summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthieu Patou <mat@matws.net>2012-03-06 21:44:45 -0800
committerMatthieu Patou <mat@samba.org>2012-03-07 22:42:24 +0100
commitddbca1cde6e1f1f0a362506527322383c4dd5685 (patch)
treeb4d172885d8657bc6ee4fb0a46664c0347292800
parent9788d6a3489ff5df0de43ce9fabc35b20df52bb1 (diff)
downloadsamba-ddbca1cde6e1f1f0a362506527322383c4dd5685.tar.gz
samba-ddbca1cde6e1f1f0a362506527322383c4dd5685.tar.bz2
samba-ddbca1cde6e1f1f0a362506527322383c4dd5685.zip
s4-upgradeprovision: Add options to do a DB backup only and not to fix acls in sysvol
-rwxr-xr-xsource4/scripting/bin/upgradeprovision43
1 files changed, 26 insertions, 17 deletions
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision
index 7003717b4e..4986f8ad0c 100755
--- a/source4/scripting/bin/upgradeprovision
+++ b/source4/scripting/bin/upgradeprovision
@@ -161,8 +161,12 @@ parser.add_option("--debugall", action="store_true",
help="Print all available information (very verbose)")
parser.add_option("--resetfileacl", action="store_true",
help="Force a reset on filesystem acls in sysvol / netlogon share")
+parser.add_option("--nontaclfix", action="store_true",
+ help="In full upgrade mode do not try to upgrade sysvol / netlogon acls")
parser.add_option("--fixntacl", action="store_true",
help="Only fix NT ACLs in sysvol / netlogon share")
+parser.add_option("--db_backup_only", action="store_true",
+ help="Do the backup of the database in the provision, skip the sysvol / netlogon shares")
parser.add_option("--full", action="store_true",
help="Perform full upgrade of the samdb (schema, configuration, new objects, ...")
@@ -1464,14 +1468,15 @@ def update_samdb(ref_samdb, samdb, names, provisionUSNs, schema, prereloadfunc):
return 0
-def backup_provision(paths, dir):
+def backup_provision(paths, dir, only_db):
"""This function backup the provision files so that a rollback
is possible
:param paths: Paths to different objects
:param dir: Directory where to store the backup
+ :param only_db: Skip sysvol for users with big sysvol
"""
- if paths.sysvol:
+ if paths.sysvol and not only_db:
copytree_with_xattrs(paths.sysvol, os.path.join(dir, "sysvol"))
shutil.copy2(paths.samdb, dir)
shutil.copy2(paths.secrets, dir)
@@ -1649,6 +1654,9 @@ def sync_calculated_attributes(samdb, names):
if __name__ == '__main__':
global defSDmodified
defSDmodified = False
+
+ if opts.nontaclfix and opts.fixntacl:
+ message(SIMPLE, "nontaclfix and fixntacl are mutally exclusive")
# From here start the big steps of the program
# 1) First get files paths
paths = get_paths(param, smbconf=smbconf)
@@ -1662,7 +1670,7 @@ if __name__ == '__main__':
ldbs = get_ldbs(paths, creds, session, lp)
backupdir = tempfile.mkdtemp(dir=paths.private_dir,
prefix="backupprovision")
- backup_provision(paths, backupdir)
+ backup_provision(paths, backupdir, opts.db_backup_only)
try:
ldbs.startTransactions()
@@ -1889,20 +1897,21 @@ if __name__ == '__main__':
update_provision_usn(ldbs.sam, minUSN, maxUSN, names.invocation)
if opts.full and (names.policyid is None or names.policyid_dc is None):
update_policyids(names, ldbs.sam)
- if opts.full or opts.resetfileacl or opts.fixntacl:
- try:
- update_gpo(paths, ldbs.sam, names, lp, message, 1)
- except ProvisioningError, e:
- message(ERROR, "The policy for domain controller is missing. "
- "You should restart upgradeprovision with --full")
- except IOError, e:
- message(ERROR, "Setting ACL not supported on your filesystem")
- else:
- try:
- update_gpo(paths, ldbs.sam, names, lp, message, 0)
- except ProvisioningError, e:
- message(ERROR, "The policy for domain controller is missing. "
- "You should restart upgradeprovision with --full")
+ if opts.nontaclfix:
+ if opts.full or opts.resetfileacl or opts.fixntacl:
+ try:
+ update_gpo(paths, ldbs.sam, names, lp, message, 1)
+ except ProvisioningError, e:
+ message(ERROR, "The policy for domain controller is missing. "
+ "You should restart upgradeprovision with --full")
+ except IOError, e:
+ message(ERROR, "Setting ACL not supported on your filesystem")
+ else:
+ try:
+ update_gpo(paths, ldbs.sam, names, lp, message, 0)
+ except ProvisioningError, e:
+ message(ERROR, "The policy for domain controller is missing. "
+ "You should restart upgradeprovision with --full")
if not opts.fixntacl:
ldbs.groupedCommit()
new_ldbs.groupedCommit()