gpo: Apply Group Policy Issue setting from VGP

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

3 files changed, 48 insertions, 2 deletions

diff --git a/python/samba/vgp_issue_ext.py b/python/samba/vgp_issue_ext.py
index bbf4f70289b..b4b08901149 100644
--- a/python/samba/vgp_issue_ext.py
+++ b/python/samba/vgp_issue_ext.py
@@ -14,13 +14,58 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+import os
 from samba.gpclass import gp_xml_ext
 
 class vgp_issue_ext(gp_xml_ext):
+    def __str__(self):
+        return 'Unix Settings/Issue'
+
     def process_group_policy(self, deleted_gpo_list, changed_gpo_list,
                              issue='/etc/issue'):
-        pass
+        for guid, settings in deleted_gpo_list:
+            self.gp_db.set_guid(guid)
+            if str(self) in settings:
+                for attribute, msg in settings[str(self)].items():
+                    if attribute == 'issue':
+                        with open(issue, 'w') as w:
+                            if msg:
+                                w.write(msg)
+                            else:
+                                w.truncate()
+                    self.gp_db.delete(str(self), attribute)
+            self.gp_db.commit()
+
+        for gpo in changed_gpo_list:
+            if gpo.file_sys_path:
+                self.gp_db.set_guid(gpo.name)
+                xml = 'MACHINE/VGP/VTLA/Unix/Issue/manifest.xml'
+                path = os.path.join(gpo.file_sys_path, xml)
+                xml_conf = self.parse(path)
+                if not xml_conf:
+                    continue
+                policy = xml_conf.find('policysetting')
+                data = policy.find('data')
+                text = data.find('text')
+                current = open(issue, 'r').read() if os.path.exists(issue) else ''
+                if current != text.text:
+                    with open(issue, 'w') as w:
+                        w.write(text.text)
+                        self.gp_db.store(str(self), 'issue', current)
+                    self.gp_db.commit()
 
     def rsop(self, gpo):
         output = {}
+        if gpo.file_sys_path:
+            xml = 'MACHINE/VGP/VTLA/Unix/Issue/manifest.xml'
+            path = os.path.join(gpo.file_sys_path, xml)
+            xml_conf = self.parse(path)
+            if not xml_conf:
+                return output
+            policy = xml_conf.find('policysetting')
+            data = policy.find('data')
+            filename = data.find('filename')
+            text = data.find('text')
+            mfile = os.path.join('/etc', filename.text)
+            output[mfile] = text.text
         return output
diff --git a/selftest/knownfail.d/gpo b/selftest/knownfail.d/gpo
deleted file mode 100644
index 98f409be153..00000000000
--- a/selftest/knownfail.d/gpo
+++ /dev/null
@@ -1 +0,0 @@
-^samba.tests.gpo.samba.tests.gpo.GPOTests.test_vgp_issue
diff --git a/source4/scripting/bin/samba-gpupdate b/source4/scripting/bin/samba-gpupdate
index d5903a2e5e0..3b0b7ce3d1f 100755
--- a/source4/scripting/bin/samba-gpupdate
+++ b/source4/scripting/bin/samba-gpupdate
@@ -41,6 +41,7 @@ from samba.vgp_symlink_ext import vgp_symlink_ext
 from samba.vgp_files_ext import vgp_files_ext
 from samba.vgp_openssh_ext import vgp_openssh_ext
 from samba.vgp_motd_ext import vgp_motd_ext
+from samba.vgp_issue_ext import vgp_issue_ext
 import logging
 
 if __name__ == "__main__":
@@ -101,6 +102,7 @@ if __name__ == "__main__":
         gp_extensions.append(vgp_files_ext)
         gp_extensions.append(vgp_openssh_ext)
         gp_extensions.append(vgp_motd_ext)
+        gp_extensions.append(vgp_issue_ext)
         gp_extensions.extend(machine_exts)
     elif opts.target == 'User':
         gp_extensions.extend(user_exts)