Re: [Samba] Little trouble with samba authentication in domain windows AD
...an autoreplay ?! is it a mistake or something is missing ?!? thx dirk.bec...@symeo.com ha scritto: Ich bin vom 14.08.2009 bis einschließlich 23.08.2009 im Urlaub und per E-Mail nicht erreichbar. Ich werde Ihre Nachrichten nach meiner Rückkehr beantworten. In dringenden Fällen wenden Sie sich bitte an unser Sekretariat. Sie werden dann an einen Ansprechpartner vermittelt. Unser Sekretariat: +49 (0)89 660 77 96-0 I'm on vacation beginning 14.08.2009 until 23.08.2009 and not available per e-mail. I will respond to your message after my return. in case of urgent respond, please contact our office. You'll be transfered to the right contact person. Our office phone: +49 (0)89 660 77 96-0 -- Dirk Becker Symeo GmbH Proefssor-Messerschmitt-Str. 3, D-85579 Neubiberg / München tel:+49 (0)89 660 77 96 320 fax:+49 (0)89 660 77 96 190 http://www.symeo.com Symeo GmbH; Geschaeftsführer: Dirk Brunnengräber, Christoph Rommel Sitz der Gesellschaft: Muenchen; Registergericht: Muenchen, HRB 157340 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4.0: wbinfo -g does not show BUILTIN groups
Hello all, We are currently running samba version 3.4.0 on AIX. We are using idmap rid as we do have only one domain called FB6. When we applied permissions to user directories we gave group permissions to the BUILTIN\administrators group. This used to work for samba 3.0.26a. Now we experience the following problem: when we execute wbinfo -g we do not see the BUILTIN\administrators group, neither do we see any other BUILTIN group. In the filesystem only the group id 15000 is shown by ls -al. Does anybody have a clue what is going on? Does samba 3.4.0 have a winbind problem? Kind regards Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] most common way to implement 'net time' privileges
Hello samba, I would like to ask about what is the most common and less effort way to let users change time without admin privileges on windows workstations. To be exact I'm trying to find out the quick and dirty way to sync time between win workstations (xp and vista) and PDC Samba 3.3.2. I do use net logon scripts and it is failing on net time \\pdc-server /set /yes command because of missing privileges. Any know how would be nice. Thanks for your time Liutauras -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] tree connect failed: NT_STATUS_ACCESS_DENIED
hi:) for an unkonow reason the users are not able to connect to samba. samba member of domain, ads security. no changes on samba side. if i run: smbclient -U% -L ip Domain=[INT] OS=[Unix] Server=[Samba 3.0.28a] tree connect failed: NT_STATUS_ACCESS_DENIED all the other commands are ok: wbinfo getent testparm do you have any ideea? thank you:) Gabi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] most common way to implement 'net time' privileges
Use user manager for domains from the NT admin tools. select the correct domain (if not already selected). Select Policy - User Rights Select the right: Change the system time Click Add... then select Domain Users Tony Hoover, Network Administrator KSU - Salina, College of Technology and Aviation (785) 826-2660 Don't Blend in... -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Liutauras Adomaitis Sent: Monday, August 24, 2009 4:51 AM To: Samba list Subject: [Samba] most common way to implement 'net time' privileges Hello samba, I would like to ask about what is the most common and less effort way to let users change time without admin privileges on windows workstations. To be exact I'm trying to find out the quick and dirty way to sync time between win workstations (xp and vista) and PDC Samba 3.3.2. I do use net logon scripts and it is failing on net time \\pdc-server /set /yes command because of missing privileges. Any know how would be nice. Thanks for your time Liutauras -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbind problem with GID range and idmap_rid
Hello all, We get a weird error on our 3.4.0 samba server. The log.winbind-idmap shows the following entries: [2009/08/24 16:35:53, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module ldap already registered! [2009/08/24 16:35:53, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module tdb already registered! [2009/08/24 16:35:53, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module passdb already registered! [2009/08/24 16:35:53, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module nss already registered! [2009/08/24 16:35:53, 1] winbindd/idmap_tdb.c:445(idmap_tdb_allocate_id) Fatal Error: GID range full!! (max: 49) What can be the cause for this kind of error? Is our idmap_rid not configured correctly? Please have a look Volker smb.conf --- [global] # # setting base configuration parameters # # workgroup = FB6 netbios name = FRIGG server string = AFS security = ADS realm = FB6.UNI-WUPPERTAL.DE auth methods = winbind # password server = AD logon server password server = 132.195.120.9 132.195.120.12 wins server = 132.195.120.12 client use spnego = yes client signing = yes # added wg. ticket #5344 #client lanman auth = no #client ntlmv2 auth = yes encrypt passwords = yes host msdfs = no #domain logons = yes # fuer Samba 3.3.0 # damit keine verschluesselte Verbindung zum Domain Controller # aufgebaut wird ldap ssl = no obey pam restrictions = no # - # printer settings # ??? better disable these settings ??? # - # printcap name = cups # disable spoolss = Yes # show add printer wizard = No # - # ID mapping parameters # mapping windows users to unix users # this is performed on the basis of sid on windows and # unix with uid for users and gid for groups # the backend parameter rid allows to get the same mapping # form sid to uid because it is determined algorithmically # that way we get the same mapping even if we use samba on # several disparate systems # CHANGE NOTIFICATIO: with v3.3.0 there are changes # to idmap; idmap domains is no longer supported # - #idmap domains = FB6 #idmap backend = rid idmap backend = tdb idmap config FB6:backend = rid #idmap config FB6:base_rid = 0 idmap config FB6:range = 1 - 49 idmap uid = 1-49 idmap gid = 1-49 winbind separator =+ winbind use default domain = Yes winbind enum users = no winbind enum groups = no winbind cache time = 60 winbind gid = 1-49 winbind uid = 1-49 #template homedir = /gpfs/fbb/user/%U #template shell = /opt/pware/bin/bash #use sendfile = Yes #printing = cups #ldap suffix = dc=FB6, dc=UNI-WUPPERTAL, dc=DE #--- # Logging options # #--- # # higher log levels have a negative impact on performance log level = 3 log file = /opt/pware/var/log/fbb.frigg.log.%m max log size = 50 debug timestamp = yes #utmp = yes #--- # ACL Support # #--- map acl inherit = yes nt acl support = yes inherit acls = yes inherit permissions = yes inherit owner = yes admin users = @FB6+domain admins #--- # Performance options # #--- socket options = TCP_NODELAY IPTOS_LOWDELAY # comment: VA, 01.05.2008 # deactivated, as it seems that this was our performance killer # the original values were 8192 each; i have adapted both # parameter values for AIX configuration # SO_RCVBUF=16384 SO_SNDBUF=16384 #--- # Include Configuration Files # #--- include = /opt/pware/lib/fbb-user.conf include = /opt/pware/lib/fbb-ls.conf include = /opt/pware/lib/fbb-apps.conf include = /opt/pware/lib/fbb-projekte.conf include = /opt/pware/lib/fbb-profiles.conf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP errors with v3.0.34 using the LDAP schema file with Sun DS 5.2
The format of the sambaDomainName object in the DIT (I've masked the sensitive information, don't let the ?'s and #'s throw you): Distinguished Name: sambaDomainName=,??=???,??=??? ObjectClasses sambaDomain Attributes sambaAlgorithmicRidBase 1000 sambaDomainName sambaNextUserRid 1000 sambaSID #-#-#-##-##-#-## The attributes sambapwdhistorylength, sambalockoutthreshold, sambamaxpwdage are not included in the definition of the sambaDomainName object. Any ideas? The searching I've done indicates the attributes sambapwdhistorylength, sambalockoutthreshold, sambamaxpwdage should be included, in our case, they are not. Thanks for any assistance, Rob Mottishaw Rob Mottishaw wrote: Receive the following errors when users authenticate with LDAP schema file included with Sun DS 5.2: ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry sambaDomainName=,??=???,??=???, attribute sambapwdhistorylength is not allowed ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry sambaDomainName=,??=???,??=???, attribute sambalockoutthreshold is not allowed ERROR5897 - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry sambaDomainName=,??=???,??=???, attribute sambamaxpwdage is not allowed The authentication is succdessful, yet these errors are logged multiple times. Checked in the schema file for SAMBA 3.0.x sent with Sun DS 5.2, and indeed, the attributes sambapwdhistorylength, sambalockoutthreshold, and sambamaxpwdage are not among those listed in the schema file for SAMBA 3.0.x. Is there an updated schema file or a way to configure the authentication to remove the verification of these attributes? Thank you, Rob Mottishaw -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP errors with v3.0.34 using the LDAP schema file with Sun DS 5.2
On Montag, 24. August 2009 wrote Rob Mottishaw: The format of the sambaDomainName object in the DIT (I've masked the sensitive information, don't let the ?'s and #'s throw you): Distinguished Name: sambaDomainName=,??=???,??=??? ObjectClasses sambaDomain Attributes sambaAlgorithmicRidBase 1000 sambaDomainName sambaNextUserRid 1000 sambaSID #-#-#-##-##-#-## The attributes sambapwdhistorylength, sambalockoutthreshold, sambamaxpwdage are not included in the definition of the sambaDomainName object. Any ideas? The searching I've done indicates the attributes sambapwdhistorylength, sambalockoutthreshold, sambamaxpwdage should be included, in our case, they are not. The schema is attached. It comes from a samba 3.2x debian lenny package. You may try it, if you want. Thanks for any assistance, Rob Mottishaw -- Gruss Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ADS mode. Stop machine account auto creating in home folder
Using Samba and active directory mode. Everything works well. I would however like to avoid having the machine accounts have a folder auto generated in the ³home² folder. Is there a way to stop that? They show up as MACHINENAME_ or MACHINENAME$. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] BDC Promotion and Netbios...
We are replacing a failing PDC. When promoting a BDC to replace an existing PDC, can you change the NETBIOS name field to match that of the original PDC without causing problems? Brian H binaryno...@gmail.com http://www.binarynomad.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [SOLVED] Compiling on RHEL 5.3 possible? --libtalloc does not exist
Ah so... sure enough these libraries are found in their default locations /usr/local/samba/lib. ./configure LDFLAGS=Wl,-rpath,/usr/local/samba/lib SOLVED this problem on RHEL 5.3, x86_64 with gcc 4.1.2 Thanks, RW Hornbaker From: John Drescher [dresche...@gmail.com] Sent: Friday, August 21, 2009 3:22 PM To: Hornbaker, RW Cc: samba@lists.samba.org Subject: Re: [Samba] Compiling on RHEL 5.3 possible? --libtalloc does not exist On Fri, Aug 21, 2009 at 5:16 PM, Hornbaker, RWrw.hornba...@serco-na.com wrote: I've tried Samba 3.2.14, 3.3.7, and 3.4 (source3). In each instance, smbd was missing libtalloc.so.1 libtdb.so.1 libwbclient.so.0 as reported by ldd. It didn't work to well either :-) I've not been able to find RHEL 5 libtalloc package. I tried installing some from fedora core(6 and 11), however, they had considerable dependency trees... some of which conflicted with what was already installed. This is a samba library. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] BDC Promotion and Netbios...
On 08/24/2009 12:15 PM, Brian H wrote: We are replacing a failing PDC. When promoting a BDC to replace an existing PDC, can you change the NETBIOS name field to match that of the original PDC without causing problems? Brian H binaryno...@gmail.com http://www.binarynomad.com Sure, but you must reset the domain SID after you change the server name. Before changing the server name: net getdomainsid Stop winbind, smbd, nmbd. Change the server name. After changing the server name, and BEFORE starting nmbd, smbd, and winbind: net setdomainsid S-1-5-21-xx-xxx- per the domain SID reported by 'net getdomainsid' - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Slimming down smbtree?
Sorry if these questions are getting tiring, but I want to get the list of servers from smbtree -NS from an embedded system (e.g., custom wireless router firmware). Unfortunately, compiling smbtree ends up being a couple of MB large. I've tried a bunch of basic optimizations to shrink the executable size as possible (e.g., using -f{function,data}-sections and --gc-sections, removing the share enumeration code, eliminating the option handling), and at best it's still barely under a megabyte. Does anyone have any suggestions on how to slim smbtree down further, or to possibly get the same information a different (read: more code-size efficient) way? I feel I'll need to start ripping out unnecessary code from lower-level functions, but I'm wary of inadvertently breaking something (if I haven't already). Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] BDC Promotion and Netbios...
i'd probably just use netbios aliases = PDCNAME and rehash the config and see if that works first. Brian H wrote: We are replacing a failing PDC. When promoting a BDC to replace an existing PDC, can you change the NETBIOS name field to match that of the original PDC without causing problems? Brian H binaryno...@gmail.com http://www.binarynomad.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] client ldap sasl wrapping stripped out by testparm: AD net join fails
net ads join -Urw.hornbaker -d10 fails with: ads_sasl_spnego_krb5_bind failed with: No credentials cache found, calling kinit (please see below) This was addressed 10/1/08 by Martin Zielinski and more recently by Gunther Deschner. Both said to use client ldap sasl wrapping: Using a new default compilation of samba 3.2.14 on x86_64, RHEL 5.3, And placing client ldap sasl wrapping = sign in smb.conf has no effect because testparm -s strips out this line. Gunther suggested looking at the man page for more options but its not listed in man smb.conf. Perhaps he is referrencing another man page. Is there some ./configure option that needs to be used to make client ldap sasl wrapping available or is there some other way to prevent the No credentials cache found error. Thanks, RW Hornbaker ds_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2009/08/24 11:39:33, 10] libads/sasl.c:ads_sasl_spnego_bind(321) ads_sasl_spnego_krb5_bind failed with: No credentials cache found, calling kinit [2009/08/24 11:39:33, 10] libads/kerberos.c:kerberos_kinit_password_ext(91) kerberos_kinit_password: using [MEMORY:net_ads] as ccache and config [/var/cache/samba/smb_krb5/krb5.conf.EXAMPLE] [2009/08/24 11:39:33, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Mon, 24 Aug 2009 21:39:33 MDT [2009/08/24 11:39:33, 10] libsmb/clikrb5.c:ads_krb5_mk_req(624) ads_krb5_mk_req: Ticket (wsmra1100...@example.com) in ccache (MEMORY:net_ads) is valid until: (Mon, 24 Aug 2009 21:39:33 MDT - 1251171573) [2009/08/24 11:39:33, 10] libsmb/clikrb5.c:get_krb5_smb_session_key(735) Got KRB5 session key of length 16 [2009/08/24 11:39:33, 0] libads/sasl.c:ads_sasl_spnego_bind(330) kinit succeeded but ads_sasl_spnego_krb5_bind failed: Strong(er) authentication required [2009/08/24 11:39:33, 1] utils/net_ads.c:net_ads_join(1470) error on ads_startup: Strong(er) authentication required [2009/08/24 11:39:33, 10] intl/lang_tdb.c:lang_tdb_init(138) lang_tdb_init: /usr/lib64/samba/C.msg: No such file or directory Failed to join domain: Strong(er) authentication required [2009/08/24 11:39:33, 2] utils/net.c:main(1075) return code = -1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Question on sambapwdhistorylength attribute
I keep getting an error in my Sun DS 5.2 error log about a schema violation complaining about sambapwdhistorylength attribute. I am using the DS 5.2 schema from the tar file I download and I have checked and their is not sambapwdhistorylength attribute in it. Anybody have any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Veto files question
hide unreadable = yes is the closest I can think of. You could then set perms to something like 400 and only owners will be able to read their own files. -=Andrew -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Allen Chen Sent: Thursday, August 20, 2009 7:35 AM To: samba@lists.samba.org Subject: [Samba] Veto files question Hi, there I have a question about Veto files in smb.conf: Can we use this option to hidden files not belonging to myself in a shared folder? If not, how do we implement this functionality in Samba? Thanks, Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Question on sambapwdhistorylength attribute
On Mon, Aug 24, 2009 at 01:29:00PM -0600, Gary Peck wrote: I keep getting an error in my Sun DS 5.2 error log about a schema violation complaining about sambapwdhistorylength attribute. I am using the DS 5.2 schema from the tar file I download and I have checked and their is not sambapwdhistorylength attribute in it. Anybody have any ideas? Unfortunately the only schema we really keep up to date is the samba.schema file for OpenLDAP. The other ones are mostly user contributions. So if you have a way to convert samba.schema to a format that your directory server will accept, we'd be happy to include your patch! Volker pgpTTRK6ZEAnB.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Is this possible using winbind
Here is my goal: Computers A -- MS PDC B -- Linux which maintains all local accounts, and cached accounts C -- Linux which uses A and/or B for authentication User authentication on B will use Winbind to autheticate against A (AD) User authentication on C will first try A, and fall back to B (using Winbind) nss on C is configured to locate information on B (via winbind or ldap) I've been trying to use idmap ldap backend, but haven't been successful yet, and just want to know if this path is doable before spending more time on it. Thanks, Craig This message and/or attachments may include information subject to GDC4S O.M. 1.8.6 and GD Corporate Policy 07-706 and is intended to be accessed only by authorized personnel of General Dynamics and approved service providers. Use, storage and transmission are governed by General Dynamics and its policies. Contractual restrictions apply to third parties. Recipients should refer to the policies or contract to determine proper handling. Unauthorized review, use, disclosure or distribution is prohibited. If you are not an intended recipient, please contact the sender and destroy all copies of the original message. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Failed to join domainL: failed to connect to AD: NT_STATUS_NOT_SUPPORTED
Hello, I'm having a problem getting samba to work properly. In a nutshell, we had Samba running (version 3.0.x, the version that comes with RHEL4u4), but then our security guys made us make several changes to our Win2k3 domain controller, and now I cannot get this to work. First, I'm simply trying to join a Linux file server to a Windows domain for file sharing purposes, I have no desire to set this up as a domain controller or to use winbind. I've run into several problems while trying to fix this, managed to get past a few, but I still cannot get this to work. Your guidance is greatly appreciated. My problem is two-fold, first, I cannot join the domain using the net ads join command. When I do, I get the error: libads/sasl.c:593(ads_sasl_spnego_gsskrb5_bind) Ads_setup_sasl_wrapping() failed: NT_STATUS_NOT_SUPPORTED libads/sasl.c:593(ads_sasl_spnego_gsskrb5_bind) Kinit succeeded but ads_sasl_spnego_krb5_bind failed failed to join domain: failed to connect to AD: NT_STATUS_NOT_SUPPORTED It doesn't matter if I use ads or domain for security mode (someone suggested using domain instead of ads), it still gives the same error. Now, if I use net rpc join -U adminname -S servername It will join the domain, but when I try to access the server it asks me for a username and password and does not allow me to see any of the shares. I attempted to use this simple smb.conf file: [global] Workgroup = FTT Realm = FTT.COM security = ads password server = ftt-dc01 encrypt passwords = yes client ldap sasl wrapping = sign client ntlmv2 auth = yes Along with some shares. Any help you can provide will be greatly appreciated. Thank you! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Mon Aug 24 06:00:02 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-08-23 00:00:03.0 -0600 +++ /home/build/master/cache/broken_results.txt 2009-08-24 00:00:02.0 -0600 @@ -1,11 +1,11 @@ -Build status as of Sun Aug 23 06:00:02 2009 +Build status as of Mon Aug 24 06:00:02 2009 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 3 1 0 +ccache 2 1 0 distcc 0 0 0 -ldb 26 26 0 +ldb 25 25 0 libreplace 1 1 0 lorikeet 0 0 0 pidl 1 1 0 @@ -13,10 +13,10 @@ rsync24 10 0 samba-docs 0 0 0 samba-web0 0 0 -samba_3_current 1 1 0 -samba_3_master 30 29 7 +samba_3_current 0 0 0 +samba_3_master 26 25 3 samba_3_next 23 22 1 -samba_4_0_test 32 32 1 -talloc 2 2 0 -tdb 2 2 0 +samba_4_0_test 28 28 2 +talloc 1 1 0 +tdb 1 1 0
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1148-gf60f007
The branch, master has been updated via f60f0077e4f9e5d2dfe89786ca840a8330507a6d (commit) via 2c846058ff104f83e50bc93aa90c0dc7a8c7fe0f (commit) via 798b3fbb53fb229c93b841e380a4439d6575d75a (commit) via e6da38c8b7791292243b539cfbaf763f5b61f509 (commit) via a0e20418360cbbb0ddaff5f71675300b3b3db72a (commit) via 39cd5bbb3306300a24e2f057a570e74aafce0b6b (commit) via a5358402b26e08b9f69c5c766e5cb7438c695dbf (commit) via e8782de8fe51310e89eb480f0a67f1d392698896 (commit) via 851b01f64ed8c5dbb7f4b9cf058d94e5a685d86e (commit) via 251b03eee626c10b294eee4a45a1dcc82a4fd1d9 (commit) via 5cefde407559497c2ff53d0caa9d22d4af063a68 (commit) via 55dbe80d0537ae2addf7bcd682372fe1829152a6 (commit) via 64e05779d2bf697b3c5f9f53234839f4f352a408 (commit) via 6c9ace27c591e48fdffdf5add6b4e11b2f669922 (commit) via 9baacbbbdf766b87512f6d0f518f91decbbf2e2b (commit) via 5760edeeb6b6d5a8aaebae2422ba3e7c3df700cc (commit) via 8a90c8bc98a2501da41af132512d1c3875463102 (commit) via ed384e8aac36fa768741ff7589e76b233064c586 (commit) via e40f3144f2a3f8e7aebf009a4cddb9f463292c1c (commit) via ac8aeec824b49c69a97e107f170337fcaa75120f (commit) via 84810d7182f2d9b3f4cb65db89489cb0a75dcc2e (commit) via f8559b8238409b28ba198c89e6a31e62cf28df88 (commit) via 13227f83b9efb549ae05a0b508095de288347386 (commit) via 1fbc86c57a60fdb828a50d24c65750ba01b92f10 (commit) via 2c664db7494da12e1738dbcbdece41374f561661 (commit) via d1895d2fee9eec6f0b16dd38728b34d2f8233b0c (commit) from fced9dfc1ea45f902e9281679f479ae18d229c17 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f60f0077e4f9e5d2dfe89786ca840a8330507a6d Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 24 16:27:05 2009 +1000 fixed typo in talloc doc XML commit 2c846058ff104f83e50bc93aa90c0dc7a8c7fe0f Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 24 16:21:58 2009 +1000 LIBREPLACEOBJ now contains the full path commit 798b3fbb53fb229c93b841e380a4439d6575d75a Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 24 16:01:18 2009 +1000 updated XML source for talloc man page commit e6da38c8b7791292243b539cfbaf763f5b61f509 Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 24 16:01:05 2009 +1000 added talloc_set_log_* documentation commit a0e20418360cbbb0ddaff5f71675300b3b3db72a Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 24 12:34:53 2009 +1000 updated talloc guide for recent API changes commit 39cd5bbb3306300a24e2f057a570e74aafce0b6b Author: Andrew Tridgell tri...@samba.org Date: Mon Jul 27 17:12:27 2009 +1000 make lib/replace more usable in standalone builds This makes the lib/replace m4 work in lib/talloc as a standalone build commit a5358402b26e08b9f69c5c766e5cb7438c695dbf Author: Andrew Tridgell tri...@samba.org Date: Mon Jul 27 17:12:56 2009 +1000 fixed getpass m4 This allows the getpass.m4 code to work in standalone talloc builds commit e8782de8fe51310e89eb480f0a67f1d392698896 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 3 11:30:44 2009 +0200 s3:lib: setup talloc log and abort functions metze commit 851b01f64ed8c5dbb7f4b9cf058d94e5a685d86e Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 21 10:01:15 2009 +0200 s3:configure: require talloc = 2.0.0 metze commit 251b03eee626c10b294eee4a45a1dcc82a4fd1d9 Author: Stefan Metzmacher me...@samba.org Date: Thu Jul 30 08:37:01 2009 +0200 s4:cmdline: setup talloc log and abort functions metze commit 5cefde407559497c2ff53d0caa9d22d4af063a68 Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 21 10:00:51 2009 +0200 s4:build: require talloc = 2.0.0 metze commit 55dbe80d0537ae2addf7bcd682372fe1829152a6 Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 21 09:25:57 2009 +0200 talloc: add --enable-talloc-compat1 to build a compat library for talloc 1.x.x metze commit 64e05779d2bf697b3c5f9f53234839f4f352a408 Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 21 09:53:51 2009 +0200 talloc: update talloc.exports and talloc.signatures metze commit 6c9ace27c591e48fdffdf5add6b4e11b2f669922 Author: Stefan Metzmacher me...@samba.org Date: Thu Aug 20 13:43:42 2009 +0200 talloc: add defines and functions for TALLOC_MAJOR/MINOR_VERSION We also use the major and minor versions in the TALLOC_MAGIC, so that we can detect if two conflicting versions of talloc are loaded in one process. In this case we use talloc_log() to output a very useful debug message before we call talloc_abort(). metze commit 9baacbbbdf766b87512f6d0f518f91decbbf2e2b Author: Stefan Metzmacher me...@samba.org Date: Thu Aug 20 13:43:18
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1149-g0f98d53
The branch, master has been updated via 0f98d539e2edc8f1d57271fb20051189699222a7 (commit) from f60f0077e4f9e5d2dfe89786ca840a8330507a6d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0f98d539e2edc8f1d57271fb20051189699222a7 Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 24 16:33:00 2009 +1000 note the semantic change in talloc_free from 2.0 --- Summary of changes: lib/talloc/talloc.3.xml |9 + lib/talloc/talloc_guide.txt |8 2 files changed, 9 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/talloc/talloc.3.xml b/lib/talloc/talloc.3.xml index 18c3788..8d9e082 100644 --- a/lib/talloc/talloc.3.xml +++ b/lib/talloc/talloc.3.xml @@ -136,10 +136,11 @@ talloc_free() operates recursively on its children. /para para - As a special case, talloc_free() is refused on pointers that - have more than one parent, as talloc would have no way of knowing - which parent should be removed. To free a pointer that has more than - one parent please use talloc_unlink(). + From the 2.0 version of talloc, as a special case, + talloc_free() is refused on pointers that have more than one + parent, as talloc would have no way of knowing which parent + should be removed. To free a pointer that has more than one + parent please use talloc_unlink(). /para para To help you find problems in your code caused by this behaviour, if diff --git a/lib/talloc/talloc_guide.txt b/lib/talloc/talloc_guide.txt index 3b6467a..01de806 100644 --- a/lib/talloc/talloc_guide.txt +++ b/lib/talloc/talloc_guide.txt @@ -131,10 +131,10 @@ For more control on which parent is removed, see talloc_unlink() talloc_free() operates recursively on its children. -As a special case, talloc_free() is refused on pointers that have more -than one parent, as talloc would have no way of knowing which parent -should be removed. To free a pointer that has more than one parent -please use talloc_unlink(). +From the 2.0 version of talloc, as a special case, talloc_free() is +refused on pointers that have more than one parent, as talloc would +have no way of knowing which parent should be removed. To free a +pointer that has more than one parent please use talloc_unlink(). To help you find problems in your code caused by this behaviour, if you do try and free a pointer with more than one parent then the -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1225-gd4c82fc
The branch, v3-4-test has been updated via d4c82fcb106ba872a9987ae40e0fe2d58b7ef1bb (commit) from ef891070288cd13aff7c730de7c1baf54dddb90f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit d4c82fcb106ba872a9987ae40e0fe2d58b7ef1bb Author: Michael Adam ob...@samba.org Date: Fri Aug 21 13:59:16 2009 +0200 s3: fix bug #6650, authentication at member servers when winbindd is not running Authentication of domain users on the member server fails when winbindd is not running. This is because the is_trusted_domain() check behaves differently when winbindd is running and when it isn't: Since wb_is_trusted_domain() calls wbcDomainInfo(), and this will also give a result for our own domain, this succeeds for the member server's own domain when winbindd is running. When winbindd is not running, is_trusted_domain() checks (and possibly updates) the trustdom cache, and this does the lsa_EnumTrustDom() rpc call to the DC which does not return its own domain. In case of winbindd not running, before 3.4, the domain part was _silently_ mapped to the workgroup in auth_util.c:make_user_info_map(), which effectively did nothing in the member case. But then the parameter map untrusted to domain was introduced and the mapping was made to the workstation name instead of the workgroup name by default unless map untrusted to domain = yes. (Commits d8c54fddda2dba3cbc5fc13e93431b152813892e, 5cd4b7b7c03df6e896186d985b6858a06aa40b3f, and fbca26923915a70031f561b198cfe2cc0d9c3aa6) This was ok as long as winbindd was running, but with winbindd not running, these changes actually uncovered the above logic bug in the check. So the correct check is to treat the workgroup as trusted / or known in the member case. This is most easily achieved by not comparing the domain name against get_global_sam_name() which is the host name unless for a DC but against my_sam_name() which is the workgroup for a DC and for a member, too. (These names are not very intuitive...) I admit that this is a very long commit message for a one-liner, but this has needed some tracking down, and I think the change deserves some justification. Michael (cherry picked from commit 6afb02cb53f47e0fd7e7df3935b067e7e1f8a9de) --- Summary of changes: source3/auth/auth_util.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 4a8fc95..b743c12 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -218,7 +218,7 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info, * This also deals with the client passing in a domain */ if (!is_trusted_domain(domain) - !strequal(domain, get_global_sam_name()) ) + !strequal(domain, my_sam_name())) { if (lp_map_untrusted_to_domain()) domain = my_sam_name(); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1226-g0911f71
The branch, v3-4-test has been updated via 0911f7137bf37a9a14e6ebff9a0990482a11375b (commit) from d4c82fcb106ba872a9987ae40e0fe2d58b7ef1bb (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 0911f7137bf37a9a14e6ebff9a0990482a11375b Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 24 11:28:06 2009 +0200 WHATSNEW: Update changes since 3.4.0. Karolin --- Summary of changes: WHATSNEW.txt | 12 +--- 1 files changed, 9 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 050d342..923c95d 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,6 +1,6 @@ = Release Notes for Samba 3.4.1 - August 18, 2009 + August , 2009 = @@ -9,9 +9,9 @@ This is the latest stable release of Samba 3.4. Major enhancements in Samba 3.4.1 include: + o Fix authentication on member servers without Winbind (bug #6650). + o Nautilus fails to copy files from an SMB share (bug #6649). o Fix connections of Win98 clients (bug #6551). - o SetPrinter fails (panics) as non root (bug #6564). - o Fix crash bug in spoolss_addprinterex_level_2 (bug #6607). ## @@ -22,6 +22,10 @@ Changes since 3.4.0 --- +o Michael Adam ob...@samba.org +* BUG 6650: Fix authentication on member servers without Winbind. + + o Jeremy Allison j...@samba.org * BUG 6437: Make open_udp_socket() IPv6 clean. * BUG 6506: Smbd server doesn't set EAs when a file is overwritten in @@ -29,6 +33,7 @@ o Jeremy Allison j...@samba.org * BUG 6551: Fix connections of Win98 clients. * BUG 6564: SetPrinter fails (panics) as non root. * BUG 6593: Correctly implement SMB_INFO_STANDARD setfileinfo. +* BUG 6649: Nautilus fails to copy files from an SMB share. o Yannick Bergeron burgerg...@hotmail.com @@ -46,6 +51,7 @@ o Matt Kraai mkr...@beckman.com o Volker Lendecke v...@samba.org +* BUG 6585: Fix unqualified net join. * BUG 6611: Fix a valgrind error in chain_reply. * Fix linking on Solaris. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-stable updated - release-3-4-0-42-gc7449bd
The branch, v3-4-stable has been updated via c7449bd0ae1f60d18816e8a34be7de4fe4394fd5 (commit) via 355aa0b9b7fdda18ae31085356918383b540c807 (commit) via 0300ff8bac18a6e6386ec29e0c5392e0f58e69b0 (commit) via 73103525b0c1e8ba830212f224ffd75b78869534 (commit) via 25ab2a06392402ba72740205902ec30702110446 (commit) from 25e378df1869a7ac514124bb699344a1426556b3 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-stable - Log - commit c7449bd0ae1f60d18816e8a34be7de4fe4394fd5 Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 24 11:28:06 2009 +0200 WHATSNEW: Update changes since 3.4.0. Karolin (cherry picked from commit 0911f7137bf37a9a14e6ebff9a0990482a11375b) commit 355aa0b9b7fdda18ae31085356918383b540c807 Author: Michael Adam ob...@samba.org Date: Fri Aug 21 13:59:16 2009 +0200 s3: fix bug #6650, authentication at member servers when winbindd is not running Authentication of domain users on the member server fails when winbindd is not running. This is because the is_trusted_domain() check behaves differently when winbindd is running and when it isn't: Since wb_is_trusted_domain() calls wbcDomainInfo(), and this will also give a result for our own domain, this succeeds for the member server's own domain when winbindd is running. When winbindd is not running, is_trusted_domain() checks (and possibly updates) the trustdom cache, and this does the lsa_EnumTrustDom() rpc call to the DC which does not return its own domain. In case of winbindd not running, before 3.4, the domain part was _silently_ mapped to the workgroup in auth_util.c:make_user_info_map(), which effectively did nothing in the member case. But then the parameter map untrusted to domain was introduced and the mapping was made to the workstation name instead of the workgroup name by default unless map untrusted to domain = yes. (Commits d8c54fddda2dba3cbc5fc13e93431b152813892e, 5cd4b7b7c03df6e896186d985b6858a06aa40b3f, and fbca26923915a70031f561b198cfe2cc0d9c3aa6) This was ok as long as winbindd was running, but with winbindd not running, these changes actually uncovered the above logic bug in the check. So the correct check is to treat the workgroup as trusted / or known in the member case. This is most easily achieved by not comparing the domain name against get_global_sam_name() which is the host name unless for a DC but against my_sam_name() which is the workgroup for a DC and for a member, too. (These names are not very intuitive...) I admit that this is a very long commit message for a one-liner, but this has needed some tracking down, and I think the change deserves some justification. Michael (cherry picked from commit 6afb02cb53f47e0fd7e7df3935b067e7e1f8a9de) (cherry picked from commit d4c82fcb106ba872a9987ae40e0fe2d58b7ef1bb) commit 0300ff8bac18a6e6386ec29e0c5392e0f58e69b0 Author: Jeremy Allison j...@samba.org Date: Fri Aug 21 12:44:54 2009 +0200 Fix Red Hat bugzilla bug : https://bugzilla.redhat.com/show_bug.cgi?id=516165 nautilus fails to copy files from an SMB share. This is a show-stopper for 3.4.1. Although gnome-vfs is doing *incredibly* stupid things by asking for a read size of 65535 - this translates on the wire to a 65534 byte read followed by a 1 byte read. Please send this back to the gnome developers that they will ge horrid on the wire performance for this. Jeremy. Fixes bug #6649. Fixed in master with commit 33d27797d3ae9ab3ff7e1aa940941cc450f5ad1d. (cherry picked from commit ef891070288cd13aff7c730de7c1baf54dddb90f) commit 73103525b0c1e8ba830212f224ffd75b78869534 Author: Jeremy Allison j...@samba.org Date: Thu Aug 20 11:12:22 2009 -0700 Fix bug 6638 - ADS Domain Member: Computer Mgr can not set share ACLs Add good error message for share modification denial. Jeremy. (cherry picked from commit ed122f5e9d1e1287eb13efc99e4129492d34abbc) commit 25ab2a06392402ba72740205902ec30702110446 Author: Volker Lendecke v...@samba.org Date: Wed Jul 29 04:30:52 2009 -0400 Fix unqualified net join Kai, please check! Fixes bug #6585. Thanks, Volker (cherry picked from commit d8543da9dad3286cd330b98374405edb9f976e77) (cherry picked from commit bf7d1758a77a462d9b30cc2549a960736884ee32) --- Summary of changes: WHATSNEW.txt | 12 +--- source3/auth/auth_util.c |2 +- source3/libsmb/clireadwrite.c |2 +- source3/rpc_server/srv_srvsvc_nt.c | 22 +++--- source3/utils/net_join.c |5 + 5 files changed, 31 insertions(+), 12 deletions(-) Changeset truncated at 500
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1154-gbe9441a
The branch, master has been updated via be9441ac3fa167f97f54700e52dec9995b170fa3 (commit) via 7234a24f821743c60075d1e2868fba7b0f2a8f8b (commit) via b4e8d927cd91b2fc1221d9834715153c7487b715 (commit) via bf54b419ae4f2f87afba1ba1e83c97b05b18c9b0 (commit) via cc330f93625290dc5f67c9c0f2f17e566ddbf1f1 (commit) from 0f98d539e2edc8f1d57271fb20051189699222a7 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit be9441ac3fa167f97f54700e52dec9995b170fa3 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 24 20:22:18 2009 +1000 s4:dsdb Use talloc_strndup() to ensure OIDs are null terminated The OIDs are not NULL terminated by the python caller, in line with the LDB API, but we need them to be here, as we were casting them to a string. Andrew Bartlett commit 7234a24f821743c60075d1e2868fba7b0f2a8f8b Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 24 20:11:43 2009 +1000 s4:ldb Add python binding and test for ldb_msg_diff() commit b4e8d927cd91b2fc1221d9834715153c7487b715 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 24 13:15:31 2009 +1000 s4:dsdb Add const commit bf54b419ae4f2f87afba1ba1e83c97b05b18c9b0 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 24 13:15:17 2009 +1000 s4:dsdb remove unused variable commit cc330f93625290dc5f67c9c0f2f17e566ddbf1f1 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 24 13:09:10 2009 +1000 s4:dsdb use talloc_strndup() in GET_STRING_LDB() rather than walk off the end The problem is that samdb_result_string() and ldb_msg_find_attr_as_string() both simply cast the string, rather than ensuring the return value is NULL terminated. This may be best regarded as a flaw in LDB, but fixing it there is going to be more difficult. Andrew Bartlett --- Summary of changes: source4/dsdb/samdb/ldb_modules/schema_fsmo.c | 20 +--- source4/dsdb/schema/schema_init.c| 24 +- source4/dsdb/schema/schema_query.c |4 +- source4/lib/ldb/pyldb.c | 32 ++ source4/lib/ldb/tests/python/api.py | 11 + 5 files changed, 73 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/schema_fsmo.c b/source4/dsdb/samdb/ldb_modules/schema_fsmo.c index 290232b..c482ab5 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_fsmo.c +++ b/source4/dsdb/samdb/ldb_modules/schema_fsmo.c @@ -172,8 +172,8 @@ static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) { struct ldb_context *ldb; struct dsdb_schema *schema; - const char *attributeID = NULL; - const char *governsID = NULL; + const struct ldb_val *attributeID = NULL; + const struct ldb_val *governsID = NULL; const char *oid_attr = NULL; const char *oid = NULL; uint32_t id32; @@ -202,21 +202,24 @@ static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_UNWILLING_TO_PERFORM; } - attributeID = samdb_result_string(req-op.add.message, attributeID, NULL); - governsID = samdb_result_string(req-op.add.message, governsID, NULL); + attributeID = ldb_msg_find_ldb_val(req-op.add.message, attributeID); + governsID = ldb_msg_find_ldb_val(req-op.add.message, governsID); if (attributeID) { oid_attr = attributeID; - oid = attributeID; + oid = talloc_strndup(req, (const char *)attributeID-data, attributeID-length); } else if (governsID) { oid_attr = governsID; - oid = governsID; + oid = talloc_strndup(req, (const char *)governsID-data, governsID-length); + } else { + return ldb_next_request(module, req); } if (!oid) { - return ldb_next_request(module, req); + ldb_oom(ldb); + return LDB_ERR_OPERATIONS_ERROR; } - + status = dsdb_map_oid2int(schema, oid, id32); if (W_ERROR_IS_OK(status)) { return ldb_next_request(module, req); @@ -408,7 +411,6 @@ static int generate_possibleInferiors(struct ldb_context *ldb, struct ldb_messag int ret, i; const char *first_component_name = ldb_dn_get_component_name(dn, 0); const struct ldb_val *first_component_val; - const char *class_name; const struct dsdb_class *schema_class; const char **possibleInferiors; diff --git a/source4/dsdb/schema/schema_init.c b/source4/dsdb/schema/schema_init.c index 170d5a1..c2d4597 100644 --- a/source4/dsdb/schema/schema_init.c +++
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1156-gb1ee4c1
The branch, master has been updated via b1ee4c14d49aa2dc0df90694d7403620951de137 (commit) via 965a079535bd11a7870d45991a0d0628d6579b3b (commit) from be9441ac3fa167f97f54700e52dec9995b170fa3 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b1ee4c14d49aa2dc0df90694d7403620951de137 Author: Günther Deschner g...@samba.org Date: Mon Aug 24 14:28:04 2009 +0200 libndr: add missing protoypes for double type. Guenther commit 965a079535bd11a7870d45991a0d0628d6579b3b Author: Günther Deschner g...@samba.org Date: Mon Aug 24 14:27:13 2009 +0200 tevent: avoid using reserved c++ word. Guenther --- Summary of changes: lib/tevent/tevent_signal.c |2 +- librpc/ndr/libndr.h|1 + 2 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent_signal.c b/lib/tevent/tevent_signal.c index 27e8624..f07de83 100644 --- a/lib/tevent/tevent_signal.c +++ b/lib/tevent/tevent_signal.c @@ -158,7 +158,7 @@ static int tevent_signal_destructor(struct tevent_signal *se) this is part of the pipe hack needed to avoid the signal race condition */ static void signal_pipe_handler(struct tevent_context *ev, struct tevent_fd *fde, - uint16_t flags, void *private) + uint16_t flags, void *_private) { char c[16]; ssize_t res; diff --git a/librpc/ndr/libndr.h b/librpc/ndr/libndr.h index 53bed01..7b981f9 100644 --- a/librpc/ndr/libndr.h +++ b/librpc/ndr/libndr.h @@ -470,6 +470,7 @@ NDR_SCALAR_PROTO(NTTIME_hyper, NTTIME) NDR_SCALAR_PROTO(DATA_BLOB, DATA_BLOB) NDR_SCALAR_PROTO(ipv4address, const char *) NDR_SCALAR_PROTO(string, const char *) +NDR_SCALAR_PROTO(double, double) enum ndr_err_code ndr_pull_policy_handle(struct ndr_pull *ndr, int ndr_flags, struct policy_handle *r); enum ndr_err_code ndr_push_policy_handle(struct ndr_push *ndr, int ndr_flags, const struct policy_handle *r); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1157-g5359e39
The branch, master has been updated via 5359e397ff190c35414f6961be61a5110e237dd5 (commit) from b1ee4c14d49aa2dc0df90694d7403620951de137 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5359e397ff190c35414f6961be61a5110e237dd5 Author: Olaf Flebbe fle...@nix.science-computing.de Date: Mon Aug 17 17:31:01 2009 +0200 make smbcontrol smbd ping work proper checking for arguments handle short pid_t correctly --- Summary of changes: source3/lib/util.c | 22 -- source3/utils/smbcontrol.c | 13 + 2 files changed, 21 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/util.c b/source3/lib/util.c index 835e4c0..74b7921 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -2692,14 +2692,15 @@ bool procid_is_me(const struct server_id *pid) struct server_id interpret_pid(const char *pid_string) { -#ifdef CLUSTER_SUPPORT - unsigned int vnn, pid; struct server_id result; - if (sscanf(pid_string, %u:%u, vnn, pid) == 2) { + int pid; +#ifdef CLUSTER_SUPPORT + unsigned int vnn; + if (sscanf(pid_string, %u:%d, vnn, pid) == 2) { result.vnn = vnn; result.pid = pid; } - else if (sscanf(pid_string, %u, pid) == 1) { + else if (sscanf(pid_string, %d, pid) == 1) { result.vnn = get_my_vnn(); result.pid = pid; } @@ -2707,10 +2708,19 @@ struct server_id interpret_pid(const char *pid_string) result.vnn = NONCLUSTER_VNN; result.pid = -1; } - return result; #else - return pid_to_procid(atoi(pid_string)); + if (sscanf(pid_string, %d, pid) != 1) { + result.pid = -1; + } else { + result.pid = pid; + } #endif + /* Assigning to result.pid may have overflowed + Map negative pid to -1: i.e. error */ + if (result.pid 0) { + result.pid = -1; + } + return result; } char *procid_str(TALLOC_CTX *mem_ctx, const struct server_id *pid) diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index fc7d0aa..7fab6eb 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -1247,15 +1247,12 @@ static struct server_id parse_dest(const char *dest) dest = winbindd; } - if (!(strequal(dest, winbindd) || strequal(dest, nmbd))) { - /* Check for numeric pid number */ + /* Check for numeric pid number */ + result = interpret_pid(dest); - result = interpret_pid(dest); - - /* Zero isn't valid if not smbd. */ - if (result.pid procid_valid(result)) { - return result; - } + /* Zero isn't valid if not all. */ + if (result.pid procid_valid(result)) { + return result; } /* Look up other destinations in pidfile directory */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1158-ge829ca5
The branch, master has been updated via e829ca560d20e02f34831680a12f3163aee76665 (commit) from 5359e397ff190c35414f6961be61a5110e237dd5 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e829ca560d20e02f34831680a12f3163aee76665 Author: Jeremy Allison j...@samba.org Date: Mon Aug 24 11:24:10 2009 -0700 Fix make test. Jeremy. --- Summary of changes: lib/util/charset/tests/iconv.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/charset/tests/iconv.c b/lib/util/charset/tests/iconv.c index e8d7bc1..0f09ac8 100644 --- a/lib/util/charset/tests/iconv.c +++ b/lib/util/charset/tests/iconv.c @@ -27,6 +27,7 @@ #include libcli/raw/libcliraw.h #include param/param.h #include torture/util.h +#include talloc.h #if HAVE_NATIVE_ICONV -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1159-g87d30a1
The branch, master has been updated via 87d30a1968af66619dfd60f9bc7accde2ac22345 (commit) from e829ca560d20e02f34831680a12f3163aee76665 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 87d30a1968af66619dfd60f9bc7accde2ac22345 Author: Jeremy Allison j...@samba.org Date: Mon Aug 24 12:30:05 2009 -0700 Second part of fix for 6529 - Offline files conflict with Vista and Office 2003. ext4 may be able to store ns timestamps, but the only API to *set* timestamps takes usec, not nsec. Round to usec on set requests. Jeremy. --- Summary of changes: source3/include/proto.h |1 + source3/lib/time.c | 10 ++ source3/smbd/trans2.c | 11 +++ 3 files changed, 22 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 1b09732..97d05b3 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1045,6 +1045,7 @@ struct timespec timespec_min(const struct timespec *ts1, const struct timespec *ts2); int timespec_compare(const struct timespec *ts1, const struct timespec *ts2); void round_timespec(struct timespec *ts); +void round_timespec_to_usec(struct timespec *ts); struct timespec interpret_long_date(const char *p); void cli_put_dos_date(struct cli_state *cli, char *buf, int offset, time_t unixdate); void cli_put_dos_date2(struct cli_state *cli, char *buf, int offset, time_t unixdate); diff --git a/source3/lib/time.c b/source3/lib/time.c index 06605cd..c80b59a 100644 --- a/source3/lib/time.c +++ b/source3/lib/time.c @@ -479,6 +479,16 @@ void round_timespec(struct timespec *ts) } / + Round a timespec to usec value. +/ + +void round_timespec_to_usec(struct timespec *ts) +{ + struct timeval tv = convert_timespec_to_timeval(*ts); + *ts = convert_timeval_to_timespec(tv); +} + +/ Interprets an nt time into a unix struct timespec. Differs from nt_time_to_unix in that an 8 byte value of 0x will be returned as (time_t)-1, whereas nt_time_to_unix returns 0 in this case. diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 2900e76..a1043e2 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -5409,6 +5409,17 @@ NTSTATUS smb_set_file_time(connection_struct *conn, round_timespec(ft-ctime); round_timespec(ft-atime); round_timespec(ft-mtime); + } else { + /* The highest resolution timestamp +* setting function available in POSIX +* is utimes(), which uses usec resolution, +* not nsec resolution. So we must round to +* usec, then back to nsec. JRA. +*/ + round_timespec_to_usec(ft-create_time); + round_timespec_to_usec(ft-ctime); + round_timespec_to_usec(ft-atime); + round_timespec_to_usec(ft-mtime); } DEBUG(5,(smb_set_filetime: actime: %s\n , -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1161-g2840902
The branch, master has been updated via 28409026928a6051f0d0c58da66f6904b98962fd (commit) via 4799020e9f1ab9bd811c9b5222af670db0705559 (commit) from 87d30a1968af66619dfd60f9bc7accde2ac22345 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 28409026928a6051f0d0c58da66f6904b98962fd Author: Günther Deschner g...@samba.org Date: Mon Aug 24 23:02:20 2009 +0200 netlogon: add (yet) undocumented netlogon negotiate bit to bitmap. This bit is set by the Win7 client while joining. Guenther commit 4799020e9f1ab9bd811c9b5222af670db0705559 Author: Günther Deschner g...@samba.org Date: Mon Aug 24 23:00:47 2009 +0200 s3-netlogon: Only hand out rid when netlogon credential chain has been setup sucessfully. Guenther --- Summary of changes: librpc/gen_ndr/ndr_netlogon.c |1 + librpc/gen_ndr/netlogon.h |1 + librpc/idl/netlogon.idl|1 + source3/rpc_server/srv_netlog_nt.c |6 +- 4 files changed, 8 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/gen_ndr/ndr_netlogon.c b/librpc/gen_ndr/ndr_netlogon.c index 18969ec..8bb22d8 100644 --- a/librpc/gen_ndr/ndr_netlogon.c +++ b/librpc/gen_ndr/ndr_netlogon.c @@ -6508,6 +6508,7 @@ _PUBLIC_ void ndr_print_netr_NegotiateFlags(struct ndr_print *ndr, const char *n ndr_print_bitmap_flag(ndr, sizeof(uint32_t), NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION, NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), NETLOGON_NEG_RODC_PASSTHROUGH, NETLOGON_NEG_RODC_PASSTHROUGH, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), NETLOGON_NEG_SUPPORTS_AES_SHA2, NETLOGON_NEG_SUPPORTS_AES_SHA2, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), NETLOGON_NEG_0x0100, NETLOGON_NEG_0x0100, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), NETLOGON_NEG_AUTHENTICATED_RPC_LSASS, NETLOGON_NEG_AUTHENTICATED_RPC_LSASS, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), NETLOGON_NEG_AUTHENTICATED_RPC, NETLOGON_NEG_AUTHENTICATED_RPC, r); ndr-depth--; diff --git a/librpc/gen_ndr/netlogon.h b/librpc/gen_ndr/netlogon.h index 28307ff..bc8ff12 100644 --- a/librpc/gen_ndr/netlogon.h +++ b/librpc/gen_ndr/netlogon.h @@ -754,6 +754,7 @@ union netr_CONTROL_DATA_INFORMATION { #define NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION ( 0x0010 ) #define NETLOGON_NEG_RODC_PASSTHROUGH ( 0x0020 ) #define NETLOGON_NEG_SUPPORTS_AES_SHA2 ( 0x0040 ) +#define NETLOGON_NEG_0x0100 ( 0x0100 ) #define NETLOGON_NEG_AUTHENTICATED_RPC_LSASS ( 0x2000 ) #define NETLOGON_NEG_AUTHENTICATED_RPC ( 0x4000 ) diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl index c34059a..2a2a6eb 100644 --- a/librpc/idl/netlogon.idl +++ b/librpc/idl/netlogon.idl @@ -961,6 +961,7 @@ interface netlogon NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION = 0x0010, NETLOGON_NEG_RODC_PASSTHROUGH = 0x0020, NETLOGON_NEG_SUPPORTS_AES_SHA2 = 0x0040, + NETLOGON_NEG_0x0100 = 0x0100, NETLOGON_NEG_AUTHENTICATED_RPC_LSASS= 0x2000, NETLOGON_NEG_AUTHENTICATED_RPC = 0x4000 } netr_NegotiateFlags; diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 79ff7b1..8a93b20 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -513,6 +513,7 @@ NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, uint32_t in_neg_flags = *r-in.negotiate_flags; struct netr_Credential srv_chal_out; const char *fn; + uint32_t rid; /* According to Microsoft (see bugid #6099) * Windows 7 looks at the negotiate_flags @@ -578,7 +579,7 @@ NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, status = get_md4pw((char *)p-dc-mach_pw, r-in.account_name, r-in.secure_channel_type, - r-out.rid); + rid); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,(%s: failed to get machine password for account %s: %s\n, @@ -621,6 +622,9 @@ NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, r-in.computer_name, p-dc); unbecome_root(); + + *r-out.rid = rid; + status = NT_STATUS_OK; out: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1162-g7a6c979
The branch, master has been updated via 7a6c979299ce5e0bea45ba7f2fe92443ac5a0735 (commit) from 28409026928a6051f0d0c58da66f6904b98962fd (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7a6c979299ce5e0bea45ba7f2fe92443ac5a0735 Author: Jeremy Allison j...@samba.org Date: Mon Aug 24 15:09:29 2009 -0700 Use existing time_t rounding function, don't invent my own. Jeremy. --- Summary of changes: source3/lib/time.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/time.c b/source3/lib/time.c index c80b59a..a9f7899 100644 --- a/source3/lib/time.c +++ b/source3/lib/time.c @@ -474,7 +474,7 @@ int timespec_compare(const struct timespec *ts1, const struct timespec *ts2) void round_timespec(struct timespec *ts) { - ts-tv_sec += ts-tv_nsec = 5 ? 1 : 0; + ts-tv_sec = convert_timespec_to_time_t(*ts); ts-tv_nsec = 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1163-g9a86f26
The branch, master has been updated via 9a86f26a5f0b421f8cf259e579fe5946b39623f6 (commit) from 7a6c979299ce5e0bea45ba7f2fe92443ac5a0735 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9a86f26a5f0b421f8cf259e579fe5946b39623f6 Author: Jeremy Allison j...@samba.org Date: Mon Aug 24 18:21:23 2009 -0700 Allow systems with timestamp granularity of 1sec to work with this test. Jeremy. --- Summary of changes: source4/torture/basic/delaywrite.c | 15 +++ 1 files changed, 15 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/basic/delaywrite.c b/source4/torture/basic/delaywrite.c index 698638d..eb553ed 100644 --- a/source4/torture/basic/delaywrite.c +++ b/source4/torture/basic/delaywrite.c @@ -240,6 +240,9 @@ static bool test_delayed_write_update1(struct torture_context *tctx, struct smbc ret = false; } + fflush(stdout); + msleep(2 * msec); + /* Do a non-zero length SMBwrite and make sure it doesn't update the write time. */ written = smbcli_smbwrite(cli-tree, fnum1, x, 0, 1); @@ -421,6 +424,9 @@ static bool test_delayed_write_update1a(struct torture_context *tctx, struct smb ret = false; } + fflush(stdout); + msleep(2 * msec); + /* Do a non-zero length SMBwrite and make sure it doesn't update the write time. */ written = smbcli_smbwrite(cli-tree, fnum1, x, 0, 1); @@ -596,6 +602,9 @@ static bool test_delayed_write_update1b(struct torture_context *tctx, struct smb ret = false; } + fflush(stdout); + msleep(2 * msec); + /* Do a non-zero length SMBwrite and make sure it doesn't update the write time. */ written = smbcli_smbwrite(cli-tree, fnum1, x, 0, 1); @@ -773,6 +782,9 @@ static bool test_delayed_write_update1c(struct torture_context *tctx, struct smb ret = false; } + fflush(stdout); + msleep(2 * msec); + /* Do a non-zero length SMBwrite and make sure it doesn't update the write time. */ written = smbcli_smbwrite(cli-tree, fnum1, x, 0, 1); torture_assert_int_equal(tctx, written, 1, @@ -999,6 +1011,9 @@ static bool test_delayed_write_update2(struct torture_context *tctx, struct smbc torture_comment(tctx, Server did not update write time (correct)\n); } + fflush(stdout); + msleep(2 * msec); + fnum2 = smbcli_open(cli-tree, fname, O_RDWR, DENY_NONE); if (fnum2 == -1) { torture_comment(tctx, Failed to open %s\n, fname); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1164-gc69f92d
The branch, master has been updated via c69f92d16d57c2387d31b5dfd01aab0685a671d0 (commit) from 9a86f26a5f0b421f8cf259e579fe5946b39623f6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c69f92d16d57c2387d31b5dfd01aab0685a671d0 Author: Jeremy Allison j...@samba.org Date: Mon Aug 24 20:57:37 2009 -0700 Second attempt at fix for bug 6529 - Offline files conflict with Vista and Office 2003. Confirmation from reporter that this fixes the issue in master on ext3/ext4. Back-ports to follow. Jeremy. --- Summary of changes: source3/include/includes.h |6 ++ source3/include/proto.h |5 +- source3/include/smb.h |7 +- source3/include/vfs.h | 10 ++- source3/include/vfs_macros.h|8 +- source3/lib/time.c | 24 +++- source3/modules/vfs_default.c | 80 ++ source3/modules/vfs_full_audit.c|4 +- source3/modules/vfs_onefs.c |6 +- source3/modules/vfs_streams_depot.c |5 +- source3/modules/vfs_streams_xattr.c |5 +- source3/modules/vfs_tsmsm.c |5 +- source3/smbd/dosmode.c |2 +- source3/smbd/msdfs.c|2 +- source3/smbd/nttrans.c | 16 +++--- source3/smbd/open.c |6 +-- source3/smbd/service.c | 19 +-- source3/smbd/trans2.c | 106 +++--- source3/smbd/vfs.c |5 +- 19 files changed, 188 insertions(+), 133 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/includes.h b/source3/include/includes.h index 87df3b7..92a3705 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -566,6 +566,12 @@ struct timespec { }; #endif +enum timestamp_set_resolution { + TIMESTAMP_SET_SECONDS = 0, + TIMESTAMP_SET_MSEC, + TIMESTAMP_SET_NT_OR_BETTER +}; + #ifdef HAVE_BROKEN_GETGROUPS #define GID_T int #else diff --git a/source3/include/proto.h b/source3/include/proto.h index 97d05b3..c530ee5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1028,7 +1028,8 @@ char *current_timestring(TALLOC_CTX *ctx, bool hires); void srv_put_dos_date(char *buf,int offset,time_t unixdate); void srv_put_dos_date2(char *buf,int offset, time_t unixdate); void srv_put_dos_date3(char *buf,int offset,time_t unixdate); -void put_long_date_timespec(char *p, struct timespec ts); +void round_timespec(enum timestamp_set_resolution res, struct timespec *ts); +void put_long_date_timespec(enum timestamp_set_resolution res, char *p, struct timespec ts); void put_long_date(char *p, time_t t); void dos_filetime_timespec(struct timespec *tsp); time_t make_unix_date2(const void *date_ptr, int zone_offset); @@ -1044,7 +1045,7 @@ struct timespec timespec_current(void); struct timespec timespec_min(const struct timespec *ts1, const struct timespec *ts2); int timespec_compare(const struct timespec *ts1, const struct timespec *ts2); -void round_timespec(struct timespec *ts); +void round_timespec_to_sec(struct timespec *ts); void round_timespec_to_usec(struct timespec *ts); struct timespec interpret_long_date(const char *p); void cli_put_dos_date(struct cli_state *cli, char *buf, int offset, time_t unixdate); diff --git a/source3/include/smb.h b/source3/include/smb.h index 1347ab2..3f3d7e6 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -557,9 +557,10 @@ typedef struct connection_struct { bool ipc; bool read_only; /* Attributes for the current user of the share. */ bool admin_user; /* Attributes for the current user of the share. */ - bool hires_timestamps_avail; /* Does this filesystem honor - sub second timestamps on files - and directories ? */ + /* Does this filesystem honor + sub second timestamps on files + and directories when setting time ? */ + enum timestamp_set_resolution ts_res; char *connectpath; char *origpath; diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 2722352..38a972f 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -121,8 +121,9 @@ /* Changed to version 26 - Plumb struct smb_filename to SMB_VFS_CREATE_FILE, SMB_VFS_OPEN, SMB_VFS_STAT, SMB_VFS_LSTAT, SMB_VFS_RENAME, SMB_VFS_UNLINK, SMB_VFS_NTIMES. */ - -#define SMB_VFS_INTERFACE_VERSION 26 +/* Changed to version 27 - not yet released. Added enum timestamp_set_resolution + *return to fs_capabilities call. JRA. */ +#define SMB_VFS_INTERFACE_VERSION 27 /* to bug old modules which are
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1165-g2135461
The branch, master has been updated via 213546103749c30dbb3ad8472872b9a8fad34205 (commit) from c69f92d16d57c2387d31b5dfd01aab0685a671d0 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 213546103749c30dbb3ad8472872b9a8fad34205 Author: Jeremy Allison j...@samba.org Date: Mon Aug 24 21:14:52 2009 -0700 Help debug for bug 6651 - smbd SIGSEGV when breaking oplocks. Should help track if we get invoked with an invalid fd from the signal handler. Jeremy. --- Summary of changes: source3/smbd/oplock_linux.c |4 1 files changed, 4 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/oplock_linux.c b/source3/smbd/oplock_linux.c index b4a5495..535e809 100644 --- a/source3/smbd/oplock_linux.c +++ b/source3/smbd/oplock_linux.c @@ -98,6 +98,10 @@ static void linux_oplock_signal_handler(struct tevent_context *ev_ctx, files_struct *fsp; fsp = file_find_fd(fd); + if (fsp == NULL) { + DEBUG(0,(linux_oplock_signal_handler: failed to find fsp for file fd=%d\n, fd )); + smb_panic(linux_oplock_signal_handler\n); + } break_kernel_oplock(smbd_messaging_context(), fsp); } -- Samba Shared Repository