The Samba-Bugzilla – Attachment 10495 Details for
Bug 10881
Wrong keytab permissions when joining additional DC with BIND backend
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Test patch
10881.patch (text/plain), 2.34 KB, created by
Christian Ambach
on 2014-12-05 23:25:10 UTC
(
hide
)
Description:
Test patch
Filename:
MIME Type:
Creator:
Christian Ambach
Created:
2014-12-05 23:25:10 UTC
Size:
2.34 KB
patch
obsolete
>From c39959ff559be83f7ac08c2f3f7acb8a46a9c1e5 Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Sat, 6 Dec 2014 00:23:08 +0100 >Subject: [PATCH] provision/sambadns: set correct owner of keytab file > >otherwise samba_dnsupdate will not work > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=10881 >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > python/samba/provision/sambadns.py | 17 +++++++++++++++-- > 1 file changed, 15 insertions(+), 2 deletions(-) > >diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py >index b563932..ab95411 100644 >--- a/python/samba/provision/sambadns.py >+++ b/python/samba/provision/sambadns.py >@@ -640,7 +640,7 @@ def add_dc_msdcs_records(samdb, forestdn, prefix, site, dnsforest, hostname, > fqdn_hostname) > > >-def secretsdb_setup_dns(secretsdb, names, private_dir, realm, >+def secretsdb_setup_dns(secretsdb, names, private_dir, bind_gid, realm, > dnsdomain, dns_keytab_path, dnspass, key_version_number): > """Add DNS specific bits to a secrets database. > >@@ -667,6 +667,18 @@ def secretsdb_setup_dns(secretsdb, names, private_dir, realm, > names.netbiosname.lower(), names.dnsdomain.lower()) > }) > >+ # the commit creates the dns.keytab, now chown it >+ dns_keytab = os.path.join(private_dir, dns_keytab_path) >+ if os.path.isfile(dns_keytab) and bind_gid is not None: >+ try: >+ os.chmod(dns_keytab, 0640) >+ os.chown(dns_keytab, -1, bind_gid) >+ except OSError: >+ if not os.environ.has_key('SAMBA_SELFTEST'): >+ logger.info("Failed to chown %s to bind gid %u", >+ dns_keytab, bind_gid) >+ >+ > > def create_dns_dir(logger, paths): > """Write out a DNS zone file, from the info in the current database. >@@ -1173,7 +1185,8 @@ def setup_bind9_dns(samdb, secretsdb, names, paths, lp, logger, > domainguid = get_domainguid(samdb, domaindn) > > secretsdb_setup_dns(secretsdb, names, >- paths.private_dir, realm=names.realm, >+ paths.private_dir, paths.bind_gid, >+ realm=names.realm, > dnsdomain=names.dnsdomain, > dns_keytab_path=paths.dns_keytab, dnspass=dnspass, > key_version_number=key_version_number) >-- >1.9.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=10495">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 10881
:
10351
|
10352
| 10495