s4-provision: fixed eadb automatic and manual setting in provision

we should not set posix:eadb in lp in the acl native test code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py
index 9bf5cfe3d7365290eef6d514fdbd764450a16d31..4f1c9228108fa5e5b5e3a10e59e7fdd4793cb492 100644 (file)
--- a/source4/scripting/python/samba/ntacls.py
+++ b/source4/scripting/python/samba/ntacls.py
@@ -28,23 +28,23 @@ class XattrBackendError(Exception):
 
 
 def checkset_backend(lp, backend, eadbfile):
-    # if posix:eadb is set, then force the backend
-    if backend is not None:
-        if backend == "native":
-            lp.set("posix:eadb", "")
-        elif backend == "tdb":
-            if eadbfile is not None:
-                lp.set("posix:eadb", eadbfile)
-            else:
-                os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb"))
+    '''return the path to the eadb, or None'''
+    if backend is None:
+        return lp.get("posix:eadb")
+    elif backend == "native":
+        return None
+    elif backend == "tdb":
+        if eadbfile is not None:
+            return eadbfile
         else:
-            raise XattrBackendError("Invalid xattr backend choice %s"%backend)
+            return os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb"))
+    else:
+        raise XattrBackendError("Invalid xattr backend choice %s"%backend)
 
 
 def getntacl(lp, file, backend=None, eadbfile=None):
-    checkset_backend(lp, backend, eadbfile)
-    eadbname = lp.get("posix:eadb")
-    if eadbname is not None and eadbname != "":
+    eadbname = checkset_backend(lp, backend, eadbfile)
+    if eadbname is not None:
         try:
             attribute = samba.xattr_tdb.wrap_getxattr(eadbname, file, 
                 xattr.XATTR_NTACL_NAME)
@@ -62,14 +62,13 @@ def getntacl(lp, file, backend=None, eadbfile=None):
 
 
 def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None):
-    checkset_backend(lp, backend, eadbfile)
+    eadbname = checkset_backend(lp, backend, eadbfile)
     ntacl = xattr.NTACL()
     ntacl.version = 1
     sid = security.dom_sid(domsid)
     sd = security.descriptor.from_sddl(sddl, sid)
     ntacl.info = sd
-    eadbname = lp.get("posix:eadb")
-    if eadbname is not None and eadbname != "":
+    if eadbname is not None:
         try:
             samba.xattr_tdb.wrap_setxattr(eadbname,
                 file, xattr.XATTR_NTACL_NAME, ndr_pack(ntacl))

diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index b6c39cbb66ffdacc59f0c8c11f1a0e806f5cb93d..b5f37b555ae2526273f6582eedb9fba375036af5 100644 (file)
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -590,7 +590,7 @@ def make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole,
     #Load non-existant file
     if os.path.exists(smbconf):
         lp.load(smbconf)
-    if eadb:
+    if eadb and not lp.get("posix:eadb"):
         if targetdir is not None:
             privdir = os.path.join(targetdir, "private")
         else:

diff --git a/source4/setup/provision b/source4/setup/provision
index 303fd32f3b4a1ab2ad963f875dea1f34f8299597..18142addbf70f0db32953df495384a12da2cce9c 100755 (executable)
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -225,10 +225,8 @@ elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"):
                        "O:S-1-5-32G:S-1-5-32", "S-1-5-32", "native")
                eadb = False
        except:
-               # XXX: Should catch a specific exception here
-               if lp.get("posix:eadb") is None:
-                       logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. "
-                                           "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
+               logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. "
+                           "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
        file.close()