diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2011-07-31 20:05:23 +0200 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2011-08-01 18:59:12 +0200 |
commit | 7585057a22beda5bac2b98c7488e994880927daf (patch) | |
tree | a41990ea4186e7a9ab7eaf5e2d82f40ecbc68898 /source4/scripting | |
parent | cdc146d0c4969e693dd172a0fe7b40ac95bb9e0f (diff) | |
download | samba-7585057a22beda5bac2b98c7488e994880927daf.tar.gz samba-7585057a22beda5bac2b98c7488e994880927daf.tar.bz2 samba-7585057a22beda5bac2b98c7488e994880927daf.zip |
acl: Improve error message when setting acls fails.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Aug 1 18:59:12 CEST 2011 on sn-devel-104
Diffstat (limited to 'source4/scripting')
-rwxr-xr-x | source4/scripting/python/samba/upgradehelpers.py | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py index 1ee1c044e7..9034140195 100755 --- a/source4/scripting/python/samba/upgradehelpers.py +++ b/source4/scripting/python/samba/upgradehelpers.py @@ -609,22 +609,30 @@ def update_gpo(paths, samdb, names, lp, message, force=0): dir = getpolicypath(paths.sysvol, names.dnsdomain, names.policyid_dc) if not os.path.isdir(dir): create_gpo_struct(dir) + + def acl_error(e): + if os.geteuid() == 0: + message(ERROR, "Unable to set ACLs on policies related objects: %s" % e) + else: + message(ERROR, "Unable to set ACLs on policies related objects. " + "ACLs must be set as root if file system ACLs " + "(rather than posix:eadb) are used.") + # We always reinforce acls on GPO folder because they have to be in sync # with the one in DS try: set_gpos_acl(paths.sysvol, names.dnsdomain, names.domainsid, names.domaindn, samdb, lp) except TypeError, e: - message(ERROR, "Unable to set ACLs on policies related objects," - " if not using posix:eadb, you must be root to do it") + acl_error(e) if resetacls: try: setsysvolacl(samdb, paths.netlogon, paths.sysvol, names.wheel_gid, names.domainsid, names.dnsdomain, names.domaindn, lp) except TypeError, e: - message(ERROR, "Unable to set ACLs on sysvol share, if not using" - "posix:eadb, you must be root to do it") + acl_error(e) + def increment_calculated_keyversion_number(samdb, rootdn, hashDns): """For a given hash associating dn and a number, this function will |