summaryrefslogtreecommitdiff
path: root/source4/scripting
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2011-07-31 20:05:23 +0200
committerJelmer Vernooij <jelmer@samba.org>2011-08-01 18:59:12 +0200
commit7585057a22beda5bac2b98c7488e994880927daf (patch)
treea41990ea4186e7a9ab7eaf5e2d82f40ecbc68898 /source4/scripting
parentcdc146d0c4969e693dd172a0fe7b40ac95bb9e0f (diff)
downloadsamba-7585057a22beda5bac2b98c7488e994880927daf.tar.gz
samba-7585057a22beda5bac2b98c7488e994880927daf.tar.bz2
samba-7585057a22beda5bac2b98c7488e994880927daf.zip
acl: Improve error message when setting acls fails.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Aug 1 18:59:12 CEST 2011 on sn-devel-104
Diffstat (limited to 'source4/scripting')
-rwxr-xr-xsource4/scripting/python/samba/upgradehelpers.py16
1 files changed, 12 insertions, 4 deletions
diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py
index 1ee1c044e7..9034140195 100755
--- a/source4/scripting/python/samba/upgradehelpers.py
+++ b/source4/scripting/python/samba/upgradehelpers.py
@@ -609,22 +609,30 @@ def update_gpo(paths, samdb, names, lp, message, force=0):
dir = getpolicypath(paths.sysvol, names.dnsdomain, names.policyid_dc)
if not os.path.isdir(dir):
create_gpo_struct(dir)
+
+ def acl_error(e):
+ if os.geteuid() == 0:
+ message(ERROR, "Unable to set ACLs on policies related objects: %s" % e)
+ else:
+ message(ERROR, "Unable to set ACLs on policies related objects. "
+ "ACLs must be set as root if file system ACLs "
+ "(rather than posix:eadb) are used.")
+
# We always reinforce acls on GPO folder because they have to be in sync
# with the one in DS
try:
set_gpos_acl(paths.sysvol, names.dnsdomain, names.domainsid,
names.domaindn, samdb, lp)
except TypeError, e:
- message(ERROR, "Unable to set ACLs on policies related objects,"
- " if not using posix:eadb, you must be root to do it")
+ acl_error(e)
if resetacls:
try:
setsysvolacl(samdb, paths.netlogon, paths.sysvol, names.wheel_gid,
names.domainsid, names.dnsdomain, names.domaindn, lp)
except TypeError, e:
- message(ERROR, "Unable to set ACLs on sysvol share, if not using"
- "posix:eadb, you must be root to do it")
+ acl_error(e)
+
def increment_calculated_keyversion_number(samdb, rootdn, hashDns):
"""For a given hash associating dn and a number, this function will