
+ for data in entries:
+ with NamedTemporaryFile(prefix='gp_', mode="w+",
+ delete=False, dir=cron_dir) as f:
+ contents = '#!/bin/sh\n%s' % intro
+ contents += '%s\n' % data
+ f.write(contents)
+ os.chmod(f.name, 0o700)
+ ret.append(f.name)
+ return ret
+ for keyname, entries in policies.items():
+ # Each GPO applies only one set of each type of script, so
+ # so the attribute matches the keyname.
+ attribute = keyname
+ # The value hash is generated from the script entries,
+ # ensuring any changes to this GPO will cause the scripts
+ # to be rewritten.
+ value_hash = self.generate_value_hash(*entries)
+ self.apply(gpo.name, attribute, value_hash, applier_func,
+ keyname, entries)
+
+ # Cleanup any old scripts that are no longer part of the policy
+ self.clean(gpo.name, keep=policies.keys())
def rsop(self, gpo, target='MACHINE'):
output = {}
projects / thirdparty / samba.git / commitdiff
