[Samba] Sambauser can't use his homeshare but other shares - smb.conf
Ok, here is my smb.conf-File. If i use the [homes]-Section, I can mount my home-share only if I first connected to an other share. If I use the [Mario]-Section, I can mount it on the first run. [global] workgroup = example netbios name = mounteverest password server = 192.168.2.200 security = ads realm = EXAMPLE.LOCAL encrypt passwords = yes local master =no os level = 20 domain master = no preferred master = no time server = Yes keepalive = 30 create mask = 0740 directory mask = 0750 log file = /var/log/samba/log.%m log level = 3 passdb:5 auth:10 winbind:2 nt acl support = yes winbind separator = + idmap backend = idmap_rid:example=1-1 idmap gid = 1-1 idmap uid = 1-1 template shell = /bin/bash winbind use default domain = yes winbind enum users = yes winbind enum groups = yes # von mario hinzugefuegt um 18:42 am 19.09.09 winbind nested groups = yes wins server = 192.168.2.200 # von mario hinzugefuegt um 18:42 am 19.09.09 template homedir = /data/shares/home/%U template shell = /bin/bash #[homes] #comment = Home Directories # path = /data/shares/home/%U # force group = @EXAMPLE+dir_home #read only = No #create mask = 0600 #directory mask = 0700 #browseable = No [mario] path = /data/shares/home/mario valid users = EXAMPLE+mario force group = @EXAMPLE+dir_home read only = No create mask = 0600 force create mode = 0700 [nobackup] path = /data/shares/nobackup valid users = @EXAMPLE+dir_nobackup force group = @EXAMPLE+dir_nobackup read only = No create mask = 0750 force create mode = 0770 force directory mode = 0770 [public] path = /data/shares/public valid users = @EXAMPLE+dir_public force group = @EXAMPLE+dir_public read only = No create mask = 0750 force create mode = 0770 force directory mode = 0770 [security] path = /data/shares/security valid users = @EXAMPLE+dir_security force group = @EXAMPLE+dir_security read only = No create mask = 0750 force create mode = 0770 force directory mode = 0770 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] OpenLDAP + SASL + Samba
Hi,
I've configured SASL to autenticate against Active Directory (it's
working, OK)
I've configured OpenLDAP to autenticate against SASL, using
'pass-through autentication' (it's working too)
I've managed to configure ypldap too, if I set the user password with
smbldap-passwd user
the user can login on the samba system, it works, no problem.
But my objective is to autenticate the user against AD, just the
password, there's no problem if I need to create each user on the LDAP
system and use just the password on the AD side.
I thought it would be possible to configure Samba + LDAP to autenticate
against AD, since LDAP on the 'pass-through' configuration is working,
that is, LDAP is autenticating against Active Directory by SASL.
So when I set the userPassword attribute on LDAP to:
userPassword: {sasl}fa...@my.domain
I can authenticate via LDAP (ldapsearch) but not via Samba.
Is it possible to get it working like that? Is there another way to get
this setup working?
Am I totally crazy and trying to do an impossible configuration?
My best regards,
Fabio Almeida
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[Samba] Update from pdbsql (MySQL) to LDAP
Hi All! I have a Samba as PDC for my domain MY_NETWORK running normally. What I want to do is to install another server with OpenLDAP as backend, and migrate the users and the domain to it. Can anyone point me how to do it? Below is my configuration. # smbd -V Version 3.2.15-0.36.fc10 # uname -a Linux svrmain2 2.6.27.35-170.2.94.fc10.x86_64 #1 SMP Thu Oct 1 14:41:38 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux # cat /etc/fedora-release Fedora release 10 (Cambridge) [global] workgroup = MY_NETWORK server string = MY_NETWORK SERVER netbios name = SERVER_MYNETWORK security = user smb ports = 139 domain logons = yes domain master = yes preferred master = Yes admin users = root guest account = nobody logon path = logon home = logon drive = h: os level = 200 log file = /var/log/samba/%m.log log level = 2 max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 kernel oplocks = no encrypt passwords = yes passdb expand explicit = no passwd program = /usr/bin/passwd %u passwd chat = *Nova*UNIX*senha:* %n\n *Redigite*a*nova*UNIX*senha:* %n\n *passwd:*all*authentication*tokens*updated*successfully.* unix password sync = yes dos charset = cp850 unix charset = UTF8 display charset = LOCALE vfs object = recycle recycle:repository = .lixeira recycle:keeptree = yes recycle:versions = yes recycle:directory_mode = 0770 recycle:noversions = *.doc|*.xls|*.ppt recycle:noversions = *.odt|*.ods|*.odp|*.doc|*.xls|*.ppt veto files = copy.exe/host.exe dns proxy = no nt acl support = yes wins support = yes winbind uid = 1-2 winbind gid = 1-2 winbind enum users = yes winbind enum groups = yes template homedir = /dev/null template shell = /dev/null winbind use default domain = yes passdb backend = mysql:mysql mysql:mysql host = localhost mysql:mysql user = root mysql:mysql password = mysql:mysql database = samba add user script = /usr/sbin/useradd -g users %u delete user script = /usr/sbin/userdel -r %u add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g rename user script = /usr/sbin/usermod -l %unew %uold set primary group script = /usr/sbin/usermod -g %g %u add machine script = /usr/sbin/adduser -d /dev/null -s /bin/false %u # grep rodrigo /etc/passwd rodrigo:x:7821:100::/home/rodrigo:/bin/bash # grep rodrigo /etc/shadow rodrigo:$1$iv7a45PI$3HkB6lqM0kF7I2K/u/bki.:14488:0:9:7::: CREATE TABLE user ( logon_time int(9) default NULL, logoff_time int(9) default NULL, kickoff_time int(9) default NULL, pass_last_set_time int(9) default NULL, pass_can_change_time int(9) default '0', pass_must_change_time int(9) default '2147483647', username varchar(255) default NULL, domain varchar(255) default NULL, nt_username varchar(255) default NULL, nt_fullname varchar(255) default NULL, home_dir varchar(255) default NULL, dir_drive varchar(4) default NULL, logon_script varchar(255) default NULL, profile_path varchar(255) default NULL, acct_desc varchar(255) default NULL, workstations varchar(255) default NULL, unknown_str varchar(255) default NULL, munged_dial varchar(255) default NULL, uid int(9) NOT NULL PRIMARY KEY auto_increment, gid int(9) default NULL, user_sid varchar(255) default NULL, group_sid varchar(255) default NULL, lm_pw varchar(255) default NULL, nt_pw varchar(255) default NULL, acct_ctrl int(9) default '528', logon_divs int(9) default '168', hours_len int(9) default '21', unknown_6 int(9) default 1260, bad_password_count int(9) default NULL, logon_count int(9) default '0', logon_hours varchar(42) default NULL, password_history text default NULL, KEY username(username) ); INSERT INTO `user` (`logon_time`, `logoff_time`, `kickoff_time`, `pass_last_set_time`, `pass_can_change_time`, `pass_must_change_time`, `username`, `domain`, `nt_username`, `nt_fullname`, `home_dir`, `dir_drive`, `logon_script`, `profile_path`, `acct_desc`, `workstations`, `comment`, `munged_dial`, `uid`, `gid`, `user_sid`, `group_sid`, `lm_pw`, `nt_pw`, `acct_ctrl`, `logon_divs`, `hours_len`, `unknown_6`, `bad_password_count`, `logon_count`, `logon_hours`, `password_history`) VALUES (0,2147483647,0,1251837697,0,0,'rodrigo','MY_NETWORK',NULL,'Rodrigo',NULL,'h:',NULL,NULL,NULL,NULL,NULL,NULL,477,NULL,'S-1-5-21-2375962839-455842283-1180769733-16642','S-1-5-21-2375962839-455842283-1180769733-513','F0A500C5D3F91353E68AA26A841A86FA','AFB336AE41392A74FDC2040EE97907F9',528,168,21,1260,NULL,0,'ÿ','AFB336AE41392A74FDC2040EE97907F9'); -- M. Rodrigo Monteiro fale...@rodrigomonteiro.net Free as in Freedom, not free as in free beer As we are liberated from
[Samba] Samba directory level security
Good morning all, We are moving our web server from novell to unix (solaris) and will be using samba to allow users to edit web pages. Our samba instance authenticates using ADS and the users do not necessarily have accounts on the server itself. We are attempting to allow users to map a single samba share but only see the directories they have read access to (see configuration below). Any suggestions? We have /www (main share) /www/dir1 /www/dir2 /www/dir3 everyone should map to /www group should see something like dir1 dir2 dir3 group2 dir1 dir2 [www] path = /www read only = yes browseable = no guest ok = no write list= @Domain\All_Editors public = no force user=web hide unreadable=yes [dir1] path = /www/dir1 read only = no browseable = no guest ok = no write list= @Domain\DIR1_Editors public = no force user=web hide unreadable=yes --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba directory level security
Is the use of ACLs a possibility? Iv'e explained to someone yesterday how to use ACLs in Samba with ADS. It works very well for us and we are doing exactly what you want except that we only share out the root (www directory in your instance) and control everything using ACLs. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University On Tue, Oct 6, 2009 at 7:03 AM, Poulter, Dale dale.poul...@vanderbilt.eduwrote: Good morning all, We are moving our web server from novell to unix (solaris) and will be using samba to allow users to edit web pages. Our samba instance authenticates using ADS and the users do not necessarily have accounts on the server itself. We are attempting to allow users to map a single samba share but only see the directories they have read access to (see configuration below). Any suggestions? We have /www (main share) /www/dir1 /www/dir2 /www/dir3 everyone should map to /www group should see something like dir1 dir2 dir3 group2 dir1 dir2 [www] path = /www read only = yes browseable = no guest ok = no write list= @Domain\All_Editors public = no force user=web hide unreadable=yes [dir1] path = /www/dir1 read only = no browseable = no guest ok = no write list= @Domain\DIR1_Editors public = no force user=web hide unreadable=yes --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Cannot rename subfolders in Explorer view
Samba version : 3.3.2 OS : Ubuntu Jaunty - regular packages from distribution In the version distributed with Intrepid and earlier, users were able to rename subfolders in Explorer view (left-hand pane) in Windows (XP). Permissions on share are set to 777 temporarily - to no effect. Share definition follows: [paperless] path = /paperless/file_room/ read only = No create mask = 07775 #Set temporarily security mask = 07775 # Set temporarily directory mask = 07775 # Set temporarily directory security mask = 07775 #Set temporarily inherit permissions = Yes inherit owner = Yes guest ok = Yes #Set temporarily delete readonly = Yes I've been playing around with this on and off since Jaunty release - manually reverting back to Intrepid packages with each tested Jaunty version. Hopefully someone knows what I'm doing wrong! I can post whatever information is necessary - just let me know what you need. Thank you in advance, -Nick -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba directory level security
Robert, ACLs may be possible. Do I understand correctly that you only have the one share and you still force the user to be the webserver user? From: Robert LeBlanc [mailto:rob...@leblancnet.us] Sent: Tuesday, October 06, 2009 9:12 AM To: Poulter, Dale Cc: samba@lists.samba.org Subject: Re: [Samba] Samba directory level security Is the use of ACLs a possibility? Iv'e explained to someone yesterday how to use ACLs in Samba with ADS. It works very well for us and we are doing exactly what you want except that we only share out the root (www directory in your instance) and control everything using ACLs. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University On Tue, Oct 6, 2009 at 7:03 AM, Poulter, Dale dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu wrote: Good morning all, We are moving our web server from novell to unix (solaris) and will be using samba to allow users to edit web pages. Our samba instance authenticates using ADS and the users do not necessarily have accounts on the server itself. We are attempting to allow users to map a single samba share but only see the directories they have read access to (see configuration below). Any suggestions? We have /www (main share) /www/dir1 /www/dir2 /www/dir3 everyone should map to /www group should see something like dir1 dir2 dir3 group2 dir1 dir2 [www] path = /www read only = yes browseable = no guest ok = no write list= @Domain\All_Editors public = no force user=web hide unreadable=yes [dir1] path = /www/dir1 read only = no browseable = no guest ok = no write list= @Domain\DIR1_Editors public = no force user=web hide unreadable=yes --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ldapsam, smbpasswd and posixAccount
Hi, I have a setup with Samba (3.4) as PDC with ldapsam as backend. LDAP is managed by Samba, no external helper scripts. When I add a new user with smbpasswd -a foo it works fine, user is created and the openldap is populated with samba and posix attributes. Now, when I add a new user to the directory by running ldapadd against a ldif file which contains only posix related attrs, I thought, running smbpasswd -a would add the necessary samba attrs, but that's not the case. I see this problem: $ ldapadd -x -D cn=Manager,dc=tuxgeek,dc=de -f /tmp/posix.ldif -W adding new entry uid=schalke,ou=users,dc=tuxgeek,dc=de $ ldapsearch -xLLL uid=schalke dn: uid=schalke,ou=users,dc=tuxgeek,dc=de uid: schalke objectClass: account objectClass: posixAccount cn: schalke uidNumber: 10100 gidNumber: 10023 homeDirectory: /home/TUXGEEK/schalke loginShell: /bin/bash [r...@tiffy openldap]$ smbpasswd -a schalke New SMB password: Retype new SMB password: ldapsam_create_user: failed to create a new user [schalke] (dn = uid=schalke,ou=users,dc=tuxgeek,dc=de) Failed to add entry for user schalke. This is from the log: sambaAcctFlags objectClass Oct 6 18:05:26 tiffy slapd[5819]: conn=12 op=7 RESULT tag=103 err=20 text=modify/add: uid: value #0 already exists Could anybody shed some light on this? Cheers. Thorsten -- Eternity is a very long time, especially towards the end. — Stephen Hawking smime.p7s Description: S/MIME cryptographic signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Designate one samba server for home directories
I tried it but didn't work. I also tried for the home path, \\remote_smb_server\%U file://remote_smb_server/%25U (replaced remote_smb_server with the actual remote smb servername) but in the log, it says Error was No such file or directory and it puts forward slash in front of it, /\\remote_smb_server\%U in the log... On Sat, Oct 3, 2009 at 8:17 PM, Gary Dale garyd...@rogers.com wrote: Luv Linux wrote: Hello all, I have a few samba servers running winbind that are joined to the AD 2003 domain. Is it possible to designate one samba server to host the users' home directories instead of each one of them? If we have samba1, samba2, and samba3 and designate samba1 to host the home directories and when a user accesses samba 2 either via ssh or as a share, the home directory that the user sees would actually be present on samba1. If this is possible, what changes do I need to make to smb.conf file? Have you tried specifying the server name in the directory name? From the SWAT documentation on homes: Example: //|logon home|/ = |\\remote_smb_server\%U | / -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot rename subfolders in Explorer view
On Tue, Oct 06, 2009 at 10:40:46AM -0400, Nicholas Baldridge wrote: Samba version : 3.3.2 OS : Ubuntu Jaunty - regular packages from distribution In the version distributed with Intrepid and earlier, users were able to rename subfolders in Explorer view (left-hand pane) in Windows (XP). Permissions on share are set to 777 temporarily - to no effect. Share definition follows: [paperless] path = /paperless/file_room/ read only = No create mask = 07775 #Set temporarily security mask = 07775 # Set temporarily directory mask = 07775 # Set temporarily directory security mask = 07775 #Set temporarily inherit permissions = Yes inherit owner = Yes guest ok = Yes #Set temporarily delete readonly = Yes I've been playing around with this on and off since Jaunty release - manually reverting back to Intrepid packages with each tested Jaunty version. Hopefully someone knows what I'm doing wrong! Can you reproduce this with the latest 3.3 release, 3.3.8 ? If so please log a bug with log files and I'll look at this. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ldapsam, smbpasswd and posixAccount
are you loading samba.schema in your slapd.conf? Thorsten Scherf wrote: Hi, I have a setup with Samba (3.4) as PDC with ldapsam as backend. LDAP is managed by Samba, no external helper scripts. When I add a new user with smbpasswd -a foo it works fine, user is created and the openldap is populated with samba and posix attributes. Now, when I add a new user to the directory by running ldapadd against a ldif file which contains only posix related attrs, I thought, running smbpasswd -a would add the necessary samba attrs, but that's not the case. I see this problem: $ ldapadd -x -D cn=Manager,dc=tuxgeek,dc=de -f /tmp/posix.ldif -W adding new entry uid=schalke,ou=users,dc=tuxgeek,dc=de $ ldapsearch -xLLL uid=schalke dn: uid=schalke,ou=users,dc=tuxgeek,dc=de uid: schalke objectClass: account objectClass: posixAccount cn: schalke uidNumber: 10100 gidNumber: 10023 homeDirectory: /home/TUXGEEK/schalke loginShell: /bin/bash [r...@tiffy openldap]$ smbpasswd -a schalke New SMB password: Retype new SMB password: ldapsam_create_user: failed to create a new user [schalke] (dn = uid=schalke,ou=users,dc=tuxgeek,dc=de) Failed to add entry for user schalke. This is from the log: sambaAcctFlags objectClass Oct 6 18:05:26 tiffy slapd[5819]: conn=12 op=7 RESULT tag=103 err=20 text=modify/add: uid: value #0 already exists Could anybody shed some light on this? Cheers. Thorsten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot rename subfolders in Explorer view
*From:* Jeremy Allison j...@samba.org *To:* Nicholas Baldridge nbaldri...@commund.com *Sent:* 10/06/2009 12:59:21 PM -0400 Can you reproduce this with the latest 3.3 release, 3.3.8 ? Yes - in fact for giggles I also tried the latest Karmic packaged version as well (3.4.0 with patches)- both exhibit the same behavior. Renaming top-level directories in Explorer view works fine, subfolders are the only ones to exhibit this problem. If so please log a bug with log files and I'll look at this. Thank you - I certainly will. I appreciate your time and effort. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ldapsam, smbpasswd and posixAccount
On [Tue, 06.10.2009 12:13], Adam Williams wrote: are you loading samba.schema in your slapd.conf? yes. running smbpasswd -a works without any problem when the user doesn't already exists with posix-attrs in LDAP. Thorsten Scherf wrote: Hi, I have a setup with Samba (3.4) as PDC with ldapsam as backend. LDAP is managed by Samba, no external helper scripts. When I add a new user with smbpasswd -a foo it works fine, user is created and the openldap is populated with samba and posix attributes. Now, when I add a new user to the directory by running ldapadd against a ldif file which contains only posix related attrs, I thought, running smbpasswd -a would add the necessary samba attrs, but that's not the case. I see this problem: $ ldapadd -x -D cn=Manager,dc=tuxgeek,dc=de -f /tmp/posix.ldif -W adding new entry uid=schalke,ou=users,dc=tuxgeek,dc=de $ ldapsearch -xLLL uid=schalke dn: uid=schalke,ou=users,dc=tuxgeek,dc=de uid: schalke objectClass: account objectClass: posixAccount cn: schalke uidNumber: 10100 gidNumber: 10023 homeDirectory: /home/TUXGEEK/schalke loginShell: /bin/bash [r...@tiffy openldap]$ smbpasswd -a schalke New SMB password: Retype new SMB password: ldapsam_create_user: failed to create a new user [schalke] (dn = uid=schalke,ou=users,dc=tuxgeek,dc=de) Failed to add entry for user schalke. This is from the log: sambaAcctFlags objectClass Oct 6 18:05:26 tiffy slapd[5819]: conn=12 op=7 RESULT tag=103 err=20 text=modify/add: uid: value #0 already exists Could anybody shed some light on this? Cheers. Thorsten smime.p7s Description: S/MIME cryptographic signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ldapsam, smbpasswd and posixAccount
try smbpasswd -x user, then smbpasswd -a user Thorsten Scherf wrote: On [Tue, 06.10.2009 12:13], Adam Williams wrote: are you loading samba.schema in your slapd.conf? yes. running smbpasswd -a works without any problem when the user doesn't already exists with posix-attrs in LDAP. Thorsten Scherf wrote: Hi, I have a setup with Samba (3.4) as PDC with ldapsam as backend. LDAP is managed by Samba, no external helper scripts. When I add a new user with smbpasswd -a foo it works fine, user is created and the openldap is populated with samba and posix attributes. Now, when I add a new user to the directory by running ldapadd against a ldif file which contains only posix related attrs, I thought, running smbpasswd -a would add the necessary samba attrs, but that's not the case. I see this problem: $ ldapadd -x -D cn=Manager,dc=tuxgeek,dc=de -f /tmp/posix.ldif -W adding new entry uid=schalke,ou=users,dc=tuxgeek,dc=de $ ldapsearch -xLLL uid=schalke dn: uid=schalke,ou=users,dc=tuxgeek,dc=de uid: schalke objectClass: account objectClass: posixAccount cn: schalke uidNumber: 10100 gidNumber: 10023 homeDirectory: /home/TUXGEEK/schalke loginShell: /bin/bash [r...@tiffy openldap]$ smbpasswd -a schalke New SMB password: Retype new SMB password: ldapsam_create_user: failed to create a new user [schalke] (dn = uid=schalke,ou=users,dc=tuxgeek,dc=de) Failed to add entry for user schalke. This is from the log: sambaAcctFlags objectClass Oct 6 18:05:26 tiffy slapd[5819]: conn=12 op=7 RESULT tag=103 err=20 text=modify/add: uid: value #0 already exists Could anybody shed some light on this? Cheers. Thorsten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cannot rename subfolders in Explorer view
On Tue, Oct 06, 2009 at 03:04:03PM -0400, Nicholas Baldridge wrote: From: Jeremy Allison j...@samba.org To: Nicholas Baldridge nbaldri...@commund.com Sent: 10/06/2009 12:59:21 PM -0400 Can you reproduce this with the latest 3.3 release, 3.3.8 ? Yes - in fact for giggles I also tried the latest Karmic packaged version as well (3.4.0 with patches)- both exhibit the same behavior. Renaming top-level directories in Explorer view works fine, subfolders are the only ones to exhibit this problem. If so please log a bug with log files and I'll look at this. Thank you - I certainly will. I appreciate your time and effort. FYI (for the list). This is not reproducible on my systems so I'm looking for a config error. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ldapsam, smbpasswd and posixAccount
On Tuesday 06 October 2009 03:11:29 pm Thorsten Scherf wrote: On [Tue, 06.10.2009 12:13], Adam Williams wrote: are you loading samba.schema in your slapd.conf? yes. running smbpasswd -a works without any problem when the user doesn't already exists with posix-attrs in LDAP. I'm not sure that there's a mechanism to tell smbpasswd that the LDAP user already exists, but without Samba attributes. Since smbpasswd is probably just generating an LDIF and dumping it onto the server instead of using much logic, you'll probably either have to do smbpasswd -a first and then write your own changeType: MODIFY LDIF for POSIX, or use something (like LAM) that does both. Wes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba directory level security
We don't use the force user/group option at all. Whoever writes the file will be the owner. If another user or group should have access to the file, we specify that using the default ACL option. Another reason for this is that we can enforce user and group quotas on the Samba share. On 10/6/09, Poulter, Dale dale.poul...@vanderbilt.edu wrote: Robert, ACLs may be possible. Do I understand correctly that you only have the one share and you still force the user to be the webserver user? From: Robert LeBlanc [mailto:rob...@leblancnet.us] Sent: Tuesday, October 06, 2009 9:12 AM To: Poulter, Dale Cc: samba@lists.samba.org Subject: Re: [Samba] Samba directory level security Is the use of ACLs a possibility? Iv'e explained to someone yesterday how to use ACLs in Samba with ADS. It works very well for us and we are doing exactly what you want except that we only share out the root (www directory in your instance) and control everything using ACLs. Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University On Tue, Oct 6, 2009 at 7:03 AM, Poulter, Dale dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu wrote: Good morning all, We are moving our web server from novell to unix (solaris) and will be using samba to allow users to edit web pages. Our samba instance authenticates using ADS and the users do not necessarily have accounts on the server itself. We are attempting to allow users to map a single samba share but only see the directories they have read access to (see configuration below). Any suggestions? We have /www (main share) /www/dir1 /www/dir2 /www/dir3 everyone should map to /www group should see something like dir1 dir2 dir3 group2 dir1 dir2 [www] path = /www read only = yes browseable = no guest ok = no write list= @Domain\All_Editors public = no force user=web hide unreadable=yes [dir1] path = /www/dir1 read only = no browseable = no guest ok = no write list= @Domain\DIR1_Editors public = no force user=web hide unreadable=yes --Dale --- Dale Poulter Automation Coordinator Library Information Technology Services Vanderbilt University Suite 700 110 21st Avenue South Nashville, TN 37240 (615)343-5388 (615)343-8834 (fax) (615)207-9705 (cell) dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edumailto:dale.poul...@vanderbilt.edu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba directory level security
We don't use the force user/group option at all. Whoever writes the file will be the owner. If another user or group should have access to the file, we specify that using the default ACL option. Another reason for this is that we can enforce user and group quotas on the Samba share. This is the same way I use samba in my department at work. I have no force user or group lines in any of my configuration files. Proper linux ACLs are used to control the access. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
Greetings Harry- Thank you for your continued assistance! Harry Jede wrote: On Dienstag, 6. Oktober 2009 wrote Michael Lueck: For Samba users (real actual users) there is an entry in passwd and group. I would think I can use adduser to set those up, and edit the uid/gid # to match. If you need to edit uid/gid, do not forget to change the uid/gid in your filesystems. Do it separately for uid and gid. It is more safe. I was thinking to create the new uid/gid entries before I restore files from the backup. Thus since ID's are created, made to look the same as the old server, I would think files/dirs would restore properly, including ownership. No? Do you see any problems with this course of action? Yes. The samba passwords (lm and nt hashes) are stored in a separate file. I am sure you will not change the paswords. But be sure, that you do not loose the logical connection with both storage areas (passwd/shadow and smbpasswd). So what is the proper way to create the machine accounts for the Windows boxes? Shall I simply copy/paste the existing entries in passwd/shaow and smbpasswd and do not concern myself copying the password hash from non-login ID's on the new server (shadow file)? Or... ??? Sincerely, -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
So what is the proper way to create the machine accounts for the Windows boxes? Shall I simply copy/paste the existing entries in passwd/shaow and smbpasswd and do not concern myself copying the password hash from non-login ID's on the new server (shadow file)? I think the biggest question is do you really want to create a new uid/gid for everything instead of just using the information from the old server? Every time I have created a new PDC (in the last decade) I have just mirrored the LDAP and did not mess with new incompatible uids/gids John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
John Drescher wrote: Every time I have created a new PDC (in the last decade) I have just mirrored the LDAP and did not mess with new incompatible uids/gids BUT I DO NOT HAVE LDAP in the configuration. aaakkk!!! Let me guess... Have solutions of how to rebuild PDC's if I had LDAP, but since I don't, then no solutions. I have decided for now to keep the Samba PDC's as simple as possible. /etc/passwd, /etc/group, and the plain text smbpasswd. (sigh...) -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Fwd: How to bulk add machine accounts during PDC hardware refresh?
On Tue, Oct 6, 2009 at 6:39 PM, Michael Lueck mlu...@lueckdatasystems.com wrote: John Drescher wrote: Every time I have created a new PDC (in the last decade) I have just mirrored the LDAP and did not mess with new incompatible uids/gids BUT I DO NOT HAVE LDAP in the configuration. aaakkk!!! I know. Just copy the files /etc/passwd /etc/group and the folders /etc/samba /var/lib/samba /var/spool/samba /var/cache/samba John M. Drescher -- John M. Drescher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: How to bulk add machine accounts during PDC hardware refresh?
John Drescher wrote: I know. Just copy the files /etc/passwd /etc/group and the folders /etc/samba /var/lib/samba /var/spool/samba /var/cache/samba So do not mess with the password hashes for machine accounts in /etc/passwd since that hashed password has to match the password in smbpasswd? If so, fffeeewww, now the task sounds doable! ;-) Thanks, -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: How to bulk add machine accounts during PDC hardware refresh?
On Tue, Oct 6, 2009 at 6:49 PM, Michael Lueck mlu...@lueckdatasystems.com wrote: John Drescher wrote: I know. Just copy the files /etc/passwd /etc/group and the folders /etc/samba /var/lib/samba /var/spool/samba /var/cache/samba So do not mess with the password hashes for machine accounts in /etc/passwd since that hashed password has to match the password in smbpasswd? I would not mess with this. If so, fffeeewww, now the task sounds doable! ;-) I am saying it's much easier to copy the working server configuration to a new server than try to recreate the setup. Unless you really want to change the uids and gids. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Log entries with truncated service names
Hi, Situation: I'm seeing lots (~500k per day) of log entries like: smbd[13939]: itlab-pc06 (:::10.51.51.103) couldn't find service it261 In this case, the last character of the request is truncated - it should be it2610 I'm seeing the same/similar issue to http://lists.samba.org/archive/samba/2009-March/147277.html I've dismissed this over the last few weeks as a minor inconvenience, but I'm now convinced that it's affecting the performance of the Windows client machines that are connecting to it - a 30 second operation on local disk, takes upwards of 5 mins over a network connection, generating thousands of entries similar to the above. This isn't unique - over the last 16 business hours (it's in a lab in a university dept.), there have been ~900k similar entries. It's also not just for this particular share, it's on all of the home shares that have been accessed, and also all of the 4 defined shares in smb.conf. Also, it's across many different hosts, and affecting different Windows OS's. My primary testing has been using Windows7 - I have a lab of 33 machines with this OS, but I believe I've also seen this from Windows XP and Vista hosts. Also, it's not restricted to this particular host: Turing (RHEL5) - tried versions samba-3.0.33-3.14.el5 samba3x-3.3.5-0.40.el5 Babbage (RHEL4) exhibits the same, samba-3.0.33-0.17.el4 Babbage which has higher use (in the last 48 hours), has seen a total of 150 different host/service combinations from the logs, across different networks with different clients and different OS's. I've got output from log level = 10 from turing, and I've got a tcpdump from the server end with the communication with one of the machines. Interestingly, the truncated request is visible in wireshark. I'd rather not share the complete set of logs publically on the list, but will send off-list to others (that and they're ~2MB). Please let me know any further debugging steps that are necessary. Thanks, Matthew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Active Directory and Samba as fileserver
We have a Gentoo box running Samba and is a member of the Active Directory domain. This Gentoo box is going to be a fileserver. I want our users to login to their computer using Active Directory for authentication. The computers are all members of the Active Directory domain. I setup Samba to use Winbind. All is working smoothly (ie. wbinfo, smbclient, getent, etc) I can also access the shared drive and login to a machine without a problem using Active Directory accounts. The authentication is working as it should. For some odd reason, I can't figure out how to give permissions to all users the ability to make changes/add new folders on the shared drive. I am getting access denied even when the users or group are valid users of the shared drive per smb.conf. Any help would be greatly appreciated. This is a very similar set up to what I'm running. You will need to make sure the files on the shared drive are owned by AD groups that your users belong to. You will probably also want to force create mode = 664 or the like to ensure files are always group-writable, otherwise people won't be able to edit other people's files in the same group. Without more information on your specific issue it's difficult to suggest anything else. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Dynamic Link Aggregation via Samba
I have run into the following I bonded 6 NICs on my Cent OS server into a 600MB pipe. I use bond method 4 = dynamic Link aggregation. My Cysco Switch supports this apparently. Do you mean your aggregated bandwidth is 600Mbps (megabits/sec) or 600MBps (megabytes/sec)? I'm assuming 6 x 10/100 == 600Mbps. I did these changes and still top out at 53 MB/s however via AFP I am able to get an average of 90MB/s up to tops 103MB/s. It seems really odd that I cannot tweak SMB to utilize the pipe properly. Any ideas on what settings I need to tweak to make this work? I'm afraid I don't know what AFP is, but on a 600Mbps network link your maximum throughput will be ~60MB/sec, so it seems that 53MB/sec isn't that bad. I'm not sure how you can get 100+MB/sec as that's gigabit speed. You could use a program like ttcp to verify how much data you can move over your network link, and a program like Bonnie to see how much data you can read off your disk. If you have slow disks it won't matter how much network bandwidth you have available. (Unless you share a tmpfs filesystem over Samba for testing.) Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Log entries with truncated service names
On 10/06/2009 08:55 PM, Matthew Dickinson wrote: Hi, Situation: I'm seeing lots (~500k per day) of log entries like: smbd[13939]: itlab-pc06 (:::10.51.51.103) couldn't find service it261 In this case, the last character of the request is truncated - it should be it2610 I'm seeing the same/similar issue to http://lists.samba.org/archive/samba/2009-March/147277.html I've dismissed this over the last few weeks as a minor inconvenience, but I'm now convinced that it's affecting the performance of the Windows client machines that are connecting to it - a 30 second operation on local disk, takes upwards of 5 mins over a network connection, generating thousands of entries similar to the above. This isn't unique - over the last 16 business hours (it's in a lab in a university dept.), there have been ~900k similar entries. It's also not just for this particular share, it's on all of the home shares that have been accessed, and also all of the 4 defined shares in smb.conf. Also, it's across many different hosts, and affecting different Windows OS's. My primary testing has been using Windows7 - I have a lab of 33 machines with this OS, but I believe I've also seen this from Windows XP and Vista hosts. Also, it's not restricted to this particular host: Turing (RHEL5) - tried versions samba-3.0.33-3.14.el5 samba3x-3.3.5-0.40.el5 Babbage (RHEL4) exhibits the same, samba-3.0.33-0.17.el4 Babbage which has higher use (in the last 48 hours), has seen a total of 150 different host/service combinations from the logs, across different networks with different clients and different OS's. I've got output from log level = 10 from turing, and I've got a tcpdump from the server end with the communication with one of the machines. Interestingly, the truncated request is visible in wireshark. I'd rather not share the complete set of logs publically on the list, but will send off-list to others (that and they're ~2MB). Please let me know any further debugging steps that are necessary. Thanks, Matthew Please file a bug report on https://bugzilla.samba.org and upload the logfiles as part of the bug report. Also, please provide as much info as necessary so that one of the Samba developers can reproduce the problem. Thanks. - John Terpstra -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Sambauser can't use his homeshare but other shares - smb.conf
Hi Dale, Hi Samba-List, i have tried your suggestion but it doesn't work. I've got the same error. My posix permissions on the filesystem are correct. Here is my #ls -lha output: r...@mounteverest:/data/shares# ls -lah total 53K drwxr-xr-x 14 administrator root 4.0K 2009-10-01 09:40 . drwxr-xr-x 4 root root 4.0K 2009-09-19 09:32 .. drwxr-x--- 3 root root 4.0K 2009-09-18 11:45 admin drwxr-x--- 4 root root 4.0K 2009-09-19 09:07 backup drwx-- 3 administrator root 1.0K 2009-04-22 17:17 ebs drwxr-s--- 24 administrator dir_home 4.0K 2009-10-01 11:30 home drwxrws--- 25 administrator dir_nobackup 4.0K 2009-10-05 16:49 nobackup drwxrws--- 11 administrator dir_public4.0K 2009-03-17 08:20 public drwxrws--- 19 administrator dir_security 4.0K 2007-05-19 08:06 security administrator und the dir_*-Groups are from the Active Directory. Here something from my logfile: [2009/10/07 07:22:37, 3] smbd/password.c:register_vuid(304) User name: nobody Real name: nobody [2009/10/07 07:22:37, 3] smbd/password.c:register_vuid(325) UNIX uid 65534 is UNIX user nobody, and will be vuid 101 ... [2009/10/07 07:22:37, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0 [2009/10/07 07:22:37, 3] smbd/service.c:make_connection_snum(1033) winxpnotebook (192.168.2.26) connect to service IPC$ initially as user nobody (uid=65534, gid=65534) (pid 8613) Any other ideas? -Ursprüngliche Nachricht- Von: Dale Schroeder [mailto:d...@briannassaladdressing.com] Gesendet: Dienstag, 6. Oktober 2009 15:32 An: Mario Constanti Betreff: Re: [Samba] Sambauser can't use his homeshare but other shares - smb.conf Mario, I would try this in [homes] 1. Do not use the force group parameter. 2. Add valid users = EXAMPLE+%S You shouldn't have to declare the path again because you already set it in template homedir, but you can leave it if desired. Your other settings appear to be quite reasonable, and should not cause any problems. I have assumed that your posix permissions are correct for EXAMPLE+mario and EXAMPLE+dir_home to navigate the entire /data/shares/home path. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Tue Oct 6 06:00:03 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-10-05 00:00:03.0 -0600 +++ /home/build/master/cache/broken_results.txt 2009-10-06 00:00:09.0 -0600 @@ -1,4 +1,4 @@ -Build status as of Mon Oct 5 06:00:02 2009 +Build status as of Tue Oct 6 06:00:03 2009 Build counts: Tree Total Broken Panic @@ -14,7 +14,7 @@ samba-docs 0 0 0 samba-web0 0 0 samba_3_current 22 20 0 -samba_3_master 23 22 5 +samba_3_master 23 23 5 samba_3_next 23 22 0 samba_4_0_test 25 25 1 talloc 2 2 0
[SCM] CTDB repository - branch master updated - ctdb-1.0.92-11-ge77bf57
The branch, master has been updated
via e77bf5708df6782b4516f698b9981a1d27e2f10b (commit)
via deed52b7e4aac94b4d11a8d89d08739e1dfd4ed7 (commit)
via 7d91de8a837a12082c343980428153720dcad741 (commit)
via 22f0065cd6b66fa0f623f465aaca98883955ac79 (commit)
from 789703ea684717781c176fd3a2a24d96abde220b (commit)
http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master
- Log -
commit e77bf5708df6782b4516f698b9981a1d27e2f10b
Author: Ronnie Sahlberg ronniesahlb...@gmail.com
Date: Tue Oct 6 17:05:14 2009 +1100
version 1.0.93
commit deed52b7e4aac94b4d11a8d89d08739e1dfd4ed7
Author: Ronnie Sahlberg ronniesahlb...@gmail.com
Date: Tue Oct 6 16:09:24 2009 +1100
update natgw eventscript to allow you to fore it to update and / or to
remove the configuration at runtime
commit 7d91de8a837a12082c343980428153720dcad741
Merge: 22f0065cd6b66fa0f623f465aaca98883955ac79
789703ea684717781c176fd3a2a24d96abde220b
Author: Martin Schwenke mar...@meltin.net
Date: Tue Oct 6 13:39:31 2009 +1100
Merge commit 'origin/master'
commit 22f0065cd6b66fa0f623f465aaca98883955ac79
Author: Martin Schwenke mar...@meltin.net
Date: Tue Oct 6 13:38:00 2009 +1100
Document CTDB_NODES_FILE environment variable used by onnode.
Signed-off-by: Martin Schwenke mar...@meltin.net
---
Summary of changes:
config/events.d/11.natgw |4 ++--
doc/onnode.1 | 13 ++---
doc/onnode.1.html| 22 +-
doc/onnode.1.xml | 22 +++---
packaging/RPM/ctdb.spec | 12 +++-
5 files changed, 55 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/config/events.d/11.natgw b/config/events.d/11.natgw
index bd31197..001b17b 100644
--- a/config/events.d/11.natgw
+++ b/config/events.d/11.natgw
@@ -37,7 +37,7 @@ case $cmd in
ctdb setnatgwstate on
;;
- recovered)
+ recovered|updatenatgw)
MYPNN=`ctdb pnn | cut -d: -f2`
NATGWMASTER=`ctdb natgwlist | head -1 | sed -e s/ .*//`
NATGWIP=`ctdb natgwlist | head -1 | sed -e s/^[^ ]* *//`
@@ -71,7 +71,7 @@ case $cmd in
echo 1 /proc/sys/net/ipv4/route/flush
;;
- shutdown)
+ shutdown|removenatgw)
delete_all
;;
diff --git a/doc/onnode.1 b/doc/onnode.1
index 44b8aad..fe86a57 100644
--- a/doc/onnode.1
+++ b/doc/onnode.1
@@ -2,12 +2,12 @@
.\ Title: onnode
.\Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\ Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/
-.\ Date: 09/08/2009
+.\ Date: 10/06/2009
.\Manual: [FIXME: manual]
.\Source: [FIXME: source]
.\ Language: English
.\
-.TH ONNODE 1 09/08/2009 [FIXME: source] [FIXME: manual]
+.TH ONNODE 1 10/06/2009 [FIXME: source] [FIXME: manual]
.\ -
.\ * set default formatting
.\ -
@@ -152,11 +152,18 @@ The following command would run \./foo in the current
working directory, in par
.if n \{\
.RE
.\}
+.SH ENVIRONMENT
+.PP
+\fBCTDB_NODES_FILE\fR
+.RS 4
+Name of alternative nodes file to use instead of
+/etc/ctdb/nodes\.
+.RE
.SH FILES
.PP
/etc/ctdb/nodes
.RS 4
-Contains a list of each node\'s IP address or hostname\.
+Default file containing a list of each node\'s IP address or hostname\.
.RE
.PP
/etc/ctdb/onnode\.conf
diff --git a/doc/onnode.1.html b/doc/onnode.1.html
index c662d7c..c8e3157 100644
--- a/doc/onnode.1.html
+++ b/doc/onnode.1.html
@@ -1,4 +1,4 @@
-htmlheadmeta http-equiv=Content-Type content=text/html;
charset=ISO-8859-1titleonnode/titlemeta name=generator
content=DocBook XSL Stylesheets V1.75.2/headbody bgcolor=white
text=black link=#FF vlink=#840084 alink=#FFdiv
class=refentry title=onnodea name=onnode.1/adiv
class=titlepage/divdiv class=refnamedivh2Name/h2ponnode #8212;
run commands on ctdb nodes/p/divdiv class=refsynopsisdiv
title=Synopsish2Synopsis/h2div class=cmdsynopsispcode
class=commandonnode [OPTION] ... NODES COMMAND .../code
/p/div/divdiv class=refsect1 title=DESCRIPTIONa
name=id2998330/ah2DESCRIPTION/h2p
+htmlheadmeta http-equiv=Content-Type content=text/html;
charset=ISO-8859-1titleonnode/titlemeta name=generator
content=DocBook XSL Stylesheets V1.75.2/headbody bgcolor=white
text=black link=#FF vlink=#840084 alink=#FFdiv
class=refentry title=onnodea name=onnode.1/adiv
class=titlepage/divdiv class=refnamedivh2Name/h2ponnode #8212;
run commands on ctdb nodes/p/divdiv class=refsynopsisdiv
title=Synopsish2Synopsis/h2div class=cmdsynopsispcode
class=commandonnode [OPTION] ... NODES COMMAND .../code
/p/div/divdiv class=refsect1 title=DESCRIPTIONa
name=id2711756/ah2DESCRIPTION/h2p
onnode is a utility to run commands on a
[SCM] CTDB repository - annotated tag ctdb-1.0.93 created - ctdb-1.0.93
The annotated tag, ctdb-1.0.93 has been created at a5d3a20c78d7b727e1822aa2c60820bb53eb3ccf (tag) tagging e77bf5708df6782b4516f698b9981a1d27e2f10b (commit) replaces ctdb-1.0.92 tagged by Ronnie Sahlberg on Tue Oct 6 17:06:11 2009 +1100 - Log - tag for 1.0.93 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBKyt5i2aJ36aon/y8RAk2jAKCE7JwidgegdIPC7pyYzMDeNbR+BwCggO/J TkHXHOE7W4vCT5Zsy1B9wRs= =LLQX -END PGP SIGNATURE- Martin Schwenke (2): Document CTDB_NODES_FILE environment variable used by onnode. Merge commit 'origin/master' Ronnie Sahlberg (9): When adding a public ip to a node, make sure to push the assignment of ip addresses out to all nodes so all nodes become aware who currently holds the ip. allocate takeoverip state as a child of vnn and also make the takeocerip context a child of vnn add a new function to collect a list of all active nodes EXCEPT a certain node change some loglevels and also pront the pnn of the ip for takeip/releaseip logging update addip/moveip/delip to make it less likely to trigger an accidental recovery add a new message to ask the recovery daemon to temporarily disable checking ip address consistency. always send the release/take ip controls to make sure all nodes are updated update natgw eventscript to allow you to fore it to update and / or to remove the configuration at runtime version 1.0.93 --- -- CTDB repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-996-ga44030f
The branch, master has been updated
via a44030fc10217940c94a927c3d0988648058e0e2 (commit)
via 0285d568c55410f3e2a5cfda5693873be2841151 (commit)
via f800d4998dc5cfa1e8ed2639dc334add78ceaea5 (commit)
via a021d5513846968c54d6e065dbcb25948418676f (commit)
via 9c1e230bc217e7d1ce0ef713a17982a8536584a1 (commit)
via b43479741a3d9ae1abb91a5297a36f9d5e6d864b (commit)
from 40b09f689bea23eaa6dbaa3e29b0a91adcd06a53 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a44030fc10217940c94a927c3d0988648058e0e2
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 18:59:47 2009 +1100
s4-drs: added some debug lines to DsAddEntry()
commit 0285d568c55410f3e2a5cfda5693873be2841151
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 18:59:30 2009 +1100
s4-drs: take advantage of system session auth in dsbind
Now that the bind opens samdb with the right credentials, we no longer
need the re-open in updaterefs and getncchanges
commit f800d4998dc5cfa1e8ed2639dc334add78ceaea5
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 18:58:41 2009 +1100
s4-drs: fixed error message for drs_security_level_check
commit a021d5513846968c54d6e065dbcb25948418676f
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 18:58:13 2009 +1100
s4-drs: open samdb with system credentials when authorised
When a DC connects to DRS, open the samdb with system session
credentials, so that we don't have to re-open it each time on other
calls.
commit 9c1e230bc217e7d1ce0ef713a17982a8536584a1
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 18:57:06 2009 +1100
s4-ldb: fixed error on single value error
When you try to add a 2nd value to a single valued attribute you get
LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS. w2k8-r2 join to s4 relies on this
error, doing a replace after it sees the error
commit b43479741a3d9ae1abb91a5297a36f9d5e6d864b
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 18:55:14 2009 +1100
s4-repl: added RELAX control and fix transactions
Added the RELAX control to dsdb_origin_objects_commit(), as it needs
to modify system objects. This patch also fixes the use of ldb
transactions in that function, and fixes a memory leak.
---
Summary of changes:
source4/dsdb/repl/replicated_objects.c | 65 +++---
source4/lib/ldb/ldb_tdb/ldb_tdb.c |2 +-
source4/rpc_server/drsuapi/addentry.c |3 +
source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 15 ++-
source4/rpc_server/drsuapi/drsutil.c|4 +-
source4/rpc_server/drsuapi/getncchanges.c | 33 -
source4/rpc_server/drsuapi/updaterefs.c | 29 +---
7 files changed, 99 insertions(+), 52 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/repl/replicated_objects.c
b/source4/dsdb/repl/replicated_objects.c
index 5d7ae11..9877803 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -424,35 +424,78 @@ WERROR dsdb_origin_objects_commit(struct ldb_context *ldb,
return WERR_OK;
}
+ ret = ldb_transaction_start(ldb);
+ if (ret != LDB_SUCCESS) {
+ return WERR_DS_INTERNAL_FAILURE;
+ }
+
objects = talloc_array(mem_ctx, struct ldb_message *,
num_objects);
- W_ERROR_HAVE_NO_MEMORY(objects);
+ if (objects == NULL) {
+ status = WERR_NOMEM;
+ goto cancel;
+ }
for (i=0, cur = first_object; cur; cur = cur-next_object, i++) {
status = dsdb_convert_object(ldb, schema,
cur, objects, objects[i]);
- W_ERROR_NOT_OK_RETURN(status);
+ if (!W_ERROR_IS_OK(status)) {
+ goto cancel;
+ }
}
- ids = talloc_array(mem_ctx,
+ ids = talloc_array(objects,
struct drsuapi_DsReplicaObjectIdentifier2,
num_objects);
- W_ERROR_HAVE_NO_MEMORY(objects);
+ if (ids == NULL) {
+ status = WERR_NOMEM;
+ goto cancel;
+ }
for (i=0; i num_objects; i++) {
struct dom_sid *sid = NULL;
+ struct ldb_request *add_req;
DEBUG(6,(__location__ : adding %s\n,
ldb_dn_get_linearized(objects[i]-dn)));
+
+ ret = ldb_build_add_req(add_req,
+ ldb,
+ objects,
+ objects[i],
+ NULL,
+ NULL,
+
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-998-gd26016c
The branch, master has been updated
via d26016c19854142c1e5fbb5a3bfc40e7e4b1c616 (commit)
via 33347d783aa5aaae3eb90777b06412cbb2cbeca3 (commit)
from a44030fc10217940c94a927c3d0988648058e0e2 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d26016c19854142c1e5fbb5a3bfc40e7e4b1c616
Author: ronnie sahlberg ronniesahlb...@gmail.com
Date: Tue Oct 6 17:49:59 2009 +1100
PIDL fix for using external types with wireshark backend
List,
Please review this patch to pidl.
Basically, we need to process the wireshark conformance file BEFORE
we process the idl file since this file may define external types
and set the alignment for them (using the TYPE directive).
Otherwise pidl will default all external types to use 4byte alignment
which breaks (much more often) on NDR64
regards
ronnie sahlberg
From 8f86903fc353d0906bd82e72ce19c5af09beb001 Mon Sep 17 00:00:00 2001
From: Ronnie Sahlberg ronniesahlb...@gmail.com
Date: Mon, 5 Oct 2009 15:22:43 +1100
Subject: [PATCH] In the PIDL wireshark backend, we define external types in
the conformance
file using the TYPE directive.
If we declare external types here, we must parse this file before we
process
the IDL file, or else these external types will all default to 4byte
padding
(pidl assumes all unknown types are 4byte aligned).
Make sure we read the conformance file and create these new types before
we parse the idl file.
Signed-off-by: Ronnie Sahlberg ronniesahlb...@gmail.com
commit 33347d783aa5aaae3eb90777b06412cbb2cbeca3
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 19:05:15 2009 +1100
s4-provision: match win2003 functional level
We are now defaulting to win2003 functional level, and see to report
the right revisions of our db and schema
---
Summary of changes:
pidl/lib/Parse/Pidl/NDR.pm|2 ++
pidl/lib/Parse/Pidl/Wireshark/Conformance.pm | 12
pidl/lib/Parse/Pidl/Wireshark/NDR.pm |4 ++--
pidl/pidl | 13 -
source4/setup/provision.ldif |2 +-
source4/setup/provision_configuration.ldif|4 ++--
source4/setup/provision_schema_basedn_modify.ldif |2 +-
7 files changed, 32 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/pidl/lib/Parse/Pidl/NDR.pm
index 7c0f7bb..48a4ccb 100644
--- a/pidl/lib/Parse/Pidl/NDR.pm
+++ b/pidl/lib/Parse/Pidl/NDR.pm
@@ -406,6 +406,8 @@ sub align_type($)
if ($dt-{TYPE} eq TYPEDEF) {
return align_type($dt-{DATA});
+ } elsif ($dt-{TYPE} eq CONFORMANCE) {
+ return $dt-{DATA}-{ALIGN};
} elsif ($dt-{TYPE} eq ENUM) {
return align_type(Parse::Pidl::Typelist::enum_type_fn($dt));
} elsif ($dt-{TYPE} eq BITMAP) {
diff --git a/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm
b/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm
index 5c37b4a..1dec647 100644
--- a/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm
+++ b/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm
@@ -110,6 +110,7 @@ use strict;
use Parse::Pidl qw(fatal warning error);
use Parse::Pidl::Util qw(has_property);
+use Parse::Pidl::Typelist qw(addType);
sub handle_type($$)
{
@@ -149,6 +150,17 @@ sub handle_type($$)
VALSSTRING = $valsstring,
ALIGNMENT = $alignment
};
+
+ addType({
+ NAME = $name,
+ TYPE = CONFORMANCE,
+ BASEFILE = conformance file,
+ DATA = {
+ NAME = $name,
+ TYPE = CONFORMANCE,
+ ALIGN = $alignment
+ }
+ });
}
sub handle_tfs($)
diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
index a9ad555..e13e144 100644
--- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
+++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
@@ -1,5 +1,5 @@
##
-# Samba4 NDR parser generator for IDL structures
+# Wireshark NDR parser generator for IDL structures
# Copyright tri...@samba.org 2000-2003
# Copyright t...@samba.org 2001,2005
# Copyright jel...@samba.org 2004-2007
@@ -895,7 +895,7 @@ sub Initialize($$)
sub Parse($)
{
my($self,$ndr,$idl_file,$h_filename,$cnf_file) = @_;
-
+
$self-Initialize($cnf_file);
return (undef, undef) if
defined($self-{conformance}-{noemit_dissector});
diff --git a/pidl/pidl b/pidl/pidl
index bc0bb35..d0623a0 100755
--- a/pidl/pidl
+++ b/pidl/pidl
@@ -653,7 +653,18 @@ sub process_file($)
$pidl = Parse::Pidl::ODL::ODL2IDL($pidl,
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-999-ge9f1264
The branch, master has been updated
via e9f126421d21a66cc695039f798d252e9f98fef9 (commit)
from d26016c19854142c1e5fbb5a3bfc40e7e4b1c616 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e9f126421d21a66cc695039f798d252e9f98fef9
Author: Ronnie Sahlberg ronniesahlb...@gmail.com
Date: Sun Oct 4 16:57:57 2009 +1100
add trailer alignment to structures
---
Summary of changes:
pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 14 ++
1 files changed, 14 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
index e13e144..b8adf2d 100644
--- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
+++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
@@ -545,6 +545,9 @@ sub Struct()
$self-indent;
$self-pidl_code(proto_item *item = NULL;);
$self-pidl_code(proto_tree *tree = NULL;);
+ if ($e-{ALIGN} 1) {
+ $self-pidl_code(dcerpc_info *di = pinfo-private_data;);
+ }
$self-pidl_code(int old_offset;);
$self-pidl_code();
@@ -565,6 +568,15 @@ sub Struct()
$self-pidl_code(\n$res);
$self-pidl_code(proto_item_set_len(item, offset-old_offset);\n);
+ if ($e-{ALIGN} 1) {
+ $self-pidl_code();
+ $self-pidl_code(if (di-call_data-flags DCERPC_IS_NDR64)
{);
+ $self-indent;
+ $self-pidl_code(ALIGN_TO_$e-{ALIGN}_BYTES;);
+ $self-deindent;
+ $self-pidl_code(});
+ }
+ $self-pidl_code();
$self-pidl_code(return offset;);
$self-deindent;
$self-pidl_code(}\n);
@@ -634,6 +646,8 @@ sub Union()
$self-pidl_code(switch(level) {$res\t});
$self-pidl_code(proto_item_set_len(item, offset-old_offset);\n);
+ $self-pidl_code();
+
$self-pidl_code(return offset;);
$self-deindent;
$self-pidl_code(});
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1001-gc344bf0
The branch, master has been updated
via c344bf0184be484fff8bb5ed93b5c2ca6de58611 (commit)
via 0c2fc9eedf241746067d1625f643c894bfa11394 (commit)
from e9f126421d21a66cc695039f798d252e9f98fef9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c344bf0184be484fff8bb5ed93b5c2ca6de58611
Author: Günther Deschner g...@samba.org
Date: Mon Oct 5 17:05:38 2009 +0200
s3-winbindd: make sure to reset connections when machine account password
change chain was broken.
Guenther
commit 0c2fc9eedf241746067d1625f643c894bfa11394
Author: Günther Deschner g...@samba.org
Date: Mon Oct 5 17:04:52 2009 +0200
s3-netlogon: setup NETLOGON credential chain in
rpccli_netlogon_set_trust_password() only when needed.
Guenther
---
Summary of changes:
source3/rpc_client/cli_netlogon.c | 27 ++-
source3/winbindd/winbindd_dual.c |8
2 files changed, 22 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_client/cli_netlogon.c
b/source3/rpc_client/cli_netlogon.c
index 911a50f..6caffd7 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -518,19 +518,20 @@ NTSTATUS rpccli_netlogon_set_trust_password(struct
rpc_pipe_client *cli,
uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
struct netr_Authenticator clnt_creds, srv_cred;
- result = rpccli_netlogon_setup_creds(cli,
-cli-desthost, /* server name */
-lp_workgroup(), /* domain */
-global_myname(), /* client name */
-global_myname(), /* machine
account name */
-orig_trust_passwd_hash,
-sec_channel_type,
-neg_flags);
-
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(3,(rpccli_netlogon_set_trust_password: unable to setup
creds (%s)!\n,
-nt_errstr(result)));
- return result;
+ if (!cli-dc) {
+ result = rpccli_netlogon_setup_creds(cli,
+cli-desthost, /* server
name */
+lp_workgroup(), /* domain
*/
+global_myname(), /* client
name */
+global_myname(), /*
machine account name */
+orig_trust_passwd_hash,
+sec_channel_type,
+neg_flags);
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(3,(rpccli_netlogon_set_trust_password: unable to
setup creds (%s)!\n,
+nt_errstr(result)));
+ return result;
+ }
}
netlogon_creds_client_authenticator(cli-dc, clnt_creds);
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index edf784c..a832451 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1100,6 +1100,14 @@ static void machine_password_change_handler(struct
event_context *ctx,
DEBUG(10,(machine_password_change_handler:
failed to change machine password: %s\n,
nt_errstr(result)));
+ if (NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) ) {
+ DEBUG(3,(machine_password_change_handler: password set
returned
+ ACCESS_DENIED. Maybe the trust account
+ password was changed and we didn't know it.
+ Killing connections to domain %s\n,
+ child-domain-name));
+ invalidate_cm_connection(child-domain-conn);
+ }
} else {
DEBUG(10,(machine_password_change_handler:
successfully changed machine password\n));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated - tevent-0-9-8-951-g2a9accd
The branch, v3-5-test has been updated
via 2a9accd85e992798ee36cb1ea74ed06f5379be3d (commit)
via d76c914adc17e4374c9e21b6733514fd7ad9bdac (commit)
from 2fa98946d9eb3d0b6973dfaeadc55c8112ec30e1 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -
commit 2a9accd85e992798ee36cb1ea74ed06f5379be3d
Author: Günther Deschner g...@samba.org
Date: Mon Oct 5 17:05:38 2009 +0200
s3-winbindd: make sure to reset connections when machine account password
change chain was broken.
Guenther
(cherry picked from commit c344bf0184be484fff8bb5ed93b5c2ca6de58611)
commit d76c914adc17e4374c9e21b6733514fd7ad9bdac
Author: Günther Deschner g...@samba.org
Date: Mon Oct 5 17:04:52 2009 +0200
s3-netlogon: setup NETLOGON credential chain in
rpccli_netlogon_set_trust_password() only when needed.
Guenther
(cherry picked from commit 0c2fc9eedf241746067d1625f643c894bfa11394)
---
Summary of changes:
source3/rpc_client/cli_netlogon.c | 27 ++-
source3/winbindd/winbindd_dual.c |8
2 files changed, 22 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_client/cli_netlogon.c
b/source3/rpc_client/cli_netlogon.c
index 911a50f..6caffd7 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -518,19 +518,20 @@ NTSTATUS rpccli_netlogon_set_trust_password(struct
rpc_pipe_client *cli,
uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
struct netr_Authenticator clnt_creds, srv_cred;
- result = rpccli_netlogon_setup_creds(cli,
-cli-desthost, /* server name */
-lp_workgroup(), /* domain */
-global_myname(), /* client name */
-global_myname(), /* machine
account name */
-orig_trust_passwd_hash,
-sec_channel_type,
-neg_flags);
-
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(3,(rpccli_netlogon_set_trust_password: unable to setup
creds (%s)!\n,
-nt_errstr(result)));
- return result;
+ if (!cli-dc) {
+ result = rpccli_netlogon_setup_creds(cli,
+cli-desthost, /* server
name */
+lp_workgroup(), /* domain
*/
+global_myname(), /* client
name */
+global_myname(), /*
machine account name */
+orig_trust_passwd_hash,
+sec_channel_type,
+neg_flags);
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(3,(rpccli_netlogon_set_trust_password: unable to
setup creds (%s)!\n,
+nt_errstr(result)));
+ return result;
+ }
}
netlogon_creds_client_authenticator(cli-dc, clnt_creds);
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index edf784c..a832451 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1100,6 +1100,14 @@ static void machine_password_change_handler(struct
event_context *ctx,
DEBUG(10,(machine_password_change_handler:
failed to change machine password: %s\n,
nt_errstr(result)));
+ if (NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) ) {
+ DEBUG(3,(machine_password_change_handler: password set
returned
+ ACCESS_DENIED. Maybe the trust account
+ password was changed and we didn't know it.
+ Killing connections to domain %s\n,
+ child-domain-name));
+ invalidate_cm_connection(child-domain-conn);
+ }
} else {
DEBUG(10,(machine_password_change_handler:
successfully changed machine password\n));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1002-gac774c4
The branch, master has been updated
via ac774c49691b08fa90121d5bd008618cfd4405e7 (commit)
from c344bf0184be484fff8bb5ed93b5c2ca6de58611 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit ac774c49691b08fa90121d5bd008618cfd4405e7
Author: Abhidnya P Chirmule achir...@in.ibm.com
Date: Tue Oct 6 17:14:56 2009 +0200
s3: Add access_mask to the flock VFS call
---
Summary of changes:
source3/include/proto.h |2 +-
source3/include/vfs.h|6 --
source3/include/vfs_macros.h |8
source3/lib/system.c |2 +-
source3/modules/onefs_open.c |2 +-
source3/modules/vfs_default.c|4 ++--
source3/modules/vfs_full_audit.c |4 ++--
source3/modules/vfs_gpfs.c |6 +++---
source3/smbd/open.c |2 +-
source3/smbd/vfs.c |6 --
10 files changed, 23 insertions(+), 19 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index c8e4fe1..d31483a 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -937,7 +937,7 @@ SMB_OFF_T sys_ftell(FILE *fp);
int sys_creat(const char *path, mode_t mode);
int sys_open(const char *path, int oflag, mode_t mode);
FILE *sys_fopen(const char *path, const char *type);
-void kernel_flock(int fd, uint32 share_mode);
+void kernel_flock(int fd, uint32 share_mode, uint32 access_mask);
SMB_STRUCT_DIR *sys_opendir(const char *name);
SMB_STRUCT_DIRENT *sys_readdir(SMB_STRUCT_DIR *dirp);
void sys_seekdir(SMB_STRUCT_DIR *dirp, long offset);
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index ed49d1f..f9c1f0a 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -247,7 +247,8 @@ struct vfs_fn_pointers {
struct smb_file_time *ft);
int (*ftruncate)(struct vfs_handle_struct *handle, struct files_struct
*fsp, SMB_OFF_T offset);
bool (*lock)(struct vfs_handle_struct *handle, struct files_struct
*fsp, int op, SMB_OFF_T offset, SMB_OFF_T count, int type);
- int (*kernel_flock)(struct vfs_handle_struct *handle, struct
files_struct *fsp, uint32 share_mode);
+ int (*kernel_flock)(struct vfs_handle_struct *handle, struct
files_struct *fsp,
+ uint32 share_mode, uint32_t access_mask);
int (*linux_setlease)(struct vfs_handle_struct *handle, struct
files_struct *fsp, int leasetype);
bool (*getlock)(struct vfs_handle_struct *handle, struct files_struct
*fsp, SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid);
int (*symlink)(struct vfs_handle_struct *handle, const char *oldpath,
const char *newpath);
@@ -598,7 +599,8 @@ bool smb_vfs_call_lock(struct vfs_handle_struct *handle,
struct files_struct *fsp, int op, SMB_OFF_T offset,
SMB_OFF_T count, int type);
int smb_vfs_call_kernel_flock(struct vfs_handle_struct *handle,
- struct files_struct *fsp, uint32 share_mode);
+ struct files_struct *fsp, uint32 share_mode,
+ uint32_t access_mask);
int smb_vfs_call_linux_setlease(struct vfs_handle_struct *handle,
struct files_struct *fsp, int leasetype);
bool smb_vfs_call_getlock(struct vfs_handle_struct *handle,
diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h
index 8ca7f37..7206bf4 100644
--- a/source3/include/vfs_macros.h
+++ b/source3/include/vfs_macros.h
@@ -250,10 +250,10 @@
#define SMB_VFS_NEXT_LOCK(handle, fsp, op, offset, count, type) \
smb_vfs_call_lock((handle)-next, (fsp), (op), (offset), (count),
(type))
-#define SMB_VFS_KERNEL_FLOCK(fsp, share_mode) \
- smb_vfs_call_kernel_flock((fsp)-conn-vfs_handles, (fsp), (share_mode))
-#define SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode) \
- smb_vfs_call_kernel_flock((handle)-next, (fsp), (share_mode))
+#define SMB_VFS_KERNEL_FLOCK(fsp, share_mode, access_mask) \
+ smb_vfs_call_kernel_flock((fsp)-conn-vfs_handles, (fsp),
(share_mode), (access_mask))
+#define SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode, access_mask)
\
+ smb_vfs_call_kernel_flock((handle)-next, (fsp), (share_mode),
(access_mask))
#define SMB_VFS_LINUX_SETLEASE(fsp, leasetype) \
smb_vfs_call_linux_setlease((fsp)-conn-vfs_handles, (fsp),
(leasetype))
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 2c6894f..f9cd4a2 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -702,7 +702,7 @@ FILE *sys_fopen(const char *path, const char *type)
A flock() wrapper that will perform the kernel flock.
/
-void kernel_flock(int fd, uint32 share_mode)
+void
[SCM] Samba Shared Repository - branch v3-5-test updated - tevent-0-9-8-952-g763c95c
The branch, v3-5-test has been updated
via 763c95c145b6313a1460a7e45685a7f966e8bd4d (commit)
from 2a9accd85e992798ee36cb1ea74ed06f5379be3d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -
commit 763c95c145b6313a1460a7e45685a7f966e8bd4d
Author: Abhidnya P Chirmule achir...@in.ibm.com
Date: Tue Oct 6 17:14:56 2009 +0200
s3: Add access_mask to the flock VFS call
---
Summary of changes:
source3/include/proto.h |2 +-
source3/include/vfs.h|6 --
source3/include/vfs_macros.h |8
source3/lib/system.c |2 +-
source3/modules/onefs_open.c |2 +-
source3/modules/vfs_default.c|4 ++--
source3/modules/vfs_full_audit.c |4 ++--
source3/modules/vfs_gpfs.c |6 +++---
source3/smbd/open.c |2 +-
source3/smbd/vfs.c |6 --
10 files changed, 23 insertions(+), 19 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index c8e4fe1..d31483a 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -937,7 +937,7 @@ SMB_OFF_T sys_ftell(FILE *fp);
int sys_creat(const char *path, mode_t mode);
int sys_open(const char *path, int oflag, mode_t mode);
FILE *sys_fopen(const char *path, const char *type);
-void kernel_flock(int fd, uint32 share_mode);
+void kernel_flock(int fd, uint32 share_mode, uint32 access_mask);
SMB_STRUCT_DIR *sys_opendir(const char *name);
SMB_STRUCT_DIRENT *sys_readdir(SMB_STRUCT_DIR *dirp);
void sys_seekdir(SMB_STRUCT_DIR *dirp, long offset);
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index ed49d1f..f9c1f0a 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -247,7 +247,8 @@ struct vfs_fn_pointers {
struct smb_file_time *ft);
int (*ftruncate)(struct vfs_handle_struct *handle, struct files_struct
*fsp, SMB_OFF_T offset);
bool (*lock)(struct vfs_handle_struct *handle, struct files_struct
*fsp, int op, SMB_OFF_T offset, SMB_OFF_T count, int type);
- int (*kernel_flock)(struct vfs_handle_struct *handle, struct
files_struct *fsp, uint32 share_mode);
+ int (*kernel_flock)(struct vfs_handle_struct *handle, struct
files_struct *fsp,
+ uint32 share_mode, uint32_t access_mask);
int (*linux_setlease)(struct vfs_handle_struct *handle, struct
files_struct *fsp, int leasetype);
bool (*getlock)(struct vfs_handle_struct *handle, struct files_struct
*fsp, SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid);
int (*symlink)(struct vfs_handle_struct *handle, const char *oldpath,
const char *newpath);
@@ -598,7 +599,8 @@ bool smb_vfs_call_lock(struct vfs_handle_struct *handle,
struct files_struct *fsp, int op, SMB_OFF_T offset,
SMB_OFF_T count, int type);
int smb_vfs_call_kernel_flock(struct vfs_handle_struct *handle,
- struct files_struct *fsp, uint32 share_mode);
+ struct files_struct *fsp, uint32 share_mode,
+ uint32_t access_mask);
int smb_vfs_call_linux_setlease(struct vfs_handle_struct *handle,
struct files_struct *fsp, int leasetype);
bool smb_vfs_call_getlock(struct vfs_handle_struct *handle,
diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h
index 8ca7f37..7206bf4 100644
--- a/source3/include/vfs_macros.h
+++ b/source3/include/vfs_macros.h
@@ -250,10 +250,10 @@
#define SMB_VFS_NEXT_LOCK(handle, fsp, op, offset, count, type) \
smb_vfs_call_lock((handle)-next, (fsp), (op), (offset), (count),
(type))
-#define SMB_VFS_KERNEL_FLOCK(fsp, share_mode) \
- smb_vfs_call_kernel_flock((fsp)-conn-vfs_handles, (fsp), (share_mode))
-#define SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode) \
- smb_vfs_call_kernel_flock((handle)-next, (fsp), (share_mode))
+#define SMB_VFS_KERNEL_FLOCK(fsp, share_mode, access_mask) \
+ smb_vfs_call_kernel_flock((fsp)-conn-vfs_handles, (fsp),
(share_mode), (access_mask))
+#define SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode, access_mask)
\
+ smb_vfs_call_kernel_flock((handle)-next, (fsp), (share_mode),
(access_mask))
#define SMB_VFS_LINUX_SETLEASE(fsp, leasetype) \
smb_vfs_call_linux_setlease((fsp)-conn-vfs_handles, (fsp),
(leasetype))
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 2c6894f..f9cd4a2 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -702,7 +702,7 @@ FILE *sys_fopen(const char *path, const char *type)
A flock() wrapper that will perform the kernel flock.
/
-void kernel_flock(int fd, uint32 share_mode)
+void
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1005-g8536e1b
The branch, master has been updated
via 8536e1b947ad8a2bc5596a9a1de9a58262153ebf (commit)
via 0d7c34a5b4362ae8b1083a8bcf3a4115c37cafde (commit)
via b87769c9a98904bb18c737923de4cb8d619528d1 (commit)
from ac774c49691b08fa90121d5bd008618cfd4405e7 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8536e1b947ad8a2bc5596a9a1de9a58262153ebf
Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de
Date: Tue Oct 6 19:27:17 2009 +0200
s4:various LDB modules - build_request functions - propagate result codes
back
It's very useful to know the exact result code when something fails and not
only a generic (by the module) created one.
Sure, there are some exception cases with specific results (special message
constellations, attributes, values...) which shouldn't be changed at all
(examples of them are in the ldap.py test). Therefore I looked very
carefully to not change them.
commit 0d7c34a5b4362ae8b1083a8bcf3a4115c37cafde
Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de
Date: Tue Oct 6 19:26:15 2009 +0200
s4:rootdse module - intendation fixup
commit b87769c9a98904bb18c737923de4cb8d619528d1
Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de
Date: Tue Oct 6 19:24:28 2009 +0200
s4:acl module - intendation fix and comment enhancement
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/acl.c|3 ++-
source4/dsdb/samdb/ldb_modules/kludge_acl.c |2 +-
source4/dsdb/samdb/ldb_modules/local_password.c |5 ++---
source4/dsdb/samdb/ldb_modules/objectguid.c |4 ++--
source4/dsdb/samdb/ldb_modules/partition.c | 20 ++--
source4/dsdb/samdb/ldb_modules/rootdse.c|4 ++--
source4/lib/ldb/modules/asq.c |4 ++--
source4/lib/ldb/modules/paged_results.c |3 +++
source4/lib/ldb/modules/sort.c |2 +-
9 files changed, 29 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c
b/source4/dsdb/samdb/ldb_modules/acl.c
index 1b02abc..2f12314 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -802,6 +802,7 @@ static int acl_modify(struct ldb_module *module, struct
ldb_request *req)
return LDB_ERR_OPERATIONS_ERROR;
}
+/* TODO Is this really right? */
/* if (what_is_user(module) == SECURITY_SYSTEM) */
return ldb_next_request(module, req);
@@ -813,7 +814,7 @@ static int acl_modify(struct ldb_module *module, struct
ldb_request *req)
ac-user_type = what_is_user(module);
ac-sec_result = LDB_SUCCESS;
if (!is_root_base_dn(ldb, req-op.mod.message-dn) parent
!is_root_base_dn(ldb, parent)){
- filter = talloc_asprintf(req,((objectClass=*)(|(%s=%s)(%s=%s,
+ filter =
talloc_asprintf(req,((objectClass=*)(|(%s=%s)(%s=%s,
ldb_dn_get_component_name(parent,0),
ldb_dn_get_component_val(parent,0)-data,
ldb_dn_get_component_name(req-op.mod.message-dn,0),
diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c
b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
index 34f848d..79309e8 100644
--- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c
+++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
@@ -379,7 +379,7 @@ static int kludge_acl_search(struct ldb_module *module,
struct ldb_request *req)
ac, kludge_acl_callback,
req);
if (ret != LDB_SUCCESS) {
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
/* check if there's an SD_FLAGS control */
diff --git a/source4/dsdb/samdb/ldb_modules/local_password.c
b/source4/dsdb/samdb/ldb_modules/local_password.c
index 58c0f1f..9c386b3 100644
--- a/source4/dsdb/samdb/ldb_modules/local_password.c
+++ b/source4/dsdb/samdb/ldb_modules/local_password.c
@@ -633,8 +633,7 @@ static int lpdb_delete_callabck(struct ldb_request *req,
ret = ldb_next_request(ac-module, search_req);
if (ret != LDB_SUCCESS) {
- return ldb_module_done(ac-req, NULL, NULL,
- LDB_ERR_OPERATIONS_ERROR);
+ return ldb_module_done(ac-req, NULL, NULL, ret);
}
return LDB_SUCCESS;
}
@@ -1082,7 +1081,7 @@ static int local_password_search(struct ldb_module
*module, struct ldb_request *
ac, lpdb_remote_search_callback,
req);
if (ret != LDB_SUCCESS) {
- return LDB_ERR_OPERATIONS_ERROR;
+ return ret;
}
/* perform the search
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1006-ga4aa38f
The branch, master has been updated
via a4aa38f8b927d6713c4cdd921a0a27cded041e94 (commit)
from 8536e1b947ad8a2bc5596a9a1de9a58262153ebf (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a4aa38f8b927d6713c4cdd921a0a27cded041e94
Author: Volker Lendecke v...@samba.org
Date: Tue Oct 6 21:31:02 2009 +0200
s3:winbind: Make query_user_list in winbindd_rpc a bit more readable
---
Summary of changes:
source3/winbindd/winbindd_rpc.c | 21 +
1 files changed, 13 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index ac5c3d2..ce437f7 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -99,14 +99,19 @@ static NTSTATUS query_user_list(struct winbindd_domain
*domain,
for (j = 0; j num_dom_users; i++, j++) {
uint32_t rid = disp_info.info1.entries[j].rid;
+ struct samr_DispEntryGeneral *src;
+ struct wbint_userinfo *dst;
- (*info)[i].acct_name = talloc_strdup(mem_ctx,
- disp_info.info1.entries[j].account_name.string);
- (*info)[i].full_name = talloc_strdup(mem_ctx,
- disp_info.info1.entries[j].full_name.string);
- (*info)[i].homedir = NULL;
- (*info)[i].shell = NULL;
- sid_compose((*info)[i].user_sid, domain-sid, rid);
+ src = (disp_info.info1.entries[j]);
+ dst = ((*info)[i]);
+
+ dst-acct_name = talloc_strdup(
+ mem_ctx, src-account_name.string);
+ dst-full_name = talloc_strdup(
+ mem_ctx, src-full_name.string);
+ dst-homedir = NULL;
+ dst-shell = NULL;
+ sid_compose(dst-user_sid, domain-sid, rid);
/* For the moment we set the primary group for
every user to be the Domain Users group.
@@ -116,7 +121,7 @@ static NTSTATUS query_user_list(struct winbindd_domain
*domain,
force group' smb.conf parameter or
something like that. */
- sid_compose((*info)[i].group_sid, domain-sid,
+ sid_compose(dst-group_sid, domain-sid,
DOMAIN_GROUP_RID_USERS);
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1011-gd31fa07
The branch, master has been updated
via d31fa07fde1d7118c7a33b0d93c29f6a96e1c44e (commit)
via 1d0fb1e0fba3cf4d04d4602ed4e717912804e5de (commit)
via 7816f9d7abf5203537c3bb7afb9511b00d2d974f (commit)
via 90cd031fb3b88a9451b0d85e1081e771f7d6ec2f (commit)
via 2bf8a7485cf0733c808bc97a399a1c73bb988414 (commit)
from a4aa38f8b927d6713c4cdd921a0a27cded041e94 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d31fa07fde1d7118c7a33b0d93c29f6a96e1c44e
Author: Andrew Tridgell tri...@samba.org
Date: Wed Oct 7 10:05:26 2009 +1100
s4-torture: removed an accidental commit of a local test hack
Sorry about that
commit 1d0fb1e0fba3cf4d04d4602ed4e717912804e5de
Author: Andrew Tridgell tri...@samba.org
Date: Wed Oct 7 06:39:03 2009 +1100
tdr: teach TDR about uint1632 enums
TDB doesn't have NDR64, but it needs to know how to map the new types
from pidl
commit 7816f9d7abf5203537c3bb7afb9511b00d2d974f
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 20:49:14 2009 +1100
pidl: update PIDL tests for uint1632 enums
commit 90cd031fb3b88a9451b0d85e1081e771f7d6ec2f
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 20:47:42 2009 +1100
idl: recompile IDL for uint1632 change
commit 2bf8a7485cf0733c808bc97a399a1c73bb988414
Author: Andrew Tridgell tri...@samba.org
Date: Tue Oct 6 20:47:09 2009 +1100
pidl: get the alignment right for uint1632 enums (NDR64)
The default enum in NDR63 is 32 bits, not 16 bits. We need a uint1632
type to get the alignment right.
---
Summary of changes:
lib/tdr/tdr.c | 10 +
librpc/gen_ndr/ndr_dfs.c |4 +-
librpc/gen_ndr/ndr_drsblobs.c | 24 ++--
librpc/gen_ndr/ndr_drsuapi.c |6 +-
librpc/gen_ndr/ndr_dssetup.c | 26 ++--
librpc/gen_ndr/ndr_echo.c |4 +-
librpc/gen_ndr/ndr_eventlog.c |4 +-
librpc/gen_ndr/ndr_lsa.c | 18
librpc/gen_ndr/ndr_misc.c |4 +-
librpc/gen_ndr/ndr_netlogon.c | 18
librpc/gen_ndr/ndr_ntlmssp.c |4 +-
librpc/gen_ndr/ndr_samr.c | 28 +++---
librpc/gen_ndr/ndr_schannel.c | 24 ++--
librpc/gen_ndr/ndr_security.c |4 +-
librpc/gen_ndr/ndr_spoolss.c |4 +-
librpc/gen_ndr/ndr_wkssvc.c | 12 +++---
librpc/ndr/libndr.h |3 +
librpc/ndr/ndr_basic.c| 78 +---
pidl/lib/Parse/Pidl/NDR.pm|2 +
pidl/lib/Parse/Pidl/Samba4/TDR.pm |6 ++-
pidl/lib/Parse/Pidl/Typelist.pm |4 +-
pidl/tests/typelist.pl|2 +-
source4/torture/rpc/samr.c|1 -
23 files changed, 178 insertions(+), 112 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tdr/tdr.c b/lib/tdr/tdr.c
index 293436e..ce67003 100644
--- a/lib/tdr/tdr.c
+++ b/lib/tdr/tdr.c
@@ -92,6 +92,11 @@ NTSTATUS tdr_pull_uint16(struct tdr_pull *tdr, TALLOC_CTX
*ctx, uint16_t *v)
return NT_STATUS_OK;
}
+NTSTATUS tdr_pull_uint1632(struct tdr_pull *tdr, TALLOC_CTX *ctx, uint16_t *v)
+{
+ return tdr_pull_uint16(tdr, ctx, v);
+}
+
NTSTATUS tdr_push_uint16(struct tdr_push *tdr, const uint16_t *v)
{
TDR_PUSH_NEED_BYTES(tdr, 2);
@@ -100,6 +105,11 @@ NTSTATUS tdr_push_uint16(struct tdr_push *tdr, const
uint16_t *v)
return NT_STATUS_OK;
}
+NTSTATUS tdr_push_uint1632(struct tdr_push *tdr, const uint16_t *v)
+{
+ return tdr_push_uint16(tdr, v);
+}
+
NTSTATUS tdr_print_uint16(struct tdr_print *tdr, const char *name, uint16_t *v)
{
tdr-print(tdr, %-25s: 0x%02x (%u), name, *v, *v);
diff --git a/librpc/gen_ndr/ndr_dfs.c b/librpc/gen_ndr/ndr_dfs.c
index 367b688..62f42ba 100644
--- a/librpc/gen_ndr/ndr_dfs.c
+++ b/librpc/gen_ndr/ndr_dfs.c
@@ -1499,14 +1499,14 @@ _PUBLIC_ void ndr_print_dfs_Info200(struct ndr_print
*ndr, const char *name, con
static enum ndr_err_code ndr_push_dfs_VolumeFlavor(struct ndr_push *ndr, int
ndr_flags, enum dfs_VolumeFlavor r)
{
- NDR_CHECK(ndr_push_enum_uint16(ndr, NDR_SCALARS, r));
+ NDR_CHECK(ndr_push_enum_uint1632(ndr, NDR_SCALARS, r));
return NDR_ERR_SUCCESS;
}
static enum ndr_err_code ndr_pull_dfs_VolumeFlavor(struct ndr_pull *ndr, int
ndr_flags, enum dfs_VolumeFlavor *r)
{
uint16_t v;
- NDR_CHECK(ndr_pull_enum_uint16(ndr, NDR_SCALARS, v));
+ NDR_CHECK(ndr_pull_enum_uint1632(ndr, NDR_SCALARS, v));
*r = v;
return NDR_ERR_SUCCESS;
}
diff --git a/librpc/gen_ndr/ndr_drsblobs.c b/librpc/gen_ndr/ndr_drsblobs.c
index e45f7ee..8a0842b 100644
--- a/librpc/gen_ndr/ndr_drsblobs.c
+++ b/librpc/gen_ndr/ndr_drsblobs.c
@@ -1578,7 +1578,7 @@ static enum ndr_err_code
ndr_push_supplementalCredentialsSignature(struct
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1012-g8dedcea
The branch, master has been updated
via 8dedceaff9543ce92d9ad51f67c5c51cd63e7931 (commit)
from d31fa07fde1d7118c7a33b0d93c29f6a96e1c44e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8dedceaff9543ce92d9ad51f67c5c51cd63e7931
Author: Andrew Tridgell tri...@samba.org
Date: Wed Oct 7 10:55:35 2009 +1100
torture: disable the ValidatePassword test
This test causes problems on non-sealed connections against windows
---
Summary of changes:
source4/torture/rpc/samr.c |6 +-
1 files changed, 5 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index c9efb2e..b786c3f 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -6795,7 +6795,10 @@ bool torture_rpc_samr(struct torture_context *torture)
return false;
}
- ret = test_samr_ValidatePassword(p, torture);
+
+ if (torture_setting_bool(torture, dangerous, false)) {
+ ret = test_samr_ValidatePassword(p, torture);
+ }
ret = test_Connect(p, torture, handle);
@@ -7039,3 +7042,4 @@ struct torture_suite
*torture_rpc_samr_large_dc(TALLOC_CTX *mem_ctx)
return suite;
}
+
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1013-g7709db4
The branch, master has been updated
via 7709db4c0363fe2d7b061bbed5022a8fbbf78e7c (commit)
from 8dedceaff9543ce92d9ad51f67c5c51cd63e7931 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7709db4c0363fe2d7b061bbed5022a8fbbf78e7c
Author: Jeremy Allison j...@samba.org
Date: Tue Oct 6 17:18:15 2009 -0700
Test creating and deleting a bad symlink using the POSIX calls. Ensure
we don't regress on bug 6769.
Jeremy.
---
Summary of changes:
source3/script/tests/test_smbclient_s3.sh | 42 +
1 files changed, 42 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/script/tests/test_smbclient_s3.sh
b/source3/script/tests/test_smbclient_s3.sh
index f60c7d7..b0199a3 100755
--- a/source3/script/tests/test_smbclient_s3.sh
+++ b/source3/script/tests/test_smbclient_s3.sh
@@ -86,6 +86,44 @@ EOF
fi
}
+# Test creating a bad symlink and deleting it.
+test_bad_symlink()
+{
+prompt=posix_unlink deleted file /newname
+tmpfile=/tmp/smbclient.in.$$
+
+cat $tmpfile EOF
+posix
+symlink badname newname
+posix_unlink newname
+quit
+EOF
+
+cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT $CONFIGURATION $@
-U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS $tmpfile 21'
+eval echo $cmd
+out=`eval $cmd`
+ret=$?
+rm -f $tmpfile
+
+if [ $ret != 0 ] ; then
+ echo $out
+ echo failed create then delete bad symlink
+ false
+ return
+fi
+
+echo $out | grep $prompt /dev/null 21
+
+if [ $? = 0 ] ; then
+ # got the correct prompt .. succeed
+ true
+else
+ echo failed create then delete bad symlink
+ false
+fi
+}
+
+
testit smbclient -L $SERVER_IP $SMBCLIENT $CONFIGURATION -L $SERVER_IP -N -p
139 || failed=`expr $failed + 1`
testit smbclient -L $SERVER -I $SERVER_IP $SMBCLIENT $CONFIGURATION -L
$SERVER -I $SERVER_IP -N -p 139 || failed=`expr $failed + 1`
@@ -105,4 +143,8 @@ testit interactive smbclient -l prompts on stdout \
test_interactive_prompt_stdout -l /tmp || \
failed=`expr $failed + 1`
+testit creating a bad symlink and deleting it \
+ test_bad_symlink || \
+ failed=`expr $failed + 1`
+
testok $0 $failed
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated - tevent-0-9-8-953-g22d2628
The branch, v3-5-test has been updated
via 22d26287cf3f89c9294c285aff12736c47b85896 (commit)
from 763c95c145b6313a1460a7e45685a7f966e8bd4d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -
commit 22d26287cf3f89c9294c285aff12736c47b85896
Author: Jeremy Allison j...@samba.org
Date: Tue Oct 6 17:18:15 2009 -0700
Test creating and deleting a bad symlink using the POSIX calls. Ensure
we don't regress on bug 6769.
Jeremy.
---
Summary of changes:
source3/script/tests/test_smbclient_s3.sh | 42 +
1 files changed, 42 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/script/tests/test_smbclient_s3.sh
b/source3/script/tests/test_smbclient_s3.sh
index f60c7d7..b0199a3 100755
--- a/source3/script/tests/test_smbclient_s3.sh
+++ b/source3/script/tests/test_smbclient_s3.sh
@@ -86,6 +86,44 @@ EOF
fi
}
+# Test creating a bad symlink and deleting it.
+test_bad_symlink()
+{
+prompt=posix_unlink deleted file /newname
+tmpfile=/tmp/smbclient.in.$$
+
+cat $tmpfile EOF
+posix
+symlink badname newname
+posix_unlink newname
+quit
+EOF
+
+cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT $CONFIGURATION $@
-U$USERNAME%$PASSWORD //$SERVER/tmp -I $SERVER_IP $ADDARGS $tmpfile 21'
+eval echo $cmd
+out=`eval $cmd`
+ret=$?
+rm -f $tmpfile
+
+if [ $ret != 0 ] ; then
+ echo $out
+ echo failed create then delete bad symlink
+ false
+ return
+fi
+
+echo $out | grep $prompt /dev/null 21
+
+if [ $? = 0 ] ; then
+ # got the correct prompt .. succeed
+ true
+else
+ echo failed create then delete bad symlink
+ false
+fi
+}
+
+
testit smbclient -L $SERVER_IP $SMBCLIENT $CONFIGURATION -L $SERVER_IP -N -p
139 || failed=`expr $failed + 1`
testit smbclient -L $SERVER -I $SERVER_IP $SMBCLIENT $CONFIGURATION -L
$SERVER -I $SERVER_IP -N -p 139 || failed=`expr $failed + 1`
@@ -105,4 +143,8 @@ testit interactive smbclient -l prompts on stdout \
test_interactive_prompt_stdout -l /tmp || \
failed=`expr $failed + 1`
+testit creating a bad symlink and deleting it \
+ test_bad_symlink || \
+ failed=`expr $failed + 1`
+
testok $0 $failed
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-1018-gd29409c
The branch, master has been updated
via d29409c1523b9d7ca9b3a7400bd9c94641decc46 (commit)
via b3377ef2ea71489749787ba13fba4dba1e9b6c6c (commit)
from 26b77348414fc99ec0a07cb5376942d722ddf643 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d29409c1523b9d7ca9b3a7400bd9c94641decc46
Merge: b3377ef2ea71489749787ba13fba4dba1e9b6c6c
26b77348414fc99ec0a07cb5376942d722ddf643
Author: Andrew Tridgell tri...@samba.org
Date: Wed Oct 7 16:21:28 2009 +1100
Merge branch 'master' of ssh://git.samba.org/data/git/samba
commit b3377ef2ea71489749787ba13fba4dba1e9b6c6c
Author: Andrew Tridgell tri...@samba.org
Date: Wed Oct 7 16:20:16 2009 +1100
s4-drs: fixed a memory error introduced yesterday
ids is retrurned via _ids, so it needs to be on the passed in mem_ctx
---
Summary of changes:
source4/dsdb/repl/replicated_objects.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/repl/replicated_objects.c
b/source4/dsdb/repl/replicated_objects.c
index 9877803..ec5dcd4 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -444,7 +444,7 @@ WERROR dsdb_origin_objects_commit(struct ldb_context *ldb,
}
}
- ids = talloc_array(objects,
+ ids = talloc_array(mem_ctx,
struct drsuapi_DsReplicaObjectIdentifier2,
num_objects);
if (ids == NULL) {
--
Samba Shared Repository
