Re: [Samba] Re: winbindd + mod_ntlm_winbind, why do we need net join ... ?
On Thu, 2006-09-21 at 18:00 +0200, Juan Rodriguez wrote: On 9/21/06, Juan Rodriguez [EMAIL PROTECTED] wrote: Hello, I would like to use NTLM authentication on my Apache2 server, and I've found out this link which works very well for me, http://download.samba.org/ftp/unpacked/lorikeet/mod_ntlm_winbind I'm newbie to samba, and to make this stuff work, I had to execute net join -S DC -U Admin, because winbindd complained about did we join ?... (all of this can be found on man winbindd). I've managed to avoid this message using: net rpc getsid, but then I get the following error when I try to authenticate through mod_auth_winbind: (this is the output of winbindd) ... process_request: request fn AUTH_CRAP [11189]: pam auth crap domain: mydomain user: myuser is_myname(mydomain) returns 0 secrets_fetch failed! get_trust_pw: could not fetch trust account password for domain mydomain could not open handle to NETLOGON pipe (error: NT_STATUS_CANT_ACCESS_DOMAIN_INFO) You must join. Samba supports no other mode for mod_ntlm_winbindd. It is more secure, as we gain some assurance that the DC is real, and more reliable, as the DC communication is stateless. This is identical to how windows member servers operate. Other hacks often work, then fail (which is why ntlm_auth was created, to allow squid admins to use NTLM without these occasional failures) Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] error, when searching in AD database
I have joined a windows domain, which is part of a larger active directory forest. wbinfo -m gives me a long list of domains. ldapsearch gives me a long list of AD information, but in the end an error: ldapsearch -LLL -C -h ww901.mycompany.net -b DC=WW901,dc=mycompany,dc=NET -s sub ((servicePrincipalName=host/*)(objectclass=computer)) servicePrincipalName SASL/GSSAPI authentication started^M SASL username: [EMAIL PROTECTED] SASL SSF: 56^M SASL installing layers^M dn: CN=T126032c,OU=Computers,OU=SBS,OU=ANKT,OU=TR,DC=ww901,DC=mycompany,DC=net^M servicePrincipalName: SMTPSVC/T126032C^M servicePrincipalName: SMTPSVC/t126032c.ww901.mycompany.net^M servicePrincipalName: HOST/T126032C^M servicePrincipalName: HOST/t126032c.ww901.mycompany.net^M ^M dn: CN=T113665c,OU=Computers,OU=SBS,OU=ANKT,OU=TR,DC=ww901,DC=mycompany,DC=net^M servicePrincipalName: HOST/T113665C^M servicePrincipalName: HOST/t113665c.ww901.mycompany.net^M .. . But in the end I get: Operations error (1)^M Additional information: : LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece^M What does this error mean? I got lots of information from AD And should have authenticated, correct?? Thanks Norbert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] Excel Save Problem
Yesterday i compile a new samba version (3.0.23a) unfortunately the same problem. If i save a excel (or a pdf) doc on my smaba share, then all hangs. (90% iowait 0,2% cpu) I make sundries tests: samba tunning with socket options,... Oplock disable on client, antivirus disable on client. Las service pack installtion on client, Nothing change. Very weird: i have two samba shares. A small share with 250 gb and a large share with 750 (raid 5, drbd). Only on the large share hang samba when i save a dokument on windows 2000. with windows xp are running all ok. .i don't know why :( Thanks you for any help chris -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Felipe Augusto van de Wiel Gesendet: Donnerstag, 21. September 2006 16:13 An: samba@lists.samba.org Betreff: Re: [Samba] Excel Save Problem -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/20/2006 04:37 PM, Christian Nekola escreveu: a upgrade is a nice idea ;-) Indeed. And it is a recommended one. ;) the problem is, the version 3.0.10 is the default red hat enterprise 4 packet. redhat doesn't offer any updates. Hmmm, maybe FC compatible RPMs? Or Samba RPMs? today i want update to 3.0.14a with a rpm packet, but there were too many failed dependencies :-( now i think, i build samba myself, but i don't know which problems can happen if i do this. the server is in production 3.0.14 and 3.0.2x have big changes, you should read the NEWS/Changes about versions and check how it could impact you and your server. my running smb.conf: #=== Global Settings = [global] server string = Samba Server workgroup = xionitag netbios name = miraculix interfaces = 10.1.1.203 smb ports = 139 passdb backend = tdbsam #---Browsing und WINS-Server os level = 65 local master = yes domain master = yes preferred master = yes wins support = no name resolve order = lmhosts host dns dns proxy = no #---Domaenen-Login, Login-Skript, Profil-Pfad --- domain logons = yes logon script = login.cmd logon home = \\%L\%U logon drive = I: username map = /etc/samba/smbusers add user script = /usr/local/bin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g xion %u #---Log-Dateien anlegen- log file = /var/log/samba/%m.log # all log information in one file #log file = /var/log/samba/smbd.log max log size = 5000 #---Druckereinstellungen-- printcap name = cups load printers = yes printing = cups cups options = raw #Zeit-Server- time server = yes #Tuning Options socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE Maybe you can turn the SO_KEEPALIVE, *maybe*. :) # socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 getwd cache = yes read raw = yes write raw = yes dead time = 5 keepalive = 150 These are default options of a stock samba or did you tune it? Maybe you could revert for the default options (check the manpage for reference). [...] Good luck. Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFEp4ECj65ZxU4gPQRAj9cAKCXGLs4XyXTexREoOQ9lcTlHWb1NQCfSs4U VCjYz5JP8zL+1Y+p5DqO2CE= =5WZ6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] can't access Samba share when clocks skew is too great
Hi all, I have a Samba 3.0.23c server joined to an Windows 2003 AD domain. Users access it from Windows workstations (XP, 2000). The problem is that if a workstation has its time off by more than 5 minutes, Samba server cannot be accessed. I understand that Kerberos cannot authenticate the clients due to clock skew; however, I thought that in such case Samba could falls back to NTLM auth. At least, the workstations with the wrong clock can access Windows file servers, but not Samba. Is Samba's behavior in this case intentional? Is this supposed to work? How can I help or debug this situation? Any help is appreciated. Thanks, Leonid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem making directory that already exists from an OS2
We are encountering problems creating directories from OS2 clients to a samba server (Version 3.0.23c-SerNet-RedHat). It occurs when the directory already exists. (no problem for Windows clients) From an OS2 client to an OS2 server we receive this message : SYS1248: A subdirectory or file \\server\directory already exists. From an OS2 client to an Samba server we receive this message : SYS0317: The system cannot find message 0183 in message file OSO001.MSG. Looks like there is different return codes between OS2 Lan server and Samba server for event directory already exist. Taking ethereal traces : we see that the return code from OS2 Lan server is 0x05. we see that the return code from Samba server is 0xb7. (0183) The problem is similar to another problem we had with OS2 clients on an older version of Samba with empty directories. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Transfer rates faster than 23MBps?
OK, I'll top post. I can't let this stand unanswered. I ran a LOT of tests with gigabit copper and windows machines. I never did better than 40 seconds per gig. That was with the Intel cards configured for maximum cpu utilization. 80-90% cpu for 40 sec per gig. On windows. Uploads went half as fast. Asymetric. Of course I only had 32 bit PCI, 2.5Gig processor motherboards with 45MBps drives. Which leads me to my point. One can't rationally compare performance of gigabit ethernet without talking about hardware on the platforms. I wouldn't think you'd have overlooked this, but one can bump up against the speed of the disk drive. Raid has overhead. Have you tried something like iostat? Serial ATA? I seem to recall the folks at Enterasys indicating 300Gbps as a practical upper limit on copper gig. Are you using fiber? 64 bit PCI? Who made which model of the network card? Is it a network card that's well supported in Linux? Can you change the interrupt utilization of the card? What's the CPU utilization on the Redhat machine during transfers? I don't have specific answers for your questions, but one can't just say this software product is slower on gigabit than the other one without talking hardware at the same time. I have lots of memory. I use these configurations in sysctl.conf to up the performance of send/recieve windows on my systems. There's articles out there. I don't have historical references handy. YMMV. net.core.wmem_max = 1048576 net.core.rmem_max = 1048576 net.ipv4.tcp_wmem = 4096 65536 1048575 net.ipv4.tcp_rmem = 4096 524288 1048575 net.ipv4.tcp_window_scaling = 1 Regards, Doug I wanted to follow up to my email to provide at least a partial answer to my problem. The stock RedHat AS4-U3 Samba config has SO_SNDBUF and SO_RCVBUF set to 8k. With this value, I can transfer a 1GB file in about 70-75 seconds, about 14MBps. If I increase those buffers to their max value of 64k, that same 1GB file transfers in 45-50 seconds, about 23MBps. That is the _ONLY_ configuration value I've found that made any difference in my setup. All the other tweaks I'd done, when removed, seemed to make no difference at all. I was playing with oplocks, buffers, max xmit sizes, you name it. But the socket option buffers was the only thing that made a difference. I'm still looking for more speed. I'll report if I find anything else that helps. In response to Jeremy's suggestion of using smbclient, I ran a test from a Linux client using smbclient and it reported a transfer rate of 21MBps, about the same as a normal smbfs mount. I haven't tried porting smbclient to Windows yet, and probably won't until we get more info on what the server is doing. Thanks everyone. -Mark Mark Smith wrote: We use SMB to transfer large files (between 1GB and 5GB) from RedHat AS4 Content Storage servers to Windows clients with 6 DVD burners and robotic arms and other cool gadgets. The servers used to be Windows based, but we're migrating to RedHat for a host of reasons. Unfortunately, the RedHat Samba servers are about 2.5 times slower than the Windows servers. Windows will copy a 1GB file in about 30 seconds, where as it takes about 70 to 75 seconds to copy the same file from a RedHat Samba server. I've asked Dr. Google and gotten all kinds of suggestions, most of which have already been applied by RedHat to the stock Samba config. I've opened a ticket with RedHat. They pointed out a couple errors in my config, but fixing those didn't have any effect. Some tweaking, however, has gotten the transfer speed to about 50 seconds for that 1GB file. But I seem to have hit a brick wall; my fastest time ever was 44 seconds, but typically it's around 50. I know it's not a problem with network or disk; if I use Apache and HTTP to transfer the same file from the same server, it transfers in about 15 to 20 seconds. Unfortunately, HTTP doesn't meet our other requirements for random access to the file. Do you folks use Samba for large file transfers at all? Have you had any luck speeding it up past about 23MBps (the 44 second transfer speed)? Any help you may have would be fantastic. Thanks. -Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Unable to connect samba server using hostname [2]
Hi David, Don't know if this helps you, but I am having such problems with client machines that have their clock off. Correcting the time fixes the issue. You wrote that Samba uses Windows 2003 server as NTP server, but you didn't mention if your client machines do the same. Try running net time /set /yes on a client machine (this synchronizes the time with the domain controller) and see if it helps. Thanks, Leonid DavidDST [EMAIL PROTECTED] ???/ ? ?: news:[EMAIL PROTECTED] Hi, I've got th same problem than in this tread (no solution found) : http://lists.samba.org/archive/samba/2005-November/113914.html except I've got the problem on all stations. I am unable to connect to samba server using it's hostname, whereas it's work with IP address. When I use the hostname, Samba always request for login/password. [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(500) NativeOS=[Windows Server 2003 3790 Service Pack 1] NativeLanMan=[] [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 2 840 48018 1 2 2 [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 2 840 113554 1 2 2 [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 3 6 1 4 1 311 2 2 10 [2006/09/21 12:59:04, 3] smbd/sesssetup.c:reply_spnego_negotiate(388) Got secblob of size 1201 [2006/09/21 12:59:04, 10] passdb/secrets.c:secrets_named_mutex(697) secrets_named_mutex: got mutex for replay cache mutex [2006/09/21 12:59:04, 10] libads/kerberos_verify.c:ads_verify_ticket(310) ads_verify_ticket: enc type [16] failed to decrypt with error Bad encryption type [2006/09/21 12:59:04, 3] libads/kerberos_verify.c:ads_verify_ticket(310) ads_verify_ticket: enc type [3] failed to decrypt with error Decrypt integrity check failed [2006/09/21 12:59:04, 10] libads/kerberos_verify.c:ads_verify_ticket(310) ads_verify_ticket: enc type [1] failed to decrypt with error Bad encryption type [2006/09/21 12:59:04, 10] passdb/secrets.c:secrets_named_mutex_release(709) secrets_named_mutex: released mutex for replay cache mutex [2006/09/21 12:59:04, 3] libads/kerberos_verify.c:ads_verify_ticket(317) ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type) [2006/09/21 12:59:04, 1] smbd/sesssetup.c:reply_spnego_kerberos(172) Failed to verify incoming ticket! Samba has been correctly register in the domain. Samba use Windows 2003 server as NTP server. I could obtain user list and group list from winbind. I could resolve workstations name from Samba server. There is no IP restriction on Samba server. When I use IP address, log is different : [2006/09/21 13:04:23, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(500) NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] [2006/09/21 13:04:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(385) Got OID 1 3 6 1 4 1 311 2 2 10 [2006/09/21 13:04:23, 3] smbd/sesssetup.c:reply_spnego_negotiate(388) Got secblob of size 40 [2006/09/21 13:04:23, 5] auth/auth.c:make_auth_context_subsystem(484) Making default auth method list for security=ADS [...] I've got something like auth/auth.c:make_auth_context_subsystem with IP and passdb/secrets.c:secrets_named_mutex with hostname. Any ideas ? Kindest regards, David. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba printer share
Hi, And if you add something like that into the smb.conf: [global] disable spoolss = yes [print$] comment = Printer Drivers path = /var/lib/samba/printers [hp2300] path = /tmp writeable = yes browseable = yes printable = yes guest ok = yes what happens? -- Bruno On 9/21/06, Kostya Berger [EMAIL PROTECTED] wrote: Hello, dear colleagues using SAMBA. Who could possibly tell me what I am missing in order to make my SAMBA printer share visible on the windows network( i.e., accessing it from a MS Windows machine's explorer, for example )? It is SAMBA 3.0.23 on Linux 2.4.33 machine(originally RedHat 7.3. based, but so much upgraded, even to GLIBC-2.3.6). here are the linked libraries: = #ldd /usr/local/samba/sbin/smbd libcups.so.2 = /usr/lib/libcups.so.2 (0x40023000) libpthread.so.0 = /lib/libpthread.so.0 (0x40056000) libm.so.6 = /lib/libm.so.6 (0x400a8000) libcrypt.so.1 = /lib/libcrypt.so.1 (0x400cb000) libresolv.so.2 = /lib/libresolv.so.2 (0x400f8000) libnsl.so.1 = /lib/libnsl.so.1 (0x40109000) libdl.so.2 = /lib/libdl.so.2 (0x4011d000) libpopt.so.0 = /usr/lib/libpopt.so.0 (0x40121000) libc.so.6 = /lib/libc.so.6 (0x40128000) libpthread.so.20 = /usr/lib/libpthre And here, at last, my smb.conf: [global] log file = /usr/local/samba/var/log.%m load printers = yes socket options = TCP_NODELAY username map = /etc/samba/user.map interfaces = 192.168.0.1/27 domain master = yes null passwords = yes public = yes wins support = true guest account = nobody dns proxy = no netbios name = Samba netbios aliases = Samba printing = cups server string = Samba default = global local master = yes workgroup = QUBICA os level = 65 printcap name = cups security = share max log size = 50 [Server_files] map archive = no writeable = yes path = /mnt/nfs hide dot files = no public = yes case sensitive = yes [printers] postscript = yes printer = hp_LaserJet_3015 lpq command = lpstat -o %p browseable = yes printable = yes print command = lpr -P %p -o raw %s -r comment = All Printers lprm command = cancel %p-%j printer admin = root === My printer here is installed via HPLIP, CUPS is running OK, everything's OK, except that I can't see the printer through windows network browsing, neither from linux, nor from windows machines. Of course, I did the RTFM search and corrected everything accordingly, but still. The [Server_files] share IS visible, the [printers] is NOT. ANY IDEAS? THANKS IN ADVANCE FOR YOUR KIND SUPPORT AND YOUR PRECIOUS TIME! Kostya -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't access Samba share when clocks skew is too great
Hi Leonid, I don´t know the cause of this problem, but if you try add into your netlogon script a line such as a set time in order to set the clock to the same from the server? Regards! -- Bruno On 9/22/06, Leonid Zeitlin [EMAIL PROTECTED] wrote: Hi all, I have a Samba 3.0.23c server joined to an Windows 2003 AD domain. Users access it from Windows workstations (XP, 2000). The problem is that if a workstation has its time off by more than 5 minutes, Samba server cannot be accessed. I understand that Kerberos cannot authenticate the clients due to clock skew; however, I thought that in such case Samba could falls back to NTLM auth. At least, the workstations with the wrong clock can access Windows file servers, but not Samba. Is Samba's behavior in this case intentional? Is this supposed to work? How can I help or debug this situation? Any help is appreciated. Thanks, Leonid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't access Samba share when clocks skew is too great
It is pretty standard behavior for encrypted authentication schemes to reject authentication requests when the time deviation between the client and server are too far apart. This is by design. It is basically a timeout from Active Directory's perspective. You can use Active Directory GPOs to configure clients to use NTP and you can also configure NTP on your Samba server (use cron to sync time hourly if you must). This should fix your authentication issue. If you need help with GPOs or configuring NTP on your Samba server, let me know. Bruno Rodrigues Neves wrote: Hi Leonid, I don´t know the cause of this problem, but if you try add into your netlogon script a line such as a set time in order to set the clock to the same from the server? Regards! -- Bruno On 9/22/06, Leonid Zeitlin [EMAIL PROTECTED] wrote: Hi all, I have a Samba 3.0.23c server joined to an Windows 2003 AD domain. Users access it from Windows workstations (XP, 2000). The problem is that if a workstation has its time off by more than 5 minutes, Samba server cannot be accessed. I understand that Kerberos cannot authenticate the clients due to clock skew; however, I thought that in such case Samba could falls back to NTLM auth. At least, the workstations with the wrong clock can access Windows file servers, but not Samba. Is Samba's behavior in this case intentional? Is this supposed to work? How can I help or debug this situation? Any help is appreciated. Thanks, Leonid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: can't access Samba share when clocks skew is too great
Hi Bruno, Thanks, I understand that. Still, I'm not sure why Samba wouldn't use NTLM auth if Kerberos fails. It appears that Windows file servers do exactly that, since clients with incorrect clock can connect to Windows servers and are telling me that Samba is not working for them, while Windows is. Thanks, Leonid Bruno Rodrigues Neves [EMAIL PROTECTED] ???/ ? ?: news:[EMAIL PROTECTED] Hi Leonid, I don´t know the cause of this problem, but if you try add into your netlogon script a line such as a set time in order to set the clock to the same from the server? Regards! -- Bruno On 9/22/06, Leonid Zeitlin [EMAIL PROTECTED] wrote: Hi all, I have a Samba 3.0.23c server joined to an Windows 2003 AD domain. Users access it from Windows workstations (XP, 2000). The problem is that if a workstation has its time off by more than 5 minutes, Samba server cannot be accessed. I understand that Kerberos cannot authenticate the clients due to clock skew; however, I thought that in such case Samba could falls back to NTLM auth. At least, the workstations with the wrong clock can access Windows file servers, but not Samba. Is Samba's behavior in this case intentional? Is this supposed to work? How can I help or debug this situation? Any help is appreciated. Thanks, Leonid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: can't access Samba share when clocks skew is too great
Hi Aaron, Thanks, I understand. As a matter of fact, yes, I do need help with GPOs (not NTP on Samba server - thanks, that's clear to me), so if you can offer a suggestion, I'd appreciate (I understand this is off topic on the Samba list). At the same time, as I mentioned in the previous post, I'm trying to understand why clients with incorrect clock can connect to Windows servers and can't connect to Samba. I thought Samba tried to emulate Windows file server as close as possible. In this particular case I thought Samba would fall back to NTLM auth. Maybe I misunderstand something. Thanks, Leonid Aaron Kincer [EMAIL PROTECTED] ???/ ? ?: news:[EMAIL PROTECTED] It is pretty standard behavior for encrypted authentication schemes to reject authentication requests when the time deviation between the client and server are too far apart. This is by design. It is basically a timeout from Active Directory's perspective. You can use Active Directory GPOs to configure clients to use NTP and you can also configure NTP on your Samba server (use cron to sync time hourly if you must). This should fix your authentication issue. If you need help with GPOs or configuring NTP on your Samba server, let me know. Bruno Rodrigues Neves wrote: Hi Leonid, I don´t know the cause of this problem, but if you try add into your netlogon script a line such as a set time in order to set the clock to the same from the server? Regards! -- Bruno On 9/22/06, Leonid Zeitlin [EMAIL PROTECTED] wrote: Hi all, I have a Samba 3.0.23c server joined to an Windows 2003 AD domain. Users access it from Windows workstations (XP, 2000). The problem is that if a workstation has its time off by more than 5 minutes, Samba server cannot be accessed. I understand that Kerberos cannot authenticate the clients due to clock skew; however, I thought that in such case Samba could falls back to NTLM auth. At least, the workstations with the wrong clock can access Windows file servers, but not Samba. Is Samba's behavior in this case intentional? Is this supposed to work? How can I help or debug this situation? Any help is appreciated. Thanks, Leonid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: winbindd + mod_ntlm_winbind, why do we need net join ... ?
On 9/22/06, Andrew Bartlett [EMAIL PROTECTED] wrote: [snipped] You must join. Samba supports no other mode for mod_ntlm_winbindd. It is more secure, as we gain some assurance that the DC is real, and more reliable, as the DC communication is stateless. This is identical to how windows member servers operate. Other hacks often work, then fail (which is why ntlm_auth was created, to allow squid admins to use NTLM without these occasional failures) Ok, I can guess this is the right way of doing this. But I can't ask for the DC Administrator's password to join the domain. Is there an easy way to hack the source code and avoid this limitation ? As far as I can understand, this is a Samba restriction, not a windows one. (correct me if I am wrong). Thank you ver much for you help. -- JFRH -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: can't access Samba share when clocks skew is too great
Actually, now that you mention it and I've got more caffeine in the veins, I would throw the theory out that the Samba server-side authentication is being more proactive than AD would be. In other words, AD says You got the right password? Come on in! whereas Samba says You got the right password? That's great, but our time is out of sync and that's a problem. This session has timed out. This is just a guess, more or less. Feel free to email me directly with your questions about GPOs if you want to take it off-list. Aaron Leonid Zeitlin wrote: Hi Aaron, Thanks, I understand. As a matter of fact, yes, I do need help with GPOs (not NTP on Samba server - thanks, that's clear to me), so if you can offer a suggestion, I'd appreciate (I understand this is off topic on the Samba list). At the same time, as I mentioned in the previous post, I'm trying to understand why clients with incorrect clock can connect to Windows servers and can't connect to Samba. I thought Samba tried to emulate Windows file server as close as possible. In this particular case I thought Samba would fall back to NTLM auth. Maybe I misunderstand something. Thanks, Leonid Aaron Kincer [EMAIL PROTECTED] ???/ ? ?: news:[EMAIL PROTECTED] It is pretty standard behavior for encrypted authentication schemes to reject authentication requests when the time deviation between the client and server are too far apart. This is by design. It is basically a timeout from Active Directory's perspective. You can use Active Directory GPOs to configure clients to use NTP and you can also configure NTP on your Samba server (use cron to sync time hourly if you must). This should fix your authentication issue. If you need help with GPOs or configuring NTP on your Samba server, let me know. Bruno Rodrigues Neves wrote: Hi Leonid, I don´t know the cause of this problem, but if you try add into your netlogon script a line such as a set time in order to set the clock to the same from the server? Regards! -- Bruno On 9/22/06, Leonid Zeitlin [EMAIL PROTECTED] wrote: Hi all, I have a Samba 3.0.23c server joined to an Windows 2003 AD domain. Users access it from Windows workstations (XP, 2000). The problem is that if a workstation has its time off by more than 5 minutes, Samba server cannot be accessed. I understand that Kerberos cannot authenticate the clients due to clock skew; however, I thought that in such case Samba could falls back to NTLM auth. At least, the workstations with the wrong clock can access Windows file servers, but not Samba. Is Samba's behavior in this case intentional? Is this supposed to work? How can I help or debug this situation? Any help is appreciated. Thanks, Leonid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Other domain sequence numbers are -1
I posted this yesterday, but didn't get any responses. Can anyone help me out? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Trimble, Ronald D Sent: Thursday, September 21, 2006 9:39 AM To: samba@lists.samba.org Subject: [Samba] Other domain sequence numbers are -1 Everyone, I have configured a new SLES 10 server exactly the same as I had previously configured a SLES 9 server. The only difference is the version of samba. On the SLES 10 server, I am running the 3.0.23c level, the SLES 9 server is behind a little. My problem is with connecting to other AD domains. Only my default domain has a valid sequence number. All the other domains are showing up as a -1. This information was retrieved from the logs since the wbinfo -sequence command times out. Here are the relevant pieces of information. Can someone suggest what I may be doing wrong? This is very confusing to me since it works perfectly on my SLES 9 server and I copied the configuration from there. Thanks, Ron From krb5.conf: [libdefaults] default_tgs_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC default_tkt_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC preferred_enctypes = DES-CBC-CRC DES-CBC-MD5 RC4-HMAC default_realm = NA.UIS.UNISYS.COM dns_lookup_kdc = true [realms] NA.UIS.UNISYS.COM = { kdc = 192.63.225.67:88 admin_server = 192.63.225.67:749 } EU.UIS.UNISYS.COM = { kdc = 192.61.146.133:88 admin_server = 192.61.146.133:749 } AP.UIS.UNISYS.COM = { kdc = 192.61.146.132:88 admin_server = 192.61.146.132:749 } LAC.UIS.UNISYS.COM = { kdc = 192.61.146.131:88 admin_server = 192.61.146.131:749 } [domain_realm] .na.uis.unisys.com = NA.UIS.UNISYS.COM na.uis.unisys.com = NA.UIS.UNISYS.COM .eu.uis.unisys.com = EU.UIS.UNISYS.COM eu.uis.unisys.com = EU.UIS.UNISYS.COM .ap.uis.unisys.com = AP.UIS.UNISYS.COM ap.uis.unisys.com = AP.UIS.UNISYS.COM .lac.uis.unisys.com = LAC.UIS.UNISYS.COM lac.uis.unisys.com = LAC.UIS.UNISYS.COM From smb.conf: [global] workgroup = NA realm = NA.UIS.UNISYS.COM netbios name = M1016 encrypt passwords = yes security = ADS password server = 192.63.225.67 192.63.225.68 passdb backend = smbpasswd log level = 2 winbind:10 ads:10 auth:10 syslog = 0 log file = /var/log/samba/%m.log max log size = 5000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 winbind use default domain = no winbind uid = 16777216-33554431 winbind gid = 16777216-33554431 winbind enum users = no winbind enum groups = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] migrating smbpasswd backend to ldap backend
Hi, Migrated users successfully to ldap. I stupidly deleted secrets.tdb. what significance does this have ? The users seem to be able to login, but i can't add a new computer to the domain because it does not access my password. how do i create the domain admin ? Quoting Matt Hyclak [EMAIL PROTECTED]: On Wed, Sep 20, 2006 at 07:31:11PM +0300, Peter Collins Wasenda enlightened us: btw, do i only have to migrate the backend when i move to ldap ? any other things to consider ? I can't think of anything off the top of my head other than macking sure to change your passdb configuration options to point to LDAP. Things pretty much just worked, but YMMV. Also, my script migrates the unix accounts as well, so you would have to reconfigure your system authorization if you wanted to take advantage of that as well. Worst case scenario you can leave a copy of smbpasswd laying around and change your passdb for a quick recovery. Matt -- Matt Hyclak Department of Mathematics Department of Social Work Ohio University (740) 593-1263 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Real Computer Solutions LTD Johnstone Street, suite G001 Tel: 256-752-996477 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Linux Samba to Mac OSX: resource fork lock problems?
I am seeking a better workaround than I currently have for the problem. Using OS X 10.3.x and 10.4.x (and possibly other versions) as workstations, and Gentoo Linux (kernel 2.6.16) with Samba 3.0.22, I have the following sequence of events. The symptom is most prevalent when dealing with multi MB files: 1. Resource fork (._ file) gets locked 2. File associated with resource fork also gets locked. 3. File gets unlocked 4. Resource fork never gets unlocked. Because the resource fork never gets unlocked, this causes problems with migration of data off the Mac to the server and occasionally results in a file being deleted unexpectedly. I can clear the resource fork locks by stopping and restarting appropriate server processes. It's pretty consistent that the Macs request a lock on the resource fork and seldom (if ever) release it. The best hypothesis I've heard to date makes this out as a Mac GUI bug, where the multi-threaded nature of the GUI creates a race condition between the SMB client code and the GUI's refresh, which becomes more prevalent in larger files. I've Googled for these symptoms, and have found reports of this problem not only with SMB, but also with NFS. On the Mac side, we're evaluating DAVE (an SMB client program to replace OSX's native SMB implementation). It's meeting with some resistance from my Mac users, as the UI is not as convenient as the builtin interface and has some problems with locating resource forks, even as it avoids removing hours or days worth of productivity. Our other options are to go to AFP via netatalk (which may not resolve the problem), to live with the problem, or to purchase a Mac X server and move our Macs off Samba. None of these solutions look really attractive, as they're either going to just push the interoperability problem from one platform to another, or have no evidence to support it will resolve the problem. I guess I'm looking for better workarounds. I'm wondering if there's some way to, for instance, just veto locks for just ._* files (and what would the consequences be for doing that from a protocol standpoint), or a way to get some program to test for data fork locks before giving resource fork locks. Any suggestions? While similar topics seem to be posted periodically to this list and web boards, there doesn't seem to be much of an answer out there... -Bill -- William Yang [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount failed
In fact I have fixed the problem now. I have compiled smbmnt, but I have not placed the samba files in the install directory that specificed at the compile time, or placed in the $PATH (I have placed it in /tmp for testing...). So the smbmount cannot find smbmnt. It is fixed after I modify the $PATH. However, I have another question, smbmnt accesses a file /etc/mtab, which is sometimes read-only in an embedded system. I have modified the codes so that it now access a dummy file in /tmp. smbmnt seems to be working now but is there any potential problem? Thanks! Hei On 9/22/06, Adam Nielsen [EMAIL PROTECTED] wrote: execvp of smbmnt failed. Error was No such file or directory.smbmnt failed: 1 Did you compile and install the helper program 'smbmnt'? On my system it appears in /usr/bin/smbmnt Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem making directory that already exists from an OS2
On Fri, Sep 22, 2006 at 11:49:57AM +0200, [EMAIL PROTECTED] wrote: We are encountering problems creating directories from OS2 clients to a samba server (Version 3.0.23c-SerNet-RedHat). It occurs when the directory already exists. (no problem for Windows clients) Can you please send the sniffs? Thanks, Volker pgpj5U4KynYeJ.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] unable to change passwd from win XP
Hi list, I have set up two Samba PDC networks for work with win XP clients. Each network is small, about 15 clients and three printers. Each uses a different distro (don't ask)--one is mandriva 2006 the other is debian sarge. Both have all updates. Both have working wins and dns on Linux. Mostly things work well, but I am unable to change passwords from the XP clients. The client will hang, then give this message: *you do not have permission to change your password* I have googled; what I saw pertained to changes in XP that broke Samba and were fixed at v3.04. I am using samba-server-3.0.20-3.1.20060mdk on mandriva and samba 3.0.14a-3sarge on debian. Here is my smb.conf for debian: [EMAIL PROTECTED]:~$ head -n 50 /etc/samba/smb.conf [global] workgroup = FOOBAR netbios name = SERVER1 server string = lan file server passdb backend = tdbsam security = user username map = /etc/samba/smbusers name resolve order = dns wins bcast hosts domain logons = yes os level = 64 preferred master = yes wins support = yes # Set CUPS for printing printcap name = CUPS printing = CUPS # use client drivers = yes # Default logon logon drive = Z: logon script = scripts/logon.bat logon path = \\%L\profile\%U # Useradd scripts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false/ -d /dev/null -g machines %u idmap uid = 15000-2 idmap gid = 15000-2 # sync smb passwords with linux passwords unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *new*password* %n\n*Re-enter*new*password* %n\n *Password*changed* passwd chat debug = yes # set the loglevel log level = 3 [homes]snip here's a log.smbd excerpt [2006/09/22 00:04:59, 3] smbd/chgpasswd.c:chat_with_program(429) chat_with_program: Dochild for user steve (uid=0,gid=0) (as_root = Yes) [2006/09/22 00:05:01, 2] smbd/chgpasswd.c:expect(285) expect: Success [2006/09/22 00:05:01, 3] smbd/chgpasswd.c:talktochild(316) Response 1 incorrect [2006/09/22 00:05:01, 3] smbd/chgpasswd.c:chat_with_program(372) chat_with_program: Child failed to change password: steve Thanks in advance for any advice. Steve G -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Windows Application Overriding Samba Settings
On Thu, Sep 21, 2006 at 04:40:52PM -0400, [EMAIL PROTECTED] wrote: Oops, sorry. I had a typo in my posting. I wrote: Until this new version of the Windows application came out, I never had any issues. ANY folder or file created by the application always had the same permissions: 2750 or 570 (respectively) I should have written: Until this new version of the Windows application came out, I never had any issues. ANY folder or file created by the application always had the same permissions: 2750 or 750 (respectively) I switched a 7 and a 5. Andy, you are correct it shouldn't do this. The create mask should *always* mask off files - even when directly setting chmod bits via the UNIX extensions. Can you reproduce this in a test with 3.0.23c ? It may be a bug we fixed. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] CryptoCard - PAM or RADIUS?
Greetings all, not being able to get PAM to work correctly, I then tried their RADIUS server approach. I am now getting closer to success with this problem. I see the RADIUS traffic push and pull; it authenticates successfully once and then, on a second authentication attempt, fails (as the card sequence most likely changed). Below is what I am entering at the CLI, and am now getting output: fileserver:/etc/pam.d# smbclient -U rhandorf -L localhost Password: Domain=[snip] OS=[Unix] Server=[snip] Sharename Type Comment - --- homes Disk public Disk IPC$IPC IPC Service ADMIN$ IPC IPC Service rhandorfDisk Home directory of rhandorf session setup failed: NT_STATUS_LOGON_FAILURE NetBIOS over TCP disabled -- no workgroup available and in the auth.log Sep 22 09:03:46 localhost smbd[9625]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=samba ruser= rhost=127.0.0.1 user=rhandorf the samba pam file contains the following: auth sufficient pam_radius_auth.so debug conf=/etc/raddb/server authrequiredpam_unix.so nullok_secure account requiredpam_unix.so session requiredpam_unix.so Windows always reports back with \\fileserver is not accessible. You might not have permission to use this network resource... error. Any idea's as to how I can attack this one? Thanks again all, r Russell Handorf wrote: Thanks Simo for your response. I'm working with the vendor a little more. Here are the details on the PAM error's. [2006/09/19 07:56:48, 4] auth/pass_check.c:pass_check(621) pass_check: Checking (PAM) password for user rhandorf (l=6) [2006/09/19 07:56:48, 4] auth/pampass.c:smb_pam_start(459) smb_pam_start: PAM: Init user: rhandorf [2006/09/19 07:56:48, 4] auth/pampass.c:smb_pam_start(476) smb_pam_start: PAM: setting rhost to: 127.0.0.1 [2006/09/19 07:56:48, 4] auth/pampass.c:smb_pam_start(485) smb_pam_start: PAM: setting tty [2006/09/19 07:56:48, 4] auth/pampass.c:smb_pam_start(493) smb_pam_start: PAM: Init passed for user: rhandorf [2006/09/19 07:56:48, 4] auth/pampass.c:smb_pam_auth(510) smb_pam_auth: PAM: Authenticate User: rhandorf [2006/09/19 07:56:48, 0] auth/pampass.c:smb_pam_auth(535) smb_pam_auth: PAM: UNKNOWN ERROR while authenticating user rhandorf [2006/09/19 07:56:48, 2] auth/pampass.c:smb_pam_error_handler(73) smb_pam_error_handler: PAM: Authentication Failure : Module is unknown [2006/09/19 07:56:48, 0] auth/pampass.c:smb_pam_passcheck(810) smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User rhandorf ! [2006/09/19 07:56:48, 4] auth/pampass.c:smb_pam_end(440) smb_pam_end: PAM: PAM_END OK. The only other authentication method that they support then is RADIUS, which is clear text as well. Which one does everyone suggest I then try to tackle with SAMBA support? PAM or RADIUS? Thanks again, r Simo Sorce wrote: On Tue, 2006-09-19 at 09:59 -0400, Russell Handorf wrote: Greetings all, I'm working on attempting to get SAMBA to work with a product line called CryptoCard. I *should* be able to get it to work one of two ways, either through the use of CryptoCard's provided PAM module, or through RADIUS authentication. Currently, I cannot seem to get PAM authentication to work at all. This is what is in the 'samba' file for PAM: auth required /lib/security/pam_cap_auth.so server=insertSERVERipHERE:624 noeus debug echo auth requires /lib/security/pam_nologin.so accountrequired /lib/security/pam_stack.so service=system-auth accountrequired /lib/security/pam_permit.so sessionrequired /lib/security/pam_stack.so service=system-auth sessionoptional /lib/security/pam_console.so password required /lib/security/pam_stack.so service=system-auth And for the smb.conf file I have the all important setting of 'encrypt passwords = No' to enable PAM authentication When attempting to authenticate locally, from the server to the server, I get: smbclient -U rhandorf -L localhost Password: session setup failed: NT_STATUS_UNSUCCESSFUL and in the error logs I get: [2006/09/18 13:42:36, 0] auth/pampass.c:smb_pam_auth(535) smb_pam_auth: PAM: UNKNOWN ERROR while authenticating user rhandorf [2006/09/18 13:42:36, 0] auth/pampass.c:smb_pam_passcheck(810) smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User rhandorf ! You need a lot more logs. What I can't understand is how you are supposed to pass credential authentication via smbclient, are you sending the Smartcard PIN in the clear over the wire? I've looked around to see whether or not SAMBA supports RADIUS Authentication, and I havent seen any documentation that totally says 'yes.' No. Makes no sense to support any clear text based authentication except for the historical support for PAM with clear text passwords. Asking
Re: [Samba] Problem making directory that already exists from an OS2
On Fri, Sep 22, 2006 at 11:49:57AM +0200, [EMAIL PROTECTED] wrote: We are encountering problems creating directories from OS2 clients to a samba server (Version 3.0.23c-SerNet-RedHat). It occurs when the directory already exists. (no problem for Windows clients) From an OS2 client to an OS2 server we receive this message : SYS1248: A subdirectory or file \\server\directory already exists. From an OS2 client to an Samba server we receive this message : SYS0317: The system cannot find message 0183 in message file OSO001.MSG. Looks like there is different return codes between OS2 Lan server and Samba server for event directory already exist. Taking ethereal traces : we see that the return code from OS2 Lan server is 0x05. we see that the return code from Samba server is 0xb7. (0183) The problem is similar to another problem we had with OS2 clients on an older version of Samba with empty directories. Please open a bugzilla bug and attach the ethereal traces. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem making directory that already exists from an OS2
Here are the ethereal sniffs : OS2 client makes an existing directory on OS2 Lan server : OS2 client makes an existing directory on Samba server : Volker Lendecke [EMAIL PROTECTED] Sent by: Volker Lendecke [EMAIL PROTECTED] 22/09/2006 17:28 Please respond to Volker.Lendecke To: [EMAIL PROTECTED] cc: samba@lists.samba.org Subject:Re: [Samba] Problem making directory that already exists from an OS2 On Fri, Sep 22, 2006 at 11:49:57AM +0200, [EMAIL PROTECTED] wrote: We are encountering problems creating directories from OS2 clients to a samba server (Version 3.0.23c-SerNet-RedHat). It occurs when the directory already exists. (no problem for Windows clients) Can you please send the sniffs? Thanks, Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ssh login through AD solution
Thanks to Anthony Ciarochi at Centeris for this solution. I have a Centos (Red Hat-based) server that is now accessible to AD users AND local users via ssh. I can control which AD groups can login using the syntax below. Red Hat-based distros use pam_stack in pam.d which is quite different than Debian's include based pam.d, cat /etc/pam.d/sshd # -- #%PAM-1.0 auth required pam_stack.so service=system-auth auth required pam_nologin.so accountsufficient pam_succeed_if.so user ingroup sshlogin accountsufficient pam_succeed_if.so user ingroup wheel password required pam_stack.so service=system-auth sessionrequired pam_stack.so service=system-auth sessionrequired pam_loginuid.so sessionsufficient pam_mkhomedir.so skel=/etc/skel umask=0027 # -- The critical lines are: accountsufficient pam_succeed_if.so user ingroup sshlogin The above is to allow an AD group sshlogin to ssh in. accountsufficient pam_succeed_if.so user ingroup wheel The above allows anyone in the *local machine* unix group wheel to ssh in. sessionsufficient pam_mkhomedir.so skel=/etc/skel umask=0027 The above creates home dirs and dot files for AD users when they login for the first time. -- Announcing your plans is a good way to hear the gods' laughter. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can't get guest users to see a drive without logging in
I have a drive set up like [public] comment = Public drive for miscellaneous stuff path = /apps/local/public writable = yes guest ok = yes force user = root force group = engr create mask = 0664 directory mask = 0775 public = yes browseable = yes and I want users without Unix accounts to be able to access this drive from Windows machines. However, whenever they try to access the drive it asks for a login password. Users with Linux accounts on the machine aren't asked for the password. How can I let in guest users without Linux accounts? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux Samba to Mac OSX: resource fork lock problems?
On Fri, Sep 22, 2006 at 10:47:49AM -0400, William Yang wrote: I am seeking a better workaround than I currently have for the problem. Using OS X 10.3.x and 10.4.x (and possibly other versions) as workstations, and Gentoo Linux (kernel 2.6.16) with Samba 3.0.22, I have the following sequence of events. The symptom is most prevalent when dealing with multi MB files: 1. Resource fork (._ file) gets locked 2. File associated with resource fork also gets locked. 3. File gets unlocked 4. Resource fork never gets unlocked. Because the resource fork never gets unlocked, this causes problems with migration of data off the Mac to the server and occasionally results in a file being deleted unexpectedly. Is this a bug in the Mac client ? Are they forgetting to unlock their resource forks ? A network sniff would be useful. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Write list problem
I upgrade my Debian Samba packages from 3.0.14a-1 to 3.0.23c-1. I experienced 2 problems, one was that certain shares were locking users out who were listed in the Valid users parameter, but not all shares were doing this. I ran across a post that advised changing the parameter to users alone, omitting valid This fixed it, but I'm not sure why. WHen did this parameter change and why was it not rejecting on all the shares. I could post more configuration info on this if needed. Now for the unsolved problem. I have a share in which certain users get read-only access, and certain other users get r/w access, using the write list parameter. After the upgrade, everyone was reduced to read-only access. Here's the share definition: [danasFiles] comment = Whatever path=/path/to-files users=@dana @danaread read only = yes force group=dana force create mode=0660 force directory mode=0770 write list=@dana browseable = no The box is a member of a domain, security is set to domain and it is authenticating via winbind. The permissions on the filesystem are set properly and this share definition was working perfectly under 3.0.14a-1. I can send log output if needed. Any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem making directory that already exists from an OS2
On Fri, Sep 22, 2006 at 06:20:04PM +0200, [EMAIL PROTECTED] wrote: Here are the ethereal sniffs : As they did not make it to the lists, Jeremy's advice is better. Please open a bug report at https://bugzilla.samba.org/. Thanks, Volker pgpdjBMf5A6m8.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Transfer rates faster than 23MBps?
Doug VanLeuven wrote: OK, I'll top post. I can't let this stand unanswered. I ran a LOT of tests with gigabit copper and windows machines. I never did better than 40 seconds per gig. That was with the Intel cards configured for maximum cpu utilization. 80-90% cpu for 40 sec per gig. On windows. Uploads went half as fast. Asymetric. Of course I only had 32 bit PCI, 2.5Gig processor motherboards with 45MBps drives. Which leads me to my point. One can't rationally compare performance of gigabit ethernet without talking about hardware on the platforms. I wouldn't think you'd have overlooked this, but one can bump up against the speed of the disk drive. Raid has overhead. Have you tried something like iostat? Serial ATA? I seem to recall the folks at Enterasys indicating 300Gbps as a practical upper limit on copper gig. Are you using fiber? 64 bit PCI? Who made which model of the network card? Is it a network card that's well supported in Linux? Can you change the interrupt utilization of the card? What's the CPU utilization on the Redhat machine during transfers? I don't have specific answers for your questions, but one can't just say this software product is slower on gigabit than the other one without talking hardware at the same time. You have a very good point: I never indicated what my hardware situation was. Server: Rackable UltraDense. It's an Opteron 250, 2GB RAM, a 3Ware RAID controller and 12x 500GB SATA disks (about 460GB formatted) in 2x 6 disk RAID5 arrays (a little space wasted due to a 2TB limit somewhere.) Ethernet is a BroadCom BCM85702A20 gigabit (two of them, actually, but we're only using one.) I've used a number of different clients, ranging from a Dell 850 copying to /dev/null, to a Dell OptiPlex GX620 copying to a local SATA drive, to another Rackable UltraDense. Both Linux and WinXP. (Not so surprisingly, the Linux client is slower than the WinXP client. Although, using smbclient (as Jeremy suggested) was just as fast as the WinXP client, our famous 45 second 1GB transfer.) Reasons I didn't list hardware in my first email: - iPerf shows that I can saturate the Ethernet interfaces, TCP/IP stack, and switching fabric to 120MBps, 960Mbps. - Copying the same file to/from the same machines using HTTP (Apache2) transfers at about 60MBps, 480Mbps. This uses the same disk and network subsystems. - Copying a 1GB file from a RAM disk on the server to /dev/null on the client (eliminating disk performance from the equation entirely) does _NOT_ speed things up at all, still stuck at about 45 seconds, about 23MBps, 182Mbps. - Copying locally from the disk to /dev/null (using dd, no network at all) takes about 17 seconds for a 1GB file, which matches up nicely with the 60MBps, 480Mbps seen with HTTP. Given these tests, I would expect to see transfer rates of up to 60MBps in the best case. Admittedly, that is a _BEST_ case. I know I can't avoid that bottle neck, and honestly, that would be totally sufficient for our use. The question is, what bottle neck am I hitting now? The only thing that changes between the HTTP and SMB tests are the transport mechanisms (and their interactions with other systems, eg: kernel), so naturally I suspect those. For the time being, at least, I need to use the SMB protocol. So I'm trying to figure out what I can tweak, if anything, to make this go faster. As a data point, I'm going to try a newer version of Samba. (RHEL4 uses 3.0.10-RedHat-Heavily-Modified-Of-Course) If that makes a difference, then I have to decide whether it's worth it to me to keep RedHat support or not. (And when I say I, I really mean my management.) I have lots of memory. I use these configurations in sysctl.conf to up the performance of send/recieve windows on my systems. There's articles out there. I don't have historical references handy. YMMV. net.core.wmem_max = 1048576 net.core.rmem_max = 1048576 net.ipv4.tcp_wmem = 4096 65536 1048575 net.ipv4.tcp_rmem = 4096 524288 1048575 net.ipv4.tcp_window_scaling = 1 I have not tried tweaking the TCP stack in the OS. I'll give that a shot. Thank you very much, Doug. -Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Spam] [Samba] Write list problem
Ron Garcia-Vidal wrote: I upgrade my Debian Samba packages from 3.0.14a-1 to 3.0.23c-1. I experienced 2 problems, one was that certain shares were locking users out who were listed in the Valid users parameter, but not all shares were doing this. I ran across a post that advised changing the parameter to users alone, omitting valid This fixed it, but I'm not sure why. WHen did this parameter change and why was it not rejecting on all the shares. I could post more configuration info on this if needed. Now for the unsolved problem. I have a share in which certain users get read-only access, and certain other users get r/w access, using the write list parameter. After the upgrade, everyone was reduced to read-only access. Here's the share definition: [danasFiles] comment = Whatever path=/path/to-files users=@dana @danaread read only = yes force group=dana force create mode=0660 force directory mode=0770 write list=@dana browseable = no The box is a member of a domain, security is set to domain and it is authenticating via winbind. The permissions on the filesystem are set properly and this share definition was working perfectly under 3.0.14a-1. I can send log output if needed. Any ideas? If these are domain groups, perhaps this explains your problem: === Release Notes for Samba 3.0.23b Aug 7, 2006 === Member servers, domain accounts, and smb.conf = Since Samba 3.0.8, it has been recommended that all domain accounts listed in smb.conf on a member server be fully qualified with the domain name. This is now a requirement. All unqualified names are assumed to be local to the Unix host, either as part of the server's local passdb or in the local system list of accounts (e.g. /etc/passwd or /etc/group). The reason for this change is that smbd has transitioned from access checks based on string comparisons to token based authorization. All names are resolved to a SID and then verified against the logged on user's NT user token. Local names will resolve to a local SID, while qualified domain names will resolve to the appropriate domain SID. If the member server is not running winbindd at all, domain accounts will be implicitly mapped to local accounts and their tokens will be modified appropriately to reflect the local SID and group membership. For example, the following share will restrict access to the domain group Linux Admins and the local group srvadmin. [restricted] path = /data valid users = +*DOMAIN*\Linux Admins +srvadmin Note that to restrict the [homes] share on a member server to the owner of that directory, it is necessary to prefix the %S value to valid users. [global] security = {domain,ads} workgroup = DOM winbind separator = + [homes] valid users = *DOM*+%S Hope it works, Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: samba Digest, Vol 45, Issue 29
You really meant 300 _M_bps as the upper bound according to Enterasys. My switches are from Enterasys too. After a firmware updates I get about 722 Mbps both ways. The client's disk drive (Maxtor 250 GB) can't read or write faster. If you don't get transfer rates in the immediate neighbourhood of the read/write speeds of your client's disk drives, then your network setup (hardware or configuration) is probably wrong. It's not easy to say what exactly is wrong. From: Doug VanLeuven [EMAIL PROTECTED] To: samba@lists.samba.org Date: Fri, 22 Sep 2006 02:50:17 -0700 Subject: Re: [Samba] Transfer rates faster than 23MBps? OK, I'll top post. I can't let this stand unanswered. I ran a LOT of tests with gigabit copper and windows machines. I never did better than 40 seconds per gig. That was with the Intel cards configured for maximum cpu utilization. 80-90% cpu for 40 sec per gig. On windows. Uploads went half as fast. Asymetric. Of course I only had 32 bit PCI, 2.5Gig processor motherboards with 45MBps drives. Which leads me to my point. One can't rationally compare performance of gigabit ethernet without talking about hardware on the platforms. I wouldn't think you'd have overlooked this, but one can bump up against the speed of the disk drive. Raid has overhead. Have you tried something like iostat? Serial ATA? I seem to recall the folks at Enterasys indicating 300Gbps as a practical upper limit on copper gig. Are you using fiber? 64 bit PCI? Who made which model of the network card? Is it a network card that's well supported in Linux? Can you change the interrupt utilization of the card? What's the CPU utilization on the Redhat machine during transfers? I don't have specific answers for your questions, but one can't just say this software product is slower on gigabit than the other one without talking hardware at the same time. I have lots of memory. I use these configurations in sysctl.conf to up the performance of send/recieve windows on my systems. There's articles out there. I don't have historical references handy. YMMV. net.core.wmem_max = 1048576 net.core.rmem_max = 1048576 net.ipv4.tcp_wmem = 4096 65536 1048575 net.ipv4.tcp_rmem = 4096 524288 1048575 net.ipv4.tcp_window_scaling = 1 Regards, Doug I wanted to follow up to my email to provide at least a partial answer to my problem. The stock RedHat AS4-U3 Samba config has SO_SNDBUF and SO_RCVBUF set to 8k. With this value, I can transfer a 1GB file in about 70-75 seconds, about 14MBps. If I increase those buffers to their max value of 64k, that same 1GB file transfers in 45-50 seconds, about 23MBps. That is the _ONLY_ configuration value I've found that made any difference in my setup. All the other tweaks I'd done, when removed, seemed to make no difference at all. I was playing with oplocks, buffers, max xmit sizes, you name it. But the socket option buffers was the only thing that made a difference. I'm still looking for more speed. I'll report if I find anything else that helps. In response to Jeremy's suggestion of using smbclient, I ran a test from a Linux client using smbclient and it reported a transfer rate of 21MBps, about the same as a normal smbfs mount. I haven't tried porting smbclient to Windows yet, and probably won't until we get more info on what the server is doing. Thanks everyone. -Mark Mark Smith wrote: We use SMB to transfer large files (between 1GB and 5GB) from RedHat AS4 Content Storage servers to Windows clients with 6 DVD burners and robotic arms and other cool gadgets. The servers used to be Windows based, but we're migrating to RedHat for a host of reasons. Unfortunately, the RedHat Samba servers are about 2.5 times slower than the Windows servers. Windows will copy a 1GB file in about 30 seconds, where as it takes about 70 to 75 seconds to copy the same file from a RedHat Samba server. I've asked Dr. Google and gotten all kinds of suggestions, most of which have already been applied by RedHat to the stock Samba config. I've opened a ticket with RedHat. They pointed out a couple errors in my config, but fixing those didn't have any effect. Some tweaking, however, has gotten the transfer speed to about 50 seconds for that 1GB file. But I seem to have hit a brick wall; my fastest time ever was 44 seconds, but typically it's around 50. I know it's not a problem with network or disk; if I use Apache and HTTP to transfer the same file from the same server, it transfers in about 15 to 20 seconds. Unfortunately, HTTP doesn't meet our other requirements for random access to the file. Do you folks use Samba for large file transfers at all? Have you had any luck speeding it up past about 23MBps (the 44 second transfer speed)? Any help you may have would be fantastic. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write list problem
Dale Schroeder wrote: If these are domain groups, perhaps this explains your problem: Well, sort of. The conf I posted was actually after some alterations in trying to fix the problem, the original conf looked like this: [danasFiles] comment = Whatever path=/path/to-files users=@DOMAIN+dana @DOMAIN+danaread read only = yes force group=DOMAIN+dana force create mode=0660 force directory mode=0770 write list=@DOMAIN+dana browseable = no Sorry about that. Testparm indicates that using a + as the winbind separator can cause problems with group membership. Might that be the source of my problem? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write list problem
Ron Garcia-Vidal wrote: Dale Schroeder wrote: If these are domain groups, perhaps this explains your problem: Well, sort of. The conf I posted was actually after some alterations in trying to fix the problem, the original conf looked like this: [danasFiles] comment = Whatever path=/path/to-files users=@DOMAIN+dana @DOMAIN+danaread read only = yes force group=@DOMAIN+dana force create mode=0660 force directory mode=0770 write list=@DOMAIN+dana browseable = no Sorry about that. Testparm indicates that using a + as the winbind separator can cause problems with group membership. Might that be the source of my problem? Possibly. After upgrading all my Debian Sarge systems from 3.0.22 to 3.0.23c, I had to replace the + with the default \ to get it to work, but I don't think it's a universal problem. Maybe it's a Debian thing. Unlike you, valid users worked fine for me. (My biggest headache has been username mapping in a security = ADS setting.) Good luck, Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Write list problem
Possibly. After upgrading all my Debian Sarge systems from 3.0.22 to 3.0.23c, I had to replace the + with the default \ to get it to work, but I don't think it's a universal problem. Maybe it's a Debian thing. Unlike you, valid users worked fine for me. (My biggest headache has been username mapping in a security = ADS setting.) I do not see this behavior on my 3.0.23c Debian installations. Samba 3.0.23c debs from Samba.org, installed on both Debian Etch (Testing) and Debian Sarge (Stable) Both of them use winbind separator = + Valid users also works as expected in my installations, both with domain users and domain groups specified. James ZuelowCBJ MIS (907)586-0236 Network Specialist...Registered Linux User No. 186591 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Spam] [Samba] Write list problem
On Friday 22 September 2006 20:08, Dale Schroeder wrote: If these are domain groups, perhaps this explains your problem: === Release Notes for Samba 3.0.23b Aug 7, 2006 === Member servers, domain accounts, and smb.conf = Since Samba 3.0.8, it has been recommended that all domain accounts listed in smb.conf on a member server be fully qualified with the domain name. This is now a requirement. All unqualified names are assumed to be local to the Unix host, either as part of the server's local passdb or in the local system list of accounts (e.g. /etc/passwd or /etc/group). The reason for this change is that smbd has transitioned from access checks based on string comparisons to token based authorization. All names are resolved to a SID and then verified against the logged on user's NT user token. Local names will resolve to a local SID, while qualified domain names will resolve to the appropriate domain SID. If the member server is not running winbindd at all, domain accounts will be implicitly mapped to local accounts and their tokens will be modified appropriately to reflect the local SID and group membership. For example, the following share will restrict access to the domain group Linux Admins and the local group srvadmin. [restricted] path = /data valid users = +*DOMAIN*\Linux Admins +srvadmin Note that to restrict the [homes] share on a member server to the owner of that directory, it is necessary to prefix the %S value to valid users. [global] security = {domain,ads} workgroup = DOM winbind separator = + [homes] valid users = *DOM*+%S Hope it works, Dale This could be the cause of my problem (sorry for hijacking the thread). Since my install upgraded its self to samba 3.0.23c smbd has refused to start, I am wonder whether I might have the same problem you outline above. My Samba runs on Debian Testing and has worked without a problem until the upgrade, now the smbd refuse to start. I did a reinstall of samba and everything will work if I start it with the default smb.conf but if I use my existing conf file then smbd will refuse to start. Could somebody cast an eye over my conf file and tell me if it it the problem that Dale mentions [global] workgroup = HOME server string = %h server (Samba %v) obey pam restrictions = Yes passdb backend = tdbsam, passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 server signing = auto preferred master = No domain master = No panic action = /usr/share/samba/panic-action %d invalid users = root [homes] comment = Home Directories invalid users = read only = No create mask = 0640 directory mask = 0750 browseable = No snip Thanks inadvance, Tim ___ Now you can scan emails quickly with a reading pane. Get the new Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write list problem
James Zuelow wrote: Possibly. After upgrading all my Debian Sarge systems from 3.0.22 to 3.0.23c, I had to replace the + with the default \ to get it to work, but I don't think it's a universal problem. Maybe it's a Debian thing. Unlike you, valid users worked fine for me. (My biggest headache has been username mapping in a security = ADS setting.) I do not see this behavior on my 3.0.23c Debian installations. Samba 3.0.23c debs from Samba.org, installed on both Debian Etch (Testing) and Debian Sarge (Stable) Both of them use winbind separator = + Valid users also works as expected in my installations, both with domain users and domain groups specified. James ZuelowCBJ MIS (907)586-0236 Network Specialist...Registered Linux User No. 186591 Reading through theses lists of problems every day and because of my own experiences, I always wonder why something works for one system and not the other. I can't help but believe it's the vast number of permutations possible (1) within Samba and (2) between Samba and all the OS's on which it works. With all the variations possible, it is a true credit to the developers that it works as well as it does. I compliment them all. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Transfer rates faster than 23MBps?
Mark Smith wrote: As a data point, I'm going to try a newer version of Samba. (RHEL4 uses 3.0.10-RedHat-Heavily-Modified-Of-Course) If that makes a difference, then I have to decide whether it's worth it to me to keep RedHat support or not. (And when I say I, I really mean my management.) I've just tried this. Samba v3.0.23c, built locally from the Fedora Source RPM as distributed at samba.org, makes no noticeable difference: still about 45 seconds. I have lots of memory. I use these configurations in sysctl.conf to up the performance of send/recieve windows on my systems. There's articles out there. I don't have historical references handy. YMMV. net.core.wmem_max = 1048576 net.core.rmem_max = 1048576 net.ipv4.tcp_wmem = 4096 65536 1048575 net.ipv4.tcp_rmem = 4096 524288 1048575 net.ipv4.tcp_window_scaling = 1 I have not tried tweaking the TCP stack in the OS. I'll give that a shot. The person at RedHat who's handling my ticket just suggested these very changes, without the last one. They did not help. The values he gave were a little different: - snip! - # increase TCP maximum buffer size net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 # increase Linux autotuning TCP buffer limits # min, default, and maximum number of bytes to use net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 - snip! - I also tried your values, with the tcp_window_scaling, with no luck. -Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Transfer rates faster than 23MBps?
I have not. Unfortunately, that is not a trivial process. I believe everything supports it, but it's a somewhat major change to my production systems. It might be worth trying as a data point, however. Given the iPerf tests, I really don't think it's a network bottleneck at this point. -Mark Pitti, Raul wrote: i am not an expert, but, do you have jumbo frame enabled on your nic and switch? try using ethtools... RP Mark Smith wrote: Mark Smith wrote: As a data point, I'm going to try a newer version of Samba. (RHEL4 uses 3.0.10-RedHat-Heavily-Modified-Of-Course) If that makes a difference, then I have to decide whether it's worth it to me to keep RedHat support or not. (And when I say I, I really mean my management.) I've just tried this. Samba v3.0.23c, built locally from the Fedora Source RPM as distributed at samba.org, makes no noticeable difference: still about 45 seconds. I have lots of memory. I use these configurations in sysctl.conf to up the performance of send/recieve windows on my systems. There's articles out there. I don't have historical references handy. YMMV. net.core.wmem_max = 1048576 net.core.rmem_max = 1048576 net.ipv4.tcp_wmem = 4096 65536 1048575 net.ipv4.tcp_rmem = 4096 524288 1048575 net.ipv4.tcp_window_scaling = 1 I have not tried tweaking the TCP stack in the OS. I'll give that a shot. The person at RedHat who's handling my ticket just suggested these very changes, without the last one. They did not help. The values he gave were a little different: - snip! - # increase TCP maximum buffer size net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 # increase Linux autotuning TCP buffer limits # min, default, and maximum number of bytes to use net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 - snip! - I also tried your values, with the tcp_window_scaling, with no luck. -Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Transfer rates faster than 23MBps?
i am not an expert, but, do you have jumbo frame enabled on your nic and switch? try using ethtools... RP Mark Smith wrote: Mark Smith wrote: As a data point, I'm going to try a newer version of Samba. (RHEL4 uses 3.0.10-RedHat-Heavily-Modified-Of-Course) If that makes a difference, then I have to decide whether it's worth it to me to keep RedHat support or not. (And when I say I, I really mean my management.) I've just tried this. Samba v3.0.23c, built locally from the Fedora Source RPM as distributed at samba.org, makes no noticeable difference: still about 45 seconds. I have lots of memory. I use these configurations in sysctl.conf to up the performance of send/recieve windows on my systems. There's articles out there. I don't have historical references handy. YMMV. net.core.wmem_max = 1048576 net.core.rmem_max = 1048576 net.ipv4.tcp_wmem = 4096 65536 1048575 net.ipv4.tcp_rmem = 4096 524288 1048575 net.ipv4.tcp_window_scaling = 1 I have not tried tweaking the TCP stack in the OS. I'll give that a shot. The person at RedHat who's handling my ticket just suggested these very changes, without the last one. They did not help. The values he gave were a little different: - snip! - # increase TCP maximum buffer size net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 # increase Linux autotuning TCP buffer limits # min, default, and maximum number of bytes to use net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 - snip! - I also tried your values, with the tcp_window_scaling, with no luck. -Mark -- Raúl Pittí Palma, Eng. Global Engineering and Technology S.A. mobile (507)-6616-0194 office (507)-390-4338 Republic of Panama www.globaltecsa.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Mac can't connect to debian after upgrade to Samba 3.0.23
After upgrading my Debian box to Samba 3.0.23, I'm no longer able to connect to it from my Mac OS X 3.9 machine. I can still connect from the linux box TO the mac, but not the other way around. I need to be able to mount the linux volume on the mac. I've had to downgrade to samba 3.0.22 on linux to get it to work. My home network is a simple 2 machine setup with a wired connection. My smb.conf file on the linux machine looks like this: [global] security = share restrict anonymous = no domain master = no preferred master = no max protocol = NT ldap ssl = No server signing = Auto acl compatibility = winnt workgroup = MSHOME [music] case sensitive = no guest ok = yes msdfs proxy = no read only = no path = /media/hdb5/music/ force group = mshome strict locking = no [HDB5] path = /media/hdb5/ guest ok = yes read only = no hide files = System Volume Information/ case sensitive = no msdfs proxy = no force group = mshome strict locking = no [rp] path = /home/rp/ guest ok = yes read only = no case sensitive = no msdfs proxy = no force user = rp strict locking = no * The mac is running OSX 3.9 . The file /private/etc/smb.conf looks like this: ;[public] ;path = /tmp ;public = yes ;only guest = yes ;writable = yes ;printable = no [printers] path = /tmp printable = yes [Shared] path = /Users/rp/Shared read only = No inherit permissions = No guest ok = Yes ;Created by SharePoints [User_Share] path = /Users/Shared read only = No inherit permissions = No guest ok = Yes ;Created by SharePoints} ** I've googled this issue and asked on both mac and my linux distro forum. Anyone know what's causing this? Thank you, Ron -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: can't access Samba share when clocks skew is too great
This is an area where Samba does not emulate Windows very well. See http://mailman.mit.edu/pipermail/kerberos/2006-September/010482.html. This is the basic idea: MS Kerberos servers return the time skew error along with the server time. Then the client can re-issue the auth request using the server's time info (generating a new authenticator using the timestamp). The time in this context is used to control replay attacks. - Danilo -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Kincer Sent: Friday, September 22, 2006 7:34 AM To: Leonid Zeitlin Cc: samba@lists.samba.org Subject: Re: [Samba] Re: can't access Samba share when clocks skew is too great Actually, now that you mention it and I've got more caffeine in the veins, I would throw the theory out that the Samba server-side authentication is being more proactive than AD would be. In other words, AD says You got the right password? Come on in! whereas Samba says You got the right password? That's great, but our time is out of sync and that's a problem. This session has timed out. This is just a guess, more or less. Feel free to email me directly with your questions about GPOs if you want to take it off-list. Aaron Leonid Zeitlin wrote: Hi Aaron, Thanks, I understand. As a matter of fact, yes, I do need help with GPOs (not NTP on Samba server - thanks, that's clear to me), so if you can offer a suggestion, I'd appreciate (I understand this is off topic on the Samba list). At the same time, as I mentioned in the previous post, I'm trying to understand why clients with incorrect clock can connect to Windows servers and can't connect to Samba. I thought Samba tried to emulate Windows file server as close as possible. In this particular case I thought Samba would fall back to NTLM auth. Maybe I misunderstand something. Thanks, Leonid Aaron Kincer [EMAIL PROTECTED] ???/ ? ?: news:[EMAIL PROTECTED] It is pretty standard behavior for encrypted authentication schemes to reject authentication requests when the time deviation between the client and server are too far apart. This is by design. It is basically a timeout from Active Directory's perspective. You can use Active Directory GPOs to configure clients to use NTP and you can also configure NTP on your Samba server (use cron to sync time hourly if you must). This should fix your authentication issue. If you need help with GPOs or configuring NTP on your Samba server, let me know. Bruno Rodrigues Neves wrote: Hi Leonid, I don´t know the cause of this problem, but if you try add into your netlogon script a line such as a set time in order to set the clock to the same from the server? Regards! -- Bruno On 9/22/06, Leonid Zeitlin [EMAIL PROTECTED] wrote: Hi all, I have a Samba 3.0.23c server joined to an Windows 2003 AD domain. Users access it from Windows workstations (XP, 2000). The problem is that if a workstation has its time off by more than 5 minutes, Samba server cannot be accessed. I understand that Kerberos cannot authenticate the clients due to clock skew; however, I thought that in such case Samba could falls back to NTLM auth. At least, the workstations with the wrong clock can access Windows file servers, but not Samba. Is Samba's behavior in this case intentional? Is this supposed to work? How can I help or debug this situation? Any help is appreciated. Thanks, Leonid -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Openldap-sasl-server versions and how to compile samba in Freebsd
Recently I have upgraded my server to FSB 6.1 and have therefore needed to compile - amongst other things - the samba3 server from ports. For other reasons, I would like to use the openldap versions integrated with SASL. The newest version of the server is openldap-sasl-server-2.2. But the samba port seems to insist in compiling openldap-client-2.3.27. So for the installation to work, I have to delete the sasl-client that followed the 2.2server. I have tried to modify make.conf so the installation should use the old version, but that doesn't work. Is there any reasonable solution to this problem? Could I do something with portupgrade, for instance? Thanks in advance, Jon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Excel Save Problem
On Fri, Sep 22, 2006 at 11:23:44AM +0200, Christian Nekola wrote: Yesterday i compile a new samba version (3.0.23a) unfortunately the same problem. If i save a excel (or a pdf) doc on my smaba share, then all hangs. (90% iowait 0,2% cpu) I make sundries tests: samba tunning with socket options,... Oplock disable on client, antivirus disable on client. Las service pack installtion on client, Nothing change. Very weird: i have two samba shares. A small share with 250 gb and a large share with 750 (raid 5, drbd). Only on the large share hang samba when i save a dokument on windows 2000. with windows xp are running all ok. .i don't know why :( Does it hang when you're not using drbd ? If it only hangs with drbd I suspect a kernel problem. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r18815 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: gd Date: 2006-09-22 08:36:30 + (Fri, 22 Sep 2006) New Revision: 18815 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18815 Log: Fill in IDL for domain based DFS root functions (dfs_AddFtRoot, dfs_RemoveFtRoot and dfs_FlushFtTable). Guenther Modified: branches/SAMBA_4_0/source/librpc/idl/dfs.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/dfs.idl === --- branches/SAMBA_4_0/source/librpc/idl/dfs.idl2006-09-22 05:46:03 UTC (rev 18814) +++ branches/SAMBA_4_0/source/librpc/idl/dfs.idl2006-09-22 08:36:30 UTC (rev 18815) @@ -306,10 +306,32 @@ WERROR dfs_ManagerSendSiteInfo(); /* Function 0x0a */ - WERROR dfs_AddFtRoot(); + typedef struct { + uint32 unknown1; + [string,charset(UTF16)] uint16 *unknown2; + } dfs_UnknownStruct; + WERROR dfs_AddFtRoot( + [in][string,charset(UTF16)] uint16 servername[], + [in][string,charset(UTF16)] uint16 dns_servername[], + [in][string,charset(UTF16)] uint16 dfsname[], + [in][string,charset(UTF16)] uint16 rootshare[], + [in][string,charset(UTF16)] uint16 comment[], + [in][string,charset(UTF16)] uint16 dfs_config_dn[], + [in]uint8 unknown1, + [in]uint32 flags, + [in,out,unique] dfs_UnknownStruct **unknown2 + ); + /* Function 0x0b */ - WERROR dfs_RemoveFtRoot(); + WERROR dfs_RemoveFtRoot( + [in][string,charset(UTF16)] uint16 servername[], + [in][string,charset(UTF16)] uint16 dns_servername[], + [in][string,charset(UTF16)] uint16 dfsname[], + [in][string,charset(UTF16)] uint16 rootshare[], + [in]uint32 flags, + [in,out,unique] dfs_UnknownStruct **unknown + ); /* Function 0x0c */ WERROR dfs_AddStdRoot( @@ -347,7 +369,10 @@ WERROR dfs_SetDcAddress(); /* Function 0x12 */ - WERROR dfs_FlushFtTable(); + WERROR dfs_FlushFtTable( + [in][string,charset(UTF16)] uint16 servername[], + [in][string,charset(UTF16)] uint16 rootshare[] + ); /* Function 0x13 */ WERROR dfs_Add2();
svn commit: samba r18816 - in branches/SAMBA_3_0/source/libads: .
Author: gd Date: 2006-09-22 09:00:59 + (Fri, 22 Sep 2006) New Revision: 18816 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18816 Log: Fix some build warnings. Guenther Modified: branches/SAMBA_3_0/source/libads/gpo.c Changeset: Modified: branches/SAMBA_3_0/source/libads/gpo.c === --- branches/SAMBA_3_0/source/libads/gpo.c 2006-09-22 08:36:30 UTC (rev 18815) +++ branches/SAMBA_3_0/source/libads/gpo.c 2006-09-22 09:00:59 UTC (rev 18816) @@ -211,7 +211,7 @@ { ADS_STATUS status; const char *attrs[] = {gPLink, gPOptions, NULL}; - void *res = NULL; + LDAPMessage *res = NULL; const char *gp_link; uint32 gp_options; @@ -254,7 +254,7 @@ { ADS_STATUS status; const char *attrs[] = {gPLink, NULL}; - void *res = NULL; + LDAPMessage *res = NULL; const char *gp_link, *gp_link_new; ADS_MODLIST mods; @@ -309,7 +309,7 @@ { ADS_STATUS status; const char *attrs[] = {gPLink, NULL}; - void *res = NULL; + LDAPMessage *res = NULL; const char *gp_link, *gp_link_new = NULL; ADS_MODLIST mods; @@ -432,7 +432,7 @@ struct GROUP_POLICY_OBJECT *gpo) { ADS_STATUS status; - void *res = NULL; + LDAPMessage *res = NULL; char *dn; const char *filter; const char *attrs[] = { cn, displayName, flags, gPCFileSysPath,
svn commit: samba r18817 - in branches/SAMBA_3_0/source: . libads utils
Author: gd Date: 2006-09-22 09:07:31 + (Fri, 22 Sep 2006) New Revision: 18817 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18817 Log: Enable the build of the gpo tool but do not make it available yet. Guenther Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/libads/gpo_util.c branches/SAMBA_3_0/source/utils/net_ads.c Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in === --- branches/SAMBA_3_0/source/Makefile.in 2006-09-22 09:00:59 UTC (rev 18816) +++ branches/SAMBA_3_0/source/Makefile.in 2006-09-22 09:07:31 UTC (rev 18817) @@ -267,7 +267,8 @@ libads/krb5_setpw.o libads/ldap_user.o \ libads/ads_struct.o libads/kerberos_keytab.o \ libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \ -libads/authdata.o libads/cldap.o +libads/authdata.o libads/cldap.o \ +libads/gpo.o libads/gpo_util.o LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o \ libads/ldap_schema.o sam/nss_info.o @@ -290,7 +291,8 @@ libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \ libsmb/clioplock.o $(ERRORMAP_OBJ) libsmb/clirap2.o \ $(DOSERR_OBJ) \ -$(RPC_PARSE_OBJ1) $(LIBSAMBA_OBJ) $(LIBNMB_OBJ) +$(RPC_PARSE_OBJ1) $(LIBSAMBA_OBJ) $(LIBNMB_OBJ) \ +libsmb/gpo.o LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \ rpc_client/cli_netlogon.o \ @@ -604,7 +606,7 @@ utils/net_rpc_service.o utils/net_rpc_registry.o utils/net_usershare.o \ utils/netlookup.o utils/net_sam.o utils/net_rpc_shell.o \ utils/net_util.o utils/net_rpc_sh_acct.o utils/net_rpc_audit.o \ - utils/passwd_util.o utils/net_dns.o + utils/passwd_util.o utils/net_dns.o utils/net_ads_gpo.o NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ Modified: branches/SAMBA_3_0/source/libads/gpo_util.c === --- branches/SAMBA_3_0/source/libads/gpo_util.c 2006-09-22 09:00:59 UTC (rev 18816) +++ branches/SAMBA_3_0/source/libads/gpo_util.c 2006-09-22 09:07:31 UTC (rev 18817) @@ -23,7 +23,7 @@ #define DEFAULT_DOMAIN_POLICY Default Domain Policy #define DEFAULT_DOMAIN_CONTROLLERS_POLICY Default Domain Controllers Policy -/* should we store a parsed guid ? UUID_FLAT guid; */ +/* should we store a parsed guid ? */ struct gpo_table { const char *name; const char *guid_string; Modified: branches/SAMBA_3_0/source/utils/net_ads.c === --- branches/SAMBA_3_0/source/utils/net_ads.c 2006-09-22 09:00:59 UTC (rev 18816) +++ branches/SAMBA_3_0/source/utils/net_ads.c 2006-09-22 09:07:31 UTC (rev 18817) @@ -219,7 +219,7 @@ setenv(KRB5_ENV_CCNAME, MEMORY:net_ads, 1); } -static ADS_STATUS ads_startup(BOOL only_own_domain, ADS_STRUCT **ads) +ADS_STATUS ads_startup(BOOL only_own_domain, ADS_STRUCT **ads) { ADS_STATUS status; BOOL need_password = False; @@ -2245,6 +2245,7 @@ {WORKGROUP, net_ads_workgroup}, {LOOKUP, net_ads_lookup}, {KEYTAB, net_ads_keytab}, + /* {GPO, net_ads_gpo}, */ {HELP, net_ads_help}, {NULL, NULL} };
svn commit: samba r18818 - in branches/SAMBA_3_0/source/include: .
Author: gd Date: 2006-09-22 09:09:01 + (Fri, 22 Sep 2006) New Revision: 18818 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18818 Log: Forgot header file. Guenther Modified: branches/SAMBA_3_0/source/include/includes.h Changeset: Modified: branches/SAMBA_3_0/source/include/includes.h === --- branches/SAMBA_3_0/source/include/includes.h2006-09-22 09:07:31 UTC (rev 18817) +++ branches/SAMBA_3_0/source/include/includes.h2006-09-22 09:09:01 UTC (rev 18818) @@ -645,6 +645,7 @@ #include nt_status.h #include ads.h +#include gpo.h #include ads_dns.h #include interfaces.h #include trans2.h
svn commit: samba r18819 - in branches/SAMBA_3_0/source: libads libsmb utils
Author: gd Date: 2006-09-22 09:34:25 + (Fri, 22 Sep 2006) New Revision: 18819 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18819 Log: Fix build without LDAP. Guenther Modified: branches/SAMBA_3_0/source/libads/gpo.c branches/SAMBA_3_0/source/libads/gpo_util.c branches/SAMBA_3_0/source/libsmb/gpo.c branches/SAMBA_3_0/source/utils/net_ads_gpo.c Changeset: Modified: branches/SAMBA_3_0/source/libads/gpo.c === --- branches/SAMBA_3_0/source/libads/gpo.c 2006-09-22 09:09:01 UTC (rev 18818) +++ branches/SAMBA_3_0/source/libads/gpo.c 2006-09-22 09:34:25 UTC (rev 18819) @@ -20,6 +20,8 @@ #include includes.h +#ifdef HAVE_LDAP + ADS_STATUS ads_parse_gp_ext(TALLOC_CTX *mem_ctx, const char *extension_raw, struct GP_EXT *gp_ext) @@ -678,3 +680,5 @@ return ADS_ERROR(LDAP_SUCCESS); } + +#endif /* HAVE_LDAP */ Modified: branches/SAMBA_3_0/source/libads/gpo_util.c === --- branches/SAMBA_3_0/source/libads/gpo_util.c 2006-09-22 09:09:01 UTC (rev 18818) +++ branches/SAMBA_3_0/source/libads/gpo_util.c 2006-09-22 09:34:25 UTC (rev 18819) @@ -20,6 +20,8 @@ #include includes.h +#ifdef HAVE_LDAP + #define DEFAULT_DOMAIN_POLICY Default Domain Policy #define DEFAULT_DOMAIN_CONTROLLERS_POLICY Default Domain Controllers Policy @@ -499,3 +501,5 @@ ads_memfree(ads, dn); return ADS_ERROR(LDAP_SUCCESS); } + +#endif /* HAVE_LDAP */ Modified: branches/SAMBA_3_0/source/libsmb/gpo.c === --- branches/SAMBA_3_0/source/libsmb/gpo.c 2006-09-22 09:09:01 UTC (rev 18818) +++ branches/SAMBA_3_0/source/libsmb/gpo.c 2006-09-22 09:34:25 UTC (rev 18819) @@ -20,6 +20,8 @@ #include includes.h +#ifdef HAVE_LDAP + #define GPT_INI_SECTION_GENERAL General #define GPT_INI_PARAMETER_VERSION Version #define GPT_INI_PARAMETER_DISPLAYNAME displayName @@ -165,3 +167,5 @@ signature=$CHICAGO$ Revision=1 */ + +#endif /* HAVE_LDAP */ Modified: branches/SAMBA_3_0/source/utils/net_ads_gpo.c === --- branches/SAMBA_3_0/source/utils/net_ads_gpo.c 2006-09-22 09:09:01 UTC (rev 18818) +++ branches/SAMBA_3_0/source/utils/net_ads_gpo.c 2006-09-22 09:34:25 UTC (rev 18819) @@ -446,4 +446,4 @@ return net_run_function(argc, argv, func, net_ads_gpo_usage); } -#endif +#endif /* HAVE_ADS */
svn commit: samba r18820 - in branches/SAMBA_3_0/source/libads: .
Author: gd Date: 2006-09-22 10:09:15 + (Fri, 22 Sep 2006) New Revision: 18820 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18820 Log: Comment out some unused functions. Guenther Modified: branches/SAMBA_3_0/source/libads/gpo_util.c Changeset: Modified: branches/SAMBA_3_0/source/libads/gpo_util.c === --- branches/SAMBA_3_0/source/libads/gpo_util.c 2006-09-22 09:34:25 UTC (rev 18819) +++ branches/SAMBA_3_0/source/libads/gpo_util.c 2006-09-22 10:09:15 UTC (rev 18820) @@ -37,6 +37,7 @@ ADS_STATUS (*snapin_fn)(ADS_STRUCT *, TALLOC_CTX *mem_ctx, const char *, const char *); }; +#if 0 /* unused */ static struct gpo_table gpo_default_policy[] = { { DEFAULT_DOMAIN_POLICY, 31B2F340-016D-11D2-945F-00C04FB984F9 }, @@ -44,8 +45,8 @@ 6AC1786C-016F-11D2-945F-00C04fB984F9 }, { NULL, NULL } }; +#endif - /* the following is seen in gPCMachineExtensionNames or gPCUserExtensionNames */ static struct gpo_table gpo_cse_extensions[] = { @@ -127,6 +128,19 @@ return NULL; } +static const char *snapin_guid_string_to_name(const char *guid_string, + struct snapin_table *table) +{ + int i; + for (i = 0; table[i].guid_string; i++) { + if (strequal(guid_string, table[i].guid_string)) { + return table[i].name; + } + } + return NULL; +} + +#if 0 /* unused */ static const char *default_gpo_name_to_guid_string(const char *name) { return name_to_guid_string(name, gpo_default_policy); @@ -136,6 +150,7 @@ { return guid_string_to_name(guid, gpo_default_policy); } +#endif const char *cse_gpo_guid_string_to_name(const char *guid) { @@ -149,7 +164,7 @@ const char *cse_snapin_gpo_guid_string_to_name(const char *guid) { - return guid_string_to_name(guid, gpo_cse_snapin_extensions); + return snapin_guid_string_to_name(guid, gpo_cse_snapin_extensions); } void dump_gp_ext(struct GP_EXT *gp_ext)
svn commit: samba r18821 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: gd Date: 2006-09-22 10:31:19 + (Fri, 22 Sep 2006) New Revision: 18821 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18821 Log: Correctly name dfs_AddStdRootForced() test. Guenther Modified: branches/SAMBA_4_0/source/torture/rpc/dfs.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/dfs.c === --- branches/SAMBA_4_0/source/torture/rpc/dfs.c 2006-09-22 10:09:15 UTC (rev 18820) +++ branches/SAMBA_4_0/source/torture/rpc/dfs.c 2006-09-22 10:31:19 UTC (rev 18821) @@ -361,13 +361,13 @@ } -static BOOL test_StdRootForced(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) +static BOOL test_AddStdRootForced(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) { NTSTATUS status; struct dfs_AddStdRootForced r; enum dfs_ManagerVersion version; - printf(Testing StdRootForced\n); + printf(Testing AddStdRootForced\n); if (!test_GetManagerVersion(p, mem_ctx, version)) { return False; @@ -413,7 +413,6 @@ return True; } - static BOOL test_AddStdRoot(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) { NTSTATUS status; @@ -471,7 +470,7 @@ ret = test_NetShareAdd(mem_ctx, host, sharename, path); ret = test_AddStdRoot(p, mem_ctx, host, sharename); ret = test_RemoveStdRoot(p, mem_ctx, host, sharename); - ret = test_StdRootForced(p, mem_ctx, host, sharename); + ret = test_AddStdRootForced(p, mem_ctx, host, sharename); ret = test_NetShareDel(mem_ctx, host, sharename); ret = test_DeleteDir(cli, dir);
svn commit: samba r18822 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: gd Date: 2006-09-22 10:37:43 + (Fri, 22 Sep 2006) New Revision: 18822 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18822 Log: Automatically remove a forced dfs standard root creation. Guenther Modified: branches/SAMBA_4_0/source/torture/rpc/dfs.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/dfs.c === --- branches/SAMBA_4_0/source/torture/rpc/dfs.c 2006-09-22 10:31:19 UTC (rev 18821) +++ branches/SAMBA_4_0/source/torture/rpc/dfs.c 2006-09-22 10:37:43 UTC (rev 18822) @@ -360,81 +360,81 @@ return ret; } - -static BOOL test_AddStdRootForced(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) +static BOOL test_RemoveStdRoot(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) { + struct dfs_RemoveStdRoot r; NTSTATUS status; - struct dfs_AddStdRootForced r; - enum dfs_ManagerVersion version; - printf(Testing AddStdRootForced\n); + printf(Testing RemoveStdRoot\n); - if (!test_GetManagerVersion(p, mem_ctx, version)) { - return False; - } - r.in.servername = host; r.in.rootshare = sharename; - r.in.comment= standard dfs forced standalone DFS root created by smbtorture (dfs_AddStdRootForced); - r.in.store = SMBTORTURE_DFS_PATHNAME; + r.in.flags = 0; - status = dcerpc_dfs_AddStdRootForced(p, mem_ctx, r); + status = dcerpc_dfs_RemoveStdRoot(p, mem_ctx, r); if (!NT_STATUS_IS_OK(status)) { - printf(AddStdRootForced failed - %s\n, nt_errstr(status)); + printf(RemoveStdRoot failed - %s\n, nt_errstr(status)); return False; } else if (!W_ERROR_IS_OK(r.out.result)) { - printf(dfs_AddStdRootForced failed - %s\n, win_errstr(r.out.result)); - IS_DFS_VERSION_UNSUPPORTED_CALL_W2K3(version, r.out.result); + printf(dfs_RemoveStdRoot failed - %s\n, win_errstr(r.out.result)); return False; } return True; } -static BOOL test_RemoveStdRoot(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) +static BOOL test_AddStdRoot(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) { - struct dfs_RemoveStdRoot r; NTSTATUS status; + struct dfs_AddStdRoot r; - printf(Testing RemoveStdRoot\n); + printf(Testing AddStdRoot\n); r.in.servername = host; r.in.rootshare = sharename; + r.in.comment= standard dfs standalone DFS root created by smbtorture (dfs_AddStdRoot); r.in.flags = 0; - status = dcerpc_dfs_RemoveStdRoot(p, mem_ctx, r); + status = dcerpc_dfs_AddStdRoot(p, mem_ctx, r); if (!NT_STATUS_IS_OK(status)) { - printf(RemoveStdRoot failed - %s\n, nt_errstr(status)); + printf(AddStdRoot failed - %s\n, nt_errstr(status)); return False; } else if (!W_ERROR_IS_OK(r.out.result)) { - printf(dfs_RemoveStdRoot failed - %s\n, win_errstr(r.out.result)); + printf(dfs_AddStdRoot failed - %s\n, win_errstr(r.out.result)); return False; } return True; } -static BOOL test_AddStdRoot(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) + +static BOOL test_AddStdRootForced(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *host, const char *sharename) { NTSTATUS status; - struct dfs_AddStdRoot r; + struct dfs_AddStdRootForced r; + enum dfs_ManagerVersion version; - printf(Testing AddStdRoot\n); + printf(Testing AddStdRootForced\n); + if (!test_GetManagerVersion(p, mem_ctx, version)) { + return False; + } + r.in.servername = host; r.in.rootshare = sharename; - r.in.comment= standard dfs standalone DFS root created by smbtorture (dfs_AddStdRoot); - r.in.flags = 0; + r.in.comment= standard dfs forced standalone DFS root created by smbtorture (dfs_AddStdRootForced); + r.in.store = SMBTORTURE_DFS_PATHNAME; - status = dcerpc_dfs_AddStdRoot(p, mem_ctx, r); + status = dcerpc_dfs_AddStdRootForced(p, mem_ctx, r); if (!NT_STATUS_IS_OK(status)) { - printf(AddStdRoot failed - %s\n, nt_errstr(status)); + printf(AddStdRootForced failed - %s\n, nt_errstr(status)); return False; } else if (!W_ERROR_IS_OK(r.out.result)) { - printf(dfs_AddStdRoot failed - %s\n, win_errstr(r.out.result)); + printf(dfs_AddStdRootForced failed - %s\n, win_errstr(r.out.result)); + IS_DFS_VERSION_UNSUPPORTED_CALL_W2K3(version, r.out.result); return False;
svn commit: samba r18823 - in branches/SAMBA_3_0/source: rpc_server script/tests
Author: jelmer Date: 2006-09-22 15:09:08 + (Fri, 22 Sep 2006) New Revision: 18823 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18823 Log: Fix some errors in the srsvc handling code and start running the RPC-SRVSVC test against samba3. Modified: branches/SAMBA_3_0/source/rpc_server/srv_srvsvc_nt.c branches/SAMBA_3_0/source/script/tests/test_posix_s3.sh Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_srvsvc_nt.c === --- branches/SAMBA_3_0/source/rpc_server/srv_srvsvc_nt.c2006-09-22 10:37:43 UTC (rev 18822) +++ branches/SAMBA_3_0/source/rpc_server/srv_srvsvc_nt.c2006-09-22 15:09:08 UTC (rev 18823) @@ -803,7 +803,8 @@ } if (ss1 == NULL) { - (*snum) = 0; + if (snum != NULL) + (*snum) = 0; return; } @@ -867,7 +868,8 @@ break; default: DEBUG(5,(init_srv_sess_info_ctr: unsupported switch value %d\n, switch_value)); - (*resume_hnd) = 0; + if (resume_hnd != NULL) + (*resume_hnd) = 0; (*total_entries) = 0; ctr-ctr0 = NULL; status = WERR_UNKNOWN_LEVEL; @@ -887,7 +889,8 @@ (*stot) = 1; if (ss0 == NULL) { - (*snum) = 0; + if (snum != NULL) + (*snum) = 0; return; } @@ -928,7 +931,8 @@ (*stot) = 1; if (ss1 == NULL) { - (*snum) = 0; + if (snum != NULL) + (*snum) = 0; return; } Modified: branches/SAMBA_3_0/source/script/tests/test_posix_s3.sh === --- branches/SAMBA_3_0/source/script/tests/test_posix_s3.sh 2006-09-22 10:37:43 UTC (rev 18822) +++ branches/SAMBA_3_0/source/script/tests/test_posix_s3.sh 2006-09-22 15:09:08 UTC (rev 18823) @@ -33,7 +33,7 @@ raw=$raw RAW-SFILEINFO RAW-SFILEINFO-BUG RAW-STREAMS RAW-UNLINK RAW-WRITE raw=$raw RAW-SAMBA3HIDE RAW-SAMBA3BADPATH -rpc=RPC-AUTHCONTEXT RPC-BINDSAMBA3 RPC-SAMBA3-SRVSVC RPC-SAMBA3-SHARESEC RPC-UNIXINFO +rpc=RPC-AUTHCONTEXT RPC-BINDSAMBA3 RPC-SAMBA3-SRVSVC RPC-SAMBA3-SHARESEC RPC-UNIXINFO RPC_SRVSVC if test x$RUN_FROM_BUILD_FARM = xyes; then rpc=$rpc RPC-NETLOGSAMBA3 RPC-SAMBA3SESSIONKEY RPC-SAMBA3-GETUSERNAME
svn commit: samba r18824 - in branches/SAMBA_4_0/source/client: .
Author: tridge Date: 2006-09-22 15:14:03 + (Fri, 22 Sep 2006) New Revision: 18824 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18824 Log: fixed a bug in cifsdd when the file is exactly a multiple of the block size (cifsdd incorrectly reported an error and exited) Modified: branches/SAMBA_4_0/source/client/cifsdd.c Changeset: Modified: branches/SAMBA_4_0/source/client/cifsdd.c === --- branches/SAMBA_4_0/source/client/cifsdd.c 2006-09-22 15:09:08 UTC (rev 18823) +++ branches/SAMBA_4_0/source/client/cifsdd.c 2006-09-22 15:14:03 UTC (rev 18824) @@ -498,7 +498,8 @@ * at least obs bytes in the IO buffer but might not if the * file is too small. */ - if (!dd_flush_block(ofile, iobuf, data_size, obs)) { + if (data_size + !dd_flush_block(ofile, iobuf, data_size, obs)) { return(IOERROR_EXIT_CODE); } }
svn commit: samba r18825 - in branches/SAMBA_4_0/source/script/tests: .
Author: tridge Date: 2006-09-22 15:14:53 + (Fri, 22 Sep 2006) New Revision: 18825 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18825 Log: speed up the test_cifsdd.sh test by using a smaller file. It was taking over half an hour on some systems Modified: branches/SAMBA_4_0/source/script/tests/test_cifsdd.sh Changeset: Modified: branches/SAMBA_4_0/source/script/tests/test_cifsdd.sh === --- branches/SAMBA_4_0/source/script/tests/test_cifsdd.sh 2006-09-22 15:14:03 UTC (rev 18824) +++ branches/SAMBA_4_0/source/script/tests/test_cifsdd.sh 2006-09-22 15:14:53 UTC (rev 18825) @@ -17,7 +17,7 @@ DD=bin/cifsdd SHARE=tmp -DEBUGLEVEL=4 +DEBUGLEVEL=1 failed=0 @@ -44,8 +44,10 @@ destpath=tempfile.dst.$$ # Create a source file with arbitrary contents -cp $DD $sourcepath +dd if=$DD of=$sourcepath bs=1024 count=50 /dev/null +ls -l $sourcepath + for bs in 512 4k 48k ; do echo Testing $bs block size ...
svn commit: samba-web r1040 - in trunk/team: .
Author: deryck Date: 2006-09-22 18:19:54 + (Fri, 22 Sep 2006) New Revision: 1040 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1040 Log: Link blue is #EE. (I know I'm anal. :-) But the color difference bothered me.) Modified: trunk/team/index.html Changeset: Modified: trunk/team/index.html === --- trunk/team/index.html 2006-09-21 23:35:37 UTC (rev 1039) +++ trunk/team/index.html 2006-09-22 18:19:54 UTC (rev 1040) @@ -60,7 +60,7 @@ /td td valign=top ul -lispan style=color:blue;Derrell Lipman/span/li +lispan style=color:#EE;Derrell Lipman/span/li lia href=mailto:[EMAIL PROTECTED]Jim McDonough/a/li lia href=mailto:[EMAIL PROTECTED]Stefan Metzmacher/a/li lia href=mailto:[EMAIL PROTECTED]Jean Francois Micouleau/a/li
svn commit: samba r18826 - in branches/SAMBA_4_0/source/heimdal: kdc lib/krb5
Author: abartlet Date: 2006-09-22 18:39:49 + (Fri, 22 Sep 2006) New Revision: 18826 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18826 Log: Allow 'enterprise' principal names to log in. These principals do not need to be in the same realm as the rest of the ticket, the full principal name is in the first componet of the ASN.1. Samba4's backend will handle getting this to the 'right' place. Andrew Bartlett Modified: branches/SAMBA_4_0/source/heimdal/kdc/524.c branches/SAMBA_4_0/source/heimdal/kdc/kerberos4.c branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c branches/SAMBA_4_0/source/heimdal/lib/krb5/asn1_glue.c branches/SAMBA_4_0/source/heimdal/lib/krb5/get_in_tkt.c branches/SAMBA_4_0/source/heimdal/lib/krb5/krb5-private.h branches/SAMBA_4_0/source/heimdal/lib/krb5/rd_cred.c branches/SAMBA_4_0/source/heimdal/lib/krb5/rd_req.c Changeset: Modified: branches/SAMBA_4_0/source/heimdal/kdc/524.c === --- branches/SAMBA_4_0/source/heimdal/kdc/524.c 2006-09-22 15:14:53 UTC (rev 18825) +++ branches/SAMBA_4_0/source/heimdal/kdc/524.c 2006-09-22 18:39:49 UTC (rev 18826) @@ -53,7 +53,7 @@ krb5_error_code ret; krb5_principal sprinc; -ret = _krb5_principalname2krb5_principal(sprinc, t-sname, t-realm); +ret = _krb5_principalname2krb5_principal(context, sprinc, t-sname, t-realm); if (ret) { kdc_log(context, config, 0, _krb5_principalname2krb5_principal: %s, krb5_get_err_text(context, ret)); @@ -90,7 +90,7 @@ char *cpn; krb5_error_code ret; -ret = _krb5_principalname2krb5_principal(client, et-cname, et-crealm); +ret = _krb5_principalname2krb5_principal(context, client, et-cname, et-crealm); if (ret) { kdc_log(context, config, 0, _krb5_principalname2krb5_principal: %s, krb5_get_err_text (context, ret)); Modified: branches/SAMBA_4_0/source/heimdal/kdc/kerberos4.c === --- branches/SAMBA_4_0/source/heimdal/kdc/kerberos4.c 2006-09-22 15:14:53 UTC (rev 18825) +++ branches/SAMBA_4_0/source/heimdal/kdc/kerberos4.c 2006-09-22 18:39:49 UTC (rev 18826) @@ -655,7 +655,8 @@ { krb5_principal princ; - _krb5_principalname2krb5_principal(princ, + _krb5_principalname2krb5_principal(context, + princ, *service, et-crealm); ret = krb5_524_conv_principal(context, @@ -667,7 +668,8 @@ if(ret) return ret; - _krb5_principalname2krb5_principal(princ, + _krb5_principalname2krb5_principal(context, + princ, et-cname, et-crealm); Modified: branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c === --- branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c 2006-09-22 15:14:53 UTC (rev 18825) +++ branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c 2006-09-22 18:39:49 UTC (rev 18826) @@ -869,7 +869,7 @@ ret = KRB5KRB_ERR_GENERIC; e_text = No server in request; } else{ - _krb5_principalname2krb5_principal (server_princ, + _krb5_principalname2krb5_principal (context, server_princ, *(b-sname), b-realm); ret = krb5_unparse_name(context, server_princ, server_name); } @@ -882,7 +882,7 @@ ret = KRB5KRB_ERR_GENERIC; e_text = No client in request; } else { - _krb5_principalname2krb5_principal (client_princ, + _krb5_principalname2krb5_principal (context, client_princ, *(b-cname), b-realm); ret = krb5_unparse_name(context, client_princ, client_name); } @@ -1270,7 +1270,7 @@ if (f.request_anonymous) make_anonymous_principalname (rep.cname); else - _krb5_principal2principalname(rep.cname, + _krb5_principal2principalname(rep.cname, client-entry.principal); rep.ticket.tkt_vno = 5; copy_Realm(server-entry.principal-realm, rep.ticket.realm); @@ -2137,7 +2137,7 @@ goto out2; } -_krb5_principalname2krb5_principal(princ, +_krb5_principalname2krb5_principal(context, princ, ap_req.ticket.sname, ap_req.ticket.realm); @@ -2340,7 +2340,7 @@ ret = KRB5KDC_ERR_POLICY; goto out2; } - _krb5_principalname2krb5_principal(p, t-sname, t-realm); + _krb5_principalname2krb5_principal(context, p, t-sname, t-realm); ret =
svn commit: lorikeet r561 - in trunk/heimdal: kdc lib/krb5
Author: abartlet Date: 2006-09-22 19:35:56 + (Fri, 22 Sep 2006) New Revision: 561 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=561 Log: Merge to lorikeet-heimdal Samba4's patch to permit logins with the 'enterprise' principal name type. Andrew Bartlett Modified: trunk/heimdal/kdc/524.c trunk/heimdal/kdc/hpropd.c trunk/heimdal/kdc/kerberos4.c trunk/heimdal/kdc/kerberos5.c trunk/heimdal/kdc/krb5tgs.c trunk/heimdal/lib/krb5/asn1_glue.c trunk/heimdal/lib/krb5/get_in_tkt.c trunk/heimdal/lib/krb5/rd_cred.c trunk/heimdal/lib/krb5/rd_req.c Changeset: Sorry, the patch is too large (255 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=561
svn commit: samba r18827 - in branches/SAMBA_4_0/source/kdc: .
Author: abartlet Date: 2006-09-22 19:39:27 + (Fri, 22 Sep 2006) New Revision: 18827 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18827 Log: I forgot to commit this: Make kpasswdd use the new prototype for _krb5_principalname2krb5_principal() Andrew Bartlett Modified: branches/SAMBA_4_0/source/kdc/kpasswdd.c Changeset: Modified: branches/SAMBA_4_0/source/kdc/kpasswdd.c === --- branches/SAMBA_4_0/source/kdc/kpasswdd.c2006-09-22 18:39:49 UTC (rev 18826) +++ branches/SAMBA_4_0/source/kdc/kpasswdd.c2006-09-22 19:39:27 UTC (rev 18827) @@ -280,7 +280,8 @@ reply); } if (chpw.targname chpw.targrealm) { - if (_krb5_principalname2krb5_principal(principal, *chpw.targname, + if (_krb5_principalname2krb5_principal(kdc-smb_krb5_context-krb5_context, + principal, *chpw.targname, *chpw.targrealm) != 0) { free_ChangePasswdDataMS(chpw); return kpasswdd_make_error_reply(kdc, mem_ctx,
svn commit: samba r18828 - in branches/SAMBA_4_0/source/script/tests: .
Author: abartlet Date: 2006-09-22 19:43:08 + (Fri, 22 Sep 2006) New Revision: 18828 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18828 Log: Export some more useful environment varibles, particularly for use in 'make testenv' Andrew Bartlett Modified: branches/SAMBA_4_0/source/script/tests/mktestsetup.sh Changeset: Modified: branches/SAMBA_4_0/source/script/tests/mktestsetup.sh === --- branches/SAMBA_4_0/source/script/tests/mktestsetup.sh 2006-09-22 19:39:27 UTC (rev 18827) +++ branches/SAMBA_4_0/source/script/tests/mktestsetup.sh 2006-09-22 19:43:08 UTC (rev 18828) @@ -22,6 +22,7 @@ DNSNAME=samba.example.com BASEDN=dc=samba,dc=example,dc=com PASSWORD=penguin +AUTH=-U$USERNAME%$PASSWORD SRCDIR=`pwd` ROOT=$USER SERVER=localhost @@ -65,6 +66,7 @@ export CONFFILE export SLAPD_CONF export PIDDIR +export AUTH rm -rf $PREFIX/* mkdir -p $PRIVATEDIR $ETCDIR $PIDDIR $NCALRPCDIR $LOCKDIR $TMPDIR $TLSDIR $LDAPDIR/db @@ -327,6 +329,17 @@ directory $LDAPDIR/db index objectClass eq index samAccountName eq +index name eq +index objectSid eq +index objectCategory eq +index member eq +index uidNumber eq +index gidNumber eq +index unixName eq +index privilege eq +index nCName eq +index lDAPDisplayName eq +index subClassOf eq overlay syncprov syncprov-checkpoint 100 10
svn commit: samba r18829 - in branches/SAMBA_4_0/source/script/tests: .
Author: abartlet Date: 2006-09-22 20:00:49 + (Fri, 22 Sep 2006) New Revision: 18829 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18829 Log: Print a nice welcome message when we enter the test environment. Andrew Bartlett Modified: branches/SAMBA_4_0/source/script/tests/mktestsetup.sh branches/SAMBA_4_0/source/script/tests/tests_xterm.sh Changeset: Modified: branches/SAMBA_4_0/source/script/tests/mktestsetup.sh === --- branches/SAMBA_4_0/source/script/tests/mktestsetup.sh 2006-09-22 19:43:08 UTC (rev 18828) +++ branches/SAMBA_4_0/source/script/tests/mktestsetup.sh 2006-09-22 20:00:49 UTC (rev 18829) @@ -67,6 +67,8 @@ export SLAPD_CONF export PIDDIR export AUTH +export SERVER +export NETBIOSNAME rm -rf $PREFIX/* mkdir -p $PRIVATEDIR $ETCDIR $PIDDIR $NCALRPCDIR $LOCKDIR $TMPDIR $TLSDIR $LDAPDIR/db Modified: branches/SAMBA_4_0/source/script/tests/tests_xterm.sh === --- branches/SAMBA_4_0/source/script/tests/tests_xterm.sh 2006-09-22 19:43:08 UTC (rev 18828) +++ branches/SAMBA_4_0/source/script/tests/tests_xterm.sh 2006-09-22 20:00:49 UTC (rev 18829) @@ -1,2 +1,11 @@ #!/bin/sh -xterm +xterm -e 'echo -e Welcome to the Samba4 Test environment\n\ +This matches the client environment used in make test\n\ +smbd is pid `cat $PIDDIR/smbd.pid`\n\ +\n\ +Some useful environment variables:\n\ +AUTH=$AUTH\n\ +TORTURE_OPTIONS=$TORTURE_OPTIONS\n\ +CONFIGURATION=$CONFIGURATION\n\ +SERVER=$SERVER\n\ +NETBIOSNAME=$NETBIOSNAME bash'
svn commit: samba r18830 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: tridge Date: 2006-09-22 23:21:36 + (Fri, 22 Sep 2006) New Revision: 18830 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18830 Log: ensure backends aren't added twice (needed for samba3) Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-22 20:00:49 UTC (rev 18829) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb.c 2006-09-22 23:21:36 UTC (rev 18830) @@ -61,6 +61,21 @@ ldb_connect_fn connect_fn; struct ldb_backend *prev, *next; } *ldb_backends = NULL; + + +static ldb_connect_fn ldb_find_backend(const char *url) +{ + struct ldb_backend *backend; + + for (backend = ldb_backends; backend; backend = backend-next) { + if (strncmp(backend-name, url, strlen(backend-name)) == 0) { + return backend-connect_fn; + } + } + + return NULL; +} + /* register a new ldb backend */ @@ -68,6 +83,10 @@ { struct ldb_backend *backend = talloc(talloc_autofree_context(), struct ldb_backend); + if (ldb_find_backend(url_prefix)) { + return LDB_SUCCESS; + } + /* Maybe check for duplicity here later on? */ backend-name = talloc_strdup(backend, url_prefix); @@ -77,19 +96,6 @@ return LDB_SUCCESS; } -static ldb_connect_fn ldb_find_backend(const char *url) -{ - struct ldb_backend *backend; - - for (backend = ldb_backends; backend; backend = backend-next) { - if (strncmp(backend-name, url, strlen(backend-name)) == 0) { - return backend-connect_fn; - } - } - - return NULL; -} - /* Return the ldb module form of a database. The URL can either be one of the following forms ldb://path
svn commit: samba r18831 - in branches/SAMBA_4_0/source/lib/ldb: common include ldb_tdb
Author: tridge Date: 2006-09-22 23:22:39 + (Fri, 22 Sep 2006) New Revision: 18831 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18831 Log: minor build changes for samba3. The logging changes will be removed when the tdb api is updated Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c branches/SAMBA_4_0/source/lib/ldb/include/dlinklist.h branches/SAMBA_4_0/source/lib/ldb/include/includes.h branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb.h branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c === --- branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c 2006-09-22 23:21:36 UTC (rev 18830) +++ branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c 2006-09-22 23:22:39 UTC (rev 18831) @@ -36,7 +36,7 @@ #include includes.h #include ldb/include/includes.h -#ifdef _SAMBA_BUILD_ +#if (_SAMBA_BUILD_ = 4) #include build.h #include dynconfig.h #endif Modified: branches/SAMBA_4_0/source/lib/ldb/include/dlinklist.h === --- branches/SAMBA_4_0/source/lib/ldb/include/dlinklist.h 2006-09-22 23:21:36 UTC (rev 18830) +++ branches/SAMBA_4_0/source/lib/ldb/include/dlinklist.h 2006-09-22 23:22:39 UTC (rev 18831) @@ -37,6 +37,7 @@ } while (0) /* remove an element from a list - element doesn't have to be in list. */ +#ifndef DLIST_REMOVE #define DLIST_REMOVE(list, p) \ do { \ if ((p) == (list)) { \ @@ -48,6 +49,7 @@ } \ if ((p) ((p) != (list))) (p)-next = (p)-prev = NULL; \ } while (0) +#endif /* promote an element to the top of the list */ #define DLIST_PROMOTE(list, p) \ Modified: branches/SAMBA_4_0/source/lib/ldb/include/includes.h === --- branches/SAMBA_4_0/source/lib/ldb/include/includes.h2006-09-22 23:21:36 UTC (rev 18830) +++ branches/SAMBA_4_0/source/lib/ldb/include/includes.h2006-09-22 23:22:39 UTC (rev 18831) @@ -4,11 +4,20 @@ a temporary includes file until I work on the ldb build system */ -#ifdef _SAMBA_BUILD_ +#if (_SAMBA_BUILD_ = 4) /* tell ldb we have the internal ldap code */ #define HAVE_ILDAP 1 #endif +#if (_SAMBA_BUILD_ = 3) +/* allow forbidden string functions - should be replaced with _m functions */ +#undef strcasecmp +#undef strncasecmp +#define dyn_MODULESDIR dyn_LIBDIR +#endif + + + #define discard_const(ptr) ((void *)((intptr_t)(ptr))) #define discard_const_p(type, ptr) ((type *)discard_const(ptr)) Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb.h === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb.h 2006-09-22 23:21:36 UTC (rev 18830) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb.h 2006-09-22 23:22:39 UTC (rev 18831) @@ -1,7 +1,12 @@ #ifdef _SAMBA_BUILD_ #include system/filesys.h +#endif + +#if (_SAMBA_BUILD_ = 4) #include lib/tdb/include/tdb.h +#elif defined(_SAMBA_BUILD_) +#include tdb/include/tdb.h #else #include tdb.h #endif Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c2006-09-22 23:21:36 UTC (rev 18830) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c2006-09-22 23:22:39 UTC (rev 18831) @@ -58,6 +58,7 @@ return 0; } +#if (_SAMBA_BUILD_ = 4) static void ltdb_log_fn(struct tdb_context *tdb, enum tdb_debug_level level, const char *fmt, ...) PRINTF_ATTRIBUTE(3, 4); static void ltdb_log_fn(struct tdb_context *tdb, enum tdb_debug_level level, const char *fmt, ...) { @@ -90,8 +91,23 @@ ldb_debug(ldb, ldb_level, ltdb: tdb(%s): %s, name, message); talloc_free(message); } +#else +static void ltdb_log_fn(struct tdb_context *tdb, int level, const char *fmt, ...) PRINTF_ATTRIBUTE(3, 4); +static void ltdb_log_fn(struct tdb_context *tdb, int level, const char *fmt, ...) +{ + /* until we merge the tdb debug changes into samba3, we don't know + how serious the error is, and we can't go via the ldb loggin code */ + va_list ap; + const char *name = tdb_name(tdb); + char *message; + va_start(ap, fmt); + message = talloc_vasprintf(NULL, fmt, ap); + va_end(ap); + DEBUG(3, (ltdb: tdb(%s): %s, name, message)); + talloc_free(message); +} +#endif - /* wrapped connection to a tdb database. The caller should _not_ free this as it is not a talloc structure (as tdb does not use talloc @@ -106,9 +122,14 @@ { struct ltdb_wrap *w; struct stat st; +#if (_SAMBA_BUILD_ = 4) struct tdb_logging_context log_ctx; + struct tdb_logging_context log_ctx_p = log_ctx;
svn commit: samba r18832 - in branches/SAMBA_4_0/source/lib/ldb/ldb_tdb: .
Author: tridge Date: 2006-09-22 23:25:16 + (Fri, 22 Sep 2006) New Revision: 18832 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18832 Log: fixed standalone build Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c2006-09-22 23:22:39 UTC (rev 18831) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c2006-09-22 23:25:16 UTC (rev 18832) @@ -58,7 +58,22 @@ return 0; } -#if (_SAMBA_BUILD_ = 4) +#if defined(_SAMBA_BUILD_) (_SAMBA_BUILD_ = 3) +static void ltdb_log_fn(struct tdb_context *tdb, int level, const char *fmt, ...) PRINTF_ATTRIBUTE(3, 4); +static void ltdb_log_fn(struct tdb_context *tdb, int level, const char *fmt, ...) +{ + /* until we merge the tdb debug changes into samba3, we don't know + how serious the error is, and we can't go via the ldb loggin code */ + va_list ap; + const char *name = tdb_name(tdb); + char *message; + va_start(ap, fmt); + message = talloc_vasprintf(NULL, fmt, ap); + va_end(ap); + DEBUG(3, (ltdb: tdb(%s): %s, name, message)); + talloc_free(message); +} +#else static void ltdb_log_fn(struct tdb_context *tdb, enum tdb_debug_level level, const char *fmt, ...) PRINTF_ATTRIBUTE(3, 4); static void ltdb_log_fn(struct tdb_context *tdb, enum tdb_debug_level level, const char *fmt, ...) { @@ -91,21 +106,6 @@ ldb_debug(ldb, ldb_level, ltdb: tdb(%s): %s, name, message); talloc_free(message); } -#else -static void ltdb_log_fn(struct tdb_context *tdb, int level, const char *fmt, ...) PRINTF_ATTRIBUTE(3, 4); -static void ltdb_log_fn(struct tdb_context *tdb, int level, const char *fmt, ...) -{ - /* until we merge the tdb debug changes into samba3, we don't know - how serious the error is, and we can't go via the ldb loggin code */ - va_list ap; - const char *name = tdb_name(tdb); - char *message; - va_start(ap, fmt); - message = talloc_vasprintf(NULL, fmt, ap); - va_end(ap); - DEBUG(3, (ltdb: tdb(%s): %s, name, message)); - talloc_free(message); -} #endif /* @@ -122,13 +122,13 @@ { struct ltdb_wrap *w; struct stat st; -#if (_SAMBA_BUILD_ = 4) +#if (_SAMBA_BUILD_ = 3) + tdb_log_func log_ctx_p = ltdb_log_fn; +#else struct tdb_logging_context log_ctx; struct tdb_logging_context log_ctx_p = log_ctx; log_ctx.log_fn = ltdb_log_fn; log_ctx.log_private = ldb; -#else - tdb_log_func log_ctx_p = ltdb_log_fn; #endif if (stat(path, st) == 0) {
Build status as of Sat Sep 23 00:00:02 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-09-22 00:00:05.0 + +++ /home/build/master/cache/broken_results.txt 2006-09-23 00:00:38.0 + @@ -1,4 +1,4 @@ -Build status as of Fri Sep 22 00:00:01 2006 +Build status as of Sat Sep 23 00:00:02 2006 Build counts: Tree Total Broken Panic @@ -6,16 +6,16 @@ build_farm 0 0 0 ccache 46 7 0 distcc 46 6 0 -ldb 43 9 0 -libreplace 42 1 0 +ldb 43 10 0 +libreplace 42 2 0 lorikeet-heimdal 0 0 0 ppp 18 0 0 rsync46 4 0 samba0 0 0 samba-docs 0 0 0 -samba4 44 14 1 -samba_3_042 19 0 +samba4 44 22 1 +samba_3_043 38 1 smb-build29 4 0 -talloc 46 2 0 +talloc 44 4 0 tdb 44 7 0
svn commit: samba r18833 - in branches/SAMBA_4_0/source/build/smb_build: .
Author: tridge Date: 2006-09-23 01:54:29 + (Sat, 23 Sep 2006) New Revision: 18833 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18833 Log: darn, forgot to commit this sorry about the build breakage Modified: branches/SAMBA_4_0/source/build/smb_build/makefile.pm Changeset: Modified: branches/SAMBA_4_0/source/build/smb_build/makefile.pm === --- branches/SAMBA_4_0/source/build/smb_build/makefile.pm 2006-09-22 23:25:16 UTC (rev 18832) +++ branches/SAMBA_4_0/source/build/smb_build/makefile.pm 2006-09-23 01:54:29 UTC (rev 18833) @@ -126,7 +126,7 @@ PERL=$self-{config}-{PERL} CPP=$self-{config}-{CPP} -CPPFLAGS=$builddir_headers-I\$(srcdir)/include -I\$(srcdir) -I\$(srcdir)/lib -D_SAMBA_BUILD_ -DHAVE_CONFIG_H $self-{config}-{CPPFLAGS} +CPPFLAGS=$builddir_headers-I\$(srcdir)/include -I\$(srcdir) -I\$(srcdir)/lib -D_SAMBA_BUILD_=4 -DHAVE_CONFIG_H $self-{config}-{CPPFLAGS} CC=$self-{config}-{CC} CFLAGS=$self-{config}-{CFLAGS} \$(CPPFLAGS)
svn commit: samba r18834 - in branches/SAMBA_4_0/source/lib/ldb/ldb_tdb: .
Author: tridge Date: 2006-09-23 01:59:48 + (Sat, 23 Sep 2006) New Revision: 18834 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18834 Log: get the log context code right Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c === --- branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c2006-09-23 01:54:29 UTC (rev 18833) +++ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ldb_tdb_wrap.c2006-09-23 01:59:48 UTC (rev 18834) @@ -122,11 +122,11 @@ { struct ltdb_wrap *w; struct stat st; -#if (_SAMBA_BUILD_ = 3) +#if defined(_SAMBA_BUILD_) (_SAMBA_BUILD_ = 3) tdb_log_func log_ctx_p = ltdb_log_fn; #else struct tdb_logging_context log_ctx; - struct tdb_logging_context log_ctx_p = log_ctx; + const struct tdb_logging_context *log_ctx_p = log_ctx; log_ctx.log_fn = ltdb_log_fn; log_ctx.log_private = ldb; #endif
svn commit: samba r18835 - in branches/SAMBA_4_0/source: libcli/raw ntvfs ntvfs/posix torture/smb2
Author: tridge Date: 2006-09-23 02:19:15 + (Sat, 23 Sep 2006) New Revision: 18835 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18835 Log: expand IO limits on SMB2. Samba4 now tops out at 16.7MB IOs. Modified: branches/SAMBA_4_0/source/libcli/raw/interfaces.h branches/SAMBA_4_0/source/ntvfs/ntvfs_generic.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_read.c branches/SAMBA_4_0/source/torture/smb2/maxwrite.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/raw/interfaces.h === --- branches/SAMBA_4_0/source/libcli/raw/interfaces.h 2006-09-23 01:59:48 UTC (rev 18834) +++ branches/SAMBA_4_0/source/libcli/raw/interfaces.h 2006-09-23 02:19:15 UTC (rev 18835) @@ -1589,7 +1589,7 @@ uint8_t *data; uint16_t remaining; uint16_t compaction_mode; - uint16_t nread; + uint32_t nread; } out; } readx, generic; Modified: branches/SAMBA_4_0/source/ntvfs/ntvfs_generic.c === --- branches/SAMBA_4_0/source/ntvfs/ntvfs_generic.c 2006-09-23 01:59:48 UTC (rev 18834) +++ branches/SAMBA_4_0/source/ntvfs/ntvfs_generic.c 2006-09-23 02:19:15 UTC (rev 18835) @@ -1266,12 +1266,6 @@ break; case RAW_READ_SMB2: - if (rd-smb2.in.length UINT16_MAX) { - DEBUG(0,(%s: mapping SMB2 = generic length to large %u!\n, - __FUNCTION__, rd-smb2.in.length)); - status = NT_STATUS_FOOBAR; - goto done; - } rd2-readx.in.file.ntvfs= rd-smb2.in.file.ntvfs; rd2-readx.in.offset= rd-smb2.in.offset; rd2-readx.in.mincnt= rd-smb2.in.length; Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_read.c === --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_read.c 2006-09-23 01:59:48 UTC (rev 18834) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_read.c 2006-09-23 02:19:15 UTC (rev 18835) @@ -59,7 +59,7 @@ } maxcnt = rd-readx.in.maxcnt; - if (maxcnt UINT16_MAX) { + if (maxcnt UINT16_MAX req-ctx-protocol PROTOCOL_SMB2) { maxcnt = 0; } Modified: branches/SAMBA_4_0/source/torture/smb2/maxwrite.c === --- branches/SAMBA_4_0/source/torture/smb2/maxwrite.c 2006-09-23 01:59:48 UTC (rev 18834) +++ branches/SAMBA_4_0/source/torture/smb2/maxwrite.c 2006-09-23 02:19:15 UTC (rev 18835) @@ -37,7 +37,7 @@ struct smb2_read r; NTSTATUS status; int i, len; - int max = 1000; + int max = 8000; int min = 1; while (max min) { @@ -94,7 +94,7 @@ printf(converged: len=%d\n, max); - return status; + return NT_STATUS_OK; }
svn commit: samba r18836 - in branches/SAMBA_4_0/source/lib/ldb: ldb_ldap ldb_tdb modules
Author: tridge Date: 2006-09-23 02:23:10 + (Sat, 23 Sep 2006) New Revision: 18836 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18836 Log: ignore .po files in ldb Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_ldap/ branches/SAMBA_4_0/source/lib/ldb/ldb_tdb/ branches/SAMBA_4_0/source/lib/ldb/modules/ Changeset: Property changes on: branches/SAMBA_4_0/source/lib/ldb/ldb_ldap ___ Name: svn:ignore + *.po Property changes on: branches/SAMBA_4_0/source/lib/ldb/ldb_tdb ___ Name: svn:ignore - .sconsign *.d ldbadd ldbsearch ldbdel test.ldb TAGS .*~ *.o + .sconsign *.d ldbadd ldbsearch ldbdel test.ldb TAGS .*~ *.o *.po Property changes on: branches/SAMBA_4_0/source/lib/ldb/modules ___ Name: svn:ignore - .sconsign *.d + .sconsign *.d *.po
svn commit: samba r18837 - in branches/SAMBA_4_0/source/lib/ldb/common: .
Author: tridge Date: 2006-09-23 02:24:22 + (Sat, 23 Sep 2006) New Revision: 18837 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18837 Log: ignore .po files in ldb/common Modified: branches/SAMBA_4_0/source/lib/ldb/common/ Changeset: Property changes on: branches/SAMBA_4_0/source/lib/ldb/common ___ Name: svn:ignore - .sconsign *.d + .sconsign *.d *.po
svn commit: samba r18838 - in branches/SAMBA_4_0/source/torture/smb2: .
Author: tridge Date: 2006-09-23 02:32:47 + (Sat, 23 Sep 2006) New Revision: 18838 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18838 Log: make sure we cleanup after SMB2-MAXWRITE (it creates a large file) Modified: branches/SAMBA_4_0/source/torture/smb2/maxwrite.c Changeset: Modified: branches/SAMBA_4_0/source/torture/smb2/maxwrite.c === --- branches/SAMBA_4_0/source/torture/smb2/maxwrite.c 2006-09-23 02:24:22 UTC (rev 18837) +++ branches/SAMBA_4_0/source/torture/smb2/maxwrite.c 2006-09-23 02:32:47 UTC (rev 18838) @@ -27,11 +27,14 @@ #include torture/torture.h #include torture/smb2/proto.h +#define FNAME testmaxwrite.dat + /* test writing */ static NTSTATUS torture_smb2_write(TALLOC_CTX *mem_ctx, - struct smb2_tree *tree, struct smb2_handle handle) + struct smb2_tree *tree, + struct smb2_handle handle) { struct smb2_write w; struct smb2_read r; @@ -62,12 +65,17 @@ if (!NT_STATUS_IS_OK(status)) { printf(write failed - %s\n, nt_errstr(status)); max = len-1; - talloc_free(tree); - if (!torture_smb2_connection(mem_ctx, tree)) { - printf(failed to reconnect\n); - return NT_STATUS_NET_WRITE_FAULT; + status = smb2_util_close(tree, handle); + if (!NT_STATUS_IS_OK(status)) { + /* vista bug */ + printf(coping with server disconnect\n); + talloc_free(tree); + if (!torture_smb2_connection(mem_ctx, tree)) { + printf(failed to reconnect\n); + return NT_STATUS_NET_WRITE_FAULT; + } } - handle = torture_smb2_create(tree, test9.dat); + handle = torture_smb2_create(tree, FNAME); continue; } else { min = len; @@ -93,6 +101,8 @@ } printf(converged: len=%d\n, max); + smb2_util_close(tree, handle); + smb2_util_unlink(tree, FNAME); return NT_STATUS_OK; } @@ -113,7 +123,7 @@ return False; } - h1 = torture_smb2_create(tree, test9.dat); + h1 = torture_smb2_create(tree, FNAME); status = torture_smb2_write(mem_ctx, tree, h1); if (!NT_STATUS_IS_OK(status)) { printf(Write failed - %s\n, nt_errstr(status));
svn commit: samba r18839 - in branches/SAMBA_4_0/source/smb_server: .
Author: tridge Date: 2006-09-23 02:45:06 + (Sat, 23 Sep 2006) New Revision: 18839 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18839 Log: align all directory search blobs on an 8 byte boundary to keep the current vista release happy. Modified: branches/SAMBA_4_0/source/smb_server/blob.c Changeset: Modified: branches/SAMBA_4_0/source/smb_server/blob.c === --- branches/SAMBA_4_0/source/smb_server/blob.c 2006-09-23 02:32:47 UTC (rev 18838) +++ branches/SAMBA_4_0/source/smb_server/blob.c 2006-09-23 02:45:06 UTC (rev 18839) @@ -38,6 +38,15 @@ } \ } while (0) + +/* align the end of the blob on an 8 byte boundary */ +#define BLOB_ALIGN(blob, alignment) do { \ + if ((blob)-length ((alignment)-1)) { \ + uint8_t _pad = (alignment) - ((blob)-length ((alignment)-1)); \ + BLOB_CHECK(smbsrv_blob_fill_data(blob, blob, (blob)-length+_pad)); \ + } \ +} while (0) + /* grow the data size of a trans2 reply */ NTSTATUS smbsrv_blob_grow_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, @@ -616,6 +625,7 @@ BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob, file-directory_info.name.s, ofs + 60, default_str_flags, STR_TERMINATE_ASCII)); + BLOB_ALIGN(blob, 8); data = blob-data + ofs; SIVAL(data, 0, blob-length - ofs); return NT_STATUS_OK; @@ -635,6 +645,7 @@ BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob, file-full_directory_info.name.s, ofs + 60, default_str_flags, STR_TERMINATE_ASCII)); + BLOB_ALIGN(blob, 8); data = blob-data + ofs; SIVAL(data, 0, blob-length - ofs); return NT_STATUS_OK; @@ -646,6 +657,7 @@ BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob, file-name_info.name.s, ofs + 8, default_str_flags, STR_TERMINATE_ASCII)); + BLOB_ALIGN(blob, 8); data = blob-data + ofs; SIVAL(data, 0, blob-length - ofs); return NT_STATUS_OK; @@ -672,10 +684,7 @@ BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob, file-both_directory_info.name.s, ofs + 60, default_str_flags, STR_TERMINATE_ASCII)); - /* align the end of the blob on an even boundary */ - if (blob-length 1) { - BLOB_CHECK(smbsrv_blob_fill_data(blob, blob, blob-length+1)); - } + BLOB_ALIGN(blob, 8); data = blob-data + ofs; SIVAL(data, 0, blob-length - ofs); return NT_STATUS_OK; @@ -697,6 +706,7 @@ BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob, file-id_full_directory_info.name.s, ofs + 60, default_str_flags, STR_TERMINATE_ASCII)); + BLOB_ALIGN(blob, 8); data = blob-data + ofs; SIVAL(data, 0, blob-length - ofs); return NT_STATUS_OK; @@ -724,6 +734,7 @@ BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob, file-id_both_directory_info.name.s, ofs + 60, default_str_flags, STR_TERMINATE_ASCII)); + BLOB_ALIGN(blob, 8); data = blob-data + ofs; SIVAL(data, 0, blob-length - ofs); return NT_STATUS_OK;
svn commit: samba r18840 - in branches/SAMBA_4_0/source/lib/ldb/tools: .
Author: tridge Date: 2006-09-23 04:36:30 + (Sat, 23 Sep 2006) New Revision: 18840 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=18840 Log: make these compatible with g++ warnings Modified: branches/SAMBA_4_0/source/lib/ldb/tools/cmdline.c branches/SAMBA_4_0/source/lib/ldb/tools/ldbedit.c Changeset: Modified: branches/SAMBA_4_0/source/lib/ldb/tools/cmdline.c === --- branches/SAMBA_4_0/source/lib/ldb/tools/cmdline.c 2006-09-23 02:45:06 UTC (rev 18839) +++ branches/SAMBA_4_0/source/lib/ldb/tools/cmdline.c 2006-09-23 04:36:30 UTC (rev 18840) @@ -26,7 +26,7 @@ #include ldb/include/includes.h #include ldb/tools/cmdline.h -#ifdef _SAMBA_BUILD_ +#if (_SAMBA_BUILD_ = 4) #include lib/cmdline/popt_common.h #include lib/ldb/samba/ldif_handlers.h #include auth/auth.h @@ -44,7 +44,7 @@ static struct ldb_cmdline options; /* needs to be static for older compilers */ struct ldb_cmdline *ret=NULL; poptContext pc; -#ifdef _SAMBA_BUILD_ +#if (_SAMBA_BUILD_ = 4) int r; #endif int num_options = 0; @@ -70,7 +70,7 @@ { output, 'O', POPT_ARG_STRING, options.output, 0, Output File, Output }, { NULL,'o', POPT_ARG_STRING, NULL, 'o', ldb_connect option, OPTION }, { controls, 0, POPT_ARG_STRING, NULL, 'c', controls, NULL }, -#ifdef _SAMBA_BUILD_ +#if (_SAMBA_BUILD_ = 4) POPT_COMMON_SAMBA POPT_COMMON_CREDENTIALS POPT_COMMON_VERSION @@ -80,7 +80,7 @@ ldb_global_init(); -#ifdef _SAMBA_BUILD_ +#if (_SAMBA_BUILD_ = 4) r = ldb_register_samba_handlers(ldb); if (r != 0) { goto failed; @@ -206,7 +206,7 @@ flags |= LDB_FLG_NOSYNC; } -#ifdef _SAMBA_BUILD_ +#if (_SAMBA_BUILD_ = 4) /* Must be after we have processed command line options */ gensec_init(); Modified: branches/SAMBA_4_0/source/lib/ldb/tools/ldbedit.c === --- branches/SAMBA_4_0/source/lib/ldb/tools/ldbedit.c 2006-09-23 02:45:06 UTC (rev 18839) +++ branches/SAMBA_4_0/source/lib/ldb/tools/ldbedit.c 2006-09-23 04:36:30 UTC (rev 18840) @@ -189,7 +189,7 @@ { int fd, ret; FILE *f; - char template[] = /tmp/ldbedit.XX; + char file_template[] = /tmp/ldbedit.XX; char *cmd; struct ldb_ldif *ldif; struct ldb_message **msgs2 = NULL; @@ -197,10 +197,10 @@ /* write out the original set of messages to a temporary file */ - fd = mkstemp(template); + fd = mkstemp(file_template); if (fd == -1) { - perror(template); + perror(file_template); return -1; } @@ -209,7 +209,7 @@ if (!f) { perror(fopen); close(fd); - unlink(template); + unlink(file_template); return -1; } @@ -219,10 +219,10 @@ fclose(f); - cmd = talloc_asprintf(ldb, %s %s, editor, template); + cmd = talloc_asprintf(ldb, %s %s, editor, file_template); if (!cmd) { - unlink(template); + unlink(file_template); fprintf(stderr, out of memory\n); return -1; } @@ -232,15 +232,15 @@ talloc_free(cmd); if (ret != 0) { - unlink(template); + unlink(file_template); fprintf(stderr, edit with %s failed\n, editor); return -1; } /* read the resulting ldif into msgs2 */ - f = fopen(template, r); + f = fopen(file_template, r); if (!f) { - perror(template); + perror(file_template); return -1; } @@ -254,7 +254,7 @@ } fclose(f); - unlink(template); + unlink(file_template); return merge_edits(ldb, msgs1, count1, msgs2, count2); }