Re: [Samba] change in AD authentication behaviour since 3.0.24
On Wed, 20 Feb 2008, Robert Cohen wrote: Ok, I thought winbind was only relevant if you were using AD as a NSS (name service source). We have all the users in the name service from LDAP or NIS+. We're only getting the passwords from AD. I guess this could be an unusual combination and could be whats causing our problems... Probably unusual. I do that too, running ldap/krb5 for NSS and samba server. Setting ACLs from the client doesn't work unless winbind is running, as the server needs to map SIDs to UIDs. jh -- Clothes make the man. Naked people have little or no influence on society. -- Mark Twain -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] sambaPwdMustChange attribute didn't get updated (3.0.27a)
Hi there, i got into some trouble after updating my samba installation to 3.0.27a. My installation uses Samba-3.0.27a,OpenLDAP-2.2.13,smbldap-tools-0.9.2 as a PDC NT4-domain.Originally I used the installation-guide from smbldap-tools and everything worked fine. I also limited the access to LDAP as told in the installation-guide with no problems. After updating to 3.0.27a i realized that when using the usrmgr.exe, the password preferences in policies - accounts didn't got saved - only the password-length option got saved. After doing some research, i managed to solve this by adding the following LDAP attributes to the access rules in slapd.conf: sambaMinPwdLength sambaPwdHistoryLength sambaLogonToChgPwd sambaMaxPwdAge sambaMinPwdAge sambaLockoutDuration sambaLockoutObservationWindow sambaLockoutThreshold sambaForceLogoff sambaRefuseMachinePwdChange But one problem still exists: If Windows-users change their password via the normal Windows dialog, the password got changed in LDAP , also the sambaLastChange attribute got updated , BUT sambaPwdCanChange and sambaPwdMustChange attributes didn't update and so all the Maximum Password Age stuff, including remind users of their password expiration and force user to change their password if expire didn't work anymore. I can't find any other maybe access right problems within ldap, so why the sambaPwdMustChange Attribute didn't update ?? The problem also exist when adding a new user. After the user change his password at first login, the sambaPwdMustChange Attribute didn't update. slapd.conf digest -- access to attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChange by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=nssldap,ou=DSA,dc=bel-gmbh,dc=lan write by self write by anonymous auth by * none access to attrs=objectClass,entry,homeDirectory,uid,uidNumber,gidNumber,memberUid by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by * read access to attrs=description,telephoneNumber,roomNumber,homePhone,loginShell,gecos,cn,sn,givenname by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by self write by * read access to attrs=cn,sambaLMPassword,sambaNTPassword,sambaPwdLastSet,sambaLogonTime,sambaLogoffTime,sambaKickoffTime, sambaPwdCanChange,sambaPwdMustChange,sambaAcctFlags,displayName,sambaHomePath,sambaHomeDrive,sambaLogonScript, sambaProfilePath,description,sambaUserWorkstations,sambaPrimaryGroupSID,sambaDomainName,sambaMungedDial, sambaBadPasswordCount,sambaBadPasswordTime,sambaPasswordHistory,sambaLogonHours,sambaSID,sambaSIDList,sambaTrustFlags, sambaGroupType,sambaNextRid,sambaNextGroupRid,sambaNextUserRid,sambaAlgorithmicRidBase,sambaShareName,sambaOptionName, sambaBoolOption,sambaIntegerOption,sambaStringOption,sambaStringListoption,sambaMinPwdLength,sambaPwdHistoryLength, sambaLogonToChgPwd,sambaMaxPwdAge,sambaMinPwdAge,sambaLockoutDuration,sambaLockoutObservationWindow,sambaLockoutThreshold, sambaForceLogoff,sambaRefuseMachinePwdChange by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by self read by * none access to dn.base=dc=bel-gmbh,dc=lan by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by * none access to dn=ou=Users,dc=bel-gmbh,dc=lan by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by * none access to dn=ou=Groups,dc=bel-gmbh,dc=lan by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by * none access to dn=ou=Computers,dc=bel-gmbh,dc=lan by dn=cn=samba,ou=DSA,dc=bel-gmbh,dc=lan write by dn=cn=smbldap-tools,ou=DSA,dc=bel-gmbh,dc=lan write by * none access to * by self read by * read -- Thanks in advance for all hints and suggestions.. Bye, Markus Kahle -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining Domain Problem only with XP SP2
On Sunday 17 February 2008, Rune Tønnesen wrote: Robert skrev: On Saturday 16 February 2008, Doug VanLeuven wrote: Robert wrote: I've having trouble getting XP SP2's to join a domain. Whenever I try to join, at the point I'm asked for a user name and password with permission to join the domain, I enter root and root's password, then get the dreaded Unknown user or bad password error message. The clients are a mixed bunch with some 98's, 1 Win2K, a few XP SP1 (I know, I know!, but it's not a priority to management who has me fighting other fires), and the rest being XP SP2. I *ONLY* get the error with XP SP2. The Win2K and SP1 all join no problem, so it shouldn't be a problem with the Samba PDC or the config file else none should be joining. The 98's aren't a problem of course. In fact, for reasons I can't figure out, 2 of the SP2's joined too. What is stopping the SP2's from joining? I've tried creating the machine accounts by hand, but that had no effect. I cranked up the logging and it looks to me like root authenticates correctly, but I still get the error. Background: The original Samba PDC machine was getting old so management decided to trash it. I was tasked with putting together a replacement machine. I am using Kubuntu 7.10 (Gutsy) with Samba 3.0.26a. I disconnected the client machines from the domain (switched them to workgroup), then tried to reconnect with the new server online. The old server is physically gone. As I stated, only the XP SP2's are not joining. I'm including my smb.conf, but considering the XP SP1's and the one Win2K (which is actually running as a virtual machine with XP SP2 as a host OS; this XP SP2 won't join) all join, the config file should be correct, and I have a root user in my smbpassword file, and I'm typing the password correctly. Therefore it has to be something to do with the SP2's. Possibly some registry setting??? Right now the XP SP2's are running as workgroup computers. Yes, the old domain and new domain name are the same, but I've already tried changing the new name to something different then joining but with no luck. #=== Global Settings = [global] debug level = 2 workgroup = hap netbios name = linuxII hosts allow = 192.168.1. 127. printcap name = cups load printers = yes printing = cups guest account = pcguest log file = /var/log/samba/log.%m max log size = 50 security = user encrypt passwords = true passdb backend = tdbsam unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n*passwd:*all*authentication*tokens*updated*successfully* username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.1.8/32 127.0.0.1/32 bind interfaces only = true local master = yes os level = 34 domain master = yes preferred master = yes domain logons = yes logon script = home.bat logon path = \\%L\profiles\%U logon home = \\%L\%U logon drive = H: name resolve order = wins lmhosts bcast wins support = yes wins proxy = yes hide dot files = yes deadtime = 15 disable spoolss = yes show add printer wizard = no add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false %u time server = yes # Share Definitions = [homes] comment = Home Directory browseable = no writable = yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Net Logon Service path = /home/netlogon guest ok = yes writable = no #...Lots more shares...snip #=end config file= Since it's just XP SP2, you might want to look at the XP firewall settings that were added by default during the SP2 update. Get there Control Panel/Windows Firewall. In there is file and printer sharing blocking on by default for notebooks and computers directly on the internet. Maybe you already looked at this. Nothing else stands out. Regards, Doug It's a good thought. I'll check it, but I don't think that's the problem. As I said, the XP SP2's are functioning as workgroup computers for now, so the users can access their home shares just fine. Unless I'm badly mistaken, file and printer sharing blocking, if on, should block this too. Hi Robert I've think i found the solution to your problem. what is the name of the workgroup, it's not in your smb.conf? Since the SP2 pc's are in a workgroup with the same name as your domainname they need to be taken out of the that particular workgroup before you can join them to your domain. To join them to your domain do as follows: 1. Make a workstation member of a workgroup with a name differet to your
[Samba] Groupmapping Samba-AD
Hi everyone, I tried to map a group from my AD to my local unixgroup. To get groups in samba I create one groupmap like this: $ net groupmap add ntgroup=H+BEDV unixgroup=hbedv Now I want to map my H+BEDV group from AD to the same unixgroup. $ net groupmap add sid=S-1-5-21-1024011789-1237596223-2747892489-1534 unixgroup=hbedv type=domain But it don't works 'cause there is already an entry for the unixgroup. What should I do to map my samba H+BEDV group to my AD H+BEDV group? The background is we want to migrate and we want to do it step by step. So we have some clients in the samba domain an some in the ad domain. I hope you understand what I want to do. Best regards, Bernd Bednarz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: cifs verses smbfs for Linux clients
On Wed, Feb 20, 2008 at 12:56:00AM -0800, Steve Langasek wrote: Is this a problem practically, or is it a matter of the Samba Team's licensing policy? As this is a stand-alone shell script, I wouldn't expect there to be any license compatibility issues; but if it's a requirement that even shell scripts be GPLv3 to ship with Samba, I'll concede GPLv2 or greater. Well, it's not a strict requirement. But we would like it to be as consistent as possible. What do others think? Can we replace smbmount with such a wrapper for 3.2? Jeremy? Jerry? Volker pgpzP0hdLzCs3.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with samba+openldap with regard changing passwords from windows
Edmundo Valle Neto wrote: Alan Goodman escreveu: Edmundo Valle Neto wrote: Alan Goodman escreveu: I have implemented samba with LDAP backend, domain logins and roaming profiles and everything is great - except for one thing. Noone can change their passwords from windows - trying to change your password results in windows telling you your not allowed to do that! I did smbldap-show alan and among other information the line: sambaPwdCanChange: 0 appeared. From my understanding if I do smbldap-usermod -A0 -B0 alan that line should then be changed to have a value of 1 allowing users to change passwords from their windows logins, however running the above command does not appear to be changing these values at all and thus im left with manually smbldap-passwd user to change each persons passwords (which does work) If someone could let me know which logs you require and how to obtain them I would be happy to post them up here. OS = CentOS 5.1 Alan Post your smb.conf. Edmundo Valle Neto http://pastebin.com/f5fba0114 Alan netbios name = MARANATHACENTRA Netbios names can have a maximum of 12 characters, it will probably be truncated. (but this isnt related to your problem) You only need password options if you want that unix passwords stay in sync. Then, you only need ldap passwd sync = Yes. Its commented out, you already tried it? What happens? These three options together works too. unix password sync = Yes passwd program = /usr/local/sbin/smbldap-passwd -u %u passwd chat = Changing password for*\nNew password* %n\n *Retype new password* %n\n Theres a double quote that isn't needed at the end (its not opening nor closing any string), the old smbldap-tools documentation shows that way (wrong), I dont have sure if it is really a problem. If it doesn't work as you said that it works at command line, include a piece of log using level 3 when a client try to change its password. Regards. Edmundo Valle Neto Besides that, the configuration is right. /usr/local/sbin/smbldap-passwd -u anyuser works when executed from the command line? What samba version you use, you compile your own packages? Here you go... http://pastebin.com/f61c911dd - logs In answer to your questions... Yeah that command works as root on the CLI Samba version is 3.0.25b-1.el5_1.4 No I used the RPM's OpenLDAP version... slapd -V @(#) $OpenLDAP: slapd 2.3.27 (Nov 10 2007 09:24:08) $ [EMAIL PROTECTED]:/builddir/build/BUILD/openldap-2.3.27/openldap-2.3.27/build-servers/servers/slapd Many thanks for your help. It is much appreciated. Alan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba crashing word and excell?
On Tue, Feb 05, 2008 at 05:31:42PM +, Benedict White wrote: I am having some trouble with Samba. It was working fine on an old server with 3.0.21. Now I have updated to 3.0.28 (via 3.0.25) and a bigger fatter faster server. There are two problems. Firstly the new server seems slower than the old one, and some users are experiencing intermittent data loss via MS apps such as Word or Excell crashing. The system runs on Arch Linux, with a slightly modified package to include winbind. socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8576 SO_SNDBUF=8576 On Tue, Feb 05, 2008 at 09:53PM, Jeremy Allison wrote: Remove the socket options line. It always amazes me that people think they can outguess the kernel for resource allocation. socket options hails from a time long long ago, when TCP was not so well tuned. Jeremy. Mr. White mentioned 2 problems: sys_acl_set_file type file failed smb_set_file_dosmode: file_set_dosmode ... (Operation not permitted) Is this 'socket options' is related to both problems? I`m having the `smb_set_file_dosmode` error too. From log.smbd: [2008/02/19 10:33:09, 2] smbd/trans2.c:smb_set_file_dosmode(4151) smb_set_file_dosmode: file_set_dosmode of space/server/space/wcs/RCS/w_reset_date.c,v failed (Operation not permitted) [2008/02/19 10:33:09, 3] smbd/error.c:error_packet_set(106) error packet at smbd/trans2.c(6048) cmd=50 (SMBtrans2) NT_STATUS_ACCESS_DENIED This problem occurred after updating to 3.0.26a. Regards, Tamas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba doesn't accept groups?
Hi you all! this is my strange problem of the day! I use Debian stable, linux 2.6.18-5-686, samba Version 3.0.24. Here's my smb.conf [global] workgroup = NO1KNOWS realm = NO1KNOWS bios name = PBT server string = Rob's Samba dns proxy = no os level = 64 log file = /var/log/samba/log.%m max log size = 50 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes invalid users = root unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX spassword:* %n\n . password server = 127.0.0.1 ; pam password change = no socket options = TCP_NODELAY SO_SNDBUF=8192 local master = yes domain master =yes preferred master = yes domain logons = yes hosts allow = 127.0.0.1 192.168.3.2/32 192.168.3.3/32 192.168.3.4/32 192.168.3.9/32 192.168.3.22/32 192.168.3.93/32 192.168.2.93/3\ 2 logon path = \\%L\profiles\%u\%m logon script = logon.bat logon drive = H: logon home = \\%L\%u\.win_profile\%m time server = yes logon home = \\%L\%U\.profile add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false %u [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon read only = yes write list = @admin guest ok = no writable = no share modes = no browsable = no [homes] comment = Home Directories read only = no browseable = no writable = yes create mask = 0600 directory mask = 0700 guest ok = no map archive = yes [Tutto] path = /tutto writable = yes create mask = 0750 directory mask = 0750 browseable = yes read only = no guest ok = no [Condivisa] path = /condivisa writable = yes create mask = 0777 directory mask = 0777 browseable = yes read only = no guest ok = no [EMAIL PROTECTED]:~$ smbmount //pbt3/Condivisa /home/rob/Condivisa -o username=rob,password=ZZ,uid=rob,gid=ufficio [EMAIL PROTECTED]:~$ but this is what i get: pbt:~# smbstatus WARNING: The printer admin option is deprecated Samba version 3.0.24 PID Username Group Machine --- 20761 rob rob 192.168.3.93 (192.168.3.93) Service pid machine Connected at --- Tutto20761 192.168.3.93 Wed Feb 20 12:18:10 2008 Condivisa20761 192.168.3.93 Wed Feb 20 12:17:58 2008 No locked files pbt:~# It seems it doesn't accept GID. any help? tnx in adv. signature.asc Description: Questa è una parte del messaggio firmata digitalmente -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] change in AD authentication behaviour since 3.0.24
On 2/19/2008, Robert Cohen ([EMAIL PROTECTED]) wrote: I'm not sure whether its the same problem as us. BTW I should mention that we're simply not using winbind. The behaviour I'm talking about is when an XP client machine attempts to connect to our server to get a network share. So winbind doesn't enter into the equation. From the 3.0.25 release notes (3rd paragraph is most relevant to you): Member servers, domain accounts, and smb.conf = Since Samba 3.0.8, it has been recommended that all domain accounts listed in smb.conf on a member server be fully qualified with the domain name. This is now a requirement. All unqualified names are assumed to be local to the Unix host, either as part of the server's local passdb or in the local system list of accounts (e.g. /etc/passwd or /etc/group). The reason for this change is that smbd has transitioned from access checks based on string comparisons to token based authorization. All names are resolved to a SID and then verified against the logged on user's NT user token. Local names will resolve to a local SID, while qualified domain names will resolve to the appropriate domain SID. If the member server is not running winbindd at all, domain accounts will be implicitly mapped to local accounts and their tokens will be modified appropriately to reflect the local SID and group membership. For example, the following share will restrict access to the domain group Linux Admins and the local group srvadmin. [restricted] path = /data valid users = +DOMAIN\Linux Admins +srvadmin -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] using MD5 to cipher password
Hi everybody, When I create a new user with smbpasswd -a, can I encrypt the password with MD5 protocol instead of NTLM protocol? What I Would do is to insert into the smbpasswd file a new user with its password encrypted by MD5. Thanks Best regards Tiscali Voce 8 Mega: Telefono+Adsl SENZA LIMITI a 4,95 Euro al mese! http://abbonati.tiscali.it/promo/mail_ol200208/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: cifs verses smbfs for Linux clients
On Wed, 2008-02-20 at 11:54 +0100, Volker Lendecke wrote: On Wed, Feb 20, 2008 at 12:56:00AM -0800, Steve Langasek wrote: Is this a problem practically, or is it a matter of the Samba Team's licensing policy? As this is a stand-alone shell script, I wouldn't expect there to be any license compatibility issues; but if it's a requirement that even shell scripts be GPLv3 to ship with Samba, I'll concede GPLv2 or greater. Well, it's not a strict requirement. But we would like it to be as consistent as possible. What do others think? Can we replace smbmount with such a wrapper for 3.2? Jeremy? Jerry? Uhmm I think wrappers like this should be distribution specific, maybe we can put it in the examples ? Simo. -- Simo Sorce Samba Team GPL Compliance Officer [EMAIL PROTECTED] Senior Software Engineer at Red Hat Inc. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem connecting to Samba server
Hi, Well, thanks for reading, would appreciate *ANY* help! Here goes... [2008/02/19 18:05:51, 0] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/smbd/server.c:main(944) smbd version 3.0.25b started. Copyright Andrew Tridgell and the Samba Team 1992-2007 [2008/02/19 18:05:51, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/param/loadparm.c:do_section(3780) Processing section [homes] [2008/02/19 18:05:51, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/param/loadparm.c:do_section(3780) Processing section [netlogon] [2008/02/19 18:05:51, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/param/loadparm.c:do_section(3780) Processing section [printers] [2008/02/19 18:05:51, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/param/loadparm.c:do_section(3780) Processing section [tmp] [2008/02/19 18:05:51, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/param/loadparm.c:do_section(3780) Processing section [profiles] [2008/02/19 18:05:51, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/param/loadparm.c:do_section(3780) Processing section [public] [2008/02/19 18:05:51, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/param/loadparm.c:lp_add_ipc(2701) adding IPC service [2008/02/19 18:05:51, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/printing/pcap.c:pcap_cache_reload(117) reloading printcap cache [2008/02/19 18:05:51, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/printing/pcap.c:pcap_cache_reload(223) reload status: ok [2008/02/19 18:05:51, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/printing/pcap.c:pcap_cache_reload(117) reloading printcap cache [2008/02/19 18:05:51, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/printing/pcap.c:pcap_cache_reload(223) reload status: ok [2008/02/19 18:05:56, 0] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd.c:main(697) Netbios nameserver version 3.0.25b started. Copyright Andrew Tridgell and the Samba Team 1992-2007 [2008/02/19 18:05:56, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd.c:reload_nmbd_services(261) services not loaded [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd.c:main(721) Becoming a daemon. [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/lib/tallocmsg.c:register_msg_pool_usage(105) Registered MSG_REQ_POOL_USAGE [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/lib/dmallocmsg.c:register_dmalloc_msgs(75) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2008/02/19 18:05:56, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd.c:main(759) Opening sockets 137 [2008/02/19 18:05:56, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd.c:open_sockets(615) open_sockets: Broadcast sockets opened. [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/lib/interface.c:add_interface(81) added interface ip=10.0.0.1 bcast=10.255.255.255 nmask=255.0.0.0 [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd_subnetdb.c:make_subnet(144) making subnet name:10.0.0.1 Broadcast address:10.255.255.255 Subnet mask:255.0.0.0 [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd_subnetdb.c:make_subnet(144) making subnet name:UNICAST_SUBNET Broadcast address:10.0.0.1 Subnet mask:10.0.0.1 [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd_subnetdb.c:make_subnet(144) making subnet name:REMOTE_BROADCAST_SUBNET Broadcast address:0.0.0.0 Subnet mask:0.0.0.0 [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd_subnetdb.c:make_subnet(144) making subnet name:WINS_SERVER_SUBNET Broadcast address:0.0.0.0 Subnet mask:0.0.0.0 [2008/02/19 18:05:56, 2] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd_lmhosts.c:load_lmhosts_file(41) load_lmhosts_file: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory [2008/02/19 18:05:56, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd.c:main(778) Loaded hosts file /etc/samba/lmhosts [2008/02/19 18:05:56, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd_namelistdb.c:add_name_to_subnet(247) add_name_to_subnet: Added netbios name *00 with first IP 10.0.0.1 ttl=0 nb_flags=60 to subnet WINS_SERVER_SUBNET [2008/02/19 18:05:56, 3] /usr/obj/ports/samba-3.0.25b-cups-ldap/samba-3.0.25b/source/nmbd/nmbd_namelistdb.c:add_name_to_subnet(247) add_name_to_subnet: Added netbios name *20 with first IP 10.0.0.1 ttl=0 nb_flags=60 to subnet WINS_SERVER_SUBNET [2008/02/19 18:05:56, 3]
Re: [Samba] Problem with samba+openldap with regard changing passwords from windows
(...) Here you go... http://pastebin.com/f61c911dd - logs In answer to your questions... Yeah that command works as root on the CLI Samba version is 3.0.25b-1.el5_1.4 No I used the RPM's OpenLDAP version... slapd -V @(#) $OpenLDAP: slapd 2.3.27 (Nov 10 2007 09:24:08) $ [EMAIL PROTECTED]:/builddir/build/BUILD/openldap-2.3.27/openldap-2.3.27/build-servers/servers/slapd Many thanks for your help. It is much appreciated. Alan ... [2008/02/20 10:06:11, 3] smbd/chgpasswd.c:chat_with_program(430) chat_with_program: Dochild for user alan (uid=0,gid=0) (as_root = Yes) [2008/02/20 10:06:14, 2] smbd/chgpasswd.c:expect(285) expect: Success [2008/02/20 10:06:14, 3] smbd/chgpasswd.c:talktochild(316) Response 1 incorrect ... Your log is showing that something is going wrong when chating with the passwd program. 1. Asking again, have you tried to use only ldap passwd sync = yes and unix password sync = no? This way the password program is not used. 2. Enable password chat debug passwd chat debug = yes and raise the log level to 100 in the related debug class, log level = 3 smb:100. It will print even your passwords used in the chat. You can raise the log level to a specific machine if you have other useless traffic together: http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/bugreport.html Or the error is there or you have a samba version with a broken password chat processing (I dont know CentOS). Regards. Edmundo Valle Neto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] understanding the ldap backend
Hi, Can someone confirm if it's necessary to have nss? I don't have nss in my configuration (I'm running OpenBSD, so it's a little different) and it's not working, I've also tried adding LDAP users to my /etc/passwd for my samba users as an experiment, but I couldn't get them to authenticate with LDAP through a shell, nor did it help Samba in any way so I removed them again. According to the logs, login_ldap (the bsd_auth module for ldap authentication) is attempting to communicate with openldap with ldapv2, which openldap doesn't support, so it appears this technique is impossible as far as I could figure out. However, it is strange that login_ldap and openldap ship together in the same version of the bsd packages collection, yet they communicate with different versions. Anyways, I need LDAP authentication for users with shell access, but luckily not on this server, they will only need to authenticate against this server, not login to the server itself via SSH or shell, only log in onto the shell on Linux workstations (which can easily be configured to authenticate with my OpenBSD openldap server using ldapv3). Anyways, this is a bit off-topic I think, but does this in any way relate to Samba? If I don't have users in my /etc/passwd file can't they log in to Samba? Btw I don't think that should break my configuration, considering that I should still be able to log in as root since root has account in both LDAP and /etc/passwd, though the problem I'm experiencing with my configuration is that I don't even get an opportunity to log in, it just bluntly throws at me The specified network name is no longer available (in most cases, though during this stage I cannot see anything being logged in Samba - maybe Windows caches the first attempt and then doesn't give Access is denied until you reboot? As usually when I reboot I get Access is denied again), though the first time it shows Access is denied, the same happens with NET VIEW, yet, I'm not given a single opportunity to log in, on joining a domain (attempting to) it throws the same messages at me, dcdiag.txt also isn't much help. I have also tried setting my Windows username and password to match a Samba username and password (although I don't think this should be required). Another thing, is it possible to hide a certain folder in every user's home directory from them when viewing with Samba? I've got a Maildir in each user's home directory to keep mail, but it's owned by vmail anyway (I know I should probably use virtual aliases and domains for this, but this seems to fit my scenario better), so the user can't access it, would just like them to not see it, if it's in any way possible. (Though this is not serious, since currently, my users can't even connect!) Regards Lionel - Original Message From: Adam Williams [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Wednesday, 20 February 2008 9:33:53 Subject: Re: [Samba] understanding the ldap backend [EMAIL PROTECTED] wrote: Hello List, i am trying to understand the LDAP-backend i just set up. Maybe someone can help me a little understanding the whole magic. In smb.conf i have my smbldap-tools scripts: # use the smbldap-tools scripts add user script = /usr/sbin//smbldap-useradd -m %u delete user script = /usr/sbin//smbldap-userdel %u add machine script = /usr/sbin//smbldap-useradd -w %u add group script = /usr/sbin//smbldap-groupadd -p %g delete group script = /usr/sbin//smbldap-groupdel %g add user to group script = /usr/sbin//smbldap-groupmod -m %u %g delete user from group script = /usr/sbin//smbldap-groupmod -x %u %g set primary group script = /usr/sbin//smbldap-usermod -g %g %u and some ldap specific stuff: passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=Manager,dc=example,dc=net ldap suffix = dc=example,dc=net ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users idmap backend = ldap://127.0.0.1 #ldap ssl = start tls ldap delete dn = Yes 1.) Now how does the authentification excatly work? Does samba talk directly to the ldap database and verifies user/password? 2.) I guess changing/deleting passwords/users is beeing made by the smblda-tools. 3.) How does samba get the user ids? By contacting the ldap database directl again? 4.) How does samba get he user/group of files and folders? By nss? 5.) Has samba got anything to do with nss/libnss-ldap? Thanks, Mario 1) yes 2) you can use smbldap-passwd to change a user's password if you want to set the passwd chat, unix password sync, etc. or you can just set ldap passwd sync = yes and let samba handle the password changing directly 3)yes 4) yes 5) i think so, i have nss_ldap working because my users need shell access for database/html work. i've never tried getting samba going without using nss_ldap for user auth. i
Re: [Samba] Re: cifs verses smbfs for Linux clients
On Wed, Feb 20, 2008 at 11:54:14AM +0100, Volker Lendecke wrote: On Wed, Feb 20, 2008 at 12:56:00AM -0800, Steve Langasek wrote: Is this a problem practically, or is it a matter of the Samba Team's licensing policy? As this is a stand-alone shell script, I wouldn't expect there to be any license compatibility issues; but if it's a requirement that even shell scripts be GPLv3 to ship with Samba, I'll concede GPLv2 or greater. Well, it's not a strict requirement. But we would like it to be as consistent as possible. What do others think? Can we replace smbmount with such a wrapper for 3.2? Jeremy? Jerry? I think if we're going to make such a change, 3.2 is the time to do it :-). Still ill, sorry for the slow response. Jeremy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Need help upgrading from 3.0.4 to 3.0.28
I have a FreeBSD 5.2.1 machine running Samba 3.0.4. I am going to upgrade Samba to 3.0.28. The process I would follow would be... download source configure make make install My questions are... 1. Can I make install with users connected to the samba server and using shares? 2. Can I just restart nmbd and smbd to run the new version? What happens to connected users if I restart nmbd and smbd? 2. Will I need to change anything in smb.conf? 3. Will any of the samba databases (users) get destroyed/erased/ changed? Sorry for all the questions, I'm just nervous about creating a big mess during the upgrade. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP adding workstation accounts fails (but not really???)
This is highly weird. I am trying to setup LDAP as the back for my samba test system, all is going well, except for adding workstation accounts to the server. # net rpc join -S TESTING -U root%password Creation of workstation account failed Unable to join domain IWU.EDU. Yet, if I search LDAP after the join attempt I find: dn: uid=testing$,ou=Computers,dc=iwu,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: testing$ uid: testing$ uidNumber: 1001 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer My LDAP logs show it is searching ou=People rather than ou=Computers to see if it was added successfully. What must I do to make it search ou=Computers? testparm reports the following in my smb.conf global section and reports no errors. [global] workgroup = TESTING netbios name = TESTING server string = %h server security = DOMAIN passdb backend = ldapsam:ldap://localhost log level = 2 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 load printers = No add machine script = smbldap-useradd -w -s /bin/false %u domain logons = Yes preferred master = Yes domain master = Yes dns proxy = No ldap admin dn = cn=admin ldap group suffix = ou=Group ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = dc=iwu,dc=edu ldap ssl = no ldap user suffix = ou=People panic action = /usr/share/samba/panic-action %d idmap uid = 15000-25000 idmap gid = 15000-25000 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba, PAM and active directory
Hi, I want that users can log on (SSH and console) a Debian box can do it through Active Directory. I still want that root user can log on (SSH and console) so I created a wheel group for that. I can log on successfully with all AD and root users. However, I'd like to limit the AD users to the technology domain group. I've googled a lot: http://ubuntuforums.org/showthread.php?t=547324 but I can't figure out how to make it to work under my Debian box. Here are my settings: # # /etc/pam.d/common-account - authorization settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired in /etc/shadow. # account sufficientpam_succeed_if.so debug user ingroup wheel account sufficient pam_succeed_if.so debug user ingroup Technology # # /etc/pam.d/common-auth - authentication settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # authsufficient pam_unix.so debug nullok_secure try_first_pass authrequiredpam_winbind.so debug # # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be #used to change user passwords. The default is pam_unix # The nullok option allows users to change an empty password, else # empty passwords are treated as locked accounts. # # (Add `md5' after the module name to enable MD5 passwords) # # The obscure option replaces the old `OBSCURE_CHECKS_ENAB' option in # login.defs. Also the min and max options enforce the length of the # new password. #password required pam_unix.so nullok obscure min=4 max=8 md5 # Alternate strength checking for password. Note that this # requires the libpam-cracklib package to be installed. # You will need to comment out the password line above and # uncomment the next two in order to use this. # (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH') # # password required pam_cracklib.so retry=3 minlen=6 difok=3 # password required pam_unix.so use_authtok nullok md5 authsufficient pam_winbind.so authrequiredpam_unix.so nullok obscure min=4 max=8 md5 try_first_pass # # /etc/pam.d/common-session - session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive). The default is pam_unix. # session requiredpam_unix.so debug try_first_pass session requiredpam_mkhomedir.so skel=/etc/skel/ umask=0022 session requiredpam_winbind.so debug I've created a test AD user that is not in the Technology group. If I issue: svn:/etc/pam.d# su - test su: Permission denied (Ignored) the auth.log file gives: Feb 20 13:45:27 svn su[6526]: pam_succeed_if: 'user' resolves to 'test' Feb 20 13:45:27 svn su[6526]: pam_succeed_if: requirement user ingroup wheel not met by user test Feb 20 13:45:27 svn su[6526]: pam_succeed_if: 'user' resolves to 'test' Feb 20 13:45:27 svn su[6526]: pam_succeed_if: requirement user ingroup Technology not met by user test Feb 20 13:45:27 svn su[6526]: Successful su for test by root Feb 20 13:45:27 svn su[6526]: + pts/0 root:test Feb 20 13:45:27 svn su[6526]: (pam_unix) session opened for user test by (uid=0) Feb 20 13:45:27 svn pam_winbind[6526]: pam_winbind: pam_sm_open_session handler (flags: 0x) So is seeing that the test user is not part of any of the allowed groups but still the user is being logged on. What am I doing wrong? Thanks, Miguel __ ¿Con Mascota por primera vez? Sé un mejor Amigo. Entra en Yahoo! Respuestas http://es.answers.yahoo.com/info/welcome -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Subfolders and permissions
Hi, I have currently a department called HRM which have their own share /data/hrm Within that share is a folder called recruitment. We recently hired an external recruiter to do some work for us. The folder is /data/hrm/recruitment How can I enforce that this person can only read and write in this directory? Look below, is this the way to go? How would you handle this? My config: #=== Global Settings = [global] dns proxy = no log file = /var/log/samba/log.%m netbios name = srv01 load printers = yes server string = srv01.mydomain.com workgroup = MYDOMAIN os level = 20 username map = /usr/local/etc/samba/smbusers encrypt passwords = yes hosts allow = 192.168.20. 127. security = user max log size = 50 # Share Definitions == # the staff group [hrm] writeable = yes path = /data/hrm write list = @hrm force group = hrm valid users = @hrm create mode = 764 directory mode = 774 [recruitment] comment = Recruitment Share valid users = @recruitment writeable = yes path = /data/hrm/recruitment write list = @recruitment force group = recruitment create mode = 764 directory mode = 774 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Subfolders and permissions
Paul Rijke wrote: Hi, I have currently a department called HRM which have their own share /data/hrm Within that share is a folder called recruitment. We recently hired an external recruiter to do some work for us. The folder is /data/hrm/recruitment How can I enforce that this person can only read and write in this directory? Look below, is this the way to go? How would you handle this? My config: #=== Global Settings = [global] dns proxy = no log file = /var/log/samba/log.%m netbios name = srv01 load printers = yes server string = srv01.mydomain.com workgroup = MYDOMAIN os level = 20 username map = /usr/local/etc/samba/smbusers encrypt passwords = yes hosts allow = 192.168.20. 127. security = user max log size = 50 # Share Definitions == # the staff group [hrm] writeable = yes path = /data/hrm write list = @hrm force group = hrm valid users = @hrm create mode = 764 directory mode = 774 [recruitment] comment = Recruitment Share valid users = @recruitment writeable = yes path = /data/hrm/recruitment write list = @recruitment force group = recruitment create mode = 764 directory mode = 774 Personally, I'd do this at the file system level. Put them in a group such that they don't have any permissions other than traverse (751 permissions or so) parent directories, and make them the owner of the recruitment directory with a 2770 permission on the directory. If you need to add more recruiters, just add them to the recruitment group. So, it'd look like this: user: recruiter group: recruitment /data/hrm (perms - root.users rwxrwx--x) /data/hrm/recruitment (perms - recruiter.recruitment rwxrwt---) Then just give them a link to /data/hrm/recruitment on their desktop or something (or map a drive on logon with the logon script). This is, of course, just one way to do it. I usually like to handle permissions at the lowest level. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RE: Delegation of authentication (S4U) and SAMBA
On Tue, 2008-02-12 at 12:15 -0800, Ephi Dror wrote: Hello, Does samba support the use of S4U? What do we need to configure in SAMBA or krb5 to support getting a ticket obtained by S4U. We are using 3.0.25 and krb5-1.4.1 We are getting the following error: decode_pac_data: Name in PAC [EMAIL PROTECTED] does not match principal name in ticket The ticket could be different than the PAC name because the ticket was obtained using S4U extension. As you have found out, the code does not currently allow this. Now that we are using the PAC, it shouldn't be too hard for you to change things so that instead of requiring the two strings does to match, it takes the PAC in precedence (if available). I suggest raising this on samba-technical Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] CTDB and LDAP: anyone?
On Tue, 2008-02-12 at 11:01 +, Alex Crow wrote: Hi there, I am looking into using CTDB between a PDC and a BDC. I assume this is possible! However I have a few questions: 1: Do I have to use tdb2 as an Idmap backend? Can I not stay with ldap? (from the CTDB docs: A clustered Samba install must set some specific configuration parameters clustering = yes idmap backend = tdb2 private dir = /a/directory/on/your/cluster/filesystem It is vital that the private directory is on shared storage.) LDAP should be fine... 2. I have got the git tree as mentioned on the CTDB pages; however it seems like 3.2.0pre1 will also support this; which should I go with? 3. Do I have to use IP takeover? All I am trying to do in this case is to consistently provide the home directories and profiles on both the PDC and BDC (I'm using GFS over iSCSI). It doesn't matter if the IP address of either box vanishes - since they are both domain controllers the still-living box should be used anyway (background - I am using passdb expand explicit = yes and in LDAP I have home and profile paths specified prefixed by \\%L, so the user's profile and home dir are mapped to whatever the logon server is for that session). I can see how for sharing domain member services around a cluster that IP takeover is required, but the PDC/BDC relationship means (IMHO) it's not required in this instance. This looks like a perfectly good reason not to require IP takeover. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Need help upgrading from 3.0.4 to 3.0.28
Joe wrote: I have a FreeBSD 5.2.1 machine running Samba 3.0.4. I am going to upgrade Samba to 3.0.28. The process I would follow would be... download source configure make make install My questions are... 1. Can I make install with users connected to the samba server and using shares? Only if you're an optimist. It's a rare day one can migrate that many releases without some changes in config file syntax or interpretation. 2. Can I just restart nmbd and smbd to run the new version? What happens to connected users if I restart nmbd and smbd? You could. Your users would get (optimistically) momentarily disconnected. The windows offline files balloon pops up or a message no longer connected to 2. Will I need to change anything in smb.conf? Probably. I know some of the defaults have changed, but I don't have a list handy. 3. Will any of the samba databases (users) get destroyed/erased/ changed? Shouldn't, but someone else would have to say definitively. I've personally wiped and reinitialized most of them several times only keeping the private tdb files secrets passdb while regenerating the printer tdb's and mappings. Sorry for all the questions, I'm just nervous about creating a big mess during the upgrade. If it's at all possible, your best course is to setup a test machine (real or virtual) and test the new version in your current setup by joining it to your domain and connecting from users. Alternatively, duplicate the existing OS samba version with a different machine name and perform the upgrade on it. Your experience doing that is the only real way to self answer some of your questions and make the production upgrade as smooth as possible. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RE: Delegation of authentication (S4U) and SAMBA
On Wed, 2008-02-20 at 13:58 -0800, Todd Stecher wrote: From my readings, only the Heimdahl Kerberos distribution has S4USelf support, at least in the Samba 4 code base. MIT tries to stay away from being PAC-cognizent. In terms of Samba4's KDE, S4USelf is something that I need to finish understanding, particularly in terms of interoperable behaviours etc. It sounds like you're trying to do something slightly different - e.g. Constrained Delegation, where the identity lives in the PAC, and not in the ticket. There are additional security considerations which come into play when relying simply on the PAC, since anyone can put a PAC into a service ticket with a custom codebase - you can easily get into cases of identity theft if you also don't verify the second (KRBTGT HMAC of the server signature) signature in the PAC. Why do we need to check that, expect if we think that unprivileged processes on our box have access to the keytab? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] change in AD authentication behaviour since 3.0.24
Robert Cohen wrote: On 20/2/08 4:11 PM, Neal A. Lucier [EMAIL PROTECTED] wrote: Robert Cohen wrote: Ok, I thought winbind was only relevant if you were using AD as a NSS (name service source). We have all the users in the name service from LDAP or NIS+. We're only getting the passwords from AD. I guess this could be an unusual combination and could be whats causing our problems... This is exactly what we are doing, and until 3.0.25 setting up idmap to work in this environment was a bit convoluted, but now it is extremely simple, mainly because an nss backend was introduced to idmap. Generally speaking idmap is for authorization; however, there is some interplay with authentication. So, to be clear, your nsswitch on the machine is only look at LDAP or NIS+, and in AD you have all the same users with the same username? You need IDmap to map the uid of the owner of the files (which is coming from LDAP/NIS+) to the SID of the user that is accessing via Samba (which is coming from AD). There are many ways to do this, by putting the SID in LDAP, the uid in AD, using local .tdb files, or a local mapping. The simpliest (given that my assumptions about your environment are correct) is: winbind use default domain = yes idmap domains = XX idmap config XX:backend = nss idmap config XX:readonly = yes idmap config XX:default = no The only setting I'm not sure exactly what is does is the :default = no, but IIRC that says if someone from another domain that is not defined by idmap domains = tries to connect than idmap should not use this backend as the default backend. see: http://www.samba.org/~idra/samba3_newidmap.pdf And allow trusted domains = no doesn't make any difference. Sorry, I was thinking of winbind trusted domains only which has been obsoleted by the idmap_nss backend. Neal -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] change in AD authentication behaviour since 3.0.24
Charles Marcus CMarcus at Media-Brokers.com wrote On 2/19/2008, Robert Cohen (robert.cohen at anu.edu.au) wrote: I'm not sure whether its the same problem as us. BTW I should mention that we're simply not using winbind. The behaviour I'm talking about is when an XP client machine attempts to connect to our server to get a network share. So winbind doesn't enter into the equation. From the 3.0.25 release notes (3rd paragraph is most relevant to you): Member servers, domain accounts, and smb.conf = Since Samba 3.0.8, it has been recommended that all domain accounts listed In smb.conf on a member server be fully qualified with the domain name. This is now a requirement. All unqualified names are assumed to be local to the Unix host, either as part of the server's local passdb or in the local system list of accounts (e.g. /etc/passwd or /etc/group). The reason for this change is that smbd has transitioned from access checks based on string comparisons to token based authorization. All names are resolved to a SID and then verified against the logged on user's NT user token. Local names will resolve to a local SID, while qualified domain names will resolve to the appropriate domain SID. If the member server is not running winbindd at all, domain accounts will be implicitly mapped to local accounts and their tokens will be modified appropriately to reflect the local SID and group membership. This turned out to be the problem. We hadnt been starting winbindd since I thought it was only relevant if you were using winbind in /etc/nsswitch.conf. But as soon as we started winbind, along with other config settings mentioned earlier, everything just started working. === Robert Cohen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Subfolders and permissions
Paul Rijke [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, I have currently a department called HRM which have their own share /data/hrm Within that share is a folder called recruitment. We recently hired an external recruiter to do some work for us. The folder is /data/hrm/recruitment How can I enforce that this person can only read and write in this directory? Look below, is this the way to go? How would you handle this? A Samba account is linked to a Linux account. I would set the security on the Linux account. I would do this using regular Linux file and directory permissions. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] using MD5 to cipher password
Luigi Santangelo wrote: Hi everybody, When I create a new user with smbpasswd -a, can I encrypt the password with MD5 protocol instead of NTLM protocol? No. snip Use unix or ldap password sync. *Michael Heydon - IT Administrator * [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-930-g8c2f658
The branch, v4-0-test has been updated via 8c2f658a9688f0c51d2f3b948dc3213b65c7b77f (commit) from 02cb396d42976efc03fcb0082e914eb17ae72e11 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit 8c2f658a9688f0c51d2f3b948dc3213b65c7b77f Author: Andrew Bartlett [EMAIL PROTECTED] Date: Wed Feb 20 19:20:13 2008 +1100 Simpler specification of CFLAGS and LDFLAGS By being more consistant in applying CFLAGS and LDFLAGS (in particular) to every invocation, we make it simpler to enable gcov code coverage, both in the build system and on the build farm. Andrew Bartlett --- Summary of changes: source/Makefile|4 ++-- source/build/m4/check_ld.m4| 17 ++--- source/build/smb_build/makefile.pm |4 ++-- source/torture/config.mk | 10 ++ 4 files changed, 16 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/source/Makefile b/source/Makefile index ea98b5e..1fddfef 100644 --- a/source/Makefile +++ b/source/Makefile @@ -14,10 +14,10 @@ SETUPDIR = $(datadir)/setup NCALRPCDIR = $(localstatedir)/ncalrpc BNLD = $(LD) -BNLD_FLAGS = $(LDFLAGS) +BNLD_FLAGS = $(LDFLAGS) $(SYS_LDFLAGS) HOSTCC_FLAGS = -D_SAMBA_HOSTCC_ $(CFLAGS) -HOSTLD_FLAGS = $(LDFLAGS) +HOSTLD_FLAGS = $(LDFLAGS) $(SYS_LDFLAGS) default: all diff --git a/source/build/m4/check_ld.m4 b/source/build/m4/check_ld.m4 index 3b69057..0d0742e 100644 --- a/source/build/m4/check_ld.m4 +++ b/source/build/m4/check_ld.m4 @@ -13,6 +13,7 @@ LD= AC_SUBST(BLDSHARED) AC_SUBST(LD) +AC_SUBST(SYS_LDFLAGS) AC_SUBST(LDFLAGS) # Assume non-shared by default and override below @@ -32,13 +33,13 @@ AC_MSG_CHECKING([whether to try to build shared libraries on $host_os]) case $host_os in *linux*) BLDSHARED=true - LDFLAGS=$LDFLAGS -Wl,--export-dynamic + SYS_LDFLAGS=-Wl,--export-dynamic ;; *solaris*) BLDSHARED=true if test ${GCC} = yes; then if test ${ac_cv_prog_gnu_ld} = yes; then - LDFLAGS=$LDFLAGS -Wl,-E + SYS_LDFLAGS=-Wl,-E fi fi ;; @@ -47,26 +48,26 @@ case $host_os in ;; *netbsd* | *freebsd* | *dragonfly* ) BLDSHARED=true - LDFLAGS=$LDFLAGS -Wl,--export-dynamic + SYS_LDFLAGS=-Wl,--export-dynamic ;; *openbsd*) BLDSHARED=true - LDFLAGS=$LDFLAGS -Wl,-Bdynamic + SYS_LDFLAGS=-Wl,-Bdynamic ;; *irix*) BLDSHARED=true ;; *aix*) BLDSHARED=true - LDFLAGS=$LDFLAGS -Wl,-brtl,-bexpall,-bbigtoc + SYS_LDFLAGS=-Wl,-brtl,-bexpall,-bbigtoc ;; *hpux*) # Use special PIC flags for the native HP-UX compiler. BLDSHARED=true # I hope this is correct if test $host_cpu = ia64; then - LDFLAGS=$LDFLAGS -Wl,-E,+b/usr/local/lib/hpux32:/usr/lib/hpux32 + SYS_LDFLAGS=-Wl,-E,+b/usr/local/lib/hpux32:/usr/lib/hpux32 else - LDFLAGS=$LDFLAGS -Wl,-E,+b/usr/local/lib:/usr/lib + SYS_LDFLAGS=-Wl,-E,+b/usr/local/lib:/usr/lib fi ;; *osf*) @@ -86,6 +87,8 @@ AC_MSG_CHECKING([LD]) AC_MSG_RESULT([$LD]) AC_MSG_CHECKING([LDFLAGS]) AC_MSG_RESULT([$LDFLAGS]) +AC_MSG_CHECKING([SYS_LDFLAGS]) +AC_MSG_RESULT([$SYS_LDFLAGS]) AC_SUBST(HOSTLD) diff --git a/source/build/smb_build/makefile.pm b/source/build/smb_build/makefile.pm index d11e761..498b619 100644 --- a/source/build/smb_build/makefile.pm +++ b/source/build/smb_build/makefile.pm @@ -187,7 +187,7 @@ __EOD__ $ctx-{SHAREDDIR}/$ctx-{LIBRARY_REALNAME}: \$($ctx-{NAME}_DEPEND_LIST) \$($ctx-{NAME}_FULL_OBJ_LIST) $init_obj [EMAIL PROTECTED] Linking \$\@ [EMAIL PROTECTED] -p $ctx-{SHAREDDIR} - [EMAIL PROTECTED](MDLD) \$(MDLD_FLAGS) \$(INTERN_LDFLAGS) -o \$\@ \$(INSTALL_LINK_FLAGS) \\ + [EMAIL PROTECTED](MDLD) \$(LDFLAGS) \$(MDLD_FLAGS) \$(INTERN_LDFLAGS) -o \$\@ \$(INSTALL_LINK_FLAGS) \\ \$($ctx-{NAME}\_FULL_OBJ_LIST) $init_obj \\ \$($ctx-{NAME}_LINK_FLAGS) __EOD__ @@ -242,7 +242,7 @@ sub SharedLibrary($$) $ctx-{RESULT_SHARED_LIBRARY}: \$($ctx-{NAME}_DEPEND_LIST) \$($ctx-{NAME}_FULL_OBJ_LIST) [EMAIL PROTECTED] Linking \$\@ [EMAIL PROTECTED] -p $ctx-{SHAREDDIR} - [EMAIL PROTECTED](SHLD) \$(SHLD_FLAGS) \$(INTERN_LDFLAGS) -o \$\@ \$(INSTALL_LINK_FLAGS) \\ + [EMAIL PROTECTED](SHLD)
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-932-ge8f3653
The branch, v4-0-test has been updated via e8f3653414c12fb752c096d848dc962008d90439 (commit) via 4c77550d80b0cfc80bc2cac500fc27e0c43dad64 (commit) from 8c2f658a9688f0c51d2f3b948dc3213b65c7b77f (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit e8f3653414c12fb752c096d848dc962008d90439 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Feb 1 14:23:56 2008 +0100 NetBSD does not support AI_ADDRCONFIG (cherry picked from commit fb3f7f4046fa195baf5116598772d9016238637f) commit 4c77550d80b0cfc80bc2cac500fc27e0c43dad64 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Feb 1 20:03:05 2008 +0100 NetBSD needs LD_LIBRARY_PATH (cherry picked from commit d64b19e77aa499c1ee1aaf788ddf3d6fd36253e4) --- Summary of changes: source/lib/replace/libreplace_ld.m4 |3 +++ source/lib/replace/system/network.h |7 +++ 2 files changed, 10 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/replace/libreplace_ld.m4 b/source/lib/replace/libreplace_ld.m4 index 2aec698..f0d10c1 100644 --- a/source/lib/replace/libreplace_ld.m4 +++ b/source/lib/replace/libreplace_ld.m4 @@ -289,6 +289,9 @@ AC_DEFUN([AC_LIBREPLACE_RUNTIME_LIB_PATH_VAR], *linux*) LIB_PATH_VAR=LD_LIBRARY_PATH ;; + *netbsd*) + LIB_PATH_VAR=LD_LIBRARY_PATH + ;; *solaris*) LIB_PATH_VAR=LD_LIBRARY_PATH ;; diff --git a/source/lib/replace/system/network.h b/source/lib/replace/system/network.h index 53bef66..d09e3f7 100644 --- a/source/lib/replace/system/network.h +++ b/source/lib/replace/system/network.h @@ -163,8 +163,15 @@ void rep_freeifaddrs(struct ifaddrs *); #endif #ifndef AI_ADDRCONFIG +/* + * logic copied from AI_NUMERICHOST + */ +#if defined(HAVE_STRUCT_ADDRINFO) defined(HAVE_GETADDRINFO) +#define AI_ADDRCONFIG 0 +#else #define AI_ADDRCONFIG 0x0020 #endif +#endif #ifndef AI_NUMERICSERV /* -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-945-g7a2ff3e
The branch, v4-0-test has been updated via 7a2ff3ee26bce49a3eeeb270f4a5e4df2adbefbb (commit) via 7bbe48af5568ffc4e4873692316673fd974ef4ef (commit) via ce332130ea77159832da23bab760fa26921719e2 (commit) via 92c1c0e9137f0845cac6cc96bf78711b6aaffe21 (commit) via e464a344bc11587abc5c663bc8d6471eeb314959 (commit) via b1a7810f3e70f9a831d9b8e85d531e448072adaf (commit) via 46e5027f56722fbe19af36aad1ab03ea1c862f43 (commit) via 85c96a325867f7bcdb412ebc53f8a47dbf7cd89b (commit) via 141ee91272fb4dafca0149f679e17721b6a3011e (commit) via 2548c2a1e7dab8abc00f8f49374a08cc0b427552 (commit) via 89590d7dfe0735093a4a5b66eeed9276df043ac9 (commit) via 5ad9bc7dd9b8a3b37e0acd77eaecc5ee71d7b422 (commit) via 9b0dcac0bd805c3e1741448167b461c3fa0e33fd (commit) from e8f3653414c12fb752c096d848dc962008d90439 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit 7a2ff3ee26bce49a3eeeb270f4a5e4df2adbefbb Merge: 7bbe48af5568ffc4e4873692316673fd974ef4ef e8f3653414c12fb752c096d848dc962008d90439 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 10:55:20 2008 +0100 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-nodeclare commit 7bbe48af5568ffc4e4873692316673fd974ef4ef Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 10:51:26 2008 +0100 Fix nbt tests. commit ce332130ea77159832da23bab760fa26921719e2 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 04:33:43 2008 +0100 Fix use of some modules (needed _PUBLIC_). commit 92c1c0e9137f0845cac6cc96bf78711b6aaffe21 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 03:40:44 2008 +0100 Fix static module list generation for ldb. commit e464a344bc11587abc5c663bc8d6471eeb314959 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 03:21:38 2008 +0100 Require at least talloc 1.2.0. commit b1a7810f3e70f9a831d9b8e85d531e448072adaf Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 02:57:07 2008 +0100 Remove more function-based inits. commit 46e5027f56722fbe19af36aad1ab03ea1c862f43 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 01:56:55 2008 +0100 Use function-based initialization for ildap backend. commit 85c96a325867f7bcdb412ebc53f8a47dbf7cd89b Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 01:54:32 2008 +0100 Use struct-based rather than function-based initialization for ldb modules everywhere. commit 141ee91272fb4dafca0149f679e17721b6a3011e Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 01:37:53 2008 +0100 Allow ldb backends without init function, use init function-less ldb modules. commit 2548c2a1e7dab8abc00f8f49374a08cc0b427552 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Feb 19 23:53:04 2008 +0100 Factor out IP marshalling into separate function. commit 89590d7dfe0735093a4a5b66eeed9276df043ac9 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Feb 19 23:00:43 2008 +0100 Add configure test for vdeplug library. commit 5ad9bc7dd9b8a3b37e0acd77eaecc5ee71d7b422 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Feb 19 22:04:26 2008 +0100 Add VDE switch management functions. commit 9b0dcac0bd805c3e1741448167b461c3fa0e33fd Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Feb 19 21:51:09 2008 +0100 Initial work on vde support. --- Summary of changes: source/build/smb_build/header.pm | 10 ++- source/build/smb_build/makefile.pm|3 +- source/build/smb_build/summary.pm |3 + source/configure.ac |2 +- source/dsdb/samdb/ldb_modules/anr.c |8 +-- source/dsdb/samdb/ldb_modules/config.mk | 57 +++ source/dsdb/samdb/ldb_modules/dsdb_cache.c|7 +-- source/dsdb/samdb/ldb_modules/extended_dn.c |7 +-- source/dsdb/samdb/ldb_modules/instancetype.c |8 +-- source/dsdb/samdb/ldb_modules/kludge_acl.c|7 +-- source/dsdb/samdb/ldb_modules/linked_attributes.c |7 +-- source/dsdb/samdb/ldb_modules/local_password.c|8 +-- source/dsdb/samdb/ldb_modules/naming_fsmo.c |7 +-- source/dsdb/samdb/ldb_modules/normalise.c |7 +-- source/dsdb/samdb/ldb_modules/objectclass.c |8 +-- source/dsdb/samdb/ldb_modules/objectguid.c|8 +-- source/dsdb/samdb/ldb_modules/partition.c |9 +-- source/dsdb/samdb/ldb_modules/password_hash.c |8 +-- source/dsdb/samdb/ldb_modules/pdc_fsmo.c |7 +-- source/dsdb/samdb/ldb_modules/proxy.c |7 +-- source/dsdb/samdb/ldb_modules/ranged_results.c|7 +-- source/dsdb/samdb/ldb_modules/repl_meta_data.c|7 +--
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2460-g53c9098
The branch, v3-2-test has been updated via 53c9098253f5a7f84ea8079a755b9d4f0b28fb2c (commit) from af5ec88ece3ecca2b3c5d6585deec10fe851339b (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit 53c9098253f5a7f84ea8079a755b9d4f0b28fb2c Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 00:44:40 2008 +0100 Remove the getifaddrs checks from configure.in: they are now in lib/replace. Michael --- Summary of changes: source/configure.in | 96 --- 1 files changed, 0 insertions(+), 96 deletions(-) Changeset truncated at 500 lines: diff --git a/source/configure.in b/source/configure.in index afe68d7..6b9131c 100644 --- a/source/configure.in +++ b/source/configure.in @@ -2736,102 +2736,6 @@ SMB_CHECK_SYSCONF(_SC_NPROCESSORS_ONLN) SMB_CHECK_SYSCONF(_SC_PAGESIZE) AC_CHECK_FUNCS(getpagesize) -dnl test for getifaddrs and freeifaddrs -AC_CACHE_CHECK([for getifaddrs and freeifaddrs],samba_cv_HAVE_GETIFADDRS,[ -AC_TRY_COMPILE([ -#include sys/socket.h -#include sys/types.h -#include netinet/in.h -#include arpa/inet.h -#include ifaddrs.h -#include netdb.h], -[ -struct ifaddrs *ifp = NULL; -int ret = getifaddrs (ifp); -freeifaddrs(ifp); -], -samba_cv_HAVE_GETIFADDRS=yes,samba_cv_HAVE_GETIFADDRS=no)]) -if test x$samba_cv_HAVE_GETIFADDRS = xyes; then -AC_DEFINE(HAVE_GETIFADDRS,1,[Whether the system has getifaddrs]) -AC_DEFINE(HAVE_FREEIFADDRS,1,[Whether the system has freeifaddrs]) -fi - -## -# look for a method of finding the list of network interfaces -iface=no; -AC_CACHE_CHECK([for iface getifaddrs],samba_cv_HAVE_IFACE_GETIFADDRS,[ -SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS=$CPPFLAGS ${SAMBA_CONFIGURE_CPPFLAGS} -AC_TRY_RUN([ -#define NO_CONFIG_H 1 -#define HAVE_IFACE_GETIFADDRS 1 -#define AUTOCONF_TEST 1 -#include ${srcdir-.}/lib/replace/replace.c -#include ${srcdir-.}/lib/interfaces.c], - samba_cv_HAVE_IFACE_GETIFADDRS=yes,samba_cv_HAVE_IFACE_GETIFADDRS=no,samba_cv_HAVE_IFACE_GETIFADDRS=cross)]) -CPPFLAGS=$SAVE_CPPFLAGS -if test x$samba_cv_HAVE_IFACE_GETIFADDRS = xyes; then -iface=yes;AC_DEFINE(HAVE_IFACE_GETIFADDRS,1,[Whether iface getifaddrs is available]) -fi - -if test $iface = no; then -AC_CACHE_CHECK([for iface ifconf],samba_cv_HAVE_IFACE_IFCONF,[ -SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS=$CPPFLAGS ${SAMBA_CONFIGURE_CPPFLAGS} -AC_TRY_RUN([ -#define NO_CONFIG_H 1 -#define HAVE_IFACE_IFCONF 1 -#define AUTOCONF_TEST 1 -#define SOCKET_WRAPPER_NOT_REPLACE -#include ${srcdir-.}/lib/replace/replace.c -#include ${srcdir-.}/lib/interfaces.c], - samba_cv_HAVE_IFACE_IFCONF=yes,samba_cv_HAVE_IFACE_IFCONF=no,samba_cv_HAVE_IFACE_IFCONF=cross)]) -CPPFLAGS=$SAVE_CPPFLAGS -if test x$samba_cv_HAVE_IFACE_IFCONF = xyes; then -iface=yes;AC_DEFINE(HAVE_IFACE_IFCONF,1,[Whether iface ifconf is available]) -fi -fi - -if test $iface = no; then -AC_CACHE_CHECK([for iface ifreq],samba_cv_HAVE_IFACE_IFREQ,[ -SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS=$CPPFLAGS ${SAMBA_CONFIGURE_CPPFLAGS} -AC_TRY_RUN([ -#define NO_CONFIG_H 1 -#define HAVE_IFACE_IFREQ 1 -#define AUTOCONF_TEST 1 -#define SOCKET_WRAPPER_NOT_REPLACE -#include ${srcdir-.}/lib/replace/replace.c -#include ${srcdir-.}/lib/replace/getaddrinfo.c -#include ${srcdir-.}/lib/replace/snprintf.c -#include ${srcdir-.}/lib/interfaces.c], - samba_cv_HAVE_IFACE_IFREQ=yes,samba_cv_HAVE_IFACE_IFREQ=no,samba_cv_HAVE_IFACE_IFREQ=cross)]) -CPPFLAGS=$SAVE_CPPFLAGS -if test x$samba_cv_HAVE_IFACE_IFREQ = xyes; then -iface=yes;AC_DEFINE(HAVE_IFACE_IFREQ,1,[Whether iface ifreq is available]) -fi -fi - -if test $iface = no; then -AC_CACHE_CHECK([for iface AIX],samba_cv_HAVE_IFACE_AIX,[ -SAVE_CPPFLAGS=$CPPFLAGS -CPPFLAGS=$CPPFLAGS ${SAMBA_CONFIGURE_CPPFLAGS} -AC_TRY_RUN([ -#define NO_CONFIG_H 1 -#define HAVE_IFACE_AIX 1 -#define AUTOCONF_TEST 1 -#undef _XOPEN_SOURCE_EXTENDED -#define SOCKET_WRAPPER_NOT_REPLACE -#include ${srcdir-.}/lib/replace/replace.c -#include ${srcdir-.}/lib/replace/snprintf.c -#include ${srcdir-.}/lib/interfaces.c], - samba_cv_HAVE_IFACE_AIX=yes,samba_cv_HAVE_IFACE_AIX=no,samba_cv_HAVE_IFACE_AIX=cross)]) -CPPFLAGS=$SAVE_CPPFLAGS -if test x$samba_cv_HAVE_IFACE_AIX = xyes; then -iface=yes;AC_DEFINE(HAVE_IFACE_AIX,1,[Whether iface AIX is available]) -fi -fi - dnl test for ipv6 AC_CACHE_CHECK([for ipv6 support],samba_cv_HAVE_IPV6,[ AC_TRY_COMPILE([ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-946-gd45c6b5
The branch, v4-0-test has been updated via d45c6b5574ea732d25e9180c83f1fa807ebe57ba (commit) from 7a2ff3ee26bce49a3eeeb270f4a5e4df2adbefbb (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit d45c6b5574ea732d25e9180c83f1fa807ebe57ba Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 11:32:56 2008 +0100 Avoid python2.2-specific types. --- Summary of changes: source/scripting/python/config.m4 |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/scripting/python/config.m4 b/source/scripting/python/config.m4 index 908efd1..2142cd9 100644 --- a/source/scripting/python/config.m4 +++ b/source/scripting/python/config.m4 @@ -54,7 +54,7 @@ fi if test x$PYTHON != x then - DISTUTILS_CFLAGS=`$PYTHON -c from distutils import sysconfig; print '-I%s -I%s %s' % (sysconfig.get_python_inc(), sysconfig.get_python_inc(plat_specific=True), sysconfig.get_config_var('CFLAGS'))` + DISTUTILS_CFLAGS=`$PYTHON -c from distutils import sysconfig; print '-I%s -I%s %s' % (sysconfig.get_python_inc(), sysconfig.get_python_inc(plat_specific=1), sysconfig.get_config_var('CFLAGS'))` DISTUTILS_LDFLAGS=`$PYTHON -c from distutils import sysconfig; print '%s %s -lpython%s -L%s' % (sysconfig.get_config_var('LIBS'), sysconfig.get_config_var('SYSLIBS'), sysconfig.get_config_var('VERSION'), sysconfig.get_config_var('LIBPL'))` TRY_LINK_PYTHON($DISTUTILS_LDFLAGS, $DISTUTILS_CFLAGS) fi -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-947-ga57adcf
The branch, v4-0-test has been updated via a57adcfdd32fa9516eb092f7568e213347c583d7 (commit) from d45c6b5574ea732d25e9180c83f1fa807ebe57ba (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit a57adcfdd32fa9516eb092f7568e213347c583d7 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 12:17:18 2008 +0100 Allow building ldb as static library again \o/ --- Summary of changes: source/lib/ldb/config.mk |1 - 1 files changed, 0 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/ldb/config.mk b/source/lib/ldb/config.mk index b44a317..6027acd 100644 --- a/source/lib/ldb/config.mk +++ b/source/lib/ldb/config.mk @@ -127,7 +127,6 @@ PRIVATE_DEPENDENCIES = \ [LIBRARY::LIBLDB] VERSION = 0.0.1 SO_VERSION = 0 -OUTPUT_TYPE = SHARED_LIBRARY CFLAGS = -Ilib/ldb/include PC_FILE = ldb.pc INIT_FUNCTION_TYPE = extern const struct ldb_module_ops -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-951-g83387ec
The branch, v4-0-test has been updated via 83387ecccfe95b80525bf53c5fc9e945ffee10ec (commit) via 00c173bfba9c659750bf231fbd9278dd38aa8bfc (commit) via d3b3d3ec9ff64108b4cd5b7c912ab4ea207256cb (commit) via acab9def2a1e3460bef8baae6efc66d9dfad6eac (commit) from a57adcfdd32fa9516eb092f7568e213347c583d7 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit 83387ecccfe95b80525bf53c5fc9e945ffee10ec Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:53:07 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in libreplace.m4. Michael commit 00c173bfba9c659750bf231fbd9278dd38aa8bfc Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:49:30 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in system/config.m4. Michael commit d3b3d3ec9ff64108b4cd5b7c912ab4ea207256cb Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:46:20 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in getpass.m4. Michael commit acab9def2a1e3460bef8baae6efc66d9dfad6eac Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:43:37 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in getifaddrs.m4 Michael --- Summary of changes: source/lib/replace/getifaddrs.m4| 30 +++--- source/lib/replace/getpass.m4 | 12 +++--- source/lib/replace/libreplace.m4| 72 +- source/lib/replace/system/config.m4 | 16 4 files changed, 65 insertions(+), 65 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/replace/getifaddrs.m4 b/source/lib/replace/getifaddrs.m4 index 4259d1a..4cf86d8 100644 --- a/source/lib/replace/getifaddrs.m4 +++ b/source/lib/replace/getifaddrs.m4 @@ -7,7 +7,7 @@ AC_CHECK_MEMBERS([struct sockaddr.sa_len], [#include sys/socket.h]) dnl test for getifaddrs and freeifaddrs -AC_CACHE_CHECK([for getifaddrs and freeifaddrs],samba_cv_HAVE_GETIFADDRS,[ +AC_CACHE_CHECK([for getifaddrs and freeifaddrs],libreplace_cv_HAVE_GETIFADDRS,[ AC_TRY_COMPILE([ #include sys/types.h #if STDC_HEADERS @@ -24,8 +24,8 @@ struct ifaddrs *ifp = NULL; int ret = getifaddrs (ifp); freeifaddrs(ifp); ], -samba_cv_HAVE_GETIFADDRS=yes,samba_cv_HAVE_GETIFADDRS=no)]) -if test x$samba_cv_HAVE_GETIFADDRS = xyes; then +libreplace_cv_HAVE_GETIFADDRS=yes,libreplace_cv_HAVE_GETIFADDRS=no)]) +if test x$libreplace_cv_HAVE_GETIFADDRS = xyes; then AC_DEFINE(HAVE_GETIFADDRS,1,[Whether the system has getifaddrs]) AC_DEFINE(HAVE_FREEIFADDRS,1,[Whether the system has freeifaddrs]) AC_DEFINE(HAVE_STRUCT_IFADDRS,1,[Whether struct ifaddrs is available]) @@ -42,15 +42,15 @@ iface=no; ## # look for a method of finding the list of network interfaces iface=no; -AC_CACHE_CHECK([for iface getifaddrs],samba_cv_HAVE_IFACE_GETIFADDRS,[ +AC_CACHE_CHECK([for iface getifaddrs],libreplace_cv_HAVE_IFACE_GETIFADDRS,[ AC_TRY_RUN([ #define NO_CONFIG_H 1 #define HAVE_IFACE_GETIFADDRS 1 #define AUTOCONF_TEST 1 #include $libreplacedir/replace.c #include $libreplacedir/getifaddrs.c], - samba_cv_HAVE_IFACE_GETIFADDRS=yes,samba_cv_HAVE_IFACE_GETIFADDRS=no,samba_cv_HAVE_IFACE_GETIFADDRS=cross)]) -if test x$samba_cv_HAVE_IFACE_GETIFADDRS = xyes; then + libreplace_cv_HAVE_IFACE_GETIFADDRS=yes,libreplace_cv_HAVE_IFACE_GETIFADDRS=no,libreplace_cv_HAVE_IFACE_GETIFADDRS=cross)]) +if test x$libreplace_cv_HAVE_IFACE_GETIFADDRS = xyes; then iface=yes;AC_DEFINE(HAVE_IFACE_GETIFADDRS,1,[Whether iface getifaddrs is available]) else LIBREPLACEOBJ=${LIBREPLACEOBJ} getifaddrs.o @@ -58,39 +58,39 @@ fi if test $iface = no; then -AC_CACHE_CHECK([for iface AIX],samba_cv_HAVE_IFACE_AIX,[ +AC_CACHE_CHECK([for iface AIX],libreplace_cv_HAVE_IFACE_AIX,[ AC_TRY_RUN([ #define HAVE_IFACE_AIX 1 #define AUTOCONF_TEST 1 #undef _XOPEN_SOURCE_EXTENDED #include $libreplacedir/getifaddrs.c], - samba_cv_HAVE_IFACE_AIX=yes,samba_cv_HAVE_IFACE_AIX=no,samba_cv_HAVE_IFACE_AIX=cross)]) -if test x$samba_cv_HAVE_IFACE_AIX = xyes; then + libreplace_cv_HAVE_IFACE_AIX=yes,libreplace_cv_HAVE_IFACE_AIX=no,libreplace_cv_HAVE_IFACE_AIX=cross)]) +if test x$libreplace_cv_HAVE_IFACE_AIX = xyes; then iface=yes;AC_DEFINE(HAVE_IFACE_AIX,1,[Whether iface AIX is available]) fi fi if test $iface = no; then -AC_CACHE_CHECK([for iface ifconf],samba_cv_HAVE_IFACE_IFCONF,[ +AC_CACHE_CHECK([for iface ifconf],libreplace_cv_HAVE_IFACE_IFCONF,[ AC_TRY_RUN([ #define HAVE_IFACE_IFCONF 1 #define AUTOCONF_TEST 1 #include $libreplacedir/getifaddrs.c], - samba_cv_HAVE_IFACE_IFCONF=yes,samba_cv_HAVE_IFACE_IFCONF=no,samba_cv_HAVE_IFACE_IFCONF=cross)]) -if test x$samba_cv_HAVE_IFACE_IFCONF = xyes; then +
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2464-g12ec7df
The branch, v3-2-test has been updated via 12ec7dfb109bedd7b086702394a7094a4853cf1f (commit) via 450034582ba78b296e9cacc9ea06b632196b8644 (commit) via d6719f1c2f349c34d7a14e8e0e264db8dbe48598 (commit) via f790cb4aedee58abe6324c47912b58a808bfca51 (commit) from 53c9098253f5a7f84ea8079a755b9d4f0b28fb2c (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit 12ec7dfb109bedd7b086702394a7094a4853cf1f Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:53:07 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in libreplace.m4. Michael (cherry picked from commit 83387ecccfe95b80525bf53c5fc9e945ffee10ec) commit 450034582ba78b296e9cacc9ea06b632196b8644 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:49:30 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in system/config.m4. Michael (cherry picked from commit 00c173bfba9c659750bf231fbd9278dd38aa8bfc) commit d6719f1c2f349c34d7a14e8e0e264db8dbe48598 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:46:20 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in getpass.m4. Michael (cherry picked from commit d3b3d3ec9ff64108b4cd5b7c912ab4ea207256cb) commit f790cb4aedee58abe6324c47912b58a808bfca51 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 12:43:37 2008 +0100 libreplace: change samba_cv_ to libreplace_cv_ in getifaddrs.m4 Michael (cherry picked from commit acab9def2a1e3460bef8baae6efc66d9dfad6eac) --- Summary of changes: source/lib/replace/getifaddrs.m4| 30 +++--- source/lib/replace/getpass.m4 | 12 +++--- source/lib/replace/libreplace.m4| 72 +- source/lib/replace/system/config.m4 | 16 4 files changed, 65 insertions(+), 65 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/replace/getifaddrs.m4 b/source/lib/replace/getifaddrs.m4 index 4259d1a..4cf86d8 100644 --- a/source/lib/replace/getifaddrs.m4 +++ b/source/lib/replace/getifaddrs.m4 @@ -7,7 +7,7 @@ AC_CHECK_MEMBERS([struct sockaddr.sa_len], [#include sys/socket.h]) dnl test for getifaddrs and freeifaddrs -AC_CACHE_CHECK([for getifaddrs and freeifaddrs],samba_cv_HAVE_GETIFADDRS,[ +AC_CACHE_CHECK([for getifaddrs and freeifaddrs],libreplace_cv_HAVE_GETIFADDRS,[ AC_TRY_COMPILE([ #include sys/types.h #if STDC_HEADERS @@ -24,8 +24,8 @@ struct ifaddrs *ifp = NULL; int ret = getifaddrs (ifp); freeifaddrs(ifp); ], -samba_cv_HAVE_GETIFADDRS=yes,samba_cv_HAVE_GETIFADDRS=no)]) -if test x$samba_cv_HAVE_GETIFADDRS = xyes; then +libreplace_cv_HAVE_GETIFADDRS=yes,libreplace_cv_HAVE_GETIFADDRS=no)]) +if test x$libreplace_cv_HAVE_GETIFADDRS = xyes; then AC_DEFINE(HAVE_GETIFADDRS,1,[Whether the system has getifaddrs]) AC_DEFINE(HAVE_FREEIFADDRS,1,[Whether the system has freeifaddrs]) AC_DEFINE(HAVE_STRUCT_IFADDRS,1,[Whether struct ifaddrs is available]) @@ -42,15 +42,15 @@ iface=no; ## # look for a method of finding the list of network interfaces iface=no; -AC_CACHE_CHECK([for iface getifaddrs],samba_cv_HAVE_IFACE_GETIFADDRS,[ +AC_CACHE_CHECK([for iface getifaddrs],libreplace_cv_HAVE_IFACE_GETIFADDRS,[ AC_TRY_RUN([ #define NO_CONFIG_H 1 #define HAVE_IFACE_GETIFADDRS 1 #define AUTOCONF_TEST 1 #include $libreplacedir/replace.c #include $libreplacedir/getifaddrs.c], - samba_cv_HAVE_IFACE_GETIFADDRS=yes,samba_cv_HAVE_IFACE_GETIFADDRS=no,samba_cv_HAVE_IFACE_GETIFADDRS=cross)]) -if test x$samba_cv_HAVE_IFACE_GETIFADDRS = xyes; then + libreplace_cv_HAVE_IFACE_GETIFADDRS=yes,libreplace_cv_HAVE_IFACE_GETIFADDRS=no,libreplace_cv_HAVE_IFACE_GETIFADDRS=cross)]) +if test x$libreplace_cv_HAVE_IFACE_GETIFADDRS = xyes; then iface=yes;AC_DEFINE(HAVE_IFACE_GETIFADDRS,1,[Whether iface getifaddrs is available]) else LIBREPLACEOBJ=${LIBREPLACEOBJ} getifaddrs.o @@ -58,39 +58,39 @@ fi if test $iface = no; then -AC_CACHE_CHECK([for iface AIX],samba_cv_HAVE_IFACE_AIX,[ +AC_CACHE_CHECK([for iface AIX],libreplace_cv_HAVE_IFACE_AIX,[ AC_TRY_RUN([ #define HAVE_IFACE_AIX 1 #define AUTOCONF_TEST 1 #undef _XOPEN_SOURCE_EXTENDED #include $libreplacedir/getifaddrs.c], - samba_cv_HAVE_IFACE_AIX=yes,samba_cv_HAVE_IFACE_AIX=no,samba_cv_HAVE_IFACE_AIX=cross)]) -if test x$samba_cv_HAVE_IFACE_AIX = xyes; then + libreplace_cv_HAVE_IFACE_AIX=yes,libreplace_cv_HAVE_IFACE_AIX=no,libreplace_cv_HAVE_IFACE_AIX=cross)]) +if test x$libreplace_cv_HAVE_IFACE_AIX = xyes; then iface=yes;AC_DEFINE(HAVE_IFACE_AIX,1,[Whether iface AIX is available]) fi fi if test $iface = no; then -AC_CACHE_CHECK([for iface ifconf],samba_cv_HAVE_IFACE_IFCONF,[ +AC_CACHE_CHECK([for iface ifconf],libreplace_cv_HAVE_IFACE_IFCONF,[
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2465-g9b9495d
The branch, v3-2-test has been updated via 9b9495d3672e3a8e74d153dbef62825e6b5d5170 (commit) from 12ec7dfb109bedd7b086702394a7094a4853cf1f (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit 9b9495d3672e3a8e74d153dbef62825e6b5d5170 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 17:26:39 2008 +0100 Remove tests for vsnprintf snprintf asprintf vasprintf and va_copy from configure. These are tested in libreplace. Michael --- Summary of changes: source/configure.in | 54 +-- 1 files changed, 1 insertions(+), 53 deletions(-) Changeset truncated at 500 lines: diff --git a/source/configure.in b/source/configure.in index 6b9131c..e218c0b 100644 --- a/source/configure.in +++ b/source/configure.in @@ -907,10 +907,6 @@ fi AC_HAVE_DECL(errno, [#include errno.h]) AC_HAVE_DECL(setresuid, [#include unistd.h]) AC_HAVE_DECL(setresgid, [#include unistd.h]) -AC_HAVE_DECL(asprintf, [#include stdio.h]) -AC_HAVE_DECL(vasprintf, [#include stdio.h]) -AC_HAVE_DECL(vsnprintf, [#include stdio.h]) -AC_HAVE_DECL(snprintf, [#include stdio.h]) # and glibc has setresuid under linux but the function does # nothing until kernel 2.1.44! very dumb. @@ -1062,7 +1058,7 @@ AC_CHECK_FUNCS(waitpid getcwd strdup strndup strnlen strerror chown fchown lchow AC_CHECK_FUNCS(strtol strtoll strtoul strtoull strtouq __strtoull) AC_CHECK_FUNCS(fstat strchr utime utimes chflags) AC_CHECK_FUNCS(getrlimit fsync fdatasync memset strlcpy strlcat setpgid) -AC_CHECK_FUNCS(memmove vsnprintf snprintf asprintf vasprintf setsid glob strpbrk pipe crypt16 getauthuid) +AC_CHECK_FUNCS(memmove setsid glob strpbrk pipe crypt16 getauthuid) AC_CHECK_FUNCS(strftime sigprocmask sigblock sigaction sigset innetgr setnetgrent getnetgrent endnetgrent) AC_CHECK_FUNCS(initgroups select poll rdchk getgrnam getgrent pathconf realpath) AC_CHECK_FUNCS(setpriv setgidx setuidx setgroups sysconf mktime rename ftruncate chsize stat64 fstat64) @@ -2032,54 +2028,6 @@ if test x$samba_cv_WITH_PROFILE = xyes; then fi -AC_CACHE_CHECK([for va_copy],samba_cv_HAVE_VA_COPY,[ -AC_TRY_LINK([#include stdarg.h -va_list ap1,ap2;], [va_copy(ap1,ap2);], -samba_cv_HAVE_VA_COPY=yes, -samba_cv_HAVE_VA_COPY=no)]) -if test x$samba_cv_HAVE_VA_COPY = xyes; then -AC_DEFINE(HAVE_VA_COPY,1,[Whether va_copy() is available]) -else -AC_CACHE_CHECK([for __va_copy],samba_cv_HAVE___VA_COPY,[ -AC_TRY_LINK([#include stdarg.h -va_list ap1,ap2;], [__va_copy(ap1,ap2);], -samba_cv_HAVE___VA_COPY=yes, -samba_cv_HAVE___VA_COPY=no)]) -if test x$samba_cv_HAVE___VA_COPY = xyes; then -AC_DEFINE(HAVE___VA_COPY,1,[Whether __va_copy() is available]) -fi -fi - -AC_CACHE_CHECK([for C99 vsnprintf],samba_cv_HAVE_C99_VSNPRINTF,[ -AC_TRY_RUN([ -#include sys/types.h -#include stdarg.h -void foo(const char *format, ...) { - va_list ap; - int len; - char buf[5]; - - va_start(ap, format); - len = vsnprintf(buf, 0, format, ap); - va_end(ap); - if (len != 5) exit(1); - - va_start(ap, format); - len = vsnprintf(0, 0, format, ap); - va_end(ap); - if (len != 5) exit(1); - - if (snprintf(buf, 3, hello) != 5 || strcmp(buf, he) != 0) exit(1); - - exit(0); -} -main() { foo(hello); } -], -samba_cv_HAVE_C99_VSNPRINTF=yes,samba_cv_HAVE_C99_VSNPRINTF=no,samba_cv_HAVE_C99_VSNPRINTF=cross)]) -if test x$samba_cv_HAVE_C99_VSNPRINTF = xyes; then -AC_DEFINE(HAVE_C99_VSNPRINTF,1,[Whether there is a C99 compliant vsnprintf]) -fi - AC_CACHE_CHECK([for broken readdir name],samba_cv_HAVE_BROKEN_READDIR_NAME,[ AC_TRY_RUN([#include sys/types.h #include dirent.h -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-955-g53c70b5
The branch, v4-0-test has been updated via 53c70b5f77a3b9abaab783590e66278129173d5f (commit) via 54ebd4e353038e86470ad036aa038e18a4296b4b (commit) via da1a9438bd89569077ef1eaa9dc977b5f9d62836 (commit) via 675bab738085cb5a9f17c1f159fbd97c4daafed2 (commit) from 83387ecccfe95b80525bf53c5fc9e945ffee10ec (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit 53c70b5f77a3b9abaab783590e66278129173d5f Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 20:05:51 2008 +0100 Support dlopen(NULL, ...) on HPUX. commit 54ebd4e353038e86470ad036aa038e18a4296b4b Merge: da1a9438bd89569077ef1eaa9dc977b5f9d62836 83387ecccfe95b80525bf53c5fc9e945ffee10ec Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 19:41:52 2008 +0100 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-trivial commit da1a9438bd89569077ef1eaa9dc977b5f9d62836 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 19:40:20 2008 +0100 Make more module init functions public, since they are compiled with -fvisibility=hidden. Not doing this causes failures on Mac OS X. commit 675bab738085cb5a9f17c1f159fbd97c4daafed2 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 19:34:45 2008 +0100 Make all auth module init functions public, since they are compiled with -fvisibility=hidden. Not doing this causes failures on Mac OS X. --- Summary of changes: source/auth/auth_anonymous.c|2 +- source/auth/auth_developer.c|2 +- source/auth/auth_sam.c |2 +- source/auth/auth_unix.c |2 +- source/auth/auth_winbind.c |2 +- source/auth/gensec/gensec_gssapi.c |2 +- source/auth/gensec/gensec_krb5.c|2 +- source/auth/gensec/schannel.c |2 +- source/auth/gensec/spnego.c |2 +- source/auth/ntlmssp/ntlmssp.c |2 +- source/lib/events/events_select.c |2 +- source/lib/events/events_standard.c |2 +- source/lib/replace/dlfcn.c |2 ++ source/lib/socket/socket_ip.c |4 ++-- source/lib/socket/socket_unix.c |2 +- 15 files changed, 17 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/auth_anonymous.c b/source/auth/auth_anonymous.c index bcab918..38c13d4 100644 --- a/source/auth/auth_anonymous.c +++ b/source/auth/auth_anonymous.c @@ -63,7 +63,7 @@ static const struct auth_operations anonymous_auth_ops = { .check_password = anonymous_check_password }; -NTSTATUS auth_anonymous_init(void) +_PUBLIC_ NTSTATUS auth_anonymous_init(void) { NTSTATUS ret; diff --git a/source/auth/auth_developer.c b/source/auth/auth_developer.c index 57eb752..0da947b 100644 --- a/source/auth/auth_developer.c +++ b/source/auth/auth_developer.c @@ -186,7 +186,7 @@ static const struct auth_operations fixed_challenge_auth_ops = { .check_password = fixed_challenge_check_password }; -NTSTATUS auth_developer_init(void) +_PUBLIC_ NTSTATUS auth_developer_init(void) { NTSTATUS ret; diff --git a/source/auth/auth_sam.c b/source/auth/auth_sam.c index 0885d82..9189640 100644 --- a/source/auth/auth_sam.c +++ b/source/auth/auth_sam.c @@ -425,7 +425,7 @@ static const struct auth_operations sam_ops = { .check_password = authsam_check_password }; -NTSTATUS auth_sam_init(void) +_PUBLIC_ NTSTATUS auth_sam_init(void) { NTSTATUS ret; diff --git a/source/auth/auth_unix.c b/source/auth/auth_unix.c index 62fb429..20e1987 100644 --- a/source/auth/auth_unix.c +++ b/source/auth/auth_unix.c @@ -829,7 +829,7 @@ static const struct auth_operations unix_ops = { .check_password = authunix_check_password }; -NTSTATUS auth_unix_init(void) +_PUBLIC_ NTSTATUS auth_unix_init(void) { NTSTATUS ret; diff --git a/source/auth/auth_winbind.c b/source/auth/auth_winbind.c index 89ae319..2f8074d 100644 --- a/source/auth/auth_winbind.c +++ b/source/auth/auth_winbind.c @@ -260,7 +260,7 @@ static const struct auth_operations winbind_ops = { .check_password = winbind_check_password }; -NTSTATUS auth_winbind_init(void) +_PUBLIC_ NTSTATUS auth_winbind_init(void) { NTSTATUS ret; diff --git a/source/auth/gensec/gensec_gssapi.c b/source/auth/gensec/gensec_gssapi.c index 87fa476..8361b11 100644 --- a/source/auth/gensec/gensec_gssapi.c +++ b/source/auth/gensec/gensec_gssapi.c @@ -1463,7 +1463,7 @@ static const struct gensec_security_ops gensec_gssapi_sasl_krb5_security_ops = { .priority = GENSEC_GSSAPI }; -NTSTATUS gensec_gssapi_init(void) +_PUBLIC_ NTSTATUS gensec_gssapi_init(void) { NTSTATUS ret; diff --git a/source/auth/gensec/gensec_krb5.c b/source/auth/gensec/gensec_krb5.c index 5cd0de1..d9addca 100644 --- a/source/auth/gensec/gensec_krb5.c +++
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2466-g8883ee2
The branch, v3-2-test has been updated via 8883ee2418152d58e2ce609e02105e009f8ca4e8 (commit) from 9b9495d3672e3a8e74d153dbef62825e6b5d5170 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit 8883ee2418152d58e2ce609e02105e009f8ca4e8 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Wed Feb 20 20:05:51 2008 +0100 Support dlopen(NULL, ...) on HPUX. (cherry picked from commit 53c70b5f77a3b9abaab783590e66278129173d5f) --- Summary of changes: source/lib/replace/dlfcn.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/replace/dlfcn.c b/source/lib/replace/dlfcn.c index 4284884..3b109d7 100644 --- a/source/lib/replace/dlfcn.c +++ b/source/lib/replace/dlfcn.c @@ -35,6 +35,8 @@ void *rep_dlopen(const char *name, int flags) #endif { #ifdef HAVE_SHL_LOAD + if (name == NULL) + return PROG_HANDLE; return (void *)shl_load(name, flags, 0); #else return NULL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2470-g39eef8e
The branch, v3-2-test has been updated via 39eef8e86cfab60c1328d2335a737b41d8fd6db0 (commit) via 63bff18f3f6396736910a8e1f5f2abf453c4f89a (commit) via 8b220717e8dd62455716d4aaf6728087d04fb71b (commit) via 2e6b66eda4dc30f03f1309a1dbef3eb87a4f7d1e (commit) from 8883ee2418152d58e2ce609e02105e009f8ca4e8 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit 39eef8e86cfab60c1328d2335a737b41d8fd6db0 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 23:44:17 2008 +0100 Fix build with static libs: place tdb static lib after tdb-util objects. Michael commit 63bff18f3f6396736910a8e1f5f2abf453c4f89a Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 22:47:31 2008 +0100 configure: add --enable-shared-libs to control overall internal use of shared libs. To disable internal use of shared libraries altogether (as opposed to disabling use of single shared libs by --with-static-libs=LIBS), use this new configure parameter --disable-shared-libs. Michael commit 8b220717e8dd62455716d4aaf6728087d04fb71b Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 21:33:06 2008 +0100 configure: Move assemblage of samba version strings to m4 include file. Michael commit 2e6b66eda4dc30f03f1309a1dbef3eb87a4f7d1e Author: Michael Adam [EMAIL PROTECTED] Date: Wed Feb 20 17:56:21 2008 +0100 Remove checks for ino_t, loff_t, offset_t, and comparison_fn_t from configure.in. These tests are in libreplace. Michael --- Summary of changes: source/Makefile.in |5 ++- source/configure.in| 60 --- source/m4/samba_version.m4 | 29 + 3 files changed, 65 insertions(+), 29 deletions(-) create mode 100644 source/m4/samba_version.m4 Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index 4402a6c..5c0b73a 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -241,8 +241,9 @@ MODULES = $(VFS_MODULES) $(PDB_MODULES) $(RPC_MODULES) $(IDMAP_MODULES) \ LIBTDB_OBJ0 = @TDB_OBJS@ LIBTDB_OBJ = $(LIBTDB_OBJ0) $(LIBREPLACE_OBJ) -TDB_OBJ = @LIBTDB_STATIC@ lib/util_tdb.o \ - lib/dbwrap.o lib/dbwrap_tdb.o lib/dbwrap_ctdb.o lib/dbwrap_rbt.o +TDB_OBJ = lib/util_tdb.o \ + lib/dbwrap.o lib/dbwrap_tdb.o lib/dbwrap_ctdb.o lib/dbwrap_rbt.o \ + @LIBTDB_STATIC@ SMBLDAP_OBJ = @SMBLDAP@ @SMBLDAPUTIL@ diff --git a/source/configure.in b/source/configure.in index e218c0b..fe9d716 100644 --- a/source/configure.in +++ b/source/configure.in @@ -18,25 +18,7 @@ esac builddir=`pwd` AC_SUBST(builddir) -SMB_VERSION_STRING=`cat $srcdir/include/version.h | grep 'SAMBA_VERSION_OFFICIAL_STRING' | cut -d '' -f2` -echo SAMBA VERSION: ${SMB_VERSION_STRING} - -SAMBA_VERSION_GIT_COMMIT_FULLREV=`cat $srcdir/include/version.h | grep 'SAMBA_VERSION_GIT_COMMIT_FULLREV' | cut -d ' ' -f3- | cut -d '' -f2` -if test -n ${SAMBA_VERSION_GIT_COMMIT_FULLREV};then - echo BUILD COMMIT REVISION: ${SAMBA_VERSION_GIT_COMMIT_FULLREV} -fi -SAMBA_VERSION_GIT_COMMIT_DATE=`cat $srcdir/include/version.h | grep 'SAMBA_VERSION_GIT_COMMIT_DATE' | cut -d ' ' -f3-` -if test -n ${SAMBA_VERSION_GIT_COMMIT_DATE};then - echo BUILD COMMIT DATE: ${SAMBA_VERSION_GIT_COMMIT_DATE} -fi -SAMBA_VERSION_GIT_COMMIT_TIME=`cat $srcdir/include/version.h | grep 'SAMBA_VERSION_GIT_COMMIT_TIME' | cut -d ' ' -f3-` -if test -n ${SAMBA_VERSION_GIT_COMMIT_TIME};then - echo BUILD COMMIT TIME: ${SAMBA_VERSION_GIT_COMMIT_TIME} - - # just to keep the build-farm gui happy for now... - echo BUILD REVISION: ${SAMBA_VERSION_GIT_COMMIT_TIME} -fi - +m4_include(m4/samba_version.m4) m4_include(m4/check_path.m4) AC_LIBREPLACE_CC_CHECKS @@ -792,13 +774,8 @@ AC_TYPE_SIZE_T AC_TYPE_PID_T AC_STRUCT_ST_RDEV AC_DIRENT_D_OFF -AC_CHECK_TYPE(ino_t,unsigned) -AC_CHECK_TYPE(loff_t,off_t) -AC_CHECK_TYPE(offset_t,loff_t) AC_CHECK_TYPE(ssize_t, int) AC_CHECK_TYPE(wchar_t, unsigned short) -AC_CHECK_TYPE(comparison_fn_t, -[AC_DEFINE(HAVE_COMPARISON_FN_T, 1,[Whether or not we have comparison_fn_t])]) # for cups support we need libcups, and a handful of header files @@ -4723,6 +4700,31 @@ if test $enable_static = yes; then fi # +# --disable-shared-libs +# can be used to disable the internal use of shared libs altogether +# (this only has an effect when building shared libs is enabled) +# +USESHARED=false +AC_SUBST(USESHARED) + +AC_MSG_CHECKING(whether to use shared libraries internally) +AC_ARG_ENABLE([shared-libs], + AS_HELP_STRING([--enable-shared-libs], + [Use shared libraries internally (default=yes)]), + [enable_shared_libs=$enableval], +
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-957-g5cd3310
The branch, v4-0-test has been updated via 5cd3310b78a85243eb436d05db3228c3495f9162 (commit) via c4d502f68fbd5d5bc2ac5bb6369950379c9176fc (commit) from 53c70b5f77a3b9abaab783590e66278129173d5f (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit 5cd3310b78a85243eb436d05db3228c3495f9162 Merge: c4d502f68fbd5d5bc2ac5bb6369950379c9176fc 53c70b5f77a3b9abaab783590e66278129173d5f Author: Andrew Bartlett [EMAIL PROTECTED] Date: Thu Feb 21 09:55:13 2008 +1100 Merge branch 'v4-0-test' of git://git.samba.org/samba into 4-0-local commit c4d502f68fbd5d5bc2ac5bb6369950379c9176fc Author: Andrew Bartlett [EMAIL PROTECTED] Date: Thu Feb 21 09:53:11 2008 +1100 Until the new ldb changes land, make ldb_wait set the error string. This makes it easier to track down which module only returned and error code, but not the error string. Andrew Bartlett --- Summary of changes: source/lib/ldb/common/ldb.c |8 +++- 1 files changed, 7 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/ldb/common/ldb.c b/source/lib/ldb/common/ldb.c index 5f2e5e3..3c9ef3f 100644 --- a/source/lib/ldb/common/ldb.c +++ b/source/lib/ldb/common/ldb.c @@ -508,11 +508,17 @@ static int ldb_autotransaction_request(struct ldb_context *ldb, struct ldb_reque int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type) { + int ret; if (!handle) { return LDB_SUCCESS; } - return handle-module-ops-wait(handle, type); + ret = handle-module-ops-wait(handle, type); + if (!ldb_errstring(handle-module-ldb)) { + /* Set a default error string, to place the blame somewhere */ + ldb_asprintf_errstring(handle-module-ldb, error waiting on module %s: %s (%d), handle-module-ops-name, ldb_strerror(ret), ret); + } + return ret; } /* set the specified timeout or, if timeout is 0 set the default timeout */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-958-gb1d2584
The branch, v4-0-test has been updated via b1d2584277304be3f2a640465cbf6b2a3ec571cc (commit) from 5cd3310b78a85243eb436d05db3228c3495f9162 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit b1d2584277304be3f2a640465cbf6b2a3ec571cc Author: Andrew Bartlett [EMAIL PROTECTED] Date: Thu Feb 21 10:43:13 2008 +1100 Be consistant about --ldap-backend-type Make the EJS provision and the selftest scripts both use the new syntax for speicifying the ldap backend type. Andrew Bartlett --- Summary of changes: source/selftest/target/Samba4.pm |3 ++- source/setup/provision | 16 ++-- 2 files changed, 12 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source/selftest/target/Samba4.pm b/source/selftest/target/Samba4.pm index 563aca8..11d4c85 100644 --- a/source/selftest/target/Samba4.pm +++ b/source/selftest/target/Samba4.pm @@ -729,9 +729,10 @@ nogroup:x:65534:nobody if ($self-{ldap} eq openldap) { ($ret-{SLAPD_CONF}, $ret-{OPENLDAP_PIDFILE}) = $self-mk_openldap($ldapdir, $configuration) or die(Unable to create openldap directories); + push (@provision_options, --ldap-backend-type=openldap); } elsif ($self-{ldap} eq fedora-ds) { ($ret-{FEDORA_DS_DIR}, $ret-{FEDORA_DS_PIDFILE}) = $self-mk_fedora_ds($ldapdir, $configuration) or die(Unable to create fedora ds directories); - push (@provision_options, --ldap-module=nsuniqueid); + push (@provision_options, --ldap-backend-type=fedora-ds); push (@provision_options, '--aci=aci:: KHRhcmdldGF0dHIgPSAiKiIpICh2ZXJzaW9uIDMuMDthY2wgImZ1bGwgYWNjZXNzIHRvIGFsbCBieSBhbGwiO2FsbG93IChhbGwpKHVzZXJkbiA9ICJsZGFwOi8vL2FueW9uZSIpOykK'); } diff --git a/source/setup/provision b/source/setup/provision index 9e135cd..328754f 100755 --- a/source/setup/provision +++ b/source/setup/provision @@ -35,7 +35,7 @@ options = GetOptions(ARGV, 'partitions-only', 'ldap-base', 'ldap-backend=s', -'ldap-module=s', +'ldap-backend-type=s', 'aci=s'); if (options == undefined) { @@ -88,7 +88,7 @@ provision [options] --partitions-only Configure Samba's partitions, but do not modify them (ie, join a BDC) --ldap-base output only an LDIF file, suitable for creating an LDAP baseDN --ldap-backend LDAPSERVER LDAP server to use for this provision - --ldap-module MODULE LDB mapping module to use for the LDAP backend + --ldap-backend-type TYPE OpenLDAP or Fedora DS --aci ACI An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server You must provide at least a realm and domain @@ -124,7 +124,7 @@ for (r in options) { var blank = (options[blank] != undefined); var ldapbackend = (options[ldap-backend] != undefined); -var ldapmodule = (options[ldap-module] != undefined); +var ldapbackendtype = options[ldap-backend-type]; var partitions_only = (options[partitions-only] != undefined); var paths = provision_default_paths(subobj); if (options[aci] != undefined) { @@ -139,9 +139,13 @@ if (ldapbackend) { if (options[ldap-backend] == ldapi) { subobj.LDAPBACKEND = subobj.LDAPI_URI; } - if (!ldapmodule) { + if (ldapbackendtype == undefined) { + + } else if (ldapbackendtype == openldap) { subobj.LDAPMODULE = normalise,entryuuid; subobj.TDB_MODULES_LIST = ; + } else if (ldapbackendtype == fedora-ds) { + subobj.LDAPMODULE = nsuniqueid; } subobj.BACKEND_MOD = subobj.LDAPMODULE + ,paged_searches; subobj.DOMAINDN_LDB = subobj.LDAPBACKEND; @@ -183,8 +187,8 @@ if (partitions_only) { if (ldapbackend) { message(--ldap-backend='%s' \\\n, subobj.LDAPBACKEND); } - if (ldapmodule) { - message(--ldap-module='%s' \\\n, + subobj.LDAPMODULE); + if (ldapbackendtype != undefined) { + message(--ldap-backend-type='%s' \\\n, + ldapbackendtype); } message(--aci=' + subobj.ACI + ' \\\n) } -- Samba Shared Repository
Build status as of Thu Feb 21 00:00:02 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-02-20 00:00:48.0 + +++ /home/build/master/cache/broken_results.txt 2008-02-21 00:00:18.0 + @@ -1,4 +1,4 @@ -Build status as of Wed Feb 20 00:00:02 2008 +Build status as of Thu Feb 21 00:00:02 2008 Build counts: Tree Total Broken Panic @@ -6,17 +6,17 @@ ccache 32 8 0 ctdb 0 0 0 distcc 1 0 0 -ldb 32 16 0 -libreplace 31 17 0 +ldb 32 30 0 +libreplace 31 16 0 lorikeet-heimdal 26 13 0 pidl 18 5 0 ppp 10 0 0 rsync32 12 0 samba-docs 0 0 0 samba-gtk4 4 0 -samba_3_2_test 32 26 0 -samba_4_0_test 30 30 0 +samba_3_2_test 32 21 0 +samba_4_0_test 30 26 0 smb-build30 3 0 -talloc 32 8 0 +talloc 32 7 0 tdb 31 16 0
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-960-g1bb673c
The branch, v4-0-test has been updated via 1bb673ce4e84088bc77d490101e8904cf9a467a2 (commit) via e8751e513d5f9b30e518104bbc23bcbd203818a6 (commit) from b1d2584277304be3f2a640465cbf6b2a3ec571cc (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit 1bb673ce4e84088bc77d490101e8904cf9a467a2 Merge: e8751e513d5f9b30e518104bbc23bcbd203818a6 b1d2584277304be3f2a640465cbf6b2a3ec571cc Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Thu Feb 21 01:07:06 2008 +0100 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-trivial commit e8751e513d5f9b30e518104bbc23bcbd203818a6 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Thu Feb 21 01:04:18 2008 +0100 Never assume -fvisibility=hidden for modules unless explicitly specified (consistent with what we do for other subsystems/libraries). --- Summary of changes: source/build/smb_build/input.pm |8 1 files changed, 0 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source/build/smb_build/input.pm b/source/build/smb_build/input.pm index da90e9d..8c9a6ef 100644 --- a/source/build/smb_build/input.pm +++ b/source/build/smb_build/input.pm @@ -233,14 +233,6 @@ sub check($) my ($INPUT, $enabled, $subsys_ot, $lib_ot, $module_ot) = @_; foreach my $part (values %$INPUT) { - unless (defined($part-{STANDARD_VISIBILITY})) { - if ($part-{TYPE} eq MODULE or $part-{TYPE} eq BINARY) { - $part-{STANDARD_VISIBILITY} = hidden; - } else { - $part-{STANDARD_VISIBILITY} = default; - } - } - unless (defined($part-{PUBLIC_HEADERS})) { $part-{PUBLIC_HEADERS} = []; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-962-ga0a05c5
The branch, v4-0-test has been updated via a0a05c5a3d614d0f2936ecfcab5273a2ef7d61a8 (commit) via 157deac27d01dc61952601ffd2655c8161418ac7 (commit) from 1bb673ce4e84088bc77d490101e8904cf9a467a2 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v4-0-test - Log - commit a0a05c5a3d614d0f2936ecfcab5273a2ef7d61a8 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Thu Feb 21 01:22:20 2008 +0100 Make setup/provision the name of the python provision script now that that is the default. commit 157deac27d01dc61952601ffd2655c8161418ac7 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Thu Feb 21 01:20:12 2008 +0100 Remove kinit with pkinit failure from known failures list again. --- Summary of changes: source/samba4-knownfail |1 - source/selftest/target/Samba4.pm |4 +- source/setup/provision | 368 ++ source/setup/{provision = provision.js} |0 source/setup/provision.py| 170 -- source/setup/tests/blackbox_provision.sh |6 +- 6 files changed, 175 insertions(+), 374 deletions(-) copy source/setup/{provision = provision.js} (100%) delete mode 100755 source/setup/provision.py Changeset truncated at 500 lines: diff --git a/source/samba4-knownfail b/source/samba4-knownfail index 652..18fb4b9 100644 --- a/source/samba4-knownfail +++ b/source/samba4-knownfail @@ -34,6 +34,5 @@ rpc.netlogon.*.GetTrustPasswords base.charset.*.Testing partial surrogate .*net.api.delshare.* # DelShare isn't implemented yet rap.*netservergetinfo -kinit with pkinit # fails with: salt type 3 not supported samba4.blackbox.provision.py.reprovision # Fails with entry already exists local.torture.provision diff --git a/source/selftest/target/Samba4.pm b/source/selftest/target/Samba4.pm index 11d4c85..37e3cbe 100644 --- a/source/selftest/target/Samba4.pm +++ b/source/selftest/target/Samba4.pm @@ -676,10 +676,10 @@ nogroup:x:65534:nobody push (@provision_options, NSS_WRAPPER_GROUP=\$nsswrap_group\); if (defined($ENV{PROVISION_EJS})) { push (@provision_options, $self-{bindir}/smbscript); - push (@provision_options, $self-{setupdir}/provision); + push (@provision_options, $self-{setupdir}/provision.js); } else { push (@provision_options, $self-{bindir}/smbpython); - push (@provision_options, $self-{setupdir}/provision.py); + push (@provision_options, $self-{setupdir}/provision); } push (@provision_options, split(' ', $configuration)); push (@provision_options, --host-name=$netbiosname); diff --git a/source/setup/provision b/source/setup/provision index 328754f..033d249 100755 --- a/source/setup/provision +++ b/source/setup/provision @@ -1,198 +1,170 @@ -#!/bin/sh -exec smbscript $0 ${1+$@} -/* - provision a Samba4 server - Copyright Andrew Tridgell 2005 - Released under the GNU GPL v2 or later -*/ - -options = GetOptions(ARGV, - POPT_AUTOHELP, - POPT_COMMON_SAMBA, - POPT_COMMON_VERSION, - POPT_COMMON_CREDENTIALS, - 'realm=s', - 'domain=s', - 'domain-guid=s', - 'domain-sid=s', - 'policy-guid=s', - 'host-name=s', - 'host-ip=s', - 'host-guid=s', - 'invocationid=s', - 'adminpass=s', - 'krbtgtpass=s', - 'machinepass=s', - 'dnspass=s', - 'root=s', - 'nobody=s', - 'nogroup=s', - 'wheel=s', - 'users=s', - 'quiet', - 'blank', - 'server-role=s', - 'partitions-only', - 'ldap-base', - 'ldap-backend=s', -'ldap-backend-type=s', -'aci=s'); - -if (options == undefined) { - println(Failed to parse options); - return -1; -} - -libinclude(base.js); -libinclude(provision.js); - -/* - print a message if quiet is not set -*/ -function message() -{ - if (options[quiet] == undefined) { - print(vsprintf(arguments)); - } -} - -/* - show some help -*/ -function ShowHelp() -{ - print( -Samba4 provisioning - -provision [options] - --realm REALM set realm - --domain DOMAIN set domain - --domain-guid GUIDset domainguid (otherwise random) - --domain-sid SID set domainsid (otherwise random) - --host-name HOSTNAMEset hostname - --host-ip IPADDRESS set ipaddress - --host-guid GUIDset hostguid (otherwise random) - --policy-guid GUIDset group policy guid
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2471-gf7d2f69
The branch, v3-2-test has been updated via f7d2f692994918037e603ef95dd097b03d2c5456 (commit) from 39eef8e86cfab60c1328d2335a737b41d8fd6db0 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit f7d2f692994918037e603ef95dd097b03d2c5456 Author: Tim Potter [EMAIL PROTECTED] Date: Mon Feb 18 10:43:46 2008 +1100 Fix possible close of invalid fd if call to socket() returns -1. --- Summary of changes: source/lib/util_sock.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c index 71d48d6..e040f46 100644 --- a/source/lib/util_sock.c +++ b/source/lib/util_sock.c @@ -1933,7 +1933,8 @@ int create_pipe_sock(const char *socket_dir, out_close: SAFE_FREE(path); - close(sock); + if (sock != -1) + close(sock); out_umask: umask(old_umask); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2473-g737bb95
The branch, v3-2-test has been updated via 737bb950d50ac6c5d4f99279bf535ae3a9963b2f (commit) via 47dd0700b4320bf5ac9a80e71ae82d82d4554e6a (commit) from f7d2f692994918037e603ef95dd097b03d2c5456 (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit 737bb950d50ac6c5d4f99279bf535ae3a9963b2f Author: Tim Potter [EMAIL PROTECTED] Date: Mon Feb 18 20:37:33 2008 +1100 Fix double free bugs after calling regfio_close() commit 47dd0700b4320bf5ac9a80e71ae82d82d4554e6a Author: Tim Potter [EMAIL PROTECTED] Date: Mon Feb 18 21:00:51 2008 +1100 Fix memory leaks on error path --- Summary of changes: source/libsmb/clifile.c |9 - source/registry/regfio.c |4 2 files changed, 8 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/clifile.c b/source/libsmb/clifile.c index 9b4c380..10c35a3 100644 --- a/source/libsmb/clifile.c +++ b/source/libsmb/clifile.c @@ -38,8 +38,15 @@ static bool cli_link_internal(struct cli_state *cli, const char *oldname, const size_t newlen = 2*(strlen(newname)+1); param = SMB_MALLOC_ARRAY(char, 6+newlen+2); + + if (!param) { + return false; + } + data = SMB_MALLOC_ARRAY(char, oldlen+2); - if (!param || !data) { + + if (!data) { + SAFE_FREE(param); return false; } diff --git a/source/registry/regfio.c b/source/registry/regfio.c index 3740ff0..1c3aad7 100644 --- a/source/registry/regfio.c +++ b/source/registry/regfio.c @@ -1171,7 +1171,6 @@ out: if ( !(rb-mem_ctx = talloc_init( read_regf_block )) ) { regfio_close( rb ); - SAFE_FREE(rb); return NULL; } @@ -1182,7 +1181,6 @@ out: if ( (rb-fd = open(filename, flags, mode)) == -1 ) { DEBUG(0,(regfio_open: failure to open %s (%s)\n, filename, strerror(errno))); regfio_close( rb ); - SAFE_FREE(rb); return NULL; } @@ -1192,7 +1190,6 @@ out: if ( !init_regf_block( rb ) ) { DEBUG(0,(regfio_open: Failed to read initial REGF block\n)); regfio_close( rb ); - SAFE_FREE(rb); return NULL; } @@ -1205,7 +1202,6 @@ out: if ( !read_regf_block( rb ) ) { DEBUG(0,(regfio_open: Failed to read initial REGF block\n)); regfio_close( rb ); - SAFE_FREE(rb); return NULL; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-2474-gd9b7228
The branch, v3-2-test has been updated via d9b72282c63b57c8e54131306b2a3028a1ea41dc (commit) from 737bb950d50ac6c5d4f99279bf535ae3a9963b2f (commit) http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test - Log - commit d9b72282c63b57c8e54131306b2a3028a1ea41dc Author: Jeremy Allison [EMAIL PROTECTED] Date: Wed Feb 20 22:10:54 2008 -0800 From: David Disseldorp [EMAIL PROTECTED] The vfs_prealloc module makes use of the now redundant fd parameter for SMB_VFS_FTRUNCATE(), instead get the fd from the files_struct. Patch for Samba 3.2 Test branch below. Cheers, David D --- Summary of changes: source/modules/vfs_prealloc.c |3 +-- 1 files changed, 1 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source/modules/vfs_prealloc.c b/source/modules/vfs_prealloc.c index cb3508d..2a06e3d 100644 --- a/source/modules/vfs_prealloc.c +++ b/source/modules/vfs_prealloc.c @@ -199,7 +199,7 @@ static int prealloc_ftruncate(vfs_handle_struct * handle, /* Maintain the allocated space even in the face of truncates. */ if ((psize = VFS_FETCH_FSP_EXTENSION(handle, fsp))) { - preallocate_space(fd, *psize); + preallocate_space(fsp-fh-fd, *psize); } return ret; @@ -218,4 +218,3 @@ NTSTATUS vfs_prealloc_init(void) return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, MODULE, prealloc_op_tuples); } - -- Samba Shared Repository
svn commit: samba-web r1172 - in trunk/team: .
Author: kseeger Date: 2008-02-21 07:51:58 + (Thu, 21 Feb 2008) New Revision: 1172 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1172 Log: Adding myself to the team list. Modified: trunk/team/index.html Changeset: Modified: trunk/team/index.html === --- trunk/team/index.html 2008-02-09 16:04:59 UTC (rev 1171) +++ trunk/team/index.html 2008-02-21 07:51:58 UTC (rev 1172) @@ -66,6 +66,7 @@ lia href=mailto:[EMAIL PROTECTED]James Peach/a/li lia href=mailto:[EMAIL PROTECTED]Tim Potter/a/li +lia href=mailto:[EMAIL PROTECTED]Karolin Seeger/a/li lia href=http://www.richardsharpe.com;Richard Sharpe/a/li lia href=mailto:[EMAIL PROTECTED]Dan Shearer/a/li lia href=mailto:[EMAIL PROTECTED]Simo Sorce/a/li