From 5e8cb67605367ffd9dd2a8624df90f2ca5e77fc4 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 26 Nov 2010 12:10:55 +1100 Subject: s4-provision: fixed eadb automatic and manual setting in provision we should not set posix:eadb in lp in the acl native test code Pair-Programmed-With: Andrew Bartlett --- source4/scripting/python/samba/ntacls.py | 31 ++++++++++++++--------------- source4/scripting/python/samba/provision.py | 2 +- source4/setup/provision | 6 ++---- 3 files changed, 18 insertions(+), 21 deletions(-) diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py index 9bf5cfe3d7..4f1c922810 100644 --- a/source4/scripting/python/samba/ntacls.py +++ b/source4/scripting/python/samba/ntacls.py @@ -28,23 +28,23 @@ class XattrBackendError(Exception): def checkset_backend(lp, backend, eadbfile): - # if posix:eadb is set, then force the backend - if backend is not None: - if backend == "native": - lp.set("posix:eadb", "") - elif backend == "tdb": - if eadbfile is not None: - lp.set("posix:eadb", eadbfile) - else: - os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb")) + '''return the path to the eadb, or None''' + if backend is None: + return lp.get("posix:eadb") + elif backend == "native": + return None + elif backend == "tdb": + if eadbfile is not None: + return eadbfile else: - raise XattrBackendError("Invalid xattr backend choice %s"%backend) + return os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb")) + else: + raise XattrBackendError("Invalid xattr backend choice %s"%backend) def getntacl(lp, file, backend=None, eadbfile=None): - checkset_backend(lp, backend, eadbfile) - eadbname = lp.get("posix:eadb") - if eadbname is not None and eadbname != "": + eadbname = checkset_backend(lp, backend, eadbfile) + if eadbname is not None: try: attribute = samba.xattr_tdb.wrap_getxattr(eadbname, file, xattr.XATTR_NTACL_NAME) @@ -62,14 +62,13 @@ def getntacl(lp, file, backend=None, eadbfile=None): def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None): - checkset_backend(lp, backend, eadbfile) + eadbname = checkset_backend(lp, backend, eadbfile) ntacl = xattr.NTACL() ntacl.version = 1 sid = security.dom_sid(domsid) sd = security.descriptor.from_sddl(sddl, sid) ntacl.info = sd - eadbname = lp.get("posix:eadb") - if eadbname is not None and eadbname != "": + if eadbname is not None: try: samba.xattr_tdb.wrap_setxattr(eadbname, file, xattr.XATTR_NTACL_NAME, ndr_pack(ntacl)) diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index b6c39cbb66..b5f37b555a 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -590,7 +590,7 @@ def make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole, #Load non-existant file if os.path.exists(smbconf): lp.load(smbconf) - if eadb: + if eadb and not lp.get("posix:eadb"): if targetdir is not None: privdir = os.path.join(targetdir, "private") else: diff --git a/source4/setup/provision b/source4/setup/provision index 303fd32f3b..18142addbf 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -225,10 +225,8 @@ elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"): "O:S-1-5-32G:S-1-5-32", "S-1-5-32", "native") eadb = False except: - # XXX: Should catch a specific exception here - if lp.get("posix:eadb") is None: - logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. " - "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.") + logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. " + "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.") file.close() -- cgit