Re: [Samba] Maximum number of files per folder
simo schrieb: On Mon, 2007-11-12 at 17:39 -0800, Jeremy Allison wrote: On Mon, Nov 12, 2007 at 08:24:05AM +0100, [EMAIL PROTECTED] wrote: Hello list, we have a small NAS-Box here in our office, running Linux 2.6.13 and Samba 3 (exactly version string is not avalilable for me at moment). Is there a limit, how many files samba will store in one folder? We recognize a massive CPU-Load of the smbd-process, when accessing a folder which stores round about 60 000 small text-files. Is this a samba-Limit or a bug? The kernel and samba is compiled by the NAS-manufactur, so no cimpiler-options are available for me. There are no hard coded limits, only what the OS restricts. However, storing large numbers of files in a folder is a bad idea unless Samba is set up specially to do this. See here : http://us1.samba.org/samba/ftp/HOWTO/Samba-LargeDirectory-HOWTO for details. IIRC ext3 has a (compile time changeable) limit of 32k files per dir by default ... Ah, nice to know. That could be the real answer for my problem. I will ask the manufactur of the NAS-Box. Greets, Markus Simo. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum number of files per folder
Quinn Fissler schrieb: Sorry I haven't answered your question. I would go and check the docs or search the code. Hi, you wrote a lot of text and gives me more idea to look around the problem :) When you say accessing a folder do you really mean browsing in Explorer? accessing was quite the wrong word. Browsing the folder (Box and Client connected through Gigabit-Ethernet with very low load) produced little delay, but works with acceptable speed. The load was created, when cutting of a number of files, e.g. 1000 files and moving them into another folder on another drive. The files were copied in acceptable time and after all files were copied that the high load was recognized. I think, the problem is the file table refresh. If you're using Explorer, does it know they're text files? Do they have .txt extension? Yes, only .txt files. If it doesn't - if it has an extension which requires it - it could open each one to find out what it is - to generate a thumbnail etc. I've just created a directory containing 60,000 small text files with names of the form textfile${N}.txt and can navigate it with only momentary delays. I must admit, I'm using a dual xeon with fast scsi raid. The interesting thing for me was that when I hit 32768 files in my creation loop, there was a delay of about a second - possibly as an extra inode was allocated to the directory list. When you access a large directory in samba, one cpu intensive part of the process is likely to be the mapping of user names and permissions. Do you have many users? The CPU-load was created, when samba refreshes the file table i think. At this time, only 2 Users were logged in on the box. I've just doubled the size of my directory (120,000 small text files) and it still performs quite well - when accessing from Explorer over a samba share (3.0.24) I see a burst of activity on the Linux box and then a long delay as Windows arranges the list. Will the NAS manufacturer be able to give you more info? I didn't concact them, because my first idea was a limit of 65000 files, but i found nothing about that in documentation. A common way around the problem of large directories is to use subdirectories based on the first letter or digit from the filename. No subdirectories are not possible, but we solved the problem by moving some thousand files on backup tape. Using subdirs means to rewrite our software which handles our manufactoring process and this is quite difficult. We dont need these old files for out automated processes. Regards, Markus This is only good to you if you can get to the code of your application and the files names do not change. Regards, Quinn On 12/11/2007, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello list, we have a small NAS-Box here in our office, running Linux 2.6.13 and Samba 3 (exactly version string is not avalilable for me at moment). Is there a limit, how many files samba will store in one folder? We recognize a massive CPU-Load of the smbd-process, when accessing a folder which stores round about 60 000 small text-files. Is this a samba-Limit or a bug? The kernel and samba is compiled by the NAS-manufactur, so no cimpiler-options are available for me. So long, Markus -- Markus Neviadomski lists @ dieitexperten.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printing; privileges separation (follow up: printing/nt_printing.c)
Roel van Meer writes: I'm using samba 3.0.26a with cups as printing backend, which are both working fine. However, I would like to grant all users access to all print jobs, but without granting them the right to add or modify printers and printer settings. When I grant users the SePrintOperatorPrivilege privilege, they can indeed cancel other people's jobs, but then they can also rename printers on the server (which breaks things). Does anyone know if it is possible to separate access to these two operations, or to grant normal users the right to remove other people's jobs without them having the SePrintOperatorPrivilege priv? I received a very helpful suggestion from Dale Schroeder on this. He said it was possible to grant users or groups the 'Manage Documents' privilege from a Windows client. However, when I do this, users are still not allowed to cancel other users' print jobs. Some debugging of the samba code showed that the request is denied in print_access_check() in printing/nt_printing.c. The code I see there does something I do not understand. When canceling a job you need JOB_ACCESS_ADMINISTER privileges, but the code modifies this to check for PRINTER_ACCESS_ADMINISTER privs. The comments preceding this statement are: /* Now this is the bit that really confuses me. The access type needs to be changed from JOB_ACCESS_ADMINISTER to PRINTER_ACCESS_ADMINISTER for this to work. Something to do with the child (job) object becoming like a printer?? -tpot */ When I comment the line changing the access_type (line 5514), canceling print jobs works as expected. Does anyone know why I would need PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER? Does changing it introduce security problems? I can file a bug report if necessary. Regards, roel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] wbinfo -u - do I need to worry?
Dale Schroeder wrote: Phil, Lots of group mapping and ldap changes in 3.0.23. I don't do ldap, so I can't tell you whether or not you need to worry. You can probably figure it out at: http://us4.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html#id343762 and http://us4.samba.org/samba/history/samba-3.0.25.html Dale Thanks Dale, that link was a great help. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A device attached to the system is not functioning.
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 homeDirectory: /home/testuser gecos: test user,IS,5766888,3738042 sambaSID: S-1-1-0 ^^^ That's wrong. S-1-1-0 is Everyone. How did that SID get assigned? I was following along in the Samba3 by example book. It doesn't talk about an .ldif file to use for users, so I was just guessing. smbldap-useradd -a -m %u doesn't work for me, just gives an error when I run it, so I was adding a user manually from an ldif, and objectClass: sambaSamAccount requires sambaSID, so I was just guessing on what to use. I see that now it needs to be the sambaSID of the samba server and then add -UID x 2 + 1000 for it to work. is there a way to automate the adding of the sambaSID to the user's ldap information? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] roaming profiles behavior
I have a PDC named gomer w/ IP 10.8.3.37 and a BDC named bldg1 w/ IP of 10.8.3.231, and a testpc w/ IP of 10.8.3.237. in the TCP/IP settings of testpc, I put the WINS server as 10.8.3.231, but when I log in, the roaming profile is stored onto gomer. Is this correct behavior? I then changed bldg1's logon path from logon path = \\%L\profiles\%U to logon path = \\bldg1\profiles\%U and re-logged in, but the profile was still stored on gomer. Why is that? If I have another BDC on another subnet, like bldg2 w/ ip of 10.8.11.2 and another testpc2 w/ IP of 10.8.11.32, and have its WINS set to 10.8.11.2 and log in, what would happen? Would a roaming profile be stored on bldg2 because its on another subnet, or would the profile also be on gomer? I'd like the profiles to be subnet specific because we have multiple sites connected by T-1s, dsl, etc, and loading large profiles over those slower links will lead to complains. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Mapped username then gets mapped to Anonymous
Hey Everyone - I apologize if this is a duplicate - however I received a notification that the email could not be delivered, so I'll try again! --- Hi Everyone, I have setup a Samba share to work on our local network with a username map to accommodate Windows XP usernames with spaces, but it seems that Samba maps the username correctly but then immediately changes it to an Anonymous request. Am I missing something? Clip from log file: -- [2007/11/09 09:58:49, 3] smbd/sesssetup.c:reply_sesssetup_and_X(995) Domain=[OFFICE] NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2007/11/09 09:58:49, 3] smbd/sesssetup.c:reply_sesssetup_and_X(1010) sesssetupX:[EMAIL PROTECTED] [2007/11/09 09:58:49, 3] smbd/map_username.c:map_username(54) Mapped user Luke to lpittman [2007/11/09 09:58:49, 3] smbd/sesssetup.c:check_guest_password(136) Got anonymous request [2007/11/09 09:58:49, 3] auth/auth.c:check_ntlm_password(221) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2007/11/09 09:58:49, 3] auth/auth.c:check_ntlm_password(224) check_ntlm_password: mapped user is: [EMAIL PROTECTED] -- My smb.conf file: -- [global] #workgroup = Hewlettpackard workgroup = C22 server string = netbios name = Server2 security = share wins support = no log level = 1 load printers = no log file = /var/log/samba/%m.log log level = 3 username map = /etc/samba/smbusers os level = 2 time server = yes encrypt passwords = yes # log size in Kb max log size = 500 [Raid0] public = no path = /raid0 valid users = cflatman lpittman read only = no writeable = yes [Raid1] public = no path = /raid1 valid users = cflatman lpittman read only = no writeable = yes -- Any ideas/help/advice/links would be great - I've been searching for hours and have not found anything. Thanks a bunch! Luke Pittman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mapped username then gets mapped to Anonymous
On Tuesday 13 November 2007, Luke Pittman wrote: Samba maps the username correctly but then immediately changes it to an Anonymous request. Am I missing something? As your smbusers file is part of the equation you may have wanted to post at least part of it. Did you quote the usernames with spaces in /etc/samba/smbusers? As in: lpittman = Luke Pittman -- Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba clients disconnect periodically
I am using Samba 3.0.10 with Red hat (4.5) as samba fileserver. It is very basic setup with Ldap setup. All of our desktop (Windows and MAC) clients (250) simultaneously started dropping their connections to our Samba fileserver. Since then, I have tested with RHEL5 and SuSE with Samba 3.0.23c, 24 and 25. None the latested fix this problem. So I downgraded to samba 3.0.10 and it works better but still have problem disconnecting with clients disconnection. The problem has also appeared on clients running disparate operating systems: Mac OS 10.3.9 and 10.4.x, Windows 2000 and Windows XP. (None of our Linux desktops use the CIFS mounts we provide.) I was never able to replicate on Windows Desktop. I will really appreciate your input Here is smb.conf file- [global] # set basic name strings server string = DOMAIN workgroup = NEW_DOMAIN netbios name = DOMAIN # log level and log file. Samba can use syslog as well, but it's just # easier not to. Plus, we can separate out log information by user # (%U) and machine (%m) if we use Samba's internal logging. Samba # auto-rotates logs when they get bigger than 'max log size' Kb, but # it only retains one old log and one new one. log level = 1 vfs:3 log file = /var/log/samba/%U.%m.log max log size = 102400 # how to add machine trust accounts to LDAP add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m' # only bind to the correct (cluster) IP address; otherwise, we'll broadcast # this nodes IP address and the SAN IP as master browsers in addition to the # cluster IP. bind interfaces only = true interfaces = 10.1.1.44 # for netlogon (which we don't use) logon path = logon home = # some performance tweaks socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536 SO_KEEPALIVE # no limit to the number of processes to spawn (which is good, because # Samba has recently been going crazy and spawning hundreds of processes) max smbd processes = 0 # basic domain master setup encrypt passwords = yes domain logons = yes domain master = yes local master = yes preferred master = yes security = user # os level = 33 will make Huxley win any contests to see who is the # domain master. (There shouldn't be any, but what the hey.) os level = 33 # where to find the WINS server wins server = 10.9.1.12 # users in this (LDAP) group will have their smbd processes run as # root, giving them access to _everything_. They will also be allowed # to join computers to the domain admin users = +ntadmin # LDAP setup -- where to find stuff, etc. At least some earlier # versions of Samba had a bug that forced machine accounts and user # accounts to be in the same tree, which is why they're not separated # out passdb backend = ldapsam:ldap://ldap.example.com ldap suffix = o=example.com,o=isp ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap admin dn = cn=directory manager ldap ssl = on # not sure what these do, to be honest idmap uid = 1-2 idmap gid = 1-2 # include extra user configuration. For instance, if you wanted to # turn up the log level for John User, you could create a file called # 'juser.inc' (or whatever John's username is) and add a 'log level' # line to it. This include statement has to be here, at the end of # the [global] section and before any of the shares, so that it can # override any global configuration directives, but won't be # considered part of any particular share. include = /etc/samba/%U.inc ## # HOME DRIVE # ## [home] comment = Home directories # basic config: don't allow guest access, allow write, show this # volume in a volume listing of this machine guest ok = 0 read only = no browseable = yes # create the path from the user's home directory, which is populated # from LDAP path = %H # auto-create home and publichtml folders root preexec = /usr/local/maint/mkhome '%U' # the permissions of a given folder should be the same as the # permissions of its parent. This helps preserve permissions for both # home and publichtml, which should be different inherit permissions = yes # default permissions directory mask = 0700 force directory mode = 0700 create mask = 0600 force create mode = 0600 ## # MISC DRIVE # ## [misc] comment = misc drive path = /misc # basic config: don't allow guest access, allow write, show this # volume in a volume listing of this machine guest ok = 0 read only = no browseable = yes # for some reason, inherit permissions doesn't work on /misc, although # it should. Set all permissions according to the defaults. When I # create a new folder for a department, etc., I can set its # permissions specially, which will allow me to prevent or allow # anonymous access as necessary. inherit permissions = no directory mask = 2775 force
[Samba] Can't get samba to start.
Hey, I'm having problems with samba. It has never worked properly on my server since I've had it installed.. Its for a home server, running xbox-Linux Fedora Core 6. I've just uninstalled every trace of the old samba, and started a fresh. With the latest samba sources I found on the website. The nmbd starts fine, but smbd never starts, and in the kernel log, I get the following message 5audit(1194957676.859:270): avc: denied { write } for pid=14000 comm=smbd name=secrets.tdb dev=hda2 ino=2490462 scontext=root:system_r:smbd_t:s0 tconte xt=root:object_r:etc_t:s0 tclass=file 5audit(1194957768.575:272): avc: denied { write } for pid=14025 comm=smbd name=secrets.tdb dev=hda2 ino=2490462 scontext=root:system_r:smbd_t:s0 tconte xt=root:object_r:etc_t:s0 tclass=file 5audit(1194957793.491:274): avc: denied { write } for pid=14045 comm=smbd name=secrets.tdb dev=hda2 ino=2490462 scontext=root:system_r:smbd_t:s0 tconte xt=root:object_r:etc_t:s0 tclass=file If I do an `ls` on the /etc/samba directory, it shows the permissions [EMAIL PROTECTED] ~]# ls -l /etc/samba total 68 -rwx-- 1 root root 8192 Nov 13 12:02 secrets.tdb -rw-r--r-- 1 root root 19666 Nov 13 12:02 smb.conf -rw-r--r-- 1 root root 19701 Nov 13 11:51 smb.conf.example -rw--- 1 root root 103 Nov 13 12:03 smbpasswd My smb.conf file is as follows... [global] workgroup = MSHOME netbios name = XBOXSERVER server string = Samba Server %v interfaces = 192.168.1.60/24, 192.168.1.61/24 log file = /var/log/samba/log.%m max log size = 50 name resolve order = wins host lmhosts bcast socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = cups dns proxy = No hosts allow = 192.168.1. [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [print$] path = /var/lib/samba/printers write list = @adm, root guest ok = Yes Can anyone tell me whats wrong? Thank you, very much. Any help is very much appreciated! Samuel Melrose. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mac client
I tried with a blah.txt as a test. I can't find much on the internet from Apple about this. Nothing in fact. I can't be the only one, but it's beginning to look like it. Thanks Adam Mike McGonagle on 13/11/07 00:44, wrote: Are the Mac files using any ILLEGAL Windows characters? The Mac pretty much allows any character in a filename, as long as it is escaped properly, while Windows can't handle things like... ? [ ] / \ = + : ; , The Mac will pretty much allow any of them to be used in a filename. On 11/12/07, Adam Hardy [EMAIL PROTECTED] wrote: I'm trying to copy files to a Samba share that I have set up on a linux debian machine from a Mac running OS X, using samba 3.0.24. The Mac complains that there is something wrong with the file name, and then refuses to copy, and the operation leaves a zero-byte file with the same name on the samba share. It lets me log in nicely through the Mac File Finder. I've just spent a couple of hours searching the net but without any luck at all. Does anyone know what I should do in this situation? The samba share works fine from my other linux machine. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain Control Query via samba.org Howto
Hi All, I am reading the howto on samba.org, http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#pdc-example and find the section about SID/RID under Features and Benefits a little vague. It states that samba creates the RID, but it then states that the windows machine also allocates the RID. Here, *** The UNIX operating system uses a separate name space for user and group identifiers (the UID and GID) but Windows allocates the RID from a single name space. *** it says that windows allocates the RID, but just before that, it says, *** Samba produces the RID algorithmically *** Is that confusing, or is it just me? Cheers. Mark Sargent -- Tell me and I'll forget, show me and I may not remember, involve me, and I'll understand. Native American Proverb -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A device attached to the system is not functioning.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adam Williams wrote: Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 homeDirectory: /home/testuser gecos: test user,IS,5766888,3738042 sambaSID: S-1-1-0 ^^^ That's wrong. S-1-1-0 is Everyone. How did that SID get assigned? is there a way to automate the adding of the sambaSID to the user's ldap information? smbpasswd -a :-) jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHOmHfIR7qMdg1EfYRAjhOAJwI/LNIPt8p6Z61R5sMQUEX4BBTPwCgxBaP PUG4HjzjHzsDlJ1tdZCWysU= =PNZL -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't get samba to start.
Samuel Melrose wrote: Hey, I'm having problems with samba. It has never worked properly on my server since I've had it installed.. Its for a home server, running xbox-Linux Fedora Core 6. I've just uninstalled every trace of the old samba, and started a fresh. With the latest samba sources I found on the website. The nmbd starts fine, but smbd never starts, and in the kernel log, I get the following message 5audit(1194957676.859:270): avc: denied { write } for pid=14000 comm=smbd name=secrets.tdb dev=hda2 ino=2490462 scontext=root:system_r:smbd_t:s0 tconte xt=root:object_r:etc_t:s0 tclass=file Looks like you're running selinux in enforcing mode. You'll need to develope your own tageted file overrides to allow samba to write to the necessary files. In the meantime, you can change selinux to permissive mode which only logs the violation. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r25936 - in branches/SAMBA_4_0/source/scripting/libjs: .
Author: metze Date: 2007-11-13 08:48:29 + (Tue, 13 Nov 2007) New Revision: 25936 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25936 Log: provision/newuser: don't try to set the 'memberOf' attribute metze Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js Changeset: Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js === --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-11-13 04:57:09 UTC (rev 25935) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-11-13 08:48:29 UTC (rev 25936) @@ -1084,7 +1084,6 @@ var ldif = sprintf( dn: %s sAMAccountName: %s -memberOf: %s unixName: %s sambaPassword: %s objectClass: user
Rev 666: match samba 3.2 in http://samba.org/~tridge/3_0-ctdb
revno: 666 revision-id:[EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: s3-ctdb-tridge timestamp: Tue 2007-11-13 20:44:12 +1100 message: match samba 3.2 modified: source/locking/posix.c posix.c-20070210173807-1wjifrbwaz6xnmgl-637 === modified file 'source/locking/posix.c' --- a/source/locking/posix.c2007-11-13 09:40:02 + +++ b/source/locking/posix.c2007-11-13 09:44:12 + @@ -641,7 +641,7 @@ */ ret = SMB_VFS_CLOSE(fsp,fsp-fh-fd); fsp-fh-fd = -1; - if (ret != 0) { + if (ret == -1) { return map_nt_error_from_unix(errno); } return NT_STATUS_OK;
Rev 665: errno is only valid if a system call has failed. This bug caused in http://samba.org/~tridge/3_0-ctdb
revno: 665 revision-id:[EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: s3-ctdb-tridge timestamp: Tue 2007-11-13 20:40:02 +1100 message: errno is only valid if a system call has failed. This bug caused SMBclose to occasionally return NT_STATUS_ACCESS_DENIED for no reason in BENCH-NBENCH Need to check if upstream Samba 3.2 is affected by this. modified: source/locking/posix.c posix.c-20070210173807-1wjifrbwaz6xnmgl-637 === modified file 'source/locking/posix.c' --- a/source/locking/posix.c2007-05-21 10:59:16 + +++ b/source/locking/posix.c2007-11-13 09:40:02 + @@ -641,7 +641,10 @@ */ ret = SMB_VFS_CLOSE(fsp,fsp-fh-fd); fsp-fh-fd = -1; - return map_nt_error_from_unix(errno); + if (ret != 0) { + return map_nt_error_from_unix(errno); + } + return NT_STATUS_OK; } if (get_windows_lock_ref_count(fsp)) {
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-310-g4d3e84a
The branch, v3-2-test has been updated via 4d3e84a3b3a39d3d2c9b86affa16c8124b1496e5 (commit) via a2949fd7a567ba3357024c9e4a8429733009dde4 (commit) via dcbe1bf942d017a3cd5084c6ef605a13912f795b (commit) from 01663c2312467ceebeb2e2fb1aa432ad96c626e5 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 4d3e84a3b3a39d3d2c9b86affa16c8124b1496e5 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Nov 12 12:49:40 2007 +0100 Fix build of the zfs_acl module. There was one caller of smb_get_nt_acl_nfs4() forgotten in the change of return value. Michael commit a2949fd7a567ba3357024c9e4a8429733009dde4 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Nov 12 12:48:29 2007 +0100 Fix the build: correct prototype. Adapt prototype of smb_get_nt_acl_nfs4() in the header file, too. Michael commit dcbe1bf942d017a3cd5084c6ef605a13912f795b Author: Volker Lendecke [EMAIL PROTECTED] Date: Sat Oct 13 21:06:49 2007 +0200 Make [f]get_nt_acl return NTSTATUS --- Summary of changes: source/include/vfs.h | 12 ++-- source/modules/nfs4_acls.c| 20 source/modules/nfs4_acls.h|2 +- source/modules/vfs_afsacl.c | 24 source/modules/vfs_aixacl2.c |8 source/modules/vfs_catia.c|2 +- source/modules/vfs_default.c | 12 source/modules/vfs_full_audit.c | 22 -- source/modules/vfs_gpfs.c |8 source/modules/vfs_zfsacl.c | 20 +++- source/rpc_server/srv_srvsvc_nt.c | 11 --- source/smbd/dir.c | 11 +-- source/smbd/file_access.c | 15 +++ source/smbd/nttrans.c | 18 +++--- source/smbd/posix_acls.c | 20 ++-- 15 files changed, 116 insertions(+), 89 deletions(-) Changeset truncated at 500 lines: diff --git a/source/include/vfs.h b/source/include/vfs.h index 03af04d..b45320d 100644 --- a/source/include/vfs.h +++ b/source/include/vfs.h @@ -74,6 +74,7 @@ /* Leave at 22 - not yet released. Add file_id_create operation. --metze */ /* Leave at 22 - not yet released. Change all BOOL parameters (int) to bool. jra. */ /* Leave at 22 - not yet released. Added recvfile. */ +/* Leave at 22 - not yet released. Change get_nt_acl to return NTSTATUS - vl */ #define SMB_VFS_INTERFACE_VERSION 22 @@ -305,8 +306,15 @@ struct vfs_ops { /* NT ACL operations. */ - size_t (*fget_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info, struct security_descriptor **ppdesc); - size_t (*get_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info, struct security_descriptor **ppdesc); + NTSTATUS (*fget_nt_acl)(struct vfs_handle_struct *handle, + struct files_struct *fsp, int fd, + uint32 security_info, + struct security_descriptor **ppdesc); + NTSTATUS (*get_nt_acl)(struct vfs_handle_struct *handle, + struct files_struct *fsp, + const char *name, + uint32 security_info, + struct security_descriptor **ppdesc); NTSTATUS (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor *psd); NTSTATUS (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd); diff --git a/source/modules/nfs4_acls.c b/source/modules/nfs4_acls.c index 2d81739..207c2ab 100644 --- a/source/modules/nfs4_acls.c +++ b/source/modules/nfs4_acls.c @@ -257,7 +257,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *acl, /* in */ return True; } -size_t smb_get_nt_acl_nfs4(files_struct *fsp, +NTSTATUS smb_get_nt_acl_nfs4(files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc, SMB4ACL_T *acl) { @@ -272,23 +272,25 @@ size_t smb_get_nt_acl_nfs4(files_struct *fsp, DEBUG(10, (smb_get_nt_acl_nfs4 invoked for %s\n, fsp-fsp_name)); if (acl==NULL || smb_get_naces(acl)==0) - return 0; /* special because we shouldn't alloc 0 for win */ + return NT_STATUS_ACCESS_DENIED; /* special because we +* shouldn't alloc 0 for +
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-311-gf1680ba
The branch, v3-2-test has been updated via f1680bada913af4eaf5c0d686983018d6c8b3e5f (commit) from 4d3e84a3b3a39d3d2c9b86affa16c8124b1496e5 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit f1680bada913af4eaf5c0d686983018d6c8b3e5f Author: Jeremy Allison [EMAIL PROTECTED] Date: Tue Nov 13 12:51:31 2007 -0800 Remove last pstring from smbd/*.c Jeremy. --- Summary of changes: source/auth/auth_compat.c |2 +- source/smbd/message.c | 51 +-- source/smbd/password.c| 70 ++--- source/smbd/quotas.c | 365 +++-- source/smbd/utmp.c| 64 +--- 5 files changed, 311 insertions(+), 241 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/auth_compat.c b/source/auth/auth_compat.c index f10585d..ad2686c 100644 --- a/source/auth/auth_compat.c +++ b/source/auth/auth_compat.c @@ -92,7 +92,7 @@ check if a username/password pair is ok via the auth subsystem. return True if the password is correct, False otherwise / -bool password_ok(char *smb_name, DATA_BLOB password_blob) +bool password_ok(const char *smb_name, DATA_BLOB password_blob) { DATA_BLOB null_password = data_blob_null; diff --git a/source/smbd/message.c b/source/smbd/message.c index b044b6f..12a4bc0 100644 --- a/source/smbd/message.c +++ b/source/smbd/message.c @@ -38,7 +38,8 @@ static fstring msgto; static void msg_deliver(void) { - pstring name; + TALLOC_CTX *ctx = talloc_tos(); + char *name = NULL; int i; int fd; char *msg; @@ -52,7 +53,10 @@ static void msg_deliver(void) } /* put it in a temporary file */ - slprintf(name,sizeof(name)-1, %s/msg.XX,tmpdir()); + name = talloc_asprintf(ctx, %s/msg.XX,tmpdir()); + if (!name) { + return; + } fd = smb_mkstemp(name); if (fd == -1) { @@ -63,7 +67,7 @@ static void msg_deliver(void) /* * Incoming message is in DOS codepage format. Convert to UNIX. */ - + if ((len = (int)convert_string_allocate(NULL,CH_DOS, CH_UNIX, msgbuf, msgpos, (void **)(void *)msg, True)) 0 || !msg) { DEBUG(3,(Conversion failed, delivering message in DOS codepage format\n)); for (i = 0; i msgpos;) { @@ -95,14 +99,39 @@ static void msg_deliver(void) if (*lp_msg_command()) { fstring alpha_msgfrom; fstring alpha_msgto; - pstring s; - - pstrcpy(s,lp_msg_command()); - pstring_sub(s,%f,alpha_strcpy(alpha_msgfrom,msgfrom,NULL,sizeof(alpha_msgfrom))); - pstring_sub(s,%t,alpha_strcpy(alpha_msgto,msgto,NULL,sizeof(alpha_msgto))); - standard_sub_basic(current_user_info.smb_name, - current_user_info.domain, s, sizeof(s)); - pstring_sub(s,%s,name); + char *s = talloc_strdup(ctx, + lp_msg_command()); + + if (!s) { + return; + } + s = talloc_string_sub(ctx, s, %f, + alpha_strcpy(alpha_msgfrom, + msgfrom, + NULL, + sizeof(alpha_msgfrom))); + if (!s) { + return; + } + s = talloc_string_sub(ctx, s, %t, + alpha_strcpy(alpha_msgto, + msgto, + NULL, + sizeof(alpha_msgto))); + if (!s) { + return; + } + s = talloc_sub_basic(ctx, + current_user_info.smb_name, + current_user_info.domain, + s); + if (!s) { + return; + } + s = talloc_string_sub(ctx, s, %s,name); + if (!s) { + return; + } smbrun(s,NULL); } diff --git a/source/smbd/password.c b/source/smbd/password.c index 995abbf..80b5415 100644 --- a/source/smbd/password.c +++ b/source/smbd/password.c @@ -669,46 +669,51 @@ static char *validate_group(char *group, DATA_BLOB password,int snum) /* * As user_ok can recurse doing a getgrent(), we must -* copy the member list into a pstring on the stack before +* copy the
svn commit: samba r25937 - in branches/4.0-python: . source source/auth source/auth/gensec source/auth/kerberos source/build/m4 source/build/smb_build source/cluster/ctdb source/dsdb/repl source/dsdb/
Author: jelmer Date: 2007-11-13 21:27:37 + (Tue, 13 Nov 2007) New Revision: 25937 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25937 Log: Merge upstream. Added: branches/4.0-python/source/lib/charset/tests/ branches/4.0-python/source/lib/charset/tests/charset.c branches/4.0-python/source/lib/charset/tests/iconv.c branches/4.0-python/source/lib/crypto/config.mk branches/4.0-python/source/lib/events/testsuite.c branches/4.0-python/source/lib/messaging/tests/ branches/4.0-python/source/lib/messaging/tests/irpc.c branches/4.0-python/source/lib/messaging/tests/messaging.c branches/4.0-python/source/libcli/resolve/testsuite.c branches/4.0-python/source/libcli/security/tests/ branches/4.0-python/source/libcli/security/tests/sddl.c branches/4.0-python/source/param/tests/ branches/4.0-python/source/param/tests/share.c branches/4.0-python/source/setup/phpldapadmin-config.php Removed: branches/4.0-python/source/lib/charset/testsuite.c branches/4.0-python/source/torture/local/event.c branches/4.0-python/source/torture/local/iconv.c branches/4.0-python/source/torture/local/irpc.c branches/4.0-python/source/torture/local/messaging.c branches/4.0-python/source/torture/local/resolve.c branches/4.0-python/source/torture/local/sddl.c branches/4.0-python/source/torture/local/share.c Modified: branches/4.0-python/ branches/4.0-python/source/auth/auth_winbind.c branches/4.0-python/source/auth/gensec/schannel.c branches/4.0-python/source/auth/kerberos/kerberos_pac.c branches/4.0-python/source/build/m4/check_ld.m4 branches/4.0-python/source/build/smb_build/makefile.pm branches/4.0-python/source/cluster/ctdb/opendb_ctdb.c branches/4.0-python/source/dsdb/repl/drepl_partitions.c branches/4.0-python/source/dsdb/repl/replicated_objects.c branches/4.0-python/source/dsdb/samdb/ldb_modules/entryUUID.c branches/4.0-python/source/dsdb/samdb/ldb_modules/linked_attributes.c branches/4.0-python/source/dsdb/samdb/ldb_modules/objectclass.c branches/4.0-python/source/dsdb/samdb/ldb_modules/objectguid.c branches/4.0-python/source/dsdb/samdb/ldb_modules/password_hash.c branches/4.0-python/source/dsdb/samdb/ldb_modules/repl_meta_data.c branches/4.0-python/source/dsdb/samdb/ldb_modules/samba3sam.c branches/4.0-python/source/dsdb/samdb/ldb_modules/samldb.c branches/4.0-python/source/dsdb/samdb/samdb.c branches/4.0-python/source/dsdb/schema/schema_init.c branches/4.0-python/source/dsdb/schema/schema_syntax.c branches/4.0-python/source/kdc/hdb-ldb.c branches/4.0-python/source/kdc/pac-glue.c branches/4.0-python/source/ldap_server/ldap_server.c branches/4.0-python/source/lib/basic.mk branches/4.0-python/source/lib/ldb-samba/ldif_handlers.c branches/4.0-python/source/lib/ldb/common/ldb.c branches/4.0-python/source/lib/ldb/common/ldb_modules.c branches/4.0-python/source/lib/ldb/ldb_tdb/ldb_tdb.h branches/4.0-python/source/lib/ldb/tests/python/ldap.py branches/4.0-python/source/lib/ldb/web/index.html branches/4.0-python/source/lib/messaging/messaging.c branches/4.0-python/source/lib/registry/config.mk branches/4.0-python/source/lib/registry/regf.c branches/4.0-python/source/lib/registry/tests/diff.c branches/4.0-python/source/lib/registry/tests/generic.c branches/4.0-python/source/lib/registry/tests/hive.c branches/4.0-python/source/lib/registry/tests/registry.c branches/4.0-python/source/lib/replace/getaddrinfo.c branches/4.0-python/source/lib/replace/getaddrinfo.m4 branches/4.0-python/source/lib/replace/getpass.c branches/4.0-python/source/lib/replace/replace.h branches/4.0-python/source/lib/replace/system/network.h branches/4.0-python/source/lib/replace/system/wait.h branches/4.0-python/source/lib/tdb/common/io.c branches/4.0-python/source/lib/tdb/common/lock.c branches/4.0-python/source/lib/tdb/common/tdb_private.h branches/4.0-python/source/lib/tdb/include/tdb.h branches/4.0-python/source/lib/tdb/tools/tdbbackup.c branches/4.0-python/source/lib/tdb/tools/tdbdump.c branches/4.0-python/source/lib/tdb/tools/tdbtool.c branches/4.0-python/source/lib/tdb/tools/tdbtorture.c branches/4.0-python/source/libcli/cldap/cldap.c branches/4.0-python/source/libcli/dgram/browse.c branches/4.0-python/source/libcli/dgram/dgramsocket.c branches/4.0-python/source/libcli/dgram/netlogon.c branches/4.0-python/source/libcli/dgram/ntlogon.c branches/4.0-python/source/libcli/ldap/ldap_ndr.c branches/4.0-python/source/libcli/nbt/nbtname.c branches/4.0-python/source/libcli/nbt/nbtsocket.c branches/4.0-python/source/libcli/raw/rawacl.c branches/4.0-python/source/libcli/raw/rawfile.c branches/4.0-python/source/libcli/raw/rawfileinfo.c branches/4.0-python/source/libcli/raw/rawfsinfo.c branches/4.0-python/source/libcli/raw/rawsetfileinfo.c branches/4.0-python/source/libcli/util/doserr.c
svn commit: samba r25938 - in branches/SAMBA_4_0/source/cldap_server: .
Author: abartlet Date: 2007-11-13 22:26:24 + (Tue, 13 Nov 2007) New Revision: 25938 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25938 Log: We don't need the CLDAP server unless we are a DC. Andrew Bartlett Modified: branches/SAMBA_4_0/source/cldap_server/cldap_server.c Changeset: Modified: branches/SAMBA_4_0/source/cldap_server/cldap_server.c === --- branches/SAMBA_4_0/source/cldap_server/cldap_server.c 2007-11-13 21:27:37 UTC (rev 25937) +++ branches/SAMBA_4_0/source/cldap_server/cldap_server.c 2007-11-13 22:26:24 UTC (rev 25938) @@ -159,6 +159,18 @@ return; } + switch (lp_server_role(global_loadparm)) { + case ROLE_STANDALONE: + task_server_terminate(task, cldap_server: no CLDAP server required in standalone configuration); + return; + case ROLE_DOMAIN_MEMBER: + task_server_terminate(task, cldap_server: no CLDAP server required in member server configuration); + return; + case ROLE_DOMAIN_CONTROLLER: + /* Yes, we want an CLDAP server */ + break; + } + task_server_set_title(task, task[cldapd]); cldapd = talloc(task, struct cldapd_server);
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-312-gf4f700c
The branch, v3-2-test has been updated via f4f700cf0c1657c36e801fab20fe7b1a4efcb714 (commit) from f1680bada913af4eaf5c0d686983018d6c8b3e5f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit f4f700cf0c1657c36e801fab20fe7b1a4efcb714 Author: Michael Adam [EMAIL PROTECTED] Date: Tue Nov 13 23:26:38 2007 +0100 Fix potential orphaned open files. Calling can_access_file could lead to orphaned open files when SMB_VFS_GET_NT_ACL returned ENOSYS (not implemented). Michael --- Summary of changes: source/smbd/file_access.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source/smbd/file_access.c b/source/smbd/file_access.c index 4647266..a58bcdd 100644 --- a/source/smbd/file_access.c +++ b/source/smbd/file_access.c @@ -76,12 +76,14 @@ static NTSTATUS conn_get_nt_acl(TALLOC_CTX *mem_ctx, secdesc); if (!NT_STATUS_IS_OK(status)) { DEBUG(5, (Unable to get NT ACL for file %s\n, fname)); - return status; + goto done; } *psd = talloc_move(mem_ctx, secdesc); + +done: close_file(fsp, NORMAL_CLOSE); - return NT_STATUS_OK; + return status; } static bool can_access_file_acl(struct connection_struct *conn, -- Samba Shared Repository
svn commit: samba r25939 - in branches/SAMBA_4_0/source/cldap_server: .
Author: abartlet Date: 2007-11-13 22:30:33 + (Tue, 13 Nov 2007) New Revision: 25939 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25939 Log: Rework the CLDAP server not to use gendb_search but to call ldb_search directly. Handle the errors from ldb_search (now that we get more than just -1), including NO_SUCH_ENTRY when the base DN doesn't exist. Andrew Bartlett Modified: branches/SAMBA_4_0/source/cldap_server/netlogon.c Changeset: Modified: branches/SAMBA_4_0/source/cldap_server/netlogon.c === --- branches/SAMBA_4_0/source/cldap_server/netlogon.c 2007-11-13 22:26:24 UTC (rev 25938) +++ branches/SAMBA_4_0/source/cldap_server/netlogon.c 2007-11-13 22:30:33 UTC (rev 25939) @@ -49,8 +49,8 @@ { const char *ref_attrs[] = {nETBIOSName, dnsRoot, ncName, NULL}; const char *dom_attrs[] = {objectGUID, NULL}; - struct ldb_message **ref_res, **dom_res; - int ret, count = 0; + struct ldb_result *ref_res = NULL, *dom_res = NULL; + int ret; const char **services = lp_server_services(global_loadparm); uint32_t server_type; const char *pdc_name; @@ -72,52 +72,89 @@ } if (domain) { - struct ldb_result *dom_ldb_result; struct ldb_dn *dom_dn; /* try and find the domain */ - count = gendb_search(cldapd-samctx, mem_ctx, partitions_basedn, ref_res, ref_attrs, - (((objectClass=crossRef)(dnsRoot=%s))(nETBIOSName=*)), - domain); - if (count == 1) { - dom_dn = samdb_result_dn(cldapd-samctx, mem_ctx, ref_res[0], ncName, NULL); + + ret = ldb_search_exp_fmt(cldapd-samctx, mem_ctx, ref_res, +partitions_basedn, LDB_SCOPE_ONELEVEL, +ref_attrs, + (((objectClass=crossRef)(dnsRoot=%s))(nETBIOSName=*)), +domain); + + if (ret != LDB_SUCCESS) { + DEBUG(2,(Unable to find referece to '%s' in sam: %s\n, +domain, +ldb_errstring(cldapd-samctx))); + return NT_STATUS_NO_SUCH_DOMAIN; + } else if (ref_res-count == 1) { + talloc_steal(mem_ctx, dom_res); + dom_dn = ldb_msg_find_attr_as_dn(cldapd-samctx, mem_ctx, ref_res-msgs[0], ncName); if (!dom_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } ret = ldb_search(cldapd-samctx, dom_dn, LDB_SCOPE_BASE, objectClass=domain, -dom_attrs, dom_ldb_result); +dom_attrs, dom_res); if (ret != LDB_SUCCESS) { DEBUG(2,(Error finding domain '%s'/'%s' in sam: %s\n, domain, ldb_dn_get_linearized(dom_dn), ldb_errstring(cldapd-samctx))); return NT_STATUS_NO_SUCH_DOMAIN; } - talloc_steal(mem_ctx, dom_ldb_result); - if (dom_ldb_result-count != 1) { + talloc_steal(mem_ctx, dom_res); + if (dom_res-count != 1) { DEBUG(2,(Error finding domain '%s'/'%s' in sam\n, domain, ldb_dn_get_linearized(dom_dn))); return NT_STATUS_NO_SUCH_DOMAIN; } - dom_res = dom_ldb_result-msgs; + } else if (ref_res-count 1) { + talloc_free(ref_res); + return NT_STATUS_NO_SUCH_DOMAIN; } } - if (count == 0 domain_guid) { - /* OK, so no dice with the name, try and find the domain with the GUID */ - count = gendb_search(cldapd-samctx, mem_ctx, NULL, dom_res, dom_attrs, - ((objectClass=domainDNS)(objectGUID=%s)), - domain_guid); - if (count == 1) { + if ((dom_res == NULL || dom_res-count == 0) domain_guid) { + ref_res = NULL; + + ret = ldb_search_exp_fmt(cldapd-samctx, mem_ctx, dom_res, +NULL, LDB_SCOPE_SUBTREE, +dom_attrs, +((objectClass=domainDNS)(objectGUID=%s)), +domain_guid); + + if (ret != LDB_SUCCESS) { + DEBUG(2,(Unable to find referece to GUID '%s' in sam: %s\n, +
svn commit: samba r25940 - in branches/SAMBA_4_0/source: dsdb/samdb dsdb/samdb/ldb_modules rpc_server/drsuapi scripting/libjs setup
Author: abartlet Date: 2007-11-13 22:38:55 + (Tue, 13 Nov 2007) New Revision: 25940 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25940 Log: Rework the samldb and templates handling. Templates just don't belong in the sam.ldb, as they don't obey any of the other rules. This moves them to a seperate templates.ldb. In samldb, this patch reworks the duplicate SID and Name detection code, to use ldb_search_exp_fmt() rather than gendb_search. This returns far more useful errors, which we now handle and report better. The call to samdb_search_for_parent_domain() has been moved in samldb, to allow both the account and SID uniqueness checks to be in the same domain. This function also returns better errors. dcesrv_drsuapi.c is updated for the new prototype of samdb_search_for_parent_domain() Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c branches/SAMBA_4_0/source/dsdb/samdb/samdb.c branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c branches/SAMBA_4_0/source/scripting/libjs/provision.js branches/SAMBA_4_0/source/setup/provision_templates.ldif Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2007-11-13 22:30:33 UTC (rev 25939) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2007-11-13 22:38:55 UTC (rev 25940) @@ -190,24 +190,16 @@ */ static int samldb_get_new_sid(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *obj_dn, + struct ldb_dn *dom_dn, struct dom_sid **sid) { const char * const attrs[2] = { objectSid, NULL }; struct ldb_result *res = NULL; - struct ldb_dn *dom_dn; int ret; struct dom_sid *dom_sid; /* get the domain component part of the provided dn */ - dom_dn = samdb_search_for_parent_domain(module-ldb, mem_ctx, obj_dn); - if (dom_dn == NULL) { - ldb_asprintf_errstring(module-ldb, - Invalid dn (%s) not child of a domain object!\n, - ldb_dn_get_linearized(obj_dn)); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - /* find the domain sid */ ret = ldb_search(module-ldb, dom_dn, LDB_SCOPE_BASE, objectSid=*, attrs, res); @@ -338,13 +330,14 @@ } static int samldb_handle_sid(struct ldb_module *module, -TALLOC_CTX *mem_ctx, struct ldb_message *msg2) +TALLOC_CTX *mem_ctx, struct ldb_message *msg2, +struct ldb_dn *parent_dn) { int ret; struct dom_sid *sid = samdb_result_dom_sid(mem_ctx, msg2, objectSid); if (sid == NULL) { - ret = samldb_get_new_sid(module, msg2, msg2-dn, sid); + ret = samldb_get_new_sid(module, msg2, msg2-dn, parent_dn, sid); if (ret != 0) { return ret; } @@ -361,31 +354,35 @@ return ret; } -static char *samldb_generate_samAccountName(struct ldb_module *module, TALLOC_CTX *mem_ctx) +static int samldb_generate_samAccountName(struct ldb_module *module, TALLOC_CTX *mem_ctx, + struct ldb_dn *dom_dn, char **name) { - char *name; const char *attrs[] = { NULL }; - struct ldb_message **msgs; + struct ldb_result *res; int ret; /* Format: $00- */ do { - name = talloc_asprintf(mem_ctx, $%.6X-%.6X%.6X, (unsigned int)random(), (unsigned int)random(), (unsigned int)random()); + *name = talloc_asprintf(mem_ctx, $%.6X-%.6X%.6X, (unsigned int)random(), (unsigned int)random(), (unsigned int)random()); /* TODO: Figure out exactly what this is meant to conflict with */ - ret = gendb_search(module-ldb, - mem_ctx, NULL, msgs, attrs, - samAccountName=%s, - ldb_binary_encode_string(mem_ctx, name)); - if (ret == 0) { + ret = ldb_search_exp_fmt(module-ldb, +mem_ctx, res, dom_dn, LDB_SCOPE_SUBTREE, attrs, +samAccountName=%s, +ldb_binary_encode_string(mem_ctx, *name)); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(module-ldb, samldb: Failure searching to determine if samAccountName %s is unique: %s, + *name, ldb_errstring(module-ldb)); + return ret; + } + +
svn commit: samba r25941 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2007-11-13 22:40:42 + (Tue, 13 Nov 2007) New Revision: 25941 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25941 Log: Use samdb_relative_path() (new function in samdb.c) in the partitions module. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c 2007-11-13 22:38:55 UTC (rev 25940) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/partition.c 2007-11-13 22:40:42 UTC (rev 25941) @@ -707,33 +707,6 @@ return ldb_dn_compare(partition1-dn, partition2-dn); } -static const char *relative_path(struct ldb_module *module, -TALLOC_CTX *mem_ctx, -const char *name) -{ - const char *base_url = - (const char *)ldb_get_opaque(module-ldb, ldb_url); - char *path, *p, *full_name; - if (name == NULL) { - return NULL; - } - if (name[0] == 0 || name[0] == '/' || strstr(name, :/)) { - return talloc_strdup(mem_ctx, name); - } - path = talloc_strdup(mem_ctx, base_url); - if (path == NULL) { - return NULL; - } - if ( (p = strrchr(path, '/')) != NULL) { - p[0] = '\0'; - full_name = talloc_asprintf(mem_ctx, %s/%s, path, name); - } else { - full_name = talloc_asprintf(mem_ctx, ./%s, name); - } - talloc_free(path); - return full_name; -} - static int partition_init(struct ldb_module *module) { int ret, i; @@ -822,9 +795,9 @@ return LDB_ERR_CONSTRAINT_VIOLATION; } - data-partitions[i]-backend = relative_path(module, - data-partitions[i], -p); + data-partitions[i]-backend = samdb_relative_path(module-ldb, + data-partitions[i], + p); if (!data-partitions[i]-backend) { ldb_asprintf_errstring(module-ldb, partition_init: unable to determine an relative path for partition: %s, base);
svn commit: samba r25942 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .
Author: abartlet Date: 2007-11-13 22:54:52 + (Tue, 13 Nov 2007) New Revision: 25942 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25942 Log: Make various ldb modules handle an LDB backend that enforces validity of Base DNs in searches (returning an error of LDB_ERR_NO_SUCH_ENTRY). We need to handle this if ldb_tdb is to behave correctly compared with LDAP, as well as if we are using an LDAP backend. In doing so, I realised that subtree_rename and subtree_delete (prevention) need rather different wait loops, so it seemed easier to split it out into it's own module. I've fixed the licence on both of these modules to be GPLv3. Andrew Bartlett Added: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/subtree_delete.c Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/config.mk branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/linked_attributes.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectclass.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/pdc_fsmo.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/schema_fsmo.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/subtree_rename.c Changeset: Sorry, the patch is too large (719 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25942
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-313-g6959c5c
The branch, v3-2-test has been updated via 6959c5c7e3e95604c66788b86d5789757e18cc36 (commit) from f4f700cf0c1657c36e801fab20fe7b1a4efcb714 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 6959c5c7e3e95604c66788b86d5789757e18cc36 Author: Jeremy Allison [EMAIL PROTECTED] Date: Tue Nov 13 15:00:48 2007 -0800 Remove all pstring from groupdb/ Jeremy. --- Summary of changes: source/groupdb/mapping.c | 129 +++--- source/groupdb/mapping_ldb.c | 17 +++-- source/groupdb/mapping_tdb.c | 129 +++--- 3 files changed, 189 insertions(+), 86 deletions(-) Changeset truncated at 500 lines: diff --git a/source/groupdb/mapping.c b/source/groupdb/mapping.c index 6f54e3d..78643da 100644 --- a/source/groupdb/mapping.c +++ b/source/groupdb/mapping.c @@ -171,17 +171,28 @@ bool get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) int smb_create_group(const char *unix_group, gid_t *new_gid) { - pstring add_script; + char *add_script = NULL; int ret = -1; int fd = 0; - + *new_gid = 0; /* defer to scripts */ - + if ( *lp_addgroup_script() ) { - pstrcpy(add_script, lp_addgroup_script()); - pstring_sub(add_script, %g, unix_group); + TALLOC_CTX *ctx = talloc_tos(); + + add_script = talloc_strdup(ctx, + lp_addgroup_script()); + if (!add_script) { + return -1; + } + add_script = talloc_string_sub(ctx, + add_script, %g, unix_group); + if (!add_script) { + return -1; + } + ret = smbrun(add_script, fd); DEBUG(ret ? 0 : 3,(smb_create_group: Running the command `%s' gave %d\n,add_script,ret)); if (ret == 0) { @@ -197,7 +208,7 @@ int smb_create_group(const char *unix_group, gid_t *new_gid) if (read(fd, output, sizeof(output)) 0) { *new_gid = (gid_t)strtoul(output, NULL, 10); } - + close(fd); } @@ -209,8 +220,8 @@ int smb_create_group(const char *unix_group, gid_t *new_gid) if (grp != NULL) *new_gid = grp-gr_gid; } - - return ret; + + return ret; } / @@ -219,14 +230,24 @@ int smb_create_group(const char *unix_group, gid_t *new_gid) int smb_delete_group(const char *unix_group) { - pstring del_script; - int ret; + char *del_script = NULL; + int ret = -1; /* defer to scripts */ - + if ( *lp_delgroup_script() ) { - pstrcpy(del_script, lp_delgroup_script()); - pstring_sub(del_script, %g, unix_group); + TALLOC_CTX *ctx = talloc_tos(); + + del_script = talloc_strdup(ctx, + lp_delgroup_script()); + if (!del_script) { + return -1; + } + del_script = talloc_string_sub(ctx, + del_script, %g, unix_group); + if (!del_script) { + return -1; + } ret = smbrun(del_script,NULL); DEBUG(ret ? 0 : 3,(smb_delete_group: Running the command `%s' gave %d\n,del_script,ret)); if (ret == 0) { @@ -234,24 +255,36 @@ int smb_delete_group(const char *unix_group) } return ret; } - + return -1; } / Set a user's primary UNIX group. / + int smb_set_primary_group(const char *unix_group, const char* unix_user) { - pstring add_script; - int ret; + char *add_script = NULL; + int ret = -1; /* defer to scripts */ - + if ( *lp_setprimarygroup_script() ) { - pstrcpy(add_script, lp_setprimarygroup_script()); - all_string_sub(add_script, %g, unix_group, sizeof(add_script)); - all_string_sub(add_script, %u, unix_user, sizeof(add_script)); + TALLOC_CTX *ctx = talloc_tos(); + + add_script = talloc_strdup(ctx, + lp_setprimarygroup_script()); + if (!add_script) { + return -1; + } +
Build status as of Wed Nov 14 00:00:03 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-11-13 00:01:00.0 + +++ /home/build/master/cache/broken_results.txt 2007-11-14 00:01:19.0 + @@ -1,4 +1,4 @@ -Build status as of Tue Nov 13 00:00:02 2007 +Build status as of Wed Nov 14 00:00:03 2007 Build counts: Tree Total Broken Panic @@ -16,7 +16,7 @@ rsync29 15 0 samba-docs 0 0 0 samba-gtk2 2 0 -samba4 26 25 0 +samba4 26 23 0 samba_3_20 0 0 samba_3_2_test 28 18 0 smb-build28 28 0
svn commit: samba r25943 - in branches/SAMBA_4_0: . source/lib/replace
Author: jelmer Date: 2007-11-14 00:22:31 + (Wed, 14 Nov 2007) New Revision: 25943 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25943 Log: Fix soname on hpux. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 === --- branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 2007-11-13 22:54:52 UTC (rev 25942) +++ branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 2007-11-14 00:22:31 UTC (rev 25943) @@ -157,7 +157,7 @@ SONAMEFLAG=-Wl,-soname, ;; *hpux*) - SONAMEFLAG=-Wl,+h + SONAMEFLAG=-Wl,+h, ;; *osf*) SONAMEFLAG=-Wl,-soname,
svn commit: samba r25944 - in branches/SAMBA_4_0: . source/build/smb_build source/lib/ldb source/lib/replace source/lib/talloc source/lib/tdb
Author: jelmer Date: 2007-11-14 01:01:31 + (Wed, 14 Nov 2007) New Revision: 25944 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25944 Log: Fix handling of sonameflag on AIX, which doesn't have anything like that. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/build/smb_build/makefile.pm branches/SAMBA_4_0/source/lib/ldb/Makefile.in branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 branches/SAMBA_4_0/source/lib/talloc/Makefile.in branches/SAMBA_4_0/source/lib/tdb/Makefile.in Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/build/smb_build/makefile.pm === --- branches/SAMBA_4_0/source/build/smb_build/makefile.pm 2007-11-14 00:22:31 UTC (rev 25943) +++ branches/SAMBA_4_0/source/build/smb_build/makefile.pm 2007-11-14 01:01:31 UTC (rev 25944) @@ -364,7 +364,7 @@ my $soarg = ; my $lns = ; - if ($self-{config}-{SONAMEFLAG} ne and defined($ctx-{LIBRARY_SONAME})) { + if ($self-{config}-{SONAMEFLAG} ne # and defined($ctx-{LIBRARY_SONAME})) { $soarg = $self-{config}-{SONAMEFLAG}$ctx-{LIBRARY_SONAME} ; if ($ctx-{LIBRARY_REALNAME} ne $ctx-{LIBRARY_SONAME}) { $lns .= [EMAIL PROTECTED] -f $ctx-{SHAREDDIR}/$ctx-{LIBRARY_SONAME}; @@ -372,7 +372,7 @@ } } - if ($self-{config}-{SONAMEFLAG} ne and + if ($self-{config}-{SONAMEFLAG} ne # and defined($ctx-{LIBRARY_SONAME}) and $ctx-{LIBRARY_REALNAME} ne $ctx-{LIBRARY_SONAME}) { $lns .= [EMAIL PROTECTED] -f $ctx-{SHAREDDIR}/$ctx-{LIBRARY_SONAME}; Modified: branches/SAMBA_4_0/source/lib/ldb/Makefile.in === --- branches/SAMBA_4_0/source/lib/ldb/Makefile.in 2007-11-14 00:22:31 UTC (rev 25943) +++ branches/SAMBA_4_0/source/lib/ldb/Makefile.in 2007-11-14 01:01:31 UTC (rev 25944) @@ -97,7 +97,7 @@ STATICLIB = lib/libldb.a $(SOLIB): $(OBJS) - $(CC) $(SHLD_FLAGS) $(SONAMEFLAG)$(SONAME) -o $@ $^ $(LDFLAGS) $(LIBS) $(TALLOC_LIBS) $(TDB_LIBS) + $(CC) $(SHLD_FLAGS) -o $@ $^ $(LDFLAGS) $(LIBS) $(TALLOC_LIBS) $(TDB_LIBS) $(SONAMEFLAG)$(SONAME) all: showflags dirs $(OBJS) $(STATICLIB) $(SOLIB) $(BINS) $(EXAMPLES) manpages Modified: branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 === --- branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 2007-11-14 00:22:31 UTC (rev 25943) +++ branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 2007-11-14 01:01:31 UTC (rev 25944) @@ -168,5 +168,9 @@ *darwin*) SONAMEFLAG=-install_name ;; + *aix*) + # Not supported + SONAMEFLAG=# + ;; esac ]) Modified: branches/SAMBA_4_0/source/lib/talloc/Makefile.in === --- branches/SAMBA_4_0/source/lib/talloc/Makefile.in2007-11-14 00:22:31 UTC (rev 25943) +++ branches/SAMBA_4_0/source/lib/talloc/Makefile.in2007-11-14 01:01:31 UTC (rev 25944) @@ -45,7 +45,7 @@ @-ranlib $@ $(SOLIB): $(LIBOBJ) - $(CC) $(SHLD_FLAGS) $(SONAMEFLAG)$(SONAME) -o $@ $^ + $(CC) $(SHLD_FLAGS) -o $@ $^ $(SONAMEFLAG)$(SONAME) install: all ${INSTALLCMD} -d $(DESTDIR)$(libdir) Modified: branches/SAMBA_4_0/source/lib/tdb/Makefile.in === --- branches/SAMBA_4_0/source/lib/tdb/Makefile.in 2007-11-14 00:22:31 UTC (rev 25943) +++ branches/SAMBA_4_0/source/lib/tdb/Makefile.in 2007-11-14 01:01:31 UTC (rev 25944) @@ -74,7 +74,7 @@ ln -s $ $@ $(SOLIB): $(TDB_OBJ) - $(CC) $(SHLD_FLAGS) $(SONAMEFLAG)$(SONAME) -o $@ $^ + $(CC) $(SHLD_FLAGS) -o $@ $^ $(SONAMEFLAG)$(SONAME) TDB_LIB = libtdb.a
svn commit: samba r25945 - in branches/SAMBA_4_0: . source/lib/replace
Author: jelmer Date: 2007-11-14 01:07:39 + (Wed, 14 Nov 2007) New Revision: 25945 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25945 Log: Fix flags for MacOS X. Modified: branches/SAMBA_4_0/ branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 Changeset: Property changes on: branches/SAMBA_4_0 ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 === --- branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 2007-11-14 01:01:31 UTC (rev 25944) +++ branches/SAMBA_4_0/source/lib/replace/libreplace_ld.m4 2007-11-14 01:07:39 UTC (rev 25945) @@ -67,6 +67,7 @@ PICFLAG=-KPIC ;; *darwin*) + PICFLAG=-fno-common ;; esac AC_SUBST(PICFLAG) @@ -166,7 +167,7 @@ SONAMEFLAG=-Wl,-soname, ;; *darwin*) - SONAMEFLAG=-install_name + SONAMEFLAG=-compatibility_version ;; *aix*) # Not supported
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-314-gd6e2519
The branch, v3-2-test has been updated via d6e2519c67fd015e1089021769de04085fd90894 (commit) from 6959c5c7e3e95604c66788b86d5789757e18cc36 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit d6e2519c67fd015e1089021769de04085fd90894 Author: Jeremy Allison [EMAIL PROTECTED] Date: Tue Nov 13 18:42:42 2007 -0800 Remove pstring from param/ This was a little tricky. I'll watch the build farm. Jeremy. --- Summary of changes: source/param/loadparm.c | 246 ++ source/utils/net_usershare.c |8 +- 2 files changed, 156 insertions(+), 98 deletions(-) Changeset truncated at 500 lines: diff --git a/source/param/loadparm.c b/source/param/loadparm.c index 94f1c0e..bc5fe5e 100644 --- a/source/param/loadparm.c +++ b/source/param/loadparm.c @@ -1420,7 +1420,7 @@ static void init_printer_values(service *pService) static void init_globals(bool first_time_only) { static bool done_init = False; - pstring s; + char *s = NULL; /* If requested to initialize only once and we've already done it... */ if (first_time_only done_init) { @@ -1483,23 +1483,29 @@ static void init_globals(bool first_time_only) * Allow the default PASSWD_CHAT to be overridden in local.h. */ string_set(Globals.szPasswdChat, DEFAULT_PASSWD_CHAT); - + set_global_myname(myhostname()); string_set(Globals.szNetbiosName,global_myname()); set_global_myworkgroup(WORKGROUP); string_set(Globals.szWorkgroup, lp_workgroup()); - + string_set(Globals.szPasswdProgram, ); string_set(Globals.szPidDir, dyn_PIDDIR); string_set(Globals.szLockDir, dyn_LOCKDIR); string_set(Globals.szSocketAddress, 0.0.0.0); - pstrcpy(s, Samba ); - pstrcat(s, SAMBA_VERSION_STRING); + + if (asprintf(s, Samba %s, SAMBA_VERSION_STRING) 0) { + smb_panic(init_globals: ENOMEM); + } string_set(Globals.szServerString, s); - slprintf(s, sizeof(s) - 1, %d.%d, DEFAULT_MAJOR_VERSION, -DEFAULT_MINOR_VERSION); + SAFE_FREE(s); + if (asprintf(s, %d.%d, DEFAULT_MAJOR_VERSION, + DEFAULT_MINOR_VERSION) 0) { + smb_panic(init_globals: ENOMEM); + } string_set(Globals.szAnnounceVersion, s); + SAFE_FREE(s); #ifdef DEVELOPER string_set(Globals.szPanicAction, /bin/sleep 9); #endif @@ -1693,11 +1699,13 @@ static void init_globals(bool first_time_only) Globals.bEnablePrivileges = True; Globals.bHostMSDfs= True; Globals.bASUSupport = False; - + /* User defined shares. */ - pstrcpy(s, dyn_STATEDIR()); - pstrcat(s, /usershares); + if (asprintf(s, %s/usershares, dyn_STATEDIR()) 0) { + smb_panic(init_globals: ENOMEM); + } string_set(Globals.szUsersharePath, s); + SAFE_FREE(s); string_set(Globals.szUsershareTemplateShare, ); Globals.iUsershareMaxShares = 0; /* By default disallow sharing of directories not owned by the sharer. */ @@ -2649,15 +2657,14 @@ static bool hash_a_service(const char *name, int idx) } /*** - Add a new home service, with the specified home directory, defaults coming + Add a new home service, with the specified home directory, defaults coming from service ifrom. ***/ -bool lp_add_home(const char *pszHomename, int iDefaultService, +bool lp_add_home(const char *pszHomename, int iDefaultService, const char *user, const char *pszHomedir) { int i; - pstring newHomedir; i = add_a_service(ServicePtrs[iDefaultService], pszHomename); @@ -2666,15 +2673,16 @@ bool lp_add_home(const char *pszHomename, int iDefaultService, if (!(*(ServicePtrs[iDefaultService]-szPath)) || strequal(ServicePtrs[iDefaultService]-szPath, lp_pathname(GLOBAL_SECTION_SNUM))) { - pstrcpy(newHomedir, pszHomedir); - string_set(ServicePtrs[i]-szPath, newHomedir); - } + string_set(ServicePtrs[i]-szPath, pszHomedir); + } if (!(*(ServicePtrs[i]-comment))) { - pstring comment; - slprintf(comment, sizeof(comment) - 1, -Home directory of %s, user); + char *comment = NULL; + if (asprintf(comment, Home directory of %s, user) 0) { + return false; + } string_set(ServicePtrs[i]-comment, comment); + SAFE_FREE(comment); } /* set the
svn commit: samba r25946 - in branches/4.0-python: . source/lib/ldb/swig source/lib/ldb/tests/python
Author: jelmer Date: 2007-11-14 02:46:10 + (Wed, 14 Nov 2007) New Revision: 25946 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25946 Log: Add ability to use dictionary as argument to Ldb.add. Modified: branches/4.0-python/ branches/4.0-python/source/lib/ldb/swig/ldb.i branches/4.0-python/source/lib/ldb/tests/python/api.py Changeset: Property changes on: branches/4.0-python ___ Name: bzr:revision-info ...skipped... Name: bzr:file-ids ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/4.0-python/source/lib/ldb/swig/ldb.i === --- branches/4.0-python/source/lib/ldb/swig/ldb.i 2007-11-14 01:07:39 UTC (rev 25945) +++ branches/4.0-python/source/lib/ldb/swig/ldb.i 2007-11-14 02:46:10 UTC (rev 25946) @@ -106,6 +106,38 @@ $result = PyString_FromStringAndSize((const char *)$1.data, $1.length); } +%typemap(in) ldb_msg *add_msg (int dict_pos, int msg_pos, PyObject *key, PyObject *value, + ldb_msg_element *msgel) { +if (PyDict_Check($input)) { +$1 = ldb_msg_new(NULL); +$1-num_elements = PyDict_Size($input) - 1; /* dn isn't in there */ +$1-elements = talloc_zero_array($1, struct ldb_message_element, $1-num_elements); +msg_pos = dict_pos = 0; +while (PyDict_Next($input, dict_pos, key, value)) { +if (!strcmp(PyString_AsString(key), dn)) { +if (ldb_dn_from_pyobject(value, $1-dn) != 0) +SWIG_exception(SWIG_TypeError, unable to convert dn); +} else { +msgel = ldb_msg_element_from_pyobject(value, 0, PyString_AsString(key)); +memcpy($1-elements[msg_pos], msgel, sizeof(*msgel)); +msg_pos++; +} +dict_pos++; +} + +if ($1-dn == NULL) +SWIG_exception(SWIG_TypeError, no dn set); +} else { +if (SWIG_ConvertPtr($input, $1, SWIGTYPE_p_ldb_message, 0) != 0) +return NULL; +} +} + +%typemap(freearg) ldb_msg *add_msg { +//talloc_free($1); +} + + /* * Wrap struct ldb_result */ @@ -202,6 +234,11 @@ #ifdef SWIGPYTHON %inline { +int ldb_dn_from_pyobject(PyObject *object, ldb_dn **dn) +{ +return SWIG_ConvertPtr(object, dn, SWIGTYPE_p_ldb_dn, 0); +} + ldb_msg_element *ldb_msg_element_from_pyobject(PyObject *set_obj, int flags, const char *attr_name) { @@ -291,6 +328,7 @@ %rename(__getitem__) ldb_message::find_element; //%typemap(out) ldb_msg_element *; + %inline { PyObject *ldb_msg_list_elements(ldb_msg *msg) { @@ -414,7 +452,7 @@ struct ldb_result **OUT); ldb_error delete(ldb_dn *dn); ldb_error rename(ldb_dn *olddn, ldb_dn *newdn); -ldb_error add(ldb_msg *message); +ldb_error add(ldb_msg *add_msg); ldb_error modify(ldb_msg *message); ldb_dn *get_config_basedn(); ldb_dn *get_root_basedn(); @@ -449,6 +487,7 @@ } return PyObject_GetIter(list); } + #endif } } ldb; Modified: branches/4.0-python/source/lib/ldb/tests/python/api.py === --- branches/4.0-python/source/lib/ldb/tests/python/api.py 2007-11-14 01:07:39 UTC (rev 25945) +++ branches/4.0-python/source/lib/ldb/tests/python/api.py 2007-11-14 02:46:10 UTC (rev 25946) @@ -90,6 +90,17 @@ finally: l.delete(ldb.Dn(l, dc=foo)) +def test_add_dict(self): +l = ldb.Ldb(foo.tdb) +m = {dn: ldb.Dn(l, dc=foo), + bla: bla} +self.assertEquals(len(l.search()), 1) +l.add(m) +try: +self.assertEquals(len(l.search()), 2) +finally: +l.delete(ldb.Dn(l, dc=foo)) + def test_rename(self): l = ldb.Ldb(foo.tdb) m = ldb.Message()
svn commit: samba r25947 - in branches/4.0-python: . source/scripting/python/samba
Author: jelmer Date: 2007-11-14 03:10:03 + (Wed, 14 Nov 2007) New Revision: 25947 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25947 Log: Fix provisioning, update ignore file. Modified: branches/4.0-python/ branches/4.0-python/.bzrignore branches/4.0-python/source/scripting/python/samba/provision.py Changeset: Property changes on: branches/4.0-python ___ Name: bzr:revision-info ...skipped... Name: bzr:revision-id:v3-trunk0 ...skipped... Modified: branches/4.0-python/.bzrignore === --- branches/4.0-python/.bzrignore 2007-11-14 02:46:10 UTC (rev 25946) +++ branches/4.0-python/.bzrignore 2007-11-14 03:10:03 UTC (rev 25947) @@ -219,3 +219,4 @@ *.po libtdb.so.* libtalloc.so.* +source/lib/registry/tests/proto.h Modified: branches/4.0-python/source/scripting/python/samba/provision.py === --- branches/4.0-python/source/scripting/python/samba/provision.py 2007-11-14 02:46:10 UTC (rev 25946) +++ branches/4.0-python/source/scripting/python/samba/provision.py 2007-11-14 03:10:03 UTC (rev 25947) @@ -47,6 +47,7 @@ self.configdn_ldb = None self.schemedn = None self.schemedn_ldb = None +self.s4_ldapi_path = None def subst_vars(self): return {SCHEMADN: self.schemadn, @@ -123,6 +124,7 @@ self.ldap_basedn_ldif = None self.ldap_config_basedn_ldif = None self.ldap_schema_basedn_ldif = None +self.s4_ldapi_path = None # # return True if the current install seems to be OK @@ -358,7 +360,7 @@ paths.ldap_basedn_ldif = os.path.join(private_dir, subobj.dnsdomain + .ldif) paths.ldap_config_basedn_ldif = os.path.join(private_dir, subobj.dnsdomain + -config.ldif) paths.ldap_schema_basedn_ldif = os.path.join(private_dir, subobj.dnsdomain + -schema.ldif) -paths.s4_ldapi_socket = os.path.join(private_dir, ldapi) +paths.s4_ldapi_path = os.path.join(private_dir, ldapi) paths.phpldapadminconfig = os.path.join(private_dir, phpldapadmin-config.php) return paths @@ -597,9 +599,9 @@ samdb.transaction_commit() - message(Setting up phpLDAPadmin configuration) - setup_file(setup_dir, phpldapadmin-config.php, message, paths.phpldapadminconfig, subobj) - message(Please install the phpLDAPadmin configuration located at + paths.phpldapadminconfig + into /etc/phpldapadmin/config.php) +message(Setting up phpLDAPadmin configuration) +setup_file(setup_dir, phpldapadmin-config.php, message, paths.phpldapadminconfig, subobj) +message(Please install the phpLDAPadmin configuration located at + paths.phpldapadminconfig + into /etc/phpldapadmin/config.php) # Write out a DNS zone file, from the info in the current database
svn commit: samba r25948 - in branches/SAMBA_4_0: testdata/samba3 testprogs/ejs
Author: abartlet Date: 2007-11-14 03:51:02 + (Wed, 14 Nov 2007) New Revision: 25948 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25948 Log: Fix up the samba3sam test (which is very fragile) to work with the new restrictions imposed by the samldb module. This module is worth keeping, because when we go back to do more extensive backend mapping, the testing of this module shows it is still possible. Andrew Bartlett Modified: branches/SAMBA_4_0/testdata/samba3/provision_samba3sam.ldif branches/SAMBA_4_0/testprogs/ejs/samba3sam.js Changeset: Modified: branches/SAMBA_4_0/testdata/samba3/provision_samba3sam.ldif === --- branches/SAMBA_4_0/testdata/samba3/provision_samba3sam.ldif 2007-11-14 03:10:03 UTC (rev 25947) +++ branches/SAMBA_4_0/testdata/samba3/provision_samba3sam.ldif 2007-11-14 03:51:02 UTC (rev 25948) @@ -75,127 +75,4 @@ vendorName: Samba Team (http://samba.org) vendorVersion: ${VERSION} -dn: CN=Templates -objectClass: top -objectClass: container -cn: Templates -description: Container for SAM account templates -instanceType: 4 -showInAdvancedViewOnly: TRUE -systemFlags: 2348810240 -objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} -isCriticalSystemObject: TRUE -### -# note! the template users must not match normal searches. Be careful -# with what classes you put them in -### - -dn: CN=TemplateUser,CN=Templates -objectClass: top -objectClass: person -objectClass: organizationalPerson -objectClass: Template -objectClass: userTemplate -cn: TemplateUser -instanceType: 4 -userAccountControl: 514 -badPwdCount: 0 -codePage: 0 -countryCode: 0 -badPasswordTime: 0 -lastLogoff: 0 -lastLogon: 0 -pwdLastSet: 0 -primaryGroupID: 513 -accountExpires: -1 -logonCount: 0 -sAMAccountType: 805306368 -objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN} - -dn: CN=TemplateComputer,CN=Templates -objectClass: top -objectClass: person -objectClass: organizationalPerson -objectClass: Template -objectClass: userTemplate -cn: TemplateComputer -instanceType: 4 -userAccountControl: 4098 -badPwdCount: 0 -codePage: 0 -countryCode: 0 -badPasswordTime: 0 -lastLogoff: 0 -lastLogon: 0 -pwdLastSet: 0 -primaryGroupID: 513 -accountExpires: -1 -logonCount: 0 -sAMAccountType: 805306369 -objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN} - -dn: CN=TemplateTrustingDomain,CN=Templates -objectClass: top -objectClass: Template -objectClass: userTemplate -cn: TemplateTrustingDomain -instanceType: 4 -userAccountControl: 2080 -badPwdCount: 0 -codePage: 0 -countryCode: 0 -badPasswordTime: 0 -lastLogoff: 0 -lastLogon: 0 -primaryGroupID: 513 -accountExpires: -1 -logonCount: 0 -sAMAccountType: 805306370 - -dn: CN=TemplateGroup,CN=Templates -objectClass: top -objectClass: Template -objectClass: groupTemplate -cn: TemplateGroup -instanceType: 4 -groupType: -2147483646 -sAMAccountType: 268435456 -objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} - -# Currently this isn't used, we don't have a way to detect it different from an incoming alias -# -# dn: CN=TemplateAlias,CN=Templates -# objectClass: top -# objectClass: Template -# objectClass: aliasTemplate -# cn: TemplateAlias -# instanceType: 4 -# groupType: -2147483644 -# sAMAccountType: 268435456 - -dn: CN=TemplateForeignSecurityPrincipal,CN=Templates -objectClass: top -objectClass: Template -objectClass: foreignSecurityPrincipalTemplate -cn: TemplateForeignSecurityPrincipal -instanceType: 4 -showInAdvancedViewOnly: TRUE -objectCategory: CN=Foreign-Security-Principal,CN=Schema,CN=Configuration,${BASEDN} - -dn: CN=TemplateSecret,CN=Templates -objectClass: top -objectClass: leaf -objectClass: Template -objectClass: secretTemplate -cn: TemplateSecret -instanceType: 4 - -dn: CN=TemplateTrustedDomain,CN=Templates -objectClass: top -objectClass: leaf -objectClass: Template -objectClass: trustedDomainTemplate -cn: TemplateTrustedDomain -instanceType: 4 - Modified: branches/SAMBA_4_0/testprogs/ejs/samba3sam.js === --- branches/SAMBA_4_0/testprogs/ejs/samba3sam.js 2007-11-14 03:10:03 UTC (rev 25947) +++ branches/SAMBA_4_0/testprogs/ejs/samba3sam.js 2007-11-14 03:51:02 UTC (rev 25948) @@ -263,8 +263,21 @@ var dn; var attrs; - /* Add a set of split records */ + var ldif = +dn: + sambaDomainName=TESTS, + s3.BASEDN + +objectclass: sambaDomain +objectclass: top +sambaSID: S-1-5-21-4231626423-2410014848-2360679739 +sambaNextRid: 2000 +sambaDomainName: TESTS + ldif = substitute_var(ldif, s3); + assert(ldif != undefined); + var ok = s3.db.add(ldif); + assert(ok.error == 0); + + printf(Add a set of split records); + var ldif = dn: + s4.dn(cn=X) + objectClass: user cn: X @@ -297,6 +310,7 @@ lastLogon: z description: y ; + ldif = substitute_var(ldif, s4); assert(ldif != undefined);
svn commit: samba r25950 - in branches/SAMBA_4_0/source/scripting/libjs: .
Author: abartlet Date: 2007-11-14 03:55:05 + (Wed, 14 Nov 2007) New Revision: 25950 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25950 Log: Enable seperate module to prevent subtree deletes. Andrew Bartlett Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js Changeset: Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js === --- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-11-14 03:52:39 UTC (rev 25949) +++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-11-14 03:55:05 UTC (rev 25950) @@ -990,6 +990,7 @@ kludge_acl, operational, subtree_rename, + subtree_delete, linked_attributes, show_deleted, partition);
svn commit: samba r25949 - in branches/SAMBA_4_0/source/dsdb/samdb: . ldb_modules
Author: abartlet Date: 2007-11-14 03:52:39 + (Wed, 14 Nov 2007) New Revision: 25949 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=25949 Log: Make error messages clearer and more correct. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c branches/SAMBA_4_0/source/dsdb/samdb/samdb.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2007-11-14 03:51:02 UTC (rev 25948) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c 2007-11-14 03:52:39 UTC (rev 25949) @@ -475,7 +475,7 @@ /* build the new msg */ msg2 = ldb_msg_copy(mem_ctx, msg); if (!msg2) { - ldb_debug(module-ldb, LDB_DEBUG_FATAL, samldb_fill_group_object: ldb_msg_copy failed!\n); + ldb_debug(module-ldb, LDB_DEBUG_FATAL, samldb_fill_user_or_computer_object: ldb_msg_copy failed!\n); talloc_free(mem_ctx); return LDB_ERR_OPERATIONS_ERROR; } @@ -523,7 +523,7 @@ ret = samdb_search_for_parent_domain(module-ldb, mem_ctx, msg2-dn, dom_dn, errstr); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(module-ldb, - samldb_fill_group_object: %s, errstr); + samldb_fill_user_or_computer_object: %s, errstr); return ret; } Modified: branches/SAMBA_4_0/source/dsdb/samdb/samdb.c === --- branches/SAMBA_4_0/source/dsdb/samdb/samdb.c2007-11-14 03:51:02 UTC (rev 25948) +++ branches/SAMBA_4_0/source/dsdb/samdb/samdb.c2007-11-14 03:52:39 UTC (rev 25949) @@ -1521,15 +1521,16 @@ } if (ret != LDB_SUCCESS) { - *errstring = talloc_asprintf(mem_ctx, Error searching for parent domain of %s: %s, - ldb_dn_get_linearized(sdn), - ldb_errstring(ldb)); + *errstring = talloc_asprintf(mem_ctx, Error searching for parent domain of %s, failed searching for %s: %s, +ldb_dn_get_linearized(dn), +ldb_dn_get_linearized(sdn), +ldb_errstring(ldb)); talloc_free(local_ctx); return ret; } if (res-count != 1) { *errstring = talloc_asprintf(mem_ctx, Invalid dn (%s), not child of a domain object, -ldb_dn_get_linearized(sdn)); +ldb_dn_get_linearized(dn)); talloc_free(local_ctx); return LDB_ERR_CONSTRAINT_VIOLATION; }