Re: [Samba] unix exts / wide links / symlinks
On Wed, Apr 07, 2010 at 08:38:50AM +0200, Stefan Götz wrote: Sorry for that, but Samba just can't afford to be called insecure by default. Absolutely - and I do very much respect the reasons for that. So Linda and I are suggesting a non-default option or option value called something like YesIWantToShootMyselfInTheFootAndWontComplainAboutItOnSlashdotSoTurnOnWideLinks instead of reverting to an insecure default. In our usage scenarios, such a shot in the foot is something quite desirable and useful. If you asked me, I would support that. insecure wide links and unix extensions = yes or so. Now you have to convince Jeremy to also accept it :-) Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix exts / wide links / symlinks
Linda W put forth on 4/6/2010 6:44 PM: As it stands -- with any autodate, or any update, I load from my vendor, I will find my whole setup failing -- as these links are key to my setup working. I'll have to recompile every update the instant it hits -- and if autoupdate is turned on -- the first I'll see is no client being able to access their personal Documents folder -- which is put in a separate location for various administrative reasons. The Debian Linux package manager system allows the OP to pin certain packages so they are left alone during updates. IIRC, you can also configure it to notify you when a new version of a pinned package is available, so you can take any necessary action. I.e. if the package update is due to a security issue, you can go ahead manually roll a new copy with your custom patches and install it. If the update isn't a security fix, but a feature update you don't really need, you can ignore the situation until the next security update comes along, saving yourself some of the rebuild episodes. This obviously isn't an optimal solution either as it still requires some manual work. But it's a bit better than the situation you describe. Does your distro's package manager have a package pinning feature? Have you looked for a non-vendor package with the feature you need maintained by a third party? That may be an option as well. Have you checked to see if your Linux vendor maintains a version of the samba package with feature, but it's not made available via the standard channels? If more than a handful of people need a feature, in the Linux world, usually someone is maintaining a copy someone around the globe. None of these possible solutions are perfect, but one or more of them may be a little better than your current situation. -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Kerberos method not working like use kerberos keytab?
Hi, I have a couple of old samba 3.0.30 installations. I enabled the use kerberos keytab option in the smb.conf file to aquire a tgt automatically when a user logs in. This works fine on 3.0.30 installs. On newer samba versions I recognized that the option has been phased out and replaced by a newer option called kerberos method the man page is not really clear about what to choose here so I googled and found the following: For existing installs: use kerberos keytab = yes corresponds to secrets and keytab use kerberos keytab = no corresponds to secrets only http://www.mail-archive.com/samba-...@lists.samba.org/msg55272.html Setting kerberos method = secrets and keytab doesn't work for some reason. I have not changed the /etc/security/pam_winbind.conf: [global] # turn on debugging ;debug = no # request a cached login if possible # (needs winbind offline logon = yes in smb.conf) cached_login = yes # authenticate using kerberos krb5_auth = yes # when using kerberos, request a FILE krb5 credential cache type # (leave empty to just do krb5 authentication but not have a ticket # afterwards) krb5_ccache_type = FILE # make successful authentication dependend on membership of one SID # (can also take a name) ;require_membership_of = There is TGT aquired when a user logs in. Am I missing something in my configuration? This is really a cool feature for using NFSv4. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Kerberos method not working like use kerberos keytab?
Ok, problem solved. The TGT is only aquired when directly logging in as a user. Running su - as root doesn't aquire the ticket. Which is cool. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix exts / wide links / symlinks
Volker Lendecke wrote If you asked me, I would support that. insecure wide links and unix extensions = yes --- If I catch your drift -- we might be saying same -- if I specify 'wide links = true' or ' = insecurely_true, the former could change a '_non-specified_ default for unix extensions to off but generate an error if both are specified. if I use the 'insecurity_true' could again force unix extensions to off as default, but if user explicitly specifies both, then they are knowingly turning on both options and only in that case would they get the old behavior. In my setup my root dir is shared via samba, so wide links are not a security issue. I.e. In my situation, a bug was created -- no security issue was fixed. or so. Now you have to convince Jeremy to also accept it :-) --- Hopefully he'll convince himself -- my convincing skill are as likely as not to offput someone...;-) -l -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] [Announce] Samba 3.5.2 Available for Download
= Why don't we save time and you just tell me what I want? Mr. Big to Carie, Sex and the City = Release Announcements = This is the latest stable release of Samba 3.5. Major enhancements in Samba 3.5.2 include: o Fix smbd segfaults in _netr_SamLogon for clients sending null domain (bug #7237). o Fix smbd segfaults in waiting for connections message (bug #7251). o Fix an uninitialized variable read in smbd (bug #7254). o Fix a memleak in Winbind (bug #7278). o Fix Winbind reconnection to it's own domain (bug #7295). Changes since 3.5.1 --- o Michael Adam ob...@samba.org * BUG 7231: Fix automatic building of vfs_tsmsm if gpfs and dmapi are present. * BUG 7232: Fix race conditions in CTDB persistent transactions. * BUG 7313: Make 'net conf addshare' atomic. * BUG 7314: Eliminate race condition in creating/scanning sorted subkeys in the registry backend. o Jeremy Allison j...@samba.org * BUG 7075: Fix bug in vfs_scannedonly rmdir implementation. * BUG 7159: Fix handling of bad server data returns in client rpc_transport. * BUG 7234: Symlink delete fails but incorrectly reports success to client. * BUG 7255: Fix printer admin functionality. * BUG 7283: Fix smbd segfault if using vfs_acl_tdb. * BUG 7297: Fix smbd crashes with CUPS printers and no [printers] share defined. * BUG 7310: Fix DOS attribute inconsistency with MS Office. o Kai Blin k...@samba.org * BUG 7290: Fix core dump in 'ntlm_auth' with gss-spnego helper. o Günther Deschner g...@samba.org * BUG 6727: Fix several printing issues. * BUG 7237: Fix smbd segfaults in _netr_SamLogon for clients sending null domain. * BUG 7256: Fix value-needed calculation in_spoolss_EnumPrinterData(). * BUG 7258: Fix _winreg_QueryValue crash bugs and implement Windows behavior. o Holger Hetterich hhet...@novell.com * BUG 7203: Fix 'net share' command. o Michael Karcher sa...@mkarcher.dialup.fu-berlin.de * BUG 7269: Fix job management commands for CUPS queues. o Jeff Layton jlay...@redhat.com * BUG 6853: Fix race condition in mount.cifs that allows user to replace mountpoint with a symlink. o Volker Lendecke v...@samba.org * BUG 5198: Fix parsing of the gecos field. * BUG 7202: Fix access by multi-threaded applications. * BUG 7212: Fix returning of group members with 'getent group'. * BUG 7216: Fix the build of net_afs.c with --fake-kaserver=yes. * BUG 7229: Fix a NULL pointer dereference in smbd. * BUG 7232: Fix race conditions in CTDB persistent transactions. * BUG 7254: Fix an uninitialized variable read in smbd. * BUG 7278: Fix a memleak in Winbind. o Roel van Meer ro...@alt001.com * BUG 6814: Fix valgrind warning. o Stefan Metzmacher me...@samba.org * BUG 7170: Never mark external domains as internal in Winbind. * BUG 7225: Make Winbind logs more verbose for troubleshooting. * BUG 7251: Fix smbd segfault in waiting for connections message. * BUG 7295: Fix Winbind reconnection to it's own domain. * BUG 7316: Winbind possibly segfaults when trying a trusted domain without inbound trust. o SATOH Fumiyasu fumi...@osstech.co.jp * BUG 1206: Fix segfault if hide files or veto files has no .AppleDouble. o Simo Sorce i...@samba.org * BUG 7204: Fix DN parsing name was always null. o Andrew Tridgell tri...@samba.org * BUG 7312: Many disconnecting clients render clustered Samba unusuable for some time. o Bo Yang boy...@samba.org * BUG 7206: Signals are processed twice in child. ## Reporting bugs Development Discussion ### Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. All bug reports should be filed under the Samba 3.5 product in the project's Bugzilla database (https://bugzilla.samba.org/). == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == Download Details The uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code can be downloaded from: http://download.samba.org/samba/ftp/stable The release notes are available online at:
[Samba] Does control of NFS4 ACL's from NetApps work for RHEL Samba servers with Windows XP clients at all?
Good morning! I'm reviewing some corporate storage setups involving NetApps, where the NetApp stores what they call UNIX Qtrees. So far, so good: those allow the setting of access to the data with NFS4 ACL's, which are fairly sophisticated and allow multiple groups or even multiple users to be granted write access.or read access, besides the normal UNIX group owner. That works fine. But we'd like Windows clients to be able to *read* this information. Not necessarily to be able to reset it, although that would be nice. But to *read* the directory and file permissions and see who owns it. The groups and users are synced between the Active Directory domain and the NetApp's with fairly sophisticated NIS middleware, but the Windows CIFS clients can't see the details of file ownership. I've noted some discussion in the mailing list logs for NFS4 ACL patches but I'm not aware of anyone reporting on this feature. My first tests with Samba 3.0.33 or the samba3x-3.3.8 package on RHEL 5 don't seem to show any improvements. But I'm not sure if there are more recent releases, or flags I should be using, to make that security data visible to Windows users. Does anyone here have suggestions on upgrades or settings to support this? Or even know if it's feasible? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Joining a NetApp filer to a Samba PDC ?
Hello Does anyone succeded in joining a Samba PDC with a NetApp filer ? I tried many times but never succeded ... Any infos welcome. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Joining a NetApp filer to a Samba PDC ?
On Wed, Apr 07, 2010 at 02:18:31PM +0200, Frank Bonnet wrote: Does anyone succeded in joining a Samba PDC with a NetApp filer ? I tried many times but never succeded ... Yes, I did succeed a while ago. What's your problem? Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does control of NFS4 ACL's from NetApps work for RHEL Samba servers with Windows XP clients at all?
On Wed, Apr 07, 2010 at 07:50:37AM -0400, Nico Kadel-Garcia wrote: I'm reviewing some corporate storage setups involving NetApps, where the NetApp stores what they call UNIX Qtrees. So far, so good: those allow the setting of access to the data with NFS4 ACL's, which are fairly sophisticated and allow multiple groups or even multiple users to be granted write access.or read access, besides the normal UNIX group owner. That works fine. But we'd like Windows clients to be able to *read* this information. Not necessarily to be able to reset it, although that would be nice. But to *read* the directory and file permissions and see who owns it. The groups and users are synced between the Active Directory domain and the NetApp's with fairly sophisticated NIS middleware, but the Windows CIFS clients can't see the details of file ownership. I've noted some discussion in the mailing list logs for NFS4 ACL patches but I'm not aware of anyone reporting on this feature. My first tests with Samba 3.0.33 or the samba3x-3.3.8 package on RHEL 5 don't seem to show any improvements. But I'm not sure if there are more recent releases, or flags I should be using, to make that security data visible to Windows users. Does anyone here have suggestions on upgrades or settings to support this? Or even know if it's feasible? As long as the Kernel does not pass the requests through to user-space via some API, I would guess it is highly unlikely that this can be passed to the Windows clients. Maybe at some point it would be necessary to write a full NFSv 3 and 4 client as a Samba user-space VFS module, so that we are independent of the kernel and have access to the only specified NFSv4 ACL interface, the on-the-wire protocol :-) Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba server file read size limit of 64MB for HDF files
Sorry if that's a vague subject, but this problem is a little weird and I'm just wondering if there are any suggestions out there. We've got a Samba server (3.0.23) running on a CentOS 5.3 server offering up a data share of 7TB on an XFS filesystem. The authentication all happens through a Samba PDC with an LDAP backend all on a different server. The system in question is just a domain member fileserver. On the data share are several HDF files that we try to read into a couple of different applications on XP. I'm using the Compaq Array Visualizer just to look at them. The files on the server are owned by root, and world read/writable. As a regular user on the XP client, if I look at one of the files that's ~30MB in size, I'm presented with all the numbers I expect to see. If I look at a file that's larger than 64MB (80MB for the specific ones I was testing, but we've found the problem after 64MB in size) I no longer see the numbers that I would expect...it's all zeroed out at the beginning. If I copy the 80MB HDF to my local XP workstation, it works fine, so it's not a corrupted file or anything. The weird part is that if I go onto the linux server and change the ownership of the file to my regular user account, it all works fine...I can read the 80MB file through samba and see all the numbers I should...but no other users can. If I change the ownership to someone else, they can then see it all, and I can't again. At one point all of these files were hosted from a Windows 2008 Server, and never experienced these problems, only after the move to the Samba server. The fact that anything smaller than 64MB works, starts to sound like a possible setting that I can change. Unfortunately I can't provide the HDF files I'm using, and if you want to see the smb.conf let me know and I can try to get that posted. If anyone has any insight or help to offer, it would be appreciated. Thanks. Kevin Taylor _ Hotmail is redefining busy with tools for the New Busy. Get more from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_2 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Joining a NetApp filer to a Samba PDC ?
Frank Bonnet wrote: Hello Does anyone succeded in joining a Samba PDC with a NetApp filer ? Yep, look here: http://pware.hvcc.edu/NetApp-Samba.pdf Cheers, Bill I tried many times but never succeded ... Any infos welcome. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC migration from suse 8.2 - samba 2.2.7 ldap - to latest versions on ubuntu 8.04
Hello Vladimir and anyone else reading :-) ! Attaching these files: - gg-edited.ldif - slapd.conf.destination.txt - slapd.conf.source.txt - ldap.conf.destination.txt - ldap.conf.source.txt - slapadd-ing.LOG this was the log while importing ldif NET SID ETC net setlocalsid S-1-5-21-1168...-..-...2 net setdomainsid S-1-5-21-1168...-..-...1 does net setlocal and domain sid have sense or should it be net setdomainsid twice with different sids? Thanks very much! Giorgio On 4/6/10, Vladimir Psenicka vladimir.pseni...@prodeco.cz wrote: Hi Gorgio Dne 2.4.2010 17:01, GG napsal(a): Hi all, So I have openldap2-2.1.12-74 samba-2.2.7a-72 I would like to migrate this existing PDC service to a new server and to current production / stable releases (especially for windows 7 joining to the domain). New server is Debian Lenny stable. I have exported the domain SID, and ldap.ldif Now lets get down to it :-) Before importing should I do something about organizational units and so? How? Import only data to LDAP no configs (slapcat-slapadd) slapadd -c -l slapcat.ldif I did this but attached errors showed up. Error, entries missing! entry 3: dc=people,dc=ExampleDomain,dc=it entry 4: dc=groups,dc=people,dc=ExampleDomain,dc=it Can you post first 100 lines of your ldif you try to import? You probably missing some base ldif. I know nothing about ldap, but my ldap is probably missing some pre required settings ? :-/ Can you post slapd.conf also? Cheers! Giorgio Configs yes, live data no, but if you have ldap it *should* be enough to import ldif from old server, configure samba to use ldap and run smbpasswd -W to store ldap admin dn pass to secrets.tdb. After that you can test if samba see imported users in ldap (pdbedit -L). On 3/27/10, Vladimir Psenicka vladimir.pseni...@prodeco.cz wrote: On Fri, 26 Mar 2010 15:32:50 +0100, GG joj...@gmail.com wrote: wow I made it! I copied net and all the libs it complained about from another suse server which was not missing it :-) [2010/03/26 15:07:37, 0] param/loadparm.c:map_parameter(2435) Unknown parameter encountered: domain admin group [2010/03/26 15:07:37, 0] param/loadparm.c:lp_do_parameter(3125) Ignoring unknown parameter domain admin group SID for domain ThisIsLikeTheHostNameOrMaybeAtestDomain??? is: S-1-5-21-1bla bla SID for domain THISISMYDOMAIN is: S-1-5-other-bla bla Which shall I import? Import both for sure:-). First is localsid, second is domainsid So now back to mail number 2 :-) LDAP: I exported ldif :-) now I copied /etc/groups passwd shadow aliases now on the new server: how do I import LDAP and all its configs, samba and all its configs are only in smb.conf? Import only data to LDAP no configs (slapcat-slapadd) Configs yes, live data no, but if you have ldap it *should* be enough to import ldif from old server, configure samba to use ldap and run smbpasswd -W to store ldap admin dn pass to secrets.tdb. After that you can test if samba see imported users in ldap (pdbedit -L). :-) Giorgio On 3/26/10, Vladimir Psenicka vladimir.pseni...@prodeco.cz wrote: Paste ldap admin dn or ldap suffix in your smb.conf Dne 26.3.2010 15:24, Vladimir Psenicka napsal(a): try this: ldapsearch -x -h localhost -D cn=Manager,dc=WORKGROUP,dc=it -W -b sambaDomainName=WORKGROUP,dc=WORKGROUP,dc=it Dne 26.3.2010 15:00, GG napsal(a): Hello! I'm stuck on getdomainsid: Net command is missing even though libs and smbclient are installed. I tried this: # ldapsearch -x -h localhost -D cn=Manager,dc=domain,dc=it -W -b sambaDomainName=WORKGROUP,dc=domain,dc=it Enter LDAP Password: # extended LDIF # # LDAPv3 # base sambaDomainName=WORKGROUP,dc=domain,dc=it with scope sub # filter: (objectclass=*) # requesting: ALL # # search result search: 2 result: 34 Invalid DN syntax text: invalid DN # numResponses: 1 So: I'm not sure what is sambaDomainName=domain,dc=domain,dc=it... I used WORKGROUP as it is the domain we use on pcs and the only one defined in smb.conf I also tried using my pdc HOSTNAME and this was returned # LDAPv3 # base sambaDomainName=hostname,dc=domain,dc=it with scope sub # filter: (objectclass=*) # requesting: ALL # # search result search: 2 result: 34 Invalid DN syntax text: invalid DN # numResponses: 1 Any way to get through this or how to use net command? Maybe updating samba-client? I tried rpm -i samba-client but it says file /usr/share/man/man1/smbclient.1.gz from install of samba-client-2.2.12-1.suse82 conflicts with file from package samba-client-2.2.7a-72 when trying to rpm -i samba-client-2.2.12-1.rpm I found also the original package but it says it is already installed. What happens if I
Re: [Samba] PDC migration from suse 8.2 - samba 2.2.7 ldap - to latest versions on ubuntu 8.04
They should be the same SID. The SID of a DC should the same as the SID of the domain itself. And if you had multiple DC's they should all have the same SID. At least that is what I have and it seems to work for me. On 04/07/2010 10:14 AM, GG wrote: Hello Vladimir and anyone else reading :-) ! Attaching these files: - gg-edited.ldif - slapd.conf.destination.txt - slapd.conf.source.txt - ldap.conf.destination.txt - ldap.conf.source.txt - slapadd-ing.LOG this was the log while importing ldif NET SID ETC net setlocalsid S-1-5-21-1168...-..-...2 net setdomainsid S-1-5-21-1168...-..-...1 does net setlocal and domain sid have sense or should it be net setdomainsid twice with different sids? Thanks very much! Giorgio On 4/6/10, Vladimir Psenickavladimir.pseni...@prodeco.cz wrote: Hi Gorgio Dne 2.4.2010 17:01, GG napsal(a): Hi all, So I have openldap2-2.1.12-74 samba-2.2.7a-72 I would like to migrate this existing PDC service to a new server and to current production / stable releases (especially for windows 7 joining to the domain). New server is Debian Lenny stable. I have exported the domain SID, and ldap.ldif Now lets get down to it :-) Before importing should I do something about organizational units and so? How? Import only data to LDAP no configs (slapcat-slapadd) slapadd -c -l slapcat.ldif I did this but attached errors showed up. Error, entries missing! entry 3: dc=people,dc=ExampleDomain,dc=it entry 4: dc=groups,dc=people,dc=ExampleDomain,dc=it Can you post first 100 lines of your ldif you try to import? You probably missing some base ldif. I know nothing about ldap, but my ldap is probably missing some pre required settings ? :-/ Can you post slapd.conf also? Cheers! Giorgio Configs yes, live data no, but if you have ldap it *should* be enough to import ldif from old server, configure samba to use ldap and run smbpasswd -W to store ldap admin dn pass to secrets.tdb. After that you can test if samba see imported users in ldap (pdbedit -L). On 3/27/10, Vladimir Psenickavladimir.pseni...@prodeco.cz wrote: On Fri, 26 Mar 2010 15:32:50 +0100, GGjoj...@gmail.com wrote: wow I made it! I copied net and all the libs it complained about from another suse server which was not missing it :-) [2010/03/26 15:07:37, 0] param/loadparm.c:map_parameter(2435) Unknown parameter encountered: domain admin group [2010/03/26 15:07:37, 0] param/loadparm.c:lp_do_parameter(3125) Ignoring unknown parameter domain admin group SID for domain ThisIsLikeTheHostNameOrMaybeAtestDomain??? is: S-1-5-21-1bla bla SID for domain THISISMYDOMAIN is: S-1-5-other-bla bla Which shall I import? Import both for sure:-). First is localsid, second is domainsid So now back to mail number 2 :-) LDAP: I exported ldif :-) now I copied /etc/groups passwd shadow aliases now on the new server: how do I import LDAP and all its configs, samba and all its configs are only in smb.conf? Import only data to LDAP no configs (slapcat-slapadd) Configs yes, live data no, but if you have ldap it *should* be enough to import ldif from old server, configure samba to use ldap and run smbpasswd -W to store ldap admin dn pass to secrets.tdb. After that you can test if samba see imported users in ldap (pdbedit -L). :-) Giorgio On 3/26/10, Vladimir Psenickavladimir.pseni...@prodeco.cz wrote: Paste ldap admin dn or ldap suffix in your smb.conf Dne 26.3.2010 15:24, Vladimir Psenicka napsal(a): try this: ldapsearch -x -h localhost -D cn=Manager,dc=WORKGROUP,dc=it -W -b sambaDomainName=WORKGROUP,dc=WORKGROUP,dc=it Dne 26.3.2010 15:00, GG napsal(a): Hello! I'm stuck on getdomainsid: Net command is missing even though libs and smbclient are installed. I tried this: # ldapsearch -x -h localhost -D cn=Manager,dc=domain,dc=it -W -b sambaDomainName=WORKGROUP,dc=domain,dc=it Enter LDAP Password: # extended LDIF # # LDAPv3 # basesambaDomainName=WORKGROUP,dc=domain,dc=it with scope sub # filter: (objectclass=*) # requesting: ALL # # search result search: 2 result: 34 Invalid DN syntax text: invalid DN # numResponses: 1 So: I'm not sure what is sambaDomainName=domain,dc=domain,dc=it... I used WORKGROUP as it is the domain we use on pcs and the only one defined in smb.conf I also tried using my pdc HOSTNAME and this was returned # LDAPv3 # basesambaDomainName=hostname,dc=domain,dc=it with scope sub # filter: (objectclass=*) # requesting: ALL # # search result search: 2 result: 34 Invalid DN syntax text: invalid DN # numResponses: 1 Any way to get through this or how to use net command? Maybe updating samba-client? I tried rpm -i samba-client but it says file
Re: [Samba] Joining a NetApp filer to a Samba PDC ?
On 04/07/10 14:48, Volker Lendecke wrote: On Wed, Apr 07, 2010 at 02:18:31PM +0200, Frank Bonnet wrote: Does anyone succeded in joining a Samba PDC with a NetApp filer ? I tried many times but never succeded ... Yes, I did succeed a while ago. What's your problem? Volker hello here is the problem Wed Apr 7 16:29:05 MEST [cifs.server.infoMsg:info]: CIFS: Warning for server \\PDC-SRV: Unable to create NETLOGON pipe. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Joining a NetApp filer to a Samba PDC ?
Hi! On Wed, Apr 07, 2010 at 04:30:00PM +0200, Frank Bonnet wrote: Wed Apr 7 16:29:05 MEST [cifs.server.infoMsg:info]: CIFS: Warning for server \\PDC-SRV: Unable to create NETLOGON pipe. Please a network trace of this attempt to join the domain, together with a debug level 10 log of smbd serving this domain. http://wiki.samba.org/index.php/Capture_Packets Thanks, Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Joining a NetApp filer to a Samba PDC ?
On Wed, Apr 07, 2010 at 04:48:32PM +0200, Volker Lendecke wrote: Hi! On Wed, Apr 07, 2010 at 04:30:00PM +0200, Frank Bonnet wrote: Wed Apr 7 16:29:05 MEST [cifs.server.infoMsg:info]: CIFS: Warning for server \\PDC-SRV: Unable to create NETLOGON pipe. Please a network trace of this attempt to join the domain, Please send of course... Sorry, Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC migration from suse 8.2 - samba 2.2.7 ldap - to latest versions on ubuntu 8.04
you are right! please excuse me I misread! Giorgio On 4/7/10, Gaiseric Vandal gaiseric.van...@gmail.com wrote: They should be the same SID. The SID of a DC should the same as the SID of the domain itself. And if you had multiple DC's they should all have the same SID. At least that is what I have and it seems to work for me. On 04/07/2010 10:14 AM, GG wrote: Hello Vladimir and anyone else reading :-) ! Attaching these files: - gg-edited.ldif - slapd.conf.destination.txt - slapd.conf.source.txt - ldap.conf.destination.txt - ldap.conf.source.txt - slapadd-ing.LOG this was the log while importing ldif NET SID ETC net setlocalsid S-1-5-21-1168...-..-...2 net setdomainsid S-1-5-21-1168...-..-...1 does net setlocal and domain sid have sense or should it be net setdomainsid twice with different sids? Thanks very much! Giorgio On 4/6/10, Vladimir Psenickavladimir.pseni...@prodeco.cz wrote: Hi Gorgio Dne 2.4.2010 17:01, GG napsal(a): Hi all, So I have openldap2-2.1.12-74 samba-2.2.7a-72 I would like to migrate this existing PDC service to a new server and to current production / stable releases (especially for windows 7 joining to the domain). New server is Debian Lenny stable. I have exported the domain SID, and ldap.ldif Now lets get down to it :-) Before importing should I do something about organizational units and so? How? Import only data to LDAP no configs (slapcat-slapadd) slapadd -c -l slapcat.ldif I did this but attached errors showed up. Error, entries missing! entry 3: dc=people,dc=ExampleDomain,dc=it entry 4: dc=groups,dc=people,dc=ExampleDomain,dc=it Can you post first 100 lines of your ldif you try to import? You probably missing some base ldif. I know nothing about ldap, but my ldap is probably missing some pre required settings ? :-/ Can you post slapd.conf also? Cheers! Giorgio Configs yes, live data no, but if you have ldap it *should* be enough to import ldif from old server, configure samba to use ldap and run smbpasswd -W to store ldap admin dn pass to secrets.tdb. After that you can test if samba see imported users in ldap (pdbedit -L). On 3/27/10, Vladimir Psenickavladimir.pseni...@prodeco.cz wrote: On Fri, 26 Mar 2010 15:32:50 +0100, GGjoj...@gmail.com wrote: wow I made it! I copied net and all the libs it complained about from another suse server which was not missing it :-) [2010/03/26 15:07:37, 0] param/loadparm.c:map_parameter(2435) Unknown parameter encountered: domain admin group [2010/03/26 15:07:37, 0] param/loadparm.c:lp_do_parameter(3125) Ignoring unknown parameter domain admin group SID for domain ThisIsLikeTheHostNameOrMaybeAtestDomain??? is: S-1-5-21-1bla bla SID for domain THISISMYDOMAIN is: S-1-5-other-bla bla Which shall I import? Import both for sure:-). First is localsid, second is domainsid So now back to mail number 2 :-) LDAP: I exported ldif :-) now I copied /etc/groups passwd shadow aliases now on the new server: how do I import LDAP and all its configs, samba and all its configs are only in smb.conf? Import only data to LDAP no configs (slapcat-slapadd) Configs yes, live data no, but if you have ldap it *should* be enough to import ldif from old server, configure samba to use ldap and run smbpasswd -W to store ldap admin dn pass to secrets.tdb. After that you can test if samba see imported users in ldap (pdbedit -L). :-) Giorgio On 3/26/10, Vladimir Psenickavladimir.pseni...@prodeco.cz wrote: Paste ldap admin dn or ldap suffix in your smb.conf Dne 26.3.2010 15:24, Vladimir Psenicka napsal(a): try this: ldapsearch -x -h localhost -D cn=Manager,dc=WORKGROUP,dc=it -W -b sambaDomainName=WORKGROUP,dc=WORKGROUP,dc=it Dne 26.3.2010 15:00, GG napsal(a): Hello! I'm stuck on getdomainsid: Net command is missing even though libs and smbclient are installed. I tried this: # ldapsearch -x -h localhost -D cn=Manager,dc=domain,dc=it -W -b sambaDomainName=WORKGROUP,dc=domain,dc=it Enter LDAP Password: # extended LDIF # # LDAPv3 #
Re: [Samba] Corrent security mode settings to allow mess-windows XP behave!
On Tue, Apr 6, 2010 at 7:58 PM, Robert Heller hel...@deepsoft.com wrote: Yeah. I added 'map to guest = bad user'. The anonymous shares are working. Windows now asks for a username AND password for the protected shares, but cannot connect, claiming the share is already open under a different user (or some such nonsense). My notes for a working guest share with user security is: Global: security = user map to guest = Bad User username map = /etc/samba/smbusers -- no 'valid users =' line -- Share: guest ok = yes -- no 'valid users =' line -- ..may also want.. guest only = yes ..and if desired.. force group = nobody force user = nobody For the username map (/etc/samba/smbusers in this case): nobody = guest ..assuming nobody (a standard user in most distros I've run across) is to be your guest user For the problem you know see, suggest closing all share connections and rebooting the client. Then logon (if you're not going to centralize authentication - ie. domain controller) with credentials that match those of a samba user and try again. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] to pthread or not to pthread
Any consensus or recommendations on whether or not to compile samba with pthreads and/or enabling the pthreadpool on a modern Linux distro? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba permissions problem, winbind auth, ldap nss
Greetings list, I'm having a problem setting file permissions for users connecting to my samba file server. CentOS 5.4, samba-3.0.33-3.15.el5_4.1. I have authentication configured to use winbind, and name services configured to use LDAP. I've configured valid users in smb.conf to contain DOMAIN\username for the users I want to be able to connect. They can browse the share just fine, and they have group ownership, mode 775. What I'm confused about is that they can create a new file or directory, but they cannot delete or rename a file or directory - even one they've created. If I create a test file, give it a mode of 777, they cannot rename or delete (or edit) that file. Also - I have read only = no in smb.conf for that share. Any suggestions on what I am missing would be most appreciated. Thanks, Eddy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Fwd: Samba permissions problem, winbind auth, ldap nss
Sorry folks - false alarm. A bit of searching in the archives showed me that I needed: admin users = DOMAIN\username Fixed the problem. Carry on... -- Forwarded message -- From: Eddy Sturg tride2...@gmail.com Date: Wed, Apr 7, 2010 at 10:40 AM Subject: Samba permissions problem, winbind auth, ldap nss To: samba@lists.samba.org Greetings list, I'm having a problem setting file permissions for users connecting to my samba file server. CentOS 5.4, samba-3.0.33-3.15.el5_4.1. I have authentication configured to use winbind, and name services configured to use LDAP. I've configured valid users in smb.conf to contain DOMAIN\username for the users I want to be able to connect. They can browse the share just fine, and they have group ownership, mode 775. What I'm confused about is that they can create a new file or directory, but they cannot delete or rename a file or directory - even one they've created. If I create a test file, give it a mode of 777, they cannot rename or delete (or edit) that file. Also - I have read only = no in smb.conf for that share. Any suggestions on what I am missing would be most appreciated. Thanks, Eddy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem with `profiles`
I'm trying to move some roaming profiles from Domain A to B. All of the profiles are from XP SP3. The originating machine is Debian 5/AMD64, samba 3.4.5 from Debian packages. The destination machine is Ubuntu 9.10, but x86. From everything I've read and found online, `profiles` is supposed to work for XP with no problems. When I attempt to do a SID change on NTUSER.DAT, I get this: semirhage:~# profiles NTUSER.DAT ndr_pull_error(11): ndr_pull_relative_ptr1 rel_offset(716800) ndr- data_size(4096) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. ndr_pull_error(11): ndr_pull_relative_ptr1 rel_offset(716800) ndr- data_size(4096) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. ndr_pull_error(11): ndr_pull_relative_ptr1 rel_offset(716800) ndr- data_size(4096) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. ~~ App. 400 lines cut ~~ -data_size(36864) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. read_block: invalid block header! regfio_rootkey: corrupt registry file ? No root key record located Could not get rootkey This happens on every NTUSER.DAT that I try, on every machine. Googling and trying to fix for 2 days, at a loss. Any direction much appreciated! Thanks, Wes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] to pthread or not to pthread
On Wed, Apr 07, 2010 at 11:20:38AM -0400, Chris Smith wrote: Any consensus or recommendations on whether or not to compile samba with pthreads and/or enabling the pthreadpool on a modern Linux distro? The Samba code itself doesn't use pthreads directly, but many of the subsystems it uses (eg. ldap, aio) do. So you're almost certainly compiling with pthreads whether you want to or not :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix exts / wide links / symlinks
On Wed, Apr 07, 2010 at 09:33:30AM +0200, Volker Lendecke wrote: On Wed, Apr 07, 2010 at 08:38:50AM +0200, Stefan Götz wrote: Sorry for that, but Samba just can't afford to be called insecure by default. Absolutely - and I do very much respect the reasons for that. So Linda and I are suggesting a non-default option or option value called something like YesIWantToShootMyselfInTheFootAndWontComplainAboutItOnSlashdotSoTurnOnWideLinks instead of reverting to an insecure default. In our usage scenarios, such a shot in the foot is something quite desirable and useful. If you asked me, I would support that. insecure wide links and unix extensions = yes or so. Now you have to convince Jeremy to also accept it :-) Ok, I'm or with a wide links = insecure option, with the man page expressing the opinion that enabling it is insane :-). But I'm not spending the time to code it up (but will test and apply patches from people who do :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix exts / wide links / symlinks
Jeremy Allison had this to say: Ok, I'm or with a wide links = insecure option, with the man page expressing the opinion that enabling it is insane :-). But I'm not spending the time to code it up (but will test and apply patches from people who do :-). So then this: It is a big mistake to set the wide links Samba parameter to no in the Samba configuration file /etc/smb.conf. http://www.faqs.org/docs/securing/chap29sec287.html should be completely ignored, I guess? I'm a bit new to Samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] profil
Greetings list, I am about setting up a domain controller in a little company, so I choose samba (debian lenny) and I did it against openldap. Everything seems to be ok in the server but when I try to log in (windows client) I have a bizarre output: it said that my profile will not be saved. And after that when I try to connect to virtual machine running in the same computer, it doesn't work: just for the first one. serverd:~# smbstatus Unknown parameter encountered: domain admin group Ignoring unknown parameter domain admin group Unknown parameter encountered: domain admin group Ignoring unknown parameter domain admin group Samba version 3.2.5 PID Username Group Machine --- Service pid machine Connected at --- No locked files Here is the log.smbd : serverd:~# more /var/log/samba/log.smbd [2010/04/06 12:28:54, 1] param/loadparm.c:map_parameter(6115) Unknown parameter encountered: domain admin group [2010/04/06 12:28:54, 0] param/loadparm.c:lp_do_parameter(7201) Ignoring unknown parameter domain admin group [2010/04/07 11:31:27, 0] smbd/server.c:main(1213) smbd version 3.2.5 started. Copyright Andrew Tridgell and the Samba Team 1992-2008 [2010/04/07 11:31:27, 1] param/loadparm.c:map_parameter(6115) Unknown parameter encountered: domain admin group [2010/04/07 11:31:27, 0] param/loadparm.c:lp_do_parameter(7201) Ignoring unknown parameter domain admin group [2010/04/07 11:31:27, 1] param/loadparm.c:map_parameter(6115) Unknown parameter encountered: domain admin group [2010/04/07 11:31:27, 0] param/loadparm.c:lp_do_parameter(7201) Ignoring unknown parameter domain admin group [2010/04/07 13:48:42, 0] lib/util_sock.c:get_peer_addr_internal(1676) getpeername failed. Error was Transport endpoint is not connected [2010/04/07 13:48:42, 0] lib/util_sock.c:write_data(1136) [2010/04/07 13:48:42, 0] lib/util_sock.c:get_peer_addr_internal(1676) getpeername failed. Error was Transport endpoint is not connected write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer [2010/04/07 13:48:42, 0] smbd/process.c:srv_send_smb(74) Error writing 4 bytes to client. -1. (Transport endpoint is not connected) [2010/04/07 13:52:23, 0] lib/util_sock.c:read_socket_with_timeout(939) [2010/04/07 13:52:23, 0] lib/util_sock.c:get_peer_addr_internal(1676) getpeername failed. Error was Transport endpoint is not connected read_socket_with_timeout: client 0.0.0.0 read error = Connection reset by peer. [2010/04/07 13:52:23, 1] smbd/service.c:make_connection_snum(1198) bulldog (:::192.168.2.201) connect to service netlogon initially as user fleur (ui d=1013, gid=513) (pid 3262) [2010/04/07 13:52:35, 1] smbd/service.c:close_cnum(1409) bulldog (:::192.168.2.201) closed connection to service netlogon [2010/04/07 13:54:43, 0] lib/util_sock.c:read_socket_with_timeout(939) [2010/04/07 13:54:43, 0] lib/util_sock.c:get_peer_addr_internal(1676) getpeername failed. Error was Transport endpoint is not connected read_socket_with_timeout: client 0.0.0.0 read error = Connection reset by peer. [2010/04/07 13:57:48, 1] smbd/service.c:make_connection_snum(1198) bulldog (:::192.168.2.201) connect to service netlogon initially as user karimzik (uid=1006, gid=513) (pid 3272) [2010/04/07 13:57:59, 1] smbd/service.c:close_cnum(1409) bulldog (:::192.168.2.201) closed connection to service netlogon [2010/04/07 14:02:21, 1] smbd/service.c:make_connection_snum(1198) bulldog (:::192.168.2.201) connect to service netlogon initially as user root (uid=0, gid=0) (pid 3287) [2010/04/07 14:02:24, 1] smbd/service.c:close_cnum(1409) bulldog (:::192.168.2.201) closed connection to service netlogon [2010/04/07 14:05:15, 1] smbd/service.c:make_connection_snum(1198) bulldog (:::192.168.2.201) connect to service netlogon initially as user kkigor14 (uid=1001, gid=513) (pid 3296) [2010/04/07 14:05:27, 1] smbd/service.c:close_cnum(1409) bulldog (:::192.168.2.201) closed connection to service netlogon [2010/04/07 14:06:32, 1] param/loadparm.c:map_parameter(6115) Unknown parameter encountered: domain admin group [2010/04/07 14:06:32, 0] param/loadparm.c:lp_do_parameter(7201) Ignoring unknown parameter domain admin group [2010/04/07 14:07:06, 1] param/loadparm.c:map_parameter(6115) Unknown parameter encountered: domain admin group [2010/04/07 14:07:06, 0] param/loadparm.c:lp_do_parameter(7201) Ignoring unknown parameter domain admin group [2010/04/07 14:07:06, 1] param/loadparm.c:map_parameter(6115) Unknown parameter encountered: domain admin
Re: [Samba] to pthread or not to pthread
On Wed, Apr 7, 2010 at 1:55 PM, Jeremy Allison j...@samba.org wrote: The Samba code itself doesn't use pthreads directly, but many of the subsystems it uses (eg. ldap, aio) do. So you're almost certainly compiling with pthreads whether you want to or not :-). So then: --with-pthreads --enable-pthreadpool are recommended configure options? Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] to pthread or not to pthread
On Wed, Apr 07, 2010 at 02:35:18PM -0400, Chris Smith wrote: On Wed, Apr 7, 2010 at 1:55 PM, Jeremy Allison j...@samba.org wrote: The Samba code itself doesn't use pthreads directly, but many of the subsystems it uses (eg. ldap, aio) do. So you're almost certainly compiling with pthreads whether you want to or not :-). So then: --with-pthreads --enable-pthreadpool are recommended configure options? Wow, haven't looked at the --enable-pthreadpool code in a while :-). Yes, should work (although I don't compile with it by default, I don't think it has bit-rotted :-). As always, test before enabling by default :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with `profiles`
Just as a followup, the `profiles` binary provided by the Debian Samba 3.2.5 package work as expected. Is the 3.4.x series expecting a different registry format? Wes On Wednesday 07 April 2010 12:57:10 pm Wes Deviers wrote: I'm trying to move some roaming profiles from Domain A to B. All of the profiles are from XP SP3. The originating machine is Debian 5/AMD64, samba 3.4.5 from Debian packages. The destination machine is Ubuntu 9.10, but x86. From everything I've read and found online, `profiles` is supposed to work for XP with no problems. When I attempt to do a SID change on NTUSER.DAT, I get this: semirhage:~# profiles NTUSER.DAT ndr_pull_error(11): ndr_pull_relative_ptr1 rel_offset(716800) ndr- data_size(4096) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. ndr_pull_error(11): ndr_pull_relative_ptr1 rel_offset(716800) ndr- data_size(4096) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. ndr_pull_error(11): ndr_pull_relative_ptr1 rel_offset(716800) ndr- data_size(4096) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. ~~ App. 400 lines cut ~~ -data_size(36864) ndr_pull_security_descriptor failed: NDR_ERR_BUFSIZE prs_grow: Buffer overflow - unable to expand buffer by 36 bytes. read_block: invalid block header! regfio_rootkey: corrupt registry file ? No root key record located Could not get rootkey This happens on every NTUSER.DAT that I try, on every machine. Googling and trying to fix for 2 days, at a loss. Any direction much appreciated! Thanks, Wes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] to pthread or not to pthread
On Wed, Apr 07, 2010 at 11:45:14AM -0700, Jeremy Allison wrote: On Wed, Apr 07, 2010 at 02:35:18PM -0400, Chris Smith wrote: On Wed, Apr 7, 2010 at 1:55 PM, Jeremy Allison j...@samba.org wrote: The Samba code itself doesn't use pthreads directly, but many of the subsystems it uses (eg. ldap, aio) do. So you're almost certainly compiling with pthreads whether you want to or not :-). So then: --with-pthreads --enable-pthreadpool are recommended configure options? Wow, haven't looked at the --enable-pthreadpool code in a while :-). Yes, should work (although I don't compile with it by default, I don't think it has bit-rotted :-). Well, the pthreadpool thingy not used right now. Feel free to remove it, it's just a prototype API that wraps blocking calls into tevent based async calls. The current prototype implementation uses pthreads, but due to the performance problems Samba has with the Linux pthreads implementation, to put this to real use a clone-based implementation will have to follow as well. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] DFS/FRS
I am somewhat new to samba and have a couple of questions related to DFS/FRS. I understand that Samba supports DFS, but does it also support FRS with DFS? Does anybody have a quick howto guide on how to setup DFS with FRS? If FRS is not supported is it planned? What alternatives can I use for FRS, rsync? Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] IDMAP question
I have a Samba 3.4.0 server (from Ubuntu 9.04), as a member server in my Win2003 AD (which has MS Services for Unix 3.5 installed). All seems well, in that it is properly joined to my AD, I've got it all configured so that domain members can log into the Linux servers using their domain credentials. Here's my config: # WINBIND # idmap domains = DACRIB idmap config DACRIB: default = true idmap uid = 1-2 idmap gid = 1-2 idmap config DACRIB:schema_mode = rfc2307 2 questions: 1. I had to comment out idmap domains = DACRIB, as it said it was an unknown parameter. Isn't that the proper format to list the AD domain for idmapping? 2. If I understand it correctly, idmap config DACRIB:RID=1-2 equivalent to what I have above? Would that give me any capabilities that my default = true does not give me? (I'd have to change passdb backend = tdbsam to .. what?) smb.conf follows: [global] workgroup = DACRIB realm = DACRIB.LOCAL server string = %h server (Samba %v, Domain: %D, Server: %L -%R) security = ADS map to guest = Bad User client use spnego = true client ntlmv2 auth = yes # PAM AUTH encrypt passwords = Yes obey pam restrictions = Yes pam password change = true password server = dim-win2300.DaCrib.local passdb backend = tdbsam pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes log level = 1 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 preferred master = No domain master = No local master = No os level = 2 ; browse list = Yes dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d # WINBIND # idmap domains = DACRIB idmap config DACRIB: default = true idmap uid = 1-2 idmap gid = 1-2 idmap config DACRIB:schema_mode = rfc2307 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = No winbind nested groups = Yes winbind refresh tickets = true winbind nss info = rfc2307 winbind separator = + template homedir = /home/%D/%u template shell = /bin/bash invalid users = root create mask = 0700 directory mask = 0775 writable = Yes enable privileges = Yes restrict anonymous = 2 wide links = no [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [OldHome] comment = The Old Home Folder read only = No path = /OldHome -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] how to mount shares as a user without mount.cifs setuid
I'm running Debian/Squeeze on an AMD64 system. For some reason they have recently stopped shipping mount.cifs with the setuid bit set. Now it appears that they have changed the internal settings to prevent it from running setuid. This means that I can't define the share in fstab with user and connect from my Linux user account. Mounting smb/cifs shares seems to be blocked except for root. Presumably this has been done for security reasons. However, I can't currently do much with my network shares unless I'm root because the shares and all the files are owned by root:root. This is despite the fstab setting username=my windows account name and I get prompted for the password. That only seems to be used for connecting to the share, not for the permissions. My Debian box hasn't joined a domain - I'm just using local accounts. I mainly have the domain for some Windows boxes used by my family. How do I mount an smb/cifs share as a normal user without running mount.cifs? Or if I have to mount the share as root, how can I get reasonable access to the shares? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to mount shares as a user without mount.cifs setuid
Am 07.04.10 22:44, schrieb Gary Dale: How do I mount an smb/cifs share as a normal user without running mount.cifs? Or if I have to mount the share as root, how can I get reasonable access to the shares? Use FUSE. Regards Udo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unix exts / wide links / symlinks
On Wed, Apr 07, 2010 at 02:04:03PM -0400, Mike Leone wrote: Jeremy Allison had this to say: Ok, I'm or with a wide links = insecure option, with the man page expressing the opinion that enabling it is insane :-). But I'm not spending the time to code it up (but will test and apply patches from people who do :-). So then this: It is a big mistake to set the wide links Samba parameter to no in the Samba configuration file /etc/smb.conf. http://www.faqs.org/docs/securing/chap29sec287.html should be completely ignored, I guess? I'm a bit new to Samba Yep, out of date now I'm afraid. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] DFS/FRS
Hi! 2010/4/7 Raymond Fagnon raymond_fag...@jabil.com: What alternatives can I use for FRS, rsync? glusterfs: http://gluster.com/community/documentation/index.php/Main_Page drbd: http://www.drbd.org/ hth, norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] DFS/FRS
On Wed, Apr 07, 2010 at 02:58:20PM -0400, Raymond Fagnon wrote: I am somewhat new to samba and have a couple of questions related to DFS/FRS. I understand that Samba supports DFS, but does it also support FRS with DFS? No. Does anybody have a quick howto guide on how to setup DFS with FRS? If FRS is not supported is it planned? Not currently on the roadmap. SMB2 support is taking priority. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to mount shares as a user without mount.cifs setuid
On Wed, 07 Apr 2010 16:44:47 -0400 Gary Dale garyd...@rogers.com wrote: I'm running Debian/Squeeze on an AMD64 system. For some reason they have recently stopped shipping mount.cifs with the setuid bit set. That would be because it was horribly unsecure. Now it appears that they have changed the internal settings to prevent it from running setuid. This means that I can't define the share in fstab with user and connect from my Linux user account. Mounting smb/cifs shares seems to be blocked except for root. Yes, we added a patch a while back to make it such that mount.cifs would not allow itself to run as a setuid root program unless it that check was compiled out. This was done due to a rather constant stream of security issues that were brought about when people installed mount.cifs setuid root. Since it had never been vetted for security, we really had no other choice to communicate that installing it setuid root was unsafe. Presumably this has been done for security reasons. However, I can't currently do much with my network shares unless I'm root because the shares and all the files are owned by root:root. This is despite the fstab setting username=my windows account name and I get prompted for the password. That only seems to be used for connecting to the share, not for the permissions. My Debian box hasn't joined a domain - I'm just using local accounts. I mainly have the domain for some Windows boxes used by my family. How do I mount an smb/cifs share as a normal user without running mount.cifs? Or if I have to mount the share as root, how can I get reasonable access to the shares? You need to set the uid=/gid= options when mounting. When it's run by a non-root user, /bin/mount adds these options automatically. It's also worthwhile to note that I've recently re-enabled the ability to run mount.cifs as a setuid root program in the latest cifs-utils release: http://linux-cifs.samba.org/cifs-utils/ ...you may want to switch to using that instead if you need the ability to use mount.cifs in this way. -- Jeff Layton jlay...@samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to mount shares as a user without mount.cifs setuid
Jeff Layton wrote: On Wed, 07 Apr 2010 16:44:47 -0400 Gary Dale garyd...@rogers.com wrote: I'm running Debian/Squeeze on an AMD64 system. For some reason they have recently stopped shipping mount.cifs with the setuid bit set. That would be because it was horribly unsecure. Now it appears that they have changed the internal settings to prevent it from running setuid. This means that I can't define the share in fstab with user and connect from my Linux user account. Mounting smb/cifs shares seems to be blocked except for root. Yes, we added a patch a while back to make it such that mount.cifs would not allow itself to run as a setuid root program unless it that check was compiled out. This was done due to a rather constant stream of security issues that were brought about when people installed mount.cifs setuid root. Since it had never been vetted for security, we really had no other choice to communicate that installing it setuid root was unsafe. Presumably this has been done for security reasons. However, I can't currently do much with my network shares unless I'm root because the shares and all the files are owned by root:root. This is despite the fstab setting username=my windows account name and I get prompted for the password. That only seems to be used for connecting to the share, not for the permissions. My Debian box hasn't joined a domain - I'm just using local accounts. I mainly have the domain for some Windows boxes used by my family. How do I mount an smb/cifs share as a normal user without running mount.cifs? Or if I have to mount the share as root, how can I get reasonable access to the shares? You need to set the uid=/gid= options when mounting. When it's run by a non-root user, /bin/mount adds these options automatically. Except that when I run mount as a non-root user, I get the error about mount.cifs not being setuid. This is generated from the user option in fstab. If I remove the user option, I am told that only root can mount the share. Thus my problem that normal users cannot mount smbfs/cifs shares. This appears to be reserved now only for root. It's also worthwhile to note that I've recently re-enabled the ability to run mount.cifs as a setuid root program in the latest cifs-utils release: http://linux-cifs.samba.org/cifs-utils/ ...you may want to switch to using that instead if you need the ability to use mount.cifs in this way. I would except that Debian/Squeeze has its own repositories that I'd prefer to stick with. Hopefully they'll catch up shortly. While the ability to run mount.cifs setuid again is appreciated, how does that fit in with the horribly unsecure reasoning that led to it being removed? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to mount shares as a user without mount.cifs setuid
On Wed, Apr 7, 2010 at 9:39 PM, Jeff Layton jlay...@samba.org wrote: Yes, we added a patch a while back to make it such that mount.cifs would not allow itself to run as a setuid root program unless it that check was compiled out. This was done due to a rather constant stream of security issues that were brought about when people installed mount.cifs setuid root. Since it had never been vetted for security, we really had no other choice to communicate that installing it setuid root was unsafe. Not the place for it so the inquiry is only rhetorical. How can you equate adding a patch preventing a sysadmin from using an app as designed to communicating? Communication is one thing, handcuffs are another. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to mount shares as a user without mount.cifs setuid
Quoting Jeff Layton (jlay...@samba.org): It's also worthwhile to note that I've recently re-enabled the ability to run mount.cifs as a setuid root program in the latest cifs-utils release: http://linux-cifs.samba.org/cifs-utils/ ...you may want to switch to using that instead if you need the ability to use mount.cifs in this way. cifs-utils 4.2 has yet to be packaged for Debian (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576314). Will we decide to re-enable setuid? We already have a bug report asking for this..:-) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576713 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Wed Apr 7 06:00:01 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-04-06 00:00:03.0 -0600 +++ /home/build/master/cache/broken_results.txt 2010-04-07 00:00:12.0 -0600 @@ -1,4 +1,4 @@ -Build status as of Tue Apr 6 06:00:02 2010 +Build status as of Wed Apr 7 06:00:01 2010 Build counts: Tree Total Broken Panic @@ -12,11 +12,11 @@ rsync29 10 0 samba-docs 0 0 0 samba-web0 0 0 -samba_3_current 27 21 0 -samba_3_master 27 27 1 +samba_3_current 27 26 2 +samba_3_master 27 27 2 samba_3_next 27 25 3 -samba_4_0_test 29 28 0 -samba_4_0_waf 27 26 1 +samba_4_0_test 29 29 0 +samba_4_0_waf 27 27 1 talloc 29 10 0 tdb 27 17 0
[SCM] Samba Shared Repository - annotated tag release-3-5-2 created
The annotated tag, release-3-5-2 has been created at 27eae9ba581aa583ce4c9c335f38b33cb616be83 (tag) tagging a5e9217d5ca9eb7697e5fa855572bb49f0e644ac (commit) replaces release-3-5-1 tagged by Karolin Seeger on Wed Apr 7 09:48:23 2010 +0200 - Log - tag release-3-5-2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.12 (GNU/Linux) iD8DBQBLvDjebzORW2Vot+oRAtYrAJwNHeqAm/8YDho7Qv6wslSwfAl5GgCeN/Pa tm59d0epkUseWmL73/zcyFw= =v9Te -END PGP SIGNATURE- Andrew Tridgell (4): s3-events: make the old timed events compatible with tevent s3-brlock: add a minimim retry time for pending blocking locks s3-brlock: we don't need these MSG_SMB_UNLOCK calls now s3-smbd: add a rate limited cleanup of brl, connections and locking db Björn Jacke (1): s3:vfs_aixacl2: add missing semicolon Bo Yang (1): s3: signals are processed twice in child. Günther Deschner (24): spoolss: rollback SetPrinterData{Ex} IDL. s3-spoolss: fix _spoolss_SetPrinterData{Ex} after IDL change. s3-net: fix net after spoolss_SetPrinterData{Ex} IDL change. s3-rpcclient: fix rpcclient after spoolss_SetPrinterData{Ex} IDL change. spoolss: rollback GetPrinterData[Ex] IDL. s3-spoolss: fix _spoolss_GetPrinterDataEx after IDL change. s3-rpcclient: fix rpcclient after spoolss_GetPrinterData{Ex} IDL change. spoolss: fix spoolss_EnumPrinterDataEx IDL. s3-net: fix net after spoolss_EnumPrinterDataEx IDL change. s3-rpcclient: fix rpcclient after spoolss_EnumPrinterDataEx IDL change. s3-spoolss: fix _spoolss_EnumPrinterDataEx after idl s3-libads: fix get_remote_printer_publishing_data after spoolss_EnumPrinterDataEx IDL change. s3: re-run make samba3-idl. s4-spoolss: fix spoolss_GetPrinterData implementation after IDL change. s4-spoolss: fix dcesrv_spoolss_GetPrinterData build. s4-smbtorture: fix RPC-SPOOLSS-WIN after PrinterData IDL changes. s4-smbtorture: fix smbtorture after GetPrinterData{Ex} after IDL changes. s4-smbtorture: add --option=torture:spoolss_check_size=yes. s3-netlogon: Fix bug #7237: _netr_SamLogon segfaults for clients sending NULL domain. s3-spoolss: Fix value-needed calculation in_spoolss_EnumPrinterData(). winreg: fix winreg_QueryValue IDL. s3: re-run make samba3-idl. s3-winreg: add some debug statements to _winreg_QueryValue(). s3-winreg: Fix _winreg_QueryValue crash bugs and implement windows behavior. Holger Hetterich (1): s3: net_share.c: fix argc handling Jeff Layton (3): mount.cifs: take extra care that mountpoint isn't changed during mount mount.cifs: check for invalid characters in device name and mountpoint mount.cifs: don't allow it to be run as setuid root program Jeremy Allison (10): First part of fix for bug #7159 - client rpc_transport doesn't cope with bad server data returns. Second part of fix for bug #7159 - client rpc_transport doesn't cope with bad server data returns. Fix bug #7234 - Symlink delete fails but incorrectly reports success to client. s3-printing: Fix printer admin functionality. Fix bug 7075 - bug in vfs_scannedonly rmdir implementation. Fix bug 7297 - smbd crashes with CUPS printers and no [printers] share defined. Fix bug #7283 - vfs_acl_tdb does not work as expected. Fix bug 7307 - man net usershare mistake Fix warning messages on compile in g_lock.c Volker Michael please check. Fix bug 7310 - DOS attribute inconsistency with MS Office Kai Blin (1): s3 ntlm_auth: Don't malloc data that will be talloc_free()d Karolin Seeger (5): VERSION: Raise version number up to 3.5.2. WHATSNEW: Start release notes for Samba 3.5.2. WHATSNEW: Prepare release notes for Samba 3.5.2. WHATSNEW: Update changes since 3.5.1. WHATSNEW: Update changes since 3.5.1. Michael Adam (20): s3:build: Fix automatic building of vfs_tsmsm if gpfs and dmapi are present. s3:release-scripts: fix create-tarball to treat vendor patch level correctly s3:dbwrap_ctdb: start rewrite of transactions using the global lock (g_lock) build: Add a configure check for CTDB_CONTROL_TRANS3_COMMIT. s3:dbwrap_ctdb: update (C) s3:dbwrap_ctdb: change db_ctdb_transaction_store() to return NTSTATUS. s3:dbwrap_ctdb: maintain a database sequence number that bumps in transactions s3:build: remove checks for deprecated ctdb controls. s3:dbwrap_ctdb: fix db_ctdb_fetch_db_seqnum_from_db() when NT_STATUS_NOT_FOUND. s3:dbwrap_ctdb: fix two may be used uninitialized warnings s3:dbwrap_ctdb: fix an uninitialized variable. s3:dbwrap_ctdb: fix logic error in pull_newest_from_marshall_buffer(). s3:dbwrap_ctdb: fix brown paperbag bug in ctdb_transaction_commit. s3:dbwrap_ctdb: exit early
svn commit: samba-web r1415 - in trunk: . devel history
Author: kseeger Date: 2010-04-07 02:19:17 -0600 (Wed, 07 Apr 2010) New Revision: 1415 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1415 Log: Announce Samba 3.5.2 Karolin Added: trunk/history/samba-3.5.2.html Modified: trunk/devel/index.html trunk/header_columns.html trunk/history/header_history.html trunk/index.html Changeset: Modified: trunk/devel/index.html === --- trunk/devel/index.html 2010-03-27 15:44:25 UTC (rev 1414) +++ trunk/devel/index.html 2010-04-07 08:19:17 UTC (rev 1415) @@ -20,8 +20,8 @@ 3.0.x and 2.2.x versions of Samba, which are no longer in active development. /p -pThe latest production release is emSamba 3.5.1/em (a -href=/samba/history/samba-3.5.1.htmlrelease notes/a and a +pThe latest production release is emSamba 3.5.2/em (a +href=/samba/history/samba-3.5.2.htmlrelease notes/a and a href=/samba/download/download/a)./p pWith the release of Samba 3.5.0, the 3.4 series has been turned into Modified: trunk/header_columns.html === --- trunk/header_columns.html 2010-03-27 15:44:25 UTC (rev 1414) +++ trunk/header_columns.html 2010-04-07 08:19:17 UTC (rev 1415) @@ -120,9 +120,9 @@ div class=releases h4Current Stable Release/h4 ul -lia href=/samba/ftp/stable/samba-3.5.1.tar.gzSamba 3.5.1 (gzipped)/a/li -lia href=/samba/history/samba-3.5.1.htmlRelease Notes/a/li -lia href=/samba/ftp/stable/samba-3.5.1.tar.ascSignature/a/li +lia href=/samba/ftp/stable/samba-3.5.2.tar.gzSamba 3.5.2 (gzipped)/a/li +lia href=/samba/history/samba-3.5.2.htmlRelease Notes/a/li +lia href=/samba/ftp/stable/samba-3.5.2.tar.ascSignature/a/li /ul h4Historical/h4 Modified: trunk/history/header_history.html === --- trunk/history/header_history.html 2010-03-27 15:44:25 UTC (rev 1414) +++ trunk/history/header_history.html 2010-04-07 08:19:17 UTC (rev 1415) @@ -77,6 +77,7 @@ div class=notes h6Release Notes/h6 ul +lia href=samba-3.5.2.htmlsamba-3.5.2/a/li lia href=samba-3.5.1.htmlsamba-3.5.1/a/li lia href=samba-3.5.0.htmlsamba-3.5.0/a/li lia href=samba-3.4.7.htmlsamba-3.4.7/a/li Added: trunk/history/samba-3.5.2.html === --- trunk/history/samba-3.5.2.html (rev 0) +++ trunk/history/samba-3.5.2.html 2010-04-07 08:19:17 UTC (rev 1415) @@ -0,0 +1,124 @@ +!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN +http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd; +html xmlns=http://www.w3.org/1999/xhtml; + +head +titleSamba - Release Notes Archive/title +/head + +body + + H2Samba 3.5.2 Available for Download/H2 + +p +pre + = + Release Notes for Samba 3.5.2 + April 7, 2010 + = + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.2 include: + + o Fix smbd segfaults in _netr_SamLogon for clients sending null domain +(bug #7237). + o Fix smbd segfaults in waiting for connections message (bug #7251). + o Fix an uninitialized variable read in smbd (bug #7254). + o Fix a memleak in Winbind (bug #7278). + o Fix Winbind reconnection to it's own domain (bug #7295). + + +Changes since 3.5.1 +--- + + +o Michael Adam lt;ob...@samba.orggt; +* BUG 7231: Fix automatic building of vfs_tsmsm if gpfs and dmapi are + present. +* BUG 7232: Fix race conditions in CTDB persistent transactions. +* BUG 7313: Make 'net conf addshare' atomic. +* BUG 7314: Eliminate race condition in creating/scanning sorted subkeys in + the registry backend. + + +o Jeremy Allison lt;j...@samba.orggt; +* BUG 7075: Fix bug in vfs_scannedonly rmdir implementation. +* BUG 7159: Fix handling of bad server data returns in client rpc_transport. +* BUG 7234: Symlink delete fails but incorrectly reports success to client. +* BUG 7255: Fix printer admin functionality. +* BUG 7283: Fix smbd segfault if using vfs_acl_tdb. +* BUG 7297: Fix smbd crashes with CUPS printers and no [printers] share defined. +* BUG 7310: Fix DOS attribute inconsistency with MS Office. + + +o Kai Blin lt;k...@samba.orggt; +* BUG 7290: Fix core dump in 'ntlm_auth' with gss-spnego helper. + + +o Guuml;nther Deschner lt;g...@samba.orggt; +* BUG 6727: Fix several printing issues. +* BUG 7237: Fix smbd segfaults in _netr_SamLogon for clients sending + null domain. +* BUG 7256: Fix value-needed calculation in_spoolss_EnumPrinterData(). +* BUG 7258: Fix _winreg_QueryValue crash bugs and implement Windows + behavior. + + +o Holger Hetterich lt;hhet...@novell.comgt; +
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 827084b... WHATSNEW: Start release notes for Samba 3.5.3. via 21c2500... VERSION: Raise version number up to 3.5.3. from 05bc07c... WHATSNEW: Update changes since 3.5.1. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 827084bc317c76335f76d76970a51e67222b1fc9 Author: Karolin Seeger ksee...@samba.org Date: Wed Apr 7 10:41:07 2010 +0200 WHATSNEW: Start release notes for Samba 3.5.3. Karolin commit 21c25005c79fa957ac95514373c7aa8828f3fee1 Author: Karolin Seeger ksee...@samba.org Date: Wed Apr 7 10:39:08 2010 +0200 VERSION: Raise version number up to 3.5.3. Karolin --- Summary of changes: WHATSNEW.txt| 45 ++--- source3/VERSION |2 +- 2 files changed, 43 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index e3726f2..8d79905 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,45 @@ = + Release Notes for Samba 3.5.3 + May 19, 2010 + = + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.3 include: + + o + + +Changes since 3.5.2 +--- + + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + = Release Notes for Samba 3.5.2 April 7, 2010 = @@ -126,9 +167,7 @@ database (https://bugzilla.samba.org/). == The Samba Team == - -Release notes for older releases follow: - +-- = Release Notes for Samba 3.5.1 diff --git a/source3/VERSION b/source3/VERSION index 7e78360..638de0b 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=5 -SAMBA_VERSION_RELEASE=2 +SAMBA_VERSION_RELEASE=3 # Bug fix releases use a letter for the patch revision # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-stable updated
The branch, v3-5-stable has been updated via 4edb5b0... WHATSNEW: Start release notes for Samba 3.5.3. via d5ee522... VERSION: Raise version number up to 3.5.3. from a5e9217... WHATSNEW: Update changes since 3.5.1. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-stable - Log - commit 4edb5b0bf0158dbe16cf426729e8cd1ed23d205d Author: Karolin Seeger ksee...@samba.org Date: Wed Apr 7 10:41:07 2010 +0200 WHATSNEW: Start release notes for Samba 3.5.3. Karolin (cherry picked from commit 827084bc317c76335f76d76970a51e67222b1fc9) commit d5ee52280a103cfcc0a95ce011d48d278f718a00 Author: Karolin Seeger ksee...@samba.org Date: Wed Apr 7 10:39:08 2010 +0200 VERSION: Raise version number up to 3.5.3. Karolin (cherry picked from commit 21c25005c79fa957ac95514373c7aa8828f3fee1) --- Summary of changes: WHATSNEW.txt| 45 ++--- source3/VERSION |2 +- 2 files changed, 43 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index e3726f2..8d79905 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,45 @@ = + Release Notes for Samba 3.5.3 + May 19, 2010 + = + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.3 include: + + o + + +Changes since 3.5.2 +--- + + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + = Release Notes for Samba 3.5.2 April 7, 2010 = @@ -126,9 +167,7 @@ database (https://bugzilla.samba.org/). == The Samba Team == - -Release notes for older releases follow: - +-- = Release Notes for Samba 3.5.1 diff --git a/source3/VERSION b/source3/VERSION index 425a2c2..4c95fd3 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=5 -SAMBA_VERSION_RELEASE=2 +SAMBA_VERSION_RELEASE=3 # Bug fix releases use a letter for the patch revision # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4712940... s4-smbtorture: merge badname spoolss openprinter tests. via 8bb30ff... s4-smbtorture: avoid passing down a full test_spoolss_context to directory spoolss tests when not used. from 3d113a6... Ensure we total up the correct number of creds requested in a compound request. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4712940e7cbd0d05a30b548d23e96a4d0b741e78 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 00:39:17 2010 +0200 s4-smbtorture: merge badname spoolss openprinter tests. Guenther commit 8bb30ffcf619e4e799ba38df41f0479fb70980c9 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 00:38:02 2010 +0200 s4-smbtorture: avoid passing down a full test_spoolss_context to directory spoolss tests when not used. Guenther --- Summary of changes: source4/torture/rpc/spoolss.c | 80 ++--- 1 files changed, 51 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index c109a7a..4cc0e84 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -311,7 +311,6 @@ static bool test_EnumPorts(struct torture_context *tctx, static bool test_GetPrintProcessorDirectory(struct torture_context *tctx, struct dcerpc_pipe *p, - struct test_spoolss_context *ctx, const char *environment) { NTSTATUS status; @@ -331,10 +330,10 @@ static bool test_GetPrintProcessorDirectory(struct torture_context *tctx, .server = },{ .level = 1, - .server = talloc_asprintf(ctx, %s, dcerpc_server_name(p)) + .server = talloc_asprintf(tctx, %s, dcerpc_server_name(p)) },{ .level = 1024, - .server = talloc_asprintf(ctx, %s, dcerpc_server_name(p)) + .server = talloc_asprintf(tctx, %s, dcerpc_server_name(p)) } }; int i; @@ -353,18 +352,18 @@ static bool test_GetPrintProcessorDirectory(struct torture_context *tctx, torture_comment(tctx, Testing GetPrintProcessorDirectory level %u\n, r.in.level); - status = dcerpc_spoolss_GetPrintProcessorDirectory_r(b, ctx, r); + status = dcerpc_spoolss_GetPrintProcessorDirectory_r(b, tctx, r); torture_assert_ntstatus_ok(tctx, status, dcerpc_spoolss_GetPrintProcessorDirectory failed); torture_assert_werr_equal(tctx, r.out.result, WERR_INSUFFICIENT_BUFFER, GetPrintProcessorDirectory unexpected return code); - blob = data_blob_talloc(ctx, NULL, needed); + blob = data_blob_talloc(tctx, NULL, needed); data_blob_clear(blob); r.in.buffer = blob; r.in.offered = needed; - status = dcerpc_spoolss_GetPrintProcessorDirectory_r(b, ctx, r); + status = dcerpc_spoolss_GetPrintProcessorDirectory_r(b, tctx, r); torture_assert_ntstatus_ok(tctx, status, dcerpc_spoolss_GetPrintProcessorDirectory failed); torture_assert_werr_ok(tctx, r.out.result, GetPrintProcessorDirectory failed); @@ -378,7 +377,6 @@ static bool test_GetPrintProcessorDirectory(struct torture_context *tctx, static bool test_GetPrinterDriverDirectory(struct torture_context *tctx, struct dcerpc_pipe *p, - struct test_spoolss_context *ctx, const char *environment) { NTSTATUS status; @@ -398,10 +396,10 @@ static bool test_GetPrinterDriverDirectory(struct torture_context *tctx, .server = },{ .level = 1, - .server = talloc_asprintf(ctx, %s, dcerpc_server_name(p)) + .server = talloc_asprintf(tctx, %s, dcerpc_server_name(p)) },{ .level = 1024, - .server = talloc_asprintf(ctx, %s, dcerpc_server_name(p)) + .server = talloc_asprintf(tctx, %s, dcerpc_server_name(p)) } }; int i; @@ -420,18 +418,18 @@ static bool test_GetPrinterDriverDirectory(struct torture_context *tctx, torture_comment(tctx, Testing GetPrinterDriverDirectory level %u\n, r.in.level); - status =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3fdebc0... s3: add comment about what the FSCTL_QUERY_ALLOCATED_RANGES currently does from 4712940... s4-smbtorture: merge badname spoolss openprinter tests. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3fdebc06465cd6493617c2b129759e08200097f7 Author: Björn Jacke b...@sernet.de Date: Wed Apr 7 12:21:07 2010 +0200 s3: add comment about what the FSCTL_QUERY_ALLOCATED_RANGES currently does --- Summary of changes: source3/smbd/nttrans.c |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 46edc06..a03a0b1 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -2217,6 +2217,12 @@ static void call_nt_transact_ioctl(connection_struct *conn, } case FSCTL_QUERY_ALLOCATED_RANGES: { + /* FIXME: This is just a dummy reply, telling that all of the +* file is allocated. MKS cp needs that. +* Adding the real allocated ranges via FIEMAP on Linux +* and SEEK_DATA/SEEK_HOLE on Solaris is needed to make +* this FSCTL correct for sparse files. +*/ NTSTATUS status; uint64_t offset, length; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 95b9c48... s3-rpcclient: allow to define server_unc in cmd_srvsvc_srv_query_info(). via f63c345... s4-smbtorture: test all types and also use a wellknown builtin form name in RPC-SPOOLSS. from 3fdebc0... s3: add comment about what the FSCTL_QUERY_ALLOCATED_RANGES currently does http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 95b9c48ef1fbe6c1566a86cadf3295b6c7e28319 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 14:38:31 2010 +0200 s3-rpcclient: allow to define server_unc in cmd_srvsvc_srv_query_info(). Guenther commit f63c345bbd2b069c1f946529d559e8c6dbd7f2bc Author: Günther Deschner g...@samba.org Date: Wed Apr 7 14:37:30 2010 +0200 s4-smbtorture: test all types and also use a wellknown builtin form name in RPC-SPOOLSS. Guenther --- Summary of changes: source3/rpcclient/cmd_srvsvc.c | 14 +++- source4/torture/rpc/spoolss.c | 171 ++-- 2 files changed, 138 insertions(+), 47 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpcclient/cmd_srvsvc.c b/source3/rpcclient/cmd_srvsvc.c index 866b681..890151e 100644 --- a/source3/rpcclient/cmd_srvsvc.c +++ b/source3/rpcclient/cmd_srvsvc.c @@ -173,17 +173,23 @@ static WERROR cmd_srvsvc_srv_query_info(struct rpc_pipe_client *cli, union srvsvc_NetSrvInfo info; WERROR result; NTSTATUS status; + const char *server_unc = cli-srv_name_slash; - if (argc 2) { - printf(Usage: %s [infolevel]\n, argv[0]); + if (argc 3) { + printf(Usage: %s [infolevel] [server_unc]\n, argv[0]); return WERR_OK; } - if (argc == 2) + if (argc = 2) { info_level = atoi(argv[1]); + } + + if (argc = 3) { + server_unc = argv[2]; + } status = rpccli_srvsvc_NetSrvGetInfo(cli, mem_ctx, -cli-srv_name_slash, +server_unc, info_level, info, result); diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index 4cc0e84..d4970c1 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -2386,7 +2386,8 @@ static bool test_EnumForms_find_one(struct torture_context *tctx, static bool test_DeleteForm(struct torture_context *tctx, struct dcerpc_binding_handle *b, struct policy_handle *handle, - const char *form_name) + const char *form_name, + WERROR expected_result) { struct spoolss_DeleteForm r; @@ -2398,13 +2399,15 @@ static bool test_DeleteForm(struct torture_context *tctx, torture_assert_ntstatus_ok(tctx, dcerpc_spoolss_DeleteForm_r(b, tctx, r), DeleteForm failed); - torture_assert_werr_ok(tctx, r.out.result, - DeleteForm failed); - torture_assert_ntstatus_ok(tctx, - dcerpc_spoolss_DeleteForm_r(b, tctx, r), - 2nd DeleteForm failed); - torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_FORM_NAME, - 2nd DeleteForm failed); + torture_assert_werr_equal(tctx, r.out.result, expected_result, + DeleteForm gave unexpected result); + if (W_ERROR_IS_OK(r.out.result)) { + torture_assert_ntstatus_ok(tctx, + dcerpc_spoolss_DeleteForm_r(b, tctx, r), + 2nd DeleteForm failed); + torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_FORM_NAME, + 2nd DeleteForm failed); + } return true; } @@ -2413,7 +2416,8 @@ static bool test_AddForm(struct torture_context *tctx, struct dcerpc_binding_handle *b, struct policy_handle *handle, uint32_t level, -union spoolss_AddFormInfo *info) +union spoolss_AddFormInfo *info, +WERROR expected_result) { struct spoolss_AddForm r; @@ -2425,19 +2429,14 @@ static bool test_AddForm(struct torture_context *tctx, r.in.level = level; r.in.info = *info; - torture_comment(tctx, Testing AddForm(%s) level %d\n, - r.in.info.info1-form_name, r.in.level); + torture_comment(tctx, Testing AddForm(%s) level %d, type %d\n, + r.in.info.info1-form_name, r.in.level, + r.in.info.info1-flags);
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 345fcf5... s4-smbtorture: test for invalid form flags in RPC-SPOOLSS. from 95b9c48... s3-rpcclient: allow to define server_unc in cmd_srvsvc_srv_query_info(). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 345fcf58751c49a4832476561855f7deeba3f7b3 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 14:56:07 2010 +0200 s4-smbtorture: test for invalid form flags in RPC-SPOOLSS. Guenther --- Summary of changes: source4/torture/rpc/spoolss.c | 26 +- 1 files changed, 21 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index d4970c1..b86a9ce 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -2440,8 +2440,13 @@ static bool test_AddForm(struct torture_context *tctx, torture_assert_ntstatus_ok(tctx, dcerpc_spoolss_AddForm_r(b, tctx, r), 2nd AddForm failed); - torture_assert_werr_equal(tctx, r.out.result, WERR_FILE_EXISTS, - 2nd AddForm gave unexpected result); + if (W_ERROR_EQUAL(expected_result, WERR_INVALID_PARAM)) { + torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM, + 2nd AddForm gave unexpected result); + } else { + torture_assert_werr_equal(tctx, r.out.result, WERR_FILE_EXISTS, + 2nd AddForm gave unexpected result); + } return true; } @@ -2563,9 +2568,11 @@ static bool test_Forms_args(struct torture_context *tctx, torture_assert_int_equal(tctx, info.info1.size.width, add_info.info1-size.width, width mismatch); } - torture_assert(tctx, - test_EnumForms_find_one(tctx, b, handle, print_server, form_name), - Newly added form not found in enum call); + if (!W_ERROR_EQUAL(expected_add_result, WERR_INVALID_PARAM)) { + torture_assert(tctx, + test_EnumForms_find_one(tctx, b, handle, print_server, form_name), + Newly added form not found in enum call); + } torture_assert(tctx, test_DeleteForm(tctx, b, handle, form_name, expected_delete_result), @@ -2651,7 +2658,16 @@ static bool test_Forms(struct torture_context *tctx, .info1.area = area, .expected_add_result= WERR_FILE_EXISTS, .expected_delete_result = WERR_INVALID_PARAM + }, + { + .info1.flags= 12345, + .info1.form_name= invalid_flags, + .info1.size = size, + .info1.area = area, + .expected_add_result= WERR_INVALID_PARAM, + .expected_delete_result = WERR_INVALID_FORM_NAME } + }; for (i=0; i ARRAY_SIZE(forms); i++) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1ac654d... s4:WHATSNEW4.txt - further updates and corrections via acfd025... s4:pyregistry.c - fix indentation via fa4d91e... s4:provision - add a comment which explains why paths.dns_keytab is stored without path reference from 345fcf5... s4-smbtorture: test for invalid form flags in RPC-SPOOLSS. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1ac654d108ebeede3ff78ddb30f19e1f4d516063 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Apr 7 15:02:23 2010 +0200 s4:WHATSNEW4.txt - further updates and corrections Some are inspired by ekacnet. commit acfd02574b1d8de11beb11609020f075083aa019 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Apr 7 14:33:09 2010 +0200 s4:pyregistry.c - fix indentation commit fa4d91e1e0cc4a5383d735089b40f28e384fbd5d Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Apr 7 14:20:18 2010 +0200 s4:provision - add a comment which explains why paths.dns_keytab is stored without path reference --- Summary of changes: WHATSNEW4.txt | 29 +- source4/lib/registry/pyregistry.c | 35 ++- source4/scripting/python/samba/provision.py |3 ++ 3 files changed, 38 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW4.txt b/WHATSNEW4.txt index 7176abe..fe5274d 100644 --- a/WHATSNEW4.txt +++ b/WHATSNEW4.txt @@ -73,11 +73,16 @@ http://wiki.samba.org/index.php/Samba4_DRS_TODO_List Beside this the release includes: +* a new build system based on WAF +Andrew Tridgell (tridge) invested much time to bring this up. He achieved a +marvellous work which brings us faster building, easier management and smaller +binaries. + * enhancements in Samba4 winbind to provide a fairly good implementation of the most important functions needed by libnss_winbind and pam_winbind -The use of this two components allows a user/group mapping for Windows accounts -on UNIX and UNIX-like systems. Therefore also these accounts can be used to -connect to services as ssh, login, Xsession and so on. +This two components allow a user/group mapping for Windows accounts on UNIX and +UNIX-like systems. Therefore also these accounts can be used to connect to +services as ssh, login, Xsession and so on. More informations available at http://wiki.samba.org/index.php/Samba4/Winbind and for winbind in general, libnss_winbind and pam_winbind in the Samba 3.X documentation. @@ -87,8 +92,10 @@ These can now also be set on the command line directly on the server. See net acl for further informations. * dynamic DNS updates -A new DNS upgrade mechanism has been introduced which works with newer bind9 -releases. +Up-to-date DNS entries are essential for Active Directory deployments. As for +the moment Samba4 isn't yet capable to interoperate with Microsofts AD DNS +server (regarding RPCs, ADs zone entries...) a kind of update script has been +developed. It also permits the update of the grant and resource lists. * registry improvements The registry code was reworked, improved and retested. This was achieved by the @@ -97,10 +104,11 @@ new torture tests written by gd and some additional testing against Windows Also some real bugs were fixed. * new Kerberos HEIMDAL release -Abartlet imported a new release with various bugfixes +Andrew Bartlett (abartlet) imported a new release with various bugfixes * DCE/RPC code unification work -Metze started his work to unify these codebases between s3 and s4 +Stefan Metzmacher (metze) started his work to unify these codebases between s3 +and s4 * And much more We always try to fix bugs and keep improving the (source) quality of our @@ -139,9 +147,6 @@ KNOWN ISSUES from Samba3 to Samba4. It's not included yet in the binary distributions since it's completely experimental! -- ACL are not set by default on shares created by the provision. - Work is underway on this subject and it should be fixed soon. - RUNNING Samba4 == @@ -153,8 +158,8 @@ DEVELOPMENT and FEEDBACK We need your help! Projects as Samba 4 live from the community feedback. If you provide expressive bug reports, some documentation snippets on the wiki or some -real patches - all is appreciated if it meets our quality criterias. Here you -can find the links: +real code patches - all is appreciated if it meets our quality criterias. Here +you can find further references: Bugs can be filed at https://bugzilla.samba.org/ but please be aware that many features are simply not expected to work at this stage. diff --git a/source4/lib/registry/pyregistry.c b/source4/lib/registry/pyregistry.c index d7295b5..b043594 100644 --- a/source4/lib/registry/pyregistry.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via eebc66c... s3-spoolss: Added a winreg_getform1 function. via c7fb84a... s3-spoolss: Added a winreg_setform1 function. via 0d46ab0... s3-spoolss: Added a winreg_deleteform1 function. via 93575d6... s3-spoolss: Added a winreg_addform1 function. via fbd3235... s3-spoolss: Added a winreg_enumforms1 function. via 20e96d9... s3-spoolss: Fixed winreg_printer_openkey to be used in a more generic way. via adfd485... s3-spoolss: Added a delete_printer_key function using the winreg pipe. via f0054d8... s3-spoolss: Added a enum_printer_key function using the winreg pipe. via 77d1b73... s3-spoolss: Added a delete_printer_dataex function using the winreg pipe. via e498338... s3-spoolss: Added a enum_printer_dataex function using the winreg pipe. via 511dba5... s3-spoolss: Added a get_printer_dataex function using the winreg pipe. via bc23545... s3-spoolss: Added a set_printer_dataex function using the winreg pipe. via 4f3893f... s3-spoolss: Added a function to open a regkey using the winreg pipe. from 1ac654d... s4:WHATSNEW4.txt - further updates and corrections http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit eebc66ce324192b38c1ceca857623c634875d379 Author: Andreas Schneider a...@samba.org Date: Thu Apr 1 12:45:58 2010 +0200 s3-spoolss: Added a winreg_getform1 function. Signed-off-by: Günther Deschner g...@samba.org commit c7fb84a58fd3597431c0bbe131e51a95eaff8a70 Author: Andreas Schneider a...@samba.org Date: Thu Apr 1 11:51:59 2010 +0200 s3-spoolss: Added a winreg_setform1 function. Signed-off-by: Günther Deschner g...@samba.org commit 0d46ab0f3eb9662d7ee3eaf8f680632486878d46 Author: Andreas Schneider a...@samba.org Date: Wed Mar 31 15:31:21 2010 +0200 s3-spoolss: Added a winreg_deleteform1 function. Signed-off-by: Günther Deschner g...@samba.org commit 93575d6d7051089b50e038a152750939130c6a72 Author: Andreas Schneider a...@samba.org Date: Wed Mar 31 13:04:04 2010 +0200 s3-spoolss: Added a winreg_addform1 function. Signed-off-by: Günther Deschner g...@samba.org commit fbd32356103e8d72dadf51e51b3119443f13ffb2 Author: Andreas Schneider a...@samba.org Date: Wed Mar 31 13:03:09 2010 +0200 s3-spoolss: Added a winreg_enumforms1 function. Signed-off-by: Günther Deschner g...@samba.org commit 20e96d92430f8f9e18351be96319c3c3758ccb77 Author: Andreas Schneider a...@samba.org Date: Tue Mar 30 14:46:32 2010 +0200 s3-spoolss: Fixed winreg_printer_openkey to be used in a more generic way. Signed-off-by: Günther Deschner g...@samba.org commit adfd4854faf8b2177574d62950324d676d92fae0 Author: Andreas Schneider a...@samba.org Date: Tue Apr 6 17:01:15 2010 +0200 s3-spoolss: Added a delete_printer_key function using the winreg pipe. Signed-off-by: Günther Deschner g...@samba.org commit f0054d8361b90acc3b4d39b0c283f9d54467e61d Author: Andreas Schneider a...@redhat.com Date: Wed Mar 17 15:59:10 2010 +0100 s3-spoolss: Added a enum_printer_key function using the winreg pipe. Signed-off-by: Günther Deschner g...@samba.org commit 77d1b73a3e31f67dce28055603c34bd78e927616 Author: Andreas Schneider a...@redhat.com Date: Mon Mar 15 12:30:05 2010 +0100 s3-spoolss: Added a delete_printer_dataex function using the winreg pipe. Signed-off-by: Günther Deschner g...@samba.org commit e498338f6f29ffdcca0f3108968e04f635c797d4 Author: Andreas Schneider a...@redhat.com Date: Fri Mar 12 17:31:21 2010 +0100 s3-spoolss: Added a enum_printer_dataex function using the winreg pipe. Signed-off-by: Günther Deschner g...@samba.org commit 511dba5ae8529f8a3e661a2d9d0e6426e38fbee8 Author: Andreas Schneider a...@redhat.com Date: Mon Mar 15 12:27:51 2010 +0100 s3-spoolss: Added a get_printer_dataex function using the winreg pipe. Signed-off-by: Günther Deschner g...@samba.org commit bc235459094f01e6fbf3b544bb4848427ceae9d5 Author: Andreas Schneider a...@redhat.com Date: Mon Mar 15 12:24:59 2010 +0100 s3-spoolss: Added a set_printer_dataex function using the winreg pipe. Signed-off-by: Günther Deschner g...@samba.org commit 4f3893f8148a36d11a4fa333c323fcf6f0176b2e Author: Andreas Schneider a...@redhat.com Date: Mon Mar 15 12:24:40 2010 +0100 s3-spoolss: Added a function to open a regkey using the winreg pipe. Signed-off-by: Günther Deschner g...@samba.org --- Summary of changes: source3/Makefile.in |1 + source3/rpc_server/srv_spoolss_util.c | 1768 + source3/rpc_server/srv_spoolss_util.h | 257 + 3 files changed, 2026 insertions(+), 0 deletions(-) create mode 100644
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c76bd65... s4-samdb: Allow skipping global schema. via feeedf4... s4-provision: Proper handling of exceptions, use SamDB class but skip global schema. via 21ab06f... s4-python: Move samdb_ntds_objectGUID to pydsdb. via fe4b212... urgent_replication: Use standard comments rather than docstrings. from eebc66c... s3-spoolss: Added a winreg_getform1 function. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c76bd65b608bed0810013b3a447a4a30fbed98bd Author: Jelmer Vernooij jel...@samba.org Date: Wed Apr 7 12:11:12 2010 +0200 s4-samdb: Allow skipping global schema. commit feeedf49cfc2edbfdfd0e5512904ea67f2daff11 Author: Jelmer Vernooij jel...@samba.org Date: Wed Apr 7 12:10:09 2010 +0200 s4-provision: Proper handling of exceptions, use SamDB class but skip global schema. commit 21ab06f8a233b38bee750250e455416ac0bef13e Author: Jelmer Vernooij jel...@samba.org Date: Sun Apr 4 03:30:03 2010 +0200 s4-python: Move samdb_ntds_objectGUID to pydsdb. commit fe4b212eba1d7645c8be98240a2630759050197d Author: Jelmer Vernooij jel...@samba.org Date: Sun Apr 4 03:08:05 2010 +0200 urgent_replication: Use standard comments rather than docstrings. --- Summary of changes: source4/dsdb/pydsdb.c | 148 source4/lib/ldb/tests/python/urgent_replication.py | 57 source4/scripting/bin/samba_dnsupdate |6 +- source4/scripting/bin/upgradeprovision |3 +- source4/scripting/python/pyglue.c | 144 --- source4/scripting/python/samba/__init__.py | 10 +- .../scripting/python/samba/netcmd/setpassword.py |2 +- source4/scripting/python/samba/provision.py| 24 ++- source4/scripting/python/samba/samdb.py| 55 ++-- 9 files changed, 247 insertions(+), 202 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c index ac9b93c..b18c127 100644 --- a/source4/dsdb/pydsdb.c +++ b/source4/dsdb/pydsdb.c @@ -21,6 +21,8 @@ #include includes.h #include dsdb/samdb/samdb.h #include lib/ldb/pyldb.h +#include libcli/security/security.h +#include librpc/ndr/libndr.h /* FIXME: These should be in a header file somewhere, once we finish moving * away from SWIG .. */ @@ -83,6 +85,138 @@ static PyObject *py_dsdb_convert_schema_to_openldap(PyObject *self, return ret; } +static PyObject *py_samdb_set_domain_sid(PyLdbObject *self, PyObject *args) +{ + PyObject *py_ldb, *py_sid; + struct ldb_context *ldb; + struct dom_sid *sid; + bool ret; + + if (!PyArg_ParseTuple(args, OO, py_ldb, py_sid)) + return NULL; + + PyErr_LDB_OR_RAISE(py_ldb, ldb); + + sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid)); + + ret = samdb_set_domain_sid(ldb, sid); + if (!ret) { + PyErr_SetString(PyExc_RuntimeError, set_domain_sid failed); + return NULL; + } + Py_RETURN_NONE; +} + +static PyObject *py_samdb_get_domain_sid(PyLdbObject *self, PyObject *args) +{ + PyObject *py_ldb; + struct ldb_context *ldb; + const struct dom_sid *sid; + PyObject *ret; + char *retstr; + + if (!PyArg_ParseTuple(args, O, py_ldb)) + return NULL; + + PyErr_LDB_OR_RAISE(py_ldb, ldb); + + sid = samdb_domain_sid(ldb); + if (!sid) { + PyErr_SetString(PyExc_RuntimeError, samdb_domain_sid failed); + return NULL; + } + retstr = dom_sid_string(NULL, sid); + ret = PyString_FromString(retstr); + talloc_free(retstr); + return ret; +} + +static PyObject *py_samdb_ntds_invocation_id(PyObject *self, PyObject *args) +{ + PyObject *py_ldb, *result; + struct ldb_context *ldb; + TALLOC_CTX *mem_ctx; + const struct GUID *guid; + + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); + return NULL; + } + + if (!PyArg_ParseTuple(args, O, py_ldb)) { + talloc_free(mem_ctx); + return NULL; + } + + PyErr_LDB_OR_RAISE(py_ldb, ldb); + + guid = samdb_ntds_invocation_id(ldb); + if (guid == NULL) { + PyErr_SetString(PyExc_RuntimeError, + Failed to find NTDS invocation ID); + talloc_free(mem_ctx); + return NULL; + } + + result = PyString_FromString(GUID_string(mem_ctx, guid)); + talloc_free(mem_ctx); + return result; +} + +static PyObject *py_dsdb_set_ntds_invocation_id(PyObject *self, PyObject *args) +{ + PyObject *py_ldb,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 40172f3... Test using (-1) for tid and sessionid in compound related requests. via 556b42a... On compound requests, MS-SMB2 says clients MAY use 0x for compound tid and 0x for compound sessionid values. Cope with this. via 146c161... Don't forget to initialize *p_creds_requested. from c76bd65... s4-samdb: Allow skipping global schema. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 40172f374ba6d5a6edde2834f7f0a28a5fe49928 Author: Jeremy Allison j...@samba.org Date: Wed Apr 7 10:33:02 2010 -0700 Test using (-1) for tid and sessionid in compound related requests. Jeremy. commit 556b42a351e3584550f79d1c7ad83b44f3a5562b Author: Jeremy Allison j...@samba.org Date: Wed Apr 7 10:32:01 2010 -0700 On compound requests, MS-SMB2 says clients MAY use 0x for compound tid and 0x for compound sessionid values. Cope with this. Jeremy. commit 146c1618e44591a11afade87f67797e6f80fa813 Author: Jeremy Allison j...@samba.org Date: Wed Apr 7 10:31:43 2010 -0700 Don't forget to initialize *p_creds_requested. Jeremy. --- Summary of changes: source3/smbd/smb2_server.c |1 + source3/smbd/smb2_sesssetup.c | 20 source3/smbd/smb2_tcon.c| 19 +++ source4/torture/smb2/compound.c | 25 + 4 files changed, 65 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index 7fd3ef4..f5e3765 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -241,6 +241,7 @@ static NTSTATUS smbd_smb2_request_validate(struct smbd_smb2_request *req, int idx; bool compound_related = false; + *p_creds_requested = 0; count = req-in.vector_count; if (count 4) { diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 0df4bd6..b3ea3fa 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -338,15 +338,29 @@ static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *req, NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req) { const uint8_t *inhdr; + const uint8_t *outhdr; int i = req-current_idx; uint64_t in_session_id; void *p; struct smbd_smb2_session *session; + bool chained_fixup = false; inhdr = (const uint8_t *)req-in.vector[i+0].iov_base; in_session_id = BVAL(inhdr, SMB2_HDR_SESSION_ID); + if (i 2 in_session_id == (0xLL)) { + /* +* Chained request - fill in session_id from +* the previous request out.vector[].iov_base. +* We can't modify the inhdr here as we have +* yet to check signing. +*/ + outhdr = (const uint8_t *)req-out.vector[i-3].iov_base; + in_session_id = BVAL(outhdr, SMB2_HDR_SESSION_ID); + chained_fixup = true; + } + /* lookup an existing session */ p = idr_find(req-sconn-smb2.sessions.idtree, in_session_id); if (p == NULL) { @@ -363,6 +377,12 @@ NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req) pdb_get_domain(session-server_info-sam_account)); req-session = session; + + if (chained_fixup) { + /* Fix up our own outhdr. */ + outhdr = (const uint8_t *)req-out.vector[i].iov_base; + SBVAL(outhdr, SMB2_HDR_SESSION_ID, in_session_id); + } return NT_STATUS_OK; } diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c index bd33007..3eb9da2 100644 --- a/source3/smbd/smb2_tcon.c +++ b/source3/smbd/smb2_tcon.c @@ -220,15 +220,27 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, NTSTATUS smbd_smb2_request_check_tcon(struct smbd_smb2_request *req) { const uint8_t *inhdr; + const uint8_t *outhdr; int i = req-current_idx; uint32_t in_tid; void *p; struct smbd_smb2_tcon *tcon; + bool chained_fixup = false; inhdr = (const uint8_t *)req-in.vector[i+0].iov_base; in_tid = IVAL(inhdr, SMB2_HDR_TID); + if (i 2 in_tid == (0x)) { + /* +* Chained request - fill in tid from +* the previous request out.vector[].iov_base. +*/ +outhdr = (const uint8_t *)req-out.vector[i-3].iov_base; +in_tid = IVAL(outhdr, SMB2_HDR_TID); +chained_fixup = true; +} + /* lookup an existing session */ p =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8ae956d... s4:winbind/wb_server.c - fix indentation from 40172f3... Test using (-1) for tid and sessionid in compound related requests. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8ae956d7ba23b10e8fe17facc19f44d0ab167762 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Apr 7 18:54:42 2010 +0200 s4:winbind/wb_server.c - fix indentation --- Summary of changes: source4/winbind/wb_server.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/winbind/wb_server.c b/source4/winbind/wb_server.c index 11f0bf0..4b31997 100644 --- a/source4/winbind/wb_server.c +++ b/source4/winbind/wb_server.c @@ -306,8 +306,8 @@ static void winbind_task_init(struct task_server *task) listen_socket-socket_path = service-priv_socket_path = talloc_asprintf(listen_socket, %s/%s, - lp_winbindd_privileged_socket_directory(task-lp_ctx), - WINBINDD_SAMBA3_SOCKET); + lp_winbindd_privileged_socket_directory(task-lp_ctx), + WINBINDD_SAMBA3_SOCKET); if (!listen_socket-socket_path) goto nomem; if (!listen_socket-socket_path) goto nomem; listen_socket-service = service; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 79fccc4... s4:registry - regf backend - fix it up regarding REG_DWORD/REG_DWORD_BIG_ENDIAN_VALUES from 8ae956d... s4:winbind/wb_server.c - fix indentation http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 79fccc45bc3acac5d9b15a3585e2526a3b1876f2 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Apr 7 20:14:46 2010 +0200 s4:registry - regf backend - fix it up regarding REG_DWORD/REG_DWORD_BIG_ENDIAN_VALUES This is needed to make it platform independently work (also on big endian platforms as little endian). Also add a size check before storing a DWORD. --- Summary of changes: source4/lib/registry/regf.c | 10 ++ 1 files changed, 6 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/registry/regf.c b/source4/lib/registry/regf.c index 5825ac1..615389e 100644 --- a/source4/lib/registry/regf.c +++ b/source4/lib/registry/regf.c @@ -550,10 +550,11 @@ static WERROR regf_get_value(TALLOC_CTX *ctx, struct hive_key *key, *data_type = vk-data_type; if (vk-data_length 0x8000) { - vk-data_length =~0x8000; - data-data = (uint8_t *)talloc_memdup(ctx, (uint8_t *)vk-data_offset, vk-data_length); + /* this is data of type REG_DWORD or REG_DWORD_BIG_ENDIAN */ + data-data = talloc_size(ctx, sizeof(uint32_t)); W_ERROR_HAVE_NO_MEMORY(data-data); - data-length = vk-data_length; + SIVAL(data-data, 0, vk-data_offset); + data-length = sizeof(uint32_t); } else { *data = hbin_get(regf, vk-data_offset); } @@ -1821,7 +1822,8 @@ static WERROR regf_set_value(struct hive_key *key, const char *name, /* Set the type and data */ vk.data_length = data.length; vk.data_type = type; - if (type == REG_DWORD) { + if ((data.length == sizeof(uint32_t)) + ((type == REG_DWORD) || (type == REG_DWORD_BIG_ENDIAN))) { vk.data_length |= 0x8000; vk.data_offset = IVAL(data.data, 0); } else { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via baf81a0... LDB:python bindings - also empty LDB message elements should have a python representation from 79fccc4... s4:registry - regf backend - fix it up regarding REG_DWORD/REG_DWORD_BIG_ENDIAN_VALUES http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit baf81a0e08099dc863a014eb6e03b6e877ae8b93 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Apr 7 20:40:06 2010 +0200 LDB:python bindings - also empty LDB message elements should have a python representation Bug found by ekacnet (see technical mailing list). --- Summary of changes: source4/lib/ldb/pyldb.c |9 ++--- 1 files changed, 6 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c index 4ff56b4..737d3fb 100644 --- a/source4/lib/ldb/pyldb.c +++ b/source4/lib/ldb/pyldb.c @@ -1827,9 +1827,12 @@ static PyObject *py_ldb_msg_element_repr(PyLdbMessageElementObject *self) element_str = talloc_asprintf_append(element_str, ,%s, PyObject_REPR(o)); } - ret = PyString_FromFormat(MessageElement([%s]), element_str); - - talloc_free(element_str); + if (element_str != NULL) { + ret = PyString_FromFormat(MessageElement([%s]), element_str); + talloc_free(element_str); + } else { + ret = PyString_FromString(MessageElement([])); + } return ret; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2cf3585... selftest: Display minutes and hours for duration. from baf81a0... LDB:python bindings - also empty LDB message elements should have a python representation http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2cf3585e52807eedfe80bffcd56fd6df4eec467b Author: Jelmer Vernooij jel...@samba.org Date: Wed Apr 7 17:54:57 2010 +0200 selftest: Display minutes and hours for duration. --- Summary of changes: selftest/format-subunit | 14 +- 1 files changed, 13 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/format-subunit b/selftest/format-subunit index 54949df..032b990 100755 --- a/selftest/format-subunit +++ b/selftest/format-subunit @@ -15,6 +15,18 @@ sys.path.insert(0, os.path.join(os.path.dirname(__file__), ../lib/testtools)) import subunithelper import subunit +def format_time(t): +minutes, seconds = divmod(t, 60) +hours, minutes = divmod(minutes, 60) +ret = +if hours: +ret += %dh % hours +if minutes: +ret += %dm % minutes +ret += %ds % seconds +return ret + + class PlainFormatter(object): def __init__(self, summaryfile, verbose, immediate, statistics, @@ -62,7 +74,7 @@ class PlainFormatter(object): out = [%d % self.index if self.totalsuites is not None: out += /%d % self.totalsuites -out += in %ds % duration +out += in + format_time(duration) if self.suitesfailed: out += , %d errors % (len(self.suitesfailed),) out += ] %s % name -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7ccd680... s3: Fix bug 7327 -- Build fails while building without kerberos from 2cf3585... selftest: Display minutes and hours for duration. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7ccd68073ddc02abdd6d8fbfaefef5c42e4e8178 Author: Volker Lendecke v...@samba.org Date: Wed Apr 7 22:28:28 2010 +0200 s3: Fix bug 7327 -- Build fails while building without kerberos libsmb/clikrb5.c has a dummy implementation for the non-kerberos case --- Summary of changes: source3/include/krb5_protos.h | 11 ++- 1 files changed, 6 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/krb5_protos.h b/source3/include/krb5_protos.h index 4f8521b..b65fb17 100644 --- a/source3/include/krb5_protos.h +++ b/source3/include/krb5_protos.h @@ -88,11 +88,6 @@ krb5_error_code smb_krb5_parse_name_norealm(krb5_context context, bool smb_krb5_principal_compare_any_realm(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2); -int cli_krb5_get_ticket(const char *principal, time_t time_offset, - DATA_BLOB *ticket, DATA_BLOB *session_key_krb5, - uint32 extra_ap_opts, const char *ccname, - time_t *tgs_expire, - const char *impersonate_princ_s); krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, const char *client_string, const char *service_string, time_t *expire_time); krb5_error_code kpasswd_err_to_krb5_err(krb5_error_code res_code); krb5_error_code smb_krb5_gen_netbios_krb5_address(smb_krb5_addresses **kerb_addr); @@ -146,3 +141,9 @@ char *smb_krb5_principal_get_realm(krb5_context context, krb5_principal principal); #endif /* HAVE_KRB5 */ +int cli_krb5_get_ticket(const char *principal, time_t time_offset, + DATA_BLOB *ticket, DATA_BLOB *session_key_krb5, + uint32 extra_ap_opts, const char *ccname, + time_t *tgs_expire, + const char *impersonate_princ_s); + -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e5bb6d5... s4-waf: Fix 'waf dist' app name. via 472860c... Move configure_check_unused script to root scriptdir, as it is useful for both s3 and s4. via 36474e5... s4: Remove unused pkg-config replacement in perl. via 0473926... update-external: Support updating dnspython. from 7ccd680... s3: Fix bug 7327 -- Build fails while building without kerberos http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e5bb6d56df9b8816665fd42a04531ef19b30be17 Author: Jelmer Vernooij jel...@samba.org Date: Wed Apr 7 22:52:28 2010 +0200 s4-waf: Fix 'waf dist' app name. commit 472860c9a7485e37627900cb450dca605051e07a Author: Jelmer Vernooij jel...@samba.org Date: Wed Apr 7 22:17:34 2010 +0200 Move configure_check_unused script to root scriptdir, as it is useful for both s3 and s4. commit 36474e58676574d426f4f8a3a067be52fa78cc9f Author: Jelmer Vernooij jel...@samba.org Date: Wed Apr 7 22:15:27 2010 +0200 s4: Remove unused pkg-config replacement in perl. commit 0473926a5b448c1a0b397d079c353f8406588c0d Author: Jelmer Vernooij jel...@samba.org Date: Wed Apr 7 22:13:34 2010 +0200 update-external: Support updating dnspython. --- Summary of changes: buildtools/wafsamba/samba_dist.py |2 +- lib/update-external.sh |5 + .../script = script}/configure_check_unused.pl|0 source4/script/pkg-config | 145 4 files changed, 6 insertions(+), 146 deletions(-) rename {source4/script = script}/configure_check_unused.pl (100%) delete mode 100755 source4/script/pkg-config Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_dist.py b/buildtools/wafsamba/samba_dist.py index e01bebe..68fdf08 100644 --- a/buildtools/wafsamba/samba_dist.py +++ b/buildtools/wafsamba/samba_dist.py @@ -19,7 +19,7 @@ def add_tarfile(tar, fname, abspath): def dist(appname='',version=''): -if not isinstance(appname, str): +if not appname: # this copes with a mismatch in the calling arguments for dist() appname = Utils.g_module.APPNAME version = Utils.g_module.VERSION diff --git a/lib/update-external.sh b/lib/update-external.sh index 53748d8..fc2443b 100755 --- a/lib/update-external.sh +++ b/lib/update-external.sh @@ -13,4 +13,9 @@ echo Updating testtools... bzr export $WORKDIR/testtools lp:testtools rsync -avz --delete $WORKDIR/testtools/ $TARGETDIR/testtools/ +echo Updating dnspython... +git clone git://www.dnspython.org/dnspython.git $WORKDIR/dnspython +rm -rf $WORKDIR/dnspython/.git +rsync -avz --delete $WORKDIR/dnspython/ $TARGETDIR/dnspython/ + rm -rf $WORKDIR diff --git a/source4/script/configure_check_unused.pl b/script/configure_check_unused.pl similarity index 100% rename from source4/script/configure_check_unused.pl rename to script/configure_check_unused.pl diff --git a/source4/script/pkg-config b/source4/script/pkg-config deleted file mode 100755 index 458cac6..000 --- a/source4/script/pkg-config +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/perl -# Simple pkg-config implementation in perl -# jel...@samba.org, November 2006 - -use strict; -use Getopt::Long; - -my @dirs = split(/:/, $ENV{PKG_CONFIG_PATH}); - -my $opt_help = 0; -my $opt_libs = 0; -my $opt_cflags = 0; -my $opt_static = 0; - -my $result = GetOptions ( - 'help|h|?' = \$opt_help, - 'static' = \$opt_static, - 'libs' = \$opt_libs, - 'cflags' = \$opt_cflags - ); - -if (not $result) { - exit(1); -} - -if ($opt_help) { - print pkg-config replacement in perl\n; - print Copyright (C) 2006 Jelmer Vernooij jelm...@samba.org\n; - print \n; - print Usage: pkg-config [OPTIONS] PACKAGE...\n; - print --help Print this help message\n; - print --staticPrint flags for static libraries\n; - print --libs Print linker flags\n; - print --cflagsPrint C compiler flags\n; - print \n; - exit(0); -} - -sub find_path($) -{ - my $name = shift; - foreach my $dir (@dirs) { - if (-f $dir/$name-uninstalled.pc) { - return $dir/$name-uninstalled.pc; - } - } - foreach my $dir (@dirs) { - if (-f $dir/$name.pc ) { - return $dir/$name.pc; - } - } - die(No such package `$name'); -} - -sub ReplaceVars($$) -{ - my ($expr, $vars) = @_; - - $_ = $expr; - - while (/(.*)\${([^}]+)}(.*)/) { - $_ = $1$vars-{$2}$3; - } - - return $_; -} - -sub Parse($) -{ - my $name = shift; - my $path = find_path($name); -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 64957ce... LDB:sample_module - reintroduce accidentally removed ldb_msg_add_fmt statement from e5bb6d5... s4-waf: Fix 'waf dist' app name. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 64957ce0686761acd2a2a7ec1787898d2d8238b6 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Apr 7 23:00:42 2010 +0200 LDB:sample_module - reintroduce accidentally removed ldb_msg_add_fmt statement Obviously this is really needed by the samba4.ldb test. --- Summary of changes: source4/lib/ldb/tests/sample_module.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/tests/sample_module.c b/source4/lib/ldb/tests/sample_module.c index f48a1ee..5269b8f 100644 --- a/source4/lib/ldb/tests/sample_module.c +++ b/source4/lib/ldb/tests/sample_module.c @@ -27,6 +27,8 @@ int sample_add(struct ldb_module *mod, struct ldb_request *req) { struct ldb_control *control; + ldb_msg_add_fmt(req-op.add.message, touchedBy, sample); + /* check if there's a relax control */ control = ldb_request_get_control(req, LDB_CONTROL_RELAX_OID); if (control == NULL) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7f3116a... build: allow the waf build to work with python 3.0 and 3.1 from 64957ce... LDB:sample_module - reintroduce accidentally removed ldb_msg_add_fmt statement http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7f3116a63d7d91f4c0d26adf8fcdef0a5a957971 Author: Thomas Nagy tnagy1...@gmail.com Date: Thu Apr 8 07:45:46 2010 +1000 build: allow the waf build to work with python 3.0 and 3.1 Python 3.x is a bit fussier about print statements and indentation. Signed-off-by: Andrew Tridgell tri...@samba.org --- Summary of changes: buildtools/wafsamba/samba_autoconf.py |2 +- buildtools/wafsamba/samba_deps.py | 21 ++--- buildtools/wafsamba/samba_install.py |4 +++- buildtools/wafsamba/samba_utils.py|6 +++--- buildtools/wafsamba/wafsamba.py | 10 ++ lib/socket_wrapper/wscript|6 ++ lib/util/wscript_configure|2 +- lib/wscript_build |2 +- pidl/wscript |4 ++-- source4/dynconfig/wscript |4 ++-- source4/scripting/wscript_build |3 ++- source4/selftest/wscript |8 source4/setup/wscript_build |3 ++- source4/wscript | 10 +- 14 files changed, 44 insertions(+), 41 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py index d1b43d4..32c7463 100644 --- a/buildtools/wafsamba/samba_autoconf.py +++ b/buildtools/wafsamba/samba_autoconf.py @@ -545,7 +545,7 @@ def SAMBA_CONFIG_H(conf, path=None): testflags=True) if Options.options.pedantic: - conf.ADD_CFLAGS('-W', testflags=True) +conf.ADD_CFLAGS('-W', testflags=True) if path is None: conf.write_config_header('config.h', top=True) diff --git a/buildtools/wafsamba/samba_deps.py b/buildtools/wafsamba/samba_deps.py index 08a24db..be77d2c 100644 --- a/buildtools/wafsamba/samba_deps.py +++ b/buildtools/wafsamba/samba_deps.py @@ -96,10 +96,9 @@ def build_dependencies(self): if getattr(self, 'uselib', None): up_list = [] - for l in self.uselib: - up_list.append(l.upper()) - self.uselib = up_list - +for l in self.uselib: + up_list.append(l.upper()) +self.uselib = up_list def build_includes(self): '''This builds the right set of includes for a target. @@ -280,7 +279,7 @@ def check_orpaned_targets(bld, tgt_list): type = target_dict[t.sname] if not type in ['BINARY', 'LIBRARY', 'MODULE', 'ET', 'PYTHON']: if re.search('^PIDL_', t.sname) is None: -print Target %s of type %s is unused by any other target % (t.sname, type) +print(Target %s of type %s is unused by any other target % (t.sname, type)) def show_final_deps(bld, tgt_list): @@ -329,7 +328,7 @@ def build_direct_deps(bld, tgt_list): d = EXPAND_ALIAS(bld, d) if d == t.sname: continue if not d in targets: -print Unknown dependency %s in %s % (d, t.sname) +print(Unknown dependency %s in %s % (d, t.sname)) raise if targets[d] in [ 'EMPTY', 'DISABLED' ]: continue @@ -344,7 +343,7 @@ def build_direct_deps(bld, tgt_list): continue t2 = bld.name_to_obj(d, bld.env) if t2 is None: -print no task %s type %s % (d, targets[d]) +print(no task %s type %s % (d, targets[d])) if t2.samba_type in [ 'LIBRARY', 'MODULE' ]: t.direct_libs.add(d) elif t2.samba_type in [ 'SUBSYSTEM', 'ASN1', 'PYTHON' ]: @@ -823,7 +822,7 @@ def check_project_rules(bld): continue t = bld.name_to_obj(tgt, bld.env) if t is None: -print Target %s of type %s has no task generator % (tgt, type) +print(Target %s of type %s has no task generator % (tgt, type)) raise tgt_list.append(t) @@ -832,7 +831,7 @@ def check_project_rules(bld): if load_samba_deps(bld, tgt_list): return -print Checking project rules ... +print(Checking project rules ...) debug('deps: project rules checking started') @@ -851,7 +850,7 @@ def check_project_rules(bld): #check_orpaned_targets(bld, tgt_list) if not check_duplicate_sources(bld, tgt_list): -print Duplicate sources present - aborting +print(Duplicate sources present - aborting) sys.exit(1) show_final_deps(bld, tgt_list) @@ -861,7 +860,7 @@ def check_project_rules(bld): save_samba_deps(bld,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0ec6f29... s4-smbtorture: minor typo in SetJob test in RPC-SPOOLSS. via d9138f4... s3-spoolss: Fix an issue in _spoolss_DeleteForm. via 65c5b78... s3-spoolss: Fix some issues in _spoolss_AddForm. via 34ada1d... s3-spoolss: Fix potential memleak in _spoolss_AddForm and _spoolss_SetForm. from 7f3116a... build: allow the waf build to work with python 3.0 and 3.1 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0ec6f297eebe1062f48b9e03b7a0def8a1b5ee21 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 23:40:17 2010 +0200 s4-smbtorture: minor typo in SetJob test in RPC-SPOOLSS. Guenther commit d9138f4ccf7b5a491a922254fe3ff67c7d612703 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 23:36:48 2010 +0200 s3-spoolss: Fix an issue in _spoolss_DeleteForm. Found by torture test. Guenther commit 65c5b786ca4dcb3fda47eea24848232548caf443 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 23:36:15 2010 +0200 s3-spoolss: Fix some issues in _spoolss_AddForm. Found by torture test. Guenther commit 34ada1d540b0eedbe1dd573a47146f0309ed4875 Author: Günther Deschner g...@samba.org Date: Wed Apr 7 23:34:36 2010 +0200 s3-spoolss: Fix potential memleak in _spoolss_AddForm and _spoolss_SetForm. Guenther --- Summary of changes: source3/printing/nt_printing.c |2 +- source3/rpc_server/srv_spoolss_nt.c | 26 +++--- source4/torture/rpc/spoolss.c |2 +- 3 files changed, 25 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 5096ca0..3791c0d 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -918,7 +918,7 @@ bool delete_a_form(nt_forms_struct **list, const char *del_name, int *count, WER if (n == *count) { DEBUG(10,(delete_a_form, [%s] not found\n, del_name)); - *ret = WERR_INVALID_PARAM; + *ret = WERR_INVALID_FORM_NAME; return False; } diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index bb14c59..236f15a 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -7883,6 +7883,7 @@ WERROR _spoolss_AddForm(pipes_struct *p, int count=0; nt_forms_struct *list=NULL; Printer_entry *Printer = find_printer_index_by_hnd(p, r-in.handle); + int i; DEBUG(5,(_spoolss_AddForm\n)); @@ -7893,7 +7894,7 @@ WERROR _spoolss_AddForm(pipes_struct *p, } - /* forms can be added on printer of on the print server handle */ + /* forms can be added on printer or on the print server handle */ if ( Printer-printer_type == SPLHND_PRINTER ) { @@ -7915,7 +7916,18 @@ WERROR _spoolss_AddForm(pipes_struct *p, p-server_info-ptok, lp_printer_admin(snum))) { DEBUG(2,(_spoolss_Addform: denied by insufficient permissions.\n)); - return WERR_ACCESS_DENIED; + status = WERR_ACCESS_DENIED; + goto done; + } + + switch (form-flags) { + case SPOOLSS_FORM_USER: + case SPOOLSS_FORM_BUILTIN: + case SPOOLSS_FORM_PRINTER: + break; + default: + status = WERR_INVALID_PARAM; + goto done; } /* can't add if builtin */ @@ -7927,6 +7939,13 @@ WERROR _spoolss_AddForm(pipes_struct *p, count = get_ntforms(list); + for (i=0; i count; i++) { + if (strequal(form-form_name, list[i].name)) { + status = WERR_FILE_EXISTS; + goto done; + } + } + if(!add_a_form(list, form, count)) { status = WERR_NOMEM; goto done; @@ -8079,7 +8098,8 @@ WERROR _spoolss_SetForm(pipes_struct *p, p-server_info-ptok, lp_printer_admin(snum))) { DEBUG(2,(_spoolss_Setform: denied by insufficient permissions.\n)); - return WERR_ACCESS_DENIED; + status = WERR_ACCESS_DENIED; + goto done; } /* can't set if builtin */ diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index b86a9ce..d46780b 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -2842,7 +2842,7 @@ static bool test_SetJob(struct torture_context *tctx, switch (command) { case SPOOLSS_JOB_CONTROL_PAUSE: -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3413cf7... Start to plumb smb2 into the oplock system. Calls dummy functions for now. from 0ec6f29... s4-smbtorture: minor typo in SetJob test in RPC-SPOOLSS. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3413cf7a6bd992fa722cc9674176beb15446502b Author: Jeremy Allison j...@samba.org Date: Wed Apr 7 19:00:44 2010 -0700 Start to plumb smb2 into the oplock system. Calls dummy functions for now. Jeremy. --- Summary of changes: source3/smbd/globals.h|3 ++ source3/smbd/oplock.c | 87 + source3/smbd/process.c|6 +++ source3/smbd/smb2_break.c |9 + 4 files changed, 59 insertions(+), 46 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index 3b58cb4..f9fd71e 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -320,6 +320,9 @@ NTSTATUS smbd_smb2_request_process_getinfo(struct smbd_smb2_request *req); NTSTATUS smbd_smb2_request_process_setinfo(struct smbd_smb2_request *req); NTSTATUS smbd_smb2_request_process_break(struct smbd_smb2_request *req); +void send_smb2_break_message(files_struct *fsp, uint8_t level); +void schedule_deferred_open_smb2_message(uint16 mid); + struct smbd_smb2_request { struct smbd_smb2_request *prev, *next; diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c index f3034bd..e876e8c 100644 --- a/source3/smbd/oplock.c +++ b/source3/smbd/oplock.c @@ -214,7 +214,7 @@ bool should_notify_deferred_opens() Set up an oplock break message. / -static char *new_break_smb_message(TALLOC_CTX *mem_ctx, +static char *new_break_smb1_message(TALLOC_CTX *mem_ctx, files_struct *fsp, uint8 cmd) { char *result = TALLOC_ARRAY(mem_ctx, char, smb_size + 8*2 + 0); @@ -354,9 +354,30 @@ static void add_oplock_timeout_handler(files_struct *fsp) } } +static void send_smb1_break_message(files_struct *fsp, uint8_t level) +{ + char *break_msg = new_break_smb1_message(talloc_tos(), + fsp, + level); + if (break_msg == NULL) { + exit_server(Could not talloc break_msg\n); + } + + show_msg(break_msg); + if (!srv_send_smb(smbd_server_fd(), + break_msg, false, 0, + IS_CONN_ENCRYPTED(fsp-conn), + NULL)) { + exit_server_cleanly(send_smb1_break_message: + srv_send_smb failed.); + } + + TALLOC_FREE(break_msg); +} + void break_level2_to_none_async(files_struct *fsp) { - char *break_msg; + struct smbd_server_connection *sconn = smbd_server_conn; if (fsp-oplock_type == NO_OPLOCK) { /* We already got a break to none message and we've handled @@ -382,24 +403,14 @@ void break_level2_to_none_async(files_struct *fsp) fsp_str_dbg(fsp))); /* Now send a break to none message to our client. */ - break_msg = new_break_smb_message(NULL, fsp, OPLOCKLEVEL_NONE); - if (break_msg == NULL) { - exit_server(Could not talloc break_msg\n); - } - - show_msg(break_msg); - if (!srv_send_smb(smbd_server_fd(), - break_msg, false, 0, - IS_CONN_ENCRYPTED(fsp-conn), - NULL)) { - exit_server_cleanly(oplock_break: srv_send_smb failed.); + if (sconn-allow_smb2) { + send_smb2_break_message(fsp, OPLOCKLEVEL_NONE); + } else { + send_smb1_break_message(fsp, OPLOCKLEVEL_NONE); } - TALLOC_FREE(break_msg); - /* Async level2 request, don't send a reply, just remove the oplock. */ remove_oplock(fsp); - } /*** @@ -459,9 +470,9 @@ static void process_oplock_break_message(struct messaging_context *msg_ctx, struct server_id src, DATA_BLOB *data) { + struct smbd_server_connection *sconn = smbd_server_conn; struct share_mode_entry msg; files_struct *fsp; - char *break_msg; bool break_to_level2 = False; if (data-data == NULL) { @@ -525,27 +536,20 @@ static void process_oplock_break_message(struct messaging_context *msg_ctx, break_to_level2 = True; } - break_msg = new_break_smb_message(NULL, fsp, break_to_level2 ? - OPLOCKLEVEL_II : OPLOCKLEVEL_NONE); - if (break_msg == NULL) { -
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-59-g89d31da
The branch, 1.0.112 has been updated via 89d31da66ca3f15ed3a87851dea5422be949a2e4 (commit) from 7bbf08373eea95d8a859043cf0f9063e77c8c133 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit 89d31da66ca3f15ed3a87851dea5422be949a2e4 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu Apr 8 14:07:57 2010 +1000 In the recovery daemon, keep track of which node we have assigned public ip addresses and verify that the remote nodes have/keep a consistent view of assigned addresses. If a remote node has an inconsistent view of addresses visavi the recovery master this will trigger a full ip reallocation. --- Summary of changes: common/rb_tree.h | 12 +- include/ctdb_private.h |8 ++- server/ctdb_recoverd.c | 11 ++-- server/ctdb_takeover.c | 57 ++-- 4 files changed, 71 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/common/rb_tree.h b/common/rb_tree.h index cb7cba3..eef0bc5 100644 --- a/common/rb_tree.h +++ b/common/rb_tree.h @@ -21,17 +21,17 @@ #define TRBT_RED 0x00 #define TRBT_BLACK 0x01 -typedef struct _trbt_node_t { - struct _trbt_tree_t *tree; - struct _trbt_node_t *parent; - struct _trbt_node_t *left; - struct _trbt_node_t *right; +typedef struct trbt_node { + struct trbt_tree *tree; + struct trbt_node *parent; + struct trbt_node *left; + struct trbt_node *right; uint32_t rb_color; uint32_t key32; void *data; } trbt_node_t; -typedef struct _trbt_tree_t { +typedef struct trbt_tree { trbt_node_t *root; /* automatically free the tree when the last node has been deleted */ #define TRBT_AUTOFREE 0x0001 diff --git a/include/ctdb_private.h b/include/ctdb_private.h index f5e6de8..06985a3 100644 --- a/include/ctdb_private.h +++ b/include/ctdb_private.h @@ -439,7 +439,7 @@ struct ctdb_context { struct ctdb_call_state *pending_calls; struct ctdb_client_ip *client_ip_list; bool do_checkpublicip; - struct _trbt_tree_t *server_ids; + struct trbt_tree *server_ids; const char *event_script_dir; const char *notification_script; const char *default_public_interface; @@ -466,6 +466,9 @@ struct ctdb_context { /* mapping from pid to ctdb_client * */ struct ctdb_client_pid_list *client_pids; + + /* used in the recovery daemon to remember the ip allocation */ + struct trbt_tree *ip_tree; }; struct ctdb_db_context { @@ -1561,4 +1564,7 @@ int ctdb_update_persistent_health(struct ctdb_context *ctdb, int num_healthy_nodes); int ctdb_recheck_persistent_health(struct ctdb_context *ctdb); +int verify_remote_ip_allocation(struct ctdb_context *ctdb, + struct ctdb_all_public_ips *ips); + #endif diff --git a/server/ctdb_recoverd.c b/server/ctdb_recoverd.c index f94d43b..68f744a 100644 --- a/server/ctdb_recoverd.c +++ b/server/ctdb_recoverd.c @@ -2321,9 +2321,9 @@ static enum monitor_result verify_recmaster(struct ctdb_recoverd *rec, struct ct } -/* called to check that the allocation of public ip addresses is ok. +/* called to check that the local allocation of public ip addresses is ok. */ -static int verify_ip_allocation(struct ctdb_context *ctdb, struct ctdb_recoverd *rec, uint32_t pnn) +static int verify_local_ip_allocation(struct ctdb_context *ctdb, struct ctdb_recoverd *rec, uint32_t pnn) { TALLOC_CTX *mem_ctx = talloc_new(NULL); struct ctdb_all_public_ips *ips = NULL; @@ -2973,7 +2973,7 @@ again: */ if (ctdb-do_checkpublicip) { if (rec-ip_check_disable_ctx == NULL) { - if (verify_ip_allocation(ctdb, rec, pnn) != 0) { + if (verify_local_ip_allocation(ctdb, rec, pnn) != 0) { DEBUG(DEBUG_ERR, (__location__ Public IPs were inconsistent.\n)); } } @@ -3028,6 +3028,11 @@ again: ctdb-nodes[j]-pnn)); goto again; } + + if (verify_remote_ip_allocation(ctdb, ctdb-nodes[j]-public_ips)) { + DEBUG(DEBUG_ERR,(Node %d has inconsistent public ip allocation and needs update.\n, ctdb-nodes[j]-pnn)); + rec-need_takeover_run = true; + } } diff --git a/server/ctdb_takeover.c b/server/ctdb_takeover.c index d685de8..acc9ce3 100644 --- a/server/ctdb_takeover.c +++ b/server/ctdb_takeover.c @@ -686,14 +686,17 @@ void getips_count_callback(void *param, void *data) } struct ctdb_public_ip_list *
[SCM] CTDB repository - branch master updated - ctdb-1.0.114-15-g2a79d97
The branch, master has been updated via 2a79d976f975ec1ecbd06c210cbb5e6a93068cec (commit) via 8825a8e3936e4ddfc1482d07a63a620249f01fe7 (commit) via f3bf2ab61f8dbbc806ec23a68a87aaedd458e712 (commit) from 685be0a7e830464e01dccc744362040a75bc96b5 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit 2a79d976f975ec1ecbd06c210cbb5e6a93068cec Merge: 685be0a7e830464e01dccc744362040a75bc96b5 8825a8e3936e4ddfc1482d07a63a620249f01fe7 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu Apr 8 14:30:01 2010 +1000 Merge r...@10.1.1.27:/shared/ctdb/ctdb-git commit 8825a8e3936e4ddfc1482d07a63a620249f01fe7 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu Apr 8 14:28:52 2010 +1000 Fix a compiler warning commit f3bf2ab61f8dbbc806ec23a68a87aaedd458e712 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu Apr 8 14:07:57 2010 +1000 In the recovery daemon, keep track of which node we have assigned public ip addresses and verify that the remote nodes have/keep a consistent view of assigned addresses. If a remote node has an inconsistent view of addresses visavi the recovery master this will trigger a full ip reallocation. --- Summary of changes: client/ctdb_client.c |2 +- common/rb_tree.h | 12 +- include/ctdb_private.h |9 ++- server/ctdb_recoverd.c | 18 ++- server/ctdb_takeover.c | 57 ++-- 5 files changed, 77 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/client/ctdb_client.c b/client/ctdb_client.c index 9e5f7fc..946335c 100644 --- a/client/ctdb_client.c +++ b/client/ctdb_client.c @@ -1906,7 +1906,7 @@ int ctdb_dumpdb_record(struct ctdb_context *ctdb, TDB_DATA key, TDB_DATA data, v fprintf(f, dmaster: %u\n, h-dmaster); fprintf(f, rsn: %llu\n, (unsigned long long)h-rsn); - fprintf(f, data(%u) = \, (unsigned)data.dsize - sizeof(*h)); + fprintf(f, data(%u) = \, (unsigned)(data.dsize - sizeof(*h))); for (i=sizeof(*h);idata.dsize;i++) { if (ISASCII(data.dptr[i])) { fprintf(f, %c, data.dptr[i]); diff --git a/common/rb_tree.h b/common/rb_tree.h index cb7cba3..eef0bc5 100644 --- a/common/rb_tree.h +++ b/common/rb_tree.h @@ -21,17 +21,17 @@ #define TRBT_RED 0x00 #define TRBT_BLACK 0x01 -typedef struct _trbt_node_t { - struct _trbt_tree_t *tree; - struct _trbt_node_t *parent; - struct _trbt_node_t *left; - struct _trbt_node_t *right; +typedef struct trbt_node { + struct trbt_tree *tree; + struct trbt_node *parent; + struct trbt_node *left; + struct trbt_node *right; uint32_t rb_color; uint32_t key32; void *data; } trbt_node_t; -typedef struct _trbt_tree_t { +typedef struct trbt_tree { trbt_node_t *root; /* automatically free the tree when the last node has been deleted */ #define TRBT_AUTOFREE 0x0001 diff --git a/include/ctdb_private.h b/include/ctdb_private.h index 953552a..888b626 100644 --- a/include/ctdb_private.h +++ b/include/ctdb_private.h @@ -442,7 +442,7 @@ struct ctdb_context { struct ctdb_call_state *pending_calls; struct ctdb_client_ip *client_ip_list; bool do_checkpublicip; - struct _trbt_tree_t *server_ids; + struct trbt_tree *server_ids; const char *event_script_dir; const char *notification_script; const char *default_public_interface; @@ -469,6 +469,9 @@ struct ctdb_context { /* mapping from pid to ctdb_client * */ struct ctdb_client_pid_list *client_pids; + + /* used in the recovery daemon to remember the ip allocation */ + struct trbt_tree *ip_tree; }; struct ctdb_db_context { @@ -1633,4 +1636,8 @@ int ctdb_recheck_persistent_health(struct ctdb_context *ctdb); void ctdb_run_notification_script(struct ctdb_context *ctdb, const char *event); void ctdb_fault_setup(void); + +int verify_remote_ip_allocation(struct ctdb_context *ctdb, + struct ctdb_all_public_ips *ips); + #endif diff --git a/server/ctdb_recoverd.c b/server/ctdb_recoverd.c index f5aa77b..5f34711 100644 --- a/server/ctdb_recoverd.c +++ b/server/ctdb_recoverd.c @@ -1228,6 +1228,7 @@ static void reload_nodes_file(struct ctdb_context *ctdb) } static int ctdb_reload_remote_public_ips(struct ctdb_context *ctdb, +struct ctdb_recoverd *rec, struct ctdb_node_map *nodemap, uint32_t *culprit) { @@ -1274,6 +1275,11 @@ static int ctdb_reload_remote_public_ips(struct ctdb_context *ctdb,