Re: [Samba] PDC file server on same machine?

[steve]

On 08/12/11 00:03, John Heim wrote:

How much of a resource hog is a PDC? My understanding is that
authentication is done vs a BDC if available. I configured my new file
server as the domain PDC because I figured it would already have to run
samba. I have two other machines configured as BDCs to serve as logon
servers.

I'm looking for opinions on whether I'm asking for performance problems
by making my file server the PDC. Actually, this machine is already
serving as PDC but its not in production yet as a file server. So right
now, its just the domain PDC. When I log into the domain and echo
%logonserver%, it shows that one of the BDCs was the logon server, not
the PDC. It doesn't look like the PDC has to do anything but handle
joining machines to the domain.




We have to work within a tight budget and can't afford a backup server. 
We serve 600 home folders and logins to 25 clients from the same box. In 
an educational environment we experience slow logons which we think is 
due to everyone logging on at once. Windows 7 logons are particularly 
bad. Looking at top you can see slapd and nmbd throw a fit for a minute 
or so. With files it's OK unless we have a group working with gimp and 
photoshop. Usually it's when everyone is doing the same thing at the 
same time e.g. when a teacher has given an instruction to do something. 
On a normal lan I don't think you'd have these situations.

HTH
Steve.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] SAMBA4: Changing DC's IP address (Bind 9.8.x) for testing

[steve]

On 07/12/11 21:37, Gémes Géza wrote:

2011-12-07 15:41 keltezéssel, Adam Tauno Williams írta:

I upgraded by S3 domain to S4 using the upgrade script.  To do that i
had to have the S4 test box connected to the production network.  Now I
want to take it to the test network.  But the Bind 9.8.x instance using
the DLZ still has the old address... dynamic dns update doesn't work
because the tool can't find the KDC because DNS returns the wrong IP
address.

Can I modify the DNS zone using an ldb tool [ldbmodify]? To change the
IP of the DC (the only address in DNS at this point, everything seems to
CNAME back to the address).

Under the older Bind config I just changed the one or two lines in the
text zone file when I moved the VM from production to testing.




samba-tool dns is your friend here.

Geza


Adam: where is the upgrade script you mention?
Thanks
S  L
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Configure samba to not look for domain master browser

[Timothy Madden]

On 06.12.2011 17:54, TAKAHASHI Motonobu wrote:

On 12/06/2011 10:26 AM, Timothy Madden wrote:


On my network there is no domain master browser, and my nmbd is
spamming my /var/log/messages file with messages that it cound not
find one. Can I configure nmbd not to look for the domain master
browser ?


After a while, nmbd will find a master browser (or a domain master
browser) or will try to become a master browser by myself?

If yes, this is expected behavior.

If not, something will be wrong. Can you show the spamming messages?


I keep getting the messages for ever and nmbd does not become a domain 
master. You have the syslogd messages below.


The nmbd has
preferred master = yes
in smb.conf. I do not know how to check if it is the local master, but I 
believe it is (although there is also a Windows 7 64-bit machine on the 
same subnet).


The nmbd is also a WINS server, but I only set it up for my VPN clients 
to be able to resolve computer names over VPN, and otherwise I do not 
want the server. I want a decentralized sub-net where I can reboot any 
machine as needed  (for our product testing )and everything just works. 
So the other 7 samba machines in the subnet do not have the WINS server 
in smb.conf, nor is it announced by the DHCP server (which is a router).


Also, the nmbd is on the VPN server machine, so most of the time it has 
two network interfaces to work with (the actual ethernet adapter and the 
virtual (VPN) tunnel interface), and I can see in syslog the following:

Dec  6 20:37:07 console nmbd[5973]: [2011/12/06 20:37:07, 0]
nmbd/asyncdns.c:start_async_dns(151)
Dec  6 20:37:07 console nmbd[5973]:   started asyncdns process 5974
Dec  6 20:37:30 console nmbd[5973]: [2011/12/06 20:37:30, 0]
nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
Dec  6 20:37:30 console nmbd[5973]:   *
Dec  6 20:37:30 console nmbd[5973]:
Dec  6 20:37:30 console nmbd[5973]:   Samba name server CONSOLE is now
a local master browser for workgroup MYGROUP on subnet
192.168.0.100
Dec  6 20:37:30 console nmbd[5973]:
Dec  6 20:37:30 console nmbd[5973]:   *

Dec  7 16:23:19 console nmbd[5973]: [2011/12/07 16:23:19, 0]
nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
Dec  7 16:23:19 console nmbd[5973]:   *
Dec  7 16:23:19 console nmbd[5973]:
Dec  7 16:23:19 console nmbd[5973]:   Samba name server CONSOLE is now
a local master browser for workgroup MYGROUP on subnet
172.16.0.1
Dec  7 16:23:19 console nmbd[5973]:
Dec  7 16:23:19 console nmbd[5973]:   *

However the virtual subnet 172.16.0.0/24 is *not* broadcast-capable, 
which is giving me quite some problems...


I thought a domain master browser is not always used, but only on routed 
networks where several sub-nets share the same workgroup.

Is a local master browser not enough for Network Neighborhood ?

So I get the following non-stop messages in /var/log/messages:

Dec  8 10:43:20 console nmbd[5973]:   Unable to sync browse lists in 
this workgroup.
Dec  8 10:58:21 console nmbd[5973]: [2011/12/08 10:58:21, 0] 
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351)

Dec  8 10:58:21 console nmbd[5973]:   find_domain_master_name_query_fail:
Dec  8 10:58:21 console nmbd[5973]:   Unable to find the Domain Master 
Browser name MYGROUP1b for the workgroup MYGROUP.
Dec  8 10:58:21 console nmbd[5973]:   Unable to sync browse lists in 
this workgroup.
Dec  8 10:58:21 console nmbd[5973]: [2011/12/08 10:58:21, 0] 
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351)

Dec  8 10:58:21 console nmbd[5973]:   find_domain_master_name_query_fail:
Dec  8 10:58:21 console nmbd[5973]:   Unable to find the Domain Master 
Browser name MYGROUP1b for the workgroup MYGROUP.
Dec  8 10:58:21 console nmbd[5973]:   Unable to sync browse lists in 
this workgroup.
Dec  8 11:13:29 console nmbd[5973]: [2011/12/08 11:13:29, 0] 
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351)

Dec  8 11:13:29 console nmbd[5973]:   find_domain_master_name_query_fail:
Dec  8 11:13:29 console nmbd[5973]:   Unable to find the Domain Master 
Browser name MYGROUP1b for the workgroup MYGROUP.
Dec  8 11:13:29 console nmbd[5973]:   Unable to sync browse lists in 
this workgroup.
Dec  8 11:13:29 console nmbd[5973]: [2011/12/08 11:13:29, 0] 
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351)

Dec  8 11:13:29 console nmbd[5973]:   find_domain_master_name_query_fail:
Dec  8 11:13:29 console nmbd[5973]:   Unable to find the Domain Master 
Browser name MYGROUP1b for the workgroup MYGROUP.
Dec  8 11:13:29 console nmbd[5973]:   Unable to sync browse lists in 
this workgroup.
Dec  8 11:28:40 console nmbd[5973]: [2011/12/08 11:28:40, 0] 
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(351)

Dec  8 11:28:40 console nmbd[5973]:   find_domain_master_name_query_fail:
Dec  8 11:28:40 console nmbd[5973]:   Unable to find 

Re: [Samba] PDC file server on same machine?

[Adam Tauno Williams]

On Wed, 2011-12-07 at 17:03 -0600, John Heim wrote:
 How much of a resource hog is a PDC? My understanding is that authentication 
 is done vs a BDC if available. I configured my new file server as the domain 
 PDC because I figured it would already have to run samba. I have two other 
 machines configured as BDCs to serve as logon servers
 I'm looking for opinions on whether I'm asking for performance problems by 
 making my file server the PDC. Actually, this machine is already serving as 
 PDC but its not in production yet as a file server. So right now, its just 
 the domain PDC. When I log into the domain and echo %logonserver%, it 
 shows that one of the BDCs was the logon server, not the PDC. It doesn't 
 look like the PDC has to do anything but handle joining machines to the 
 domain.

There really isn't an answer for your question.  The load implied by
being a DC depends on the number of clients and how heavily they are
used.  If you have only a hundred or so clients, in my experience, the
load is pretty mild [for modern hardware/networks].

With Samba3 domain control there isn't really a BDC/PDC distinction.
Every box is a PDC that operates in parallel with the other DCs.  That
is a bit different than a true NT4 domain.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] WINS backup/failover with Samba 3 ?

[Timothy Madden]

Hello

I have Samba 3.0.33-3.29.el5 on Centos 5.7 and I hear there is no WINS 
replication for it. I have a sub-net where I would like to use all 
machines for production (they are product testing servers), and I would 
like to be able to reboot any one of them as needed.


Since the sub-net is behind a cheap commercial home router, I need VPN 
to access the network directly. So I set up 3 openvpn servers, and 
the VPN client will automatically try them in order, and connect to the 
first one that answers. Each VPN server has a forwarded port on the router.


To get samba name resolving to work across the VPN connection I need a 
WINS server, preferably on the VPN server machine.


The problem is I can not have three WINS servers, to use the first one 
that works, as I can have 3 VPN servers. Is there a way around this 
problem ?


Trying to set just 'wins proxy', without 'wins support' or 'wins 
server', did not help, VPN client machines could not resolve computer 
names from VPN server sub-net.


I see in the 'wins server' description for smb.conf that I can list more 
than one server there, but still the 'wins support' option says there 
should only be *one* wins server in my network. Is there a way to have 
more WINS servers ?


Thank you,
Timothy Madden

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] PDC file server on same machine?

[steve]

On 08/12/11 12:15, Adam Tauno Williams wrote:

On Wed, 2011-12-07 at 17:03 -0600, John Heim wrote:

How much of a resource hog is a PDC? My understanding is that authentication
is done vs a BDC if available. I configured my new file server as the domain
PDC because I figured it would already have to run samba. I have two other
machines configured as BDCs to serve as logon servers
I'm looking for opinions on whether I'm asking for performance problems by
making my file server the PDC. Actually, this machine is already serving as
PDC but its not in production yet as a file server. So right now, its just
the domain PDC. When I log into the domain and echo %logonserver%, it
shows that one of the BDCs was the logon server, not the PDC. It doesn't
look like the PDC has to do anything but handle joining machines to the
domain.


There really isn't an answer for your question.  The load implied by
being a DC depends on the number of clients and how heavily they are
used.  If you have only a hundred or so clients, in my experience, the
load is pretty mild [for modern hardware/networks].

With Samba3 domain control there isn't really a BDC/PDC distinction.
Every box is a PDC that operates in parallel with the other DCs.  That
is a bit different than a true NT4 domain.


Maybe what the OP is asking here is for examples. I realise that for 
security reasons admins may not be allowed to reveal their setup but it 
would be helpful to give some concrete figures of hardware, clients and 
servers that works for us.

Cheers.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] PDC file server on same machine?

[Aaron E.]

I have a s3.4 pdc with a bdc,, pdc is serving around 80 users on 
terminal services and another 50 fat clients,,, acts as the file 
server.. roaming profiles etc... I have no issues other than the network 
card only being 100mb,, I do have a throughput issues.. but that is on 
the table..


On 12/07/2011 06:03 PM, John Heim wrote:

How much of a resource hog is a PDC? My understanding is that
authentication is done vs a BDC if available. I configured my new file
server as the domain PDC because I figured it would already have to run
samba. I have two other machines configured as BDCs to serve as logon
servers.

I'm looking for opinions on whether I'm asking for performance problems
by making my file server the PDC. Actually, this machine is already
serving as PDC but its not in production yet as a file server. So right
now, its just the domain PDC. When I log into the domain and echo
%logonserver%, it shows that one of the BDCs was the logon server, not
the PDC. It doesn't look like the PDC has to do anything but handle
joining machines to the domain.






--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] PDC file server on same machine?

[Adam Tauno Williams]

On Thu, 2011-12-08 at 08:36 -0500, Aaron E. wrote:
 I have a s3.4 pdc with a bdc,, pdc is serving around 80 users on 
 terminal services and another 50 fat clients,,, acts as the file 
 server.. roaming profiles etc... I have no issues other than the network 
 card only being 100mb,, I do have a throughput issues.. but that is on 
 the table..

Our PDC is a virtual machine.  It search ~200 desktops and ~300 users.
That includes roaming profiles, netlogin, and some redirected folers
[some folders in the roaming profile are redirected to shares on the
server].  Backend is LDAPSAM.  Load is very low [with current-ish
version of OpenLDAP - slapd used to burn much more juice than it does
now].

Actual file-serving traffic burns up network bandwidth; but CPU and
memory requirements are surprisingly low.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] PDC file server on same machine?

[John Heim]

From: Adam Tauno Williams awill...@whitemice.org

 With Samba3 domain control there isn't really a BDC/PDC distinction.
Every box is a PDC that operates in parallel with the other DCs.  That
is a bit different than a true NT4 domain.



But one machine has to have the master copy of the user/machine database.

From the samba documentation:


* Primary Domain Controller the one that seeds the domain SAM.
* Backup Domain Controller one that obtains a copy of the domain SAM.

On my file server, I have a custom add user script that configures mail,
sets a disk quota, configures the user's profile, and several other things.
That script has to run on the file server or it can't create all the proper
directories,e tc. That's why I also made that machine the PDC. Its the only
machine with the ability to update the ldap database. If I made some other
machine the PDC, I'd have to have2 machines with the ability to update the
ldap database. In my configuration, the BDCs are also slave ldap servers. So
when a user logs into the domain, I *think* it will talk to a BDC which will
query its own copy of the ldap database, and log them on.



But if being the PDC adds significantly to the load of the file server, I
could give up on the idea of having just the one machine with the ability to
update the ldap database. Having only one machine with update abilities is
cleaner but if it doesn't work, it doesn't work.



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] winbind: how to fix uid/SID mapping following migration to a new DC

[Jonathan Buzzard]

Jean-Yves Avenard wrote:

Hi


On 7 December 2011 22:06, Jean-Yves Avenard jyaven...@gmail.com wrote:

Is there a way to make so the uid/SID are matched in such a way that a
username keeps the same uid as before.
For example, editing on the domain controller the ldap entries that
contain the uid/SID map or something like that (just thinking out loud
here)


Amending this troubleshooting.

Unix extension has been added to the active directory, and the
uidNumber for each user have been added in order to match the previous
uid as discovered by winbind.

smb.conf was amended as follow:
winbind use default domain = Yes
winbind enum users = No
winbind enum groups = No
winbind nested groups = Yes
winbind refresh tickets = Yes
winbind offline logon = Yes
winbind nss info = rfc2307
allow trusted domains = No

idmap uid = 1000-199
idmap gid = 1000-199
idmap backend = ad
idmap config ALLORATECH : backend = ad
idmap config ALLORATECH : range = 1000-99
idmap config ALLORATECH : schema_mode = rfc2307

Looking at the winbind_ad module, it seems to me that should the nss
info and schema mode be set to rfc2307 ; it should use the uidNumber
entry for determining the uid of the user.

However, winbind still assign the RID + 1 for the user's uid...

Is there a way to tell winbind precisely which uid to use ? what am I missing?



Your two ranges are overlapping and it just don't work if you do that. I 
have no idea why and it is not well documented why it does not work. 
Also you have to the plain idmap backend config line setup as a tdb 
backend. Something like this what you need.


   idmap backend = tdb
   idmap uid = 200-299
   idmap gid = 200-299
   idmap config ALLORATECH : backend = ad
   idmap config ALLORATECH : schema_mode = rfc2307
   idmap config ALLORATECH : readonly = yes
   idmap config ALLORATECH : range = 1000-199

Seems to come up fairly regularly this one and I can tell you it took me 
ages to work out a working configuration. This has been really stable 
for me however other than some random winbind deaths which I papered 
over with monit. Though a more recent 3.5.x version of Samba might fix 
that as there seems to have been a lot of bug fixes for it.


Note this is for 3.5.x and it has all been changed again in 3.6.x so god 
only knows how you configure it for that.



JAB.

--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] bind errors for latest samba 4 checkout

[Dale Schroeder]

On 12/07/2011 1:28 PM, steve wrote:

Hi everyone

openSUSE 12.1

After a recent Samba 4 pull I have these errors:

Dec  7 19:53:37 hh3 named[3121]: command channel listening on 
127.0.0.1#953

Dec  7 19:53:37 hh3 named[3121]: the working directory is not writable
Dec  7 19:53:37 hh3 named[3121]: managed-keys-zone ./IN: loading from 
master file /var/lib/named/dyn//managed-keys.bind failed: file not found

Dec  7 19:53:37 hh3 named[3121]: managed-keys-zone ./IN: loaded serial 0
Dec  7 19:53:37 hh3 named[3093]: Starting name server BIND - Warning: 
/var/run/named/named.pid exists! ..done

Dec  7 19:53:37 hh3 named[3121]: running

Bind was recently updated in openSUSE. Setting /var/lib/named to 
named:named got rid of the first error. Is that OK?


But then:

rm /var/run/named/named.pid
rm: cannot remove `/var/run/named/named.pid': Too many levels of 
symbolic links


rm -r /var/run/named/ and restarting bind gives the same error.

I can't find much about the managed keys. I've asked here before abou 
this and on the openSUSE list.


managed-keys.bind is related to dnssec, as is /etc/bind/bind.keys.  
dnssec was enabled by default starting with bind 9.5.
zytrax.com has excellent dns reference information; e.g. see 
http://www.zytrax.com/books/dns/ch7/security.html





The only change to the /etc/named.conf supplied by the distro is 
including:

/usr/local/samba/private/named.conf

Apart from this, bind and kebreros, pass all the tests as specified in 
the samba 4 howto.


If I:
touch /var/lib/named/dyn//managed-keys.bind

and restart named, it's almost clean:

Dec  7 20:23:13 hh3 named[3302]: command channel listening on 
127.0.0.1#953
Dec  7 20:23:13 hh3 named[3302]: couldn't add command channel ::1#953: 
address not available
Dec  7 20:23:13 hh3 named[3302]: zone 0.0.127.in-addr.arpa/IN: loaded 
serial 42
Dec  7 20:23:13 hh3 named[3302]: zone 
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: 
loaded serial 42

Dec  7 20:23:13 hh3 named[3302]: zone localhost/IN: loaded serial 42
Dec  7 20:23:13 hh3 named[3302]: managed-keys-zone ./IN: loaded serial 0
Dec  7 20:23:13 hh3 named[3275]: Starting name server BIND - Warning: 
/var/run/named/named.pid exists! ..done

Dec  7 20:23:13 hh3 named[3302]: running


Stop bind and see if /var/run/named/named.pid remains.  You may have a 
stale pid that needs removing manually.


Dale



Before I can test and draw conclusions about the latest checkout I 
must know if these errors are significant.


Any ideas anyone?

Thanks
Steve.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] FreeNAS/Samba Group Permissions with LDAP

[Charles Tryon]

I'm not sure if this is an LDAP issue, a Samba issue, a BSD issue or a
FreeNAS issue...

I'm working at migrating a large block of file shares from an aging
CentOS/Samba 3.0.9 server to a FreeNAS (8.0.2) server.  (The FreeNAS box is
running FreeBSD 8.2-RELEASE-p3 and Samba 3.5.11.)  I will eventually be
migrating the entire domain and user base off of that server, but for the
time being, I have set up a process where I mirror the user and group
information from the Samba 3 domain to an LDAP (fedora 389) server.  (Long
story...)  I'm syncing the actual folders from the current production
server to the FreeNAS volumes, through either NFS or rsync.  This maintains
all the original group and owner permissions on the files and directories.

One of the things I like about the FreeNAS server is that it can be
configured to talk to either AD (MS or Samba4) or LDAP.  I have logged in
to the NAS and using the getent command, confirmed that it correctly
understands both the users and the groups from LDAP.  One interesting
difference between LDAP and AD is that, when you use getent passwd (or
getent group), the AD users are of the form DOMAIN\username, while the
LDAP users just list the name.

THE PROBLEM I AM SEEING is in setting access permissions based on secondary
group membership.

When I use the simple Unix owner/group/other permissions on our original
Samba server, I can effectively control which Windows users have permission
to read or write to files and folders based on what group owns the files,
and the groups the users are a member of.  I can also specify through the
Samba configuration which groups are allowed to map the share (valid users
= @groupname).

However, my observation in FreeNAS is that, using LDAP, THIS DOESN'T WORK.
If I set the Unix folder permissions in a share to 770, then the actual
owner of the file/folder can open it up, but not other users who are in the
group.  The only way to grant access to other users is to set the
permissions to 777 and open it up to the world.  Also, the valid users
parameter in the Samba conf file doesn't work with a group name.  If I
specify a group, then noone can map the share.

One interesting thing is, if I use AD (Samba4) as the source of users and
groups, and the group based permissions (either valid users or through
Unix group permissions) all seem to work as expected, both to allow and
disallow users by their group membership.

I've done a great deal of googling around, and have found lots of people
reporting similar problems, but no one with a solution...  :-(  Is there
any way to check how the Samba subsystem on the FreeNAS server is
validating group membership?


/etc/local/smb.conf (generated through the FreeNAS GUI):
[global]
encrypt passwords = yes
dns proxy = no
strict locking = no
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
deadtime = 15
display charset = LOCALE
max log size = 10
syslog only = yes
syslog = yes
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
smb passwd file = /var/etc/private/smbpasswd
private dir = /var/etc/private
getwd cache = yes
guest account = nobody
map to guest = Bad Password
netbios name = freenas2
workgroup = OMUSA
server string = FreeNAS Server
large readwrite = no
ea support = yes
store dos attributes = yes
local master = yes
security = user
passdb backend = ldapsam:ldap://abraham
ldap admin dn = cn=Directory manager
ldap suffix = dc=usa,dc=om,dc=org
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap ssl = off
ldap replication sleep = 1000
ldap passwd sync = yes
#ldap debug level = 1
#ldap debug threshold = 1
ldapsam:trusted = yes
idmap uid = 1-3
idmap gid = 1-3
create mask = 0666
create mask = 0666
directory mask = 0777
client ntlmv2 auth = yes
dos charset = CP437
unix charset = UTF-8
log level = 10
aio read size = 1
aio write size = 1

[homes]
comment = Home Directories
valid users = %U
writable = yes
browseable = no
path = /mnt/Vol1/home/users/%U

[dept-it]
path = /mnt/Vol1/groups/computer
printable = no
veto files = /.snap/.windows/
comment = IT Department
writeable = yes
browseable = yes
inherit owner = no
inherit permissions = no
vfs objects = zfsacl
hosts allow = 10.4.0.0/23
inherit acls = Yes
map archive = No
map readonly = no
nfs4:mode = special
nfs4:acedup = merge
nfs4:chown = yes
valid users=@computer

-- 
Charles Tryon
_
  It's the job that's never started that takes longest to finish.
 -- Samwise Gamgee
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  

Re: [Samba] FreeNAS/Samba Group Permissions with LDAP

[Fajar Priyanto]

On Fri, Dec 9, 2011 at 5:50 AM, Charles Tryon charles.tr...@gmail.com wrote:
 I'm not sure if this is an LDAP issue, a Samba issue, a BSD issue or a
 FreeNAS issue...
 However, my observation in FreeNAS is that, using LDAP, THIS DOESN'T WORK.
 If I set the Unix folder permissions in a share to 770, then the actual
 owner of the file/folder can open it up, but not other users who are in the
 group.  The only way to grant access to other users is to set the
 permissions to 777 and open it up to the world.  Also, the valid users
 parameter in the Samba conf file doesn't work with a group name.  If I
 specify a group, then noone can map the share.

Hi Charles,
As you can see in my earlier post, my problem may be a bit similar.
Mine is samba on zfs with 100+ users. I put all users in the same
group as 2ndary member (usermod -G groupname username).
I've setup LDAP authentication on the system.
The samba shares is 2770 where every users in the group have rwx access.
IT WORKS, but after a while some users are reporting they can only
READ, not WRITE.
Samba log shows this error: NT_NAME_COLLISION...
I've googled, ask everywhere.. seen similar things, but
So no solution, luckily I found a workaround. Creating a cronjob to
restart Samba once a day seems to eliminate the problem.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] bind errors for latest samba 4 checkout

[steve]

Hi Dale, hi everyone.

Thanks. I now have the managed keys cleared:

Dec  9 06:57:33 hh3 named[3125]: managed-keys-zone ./IN: loaded serial 0



Stop bind and see if /var/run/named/named.pid remains. You may have a
stale pid that needs removing manually.




I had a go at that:

rm /var/run/named/named.pid
rm: cannot remove `/var/run/named/named.pid': Too many levels of 
symbolic links


I have:

lrwxrwxrwx  1 root  root14 Dec  9 05:36 named - /var/run/named

Removing /var/run/named clears the error but it returns on restarting named.

Also the:

Dec  9 06:57:33 hh3 named[3125]: command channel listening on 127.0.0.1#953
Dec  9 06:57:33 hh3 named[3125]: couldn't add command channel ::1#953: 
address not available


remains

As I say, dns is working fine. I'd just like to clear the errors.

Thanks
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[SCM] Samba Shared Repository - branch master updated

[Volker Lendecke]

The branch, master has been updated
   via  6316335 s3: Fix typos
  from  a47970c Add tests for srvsvc python interface. Thanks Dhananjay 
Sathe

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 63163358010d7897aab71d2d7f21fd4dc685a937
Author: Volker Lendecke v...@samba.org
Date:   Thu Dec 8 10:30:16 2011 +0100

s3: Fix typos

Autobuild-User: Volker Lendecke vlen...@samba.org
Autobuild-Date: Thu Dec  8 12:05:55 CET 2011 on sn-devel-104

---

Summary of changes:
 source3/printing/pcap.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/printing/pcap.c b/source3/printing/pcap.c
index 62db4f5..dd7ba62 100644
--- a/source3/printing/pcap.c
+++ b/source3/printing/pcap.c
@@ -191,7 +191,7 @@ done:
if ((pcap_reloaded)  (post_cache_fill_fn_handled == false)) {
/* cleanup old entries only if the operation was successful,
 * otherwise keep around the old entries until we can
-* successfuly reaload */
+* successfully reload */
status = printer_list_clean_old();
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, (Failed to cleanup printer list!\n));


-- 
Samba Shared Repository

[SCM] Samba GTK+ frontends branch, master, updated. 00bf514449d4a7910d327c6af54512f681d7e5b6

[Jelmer Vernooij]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project Samba GTK+ frontends.

The branch, master has been updated
   via  00bf514449d4a7910d327c6af54512f681d7e5b6 (commit)
   via  72761638de4566758045d203f780d8ffc455b3d1 (commit)
   via  16d54a9f7b8811ec4f0a86e48763237c2a17b0ae (commit)
   via  204aa75536d5508ca326bddd273d7d7e617109b1 (commit)
   via  c0cfd5beb6c3290b8da6d441281c29527d2293fe (commit)
   via  8ecfea095c473771b5a4583dd5d3b19687b694ef (commit)
   via  9473d0b8b1b7696c413625a0c9bd96ffa4c36a76 (commit)
   via  7754896966e49572ce08faa97e31b66be15265f6 (commit)
   via  fffac28cd2768d87a68572e60236f4e319727303 (commit)
   via  f0fee8f57697c04d5b673a1f03508ffbf4e5bdee (commit)
   via  a956ca8135492291830ba7ab0eb6e5bbad8288ff (commit)
   via  d577b6d1ac9af13ba702b312d041c900adda6b15 (commit)
   via  31d64c06bb4a9c23e4ccb0f9df0023d2fe0146da (commit)
   via  aca6211e2409a908333091951159a8ed284e94d3 (commit)
   via  c8b9a88c9ab45a7ce6badc2cc44066176729a759 (commit)
   via  b9d03b7835726a459d363ef937f8edea40148473 (commit)
   via  2553e5cae805299462cb783f37f43963e263c40f (commit)
   via  28e7dc1e155f3ef38f4229289ba2c058dacfe71c (commit)
   via  17be9796b53f883685bd4621d91170dc67faff9a (commit)
   via  eff9d06203bb34314596d674bf1a3676f9ea737a (commit)
   via  4899a39b8b55df7e477036f2e0b9b69859cead24 (commit)
   via  1b80754e6e00adc54d97c30fe9ddb940b1340060 (commit)
   via  74833272008293ef324215f4e1c3471ab82b6340 (commit)
   via  a4e68fa166578758cb20fbcec325ad60b869ce25 (commit)
   via  6654a56a748f35b6d0a7a9a785ee28f1a64e252c (commit)
   via  eb59b9036b88b0eb5361dc0c21b7ffb0f9450245 (commit)
   via  e5a0a44ffca7e8be1d788d1e8984fe3b30be5700 (commit)
   via  deedd6126c10a72e484f15b5e14ba6392355caae (commit)
   via  87bffd6c3e71c236630979396607eb48ccd9b3fd (commit)
   via  3f7c71078d9158f92b32af75ac9d1729c8a1239d (commit)
   via  792b5965b2bc8654966866093c9a1ca3e1a71a48 (commit)
   via  396c6c129eaf0599a7d764ccc00d49665b061d30 (commit)
   via  725b5a4bb217e8feb582d68f7c4848b16235d67e (commit)
   via  857bcbbc50660312caff3bf4cdb7c88338bd71b4 (commit)
   via  3eea0eaeefb733b7dcf35665a2df431d16ba1778 (commit)
   via  8c86579bbb7192aa4ad316f5969118e9423c5394 (commit)
   via  efe6bd64f8ac833e8a94fd692397fe7fed2e3c8b (commit)
   via  bf1f554590aa2372f33f40295a8cf45ba6afb6ee (commit)
   via  2f8366e3f648b730c02ecf65c78c35ed6003fe3e (commit)
   via  fb7459da08bd70a1495f5a279049bb531bd72315 (commit)
   via  0dd50cc09697f72623a01e68b13650f830201141 (commit)
   via  9059091d50caff3843dbe193a1d7df2cf9bd8f25 (commit)
   via  0a7a9fde7bb15f539bf9e5e979ca071453f8f76f (commit)
   via  74d5c6b550fa16f8a77d23fc388f73e87d191418 (commit)
   via  92af300e0a5cc58a024cccdfe7f538bb872b813b (commit)
   via  37749614df18b73d6663e2248154c4010be4bf62 (commit)
   via  594ea5fce030f5b3169fb01049985c6689533d32 (commit)
   via  88c599f58c63bca1364370a39ec9278c4a96abc7 (commit)
   via  6b655b90f339859abcefb215cb7fde8f511f3b55 (commit)
   via  e5c0359419dd566dfe303b7c3950b82a131c58b6 (commit)
   via  dca7d586457429bb2579cf9aaaea53e95aa89d9d (commit)
   via  9d62f91952765f1c98f4a75d90fc15c64c40ccec (commit)
   via  bc55a88fbb314c15e815368146a9be1d4c13f5f1 (commit)
   via  90e4ab6c550bcf3b253d6cefa54ed76e85d3975d (commit)
   via  b197be8ab1922b05ba6d798af1f95d4d90663589 (commit)
   via  2115a84e5be031cd9fb3400a1310d992bbf4303b (commit)
   via  1489dff08804c54e5205ebcbd4b88e1f372140f6 (commit)
   via  de3416246d4c10002b78477ac3fcf080727fae9e (commit)
   via  d7ccd3752ce1febfe37cfe3eabdad0c8babf66cf (commit)
   via  7d0da6d2118ef8821ceb9c00cbc3d14e8a57f165 (commit)
   via  a6bb3b1697c7a5fe03c17a2b5553648f582c1b5f (commit)
   via  cf9f34042dbfba8c2cb8f6cfe5fc13085df0ab7f (commit)
   via  e1798d232ef347d1393df4796ba09e9e0e6d5018 (commit)
   via  7e986a2faacadaf3edc6d070ea077b9b1adf9f8f (commit)
   via  a079a9d1f27e47732103369d348d6d342190993f (commit)
   via  12e9f4070f6cb99e7bcee8f9970353e1a69c4a36 (commit)
   via  2eba7f18f835a7f9f32405d5a993c200db9b2505 (commit)
   via  0e11377ac0ddde74e54fff9005f05bc7dce9182a (commit)
   via  e92629a62656e93e8b519c6ae80da0aa09fdd5d3 (commit)
   via  535e812b73320d7480d7ba3a7b820e93735740b3 (commit)
   via  6f291bb951b57c9168c391434af4ba3667d08ea2 (commit)
   via  1b210c7a1fdefaf9686f2b3935751b6707de6150 (commit)
   via  f7d55a7cfdddcedcb47ef79060786809073620ed (commit)
   via  80232327555164be79292f2f45020dd73f0c4352 (commit)
   via  8da200f8a495d50dabc601dea8a966698c03e90f (commit)
   via  d9569ddb65bf045e64c83fe5e7d2b642d776a2b0 (commit)
   via  f6f009855c5eaaec175dd224275e81576752e8b5 (commit)
   

[SCM] Samba Shared Repository - branch master updated

[Volker Lendecke]

The branch, master has been updated
   via  664eb70 s3-dbwrap:  is not required when taking a function pointer
   via  4856033 s3-dbwrap: Make dbwrap_fallback_wipe private
   via  d9e5368 s3-dbwrap: Avoid an else by an early return
   via  5cda77d s3-dbwrap: Make dbwrap_fallback_parse_record private
   via  527dc2e s3-dbwrap: Make dbwrap_fallback_fetch private
   via  b6d5dfc s3-dbwrap: use wrappers where appropriate
   via  883419a s3-dbwrap: Use simpler code for logging keys
   via  14d3889 s3: Fix some 64-bit warnings
   via  4552c28 s3: Fix some blank line endings
  from  6316335 s3: Fix typos

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 664eb70e746428f765cd7aded06d36c5363a2ed8
Author: Volker Lendecke v...@samba.org
Date:   Thu Dec 8 14:02:27 2011 +0100

s3-dbwrap:  is not required when taking a function pointer

Autobuild-User: Volker Lendecke vlen...@samba.org
Autobuild-Date: Thu Dec  8 16:39:29 CET 2011 on sn-devel-104

commit 4856033410db98b44d76e82f649634e13eba221f
Author: Volker Lendecke v...@samba.org
Date:   Thu Dec 8 14:01:27 2011 +0100

s3-dbwrap: Make dbwrap_fallback_wipe private

commit d9e5368fcccf02164c2bdc0fc679b71e7cfa510f
Author: Volker Lendecke v...@samba.org
Date:   Thu Dec 8 13:59:33 2011 +0100

s3-dbwrap: Avoid an else by an early return

commit 5cda77d5996acb26648fbb0231ddc8b20e626cc0
Author: Volker Lendecke v...@samba.org
Date:   Thu Dec 8 13:58:19 2011 +0100

s3-dbwrap: Make dbwrap_fallback_parse_record private

We have the private fallback in dbwrap_parse_record anyway

commit 527dc2ed52c78b1ae114207736883759638db5d1
Author: Volker Lendecke v...@samba.org
Date:   Thu Dec 8 13:56:07 2011 +0100

s3-dbwrap: Make dbwrap_fallback_fetch private

commit b6d5dfc16db83790e833397ee35ea28711b8cec8
Author: Volker Lendecke v...@samba.org
Date:   Thu Dec 8 13:51:19 2011 +0100

s3-dbwrap: use wrappers where appropriate

commit 883419a50b9c0c6e0b5644f7f1147ddf24627458
Author: Volker Lendecke v...@samba.org
Date:   Wed Dec 7 14:50:54 2011 +0100

s3-dbwrap: Use simpler code for logging keys

commit 14d388928501f9cc56cef04375fdb08e052fd44a
Author: Volker Lendecke v...@samba.org
Date:   Fri Dec 2 15:03:05 2011 +0100

s3: Fix some 64-bit warnings

commit 4552c28d6db35d1d0b8dfdb145235eef629fbf35
Author: Volker Lendecke v...@samba.org
Date:   Mon Dec 5 10:49:48 2011 +0100

s3: Fix some blank line endings

---

Summary of changes:
 source3/lib/dbwrap/dbwrap.c |   48 ++--
 source3/lib/dbwrap/dbwrap_open.c|   17 ++-
 source3/lib/dbwrap/dbwrap_private.h |   12 
 source3/lib/dbwrap/dbwrap_tdb.c |   51 +++---
 source3/lib/dbwrap/dbwrap_util.c|6 ++--
 source3/smbd/oplock.c   |   20 -
 6 files changed, 73 insertions(+), 81 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/dbwrap/dbwrap.c b/source3/lib/dbwrap/dbwrap.c
index 7d96926..83c02f5 100644
--- a/source3/lib/dbwrap/dbwrap.c
+++ b/source3/lib/dbwrap/dbwrap.c
@@ -28,12 +28,13 @@
  * Fall back using fetch_locked if no genuine fetch operation is provided
  */
 
-NTSTATUS dbwrap_fallback_fetch(struct db_context *db, TALLOC_CTX *mem_ctx,
-  TDB_DATA key, TDB_DATA *data)
+static NTSTATUS dbwrap_fallback_fetch(struct db_context *db,
+ TALLOC_CTX *mem_ctx,
+ TDB_DATA key, TDB_DATA *data)
 {
struct db_record *rec;
 
-   rec = db-fetch_locked(db, mem_ctx, key);
+   rec = dbwrap_fetch_locked(db, mem_ctx, key);
if (rec == NULL) {
return NT_STATUS_UNSUCCESSFUL;
}
@@ -58,17 +59,17 @@ static int dbwrap_fallback_exists(struct db_context *db, 
TDB_DATA key)
  * Fall back using fetch if no genuine parse operation is provided
  */
 
-int dbwrap_fallback_parse_record(struct db_context *db, TDB_DATA key,
-int (*parser)(TDB_DATA key,
-  TDB_DATA data,
-  void *private_data),
-void *private_data)
+static int dbwrap_fallback_parse_record(struct db_context *db, TDB_DATA key,
+   int (*parser)(TDB_DATA key,
+ TDB_DATA data,
+ void *private_data),
+   void *private_data)
 {
TDB_DATA data;
int res;
NTSTATUS status;
 
-   status = db-fetch(db, talloc_tos(), key, data);
+   status = dbwrap_fetch(db, talloc_tos(), key, data);
if (!NT_STATUS_IS_OK(status)) {
return 

[SCM] Samba Shared Repository - branch master updated

[Jelmer Vernooij]

The branch, master has been updated
   via  03e5f58 pyldb: Add more docstrings.
   via  e76c981 samba.drs_utils: Use new style classes and exceptions, fix 
formatting of docstrings to make pydoctor happy.
   via  452d1ef samba.kcc_utils: Fix formatting to match PEP8, make 
pydoctor happy.
  from  664eb70 s3-dbwrap:  is not required when taking a function pointer

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 03e5f581aed89b3eea5769a244864a0f9938ac59
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 20:28:18 2011 +0100

pyldb: Add more docstrings.

Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Thu Dec  8 22:08:49 CET 2011 on sn-devel-104

commit e76c981c8008668609061755528f59c7ffc483a6
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 20:23:57 2011 +0100

samba.drs_utils: Use new style classes and exceptions, fix formatting of 
docstrings to make pydoctor happy.

commit 452d1ef8ef9e5eeaec02dfa464ce2f1998761892
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 20:20:03 2011 +0100

samba.kcc_utils: Fix formatting to match PEP8, make pydoctor happy.

---

Summary of changes:
 lib/ldb/pyldb.c |   19 +-
 source4/scripting/python/samba/drs_utils.py |   32 ++-
 source4/scripting/python/samba/kcc_utils.py |  460 +--
 3 files changed, 245 insertions(+), 266 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/ldb/pyldb.c b/lib/ldb/pyldb.c
index 2f1a6a3..b2315e6 100644
--- a/lib/ldb/pyldb.c
+++ b/lib/ldb/pyldb.c
@@ -2117,6 +2117,7 @@ static PyTypeObject PyLdbModule = {
.tp_basicsize = sizeof(PyLdbModuleObject),
.tp_dealloc = (destructor)py_ldb_module_dealloc,
.tp_flags = Py_TPFLAGS_DEFAULT,
+   .tp_doc = LDB module (extension),
 };
 
 
@@ -2436,6 +2437,7 @@ static PyTypeObject PyLdbMessageElement = {
.tp_as_sequence = py_ldb_msg_element_seq,
.tp_new = py_ldb_msg_element_new,
.tp_flags = Py_TPFLAGS_DEFAULT,
+   .tp_doc = An element of a Message,
 };
 
 
@@ -2836,6 +2838,7 @@ static PyTypeObject PyLdbMessage = {
.tp_flags = Py_TPFLAGS_DEFAULT,
.tp_iter = (getiterfunc)py_ldb_msg_iter,
.tp_compare = (cmpfunc)py_ldb_msg_compare,
+   .tp_doc = A LDB Message,
 };
 
 static PyObject *PyLdbTree_FromTree(struct ldb_parse_tree *tree)
@@ -2864,6 +2867,7 @@ static PyTypeObject PyLdbTree = {
.tp_basicsize = sizeof(PyLdbTreeObject),
.tp_dealloc = (destructor)py_ldb_tree_dealloc,
.tp_flags = Py_TPFLAGS_DEFAULT,
+   .tp_doc = A search tree,
 };
 
 /* Ldb_module */
@@ -3247,24 +3251,25 @@ static PyObject *py_binary_decode(PyObject *self, 
PyObject *args)
 
 static PyMethodDef py_ldb_global_methods[] = {
{ register_module, py_register_module, METH_VARARGS, 
-   S.register_module(module) - None\n
+   S.register_module(module) - None\n\n
Register a LDB module.},
{ timestring, py_timestring, METH_VARARGS, 
-   S.timestring(int) - string\n
+   S.timestring(int) - string\n\n
Generate a LDAP time string from a UNIX timestamp },
{ string_to_time, py_string_to_time, METH_VARARGS,
-   S.string_to_time(string) - int\n
+   S.string_to_time(string) - int\n\n
Parse a LDAP time string into a UNIX timestamp. },
{ valid_attr_name, py_valid_attr_name, METH_VARARGS,
-   S.valid_attr_name(name) - bool\n
+   S.valid_attr_name(name) - bool\n\nn
Check whether the supplied name is a valid attribute name. },
{ open, (PyCFunction)py_ldb_new, METH_VARARGS|METH_KEYWORDS,
-   NULL },
+   S.open() - Ldb\n\n
+   Open a new LDB context. },
{ binary_encode, py_binary_encode, METH_VARARGS,
-   S.binary_encode(string) - string\n
+   S.binary_encode(string) - string\n\n
Perform a RFC2254 binary encoding on a string },
{ binary_decode, py_binary_decode, METH_VARARGS,
-   S.binary_decode(string) - string\n
+   S.binary_decode(string) - string\n\n
Perform a RFC2254 binary decode on a string },
{ NULL }
 };
diff --git a/source4/scripting/python/samba/drs_utils.py 
b/source4/scripting/python/samba/drs_utils.py
index 9aacfbc..fe14a8f 100644
--- a/source4/scripting/python/samba/drs_utils.py
+++ b/source4/scripting/python/samba/drs_utils.py
@@ -24,7 +24,7 @@ from samba.net import Net
 import samba, ldb
 
 
-class drsException:
+class drsException(Exception):
 Base element for drs errors
 
 def __init__(self, value):
@@ -35,8 +35,8 @@ class drsException:
 
 
 def drsuapi_connect(server, lp, creds):
-
-make a 

[SCM] Samba Shared Repository - branch master updated

[Jelmer Vernooij]

The branch, master has been updated
   via  31eba61 Add test for PEP8 - currently all errors are ignored, but 
we warn about them - and can ratchet if we want to.
   via  eae3e62 Add pep8.
   via  624a78d testtools: Update to new upstream revision.
  from  03e5f58 pyldb: Add more docstrings.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 31eba612f47fc19381eddc8b2fa825b56953784f
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 21:56:08 2011 +0100

Add test for PEP8 - currently all errors are ignored, but we warn about 
them - and can ratchet if we want to.

Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Thu Dec  8 23:44:10 CET 2011 on sn-devel-104

commit eae3e6230facf84f59b7d3a6582131d664372f1f
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 21:22:35 2011 +0100

Add pep8.

commit 624a78d9f8214d21346b7791d3e2f2a57cb26688
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 21:21:59 2011 +0100

testtools: Update to new upstream revision.

---

Summary of changes:
 lib/pep8/pep8.py | 1360 ++
 lib/testtools/NEWS   |   41 +
 lib/testtools/doc/for-test-authors.rst   |  137 +++-
 lib/testtools/doc/hacking.rst|2 +-
 lib/testtools/setup.py   |5 +-
 lib/testtools/testtools/compat.py|5 +-
 lib/testtools/testtools/content.py   |6 +-
 lib/testtools/testtools/matchers.py  |  253 -
 lib/testtools/testtools/testcase.py  |   10 +-
 lib/testtools/testtools/testresult/real.py   |   57 +-
 lib/testtools/testtools/tests/test_matchers.py   |  260 -
 lib/testtools/testtools/tests/test_testresult.py |   20 +
 lib/update-external.sh   |5 +
 source4/scripting/python/samba/tests/source.py   |   50 +
 14 files changed, 2165 insertions(+), 46 deletions(-)
 create mode 100755 lib/pep8/pep8.py


Changeset truncated at 500 lines:

diff --git a/lib/pep8/pep8.py b/lib/pep8/pep8.py
new file mode 100755
index 000..227a9a3
--- /dev/null
+++ b/lib/pep8/pep8.py
@@ -0,0 +1,1360 @@
+#!/usr/bin/python
+# pep8.py - Check Python source code formatting, according to PEP 8
+# Copyright (C) 2006 Johann C. Rocholl joh...@rocholl.net
+#
+# Permission is hereby granted, free of charge, to any person
+# obtaining a copy of this software and associated documentation files
+# (the Software), to deal in the Software without restriction,
+# including without limitation the rights to use, copy, modify, merge,
+# publish, distribute, sublicense, and/or sell copies of the Software,
+# and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+
+Check Python source code formatting, according to PEP 8:
+http://www.python.org/dev/peps/pep-0008/
+
+For usage and a list of options, try this:
+$ python pep8.py -h
+
+This program and its regression test suite live here:
+http://github.com/jcrocholl/pep8
+
+Groups of errors and warnings:
+E errors
+W warnings
+100 indentation
+200 whitespace
+300 blank lines
+400 imports
+500 line length
+600 deprecation
+700 statements
+
+You can add checks to this program by writing plugins. Each plugin is
+a simple function that is called for each line of source code, either
+physical or logical.
+
+Physical line:
+- Raw line of text from the input file.
+
+Logical line:
+- Multi-line statements converted to a single line.
+- Stripped left and right.
+- Contents of strings replaced with 'xxx' of same length.
+- Comments removed.
+
+The check function requests physical or logical lines by the name of
+the first argument:
+
+def maximum_line_length(physical_line)
+def extraneous_whitespace(logical_line)
+def blank_lines(logical_line, blank_lines, indent_level, line_number)
+
+The last example above demonstrates how check plugins can request
+additional information with extra arguments. All attributes of the
+Checker object are available. Some examples:
+
+lines: a list of the raw lines from the input file
+tokens: the tokens that contribute to this logical line
+line_number: line number in the 

[SCM] build.samba.org - branch master updated

[Jelmer Vernooij]

The branch, master has been updated
   via  2fb8a4d Support uxsuccess.
  from  01a3d51 now that samba_3_waf is just a regular part of the build, 
remove seperate tree

http://gitweb.samba.org/?p=build-farm.git;a=shortlog;h=master


- Log -
commit 2fb8a4dc3e9eab885984c79c37b3b0b6dc951e68
Author: Jelmer Vernooij jel...@samba.org
Date:   Fri Dec 9 00:40:03 2011 +0100

Support uxsuccess.

---

Summary of changes:
 buildfarm/web/__init__.py |4 +++-
 web/build_farm.css|3 +++
 2 files changed, 6 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/buildfarm/web/__init__.py b/buildfarm/web/__init__.py
index 904733c..f8ac04a 100755
--- a/buildfarm/web/__init__.py
+++ b/buildfarm/web/__init__.py
@@ -167,6 +167,8 @@ def subunit_to_buildfarm_result(subunit_result):
 return failed
 elif subunit_result == xfail:
 return xfailed
+elif subunit_result == uxsuccess:
+return uxpassed
 else:
 return unknown
 
@@ -239,7 +241,7 @@ class LogPrettyPrinter(object):
 log = re.sub(
   ^test: ([\w\-=,_:\ /.; \(\)]+).*?
   (.*?)
-  (success|xfail|failure|skip): [\w\-=,_:\ /.; \(\)]+( 
\[.*?\])?.*?
+  (success|xfail|failure|skip|uxsuccess): [\w\-=,_:\ /.; \(\)]+( 
\[.*?\])?.*?
, self._format_test, log)
 
 return pre%s/pre % log
diff --git a/web/build_farm.css b/web/build_farm.css
index 860d438..136bea3 100644
--- a/web/build_farm.css
+++ b/web/build_farm.css
@@ -11,6 +11,7 @@
 #log .status.error {   color: rgb(153, 0,   0);   }
 #log .status.warning { color: rgb(153, 75,  0);   }
 #log .status.xfailed { color: rgb(153, 75,  0);   }
+#log .status.uxpassed {color: rgb(153, 0,   0);   }
 #log .status.mistake { color: rgb(0,   0,   153); }
 #log .output {
color: rgb(0, 0, 0);
@@ -26,6 +27,7 @@
 #log div.unit.skipped {background-color: rgb(180, 180, 255); }
 #log div.unit.warning {background-color: rgb(255, 180, 125); }
 #log div.unit.xfailed {background-color: rgb(255, 180, 125); }
+#log div.unit.uxpassed {   background-color: rgb(255, 180, 180); }
 #log div.unit.error {  background-color: rgb(255, 180, 180); }
 #log div.unit.mistake {background-color: rgb(180, 180, 255); }
 
@@ -36,6 +38,7 @@
 #log .unit.mistake .output {   display: none;}
 #log .unit.warning .output {   display: none;}
 #log .unit.xfailed .output {   display: none;}
+#log .unit.uxpassed .output {  display: none;}
 #log .unit.errorlog .output {  display: none;}
 #log div.status.errorlog { display: none;}
 img + div.action.title {margin-left: 0.5em;}


-- 
build.samba.org

[SCM] Samba Shared Repository - branch master updated

[Jelmer Vernooij]

The branch, master has been updated
   via  85f8d97 Revert Install (platform-independent) python scripts to 
the PYTHONDIR rather than PYTHONARCHDIR.
   via  0e9b092 Add 'make pep8' target.
  from  31eba61 Add test for PEP8 - currently all errors are ignored, but 
we warn about them - and can ratchet if we want to.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 85f8d97f5121b239ebe814a8ef6765317ddd3f51
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 23:46:14 2011 +0100

Revert Install (platform-independent) python scripts to the PYTHONDIR 
rather than PYTHONARCHDIR.

This reverts commit de4b8943bfb40e2f50c9e4e2ee5d39e986317d08.

PYTHONDIR and PYTHONARCHDIR are both incorrect - they're the
distribution's python locations, rather than the python locations for
third party applications. For the moment, using PYTHONARCHDIR seems
better though, because it works around an issue on Fedora/RedHat.

Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Fri Dec  9 01:58:50 CET 2011 on sn-devel-104

commit 0e9b092531247ea00840d97b4d96fbfd0395c179
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 22:14:55 2011 +0100

Add 'make pep8' target.

---

Summary of changes:
 Makefile   |3 +++
 source4/scripting/python/wscript_build |2 +-
 wscript|8 
 3 files changed, 12 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/Makefile b/Makefile
index 3b40c73..ae2fc06 100644
--- a/Makefile
+++ b/Makefile
@@ -73,3 +73,6 @@ FORCE:
 
 pydoctor:
$(WAF) pydoctor
+
+pep8:
+   $(WAF) pep8
diff --git a/source4/scripting/python/wscript_build 
b/source4/scripting/python/wscript_build
index 73f7ae8..8879f75 100644
--- a/source4/scripting/python/wscript_build
+++ b/source4/scripting/python/wscript_build
@@ -36,4 +36,4 @@ bld.SAMBA_SCRIPT('samba_python',
  pattern='samba/**/*.py',
  installdir='python')
 
-bld.INSTALL_WILDCARD('${PYTHONDIR}', 'samba/**/*.py', flat=False)
+bld.INSTALL_WILDCARD('${PYTHONARCHDIR}', 'samba/**/*.py', flat=False)
diff --git a/wscript b/wscript
index 5ccb74d..18daaac 100755
--- a/wscript
+++ b/wscript
@@ -152,6 +152,14 @@ def pydoctor(ctx):
 print(Running: %s % cmd)
 os.system(cmd)
 
+
+def pep8(ctx):
+'''run pep8 validator'''
+cmd='PYTHONPATH=bin/python pep8 -r bin/python/samba'
+print(Running: %s % cmd)
+os.system(cmd)
+
+
 def wafdocs(ctx):
 '''build wafsamba apidocs'''
 from samba_utils import recursive_dirlist


-- 
Samba Shared Repository

autobuild: intermittent test failure detected

[autobuild]

The autobuild test system has detected an intermittent failing test in 
the current master tree.

The autobuild log of the failure is available here:

   http://git.samba.org/autobuild.flakey/2011-12-09-0230/flakey.log

The samba3 build logs are available here:

   http://git.samba.org/autobuild.flakey/2011-12-09-0230/samba3.stderr
   http://git.samba.org/autobuild.flakey/2011-12-09-0230/samba3.stdout

The source4 build logs are available here:

   http://git.samba.org/autobuild.flakey/2011-12-09-0230/samba4.stderr
   http://git.samba.org/autobuild.flakey/2011-12-09-0230/samba4.stdout
  
The top commit at the time of the failure was:

commit 85f8d97f5121b239ebe814a8ef6765317ddd3f51
Author: Jelmer Vernooij jel...@samba.org
Date:   Thu Dec 8 23:46:14 2011 +0100

Revert Install (platform-independent) python scripts to the PYTHONDIR 
rather than PYTHONARCHDIR.

This reverts commit de4b8943bfb40e2f50c9e4e2ee5d39e986317d08.

PYTHONDIR and PYTHONARCHDIR are both incorrect - they're the
distribution's python locations, rather than the python locations for
third party applications. For the moment, using PYTHONARCHDIR seems
better though, because it works around an issue on Fedora/RedHat.

Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Fri Dec  9 01:58:50 CET 2011 on sn-devel-104

[SCM] Samba Shared Repository - branch master updated

[Kai Blin]

The branch, master has been updated
   via  c01efc1 s4 dns: Update requests with QCLASS != IN or ALL trigger 
NOTIMPLEMENTED errors
   via  358a81e s4 dns: Add test to prove two updates in one packet are a 
FORMERR
   via  509acc7 s4 dns: More explicitly use the first question of an update 
packet only
   via  3fbb76c s4 dns: Get rid of const qualifier for prereqs, we do need 
to allocate those
  from  85f8d97 Revert Install (platform-independent) python scripts to 
the PYTHONDIR rather than PYTHONARCHDIR.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit c01efc1207b097517623d71b2ed9a24bb9c255de
Author: Kai Blin k...@samba.org
Date:   Fri Dec 9 01:26:39 2011 +0100

s4 dns: Update requests with QCLASS != IN or ALL trigger NOTIMPLEMENTED 
errors

Autobuild-User: Kai Blin k...@samba.org
Autobuild-Date: Fri Dec  9 03:32:28 CET 2011 on sn-devel-104

commit 358a81eff5279a69270964226b553fb5243ecb84
Author: Kai Blin k...@samba.org
Date:   Fri Dec 9 01:14:35 2011 +0100

s4 dns: Add test to prove two updates in one packet are a FORMERR

commit 509acc71dd8534539021b0ec57dd83a841119793
Author: Kai Blin k...@samba.org
Date:   Fri Dec 9 00:59:34 2011 +0100

s4 dns: More explicitly use the first question of an update packet only

commit 3fbb76c119eaa1becb2df72d54cd4685771628df
Author: Kai Blin k...@samba.org
Date:   Fri Dec 9 00:58:32 2011 +0100

s4 dns: Get rid of const qualifier for prereqs, we do need to allocate those

---

Summary of changes:
 source4/dns_server/dns_server.h |6 ++--
 source4/dns_server/dns_update.c |   13 ---
 source4/scripting/python/samba/tests/dns.py |   30 +++
 3 files changed, 42 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dns_server/dns_server.h b/source4/dns_server/dns_server.h
index 28351e8..d658b2a 100644
--- a/source4/dns_server/dns_server.h
+++ b/source4/dns_server/dns_server.h
@@ -49,9 +49,9 @@ WERROR dns_server_process_query(struct dns_server *dns,
 WERROR dns_server_process_update(struct dns_server *dns,
 TALLOC_CTX *mem_ctx,
 struct dns_name_packet *in,
-const struct dns_res_rec *prereqs, uint16_t 
prereq_count,
-struct dns_res_rec **updates,  uint16_t 
*update_count,
-struct dns_res_rec **additional,   uint16_t 
*arcount);
+struct dns_res_rec *prereqs, uint16_t 
prereq_count,
+struct dns_res_rec **updates,uint16_t 
*update_count,
+struct dns_res_rec **additional, uint16_t 
*arcount);
 
 uint8_t werr_to_dns_err(WERROR werror);
 bool dns_name_match(const char *zone, const char *name, size_t *host_part_len);
diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c
index a9fabf6..55589d2 100644
--- a/source4/dns_server/dns_update.c
+++ b/source4/dns_server/dns_update.c
@@ -126,9 +126,9 @@ static WERROR update_prescan(const struct dns_name_question 
*zone,
 WERROR dns_server_process_update(struct dns_server *dns,
 TALLOC_CTX *mem_ctx,
 struct dns_name_packet *in,
-const struct dns_res_rec *prereqs, uint16_t 
prereq_count,
-struct dns_res_rec **updates,  uint16_t 
*update_count,
-struct dns_res_rec **additional,   uint16_t 
*arcount)
+struct dns_res_rec *prereqs, uint16_t 
prereq_count,
+struct dns_res_rec **updates,uint16_t 
*update_count,
+struct dns_res_rec **additional, uint16_t 
*arcount)
 {
struct dns_name_question *zone;
const struct dns_server_zone *z;
@@ -140,7 +140,12 @@ WERROR dns_server_process_update(struct dns_server *dns,
return DNS_ERR(FORMAT_ERROR);
}
 
-   zone = in-questions;
+   zone = in-questions[0];
+
+   if (zone-question_class != DNS_QCLASS_IN 
+   zone-question_class != DNS_QCLASS_ANY) {
+   return DNS_ERR(NOT_IMPLEMENTED);
+   }
 
if (zone-question_type != DNS_QTYPE_SOA) {
return DNS_ERR(FORMAT_ERROR);
diff --git a/source4/scripting/python/samba/tests/dns.py 
b/source4/scripting/python/samba/tests/dns.py
index 9f53225..60003fc 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -187,6 +187,36 @@ class DNSTest(TestCase):
 self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
 self.assertEquals(response.ancount, 1)
 
+def