Univention Bugzilla – Attachment 8908 Details for
Bug 35863
Heimdal on Samba 4 DCs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
35863-diagnostic-heimdal-on-samba4-dc-420.patch
35863-diagnostic-heimdal-on-samba4-dc-420.patch (text/plain), 7.69 KB, created by
Lukas Oyen
on 2017-06-07 14:54 CEST
(
hide
)
Description:
35863-diagnostic-heimdal-on-samba4-dc-420.patch
Filename:
MIME Type:
Creator:
Lukas Oyen
Created:
2017-06-07 14:54 CEST
Size:
7.69 KB
patch
obsolete
>From 1117c02bb22740a3cf50d91dd799b8bbcfaaf255 Mon Sep 17 00:00:00 2001 >From: Lukas Oyen <oyen@univention.de> >Date: Tue, 6 Jun 2017 18:32:56 +0200 >Subject: [PATCH 1/2] Bug #35859: ucm-diagnostic: new check > heimdal_on_samba4_dc > >--- > .../diagnostic/plugins/heimdal_on_samba4_dc.py | 104 +++++++++++++++++++++ > 1 file changed, 104 insertions(+) > create mode 100755 management/univention-management-console-module-diagnostic/umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py > >diff --git a/management/univention-management-console-module-diagnostic/umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py b/management/univention-management-console-module-diagnostic/umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py >new file mode 100755 >index 0000000..ff87f40 >--- /dev/null >+++ b/management/univention-management-console-module-diagnostic/umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py >@@ -0,0 +1,104 @@ >+#!/usr/bin/python2.7 >+# coding: utf-8 >+# >+# Univention Management Console module: >+# System Diagnosis UMC module >+# >+# Copyright 2017 Univention GmbH >+# >+# http://www.univention.de/ >+# >+# All rights reserved. >+# >+# The source code of this program is made available >+# under the terms of the GNU Affero General Public License version 3 >+# (GNU AGPL V3) as published by the Free Software Foundation. >+# >+# Binary versions of this program provided by Univention to you as >+# well as other copyrighted, protected or trademarked materials like >+# Logos, graphics, fonts, specific documentations and configurations, >+# cryptographic keys etc. are subject to a license agreement between >+# you and Univention and not subject to the GNU AGPL V3. >+# >+# In the case you use this program under the terms of the GNU AGPL V3, >+# the program is provided in the hope that it will be useful, >+# but WITHOUT ANY WARRANTY; without even the implied warranty of >+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+# GNU Affero General Public License for more details. >+# >+# You should have received a copy of the GNU Affero General Public >+# License with the Debian GNU/Linux or Univention distribution in file >+# /usr/share/common-licenses/AGPL-3; if not, see >+# <http://www.gnu.org/licenses/>. >+ >+import ldap >+import socket >+import psutil >+ >+import univention.uldap >+ >+import univention.config_registry >+from univention.management.console.modules.diagnostic import Critical >+ >+from univention.lib.i18n import Translation >+_ = Translation('univention-management-console-module-diagnostic').translate >+ >+title = _('Check Heimdal KDC on Samba 4 DC') >+description = _('Samba 4 KDC running.') >+umc_modules = [{'module': 'services'}] >+ >+ >+def is_service_active(service): >+ lo = univention.uldap.getMachineConnection() >+ raw_filter = '(&(univentionService=%s)(cn=%s))' >+ filter_expr = ldap.filter.filter_format(raw_filter, (service, socket.gethostname())) >+ for (dn, _attr) in lo.search(filter_expr, attr=['cn']): >+ if dn is not None: >+ return True >+ return False >+ >+ >+def samba_kdc_running(): >+ try: >+ import samba.messaging >+ except ImportError: >+ return False >+ msg = samba.messaging.Messaging() >+ try: >+ ids = msg.irpc_servers_byname('kdc_server') >+ except KeyError: >+ return False >+ return bool(ids) >+ >+ >+def is_heimdal_kdc_running(): >+ kdc_paths = ('/usr/lib/heimdal-servers/kdc', '/usr/lib/heimdal-servers/kpasswdd') >+ process_paths = (p.exe() for p in psutil.process_iter()) >+ return any(path in kdc_paths for path in process_paths) >+ >+ >+def is_kerberos_autostart_disabled(): >+ configRegistry = univention.config_registry.ConfigRegistry() >+ configRegistry.load() >+ return configRegistry.is_false('kerberos/autostart') >+ >+ >+def run(): >+ error = _('This is a Samba 4 DC, but `samba-tool processes` reports no `kdc_server`.') >+ heimdal_error = _('This may be, because Heimdal KDC seems to be running.') >+ autostart_error = _('This may be, because `kerberos/autostart` is not disabled.') >+ solution = _('You may want to stop Heimdal KDC and restart Samba via {services}') >+ >+ if is_service_active('Samba 4') and not samba_kdc_running(): >+ error_descriptions = [error] >+ if is_heimdal_kdc_running(): >+ error_descriptions.append(heimdal_error) >+ if not is_kerberos_autostart_disabled(): >+ error_descriptions.append(autostart_error) >+ error_descriptions.append(solution) >+ raise Critical('\n'.join(error_descriptions)) >+ >+ >+if __name__ == '__main__': >+ from univention.management.console.modules.diagnostic import main >+ main() >-- >2.7.4 > > >From 52f91e7c4078db221b7e61d3143bee3952f8a55a Mon Sep 17 00:00:00 2001 >From: Lukas Oyen <oyen@univention.de> >Date: Tue, 6 Jun 2017 18:36:44 +0200 >Subject: [PATCH 2/2] Bug #35859: ucm-diagnostic: new check > heimdal_on_samba4_dc (po) > >--- > .../umc/python/diagnostic/de.po | 33 ++++++++++++++++++++-- > 1 file changed, 31 insertions(+), 2 deletions(-) > >diff --git a/management/univention-management-console-module-diagnostic/umc/python/diagnostic/de.po b/management/univention-management-console-module-diagnostic/umc/python/diagnostic/de.po >index affad86..9ff3b19 100644 >--- a/management/univention-management-console-module-diagnostic/umc/python/diagnostic/de.po >+++ b/management/univention-management-console-module-diagnostic/umc/python/diagnostic/de.po >@@ -2,8 +2,8 @@ > msgid "" > msgstr "" > "Project-Id-Version: univention-management-console-module-diagnostic\n" >-"Report-Msgid-Bugs-To: packages@univention.de\n" >-"POT-Creation-Date: 2016-01-14 12:19+0100\n" >+"Report-Msgid-Bugs-To: \n" >+"POT-Creation-Date: 2017-06-06 18:36+0200\n" > "PO-Revision-Date: \n" > "Last-Translator: Univention GmbH <packages@univention.de>\n" > "Language-Team: Univention GmbH <packages@univention.de>\n" >@@ -27,6 +27,10 @@ msgstr "" > msgid "Adjust to suggested limits" > msgstr "An vorgeschlagene Limits anpassen" > >+#: umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py:46 >+msgid "Check Heimdal KDC on Samba 4 DC" >+msgstr "Ãberprüfe Heimdal KDC auf Samba 4 DC" >+ > #: umc/python/diagnostic/plugins/gateway.py:11 > msgid "Gateway is not reachable" > msgstr "Gateway ist nicht erreichbar" >@@ -133,6 +137,10 @@ msgstr "Proxy-Server-Fehler" > msgid "SSH connection to UCS server failed!" > msgstr "SSH-Verbindung zu anderem UCS Server fehlgeschlagen!" > >+#: umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py:47 >+msgid "Samba 4 KDC running." >+msgstr "Samba 4 KDC läuft." >+ > #: umc/python/diagnostic/plugins/security_limits.py:14 > msgid "Security limits exceeded" > msgstr "Sicherheitslimits überschritten" >@@ -249,6 +257,22 @@ msgstr "" > "an Samba-Servern unmöglich, Dateioperationen (Kopieren, Verschieben) auf " > "Freigaben kann fehlschlagen, uvm.)" > >+#: umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py:87 >+msgid "" >+"This is a Samba 4 DC, but `samba-tool processes` reports no `kdc_server`." >+msgstr "" >+"Dies ist ein Samba 4 DC, aber `samba-tool processes` zeigt keinen " >+"`kdc_server` an." >+ >+#: umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py:88 >+msgid "This may be, because Heimdal KDC seems to be running." >+msgstr "Dies mag daher kommen, dass Heimdal KDC läuft." >+ >+#: umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py:89 >+msgid "This may be, because `kerberos/autostart` is not disabled." >+msgstr "" >+"Dies mag daher kommen, dass `kerberos/autostart` nicht deaktiviert ist." >+ > #: umc/python/diagnostic/plugins/proxy.py:83 > #, python-format > msgid "" >@@ -260,6 +284,11 @@ msgstr "" > "dass Authentifikations-Zugangsdaten (falls existierend) korrekt sind und die " > "ACL's des Proxy-Servers nicht verbieten, Anfragen an %s zu stellen." > >+#: umc/python/diagnostic/plugins/heimdal_on_samba4_dc.py:90 >+#, python-brace-format >+msgid "You may want to stop Heimdal KDC and restart Samba via {services}" >+msgstr "Sie können Heimdal KDC per {services} stoppen und Samba neu starten." >+ > #: umc/python/diagnostic/plugins/package_status.py:28 > msgid "some" > msgstr "einigen" >-- >2.7.4 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=8908">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 35863
: 8908