Fwd: Re: s4: new classicupgrade and uids

[Andrew Bartlett]

On Wed, 2012-08-08 at 11:01 +0400, Sergey Urushkin wrote:
> Hi.
> Some time ago I sent the patch to the list, but didn't get answer. For
> better readability it's attached again.
> The problem with it now is that it may set administrator uid to non-zero
> value (what will break GP editing, until appropriate posix acls is set.
> As a workaround - chown -R administrator path/to/sysvol). It may need
> additional warning message.

My thoughts are that I don't like the upgrade handling any of the well
known users, except perhaps to assign a UID.  Even then, things like
administrator UID should be connected via the provision() stage. 

> Also, I have to say that "if entry['rid'] < 1000:" check gives an error
> at the "adding users to groups" stage (nonexisting user). Ways to solve it:
>  1. Stop provision with error if such accounts exist (think it's the best)
>  2. Add some workaround to the function that lists members
>  3. Remove this check.

I'm not entirely sure what you mean here.  I guess we do need to upgrade
groups of any well known users we find?

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org