Re: [Samba] Trouble installing SWAT on a Samba 4 Alpha 13 build onUbuntu Server
No!!! Do not think the old way. In Samba4 it is just different. Just make your share in smb.conf: [finance] Path=/some/wehere Read only= no Then!!! Log in from a domain member (xp or whatever windows) with your administrator. And set in the security tab for this finance the rights of user and groups Greetings Daniel EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de Von: Lynn Dixon [mailto:booda...@gmail.com] Gesendet: Montag, 24. Januar 2011 16:24 An: t...@tms3.com Cc: muel...@tropenklinik.de; samba@lists.samba.org Betreff: Re: [Samba] Trouble installing SWAT on a Samba 4 Alpha 13 build onUbuntu Server Thanks. I tried both paramaters in my smb.conf but I got errors when I tried both: jenfab@dc:~$ sudo /etc/init.d/samba4 restart * Stopping Samba 4 daemon samba [ OK ] * Starting Samba 4 daemon samba Unknown parameter encountered: valid users Ignoring unknown parameter valid users [ OK ] jenfab@dc:~$ sudo nano /etc/samba/smb.conf jenfab@dc:~$ sudo /etc/init.d/samba4 restart * Stopping Samba 4 daemon samba [ OK ] * Starting Samba 4 daemon samba Unknown parameter encountered: write list Ignoring unknown parameter write list Unknown parameter encountered: read list Ignoring unknown parameter read list [ OK ] On Mon, Jan 24, 2011 at 9:52 AM, t...@tms3.com wrote: I am not sure how to use Microsoft AD tools to create shares and then set those shares permissable to certain AD groups. For example, I need to create a share called Finance and only the people in Finance can read/write to it. I was hoping to use SWAT to help in creation and management of those shares. vi smb.conf (or your favorite text editor) add [finance] ...various parameter... valid users = @finance or write list = @finance read list = @finance I have been using AD tools to manage the domain and GPO's but I am not sure how to use them to create shares. You can see swat for samba4 here: https://github.com/rvelhote/GSoC-SWAT On Mon, Jan 24, 2011 at 5:03 AM, Daniel Müller muel...@tropenklinik.dewrote: I thought swat is no longer working!!Just use Microsoft ads tools and you are up and running. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: http://www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Lynn Dixon Gesendet: Sonntag, 23. Januar 2011 06:39 An: samba@lists.samba.org Betreff: [Samba] Trouble installing SWAT on a Samba 4 Alpha 13 build on Ubuntu Server Hello all, I have setup a complete domain using Samba 4 on my Ubuntu server 32 bit machine. I am using the Alpha 13 build (it was actually in the Ubuntu Repos). I am trying to setup swat to make it easier to manage shares. I have followed the instructions at https://github.com/rvelhote/GSoC-SWATbut I am having a few problems. When I run ./run I get the following errors: jenfab@dc:~/GSoC-SWAT$ sudo ./run Starting subprocess with file monitor Traceback (most recent call last): File /usr/local/bin/paster, line 9, in module load_entry_point('PasteScript==1.7.3', 'console_scripts', 'paster')() File /usr/lib/pymodules/python2.6/paste/script/command.py, line 84, in run invoke(command, command_name, options, args[1:]) File /usr/lib/pymodules/python2.6/paste/script/command.py, line 123, in invoke exit_code = runner.run(args) File /usr/lib/pymodules/python2.6/paste/script/command.py, line 218, in run result = self.command() File /usr/lib/pymodules/python2.6/paste/script/serve.py, line 276, in command relative_to=base, global_conf=vars) File /usr/lib/pymodules/python2.6/paste/script/serve.py, line 313, in loadapp **kw) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 204, in loadapp return loadobj(APP, uri, name=name, **kw) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 224, in loadobj global_conf=global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 248, in loadcontext global_conf=global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 278, in _loadconfig return loader.get_context(object_type, name, global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 409, in get_context section) File
Re: [Samba] Trouble installing SWAT on a Samba 4 Alpha 13 build onUbuntu Server
This could help you, http://www.resara.org/ EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de Von: t...@tms3.com [mailto:t...@tms3.com] Gesendet: Montag, 24. Januar 2011 15:53 An: Lynn Dixon Cc: muel...@tropenklinik.de; samba@lists.samba.org Betreff: Re: [Samba] Trouble installing SWAT on a Samba 4 Alpha 13 build onUbuntu Server I am not sure how to use Microsoft AD tools to create shares and then set those shares permissable to certain AD groups. For example, I need to create a share called Finance and only the people in Finance can read/write to it. I was hoping to use SWAT to help in creation and management of those shares. vi smb.conf (or your favorite text editor) add [finance] ...various parameter... valid users = @finance or write list = @finance read list = @finance I have been using AD tools to manage the domain and GPO's but I am not sure how to use them to create shares. You can see swat for samba4 here: https://github.com/rvelhote/GSoC-SWAT On Mon, Jan 24, 2011 at 5:03 AM, Daniel Müller muel...@tropenklinik.dewrote: I thought swat is no longer working!!Just use Microsoft ads tools and you are up and running. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: http://www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Lynn Dixon Gesendet: Sonntag, 23. Januar 2011 06:39 An: samba@lists.samba.org Betreff: [Samba] Trouble installing SWAT on a Samba 4 Alpha 13 build on Ubuntu Server Hello all, I have setup a complete domain using Samba 4 on my Ubuntu server 32 bit machine. I am using the Alpha 13 build (it was actually in the Ubuntu Repos). I am trying to setup swat to make it easier to manage shares. I have followed the instructions at https://github.com/rvelhote/GSoC-SWATbut I am having a few problems. When I run ./run I get the following errors: jenfab@dc:~/GSoC-SWAT$ sudo ./run Starting subprocess with file monitor Traceback (most recent call last): File /usr/local/bin/paster, line 9, in module load_entry_point('PasteScript==1.7.3', 'console_scripts', 'paster')() File /usr/lib/pymodules/python2.6/paste/script/command.py, line 84, in run invoke(command, command_name, options, args[1:]) File /usr/lib/pymodules/python2.6/paste/script/command.py, line 123, in invoke exit_code = runner.run(args) File /usr/lib/pymodules/python2.6/paste/script/command.py, line 218, in run result = self.command() File /usr/lib/pymodules/python2.6/paste/script/serve.py, line 276, in command relative_to=base, global_conf=vars) File /usr/lib/pymodules/python2.6/paste/script/serve.py, line 313, in loadapp **kw) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 204, in loadapp return loadobj(APP, uri, name=name, **kw) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 224, in loadobj global_conf=global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 248, in loadcontext global_conf=global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 278, in _loadconfig return loader.get_context(object_type, name, global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 409, in get_context section) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 431, in _context_from_use object_type, name=use, global_conf=global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 361, in get_context global_conf=global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 248, in loadcontext global_conf=global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 285, in _loadegg return loader.get_context(object_type, name, global_conf) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 561, in get_context object_type, name=name) File /usr/lib/pymodules/python2.6/paste/deploy/loadwsgi.py, line 587, in find_egg_entry_point possible.append((entry.load(), protocol, entry.name)) File /usr/lib/python2.6/dist-packages/pkg_resources.py, line 1954, in load entry = __import__(self.module_name, globals(),globals(), ['__name__']) ImportError: No module named swat.config.middleware Any suggestions as to where to go from here? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions:
Re: [Samba] Shutting down WinXP Pro instance
Thanks again for the help... I looked at Force shutdown from a remote system and it already had Administrators in there; I had already added ATHOME\root included as a group member. I added it explicitly into that list but it made no difference. As for using the NetBIOS name that made no difference; in fact I think it didn't resolve at all: == [root@server0 samba]# net rpc shutdown -I HDA -U root Enter root's password: Shutdown of remote machine failed result was: WERR_ACCESS_DENIED [root@server0 samba]# net rpc shutdown -I 10.1.0.154 -U root Enter root's password: Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER == The detailed debug output of using the IP is below: == [root@server0 samba]# net rpc shutdown -d 10 -I 10.1.0.154 -U root [2011/01/25 05:41:26, 5] lib/debug.c:407(debug_dump_status) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 registry: False/0 [2011/01/25 05:41:26, 3] param/loadparm.c:9039(lp_load_ex) lp_load_ex: refreshing parameters [2011/01/25 05:41:26, 3] param/loadparm.c:4848(init_globals) Initialising global parameters [2011/01/25 05:41:26, 2] param/loadparm.c:4707(max_open_files) rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) [2011/01/25 05:41:26, 3] ../lib/util/params.c:550(pm_process) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf [2011/01/25 05:41:26, 3] param/loadparm.c:7726(do_section) Processing section [global] doing parameter workgroup = ATHOME doing parameter server string = at.home doing parameter netbios name = hda [2011/01/25 05:41:26, 4] param/loadparm.c:7088(handle_netbios_name) handle_netbios_name: set global_myname to: HDA doing parameter printing = cups doing parameter printcap name = cups doing parameter load printers = yes doing parameter cups options = raw doing parameter log file = /var/log/samba/%m.log doing parameter log level = 0 doing parameter max log size = 150 doing parameter socket options = TCP_NODELAY doing parameter preferred master = yes doing parameter os level = 65 doing parameter domain master = yes doing parameter local master = yes doing parameter admin users = homeadmin doing parameter domain logons = yes doing parameter logon path = \\%L\profiles\%U doing parameter logon drive = H: doing parameter logon home = \\%L\%U doing parameter time server = yes doing parameter unix extensions = no doing parameter wide links = yes doing parameter veto files = /*.nws/riched20.dll/*.{*}/ doing parameter security = user doing parameter username map script = /usr/share/hda-platform/hda-usermap doing parameter large readwrite = yes doing parameter encrypt passwords = yes doing parameter dos charset = CP850 doing parameter unix charset = UTF8 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UCS-2LE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UCS-2LE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF-16LE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF-16LE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UCS-2BE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UCS-2BE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF-16BE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF-16BE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF8 [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF8 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF-8 [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF-8 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset ASCII [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset ASCII [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset 646 [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset 646
[Samba] Logon hours allowed
Could someone be kind enough to clue me in as to how to set Logon hours allowed? I've only found one instance of even referencing this topic: http://www.webservertalk.com/message413870.html And even this guy got no answers. This is my workstation output: == H:\net user testuser0 /DOMAIN The request will be processed at a domain controller for domain ATHOME. User nametestuser0 Full NameTest User Comment User's comment Country code 000 (System Default) Account active Yes Account expires Never Password last set1/24/2011 10:08 PM Password expires Never Password changeable 1/24/2011 10:08 PM Password requiredYes User may change password Yes Workstations allowed All Logon script logon.bat User profile \\HDA\profiles\testuser0 Home directory \\HDA\testuser0 Last logon Never Logon hours allowed All Local Group Memberships Global Group memberships *Domain Users The command completed successfully. == Thanks in advance... - Joe If you type Google into Google, you can break the Internet. -- Jen Barber -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ERRNO=Operation not permitted in Logs
I'm receiving the following errors in my system logs... Log Jan 24 11:25:06 localhost nmbd[1276]: [2011/01/24 11:25:06.840799, 0] libsmb/nmblib.c:839(send_udp) Jan 24 11:25:06 localhost nmbd[1276]: Packet send failed to 10.40.0.124(138) ERRNO=Operation not permitted Jan 24 14:01:59 localhost nmbd[1276]: [2011/01/24 14:01:58.622688, 0] libsmb/nmblib.c:839(send_udp) Jan 24 14:01:59 localhost nmbd[1276]: Packet send failed to 10.40.0.58(138) ERRNO=Operation not permitted Jan 25 04:47:53 localhost nmbd[1276]: [2011/01/25 04:47:53.176812, 0] libsmb/nmblib.c:839(send_udp) Jan 25 04:47:53 localhost nmbd[1276]: Packet send failed to 10.40.0.42(138) ERRNO=Operation not permitted /Log This is on a Samba BDC on a remote subnet (PI-VPN) from the PDC both with an LDAP backend. The LDAP directory is replicated to the remote sever via syncrepl. Everything appears to be working fine but I'm curious what would be causing these errors to occur at random. Any ideas are greatly appreciated. -- Christopher Springer IS/IT Systems Administrator csprin...@brcrp.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ERRNO=Operation not permitted in Logs
On Tue, Jan 25, 2011 at 09:11:01AM -0500, Christopher Springer wrote: I'm receiving the following errors in my system logs... Log Jan 24 11:25:06 localhost nmbd[1276]: [2011/01/24 11:25:06.840799, 0] libsmb/nmblib.c:839(send_udp) Jan 24 11:25:06 localhost nmbd[1276]: Packet send failed to 10.40.0.124(138) ERRNO=Operation not permitted Jan 24 14:01:59 localhost nmbd[1276]: [2011/01/24 14:01:58.622688, 0] libsmb/nmblib.c:839(send_udp) Jan 24 14:01:59 localhost nmbd[1276]: Packet send failed to 10.40.0.58(138) ERRNO=Operation not permitted Jan 25 04:47:53 localhost nmbd[1276]: [2011/01/25 04:47:53.176812, 0] libsmb/nmblib.c:839(send_udp) Jan 25 04:47:53 localhost nmbd[1276]: Packet send failed to 10.40.0.42(138) ERRNO=Operation not permitted /Log Firewall? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Logon hours allowed
2011/1/25 Joe Tseng joe_ts...@hotmail.com: Could someone be kind enough to clue me in as to how to set Logon hours allowed? As far as I know, it can be set from Windows only. I've only found one instance of even referencing this topic: http://www.webservertalk.com/message413870.html As far as I experienced, this can be set but does not work at Samba 3.0.7 and Samba 3.2.5. --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Shutting down WinXP Pro instance
2011/1/25 Joe Tseng joe_ts...@hotmail.com: Thanks again for the help... I looked at Force shutdown from a remote system and it already had Administrators in there; I had already added ATHOME\root included as a group member. I added it explicitly into that list but it made no difference. I examined 'net' of Samba 3.5.6 and it works fine: - $ net rpc shutdown -S 192.168.135.131 -r -U administrator%password Shutdown of remote machine succeeded - 192.168.135.131 is the IP address for Windows XP SP3 box. TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ERRNO=Operation not permitted in Logs
I verified that the Windows XP firewall and our anti-virus/anti-malware is not blocking any of the traffic. Are there any other possibilities/reasons this error might occur in the log? Thanks for the insight! -- Christopher Springer IS/IT Systems Administrator csprin...@brcrp.com On 01/25/2011 09:32 AM, Volker Lendecke wrote: On Tue, Jan 25, 2011 at 09:11:01AM -0500, Christopher Springer wrote: I'm receiving the following errors in my system logs... Log Jan 24 11:25:06 localhost nmbd[1276]: [2011/01/24 11:25:06.840799, 0] libsmb/nmblib.c:839(send_udp) Jan 24 11:25:06 localhost nmbd[1276]: Packet send failed to 10.40.0.124(138) ERRNO=Operation not permitted Jan 24 14:01:59 localhost nmbd[1276]: [2011/01/24 14:01:58.622688, 0] libsmb/nmblib.c:839(send_udp) Jan 24 14:01:59 localhost nmbd[1276]: Packet send failed to 10.40.0.58(138) ERRNO=Operation not permitted Jan 25 04:47:53 localhost nmbd[1276]: [2011/01/25 04:47:53.176812, 0] libsmb/nmblib.c:839(send_udp) Jan 25 04:47:53 localhost nmbd[1276]: Packet send failed to 10.40.0.42(138) ERRNO=Operation not permitted /Log Firewall? Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ERRNO=Operation not permitted in Logs
2011/1/26 Christopher Springer csprin...@brcrp.com: I verified that the Windows XP firewall and our anti-virus/anti-malware is not blocking any of the traffic. Are there any other possibilities/reasons this error might occur in the log? On Tue, Jan 25, 2011 at 09:11:01AM -0500, Christopher Springer wrote: I'm receiving the following errors in my system logs... Log Jan 24 11:25:06 localhost nmbd[1276]: [2011/01/24 11:25:06.840799, 0] libsmb/nmblib.c:839(send_udp) Jan 24 11:25:06 localhost nmbd[1276]: Packet send failed to 10.40.0.124(138) ERRNO=Operation not permitted (snip) Firewall? Volker You will shutdown outbound udp packet by firewall on Linux, not Windows XP side. google: Operation not permitted udp will help you. Use iptables command or GUI interface to open correct ports such as tcp/139, tcp/445, udp/138, udp/137. --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Upgrading from 3.0.23 but group_mapping.tdb is empty on current config
2011/1/25 sgbarr...@eircom.net: I have inherited a CentOS 4 Samba 3.0.23 PDC file server for 40 hosts that has been through the wars. It is standalone and stable and uses the smbpasswd file authentication backend, however I need to upgrade for Windows 7 support. I intend to build a server from scratch to the latest packages in CentOS 5 (3.3.8), set an identical local SID for the domain name, bring across the smbpasswd file and then migrate to a tdbsam passdb when I am confident that there are no issues. In practically every Samba PDC guide I have read it says that I need to map the Windows domain groups to unix groups. On the current server, the net groupmap list command does not return any output. Running 'strings' against /var/lib/samba/group_mapping.tdb shows the following entries: (snip) That suggests to me that the group_mapping.tdb file has entries for three different domains for the groups Domain Admins, Domain Users and Domain Guests, but that none of them is my domain. Is this correct? We are not running any other domains here. Use tdbdump or such correct tools to look at the contents of tdb files. On the current server, the net groupmap list command does not return any output. As far as I examined, at Samba 3.0.24 or later, these 3 groups are not pre-defined. If your current server means newer Samba 3.3.8 server, it is OK not to return any output. I also think that I will need to map Windows groups to unix groups on the new server. Will this cause any trouble, given that the Windows machines aren't expecting it? Currently no domain groups are available in Windows. Access to the shares is managed at the Linux filesystem level with 'valid users' flags in the share options. Not required, but is recommended. For example, domain admins should be added to local administrators on every joined machine. domian users should be the primary group of every newly created domain user on Windows's implementation. Not to create these groups will break these compatibilities. --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Windows 7/Samba unable to log in via name, works by IP
Hi, I'm hoping someone can help with this. We have a 3.3.8 Samba server, on Centos 5.5 64, security DOMAIN, works beautifully with XP. When windows 7 systems attempt to log in via \\NAME, the login window just continually repeats, but they can login successfully when using \\IP_ADDRESS Samba log shows the below in response to windows 7 login attempts. [2011/01/25 10:08:26, 0] lib/util_sock.c:get_peer_addr_internal(1676) getpeername failed. Error was Transport endpoint is not connected read_socket_with_timeout: client 0.0.0.0 read error = Connection reset by peer. smb.conf [global] workgroup = DOMAIN realm = DOMAIN.COM server string = andromeda security = DOMAIN password server = PASSWORD_JP log file = /var/log/samba/samba.log max log size = 250 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = No domain master = No dns proxy = No wins server = WINS_SERVER ldap ssl = No idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 create mask = 0666 directory mask = 0777 # disable cups printing to stop log spam printcap name = /etc/printcap smb ports = 445 139 client lanman auth = yes client ntlmv2 auth = yes lanman auth = yes ntlm auth = yes hide files = /lost+found/,.*/ template shell = /bin/false winbind use default domain = yes So far, we've tried: smb ports = 139 changing windows 7 Network security settings (LAN Manager authentication level and Minimum session security) added the auth lines to the smb.conf valid users = %S The domain controllers are 2 x Windows Server 2000 and 1 x Windows Server 2008. Could that be part of the problem? We will be replacing the Windows Server 2000 systems shortly, but would like to fix this sooner if possible. Any ideas? Thanks, Jay -- Jeremiah Coleman Systems Administrator C C Technologies 337-735-3741 Extension 3421 jay.cole...@cctechnol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UID Matching
On Tue, Jan 18, 2011 at 6:32 PM, Gaiseric Vandal gaiseric.van...@gmail.comwrote: As a disclaimer, I am not using samba as a AD member server- although I am also thinking about how I might make that happen. I am reading the man page for idmap_ad. The idmap_ad plugin provides a way for Winbind to read id mappings from an AD server that uses RFC2307/SFU schema extensions. This module implements only the idmap API, and is READONLY. Mappings must be provided in advance by the administrator by adding the posixAccount/posixGroup classes and relative attribute/value pairs to the user and group objects in the AD. So on closer reading it does suggest it will pick up the unix UID and unix GID directly from AD.I had confused this earlier with the idmap_rid backend. Are you also using autofs for your unix clients? On 01/18/2011 05:35 PM, Brian D. McGrew wrote: Samba shd allocate unix id's for your windows accounts, but unfortunately they will not end up being the same as your existing uid's. - Is there any way around this? Perhaps Windows Services for Unix? Will Samba read the Unix UID from SFU if it's installed??? I _HAVE_ to get the UID's to match. Not all my Windows users use Unix, but, ALL my Unix users use Windows --- and the Windows users also need access to all the files. Without getting the UID's to match up, I don't see how I'm going to make this work... Unless, I'm thinking shortsighted and there is other info I'm unaware of? -b -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba group map + rid may solve your problem. Force samba to write with a same gid as nfs and make the dir setgid. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] LDAP PDC: Can join domain, but cannot login afterwards.
On Tue, Jan 18, 2011 at 1:03 PM, Farhan Ahmad far...@thebitguru.com wrote: Hi, I am setting up a PDC with LDAP, but having no luck with it. Basically, the Win XP computer successfully joins the domain, but after restarting when I try to login it says The system cannot log you on now because the domain THEBITGURU.LAN is not available. I am running a Ubuntu 10.10 server with Samba 3.5.4 and OpenLDAP 2.4.3 (slapd). I have compressed all of the samba logs (/var/log/samba) files along with the smb.conf: http://www.thebitguru.com/site_media/uploads/samba_troubleshooting.tar.gz I turned up the logging (log level = 4) and created a folder with the log files after each step. Below is what I have gathered so far about the different steps. *Relevant Notes* 1. I installed ClearOS on another virtual machine and set it up as a PDC. This same WinXP virtual machine successfully joined that domain and was able to login without any issues. So, I am concluding that the client is setup correctly. 1. I even tried comparing the smb.conf files and updating the one my actual server, but no luck. 2. Another Windows 7 machine with the changes listed on http://wiki.samba.org/index.php/Windows7 behaves similarly, i.e. cannot login after joining the domain. 3. I can mount the share (\\visionary\shared) served by this server on both WinXP and Windows 7 without any issues. This tells me that the authentication with the LDAP server is working OK. * * *Domain Join (log files in after_domain_join folder)* 1. Note how the sending machine correctly sent the user and domains in this case. [2011/01/18 10:24:35.521835, 3] libsmb/ntlmssp.c:747(ntlmssp_server_auth) Got user=[root] domain=[THEBITGURU.LAN] workstation=[VIRTUALXP-32744] len1=24 len2=24 2. Also, note that the user authentication and mapping seemed to work OK in this case. [2011/01/18 10:24:35.521954, 3] auth/auth.c:219(check_ntlm_password) check_ntlm_password: mapped user is: [THEBITGURU.LAN]\[root]@[VIRTUALXP-32744] . . . [2011/01/18 10:24:35.523891, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: root 3. Even though the Win XP system says that it joined the domain OK, the following output in the log file seems suspicious. This is at the end of log.virtualxp-32744. [2011/01/18 10:24:36.932921, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2011/01/18 10:24:36.933031, 3] smbd/server.c:906(exit_server_common) Server exit (failed to receive smb request) *First Failed Login** (log files in after_first_failed_login folder)* 1. Unlike #1 above, in this case we neither see the user nor the domain. I think this is where the problem lies. [2011/01/18 10:26:01.920055, 3] libsmb/ntlmssp.c:747(ntlmssp_server_auth) Got user=[] domain=[] workstation=[VIRTUALXP-32744] len1=1 len2=0 2. The server still falls back to the domain, but still no user. [2011/01/18 10:26:01.920172, 3] auth/auth.c:219(check_ntlm_password) check_ntlm_password: mapped user is: [THEBITGURU.LAN]\[]@[VIRTUALXP-32744] 3. So it goes looking for the guest user. [2011/01/18 10:26:01.922536, 3] auth/auth.c:265(check_ntlm_password) check_ntlm_password: guest authentication for user [] succeeded 4. There might be other weird things, for instance, the Server exit (failed to receive smb request) message, but I can figure out the issue with #1 then I am thinking that the rest will be fixed. I have tried a lot of stuff, but haven't had any luck. What should I do next to fix this issue? Thanks! Farhan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba It looks to me like communication issue. Put tcpdump and check for dropped packets. Is there a firewall between the systems? Does the kinit username works? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 7/Samba unable to log in via name, works by IP
Hi, I'm hoping someone can help with this. We have a 3.3.8 Samba server, on Centos 5.5 64, security DOMAIN, works beautifully with XP. When windows 7 systems attempt to log in via \\NAME, the login window just continually repeats, but they can login successfully when using \\IP_ADDRESS Samba log shows the below in response to windows 7 login attempts. [2011/01/25 10:08:26, 0] lib/util_sock.c:get_peer_addr_internal(1676) getpeername failed. Error was Transport endpoint is not connected read_socket_with_timeout: client 0.0.0.0 read error = Connection reset by peer. Try this registry change in Win7 HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 smb.conf [global] workgroup = DOMAIN realm = DOMAIN.COM server string = andromeda security = DOMAIN password server = PASSWORD_JP log file = /var/log/samba/samba.log max log size = 250 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = No domain master = No dns proxy = No wins server = WINS_SERVER ldap ssl = No idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 create mask = 0666 directory mask = 0777 # disable cups printing to stop log spam printcap name = /etc/printcap smb ports = 445 139 client lanman auth = yes client ntlmv2 auth = yes lanman auth = yes ntlm auth = yes hide files = /lost+found/,.*/ template shell = /bin/false winbind use default domain = yes So far, we've tried: smb ports = 139 changing windows 7 Network security settings (LAN Manager authentication level and Minimum session security) added the auth lines to the smb.conf valid users = %S The domain controllers are 2 x Windows Server 2000 and 1 x Windows Server 2008. Could that be part of the problem? We will be replacing the Windows Server 2000 systems shortly, but would like to fix this sooner if possible. Any ideas? Thanks, Jay -- Jeremiah Coleman Systems Administrator C C Technologies 337-735-3741 Extension 3421 jay.cole...@cctechnol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Shutting down WinXP Pro instance
I re-registered the workstation with the PDC to create an interdomain trust account: smbldap-userdel vm-xppro$ smbldap-useradd -w -i vm-xppro$ I can get Samba to find my workstation's IP address; shutdown needs an IP address and will not use a NetBIOS name: == [root@server0 samba]# net lookup vm-xppro 10.1.0.154 [root@server0 samba]# net rpc shutdown -I vm-xppro -U root Invalid ip address specified == ...And no I still can't shutdown using net rpc shutdown -d 10 -I 10.1.0.154 -U root. :( - Joe From: t...@tms3.com To: joe_ts...@hotmail.com Subject: Re: [Samba] Shutting down WinXP Pro instance Date: Tue, 25 Jan 2011 06:48:30 -0800 On Tuesday 25/01/2011 at 2:58 am, Joe Tseng wrote: Thanks again for the help... I looked at Force shutdown from a remote system and it already had Administrators in there; I had already added ATHOME\root included as a group member. I added it explicitly into that list but it made no difference. As for using the NetBIOS name that made no difference; in fact I think it didn't resolve at all: Then that IS a problem. The names need to resolve for trust to be determined. == [root@server0 samba]# net rpc shutdown -I HDA -U root Enter root's password: Shutdown of remote machine failed result was: WERR_ACCESS_DENIED [root@server0 samba]# net rpc shutdown -I 10.1.0.154 -U root Enter root's password: Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER Could not connect to server 10.1.0.154 Connection failed: NT_STATUS_INVALID_PARAMETER == The detailed debug output of using the IP is below: == [root@server0 samba]# net rpc shutdown -d 10 -I 10.1.0.154 -U root [2011/01/25 05:41:26, 5] lib/debug.c:407(debug_dump_status) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 registry: False/0 [2011/01/25 05:41:26, 3] param/loadparm.c:9039(lp_load_ex) lp_load_ex: refreshing parameters [2011/01/25 05:41:26, 3] param/loadparm.c:4848(init_globals) Initialising global parameters [2011/01/25 05:41:26, 2] param/loadparm.c:4707(max_open_files) rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) [2011/01/25 05:41:26, 3] ../lib/util/params.c:550(pm_process) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf [2011/01/25 05:41:26, 3] param/loadparm.c:7726(do_section) Processing section [global] doing parameter workgroup = ATHOME doing parameter server string = at.home doing parameter netbios name = hda [2011/01/25 05:41:26, 4] param/loadparm.c:7088(handle_netbios_name) handle_netbios_name: set global_myname to: HDA doing parameter printing = cups doing parameter printcap name = cups doing parameter load printers = yes doing parameter cups options = raw doing parameter log file = /var/log/samba/%m.log doing parameter log level = 0 doing parameter max log size = 150 doing parameter socket options = TCP_NODELAY doing parameter preferred master = yes doing parameter os level = 65 doing parameter domain master = yes doing parameter local master = yes doing parameter admin users = homeadmin doing parameter domain logons = yes doing parameter logon path = \\%L\profiles\%U doing parameter logon drive = H: doing parameter logon home = \\%L\%U doing parameter time server = yes doing parameter unix extensions = no doing parameter wide links = yes doing parameter veto files = /*.nws/riched20.dll/*.{*}/ doing parameter security = user doing parameter username map script = /usr/share/hda-platform/hda-usermap doing parameter large readwrite = yes doing parameter encrypt passwords = yes doing parameter dos charset = CP850 doing parameter unix charset = UTF8 [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UCS-2LE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UCS-2LE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UTF-16LE [2011/01/25 05:41:26, 5] lib/iconv.c:112(smb_register_charset) Registered charset UTF-16LE [2011/01/25 05:41:26, 5] lib/iconv.c:104(smb_register_charset) Attempting to register new charset UCS-2BE [2011/01/25 05:41:26, 5]
[Samba] Changing passwords from Windows
Is it possible for a user to change his/her password from Windows? I tried it out last night as a test user against my PDC and it only changed for Samba; I was still able to log into the PDC via SSH using the previous password. (I changed it for the test user as root and it took for both SSH and Windows.) I tried to use smbldap-passwd as the test user, but I got a message back saying I had insufficient privileges: == [testuser0@server0 ~]$ smbldap-passwd Identity validation... enter your UNIX password: Changing UNIX and samba passwords for testuser0 New password: Retype new password: Failed to modify SMB password: Insufficient access at /usr/sbin/smbldap-passwd line 238, STDIN line 3. Failed to modify UNIX password: Insufficient access at /usr/sbin/smbldap-passwd line 285, STDIN line 3. == Thanks for everyone's help, - Joe If you type Google into Google, you can break the Internet. -- Jen Barber -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Shutting down WinXP Pro instance
[] ...And no I still can't shutdown using net rpc shutdown -d 10 -I 10.1.0.154 -U root. [] :( [] - Joe You might have to set this: To enable/disable the shutdown in Windows XP/2003 without logging in: 1.Start the Local Security Policies snapin 2.In the tree-view go to Local Policies - Security Options 3.Change the option Shutdown: Allow system to be shut down without having to log on Also, there is no root user in Windows... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Shutting down WinXP Pro instance
Enable privileges=yes in your global config Add user administrator to samba Then add administrator to the Domain Admins The next steps look here: http://book.opensourceproject.org.cn/sysadmin/samba/howto2nd/opensource/0131 882228/ch12lev1sec5.html Then: My System: [root@ctdb1 ~]# net rpc rights list -U root%password SeMachineAccountPrivilege Add machines to domain SeTakeOwnershipPrivilege Take ownership of files or other objects SeBackupPrivilege Back up files and directories SeRestorePrivilege Restore files and directories SeRemoteShutdownPrivilege Force shutdown from a remote system SePrintOperatorPrivilege Manage printers SeAddUsersPrivilege Add users and groups to the domain SeDiskOperatorPrivilege Manage disk shares net rpc rights grant Administrator SeRemoteShutdownPrivilege -U Administrator%password --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von compdoc Gesendet: Mittwoch, 26. Januar 2011 03:24 An: 'Joe Tseng'; 'samba list' Betreff: Re: [Samba] Shutting down WinXP Pro instance [] ...And no I still can't shutdown using net rpc shutdown -d 10 -I 10.1.0.154 -U root. [] :( [] - Joe You might have to set this: To enable/disable the shutdown in Windows XP/2003 without logging in: 1.Start the Local Security Policies snapin 2.In the tree-view go to Local Policies - Security Options 3.Change the option Shutdown: Allow system to be shut down without having to log on Also, there is no root user in Windows... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 07ccc29 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) via 5d8ada5 s3-masktest: Fix cli_errstr() usage (part of bug #7864) via 09c612f s3-smbclient: Fix cli_errstr() usage (part of bug #7864) via 99f8f5e s3-torture: Fix cli_errstr() usage (part of bug #7864) via 3bb212a s3-docs: fix deldriver option via b8d5ee9 s3-docs: add some long opts to smbclient(1) man from 5b83923 s4-waf: Skip header-not-found cache if a library is specified, as it may provide additional C flags. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 07ccc2905dc5d0d74dc688ff830f504ea9665029 Author: Björn Baumbach b...@sernet.de Date: Thu Jan 20 14:38:30 2011 +0100 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue Jan 25 11:41:53 CET 2011 on sn-devel-104 commit 5d8ada549e629cfe53ed973d66f5fcf0a3bd0a8c Author: Björn Baumbach b...@sernet.de Date: Thu Jan 20 14:08:42 2011 +0100 s3-masktest: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org commit 09c612f377749b79b850ee6c52ae49699e256359 Author: Björn Baumbach b...@sernet.de Date: Mon Jan 17 12:02:39 2011 +0100 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org commit 99f8f5e5945c5cd694dbb37fa947c04a24e25957 Author: Björn Baumbach b...@sernet.de Date: Mon Jan 17 13:03:05 2011 +0100 s3-torture: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org commit 3bb212a3a96164121d345a8c8f81294b0f988261 Author: Björn Baumbach b...@sernet.de Date: Mon Jan 17 09:51:45 2011 +0100 s3-docs: fix deldriver option Signed-off-by: Stefan Metzmacher me...@samba.org commit b8d5ee9de3bb8c24efd2a7fab89d7d814b98aa2d Author: Björn Baumbach b...@sernet.de Date: Fri Jan 14 12:35:55 2011 +0100 s3-docs: add some long opts to smbclient(1) man Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: docs-xml/manpages-3/rpcclient.1.xml |2 +- docs-xml/manpages-3/smbclient.1.xml |4 ++-- source3/client/client.c | 28 source3/torture/locktest.c | 13 ++--- source3/torture/masktest.c | 11 ++- 5 files changed, 31 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages-3/rpcclient.1.xml b/docs-xml/manpages-3/rpcclient.1.xml index 8d517ae..f660b89 100644 --- a/docs-xml/manpages-3/rpcclient.1.xml +++ b/docs-xml/manpages-3/rpcclient.1.xml @@ -267,7 +267,7 @@ Comma Separated list of Files /listitem/varlistentry - varlistentrytermdeldriver/termlistitemparaDelete the + varlistentrytermdeldriver lt;drivergt;/termlistitemparaDelete the specified printer driver for all architectures. This does not delete the actual driver files from the server, only the entry from the server's list of drivers. diff --git a/docs-xml/manpages-3/smbclient.1.xml b/docs-xml/manpages-3/smbclient.1.xml index 9efca50..ae11e8a 100644 --- a/docs-xml/manpages-3/smbclient.1.xml +++ b/docs-xml/manpages-3/smbclient.1.xml @@ -261,7 +261,7 @@ /varlistentry varlistentry - term-P/term + term-P|--machine-pass/term listitempara Make queries to the external server using the machine account of the local server. /para/listitem @@ -317,7 +317,7 @@ /varlistentry varlistentry - term-e/term + term-e|--encrypt/term listitemparaThis command line parameter requires the remote server support the UNIX extensions. Request that the connection be encrypted. This is new for Samba 3.2 and will only work with Samba diff --git a/source3/client/client.c b/source3/client/client.c index 33c1a24..3e48b01 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -1108,13 +1108,15 @@ static int do_get(const char *rname, const char *lname_in, bool reget) } - if (!NT_STATUS_IS_OK(cli_qfileinfo_basic( -targetcli, fnum, attr, size, NULL, NULL, -NULL, NULL, NULL)) -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c9f4fad idl: add file_id idl. via f0b3c72 s3-libndr: remove cmdline_lp_ctx. via dd35fe1 waf: share libndr.so between samba3 and samba4. via 7eac310 libndr: move ndr_print_bool to ndr_basic.c via 62e1c80 s3-waf: add PKGCONFIGDIR. from 07ccc29 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c9f4fad75cf9749709cbebfe55c59f3c2d01858e Author: Günther Deschner g...@samba.org Date: Tue Jan 25 02:42:59 2011 +0100 idl: add file_id idl. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Tue Jan 25 12:27:00 CET 2011 on sn-devel-104 commit f0b3c72bcc119f497a4379c549bc55fb1031ce90 Author: Günther Deschner g...@samba.org Date: Tue Jan 25 02:52:18 2011 +0100 s3-libndr: remove cmdline_lp_ctx. Guenther commit dd35fe181c2397a970fa956afa5f4da534841b99 Author: Günther Deschner g...@samba.org Date: Tue Jan 25 02:01:56 2011 +0100 waf: share libndr.so between samba3 and samba4. Guenther commit 7eac3100ea77eca64152444336180418938d5843 Author: Günther Deschner g...@samba.org Date: Tue Jan 25 00:52:10 2011 +0100 libndr: move ndr_print_bool to ndr_basic.c Guenther commit 62e1c80cf532681c02ecd2ddcb7c920381a0465e Author: Günther Deschner g...@samba.org Date: Tue Jan 25 00:47:05 2011 +0100 s3-waf: add PKGCONFIGDIR. Guenther --- Summary of changes: librpc/idl/file_id.idl| 14 librpc/idl/wscript_build |2 +- librpc/ndr/libndr.h |2 + librpc/ndr/ndr_basic.c|5 librpc/wscript_build | 15 + source3/Makefile.in |2 +- source3/build/dynconfig.py|1 + source3/include/locking.h |9 +--- source3/include/proto.h |4 --- source3/librpc/idl/notify.idl |2 + source3/librpc/ndr/util.c | 46 - source3/librpc/wscript_build |2 +- source3/wscript_build | 14 +++- source4/librpc/wscript_build | 11 - 14 files changed, 47 insertions(+), 82 deletions(-) create mode 100644 librpc/idl/file_id.idl Changeset truncated at 500 lines: diff --git a/librpc/idl/file_id.idl b/librpc/idl/file_id.idl new file mode 100644 index 000..cd1febe --- /dev/null +++ b/librpc/idl/file_id.idl @@ -0,0 +1,14 @@ +[ + pointer_default(unique) +] +interface file_id +{ + typedef [public] struct { + /* we don't use SMB_DEV_T and SMB_INO_T as we want a fixed size here, + and we may be using file system specific code to fill in something + other than a dev_t for the device */ + udlong devid; + udlong inode; + udlong extid; /* Support systems that use an extended id (e.g. snapshots). */ + } file_id; +} diff --git a/librpc/idl/wscript_build b/librpc/idl/wscript_build index 2d65d74..7342228 100644 --- a/librpc/idl/wscript_build +++ b/librpc/idl/wscript_build @@ -3,7 +3,7 @@ bld.SAMBA_PIDL_LIST('PIDL', '''atsvc.idl drsuapi.idl epmapper.idl initshutdown.idl misc.idl ntlmssp.idl schannel.idl trkwks.idl - audiosrv.idl dfsblobs.idl dsbackup.idl eventlog.idl keysvc.idl + audiosrv.idl dfsblobs.idl dsbackup.idl eventlog.idl file_id.idl keysvc.idl msgsvc.idl ntsvcs.idl remact.idl security.idl unixinfo.idl wzcsvc.idl browser.idl dfs.idl dssetup.idl frsapi.idl krb5pac.idl named_pipe_auth.idl orpc.idl rot.idl spoolss.idl w32time.idl xattr.idl diff --git a/librpc/ndr/libndr.h b/librpc/ndr/libndr.h index 06cc93a..ff20755 100644 --- a/librpc/ndr/libndr.h +++ b/librpc/ndr/libndr.h @@ -571,4 +571,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_enum_uint16(struct ndr_push *ndr, int ndr_fl _PUBLIC_ enum ndr_err_code ndr_push_enum_uint32(struct ndr_push *ndr, int ndr_flags, uint32_t v); _PUBLIC_ enum ndr_err_code ndr_push_enum_uint1632(struct ndr_push *ndr, int ndr_flags, uint16_t v); +_PUBLIC_ void ndr_print_bool(struct ndr_print *ndr, const char *name, const bool b); + #endif /* __LIBNDR_H__ */ diff --git a/librpc/ndr/ndr_basic.c b/librpc/ndr/ndr_basic.c index ff207f4..d628faa 100644 --- a/librpc/ndr/ndr_basic.c +++ b/librpc/ndr/ndr_basic.c @@ -1208,3 +1208,8 @@ _PUBLIC_ uint32_t ndr_size_DATA_BLOB(int ret, const DATA_BLOB *data, int flags) if (!data) return ret; return ret + data-length; } + +_PUBLIC_ void ndr_print_bool(struct ndr_print *ndr, const char *name, const bool b) +{ + ndr-print(ndr, %-25s: %s, name, b?true:false); +} diff --git a/librpc/wscript_build
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 932911e s4:ldap.py - check the write protection on LSA objects via 3468f8d s4:dsdb/samdb/ldb_modules/objectclass.c - move LSA specific object checks into objectclass_attrs LDB module from c9f4fad idl: add file_id idl. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 932911e1e1c09caa51a5c7a574987cab6ecb16e4 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Mon Jan 17 13:52:00 2011 +0100 s4:ldap.py - check the write protection on LSA objects Signed-off-by: Andrew Bartlett abart...@samba.org Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Tue Jan 25 13:09:41 CET 2011 on sn-devel-104 commit 3468f8de1e408389bd12f2d3f5294bd835431a05 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Dec 21 12:24:30 2010 +0100 s4:dsdb/samdb/ldb_modules/objectclass.c - move LSA specific object checks into objectclass_attrs LDB module LSA object classes are protected on both LDAP add and LDAP modify operations, so I've refactored the previous check in the objectclass LDB module only for LDAP adds in a new one in the objectclass_attrs LDB module for both adds and modifies. This is the result of the investigations done by Hongwei Sun and I in the last months. Interestingly these protection mechansim doesn't apply on LDAP deletes! Signed-off-by: Andrew Bartlett abart...@samba.org --- Summary of changes: source4/dsdb/samdb/ldb_modules/objectclass.c | 31 - source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 30 - source4/dsdb/tests/python/ldap.py | 35 +--- 3 files changed, 59 insertions(+), 37 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index b72b9bb..39f456d 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -565,37 +565,6 @@ static int objectclass_do_add(struct oc_context *ac) for (current = sorted; current; current = current-next) { const char *objectclass_name = current-objectclass-lDAPDisplayName; - /* LSA-specific objectclasses per default not -* allowed to be created over LDAP, so we need -* to tell if this connection is LDAP (ie -* marked as untrusted), and if the client is -* adding these particular objectClass values -* we must reject */ - - /* Hongwei Sun from Microsoft explians: - The constraint in 3.1.1.5.2.2 MS-ADTS means that the TDO - cannot be added through LDAP interface, instead it can only be - created through LSA Policy API. This is also explained in - 7.1.6.9.7 MS-ADTS as follows: - - Despite being replicated normally between peer DCs in a domain, - the process of creating or manipulating TDOs is specifically - restricted to the LSA Policy APIs, as detailed in [MS-LSAD] section - 3.1.1.5. Unlike other objects in the DS, TDOs may not be created or - manipulated by client machines over the LDAPv3 transport. - */ - - if (ldb_req_is_untrusted(ac-req) - ((strcasecmp(objectclass_name, secret) == 0) || -(strcasecmp(objectclass_name, trustedDomain) == 0))) { - ldb_asprintf_errstring(ldb, - objectclass: object class '%s' is LSA-specific, rejecting creation of '%s' over LDAP!, - objectclass_name, - ldb_dn_get_linearized(msg-dn)); - talloc_free(mem_ctx); - return LDB_ERR_UNWILLING_TO_PERFORM; - } - ret = ldb_msg_add_string(msg, objectClass, objectclass_name); if (ret != LDB_SUCCESS) { ldb_set_errstring(ldb, diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c index ba1f7ab..e0efd4c 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c @@ -217,7 +217,7 @@ static int attr_handler2(struct oc_context *ac) return
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 7ad77c2 idl: add file_id idl. via 4538a21 s3-libndr: remove cmdline_lp_ctx. via 64620cb waf: share libndr.so between samba3 and samba4. via b50f096 libndr: move ndr_print_bool to ndr_basic.c via 20e09d2 s3-waf: add PKGCONFIGDIR. via 802e2a9 idl: remove protected storage via 3ee3cbd idl: Add IDL for remote key backup protocol (rkbp) from d6ab521 s3-build: remove source4 include path for autoconf build as well. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 7ad77c2eab787801946689ba462c20c2b26dbda6 Author: Günther Deschner g...@samba.org Date: Tue Jan 25 02:42:59 2011 +0100 idl: add file_id idl. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Tue Jan 25 12:27:00 CET 2011 on sn-devel-104 (cherry picked from commit c9f4fad75cf9749709cbebfe55c59f3c2d01858e) commit 4538a217368eabf5a0649d1168ecfb19a7919d94 Author: Günther Deschner g...@samba.org Date: Tue Jan 25 02:52:18 2011 +0100 s3-libndr: remove cmdline_lp_ctx. Guenther (cherry picked from commit f0b3c72bcc119f497a4379c549bc55fb1031ce90) commit 64620cbba4fe18731760e39990db41f13e29b042 Author: Günther Deschner g...@samba.org Date: Tue Jan 25 02:01:56 2011 +0100 waf: share libndr.so between samba3 and samba4. Guenther (cherry picked from commit dd35fe181c2397a970fa956afa5f4da534841b99) commit b50f096f37dfe3d50e097797c9b84f4b8064faeb Author: Günther Deschner g...@samba.org Date: Tue Jan 25 00:52:10 2011 +0100 libndr: move ndr_print_bool to ndr_basic.c Guenther (cherry picked from commit 7eac3100ea77eca64152444336180418938d5843) commit 20e09d269b0f0d3ec5433566809dbe369774a713 Author: Günther Deschner g...@samba.org Date: Tue Jan 25 00:47:05 2011 +0100 s3-waf: add PKGCONFIGDIR. Guenther (cherry picked from commit 62e1c80cf532681c02ecd2ddcb7c920381a0465e) commit 802e2a918e3db282f2cfd282c1341437fa126e12 Author: Matthieu Patou m...@matws.net Date: Sat Nov 20 18:06:12 2010 +0300 idl: remove protected storage Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 9d9c2128585a1d5fdb9090215750427df6a883ff) commit 3ee3cbd49fa06bd3d17fe6a52920d5d1dd557444 Author: Matthieu Patou m...@matws.net Date: Sat Nov 20 18:19:06 2010 +0300 idl: Add IDL for remote key backup protocol (rkbp) Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 25ae380fabfd2d7e5141dadb48b8e30b5b723c1f) --- Summary of changes: librpc/idl/backupkey.idl | 120 + librpc/idl/file_id.idl | 14 +++ librpc/idl/protected_storage.idl | 14 --- librpc/idl/wscript_build |6 +- librpc/ndr/libndr.h |2 + librpc/ndr/ndr_backupkey.c | 215 ++ librpc/ndr/ndr_backupkey.h |2 + librpc/ndr/ndr_basic.c |5 + librpc/wscript_build | 35 +-- source3/Makefile.in |2 +- source3/build/dynconfig.py |1 + source3/include/locking.h|9 +-- source3/include/proto.h |4 - source3/librpc/idl/notify.idl|2 + source3/librpc/ndr/util.c| 46 source3/librpc/wscript_build |2 +- source3/wscript_build| 14 +-- source4/librpc/wscript_build | 15 +--- 18 files changed, 398 insertions(+), 110 deletions(-) create mode 100644 librpc/idl/backupkey.idl create mode 100644 librpc/idl/file_id.idl delete mode 100644 librpc/idl/protected_storage.idl create mode 100644 librpc/ndr/ndr_backupkey.c create mode 100644 librpc/ndr/ndr_backupkey.h Changeset truncated at 500 lines: diff --git a/librpc/idl/backupkey.idl b/librpc/idl/backupkey.idl new file mode 100644 index 000..e21030b --- /dev/null +++ b/librpc/idl/backupkey.idl @@ -0,0 +1,120 @@ +#include idl_types.h + +import misc.idl, security.idl; +[ + uuid(3dde7c30-165d-11d1-ab8f-00805f14db40), + version(1.0), + endpoint(ncacn_np:[\\pipe\\protected_storage],ncacn_np:[\\pipe\\ntsvcs] ,ncacn_ip_tcp:), + helpstring(Remote Backup Key Storage), + helper(../librpc/ndr/ndr_backupkey.h), + pointer_default(unique) +] +interface backupkey +{ + const string BACKUPKEY_RESTORE_GUID = 47270C64-2FC7-499B-AC5B-0E37CDCE899A; + const string BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID = 018FF48A-EABA-40C6-8F6D-72370240E967; + + const string BACKUPKEY_RESTORE_GUID_WIN2K = 7FE94D50-178E-11D1-AB8F-00805F14DB40; + const string BACKUPKEY_BACKUP_GUID = 7F752B10-178E-11D1-AB8F-00805F14DB40; + + /* +* The magic values are really what they are there is no name it's just remarkable values +*
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 4d36084 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) via dd4f80a s3-masktest: Fix cli_errstr() usage (part of bug #7864) via 33f14a7 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) via df6c3b2 s3-torture: Fix cli_errstr() usage (part of bug #7864) via 26bc25e s3-docs: fix deldriver option via c5c4f87 s3-docs: add some long opts to smbclient(1) man from 7ad77c2 idl: add file_id idl. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 4d36084e05ca8a87e775b570215efd41eef7fc10 Author: Björn Baumbach b...@sernet.de Date: Thu Jan 20 14:38:30 2011 +0100 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue Jan 25 11:41:53 CET 2011 on sn-devel-104 (cherry picked from commit 07ccc2905dc5d0d74dc688ff830f504ea9665029) commit dd4f80a6dc99f3f811a909f0c37940774e03ef15 Author: Björn Baumbach b...@sernet.de Date: Thu Jan 20 14:08:42 2011 +0100 s3-masktest: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 5d8ada549e629cfe53ed973d66f5fcf0a3bd0a8c) commit 33f14a75ceaacc179c406f2689198946054c0396 Author: Björn Baumbach b...@sernet.de Date: Mon Jan 17 12:02:39 2011 +0100 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 09c612f377749b79b850ee6c52ae49699e256359) commit df6c3b20dc7d059ffb50b09aac211240aaa0 Author: Björn Baumbach b...@sernet.de Date: Mon Jan 17 13:03:05 2011 +0100 s3-torture: Fix cli_errstr() usage (part of bug #7864) Convert cli_errstr() to nt_errstr() Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 99f8f5e5945c5cd694dbb37fa947c04a24e25957) commit 26bc25ef442869c627f5fa6d5c0d3954098b8b68 Author: Björn Baumbach b...@sernet.de Date: Mon Jan 17 09:51:45 2011 +0100 s3-docs: fix deldriver option Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 3bb212a3a96164121d345a8c8f81294b0f988261) commit c5c4f872f7b2e02a68855824c28693e61d24b373 Author: Björn Baumbach b...@sernet.de Date: Fri Jan 14 12:35:55 2011 +0100 s3-docs: add some long opts to smbclient(1) man Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit b8d5ee9de3bb8c24efd2a7fab89d7d814b98aa2d) --- Summary of changes: docs-xml/manpages-3/rpcclient.1.xml |2 +- docs-xml/manpages-3/smbclient.1.xml |4 ++-- source3/client/client.c | 28 source3/torture/locktest.c | 13 ++--- source3/torture/masktest.c | 11 ++- 5 files changed, 31 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages-3/rpcclient.1.xml b/docs-xml/manpages-3/rpcclient.1.xml index 8d517ae..f660b89 100644 --- a/docs-xml/manpages-3/rpcclient.1.xml +++ b/docs-xml/manpages-3/rpcclient.1.xml @@ -267,7 +267,7 @@ Comma Separated list of Files /listitem/varlistentry - varlistentrytermdeldriver/termlistitemparaDelete the + varlistentrytermdeldriver lt;drivergt;/termlistitemparaDelete the specified printer driver for all architectures. This does not delete the actual driver files from the server, only the entry from the server's list of drivers. diff --git a/docs-xml/manpages-3/smbclient.1.xml b/docs-xml/manpages-3/smbclient.1.xml index 9efca50..ae11e8a 100644 --- a/docs-xml/manpages-3/smbclient.1.xml +++ b/docs-xml/manpages-3/smbclient.1.xml @@ -261,7 +261,7 @@ /varlistentry varlistentry - term-P/term + term-P|--machine-pass/term listitempara Make queries to the external server using the machine account of the local server. /para/listitem @@ -317,7 +317,7 @@ /varlistentry varlistentry - term-e/term + term-e|--encrypt/term listitemparaThis command line parameter requires the remote server support the UNIX extensions. Request that the connection be encrypted. This is new for Samba 3.2 and will only work with Samba diff --git a/source3/client/client.c b/source3/client/client.c index 33c1a24..3e48b01 100644 --- a/source3/client/client.c +++
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6e22637 s4-test/delete_object: Remove global ldb connections from 932911e s4:ldap.py - check the write protection on LSA objects http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6e2263749ab108baf7543a651123041427af96db Author: Kamen Mazdrashki kame...@samba.org Date: Sat Jan 22 03:22:48 2011 +0200 s4-test/delete_object: Remove global ldb connections Make it more xUnit compliant Autobuild-User: Kamen Mazdrashki kame...@samba.org Autobuild-Date: Tue Jan 25 21:30:19 CET 2011 on sn-devel-104 --- Summary of changes: source4/torture/drs/python/delete_object.py | 33 +- 1 files changed, 7 insertions(+), 26 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/drs/python/delete_object.py b/source4/torture/drs/python/delete_object.py index 0693898..ccc412e 100644 --- a/source4/torture/drs/python/delete_object.py +++ b/source4/torture/drs/python/delete_object.py @@ -42,35 +42,16 @@ import samba.tests class DrsDeleteObjectTestCase(samba.tests.TestCase): -# RootDSE msg for DC1 -info_dc1 = None -ldb_dc1 = None -# RootDSE msg for DC1 -info_dc2 = None -ldb_dc2 = None - def setUp(self): super(DrsDeleteObjectTestCase, self).setUp() -# connect to DCs singleton -if self.ldb_dc1 is None: -DrsDeleteObjectTestCase.dc1 = samba.tests.env_get_var_value(DC1) -DrsDeleteObjectTestCase.ldb_dc1 = samba.tests.connect_samdb(self.dc1, ldap_only=True) -if self.ldb_dc2 is None: -DrsDeleteObjectTestCase.dc2 = samba.tests.env_get_var_value(DC2) -DrsDeleteObjectTestCase.ldb_dc2 = samba.tests.connect_samdb(self.dc2, ldap_only=True) - -# fetch rootDSEs -if self.info_dc1 is None: -ldb = self.ldb_dc1 -res = ldb.search(base=, expression=, scope=SCOPE_BASE, attrs=[*]) -self.assertEquals(len(res), 1) -DrsDeleteObjectTestCase.info_dc1 = res[0] -if self.info_dc2 is None: -ldb = self.ldb_dc2 -res = ldb.search(base=, expression=, scope=SCOPE_BASE, attrs=[*]) -self.assertEquals(len(res), 1) -DrsDeleteObjectTestCase.info_dc2 = res[0] +# connect to DCs +url_dc = samba.tests.env_get_var_value(DC1) +(self.ldb_dc1, self.info_dc1) = samba.tests.connect_samdb_ex(url_dc, + ldap_only=True) +url_dc = samba.tests.env_get_var_value(DC2) +(self.ldb_dc2, self.info_dc2) = samba.tests.connect_samdb_ex(url_dc, + ldap_only=True) # cache some of RootDSE props self.schema_dn = self.info_dc1[schemaNamingContext][0] -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 34952ac Fix bug #7863 - Unlink may unlink wrong file when hardlinks are involved. via f818e57 Add uint32_t name_hash argument (currently unused) to get_file_infos(). via d2bf919 Add name_hash into the share mode entry struct (as yet only use for renames to identify a specific path). (cherry picked from commit b97f1ce68a512cb0da71ee1de9ddaa49dd466068) via 6189fcd Add name_hash to files_struct. Set within fsp_set_smb_fname(). (cherry picked from commit 76418e23bcde1eba4dfefbc10c51c083567a52e6) from 4d36084 s3-smbclient: Fix cli_errstr() usage (part of bug #7864) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 34952ac438db81d23caaf5c46a2c55d77bfcc97a Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 14:23:19 2011 -0800 Fix bug #7863 - Unlink may unlink wrong file when hardlinks are involved. Do this by keeping a linked list of delete on close tokens, one for each filename that identifies a path to the dev/inode. Use the jenkins hash of the pathname to identify the correct token. (cherry picked from commit 44732734cca2328a8aceb2db9b577c923920f644) commit f818e57efe68a4ec6a53ce0bba384c14c9f299ef Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 13:57:38 2011 -0800 Add uint32_t name_hash argument (currently unused) to get_file_infos(). Will be used when we store more than one delete on close token. (cherry picked from commit a65bce4e38d0b940286c7c93c226651e5fb45082) commit d2bf919d7145079fbd81fd16792c11f4b6024edd Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 14:01:52 2011 -0800 Add name_hash into the share mode entry struct (as yet only use for renames to identify a specific path). (cherry picked from commit b97f1ce68a512cb0da71ee1de9ddaa49dd466068) commit 6189fcd839b85dff7d1f4736e141114641bafee6 Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 13:49:01 2011 -0800 Add name_hash to files_struct. Set within fsp_set_smb_fname(). (cherry picked from commit 76418e23bcde1eba4dfefbc10c51c083567a52e6) --- Summary of changes: source3/include/proto.h | 13 ++- source3/include/smb.h| 40 +++-- source3/libsmb/smb_share_modes.c | 45 - source3/locking/locking.c| 350 +++-- source3/smbd/close.c | 59 --- source3/smbd/dir.c |2 +- source3/smbd/filename.c | 10 + source3/smbd/files.c | 33 - source3/smbd/nttrans.c |4 +- source3/smbd/open.c | 12 +- source3/smbd/oplock.c|2 + source3/smbd/reply.c | 13 +- source3/smbd/smb2_create.c |2 +- source3/smbd/smb2_getinfo.c |6 +- source3/smbd/trans2.c| 26 +++- 15 files changed, 454 insertions(+), 163 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 29dbcc9..4c7d4f3 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3068,8 +3068,11 @@ struct share_mode_lock *fetch_share_mode_unlocked(TALLOC_CTX *mem_ctx, bool rename_share_filename(struct messaging_context *msg_ctx, struct share_mode_lock *lck, const char *servicepath, + uint32_t orig_name_hash, + uint32_t new_name_hash, const struct smb_filename *smb_fname); void get_file_infos(struct file_id id, + uint32_t name_hash, bool *delete_on_close, struct timespec *write_time); bool is_valid_share_mode_entry(const struct share_mode_entry *e); @@ -3086,9 +3089,13 @@ void del_deferred_open_entry(struct share_mode_lock *lck, uint64_t mid, bool remove_share_oplock(struct share_mode_lock *lck, files_struct *fsp); bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp); NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode); -void set_delete_on_close_token(struct share_mode_lock *lck, const UNIX_USER_TOKEN *tok); -void set_delete_on_close_lck(struct share_mode_lock *lck, bool delete_on_close, const UNIX_USER_TOKEN *tok); +const UNIX_USER_TOKEN *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash); +void set_delete_on_close_lck(files_struct *fsp, + struct share_mode_lock *lck, + bool delete_on_close, + const UNIX_USER_TOKEN *tok); bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const UNIX_USER_TOKEN *tok); +bool is_delete_on_close_set(struct share_mode_lock *lck, uint32_t name_hash); bool set_sticky_write_time(struct file_id fileid, struct timespec write_time); bool
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 21ebf5f Missed one debug printf of name_hash. Ensure always use %x. (cherry picked from commit 9e67184d0f5cc151091faa8e5db24d5569a3fead) from 34952ac Fix bug #7863 - Unlink may unlink wrong file when hardlinks are involved. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 21ebf5ff7699c9ac8e6d7c59de64c4ac82adc983 Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 14:59:44 2011 -0800 Missed one debug printf of name_hash. Ensure always use %x. (cherry picked from commit 9e67184d0f5cc151091faa8e5db24d5569a3fead) --- Summary of changes: source3/locking/locking.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/locking/locking.c b/source3/locking/locking.c index f98208f..1942f44 100644 --- a/source3/locking/locking.c +++ b/source3/locking/locking.c @@ -1600,11 +1600,11 @@ const UNIX_USER_TOKEN *get_delete_on_close_token(struct share_mode_lock *lck, ui { struct delete_token_list *dtl; - DEBUG(10,(get_delete_on_close_token: name_hash = %u\n, + DEBUG(10,(get_delete_on_close_token: name_hash = 0x%x\n, (unsigned int)name_hash )); for (dtl = lck-delete_tokens; dtl; dtl = dtl-next) { - DEBUG(10,(get_delete_on_close_token: dtl-name_hash = %u\n, + DEBUG(10,(get_delete_on_close_token: dtl-name_hash = 0x%x\n, (unsigned int)dtl-name_hash )); if (dtl-name_hash == name_hash) { return dtl-delete_token; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3272e16 Missed one debug printf of name_hash. Ensure always use %x. via 4473273 Fix bug #7863 - Unlink may unlink wrong file when hardlinks are involved. via a65bce4 Add uint32_t name_hash argument (currently unused) to get_file_infos(). via b97f1ce Add name_hash into the share mode entry struct (as yet only use for renames to identify a specific path). via 76418e2 Add name_hash to files_struct. Set within fsp_set_smb_fname(). from 6e22637 s4-test/delete_object: Remove global ldb connections http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3272e16846f6b7363c5a42c8cececaf4bb409688 Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 14:59:44 2011 -0800 Missed one debug printf of name_hash. Ensure always use %x. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Wed Jan 26 00:46:28 CET 2011 on sn-devel-104 commit 44732734cca2328a8aceb2db9b577c923920f644 Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 14:23:19 2011 -0800 Fix bug #7863 - Unlink may unlink wrong file when hardlinks are involved. Do this by keeping a linked list of delete on close tokens, one for each filename that identifies a path to the dev/inode. Use the jenkins hash of the pathname to identify the correct token. commit a65bce4e38d0b940286c7c93c226651e5fb45082 Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 13:57:38 2011 -0800 Add uint32_t name_hash argument (currently unused) to get_file_infos(). Will be used when we store more than one delete on close token. commit b97f1ce68a512cb0da71ee1de9ddaa49dd466068 Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 14:01:52 2011 -0800 Add name_hash into the share mode entry struct (as yet only use for renames to identify a specific path). commit 76418e23bcde1eba4dfefbc10c51c083567a52e6 Author: Jeremy Allison j...@samba.org Date: Tue Jan 25 13:49:01 2011 -0800 Add name_hash to files_struct. Set within fsp_set_smb_fname(). --- Summary of changes: source3/include/proto.h | 13 ++- source3/include/smb.h| 40 +++-- source3/libsmb/smb_share_modes.c | 45 - source3/locking/locking.c| 350 +++-- source3/smbd/close.c | 59 --- source3/smbd/dir.c |2 +- source3/smbd/filename.c | 10 + source3/smbd/files.c | 33 - source3/smbd/nttrans.c |4 +- source3/smbd/open.c | 12 +- source3/smbd/oplock.c|2 + source3/smbd/reply.c | 13 +- source3/smbd/smb2_create.c |2 +- source3/smbd/smb2_getinfo.c |6 +- source3/smbd/trans2.c| 26 +++- 15 files changed, 454 insertions(+), 163 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 29dbcc9..4c7d4f3 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3068,8 +3068,11 @@ struct share_mode_lock *fetch_share_mode_unlocked(TALLOC_CTX *mem_ctx, bool rename_share_filename(struct messaging_context *msg_ctx, struct share_mode_lock *lck, const char *servicepath, + uint32_t orig_name_hash, + uint32_t new_name_hash, const struct smb_filename *smb_fname); void get_file_infos(struct file_id id, + uint32_t name_hash, bool *delete_on_close, struct timespec *write_time); bool is_valid_share_mode_entry(const struct share_mode_entry *e); @@ -3086,9 +3089,13 @@ void del_deferred_open_entry(struct share_mode_lock *lck, uint64_t mid, bool remove_share_oplock(struct share_mode_lock *lck, files_struct *fsp); bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp); NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode); -void set_delete_on_close_token(struct share_mode_lock *lck, const UNIX_USER_TOKEN *tok); -void set_delete_on_close_lck(struct share_mode_lock *lck, bool delete_on_close, const UNIX_USER_TOKEN *tok); +const UNIX_USER_TOKEN *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash); +void set_delete_on_close_lck(files_struct *fsp, + struct share_mode_lock *lck, + bool delete_on_close, + const UNIX_USER_TOKEN *tok); bool set_delete_on_close(files_struct *fsp, bool delete_on_close, const UNIX_USER_TOKEN *tok); +bool is_delete_on_close_set(struct share_mode_lock *lck, uint32_t name_hash); bool set_sticky_write_time(struct file_id fileid, struct timespec write_time); bool set_write_time(struct file_id fileid, struct timespec