fqdn_hostname)
-def secretsdb_setup_dns(secretsdb, names, private_dir, realm,
+def secretsdb_setup_dns(secretsdb, names, private_dir, bind_gid, realm,
dnsdomain, dns_keytab_path, dnspass, key_version_number):
"""Add DNS specific bits to a secrets database.
names.netbiosname.lower(), names.dnsdomain.lower())
})
+ # the commit creates the dns.keytab, now chown it
+ dns_keytab = os.path.join(private_dir, dns_keytab_path)
+ if os.path.isfile(dns_keytab) and bind_gid is not None:
+ try:
+ os.chmod(dns_keytab, 0640)
+ os.chown(dns_keytab, -1, bind_gid)
+ except OSError:
+ if not os.environ.has_key('SAMBA_SELFTEST'):
+ logger.info("Failed to chown %s to bind gid %u",
+ dns_keytab, bind_gid)
+
+
def create_dns_dir(logger, paths):
"""Write out a DNS zone file, from the info in the current database.
domainguid = get_domainguid(samdb, domaindn)
secretsdb_setup_dns(secretsdb, names,
- paths.private_dir, realm=names.realm,
+ paths.private_dir, paths.bind_gid,
+ realm=names.realm,
dnsdomain=names.dnsdomain,
dns_keytab_path=paths.dns_keytab, dnspass=dnspass,
key_version_number=key_version_number)