[Samba] Winbind to use Windows ADS LDAP as IDMAP backend
Greetings list, This sounds sort of twisted but in its essence Windows ADS has an LDAP server too, so here is what I do hoping it'll work: 1. Install Utilities and SDK for UNIX-based application and Identity Management for UNIX on Windows server 2003, create a new OU named idmap. 2. Configure smb.conf as per Samba HOWTO chapter 14 IDMAP storage in LDAP using winbind ldap admin dn = cn=administrator,cn=users,dc=mydom,dc=com ldap idmap suffix = ou=idmap ldap suffix = dc=mydom,dc=com idmap backend = ldap:ldap://my windows domain controller, also LDAP server idmap uid = 1-100 idmap gid = 1-100 3. Join the domain, fine; run ldapsearch, fine; wbinfo -u, fine; wbinfo -g, fine. 4. Problem: wbinfo -i domain user, doesn't work, something wrong with idmap allocator, see the log == /var/log/messages == 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: [2011/11/17 18:48:47.830454, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: idmap_alloc module tdb already registered! 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: [2011/11/17 18:48:47.830566, 0] winbindd/idmap.c:149(smb_register_idmap) 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: Idmap module passdb already registered! 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: [2011/11/17 18:48:47.830608, 0] winbindd/idmap.c:149(smb_register_idmap) 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: Idmap module nss already registered! 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: [2011/11/17 18:48:47.833394, 0] winbindd/idmap.c:599(idmap_alloc_init) 2011 Nov 17 18:48:47 winterfell_01 [err] winbindd[21121]: ERROR: Initialization failed for alloc backend, deferred! So this looks like Samba/winbind can read but cannot write to Windows LDAP backend, hence no domain users get any UID, is this so? Any possibility to fix this? p.s. I also tried openLDAP on Linux as IDMAP backend, it works very smooth with Samba. Cheers -David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Re : Problem with Winbind
Hi; I would like to set the file /etc/krb5.keytab for apache : # net ads keytab add HTTP -U compte_admin_dom1 Processing principals to add... Enter administrateur's password: # ktutil ktutil: l slot KVNO Principal - ktutil: The file is empty ? May be that this problem is linked to the command net ads ? because when I try to join the AD : # net ads join -U administrat...@p9bis.neoplus.laposte.poc Enter administrat...@p9bis.neoplus.laposte.poc's password: Failed to join domain: failed to find DC for domain P9BIS.NEOPLUS.LAPOSTE.POC But with rpc it works : # net rpc join -U administrat...@p9bis.neoplus.laposte.poc Enter administrat...@p9bis.neoplus.laposte.poc's password: Joined domain P9BIS. When I execute : # net ads info - U administrateur Failed to get server's current time! LDAP server: 187.0.17.104 LDAP server name: CINVW067.p9bis.neoplus.laposte.poc Realm: P9BIS.NEOPLUS.LAPOSTE.POC Bind Path: dc=P9BIS,dc=NEOPLUS,dc=LAPOSTE,dc=POC LDAP port: 389 Server time: Thu, 01 Jan 1970 01:00:00 CET KDC server: 187.0.17.104 And # net rpc info -U administrateur Enter administrateur's password: Domain Name: P9BIS Domain SID: S-1-5-21-254703050-2859693384-3493432365 Sequence number: 1 Num users: 50 Num domain groups: 0 Num local groups: 12 The 2 commands # wbinfo -u and wbinfo -g no returns any values for users/groups ? The kinit works fine : # kinit administrat...@p9bis.neoplus.laposte.poc Password for administrat...@p9bis.neoplus.laposte.poc: # klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrat...@p9bis.neoplus.laposte.poc Valid starting Expires Service principal 11/17/11 12:05:00 11/17/11 22:05:03 krbtgt/p9bis.neoplus.laposte@p9bis.neoplus.laposte.poc renew until 11/18/11 12:05:00 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Impossible to join the AD serveur with ads : # net ads testjoin Join to domain is not valid: Operations error # net rpc testjoin Join to 'P9BIS' is OK How make work correctly the ads and how get the list of users of the AD domain ? Any help would be very appreciated. Regards --- En date de : Mer 16.11.11, djamel boussebha dbousse...@yahoo.fr a écrit : De: djamel boussebha dbousse...@yahoo.fr Objet: Problem with Winbind À: samba@lists.samba.org samba@lists.samba.org, foedi...@eva.mpg.de foedi...@eva.mpg.de, AndrewPhilipoff aphilip...@medicine.ucsf.edu Date: Mercredi 16 novembre 2011, 17h24 Hi; wbinfo can not get the user names and group names of my AD domain (Windows 2008 SP2) The result for wbinfo -t is ok : checking the trust secret for domain P9BIS via RPC calls succeeded But when i try to get wbinfo -n USER1 or wbinfo -r USER1 it shows this error message: Could not lookup name USER1 I use Samba version : 3.5.12. Any help would be very appreciated... thanks to anyone! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Sid instead of username
Hi, I do not have much understanding of samba other than having seen smb.conf file and having running start/stop scripts. We have samba version 3.5.8 installed. Our samba configuration was working fine but all of a sudden in a random manner, we see user sids appearing instead of username in the security section of file properties for few of the shared resources. On googling I did come across the issue but no satisfactory solution/explanation. Also the same samba configuration had not been working fine for years. We use the force user in smb.conf and would expect the username of the force user to appear instead of the SID. Here is the relevant slice of the smb.conf [shared_folder] writable = yes browsable = no path = /opt/software/shared/st0007/samba force user = st0007 valid users = domain1+winowslogin domain1+windowslogin2 st0007 read list = wherein , we would like folders in the /opt/software/shared/st0007/samba to be created with user st0007 when created via samba. The user st0007 is a valid unix user. What we find is that when folder is created in the shared resource(shared_folder) by someone in the valid user list, the folder seems to have SID ( which maps to correct uid on using wbinfo ) shown instead of the username. The group mapping is fine ( as seen in /etc/passwd for the user). As a consequence of the user being different from the force-user which we would like it to be, the folder cannot be renamed, cannot be deleted via samba by the valid user. The folder owner is st0007 when seen in the unix environment. And this behaviour is now random. It works for some shared user (i.e , we get force username on the securities tab). Could this issue be due to changes in windows controller etc as the problem had seemed to have gone away once on its own, ie the SIDs reverted back to the username. But now it seems to persist. Here is the chunk of the global smb.conf file as well... [global] deadtime = 10 encrypt passwords = yes server string = DAP Samba server %h max log size = 50 available = yes bind interfaces only = yes browseable = no case sensitive = no comment = DAP Samba server follow symlinks = yes max smbd processes = 200 invalid users = root load printers = no printing = bsd printcap name = /dev/null disable spoolss yes log level = 2 read only = yes auth methods = winbind sam_ignoredomain create mask = directory mask = force create mode = 0644 force directory mode = 0755 security mask = 0750 security = ADS realm = RAG.ADS.YD.COM workgroup = DBG allow trusted domains = yes encrypt passwords = yes winbind separator = + winbind uid = 100-110 winbind enum users = no winbind gid = 100-110 winbind enum groups = no winbind cache time = 60 winbind use default domain = yes use spnego = yes lanman auth = no client lanman auth = no client plaintext auth = no disable netbios = yes min protocol = NT1 ntlm auth = yes wins support = no name resolve order = lmhosts host wide links = yes unix extensions = no local master = no domain master = no preferred master = no os level = 0 netbios name = netbios_server password server = pass_server1,pas_server2,pass_server3 [shared_folder] writable = yes browsable = no path = /opt/software/shared/st0007/samba force user = st0007 valid users = domain1+winowslogin domain1+windowslogin2 st0007 read list = Any help would be greatly appreciated. Thanks, Vishal --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional EU corporate and regulatory disclosures. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Sid instead of username
Hi, I do not have much understanding of samba other than having seen smb.conf file and having run start/stop scripts. We have samba version 3.5.8 installed. Our samba configuration was working fine but all of a sudden in a random manner, we see user sids appearing instead of username in the security section of file properties for few of the shared resources. On googling I did come across the issue but no satisfactory solution/explanation. Also the same samba configuration had been working fine for years. We use the force user in smb.conf and would expect the username of the force user to appear instead of the SID. Here is the relevant slice of the smb.conf [shared_folder] writable = yes browsable = no path = /opt/software/shared/st0007/samba force user = st0007 valid users = domain1+winowslogin domain1+windowslogin2 st0007 read list = wherein , we would like folders in the /opt/software/shared/st0007/samba to be created with user st0007 when created via samba. The user st0007 is a valid unix user. What we find is that when folder is created in the shared resource(shared_folder) by someone in the valid user list, the folder seems to have SID ( which maps to correct uid on using wbinfo ) shown instead of the username. The group mapping is fine ( as seen in /etc/passwd for the user). As a consequence of the user being different from the force-user which we would like it to be, the folder cannot be renamed, cannot be deleted via samba by the valid user. The folder owner is st0007 when seen in the unix environment. And this behaviour is now random. It works for some shared user (i.e , we get force username on the securities tab). Could this issue be due to changes in windows controller etc as the problem had seemed to have gone away once on its own, ie the SIDs reverted back to the username. But now it seems to persist. Here is the chunk of the global smb.conf file as well... [global] deadtime = 10 encrypt passwords = yes server string = DAP Samba server %h max log size = 50 available = yes bind interfaces only = yes browseable = no case sensitive = no comment = DAP Samba server follow symlinks = yes max smbd processes = 200 invalid users = root load printers = no printing = bsd printcap name = /dev/null disable spoolss yes log level = 2 read only = yes auth methods = winbind sam_ignoredomain create mask = directory mask = force create mode = 0644 force directory mode = 0755 security mask = 0750 security = ADS realm = RAG.ADS.YD.COM workgroup = DBG allow trusted domains = yes encrypt passwords = yes winbind separator = + winbind uid = 100-110 winbind enum users = no winbind gid = 100-110 winbind enum groups = no winbind cache time = 60 winbind use default domain = yes use spnego = yes lanman auth = no client lanman auth = no client plaintext auth = no disable netbios = yes min protocol = NT1 ntlm auth = yes wins support = no name resolve order = lmhosts host wide links = yes unix extensions = no local master = no domain master = no preferred master = no os level = 0 netbios name = netbios_server password server = pass_server1,pas_server2,pass_server3 [shared_folder] writable = yes browsable = no path = /opt/software/shared/st0007/samba force user = st0007 valid users = domain1+winowslogin domain1+windowslogin2 st0007 read list = Any help would be greatly appreciated. Thanks, Vishal --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional EU corporate and regulatory disclosures. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Re : Problem with Winbind
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/17/2011 06:09 AM, djamel boussebha wrote: Hi; I would like to set the file /etc/krb5.keytab for apache : # net ads keytab add HTTP -U compte_admin_dom1 Processing principals to add... Enter administrateur's password: # ktutil ktutil: l slot KVNO Principal - ktutil: The file is empty ? May be that this problem is linked to the command net ads ? because when I try to join the AD : # net ads join -U administrat...@p9bis.neoplus.laposte.poc Enter administrat...@p9bis.neoplus.laposte.poc's password: Failed to join domain: failed to find DC for domain P9BIS.NEOPLUS.LAPOSTE.POC But with rpc it works : # net rpc join -U administrat...@p9bis.neoplus.laposte.poc Enter administrat...@p9bis.neoplus.laposte.poc's password: Joined domain P9BIS. When I execute : # net ads info - U administrateur Failed to get server's current time! LDAP server: 187.0.17.104 LDAP server name: CINVW067.p9bis.neoplus.laposte.poc Realm: P9BIS.NEOPLUS.LAPOSTE.POC Bind Path: dc=P9BIS,dc=NEOPLUS,dc=LAPOSTE,dc=POC LDAP port: 389 Server time: Thu, 01 Jan 1970 01:00:00 CET KDC server: 187.0.17.104 And # net rpc info -U administrateur Enter administrateur's password: Domain Name: P9BIS Domain SID: S-1-5-21-254703050-2859693384-3493432365 Sequence number: 1 Num users: 50 Num domain groups: 0 Num local groups: 12 The 2 commands # wbinfo -u and wbinfo -g no returns any values for users/groups ? The kinit works fine : # kinit administrat...@p9bis.neoplus.laposte.poc Password for administrat...@p9bis.neoplus.laposte.poc: # klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrat...@p9bis.neoplus.laposte.poc Valid starting ExpiresService principal 11/17/11 12:05:00 11/17/11 22:05:03 krbtgt/p9bis.neoplus.laposte@p9bis.neoplus.laposte.poc renew until 11/18/11 12:05:00 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Impossible to join the AD serveur with ads : # net ads testjoin Join to domain is not valid: Operations error # net rpc testjoin Join to 'P9BIS' is OK How make work correctly the ads and how get the list of users of the AD domain ? Any help would be very appreciated. Regards --- En date de : Mer 16.11.11, djamel boussebha dbousse...@yahoo.fr a écrit : De: djamel boussebha dbousse...@yahoo.fr Objet: Problem with Winbind À: samba@lists.samba.org samba@lists.samba.org, foedi...@eva.mpg.de foedi...@eva.mpg.de, AndrewPhilipoff aphilip...@medicine.ucsf.edu Date: Mercredi 16 novembre 2011, 17h24 Hi; wbinfo can not get the user names and group names of my AD domain (Windows 2008 SP2) The result for wbinfo -t is ok : checking the trust secret for domain P9BIS via RPC calls succeeded But when i try to get wbinfo -n USER1 or wbinfo -r USER1 it shows this error message: Could not lookup name USER1 I use Samba version : 3.5.12. Any help would be very appreciated... thanks to anyone! I noticed the server time has the year 1970. The ads methods use kerberos and that is time sensitive. Get the accurate date/time and things should start working for you. Perhaps have it sync with a time server. Robert - -- Robert Freeman-Day https://launchpad.net/~presgas GPG Public Key: http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0xBA9DF9ED3E4C7D36 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7FOnEACgkQup357T5MfTZ5IgCg0kqoEoWaDT2ayt2XjKW5RJs0 +LEAnAgyCHQw5JtlXHxrX6EuZ2VHaBbC =tSUp -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Slow login to Samba domain
2011/11/16 Allen Chen ac...@harbourfrontcentre.com: Dermot wrote: try to set this one to 0: \\Computer Configuration\Administrative Templates\All setings\Set maximum wait time for the network if a user has a roaming user profile It seems to have worked and the users have local profiles. Dp. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] FOSDEM 2012 - CrossDesktop DevRoom Call for Talks
Hi, FOSDEM is one of the largest gatherings of Free Software contributors in the world and happens each February in Brussels (Belgium). One of the tracks will be the CrossDesktop DevRoom, which will host Desktop-related talks. We are now inviting proposals for talks about Free/Libre/Open-source Software on the topics of Desktop development, Desktop applications and interoperativity amongst Desktop Environments. This is a unique opportunity to show novel ideas and developments to a wide technical audience. Topics accepted include, but are not limited to: Enlightenment, Gnome, KDE, XFCE, Windows, Mac OS X, general desktop matters, applications that enhance desktops and web (when related to desktop). Talks can be very specific, such as developing mobile applications with Qt Quick; or as general as predictions for the fusion of Desktop and web in 5 years time. Topics that are of interest to the users and developers of all desktop environments are especially welcome. The FOSDEM 2011 schedule might give you some inspiration: http://archive.fosdem.org/2011/schedule/track/crossdesktop_devroom Please include the following information when submitting a proposal: your name, the title of your talk (please be descriptive, as titles will be listed with around 250 from other projects) and a short abstract of one or two paragraphs. The deadline for submissions is December 20th 2011. FOSDEM will be held on the weekend of 4-5 February 2012. Please submit your proposals to: crossdesktop-devr...@lists.fosdem.org ( https://lists.fosdem.org/listinfo/crossdesktop-devroom ) -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem in reading a file using smbclient.
Hi all, I am facing a problem in reading the file contents using smbclient. Command:: bin/smbclient //localhost/ubuntu -Ubase%base_system The smb prompt appears, when read the file without smbclient it contains some data, but when try to read through smbclient ie. print filename it erases all data present inside the file. Why is this happening and how to read and write to file using smbclient. Please help me ASAP. Regards, Nishant Mungse -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem in reading a file using smbclient.
On Fri, Nov 18, 2011 at 11:15:21AM +0530, nishant mungse wrote: Hi all, I am facing a problem in reading the file contents using smbclient. Command:: bin/smbclient //localhost/ubuntu -Ubase%base_system The smb prompt appears, when read the file without smbclient it contains some data, but when try to read through smbclient ie. print filename it erases all data present inside the file. Why is this happening and how to read and write to file using smbclient. Use get filename - Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem in reading a file using smbclient.
Hi, Thnks 4 helping, I just thought that i am using wrong command, but still there is problem using get command. When I use get command to get file. it gives this O/P *Short read when getting file \nishant.txt. Only got 0 bytes.* *And there are contents in this file, size is not zero. * And now I got another problem, when I do get filename, I am getting the file with zero size and when I write to that file using cat from my normal terminal and use put filename, I thought it would be reflected back to the file present on the share folder, but the *panic* occurred. Why is it so? Thanks, Nishant Mungse On Fri, Nov 18, 2011 at 12:22 PM, Volker Lendecke volker.lende...@sernet.de wrote: On Fri, Nov 18, 2011 at 11:15:21AM +0530, nishant mungse wrote: Hi all, I am facing a problem in reading the file contents using smbclient. Command:: bin/smbclient //localhost/ubuntu -Ubase%base_system The smb prompt appears, when read the file without smbclient it contains some data, but when try to read through smbclient ie. print filename it erases all data present inside the file. Why is this happening and how to read and write to file using smbclient. Use get filename - Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem in reading a file using smbclient.
Hi, When I checked the size of fie when I use putcommand, the size is going greater than 64GB and that is why the kernel panic has occurred, but why is it happening?? Regards, Nishant Mungse On Fri, Nov 18, 2011 at 12:31 PM, nishant mungse nishantmun...@gmail.comwrote: Hi, Thnks 4 helping, I just thought that i am using wrong command, but still there is problem using get command. When I use get command to get file. it gives this O/P *Short read when getting file \nishant.txt. Only got 0 bytes.* *And there are contents in this file, size is not zero. * And now I got another problem, when I do get filename, I am getting the file with zero size and when I write to that file using cat from my normal terminal and use put filename, I thought it would be reflected back to the file present on the share folder, but the *panic* occurred. Why is it so? Thanks, Nishant Mungse On Fri, Nov 18, 2011 at 12:22 PM, Volker Lendecke volker.lende...@sernet.de wrote: On Fri, Nov 18, 2011 at 11:15:21AM +0530, nishant mungse wrote: Hi all, I am facing a problem in reading the file contents using smbclient. Command:: bin/smbclient //localhost/ubuntu -Ubase%base_system The smb prompt appears, when read the file without smbclient it contains some data, but when try to read through smbclient ie. print filename it erases all data present inside the file. Why is this happening and how to read and write to file using smbclient. Use get filename - Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 5935630 Fix bug #8562 - talloc: double free error.
from d8bc158 libcli-cldap: avoid the case local == remote == NULL
(cherry picked from commit 4d2d33ee09941ddb211e21788c01d886730224c2)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 5935630fcd15e2618b854fa3c78f3e500690cf35
Author: Jeremy Allison j...@samba.org
Date: Thu Nov 3 14:30:11 2011 -0700
Fix bug #8562 - talloc: double free error.
Ensure we don't access an undefined pointer.
Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Fri Nov 4 00:09:46 CET 2011 on sn-devel-104
(cherry picked from commit 767c54d8dd9596718579699398392ae234b40aa2)
---
Summary of changes:
source3/rpc_server/netlogon/srv_netlog_nt.c | 11 +--
1 files changed, 9 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c
b/source3/rpc_server/netlogon/srv_netlog_nt.c
index ecdfac7..3fd93bc 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1251,7 +1251,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
struct netr_ServerPasswordSet2 *r)
{
NTSTATUS status;
- struct netlogon_creds_CredentialState *creds;
+ struct netlogon_creds_CredentialState *creds = NULL;
DATA_BLOB plaintext;
struct samr_CryptPassword password_buf;
struct samr_Password nt_hash;
@@ -1265,9 +1265,14 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
unbecome_root();
if (!NT_STATUS_IS_OK(status)) {
+ const char *computer_name = unknown;
+
+ if (creds creds-computer_name) {
+ computer_name = creds-computer_name;
+ }
DEBUG(2,(_netr_ServerPasswordSet2: netlogon_creds_server_step
failed. Rejecting auth request from client %s machine
account %s\n,
- r-in.computer_name, creds-computer_name));
+ r-in.computer_name, computer_name));
TALLOC_FREE(creds);
return status;
}
@@ -1277,6 +1282,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
if (!extract_pw_from_buffer(p-mem_ctx, password_buf.data, plaintext))
{
+ TALLOC_FREE(creds);
return NT_STATUS_WRONG_PASSWORD;
}
@@ -1287,6 +1293,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
p-msg_ctx,
creds-account_name,
nt_hash);
+ TALLOC_FREE(creds);
return status;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 468fa95 s4 dns: Reduce test output noise by upping log level for
dns_name_packet logging
via e5ebda4 s4 dns: Add a first test case
via ef4bda5 s4 dns: Turn on internal DNS server during testing
via bd8aafc socket_wrapper: Added python interface to socket_wrapper
from f7c8af7 samba.tests.dsdb: Import TestCase from samba.tests.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 468fa95df2a682c39bd46c8e451961994b91f3c4
Author: Kai Blin k...@samba.org
Date: Tue Nov 15 08:38:27 2011 +0100
s4 dns: Reduce test output noise by upping log level for dns_name_packet
logging
Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Thu Nov 17 20:10:05 CET 2011 on sn-devel-104
commit e5ebda41563ed6152bae9ffcf873679878de
Author: Kai Blin k...@samba.org
Date: Fri Nov 11 00:32:09 2011 +0100
s4 dns: Add a first test case
commit ef4bda5c767215f09c035192587a9a29e8a3754a
Author: Kai Blin k...@samba.org
Date: Tue Nov 8 00:34:01 2011 +0100
s4 dns: Turn on internal DNS server during testing
commit bd8aafc530ba473acefd53665b73a47d1ebbb3a5
Author: Amitay Isaacs ami...@gmail.com
Date: Fri Oct 14 17:24:16 2011 +1100
socket_wrapper: Added python interface to socket_wrapper
The socket_wrapper does not support setting blocking flag or
timeouts on the sockets.
To use socket module in python, use
from samba import socket
Signed-off-by: Kai Blin k...@samba.org
---
Summary of changes:
lib/socket_wrapper/py_socket_wrapper.c | 876 +++
lib/socket_wrapper/socket.py| 52 ++
lib/socket_wrapper/wscript_build| 10 +
selftest/target/Samba4.pm |2 +-
source4/dns_server/dns_server.c |9 +-
source4/scripting/python/samba/tests/dns.py | 117
source4/selftest/tests.py |3 +
7 files changed, 1065 insertions(+), 4 deletions(-)
create mode 100644 lib/socket_wrapper/py_socket_wrapper.c
create mode 100644 lib/socket_wrapper/socket.py
create mode 100644 source4/scripting/python/samba/tests/dns.py
Changeset truncated at 500 lines:
diff --git a/lib/socket_wrapper/py_socket_wrapper.c
b/lib/socket_wrapper/py_socket_wrapper.c
new file mode 100644
index 000..405a43a
--- /dev/null
+++ b/lib/socket_wrapper/py_socket_wrapper.c
@@ -0,0 +1,876 @@
+/*
+ * Copyright (C) Amitay Isaacs 2011
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the author nor the names of its contributors
+ *may be used to endorse or promote products derived from this software
+ *without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+/*
+ Python interface to socket wrapper library.
+
+ Passes all socket communication over unix domain sockets if the environment
+ variable SOCKET_WRAPPER_DIR is set.
+*/
+
+#include Python.h
+#include pytalloc.h
+#include replace/replace.h
+#include system/network.h
+#include socket_wrapper.h
+
+#ifndef Py_RETURN_NONE
+#define Py_RETURN_NONE return Py_INCREF(Py_None), Py_None
+#endif
+
+#ifndef Py_TYPE /* Py_TYPE is only available on Python 2.6 */
+#define Py_TYPE(ob)(((PyObject*)(ob))-ob_type)
+#endif
+
+#ifndef PY_CHECK_TYPE
+#define PY_CHECK_TYPE(type, var, fail) \
+ if (!PyObject_TypeCheck(var, type)) {\
+ PyErr_Format(PyExc_TypeError, __location__ : Expected type
'%s' for '%s' of type '%s', (type)-tp_name, #var, Py_TYPE(var)-tp_name); \
+
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 32e825d s3/packaging: Fix rpm build issues on RHEL.
from 468fa95 s4 dns: Reduce test output noise by upping log level for
dns_name_packet logging
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 32e825d60df26fa1d4cf5c8c7cb37ca0523847ca
Author: Karolin Seeger ksee...@samba.org
Date: Thu Nov 17 21:02:30 2011 +0100
s3/packaging: Fix rpm build issues on RHEL.
Fix bug #7705 (RHEL samba.spec broken - and fix).
Based on patches of Jason Haar and Daniël van Eeden. Thanks a lot!
Karolin
Autobuild-User: Karolin Seeger ksee...@samba.org
Autobuild-Date: Thu Nov 17 23:05:28 CET 2011 on sn-devel-104
---
Summary of changes:
packaging/RHEL/samba.spec.tmpl | 29 +
1 files changed, 5 insertions(+), 24 deletions(-)
Changeset truncated at 500 lines:
diff --git a/packaging/RHEL/samba.spec.tmpl b/packaging/RHEL/samba.spec.tmpl
index ab10f23..505b1ea 100644
--- a/packaging/RHEL/samba.spec.tmpl
+++ b/packaging/RHEL/samba.spec.tmpl
@@ -233,12 +233,8 @@ install -m644 setup/samba.pamd
$RPM_BUILD_ROOT%{_sysconfdir}/pam.d/samba
install -m755 setup/smbprint $RPM_BUILD_ROOT%{_bindir}
install -m644 setup/smbusers $RPM_BUILD_ROOT%{_sysconfdir}/samba/smbusers
install -m644 setup/smb.conf $RPM_BUILD_ROOT%{_sysconfdir}/samba/smb.conf
-install -m755 source3/bin/mount.cifs $RPM_BUILD_ROOT/sbin/mount.cifs
-install -m755 source3/bin/umount.cifs $RPM_BUILD_ROOT/sbin/umount.cifs
install -m755 source3/script/mksmbpasswd.sh $RPM_BUILD_ROOT%{_bindir}
-/bin/rm $RPM_BUILD_ROOT%{_sbindir}/*mount.cifs
-
ln -s ../..%{initdir}/smb $RPM_BUILD_ROOT%{_sbindir}/samba
ln -s ../..%{initdir}/winbind $RPM_BUILD_ROOT%{_sbindir}/winbind
@@ -331,9 +327,11 @@ fi
%{_bindir}/mksmbpasswd.sh
%{_bindir}/smbcontrol
%{_bindir}/smbstatus
+%{_bindir}/smbta-util
%{_bindir}/tdbbackup
%{_bindir}/tdbtool
%{_bindir}/tdbdump
+%{_bindir}/tdbrestore
%{_bindir}/wbinfo
%{_bindir}/ntlm_auth
%{_bindir}/pdbedit
@@ -392,9 +390,6 @@ fi
%files client
%defattr(-,root,root)
-/sbin/mount.cifs
-/sbin/umount.cifs
-%{_sbindir}/cifs.upcall
%{_bindir}/rpcclient
%{_bindir}/smbcacls
@@ -410,9 +405,6 @@ fi
%{_bindir}/net
%{_bindir}/smbtree
-%{_mandir}/man8/mount.cifs.8.*
-%{_mandir}/man8/umount.cifs.8.*
-%{_mandir}/man8/cifs.upcall.8.*
%{_mandir}/man8/smbspool.8*
%{_mandir}/man1/smbget.1*
%{_mandir}/man5/smbgetrc.5*
@@ -441,6 +433,7 @@ fi
%attr(755,root,root) /%{_libarch}/libnss_winbind.so*
%attr(755,root,root) /%{_libarch}/security/pam_winbind.so
%attr(755,root,root) /%{_libarch}/security/pam_smbpass.so
+/usr/share/locale/de/LC_MESSAGES/net.mo
/usr/share/locale/de/LC_MESSAGES/pam_winbind.mo
/usr/share/locale/ar/LC_MESSAGES/pam_winbind.mo
/usr/share/locale/cs/LC_MESSAGES/pam_winbind.mo
@@ -483,28 +476,16 @@ fi
%{_bindir}/smbpasswd
%{_bindir}/profiles
-%{_bindir}/ldbadd
-%{_bindir}/ldbdel
-%{_bindir}/ldbedit
-%{_bindir}/ldbmodify
-%{_bindir}/ldbrename
-%{_bindir}/ldbsearch
-
%{_mandir}/man1/profiles.1*
%{_mandir}/man1/testparm.1*
%{_mandir}/man5/smb.conf.5*
%{_mandir}/man5/lmhosts.5*
%{_mandir}/man8/smbpasswd.8*
+%{_mandir}/man5/pam_winbind.conf.5.*
%{_mandir}/man7/libsmbclient.7*
+%{_mandir}/man8/smbta-util.8*
%{_mandir}/man8/pam_winbind.8*
-%{_mandir}/man1/ldbadd.1*
-%{_mandir}/man1/ldbdel.1*
-%{_mandir}/man1/ldbedit.1*
-%{_mandir}/man1/ldbmodify.1*
-%{_mandir}/man1/ldbrename.1*
-%{_mandir}/man1/ldbsearch.1*
-
%changelog
* Fri Jan 16 2004 Gerald (Jerry) Carter jerry@samba,org
- Removed ChangeLog entries since they are kept in CVS
--
Samba Shared Repository
[SCM] CTDB repository - branch 1.2 updated - ctdb-1.9.1-492-g85206ee
The branch, 1.2 has been updated
via 85206ee924d8245091264984669abfe99f6e82b9 (commit)
via 09577a797103c5a91fe816a3b9f385382e1791ca (commit)
via d595c57e7602a662055192297817849a15c6128b (commit)
from 6568feec47b705a39c404bb1a5ff35db265aea6a (commit)
http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.2
- Log -
commit 85206ee924d8245091264984669abfe99f6e82b9
Author: Ronnie Sahlberg ronniesahlb...@gmail.com
Date: Thu Nov 17 13:34:29 2011 +1100
Eventscripts: Add special -ECANCELED status for monitor events that are
cancelled
When a monitor event is canceled by a higher priority script, make sure we
return
status -ECANCELED to the callback in ctdB_monitor.c
Also treat -ECANCELED as a simple try monitor event again and skip
modifying any HEALTHY/UNHEALTHY flags when this happens
commit 09577a797103c5a91fe816a3b9f385382e1791ca
Author: Martin Schwenke mar...@meltin.net
Date: Tue Nov 1 20:52:57 2011 +1100
LCP IP allocation algorithm - try harder to find a candidate source node
There's a bug in LCP2. Selecting the node with the highest imbalance
doesn't always work. Some nodes can have a high imbalance metric
because they have a lot of IPs. However, these nodes can be part of a
group that is perfectly balanced. Nodes in another group with less
IPs might actually be imbalanced.
Instead of just trying the source node with the highest imbalance this
tries them in descending order of imbalance until it finds one where
an IP can be moved to another node.
Signed-off-by: Martin Schwenke mar...@meltin.net
commit d595c57e7602a662055192297817849a15c6128b
Author: Martin Schwenke mar...@meltin.net
Date: Tue Nov 1 19:49:38 2011 +1100
LCP IP allocation algorithm - new function lcp2_failback_candidate()
There's a bug in LCP2. Selecting the node with the highest imbalance
doesn't always work. Some nodes can have a high imbalance metric
because they have a lot of IPs. However, these nodes can be part of a
group that is perfectly balanced. Nodes in another group with less
IPs might actually be imbalanced.
Factor out the code from lcp2_failback() that actually takes a node
and decides which address should be moved to which node.
This is the first step in fixing the above bug.
Signed-off-by: Martin Schwenke mar...@meltin.net
---
Summary of changes:
server/ctdb_monitor.c |5 ++
server/ctdb_takeover.c | 150 +---
server/eventscript.c | 10 +++-
3 files changed, 117 insertions(+), 48 deletions(-)
Changeset truncated at 500 lines:
diff --git a/server/ctdb_monitor.c b/server/ctdb_monitor.c
index f4fbaf4..e897452 100644
--- a/server/ctdb_monitor.c
+++ b/server/ctdb_monitor.c
@@ -124,6 +124,11 @@ static void ctdb_health_callback(struct ctdb_context
*ctdb, int status, void *p)
rddata.dptr = (uint8_t *)rd;
rddata.dsize = sizeof(rd);
+ if (status == -ECANCELED) {
+ DEBUG(DEBUG_ERR,(Monitoring event was cancelled\n));
+ goto after_change_status;
+ }
+
if (status == -ETIME) {
ctdb-event_script_timeouts++;
diff --git a/server/ctdb_takeover.c b/server/ctdb_takeover.c
index 5865a17..b2e1a8d 100644
--- a/server/ctdb_takeover.c
+++ b/server/ctdb_takeover.c
@@ -1607,57 +1607,26 @@ void lcp2_allocate_unassigned(struct ctdb_context *ctdb,
}
}
-/* LCP2 algorithm for rebalancing the cluster. This finds the source
- * node with the highest LCP2 imbalance, and then determines the best
- * IP/destination node combination to move from the source node.
+/* LCP2 algorithm for rebalancing the cluster. Given a candidate node
+ * to move IPs from, determines the best IP/destination node
+ * combination to move from the source node.
*
* Not static, so we can easily link it into a unit test.
*/
-bool lcp2_failback(struct ctdb_context *ctdb,
- struct ctdb_node_map *nodemap,
- uint32_t mask,
- struct ctdb_public_ip_list *all_ips,
- uint32_t *lcp2_imbalances,
- bool *newly_healthy)
-{
- int srcnode, dstnode, mindstnode, i, num_newly_healthy;
- uint32_t srcimbl, srcdsum, maximbl, dstimbl, dstdsum;
- uint32_t minsrcimbl, mindstimbl, b;
+bool lcp2_failback_candidate(struct ctdb_context *ctdb,
+struct ctdb_node_map *nodemap,
+struct ctdb_public_ip_list *all_ips,
+int srcnode,
+uint32_t candimbl,
+uint32_t *lcp2_imbalances,
+bool *newly_healthy)
+{
+ int dstnode, mindstnode;
+ uint32_t srcimbl, srcdsum, dstimbl,
[SCM] CTDB repository - branch master updated - ctdb-1.12-6-ga15ec57
The branch, master has been updated
via a15ec57c26d1bc82af85f74eebae0bd8abde3233 (commit)
from 5de9ec2bdf8067406165bc470becdca87f458ae9 (commit)
http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master
- Log -
commit a15ec57c26d1bc82af85f74eebae0bd8abde3233
Author: Ronnie Sahlberg ronniesahlb...@gmail.com
Date: Thu Nov 17 13:34:29 2011 +1100
Eventscripts: Add special -ECANCELED status for monitor events that are
cancelled
When a monitor event is canceled by a higher priority script, make sure we
return
status -ECANCELED to the callback in ctdB_monitor.c
Also treat -ECANCELED as a simple try monitor event again and skip
modifying any HEALTHY/UNHEALTHY flags when this happens
---
Summary of changes:
server/ctdb_monitor.c |5 +
server/eventscript.c | 10 +-
2 files changed, 14 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/server/ctdb_monitor.c b/server/ctdb_monitor.c
index f0879d0..7258d39 100644
--- a/server/ctdb_monitor.c
+++ b/server/ctdb_monitor.c
@@ -125,6 +125,11 @@ static void ctdb_health_callback(struct ctdb_context
*ctdb, int status, void *p)
rddata.dptr = (uint8_t *)rd;
rddata.dsize = sizeof(rd);
+ if (status == -ECANCELED) {
+ DEBUG(DEBUG_ERR,(Monitoring event was cancelled\n));
+ goto after_change_status;
+ }
+
if (status == -ETIME) {
ctdb-event_script_timeouts++;
diff --git a/server/eventscript.c b/server/eventscript.c
index c01fbad..722ebec 100644
--- a/server/eventscript.c
+++ b/server/eventscript.c
@@ -58,7 +58,7 @@ struct ctdb_event_script_state {
enum ctdb_eventscript_call call;
const char *options;
struct timeval timeout;
-
+
unsigned int current;
struct ctdb_scripts_wire *scripts;
};
@@ -742,6 +742,14 @@ static int ctdb_event_script_callback_v(struct
ctdb_context *ctdb,
/* Kill off any running monitor events to run this event. */
if (ctdb-current_monitor) {
+ struct ctdb_event_script_state *ms =
talloc_get_type(ctdb-current_monitor, struct ctdb_event_script_state);
+
+ /* cancel it */
+ if (ms-callback != NULL) {
+ ms-callback-fn(ctdb, -ECANCELED,
ms-callback-private_data);
+ talloc_free(ms-callback);
+ }
+
/* Discard script status so we don't save to last_status */
talloc_free(ctdb-current_monitor-scripts);
ctdb-current_monitor-scripts = NULL;
--
CTDB repository
[SCM] CTDB repository - branch 1.2.39 created - ctdb-1.9.1-490-g0a626ce
The branch, 1.2.39 has been created at 0a626cef2547bbd3ea5c80da5ee2fb65691e0d88 (commit) - Log - commit 0a626cef2547bbd3ea5c80da5ee2fb65691e0d88 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu Nov 17 13:36:00 2011 +1100 New version : 1.2.39 commit a6f46ffddc21c696b35f4e4507121f08d39ada48 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu Nov 17 13:34:29 2011 +1100 Eventscripts: Add special -ECANCELED status for monitor events that are cancelled When a monitor event is canceled by a higher priority script, make sure we return status -ECANCELED to the callback in ctdB_monitor.c Also treat -ECANCELED as a simple try monitor event again and skip modifying any HEALTHY/UNHEALTHY flags when this happens --- -- CTDB repository
[SCM] CTDB repository - branch master updated - ctdb-1.12-35-g8959d15
The branch, master has been updated via 8959d15804bb5901356d7beec1ecddb1cabbca52 (commit) via c4ff223096e7dae2e67692825a78c520d30211e0 (commit) via 6a57c64c58c77fd9dc7c7a1583d402c3ce0313b1 (commit) via 0f6991010cf4e1f0dd9f39243bcc8fff5dcc0524 (commit) via 58a1e25e1c563ebede57eea2e8f4e2c5785d01bf (commit) via 88f88d86b0d08240f749fb721b8c401c2eeb1099 (commit) via bfa0fe70db195413a6d7a98f46f7a1270aba678c (commit) via c5ef0d1440f1d952784cc67946c414d149722d01 (commit) via 8c4a93e77c7d7d0cec6b2afd42c22475f1b5ccdc (commit) via d0e9e8554614bd49ffb9ec3509feaa0e80d0f65d (commit) via 41869d42194b74db43a176a068e96e411007e5f2 (commit) via d17efacb3aa6fac61d89f4c88ca17579341c335f (commit) via 668358057c1e6b9bbad7209212f9135c5e6241a0 (commit) via 82f6108bfbc7e48ca88650297c6a1c6ede0e1c9c (commit) via 126cb0d369b2b1aed63801dc4ba0554399e8b7e4 (commit) via fdca12c25e6fce6206135b994dedf44265e4eb09 (commit) via 79638bdd884caaf899c1b41984a5f0cf638207b5 (commit) via aaf1ddfc83cf2ede29288baf04a1aa1c69a5cab5 (commit) via ac9236e64bd0b61740cc787819a1222bc6a67d4a (commit) via 3084220e2aac3664511969f10cad206e505150a0 (commit) via 23c164926c5ec4da6d90a5bdcbf2d0100729b451 (commit) via 080edee3d053d770466ebcc976eb1135c80feef8 (commit) via c22e201be15e7d5b788c2f5f7916b553e0faaa2a (commit) via 79d31660c7e612f0290fd085203856ad9e70b26f (commit) via d0244fec8d0dd2abd31a8677e2c2b254b030c47b (commit) via 1932466c76de2b184c2a257120768ab8c9d6c12a (commit) via f40101a615f8b9826a484e4697bfea6ee2b9ba88 (commit) via 3e4fa518f02db75e4e4a7f326a71df226913f8a8 (commit) via 788cdbddbc902a5b076d23473450065b551d274d (commit) from a15ec57c26d1bc82af85f74eebae0bd8abde3233 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 8959d15804bb5901356d7beec1ecddb1cabbca52 Merge: c4ff223096e7dae2e67692825a78c520d30211e0 88f88d86b0d08240f749fb721b8c401c2eeb1099 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Nov 18 15:01:13 2011 +1100 Merge remote branch 'martins/eventscripts' commit c4ff223096e7dae2e67692825a78c520d30211e0 Merge: 6a57c64c58c77fd9dc7c7a1583d402c3ce0313b1 3084220e2aac3664511969f10cad206e505150a0 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Nov 18 14:46:45 2011 +1100 Merge remote branch 'martins/scriptstatus' commit 6a57c64c58c77fd9dc7c7a1583d402c3ce0313b1 Merge: 0f6991010cf4e1f0dd9f39243bcc8fff5dcc0524 8c4a93e77c7d7d0cec6b2afd42c22475f1b5ccdc Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Nov 18 14:45:56 2011 +1100 Merge remote branch 'martins/ctdb_control_oom' commit 0f6991010cf4e1f0dd9f39243bcc8fff5dcc0524 Merge: 58a1e25e1c563ebede57eea2e8f4e2c5785d01bf d0e9e8554614bd49ffb9ec3509feaa0e80d0f65d Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Nov 18 14:42:10 2011 +1100 Merge remote branch 'martins/hashinclude' commit 58a1e25e1c563ebede57eea2e8f4e2c5785d01bf Merge: a15ec57c26d1bc82af85f74eebae0bd8abde3233 79638bdd884caaf899c1b41984a5f0cf638207b5 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Nov 18 14:36:45 2011 +1100 Merge remote branch 'martins/warnings' commit 88f88d86b0d08240f749fb721b8c401c2eeb1099 Author: Martin Schwenke mar...@meltin.net Date: Thu Nov 17 16:47:00 2011 +1100 Eventscripts - add facility to 10.interface to delete unmanaged IPs For a number of reasons (delip failure, admin stupidity, ...) an interface that hosts public addresses can also contain spurious, unmanaged addresses. Add functionality to 10.interfaces, controlled by new configuration variable CTDB_DELETE_UNEXPECTED_IPS, to delete these addresses when encountered as part of a monitor event. Signed-off-by: Martin Schwenke mar...@meltin.net commit bfa0fe70db195413a6d7a98f46f7a1270aba678c Author: Martin Schwenke mar...@meltin.net Date: Fri Oct 14 15:55:12 2011 +1100 Eventscripts - remove $0 from error messages in 40.fs_use The script name is now prepended to output by ctdbd. Signed-off-by: Martin Schwenke mar...@meltin.net commit c5ef0d1440f1d952784cc67946c414d149722d01 Author: Martin Schwenke mar...@meltin.net Date: Fri Oct 14 15:52:12 2011 +1100 Eventscripts: Make 40.fs_use use less processes and arguably clearer. * $fs can be parsed using shell prefix and suffix removal. * df output can be parsed with a single call to sed. Failure is indicated by empty output from sed, so we check for that as the error condition, changing the associated message appropriately. Signed-off-by: Martin Schwenke mar...@meltin.net commit 8c4a93e77c7d7d0cec6b2afd42c22475f1b5ccdc Author: Martin Schwenke mar...@meltin.net Date: Wed Nov
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cd3f552 s3-py-passdb: Fix handling of uninitialized gid values via 9318e00 dsdb: Fix the password expiry calculation via d0e9f22 s3-passdb_test: Policy values are converted to signed integer via 244ecc8 s4-s3-upgrade: Add --verbose option to print extra details via f93ec5a s4-auth log details about any token we fail to convert to a unix token via e6c77f5 s4-s3-upgrade: Fix idmap types ID_TYPE_UID/ID_TYPE_GID instead of UID/GID via 6a2a2df samba-tool: Fix the domain account policy max_pwd_age calculation via c48a2aa s4-s3-upgrade: Fix the minimum and maximum password age calculation via e80dbdc s4-s3-upgrade now look for -1 as the special 'not set' value from 32e825d s3/packaging: Fix rpm build issues on RHEL. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cd3f552f4f632204edc8064a1ad332e703a28e72 Author: Amitay Isaacs ami...@gmail.com Date: Fri Nov 18 14:35:56 2011 +1100 s3-py-passdb: Fix handling of uninitialized gid values Uninitialized gid value is set to -1 and return as such from python passdb api. Autobuild-User: Amitay Isaacs ami...@samba.org Autobuild-Date: Fri Nov 18 06:18:33 CET 2011 on sn-devel-104 commit 9318e00a1fab1e6eda6495c44b69d95a980b1e5e Author: Amitay Isaacs ami...@gmail.com Date: Fri Nov 18 10:34:44 2011 +1100 dsdb: Fix the password expiry calculation As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if pwdLastSet = null, or pwdLastSet = 0, or (maxPwdAge != 0x8000 and (ST - pwdLastSet) maxPwdAge) commit d0e9f22654be1c9972c5b5ba6b3ebe808f27c678 Author: Amitay Isaacs ami...@gmail.com Date: Fri Nov 18 09:55:38 2011 +1100 s3-passdb_test: Policy values are converted to signed integer No need to check value for 0x (4294967295). commit 244ecc844dc36584a01ec5248c68060f6bb97114 Author: Amitay Isaacs ami...@gmail.com Date: Thu Nov 17 18:51:14 2011 +1100 s4-s3-upgrade: Add --verbose option to print extra details commit f93ec5a0274b3b14a5ad2cff287fcb5e48d59731 Author: Andrew Bartlett abart...@samba.org Date: Thu Nov 17 18:24:24 2011 +1100 s4-auth log details about any token we fail to convert to a unix token Now that entries are being added into the idmap DB from Samba3, and may be UID or GID but not BOTH, failures are more likely. Andrew Bartlett commit e6c77f523b8ed8332ecb4d50a6af7eaa7e6f19af Author: Amitay Isaacs ami...@gmail.com Date: Thu Nov 17 16:08:16 2011 +1100 s4-s3-upgrade: Fix idmap types ID_TYPE_UID/ID_TYPE_GID instead of UID/GID commit 6a2a2dfa5f510fcab964588c29c2991859bbc83f Author: Amitay Isaacs ami...@gmail.com Date: Thu Nov 17 09:34:57 2011 +1100 samba-tool: Fix the domain account policy max_pwd_age calculation Windows sets maxPwdAge to -0x8000 when maximum password age is set to 0 days. commit c48a2aa43854636763cd6472ceba7f0c70185689 Author: Amitay Isaacs ami...@gmail.com Date: Wed Nov 16 12:59:52 2011 +1100 s4-s3-upgrade: Fix the minimum and maximum password age calculation Windows sets maxPwdAge to -0x8000 when maximum password age is set to 0 days. commit e80dbdcab1831bd07e76863acaea4e356f71cf98 Author: Andrew Bartlett abart...@samba.org Date: Wed Nov 16 16:51:06 2011 +1100 s4-s3-upgrade now look for -1 as the special 'not set' value this is possible because we know the py_passdb will always set -1 here, not passing though 0x. Andrew Bartlett --- Summary of changes: source3/passdb/py_passdb.c |4 ++-- source4/auth/unix_token.c | 17 + source4/dsdb/common/util.c |2 +- source4/scripting/python/samba/netcmd/domain.py | 17 + source4/scripting/python/samba/tests/samba3.py |4 ++-- source4/scripting/python/samba/upgrade.py | 18 +- 6 files changed, 44 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c index de27839..46f2e90 100644 --- a/source3/passdb/py_passdb.c +++ b/source3/passdb/py_passdb.c @@ -975,7 +975,7 @@ static PyObject *py_groupmap_get_gid(PyObject *obj, void *closure) GROUP_MAP *group_map = (GROUP_MAP *)pytalloc_get_ptr(obj); PyObject *py_gid; - py_gid = PyInt_FromLong(group_map-gid); + py_gid = Py_BuildValue(i, group_map-gid); return py_gid; } @@ -2317,7 +2317,7 @@ static PyObject *py_pdb_get_account_policy(pytalloc_Object *self) type = account_policy_name_to_typenum(names[i]); status = methods-get_account_policy(methods,
