Re: [Samba] samba4 missing group membership with getent group
Hi that's my setting today (AD with 4.06 and files server with 3.6). Working great, but my goal is really to get rid of that (just one machine). thanks and regards philippe From: Ali Bendriss [mailto:ali.bendr...@gmail.com] Sent: Friday, June 21, 2013 3:39 PM To: samba@lists.samba.org Cc: Rowland Penny; Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE Subject: Re: [Samba] samba4 missing group membership with getent group On Friday, June 21, 2013 10:12:26 AM Rowland Penny wrote: Hi, well yet another reason to use sssd instead of winbind. [...] Hi, An other option is to use samba AD in one server and the file server (smbd + winbindd) in an other. Since I've done that (last year I think) I've got no problem at all. At first you may think that it's to much resources (2 servers or vm) but it's really flexible and easy to maintain. -- Ali -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups)
hi Andrew the interfaces = eth0, lo bind interfaces only = Yes doesn't bring anything by me, always crash. for the 2 other question I need some more time (never used valgrind, and have to re-do the bisect ...) Thanks and regards Philippe -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Saturday, June 22, 2013 9:09 AM To: Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE Cc: sa...@samba.org; samba-techni...@samba.org Subject: Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups) On Fri, 2013-06-21 at 08:10 +, philippe.simo...@swisscom.com wrote: I tried both, and I get still crashes : 0001-gensec-work-around-nested-event-loops-by-ensuring-th.patch 0002-s4-winbind-Add-special-case-for-BUILTIN-domain.patch - samba version 4.0.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 samba: using 'single' process model talloc: access after free error - first free may be at ../source4/kdc/db-glue.c:206 Bad talloc magic value - access after free PANIC: Bad talloc magic value - access after free Aborted philippe Does setting: interfaces = virbr0:0 lo bind interfaces only = yes help? Also, does reverting (with 'git revert HASH', where HASH is the commit id your bisect identified) help? Finally, can you run Samba under valgrind again? The error you show above doesn't seem quite right in the context, and I want to be sure we are not chasing an unrelated issue. Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups)
Hi On 24 June 2013 08:56, philippe.simo...@swisscom.com wrote: hi Andrew the interfaces = eth0, lo bind interfaces only = Yes doesn't bring anything by me, always crash. for the 2 other question I need some more time (never used valgrind, and have to re-do the bisect ...) No need to redo the bisect. Andrew is just asking you to try reverting the commit that your previous bisect found and see if you still get the same crash or a different crash or no crash at all. So: $ git revert f77d5d6479c879c8770fbc9a6ca5656ef3e41019 and then save the commit message. Then test again to see if the crash is the same or different or if the problem has now disappeared. Thanks and regards Philippe -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Saturday, June 22, 2013 9:09 AM To: Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE Cc: sa...@samba.org; samba-techni...@samba.org Subject: Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups) On Fri, 2013-06-21 at 08:10 +, philippe.simo...@swisscom.com wrote: I tried both, and I get still crashes : 0001-gensec-work-around-nested-event-loops-by-ensuring-th.patch 0002-s4-winbind-Add-special-case-for-BUILTIN-domain.patch - samba version 4.0.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 samba: using 'single' process model talloc: access after free error - first free may be at ../source4/kdc/db-glue.c:206 Bad talloc magic value - access after free PANIC: Bad talloc magic value - access after free Aborted philippe Does setting: interfaces = virbr0:0 lo bind interfaces only = yes help? Also, does reverting (with 'git revert HASH', where HASH is the commit id your bisect identified) help? Finally, can you run Samba under valgrind again? The error you show above doesn't seem quite right in the context, and I want to be sure we are not chasing an unrelated issue. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem compil samba 4.0.6
Hi all, I have a problem when I try to compil samba 4.0.6 on my test machine (suse linux enterprise server 11 SP2 32-bits). output of compilation : [3353/3781] Linking default/lib/param/libsamba-hostconfig.so [3354/3781] Linking default/lib/tdb_wrap/libtdb-wrap.so [3355/3781] Linking default/libcli/security/libsamba-security.so [3356/3781] Linking default/lib/util/libutil_tdb.so [3357/3781] Linking default/auth/libauth_sam_reply.so [3358/3781] Linking default/lib/util/libsamba-modules.so [3359/3781] Linking default/source4/lib/socket/libnetif.so [3360/3781] Linking default/source4/lib/samba3/libsmbpasswdparser.so [3361/3781] Linking default/lib/torture/libtorture.so [3362/3781] Linking default/source3/libsmbd_conn.so [3363/3781] Linking default/libcli/security/pysecurity.so [3364/3781] Linking default/source3/libCHARSET3.so [3365/3781] Linking default/libcli/registry/libutil_reg.so [3366/3781] Linking default/lib/util/libtevent-util.so [3367/3781] Linking default/source4/heimdal_build/libkrb5-samba4.so [3368/3781] Linking default/source4/heimdal_build/libgssapi-samba4.so [3369/3781] Linking default/libcli/ldap/libcli-ldap-common.so [3370/3781] Linking default/lib/dbwrap/libdbwrap.so default/lib/dbwrap/dbwrap_tdb_1.o: In function `db_tdb_transaction_start_nonblock': dbwrap_tdb.c:(.text+0xd70): undefined reference to `tdb_transaction_start_nonblock' collect2: ld a retourné 1 code d'état d'exécution Waf: Leaving directory `/root/cd_coradm01/samba-4.0.6/bin' Build failed: - task failed (err #1): {task: cc_link dbwrap_1.o,dbwrap_util_1.o,dbwrap_rbt_1.o,dbwrap_cache_1.o,dbwrap_tdb_1.o,dbwrap_local_open_1.o - libdbwrap.so} make: *** [all] Erreur 1 what's happen ? best regards, Stéphane Purnelle --- Stéphane PURNELLE Admin. Systèmes et Réseaux Service Informatique Corman S.A. Tel : 00 32 (0)87/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 and (pseudo) LDAP backend for users, groups and rights
Hello Marc, first of all thanks for the quick reply. My Samba ADC was setup quite quick following the how to, good work! Since we are running low on time and want to stick with our LDAP server, I hope I can setup a file server for WinXP and Win7 with Samba 4 using smbd and nmbd and keep using the LDAP backend. I guess we don't really need the AD stuff for what we want to achieve, right? I really need to know if it is possible to setup some kind of auto mount for Windows clients. They should mount all of the users drives while logging in, now this happens with some script, which is run after successfully loggin in. The whole users, groups and rights stuff shouldn't be a problem. I did this in production last september (170 users, 230 workstations, and around 25 services getting information from LDAP or authenticating against). After some weeks of building a testing environment with everything, I did the final switch on a weekend (1.5 days for changing and adapting everything). And it's running absolutely great. How did you transfer the information from the (old) LDAP server to the Samba 4 ADS? Or did you separate things, like servers relying on the slapd and other systems communicating with the ADS? My quick guesses of possible solutions: - Samba 4 + Slapd on the same machine. Slapd synced to LDAP-Master - https://wiki.samba.org/index.php/Samba4/beyond#openLDAP_proxy_to_AD - I don't know if I get this one... The beyond samba page is from me. Just let me know, what's unclear. Then I will extend the HowTo and improve the descriptions. Ok, I thought so. I guess I wished for something like an AD to openLDAP proxy :) - Samba 4 importing an ldif-export of our LDAP-Master, problem: how to sync? I wouldn't do that. Much workaround stuff, directory ACLs won't be synced, etc. Tried it and got an error. Won't do it again... Questions: - What about using smbd + nmbd instead of samba? What are the drawbacks and what functionalities would we sacrifice? You need the samba binary, because it provides the AD stuff. If you plan to keep your NT4-style domain, then you can just upgrade. Samba 4 doesn't mean AD only and build-in LDAP only. AD is just an additionally feature of version 4. But AD requires the internal LDAP. As mention above, I will now try using samba 4 but not the samba binary. Now switching back to smbd, nmbd and LDAP backend. Wish me luck :) Thanks for your time and explanations! Cheers, Marcus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 missing group membership with getent group
If you are using S4 as an ADDC then you are using the builtin winbind and as far as I can see, this cannot provide group memberships via getent. I could be wrong but I believe that all the builtin winbind pulls from AD is the users name users primary group. These are either via some algorithm or via rfc2307 uidNumber gidNumber that must be added manually. As far as I can see, the only way to get getent on the S4 server to show groupmembers is to use sssd If you want to use the S4 server also as a fileserver, you must ensure that the users have the same uidNumber everywhere. This means that you must use rfc2307 attributes and use something to pull them, i.e the winbind ad backend or sssd, the winbind rid backend will not do - it will never give you the same uidNumber on the S3 clients as on the S4 AD server. On 24 June 2013 07:05, philippe.simo...@swisscom.com wrote: Hi ** ** that’s my setting today (AD with 4.06 and files server with 3.6). Working great, but my goal is really to get rid of that (just one machine). thanks and regards ** ** philippe ** ** *From:* Ali Bendriss [mailto:ali.bendr...@gmail.com] *Sent:* Friday, June 21, 2013 3:39 PM *To:* samba@lists.samba.org *Cc:* Rowland Penny; Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE *Subject:* Re: [Samba] samba4 missing group membership with getent group** ** ** ** On Friday, June 21, 2013 10:12:26 AM Rowland Penny wrote: Hi, well yet another reason to use sssd instead of winbind. [...] Hi, An other option is to use samba AD in one server and the file server (smbd + winbindd) in an other. Since I've done that (last year I think) I've got no problem at all. At first you may think that it's to much resources (2 servers or vm) but it's really flexible and easy to maintain. -- Ali -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.6.9-151 Parse_share modes: buffer too short
Hi, I have updated a gpfs cluster of Red Hat servers from 6.1 to 6.4 My previous samba/ctdb configuration was running cleanly, but I now experiencing a number of issues causing instable service of both nfs and samba. Version of samba: samba-winbind-3.6.9-151.el6.x86_64 samba-client-3.6.9-151.el6.x86_64 samba-common-3.6.9-151.el6.x86_64 samba-3.6.9-151.el6.x86_64 samba4-libs-4.0.0-55.el6.rc4.x86_64 samba-winbind-clients-3.6.9-151.el6.x86_64 CTDB: ctdb-1.0.114.5-3.el6.x86_64 Errors: Core dumps smbd[397]: [2013/06/24 11:34:00.702958, 0] lib/util.c:1117(smb_panic) smbd[397]: PANIC (pid 397): parse_share_modes: buffer too short smbd[397]: [2013/06/24 11:34:00.706707, 0] lib/util.c:1221(log_stack_trace) smbd[397]: BACKTRACE: 21 stack frames: smbd[397]:#0 smbd(log_stack_trace+0x1a) [0x7fa477be775a] smbd[397]:#1 smbd(smb_panic+0x2b) [0x7fa477be782b] smbd[397]:#2 smbd(+0x3b70e4) [0x7fa477b750e4] smbd[397]:#3 smbd(+0x3b7363) [0x7fa477b75363] smbd[397]:#4 smbd(fetch_share_mode_unlocked+0xf5) [0x7fa477b75505] smbd[397]:#5 smbd(get_file_infos+0x67) [0x7fa477b756b7] smbd[397]:#6 smbd(+0x14a8fa) [0x7fa4779088fa] smbd[397]:#7 smbd(+0x150238) [0x7fa47790e238] smbd[397]:#8 smbd(reply_trans2+0x588) [0x7fa47790fb68] smbd[397]:#9 smbd(+0x178604) [0x7fa477936604] smbd[397]:#10 smbd(+0x178a1b) [0x7fa477936a1b] smbd[397]:#11 smbd(+0x178e35) [0x7fa477936e35] smbd[397]:#12 smbd(run_events_poll+0x377) [0x7fa477bf6ad7] smbd[397]:#13 smbd(smbd_process+0x86d) [0x7fa47793497d] smbd[397]:#14 smbd(+0x6998cf) [0x7fa477e578cf] smbd[397]:#15 smbd(run_events_poll+0x377) [0x7fa477bf6ad7] smbd[397]:#16 smbd(+0x438f8f) [0x7fa477bf6f8f] smbd[397]:#17 smbd(_tevent_loop_once+0x90) [0x7fa477bf7310] smbd[397]:#18 smbd(main+0xf3b) [0x7fa477e58bcb] smbd[397]:#19 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7fa474545cdd] smbd[397]:#20 smbd(+0xf4db9) [0x7fa4778b2db9] smbd[397]: [2013/06/24 11:34:00.707208, 0] lib/fault.c:372(dump_core) smbd[397]: dumping core in /var/log/samba/cores/smbd Smbstatus -p show multiple Found invalid record in sessionid.tdb Thanks Tom This message (and any attachments) is for the recipient only. NERC is subject to the Freedom of Information Act 2000 and the contents of this email and any reply you make may be disclosed by NERC unless it is exempt from release under the Act. Any material supplied to NERC may be stored in an electronic records management system. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cifs mounts fail after kernel upgrade
try adding the following. in the fstab, add, sec=ntlmv2 and try again. Louis -Oorspronkelijk bericht- Van: d...@briannassaladdressing.com [mailto:samba-boun...@lists.samba.org] Namens Dale Schroeder Verzonden: vrijdag 21 juni 2013 22:14 Aan: Samba Onderwerp: [Samba] cifs mounts fail after kernel upgrade Upgrading Debian testing's linux-image from 3.2.46-1 to 3.9.6-1 causes cifs mounts via fstab or command line to fail with return code -38 function not implemented. Reverting back to the old kernel yields working cifs mounts. The only option I use is a credentials file. Attempting the mount without this option does not work either. Has anyone else seen this? Thanks, Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups)
Hi Andrew (and thanks Michael for your git support) when I do a git revert f77d5d6479c879c8770fbc9a6ca5656ef3e41019 I don’t have the crash anymore, wbinfo give the right WBC_ERR_DOMAIN_NOT_FOUND status. but just some more warnings after starting samba : # samba -i -M single samba version 4.0.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 samba: using 'single' process model Attempting to autogenerate TLS self-signed keys for https for hostname 'GWNOIS03.test.ch' TLS self-signed keys generated OK /usr/sbin/samba_dnsupdate: 24-Jun-2013 12:10:27.027 dns_rdata_fromtext: buffer-0x7fd284f78620:1: near 'fe80::5246:5dff:fea3:7167%eth0': bad IPv6 address /usr/sbin/samba_dnsupdate: invalid rdata format: bad IPv6 address /usr/sbin/samba_dnsupdate: syntax error /usr/sbin/samba_dnsupdate: 24-Jun-2013 12:10:27.042 dns_rdata_fromtext: buffer-0x7fcd265c7620:1: near 'fe80::5246:5dff:fea3:7167%eth0': bad IPv6 address /usr/sbin/samba_dnsupdate: invalid rdata format: bad IPv6 address /usr/sbin/samba_dnsupdate: syntax error /usr/sbin/samba_dnsupdate: 24-Jun-2013 12:10:27.056 dns_rdata_fromtext: buffer-0x7fe2f8c00620:1: near 'fe80::5246:5dff:fea3:7167%eth0': bad IPv6 address /usr/sbin/samba_dnsupdate: invalid rdata format: bad IPv6 address /usr/sbin/samba_dnsupdate: syntax error ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_UNSUCCESSFUL best regards Philippe -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Saturday, June 22, 2013 9:09 AM To: Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE Cc: sa...@samba.org; samba-techni...@samba.org Subject: Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups) On Fri, 2013-06-21 at 08:10 +, philippe.simo...@swisscom.com wrote: I tried both, and I get still crashes : 0001-gensec-work-around-nested-event-loops-by-ensuring-th.patch 0002-s4-winbind-Add-special-case-for-BUILTIN-domain.patch - samba version 4.0.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 samba: using 'single' process model talloc: access after free error - first free may be at ../source4/kdc/db-glue.c:206 Bad talloc magic value - access after free PANIC: Bad talloc magic value - access after free Aborted philippe Does setting: interfaces = virbr0:0 lo bind interfaces only = yes help? Also, does reverting (with 'git revert HASH', where HASH is the commit id your bisect identified) help? Finally, can you run Samba under valgrind again? The error you show above doesn't seem quite right in the context, and I want to be sure we are not chasing an unrelated issue. Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups)
Hi Andrew, you can find here output of valgrind . thanks and regards Philippe r...@gwnois03.test.ch ~/bisect/samba-master# valgrind samba -i -M single ==8110== Memcheck, a memory error detector ==8110== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==8110== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==8110== Command: samba -i -M single ==8110== samba version 4.0.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 samba: using 'single' process model ==8110== Invalid read of size 8 ==8110==at 0xA1DDC5C: krb5_cc_store_cred (cache.c:684) ==8110==by 0xA1F261F: krb5_get_credentials_with_flags (get_cred.c:1207) ==8110==by 0xA1F266A: krb5_get_credentials (get_cred.c:1220) ==8110==by 0x953CDB7: gsskrb5_get_creds (init_sec_context.c:246) ==8110==by 0x953D366: init_auth (init_sec_context.c:455) ==8110==by 0x953E168: _gsskrb5_init_sec_context (init_sec_context.c:942) ==8110==by 0x9556619: gss_init_sec_context (gss_init_sec_context.c:187) ==8110==by 0x61370BD: gensec_gssapi_update (gensec_gssapi.c:464) ==8110==by 0x61308C9: gensec_update (gensec.c:220) ==8110==by 0x612E248: gensec_spnego_create_negTokenInit (spnego.c:644) ==8110==by 0x612EC6C: gensec_spnego_update (spnego.c:842) ==8110==by 0x61301F5: gensec_spnego_update_wrapper (spnego.c:1311) ==8110== Address 0x24924930 is 0 bytes inside a block of size 24 free'd ==8110==at 0x4C27D4E: free (vg_replace_malloc.c:427) ==8110==by 0xA1DDC3E: krb5_cc_close (cache.c:666) ==8110==by 0x954CD8E: _gsskrb5_release_cred (release_cred.c:65) ==8110==by 0x9555049: gss_release_cred (gss_release_cred.c:65) ==8110==by 0x548DAC0: free_gssapi_creds (credentials_krb5.c:443) ==8110==by 0x679C161: _talloc_free_internal (talloc.c:831) ==8110==by 0x679D1B8: _talloc_free_children_internal (talloc.c:1256) ==8110==by 0x679C304: _talloc_free_internal (talloc.c:851) ==8110==by 0x679D1B8: _talloc_free_children_internal (talloc.c:1256) ==8110==by 0x679C304: _talloc_free_internal (talloc.c:851) ==8110==by 0x679D1B8: _talloc_free_children_internal (talloc.c:1256) ==8110==by 0x679C304: _talloc_free_internal (talloc.c:851) ==8110== ==8110== Invalid read of size 8 ==8110==at 0xA203B3D: mcc_store_cred (mcache.c:239) ==8110==by 0xA1DDC73: krb5_cc_store_cred (cache.c:684) ==8110==by 0xA1F261F: krb5_get_credentials_with_flags (get_cred.c:1207) ==8110==by 0xA1F266A: krb5_get_credentials (get_cred.c:1220) ==8110==by 0x953CDB7: gsskrb5_get_creds (init_sec_context.c:246) ==8110==by 0x953D366: init_auth (init_sec_context.c:455) ==8110==by 0x953E168: _gsskrb5_init_sec_context (init_sec_context.c:942) ==8110==by 0x9556619: gss_init_sec_context (gss_init_sec_context.c:187) ==8110==by 0x61370BD: gensec_gssapi_update (gensec_gssapi.c:464) ==8110==by 0x61308C9: gensec_update (gensec.c:220) ==8110==by 0x612E248: gensec_spnego_create_negTokenInit (spnego.c:644) ==8110==by 0x612EC6C: gensec_spnego_update (spnego.c:842) ==8110== Address 0x24924940 is 16 bytes inside a block of size 24 free'd ==8110==at 0x4C27D4E: free (vg_replace_malloc.c:427) ==8110==by 0xA1DDC3E: krb5_cc_close (cache.c:666) ==8110==by 0x954CD8E: _gsskrb5_release_cred (release_cred.c:65) ==8110==by 0x9555049: gss_release_cred (gss_release_cred.c:65) ==8110==by 0x548DAC0: free_gssapi_creds (credentials_krb5.c:443) ==8110==by 0x679C161: _talloc_free_internal (talloc.c:831) ==8110==by 0x679D1B8: _talloc_free_children_internal (talloc.c:1256) ==8110==by 0x679C304: _talloc_free_internal (talloc.c:851) ==8110==by 0x679D1B8: _talloc_free_children_internal (talloc.c:1256) ==8110==by 0x679C304: _talloc_free_internal (talloc.c:851) ==8110==by 0x679D1B8: _talloc_free_children_internal (talloc.c:1256) ==8110==by 0x679C304: _talloc_free_internal (talloc.c:851) ==8110== ==8110== Invalid read of size 4 ==8110==at 0xA203B49: mcc_store_cred (mcache.c:243) ==8110==by 0xA1DDC73: krb5_cc_store_cred (cache.c:684) ==8110==by 0xA1F261F: krb5_get_credentials_with_flags (get_cred.c:1207) ==8110==by 0xA1F266A: krb5_get_credentials (get_cred.c:1220) ==8110==by 0x953CDB7: gsskrb5_get_creds (init_sec_context.c:246) ==8110==by 0x953D366: init_auth (init_sec_context.c:455) ==8110==by 0x953E168: _gsskrb5_init_sec_context (init_sec_context.c:942) ==8110==by 0x9556619: gss_init_sec_context (gss_init_sec_context.c:187) ==8110==by 0x61370BD: gensec_gssapi_update (gensec_gssapi.c:464) ==8110==by 0x61308C9: gensec_update (gensec.c:220) ==8110==by 0x612E248: gensec_spnego_create_negTokenInit (spnego.c:644) ==8110==by 0x612EC6C: gensec_spnego_update (spnego.c:842) ==8110== Address 0x2199ed0c is 12 bytes inside a block of size 56 free'd ==8110==at 0x4C27D4E: free (vg_replace_malloc.c:427) ==8110==by 0xA1EC05D: krb5_data_free (data.c:66) ==8110==by 0xA2039E9: mcc_close (mcache.c:189)
Re: [Samba] Problem compil samba 4.0.6
Just a guess: Do you have a libtdb-devel (or something like that) package installed? If so, maybe try uninstalling it before compiling Samba. Then Samba will use its own built-in version. On 24 June 2013 09:34, Stéphane PURNELLE stephane.purne...@corman.bewrote: Hi all, I have a problem when I try to compil samba 4.0.6 on my test machine (suse linux enterprise server 11 SP2 32-bits). output of compilation : [3353/3781] Linking default/lib/param/libsamba-hostconfig.so [3354/3781] Linking default/lib/tdb_wrap/libtdb-wrap.so [3355/3781] Linking default/libcli/security/libsamba-security.so [3356/3781] Linking default/lib/util/libutil_tdb.so [3357/3781] Linking default/auth/libauth_sam_reply.so [3358/3781] Linking default/lib/util/libsamba-modules.so [3359/3781] Linking default/source4/lib/socket/libnetif.so [3360/3781] Linking default/source4/lib/samba3/libsmbpasswdparser.so [3361/3781] Linking default/lib/torture/libtorture.so [3362/3781] Linking default/source3/libsmbd_conn.so [3363/3781] Linking default/libcli/security/pysecurity.so [3364/3781] Linking default/source3/libCHARSET3.so [3365/3781] Linking default/libcli/registry/libutil_reg.so [3366/3781] Linking default/lib/util/libtevent-util.so [3367/3781] Linking default/source4/heimdal_build/libkrb5-samba4.so [3368/3781] Linking default/source4/heimdal_build/libgssapi-samba4.so [3369/3781] Linking default/libcli/ldap/libcli-ldap-common.so [3370/3781] Linking default/lib/dbwrap/libdbwrap.so default/lib/dbwrap/dbwrap_tdb_1.o: In function `db_tdb_transaction_start_nonblock': dbwrap_tdb.c:(.text+0xd70): undefined reference to `tdb_transaction_start_nonblock' collect2: ld a retourné 1 code d'état d'exécution Waf: Leaving directory `/root/cd_coradm01/samba-4.0.6/bin' Build failed: - task failed (err #1): {task: cc_link dbwrap_1.o,dbwrap_util_1.o,dbwrap_rbt_1.o,dbwrap_cache_1.o,dbwrap_tdb_1.o,dbwrap_local_open_1.o - libdbwrap.so} make: *** [all] Erreur 1 what's happen ? best regards, Stéphane Purnelle --- Stéphane PURNELLE Admin. Systèmes et Réseaux Service Informatique Corman S.A. Tel : 00 32 (0)87/342467 -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cifs mounts fail after kernel upgrade [SOLVED]
Louis, Thank you very much. That fixed it. I'd also like to ask if you have any insight or workarounds on this problem for which I've not received a reply: https://lists.samba.org/archive/samba/2013-June/173763.html Dale On 06/24/2013 6:25 AM, L.P.H. van Belle wrote: try adding the following. in the fstab, add, sec=ntlmv2 and try again. Louis -Oorspronkelijk bericht- Van: d...@briannassaladdressing.com [mailto:samba-boun...@lists.samba.org] Namens Dale Schroeder Verzonden: vrijdag 21 juni 2013 22:14 Aan: Samba Onderwerp: [Samba] cifs mounts fail after kernel upgrade Upgrading Debian testing's linux-image from 3.2.46-1 to 3.9.6-1 causes cifs mounts via fstab or command line to fail with return code -38 function not implemented. Reverting back to the old kernel yields working cifs mounts. The only option I use is a credentials file. Attempting the mount without this option does not work either. Has anyone else seen this? Thanks, Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 and (pseudo) LDAP backend for users, groups and rights
Hello Marcus, Am 24.06.2013 10:30, schrieb Marcus Mundt: I did this in production last september (170 users, 230 workstations, and around 25 services getting information from LDAP or authenticating against). After some weeks of building a testing environment with everything, I did the final switch on a weekend (1.5 days for changing and adapting everything). And it's running absolutely great. How did you transfer the information from the (old) LDAP server to the Samba 4 ADS? Or did you separate things, like servers relying on the slapd and other systems communicating with the ADS? I wrote a small dirty shell script, that reads all information from the old openLDAP via ldapsearch and put them into in to AD via ldapmodify. Was 30 mins work. My quick guesses of possible solutions: - Samba 4 + Slapd on the same machine. Slapd synced to LDAP-Master - https://wiki.samba.org/index.php/Samba4/beyond#openLDAP_proxy_to_AD - I don't know if I get this one... The beyond samba page is from me. Just let me know, what's unclear. Then I will extend the HowTo and improve the descriptions. Ok, I thought so. I guess I wished for something like an AD to openLDAP proxy :) Just reply to the list, if you need more tips or miss something on the Wiki page. Regards Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 missing group membership with getent group
Hello Rowland, Am 24.06.2013 12:26, schrieb Rowland Penny: As far as I can see, the only way to get getent on the S4 server to show groupmembers is to use sssd nslcd works great for that job here, too. The nslcd.conf is almost the same like I wrote here: http://wiki.samba.org/index.php/Samba4/beyond#Nslcd:_User.2FGroups_from_AD_through_openLDAP_proxy I'll publish the nslcd config for directly getting the data from AD, the next days in the wiki, too. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbclient -M to windows 7 workstation problem
Hello everyone, Apologies if this has been asked before - I have searched on google without success I am running Samba 3.6.6 on Debian wheezy server with windows 7 (sp1) client workstations When I run smbclient -M MYWIN7CLIENT and send a message to a windows 7 client The message is picked up ok on the win 7 workstation ( with LanToucher ) But I get the message cli_message returned NT code 0x0054 on the server terminal. Any ideas on the cause and how to solve ? Thanks very much Philip -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 missing group membership with getent group
Hi Marc, ok it looks like anything will work on an S4 server apart from winbind ;-) My working /etc/sssd/sssd.conf on the S4 server is: [sssd] config_file_version = 2 domains = example.com services = nss, pam [nss] [pam] [domain/example.com] description = AD domain with Samba 4 server cache_credentials = true id_provider = ldap auth_provider = krb5 chpass_provider = krb5 access_provider = ldap krb5_realm = EXAMPLE.COM ldap_referrals = false ldap_sasl_mech = GSSAPI ldap_schema = rfc2307bis ldap_access_order = expire ldap_account_expire_policy = ad ldap_force_upper_case_realm = true ldap_user_object_class = user ldap_user_name = sAMAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_group_object_class = group ldap_group_name = sAMAccountName Thats it, no special user, no passwords, it just works, I haven't found any problems yet, touch wood. And when 1.10.0 gets released (it's in beta at the moment) it gets even better: [sssd] config_file_version = 2 domains = example.com services = nss, pam [nss] [pam] [domain/example.com] description = AD domain with Samba 4 server cache_credentials = true enumerate = False id_provider = ad auth_provider = ad access_provider = ad chpass_provider = ad Rowland On 24 June 2013 17:21, Marc Muehlfeld sa...@marc-muehlfeld.de wrote: Hello Rowland, Am 24.06.2013 12:26, schrieb Rowland Penny: As far as I can see, the only way to get getent on the S4 server to show groupmembers is to use sssd nslcd works great for that job here, too. The nslcd.conf is almost the same like I wrote here: http://wiki.samba.org/index.**php/Samba4/beyond#Nslcd:_User.** 2FGroups_from_AD_through_**openLDAP_proxyhttp://wiki.samba.org/index.php/Samba4/beyond#Nslcd:_User.2FGroups_from_AD_through_openLDAP_proxy I'll publish the nslcd config for directly getting the data from AD, the next days in the wiki, too. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba 4.0.6 getent group
Hello all listies. I've got samba4.0.6 running on FreeBSD 9.1. Joined W2K12 domain as member server. running getent group I noticed it takes a long time to resolve groups. The result is correct, but it is inordinately long. With 3.6.13 on FreeBSD 9.1 the return is nearly instantaneous. smb4.conf looks like this. [global] workgroup = TMS3 security = ADS realm = TMS3.COM encrypt passwords = yes # idmap config DOMAIN : backend = rid # idmap config DOMAIN : range = 1 - 2 # idmap config TMS3 : backend = tdb # idmap config TMS3:schema_mode = rfc2307 # idmap config TMS3:range = 1 - 2 idmap config DOMAIN : range = 1 - 2 idmap config DOMAIN : backend = rid idmap config * : range = 1 - 2 idmap config * : backend = tdb # winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes winbind refresh tickets = Yes winbind nested groups = No # map untrusted to domain = Yes aio read size = 16384 aio write size = 16384 aio write behind = false client ldap sasl wrapping = seal directory name cache size = 0 nsupdate command = /usr/local/bin/samba-nsupdate -g dos filemode = yes inherit acls = yes inherit permissions = yes # log file = /var/log/samba/log.%m use sendfile = true read raw = yes write raw = yes ## ###Member Server ## preferred master = No domain logons =No domain master = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbclient -M to windows 7 workstation problem
Windows dropped the messaging service with Vista - you simply cannot do what you want with Win7 either Jason -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba_dnsupdate utility cannot contact KDC realm
I am in the process of trying to setup a Samba 4.0.6 AD DC on Fedora 18, but dnsupdate is not updating the DNS records since I changed the addresses that I have assigned to my NICs. At first I thought the internal server didn't want to work, so I tried getting things setup with Bind (which is working just not with Samba yet). I am wanting to replace our Windows Server 2003 with RHEL 7 (or CentOS) when it comes out, but I am using Fedora 18 to research that possibility. What can I do to get DNS working again? Here is the command that I ran and it's output: [root@localhost ~]# /usr/local/samba/sbin/samba_dnsupdate --all-names --verbose IPs: ['10.0.0.1', '10.255.255.4'] Traceback (most recent call last): File /usr/local/samba/sbin/samba_dnsupdate, line 506, in module get_credentials(lp) File /usr/local/samba/sbin/samba_dnsupdate, line 119, in get_credentials creds.get_named_ccache(lp, ccachename) RuntimeError: kinit for OM-SERVER5$@OHM.LOCAL failed (Cannot contact any KDC for requested realm) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 missing group membership with getent group
Hello Rowland, I haven't used sssd yet. But it's on my schedule for learning and Wiki HowTo. Your config well be a good start for that. Am 24.06.2013 19:47, schrieb Rowland Penny: ... Thats it, no special user, no passwords, it just works, I haven't found any problems yet, touch wood. How does it work? I mean, is there a keytab or anything? Or how does AD know that the retrieving of information are allowed? Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to add a client to a domain?
Hi, did you change the registry of your Windows 7 Client? Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters] DomainCompatibilityMode=dword:0001 DNSNameResolutionRequired=dword: Sounds a lot like you did not. Am 18.06.2013 08:03, schrieb quiz...@lavabit.com: Hello I have recently inherited a small domain consisting of a linux server running samba 3.6 and one client computer running Windows 7. I want to add another client (also running Windows 7) to the domain. Previously adding clients has been done by manually creating a linux machine account and samba account. I have created the accounts for the new client but when I try to configure it to be part of the domain a window pops up prompting for an account and password that can join the domain. I don't really know what to enter here and I am unable to add the machine. Quoting from the documentation: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#machine-trust-accounts When the user elects to make the client a domain member, Windows 200x prompts for an account and password that has privileges to create machine accounts in the domain. A Samba administrator account (i.e., a Samba account that has root privileges on the Samba server) must be entered here; the operation will fail if an ordinary user account is given. The necessary privilege can be assured by creating a Samba SAM account for root or by granting the SeMachineAccountPrivilege privilege to the user account. What should I do sucessfully add the client to the domain? Mit freundlichen Grüßen, René Fuchs -- *** aixTeMa(®) Digitale Loesungen GmbH René Fuchs Philipsstr. 8, 52068 Aachen, Germany Tel.: +49 241 70515-1323, Fax: +49 241 70515-15 mailto:r.fu...@aixtema.de WWW: http://www.aixtema.de Shop: http://shop.aixtema.de Geschaeftsfuehrer: Oliver Rossbruch HRB 8201, Amtsgericht Aachen USt.-Id-Nr. DE 210 906 744 St.-Nr. 201/5942/3737, Finanzamt Aachen Stadt *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Planning to upgrade to samba-3.0.33-3.37.el5.x86_64 version from samba version 3.0.25b-1.el5_1.4 ------------ queries needed to be answered.
Hi All, Need help regarding the samba version samba-3.0.33-3.37.el5.x86_64 1) In the samba version (samba-3.0.33-3.37.el5.x86_64) that we are planning to use , if we put multiple password server names like the one shown below workgroup = EUROPE - we do have a domain named as EUROPE [ as per windows team ] password server = EUREDD-HUB10 EUREDD-HUB09 * security = domain a) Is this the right format ? b) Is there any provisioning of any load balancing of user requests for authentication if we use multiple password servers ? 2) what are the scenarios or conditions in which samba will hop to another password server mentioned in the list ? 3) can you let us know the working functionality how samba client tries to connected to DC and eventually to the samba Linux (in our environment) server ? 4) In our environment, we have seen recurring connectivity issues over WAN (primarily) and authentication failure issues (shown below) while using samba version 3.0.25b-1.el5_1.4. Can you please let us know if there is any bug fixes made against those concerned issues if we upgrade to samba-3.0.33-3.37.el5.x86_64. Jun 5 10:34:18 afsdl1p smbd[800]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:35:19 afsdl1p smbd[7396]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:35:19 afsdl1p smbd[7407]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb Jun 5 10:35:39 afsdl1p smbd[7407]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:36:10 afsdl1p smbd[11177]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:36:10 afsdl1p smbd[11991]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb Jun 5 10:36:27 afsdl1p smbd[12006]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb Jun 5 10:36:41 afsdl1p smbd[15252]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 18258) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 25382) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 29851) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 3793) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer ThanksRegards, Prasanjit Shome GID Unix Tech. Support Alcoa Technical Centre, J-106F 100 Technical Drive,PA Phone : 724-337-2888 E-Mail : prasanjit.sh...@alcoa.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] bdc samba4 error
OS: Centos 6.4, x86_64 Dear All, I am testing samba4 as pdc and bdc. I have successfully setup pdc and bdc both on samba4, bdc is successfully joined to pdc but when I start bdc I get the bellow error. Is it normal to have this? ERROR !!! [2013/06/19 06:11:18, 0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv) Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp:0b9c56d1-deb6-46dd-8c49-21747a9529aa._msdcs.example.com[1024,seal,krb5] NT_STATUS_NO_LOGON_SERVERS [2013/06/19 06:11:18, 0] ../source4/librpc/rpc/dcerpc_util.c:660(dcerpc_pipe_auth_recv) Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp:0b9c56d1-deb6-46dd-8c49-21747a9529aa._msdcs.example.com[1024,seal,krb5] NT_STATUS_NO_LOGON_SERVERS -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] DNS replication with samba4
Dear All, I have 2 samba4 DC as pdc and bdc. How to replicate DNS changes from pdc to bdc? Is it something that I have to do with bind DNS or something samba4 will take care? //Remy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] autorid not working
Hi, I have 12 linux servers that I would like users authenticating against my active directory. In a test environment I have tried setting up autorid so a user logged into server A sees the same ownership etc as the a user logged into server B. I tried using the minimal config from the idmap_autorid man page idmap config * : backend = autorid idmap config * : range = 100-199 Unfortunately, if user tom a creates a file /network/server/file/path on server A. On server B the ownership might be shown as jerry. Have I misunderstood the intent of autorid? In my test environment users are able to login with no problem and wbinfo retrieves the same information from all servers. Any ideas? Hugh -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Newbie help - Sernet Samba
I am working with a Debian Wheezy setup and have Sernet Samb Version 4.0.6-SerNet-Debian-3.wheezy running successfully...but with one problem. When I did the original apt-get to install, I got an error indicating Winbind was not configured and the script stopped there. Now every time I run apt-get -f I get the following. Where should I be looking for clues as to how to fix this?? root@debian:~# apt-get install -f Reading package lists... Done Building dependency tree Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 2 not fully installed or removed. After this operation, 0 B of additional disk space will be used. Setting up sernet-samba-winbind (99:4.0.6-3) ... insserv: script sernet-samba-winbindd: service winbind already provided! insserv: exiting now! update-rc.d: error: insserv rejected the script header dpkg: error processing sernet-samba-winbind (--configure): subprocess installed post-installation script returned error exit status 1 dpkg: dependency problems prevent configuration of sernet-samba-ad: sernet-samba-ad depends on sernet-samba-winbind (= 99:4.0.6-3); however: Package sernet-samba-winbind is not configured yet. dpkg: error processing sernet-samba-ad (--configure): dependency problems - leaving unconfigured Errors were encountered while processing: sernet-samba-winbind sernet-samba-ad E: Sub-process /usr/bin/dpkg returned an error code (1) root@debian:~# Thanks! Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] DNS replication with samba4
Hello Remy, Am 19.06.2013 08:17, schrieb Mario Almeida: I have 2 samba4 DC as pdc and bdc. How to replicate DNS changes from pdc to bdc? Is it something that I have to do with bind DNS or something samba4 will take care? https://wiki.samba.org/index.php/Samba4/FAQ#How_do_I_get_DNS_failover_in_a_Multi-DC_environment.3F Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Planning to upgrade to samba-3.0.33-3.37.el5.x86_64 version from samba version 3.0.25b-1.el5_1.4 ------------ queries needed to be answered.
Hello Prasanjit, Am 18.06.2013 23:45, schrieb Shome, Prasanjit (TCS): Hi All, Need help regarding the samba version samba-3.0.33-3.37.el5.x86_64 1) In the samba version (samba-3.0.33-3.37.el5.x86_64) that we are planning to use , if we put multiple password server names like the one shown below workgroup = EUROPE - we do have a domain named as EUROPE [ as per windows team ] password server = EUREDD-HUB10 EUREDD-HUB09 * security = domain a) Is this the right format ? b) Is there any provisioning of any load balancing of user requests for authentication if we use multiple password servers ? 2) what are the scenarios or conditions in which samba will hop to another password server mentioned in the list ? 3) can you let us know the working functionality how samba client tries to connected to DC and eventually to the samba Linux (in our environment) server ? 4) In our environment, we have seen recurring connectivity issues over WAN (primarily) and authentication failure issues (shown below) while using samba version 3.0.25b-1.el5_1.4. Can you please let us know if there is any bug fixes made against those concerned issues if we upgrade to samba-3.0.33-3.37.el5.x86_64. Jun 5 10:34:18 afsdl1p smbd[800]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:35:19 afsdl1p smbd[7396]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:35:19 afsdl1p smbd[7407]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb Jun 5 10:35:39 afsdl1p smbd[7407]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:36:10 afsdl1p smbd[11177]: EUREDD-HUB09 rejected the initial session setup (Call timed out: server did not respond after 2 milliseconds) Jun 5 10:36:10 afsdl1p smbd[11991]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb Jun 5 10:36:27 afsdl1p smbd[12006]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb Jun 5 10:36:41 afsdl1p smbd[15252]: tdb_chainlock_with_timeout_internal: alarm (10) timed out for key EUREDD-HUB09 in tdb /etc/samba/secrets.tdb eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 18258) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 25382) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 29851) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer eurhil-app02 (155.248.158.28) connect to service HIL_MFG initially as user afshil (uid=340, gid=340) (pid 3793) eurhil-app02 (155.248.158.28) closed connection to service HIL_MFG read_data: read failure for 4 bytes to client 155.248.158.28. Error = Connection reset by peer I know, that this is not answering your questions, but: Is there a reason, why you need to update from a 10 times old and unsupported version to a 9 times old and unsupported version? :-) The 3.0 tree is discontinued since August 2009. Maybe many of your problems will disappear with a newer version, that contains a lot of new functions, fixes, better performance, etc. Sernet provides RPMs of all supported versions, if you don't want to compile. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9b88166 lsa4: Fix a set but unused variable warning from 0ee8650 ldb: Ensure not to segfault on a filter such as (mail=) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9b88166f4554a099fa1039ecd65b1eb7334a5715 Author: Simo Sorce i...@samba.org Date: Sun Jun 23 11:52:18 2013 -0400 lsa4: Fix a set but unused variable warning Also insure that we exit immediately on any error. Signed-off-by: Volker Lendecke v...@samba.org Signed-off-by: Simo Sorce i...@samba.org Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Mon Jun 24 12:17:52 CEST 2013 on sn-devel-104 --- Summary of changes: source4/rpc_server/lsa/dcesrv_lsa.c | 14 -- 1 files changed, 12 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 02ff0da..b5f3768 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -4114,7 +4114,7 @@ static NTSTATUS check_ft_info(TALLOC_CTX *mem_ctx, const char *tname; size_t dns_len; size_t tlen; - NTSTATUS nt_status; + NTSTATUS nt_status = NT_STATUS_OK; uint32_t new_fti_idx; uint32_t i; /* use always TDO type, until we understand when Xref can be used */ @@ -4219,22 +4219,32 @@ static NTSTATUS check_ft_info(TALLOC_CTX *mem_ctx, collision_type, LSA_TLN_DISABLED_CONFLICT, tdo_name); + if (!NT_STATUS_IS_OK(nt_status)) { + goto done; + } } if (sid_conflict) { nt_status = add_collision(c_info, new_fti_idx, collision_type, LSA_SID_DISABLED_CONFLICT, tdo_name); + if (!NT_STATUS_IS_OK(nt_status)) { + goto done; + } } if (nb_conflict) { nt_status = add_collision(c_info, new_fti_idx, collision_type, LSA_NB_DISABLED_CONFLICT, tdo_name); + if (!NT_STATUS_IS_OK(nt_status)) { + goto done; + } } } - return NT_STATUS_OK; +done: + return nt_status; } static NTSTATUS add_collision(struct lsa_ForestTrustCollisionInfo *c_info, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d544d17 build: Remove the struct MD5Context conf file check. from 9b88166 lsa4: Fix a set but unused variable warning http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d544d178f0f114613701821ed23ab37431ebb089 Author: Andrew Bartlett abart...@samba.org Date: Fri Jun 21 12:06:16 2013 -0700 build: Remove the struct MD5Context conf file check. Fix the build. Reviewed-by: Jeremy Allison j...@samba.org Tested-by: Christian Ambach a...@samba.org Autobuild-User(master): Christian Ambach a...@samba.org Autobuild-Date(master): Mon Jun 24 14:11:09 CEST 2013 on sn-devel-104 --- Summary of changes: lib/crypto/wscript_configure |1 - 1 files changed, 0 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/crypto/wscript_configure b/lib/crypto/wscript_configure index b7a012f..21ec566 100644 --- a/lib/crypto/wscript_configure +++ b/lib/crypto/wscript_configure @@ -4,6 +4,5 @@ if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h', checklibc=True) conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h', checklibc=True) -conf.CHECK_TYPE('MD5_CTX', 'struct MD5Context', headers='sys/md5.h') conf.CHECK_FUNCS_IN('CC_MD5_Init', '', headers='CommonCrypto/CommonDigest.h', checklibc=True) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 398ee49 s3/smbclient: fix incorrect command tab completions from d544d17 build: Remove the struct MD5Context conf file check. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 398ee49bda81e84c0f1e530bac02fb0fdc869afa Author: David Disseldorp dd...@samba.org Date: Wed May 22 12:17:23 2013 +0200 s3/smbclient: fix incorrect command tab completions smbclient commands can offer tab-completion for local and remote paths. This behaviour is specified for the first two arguments using the compl_args entry in the commands struct. This change fixes a number of incorrectly specified compl_args values. Signed-off-by: David Disseldorp dd...@samba.org Reviewed-by: Aurélien Aptel aurelien.ap...@gmail.com Reviewed-by: Andreas Schneider a...@samba.org Autobuild-User(master): David Disseldorp dd...@samba.org Autobuild-Date(master): Mon Jun 24 19:32:54 CEST 2013 on sn-devel-104 --- Summary of changes: source3/client/client.c | 16 1 files changed, 8 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index e21d867..d03d1a4 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4606,18 +4606,18 @@ static struct { {cancel,cmd_cancel,jobid cancel a print queue entry,{COMPL_NONE,COMPL_NONE}}, {case_sensitive,cmd_setcase,toggle the case sensitive flag to server,{COMPL_NONE,COMPL_NONE}}, {cd,cmd_cd,[directory] change/report the remote directory,{COMPL_REMOTE,COMPL_NONE}}, - {chmod,cmd_chmod,src mode chmod a file using UNIX permission,{COMPL_REMOTE,COMPL_REMOTE}}, - {chown,cmd_chown,src uid gid chown a file using UNIX uids and gids,{COMPL_REMOTE,COMPL_REMOTE}}, - {close,cmd_close,fid close a file given a fid,{COMPL_REMOTE,COMPL_REMOTE}}, + {chmod,cmd_chmod,src mode chmod a file using UNIX permission,{COMPL_REMOTE,COMPL_NONE}}, + {chown,cmd_chown,src uid gid chown a file using UNIX uids and gids,{COMPL_REMOTE,COMPL_NONE}}, + {close,cmd_close,fid close a file given a fid,{COMPL_REMOTE,COMPL_NONE}}, {del,cmd_del,mask delete all matching files,{COMPL_REMOTE,COMPL_NONE}}, {dir,cmd_dir,mask list the contents of the current directory,{COMPL_REMOTE,COMPL_NONE}}, {du,cmd_du,mask computes the total size of the current directory,{COMPL_REMOTE,COMPL_NONE}}, {echo,cmd_echo,ping the server,{COMPL_NONE,COMPL_NONE}}, {exit,cmd_quit,logoff the server,{COMPL_NONE,COMPL_NONE}}, {get,cmd_get,remote name [local name] get a file,{COMPL_REMOTE,COMPL_LOCAL}}, - {getfacl,cmd_getfacl,file name get the POSIX ACL on a file (UNIX extensions only),{COMPL_REMOTE,COMPL_LOCAL}}, + {getfacl,cmd_getfacl,file name get the POSIX ACL on a file (UNIX extensions only),{COMPL_REMOTE,COMPL_NONE}}, {geteas, cmd_geteas, file name get the EA list of a file, - {COMPL_REMOTE, COMPL_LOCAL}}, + {COMPL_REMOTE, COMPL_NONE}}, {hardlink,cmd_hardlink,src dest create a Windows hard link,{COMPL_REMOTE,COMPL_REMOTE}}, {help,cmd_help,[command] give help on a command,{COMPL_NONE,COMPL_NONE}}, {history,cmd_history,displays the command history,{COMPL_NONE,COMPL_NONE}}, @@ -4657,12 +4657,12 @@ static struct { {rename,cmd_rename,src dest rename some files,{COMPL_REMOTE,COMPL_REMOTE}}, {reput,cmd_reput,local name [remote name] put a file restarting at end of remote file,{COMPL_LOCAL,COMPL_REMOTE}}, {rm,cmd_del,mask delete all matching files,{COMPL_REMOTE,COMPL_NONE}}, - {rmdir,cmd_rmdir,directory remove a directory,{COMPL_NONE,COMPL_NONE}}, + {rmdir,cmd_rmdir,directory remove a directory,{COMPL_REMOTE,COMPL_NONE}}, {showacls,cmd_showacls,toggle if ACLs are shown or not,{COMPL_NONE,COMPL_NONE}}, {setea, cmd_setea, file name eaname eaval Set an EA of a file, {COMPL_REMOTE, COMPL_LOCAL}}, - {setmode,cmd_setmode,filename setmode string change modes of file,{COMPL_REMOTE,COMPL_NONE}}, - {stat,cmd_stat,filename Do a UNIX extensions stat call on a file,{COMPL_REMOTE,COMPL_REMOTE}}, + {setmode,cmd_setmode,file name setmode string change modes of file,{COMPL_REMOTE,COMPL_NONE}}, + {stat,cmd_stat,file name Do a UNIX extensions stat call on a file,{COMPL_REMOTE,COMPL_NONE}}, {symlink,cmd_symlink,oldname newname create a UNIX symlink,{COMPL_REMOTE,COMPL_REMOTE}}, {tar,cmd_tar,tar c|x[IXFqbgNan] current directory to/from file name,{COMPL_NONE,COMPL_NONE}}, {tarmode,cmd_tarmode,full|inc|reset|noreset tar's behaviour towards archive bits,{COMPL_NONE,COMPL_NONE}}, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 32d0b75 Note how vfs_gpfs uses the acl map full control parameter. via 056e636 Add missing documentation for vfs_zfsacl. via b00d9d2 Use existing acl map full control parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's. from 398ee49 s3/smbclient: fix incorrect command tab completions http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 32d0b75afbbd16d7825938089393d8497fda4213 Author: Jeremy Allison j...@samba.org Date: Fri Jun 21 10:36:23 2013 -0700 Note how vfs_gpfs uses the acl map full control parameter. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Ira Cooper i...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Mon Jun 24 21:24:38 CEST 2013 on sn-devel-104 commit 056e636778d502d566dacd4ecee4c854b81a87d5 Author: Jeremy Allison j...@samba.org Date: Thu Jun 20 14:39:27 2013 -0700 Add missing documentation for vfs_zfsacl. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Ira Cooper i...@samba.org commit b00d9d245390a54c5b057915472e0e8b3a7f6bb9 Author: Jeremy Allison j...@samba.org Date: Thu Jun 20 14:33:30 2013 -0700 Use existing acl map full control parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's. Windows maps an open request of GENERIC_ALL on files to 0x1FF specific bits, which includes DELETE_CHILD even though this has no meaning on file ACE's. If a returned NFSv4 ACE entry for a file has all other specific bits set except for DELETE (which comes from the containing directory) and DELETE_CHILD (which has no meaning) then optionally add it into the returned ACE entry. This is using the same parameter in the same way as it is currently used in smbd/posix_acls.c. Note that as this parameter is on by default, it is already being tested in the existing raw.acl tests. Fixes issue with Microsoft SMB2 torture test suite found at the interop event in Redmond, WA. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Ira Cooper i...@samba.org --- Summary of changes: docs-xml/manpages/vfs_gpfs.8.xml | 10 ++ docs-xml/manpages/vfs_zfsacl.8.xml | 160 source3/modules/nfs4_acls.c| 19 - 3 files changed, 187 insertions(+), 2 deletions(-) create mode 100644 docs-xml/manpages/vfs_zfsacl.8.xml Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_gpfs.8.xml b/docs-xml/manpages/vfs_gpfs.8.xml index 7f560ca..d1243a9 100644 --- a/docs-xml/manpages/vfs_gpfs.8.xml +++ b/docs-xml/manpages/vfs_gpfs.8.xml @@ -48,6 +48,16 @@ are the responsibility of the underlying filesystem than of Samba. /para + paraThis module makes use of the smb.conf parameter + smbconfoption name=acl map full controlacl map full control/smbconfoption + When set to yes (the default), this parameter will add in the FILE_DELETE_CHILD + bit on a returned ACE entry for a file (not a directory) that already + contains all file permissions except for FILE_DELETE and FILE_DELETE_CHILD. + This can prevent Windows applications that request GENERIC_ALL access + from getting ACCESS_DENIED errors when running against a filesystem + with NFSv4 compatible ACLs. + /para + paraThis module is stackable./para paraSince Samba 4.0 all options are per share options./para diff --git a/docs-xml/manpages/vfs_zfsacl.8.xml b/docs-xml/manpages/vfs_zfsacl.8.xml new file mode 100644 index 000..f56af1b --- /dev/null +++ b/docs-xml/manpages/vfs_zfsacl.8.xml @@ -0,0 +1,160 @@ +?xml version=1.0 encoding=iso-8859-1? +!DOCTYPE refentry PUBLIC -//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN http://www.samba.org/samba/DTD/samba-doc; +refentry id=vfs_zfsacl.8 + +refmeta + refentrytitlevfs_zfsacl/refentrytitle + manvolnum8/manvolnum + refmiscinfo class=sourceSamba/refmiscinfo + refmiscinfo class=manualSystem Administration tools/refmiscinfo + refmiscinfo class=version4.0/refmiscinfo +/refmeta + + +refnamediv + refnamevfs_zfsacl/refname + refpurposeZFS ACL samba module/refpurpose +/refnamediv + +refsynopsisdiv + cmdsynopsis + commandvfs objects = zfsacl/command + /cmdsynopsis +/refsynopsisdiv + +refsect1 + titleDESCRIPTION/title + + paraThis VFS module is part of the + citerefentryrefentrytitlesamba/refentrytitle + manvolnum7/manvolnum/citerefentry suite./para + + paraThe commandzfsacl/command VFS module is the home + for all ACL extensions that Samba requires for proper integration + with ZFS. + /para
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7bf8fc7 torture: Add tests for LDAP substring search with no strings provided via 70cb7fd libcli/ldap: Cope with substring match with no chunks in ldap_push_filter via 4ca9639 ldb: bump version to allow a depencency on the substring crash fix via 1a279f7 ldb: Cope with substring match with no chunks in ldb_filter_from_tree from 32d0b75 Note how vfs_gpfs uses the acl map full control parameter. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7bf8fc7ca2321c25b9194a0a13df6a8b4e783c9e Author: Andrew Bartlett abart...@samba.org Date: Sat Jun 22 16:55:08 2013 +1000 torture: Add tests for LDAP substring search with no strings provided Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Mon Jun 24 23:55:07 CEST 2013 on sn-devel-104 commit 70cb7fd214041e8ffacc98de4dbde3ecd77bba85 Author: Andrew Bartlett abart...@samba.org Date: Sat Jun 22 17:01:42 2013 +1000 libcli/ldap: Cope with substring match with no chunks in ldap_push_filter Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 4ca963926938917bf32af4eead61ded2a8275139 Author: Andrew Bartlett abart...@samba.org Date: Mon Jun 24 15:28:39 2013 +1000 ldb: bump version to allow a depencency on the substring crash fix Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit 1a279f74b72018f0742fc407e0574c9dbd7b7883 Author: Andrew Bartlett abart...@samba.org Date: Sat Jun 22 17:01:02 2013 +1000 ldb: Cope with substring match with no chunks in ldb_filter_from_tree Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Jeremy Allison j...@samba.org --- Summary of changes: lib/ldb/ABI/{ldb-1.1.14.sigs = ldb-1.1.16.sigs} |0 ...ldb-util-1.1.10.sigs = pyldb-util-1.1.16.sigs} |0 lib/ldb/common/ldb_parse.c |2 +- lib/ldb/wscript|2 +- libcli/ldap/ldap_message.c | 41 source4/torture/ldap/basic.c | 110 6 files changed, 134 insertions(+), 21 deletions(-) copy lib/ldb/ABI/{ldb-1.1.14.sigs = ldb-1.1.16.sigs} (100%) copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.16.sigs} (100%) Changeset truncated at 500 lines: diff --git a/lib/ldb/ABI/ldb-1.1.14.sigs b/lib/ldb/ABI/ldb-1.1.16.sigs similarity index 100% copy from lib/ldb/ABI/ldb-1.1.14.sigs copy to lib/ldb/ABI/ldb-1.1.16.sigs diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs b/lib/ldb/ABI/pyldb-util-1.1.16.sigs similarity index 100% copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs copy to lib/ldb/ABI/pyldb-util-1.1.16.sigs diff --git a/lib/ldb/common/ldb_parse.c b/lib/ldb/common/ldb_parse.c index 33e8444..5fa5a74 100644 --- a/lib/ldb/common/ldb_parse.c +++ b/lib/ldb/common/ldb_parse.c @@ -748,7 +748,7 @@ char *ldb_filter_from_tree(TALLOC_CTX *mem_ctx, const struct ldb_parse_tree *tre ret = talloc_asprintf(mem_ctx, (%s=%s, tree-u.substring.attr, tree-u.substring.start_with_wildcard?*:); if (ret == NULL) return NULL; - for (i = 0; tree-u.substring.chunks[i]; i++) { + for (i = 0; tree-u.substring.chunks tree-u.substring.chunks[i]; i++) { s2 = ldb_binary_encode(mem_ctx, *(tree-u.substring.chunks[i])); if (s2 == NULL) { talloc_free(ret); diff --git a/lib/ldb/wscript b/lib/ldb/wscript index fbfed1a..f5647b1 100755 --- a/lib/ldb/wscript +++ b/lib/ldb/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'ldb' -VERSION = '1.1.15' +VERSION = '1.1.16' blddir = 'bin' diff --git a/libcli/ldap/ldap_message.c b/libcli/ldap/ldap_message.c index f640bf3..1c5542c 100644 --- a/libcli/ldap/ldap_message.c +++ b/libcli/ldap/ldap_message.c @@ -269,26 +269,29 @@ static bool ldap_push_filter(struct asn1_data *data, struct ldb_parse_tree *tree asn1_push_tag(data, ASN1_CONTEXT(4)); asn1_write_OctetString(data, tree-u.substring.attr, strlen(tree-u.substring.attr)); asn1_push_tag(data, ASN1_SEQUENCE(0)); - i = 0; - if ( ! tree-u.substring.start_with_wildcard) { - asn1_push_tag(data, ASN1_CONTEXT_SIMPLE(0)); - asn1_write_DATA_BLOB_LDAPString(data, tree-u.substring.chunks[i]); - asn1_pop_tag(data); - i++; - } - while (tree-u.substring.chunks[i]) { -
[SCM] Samba Shared Repository - annotated tag ldb-1.1.16 created
The annotated tag, ldb-1.1.16 has been created at f65b680fb3eac352a3e40b321c51af6d7561b217 (tag) tagging 4ca963926938917bf32af4eead61ded2a8275139 (commit) replaces tdb-1.2.12 tagged by Stefan Metzmacher on Tue Jun 25 00:04:29 2013 +0200 - Log - ldb: tag release ldb-1.1.16 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRyMJtAAoJEEeTkWETCEAl3a8IALW0VMaCfICo6ahU+fHpY30P 4Hxvw6u0imspX1B8coeG/MSvQU2iROI5k5+05gEoyrTmXOgA9akCioapl7VM19KB qWVoprIPsy9q+R1lchGkZ7t+e9aOoGAiwYiP44SxNLeQ8SCpZaOubhz9UAzn5DUX 7scZ1I594xd1xcDFlKPFqYRylLD85gTD9RTwd2/6fmWe/Ie4N3xjxWesD7TMobk4 A1fxH6BE4w/W1tbXf2aMLmsqoG+5D6C0zikIri+RXo82YXi1fGYy5dbfFrpItIks d/FpICwkAx2/aK9j5YUU6fSrMGpWbtdrh7TZpsbbXbyejTjrYrwSwv9Fq+Ay09Q= =v1DI -END PGP SIGNATURE- Andreas Schneider (3): krb5wrap: Move mask to the right position. s3-libads: Print the debug string of a failed call with LDAP_OTHER. tevent: Link the tutorial on the mainpage. Andrew Bartlett (17): .gitignore: Tidy up after removal of the autoconf build Revert s4-dsdb: Remove strcasecmp() fallback in replmd_ldb_message_element_attid_sort auth: Remove password level docs: Do not encourage unix passwords, and remove reference to password level Remove remaining references to password level in the tree python samba-tool drs: Correctly print KCC references to deleted servers dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs dsdb: Fix behaviour for when to update the USN when there is no change dsdb-tests ldap.py: Fix quoting of print statements dsdb-tests ldap.py: Add test for usn behaviour on certain changes dsdb repl_meta_data: Use dsdb_request_add_controls() build: Build with system md5.h on OpenIndiana s4-winbind: Add special case for BUILTIN domain ldb: Ensure not to segfault on a filter such as (mail=) build: Remove the struct MD5Context conf file check. ldb: Cope with substring match with no chunks in ldb_filter_from_tree ldb: bump version to allow a depencency on the substring crash fix Björn Baumbach (1): s4-dfs_server: check for netbios aliases in ad_get_referrals Christian Ambach (15): s3:utils/net_lookup fix a format-error s3:passdb/samba_dsdb fix a compiler warning s3:passdb/samba_dsdb fix some compiler warnings s3:passdb add idmap control functions s3:passdb add pdb_*_is_responsible_for* functions s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functions s3:passdb/pdb_samba_dsdb make the module handle well-known s3:passdb make pdb_sid_to_id honor backend responsibilities s3:passdb/pdb_ldap make the module handle well-known s3:passdb/pdb_ldap remove an unnecessary check s3:passdb/pdb_tdb add parameter to control handling of BUILTIN s3:passdb expose pdb_create_builtin function s3:utils/net_sam make use of pdb_create_builtin helper function s3:passdb add a gid argument to pdb_create_builtin_alias s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN Christof Schmitt (3): smbd: Change logging when SET_OFFLINE is not supported Initialize the file descriptor in the files_struct before trying to close it. Otherwise, if one of the SETXATTR calls had failed, the close() call will return EBADF. vfs_streams_xattr: Do not attempt to write empty attribute twice David Disseldorp (5): libsmb: add ABI/smbclient-0.2.1.sigs vfs_catia: use translate direction enum instead of int docs/vfs_catia: remove space-char mapping recommendation docs/vfs_catia: rework man page s3/smbclient: fix incorrect command tab completions David Koňař (1): tevent: Add tevent tutorial files. Jeremy Allison (14): Check for fstatat. Optimization on POSIX platforms that have fstatat. Add the ability to parse out the port to SMBC_parse_path(). Add port argument to SMBC_attr_server(). Does nothing as yet. Add the port argument to SMBC_server(). Plumb the 'port' parameter into the connect code. Add smbc_getPort(), smbc_setPort(). Bump the .so minor number. Fix xx_path() - return check from mkdir() is incorrect. Re-add umask(0) code removed by commit 3a7c2777ee0de37d758fe81d67d6836a8354825e Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in EOF on stdin Fix glusterfs backend crash found at the Microsoft interop event. Use existing acl map full control parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's. Add missing documentation for vfs_zfsacl. Note how vfs_gpfs uses the acl map full control parameter. Matthias Dieter Wallnöfer (4): s4:samldb LDB module - userAccountControl = 0 means UF_NORMAL_ACCOUNT on add s4:samldb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 48ae86f heimdal_build: Add missing dep on samba4kgetcred from 7bf8fc7 torture: Add tests for LDAP substring search with no strings provided http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 48ae86f74c5ed2ae2612d61e232bfcf93d44c7f8 Author: Andrew Bartlett abart...@samba.org Date: Sun Jun 16 14:02:57 2013 +1000 heimdal_build: Add missing dep on samba4kgetcred This started to fail on current Debian Sid with system Heimdal after a binutils update. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-By: Jelmer Vernooij jel...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Jun 25 02:30:59 CEST 2013 on sn-devel-104 --- Summary of changes: source4/heimdal_build/wscript_build |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/heimdal_build/wscript_build b/source4/heimdal_build/wscript_build index 44634b4..8ca8788 100644 --- a/source4/heimdal_build/wscript_build +++ b/source4/heimdal_build/wscript_build @@ -948,7 +948,7 @@ HEIMDAL_BINARY('samba4kinit', HEIMDAL_BINARY('samba4kgetcred', 'kuser/kgetcred.c', -deps='krb5 heimntlm roken HEIMDAL_VERS hcrypto', +deps='krb5 heimntlm roken HEIMDAL_VERS hcrypto asn1', install=False ) -- Samba Shared Repository