[PATCH 2/2] provision: Use short name for assignee
Matthieu Patou
mat at matws.net
Tue Jan 26 16:03:15 MST 2010
---
source4/scripting/python/samba/provision.py | 14 ++++++--------
1 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 58c172f..c92d564 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1053,8 +1053,8 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp,
FILL_FULL = "FULL"
FILL_NT4SYNC = "NT4SYNC"
FILL_DRS = "DRS"
-SYSVOL_ACL = "O:${DOMAINSID}-500G:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;S-1-5-32-549)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)"
-POLICIES_ACL = "O:${DOMAINSID}-500G:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;S-1-5-32-549)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001301bf;;;${DOMAINSID}-520)"
+SYSVOL_ACL = "O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)"
+POLICIES_ACL = "O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001301bf;;;PA)"
def set_gpo_acl(path,acl,lp,domsid):
setntacl(lp,path,acl,domsid)
@@ -1066,27 +1066,25 @@ def set_gpo_acl(path,acl,lp,domsid):
def setsysvolacl(samdb,names,netlogon,sysvol,gid,domainsid,lp):
canchown = 1
- acl = SYSVOL_ACL.replace("${DOMAINSID}",str(domainsid))
try:
os.chown(sysvol,-1,gid)
except:
canchown = 0
- setntacl(lp,sysvol,acl,str(domainsid))
+ setntacl(lp,sysvol,SYSVOL_ACL,str(domainsid))
for root, dirs, files in os.walk(sysvol, topdown=False):
for name in files:
if canchown:
os.chown(os.path.join(root, name),-1,gid)
- setntacl(lp,os.path.join(root, name),acl,str(domainsid))
+ setntacl(lp,os.path.join(root, name),SYSVOL_ACL,str(domainsid))
for name in dirs:
if canchown:
os.chown(os.path.join(root, name),-1,gid)
- setntacl(lp,os.path.join(root, name),acl,str(domainsid))
+ setntacl(lp,os.path.join(root, name),SYSVOL_ACL,str(domainsid))
# Set ACL for GPO
policy_path = os.path.join(sysvol, names.dnsdomain, "Policies")
- acl = POLICIES_ACL.replace("${DOMAINSID}",str(domainsid))
- set_gpo_acl(policy_path,dsacl2fsacl(acl,str(domainsid)),lp,str(domainsid))
+ set_gpo_acl(policy_path,dsacl2fsacl(POLICIES_ACL,str(domainsid)),lp,str(domainsid))
res = samdb.search(base="CN=Policies,CN=System,%s"%(names.domaindn),
attrs=["cn","nTSecurityDescriptor"],
expression="", scope=ldb.SCOPE_ONELEVEL)
--
1.6.3.3
--------------010401010709070503080204--
More information about the samba-technical
mailing list