diff options
author | Andrew Tridgell <tridge@samba.org> | 2010-02-17 16:29:17 +1100 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-02-17 19:43:32 +1100 |
commit | 72c0cd75e4b0aa5e59af6f54800f7a63d95da790 (patch) | |
tree | ad9053f28a95b9cb8a57917dcde94580bfe5abcb | |
parent | d14c3756e82412da93fc19f75167be9f2b46bf33 (diff) | |
download | samba-72c0cd75e4b0aa5e59af6f54800f7a63d95da790.tar.gz samba-72c0cd75e4b0aa5e59af6f54800f7a63d95da790.tar.bz2 samba-72c0cd75e4b0aa5e59af6f54800f7a63d95da790.zip |
s4-provision: fix permissions on generated DNS zone file
The zone file needs to be writeable by bind to allow for it to flush
its journal on dynamic updates
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source4/scripting/python/samba/provision.py | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 59daa25c69..b127d6cc54 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1525,15 +1525,7 @@ def create_zone_file(message, paths, setup_path, dnsdomain, except OSError: pass - os.mkdir(dns_dir, 0770) - # chmod needed to cope with umask - os.chmod(dns_dir, 0770) - - if paths.bind_gid is not None: - try: - os.chown(dns_dir, -1, paths.bind_gid) - except OSError: - message("Failed to chown %s to bind gid %u" % (dns_dir, paths.bind_gid)) + os.mkdir(dns_dir, 0775) setup_file(setup_path("provision.zone"), paths.dns, { "HOSTNAME": hostname, @@ -1549,6 +1541,16 @@ def create_zone_file(message, paths, setup_path, dnsdomain, "HOSTIP6_HOST_LINE": hostip6_host_line, }) + if paths.bind_gid is not None: + try: + os.chown(dns_dir, -1, paths.bind_gid) + os.chown(paths.dns, -1, paths.bind_gid) + # chmod needed to cope with umask + os.chmod(dns_dir, 0775) + os.chmod(paths.dns, 0664) + except OSError: + message("Failed to chown %s to bind gid %u" % (dns_dir, paths.bind_gid)) + def create_named_conf(paths, setup_path, realm, dnsdomain, private_dir): |