diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-08-27 22:38:53 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-08-28 07:57:30 +1000 |
| commit | 444c9ffad75cfe4f1948a09a870c87b17aed21a9 (patch) | |
| tree | 4da13ab4ba13c3ad5979504a06ecb00a8dc36cb3 /source4/scripting/python/samba/provision | |
| parent | 5aa9a6c936cbf4fb8a7a9d9a03b1678d6419e78f (diff) | |
| download | samba-444c9ffad75cfe4f1948a09a870c87b17aed21a9.tar.gz samba-444c9ffad75cfe4f1948a09a870c87b17aed21a9.tar.xz samba-444c9ffad75cfe4f1948a09a870c87b17aed21a9.zip | |
s4-classicupgrade: Do the setting of the sysvol ACLs last, after idmap is configured
This will allow files to be correctly owned by the idmap that is imported.
This appears to fix an issue that came up after s3fs-compatible ACLs were
merged into provision.
Andrew Bartlett
Diffstat (limited to 'source4/scripting/python/samba/provision')
| -rw-r--r-- | source4/scripting/python/samba/provision/__init__.py | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index e39a6c45ae..c7fda92f5e 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -1594,7 +1594,7 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths, invocationid=None, machinepass=None, ntdsguid=None, dns_backend=None, dnspass=None, serverrole=None, dom_for_fun_level=None, - am_rodc=False, lp=None, use_ntvfs=False): + am_rodc=False, lp=None, use_ntvfs=False, skip_sysvolacl=True): # create/adapt the group policy GUIDs # Default GUID for default policy are described at # "How Core Group Policy Works" @@ -1631,8 +1631,9 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths, # policy) create_default_gpo(paths.sysvol, names.dnsdomain, policyguid, policyguid_dc) - setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid, paths.wheel_gid, - domainsid, names.dnsdomain, names.domaindn, lp, use_ntvfs) + if not skip_sysvolacl: + setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid, paths.wheel_gid, + domainsid, names.dnsdomain, names.domaindn, lp, use_ntvfs) secretsdb_self_join(secrets_ldb, domain=names.domain, realm=names.realm, dnsdomain=names.dnsdomain, @@ -1766,7 +1767,8 @@ def provision(logger, session_info, credentials, smbconf=None, ol_mmr_urls=None, ol_olc=None, slapd_path="/bin/false", useeadb=False, am_rodc=False, lp=None, use_ntvfs=False, - use_rfc2307=False, maxuid=None, maxgid=None): + use_rfc2307=False, maxuid=None, maxgid=None, + skip_sysvolacl=True): """Provision samba4 :note: caution, this wipes all existing data! @@ -2014,7 +2016,8 @@ def provision(logger, session_info, credentials, smbconf=None, ntdsguid=ntdsguid, dns_backend=dns_backend, dnspass=dnspass, serverrole=serverrole, dom_for_fun_level=dom_for_fun_level, am_rodc=am_rodc, - lp=lp, use_ntvfs=use_ntvfs) + lp=lp, use_ntvfs=use_ntvfs, + skip_sysvolacl=skip_sysvolacl) create_krb5_conf(paths.krb5conf, dnsdomain=names.dnsdomain, hostname=names.hostname, |