Re: [Samba] 'inherit owner' doesn't play nice with 'force directory mode'
On Dienstag, 18. August 2009 wrote jw: Hello I am trying to create a 'dropbox' share, using the sticky bit and 'inherit owner'. By themselves they work, but when a directory is created in this share, its permissions are not quite what I need. Therefore, I try to use 'force directory mode' or 'inherit permissions'. However, whenever I do that, the owner on the newly-created directory is no longer correct w/regard to 'inherit owner'. Is this correct behavior, or a bug? You should try posix acls. Read the man pages: getfacl setfacl acl or search this list archiv. Look for default acl. ... Thanks, John -- Gruss Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Which version do I need for SMB2?
On Wed, Aug 19, 2009 at 07:24:08PM -0400, John Klimek wrote: What about NFS versus SMB? Are both about the same speed? Should be, yes. Although for specific operations there might be differences. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3 PDC 3.3.4 broken with Win 7 RTM
Hi, I am looking forward to successfully join and logon a Windows 7 RTM to a Samba 3 domain. After a little googling and experimenting I came to conclusion that only version 3.3.4 of samba can accept such clients : - http://www.1stbyte.com/2009/05/31/join-windows-7-to-samba-pdc/ - http://ubuntuforums.org/showthread.php?t=1225500 Furthermore, Microsoft seems to have broken even compatibility with their own NT4 server: http://social.technet.microsoft.com/Forums/en-US/w7itpronetworking/thread/8b4dd460-dd57-41da-b541-6933cd4d2531?prof=requiredwa=wsignin1.0 In the meantime I have tested with 3.4.0, 3.3.6, 3.2.5 and 3.3.4 - only 3.3.4 successfully allowed logons. Something must have regressed right after 3.3.4. Thank you, Costin Gusa -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Which version do I need for SMB2?
Hallo, John, Du meintest am 19.08.09: Last question then... What about NFS versus SMB? Are both about the same speed? [fullquote deleted] NFS is faster, but (in my opinion, and without Kerberos etc.) less secure. On some machines I had mounted NFS shares from other machines and had made SMB shares out of them. Ugly, but most times it worked. Sometimes it was horribly slow. If you have to serve windows clients, smb is the first (or only) choice. If you have to serve linux clients, you should run cifs, the alternative NFS + NIS (or something like that) is ugly. Maybe Volker's idea to implement the NFS/NIS-crap into winbindd may lead to a fine solution. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Script to Auto-add Domain Users to Workstation Power Users Group doesn't work
Ubuntu 8.04 Server 64-bit Edition Samba 3.0.28a configured as PDC WinXP - SP2 clients I am following the instructions in http://www.samba.org/samba/docs/man/...#magicnetlogon to add domain users to the winxp clients Power Users group. Code: autopoweruser.sh #!/bin/bash /usr/bin/net rpc group addmem Power Users DOMAIN_NAME\$1 \ -UAdministrator%secret -S $2 exit 0 [netlogon] comment = Netlogon Share path = /export/samba/logon root preexec = /etc/samba/scripts/autopoweruser.sh %U %m read only = Yes guest ok = Yes But nothing happens when users login? how can i make this work? Can anybody help Avinash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Which version do I need for SMB2?
Thanks very much for the help. I'm using a private network so I don't need to worry about authentication security (eg. Kerberos, etc) and because I'm using Windows Server 2008 I have the option of using SMB or NFS. I'm serving both a Windows client and a Linux client but with Windows Server 2008 I can use SMB for the Windows client and NFS for the Linux client. (eg. W2K8 can support both NFS and SMB at the same time) I was only wondering which is faster for Linux because I can choose between either technology. I guess I'll just try to benchmark both protocols on Linux and see which is faster. I was just trying to get some opinions on which would be better in my situation. (eg. serving large video files from W2K8 to Ubuntu 9.04) Thanks for the help, John On Thu, Aug 20, 2009 at 2:57 AM, Helmut Hullenhul...@t-online.de wrote: Hallo, John, Du meintest am 19.08.09: Last question then... What about NFS versus SMB? Are both about the same speed? [fullquote deleted] NFS is faster, but (in my opinion, and without Kerberos etc.) less secure. On some machines I had mounted NFS shares from other machines and had made SMB shares out of them. Ugly, but most times it worked. Sometimes it was horribly slow. If you have to serve windows clients, smb is the first (or only) choice. If you have to serve linux clients, you should run cifs, the alternative NFS + NIS (or something like that) is ugly. Maybe Volker's idea to implement the NFS/NIS-crap into winbindd may lead to a fine solution. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] central PDC + remote BDCs: LDAP strategy, my lack of comprehension
Hello Sven, I have the following structure here: - one PDC talking to RW OpenLDAP - three BDCs talking to RO OpenLDAP replica Basically I am using additional BDCs as file servers - and so far it works fine. Please take a look on password server and passdb backend (here you specify the RO replica). Think also about ldapsam:trusted = yes (large performance gain). One of the BDCs is located 500km from where I am right now - and there is also a replica out there (accessed by Samba running out there to get all user/group info - but password server is located here). According to a much older e-mail (when I had a question about BDCs) - a copy-paste from Volker's reply: --- copy paste --- On Fri, Oct 05, 2007 at 10:15:02PM +0200, Michal Dobroczynski wrote: Well - what I have discovered is that setting domain logons = Yes domain master = No seems to solve the problem. ... because this *is* the only way to tell Samba to be a BDC. This must be somewhere in the docs. Volker --- copy paste --- I hope this helps a bit. Regards, Michal 2009/8/20 sven.eh...@comdok.de: Hello, I am trying to figure out how to implement a samba domain in a number of remote offices around the world with partly bad and often interrupted WAN connections/VPNs. The goal is to administer the directory from the central data center. My obvious choice would be to set up a central server with SAMBA+OpenLDAP+smbldap-tools and in each remote office a SAMBA server with OpenLDAP as a read-only slave from the central master. Although I seem to make progress, it seems that the more time I invest in this project, the more questions emerge. My latest issue made me create this mailman account. My question is: When the remote SAMBA server only talks to its own local, read-only LDAP slave, how is it going to change user/machine passwords or add machine accounts (when joining the domain)? In my test setup an XP client inisisted on trying to join the BDC, failing because a) smbldap-tools is not installed or b) it could not write to the slave LDAP directory. I surely could configure the remote SAMBA to talk to the central OpenLDAP service, but then I would not need LDAP replication and would not have a failover in case the WAN link goes down. There was the SAMBA option to have multiple tdbsam backends but this is not supported anymore. I hope that my explanation does enable somebody to give me a hint understanding what can/should/must be done. Kind regards Sven Ehret -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] central PDC + remote BDCs: LDAP strategy, my lack of comprehension
Hello, I am trying to figure out how to implement a samba domain in a number of remote offices around the world with partly bad and often interrupted WAN connections/VPNs. The goal is to administer the directory from the central data center. My obvious choice would be to set up a central server with SAMBA+OpenLDAP+smbldap-tools and in each remote office a SAMBA server with OpenLDAP as a read-only slave from the central master. Although I seem to make progress, it seems that the more time I invest in this project, the more questions emerge. My latest issue made me create this mailman account. My question is: When the remote SAMBA server only talks to its own local, read-only LDAP slave, how is it going to change user/machine passwords or add machine accounts (when joining the domain)? In my test setup an XP client inisisted on trying to join the BDC, failing because a) smbldap-tools is not installed or b) it could not write to the slave LDAP directory. I surely could configure the remote SAMBA to talk to the central OpenLDAP service, but then I would not need LDAP replication and would not have a failover in case the WAN link goes down. There was the SAMBA option to have multiple tdbsam backends but this is not supported anymore. I hope that my explanation does enable somebody to give me a hint understanding what can/should/must be done. Kind regards Sven Ehret -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Veto files question
Hi, there I have a question about Veto files in smb.conf: Can we use this option to hidden files not belonging to myself in a shared folder? If not, how do we implement this functionality in Samba? Thanks, Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Veto files question
On Thu, 2009-08-20 at 09:34 -0400, Allen Chen wrote: Hi, there I have a question about Veto files in smb.conf: Can we use this option to hidden files not belonging to myself in a shared folder? No, AFAIK, veto files just match the name of the file to some pattern; it doesn't concern itself with meta-data like ownership. If not, how do we implement this functionality in Samba? No clue. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] netlogon.bat issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have samba configured so that users have their own netlogon.bat file (e.g. %U.bat) and each user has a .bat with their username in the netlogon share. So far I have been unable to get any of the shares that I have defined in the batch file to be mounted when a user logs in. Here is a snapshot of both the netlogon section of my smb.conf file and the %U.bat file I am using: smb.conf: [global] ... preexec = /usr/local/bin/netlogon %U logon script = %U.bat logon home = \\%L\%U\.profiles logon path = \\%L\profiles$\%U logon drive = Z: [netlogon] path = /mnt/samba/netlogon admin users = root, Administrator, Admin valid users = %U read only = no browsable = no create mask = 0770 force create mode = 0060 create directory mask = 0770 force directory mode = 0070 security mask = 0777 directory security mask = 0777 %U.bat: @echo off REM # In this example it is assumed the smb.conf handles home drive mapping REM # All users get access to Common drive net use Y: \\192.168.155.20\common REM # Lastly lets set the davidc's time to 192.168.155.20's time net time \\192.168.155.20 /set /yes -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkqNejQACgkQ5B+8XEnAvqvTiwCgjw5vNv34vE8m0dAIwUmbaw0Q Og8AnRKHI73Lo4T8Tasw6DHd6YPwwBOX =svIZ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Keeping a list of NetBIOS names on a network?
Thanks for the very detailed answer! For what it's worth, I've found smbtree -NS seems to give the output I'm looking for. Now I'm just looking for a more programmatic interface to get that same information. :) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Christensen wrote: I have samba configured so that users have their own netlogon.bat file (e.g. %U.bat) and each user has a .bat with their username in the netlogon share. So far I have been unable to get any of the shares that I have defined in the batch file to be mounted when a user logs in. Here is a snapshot of both the netlogon section of my smb.conf file and the %U.bat file I am using: smb.conf: [global] ... preexec = /usr/local/bin/netlogon %U logon script = %U.bat logon home = \\%L\%U\.profiles logon path = \\%L\profiles$\%U logon drive = Z: [netlogon] path = /mnt/samba/netlogon admin users = root, Administrator, Admin valid users = %U read only = no browsable = no create mask = 0770 force create mode = 0060 create directory mask = 0770 force directory mode = 0070 security mask = 0777 directory security mask = 0777 %U.bat: @echo off REM # In this example it is assumed the smb.conf handles home drive mapping REM # All users get access to Common drive net use Y: \\192.168.155.20\common REM # Lastly lets set the davidc's time to 192.168.155.20's time net time \\192.168.155.20 /set /yes Updated info The user can run the batch file manually from the netlogon share, so the issue seems to be with it running automatically, is there any logs that would capture an attempt to execute this file? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkqNhR4ACgkQ5B+8XEnAvquZCwCfcTAt+U42bdHe2B2+3MmmH/Lh W3YAn1r5esG75qWSOLrcoZseuHeuL1SJ =1Ir4 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] LDAP errors with v3.0.34 using the LDAP schema file with Sun DS 5.2
Receive the following errors when users authenticate with LDAP schema file included with Sun DS 5.2: ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry sambaDomainName=,??=???,??=???, attribute sambapwdhistorylength is not allowed ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry sambaDomainName=,??=???,??=???, attribute sambalockoutthreshold is not allowed ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry sambaDomainName=,??=???,??=???, attribute sambamaxpwdage is not allowed The authentication is succdessful, yet these errors are logged multiple times. Checked in the schema file for SAMBA 3.0.x sent with Sun DS 5.2, and indeed, the attributes sambapwdhistorylength, sambalockoutthreshold, and sambamaxpwdage are not among those listed in the schema file for SAMBA 3.0.x. Is there an updated schema file or a way to configure the authentication to remove the verification of these attributes? Thank you, Rob Mottishaw -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba vbscript login script blocked by windows
Hi, anyone else using a vbs script for a login script and getting it blocked by windows? more specifically, wscript.exe is what's getting blocked. I tried editing the Windows firewall, but that didn't seem to help. Any help would be greatly appreciated. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba vbscript login script blocked by windows
What is your vbs script suppose to do. Personally, i'M using kixtart scripting -Original Message- From: Christopher Perry cpe...@hmdc.harvard.edu Sent: Thursday, 20 August 2009 5:50 PM To: samba@lists.samba.org Subject: [Samba] samba vbscript login script blocked by windows Hi, anyone else using a vbs script for a login script and getting it blocked by windows? more specifically, wscript.exe is what's getting blocked. I tried editing the Windows firewall, but that didn't seem to help. Any help would be greatly appreciated. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
David, Your netlogon share is more complicated than most. Consider initially commenting out all the mask and mode parameters and the valid users parameter. If it then works, add them back one at a time until it breaks. Depending on what the global preexec script does, you may want to initially disable that also. Check that the execute bit is set on the .bat files. I used 755 permissions with root:root ownership. Check the permissions throughout the entire netlogon path (/mnt/samba/netlogon). Were the files created in a DOS/Windows editor? Dale David Christensen wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Christensen wrote: I have samba configured so that users have their own netlogon.bat file (e.g. %U.bat) and each user has a .bat with their username in the netlogon share. So far I have been unable to get any of the shares that I have defined in the batch file to be mounted when a user logs in. Here is a snapshot of both the netlogon section of my smb.conf file and the %U.bat file I am using: smb.conf: [global] ... preexec = /usr/local/bin/netlogon %U logon script = %U.bat logon home = \\%L\%U\.profiles logon path = \\%L\profiles$\%U logon drive = Z: [netlogon] path = /mnt/samba/netlogon admin users = root, Administrator, Admin valid users = %U read only = no browsable = no create mask = 0770 force create mode = 0060 create directory mask = 0770 force directory mode = 0070 security mask = 0777 directory security mask = 0777 %U.bat: @echo off REM # In this example it is assumed the smb.conf handles home drive mapping REM # All users get access to Common drive net use Y: \\192.168.155.20\common REM # Lastly lets set the davidc's time to 192.168.155.20's time net time \\192.168.155.20 /set /yes Updated info The user can run the batch file manually from the netlogon share, so the issue seems to be with it running automatically, is there any logs that would capture an attempt to execute this file? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkqNhR4ACgkQ5B+8XEnAvquZCwCfcTAt+U42bdHe2B2+3MmmH/Lh W3YAn1r5esG75qWSOLrcoZseuHeuL1SJ =1Ir4 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
Dale Schroeder wrote: David, Your netlogon share is more complicated than most. Consider initially commenting out all the mask and mode parameters and the valid users parameter. If it then works, add them back one at a time until it breaks. Depending on what the global preexec script does, you may want to initially disable that also. Check that the execute bit is set on the .bat files. I used 755 permissions with root:root ownership. Check the permissions throughout the entire netlogon path (/mnt/samba/netlogon). Were the files created in a DOS/Windows editor? Dale David Christensen wrote: David Christensen wrote: I have samba configured so that users have their own netlogon.bat file (e.g. %U.bat) and each user has a .bat with their username in the netlogon share. So far I have been unable to get any of the shares that I have defined in the batch file to be mounted when a user logs in. Here is a snapshot of both the netlogon section of my smb.conf file and the %U.bat file I am using: smb.conf: [global] ... preexec = /usr/local/bin/netlogon %U logon script = %U.bat logon home = \\%L\%U\.profiles logon path = \\%L\profiles$\%U logon drive = Z: [netlogon] path = /mnt/samba/netlogon admin users = root, Administrator, Admin valid users = %U read only = no browsable = no create mask = 0770 force create mode = 0060 create directory mask = 0770 force directory mode = 0070 security mask = 0777 directory security mask = 0777 %U.bat: @echo off REM # In this example it is assumed the smb.conf handles home drive mapping REM # All users get access to Common drive net use Y: \\192.168.155.20\common REM # Lastly lets set the davidc's time to 192.168.155.20's time net time \\192.168.155.20 /set /yes Updated info The user can run the batch file manually from the netlogon share, so the issue seems to be with it running automatically, is there any logs that would capture an attempt to execute this file? The preexec script actually creates a netlogon.bat file for each user when they log in and sets the file ownership to that of the user logging in. So the batch file is being created by the Linux server. Since I can execute the bat files manually via a command line on an XP host, wouldn't that mean that the file is ok? I commented everything you mentioned out and changed the file permissions, still not playing fair. David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba 3.4 performance tuning
Any hints for samba performance tuning parameters in smb.conf? current parameters: workgroup = server string = XX passdb backend = smbpasswd log file = /var/log/samba/log.%m max log size = 50 unix extensions = No load printers = No add user script = /usr/sbin/useradd %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g delete user from group script = /usr/sbin/deluser %u %g add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u logon script = logon.cmd logon drive = R: domain logons = Yes os level = 33 preferred master = Auto domain master = Yes dns proxy = No wins support = Yes hide unreadable = Yes First connection (drive map) from windows machines is a bit slow, maybe disabling ipv6 helps for that? -- Eero -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
Hallo, David, Du meintest am 20.08.09: The preexec script actually creates a netlogon.bat file for each user when they log in and sets the file ownership to that of the user logging in. Can DOS/Windows run this batch file? If it's created under Linux maybe it has Linux LF and not DOS CRLF. A simple check is opening it with notepad (not with wordpad). So the batch file is being created by the Linux server. Since I can execute the bat files manually via a command line on an XP host, wouldn't that mean that the file is ok? That's the minimum. I can't believe that your way is useful. I'd prefer 1 logon.bat for all users with some if ... then parts for special cases. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
Hallo, Dale, Du meintest am 20.08.09: Check that the execute bit is set on the .bat files. I used 755 permissions with root:root ownership. That's not necessary. It has to be run (read) under DOS/Windows from a Windows client, not run under Linux. Therefore 644 is enough (maybe 640 does reach). Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.4 performance tuning
On Thu, 2009-08-20 at 23:06 +0300, Eero Volotinen wrote: Any hints for samba performance tuning parameters in smb.conf? current parameters: First connection (drive map) from windows machines is a bit slow, maybe disabling ipv6 helps for that? Why not suss out where the delay is before changing things? See Premature Optimization. Watch with wireshark and see if you see [long] pauses in the exchange. My guess is that you'll find pauses where the client [the Windows PC] isn't doing anything - which Samba can't help. IPv6 will only matter if the client is using IPv6 and in 2009 disabling IPv6 is just a bit retro. Haven't tested with Samba but in general we find IPv6 to be slightly faster. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] 'inherit owner' doesn't play nice with 'force directory mode'
On Wed, Aug 19, 2009 at 11:05 PM, Harry Jedewalk2...@arcor.de wrote: On Dienstag, 18. August 2009 wrote jw: Is this correct behavior, or a bug? You should try posix acls. Read the man pages: getfacl setfacl acl or search this list archiv. Look for default acl. I have not used ACLs much, but think I understand the concept. From what I understand, there is no acl 'sticky bit' equivelent. Therefore, in order to get the sticky bit inherited in new directories, I need to use 'inherit permissions' in samba. But because of this strange issue I have been discussing with Jeremy, I cannot get the user/group to be anything other than who you connect to samba as. And therefore, ACLs won't help me (I think). There is no ACL I can add that would restrict write permission if a file already exists, but allow creation of new files. That is my current understanding, at least. I will read up on the docs though. -John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
David Christensen wrote: Dale Schroeder wrote: David, Your netlogon share is more complicated than most. Consider initially commenting out all the mask and mode parameters and the valid users parameter. If it then works, add them back one at a time until it breaks. Depending on what the global preexec script does, you may want to initially disable that also. Check that the execute bit is set on the .bat files. I used 755 permissions with root:root ownership. Check the permissions throughout the entire netlogon path (/mnt/samba/netlogon). Were the files created in a DOS/Windows editor? Dale David Christensen wrote: David Christensen wrote: I have samba configured so that users have their own netlogon.bat file (e.g. %U.bat) and each user has a .bat with their username in the netlogon share. So far I have been unable to get any of the shares that I have defined in the batch file to be mounted when a user logs in. Here is a snapshot of both the netlogon section of my smb.conf file and the %U.bat file I am using: smb.conf: [global] ... preexec = /usr/local/bin/netlogon %U logon script = %U.bat logon home = \\%L\%U\.profiles logon path = \\%L\profiles$\%U logon drive = Z: [netlogon] path = /mnt/samba/netlogon admin users = root, Administrator, Admin valid users = %U read only = no browsable = no create mask = 0770 force create mode = 0060 create directory mask = 0770 force directory mode = 0070 security mask = 0777 directory security mask = 0777 %U.bat: @echo off REM # In this example it is assumed the smb.conf handles home drive mapping REM # All users get access to Common drive net use Y: \\192.168.155.20\common REM # Lastly lets set the davidc's time to 192.168.155.20's time net time \\192.168.155.20 /set /yes Updated info The user can run the batch file manually from the netlogon share, so the issue seems to be with it running automatically, is there any logs that would capture an attempt to execute this file? Determined by the log file and log level parameters, usually located in /var/log/samba. The preexec script actually creates a netlogon.bat file for each user when they log in and sets the file ownership to that of the user logging in. So the batch file is being created by the Linux server. Since I can execute the bat files manually via a command line on an XP host, wouldn't that mean that the file is ok? Everything I've read says the logon scripts have to be in DOS format. Here's one example of that admonition: http://oreilly.com/catalog/samba/chapter/book/ch06_06.html To keep it automated, you could add a unix2dos command in the script. I commented everything you mentioned out and changed the file permissions, still not playing fair. The other parameters you provided look fairly standard. Dale David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
Depending on the version of Samba, it could be that passdb expand explicit = yes is required. I ran across this in a similar situation due to a change in default behaviour. Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. Transact is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 1200 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dale Schroeder wrote: David Christensen wrote: Dale Schroeder wrote: David, Your netlogon share is more complicated than most. Consider initially commenting out all the mask and mode parameters and the valid users parameter. If it then works, add them back one at a time until it breaks. Depending on what the global preexec script does, you may want to initially disable that also. Check that the execute bit is set on the .bat files. I used 755 permissions with root:root ownership. Check the permissions throughout the entire netlogon path (/mnt/samba/netlogon). Were the files created in a DOS/Windows editor? Dale David Christensen wrote: David Christensen wrote: I have samba configured so that users have their own netlogon.bat file (e.g. %U.bat) and each user has a .bat with their username in the netlogon share. So far I have been unable to get any of the shares that I have defined in the batch file to be mounted when a user logs in. Here is a snapshot of both the netlogon section of my smb.conf file and the %U.bat file I am using: smb.conf: [global] ... preexec = /usr/local/bin/netlogon %U logon script = %U.bat logon home = \\%L\%U\.profiles logon path = \\%L\profiles$\%U logon drive = Z: [netlogon] path = /mnt/samba/netlogon admin users = root, Administrator, Admin valid users = %U read only = no browsable = no create mask = 0770 force create mode = 0060 create directory mask = 0770 force directory mode = 0070 security mask = 0777 directory security mask = 0777 %U.bat: @echo off REM # In this example it is assumed the smb.conf handles home drive mapping REM # All users get access to Common drive net use Y: \\192.168.155.20\common REM # Lastly lets set the davidc's time to 192.168.155.20's time net time \\192.168.155.20 /set /yes Updated info The user can run the batch file manually from the netlogon share, so the issue seems to be with it running automatically, is there any logs that would capture an attempt to execute this file? Determined by the log file and log level parameters, usually located in /var/log/samba. The preexec script actually creates a netlogon.bat file for each user when they log in and sets the file ownership to that of the user logging in. So the batch file is being created by the Linux server. Since I can execute the bat files manually via a command line on an XP host, wouldn't that mean that the file is ok? Everything I've read says the logon scripts have to be in DOS format. Here's one example of that admonition: http://oreilly.com/catalog/samba/chapter/book/ch06_06.html To keep it automated, you could add a unix2dos command in the script. I commented everything you mentioned out and changed the file permissions, still not playing fair. The other parameters you provided look fairly standard. Dale David Dale, The preexec script that creates the user batch file actually converts the .bat file to DOS format using unix2dos so that is why running it manually works and should work when a user logs in. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkqNtVQACgkQ5B+8XEnAvqs0MACfWSd8VIOHv90cCTGEUBPjKiVQ FYEAniAL/GCLwTas0zKQGL5huARLGd2M =j0es -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.4 performance tuning
Adam Tauno Williams kirjoitti: On Thu, 2009-08-20 at 23:06 +0300, Eero Volotinen wrote: Any hints for samba performance tuning parameters in smb.conf? current parameters: First connection (drive map) from windows machines is a bit slow, maybe disabling ipv6 helps for that? Why not suss out where the delay is before changing things? See Premature Optimization. Watch with wireshark and see if you see [long] pauses in the exchange. My guess is that you'll find pauses where the client [the Windows PC] isn't doing anything - which Samba can't help. Possibly or then wait is caused by missing dns name or the local virus scanner product? Anyway, need to fire the wireshark on work tomorrow.' -- Eero -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.4 performance tuning
On Thu, 2009-08-20 at 23:44 +0300, Eero Volotinen wrote: Adam Tauno Williams kirjoitti: On Thu, 2009-08-20 at 23:06 +0300, Eero Volotinen wrote: Any hints for samba performance tuning parameters in smb.conf? current parameters: First connection (drive map) from windows machines is a bit slow, maybe disabling ipv6 helps for that? Why not suss out where the delay is before changing things? See Premature Optimization. Watch with wireshark and see if you see [long] pauses in the exchange. My guess is that you'll find pauses where the client [the Windows PC] isn't doing anything - which Samba can't help. Possibly or then wait is caused by missing dns name or the local virus scanner product? Yep. Very often the later. Anyway, need to fire the wireshark on work tomorrow.' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] netlogon.bat issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alex Crow wrote: Depending on the version of Samba, it could be that passdb expand explicit = yes is required. I ran across this in a similar situation due to a change in default behaviour. Alex Alex, Thanks for the info, I will investigate this, I am currently using version 3.2.11. I am using ldap as my backend, is the passdb expand explicit parameter compatible with such a configuration? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkqNvAAACgkQ5B+8XEnAvqsBmQCeNTbL9EqYl3OKOwgIsZ6kzE2e R2sAn1OCHsuX7FWybexBMqihlkKGvNtb =iSNF -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Auditing/logging with latest Samba release
Hi all, I just upgraded from Samba 3.0 to 3.2 and found that the old smbd_audit module no longer works. This module logs all file accesses (especially deletes and renames) into a MySQL database (with a web frontend) and is extremely useful for us as sometimes our users accidentally move things around when they're trying to double-click on folder, and by reviewing the audit trail we can track down where the missing item was moved to and put it back. I'm not having much luck finding a similar module to smbd_audit for Samba 3.2, so I'm wondering whether one exists and perhaps I'm just not seeing it. What would everyone recommend to track this sort of data with Samba 3.2? Many thanks, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Thu Aug 20 06:00:05 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-08-19 00:00:04.0 -0600 +++ /home/build/master/cache/broken_results.txt 2009-08-20 00:00:07.0 -0600 @@ -1,4 +1,4 @@ -Build status as of Wed Aug 19 06:00:02 2009 +Build status as of Thu Aug 20 06:00:05 2009 Build counts: Tree Total Broken Panic @@ -10,11 +10,11 @@ lorikeet 0 0 0 pidl 2 2 0 ppp 0 0 0 -rsync33 13 0 +rsync3 1 0 samba-docs 0 0 0 samba-web0 0 0 samba_3_current 30 29 0 -samba_3_master 31 31 7 +samba_3_master 31 30 8 samba_3_next 31 31 0 samba_4_0_test 33 33 3 talloc 3 3 0
[SCM] SAMBA-CTDB repository - annotated tag 3.4.0-ctdb-3 updated - 3.4.0-ctdb-3
The annotated tag, 3.4.0-ctdb-3 has been updated to 33e7a65dc6cffa1809d5d28ad47271f71ca8cd17 (tag) from 99dea7d8920196f264ab63978d18e2c8fe199e3d (which is now obsolete) tagging 2ee19049594f20fbacf4c0db89be1d454f54c838 (commit) replaces 3.4.0-ctdb-2 tagged by Michael Adam on Thu Aug 20 13:05:24 2009 +0200 - Log - tag build 3.4.0-ctdb-3 Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEABECAAYFAkqNLgUACgkQyU9JOBhPkDRfuQCcDNxrTa4vjoINX8ij32z0PzUD B4EAnio1dZYb+9AKVwmbufsjV00aVif+ =P4uC -END PGP SIGNATURE- Jeremy Allison (1): Use defined names rather than numeric constants to make code Michael Adam (2): v3-4-ctdb: Bump the ctdb verdor patch level to 3. gpfs.so: map the file_inherit and dir_inherit flags away for files Volker Lendecke (3): Fix a size_t/int warning Add a \n to a debug message in smbacl4_nfs42win Make refusal of SEC_DESC_DACL_PROTECTED configurable --- -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch v3-4-ctdb updated - 6786ca95c0e9632a6d02b903885956ee5c2988ec
The branch, v3-4-ctdb has been updated via 6786ca95c0e9632a6d02b903885956ee5c2988ec (commit) from c375a369fcf524564338c99e23f4858cca082f27 (commit) http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-4-ctdb - Log - commit 6786ca95c0e9632a6d02b903885956ee5c2988ec Author: Michael Adam ob...@samba.org Date: Thu Aug 20 12:55:24 2009 +0200 v3-4-ctdb: Bump the ctdb verdor patch level to 4. Michael --- Summary of changes: source3/VERSION |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/VERSION b/source3/VERSION index d0278a0..c90ab23 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -85,7 +85,7 @@ SAMBA_VERSION_IS_GIT_SNAPSHOT=no # # SAMBA_VERSION_VENDOR_SUFFIX=ctdb -SAMBA_VERSION_VENDOR_PATCH=3 +SAMBA_VERSION_VENDOR_PATCH=4 # This can be set by vendors if they want..# -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch v3-4-ctdb updated - 75c6a4d978dfd81ad24eff9e0404337c558e2d69
The branch, v3-4-ctdb has been updated via 75c6a4d978dfd81ad24eff9e0404337c558e2d69 (commit) via 297fe699b04df2490b1323d1fe6a6ea7d04f4412 (commit) from 6786ca95c0e9632a6d02b903885956ee5c2988ec (commit) http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-4-ctdb - Log - commit 75c6a4d978dfd81ad24eff9e0404337c558e2d69 Author: Volker Lendecke v...@samba.org Date: Wed Aug 19 14:22:09 2009 +0200 s3:dsgetdcname: Fix a crash in dsgetdcname When returning NT_STATUS_OK we can't leave *info == NULL, this crashes in is_closest_site called from dsgetdcname(). commit 297fe699b04df2490b1323d1fe6a6ea7d04f4412 Author: Volker Lendecke v...@samba.org Date: Wed Aug 19 14:19:22 2009 +0200 s3:dsgetdcname: Inline dsgetdcname_cache_refresh --- Summary of changes: source3/libsmb/dsgetdcname.c | 35 +-- 1 files changed, 9 insertions(+), 26 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c index 8771115..e7629f8 100644 --- a/source3/libsmb/dsgetdcname.c +++ b/source3/libsmb/dsgetdcname.c @@ -225,28 +225,6 @@ static NTSTATUS store_cldap_reply(TALLOC_CTX *mem_ctx, / / -static NTSTATUS dsgetdcname_cache_refresh(TALLOC_CTX *mem_ctx, - struct messaging_context *msg_ctx, - const char *domain_name, - struct GUID *domain_guid, - uint32_t flags, - const char *site_name, - struct netr_DsRGetDCNameInfo *info) -{ - struct netr_DsRGetDCNameInfo *dc_info; - - return dsgetdcname(mem_ctx, - msg_ctx, - domain_name, - domain_guid, - site_name, - flags | DS_FORCE_REDISCOVERY, - dc_info); -} - -/ -/ - static uint32_t get_cldap_reply_server_flags(struct netlogon_samlogon_response *r, uint32_t nt_version) { @@ -424,13 +402,18 @@ static NTSTATUS dsgetdcname_cached(TALLOC_CTX *mem_ctx, } if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { - status = dsgetdcname_cache_refresh(mem_ctx, msg_ctx, - domain_name, - domain_guid, flags, - site_name, *info); + struct netr_DsRGetDCNameInfo *dc_info; + + status = dsgetdcname(mem_ctx, msg_ctx, domain_name, +domain_guid, site_name, +flags | DS_FORCE_REDISCOVERY, +dc_info); + if (!NT_STATUS_IS_OK(status)) { return status; } + + *info = dc_info; } return status; -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch v3-4-ctdb updated - 360e4efe1e31e4399a56d6984caf6dac7d5cc648
The branch, v3-4-ctdb has been updated via 360e4efe1e31e4399a56d6984caf6dac7d5cc648 (commit) via ffa4ff1c52022bab4ac6449387f0f17f462ac58a (commit) from 75c6a4d978dfd81ad24eff9e0404337c558e2d69 (commit) http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-4-ctdb - Log - commit 360e4efe1e31e4399a56d6984caf6dac7d5cc648 Author: Michael Adam ob...@samba.org Date: Thu Aug 20 13:37:11 2009 +0200 packaging(RHEL-CTDB): enable parallel build Michael commit ffa4ff1c52022bab4ac6449387f0f17f462ac58a Author: Michael Adam ob...@samba.org Date: Thu Aug 20 13:33:42 2009 +0200 packaging(RHEL-CTDB): fix packaging of pam_winbind.mo file Michael --- Summary of changes: packaging/RHEL-CTDB/samba.spec.tmpl |7 --- 1 files changed, 4 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index a84a5cf..48b2c5c 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -43,6 +43,7 @@ BuildRequires: pam-devel, readline-devel, fileutils, libacl-devel, openldap-deve %define _libarchdir /usr/%{_libarch} +%define numcpu %(grep ^processor /proc/cpuinfo |wc -l | sed -e 's/^0$/1/') %description Samba is the protocol by which a lot of PC-related machines share @@ -200,7 +201,7 @@ if [ ${CC_MAJOR} -ge 3 ]; then fi fi -make %{?_smp_mflags} \ +make -j%{numcpu} %{?_smp_mflags} \ nss_modules pam_modules rm -rf %{_32bit_tmp_dir} @@ -266,7 +267,7 @@ if [ ${CC_MAJOR} -ge 3 ]; then fi -make %{?_smp_mflags} \ +make -j %{numcpu} %{?_smp_mflags} \ all modules pam_smbpass # Remove some permission bits to avoid to many dependencies @@ -546,7 +547,7 @@ exit 0 %attr(755,root,root) /%{_libarch}/libnss_winbind.so* %attr(755,root,root) /%{_libarch}/security/pam_winbind.so %attr(755,root,root) /%{_libarch}/security/pam_smbpass.so -/usr/share/locale/de/LC_MESSAGES/pam_winbind.mo +/usr/share/locale/*/LC_MESSAGES/pam_winbind.mo %{_libarchdir}/samba/idmap/*.so %{_libarchdir}/samba/nss_info/*.so -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch v3-4-ctdb updated - 3.4.0-ctdb-4-1-g4ef75a3
The branch, v3-4-ctdb has been updated via 4ef75a3c5f3ac53905d3352614806bb1ae7ed66e (commit) from 360e4efe1e31e4399a56d6984caf6dac7d5cc648 (commit) http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-4-ctdb - Log - commit 4ef75a3c5f3ac53905d3352614806bb1ae7ed66e Author: Michael Adam ob...@samba.org Date: Thu Aug 20 14:23:22 2009 +0200 v3-4-ctdb: Bump the ctdb verdor patch level to 5. Michael --- Summary of changes: source3/VERSION |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/VERSION b/source3/VERSION index c90ab23..e198048 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -85,7 +85,7 @@ SAMBA_VERSION_IS_GIT_SNAPSHOT=no # # SAMBA_VERSION_VENDOR_SUFFIX=ctdb -SAMBA_VERSION_VENDOR_PATCH=4 +SAMBA_VERSION_VENDOR_PATCH=5 # This can be set by vendors if they want..# -- SAMBA-CTDB repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1099-gf3c94f4
The branch, master has been updated via f3c94f4b40399aea12a3608e930d20eb93a77efa (commit) via 062d26d57b0d3196afbf0e7a04f2ed1cd6d6ae7a (commit) via 80e2500f02d2e14e2acb7b352a82525827b5d357 (commit) via 0447af26b688d7de54892cb6c5005666b52e2048 (commit) from 8c347ed1775acc124ff7887e2f14776529e40298 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f3c94f4b40399aea12a3608e930d20eb93a77efa Author: Günther Deschner g...@samba.org Date: Mon Aug 10 17:09:41 2009 +0200 s4-spoolss: add stubs for new idl opcodes in spoolss server. Guenther commit 062d26d57b0d3196afbf0e7a04f2ed1cd6d6ae7a Author: Günther Deschner g...@samba.org Date: Mon Aug 10 16:45:47 2009 +0200 s3-spoolss: add stubs for new idl opcodes in spoolss server. Guenther commit 80e2500f02d2e14e2acb7b352a82525827b5d357 Author: Günther Deschner g...@samba.org Date: Mon Aug 10 16:45:13 2009 +0200 s3: re-run make samba3-idl. Guenther commit 0447af26b688d7de54892cb6c5005666b52e2048 Author: Günther Deschner g...@samba.org Date: Mon Aug 10 16:44:19 2009 +0200 spoolss: add more spoolss calls to IDL (spoolss_GetPrinterDriverPackagePath and spoolss_GetCorePrinterDrivers). Guenther --- Summary of changes: librpc/gen_ndr/cli_spoolss.c| 2187 +++ librpc/gen_ndr/cli_spoolss.h| 152 ++ librpc/gen_ndr/ndr_spoolss.c| 1020 +- librpc/gen_ndr/ndr_spoolss.h| 45 +- librpc/gen_ndr/spoolss.h| 139 ++ librpc/gen_ndr/srv_spoolss.c| 1148 ++ librpc/gen_ndr/srv_spoolss.h| 28 + librpc/idl/spoolss.idl | 90 ++ source3/rpc_server/srv_spoolss_nt.c | 153 ++ source4/rpc_server/spoolss/dcesrv_spoolss.c | 140 ++ 10 files changed, 5100 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/gen_ndr/cli_spoolss.c b/librpc/gen_ndr/cli_spoolss.c index 21a7236..710af77 100644 --- a/librpc/gen_ndr/cli_spoolss.c +++ b/librpc/gen_ndr/cli_spoolss.c @@ -16012,3 +16012,2190 @@ NTSTATUS rpccli_spoolss_5f(struct rpc_pipe_client *cli, return werror_to_ntstatus(r.out.result); } +struct rpccli_spoolss_60_state { + struct spoolss_60 orig; + struct spoolss_60 tmp; + TALLOC_CTX *out_mem_ctx; + NTSTATUS (*dispatch_recv)(struct tevent_req *req, TALLOC_CTX *mem_ctx); +}; + +static void rpccli_spoolss_60_done(struct tevent_req *subreq); + +struct tevent_req *rpccli_spoolss_60_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct rpc_pipe_client *cli) +{ + struct tevent_req *req; + struct rpccli_spoolss_60_state *state; + struct tevent_req *subreq; + + req = tevent_req_create(mem_ctx, state, + struct rpccli_spoolss_60_state); + if (req == NULL) { + return NULL; + } + state-out_mem_ctx = NULL; + state-dispatch_recv = cli-dispatch_recv; + + /* In parameters */ + + /* Out parameters */ + + /* Result */ + ZERO_STRUCT(state-orig.out.result); + + if (DEBUGLEVEL = 10) { + NDR_PRINT_IN_DEBUG(spoolss_60, state-orig); + } + + /* make a temporary copy, that we pass to the dispatch function */ + state-tmp = state-orig; + + subreq = cli-dispatch_send(state, ev, cli, + ndr_table_spoolss, + NDR_SPOOLSS_60, + state-tmp); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, rpccli_spoolss_60_done, req); + return req; +} + +static void rpccli_spoolss_60_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct rpccli_spoolss_60_state *state = tevent_req_data( + req, struct rpccli_spoolss_60_state); + NTSTATUS status; + TALLOC_CTX *mem_ctx; + + if (state-out_mem_ctx) { + mem_ctx = state-out_mem_ctx; + } else { + mem_ctx = state; + } + + status = state-dispatch_recv(subreq, mem_ctx); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return; + } + + /* Copy out parameters */ + + /* Copy result */ + state-orig.out.result = state-tmp.out.result; + + /* Reset temporary structure */ + ZERO_STRUCT(state-tmp); + + if (DEBUGLEVEL = 10) { +
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1101-g4c69c15
The branch, master has been updated via 4c69c151dbcab30d53ece70f5e23c5971320a5c8 (commit) via 68ea2876172a76761a678bcfbb17ab64a7db706d (commit) from f3c94f4b40399aea12a3608e930d20eb93a77efa (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4c69c151dbcab30d53ece70f5e23c5971320a5c8 Author: Volker Lendecke v...@samba.org Date: Wed Aug 19 14:22:09 2009 +0200 s3:dsgetdcname: Fix a crash in dsgetdcname When returning NT_STATUS_OK we can't leave *info == NULL, this crashes in is_closest_site called from dsgetdcname(). Signed-off-by: Günther Deschner g...@samba.org commit 68ea2876172a76761a678bcfbb17ab64a7db706d Author: Volker Lendecke v...@samba.org Date: Wed Aug 19 14:19:22 2009 +0200 s3:dsgetdcname: Inline dsgetdcname_cache_refresh Signed-off-by: Günther Deschner g...@samba.org --- Summary of changes: source3/libsmb/dsgetdcname.c | 35 +-- 1 files changed, 9 insertions(+), 26 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c index de020d4..5279b8f 100644 --- a/source3/libsmb/dsgetdcname.c +++ b/source3/libsmb/dsgetdcname.c @@ -225,28 +225,6 @@ static NTSTATUS store_cldap_reply(TALLOC_CTX *mem_ctx, / / -static NTSTATUS dsgetdcname_cache_refresh(TALLOC_CTX *mem_ctx, - struct messaging_context *msg_ctx, - const char *domain_name, - struct GUID *domain_guid, - uint32_t flags, - const char *site_name, - struct netr_DsRGetDCNameInfo *info) -{ - struct netr_DsRGetDCNameInfo *dc_info; - - return dsgetdcname(mem_ctx, - msg_ctx, - domain_name, - domain_guid, - site_name, - flags | DS_FORCE_REDISCOVERY, - dc_info); -} - -/ -/ - static uint32_t get_cldap_reply_server_flags(struct netlogon_samlogon_response *r, uint32_t nt_version) { @@ -424,13 +402,18 @@ static NTSTATUS dsgetdcname_cached(TALLOC_CTX *mem_ctx, } if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { - status = dsgetdcname_cache_refresh(mem_ctx, msg_ctx, - domain_name, - domain_guid, flags, - site_name, *info); + struct netr_DsRGetDCNameInfo *dc_info; + + status = dsgetdcname(mem_ctx, msg_ctx, domain_name, +domain_guid, site_name, +flags | DS_FORCE_REDISCOVERY, +dc_info); + if (!NT_STATUS_IS_OK(status)) { return status; } + + *info = dc_info; } return status; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1102-g77a0a6e
The branch, master has been updated via 77a0a6e9a1a30b0ea3e36aaf751b433c546b5c5c (commit) from 4c69c151dbcab30d53ece70f5e23c5971320a5c8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 77a0a6e9a1a30b0ea3e36aaf751b433c546b5c5c Author: Günther Deschner g...@samba.org Date: Thu Aug 20 15:28:19 2009 +0200 s3-idmap: fix two uninitialized variable warnings in idmap_tdb2. Guenther --- Summary of changes: source3/winbindd/idmap_tdb2.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/idmap_tdb2.c b/source3/winbindd/idmap_tdb2.c index ef365f3..22aff0d 100644 --- a/source3/winbindd/idmap_tdb2.c +++ b/source3/winbindd/idmap_tdb2.c @@ -252,7 +252,7 @@ static NTSTATUS idmap_tdb2_allocate_id(struct unixid *xid) const char *hwmkey; const char *hwmtype; uint32_t high_hwm; - uint32_t hwm; + uint32_t hwm = 0; NTSTATUS status; struct idmap_tdb2_allocate_id_context state; @@ -469,10 +469,10 @@ static NTSTATUS idmap_tdb2_set_mapping_action(struct db_context *db, struct idmap_tdb2_set_mapping_context *state; TALLOC_CTX *tmp_ctx = talloc_stackframe(); - DEBUG(10, (Storing %s - %s map\n, state-ksidstr, state-kidstr)); - state = (struct idmap_tdb2_set_mapping_context *)private_data; + DEBUG(10, (Storing %s - %s map\n, state-ksidstr, state-kidstr)); + /* check wheter sid mapping is already present in db */ data = dbwrap_fetch_bystring(db, tmp_ctx, state-ksidstr); if (data.dptr) { -- Samba Shared Repository
[SCM] SAMBA-CTDB repository - branch v3-2-ctdb updated - build_3.2.11_ctdb_62-6-gfdd77c8
The branch, v3-2-ctdb has been updated via fdd77c84206ced808f0d37be9844f69c314a5055 (commit) via 7f3cdfe7634e771f6771b96d4955fb4c67165f4e (commit) from 99fbbc24297edec3197ed3d80272ac526a058939 (commit) http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-2-ctdb - Log - commit fdd77c84206ced808f0d37be9844f69c314a5055 Author: Volker Lendecke v...@samba.org Date: Wed Aug 19 14:22:09 2009 +0200 s3:dsgetdcname: Fix a crash in dsgetdcname When returning NT_STATUS_OK we can't leave *info == NULL, this crashes in is_closest_site called from dsgetdcname(). commit 7f3cdfe7634e771f6771b96d4955fb4c67165f4e Author: Volker Lendecke v...@samba.org Date: Wed Aug 19 14:19:22 2009 +0200 s3:dsgetdcname: Inline dsgetdcname_cache_refresh --- Summary of changes: source/libsmb/dsgetdcname.c | 35 +-- 1 files changed, 9 insertions(+), 26 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/dsgetdcname.c b/source/libsmb/dsgetdcname.c index e191307..82883f5 100644 --- a/source/libsmb/dsgetdcname.c +++ b/source/libsmb/dsgetdcname.c @@ -367,28 +367,6 @@ static NTSTATUS store_cldap_reply(TALLOC_CTX *mem_ctx, / / -static NTSTATUS dsgetdcname_cache_refresh(TALLOC_CTX *mem_ctx, - struct messaging_context *msg_ctx, - const char *domain_name, - struct GUID *domain_guid, - uint32_t flags, - const char *site_name, - struct netr_DsRGetDCNameInfo *info) -{ - struct netr_DsRGetDCNameInfo *dc_info; - - return dsgetdcname(mem_ctx, - msg_ctx, - domain_name, - domain_guid, - site_name, - flags | DS_FORCE_REDISCOVERY, - dc_info); -} - -/ -/ - static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, uint32_t nt_version) { @@ -575,13 +553,18 @@ static NTSTATUS dsgetdcname_cached(TALLOC_CTX *mem_ctx, } if (expired) { - status = dsgetdcname_cache_refresh(mem_ctx, msg_ctx, - domain_name, - domain_guid, flags, - site_name, *info); + struct netr_DsRGetDCNameInfo *dc_info; + + status = dsgetdcname(mem_ctx, msg_ctx, domain_name, +domain_guid, site_name, +flags | DS_FORCE_REDISCOVERY, +dc_info); + if (!NT_STATUS_IS_OK(status)) { return status; } + + *info = dc_info; } return status; -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch v3-2-ctdb updated - build_3.2.11_ctdb_62-7-g137beff
The branch, v3-2-ctdb has been updated via 137beff2d6ef97c05bf335f2d2460b542d9dd8c0 (commit) from fdd77c84206ced808f0d37be9844f69c314a5055 (commit) http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-2-ctdb - Log - commit 137beff2d6ef97c05bf335f2d2460b542d9dd8c0 Author: Michael Adam ob...@samba.org Date: Mon Aug 3 13:45:40 2009 +0200 packaging(RHEL-CTDB): pam_winbindd man page has moved from section 7 to 8 This due to updating the docs tarball to the current 3.2 docs. Michael --- Summary of changes: packaging/RHEL-CTDB/samba.spec.tmpl |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index 6d053c6..ded2c08 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -600,7 +600,7 @@ exit 0 %{_mandir}/man1/wbinfo.1* %{_mandir}/man8/winbindd.8* %{_mandir}/man8/net.8* -%{_mandir}/man7/pam_winbind.7* +%{_mandir}/man8/pam_winbind.8* %{_mandir}/man7/libsmbclient.7* %{_mandir}/man1/ldbadd.1* %{_mandir}/man1/ldbdel.1* -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - annotated tag 3.2.11-ctdb-63 created - 3.2.11-ctdb-63
The annotated tag, 3.2.11-ctdb-63 has been created at bfb61794b24d0b67cd7749e918a63e89abed652a (tag) tagging 137beff2d6ef97c05bf335f2d2460b542d9dd8c0 (commit) replaces build_3.2.11_ctdb_62 tagged by Michael Adam on Thu Aug 20 17:52:04 2009 +0200 - Log - tag release 3.2.11-ctdb-63 Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEABECAAYFAkqNcS4ACgkQyU9JOBhPkDRrZgCeOkCFEGviimUhwr4w3q3Z5FL0 nJIAn1S2g0Gnd2TgZlb8fwSyNNLDK7Ss =d4be -END PGP SIGNATURE- Jeremy Allison (1): Use defined names rather than numeric constants to make code clearer. Jeremy. Michael Adam (3): v3-2-ctdb: Bump the ctdb vendor patch to 63 for the next release gpfs.so: map the file_inherit and dir_inherit flags away for files packaging(RHEL-CTDB): pam_winbindd man page has moved from section 7 to 8 Volker Lendecke (3): Make refusal of SEC_DESC_DACL_PROTECTED configurable s3:dsgetdcname: Inline dsgetdcname_cache_refresh s3:dsgetdcname: Fix a crash in dsgetdcname --- -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch v3-2-ctdb updated - 3.2.11-ctdb-63-1-g1d87081
The branch, v3-2-ctdb has been updated via 1d87081ae30d4b38b6459e95e206fc9d2fb9498f (commit) from 137beff2d6ef97c05bf335f2d2460b542d9dd8c0 (commit) http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-2-ctdb - Log - commit 1d87081ae30d4b38b6459e95e206fc9d2fb9498f Author: Michael Adam ob...@samba.org Date: Thu Aug 20 17:52:39 2009 +0200 v3-2-ctdb: Bump the ctdb vendor patch level to 64. Michael --- Summary of changes: source/VERSION |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/VERSION b/source/VERSION index 20b6233..fb8395c 100644 --- a/source/VERSION +++ b/source/VERSION @@ -96,4 +96,4 @@ SAMBA_VERSION_IS_GIT_SNAPSHOT= # - CVS 3.0.0rc2-VendorVersion# SAMBA_VERSION_VENDOR_SUFFIX=ctdb -SAMBA_VERSION_VENDOR_PATCH=63 +SAMBA_VERSION_VENDOR_PATCH=64 -- SAMBA-CTDB repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1103-g9b261a1
The branch, master has been updated via 9b261a1211de2bfef22af64d4717b44c5ed2bfb8 (commit) from 77a0a6e9a1a30b0ea3e36aaf751b433c546b5c5c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9b261a1211de2bfef22af64d4717b44c5ed2bfb8 Author: Jeremy Allison j...@samba.org Date: Thu Aug 20 11:08:21 2009 -0700 Fix bug 6638 - ADS Domain Member: Computer Mgr can not set share ACLs Add good error message for share modification denial. Jeremy. --- Summary of changes: source3/rpc_server/srv_srvsvc_nt.c | 22 +++--- 1 files changed, 19 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 01ffcd8..f7f51d1 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1514,6 +1514,9 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, || ( lp_enable_asu_support() strequal(share_name,ADMIN$) ) || strequal(share_name,global) ) { + DEBUG(5,(_srvsvc_NetShareSetInfo: share %s cannot be + modified by a remote user.\n, + share_name )); return WERR_ACCESS_DENIED; } @@ -1531,8 +1534,14 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, /* fail out now if you are not root and not a disk op */ - if ( p-server_info-utok.uid != sec_initial_uid() !is_disk_op ) + if ( p-server_info-utok.uid != sec_initial_uid() !is_disk_op ) { + DEBUG(2,(_srvsvc_NetShareSetInfo: uid %u doesn't have the + SeDiskOperatorPrivilege privilege needed to modify + share %s\n, + (unsigned int)p-server_info-utok.uid, + share_name )); return WERR_ACCESS_DENIED; + } switch (r-in.level) { case 1: @@ -1599,16 +1608,23 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, } /* We can only modify disk shares. */ - if (type != STYPE_DISKTREE) + if (type != STYPE_DISKTREE) { + DEBUG(5,(_srvsvc_NetShareSetInfo: share %s is not a + disk share\n, + share_name )); return WERR_ACCESS_DENIED; + } if (comment == NULL) { return WERR_NOMEM; } /* Check if the pathname is valid. */ - if (!(path = valid_share_pathname(p-mem_ctx, pathname ))) + if (!(path = valid_share_pathname(p-mem_ctx, pathname ))) { + DEBUG(5,(_srvsvc_NetShareSetInfo: invalid pathname %s\n, + pathname )); return WERR_OBJECT_PATH_INVALID; + } /* Ensure share name, pathname and comment don't contain '' characters. */ string_replace(share_name, '', ' '); -- Samba Shared Repository
[SCM] CTDB repository - branch master updated - ctdb-1.0.88-1-g85590e9
The branch, master has been updated via 85590e9dfaab0db16ce8103e509fd4d51aef4ad5 (commit) from fbfa1c72875dda4d1636d8e72c67ba09b10455df (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit 85590e9dfaab0db16ce8103e509fd4d51aef4ad5 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Wed Aug 19 08:25:50 2009 +1000 skip any persistent databases ending in .bak --- Summary of changes: server/ctdb_ltdb_server.c |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/server/ctdb_ltdb_server.c b/server/ctdb_ltdb_server.c index e76a50a..7940546 100644 --- a/server/ctdb_ltdb_server.c +++ b/server/ctdb_ltdb_server.c @@ -392,6 +392,12 @@ int ctdb_attach_persistent(struct ctdb_context *ctdb) s = talloc_strdup(ctdb, de-d_name); CTDB_NO_MEMORY(ctdb, s); + /* ignore names ending in .bak */ + p = strstr(s, .bak); + if (p != NULL) { + continue; + } + /* only accept names ending in .tdb */ p = strstr(s, .tdb.); if (len 7 || p == NULL) { -- CTDB repository