Re: [Samba] samba on SLES 10: binding problem
Am 28.11.2010 06:07, schrieb Ciro Iriarte: 2010/11/28 Ciro Iriarte cyru...@gmail.com: 2010/11/24 Stefan G. Weichinger li...@xunil.at: Am 10.11.2010 10:37, schrieb Stefan G. Weichinger: I'd be thankful for any thoughts or advice ... thanks! As I haven't received any feedback, just one another question: Should samba-3.5.6 work OK with cups-1.1.23-40.59.8, as available in SLES 10 ? I somehow mistrust that combination ... If not, has someone more recent pkgs for cups on SLES? (ok, TWO questions ;-)) Tried to rpmbuild them, failed at my first attempts ... thx, Stefan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Why shouldn't that combination work?. If you have a support contract, open a support request. Otherwise, get newer packages from these repos: http://download.opensuse.org/repositories/Printing/SLE_11_SP1/ http://download.opensuse.org/repositories/network:/samba:/MAINTAINED:/SLE_11/SLE_11_SP1/ By the way, that would turn your installation in an unsupported setup... Regards, -- Ciro Iriarte http://cyruspy.wordpress.com -- Sorry, correct links following http://download.opensuse.org/repositories/network:/samba:/MAINTAINED:/SLE_10/SLE_10/ http://download.opensuse.org/repositories/Printing/SLE_10/ Oh, nice, thanks for that! I just have to find pdftops now: /usr/bin/pdftops is needed by cups-1.3.7-29.1.i586 Is that rpm also somewhere in that tree? Thanks, Stefan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba Intermittent Browsing Issue from Windows 2008 R2 box
Hi All I have a really strange problem which I need some help with I will give you the background Samba 2.2.12 installed on Red Had Linux Advanced Server 2.1 Basically I have upgraded a client from a Windows 2003 TS box to a Windows 2008 R2 TS box. The 2003 box had approx 30 concurrent users logged on and could browse to samba no problems at any time. Once I installed the Windows 2008 R2 box and got all users connecting there connections to the samba drive would constantly be prompted with a username and password box – I changed the lanmanauthentication level and this fixed that however the issue I am having is strange. You can have 5-8 users connected to the 2008 r2 ts box and browse the samba shares fine, any more than that and randomly out of the users some will not work and keep getting prompted by username/password box. Only way to fix appears to be restart samba service which sometimes fixes the issue. I have absolutely no idea how to fix this – I have spent weeks on this and have Microsoft looking into it with no luck Unfortunately because its running 2.1 Advanced Server I can’t run samba in AD mode with Kerberos as I don’t have the install cd’s so server mode is only possible. Should I look at upgrading Samba – if so will the latest version run on 2.1 Advanced Server? Samba config below #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = * netbios name = server string = Samba Server password server = 192.168.100.12 hosts allow = 192.168.100. 192.168.1. 10.1.1. security = SERVER encrypt passwords = yes load printers = yes printcap name = /etc/printcap printing = lprng guest account = staff log file = /var/log/samba/log.%U log level = 2 max log size = 50 socket options = TCP_NODELAY local master = no domain master = no preferred master = no dns proxy = no Kind Regards Hamish -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] networking problem/Domain not available
I've got a client - a cheap client - and they want to add a new file server (samba sharing) to their network. They have one samba server already acting as the domain controller (PDC) and file server (and DHCP server). The wiring is a nightmare, and everything is daisy chained through 3 different non- programmable switches. They have no more open ports on any of the switches. Further, the switches are about 40 feet from the servers in another room. My plan was to take the cable that connects the domain controller (PDC), plug that into a new switch as the uplink, then connect both the old and new samba servers (a member server according to testparm) to the same switch. The new switch has all auto-uplink ports, so cross-over, non-cross-over isn't an issue. The problem is when I do this, none of the workstations (XP based) can find the domain controller any more (domain not available). I switch the cables back (remove the switch), everything works fine. Use the switch again, same problem. This means it's not the signorseal problem. For kicks to see if it's a bad cable or switch, I used a live Linux CD on my test workstation (this one is having the problem) when the connection is running through the new switch and it got a lease from the PDC (it's also a DHCP server) and can ping the PDC no problem. This, to me, says it can't be the cable or new switch and is pointing the finger at XP. But what is causing XP to fail? Domain authentications with very tiny TTL??? Any other troubleshooting tips? -- Fail to learn history-repeat it. Fail to learn rights-lose them. Learn both-get screwed by previous two groups. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] networking problem/Domain not available
Hi, The problem is when I do this, none of the workstations (XP based) can find the domain controller any more (domain not available). I switch the cables you should check network connectivity. Try pinging the servers from each other and client computers. There may be also firewall issues. With best regards, P. Trifonov -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] networking problem/Domain not available
On Sunday, November 28, 2010 01:47:02 pm Peter Trifonov wrote: Hi, The problem is when I do this, none of the workstations (XP based) can find the domain controller any more (domain not available). I switch the cables you should check network connectivity. Try pinging the servers from each other and client computers. There may be also firewall issues. With best regards, P. Trifonov I did ping the PDC server from the workstation when running Linux and even got a lease from it. All the lights on the new switch indicate everything is good, and the PDC server can access the Internet. Reboot the workstation into XP, and the workstation can't find the PDC (domain not available).* Since I can have two way traffic with the new switch in place, unless someone can point out a flaw in my logic, it can't be the switch. The switch is also a standard 5 port home switch (not my choice of equipment BTW), and does not include a firewall. And if I remove the switch, and go back to the original connection, with NO other changes (workstation and server), it works. I also considered it could be a bad cable, since I do use a new cable with the switch to connect the server to the new switch. But if it was a bad cable, how can I get a lease through it (and ping)? I should add that the original 3 switches are all different models, but none have any firewall capability. * Since I can't log in, I can't easily test the XP side of things to see if I get a lease, and I'm not in charge of the workstations, so getting the local admin password is not a simple matter. Politics... -- Fail to learn history-repeat it. Fail to learn rights-lose them. Learn both-get screwed by previous two groups. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] networking problem/Domain not available
On Nov 28, 2010, at 12:48 PM, Robert S rob...@spotswood-computer.net wrote: On Sunday, November 28, 2010 01:47:02 pm Peter Trifonov wrote: Hi, The problem is when I do this, none of the workstations (XP based) can find the domain controller any more (domain not available). I switch the cables you should check network connectivity. Try pinging the servers from each other and client computers. There may be also firewall issues. With best regards, P. Trifonov I did ping the PDC server from the workstation when running Linux and even got a lease from it. All the lights on the new switch indicate everything is good, and the PDC server can access the Internet. Reboot the workstation into XP, and the workstation can't find the PDC (domain not available).* Since I can have two way traffic with the new switch in place, unless someone can point out a flaw in my logic, it can't be the switch. The switch is also a standard 5 port home switch (not my choice of equipment BTW), and does not include a firewall. And if I remove the switch, and go back to the original connection, with NO other changes (workstation and server), it works. I also considered it could be a bad cable, since I do use a new cable with the switch to connect the server to the new switch. But if it was a bad cable, how can I get a lease through it (and ping)? I should add that the original 3 switches are all different models, but none have any firewall capability. * Since I can't log in, I can't easily test the XP side of things to see if I get a lease, and I'm not in charge of the workstations, so getting the local admin password is not a simple matter. Politics... -- So if I understand correctly, using the old switch, everything is good??? If that's the case, put the old switch back in place and login to all your machines and do the ping test. It should be good. Now, don't logout, just change the switch and look at the connection status for all your machines. Are they still good? Can you do the ping test now and is it good? -b Sent from my iPad. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] networking problem/Domain not available
On 11/28/2010 12:30 PM, Robert S wrote: The problem is when I do this, none of the workstations (XP based) can find the domain controller any more (domain not available). I switch the cables back (remove the switch), everything works fine. Use the switch again, same problem. This means it's not the signorseal problem. I don't know your problem, but I know how I'd proceed... unplug the PDC, then plug the new switch in between it and the other switches, but DON'T plug the new server in yet. Test it. If it works, but stops when you plug in the new server, then your problem is the new server. -- Chris. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] networking problem/Domain not available
Is your test PC on the same switch as the samba servers? Were you able to look at the event logs on the XP machines? If this problem occurs with the new switch and the PDC but not the new server , the only thing I could think to try would be to lock the server's NIC settings to force 1 speed and 1 duplex mode. For XP machines, Ethernet media detection can cause windows network problems- I know the problem is not with the XP machine but maybe something similar is happening on the server side- pings and dhcp assignments may be more tolerant of a flaky connection. If this only happens when both samba machines are on line then you may have a conflict with which machine is the browser- although that should only affect clients just coming on line. And WINS usually avoids those issues. Did you copy any private or lock files from one samba server to another ?Are both samba servers the same version? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Chris Gonnerman Sent: Sunday, November 28, 2010 8:32 PM To: samba@lists.samba.org Subject: Re: [Samba] networking problem/Domain not available On 11/28/2010 12:30 PM, Robert S wrote: The problem is when I do this, none of the workstations (XP based) can find the domain controller any more (domain not available). I switch the cables back (remove the switch), everything works fine. Use the switch again, same problem. This means it's not the signorseal problem. I don't know your problem, but I know how I'd proceed... unplug the PDC, then plug the new switch in between it and the other switches, but DON'T plug the new server in yet. Test it. If it works, but stops when you plug in the new server, then your problem is the new server. -- Chris. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Missing secondary groups
Does getent group show the Windows groups? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Peter Trifonov Sent: Saturday, November 27, 2010 11:58 AM To: samba@lists.samba.org Subject: [Samba] Missing secondary groups Hello all, There is a FreeBSD 8.1 system with Samba 3.5.6. It is a member of Active Directory domain (domain controllers are WinSrv2008R2 and WinSrv2008). wbinfo correctly provides user and group lists, as well as group membership information. It is possible to use domain user and group names in commands like chown and chgrp. However, the id command displays only the primary group for domain users. Furthermore, domain users are not able to access any files owned by their non-primary domain groups. For example, running $ id petert results in the following output: uid=1(petert) gid=10009(domain users) groups=10009(domain users) There is also an error message failed: NT_STATUS_NO_MORE_ENTRIES in the log.winbind file: [2010/11/27 19:47:43.856773, 6] winbindd/winbindd.c:768(new_connection) accepted socket 29 [2010/11/27 19:47:43.856837, 3] winbindd/winbindd_getpwnam.c:55(winbindd_getpwnam_send) getpwnam petert [2010/11/27 19:47:43.856966, 6] winbindd/winbindd.c:816(winbind_client_request_read) closing socket 28, client exited [2010/11/27 19:47:43.859876, 3] winbindd/winbindd_getgrent.c:51(winbindd_getgrent_send) [69874]: getgrent [2010/11/27 19:47:43.859904, 5] winbindd/winbindd_getgrent.c:149(winbindd_getgrent_recv) getgrent failed: NT_STATUS_NO_MORE_ENTRIES [2010/11/27 19:47:43.860164, 3] winbindd/winbindd_getgrgid.c:50(winbindd_getgrgid_send) getgrgid 10009 [2010/11/27 19:47:43.872512, 3] winbindd/winbindd_getgrgid.c:50(winbindd_getgrgid_send) getgrgid 10009 [2010/11/27 19:47:43.872770, 6] winbindd/winbindd.c:816(winbind_client_request_read) closing socket 29, client exited Please let me know how can this be fixed? With best regards, P. Trifonov -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [ob...@samba.org: 3.6:idmap:Q2: get rid of (all/most) idmap alloc parameters for idmap_ldap ?]
Hi Michael, I, for one, am using config alloc because that is how things were done on 3.0.xx before I migrated data to a new box that uses 3.5.4. I do not care very much about the configuration changes. But I beg you that documentation regarding idmap_ldap is updated including how idmap_ldap works. I had issues getting the configuration in 3.5.x to a state where I could run wbinfo --set-* successfully and I still have an outstanding issue where new accounts created in AD are not being automatically mapped by winbind and I have to manually create these mappings. In my idmap rewrite, I kept the alloc related parameters for the LDAP idmap backend for now: - idmap alloc config : ldap_url - idmap alloc config : ldap_base_dn - idmap alloc config : ldap_user_dn and the related idmap alloc secret. I would like to get rid of these. Be my guest. I don't care so long as these changes are documented so that people will know what is going on. This will be the second time that I will have had to fight with changes in idmap ldap related configuration without notice. Therefore, I am asking here, if there is anyone out there using these? I can not imagine a reason why one would want to use different server and/or user+password for storing the uid/gid counter. Right now there is nothing that actually explains to me what idmap_ldap does and so I don't have a clue as to what are you talking about. The only option that I would attest a certain, though minimal, right to exist is the ldap_base_dn. But usually, it should imho ok to store the uid/gid counter in the same location as the mappings. So, again: Are these options needed/used at all? There is an awful lot of 'documentation' out there detailing the use of alloc. People go nuts just figuring out how to do winbind + ldap. Or can I remove them for 3.6.0 ? Be my guest! Just update/provide documentation! Cheers - Michael Note: If we need to keep any of the options, the current form (idmap alloc config :option = ...) would reference the default config, but my idmap rewrite would enable us to set these on a per-domain basis, which would call for options like this idmap config DOMAIN : alloc_option) - End forwarded message - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] networking problem/Domain not available
Answers are in-line. On Sunday, November 28, 2010 08:31:57 pm Gaiseric Vandal wrote: Is your test PC on the same switch as the samba servers? No. Were you able to look at the event logs on the XP machines? No. Well, not yet. If this problem occurs with the new switch and the PDC but not the new server , the only thing I could think to try would be to lock the server's NIC settings to force 1 speed and 1 duplex mode. For XP machines, Ethernet media detection can cause windows network problems- I know the problem is not with the XP machine but maybe something similar is happening on the server side- pings and dhcp assignments may be more tolerant of a flaky connection. If this only happens when both samba machines are on line then you may have a conflict with which machine is the browser- although that should only affect clients just coming on line. And WINS usually avoids those issues. No. Both the new file server and the PDC have been online at the same time and working. I could log into the domain and even map the shares on the new file server. This was before they purchased the new switch. I plugged the new file server into a jack on one of the three older switches that had an off computer at the other end of the jack. The PDC is the wins server and the new server is set to use the PDC wins server. Did you copy any private or lock files from one samba server to another ?Are both samba servers the same version? No to both questions. The config file for the new file server is from scratch (well, modified the sample config file). The PDC is samba 3.0.something, while the new file server is samba 3.5.something. I've been on their case about upgrading the PDC, but it's so far fallen on deaf ears. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Chris Gonnerman Sent: Sunday, November 28, 2010 8:32 PM To: samba@lists.samba.org Subject: Re: [Samba] networking problem/Domain not available On 11/28/2010 12:30 PM, Robert S wrote: The problem is when I do this, none of the workstations (XP based) can find the domain controller any more (domain not available). I switch the cables back (remove the switch), everything works fine. Use the switch again, same problem. This means it's not the signorseal problem. I don't know your problem, but I know how I'd proceed... unplug the PDC, then plug the new switch in between it and the other switches, but DON'T plug the new server in yet. Test it. If it works, but stops when you plug in the new server, then your problem is the new server. -- Chris. -- Fail to learn history-repeat it. Fail to learn rights-lose them. Learn both-get screwed by previous two groups. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Files in samba share cannot be deleted after copying failed.
Hello Volker, Thanks a lot for your help. We figured out the reason. In our cluster environment, when the IP(Windows XP mounted the share by it) was down. It failed over to another box. This is not same as the IP is down and up on same box. It's the reason why smb cannot cleanup the share mode entry. The IP is up from another box. We tested it with IP down/up on same box. It can work. Thanks, -Original Message- From: Volker Lendecke [mailto:volker.lende...@sernet.de] Sent: 2010年11月26日 23:25 To: Tao Wang Cc: samba@lists.samba.org Subject: Re: [Samba] Files in samba share cannot be deleted after copying failed. On Fri, Nov 26, 2010 at 02:34:54AM -0800, Tao Wang wrote: googled with 'DENY_ALL'. and tried server parameter(veto oplock files/reset on zero vc/locking) of smb.conf, but still cannot work. Am we missing something? Or, how we solve this copying issue? reset on zero vc = yes should have helped. You should analyze the log files why the new smbd does not terminate the old, broken one or why the share mode entry is not cleaned up. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Missing secondary groups
Hi, Does getent group show the Windows groups? No, it does not. However, the id command displays only the primary group for domain users. Furthermore, domain users are not able to access any files owned by their non-primary domain groups. For example, running $ id petert results in the following output: uid=1(petert) gid=10009(domain users) groups=10009(domain users) With best regards, P. Trifonov -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Files in samba share cannot be deleted after copying failed.
On Sun, Nov 28, 2010 at 10:25:43PM -0800, Tao Wang wrote: We figured out the reason. In our cluster environment, when the IP(Windows XP mounted the share by it) was down. It failed over to another box. This is not same as the IP is down and up on same box. It's the reason why smb cannot cleanup the share mode entry. The IP is up from another box. We tested it with IP down/up on same box. It can work. That should still work I think. reset on zero vc should kill all remaining daemons that serve the same client, regardless of which server IP the client connected to. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 736d36a s4:dsdb/repl/drepl* - move lib/messaging/irpc.h include into drepl_service.h from 4cf85a7 s4-selftest: Ignore broken pipe error from grep. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 736d36a9487336ca8bc47fba4c7565f9d37e06c5 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 11:53:48 2010 +0100 s4:dsdb/repl/drepl* - move lib/messaging/irpc.h include into drepl_service.h This is needed to fix a Tru64 cc warning regarding enum drepl_role_master. Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Sun Nov 28 12:46:19 CET 2010 on sn-devel-104 --- Summary of changes: source4/dsdb/repl/drepl_fsmo.c|1 - source4/dsdb/repl/drepl_notify.c |1 - source4/dsdb/repl/drepl_out_helpers.c |1 - source4/dsdb/repl/drepl_out_pull.c|1 - source4/dsdb/repl/drepl_partitions.c |1 - source4/dsdb/repl/drepl_periodic.c|1 - source4/dsdb/repl/drepl_service.c |1 - source4/dsdb/repl/drepl_service.h |3 +-- 8 files changed, 1 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/repl/drepl_fsmo.c b/source4/dsdb/repl/drepl_fsmo.c index 98bc1c1..0355459 100644 --- a/source4/dsdb/repl/drepl_fsmo.c +++ b/source4/dsdb/repl/drepl_fsmo.c @@ -30,7 +30,6 @@ #include smbd/service.h #include dsdb/repl/drepl_service.h #include param/param.h -#include librpc/gen_ndr/irpc.h static void drepl_role_callback(struct dreplsrv_service *service, WERROR werr, diff --git a/source4/dsdb/repl/drepl_notify.c b/source4/dsdb/repl/drepl_notify.c index 8f31516..44a50ed 100644 --- a/source4/dsdb/repl/drepl_notify.c +++ b/source4/dsdb/repl/drepl_notify.c @@ -26,7 +26,6 @@ #include dsdb/samdb/samdb.h #include auth/auth.h #include smbd/service.h -#include lib/messaging/irpc.h #include dsdb/repl/drepl_service.h #include lib/ldb/include/ldb_errors.h #include ../lib/util/dlinklist.h diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c index 2bd5974..2cbf008 100644 --- a/source4/dsdb/repl/drepl_out_helpers.c +++ b/source4/dsdb/repl/drepl_out_helpers.c @@ -24,7 +24,6 @@ #include auth/auth.h #include smbd/service.h #include lib/events/events.h -#include lib/messaging/irpc.h #include dsdb/repl/drepl_service.h #include lib/ldb/include/ldb_errors.h #include ../lib/util/dlinklist.h diff --git a/source4/dsdb/repl/drepl_out_pull.c b/source4/dsdb/repl/drepl_out_pull.c index 874d44e..c62a605 100644 --- a/source4/dsdb/repl/drepl_out_pull.c +++ b/source4/dsdb/repl/drepl_out_pull.c @@ -24,7 +24,6 @@ #include auth/auth.h #include smbd/service.h #include lib/events/events.h -#include lib/messaging/irpc.h #include dsdb/repl/drepl_service.h #include lib/ldb/include/ldb_errors.h #include ../lib/util/dlinklist.h diff --git a/source4/dsdb/repl/drepl_partitions.c b/source4/dsdb/repl/drepl_partitions.c index ee9210d..4033c97 100644 --- a/source4/dsdb/repl/drepl_partitions.c +++ b/source4/dsdb/repl/drepl_partitions.c @@ -24,7 +24,6 @@ #include auth/auth.h #include smbd/service.h #include lib/events/events.h -#include lib/messaging/irpc.h #include dsdb/repl/drepl_service.h #include lib/ldb/include/ldb_errors.h #include ../lib/util/dlinklist.h diff --git a/source4/dsdb/repl/drepl_periodic.c b/source4/dsdb/repl/drepl_periodic.c index fe0fb6d..becbca7 100644 --- a/source4/dsdb/repl/drepl_periodic.c +++ b/source4/dsdb/repl/drepl_periodic.c @@ -24,7 +24,6 @@ #include dsdb/samdb/samdb.h #include auth/auth.h #include smbd/service.h -#include lib/messaging/irpc.h #include dsdb/repl/drepl_service.h #include lib/ldb/include/ldb_errors.h #include ../lib/util/dlinklist.h diff --git a/source4/dsdb/repl/drepl_service.c b/source4/dsdb/repl/drepl_service.c index 2f9a5d5..a85750b 100644 --- a/source4/dsdb/repl/drepl_service.c +++ b/source4/dsdb/repl/drepl_service.c @@ -25,7 +25,6 @@ #include auth/auth.h #include smbd/service.h #include lib/events/events.h -#include lib/messaging/irpc.h #include dsdb/repl/drepl_service.h #include lib/ldb/include/ldb_errors.h #include ../lib/util/dlinklist.h diff --git a/source4/dsdb/repl/drepl_service.h b/source4/dsdb/repl/drepl_service.h index 0bf..80f60d6 100644 --- a/source4/dsdb/repl/drepl_service.h +++ b/source4/dsdb/repl/drepl_service.h @@ -233,8 +233,7 @@ struct dreplsrv_service { bool am_rodc; }; -enum drepl_role_master; - +#include lib/messaging/irpc.h #include dsdb/repl/drepl_out_helpers.h #include dsdb/repl/drepl_service_proto.h -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7e2b315 add handling for solaris from 736d36a s4:dsdb/repl/drepl* - move lib/messaging/irpc.h include into drepl_service.h http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7e2b315ca0f228b617adc7769f3880a8aabd5d67 Author: Matthieu Patou m...@matws.net Date: Sun Nov 28 13:53:40 2010 +0300 add handling for solaris Autobuild-User: Matthieu Patou m...@samba.org Autobuild-Date: Sun Nov 28 13:32:21 CET 2010 on sn-devel-104 --- Summary of changes: selftest/gdb_backtrace | 12 +++- 1 files changed, 11 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/gdb_backtrace b/selftest/gdb_backtrace index 1d8249b..5a7d230 100755 --- a/selftest/gdb_backtrace +++ b/selftest/gdb_backtrace @@ -30,6 +30,12 @@ case ${UNAME} in OSF1) DB_LIST=ladebug ${DB_LIST} ;; + # + # On solaris dbx is working way more better than gdb + # let's try it first + # + SunOS) + DB_LIST=dbx ${DB_LIST} esac for DB in ${DB_LIST}; do @@ -45,12 +51,13 @@ test x${DB_BIN} = x { } # -# we first try to use /proc/${PID}/exe +# we first try to use /proc/${PID}/exe or /proc/{$PID}/path for solaris # then fallback to the binary from the commandline # then we search for the commandline argument with # 'which' # test -f /proc/${PID}/exe BINARY=/proc/${PID}/exe +test -f /proc/${PID}/path/a.out BINARY=`ls -l /proc/${PID}/path/a.out |sed 's/.*- //'` test x${BINARY} = x BINARY=/proc/${PID}/exe test -f ${BINARY} || BINARY=`which ${BINARY}` @@ -84,5 +91,8 @@ quit EOF ${DB_BIN} -x ${BATCHFILE_MAIN} ${BINARY} ${PID} ;; +dbx) + ${DB_BIN} where;dump;kill;quit ${BINARY} ${PID} + ;; esac /bin/rm -f ${BATCHFILE_PRE} ${BATCHFILE_MAIN} -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ce55d7c Revert s4:netcmd/drs.py - use objectClass for discovering the server and it's NTDS settings object via b028a60 replace:wscript - change the bool checks to be compatible with more platforms from 7e2b315 add handling for solaris http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ce55d7c9f0c0720f765f549f9b2617cb9a3d2299 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 12:54:02 2010 +0100 Revert s4:netcmd/drs.py - use objectClass for discovering the server and it's NTDS settings object This reverts commit b87c3703cf890bd55340a201536073bd2be1e1d8. Andrew Bartlett told me that exactly the opposite is true - the objectCategory lookup is performing better. Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Sun Nov 28 14:18:41 CET 2010 on sn-devel-104 commit b028a6001ad7e440fbd71faa45cad8b5966fac1c Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 12:28:03 2010 +0100 replace:wscript - change the bool checks to be compatible with more platforms - If the type was found then we are fine and define HAVE_BOOL - Othewise we substitute it in replace.h as _Bool or if not possible as int - This prevents lot of warnings on platforms where we don't have a bool type as Tru64 - The length check for bool is not really useful and therefore removed --- Summary of changes: lib/replace/wscript |4 ++-- source4/scripting/python/samba/netcmd/drs.py |4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/wscript b/lib/replace/wscript index 0bfe660..f6a9bef 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -73,8 +73,8 @@ def configure(conf): conf.CHECK_TYPES('long long intptr_t uintptr_t ptrdiff_t comparison_fn_t') conf.CHECK_TYPE('_Bool', define='HAVE__Bool') +conf.CHECK_TYPE('bool', define='HAVE_BOOL') -conf.CHECK_TYPE('bool', 'int') conf.CHECK_TYPE('int8_t', 'char') conf.CHECK_TYPE('uint8_t', 'unsigned char') conf.CHECK_TYPE('int16_t', 'short') @@ -91,7 +91,7 @@ def configure(conf): conf.CHECK_TYPE('volatile int', define='HAVE_VOLATILE') conf.CHECK_TYPE('uint_t', 'unsigned int') -conf.CHECK_SIZEOF('bool char int long long long short size_t ssize_t') +conf.CHECK_SIZEOF('char int long long long short size_t ssize_t') conf.CHECK_SIZEOF('int8_t uint8_t int16_t uint16_t int32_t uint32_t int64_t uint64_t') conf.CHECK_SIZEOF('void*', define='SIZEOF_VOID_P') conf.CHECK_SIZEOF('off_t dev_t ino_t time_t') diff --git a/source4/scripting/python/samba/netcmd/drs.py b/source4/scripting/python/samba/netcmd/drs.py index 6816790..387524b 100644 --- a/source4/scripting/python/samba/netcmd/drs.py +++ b/source4/scripting/python/samba/netcmd/drs.py @@ -260,7 +260,7 @@ class cmd_drs_replicate(Command): # we need to find the NTDS GUID of the source DC msg = self.samdb.search(base=self.samdb.get_config_basedn(), - expression=((objectClass=server)(|(name=%s)(dNSHostName=%s))) % (SOURCE_DC, + expression=((objectCategory=server)(|(name=%s)(dNSHostName=%s))) % (SOURCE_DC, SOURCE_DC), attrs=[]) if len(msg) == 0: @@ -268,7 +268,7 @@ class cmd_drs_replicate(Command): server_dn = msg[0]['dn'] msg = self.samdb.search(base=server_dn, scope=ldb.SCOPE_ONELEVEL, -expression=(objectClass=nTDSDSA), + expression=(|(objectCategory=nTDSDSA)(objectCategory=nTDSDSARO)), attrs=['objectGUID', 'options']) if len(msg) == 0: raise CommandError(Failed to find source NTDS DN %s % SOURCE_DC) -- Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch master updated
Hi Matthias, commit b028a6001ad7e440fbd71faa45cad8b5966fac1c Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 12:28:03 2010 +0100 replace:wscript - change the bool checks to be compatible with more platforms - If the type was found then we are fine and define HAVE_BOOL - Othewise we substitute it in replace.h as _Bool or if not possible as int - This prevents lot of warnings on platforms where we don't have a bool type as Tru64 - The length check for bool is not really useful and therefore removed That check is useful and I added a few weeks ago, please readd it. It showed that sizeof(bool) is 1, that means that we might think about changing the fallback to define 'bool' as 'unsigned char' instead of 'int'. metze signature.asc Description: OpenPGP digital signature
Re: [SCM] Samba Shared Repository - branch master updated
Ah sorry, didn't see that this was for examination purposes. Will readd it soon! Matthias Stefan (metze) Metzmacher wrote: Hi Matthias, commit b028a6001ad7e440fbd71faa45cad8b5966fac1c Author: Matthias Dieter Wallnöferm...@samba.org Date: Sun Nov 28 12:28:03 2010 +0100 replace:wscript - change the bool checks to be compatible with more platforms - If the type was found then we are fine and define HAVE_BOOL - Othewise we substitute it in replace.h as _Bool or if not possible as int - This prevents lot of warnings on platforms where we don't have a bool type as Tru64 - The length check for bool is not really useful and therefore removed That check is useful and I added a few weeks ago, please readd it. It showed that sizeof(bool) is 1, that means that we might think about changing the fallback to define 'bool' as 'unsigned char' instead of 'int'. metze
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c69b1ed s3: Properly print binary values net cache via 1a91fe9 s3: Add gencache_iterate_blobs via 62afdb9 s3: Convert gencache_get_data_blob to gencache_parse via 9843103 s3: Add gencache_parse from ce55d7c Revert s4:netcmd/drs.py - use objectClass for discovering the server and it's NTDS settings object http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c69b1edcb9a4b41055f82007d223ef18dc04a1d2 Author: Volker Lendecke v...@samba.org Date: Sun Nov 28 13:14:38 2010 +0100 s3: Properly print binary values net cache Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Sun Nov 28 15:03:26 CET 2010 on sn-devel-104 commit 1a91fe90b6a1f50c641ce4d778f49ce4c121b9dd Author: Volker Lendecke v...@samba.org Date: Sat Nov 27 15:48:21 2010 +0100 s3: Add gencache_iterate_blobs commit 62afdb9cc056da4ba7a873e6bce00b4f2c32f4a4 Author: Volker Lendecke v...@samba.org Date: Sat Nov 27 11:36:52 2010 +0100 s3: Convert gencache_get_data_blob to gencache_parse commit 9843103b7d2a13b1b8a45b3a1d958700bbf1bcfc Author: Volker Lendecke v...@samba.org Date: Sat Nov 27 00:40:25 2010 +0100 s3: Add gencache_parse --- Summary of changes: source3/include/proto.h |7 + source3/lib/gencache.c| 298 +++- source3/utils/net_cache.c | 28 +++- 3 files changed, 211 insertions(+), 122 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index d199d1e..9f00e6d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -548,10 +548,17 @@ void pull_file_id_24(char *buf, struct file_id *id); bool gencache_set(const char *keystr, const char *value, time_t timeout); bool gencache_del(const char *keystr); bool gencache_get(const char *keystr, char **valstr, time_t *timeout); +bool gencache_parse(const char *keystr, + void (*parser)(time_t timeout, DATA_BLOB blob, + void *private_data), + void *private_data); bool gencache_get_data_blob(const char *keystr, DATA_BLOB *blob, time_t *timeout, bool *was_expired); bool gencache_stabilize(void); bool gencache_set_data_blob(const char *keystr, const DATA_BLOB *blob, time_t timeout); +void gencache_iterate_blobs(void (*fn)(const char *key, DATA_BLOB value, + time_t timeout, void *private_data), + void *private_data, const char *pattern); void gencache_iterate(void (*fn)(const char* key, const char *value, time_t timeout, void* dptr), void* data, const char* keystr_pattern); diff --git a/source3/lib/gencache.c b/source3/lib/gencache.c index 8d2ddb2..db0b179 100644 --- a/source3/lib/gencache.c +++ b/source3/lib/gencache.c @@ -274,6 +274,10 @@ static bool gencache_pull_timeout(char *val, time_t *pres, char **pendptr) time_t res; char *endptr; + if (val == NULL) { + return false; + } + res = strtol(val, endptr, 10); if ((endptr == NULL) || (*endptr != '/')) { @@ -289,69 +293,124 @@ static bool gencache_pull_timeout(char *val, time_t *pres, char **pendptr) return true; } -/** - * Get existing entry from the cache file. - * - * @param keystr string that represents a key of this entry - * @param blob DATA_BLOB that is filled with entry's blob - * @param timeout pointer to a time_t that is filled with entry's - *timeout - * - * @retval true when entry is successfuly fetched - * @retval False for failure - **/ +struct gencache_parse_state { + void (*parser)(time_t timeout, DATA_BLOB blob, void *private_data); + void *private_data; +}; -bool gencache_get_data_blob(const char *keystr, DATA_BLOB *blob, - time_t *timeout, bool *was_expired) +static int gencache_parse_fn(TDB_DATA key, TDB_DATA data, void *private_data) { - TDB_DATA databuf; + struct gencache_parse_state *state; + DATA_BLOB blob; time_t t; char *endptr; - bool expired = false; + bool ret; - if (keystr == NULL) { - goto fail; + if (data.dptr == NULL) { + return -1; + } + ret = gencache_pull_timeout((char *)data.dptr, t, endptr); + if (!ret) { + return -1; } + state = (struct gencache_parse_state *)private_data; + blob = data_blob_const( + endptr+1, data.dsize - PTR_DIFF(endptr+1, data.dptr)); + state-parser(t, blob, state-private_data); + return 0; +} + +bool gencache_parse(const char *keystr, + void (*parser)(time_t timeout, DATA_BLOB blob, +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ef8349e replace:wscript - reintroduce the size check for bool due to a request of metze from c69b1ed s3: Properly print binary values net cache http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ef8349e28da4ff97874aa08bdb2a67b7e6a9d538 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 14:55:28 2010 +0100 replace:wscript - reintroduce the size check for bool due to a request of metze Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Sun Nov 28 15:48:40 CET 2010 on sn-devel-104 --- Summary of changes: lib/replace/wscript |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/wscript b/lib/replace/wscript index f6a9bef..8b59807 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -91,7 +91,7 @@ def configure(conf): conf.CHECK_TYPE('volatile int', define='HAVE_VOLATILE') conf.CHECK_TYPE('uint_t', 'unsigned int') -conf.CHECK_SIZEOF('char int long long long short size_t ssize_t') +conf.CHECK_SIZEOF('bool char int long long long short size_t ssize_t') conf.CHECK_SIZEOF('int8_t uint8_t int16_t uint16_t int32_t uint32_t int64_t uint64_t') conf.CHECK_SIZEOF('void*', define='SIZEOF_VOID_P') conf.CHECK_SIZEOF('off_t dev_t ino_t time_t') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c254527 build: update gdb_backtrace to make it search for gdb66 as it work on freebsd via 06beebd fix bad shell from ef8349e replace:wscript - reintroduce the size check for bool due to a request of metze http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c254527386afcbe60fe57bd87fb367486abde52d Author: Matthieu Patou m...@matws.net Date: Sun Nov 28 17:32:06 2010 +0300 build: update gdb_backtrace to make it search for gdb66 as it work on freebsd Autobuild-User: Matthieu Patou m...@samba.org Autobuild-Date: Sun Nov 28 16:37:08 CET 2010 on sn-devel-104 commit 06beebd1e4e3b4214682dcafd15864ce8fc483e8 Author: Matthieu Patou m...@matws.net Date: Sun Nov 28 17:28:57 2010 +0300 fix bad shell --- Summary of changes: selftest/gdb_backtrace | 18 ++ 1 files changed, 18 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/gdb_backtrace b/selftest/gdb_backtrace index 5a7d230..91637ec 100755 --- a/selftest/gdb_backtrace +++ b/selftest/gdb_backtrace @@ -36,6 +36,14 @@ case ${UNAME} in # SunOS) DB_LIST=dbx ${DB_LIST} + ;; + # + # FreeBSD comes with a flavor that works gdb66 and one that don't gdb + # (gdb 6.1) let's try it first the one that works ! + # + FreeBSD) + DB_LIST=gdb66 ${DB_LIST} + ;; esac for DB in ${DB_LIST}; do @@ -82,6 +90,16 @@ quit EOF ${DB_BIN} -c ${BATCHFILE_MAIN} -i ${BATCHFILE_PRE} -pid ${PID} ${BINARY} ;; + gdb66) +cat EOF ${BATCHFILE_MAIN} +set height 1000 +bt full +info locals +kill +quit +EOF + ${DB_BIN} -x ${BATCHFILE_MAIN} ${BINARY} ${PID} + ;; gdb) cat EOF ${BATCHFILE_MAIN} set height 1000 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 56969ad s4:torture/smb2/acls.c - remove two unused variables via 96c1cd7 s4:introduce casts before outputs of time_t variables via 7128c15 replace:wscript - reintroduce the size check for bool due to a request of metze via 3c07250 replace:wscript - change the bool checks to be compatible with more platforms from c254527 build: update gdb_backtrace to make it search for gdb66 as it work on freebsd http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 56969adb3dad6dbaec2410e4e23242b3ce88b696 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 16:07:26 2010 +0100 s4:torture/smb2/acls.c - remove two unused variables Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Sun Nov 28 17:22:54 CET 2010 on sn-devel-104 commit 96c1cd762db100a11dd989f1505a265c69885bf9 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 16:06:19 2010 +0100 s4:introduce casts before outputs of time_t variables Otherwise we are getting warnings on NetBSD. commit 7128c15b65381da8e37be3cbd31d3b8310fd49aa Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 14:55:28 2010 +0100 replace:wscript - reintroduce the size check for bool due to a request of metze commit 3c0725001eeb2e132d6484a171ce13b5117c0434 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Nov 28 12:28:03 2010 +0100 replace:wscript - change the bool checks to be compatible with more platforms - If the type was found then we are fine and define HAVE_BOOL - Othewise we substitute it in replace.h as _Bool or if not possible as int - This prevents lot of warnings on platforms where we don't have a bool type as Tru64 - The length check for bool is not really useful and therefore removed --- Summary of changes: source4/nbt_server/wins/wins_hook.c |2 +- source4/torture/rpc/samr.c |2 +- source4/torture/smb2/acls.c |2 -- 3 files changed, 2 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/nbt_server/wins/wins_hook.c b/source4/nbt_server/wins/wins_hook.c index 9753a86..1af471b 100644 --- a/source4/nbt_server/wins/wins_hook.c +++ b/source4/nbt_server/wins/wins_hook.c @@ -61,7 +61,7 @@ void wins_hook(struct winsdb_handle *h, const struct winsdb_record *rec, wins_hook_action_string(action), rec-name-name, rec-name-type, - rec-expire_time); + (long int) rec-expire_time); if (!cmd) goto failed; for (i=0; rec-addresses[i]; i++) { diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index a57cdb8..8ee1198 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -1171,7 +1171,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, } if (fields_present SAMR_FIELD_COMMENT) { - comment = talloc_asprintf(tctx, comment: %ld\n, time(NULL)); + comment = talloc_asprintf(tctx, comment: %ld\n, (long int) time(NULL)); } ZERO_STRUCT(u); diff --git a/source4/torture/smb2/acls.c b/source4/torture/smb2/acls.c index a857f4d..d723ae4 100644 --- a/source4/torture/smb2/acls.c +++ b/source4/torture/smb2/acls.c @@ -666,8 +666,6 @@ static bool test_owner_bits(struct torture_context *tctx, struct smb2_tree *tree union smb_setfileinfo set; struct security_descriptor *sd, *sd_orig; const char *owner_sid; - bool has_restore_privilege = false; - bool has_take_ownership_privilege = false; uint32_t expected_bits; if (!smb2_util_setup_dir(tctx, tree, BASEDIR)) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 97f0d6c samba.tests.hostconfig: Fix import. via eb5a8e2 s4-python: Some reformatting for the purpose of pydoctor. via 20516df samba.upgradehelpers: Simplify code a bit. via ca495e6 samba.hostconfig: Move samba.shares into samba.hostconfig. via 979d298 samba.getopt: Fix missing import of sys. via 28b5095 chgtdcpass: Fix program name in usage message. from 56969ad s4:torture/smb2/acls.c - remove two unused variables http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 97f0d6c27834975256fe21518007807400e61f4b Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 28 16:38:27 2010 +0100 samba.tests.hostconfig: Fix import. Autobuild-User: Jelmer Vernooij jel...@samba.org Autobuild-Date: Sun Nov 28 18:08:33 CET 2010 on sn-devel-104 commit eb5a8e29cf362ea382da7bb9dd8c9eb175b9ebe3 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 28 14:09:30 2010 +0100 s4-python: Some reformatting for the purpose of pydoctor. commit 20516df27574ad999073b7eb9620e70833e3170d Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 28 13:45:56 2010 +0100 samba.upgradehelpers: Simplify code a bit. commit ca495e67b2c2c8b50e16c5bcfcafdc5c2ae5bc72 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 28 13:39:12 2010 +0100 samba.hostconfig: Move samba.shares into samba.hostconfig. commit 979d298b0d6e5692f606a5bfe21a64d1ecce5613 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 28 13:37:31 2010 +0100 samba.getopt: Fix missing import of sys. commit 28b509579df99ee576d5353eada31cd58aaa2508 Author: Jelmer Vernooij jel...@samba.org Date: Sun Nov 28 13:34:19 2010 +0100 chgtdcpass: Fix program name in usage message. --- Summary of changes: source4/scripting/devel/chgtdcpass |9 +-- source4/scripting/python/samba/__init__.py | 16 +++-- source4/scripting/python/samba/getopt.py | 22 --- source4/scripting/python/samba/hostconfig.py | 64 +-- source4/scripting/python/samba/join.py |9 ++- source4/scripting/python/samba/ms_schema.py|5 +- source4/scripting/python/samba/ndr.py | 28 +++-- source4/scripting/python/samba/ntacls.py |3 + .../scripting/python/samba/provision/__init__.py |9 ++- .../scripting/python/samba/provision/backend.py|3 +- source4/scripting/python/samba/samba3.py | 12 ++-- source4/scripting/python/samba/samdb.py| 31 ++ source4/scripting/python/samba/schema.py |3 +- source4/scripting/python/samba/shares.py | 61 --- .../samba/tests/{shares.py = hostconfig.py} |2 +- source4/scripting/python/samba/upgrade.py | 50 +-- source4/scripting/python/samba/upgradehelpers.py | 38 +--- source4/selftest/tests.py |2 +- 18 files changed, 199 insertions(+), 168 deletions(-) delete mode 100644 source4/scripting/python/samba/shares.py rename source4/scripting/python/samba/tests/{shares.py = hostconfig.py} (97%) Changeset truncated at 500 lines: diff --git a/source4/scripting/devel/chgtdcpass b/source4/scripting/devel/chgtdcpass index 1030531..dc24983 100755 --- a/source4/scripting/devel/chgtdcpass +++ b/source4/scripting/devel/chgtdcpass @@ -17,6 +17,9 @@ # along with this program. If not, see http://www.gnu.org/licenses/. +__docformat__ = restructuredText + + import optparse import sys # Allow to run from s4 source directory (without installing samba) @@ -30,10 +33,7 @@ from samba.upgradehelpers import (get_paths, find_provision_key_parameters, get_ldbs, update_machine_account_password) -__docformat__ = restructuredText - - -parser = optparse.OptionParser(provision [options]) +parser = optparse.OptionParser(chgtdcpass [options]) sambaopts = options.SambaOptions(parser) parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) @@ -42,7 +42,6 @@ parser.add_option_group(credopts) opts = parser.parse_args()[0] - lp = sambaopts.get_loadparm() smbconf = lp.configfile creds = credopts.get_credentials(lp) diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py index a9b4349..ee45d93 100644 --- a/source4/scripting/python/samba/__init__.py +++ b/source4/scripting/python/samba/__init__.py @@ -128,7 +128,7 @@ class Ldb(_Ldb): def erase_users_computers(self, dn): Erases user and computer objects from our AD. - + This is needed since the 'samldb' module denies the deletion of primary groups. Therefore all groups shouldn't be primary
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 56b1082 s3: Fix force group with ntlmssp guest session setup from 49632d4 s3: Make winbind recover from a signing error http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 56b1082fe436e1f99a87d3e37d9ea8b017353b39 Author: Volker Lendecke v...@samba.org Date: Sat Nov 13 18:03:25 2010 +0100 s3: Fix force group with ntlmssp guest session setup This one is subtle: Set force group = somegroup together with guest ok = yes. Then try smbclient //server/share -U%. Works. Then try to connect to the same share from Windows 2003 using an anonymous connection. Breaks with make_connection: connection to share denied due to security descriptor although the share_info.tdb is empty. I've seen reports of this on the lists, but I could never ever nail it until a customer gave me access to such a box. What happens? With an empty share_info.tdb we create a security descriptor allow everything to the world. The problem with the above parameter combination is that S-1-1-0 (World) is lost in the token. When you look at the callers of create_local_token, they are only called if the preceding check_ntlm_password did not create server_info-ptok. Not so with the one in auth_ntlmssp.c. So, if we get a NTLMSSP session setup with user=, domain=, pass= we call create_local_token even though check_guest_security() via make_server_info_guest() has already correctly done so. In this case create_local_token puts S-1-1-0 into user_sids[1], which is supposed to be the primary group sid of the user logging in. force group then overwrites this - the world is gone - denied due to security descriptor. Why don't you see it with smbclient -U% (anonymous connection)? smbclient does not use ntlmssp for anon session setup. This seems not to happen to 3.6. Volker Fix bug #7817 (force group broken). --- Summary of changes: source3/auth/auth_ntlmssp.c | 13 +++-- 1 files changed, 7 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index 034d354..0e2c61a 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -126,12 +126,13 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, auth_ntlmssp_state-server_info-nss_token |= username_was_mapped; - nt_status = create_local_token(auth_ntlmssp_state-server_info); - - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(10, (create_local_token failed: %s\n, - nt_errstr(nt_status))); - return nt_status; + if (auth_ntlmssp_state-server_info-ptok == NULL) { + nt_status = create_local_token(auth_ntlmssp_state-server_info); + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(10, (create_local_token failed: %s\n, + nt_errstr(nt_status))); + return nt_status; + } } if (auth_ntlmssp_state-server_info-user_session_key.length) { -- Samba Shared Repository
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-150-g96c29a8
The branch, 1.0.112 has been updated via 96c29a83f6c937d45785c3d14434f95c48564dd3 (commit) from 072cba118f0edf0d642cf138ee49186ab4ef2602 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit 96c29a83f6c937d45785c3d14434f95c48564dd3 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Mon Nov 29 12:39:14 2010 +1100 When we are no longer the natgw master, dont put the natgw ip on loopback. We put the ip on loopback just to make sure we would still interoperate with non-standard configurations on unix-KDC, that are configured to verify the optional HostAddresses field. This is not required for AD, since AD does not use this field, and is replaced in unix land with other/better mechanisms than this dodgy check. This makes it easier for applications that have bound to the natgw address to detect a socket problem and try to reconnect/recover if the ip address is completely missing from the system. At the same time, use the winbind specific hook that exists to explicitely tell winbindd : this address is gone, so if you have bound to it, this is a good time to close and rebind your socket. cq 1020333 --- Summary of changes: config/events.d/11.natgw |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/config/events.d/11.natgw b/config/events.d/11.natgw index 2fc232a..ac34a24 100755 --- a/config/events.d/11.natgw +++ b/config/events.d/11.natgw @@ -77,8 +77,10 @@ case $1 in # We do this so that the ip address will exist on a # non-loopback interface so that samba may send it along in the # KDC requests. - ip addr add $CTDB_NATGW_PUBLIC_IP_HOST dev lo scope host ip route add 0.0.0.0/0 via $NATGWIP metric 10 + # Make sure winbindd does not stay bound to this address + # if we are no longer natgwmaster + smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP /dev/null 2/dev/null fi # flush our route cache -- CTDB repository
[SCM] CTDB repository - branch 1.2 updated - ctdb-1.9.1-248-g981550e
The branch, 1.2 has been updated via 981550e3ae8c1884a8c8f7786d0549e6144794e0 (commit) from 0a6165b2a3084d10d2f0b272dd05e2f5174a5055 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.2 - Log - commit 981550e3ae8c1884a8c8f7786d0549e6144794e0 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Mon Nov 29 12:39:14 2010 +1100 When we are no longer the natgw master, dont put the natgw ip on loopback. We put the ip on loopback just to make sure we would still interoperate with non-standard configurations on unix-KDC, that are configured to verify the optional HostAddresses field. This is not required for AD, since AD does not use this field, and is replaced in unix land with other/better mechanisms than this dodgy check. This makes it easier for applications that have bound to the natgw address to detect a socket problem and try to reconnect/recover if the ip address is completely missing from the system. At the same time, use the winbind specific hook that exists to explicitely tell winbindd : this address is gone, so if you have bound to it, this is a good time to close and rebind your socket. cq 1020333 --- Summary of changes: config/events.d/11.natgw |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/config/events.d/11.natgw b/config/events.d/11.natgw index 512f8de..1d5ba0f 100755 --- a/config/events.d/11.natgw +++ b/config/events.d/11.natgw @@ -91,8 +91,10 @@ case $1 in # We do this so that the ip address will exist on a # non-loopback interface so that samba may send it along in the # KDC requests. - ip addr add $CTDB_NATGW_PUBLIC_IP_HOST dev lo scope host ip route add 0.0.0.0/0 via $NATGWIP metric 10 + # Make sure winbindd does not stay bound to this address + # if we are no longer natgwmaster + smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP /dev/null 2/dev/null fi # flush our route cache -- CTDB repository
[SCM] CTDB repository - branch 1.2-nodeflags updated - ctdb-1.9.1-240-g934b30a
The branch, 1.2-nodeflags has been updated via 934b30a8593ebe09b1882713339d59c09db0f4ff (commit) from 4755e82b33908419bbbc5e2effa3da65c0a3f819 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.2-nodeflags - Log - commit 934b30a8593ebe09b1882713339d59c09db0f4ff Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Mon Nov 29 12:39:14 2010 +1100 When we are no longer the natgw master, dont put the natgw ip on loopback. We put the ip on loopback just to make sure we would still interoperate with non-standard configurations on unix-KDC, that are configured to verify the optional HostAddresses field. This is not required for AD, since AD does not use this field, and is replaced in unix land with other/better mechanisms than this dodgy check. This makes it easier for applications that have bound to the natgw address to detect a socket problem and try to reconnect/recover if the ip address is completely missing from the system. At the same time, use the winbind specific hook that exists to explicitely tell winbindd : this address is gone, so if you have bound to it, this is a good time to close and rebind your socket. cq 1020333 --- Summary of changes: config/events.d/11.natgw |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/config/events.d/11.natgw b/config/events.d/11.natgw index 34aee19..267ba63 100755 --- a/config/events.d/11.natgw +++ b/config/events.d/11.natgw @@ -91,8 +91,10 @@ case $1 in # We do this so that the ip address will exist on a # non-loopback interface so that samba may send it along in the # KDC requests. - ip addr add $CTDB_NATGW_PUBLIC_IP_HOST dev lo scope host ip route add 0.0.0.0/0 via $NATGWIP metric 10 + # Make sure winbindd does not stay bound to this address + # if we are no longer natgwmaster + smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP /dev/null 2/dev/null fi # flush our route cache -- CTDB repository
[SCM] CTDB repository - branch master updated - ctdb-1.10-33-g0da9486
The branch, master has been updated via 0da94869d2912b2a412ba3fbd2137d88ce4e4389 (commit) from 37ab57e2adaecc3f7996ea20af45a5df0cd8be76 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit 0da94869d2912b2a412ba3fbd2137d88ce4e4389 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Mon Nov 29 12:39:14 2010 +1100 When we are no longer the natgw master, dont put the natgw ip on loopback. We put the ip on loopback just to make sure we would still interoperate with non-standard configurations on unix-KDC, that are configured to verify the optional HostAddresses field. This is not required for AD, since AD does not use this field, and is replaced in unix land with other/better mechanisms than this dodgy check. This makes it easier for applications that have bound to the natgw address to detect a socket problem and try to reconnect/recover if the ip address is completely missing from the system. At the same time, use the winbind specific hook that exists to explicitely tell winbindd : this address is gone, so if you have bound to it, this is a good time to close and rebind your socket. cq 1020333 --- Summary of changes: config/events.d/11.natgw |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/config/events.d/11.natgw b/config/events.d/11.natgw index 512f8de..1d5ba0f 100755 --- a/config/events.d/11.natgw +++ b/config/events.d/11.natgw @@ -91,8 +91,10 @@ case $1 in # We do this so that the ip address will exist on a # non-loopback interface so that samba may send it along in the # KDC requests. - ip addr add $CTDB_NATGW_PUBLIC_IP_HOST dev lo scope host ip route add 0.0.0.0/0 via $NATGWIP metric 10 + # Make sure winbindd does not stay bound to this address + # if we are no longer natgwmaster + smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP /dev/null 2/dev/null fi # flush our route cache -- CTDB repository
[SCM] CTDB repository - branch drop-laccessor created - ctdb-1.9.1-249-g125ab46
The branch, drop-laccessor has been created at 125ab469da32cc4db6012d4d1779228351e675bf (commit) - Log - commit 125ab469da32cc4db6012d4d1779228351e675bf Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Mon Nov 29 13:07:59 2010 +1100 Remove LACOUNT and LACCESSOR and migrate the records immediately. This concept didnt work out and it is really just as expensive as a full migration anyway, without the benefit of caching the data for subsequence accesses. Now, migrate the records immediately on first access. This will be combined with a cheap vacuum-lite for special empty records to prevent growth of databases. Later extensions to mimic read-only behaviour of records will include proper shared read-only locking of database records, making the laccessor/lacount read-only access to the data obsolete anyway. By removing this special case and handling of lacount laccessor makes the codapath where shared read-only locking will be be implemented simpler, and frees up space in the ctdb_ltdb header for use by vacuuming flags as well as read-only locking flags. --- -- CTDB repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7025087 wintest: cope with the heimdal version of kinit via dc0c89c s4-samdb: give a better exception if multiple users match in password change via c522cd7 s4-repl_schema: fixed ldb exception handling via 37bfc4e s4-samba-tool: fixed exception handling in subcommands via 6250690 s4-samba-tool: fixed ldb exception handling in domainlevel command via a1f9692 s4-samba-tool: improved exception handling in samba-tool via 8c59bbd s4-join: fixed exception handling in join command via abe9ac5 s4-ldapcmp: make ldapcmp a samba-tool command via f8d73e4 s4-ldapcmp: fixed exception handling via 0dd2152 s4-pyglue: added get_debug_level() method via 33d1787 s4-loadparm: use loadparm_init_global() instead of loadparm_init() via b20ce43 s4-loadparm: added loadparm_init_global() via 6982a00 s4-gpo: started on samba-tool gpo list command via 6cd01c9 s4-dsdb: give full error message for operational failures via 74d373d s4-pydsdb: two more GPO related flags via 7a826d0 s4-samba-tool: started on gpo subcommands in python via e54c8be s4-pydsdb: added GPO policy flags from 97f0d6c samba.tests.hostconfig: Fix import. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 702508745682c29cb3f9959b7c22d535b767459f Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 17:19:55 2010 +1100 wintest: cope with the heimdal version of kinit Autobuild-User: Andrew Tridgell tri...@samba.org Autobuild-Date: Mon Nov 29 08:49:36 CET 2010 on sn-devel-104 commit dc0c89cf405e7cc1d66540c4f94b1b395da2439a Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 16:57:25 2010 +1100 s4-samdb: give a better exception if multiple users match in password change commit c522cd73ac29c0bc2551e679284da71d46f533e1 Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 14:16:18 2010 +1100 s4-repl_schema: fixed ldb exception handling commit 37bfc4ec384df71a4cb1c19ceb136fecd3b9afc6 Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 14:15:57 2010 +1100 s4-samba-tool: fixed exception handling in subcommands this switches to the new pattern of: except Exception, e: raise CommandError(some error message, e) commit 62506903101e8e8e1cfc6c70fee245f97c646844 Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 14:14:01 2010 +1100 s4-samba-tool: fixed ldb exception handling in domainlevel command Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit a1f96923e655d58ff339e06536cac9d1135dd0cb Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 14:11:57 2010 +1100 s4-samba-tool: improved exception handling in samba-tool we now do reasonable printing on a wide range of common exception classes, and always force a backtrace on an exception if the debug level is = 3 Pair-Programmed-With: Jelmer Vernooij jel...@samba.org commit 8c59bbd757e834f8dd1037edcd4ad5cf96a602a4 Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 14:10:57 2010 +1100 s4-join: fixed exception handling in join command commit abe9ac53f0d240a867d499f184866603143756cf Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 14:10:26 2010 +1100 s4-ldapcmp: make ldapcmp a samba-tool command The ldapcmp tool is very useful, and should be available to Samba admins, not just developers. This makes it a samba-tool command, which also gives it the nicer command line handling that samba-tool has commit f8d73e466b454a63f256021ad2f353e9ad93e8f7 Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 13:30:46 2010 +1100 s4-ldapcmp: fixed exception handling This pattern, which is common in our code, is wrong: except LdbError, (ERR_NO_SUCH_OBJECT, _): what it actually does it to change the value of ldb.ERR_NO_SUCH_OBJECT to be equal to whatever ldb error occurred! This led to some really bizarre behavior commit 0dd2152b01b93b2a09ea0332ba60e2e0338b1c15 Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 13:26:48 2010 +1100 s4-pyglue: added get_debug_level() method Pair-Programmed-With: Jelmer Vernooij jel...@samba.org commit 33d178767b425510448435748bdd780402106ded Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 13:25:59 2010 +1100 s4-loadparm: use loadparm_init_global() instead of loadparm_init() this prevents us having two lp_ctx contexts in these tools which leads to bizarre behaviour Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit b20ce4392e2d00c3edff8b4b8f329cf22341ea76 Author: Andrew Tridgell tri...@samba.org Date: Mon Nov 29 13:24:51 2010 +1100 s4-loadparm: added loadparm_init_global() This ensures we use the same