Re: [Samba] Cannot write over root owned file
I found out the new file created by your touch command was owned by lba:users. That was expected since I was in a shell as user lba. However, when I tried to copy over a root owned file, first as su and then as su -, the operation failed. Why can't I copy over a root owned file when I'm root? Because you're not actually root :-) I also noticed that, when I touched as su or su -, I could create the file but in each case owner was lba:users. However, when I did the same touch within my own file system, the file owner became root. I think I can see the problem here. When you run 'su', you become root on your own PC, however /mnt/tillie is *not* on your PC, so you don't become root in that directory - no matter what user you are (lba or root), Samba converts all your filesystem requests into whichever user mapped the share (i.e. the user who ran smbmount.) Since 'lba' mounted the share, all access to that filesystem is done as 'lba' on the remote PC, which is why the files are owned by lba even when you created them as root. I smbmounted the share with a simple _root_ script containing: smbmount //tillie/all /mnt/tillie -o uid=0 Shouldn't that have given me root priviledges? It could have, however you didn't specify a username. uid=0 means that all files will *appear* on your PC as if they're owned by root, ignoring who actually owns them on the server. What you probably want is to change that to username=root which will give you root access to the share on the *server* side. Once you've got root access to the share on the server, then you can start overwriting files. You can use the 'touch' trick to make sure you really have connected as root. Is sharing as root okay or is it bad practice? Why? It is somewhat bad practice, because depending on the set up, you could end up granting anyone on your local PC (including a virus) full root access to the other PC. However having said that, it is possible to do what you're trying to do safely (and sometimes granting root access is the only way to do it), but you have to be really careful that normal users don't get full access to the share. As long as you have to 'su' to root on your local PC *first*, before you can access the remote files, then it should be okay. I appreciate your helping me very much. You can see I'm a little confused how to take over my little network and bend it to my will g. No problem - I know just how confusing it can be :-) Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbindd- confused about when to use
Hello: I come to Samba with a strong Unix background but weak on the MS networking side. Hence I've read a lot of the Samba documentation, more than once... Something that continues to confuse me, however, is whether or not I want/need winbindd for the task at hand. Objective: replace aged NT4 domain/file server w/Samba based file server. Details: 1) approx. 25 users. stable staff environment w/low to no turnover. slow to no growth. 2) All workstations run Windows XP Pro. Only 1-2 mobile users w/ notebook pc's. 3) End users are low tech. No need to provide Unix shell, ftp, etc., accounts (sysadmin personnel are all unix geeks and use ssh). 4) email, webmail, etc. runs on dedicated servers using separate authentication systems. 5) sso is not a big win for this environment, although might be nice to migrate to LDAP backend after Samba4 goes stable so as to integrate email auth, address books, etc. OTOH, the complexities of LDAP might not be worth it for such small environment. 6) only two groups, membership and accounting. And only two members in the latter. Don't think I need complexities of nested groups ) but then I'm also not enough of a MS guy to make that call confidently at this juncture...). I'll add a managers group so management can snoop w/o having full domain admin rights. 7) posix acl's seem to work nicely with FreeBSD and Samba:) 8) stackable vfs to do some av scanning. 9) 2 network printers and too many cheap low end parallel, usb, etc inkjets that came bundled w/cheap Dell deals... None of the injets need to be accessed other than by local machine. CUPS for the two network printers. 10 Roaming profiles- not implemented in current scheme but will use on Samba replacement and begin to do more with profiles and management on backend side of things. Given the above criteria it seems pretty simple config w/Samba as PDC runing TDB supplemented w/some POSIX ACL's for group access, and clamav to handle some anti-virii scanning. I've gotten most all this working in test environment. That machine went away and is being used for other things so I no longer have the luxury;( I will soon roll out production machine something along the lines of above but I am unclear as to whether I should use WInbindd- It is unlikely any additional domain member servers will need to be added in near future. Password sync is not an issue since all we need to be concerned with is local tdb. There MAY be some need down the road to set up Squid proxy- mostly so management can track what employees are doing on the web during company time (history of abuse in the past but they have been waffling on this for sometime). ntlm_auth may or may not be a part of that picture. Too early to say at this juncture. I don't know enough about the nested and local vs. domain group of MS to make an informed decision. The last paragraph here discussing foreign sid's concerns me somewhat: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html#id2619561 e.g. If a user shows up with a notebook that is not part of domain. Assuming guest account is disabled they're not going to be granted any access whatsoever unless they know user/pass/domain credentials, correct? In which case they probably are authorized. So I'm not clear on the foreign sid bit.. In absence of evidence to the contrary my inclination is to skip the added complexity and forgo winbindd. But I also don't want to get caught in a bind 6 months down the road if some new criteria emerges that requires nested groups, ntlm_auth, etc. Sorry for the long winded post and so many questions. I have an awareness of this stuff but not the experience to make a clear decision. So I'm in search of enlightenment TIA for your indulgement;-) -- Best regards, Ken Gunderson Q: Because it reverses the logical flow of conversation. A: Why is putting a reply at the top of the message frowned upon? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] : Win XP Client does not remove directories
Hi, its me again. I have to post an addition to my problem described below. Yesterday my error occured again on the same client, who had this problem last time. I took the chance to do some network sniffing and compared the traffic from the sometimes bad working client to a good working client. The interesting fact about this is now, that windows sends two different types of delete requests (Delete Directory Request (0x01) and SET_FILE_INFO) First of all here are the relevant captured packets from a well working connection: Info: 1. I tried to remove the folder ! Mitarbeiter-Pool\CA\C_493__ on the share, which was an empty folder. Later on I also put a file into this directory and did the same again from the not working PC. 2. The Samba-Server has the IP 172.20.6.252 -- No. TimeSourceDestination Protocol Info 71 4.583519172.20.6.223 172.20.6.252 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \! Mitarbeiter-Pool\CA\C_493__ Frame 71 (194 bytes on wire, 194 bytes captured) Ethernet II, Src: 3com_47:11:02 (00:50:04:47:11:02), Dst: Dell_3d:d9:bc (00:13:72:3d:d9:bc) Internet Protocol, Src: 172.20.6.223 (172.20.6.223), Dst: 172.20.6.252 (172.20.6.252) Transmission Control Protocol, Src Port: 1036 (1036), Dst Port: microsoft-ds (445), Seq: 4040, Ack: 7618, Len: 140 NetBIOS Session Service SMB (Server Message Block Protocol) SMB Header Server Component: SMB Response in: 72 SMB Command: Trans2 (0x32) NT Status: STATUS_SUCCESS (0x) Flags: 0x18 Flags2: 0xc807 Process ID High: 0 Signature: Reserved: Tree ID: 2 Process ID: 2020 User ID: 103 Multiplex ID: 64643 Trans2 Request (0x32) Word Count (WCT): 15 Total Parameter Count: 68 Total Data Count: 0 Max Parameter Count: 2 Max Data Count: 40 Max Setup Count: 0 Reserved: 00 Flags: 0x Timeout: Return immediately (0) Reserved: Parameter Count: 68 Parameter Offset: 68 Data Count: 0 Data Offset: 0 Setup Count: 1 Reserved: 00 Subcommand: QUERY_PATH_INFO (0x0005) Byte Count (BCC): 71 Padding: 00 QUERY_PATH_INFO Parameters Level of Interest: Query File Basic Info (1004) Reserved: File Name: \! Mitarbeiter-Pool\CA\C_493__ No. TimeSourceDestination Protocol Info 72 4.583845172.20.6.252 172.20.6.223 SMB Trans2 Response, QUERY_PATH_INFO Frame 72 (158 bytes on wire, 158 bytes captured) Ethernet II, Src: Dell_3d:d9:bc (00:13:72:3d:d9:bc), Dst: 3com_47:11:02 (00:50:04:47:11:02) Internet Protocol, Src: 172.20.6.252 (172.20.6.252), Dst: 172.20.6.223 (172.20.6.223) Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 1036 (1036), Seq: 7618, Ack: 4180, Len: 104 NetBIOS Session Service SMB (Server Message Block Protocol) SMB Header Server Component: SMB Response to: 71 Time from request: 0.000326000 seconds SMB Command: Trans2 (0x32) NT Status: STATUS_SUCCESS (0x) Flags: 0x88 Flags2: 0xc841 Process ID High: 0 Signature: Reserved: Tree ID: 2 Process ID: 2020 User ID: 103 Multiplex ID: 64643 Trans2 Response (0x32) Subcommand: QUERY_PATH_INFO (0x0005) Word Count (WCT): 10 Total Parameter Count: 2 Total Data Count: 40 Reserved: Parameter Count: 2 Parameter Offset: 56 Parameter Displacement: 0 Data Count: 40 Data Offset: 60 Data Displacement: 0 Setup Count: 0 Reserved: 00 Byte Count (BCC): 45 Padding: 00 QUERY_PATH_INFO Parameters EA Error offset: 0 Padding: QUERY_PATH_INFO Data Created: May 2, 2006 15:12:34.0 Last Access: May 2, 2006 15:13:17.0 Last Write: May 2, 2006 15:12:34.0 Change: May 2, 2006 15:12:34.0 File Attributes: 0x0010 Unknown Data: No. TimeSourceDestination Protocol Info 73 4.584342172.20.6.223 172.20.6.252 SMB Delete Directory Request, Directory: \! Mitarbeiter-Pool\CA\C_493__ Frame 73 (156 bytes on wire, 156 bytes captured) Ethernet II, Src: 3com_47:11:02 (00:50:04:47:11:02), Dst: Dell_3d:d9:bc
Re: [Samba] Samba 4 and AD in Native Mode
On Tue, 2006-05-02 at 09:46 -0700, John Ackart wrote: Hi, Does anyone know if Samba 4 can extract NT Hashes from Active Directory running in Native Mode. I think so. We should have merged this back into Samba3 a year ago... Try it: You will need to first join, 'net join bdc domain', then 'net samdump' should give you the hashes. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Called NTLMSSP after state machine was 'done'
On Tue, 2006-05-02 at 17:46 -0300, Carlos Zottmann wrote: Hi !! I am installing Squid-2.5 Stable 13, on a FedoraCore 5 x86_64 machine, doing ntlm authentication through Samba 3.0.22, wich was installed via rpm. Everything is working fine except that the browser every now and then asks for the username and password. Which browser? I have done some basic samba tests, like wbinfo -t, wbinfo -u and wbinfo -g, and everthing worked ok. Looking at squid´s cache.log, I found the following error: [2006/05/02 11:33:00, 1] libsmb/ntlmssp.c:ntlmssp _update(231) Called NTLMSSP after state machine was 'done' Have anyone run into this yet? I wonder if the issue is due to some change at our end. We may have broken support where 'use_ntlm_negotiate' isn't set (in the squid configuration). This option permits better security in any case, so give it a try. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access doesn't grant delete access?!
On Wed, May 03, 2006 at 03:35:11PM +1000, Adam Nielsen wrote: Hi all, I've got these permissions set on a folder: $ getfacl htdocs # file: htdocs # owner: root # group: users user::rwx group::rwx group:DOMAIN\134htdocs_access:rwx mask::rwx other::r-x The idea being that any users in the htdocs_access group in Active Directory will have full access to this htdocs folder, without interfering with the real owner/group of the folder (which the web server uses.) This seems to work fine, except that any files I create through Windows Explorer I can't delete again (I can edit them and create more files, but I can't delete anything.) Viewing properties on the file indicates that the DOMAIN\htdocs_access group doesn't have Delete permission (the Delete checkbox is unticked) but the other permissions seem fine. I didn't realise that Samba treated Delete access separately to Write access - how do I grant Delete access on a folder? It doesn't. Can you post a debug level 10 log of a delete request please? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to access a 'guest ok' share from Windows without password?
I have a Slackware Linux box called Tillie with three shares. All at /, user at /home/user and public at /public which is guest ok for access without a password. The problem is that Tillie shows up in Windows Network Neighborhood as a single icon. To open that icon and see the three shares Windows demands a password, thus making it impossible to access. Is there any way to get around this? Larry -- Larry Alkoff N2LA - Austin TX Using Thunderbird on Slackware Linux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] share permissions
Hi list, I need to create the following share: user1 can create a file in the share but can't erase or change; user1 can just read the file when he creates it; user2 can delete and change the file user1 has created; I did like this: user1 is member of group group1; user2 is member of group group2; [share] path = /home/share read only = No write list = @group2 create mask = 575 force create mode = 0575 force user = user2 force group = group2 When user1 creates a file in share the files gets the permissons right: user2 group2 r_xrwxr_x filename and can't delete or change filename But user2 can't delete or change the filename even if he is in group2. 1. If I su - user2 in shell, I can delete and change it because I have group permissions for that, but via windows I can't. 2. Is that a problem in my configuration groups/users (my samba is working with ldap)? I already tryed to make group2 the primary group of user2, without any success. TIA, Joao Reis. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to access a 'guest ok' share from Windows withoutpassword?
Is the security parameter in your smb.conf file set the 'share'? If not, try to post your smb.conf file. Kirk - Original Message - From: Larry Alkoff [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Wednesday, May 03, 2006 12:56 PM Subject: [Samba] How to access a 'guest ok' share from Windows withoutpassword? I have a Slackware Linux box called Tillie with three shares. All at /, user at /home/user and public at /public which is guest ok for access without a password. The problem is that Tillie shows up in Windows Network Neighborhood as a single icon. To open that icon and see the three shares Windows demands a password, thus making it impossible to access. Is there any way to get around this? Larry -- Larry Alkoff N2LA - Austin TX Using Thunderbird on Slackware Linux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot write over root owned file
From: Larry Alkoff [EMAIL PROTECTED] However, when I tried to copy over a root owned file, first as su and then as su -, the operation failed. Why can't I copy over a root owned file when I'm root? I also noticed that, when I touched as su or su -, I could create the file but in each case owner was lba:users. However, when I did the same touch within my own file system, the file owner became root. I smbmounted the share with a simple _root_ script containing: smbmount //tillie/all /mnt/tillie -o uid=0 Shouldn't that have given me root priviledges? Which leads to the question, how do I act as root on a samba share? Or perhaps the question is how do I become root on the share? Is sharing as root okay or is it bad practice? Why? Larry, in your smb.conf, try this: valid users = you force user = root force group = root admin users = you I believe if you just set admin users = whoever, that will force the user and group to root by default. It has been a while since I played with this, but I still use it and it works... Aside: Next time you are at the Salt Lick in Driftwood, don't forget to order the blueberry cobbler and vanilla ice cream desert. Yes, after the family style all you can eat, it will hurt, but it is worth it... -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to access a 'guest ok' share from Windows withoutpassword?
Here is the smb.conf: [EMAIL PROTECTED] samba $ cat smb.conf.tillie # Global parameters [global] workgroup = LANET server string = Samba Server %v on %h map to guest = Bad User log level = 4 log file = /var/log/samba.%m time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hostname lookups = Yes logon home = \\%h\%u os level = 65 preferred master = Yes domain master = Yes wins proxy = Yes wins support = Yes hosts allow = 192.168.0., 127. [homes] comment = Home Directories read only = No browseable = No [all] comment = Entire disk from / path = / read only = No [lba] comment = Larry's home directory path = /home/lba read only = No [public] comment = Public directory path = /public read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No Kirk B. Dice wrote: Is the security parameter in your smb.conf file set the 'share'? If not, try to post your smb.conf file. Kirk - Original Message - From: Larry Alkoff [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Wednesday, May 03, 2006 12:56 PM Subject: [Samba] How to access a 'guest ok' share from Windows withoutpassword? I have a Slackware Linux box called Tillie with three shares. All at /, user at /home/user and public at /public which is guest ok for access without a password. The problem is that Tillie shows up in Windows Network Neighborhood as a single icon. To open that icon and see the three shares Windows demands a password, thus making it impossible to access. Is there any way to get around this? Larry -- Larry Alkoff N2LA - Austin TX Using Thunderbird on Slackware Linux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Larry Alkoff N2LA - Austin TX Using Thunderbird on Slackware Linux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot write over root owned file
david rankin wrote: From: Larry Alkoff [EMAIL PROTECTED] However, when I tried to copy over a root owned file, first as su and then as su -, the operation failed. Why can't I copy over a root owned file when I'm root? I also noticed that, when I touched as su or su -, I could create the file but in each case owner was lba:users. However, when I did the same touch within my own file system, the file owner became root. I smbmounted the share with a simple _root_ script containing: smbmount //tillie/all /mnt/tillie -o uid=0 Shouldn't that have given me root priviledges? Which leads to the question, how do I act as root on a samba share? Or perhaps the question is how do I become root on the share? Is sharing as root okay or is it bad practice? Why? Larry, in your smb.conf, try this: valid users = you force user = root force group = root admin users = you I believe if you just set admin users = whoever, that will force the user and group to root by default. It has been a while since I played with this, but I still use it and it works... I'm a little hesitant to access a share with full root access all the time. Do you consider this safe? What I've worked out is to mount tillie in my smbmt script with the line: smbmount //tillie/all /mnt/tillie which picks up the $USER. So if I run the script as $USER=root I'm root, otherwise a user even though my $UID=0 when I su to run the script and smbmount. I wish there was some way to su into a share but haven't seen it yet. Aside: Next time you are at the Salt Lick in Driftwood, don't forget to order the blueberry cobbler and vanilla ice cream desert. Yes, after the family style all you can eat, it will hurt, but it is worth it... Ahh, Salt Lick. I live close by, off Camp Ben Macoulough Rd about two miles from Hwy 290 West so I've been there more times than is good for me g Come to town some town and I'll treat you. I'm in the book. -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- Larry Alkoff N2LA - Austin TX Using Thunderbird on Slackware Linux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot write over root owned file
in smb.conf have you tried force user = root -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] share permissions
I do agree with you, this really don't make any sense, but this kind of police used to work in an old windows NT machine and the permissions was just like that. I don't really know if there is a way to make it work with posix acls, or samba... If anyone has any ideia... Sorry the poor english. Thanks, Joao Reis. On Wed, 2006-05-03 at 15:18 -0400, Eric Warnke wrote: What you are asking does not make any sense. If a user can modify a file, they can delete it. If a user can't modify a file, then they can't upload it. I would suggest reading up on unix permissions and then taking a fresh look at the problem. Maybe with some frankenstein scripts you could get it to work, but I doubt the samba list could help with that. Cheers, Eric On 5/3/06, João Alberto M. dos Reis [EMAIL PROTECTED] wrote: Hi list, I need to create the following share: user1 can create a file in the share but can't erase or change; user1 can just read the file when he creates it; user2 can delete and change the file user1 has created; I did like this: user1 is member of group group1; user2 is member of group group2; [share] path = /home/share read only = No write list = @group2 create mask = 575 force create mode = 0575 force user = user2 force group = group2 When user1 creates a file in share the files gets the permissons right: user2 group2 r_xrwxr_x filename and can't delete or change filename But user2 can't delete or change the filename even if he is in group2. 1. If I su - user2 in shell, I can delete and change it because I have group permissions for that, but via windows I can't. 2. Is that a problem in my configuration groups/users (my samba is working with ldap)? I already tryed to make group2 the primary group of user2, without any success. TIA, Joao Reis. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot write over root owned file
From: Larry Alkoff [EMAIL PROTECTED] david rankin wrote: From: Larry Alkoff [EMAIL PROTECTED] Which leads to the question, how do I act as root on a samba share? Or perhaps the question is how do I become root on the share? Is sharing as root okay or is it bad practice? Why? Larry, in your smb.conf, try this: valid users = you force user = root force group = root admin users = you I believe if you just set admin users = whoever, that will force the user and group to root by default. It has been a while since I played with this, but I still use it and it works... I'm a little hesitant to access a share with full root access all the time. Do you consider this safe? Yes, it's safe as long and you don't go wild hitting the [del] key in a willie-nillie fashion. What I usually do that masks this from all users except me is to create the user shares say: /home/samba/office /home/samba/forms /home/samba/jointcase Then for my use I include an additional share for my use only which give me root access to all share data; and that also hides the share from all users. YMMV, but it works for me. [samba] comment = Base Samba Share path = /home/samba valid users = david force user = david force group = ochiltree admin users = david browseable = no writeable = Yes inherit permissions = yes What I've worked out is to mount tillie in my smbmt script with the line: smbmount //tillie/all /mnt/tillie which picks up the $USER. So if I run the script as $USER=root I'm root, otherwise a user even though my $UID=0 when I su to run the script and smbmount. I wish there was some way to su into a share but haven't seen it yet. Well for me, its fire up PuTTy; www.chiark.greenend.org.uk/~sgtatham/putty/ ssh server, log in as me, su and you are in. Aside: Next time you are at the Salt Lick in Driftwood, don't forget to order the blueberry cobbler and vanilla ice cream desert. Yes, after the family style all you can eat, it will hurt, but it is worth it... Ahh, Salt Lick. I live close by, off Camp Ben Macoulough Rd about two miles from Hwy 290 West so I've been there more times than is good for me g Come to town some town and I'll treat you. I'm in the book. You are on! Both grand parents lived in Austin. 1807 Pearl, and the other in Jonestown on lake Travis. Ahh the days, the hike-n-bike, the lake, chasing squirrels with bb guns in Pease Park, Barton Springs (before it was topless), Town Lake. -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot write over root owned file
david rankin wrote: From: Larry Alkoff [EMAIL PROTECTED] david rankin wrote: From: Larry Alkoff [EMAIL PROTECTED] Which leads to the question, how do I act as root on a samba share? Or perhaps the question is how do I become root on the share? Is sharing as root okay or is it bad practice? Why? Larry, in your smb.conf, try this: valid users = you force user = root force group = root admin users = you I believe if you just set admin users = whoever, that will force the user and group to root by default. It has been a while since I played with this, but I still use it and it works... I'm a little hesitant to access a share with full root access all the time. Do you consider this safe? Yes, it's safe as long and you don't go wild hitting the [del] key in a willie-nillie fashion. What I usually do that masks this from all users except me is to create the user shares say: I usually log on to a share called 'all' that starts at / so I can have my way with the target computer. Up to now it's not been root access but I learned yesterday that I can smbmount as root and, by golly, the other machine obeys me. So I'll use that at need. /home/samba/office /home/samba/forms /home/samba/jointcase Then for my use I include an additional share for my use only which give me root access to all share data; and that also hides the share from all users. YMMV, but it works for me. How is the samba share hidden from the other users? Are you using security = user or share? Today I started experimenting with security = share and it looks a little easier to manage because the machine icon will open and list all the shares without a password. If you have security = share it looks to me like everyone would see the samba icon but could not access it since they didn't have the password (and maybe 'valid user = david' would prevent access also). Or did you mean 'access the samba share' by see? [samba] comment = Base Samba Share path = /home/samba valid users = david force user = david force group = ochiltree admin users = david browseable = no writeable = Yes inherit permissions = yes What I've worked out is to mount tillie in my smbmt script with the line: smbmount //tillie/all /mnt/tillie which picks up the $USER. So if I run the script as $USER=root I'm root, otherwise a user even though my $UID=0 when I su to run the script and smbmount. I wish there was some way to su into a share but haven't seen it yet. Well for me, its fire up PuTTy; www.chiark.greenend.org.uk/~sgtatham/putty/ ssh server, log in as me, su and you are in. I haven't done much PuTTy yet. At this point I'm trying to access all shares from the Linux boxes. I'm on a compaign to eliminate all Windows computers from my house except one or two, including changing out my wife's to a Mac. Most of my computing time is spent at one Linux box and I only access the Windows boxen by cli to transfer a few files and to backup. Aside: Next time you are at the Salt Lick in Driftwood, don't forget to order the blueberry cobbler and vanilla ice cream desert. Yes, after the family style all you can eat, it will hurt, but it is worth it... Ahh, Salt Lick. I live close by, off Camp Ben Macoulough Rd about two miles from Hwy 290 West so I've been there more times than is good for me g Come to town some town and I'll treat you. I'm in the book. You are on! Both grand parents lived in Austin. 1807 Pearl, and the other in Jonestown on lake Travis. Ahh the days, the hike-n-bike, the lake, chasing squirrels with bb guns in Pease Park, Barton Springs (before it was topless), Town Lake. Austin is a really lovely town that I found after a few years of 'city shopping' with my wife. I'll look forward to meeting you. It's probably best to give me some advance notice if you can but feel free to call any time. Larry -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankinlawfirm.com -- Larry Alkoff N2LA - Austin TX Using Thunderbird on Slackware Linux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba interface to CVS/Subversion
Hey all, Bit of a bogus question here as I only have a basic understanding of CVS and Subversion. A lot of the windows development tools we use in the office have CVS or Subversion modules allowing us greater source code control. It would be wonderful to have a samba share that acts as an interface to a CVS or Subversion backend. That way we can use any development tool and simply save our files to the network share and let CVS/Subversion handle everything behind the scenes. Am I dreaming? Could this be implemented with a standard samba setup and a bunch of scripts? Can any smart cookies out there show me samba configurations that allow programs to be run based on different file operations (save/delete/move/etc..)? Cheers heaps :) any pointers at all will be awesome. -- DaveB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] clearing old domain and wrokgroup cached names
Hi I'm using samba 2.2.7a on linux, How can I clean old domain and workgroup names. Where is this old cached domain names reside. I only have one domain and two workgroups. if I create temporary workgroup I cannot clean it from my domain. any help would be grateful. thanks chami -- This e-mail message is confidential and for use by the addressee only. If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer. Internet e-mails are not necessarily secure.Ministry of Finance Planning does not accept responsibility for changes made to this message after it was sent. Whilst all reasonable care has been taken to avoid the transmission of viruses, it is the responsibility of the recipient to ensure that the onward transmission, opening or use of this message and any attachments will not adversely affect its systems or data. No responsibility is accepted by Ministry of Finance Planning Sri Lanka in this regard. To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] wbinfo -r NT_STATUS_ACCESS_DENIED
Hi All, I am having trouble with winbind. I have samba sucessfully looking up users from an AD domain. wbinfo -u and wbinfo -g return users appropriatley. However wbinfo -r joeblow returns: Could not get groups for user joeblow Below is the information that is present in the logs: [2006/05/04 11:45:37, 3] nsswitch/winbindd_async.c:winbindd_dual_lookupname(695) [23088]: lookupname MYDOMAIN\joeblow [2006/05/04 11:45:37, 3] nsswitch/winbindd_async.c:winbindd_dual_getsidaliases(885) [23088]: getsidaliases [2006/05/04 11:45:37, 3] nsswitch/winbindd_async.c:winbindd_dual_getsidaliases(909) Could not lookup_useraliases: NT_STATUS_ACCESS_DENIED Any ideas? I am using samba v3.0.22 -- Adam Cassar ICT Manager NetRegistry Pty Ltd __ http://www.netregistry.com.au Tel: 02 9699 6099 Fax: 02 9699 6088 PO Box 270Broadway NSW 2007 Domains |Business Email|Web Hosting|E-Commerce Trusted by 10,000s of businesses since 1997 __ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba errors - need help or info
I am new to Samba, having just taken over management of a HPUX system in a mainly Windows environment. The system is running Samba 3.0.7. I am getting the following errors, repeatedly, in my log.smbd. What does it mean? Is this actually a problem or normal chatter for Samba? If it is a problem, what should I do to correct it? [2006/05/03 07:41:38, 0] lib/util_sock.c:set_socket_options(202) Failed to set socket option SO_KEEPALIVE (Error Invalid argument) [2006/05/03 07:41:38, 0] lib/util_sock.c:set_socket_options(202) Failed to set socket option TCP_NODELAY (Error Invalid argument) [2006/05/03 07:41:38, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Invalid argument [2006/05/03 07:41:39, 0] smbd/server.c:open_sockets_smbd(382) open_sockets_smbd: accept: No buffer space available Thanks for any help or advice, Bill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r15405 - in branches/SAMBA_4_0/source/build/m4: .
Author: metze Date: 2006-05-03 08:34:11 + (Wed, 03 May 2006) New Revision: 15405 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15405 Log: remove define for STAT_ST_BLOCKSIZE as it's not used anywhere and it doesn't belong to check_ld.m4 metze Modified: branches/SAMBA_4_0/source/build/m4/check_ld.m4 Changeset: Modified: branches/SAMBA_4_0/source/build/m4/check_ld.m4 === --- branches/SAMBA_4_0/source/build/m4/check_ld.m4 2006-05-03 03:42:56 UTC (rev 15404) +++ branches/SAMBA_4_0/source/build/m4/check_ld.m4 2006-05-03 08:34:11 UTC (rev 15405) @@ -34,15 +34,16 @@ # and these are for particular systems case $host_os in - *linux*) AC_DEFINE(LINUX,1,[Whether the host os is linux]) + *linux*) + AC_DEFINE(LINUX,1,[Whether the host os is linux]) BLDSHARED=true LDSHFLAGS=-shared DYNEXP=-Wl,--export-dynamic PICFLAG=-fPIC SONAMEFLAG=-Wl,-soname= - AC_DEFINE(STAT_ST_BLOCKSIZE,512) ;; - *solaris*) AC_DEFINE(SUNOS5,1,[Whether the host os is solaris]) + *solaris*) + AC_DEFINE(SUNOS5,1,[Whether the host os is solaris]) BLDSHARED=true LDSHFLAGS=-G if test ${GCC} = yes; then @@ -57,27 +58,27 @@ LDSHFLAGS=-G \${CFLAGS} PICSUFFIX=po.o fi - AC_DEFINE(STAT_ST_BLOCKSIZE,512,[The size of a block]) ;; - *sunos*) AC_DEFINE(SUNOS4,1,[Whether the host os is sunos4]) + *sunos*) + AC_DEFINE(SUNOS4,1,[Whether the host os is sunos4]) BLDSHARED=true LDSHFLAGS=-G PICFLAG=-KPIC # Is this correct for SunOS - AC_DEFINE(STAT_ST_BLOCKSIZE,512) ;; - *netbsd* | *freebsd*) BLDSHARED=true + *netbsd* | *freebsd*) + BLDSHARED=true LDSHFLAGS=-shared DYNEXP=-Wl,--export-dynamic PICFLAG=-fPIC -DPIC - AC_DEFINE(STAT_ST_BLOCKSIZE,512,[The size of a block]) ;; - *openbsd*) BLDSHARED=true + *openbsd*) + BLDSHARED=true LDSHFLAGS=-shared DYNEXP=-Wl,-Bdynamic PICFLAG=-fPIC - AC_DEFINE(STAT_ST_BLOCKSIZE,512,[The size of a block]) ;; - *irix*) AC_DEFINE(IRIX,1,[Whether the host os is irix]) + *irix*) + AC_DEFINE(IRIX,1,[Whether the host os is irix]) ATTEMPT_WRAP32_BUILD=yes BLDSHARED=true LDSHFLAGS=-set_version sgi1.0 -shared @@ -88,9 +89,9 @@ else PICFLAG=-KPIC fi - AC_DEFINE(STAT_ST_BLOCKSIZE,512,[The size of a block]) ;; - *aix*) AC_DEFINE(AIX,1,[Whether the host os is aix]) + *aix*) + AC_DEFINE(AIX,1,[Whether the host os is aix]) BLDSHARED=true LDSHFLAGS=-Wl,-bexpall,-bM:SRE,-bnoentry,-berok DYNEXP=-Wl,-brtl,-bexpall,-bbigtoc @@ -99,10 +100,9 @@ ## for funky AIX compiler using strncpy() CFLAGS=$CFLAGS -D_LINUX_SOURCE_COMPAT -qmaxmem=32000 fi - - AC_DEFINE(STAT_ST_BLOCKSIZE,DEV_BSIZE,[The size of a block]) ;; - *hpux*) AC_DEFINE(HPUX,1,[Whether the host os is HPUX]) + *hpux*) + AC_DEFINE(HPUX,1,[Whether the host os is HPUX]) SHLIBEXT=sl # Use special PIC flags for the native HP-UX compiler. if test $ac_cv_prog_cc_Ae = yes; then @@ -113,64 +113,64 @@ PICFLAG=+z fi DYNEXP=-Wl,-E - AC_DEFINE(STAT_ST_BLOCKSIZE,8192,[The size of a block]) ;; - *qnx*) AC_DEFINE(QNX,1,[Whether the host os is qnx]) - AC_DEFINE(STAT_ST_BLOCKSIZE,512) + *qnx*) + AC_DEFINE(QNX,1,[Whether the host os is qnx]) ;; - *osf*) AC_DEFINE(OSF1,1,[Whether the host os is osf1]) + *osf*) + AC_DEFINE(OSF1,1,[Whether the host os is osf1]) BLDSHARED=true LDSHFLAGS=-shared SONAMEFLAG=-Wl,-soname, PICFLAG=-fPIC - AC_DEFINE(STAT_ST_BLOCKSIZE,512) ;; - *sco*) AC_DEFINE(SCO,1,[Whether the host os is sco unix]) - AC_DEFINE(STAT_ST_BLOCKSIZE,512) + *sco*) + AC_DEFINE(SCO,1,[Whether the host os is sco unix]) ;; - *unixware*) AC_DEFINE(UNIXWARE,1,[Whether the host os is unixware]) + *unixware*) + AC_DEFINE(UNIXWARE,1,[Whether the host os is
svn commit: samba r15406 - in branches/SAMBA_4_0/source: client lib lib/registry/tools lib/replace lib/smbreadline
Author: jelmer Date: 2006-05-03 09:07:38 + (Wed, 03 May 2006) New Revision: 15406 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15406 Log: Move 'smbreadline' out of libreplace as it doesn't replace functionality not available on some platforms but is a Samba-specific library. Added: branches/SAMBA_4_0/source/lib/smbreadline/ branches/SAMBA_4_0/source/lib/smbreadline/readline.m4 branches/SAMBA_4_0/source/lib/smbreadline/smbreadline.c branches/SAMBA_4_0/source/lib/smbreadline/smbreadline.h Removed: branches/SAMBA_4_0/source/lib/replace/readline.c branches/SAMBA_4_0/source/lib/replace/readline.m4 branches/SAMBA_4_0/source/lib/replace/smbreadline.h Modified: branches/SAMBA_4_0/source/client/client.c branches/SAMBA_4_0/source/lib/registry/tools/regshell.c branches/SAMBA_4_0/source/lib/replace/README branches/SAMBA_4_0/source/lib/replace/config.m4 Changeset: Modified: branches/SAMBA_4_0/source/client/client.c === --- branches/SAMBA_4_0/source/client/client.c 2006-05-03 08:34:11 UTC (rev 15405) +++ branches/SAMBA_4_0/source/client/client.c 2006-05-03 09:07:38 UTC (rev 15406) @@ -38,7 +38,7 @@ #include system/time.h /* needed by some systems for asctime() */ #include libcli/resolve/resolve.h #include libcli/security/security.h -#include lib/replace/smbreadline.h +#include lib/smbreadline/smbreadline.h #include librpc/gen_ndr/ndr_nbt.h static int io_bufsize = 64512; Modified: branches/SAMBA_4_0/source/lib/registry/tools/regshell.c === --- branches/SAMBA_4_0/source/lib/registry/tools/regshell.c 2006-05-03 08:34:11 UTC (rev 15405) +++ branches/SAMBA_4_0/source/lib/registry/tools/regshell.c 2006-05-03 09:07:38 UTC (rev 15406) @@ -25,7 +25,7 @@ #include lib/events/events.h #include lib/registry/reg_backend_rpc.h #include system/time.h -#include lib/replace/smbreadline.h +#include lib/smbreadline/smbreadline.h #include librpc/gen_ndr/ndr_security.h /* Modified: branches/SAMBA_4_0/source/lib/replace/README === --- branches/SAMBA_4_0/source/lib/replace/README2006-05-03 08:34:11 UTC (rev 15405) +++ branches/SAMBA_4_0/source/lib/replace/README2006-05-03 09:07:38 UTC (rev 15406) @@ -50,6 +50,7 @@ pwrite getpass readline (the library) +inet_ntoa Types: bool Modified: branches/SAMBA_4_0/source/lib/replace/config.m4 === --- branches/SAMBA_4_0/source/lib/replace/config.m4 2006-05-03 08:34:11 UTC (rev 15405) +++ branches/SAMBA_4_0/source/lib/replace/config.m4 2006-05-03 09:07:38 UTC (rev 15406) @@ -140,7 +140,6 @@ #endif] ) -sinclude(lib/replace/readline.m4) sinclude(lib/replace/getpass.m4) dnl VA_COPY Deleted: branches/SAMBA_4_0/source/lib/replace/readline.c === --- branches/SAMBA_4_0/source/lib/replace/readline.c2006-05-03 08:34:11 UTC (rev 15405) +++ branches/SAMBA_4_0/source/lib/replace/readline.c2006-05-03 09:07:38 UTC (rev 15406) @@ -1,164 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Samba readline wrapper implementation - Copyright (C) Simo Sorce 2001 - Copyright (C) Andrew Tridgell 2001 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include includes.h -#include pstring.h - -#include unistd.h -#include system/readline.h - -/*** - Similar to sys_select() but catch EINTR and continue. - This is what sys_select() used to do in Samba. -/ - -int sys_select_intr(int maxfd, fd_set *readfds, fd_set *writefds, fd_set *errorfds, struct timeval *tval) -{ - int ret; - fd_set *readfds2, readfds_buf, *writefds2, writefds_buf, *errorfds2, errorfds_buf; - struct timeval tval2, *ptval; - - readfds2 = (readfds ? readfds_buf : NULL); - writefds2 = (writefds ? writefds_buf : NULL); - errorfds2 = (errorfds ? errorfds_buf : NULL); - ptval = (tval ? tval2 : NULL); - - do { - if (readfds) -
svn commit: samba r15407 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: jelmer Date: 2006-05-03 09:10:45 + (Wed, 03 May 2006) New Revision: 15407 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15407 Log: Get rid of some more uint_t Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2006-05-03 09:07:38 UTC (rev 15406) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_basic.c2006-05-03 09:10:45 UTC (rev 15407) @@ -624,7 +624,7 @@ } _PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const char *type, - const char *val, uint_t value) + const char *val, uint32_t value) { if (ndr-flags LIBNDR_PRINT_ARRAY_HEX) { ndr-print(ndr, %-25s: %s (0x%X), name, val?val:UNKNOWN_ENUM_VALUE, value); @@ -633,7 +633,7 @@ } } -_PUBLIC_ void ndr_print_bitmap_flag(struct ndr_print *ndr, size_t size, const char *flag_name, uint_t flag, uint_t value) +_PUBLIC_ void ndr_print_bitmap_flag(struct ndr_print *ndr, size_t size, const char *flag_name, uint32_t flag, uint32_t value) { /* this is an attempt to support multi-bit bitmap masks */ value = flag;
svn commit: samba r15408 - in branches/SAMBA_4_0/source/gtk: common tools
Author: jelmer Date: 2006-05-03 09:11:36 + (Wed, 03 May 2006) New Revision: 15408 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15408 Log: Fix some small bugs in the GTK+ tools Add utility function for connection to an interface Modified: branches/SAMBA_4_0/source/gtk/common/gtk-smb.c branches/SAMBA_4_0/source/gtk/common/gtk-smb.h branches/SAMBA_4_0/source/gtk/common/select.c branches/SAMBA_4_0/source/gtk/common/select.h branches/SAMBA_4_0/source/gtk/tools/gepdump.c branches/SAMBA_4_0/source/gtk/tools/gwcrontab.c branches/SAMBA_4_0/source/gtk/tools/gwsam.c branches/SAMBA_4_0/source/gtk/tools/gwsam_user.c Changeset: Sorry, the patch is too large (615 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15408
svn commit: samba r15409 - in branches/SAMBA_4_0/source: . gtk gtk/tools
Author: jelmer Date: 2006-05-03 09:12:42 + (Wed, 03 May 2006) New Revision: 15409 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15409 Log: Start working on GTK+ tool for services management Added: branches/SAMBA_4_0/source/gtk/tools/gwsvcctl.c Modified: branches/SAMBA_4_0/source/configure.in branches/SAMBA_4_0/source/gtk/config.mk Changeset: Modified: branches/SAMBA_4_0/source/configure.in === --- branches/SAMBA_4_0/source/configure.in 2006-05-03 09:11:36 UTC (rev 15408) +++ branches/SAMBA_4_0/source/configure.in 2006-05-03 09:12:42 UTC (rev 15409) @@ -14,6 +14,7 @@ sinclude(lib/replace/config.m4) sinclude(lib/replace/win32/config.m4) sinclude(lib/replace/repdir/config.m4) +sinclude(lib/smbreadline/readline.m4) sinclude(include/system/config.m4) sinclude(build/m4/rewrite.m4) sinclude(heimdal_build/config.m4) Modified: branches/SAMBA_4_0/source/gtk/config.mk === --- branches/SAMBA_4_0/source/gtk/config.mk 2006-05-03 09:11:36 UTC (rev 15408) +++ branches/SAMBA_4_0/source/gtk/config.mk 2006-05-03 09:12:42 UTC (rev 15409) @@ -29,6 +29,12 @@ OBJ_FILES = tools/gwcrontab.o PRIVATE_DEPENDENCIES = LIBSAMBA-CONFIG gtksamba RPC_NDR_ATSVC +[BINARY::gwsvcctl] +INSTALLDIR = BINDIR +MANPAGE = man/gwsvcctl.1 +OBJ_FILES = tools/gwsvcctl.o +PRIVATE_DEPENDENCIES = LIBSAMBA-CONFIG gtksamba RPC_NDR_SVCCTL + # This binary is disabled for now as it doesn't do anything useful yet... [BINARY::gwsam] #INSTALLDIR = BINDIR Added: branches/SAMBA_4_0/source/gtk/tools/gwsvcctl.c === --- branches/SAMBA_4_0/source/gtk/tools/gwsvcctl.c 2006-05-03 09:11:36 UTC (rev 15408) +++ branches/SAMBA_4_0/source/gtk/tools/gwsvcctl.c 2006-05-03 09:12:42 UTC (rev 15409) @@ -0,0 +1,217 @@ +/* + Unix SMB/CIFS implementation. + GTK+ Windows services management + + Copyright (C) Jelmer Vernooij 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include includes.h +#include librpc/gen_ndr/ndr_svcctl_c.h +#include gtk/common/gtk-smb.h +#include auth/credentials/credentials.h +#include gtk/common/select.h + +static struct dcerpc_pipe *svcctl_pipe = NULL; +static GtkWidget *mainwin; +static GtkListStore *store_services; +static GtkWidget *services; +static GtkWidget *new_service, *delete_service, *edit_service, *start_service, *stop_service; + +static void on_connect_activate(GtkMenuItem *menuitem, gpointer user_data) +{ + TALLOC_CTX *mem_ctx = talloc_init(gwsvcctl_connect); + + svcctl_pipe = gtk_connect_rpc_interface(mem_ctx, dcerpc_table_svcctl); + if (svcctl_pipe == NULL) + return; + + gtk_widget_set_sensitive (new_service, TRUE); + + /* FIXME: Fetch list of services and display */ +} + +static void on_quit_activate(GtkMenuItem *menuitem, gpointer user_data) +{ + talloc_free(svcctl_pipe); + gtk_main_quit(); +} + +static void on_about_activate(GtkMenuItem *menuitem, gpointer user_data) +{ + GtkDialog *aboutwin = GTK_DIALOG(create_gtk_samba_about_dialog(gwcrontab)); + gtk_dialog_run(aboutwin); + gtk_widget_destroy(GTK_WIDGET(aboutwin)); +} + +static GtkWidget* create_mainwindow (void) +{ + GtkWidget *mainwindow; + GtkWidget *vbox; + GtkWidget *menubar; + GtkWidget *menuitem4; + GtkWidget *menuitem4_menu; + GtkWidget *mnu_connect; + GtkWidget *separatormenuitem1; + GtkWidget *quit; + GtkWidget *service; + GtkWidget *service_menu; + GtkCellRenderer *renderer; + GtkTreeViewColumn *curcol; + GtkWidget *menuitem7; + GtkWidget *menuitem7_menu; + GtkWidget *about; + GtkWidget *scrolledwindow; + GtkWidget *statusbar; + GtkAccelGroup *accel_group; + + accel_group = gtk_accel_group_new (); + + mainwindow = gtk_window_new (GTK_WINDOW_TOPLEVEL); + gtk_window_set_default_size (GTK_WINDOW (mainwindow), 642, 562); + gtk_window_set_title (GTK_WINDOW (mainwindow), Service Management); + + vbox = gtk_vbox_new (FALSE, 0); + gtk_container_add (GTK_CONTAINER (mainwindow), vbox); + + menubar =
svn commit: samba r15410 - in branches/SAMBA_4_0/source/gtk/common: .
Author: jelmer Date: 2006-05-03 10:05:08 + (Wed, 03 May 2006) New Revision: 15410 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15410 Log: Fix segfaults Modified: branches/SAMBA_4_0/source/gtk/common/credentials.c branches/SAMBA_4_0/source/gtk/common/select.c Changeset: Modified: branches/SAMBA_4_0/source/gtk/common/credentials.c === --- branches/SAMBA_4_0/source/gtk/common/credentials.c 2006-05-03 09:12:42 UTC (rev 15409) +++ branches/SAMBA_4_0/source/gtk/common/credentials.c 2006-05-03 10:05:08 UTC (rev 15410) @@ -52,7 +52,8 @@ gtk_table_attach(GTK_TABLE(table), entry_domain, 1,2,0,1, GTK_FILL, 0,0,0); gtk_entry_set_activates_default (GTK_ENTRY (entry_domain), TRUE); - if (credentials-domain_obtained != CRED_UNINITIALISED) { + if (credentials-domain_obtained != CRED_UNINITIALISED + credentials-domain) { gtk_entry_set_text(GTK_ENTRY(entry_domain), credentials-domain); } @@ -75,7 +76,8 @@ gtk_table_attach(GTK_TABLE(table),entry_password,1,2,3,4,GTK_FILL,0,0,0); gtk_entry_set_visibility (GTK_ENTRY (entry_password), FALSE); gtk_entry_set_activates_default (GTK_ENTRY (entry_password), TRUE); - if (credentials-password_obtained != CRED_UNINITIALISED) { + if (credentials-password_obtained != CRED_UNINITIALISED + credentials-password) { gtk_entry_set_text(GTK_ENTRY(entry_password), credentials-password); } Modified: branches/SAMBA_4_0/source/gtk/common/select.c === --- branches/SAMBA_4_0/source/gtk/common/select.c 2006-05-03 09:12:42 UTC (rev 15409) +++ branches/SAMBA_4_0/source/gtk/common/select.c 2006-05-03 10:05:08 UTC (rev 15410) @@ -293,11 +293,13 @@ if(!NT_STATUS_IS_OK(status)) { gtk_show_ntstatus(NULL, While connecting to interface, status); gtk_widget_destroy(GTK_WIDGET(d)); - talloc_free(mem_ctx); + talloc_free(cred); return NULL; } gtk_widget_destroy(GTK_WIDGET(d)); + + talloc_free(cred); return pipe; }
svn commit: samba r15411 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch
Author: gd Date: 2006-05-03 10:19:49 + (Wed, 03 May 2006) New Revision: 15411 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15411 Log: Small debug fixes for the PAM module. Guenther Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c trunk/source/nsswitch/pam_winbind.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-05-03 10:05:08 UTC (rev 15410) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-05-03 10:19:49 UTC (rev 15411) @@ -286,8 +286,7 @@ return retval; case PAM_USER_UNKNOWN: /* the user does not exist */ - _pam_log_debug(ctrl, LOG_NOTICE, user `%s' not found, -user); + _pam_log_debug(ctrl, LOG_NOTICE, user `%s' not found, user); if (ctrl WINBIND_UNKNOWN_OK_ARG) { return PAM_IGNORE; } @@ -475,6 +474,7 @@ if (response.data.auth.info3.user_flgs LOGON_CACHED_ACCOUNT) { _make_remark(pamh, PAM_ERROR_MSG, Logging on using cached account. Network ressources can be unavailable); + _pam_log_debug(ctrl, LOG_DEBUG,User %s logged on using cached account\n, user); } /* save the CIFS homedir for pam_cifs / pam_mount */ Modified: trunk/source/nsswitch/pam_winbind.c === --- trunk/source/nsswitch/pam_winbind.c 2006-05-03 10:05:08 UTC (rev 15410) +++ trunk/source/nsswitch/pam_winbind.c 2006-05-03 10:19:49 UTC (rev 15411) @@ -286,8 +286,7 @@ return retval; case PAM_USER_UNKNOWN: /* the user does not exist */ - _pam_log_debug(ctrl, LOG_NOTICE, user `%s' not found, -user); + _pam_log_debug(ctrl, LOG_NOTICE, user `%s' not found, user); if (ctrl WINBIND_UNKNOWN_OK_ARG) { return PAM_IGNORE; } @@ -475,6 +474,7 @@ if (response.data.auth.info3.user_flgs LOGON_CACHED_ACCOUNT) { _make_remark(pamh, PAM_ERROR_MSG, Logging on using cached account. Network ressources can be unavailable); + _pam_log_debug(ctrl, LOG_DEBUG,User %s logged on using cached account\n, user); } /* save the CIFS homedir for pam_cifs / pam_mount */
svn commit: samba r15412 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: mimir Date: 2006-05-03 11:24:17 + (Wed, 03 May 2006) New Revision: 15412 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15412 Log: Put the test in a dangerous category. rafal Modified: branches/SAMBA_4_0/source/torture/rpc/async_bind.c Changeset: Modified: branches/SAMBA_4_0/source/torture/rpc/async_bind.c === --- branches/SAMBA_4_0/source/torture/rpc/async_bind.c 2006-05-03 10:19:49 UTC (rev 15411) +++ branches/SAMBA_4_0/source/torture/rpc/async_bind.c 2006-05-03 11:24:17 UTC (rev 15412) @@ -49,6 +49,11 @@ struct dcerpc_pipe *pipe[ASYNC_COUNT]; struct dcerpc_interface_table *table[ASYNC_COUNT]; + if (!lp_parm_bool(-1, torture, dangerous, False)) { + printf(async bind test disabled - enable dangerous tests to use\n); + return True; + } + binding_string = lp_parm_string(-1, torture, binding); /* talloc context */
svn commit: samba r15413 - in branches/SAMBA_4_0/source/gtk: .
Author: jelmer Date: 2006-05-03 11:52:20 + (Wed, 03 May 2006) New Revision: 15413 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15413 Log: Disable gwsvcctl on hosts without gtk Modified: branches/SAMBA_4_0/source/gtk/config.m4 Changeset: Modified: branches/SAMBA_4_0/source/gtk/config.m4 === --- branches/SAMBA_4_0/source/gtk/config.m4 2006-05-03 11:24:17 UTC (rev 15412) +++ branches/SAMBA_4_0/source/gtk/config.m4 2006-05-03 11:52:20 UTC (rev 15413) @@ -6,12 +6,14 @@ SMB_ENABLE(gwcrontab, NO) SMB_ENABLE(gwsam, NO) SMB_ENABLE(gepdump, NO) +SMB_ENABLE(gwsvcctl, NO) if test t$SMB_ENABLE_gtk = tYES; then SMB_ENABLE(gtksamba, YES) SMB_ENABLE(gregedit, YES) SMB_ENABLE(gwcrontab, YES) SMB_ENABLE(gwsam, YES) + SMB_ENABLE(gwsvcctl, YES) SMB_ENABLE(gepdump, YES) AC_DEFINE(HAVE_GTK, 1, [Whether GTK+ is available]) fi
svn commit: samba-web r979 - in trunk/projects: .
Author: jerry Date: 2006-05-03 12:45:07 + (Wed, 03 May 2006) New Revision: 979 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=979 Log: applications are not limited to the project ideas on this page Modified: trunk/projects/summercode06.html Changeset: Modified: trunk/projects/summercode06.html === --- trunk/projects/summercode06.html2006-05-02 19:42:13 UTC (rev 978) +++ trunk/projects/summercode06.html2006-05-03 12:45:07 UTC (rev 979) @@ -11,7 +11,9 @@ The projects listed here may be updated as developers refine a project's outline. Questions about Samba's participation in the program or for clarifications about a project idea, scope or design should be mailed to -a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a./p +a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a. +Note that you are not limited to the project ideas listed here. Please email us if you +have a new idea you would like to discuss./p pIf you are considering applying to SoC 2006, please make sure to read the a href=http://code.google.com/soc/studentfaq.html;Student FAQ/a. Pay close @@ -21,9 +23,11 @@ work on the project you are proposing and that you understand the scope of the problem./p -pemUpdate (1 May):/em The a href=http://code.google.com/soc/student_step1.html;student application +pUpdate (1 May): The a href=http://code.google.com/soc/student_step1.html;student application form/a is now open for submissions at Google./p +pBest of luck to all the Summer of Code applicants. b-- The Samba Team/b/p + /div h2Project Ideas/h2
svn commit: samba r15414 - in branches/SAMBA_4_0/source/auth/credentials: .
Author: jelmer Date: 2006-05-03 14:15:31 + (Wed, 03 May 2006) New Revision: 15414 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15414 Log: Support retrying different username/password combinations Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c branches/SAMBA_4_0/source/auth/credentials/credentials.h Changeset: Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c === --- branches/SAMBA_4_0/source/auth/credentials/credentials.c2006-05-03 11:52:20 UTC (rev 15413) +++ branches/SAMBA_4_0/source/auth/credentials/credentials.c2006-05-03 14:15:31 UTC (rev 15414) @@ -639,3 +639,24 @@ return False; } + +/** + * Mark the current password for a credentials struct as wrong. This will + * cause the password to be prompted again (if a callback is set). + * + * This will decremebt the number of times the password can be tried. + * + * @retval whether the credentials struct is finished + */ +BOOL cli_credentials_wrong_password(struct cli_credentials *cred) +{ + if (cred-password_obtained != CRED_CALLBACK_RESULT) { + return False; + } + + cred-password_obtained = CRED_CALLBACK; + + cred-tries--; + + return (cred-tries 0); +} Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.h === --- branches/SAMBA_4_0/source/auth/credentials/credentials.h2006-05-03 11:52:20 UTC (rev 15413) +++ branches/SAMBA_4_0/source/auth/credentials/credentials.h2006-05-03 14:15:31 UTC (rev 15414) @@ -3,7 +3,7 @@ Client credentials structure - Copyright (C) Jelmer Vernooij 2004-2005 + Copyright (C) Jelmer Vernooij 2004-2006 Copyright (C) Andrew Bartlett [EMAIL PROTECTED] 2005 This program is free software; you can redistribute it and/or modify @@ -33,6 +33,7 @@ CRED_GUESS_ENV, /* Current value should be used, which was guessed */ CRED_CALLBACK, /* Callback should be used to obtain value */ CRED_GUESS_FILE, /* A guess from a file (or file pointed at in env variable) */ + CRED_CALLBACK_RESULT,/* Value was obtained from a callback */ CRED_SPECIFIED /* Was explicitly specified on the command-line */ }; @@ -104,6 +105,9 @@ /* Should we be trying to use kerberos? */ enum credentials_use_kerberos use_kerberos; + + /* Number of retries left before bailing out */ + int tries; }; #include auth/credentials/credentials_proto.h
svn commit: samba r15415 - in branches/SAMBA_4_0/source: auth/credentials libcli/smb_composite
Author: abartlet Date: 2006-05-03 14:54:57 + (Wed, 03 May 2006) New Revision: 15415 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15415 Log: Use Jelmer's new credentials 'wrong password' code to give the user 3 attempts for the password, when talking to a remote CIFS server. Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c Changeset: Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c === --- branches/SAMBA_4_0/source/auth/credentials/credentials.c2006-05-03 14:15:31 UTC (rev 15414) +++ branches/SAMBA_4_0/source/auth/credentials/credentials.c2006-05-03 14:54:57 UTC (rev 15415) @@ -58,6 +58,8 @@ cred-bind_dn = NULL; + cred-tries = 3; + cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS); return cred; @@ -233,7 +235,7 @@ if (cred-password_obtained == CRED_CALLBACK) { cred-password = cred-password_cb(cred); - cred-password_obtained = CRED_SPECIFIED; + cred-password_obtained = CRED_CALLBACK_RESULT; } return cred-password; Modified: branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c === --- branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c 2006-05-03 14:15:31 UTC (rev 15414) +++ branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c 2006-05-03 14:54:57 UTC (rev 15415) @@ -36,6 +36,18 @@ struct smbcli_request *req; }; +static NTSTATUS session_setup_old(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); +static NTSTATUS session_setup_nt1(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); +static NTSTATUS session_setup_spnego(struct composite_context *c, +struct smbcli_session *session, +struct smb_composite_sesssetup *io, +struct smbcli_request **req); /* store the user session key for a transport @@ -58,21 +70,60 @@ struct smbcli_session *session = req-session; DATA_BLOB session_key = data_blob(NULL, 0); DATA_BLOB null_data_blob = data_blob(NULL, 0); - NTSTATUS session_key_err; + NTSTATUS session_key_err, nt_status; c-status = smb_raw_sesssetup_recv(req, state, state-setup); switch (state-setup.old.level) { case RAW_SESSSETUP_OLD: state-io-out.vuid = state-setup.old.out.vuid; + if (NT_STATUS_EQUAL(c-status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state-io-in.credentials)) { + nt_status = session_setup_old(c, session, + state-io, + state-req); + if (NT_STATUS_IS_OK(nt_status)) { + c-status = nt_status; + state-req-async.fn = request_handler; + state-req-async.private = c; + return; + } + } + } break; case RAW_SESSSETUP_NT1: state-io-out.vuid = state-setup.nt1.out.vuid; + if (NT_STATUS_EQUAL(c-status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state-io-in.credentials)) { + nt_status = session_setup_nt1(c, session, + state-io, + state-req); + if (NT_STATUS_IS_OK(nt_status)) { + c-status = nt_status; + state-req-async.fn = request_handler; + state-req-async.private = c; + return; + } + } + } break; case RAW_SESSSETUP_SPNEGO: session-vuid = state-io-out.vuid = state-setup.spnego.out.vuid; + if (NT_STATUS_EQUAL(c-status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state-io-in.credentials))
svn commit: samba r15416 - in branches/SAMBA_4_0/source/libcli/smb_composite: .
Author: abartlet Date: 2006-05-03 14:59:55 + (Wed, 03 May 2006) New Revision: 15416 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15416 Log: Point out that this doesn't work, but for servers this old, I just don't care... Andrew Bartlett Modified: branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c Changeset: Modified: branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c === --- branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c 2006-05-03 14:54:57 UTC (rev 15415) +++ branches/SAMBA_4_0/source/libcli/smb_composite/sesssetup.c 2006-05-03 14:59:55 UTC (rev 15416) @@ -77,6 +77,8 @@ switch (state-setup.old.level) { case RAW_SESSSETUP_OLD: state-io-out.vuid = state-setup.old.out.vuid; + /* This doesn't work, as this only happens on old +* protocols, where this comparison won't match. */ if (NT_STATUS_EQUAL(c-status, NT_STATUS_LOGON_FAILURE)) { if (cli_credentials_wrong_password(state-io-in.credentials)) { nt_status = session_setup_old(c, session,
svn commit: samba r15417 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch
Author: gd Date: 2006-05-03 15:19:31 + (Wed, 03 May 2006) New Revision: 15417 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15417 Log: Don't use cached credentials when changing passwords. Guenther Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c trunk/source/nsswitch/pam_winbind.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c === --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-05-03 14:59:55 UTC (rev 15416) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2006-05-03 15:19:31 UTC (rev 15417) @@ -242,8 +242,9 @@ /* Copy reply data from socket */ if (response-result != WINBINDD_OK) { if (response-data.auth.pam_error != PAM_SUCCESS) { - _pam_log(LOG_ERR, request failed: %s, PAM error was %d, NT error was %s, + _pam_log(LOG_ERR, request failed: %s, PAM error was %s (%d), NT error was %s, response-data.auth.error_string, +pam_strerror(pamh, response-data.auth.pam_error), response-data.auth.pam_error, response-data.auth.nt_status_string); return response-data.auth.pam_error; @@ -1150,6 +1151,9 @@ _pam_log_debug(ctrl, LOG_DEBUG,pam_winbind: pam_sm_chauthtok); + /* clearing offline bit for the auth in the password change */ + ctrl = ~WINBIND_CACHED_LOGIN; + /* * First get the name of a user */ Modified: trunk/source/nsswitch/pam_winbind.c === --- trunk/source/nsswitch/pam_winbind.c 2006-05-03 14:59:55 UTC (rev 15416) +++ trunk/source/nsswitch/pam_winbind.c 2006-05-03 15:19:31 UTC (rev 15417) @@ -242,8 +242,9 @@ /* Copy reply data from socket */ if (response-result != WINBINDD_OK) { if (response-data.auth.pam_error != PAM_SUCCESS) { - _pam_log(LOG_ERR, request failed: %s, PAM error was %d, NT error was %s, + _pam_log(LOG_ERR, request failed: %s, PAM error was %s (%d), NT error was %s, response-data.auth.error_string, +pam_strerror(pamh, response-data.auth.pam_error), response-data.auth.pam_error, response-data.auth.nt_status_string); return response-data.auth.pam_error; @@ -1150,6 +1151,9 @@ _pam_log_debug(ctrl, LOG_DEBUG,pam_winbind: pam_sm_chauthtok); + /* clearing offline bit for the auth in the password change */ + ctrl = ~WINBIND_CACHED_LOGIN; + /* * First get the name of a user */
svn commit: samba-web r980 - in trunk: projects style
Author: deryck Date: 2006-05-03 15:50:34 + (Wed, 03 May 2006) New Revision: 980 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=980 Log: Reformatting the SoC '06 page for readability. deryck Modified: trunk/projects/summercode06.html trunk/style/common.css Changeset: Modified: trunk/projects/summercode06.html === --- trunk/projects/summercode06.html2006-05-03 12:45:07 UTC (rev 979) +++ trunk/projects/summercode06.html2006-05-03 15:50:34 UTC (rev 980) @@ -7,22 +7,23 @@ div class=request style=margin:0 0 35px 0 pThe following is an outline of potential projects for those interested in working on Samba through a href=http://code.google.com/soc/;Google's -Summer of Code/a program. This is just a holding area for project ideas. -The projects listed here may be updated as developers refine a project's -outline. Questions about Samba's participation in the program or for clarifications -about a project idea, scope or design should be mailed to +Summer of Code/a program.Questions about Samba's participation in +the program or about a project idea, scope, or design should be mailed to a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a. -Note that you are not limited to the project ideas listed here. Please email us if you -have a new idea you would like to discuss./p +Note that you are not limited to the project ideas listed here. Please email +us if you have a new idea you would like to discuss./p pIf you are considering applying to SoC 2006, please make sure to read the a href=http://code.google.com/soc/studentfaq.html;Student FAQ/a. Pay close attention to a href=http://code.google.com/soc/studentfaq.html#24;Question 24/a as the review process for Samba applications will be stricter this year. -It is very important that convince us that you will be in fact able to the -work on the project you are proposing and that you understand the scope of the -problem./p +It is very important you convince us that:/p +ol class=tight + liyou will, in fact, be able to do the work you are proposing/li + liyou understand the scope of the problem/li +/ol + pUpdate (1 May): The a href=http://code.google.com/soc/student_step1.html;student application form/a is now open for submissions at Google./p @@ -206,4 +207,10 @@ and should at least allow modification of similar properties to MMC./p + div class=request +pThis is just a holding area for project ideas. The projects +listed here may be updated as developers refine a project's +outline./p + /div + !--#include virtual=/samba/footer.html -- Modified: trunk/style/common.css === --- trunk/style/common.css 2006-05-03 12:45:07 UTC (rev 979) +++ trunk/style/common.css 2006-05-03 15:50:34 UTC (rev 980) @@ -78,6 +78,9 @@ ol li { margin-bottom:12px; } +ol.tight li { + margin-bottom:0; +} /* Tables
svn commit: samba r15418 - in trunk/source/locking: .
Author: jra Date: 2006-05-03 16:06:56 + (Wed, 03 May 2006) New Revision: 15418 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15418 Log: Never write the same function twice :-). In a traversal function we must copy the data before modifying. Jeremy. Modified: trunk/source/locking/brlock.c Changeset: Modified: trunk/source/locking/brlock.c === --- trunk/source/locking/brlock.c 2006-05-03 15:19:31 UTC (rev 15417) +++ trunk/source/locking/brlock.c 2006-05-03 16:06:56 UTC (rev 15418) @@ -1261,28 +1261,16 @@ } / - Traverse the whole database with this function, calling traverse_callback - on each lock. + Ensure this set of lock entries is valid. / -static int traverse_fn(TDB_CONTEXT *ttdb, TDB_DATA kbuf, TDB_DATA dbuf, void *state) +static BOOL validate_lock_entries(unsigned int *pnum_entries, struct lock_struct **pplocks) { - struct lock_struct *locks; - struct lock_key *key; unsigned int i; - unsigned int num_locks = 0; unsigned int num_valid_entries = 0; + struct lock_struct *locks = *pplocks; - BRLOCK_FN(traverse_callback) = (BRLOCK_FN_CAST())state; - - locks = (struct lock_struct *)dbuf.dptr; - key = (struct lock_key *)kbuf.dptr; - - num_locks = dbuf.dsize/sizeof(*locks); - - /* Ensure the lock db is clean of invalid processes. */ - - for (i = 0; i num_locks; i++) { + for (i = 0; i *pnum_entries; i++) { struct lock_struct *lock_data = locks[i]; if (!process_exists(lock_data-context.pid)) { /* This process no longer exists - mark this @@ -1293,17 +1281,18 @@ } } - if (num_valid_entries != num_locks) { + if (num_valid_entries != *pnum_entries) { struct lock_struct *new_lock_data = NULL; if (num_valid_entries) { new_lock_data = SMB_MALLOC_ARRAY(struct lock_struct, num_valid_entries); if (!new_lock_data) { DEBUG(3, (malloc fail\n)); - return 0; + return False; } + num_valid_entries = 0; - for (i = 0; i num_locks; i++) { + for (i = 0; i *pnum_entries; i++) { struct lock_struct *lock_data = locks[i]; if (lock_data-context.smbpid lock_data-context.tid) { @@ -1314,10 +1303,52 @@ } } } - SAFE_FREE(dbuf.dptr); - dbuf.dptr = (void *)new_lock_data; - dbuf.dsize = (num_valid_entries) * sizeof(*locks); + SAFE_FREE(*pplocks); + *pplocks = new_lock_data; + *pnum_entries = num_valid_entries; + } + + return True; +} + +/ + Traverse the whole database with this function, calling traverse_callback + on each lock. +/ + +static int traverse_fn(TDB_CONTEXT *ttdb, TDB_DATA kbuf, TDB_DATA dbuf, void *state) +{ + struct lock_struct *locks; + struct lock_key *key; + unsigned int i; + unsigned int num_locks = 0; + unsigned int orig_num_locks = 0; + + BRLOCK_FN(traverse_callback) = (BRLOCK_FN_CAST())state; + + /* In a traverse function we must make a copy of + dbuf before modifying it. */ + + locks = (struct lock_struct *)memdup(dbuf.dptr, dbuf.dsize); + if (!locks) { + return -1; /* Terminate traversal. */ + } + + key = (struct lock_key *)kbuf.dptr; + orig_num_locks = num_locks = dbuf.dsize/sizeof(*locks); + + /* Ensure the lock db is clean of entries from invalid processes. */ + + if (!validate_lock_entries(num_locks, locks)) { + SAFE_FREE(locks); + return -1; /* Terminate traversal */ + } + + if (orig_num_locks != num_locks) { + dbuf.dptr = (void *)locks; + dbuf.dsize = num_locks * sizeof(*locks); + if (dbuf.dsize) { tdb_store(ttdb, kbuf, dbuf, TDB_REPLACE); } else { @@ -1325,7 +1356,7 @@ } } - for (i=0;idbuf.dsize/sizeof(*locks);i++) { + for ( i=0; inum_locks; i++) { traverse_callback(key-device, key-inode, locks[i].context.pid, @@ -1334,6
svn commit: samba r15420 - in branches/SAMBA_4_0/source: auth/credentials lib/cmdline
Author: abartlet Date: 2006-05-03 20:23:19 + (Wed, 03 May 2006) New Revision: 15420 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15420 Log: Add a new function to print a the 'unparsed' string format for usernames. This is used in the password prompt, and should be reversable by the parse string function. Also, don't look at the ccache, even for the guess code, if kerberos is disabled. Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c branches/SAMBA_4_0/source/lib/cmdline/credentials.c Changeset: Modified: branches/SAMBA_4_0/source/auth/credentials/credentials.c === --- branches/SAMBA_4_0/source/auth/credentials/credentials.c2006-05-03 16:07:21 UTC (rev 15419) +++ branches/SAMBA_4_0/source/auth/credentials/credentials.c2006-05-03 20:23:19 UTC (rev 15420) @@ -514,6 +514,38 @@ } /** + * Given a string, typically obtained from a -U argument, parse it into domain, username, realm and password fields + * + * The format accepted is [domain\\]user[%password] or [EMAIL PROTECTED] + * + * @param credentials Credentials structure on which to set the password + * @param data the string containing the username, password etc + * @param obtained This enum describes how 'specified' this password is + */ + +const char *cli_credentials_get_unparsed_name(struct cli_credentials *credentials, TALLOC_CTX *mem_ctx) +{ + const char *bind_dn = cli_credentials_get_bind_dn(credentials); + const char *domain; + const char *username; + const char *name; + + if (bind_dn) { + name = talloc_reference(mem_ctx, bind_dn); + } else { + cli_credentials_get_ntlm_username_domain(credentials, mem_ctx, username, domain); + if (domain domain[0]) { + name = talloc_asprintf(mem_ctx, %s\\%s, + domain, username); + } else { + name = talloc_asprintf(mem_ctx, %s, + username); + } + } + return name; +} + +/** * Specifies default values for domain, workstation and realm * from the smb.conf configuration file * @@ -565,8 +597,10 @@ if (getenv(PASSWD_FILE)) { cli_credentials_parse_password_file(cred, getenv(PASSWD_FILE), CRED_GUESS_FILE); } - - cli_credentials_set_ccache(cred, NULL, CRED_GUESS_FILE); + + if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) { + cli_credentials_set_ccache(cred, NULL, CRED_GUESS_FILE); + } } /** @@ -646,7 +680,7 @@ * Mark the current password for a credentials struct as wrong. This will * cause the password to be prompted again (if a callback is set). * - * This will decremebt the number of times the password can be tried. + * This will decrement the number of times the password can be tried. * * @retval whether the credentials struct is finished */ Modified: branches/SAMBA_4_0/source/lib/cmdline/credentials.c === --- branches/SAMBA_4_0/source/lib/cmdline/credentials.c 2006-05-03 16:07:21 UTC (rev 15419) +++ branches/SAMBA_4_0/source/lib/cmdline/credentials.c 2006-05-03 20:23:19 UTC (rev 15420) @@ -24,28 +24,15 @@ static const char *cmdline_get_userpassword(struct cli_credentials *credentials) { - char *prompt; char *ret; - const char *domain; - const char *username; TALLOC_CTX *mem_ctx = talloc_new(NULL); - const char *bind_dn = cli_credentials_get_bind_dn(credentials); - - if (bind_dn) { - prompt = talloc_asprintf(mem_ctx, Password for [%s]:, -bind_dn); - } else { - cli_credentials_get_ntlm_username_domain(credentials, mem_ctx, username, domain); - if (domain domain[0]) { - prompt = talloc_asprintf(mem_ctx, Password for [%s\\%s]:, -domain, username); - } else { - prompt = talloc_asprintf(mem_ctx, Password for [%s]:, -username); - } - } + const char *prompt_name = cli_credentials_get_unparsed_name(credentials, mem_ctx); + const char *prompt; + prompt = talloc_asprintf(mem_ctx, Password for [%s]:, +prompt_name); + ret = getpass(prompt); talloc_free(mem_ctx);
svn commit: samba r15424 - branches/SAMBA_3_0/source branches/SAMBA_3_0/source/utils trunk/source trunk/source/utils
Author: jpeach Date: 2006-05-04 00:35:05 + (Thu, 04 May 2006) New Revision: 15424 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15424 Log: Implement a stacktrace smbcontrol option using libunwind's remote stack tracing support. This provides an easy way for users to provide stack traces (hopefully it will be implemented on something other than ia64). Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/configure.in branches/SAMBA_3_0/source/utils/smbcontrol.c trunk/source/Makefile.in trunk/source/configure.in trunk/source/utils/smbcontrol.c Changeset: Sorry, the patch is too large (611 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15424
svn commit: samba r15425 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch
Author: jpeach Date: 2006-05-04 00:45:31 + (Thu, 04 May 2006) New Revision: 15425 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15425 Log: Use dynamic buffers in the IRIX nsswithch module to prevent truncation of long group lists. Modified: branches/SAMBA_3_0/source/nsswitch/winbind_nss_irix.c trunk/source/nsswitch/winbind_nss_irix.c Changeset: Sorry, the patch is too large (701 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=15425