The branch, v4-3-test has been updated via 19e089b WHATSNEW: Prepare release notes for Samba 4.3.0rc2 via 5066377 tdb: Fix broken build with --disable-python via aee0165 s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. via 466abc3 lib: replace: Add strsep function (missing on Solaris). via eac2f53 s3:wscript: fix indentation via 894784b build: fix build with gpfs support - add missing dependency to samba-debug via ab824a3 configure: add --with-gpfs option for selecting directory with gpfs headers via eb55fd0 WHATSNEW: a note about TLS protocol support via c111970 WHATSNEW: add a section about samba_kcc from 8e669b5 VERSION: Bump version up to 4.3.0rc2...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test - Log ----------------------------------------------------------------- commit 19e089b798bf47381dbb0d0fb61cd6f0d2e6dba9 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 3 14:14:40 2015 +0200 WHATSNEW: Prepare release notes for Samba 4.3.0rc2 Signed-off-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(v4-3-test): Stefan Metzmacher <me...@samba.org> Autobuild-Date(v4-3-test): Tue Aug 4 10:38:56 CEST 2015 on sn-devel-104 commit 50663772fef3b23130f2fff6210ff532164288ad Author: Martin Schwenke <mar...@meltin.net> Date: Thu Jul 23 09:47:24 2015 +1000 tdb: Fix broken build with --disable-python With --disable-python, we should not install any python files. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11424 Signed-off-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Amitay Isaacs <ami...@gmail.com> Autobuild-User(master): Amitay Isaacs <ami...@samba.org> Autobuild-Date(master): Thu Jul 23 18:50:25 CEST 2015 on sn-devel-104 (cherry picked from commit 509c37da1300b843e089dfcd6657e68fa8c8c746) commit aee0165f692abdcb8347b7933e0b658e00e5b451 Author: Justin Maggard <jmagg...@netgear.com> Date: Tue Jul 21 15:17:30 2015 -0700 s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. Somewhere along the line, a config line like "valid users = @foo" broke when "foo" also exists as a user. user_ok_token() already does the right thing by adding the LOOKUP_NAME_GROUP flag; but lookup_name() was not respecting that flag, and went ahead and looked for users anyway. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320 Signed-off-by: Justin Maggard <jmagg...@netgear.com> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Marc Muehlfeld <mmuehlf...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jul 28 21:35:58 CEST 2015 on sn-devel-104 (cherry picked from commit dc99d451bf23668d73878847219682fced547622) commit 466abc316218bcaa538d7feb8a353fc8284e87ba Author: Jeremy Allison <j...@samba.org> Date: Wed Jul 15 10:43:56 2015 -0700 lib: replace: Add strsep function (missing on Solaris). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11359 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ira Cooper <i...@wakeful.net> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Jul 29 02:24:55 CEST 2015 on sn-devel-104 (cherry picked from commit f07b746ad3f3ee2fcbb65a0d452ed80f07c9e8f9) commit eac2f538bf2b8d4f483232dcc0539d29a88b4529 Author: Björn Baumbach <b...@sernet.de> Date: Mon Jul 27 13:20:43 2015 +0200 s3:wscript: fix indentation Signed-off-by: Björn Baumbach <b...@sernet.de> Reviewed-by: Alexander Bokovoy <a...@samba.org> Reviewed-by: Martin Schwenke <mar...@meltin.net> (cherry picked from commit cef8897f45f1b231d26342688542560bbe695276) commit 894784ba192cca7840827cedad73fe04f2dc7bdd Author: Björn Baumbach <b...@sernet.de> Date: Mon Jul 27 15:15:07 2015 +0200 build: fix build with gpfs support - add missing dependency to samba-debug Fix for bug #11421 part 2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11421 Pair-programmed-with: Stefan Metzmacher <me...@samba.org> Signed-off-by: Björn Baumbach <b...@sernet.de> Reviewed-by: Alexander Bokovoy <a...@samba.org> Reviewed-by: Martin Schwenke <mar...@meltin.net> Autobuild-User(master): Martin Schwenke <mart...@samba.org> Autobuild-Date(master): Wed Jul 29 13:38:59 CEST 2015 on sn-devel-104 (cherry picked from commit d57e4ac3de5f53346a8d7c3f96825c1345b58f6a) commit ab824a3b978663d85aaf585b4441ff6cc82e510a Author: Björn Baumbach <b...@sernet.de> Date: Mon Jul 27 12:14:37 2015 +0200 configure: add --with-gpfs option for selecting directory with gpfs headers Fix for bug #11421 part 1. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11421 Signed-off-by: Björn Baumbach <b...@sernet.de> Reviewed-by: Alexander Bokovoy <a...@samba.org> Reviewed-by: Martin Schwenke <mar...@meltin.net> (cherry picked from commit b9bef361d95daf0f38363acbdec9c23f094ffaca) commit eb55fd0841a5fdc58364d628930113edc90ca5b6 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Jul 23 17:27:52 2015 +1200 WHATSNEW: a note about TLS protocol support It's a small thing but apparently much requested. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit c1119700d21a4a8dec2fd6de60f2ece1667e5873 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Jul 23 17:14:00 2015 +1200 WHATSNEW: add a section about samba_kcc Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: WHATSNEW.txt | 45 +++++++++++++++++++++++++++++++++++++++++++-- lib/replace/replace.c | 20 ++++++++++++++++++++ lib/replace/replace.h | 5 +++++ lib/replace/wscript | 4 ++-- lib/tdb/wscript | 11 ++++++----- lib/util/wscript | 4 ++++ lib/util/wscript_build | 3 +++ lib/util/wscript_configure | 2 +- source3/passdb/lookup_sid.c | 4 ++-- source3/passdb/lookup_sid.h | 2 +- source3/wscript | 2 +- 11 files changed, 88 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 89a03b5..f2ff8d4 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements ===================== -This is the first release candidate of Samba 4.3. This is *not* +This is the second release candidate of Samba 4.3. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -14,6 +14,7 @@ UPGRADING Nothing special. + NEW FEATURES ============ @@ -155,6 +156,28 @@ New modules vfs_unityed_media - see 'man 8 vfs_unityed_media' vfs_shell_snap - see 'man 8 vfs_shell_snap' +New sparsely connected replia graph (Improved KCC) +-------------------------------------------------- + +The Knowledge Consistency Checker (KCC) maintains a replication graph +for DCs across an AD network. The existing Samba KCC uses a fully +connected graph, so that each DC replicates from all the others, which +does not scale well with large networks. In 4.3 there is an +experimental new KCC that creates a sparsely connected replication +graph and closely follows Microsoft's specification. It is turned off +by default. To use the new KCC, set "kccsrv:samba_kcc=true" in +smb.conf and let us know how it goes. You should consider doing this +if you are making a large new network. For small networks there is +little benefit and you can always switch over at a later date. + +Configurable TLS protocol support, with better defaults +------------------------------------------------------- + +The "tls priority" option can be used to change the supported TLS +protocols. The default is to disable SSLv3, which is no longer +considered secure. + + ###################################################################### Changes ####### @@ -180,11 +203,29 @@ Removed modules vfs_notify_fam - see section 'New FileChangeNotify subsystem'. + KNOWN ISSUES ============ Currently none. + +CHANGES SINCE 4.2.0rc1 +====================== + +o Jeremy Allison <j...@samba.org> + * BUG 11359: strsep is not available on Solaris + +o Björn Baumbach <b...@sernet.de> + * BUG 11421: Build with GPFS support is broken + +o Justin Maggard <jmagg...@netgear.com> + * BUG 11320: "force group" with local group not working + +o Martin Schwenke <mar...@meltin.net + * BUG 11424: Build broken with --disable-python + + ####################################### Reporting bugs & Development Discussion ####################################### @@ -195,7 +236,7 @@ joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. All bug reports should -be filed under the Samba 4.3 product in the project's Bugzilla +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla database (https://bugzilla.samba.org/). diff --git a/lib/replace/replace.c b/lib/replace/replace.c index dccf514..0806ce3 100644 --- a/lib/replace/replace.c +++ b/lib/replace/replace.c @@ -475,6 +475,26 @@ char *rep_strcasestr(const char *haystack, const char *needle) } #endif +#ifndef HAVE_STRSEP +char *rep_strsep(char **pps, const char *delim) +{ + char *ret = *pps; + char *p = *pps; + + if (p == NULL) { + return NULL; + } + p += strcspn(p, delim); + if (*p == '\0') { + *pps = NULL; + } else { + *p = '\0'; + *pps = p + 1; + } + return ret; +} +#endif + #ifndef HAVE_STRTOK_R /* based on GLIBC version, copyright Free Software Foundation */ char *rep_strtok_r(char *s, const char *delim, char **save_ptr) diff --git a/lib/replace/replace.h b/lib/replace/replace.h index 3ff4e36..c764d06 100644 --- a/lib/replace/replace.h +++ b/lib/replace/replace.h @@ -349,6 +349,11 @@ void rep_setlinebuf(FILE *); char *rep_strcasestr(const char *haystack, const char *needle); #endif +#ifndef HAVE_STRSEP +#define strsep rep_strsep +char *rep_strsep(char **pps, const char *delim); +#endif + #ifndef HAVE_STRTOK_R #define strtok_r rep_strtok_r char *rep_strtok_r(char *s, const char *delim, char **save_ptr); diff --git a/lib/replace/wscript b/lib/replace/wscript index 516db2f..30eede2 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -240,7 +240,7 @@ def configure(conf): conf.CHECK_FUNCS('lstat getpgrp utime utimes setuid seteuid setreuid setresuid setgid setegid') conf.CHECK_FUNCS('setregid setresgid chroot strerror vsyslog setlinebuf mktime') conf.CHECK_FUNCS('ftruncate chsize rename waitpid wait4') - conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr') + conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr strsep') conf.CHECK_FUNCS('strtok_r mkdtemp dup2 dprintf vdprintf isatty chown lchown') conf.CHECK_FUNCS('link readlink symlink realpath snprintf vsnprintf') conf.CHECK_FUNCS('asprintf vasprintf setenv unsetenv strnlen strtoull __strtoull') @@ -630,7 +630,7 @@ REPLACEMENT_FUNCTIONS = { 'memmove', 'strdup', 'setlinebuf', 'vsyslog', 'strnlen', 'strndup', 'waitpid', 'seteuid', 'setegid', 'chroot', 'mkstemp', 'mkdtemp', 'pread', 'pwrite', 'strcasestr', - 'strtok_r', 'strtoll', 'strtoull', 'setenv', 'unsetenv', + 'strsep', 'strtok_r', 'strtoll', 'strtoull', 'setenv', 'unsetenv', 'utime', 'utimes', 'dup2', 'chown', 'link', 'readlink', 'symlink', 'lchown', 'realpath', 'memmem', 'vdprintf', 'dprintf', 'get_current_dir_name', diff --git a/lib/tdb/wscript b/lib/tdb/wscript index 5845fa0..1822e74 100644 --- a/lib/tdb/wscript +++ b/lib/tdb/wscript @@ -187,12 +187,13 @@ def build(bld): realname='tdb.so', cflags='-DPACKAGE_VERSION=\"%s\"' % VERSION) - for env in bld.gen_python_environments(['PKGCONFIGDIR']): - bld.SAMBA_SCRIPT('_tdb_text.py', - pattern='_tdb_text.py', - installdir='python') + if not bld.env.disable_python: + for env in bld.gen_python_environments(['PKGCONFIGDIR']): + bld.SAMBA_SCRIPT('_tdb_text.py', + pattern='_tdb_text.py', + installdir='python') - bld.INSTALL_FILES('${PYTHONARCHDIR}', '_tdb_text.py') + bld.INSTALL_FILES('${PYTHONARCHDIR}', '_tdb_text.py') def testonly(ctx): '''run tdb testsuite''' diff --git a/lib/util/wscript b/lib/util/wscript index 26b5564..953becf 100644 --- a/lib/util/wscript +++ b/lib/util/wscript @@ -17,3 +17,7 @@ def set_options(opt): opt.add_option('--without-lttng', help=("Disable lttng integration"), action='store_false', dest='enable_lttng') + + opt.add_option('--with-gpfs', + help=("Directory under which gpfs headers are installed"), + action="store", dest='gpfs_headers_dir', default="/usr/lpp/mmfs/include/") diff --git a/lib/util/wscript_build b/lib/util/wscript_build index 1014c75..9663bb0 100755 --- a/lib/util/wscript_build +++ b/lib/util/wscript_build @@ -30,6 +30,7 @@ bld.SAMBA_SUBSYSTEM('close-low-fd', local_include=False) samba_debug_add_deps = '' +samba_debug_add_inc = '' if bld.CONFIG_SET('HAVE_GPFS'): bld.SAMBA_SUBSYSTEM('gpfswrap', @@ -38,12 +39,14 @@ if bld.CONFIG_SET('HAVE_GPFS'): local_include=False, includes=bld.CONFIG_GET('CPPPATH_GPFS')) samba_debug_add_deps += ' gpfswrap' + samba_debug_add_inc += bld.CONFIG_GET('CPPPATH_GPFS') bld.SAMBA_LIBRARY('samba-debug', source='debug.c', deps='replace time-basic close-low-fd talloc socket-blocking' + samba_debug_add_deps, public_deps='systemd systemd-journal lttng-ust', local_include=False, + includes=samba_debug_add_inc, private_library=True) bld.SAMBA_LIBRARY('socket-blocking', diff --git a/lib/util/wscript_configure b/lib/util/wscript_configure index 95a8949..e7bcbd6 100644 --- a/lib/util/wscript_configure +++ b/lib/util/wscript_configure @@ -135,6 +135,6 @@ else: conf.SET_TARGET_TYPE('lttng-ust', 'EMPTY') conf.undefine('HAVE_LTTNG_TRACEF') -conf.env['CPPPATH_GPFS'] = '/usr/lpp/mmfs/include/' +conf.env['CPPPATH_GPFS'] = Options.options.gpfs_headers_dir if conf.CHECK_HEADERS('gpfs.h', False, False, "gpfs"): conf.DEFINE('HAVE_GPFS', '1') diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 3cc64de..3f99ee1 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -120,7 +120,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, goto ok; } - if (((flags & LOOKUP_NAME_NO_NSS) == 0) + if (((flags & (LOOKUP_NAME_NO_NSS|LOOKUP_NAME_GROUP)) == 0) && strequal(domain, unix_users_domain_name())) { if (lookup_unix_user_name(name, &sid)) { type = SID_NAME_USER; @@ -293,7 +293,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* 11. Ok, windows would end here. Samba has two more options: Unmapped users and unmapped groups */ - if (((flags & LOOKUP_NAME_NO_NSS) == 0) + if (((flags & (LOOKUP_NAME_NO_NSS|LOOKUP_NAME_GROUP)) == 0) && lookup_unix_user_name(name, &sid)) { domain = talloc_strdup(tmp_ctx, unix_users_domain_name()); type = SID_NAME_USER; diff --git a/source3/passdb/lookup_sid.h b/source3/passdb/lookup_sid.h index 872f4ef..8b5edf6 100644 --- a/source3/passdb/lookup_sid.h +++ b/source3/passdb/lookup_sid.h @@ -31,7 +31,7 @@ struct unixid; #define LOOKUP_NAME_NONE 0x00000000 #define LOOKUP_NAME_ISOLATED 0x00000001 /* Look up unqualified names */ #define LOOKUP_NAME_REMOTE 0x00000002 /* Ask others */ -#define LOOKUP_NAME_GROUP 0x00000004 /* (unused) This is a NASTY hack for +#define LOOKUP_NAME_GROUP 0x00000004 /* This is a NASTY hack for valid users = @foo where foo also exists in as user. */ #define LOOKUP_NAME_NO_NSS 0x00000008 /* no NSS calls to avoid diff --git a/source3/wscript b/source3/wscript index a9a7c14..4e940fa 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1634,7 +1634,7 @@ main() { default_static_modules.extend(TO_LIST('charset_macosxfs')) if conf.CONFIG_SET('HAVE_GPFS'): - default_shared_modules.extend(TO_LIST('vfs_gpfs')) + default_shared_modules.extend(TO_LIST('vfs_gpfs')) if (conf.CONFIG_SET('HAVE_LINUX_IOCTL') and conf.CONFIG_SET('HAVE_BASENAME') and conf.CONFIG_SET('HAVE_DIRNAME')): -- Samba Shared Repository