From 2461c89c079cc99ea2c6806fda52e76d7814d494 Mon Sep 17 00:00:00 2001 From: David Mulder Date: Fri, 19 Feb 2021 10:22:04 -0700 Subject: [PATCH] gpo: Apply Group Policy Issue setting from VGP Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- python/samba/vgp_issue_ext.py | 47 +++++++++++++++++++++++++++- selftest/knownfail.d/gpo | 1 - source4/scripting/bin/samba-gpupdate | 2 ++ 3 files changed, 48 insertions(+), 2 deletions(-) delete mode 100644 selftest/knownfail.d/gpo diff --git a/python/samba/vgp_issue_ext.py b/python/samba/vgp_issue_ext.py index bbf4f70289b..b4b08901149 100644 --- a/python/samba/vgp_issue_ext.py +++ b/python/samba/vgp_issue_ext.py @@ -14,13 +14,58 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +import os from samba.gpclass import gp_xml_ext class vgp_issue_ext(gp_xml_ext): + def __str__(self): + return 'Unix Settings/Issue' + def process_group_policy(self, deleted_gpo_list, changed_gpo_list, issue='/etc/issue'): - pass + for guid, settings in deleted_gpo_list: + self.gp_db.set_guid(guid) + if str(self) in settings: + for attribute, msg in settings[str(self)].items(): + if attribute == 'issue': + with open(issue, 'w') as w: + if msg: + w.write(msg) + else: + w.truncate() + self.gp_db.delete(str(self), attribute) + self.gp_db.commit() + + for gpo in changed_gpo_list: + if gpo.file_sys_path: + self.gp_db.set_guid(gpo.name) + xml = 'MACHINE/VGP/VTLA/Unix/Issue/manifest.xml' + path = os.path.join(gpo.file_sys_path, xml) + xml_conf = self.parse(path) + if not xml_conf: + continue + policy = xml_conf.find('policysetting') + data = policy.find('data') + text = data.find('text') + current = open(issue, 'r').read() if os.path.exists(issue) else '' + if current != text.text: + with open(issue, 'w') as w: + w.write(text.text) + self.gp_db.store(str(self), 'issue', current) + self.gp_db.commit() def rsop(self, gpo): output = {} + if gpo.file_sys_path: + xml = 'MACHINE/VGP/VTLA/Unix/Issue/manifest.xml' + path = os.path.join(gpo.file_sys_path, xml) + xml_conf = self.parse(path) + if not xml_conf: + return output + policy = xml_conf.find('policysetting') + data = policy.find('data') + filename = data.find('filename') + text = data.find('text') + mfile = os.path.join('/etc', filename.text) + output[mfile] = text.text return output diff --git a/selftest/knownfail.d/gpo b/selftest/knownfail.d/gpo deleted file mode 100644 index 98f409be153..00000000000 --- a/selftest/knownfail.d/gpo +++ /dev/null @@ -1 +0,0 @@ -^samba.tests.gpo.samba.tests.gpo.GPOTests.test_vgp_issue diff --git a/source4/scripting/bin/samba-gpupdate b/source4/scripting/bin/samba-gpupdate index d5903a2e5e0..3b0b7ce3d1f 100755 --- a/source4/scripting/bin/samba-gpupdate +++ b/source4/scripting/bin/samba-gpupdate @@ -41,6 +41,7 @@ from samba.vgp_symlink_ext import vgp_symlink_ext from samba.vgp_files_ext import vgp_files_ext from samba.vgp_openssh_ext import vgp_openssh_ext from samba.vgp_motd_ext import vgp_motd_ext +from samba.vgp_issue_ext import vgp_issue_ext import logging if __name__ == "__main__": @@ -101,6 +102,7 @@ if __name__ == "__main__": gp_extensions.append(vgp_files_ext) gp_extensions.append(vgp_openssh_ext) gp_extensions.append(vgp_motd_ext) + gp_extensions.append(vgp_issue_ext) gp_extensions.extend(machine_exts) elif opts.target == 'User': gp_extensions.extend(user_exts) -- 2.47.3