From: David Mulder <dmulder@samba.org>
Date: Mon, 5 Dec 2022 17:41:27 +0000 (-0700)
Subject: gp: Modify Centrify Crontab compatible CSE to use new files applier
X-Git-Tag: talloc-2.4.0~183
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=acdc7fbe8985a16d41075b72f54a96f217c3f884;p=thirdparty%2Fsamba.git

gp: Modify Centrify Crontab compatible CSE to use new files applier

Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
---

diff --git a/python/samba/gp/gp_centrify_crontab_ext.py b/python/samba/gp/gp_centrify_crontab_ext.py
index 220feb776a5..414cd90aaf7 100644
--- a/python/samba/gp/gp_centrify_crontab_ext.py
+++ b/python/samba/gp/gp_centrify_crontab_ext.py
@@ -16,7 +16,7 @@
 
 import os, re
 from subprocess import Popen, PIPE
-from samba.gp.gpclass import gp_pol_ext, drop_privileges
+from samba.gp.gpclass import gp_pol_ext, drop_privileges, gp_file_applier
 from hashlib import blake2b
 from tempfile import NamedTemporaryFile
 
@@ -34,43 +34,47 @@ end = '''
 ### autogenerated by samba ###
 '''
 
-class gp_centrify_crontab_ext(gp_pol_ext):
+class gp_centrify_crontab_ext(gp_pol_ext, gp_file_applier):
     def __str__(self):
         return 'Centrify/CrontabEntries'
 
     def process_group_policy(self, deleted_gpo_list, changed_gpo_list,
                              cdir=None):
         for guid, settings in deleted_gpo_list:
-            self.gp_db.set_guid(guid)
             if str(self) in settings:
                 for attribute, script in settings[str(self)].items():
-                    if os.path.exists(script):
-                        os.unlink(script)
-                    self.gp_db.delete(str(self), attribute)
-            self.gp_db.commit()
+                    self.unapply(guid, attribute, script)
 
         for gpo in changed_gpo_list:
             if gpo.file_sys_path:
                 section = \
                     'Software\\Policies\\Centrify\\UnixSettings\\CrontabEntries'
-                self.gp_db.set_guid(gpo.name)
                 pol_file = 'MACHINE/Registry.pol'
                 path = os.path.join(gpo.file_sys_path, pol_file)
                 pol_conf = self.parse(path)
                 if not pol_conf:
                     continue
+                entries = []
                 for e in pol_conf.entries:
                     if e.keyname == section and e.data.strip():
                         cron_dir = '/etc/cron.d' if not cdir else cdir
-                        attribute = blake2b(e.data.encode()).hexdigest()
-                        old_val = self.gp_db.retrieve(str(self), attribute)
-                        if not old_val:
-                            with NamedTemporaryFile(prefix='gp_', mode="w+",
-                                    delete=False, dir=cron_dir) as f:
-                                contents = '%s\n%s\n%s' % (intro, e.data, end)
-                                f.write(contents)
-                                self.gp_db.store(str(self), attribute, f.name)
-                        self.gp_db.commit()
+                        entries.append(e.data)
+                def applier_func(entries):
+                    with NamedTemporaryFile(prefix='gp_', mode="w+",
+                            delete=False, dir=cron_dir) as f:
+                        contents = intro
+                        for entry in entries:
+                            contents += '%s\n' % entry
+                        contents += end
+                        f.write(contents)
+                        return [f.name]
+                attribute = self.generate_attribute(gpo.name)
+                value_hash = self.generate_value_hash(*entries)
+                self.apply(gpo.name, attribute, value_hash, applier_func,
+                           entries)
+
+                # Remove scripts for this GPO which are no longer applied
+                self.clean(gpo.name, keep=attribute)
 
     def rsop(self, gpo, target='MACHINE'):
         output = {}