[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ff4a5f643f4 WHATSNEW.txt: reindex performance, Bind9 logging from 56400153c8c Revert TestCaseInSubDir parts of "downgradedatabase: blackbox test" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ff4a5f643f4e8d38a748573e9492d8c5d571a0ed Author: Gary Lockyer Date: Fri Jun 7 10:01:14 2019 +1200 WHATSNEW.txt: reindex performance, Bind9 logging Add entries for: Reindex performance improvements Bind9 logging LDAP referrals Signed-off-by: Gary Lockyer Reviewed-by: Tim Beale Autobuild-User(master): Tim Beale Autobuild-Date(master): Mon Jun 10 06:13:27 UTC 2019 on sn-devel-184 --- Summary of changes: WHATSNEW.txt | 34 ++ 1 file changed, 34 insertions(+) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 3ef066df34f..c10c1d4ad1e 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -49,6 +49,40 @@ where: The version of the JSON Authentication messages has been changed to 1.2 from 1.1 +Reindex performance improvements + + +The performance of samba-tool dbcheck --reindex has been improved, especially +for large domains. + +LDAP referrals +-- + +The scheme of returned LDAP referrals now reflects the scheme of the original +request, i.e. referrals received via ldap are prefixed with "ldap://; +and those over ldaps are prefixed with "ldaps://" + +Previously all referrals were prefixed with "ldap://; + +Bind9 logging +- + +It is now possible to log the duration of DNS operations performed by Bind9 +This should aid future diagnosis of performance issues, and could be used to +monitor DNS performance. The logging is enabled by setting log level to +"dns:10" in smb.conf + +The logs are currently Human readable text only, i.e. no JSON formatted output. + +Log lines are of the form: + +: DNS timing: result: [] duration: () +zone: [] name: [] data: [] + +durations are in microseconds. + + + REMOVED FEATURES -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4ecdcc4b462 man pages: document prefork process model from abbaa629c64 s3: smbd: smb2-posix: Add NFS_SPECFILE_XXX defines. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4ecdcc4b462d03bec3ec36ba1b90f45d9977be8b Author: Gary Lockyer Date: Tue Jan 29 11:34:31 2019 +1300 man pages: document prefork process model Document the process model options -M BUG: https://bugzilla.samba.org/show_bug.cgi?id=13765 Signed-off-by: Gary Lockyer Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall Autobuild-User(master): Tim Beale Autobuild-Date(master): Thu Jan 31 04:25:14 CET 2019 on sn-devel-144 --- Summary of changes: docs-xml/manpages/samba.8.xml| 35 docs-xml/smbdotconf/base/preforkchildren.xml | 4 +++- 2 files changed, 33 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/samba.8.xml b/docs-xml/manpages/samba.8.xml index 529b687be49..0d542b2fbc8 100644 --- a/docs-xml/manpages/samba.8.xml +++ b/docs-xml/manpages/samba.8.xml @@ -101,14 +101,39 @@ - -M model + -M|--model This parameter can be used to specify the process model samba should use. This determines how concurrent clients are handled. Available process - models include single (everything in - a single process), standard (similar - behaviour to that of Samba 3), thread - (single process, different threads. + models include: + + single + All Samba services run in a single process. This is + not recommended for production configurations. + + + standard + A process is created for each Samba service, + and for those services that support it (currently only + LDAP and NETLOGON) a new processes is started + for each new client connection. + + prefork + A process is started for each Samba service, and a + fixed number of worker processes are started for those + services that support it (currently LDAP, NETLOGON, and KDC). + The client connections are then shared amongst the worker + processes. + Requests for services not supporting prefork are handled + by a single process for that service. + The number of prefork worker processes started is + controlled by the + smb.conf + 5 parameter + , + which defaults to 4. + + diff --git a/docs-xml/smbdotconf/base/preforkchildren.xml b/docs-xml/smbdotconf/base/preforkchildren.xml index ab13efce405..1b9f8cf9a07 100644 --- a/docs-xml/smbdotconf/base/preforkchildren.xml +++ b/docs-xml/smbdotconf/base/preforkchildren.xml @@ -4,7 +4,9 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc;> This option controls the number of worker processes that are - started for each service when prefork process model is enabled. + started for each service when prefork process model is enabled + (see samba + 8 -M) The prefork children are only started for those services that support prefork (currently ldap, kdc and netlogon). For processes that don't support preforking all requests are -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 67fc683a3ee CI: move target "build_nt4" to private gitlab runners from c99402724a6 s3-vfs: Use ENOATTR in errno comparison for getxattr https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 67fc683a3eec4d24de774e2a82c72b69eb03565e Author: Ralph Boehme Date: Wed Jan 23 21:56:26 2019 +0100 CI: move target "build_nt4" to private gitlab runners Fixes the mistake of 574fdfae59c6d7c97be48ca52ac9aefac82feccd that added "build_nt4" to the public runners. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13761 Signed-off-by: Ralph Boehme Reviewed-by: Tim Beale Autobuild-User(master): Tim Beale Autobuild-Date(master): Thu Jan 24 02:45:09 CET 2019 on sn-devel-144 --- Summary of changes: .gitlab-ci-private.yml | 4 .gitlab-ci.yml | 5 - 2 files changed, 4 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/.gitlab-ci-private.yml b/.gitlab-ci-private.yml index c3860685a80..ea22eaa044f 100644 --- a/.gitlab-ci-private.yml +++ b/.gitlab-ci-private.yml @@ -39,3 +39,7 @@ build_samba_ad_dc_py2: # this one takes about 1 hours to finish - script/autobuild.py samba-ad-dc-py2 --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase +build_nt4: + <<: *private_template + script: +- script/autobuild.py samba-nt4 --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d3474db1a22..04d57cb0491 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -35,11 +35,6 @@ build_samba_none_env_py2: # this one takes about 1 hours to finish - script/autobuild.py samba-none-env-py2--verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase -build_nt4: - <<: *private_template - script: -- script/autobuild.py samba-nt4 --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase - build_samba_nopython: <<: *shared_template script: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4729c90f974 traffic: rm --scale-traffic default value from 36c42e6d629 libcli: dns: Change internal DNS_REQUEST_TIMEOUT from 2 to 10 seconds. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4729c90f974bf6b11d9164cdcd819e6238eea08a Author: Joe Guo Date: Tue Jan 15 11:06:29 2019 +1300 traffic: rm --scale-traffic default value -S, --scale--traffic defaults to 1.0 when we switch to new option -T, both -T and -S are set, which raise an error: script/traffic_replay #234: --scale-traffic and --packets-per-second are incompatible. Use one or the other. Signed-off-by: Joe Guo Reviewed-by: Garming Sam Reviewed-by: Tim Beale Autobuild-User(master): Tim Beale Autobuild-Date(master): Wed Jan 23 03:09:41 CET 2019 on sn-devel-144 --- Summary of changes: script/traffic_replay | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/script/traffic_replay b/script/traffic_replay index 7174d246d3b..fab9a8ded26 100755 --- a/script/traffic_replay +++ b/script/traffic_replay @@ -78,7 +78,7 @@ def main(): model_group = optparse.OptionGroup(parser, 'Traffic Model Options', 'These options alter the traffic ' 'generated by the model') -model_group.add_option('-S', '--scale-traffic', type='float', default=1.0, +model_group.add_option('-S', '--scale-traffic', type='float', help=('Increase the number of conversations by ' 'this factor (or use -T)')) parser.add_option('-T', '--packets-per-second', type=float, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 792b8d3f833 netcmd: Change domain backup commands to use s3 SMB Py bindings via 15013ff9537 tests: Change ntaclsbackup tests over to use s3 Py bindings via bae415453e1 s3:pylibsmb: Add .get_acl() API to SMB py bindings from 8900e0b4cb0 lib/ldb: Use new PYARG_ES format for parseTuple https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 792b8d3f8338988c2288bc3dc58e72cacbba2154 Author: Tim Beale Date: Thu Dec 13 17:31:23 2018 +1300 netcmd: Change domain backup commands to use s3 SMB Py bindings This means we can now backup a DC that has SMBv1 disabled. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall Autobuild-User(master): Tim Beale Autobuild-Date(master): Mon Jan 14 06:49:09 CET 2019 on sn-devel-144 commit 15013ff9537cc1103afd1afd59c2da722e655b52 Author: Tim Beale Date: Thu Dec 13 16:05:36 2018 +1300 tests: Change ntaclsbackup tests over to use s3 Py bindings BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit bae415453e13ee1c54d40459c8239b72dea9fa7b Author: Tim Beale Date: Wed Dec 12 16:14:43 2018 +1300 s3:pylibsmb: Add .get_acl() API to SMB py bindings There is no obvious async-equivalent of cli_query_security_descriptor(), so it will throw an error if anyone tries to use it in multi-threaded mode. Currently only samba-tool and tests use the (s4) .get_acl() API, both of which will be fine using the synchronous API. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall --- Summary of changes: python/samba/netcmd/domain_backup.py | 8 -- python/samba/tests/ntacls_backup.py | 4 +-- selftest/knownfail.d/domain_backup | 12 source3/libsmb/pylibsmb.c| 53 4 files changed, 61 insertions(+), 16 deletions(-) delete mode 100644 selftest/knownfail.d/domain_backup Changeset truncated at 500 lines: diff --git a/python/samba/netcmd/domain_backup.py b/python/samba/netcmd/domain_backup.py index 58d5a4c3510..4cacf571f3d 100644 --- a/python/samba/netcmd/domain_backup.py +++ b/python/samba/netcmd/domain_backup.py @@ -27,7 +27,8 @@ import tdb import samba.getopt as options from samba.samdb import SamDB, get_default_backend_store import ldb -from samba import smb +from samba.samba3 import libsmb_samba_internal as libsmb +from samba.samba3 import param as s3param from samba.ntacls import backup_online, backup_restore, backup_offline from samba.auth import system_session from samba.join import DCJoinContext, join_clone, DCCloneAndRenameContext @@ -103,7 +104,10 @@ def get_sid_for_restore(samdb): def smb_sysvol_conn(server, lp, creds): """Returns an SMB connection to the sysvol share on the DC""" -return smb.SMB(server, "sysvol", lp=lp, creds=creds, sign=True) +# the SMB bindings rely on having a s3 loadparm +s3_lp = s3param.get_context() +s3_lp.load(lp.configfile) +return libsmb.Conn(server, "sysvol", lp=s3_lp, creds=creds, sign=True) def get_timestamp(): diff --git a/python/samba/tests/ntacls_backup.py b/python/samba/tests/ntacls_backup.py index 0ee044f1336..03ee821e595 100644 --- a/python/samba/tests/ntacls_backup.py +++ b/python/samba/tests/ntacls_backup.py @@ -19,7 +19,7 @@ """Tests for samba ntacls backup""" import os -from samba import smb +from samba.samba3 import libsmb_samba_internal as libsmb from samba.samba3 import smbd from samba import samdb from samba import ntacls @@ -60,7 +60,7 @@ class NtaclsBackupRestoreTests(TestCaseInTempDir): self.dom_sid) self.lp = self.ntacls_helper.lp -self.smb_conn = smb.SMB( +self.smb_conn = libsmb.Conn( self.server, self.service, lp=self.lp, creds=self.creds) self.smb_helper = ntacls.SMBHelper(self.smb_conn, self.dom_sid) diff --git a/selftest/knownfail.d/domain_backup b/selftest/knownfail.d/domain_backup deleted file mode 100644 index 24f4d87981c..000 --- a/selftest/knownfail.d/domain_backup +++ /dev/null @@ -1,12 +0,0 @@ -# these tests only work with SMBv1, which is disabled on the restoredc -samba.tests.domain_backup.samba.tests.domain_backup.DomainBackupRename.test_one_way_links\(restoredc:local\) -samba.tests.domain_backup.samba.tests.domain_backup.DomainBackupRename.test_backup_untar\(restoredc:local\) -samba.tests.domain_backup.samba.tests
Re: [SCM] Samba Shared Repository - branch master updated
Hi Metze, I wanted to rename the python module because the naming didn't seem consistent with any of the other python bindings Samba has. I think 'libsmb_samba_internal' made sense when it was unused by any of the samba python code (except some test code). But now (well, soon) these Python bindings will be used by the samba-tool code. It looks a bit strange in samba-tool to have: conn = libsmb_samba_internal.Conn(server) E.g. my latest patches start to use the new bindings in more places: https://gitlab.com/catalyst-samba/samba/commits/timb-pysmb-latest But maybe I've misunderstood something. Why do you want to keep the libsmb_samba_internal name? Cheers, Tim On 8/01/19 5:54 PM, Stefan Metzmacher wrote: > Hi Tim, > >> diff --git a/source3/wscript_build b/source3/wscript_build >> index a8ea8e581df..9d188a8d36a 100644 >> --- a/source3/wscript_build >> +++ b/source3/wscript_build >> @@ -1323,7 +1323,7 @@ for env in bld.gen_python_environments(): >> bld.SAMBA3_PYTHON('pylibsmb', >>source='libsmb/pylibsmb.c', >>deps='smbclient samba-credentials %s' % pycredentials, >> - realname='samba/samba3/libsmb_samba_internal.so' >> + realname='samba/samba3/libsmb.so' >>) > What's wrong with libsmb_samba_internal? I'd keep the name. > > metze >
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 24cfa0baf51 netcmd: Small refactor to SMB connection in domain backup via 888c6080c5f netcmd: Refactor duplicated SMB connect in GPO commands via 5a6fcdd8fee tests: Avoid hardcoding domain in GPO tests via af1fe6fdd95 python/ntacls: Convert ntacls to use s3 flags via 3ba32aa55fa s3:pylibsmb: Add flags used by .list() to SMB Py bindings via 27e2b5c6c0c s3:pylibsmb: Rename 'credentials' param to match s4 via bd66d46a399 tests: Rename libsmb_samba_internal test to libsmb via 8662ff67201 s3:pylibsmb: Rename libsmb_samba_internal Py bindings to libsmb from 01079b50a94 tests: Run SMB Py bindings tests against testenv with SMBv1-disabled https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 24cfa0baf515cf81f21c3f7547b66fd7a44a8ea1 Author: Tim Beale Date: Thu Dec 13 16:50:00 2018 +1300 netcmd: Small refactor to SMB connection in domain backup Rework the code so we only do this in one place. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall Autobuild-User(master): Tim Beale Autobuild-Date(master): Tue Jan 8 03:13:48 CET 2019 on sn-devel-144 commit 888c6080c5fed1a85374090f7389fc4cb9d36782 Author: Tim Beale Date: Fri Dec 14 10:47:45 2018 +1300 netcmd: Refactor duplicated SMB connect in GPO commands Do the SMB connection in a single helper function. Note: this highlights that perhaps we want all SMB connections to be signed, but we can fix that up separately. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit 5a6fcdd8feea3505407b5130174ff3547a88915d Author: Tim Beale Date: Fri Dec 14 09:50:02 2018 +1300 tests: Avoid hardcoding domain in GPO tests The realm varies by testenv. Currently the GPO tests will only run on the ad_dc testenv. A slightly better solution is to use the REALM environmental variable, so that the test can run on any testenv. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit af1fe6fdd95153dd74415a4d20b3c3cd428bd16d Author: Tim Beale Date: Fri Dec 14 10:34:48 2018 +1300 python/ntacls: Convert ntacls to use s3 flags This helper code is just using the flags defined by the Python bindings. Convert it over to use s3 bindings instead of s4. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit 3ba32aa55fa6bcd89a2ae9ed73e748ea8ca30b26 Author: Tim Beale Date: Fri Dec 14 10:30:38 2018 +1300 s3:pylibsmb: Add flags used by .list() to SMB Py bindings These flags are exposed by the s4 code. Python code that calls .list() checks the returned attribs/mode for the directory listing, e.g. to work out whether something is a sub-directory: if item['attrib'] & libsmb.FILE_ATTRIBUTE_DIRECTORY... BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit 27e2b5c6c0c8daada0763fd2c90b3b17c0a68cd6 Author: Tim Beale Date: Thu Dec 13 12:40:49 2018 +1300 s3:pylibsmb: Rename 'credentials' param to match s4 s4 just calls it 'creds'. Renaming it will make it easier to convert existing SMB connections over to use the new bindings. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall Reviewed-by: Gary Lockyer commit bd66d46a399ac3e78ab49ebede867f160c67e774 Author: Tim Beale Date: Thu Dec 13 12:37:33 2018 +1300 tests: Rename libsmb_samba_internal test to libsmb So that it better matches the updated Python bindings name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit 8662ff6720189fae9b7f7ef8afad8c2ed41bd350 Author: Tim Beale Date: Thu Dec 13 12:32:17 2018 +1300 s3:pylibsmb: Rename libsmb_samba_internal Py bindings to libsmb BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall --- Summary of changes: python/samba/netcmd/domain_backup.py | 9 +++-- python/samba/netcmd/gpo.py | 42 ++ python/samba/ntacls.py | 12 +++ python/samba/tests/dcerpc/raw_testcase.py | 6 ++-- python/samba/tests/gpo.py | 25 +++-- .../tests/{libsmb_samba_internal.py => libsmb.py
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 01079b50a94 tests: Run SMB Py bindings tests against testenv with SMBv1-disabled via 7f731d7642d tests: Avoid hardcoding domain in test via c95a869e852 tests: Completely replace s4 connection in smb tests via 9a3e640bbaa s3:pylibsmb: Add .deltree() API to SMB py bindings via ea00215d538 s3:pylibsmb: Minor refactor to py_cli_list() variables via 1d0d1a758ba s3:libsmb: Avoid duplicated code by making cli_read_sink() public via d7c7d6203ba s3:pylibsmb: Add .loadfile() API to SMB py bindings via 0af78faf5c9 s3:pylibsmb: Add .savefile() API to SMB py bindings via e4d1d53597a s3:pylibsmb: Free async .list() memory via 6bcd64a4f14 s3:pylibsmb: Make s3 and s4 listings return the same dict via 5f1ed29d6b7 s3:pylibsmb: Don't return '.'/'..' in .list() via 3ac4866d15a s3:pylibsmb: Make .list() work for SMBv2 via 057161039f4 s3:pylibsmb: Split code out into do_listing() helper via 2033208a4a9 s3:pylibsmb: Split out code into list_helper() via 40f4e52732f s3:pylibsmb: Consolidate .readdir()/.list() py bindings API via c4dee3437af s3:pylibsmb: Add .chkpath() API to SMB py bindings via 6a40e538df5 s3:pylibsmb: Add .mkdir(), .rmdir() APIS to SMB py bindings via 8096419c712 s3:pylibsmb: Add .unlink() API to SMB Py bindings via 6fff2c26dac s3:pylibsmb: Make lp a mandatory param for the SMB connection from b7d350b45bc s3:smbd: Fix build on AIX https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 01079b50a9413d85eb8295159f036248bdd0edf2 Author: Tim Beale Date: Wed Dec 12 14:50:53 2018 +1300 tests: Run SMB Py bindings tests against testenv with SMBv1-disabled Sanity-check that the SMBv2 connection actually works by running it against a testenv with SMBv1 disabled. I've dropped 'local' from the ad_dc target, because it shouldn't be needed. We're trying to test the client-side SMB connection, so running it without 'local' is probably a better test. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett Autobuild-User(master): Tim Beale Autobuild-Date(master): Mon Jan 7 04:29:51 CET 2019 on sn-devel-144 commit 7f731d7642de3b1e4cbe43dcd354f0e9dc902787 Author: Tim Beale Date: Wed Dec 12 10:04:09 2018 +1300 tests: Avoid hardcoding domain in test Currently the sysvol domain directory is hard-coded, so the tests can only ever run on the ad_dc. This patch makes things marginally better by using the REALM environmental variable instead. This allows us to run it against other testenvs (like the SMBv2-only restoredc). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit c95a869e85201f836c1579e0f50021e3ffc4cbe0 Author: Tim Beale Date: Wed Dec 12 14:42:30 2018 +1300 tests: Completely replace s4 connection in smb tests This test now uses the s3 python bindings completely, so we can remove the s4 connection. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 9a3e640bbaa45f2b6cd2e9a2ff514fdfa26759d0 Author: Tim Beale Date: Wed Dec 12 13:45:46 2018 +1300 s3:pylibsmb: Add .deltree() API to SMB py bindings This basically re-uses the underlying functionality of existing APIs in order to support a .deltree() API, i.e. - we use the .list() functionality (i.e. do_listing()) to traverse every item in the given directory. - we then use either .unlink() (i.e. unlink_file()) or .rmdir() (i.e. remove_dir()) to delete the individual item. - sub-directories are handled recursively, by repeating the process. Note that the .deltree() API is currently only really used for testing (and deleting GPO files). So the recursion is never going to be excessive. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit ea00215d53891215e20531f75a7ec7e5dec3df5e Author: Tim Beale Date: Wed Dec 12 13:47:46 2018 +1300 s3:pylibsmb: Minor refactor to py_cli_list() variables Add a define for the file attribute mask (we'll reuse it in a subsequent patch), and make the variable type explicit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 1d0d1a758bacaf160f320f39156923ab4c273fd5 Author: Tim Beale Date: Thu Jan 3 17:48:39 2019 +1300 s3:libsmb: Avoid duplicated code by making cli_read_sink() public cli_read_sink() and pull_helper() were essentially identical. By making cli_read_sink() non-static, we can delete the latter
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e9a13d7fc84 selftest/knownfail.d/smb: avoid explicit python version from ecafdcb3914 s3:pylibsmb: allow ImpersonationLevel argument to create() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e9a13d7fc84beb9546c75c8de15aa7246bed71e5 Author: Stefan Metzmacher Date: Thu Dec 13 00:10:52 2018 +0100 selftest/knownfail.d/smb: avoid explicit python version BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Stefan Metzmacher Reviewed-by: Tim Beale Autobuild-User(master): Tim Beale Autobuild-Date(master): Fri Dec 14 00:49:31 CET 2018 on sn-devel-144 --- Summary of changes: selftest/knownfail.d/smb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail.d/smb b/selftest/knownfail.d/smb index 32989a81374..3c6324ac7b3 100644 --- a/selftest/knownfail.d/smb +++ b/selftest/knownfail.d/smb @@ -1,3 +1,2 @@ # currently savefile appends rather than overwriting -samba.tests.smb.samba.tests.smb.SMBTests.test_save_load_text\(ad_dc:local\) -samba.tests.smb.python2.samba.tests.smb.SMBTests.test_save_load_text\(ad_dc:local\) +samba.tests.smb.*samba.tests.smb.SMBTests.test_save_load_text\(ad_dc:local\) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0d15c2be6a2 tests: Rework backup test inheritance to make LP constraints clearer via cbcd8eec6ea tests: Work out DOMSID via samdb rather than environs via 738418ea3ee tests: Run backup tests against restoredc (SMBv1 disabled) via 2e235bda9f7 python/samba/test: PY3 port samba.tests.domain_backup via 70dee4c1c14 tests: Handle backup command exceptions as test failures, not errors via 93c2a952235 tests: Rework backup test_backup_invalid_args test-case via 160031f7b7e selftest: Designate one testenv as having SMBv1 disabled via 88ccd418fde tests: Use s3 smbclient for testenv smoketests via bfb138e9be6 selftest: Make testenv NTVFS usage match --use-ntvfs via da933b7664c selftest: Make chgdcpass's NTVFS usage more obvious via 632b3ab7d49 selftest: Be explicit about which testenvs use ntvfs from baacc703940 libads: Align integer types https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0d15c2be6a2b8b70b9898326e8c5176cbcdb1ca6 Author: Tim Beale Date: Thu Nov 22 16:56:22 2018 +1300 tests: Rework backup test inheritance to make LP constraints clearer The backup tests have a special constraint where we always want to use check_output() over runcmd(). The reason is we need the samba-tool backup/restore commands executed in a separate process. Otherwise the global underlying LoadParm can accumulate settings from earlier test case runs. We can avoid someone in future inadvertently running runcmd() by mistake, by simply changing the inheritance so we no longer inherit from SambaToolCmdTest (so the runcmd functions are no longer present). The comment explaining this has been moved to the top of the file. Note that the TestCaseInTempDir inheritance was redundant. BlackboxTestCase inherits from TestCaseInTempDir (and SambaToolCmdTest was inheriting from BlackboxTestCase). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett Autobuild-User(master): Tim Beale Autobuild-Date(master): Tue Nov 27 06:57:03 CET 2018 on sn-devel-144 commit cbcd8eec6ea7eb32d4860eefdec5009ff274e967 Author: Tim Beale Date: Fri Nov 23 09:46:38 2018 +1300 tests: Work out DOMSID via samdb rather than environs Not all testenvs have the DOMSID set as an environment variable. However, it's easy enough to work out from querying the samdb. This is a slight change in that we use a source4-generated loadparm to connect to the DB (self.lp is source3-generated, presumably for some SMB connection dependency). This change is so we can run the ntacls_backup tests against a DC with SMBv1 disabled (the restoredc). Note that currently the tests fail in the smb.SMB() connection in the setUp(), so we can't run them as part of autobuild just yet (because we can't known-fail test errors). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 738418ea3ee669b1b917f4b8a6da1f69fa3558f1 Author: Tim Beale Date: Thu Nov 22 14:05:01 2018 +1300 tests: Run backup tests against restoredc (SMBv1 disabled) Running the backup tests against the restoredc highlights that the backup online/rename commands don't work if SMBv1 is disabled. Note that the offline commands still work because they don't rely on an SMB connection to the server. (Note that running the backup tests against the restoredc is probably a good idea anyway, to prove that there's no limit to the number of times you can restore a domain from backup, i.e. we support more than just a one-off restore). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 2e235bda9f7e0aa8bce4846264eecd2e051a6c57 Author: Noel Power Date: Mon Nov 5 19:00:20 2018 + python/samba/test: PY3 port samba.tests.domain_backup The restoredc already runs under python3, so before we can run the domain_backup tests against the restoredc, we need to make sure they work under python3. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Noel Power Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 70dee4c1c14ea3eb5c8c81887c6caaa6dc288807 Author: Tim Beale Date: Thu Nov 22 14:35:58 2018 +1300 tests: Handle backup command exceptions as test failures, not errors If the backup command fails (i.e. throws an exception), we want the test to fail. This makes it easier to mark tests as 'knownfail' (because we can't knownfail test errors). In theory, this should just involve updating
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a370f217bb9 replmd: Make replmd_process_linked_attribute() mem dependencies clearer via 05147d25e7b replmd: Avoid redundant dsdb_get_deleted_objects_dn() checks via 698cf271f43 replmd: Minimize get_parsed_dns_trusted() calls during replication via 90f5e49a879 replmd: Pass old_el into replmd_process_linked_attribute() via 19a36b367f1 replmd: Remove some redundant code via f53954d0fd4 replmd: Move where we update the usnChanged/whenChanged via c371fef5863 replmd: Only modify the object if it actually changed via cb3520fbaf9 replmd: replmd_process_link_attribute() returns type of change made from ad57cac7db0 source4 samr: Tidy DBG_WARNING calls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a370f217bb94601345ad5700ea546259e1d04bfd Author: Tim Beale Date: Tue Nov 20 10:59:40 2018 +1300 replmd: Make replmd_process_linked_attribute() mem dependencies clearer This patch should not alter functionality - it is just making memory assumptions used in replmd_process_linked_attribute() clearer. When adding/removing msg->elements we have to take care, as this will invalidate things like the parsed-DN array or old ldb_message_element pointers. This has always been the case (i.e. f6bc4c08b19f5615a49), however, now we need to take even more care, as the msg being modified is re-used and split across 2 different functions. Add more code comments to highlight this. We can also free pdn_list/old_el to prevent them being incorrectly used after realloc. It seems appropriate to also add a sanity-check that the tmp_ctx alloc succeeds (which all the other memory hangs off). Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett Autobuild-User(master): Tim Beale Autobuild-Date(master): Wed Nov 21 05:31:10 CET 2018 on sn-devel-144 commit 05147d25e7b4a9343378c59927f443b723606960 Author: Tim Beale Date: Mon Nov 12 15:49:28 2018 +1300 replmd: Avoid redundant dsdb_get_deleted_objects_dn() checks Quite a bit of time was spent in dsdb_get_deleted_objects_dn() processing during either a join (~9%) or a full-sync (~28%). The problem is we're *always* doing the dsdb_get_deleted_objects_dn() call for each object, regardless of whether it's actually deleted or not. i.e. we were doing an expensive query and a lot of the time just ignoring the query result. If it's not a deleted object we're dealing with, we can just return early and skip the unnecessary processing. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 698cf271f439c252c77f67fb88b09c9dcc84139d Author: Tim Beale Date: Mon Nov 12 12:11:38 2018 +1300 replmd: Minimize get_parsed_dns_trusted() calls during replication When a group has 10,000+ links, get_parsed_dns_trusted() can be costly (simply the talloc calls alone are expensive). Instead of re-generating the pdn_list for every single link attribute, we can change to only re-generate it when we really need to. When we add a new link, it reallocates old_el->values, and so we need to recreate the pdn_list because all the memory pointers will have changed. However, in the other cases, where we're simply updating the existing link value (or ignoring the update, if it's already applied), we can continue using the same pdn_list (rather than re-parsing it again). This would generally only save time with a full-sync - it won't really help with the join case (because every link processed results in a realloc). On a DB with 5000 users, this makes a full-sync about ~13% faster. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 90f5e49a8797f821b07ae761056ec0c5235f8978 Author: Tim Beale Date: Mon Nov 12 12:00:47 2018 +1300 replmd: Pass old_el into replmd_process_linked_attribute() We should only need to lookup the msg attribute once per source object. The old_el->values may change due to link-processing, but old_el itself should not. This is not aimed at improving performance, but we need to change how old_el is used before we can change pdn_list (which is more costly processing-wise). Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 19a36b367f1a33f1eb65e0c5164a3209fcef16e6 Author: Tim Beale Date: Mon Nov 12 11:21:36 2018 +1300 replmd: Remove some redundant code At first glance, this code seemed completely unnecessary. However, it was added (by commit f6bc4c08b19f5615) for a valid reason: adding the whenChanged/uSNChanged attributes to the message can cause msg->elements to be reallocated, which means the old_el pointer (which points to msg->eleme
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8b47443b871 replmd: Cache recycle-bin state to avoid DB lookup via 062ac12a310 replmd: Split some code out into create_la_entry() helper function via c49c0c300ce replmd: Minor change to replmd_verify_link_target() args via ffe7707675f replmd: Skip redundant source object link checks via af1f24acf78 replmd: Split up replmd_verify_linked_attribute() into src/target checks from 0025e8e96a7 waf: Load the C compiler correctly https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8b47443b871c8cfcae60f4d098ff27e561ee6cd4 Author: Tim Beale Date: Fri Oct 26 15:04:42 2018 +1300 replmd: Cache recycle-bin state to avoid DB lookup By caching the recycle-bin state we can save ~6% of the join time. Checking whether the recycle-bin is enabled involves an underlying DSDB search. We do this ~4 times for each link we replicate (twice for the link source and target). By caching the recycle-bin's state over the duration of the replication, we can save 1000s of unnecessary DB searches. With 5K users this makes the join time ~5 secs faster. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett Autobuild-User(master): Tim Beale Autobuild-Date(master): Tue Nov 20 08:40:16 CET 2018 on sn-devel-144 commit 062ac12a31010436953ebe0b31351f7ec0844415 Author: Tim Beale Date: Fri Nov 9 14:29:14 2018 +1300 replmd: Split some code out into create_la_entry() helper function replmd_store_linked_attributes() has gotten in szie and complexity. This refactors some code out into a separate function to make things a bit more manageable. This patch should not alter functionality. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit c49c0c300ce2d4b9f11039640bfd58265c7477af Author: Tim Beale Date: Fri Nov 9 14:13:11 2018 +1300 replmd: Minor change to replmd_verify_link_target() args We were passing in the entire src_msg, but all we really need is the source object's DN (and even then, it's only used in error messages). Change it so we only pass in what the function actually needs. This makes it a bit easier to see what src_msg is actually used for. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit ffe7707675fe91830bea59725e324d029cf2988d Author: Tim Beale Date: Fri Nov 9 14:06:16 2018 +1300 replmd: Skip redundant source object link checks We receive the links grouped together by source object. We can save ourselves some work by not looking up the source object for every single link (if it's still the same object we're dealing with). We've already made this change to replmd_process_linked_attribute(). This patch makes the same change to replmd_store_linked_attributes(). (We verify that we know about each link source/target as we receive each replication chunk. replmd_process_linked_attribute() kicks in later as the transaction completes). Note some care is needed to hold onto the tmp_ctx/src_msg across multiple passes of the for loop. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit af1f24acf783c293d3af6de8e10a64a036d7be38 Author: Tim Beale Date: Fri Oct 26 15:43:33 2018 +1300 replmd: Split up replmd_verify_linked_attribute() into src/target checks Refactor replmd_verify_linked_attribute() so we split out the link attribute source/target checks. This patch should not alter functionality. The source object check has been moved out to where replmd_verify_linked_attribute() was called. replmd_verify_linked_attribute() has been renamed, as it's now only checking the link target. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett --- Summary of changes: source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 192 1 file changed, 133 insertions(+), 59 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 3c7b8b16465..58f9df9c98c 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -77,6 +77,8 @@ struct replmd_private { bool sorted_links; uint32_t total_links; uint32_t num_processed; + bool recyclebin_enabled; + bool recyclebin_state_known; }; /* @@ -138,8 +140,16 @@ static int replmd_check_upgrade_links(struct ldb_context *ldb, struct parsed_dn *dns, uint32_t count, struct ldb_message_element *el, const char *ldap_oid
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c1dd6382e32 ctdb-tests: Make the debug hung script test cope with unreadable stacks from e3b6402b8b6 third_party: Update socket_wrapper to version 1.2.1 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c1dd6382e3211792e313f7d559b943f55c9cb0e1 Author: Martin Schwenke Date: Wed Nov 14 14:09:42 2018 +1100 ctdb-tests: Make the debug hung script test cope with unreadable stacks Ideally this would just involve using "test -r". However, operating system security features may mean that kernel stacks are not readable even though they appear to be. Instead, try reading that stack of a process on the test node. If that succeeds then so should reading the stack of the "stuck" sleep process in the test. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13684 Signed-off-by: Martin Schwenke Reviewed-by: Tim Beale Autobuild-User(master): Tim Beale Autobuild-Date(master): Thu Nov 15 08:15:32 CET 2018 on sn-devel-144 --- Summary of changes: ctdb/tests/simple/90_debug_hung_script.sh | 17 ++--- 1 file changed, 14 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/tests/simple/90_debug_hung_script.sh b/ctdb/tests/simple/90_debug_hung_script.sh index 40f3f47480d..9e2072c98b6 100755 --- a/ctdb/tests/simple/90_debug_hung_script.sh +++ b/ctdb/tests/simple/90_debug_hung_script.sh @@ -58,9 +58,21 @@ wait_until 60 onnode $test_node test -s "$debug_output" echo "Checking output of hung script debugging..." try_command_on_node -v $test_node cat "$debug_output" +hung_script_output="$out" + +# Can we actually read kernel stacks +if try_command_on_node $test_node "cat /proc/$$/stack >/dev/null 2>&1" ; then + stackpat=' + Stack trace of interesting process [0-9]*\\[sleep\\] +[<[0-9a-f]*>] .*sleep+.* +' +else + stackpat='' +fi while IFS="" read pattern ; do -if grep -- "^${pattern}\$" <<<"$out" >/dev/null ; then +[ -n "$pattern" ] || continue +if grep -- "^${pattern}\$" <<<"$hung_script_output" >/dev/null ; then printf 'GOOD: output contains "%s"\n' "$pattern" else printf 'BAD: output does not contain "%s"\n' "$pattern" @@ -72,8 +84,7 @@ done <] .*sleep+.* +${stackpat} ctdb scriptstatus monitor: 00\\.test *TIMEDOUT.* *OUTPUT: Sleeping for [0-9]* seconds... -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2229f46 drs_utils: Avoid invalid dereference of v8 requests via 63bfdb3 drs_utils: Fix some long lines via c21a8ed libnet: Reset debug counters after replicating critical objects via 02d41fe join: Fix join large-DB timeout against Windows from e355a6b s4/selftest: enable samba.tests.samba_tool.gpo for PY3 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2229f4620d563ce0f0ea256dd89ce248c6656b9e Author: Tim Beale Date: Mon Nov 5 17:01:55 2018 +1300 drs_utils: Avoid invalid dereference of v8 requests req.more_flags only exists for v10 requests, so we throw an exception if we try to dereference that field on a v8 (or v5) request. Unfortunately, we were checking that we support v10 *after* we had tried to access the more_flags. This patch fixes up the order of the checks. This may be a problem trying to replicate with an older Windows DC (pre-2008R2), and was reported on the samba mailing-list at one point: https://lists.samba.org/archive/samba/2018-June/216541.html Unfortunately this patch doesn't help the overall situation at all (the join will fail because we can't resolve the link target and we can't use GET_TGT). But it now gives you a more meaningful error, i.e. ERROR(runtime): uncaught exception - (8639, "Failed to process 'chunk' of DRS replicated objects: DOS code 0x21bf" instead of: ERROR(): uncaught exception - 'drsuapi.DsGetNCChangesRequest8' object has no attribute 'more_flags' Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett Autobuild-User(master): Tim Beale Autobuild-Date(master): Tue Nov 6 07:15:33 CET 2018 on sn-devel-144 commit 63bfdb3c1150eec64bf3d78e1f2b9749ef077831 Author: Tim Beale Date: Mon Nov 5 16:54:05 2018 +1300 drs_utils: Fix some long lines Tweak the code slightly to avoid some 80+ character lines. Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit c21a8ed5948d04881a8900e41386dcdfbdeef326 Author: Tim Beale Date: Mon Nov 5 16:34:15 2018 +1300 libnet: Reset debug counters after replicating critical objects Reset the debug counters once we have finished replicating a given partition. This helps if we replicate the same partition immediately afterward with different options. This helps the DC join debug look less weird. Because it replicates the critical objects first, and then the base partition, previously it always ended up overcounting, e.g. Partition[DC=addom,DC=samba,DC=example,DC=com] objects[314/218] linked_values[48/24] Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett commit 02d41fea33e3ad521fbef2d4f00af2db35edd9d9 Author: Tim Beale Date: Mon Nov 5 14:30:14 2018 +1300 join: Fix join large-DB timeout against Windows The LDAP connection can also timeout when trying to join a Windows DC with a very large database. However, in this case Windows gives a slightly different error message (NT_STATUS_CONNECTION_RESET instead of NT_STATUS_CONNECTION_DISCONNECTED). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13612 Signed-off-by: Tim Beale Reviewed-by: Andrew Bartlett --- Summary of changes: python/samba/drs_utils.py | 15 +-- python/samba/join.py| 3 ++- source4/libnet/libnet_vampire.c | 6 ++ 3 files changed, 17 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/drs_utils.py b/python/samba/drs_utils.py index dcd4d73..43d1b4a 100644 --- a/python/samba/drs_utils.py +++ b/python/samba/drs_utils.py @@ -25,7 +25,9 @@ from samba import werror from samba import WERRORError import samba import ldb -from samba.dcerpc.drsuapi import DRSUAPI_ATTID_name +from samba.dcerpc.drsuapi import (DRSUAPI_ATTID_name, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10) import re @@ -204,7 +206,7 @@ class drs_Replicate(object): def __init__(self, binding_string, lp, creds, samdb, invocation_id): self.drs = drsuapi.drsuapi(binding_string, lp, creds) -(self.drs_handle, self.supported_extensions) = drs_DsBind(self.drs) +(self.drs_handle, self.supports_ext) = drs_DsBind(self.drs) self.net = Net(creds=creds, lp=lp) self.samdb = samdb if not isinstance(invocation_id, misc.GUID): @@ -219,13 +221,14 @@ class drs_Replicate(object): # If the error indicates we fail to resolve a target object for a # linked attribute, then we should retry the request with GET_TGT # (if we support it and haven
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3338a3e traffic: Machine accounts were generated as critical objects via be51b51 traffic_replay: Generate machine accounts as well as users via 1906312 traffic_replay: Improve user generation debug via 71c6641 traffic_replay: Convert print() to logger.info() via 32e5822 traffic_replay: Write group memberships once per group via a29ee3a traffic_replay: Re-organize assignments to be group-based via 5ad7fc7 traffic_replay: Prevent users having 1000+ memberOf links via fdd7540 traffic_replay: Change user distribution to use Pareto Distribution via 898e6b4 traffic_replay: Improve assign_groups() performance with large domains via 18740ec traffic_replay: Split out random group membership generation logic via e3e84b0 traffic_replay: Add helper class for group assignments from 7dd3585 selftest: Run smb2.delete-on-close-perms also with "delete readonly = yes" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3338a3e257fa9f285ae639d6ac382e3e234be90e Author: Tim Beale Date: Tue Oct 30 16:14:33 2018 +1300 traffic: Machine accounts were generated as critical objects Due to the userAccountControl flags we were specifying, the machine accounts were all created as critical objects. When trying to populate 1000s of machine accounts in a DB, this makes replication unnecessarily slow (because it has to replicate them all twice). This patch changes it so when we're just creating machine accounts for the purpose of populating a semi-realistic DB, we jsut use the default WORKSTATION_TRUST_ACCOUNT flag. Note that for the accounts used for traffic-replay, we apparently need the existing flags in order for the DC to accept certain requests. Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall Autobuild-User(master): Tim Beale Autobuild-Date(master): Mon Nov 5 03:43:24 CET 2018 on sn-devel-144 commit be51b51263a460e9790b8a210914a68499af7953 Author: Tim Beale Date: Tue Oct 23 11:16:31 2018 +1300 traffic_replay: Generate machine accounts as well as users Currently the tool only generates the machine accounts needed for traffic generation. However, this isn't realistic if we're trying to use the tool to generate users to simulate a large network. This patch generates machine accoutns along with the user accounts. Note we assume there will be more computer accounts than users in a real network (e.g. work laptops, servers, etc), so generate slightly more computer accounts. Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit 1906312c097812fbdca1e04f6fe70f5af6bbd596 Author: Tim Beale Date: Tue Oct 23 10:46:17 2018 +1300 traffic_replay: Improve user generation debug When creating 1000s of users you currently get a lot of debug, but at the same time you have no idea how far through creating the users you actually are. Instead of logging every single user account that's created, log every 50th (as well as how far through the overall generation we are). Logger already includes timestamps, so we can remove generating the timestamp diff manually. User creation is the slowest operation - adding groups/memberships is much faster, so we don't need to log as frequently. Note that there is a usability trade-off on how frequently we log depending on whether the user is using the slower (but more common) method of going via LDAP, vs the much faster (but more obscure) method of writing directly to sam.ldb with ldb:nosync=true. In my tests, we end up logging every ~30-ish secs with LDAP, and every ~3 seconds with direct file writes. Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit 71c66419bb243605ff240e0b7cd5d5a32ba2441f Author: Tim Beale Date: Tue Oct 23 10:24:51 2018 +1300 traffic_replay: Convert print() to logger.info() Using logger is more helpful here because it includes timestamps, so we can see how long things are taking. It's also more consistent with the rest of the traffic_replay logging. Signed-off-by: Tim Beale Reviewed-by: Douglas Bagnall commit 32e58227cd10d9a91c349433fc20bd0cb36869f1 Author: Tim Beale Date: Thu Nov 1 09:42:33 2018 +1300 traffic_replay: Write group memberships once per group Each user-group membership was being written to the DB in a single operation. With large numbers of users (e.g. 10,000 in average 15 groups each), this becomes a lot of operations (e.g. 150,000). This patch reworks the code so that we write the memberships for a group in one operation. E.g. instead of 150,000 DB operations, we might make 1,500. This makes writing
Re: [Samba] Procedure for installing Windows drivers on Samba with CUPS
@steve yes I am sure as I am able to print now in my test-network :) These are the steps I have done on a freshly installed ubuntu 12.04 server: 1: Downloaded and extracted samba-4.0.6.tar.gz 2: Patched dns_crypto.c in /source4/dns_server/ with 0001-Fix-internal-DNS-dyn.-update-seen-as-TSIG-error-with.patch 3: Did provision with samba internal dns backend and downloaded an initscript 4: Did a krb5_newrealm SAMBA.MY.DOMAIN 5: mkdir /var/spool/samba and /usr/local/samba/var/print 6: chmod 1777 /var/spool/samba and /usr/local/samba/var/print 7: added the following to my smb.conf in /usr/local/samba/etc/smb.conf: [global] ... printcap name = cups printing = cups [print$] comment = Printer Drivers path = /usr/local/samba/var/print read only = no [printers] comment = All Printers browseable = yes printable = yes read only = no path = /var/spool/samba 8: installed and configured cups 9: started samba 10: added the windows drivers to the samba share like Adam Nielsen said 11: I could print That's about it for printing, the patch I did was for my samba4-failover server if you don't patch it it errors on dns updates... Hope this helps. Best regards Tim Vangehugten 2013/5/23 steve st...@steve-ss.com On Wed, 2013-05-22 at 21:15 -0500, Ricky Nance wrote: Those instructions should still work for XP, but its quite a bit different for windows 7, I need to do a wiki page on it, and will when I get some spare time, but not sure when that will be. Thanks Ricky I just tried it with a xp client. The same error: Access is denied. Is there anything trivial missing from those wiki notes which prevent printing working with 4.0.6? Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Procedure for installing Windows drivers on Samba with CUPS
Hi, Just an update: Tried today samba 4.0.6, printing works there with the automatic driver install. Best regards Tim Vangehugten 2013/5/17 Tim Vangehugten timvangehug...@gmail.com @Gerry, which version are you using? Does printing works in 4.0.4? 2013/5/16 Gerry Reno gr...@verizon.net On 05/16/2013 10:46 AM, steve wrote: On Thu, 2013-05-16 at 15:22 +0200, Tim Vangehugten wrote: if only the printing in samba 4.0.5 would work that would be nice... Hi The printing doesn't work in 4.0.5 https://bugzilla.samba.org/show_bug.cgi?id=9745 maybe you could add this thread/your use case to the bugzilla? Cheers, Steve 4.0.5 is useless without printing. I've backed out of 4.0.5. . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Procedure for installing Windows drivers on Samba with CUPS
@Gerry, which version are you using? Does printing works in 4.0.4? 2013/5/16 Gerry Reno gr...@verizon.net On 05/16/2013 10:46 AM, steve wrote: On Thu, 2013-05-16 at 15:22 +0200, Tim Vangehugten wrote: if only the printing in samba 4.0.5 would work that would be nice... Hi The printing doesn't work in 4.0.5 https://bugzilla.samba.org/show_bug.cgi?id=9745 maybe you could add this thread/your use case to the bugzilla? Cheers, Steve 4.0.5 is useless without printing. I've backed out of 4.0.5. . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Procedure for installing Windows drivers on Samba with CUPS
Hi, I have spend a lot of time searching for a solution to automatically install printerdrivers over the network until I stumbled on this. I followed your method with samba 4.0.5 in Ubuntu 12.04 and a windows 7 professional x64 client and everything worked. I had some problems at finding ntprint at first but this tutorial: http://techsugar.wordpress.com/2011/04/26/obtaining-ntprint-inf-file-when-installing-x86-printer-drivers-on-windows-server-2008-64-bit/has helped me to obtain it. Now my drivers are automatically installed, if only the printing in samba 4.0.5 would work that would be nice... Best regards Tim Vangehugten 2013/5/13 Adam Nielsen adam.niel...@uq.edu.au Hi all, This isn't a plea for help, but rather I have just been through the procedure for installing Windows drivers on a Samba machine using CUPS, and I thought I'd post my notes in case it helps someone one day as the documentation doesn't focus too strongly on my particular set up (it focuses on using Windows drivers without CUPS, or PostScript drivers with CUPS, but there's less about using Windows drivers with CUPS.) So if you are using CUPS and Samba, and you want to use point-n-print on your Windows machines with the manufacturer's drivers (in this case Ricoh MFDs) here is the process, which has only been tested on Win 7 64-bit, and assumes you have already set up the print$ share and can write to it from the Windows machine you will be using for this procedure. 1. Create a new CUPS print queue. IPP works best, but any protocol will do (IPP causes usernames and job titles to appear on our machines' front panels.) 2. Select the Raw manufacturer, with the Raw Queue model and continue until the queue is ready. 3. killall -HUP smbd to make it see the new printer, possibly even killing your own session (smbstatus | grep username then kill those PIDs.) 4. Run \\server and on the menu below the normal menu (where it says Organize, Search, etc.) choose the last option View remote printers. This view allows remote printers to be examined without trying to install them. 5. If the printer is not visible, in the address bar type in \\server\queuename and then cancel anything that comes up, and go back and refresh the list of printers. The missing queue should now be visible. It seems to take a while before it will show up reliably. 6. Right-click properties on the new printer, and when asked to install the '' driver, it is *very* important to say no. 7. On the Advanced tab click New Driver, then follow the prompts. If the New Driver button is greyed out, you need to give yourself more permissions. Giving permission to an AD group doesn't seem to work, you seem to have to grant your own (Windows) user print management permissions with the 'net' command (on the Linux box.) This worked for me: $ net -U server\\root rpc rights grant 'DOMAIN\username' SePrintOperatorPrivilege 8. In the New Driver window, click Have Disk and find the driver you want to install. 9. If you get an error about needing x64 drivers, edit the driver's .inf file in the driver and replace all instances of NT.5.1 (or higher) with NT.5.0. If this doesn't work, duplicating the 64-bit stuff and putting it in a header for 32-bit works too (but this is only advisable if you don't have any 32-bit Windows machines.) 10. Click OK to close the printer properties and don't worry if you get a weird error. 11. Click properties again and you should see the full printer properties with the new driver. 12. On the Sharing tab click Additional Drivers and install the x64 drivers (it seems to install only 32-bit ones.) If you are prompted for where to install them from select the same driver again. 13. On the Advanced tab make sure you click Printing Defaults and change something and apply the changes so the default settings aren't null (you can change it back, but usually you have to change it to A4 or set paper-to-tray assignments anyway.) 14. On the General tab make sure the queue name matches the CUPS queue name. Some drivers change this from something like my-queue to Bob's Fantastic Printer Company PCL 6, but you won't be able to install the printer on client machines if the names don't match. 15. You should be able to double-click on the printers from client machines normally and have the driver install automatically now. If you get prompted for admin access and you're connected to a domain, add your Samba server in to the approppriate group policy so drivers can be installed from it with no elevation required. Plenty of pages on Google explaining this. 16. If you get an error installing the printer (something about being unable to install the driver), wait for a few hours as this often helps. Maybe restarting Samba would help too, but for us it was a production machine so that wasn't possible. I have successfully used this procedure to install four Ricoh MFDs and their fax
[Samba] Change groupsid AD
Hi, I'm running Samba4 now for a couple of weeks, I'm currently stuck at the following problem: how do I change the AD groupsid? And this without the use of SUA in windows. For instance I have the group NiagaraUsers (S-1-5-21-1512407341-4132623508-1653607534-1001) with groupsid 10020. I just want to know how I can change this to 7002 for example. Best Regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SSL certificate in SAMBA4 LDAP?
Today I have looked again at the SSL certs from samba and I got them to work with intermediate certificates. If you want to do this you need to have to following: IntermediateCA.crt Yourdomain.crt Yourdomain.key and last your Global Root CA.pem (Mine intermediate CA is Alphassl so this was GlobalSign_root_CA.pem) Now copy your IntermediateCA.crt to /usr/local/samba/private/tls/ca.pem and Yourdomain.key to /usr/local/samba/private/tls/key.pem The part where it went wrong at first time was the cert.pem but to make it work you have to do the following, create the file /usr/local/samba/private/tls/cert.pem and put at the beginning of the file the certificate from Yourdomain.crt followed by the certificate in the file IntermediateCA.crt and behind this you have to put your rootCA.pem and then save the file. Your cert.pem will look like the following: -BEGIN CERTIFICATE- Certificate of Yourdomain.crt -END CERTIFICATE- -BEGIN CERTIFICATE- Certificate of IntermediateCA.crt -END CERTIFICATE- -BEGIN CERTIFICATE- Certificate of RootCA.crt in mine case this was GlobalSign_root_CA.pem -END CERTIFICATE- Restart samba and you now have your ldap running with a verified intermediate certificate. Best Regards Tim Vangehugten 2013/4/27 Michael Wood esiot...@gmail.com On 27 April 2013 10:02, Tim Vangehugten timvangehug...@gmail.com wrote: I already put them into /usr/local/samba/private/tls and samba had read them I just get the error that my CA is untrusted though I got my certificate signed by an intermediate CA. So probably it's somewhere my fault and not related to samba :) OK, not sure how it works with intermediate CAs. Maybe you need to have both root and intermediate CA certs in ca.pem, but I haven't tried it. 2013/4/26 Michael Wood esiot...@gmail.com On 25 April 2013 15:38, Tim Vangehugten timvangehug...@gmail.com wrote: Hello, Is it possible to load my signed certificate into samba4 ldap so the samba4 ldap would use it if a client connects to it? And if so, could someone provide me with the details on howto do this or point me in the right direction? Yes. Make sure you have the GnuTLS development libraries installed before compiling Samba. Then put your CA cert, cert and key in /usr/local/samba/private/tls. They should be named ca.pem, cert.pem and key.pem. I think you'll also need a DH params file. -- Michael Wood esiot...@gmail.com -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Succes for Günter Kukkukk [PATCH] Fix internal DNS dyn. updates, seen as: ; TSIG error with server: tsig verify failure
I just wanted to report that after using the patch from Günter Kukkukk ( 0001-Fix-internal-DNS-dyn.-update-seen-as-TSIG-error-with.patch ) for 2 weeks I haven't seen any errors in samba 4.0.5. Anyway thank you for the patch. Best regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ktpass.sh error / How to generate a keytab for a new service (apache) with SAMBA4?
Hi, I was trying to get a new keytab in samba4 for my apache service. So I tried the following command: sh ktpass.sh --out /etc/apache.keytab --princ HTTP/myhost.samba.my.dom...@samba.my.DOMAIN --pass VerySecure123 --enc des-cbc-md5 I get the following error: Unable to find kvno for principal HTTP/myhost.samba.my.dom...@samba.my.DOMAIN Am I doing something wron or shouldn't I be using ktpass.sh? Best Regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SSL certificate in SAMBA4 LDAP?
I already put them into /usr/local/samba/private/tls and samba had read them I just get the error that my CA is untrusted though I got my certificate signed by an intermediate CA. So probably it's somewhere my fault and not related to samba :) Best Regards Tim Vangehugten *** * 2013/4/26 Michael Wood esiot...@gmail.com On 25 April 2013 15:38, Tim Vangehugten timvangehug...@gmail.com wrote: Hello, Is it possible to load my signed certificate into samba4 ldap so the samba4 ldap would use it if a client connects to it? And if so, could someone provide me with the details on howto do this or point me in the right direction? Yes. Make sure you have the GnuTLS development libraries installed before compiling Samba. Then put your CA cert, cert and key in /usr/local/samba/private/tls. They should be named ca.pem, cert.pem and key.pem. I think you'll also need a DH params file. -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] SSL certificate in SAMBA4 LDAP?
Hello, Is it possible to load my signed certificate into samba4 ldap so the samba4 ldap would use it if a client connects to it? And if so, could someone provide me with the details on howto do this or point me in the right direction? Best Regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Error + Syncing problems
Tried today with --dns-backend=SAMBA_INTERNAL and the sync seems to work in both ways now like it should be. So most likely it had to do with my first error: Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp :ad48d62e-60c8-46fd-bc5c-48bc70ebbf8e._msdcs.samba.test.ad[1024,seal,krb5] NT_STATUS_NO_LOGON_SERVERS which probably was bind related. 2013/4/23 Tim Vangehugten timvangehug...@gmail.com Reported it as a bug (https://bugzilla.samba.org/show_bug.cgi?id=9826). If someone has a workaround I would gladly listen to it. Best Regards Tim Vangehugten 2013/4/23 Michael Wood esiot...@gmail.com On 23 April 2013 13:42, Daniel Müller muel...@tropenklinik.de wrote: It is the same I noticed: there is only syncing DC1 to DC2 not the other way. The second joined to domain is always the slave. That is not supposed to be how it works. The DCs are supposed to be able to sync both ways. I haven't tried this myself, but if this does not work it sounds like a bug. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto: samba-boun...@lists.samba.org] Im Auftrag von Tim Vangehugten Gesendet: Dienstag, 23. April 2013 13:33 An: samba@lists.samba.org Betreff: [Samba] Error + Syncing problems Hi, I have 2 samba4.0.5 DC controllers running ubuntu 12.04 in my network which are in sync. Everything works fine but I still get the following error on the first samba4 DC I installed when running /usr/local/samba/sbin/samba -i Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp :ad48d62e-60c8-46fd-bc5c-48bc70ebbf8e._msdcs.samba.test.ad [1024,seal,krb5] NT_STATUS_NO_LOGON_SERVERS Also I tested the following scenarios: - Added a user with the 2 DC's running, pulled the first DC out and tried logging in on client (which uses then the DC2 because no cached credentials were available) Result: Passed test - Added a user with to DC2 (DC1 was still down). After that I pluged in DC1 back and restarted samba on it and waited for 5 min. No sync happened back from DC2 to DC1. Waited 30min, no result Result: Failure Can anyone help me or explain why DC2 won't sync back to DC1? Also can someone help me to solve the error I get? Best Regards Tim Vangehugten -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Error + Syncing problems
Hi, I have 2 samba4.0.5 DC controllers running ubuntu 12.04 in my network which are in sync. Everything works fine but I still get the following error on the first samba4 DC I installed when running /usr/local/samba/sbin/samba -i Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp :ad48d62e-60c8-46fd-bc5c-48bc70ebbf8e._msdcs.samba.test.ad[1024,seal,krb5] NT_STATUS_NO_LOGON_SERVERS Also I tested the following scenarios: - Added a user with the 2 DC's running, pulled the first DC out and tried logging in on client (which uses then the DC2 because no cached credentials were available) Result: Passed test - Added a user with to DC2 (DC1 was still down). After that I pluged in DC1 back and restarted samba on it and waited for 5 min. No sync happened back from DC2 to DC1. Waited 30min, no result Result: Failure Can anyone help me or explain why DC2 won't sync back to DC1? Also can someone help me to solve the error I get? Best Regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Error + Syncing problems
Reported it as a bug (https://bugzilla.samba.org/show_bug.cgi?id=9826). If someone has a workaround I would gladly listen to it. Best Regards Tim Vangehugten 2013/4/23 Michael Wood esiot...@gmail.com On 23 April 2013 13:42, Daniel Müller muel...@tropenklinik.de wrote: It is the same I noticed: there is only syncing DC1 to DC2 not the other way. The second joined to domain is always the slave. That is not supposed to be how it works. The DCs are supposed to be able to sync both ways. I haven't tried this myself, but if this does not work it sounds like a bug. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Tim Vangehugten Gesendet: Dienstag, 23. April 2013 13:33 An: samba@lists.samba.org Betreff: [Samba] Error + Syncing problems Hi, I have 2 samba4.0.5 DC controllers running ubuntu 12.04 in my network which are in sync. Everything works fine but I still get the following error on the first samba4 DC I installed when running /usr/local/samba/sbin/samba -i Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2@ncacn_ip_tcp :ad48d62e-60c8-46fd-bc5c-48bc70ebbf8e._msdcs.samba.test.ad [1024,seal,krb5] NT_STATUS_NO_LOGON_SERVERS Also I tested the following scenarios: - Added a user with the 2 DC's running, pulled the first DC out and tried logging in on client (which uses then the DC2 because no cached credentials were available) Result: Passed test - Added a user with to DC2 (DC1 was still down). After that I pluged in DC1 back and restarted samba on it and waited for 5 min. No sync happened back from DC2 to DC1. Waited 30min, no result Result: Failure Can anyone help me or explain why DC2 won't sync back to DC1? Also can someone help me to solve the error I get? Best Regards Tim Vangehugten -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 Schema credentials
Hello, I am currently migrating from OpenLDAP to samba4 and encountered the following problem, I only can bind to CN=sambaadmin,CN=Users,DC=example,DC=com. So I was wondering if it is possible to bind to the CN=Schema,CN=Configuration,DC=example,DC=com? If so, where can I find the credentials? Best Regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ldaps redirects to ldap
Hello, Whenever i try to run the following command in commandline: ldapvi -d -D cn=Administrator,cn=Users,dc=example,dc=local --host ldaps://example.local --tls allow I am redirected from ldaps to ldap. Is there any way to disable this? Best Regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 LDAP password hashes
Hello, I'm running samba4 and I installed phpldapadmin to connect to the samba ldap. When I am logged in as administrator i can't see the password hashes of my users or myself. Does samba need any extra configuration/ compile parameters to view the password hashes? Or does samba has a default manager ldap account? Best Regards Tim Vangehugten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unable to start Samba on AIX 6.1
On 03/22/2012 11:54 AM, Jeremy Allison wrote: On Mon, Mar 12, 2012 at 05:17:39PM +, neetesh.gu...@accenture.com wrote: Hi Allison, I have downloaded the package yesterday night, complied installed. While I am starting the nmbd smbd process, I am getting below error. # ./nmbd exec(): 0509-036 Cannot load program ./nmbd because of the following errors: 0509-150 Dependent module libwbclient.so could not be loaded. 0509-022 Cannot load module libwbclient.so. 0509-026 System error: A file or directory in the path name does not exist. # ./smbd exec(): 0509-036 Cannot load program ./smbd because of the following errors: 0509-150 Dependent module libtalloc.so could not be loaded. 0509-022 Cannot load module libtalloc.so. 0509-026 System error: A file or directory in the path name does not exist. You need to fix your shared library load paths. Hopefully an AIX expert can help. I have the following lines in /etc/rc.tcpip for startup (this is AIX 5.2): LIBPATH=/usr/lib:/lib:/usr/local/lib:/usr/local/samba/lib /usr/local/samba/sbin/smbd -s /usr/local/samba/lib/smb.conf LIBPATH=/usr/lib:/lib:/usr/local/lib:/usr/local/samba/lib /usr/local/samba/sbin/nmbd -s /usr/local/samba/lib/smb.conf -- Tim Evans, TKEvans.com, Inc.| 5 Chestnut Court UNIX System Admin Consulting| Owings Mills, MD 21117 http://www.tkevans.com/ | 443-394-3864 http://www.come-here.com/News/ | tkev...@tkevans.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] mount.cifs - 4.8.1 -- server side restart - CIFS VFS: No repsonse for cmd
Samba list: We are mounting a share provided by a Unisys MCP mainframe with the following fstab entry /etc/fstab: //UnisysMCPmainframe.example.com/staging_test /mnt/staging cifs rw,file_mode=0775,dir_mode=0775,uid=4051,gid=4053,credentials=/etc/nx-credentials.txt,_netdev 0 0 The mount is established just fine and works with the exception that the mainframe does not support the POSIX utime() calls when files are being created. What we see though in operation, is that when the mainframe is restarted (halt/load in their terminology), the mount.cifs module ends up throwing the following into /var/log/messages and continually tries to re-authenticate to the share (gleaned from tcpdump traces). The mainframe logs show that these mounts try (and succeed) to ATTACH (re-authenticate re-establish the connection) once or twice a minute thereafter. This essentially fills their logs and makes them unhappy as you might imagine. These messages don't appear after an initial mount and before a mainframe halt/load -- only after that point. How do we prevent this behavior from our mount.cifs? /var/log/messages: Oct 26 04:33:15 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 50 mid 2068 Oct 26 04:35:24 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2071 Oct 26 04:36:07 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2074 Oct 26 04:36:19 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2077 Oct 26 04:38:04 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2090 Oct 26 04:38:16 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2093 Oct 26 04:39:04 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2096 Oct 26 04:39:13 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2099 Oct 26 04:40:07 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2102 Oct 26 04:40:19 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2105 Oct 26 04:41:07 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2108 Oct 26 04:41:16 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2111 Oct 26 04:42:13 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2119 Oct 26 04:42:25 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2122 Oct 26 04:43:10 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2125 Oct 26 04:44:14 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2132 Oct 26 04:45:10 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2139 Oct 26 04:46:13 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2146 Oct 26 04:48:04 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2160 Oct 26 04:48:16 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2163 Oct 26 04:49:04 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2166 Oct 26 04:49:13 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2169 Oct 26 04:50:06 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2172 Oct 26 04:50:18 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2175 Oct 26 04:51:09 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2178 Oct 26 04:51:21 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2181 Oct 26 04:53:04 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2191 Oct 26 04:53:16 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2194 Oct 26 04:54:04 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2197 Oct 26 04:54:13 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2200 Oct 26 04:55:11 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2203 Oct 26 04:55:23 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2206 Oct 26 04:56:07 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2209 Oct 26 04:56:16 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2212 Oct 26 04:56:33 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2215 Oct 26 04:56:39 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2218 Oct 26 04:57:13 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2228 Oct 26 04:58:10 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2235 Oct 26 04:59:13 linuxbox-263213161 kernel: CIFS VFS: No response for cmd 117 mid 2242 # uname -r -v 2.6.32-131.6.1.el6.x86_64 #1 SMP Mon Jun 20 14:15:38 EDT 2011 # mount.cifs -V mount.cifs version: 4.8.1 # rpm -qa | grep cifs cifs-utils-4.8.1-2.el6.x86_64 # modinfo cifs filename: /lib/modules/2.6.32-131.6.1.el6.x86_64/kernel/fs/cifs/cifs.ko version:1.68 description:VFS to access servers complying with the SNIA CIFS Specification e.g. Samba and Windows license:GPL author: Steve French sfre...@us.ibm.com srcversion: 6BE0EB6FED154E567A97675 depends: vermagic:
Re: [Samba] mount.cifs - Unisys MCP Mainframe -- Linux touch command setting times of `testfile.txt': Permission denied
the mount.cifs is from (cifs-utils-4.8.1-2.el6.x86_64) On Tue, Aug 30, 2011 at 8:05 PM, Tim Lank timl...@timlank.com wrote: I've got a share from a Unisys MCP Mainframe mounted with mount.cifs from RHEL 6.1 (samba-common-3.5.6-86.el6.x86_64). when I try to touch a file, it creates the file, but reports an error - setting times of `testfile.txt': Permission denied strace on the touch command shows that it is erroring out on the utimensat() call utimensat(0, NULL, NULL, 0) = -1 EACCES (Permission denied) Documentation from the Unisys Mainframe can be found here http://public.support.unisys.com/aseries/docs/clearpath-mcp-12.0/pdf/70118328-103.pdf Pages: C-2 and C3 show what POSIX functions are/not supported utime() and utimensat() are not among the supported functions listed there. Is there any combination of parameters to mount.cifs that can be used that would prevent touch from reporting this error? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] mount.cifs - Unisys MCP Mainframe -- Linux touch command setting times of `testfile.txt': Permission denied
On Wed, Aug 31, 2011 at 3:41 PM, Jeff Layton jlay...@redhat.com wrote: On Wed, 31 Aug 2011 14:55:26 -0400 Tim Lank timl...@timlank.com wrote: the mount.cifs is from (cifs-utils-4.8.1-2.el6.x86_64) On Tue, Aug 30, 2011 at 8:05 PM, Tim Lank timl...@timlank.com wrote: I've got a share from a Unisys MCP Mainframe mounted with mount.cifs from RHEL 6.1 (samba-common-3.5.6-86.el6.x86_64). when I try to touch a file, it creates the file, but reports an error - setting times of `testfile.txt': Permission denied strace on the touch command shows that it is erroring out on the utimensat() call utimensat(0, NULL, NULL, 0) = -1 EACCES (Permission denied) Documentation from the Unisys Mainframe can be found here http://public.support.unisys.com/aseries/docs/clearpath-mcp-12.0/pdf/70118328-103.pdf Pages: C-2 and C3 show what POSIX functions are/not supported utime() and utimensat() are not among the supported functions listed there. Is there any combination of parameters to mount.cifs that can be used that would prevent touch from reporting this error? (cc'ing linux-cifs ml) Most likely, this is a local (unix) permissions issue. CIFS has a rather unintuitive permissions model. It attempts to enforce permissions locally, but doesn't really have enough information to do so properly. This leads to these sorts of problems. When you create files as a particular user, then they end up being owned by the default file owner on the mount rather than the user that just created the file. Then when you go to set the time, the kernel tries to enforce the permissions on the file and denies you access to do so. This varies somewhat depending on whether CIFS posix extensions are in force, but it's a common problem. The best scheme is to switch the mount to being multiuser, but that requires a kerberized setup at the moment. Another workaround is to mount with '-o noperm' which disables local permissions checking entirely. This will however allow any process on the box to read and write to the server using the mount credentials. Another idea is to get creative with the uid=,gid=,file_mode=, and dir_mode= options. See the mount.cifs manpage. If you're careful, you can craft a set of options that will allow the users you want to have proper access without opening everything up. My SambaXP talk from last year covers a lot of this in detail if you're interested http://sambaxp.org/index.php?id=38 Good luck! -- Jeff Layton jlay...@redhat.com Jeff, Thanks for all the info. A wireshark analysis shows that the Mainframe here is returning a frame that shows that the file is created and granted exclusive open for writing. The file actually gets created on the Mainframe (presumably because of the combination of my uid=,gid=,file_mode=, and dir_mode= options) and I can modify it from all users on the mount.cifs box. The next request is from the mount.cifs box to modify Created, Last Access, Last Write, and Change timestamp attributes for the (already) opened file. The response frame from the Mainframe is a basic Access Denied message which I suppose the touch command turns into a setting times of ... Permission Denied message being returned. I'd like to try and get a kerberized setup going with mount.cifs. I see the sec=krb5 option, but is there a series of other config steps that I need to perform (modifying /etc/krb5.conf for example). Supposedly the Mainframe already has kerberos mapping setup for all the users on our mount.cifs system. Any references (besides the mount.cifs manpage) that you can provide that walk through the kerberized setup would be appreciated. Thanks, Tim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] mount.cifs - Unisys MCP Mainframe -- Linux touch command setting times of `testfile.txt': Permission denied
I've got a share from a Unisys MCP Mainframe mounted with mount.cifs from RHEL 6.1 (samba-common-3.5.6-86.el6.x86_64). when I try to touch a file, it creates the file, but reports an error - setting times of `testfile.txt': Permission denied strace on the touch command shows that it is erroring out on the utimensat() call utimensat(0, NULL, NULL, 0) = -1 EACCES (Permission denied) Documentation from the Unisys Mainframe can be found here http://public.support.unisys.com/aseries/docs/clearpath-mcp-12.0/pdf/70118328-103.pdf Pages: C-2 and C3 show what POSIX functions are/not supported utime() and utimensat() are not among the supported functions listed there. Is there any combination of parameters to mount.cifs that can be used that would prevent touch from reporting this error? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Domain trust between Samba 3.5.9 and Windows 2008 Active Directory crashes lsass.exe which makes AD Domain Controller reboot
Thanks for saving me some time going down a rabbit hole. Still at a loss, get this packet: 226 1970-01-01 00:01:51.853391 192.168.153.156 192.168.56.152 SMB Session Setup AndX Request, NTLMSSP_AUTH, User: CTGDOMAIN\testuser01 Then a load of other traffic between Samba PDC and AD DC which all seems ok (SMB. DCERPC and RPC_NETLOGON packets) then 12 seconds later get the response to packet 226 above and then the DC has rebooted: 274 1970-01-01 00:02:03.425244 192.168.56.152 192.168.153.156 SMB Session Setup AndX Response, Error: STATUS_INTERNAL_ERROR Enabled netlogon max logging ( nltest /dbflag:0x2080 ) and see the following in the netlogon.log: 08/10 12:16:41 [LOGON] SamLogon: Network logon of CTGDOMAIN\root from CTGSOL10 Entered 08/10 12:16:41 [SESSION] CTGDOMAIN: NlSessionSetup: Try Session setup 08/10 12:16:41 [SESSION] CTGDOMAIN: NlSetStatusClientSession: Set connection status to 0 08/10 12:16:41 [SESSION] CTGDOMAIN: NlSetStatusClientSession: Set connection status to 0 08/10 12:16:41 [SESSION] CTGDOMAIN: NlSessionSetup: negotiated 400201ff flags rather than 603fbfff 08/10 12:16:41 [SESSION] CTGDOMAIN: NlSessionSetup: Session setup Succeeded Then nothing till the server reboots (also enabled SAM logging but nothing in sam.log) A session using the NT4 domain trust shows the following in netlogon.log: 08/09 14:44:36 [LOGON] SamLogon: Network logon of LIVENT4DOMAIN\testuser01 from GORDIAN-FCB4FE1 Entered 08/09 14:44:36 [SESSION] LIVENT4DOMAIN: NlSessionSetup: Try Session setup 08/09 14:44:37 [CRITICAL] NlSessionSetup: Fall back to Authenticate2 08/09 14:44:37 [SESSION] LIVENT4DOMAIN: NlSetStatusClientSession: Set connection status to 0 08/09 14:44:37 [SESSION] LIVENT4DOMAIN: NlSetStatusClientSession: Set connection status to 0 08/09 14:44:37 [SESSION] LIVENT4DOMAIN: NlSessionSetup: negotiated 41ff flags rather than 603fbfff 08/09 14:44:37 [SESSION] LIVENT4DOMAIN: NlSessionSetup: Session setup Succeeded 08/09 14:44:37 [LOGON] SamLogon: Network logon of LIVENT4DOMAIN\testuser01 from GORDIAN-FCB4FE1 Returns 0x0 08/09 14:45:04 [LOGON] SamLogon: Network logon of LIVENT4DOMAIN\testuser01 from GORDIAN-FCB4FE1 Entered 08/09 14:45:04 [LOGON] SamLogon: Network logon of LIVENT4DOMAIN\testuser01 from GORDIAN-FCB4FE1 Returns 0x0 Naively, I'm guessing I want to configure Samba so that the session setup is the same as the NT4 i.e. Fall back to Authenticate2 but I honestly do not really know what any of this means and not finding much when searching the web. The NT4 PDC is SP6 and so I'm assuming it's using NTLMv2 which should be the same as Samba (have tried with ntlm auth = Yes and No is smb.conf but doesn't seem to make any diff to behaviour). tim From: Volker Lendecke volker.lende...@sernet.de To: Tim Wright ti...@gordian.co.uk Cc: samba@lists.samba.org Date: 05/08/2011 12:22 Subject:Re: [Samba] Domain trust between Samba 3.5.9 and Windows 2008 Active Directory crashes lsass.exe which makes AD Domain Controller reboot On Fri, Aug 05, 2011 at 11:47:57AM +0100, Tim Wright wrote: Have some more information on this - looking at a packet capture of traffic between the AD DC and the Samba PDC, the last packet it sends is a Session Setup AndX Request, NTLMSSP_AUTH message but the NTLM SSP bit of the packet has User and Domain set to NULL. Turned up the debug level on the samba side and see the following in the logs (sorry have include preamble to final message in case it's of any use in diagnosing the problem): This is definitely not your problem. Just a standard anonymous session setup. The problem must be MUCH later in the sniff. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen For further information on Gordian Knot Limited (Gordian) and/or Theta Corporation (Theta) please visit our website at http://www.gordian.co.uk or call +44 20 7290 9901. The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient of this e-mail you may not copy, forward, disclose or otherwise use any part of it or any attachment in any way or in any form whatsoever. If you have received this message in error, please notify the sender immediately by telephone or return e-mail and delete it and any attachment(s) from your system. Gordian is a company registered in England with company number 2853833 at the following address Lansdowne House, Berkeley Square, London, W1J 6AB, England. In accordance with the FSA's Rules Theta is Gordian's
Re: [Samba] 3.5.x on AIX 5.2
On 08/07/2011 09:35 AM, William E Jojo wrote: - Original Message - From: Tim Evanstkev...@tkevans.com To: tkev...@tkevans.com Cc: samba@lists.samba.org Sent: Friday, August 5, 2011 8:53:42 PM Subject: Re: [Samba] 3.5.x on AIX 5.2 On 07/31/2011 01:48 PM, Tim Evans wrote: I've been successfully building all the 3.4.x releases on AIX 5.2 with the configure command line of: # CC=gcc -g -D LINUX_SOURCE_COMPAT ./configure However, 3.5.x fails to build with the same configure args, reporting: Linking non-shared library bin/libaddns.a Linking non-shared library bin/libsmbclient.a make: Cannot find a rule to create target EXTRA_FLAGS from Just to be sure, there are no old libs on the build system? Which make are you using? If it's IBM's it will not interpret the Makefile as it should. You should really use GNU Make 3.81 at an absolute minimum. Also, just a warning that LINUX_SOURCE_COMPAT doesn't always work as one might expected since it turns off certain things that the C99 standard may want defined. Thanks, Bill; I was hoping to hear from you on this. I've solved my problem. Embarrassed to admit I had missed the instructions to run autogen.sh first (not sure when this got added), but I was running configure first. Had to upgrade autoconf and m4 first (this is a very old machine--no possibility of upgrading AIX from 5.2), but then autogen.sh ran ok. Then ran configure, without any arg's, and the package built without errors. Regards. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Domain trust between Samba 3.5.9 and Windows 2008 Active Directory crashes lsass.exe which makes AD Domain Controller reboot
(get_ntlm_challenge) challenge is: [2011/08/05 11:06:04.406730, 5] ../lib/util/util.c:278(_dump_data) [] 74 0C 51 36 68 7B 3F 72t.Q6h{?r [2011/08/05 11:06:04.407383, 5] lib/util.c:617(show_msg) [2011/08/05 11:06:04.407446, 5] lib/util.c:627(show_msg) size=264 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51203 smb_tid=65535 smb_pid=65279 smb_uid=100 smb_mid=64 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=0 (0x0) smb_vwv[ 2]=0 (0x0) smb_vwv[ 3]= 167 (0xA7) smb_bcc=221 [2011/08/05 11:06:04.409709, 6] smbd/process.c:1486(process_smb) got message type 0x0 of len 0xbc [2011/08/05 11:06:04.409835, 3] smbd/process.c:1489(process_smb) Transaction 2 of length 192 (0 toread) [2011/08/05 11:06:04.409948, 5] lib/util.c:617(show_msg) [2011/08/05 11:06:04.410006, 5] lib/util.c:627(show_msg) size=188 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=65535 smb_pid=65279 smb_uid=100 smb_mid=128 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=0 (0x0) smb_vwv[ 2]=16644 (0x4104) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]=0 (0x0) smb_vwv[ 5]=0 (0x0) smb_vwv[ 6]=0 (0x0) smb_vwv[ 7]= 125 (0x7D) smb_vwv[ 8]=0 (0x0) smb_vwv[ 9]=0 (0x0) smb_vwv[10]= 212 (0xD4) smb_vwv[11]=40960 (0xA000) smb_bcc=129 [2011/08/05 11:06:04.412256, 3] smbd/process.c:1298(switch_message) switch message SMBsesssetupX (pid 18499) conn 0x0 [2011/08/05 11:06:04.412370, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/08/05 11:06:04.412482, 5] auth/token_util.c:525(debug_nt_user_token) NT user token: (NULL) [2011/08/05 11:06:04.412596, 5] auth/token_util.c:551(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2011/08/05 11:06:04.412860, 5] smbd/uid.c:369(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2011/08/05 11:06:04.413027, 3] smbd/sesssetup.c:1458(reply_sesssetup_and_X) wct=12 flg2=0xc807 [2011/08/05 11:06:04.413135, 2] smbd/sesssetup.c:1413(setup_new_vc_session) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2011/08/05 11:06:04.413279, 3] smbd/sesssetup.c:1212(reply_sesssetup_and_X_spnego) Doing spnego session setup [2011/08/05 11:06:04.413446, 3] smbd/sesssetup.c:1254(reply_sesssetup_and_X_spnego) NativeOS=[] NativeLanMan=[] PrimaryDomain=[] [2011/08/05 11:06:04.413632, 3] libsmb/ntlmssp.c:747(ntlmssp_server_auth) Got user=[] domain=[] workstation=[LIVEDC] len1=1 len2=0 tim For further information on Gordian Knot Limited (Gordian) and/or Theta Corporation (Theta) please visit our website at http://www.gordian.co.uk or call +44 20 7290 9901. The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient of this e-mail you may not copy, forward, disclose or otherwise use any part of it or any attachment in any way or in any form whatsoever. If you have received this message in error, please notify the sender immediately by telephone or return e-mail and delete it and any attachment(s) from your system. Gordian is a company registered in England with company number 2853833 at the following address Lansdowne House, Berkeley Square, London, W1J 6AB, England. In accordance with the FSA's Rules Theta is Gordian's client. Gordian does not have a client relationship with any other person and does not owe regulatory duties to any other person under the Conduct of Business Rules or other parts of the FSA's Rules. Gordian is not responsible to you for providing the same protections as those afforded to Theta, or for providing advice in relation to investing in Theta. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] 3.5.x on AIX 5.2
On 07/31/2011 01:48 PM, Tim Evans wrote: I've been successfully building all the 3.4.x releases on AIX 5.2 with the configure command line of: # CC=gcc -g -D LINUX_SOURCE_COMPAT ./configure However, 3.5.x fails to build with the same configure args, reporting: Linking non-shared library bin/libaddns.a Linking non-shared library bin/libsmbclient.a make: Cannot find a rule to create target EXTRA_FLAGS from dependencies. Stop. What's needed to fix this? Thanks. Thought I'd bump this again, as there've been no replies. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] 3.5.x on AIX 5.2
I've been successfully building all the 3.4.x releases on AIX 5.2 with the configure command line of: # CC=gcc -g -D LINUX_SOURCE_COMPAT ./configure However, 3.5.x fails to build with the same configure args, reporting: Linking non-shared library bin/libaddns.a Linking non-shared library bin/libsmbclient.a make: Cannot find a rule to create target EXTRA_FLAGS from dependencies. Stop. What's needed to fix this? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Domain trust between Samba 3.5.9 and Windows 2008 Active Directory crashes lsass.exe which makes AD Domain Controller reboot
Hi Trying to set up a one way trust between a 2008 Active Directory domain and a Samba 3.5.9 server which is configured as a PDC. There is already an existing trust between AD and an NT4 domain so AD has been configured to support NTLM authentication (see below for full details). With no domain trust, using smbclient either anonymously or with a valid user on the DC (e.g. Administrator) works ok,. When a domain trust is created as follows: On samba server net rpc trustdom add AD password pdbedit -Lw ad\$ shows that the trust account is set up correctly (i.e. I appearing in the square brackets ) net rpc trustdom list shows the domain trust is ok On AD DC: Add new trust for the Samba domain in the normal way using the trust password above This validates ok. Now smbclient -U% still ok but smbclient -UAdministrator causes the DC to crash, When it comes back up, the following appears in the Application Eventlog: Log Name: Application Source:Application Error Date: 27/07/2011 16:25:07 Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User: N/A Computer: LIVEDC.ad.gordian.co.uk Description: Faulting application lsass.exe, version 6.0.6002.18005, time stamp 0x49e01c84, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e02d47, exception code 0x8003, fault offset 0x000348d8, process id 0x244, application start time 0x01cc41619f198970. Event Xml: Event xmlns=http://schemas.microsoft.com/win/2004/08/events/event; System Provider Name=Application Error / EventID Qualifiers=01000/EventID Level2/Level Task100/Task Keywords0x80/Keywords TimeCreated SystemTime=2011-07-27T15:25:07.000Z / EventRecordID17693/EventRecordID ChannelApplication/Channel ComputerLIVEDC.ad.gordian.co.uk/Computer Security / /System followed by Log Name: Application Source:Microsoft-Windows-Wininit Date: 27/07/2011 16:25:20 Event ID: 1015 Task Category: None Level: Error Keywords: Classic User: N/A Computer: LIVEDC.ad.gordian.co.uk Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code 255. The machine must now be restarted. Event Xml: Event xmlns=http://schemas.microsoft.com/win/2004/08/events/event; System Provider Name=Microsoft-Windows-Wininit Guid={206f6dea-d3c5-4d10-bc72-989f03c8b84b} EventSourceName=Wininit / EventID Qualifiers=491521015/EventID Version0/Version Level2/Level Task0/Task Opcode0/Opcode Keywords0x80/Keywords TimeCreated SystemTime=2011-07-27T15:25:20.000Z / EventRecordID17694/EventRecordID Correlation / Execution ProcessID=0 ThreadID=0 / ChannelApplication/Channel ComputerLIVEDC.ad.gordian.co.uk/Computer Security / /System EventData DataC:\Windows\system32\lsass.exe/Data Data255/Data /EventData /Event EventData Datalsass.exe/Data Data6.0.6002.18005/Data Data49e01c84/Data Datantdll.dll/Data Data6.0.6002.18005/Data Data49e02d47/Data Data8003/Data Data000348d8/Data Data244/Data Data01cc41619f198970/Data /EventData /Event Here's the smb.conf with comments stripped: [global] workgroup = CTGDOMAIN server string = Samba 3.5.9 Server PDC security = user hosts allow = 192.168.56. 192.168.153. 127. load printers = no log file = /opt/samba/var/log.%m max log size = 50 interfaces = e1000g0 lo* bind interfaces only = yes local master = yes domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U wins support = yes name resolve order = lmhosts wins hosts broadcast dns proxy = no add user script = /usr/sbin/useradd %u add group script = /usr/sbin/groupadd %g add machine script = /usr/sbin/useradd -g machines -c Machine -d /dev/null -s /bin/false %u delete user script = /usr/sbin/userdel %u delete user from group script = /usr/sbin/userdel %u %g delete group script = /usr/sbin/groupdel %g [homes] comment = Home Directories browseable = no writable = yes [netlogon] comment = Network Logon Service path = /opt/samba/lib/netlogon guest ok = yes writable = no share modes = no [Profiles] path = /opt/samba/profiles browseable = no guest ok = yes Has anyone else seen this issue or have any ideas about the best way to debug? thanks tim P.S. AD policy configuration Network access: Allow anonymous SID/Name translation ENABLED Network access: Do not allow anonymous enumeration of SAM accounts DISABLED Network access: Do not allow anonymous enumeration of SAM accounts and shares DISABLED Network access: Let Everyone permissions apply to anonymous users
[Samba] printing = cups issue ....
Using samba 3.4.9 and cups 1.4.3 I have printing = cups, but for some reason samba is not picking up the cups printers or creating the printers share. The problem is obviously this, from the samba logs: [2011/03/28 14:09:43, 0] printing/print_cups.c:103(cups_connect) Unable to connect to CUPS server localhost:631 - Connection refused However, cupsd is most certainly listening on localhost:631, and an lpstat -a -h localhost gives a list of printers. Why is samba not able to communicate with it? I've turned off all security measures (apparmor, etc.) but still no. Tim Kelley t...@c4tech.com 504-896-8234 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [idx-smbldap-tools ] smbldap-tools and joining workstation to domain RESOLVED
Thank you, thank you, thank you. The issue with not beeing able to join workstations to our Samba 3 domain without manually adding the Samba attributes to the LDAP directory with LAM has been a pain in the butt for months now. I found dozens of threads on the net started by Admins with the same problem and none of those threads ended in really resolving the issue. I have been updating Samba, fidelling with the smbldap-tools and pulling my hair to no avail. Finally I found this post from 2005 that resolved my issue. I tested with :~#getent passwd an it only listed my users. I added a line for my computers in /etc/libnss-ldap.conf an changed it from: nss_base_passwd ou=users,dc=test,dc=de?one nss_base_shadow ou=users,dc=test,dc=de?one nss_base_group ou=groups,dc=test,dc=de?one to: nss_base_passwd ou=users,dc=test,dc=de?one nss_base_passwd ou=computers,dc=test,dc=de?one nss_base_shadow ou=users,dc=test,dc=de?one nss_base_group ou=groups,dc=test,dc=de?one Now everything works just fine. Rhys Goodwin wrote: The script only adds the posix stuff, when you join the workstation the sambaSam entries are created by samba. BUT... Samba NEEDS to find a posix account with the name of the machine being joined. How are you doing user lookups on your posix side? If you use nss_ldap and you have a seperate ou in your directory for users and computers that could be where your problem is. i.e. if nss_ldap is set to look in ou=users,dc=test,dc=com for its posix userbase then if you do: :~#getent passwd then it will return only users it finds in that ou. So if your add machine script is creating users(machine accounts) in ou=computers,dc=test,dc=com then as far as posix is concerned there is no posix account for the new machine. Samba will not find a possix account and will not add the sambaSam entries and the join will fail. You have 2 options: 1.Add your user accounts and computer accounts to the same ou. 2. Tell nss_ldap to do sub tree searches of the parent ou. eg. set your base to dc=test,dc=com rather than ou=users,dc=test,dc=com This is how I understand it anyhow, I might be wrong, Im no smaba pro but I went for option 2. If anyone can shed some more light on this is or set me straight if Im wrong, please do. Cheers, Rhys -- View this message in context: http://samba.2283325.n4.nabble.com/smbldap-tools-and-joining-workstation-to-domain-tp2405892p3669378.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Linux-HA] Samba failover causes different UID's
On 2/28/2011 at 09:21 PM, Caspar Smit c.s...@truebit.nl wrote: Hi, I have two machines in a cluster and want to create a high available samba share that connects to active directory for user information. The storage is DRBD and the filesystem is XFS. I'm using pacemaker as cluster software and using the lsb:samba init script. I connected both machines to my Windows AD server and tested this using winbind. winbind -u gives me all AD users which seems fine. This works on both machines so everything looks ok. When I connect from a windows client to the samba share I don't need to enter credentials so that looks fine too. When I start to put some files on the share the correct credentials are used when I check with ls -al on the mountpoint in linux. So far so good. BUT when I do a failover to the other node the share is up but suddenly I cannot connect from the windows client anymore without entering credentials and when I check with ls -al on the mountpoint on the other machine it maps the existing files (which I put there when the share was running on the other node) suddenly with whole different UID's. Where is the mapping of UID's taking place and how can I fix this? Both systems lookup their user information from the same AD server, how can they still lookup different UID's when looking at the same server and files? Because by default Samba hands out UIDs on a first come first served basis. You need to configure a different UID mapping scheme. Have a look at idmap config and idmap backend in the smb.conf manpage. RID might be the easiest thing to set up (where Samba generates UIDs based on Windows SIDs). Configuring UNIX UIDs in some LDAP backend, or directly in AD via (RFC2307 or Services For UNIX or whatever it's called these days) might be better (you get to decide what the UIDs actually are, and this'll apparently work with multiple AD domains/trusted domains). HTH, Tim -- Tim Serong tser...@novell.com Senior Clustering Engineer, OPS Engineering, Novell Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Linux-HA] Samba failover causes different UID's
On 2/28/2011 at 10:39 PM, Tim Serong tser...@novell.com wrote: On 2/28/2011 at 09:21 PM, Caspar Smit c.s...@truebit.nl wrote: Hi, I have two machines in a cluster and want to create a high available samba share that connects to active directory for user information. The storage is DRBD and the filesystem is XFS. I'm using pacemaker as cluster software and using the lsb:samba init script. I connected both machines to my Windows AD server and tested this using winbind. winbind -u gives me all AD users which seems fine. This works on both machines so everything looks ok. When I connect from a windows client to the samba share I don't need to enter credentials so that looks fine too. When I start to put some files on the share the correct credentials are used when I check with ls -al on the mountpoint in linux. So far so good. BUT when I do a failover to the other node the share is up but suddenly I cannot connect from the windows client anymore without entering credentials and when I check with ls -al on the mountpoint on the other machine it maps the existing files (which I put there when the share was running on the other node) suddenly with whole different UID's. Where is the mapping of UID's taking place and how can I fix this? Both systems lookup their user information from the same AD server, how can they still lookup different UID's when looking at the same server and files? Because by default Samba hands out UIDs on a first come first served basis. You need to configure a different UID mapping scheme. Have a look at idmap config and idmap backend in the smb.conf manpage. RID might be the easiest thing to set up (where Samba generates UIDs based on Windows SIDs). Configuring UNIX UIDs in some LDAP backend, or directly in AD via (RFC2307 or Services For UNIX or whatever it's called these days) might be better (you get to decide what the UIDs actually are, and this'll apparently work with multiple AD domains/trusted domains). Oh, you probably also want to look at: http://linux-ha.org/wiki/Samba In particular the note about setting lock directory and private dir to some directory on your shared filesystem. Guess I'd better add the UID mapping stuff to that wiki page too... Regards, Tim -- Tim Serong tser...@novell.com Senior Clustering Engineer, OPS Engineering, Novell Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Managing win7 machines..
On 21/01/2011 2:41 AM, Collen Blijenberg wrote: I'm curious how others manage their windows 7 machines on a samba 3.x.x domain .. especial the part of policies and scripts. i got the win7 running in the samba domain, but i'm stuck in the policies part.. and i don't want to use nitrobit for this. how do other users do this.. ?! thx, Collen I played around with using WPKG to add policy stuff to the client registries. We were already using it to install software, so it was easy enough to fiddle with for me. It's probably not the tidiest option, but it works. TB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a10b341 Include misc.idl for policy_handle in srvsvc.idl. from 64e9f79 s3: fix the build of idmap_adex, idmap_tdb2, idmap_hash and several vfs modules. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a10b3416e558e16f82b80a0794485c1fcbda9371 Author: Tim Potter t...@samba.org Date: Mon Oct 18 07:54:31 2010 -0700 Include misc.idl for policy_handle in srvsvc.idl. Autobuild-User: Tim Potter t...@samba.org Autobuild-Date: Mon Oct 18 15:35:40 UTC 2010 on sn-devel-104 --- Summary of changes: librpc/idl/srvsvc.idl |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/srvsvc.idl b/librpc/idl/srvsvc.idl index 153d8cf..c49849e 100644 --- a/librpc/idl/srvsvc.idl +++ b/librpc/idl/srvsvc.idl @@ -3,7 +3,7 @@ /* srvsvc interface definitions */ -import security.idl, svcctl.idl; +import misc.idl, security.idl, svcctl.idl; [ uuid(4b324fc8-1670-01d3-1278-5a47bf6ee188), version(3.0), -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 391b24e Fix some warnings at higher -W levels in pidl generated code. from ba02178 util: Fix installation path of tevent_ntstatus.h, tevent_unix.h (bug 7720). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 391b24e3edcb3a291534d91fc999ef2fd1995f03 Author: Tim Potter t...@samba.org Date: Mon Oct 11 05:34:57 2010 -0600 Fix some warnings at higher -W levels in pidl generated code. Match data type for info levels to data type returned by utility functions. Autobuild-User: Tim Potter t...@samba.org Autobuild-Date: Mon Oct 11 12:18:22 UTC 2010 on sn-devel-104 --- Summary of changes: pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm |8 1 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm index c76ef6b..27e7a30 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm @@ -1686,7 +1686,7 @@ sub ParseUnionPushPrimitives() my $have_default = 0; - $self-pidl(int level = ndr_push_get_switch_value($ndr, $varname);); + $self-pidl(uint32_t level = ndr_push_get_switch_value($ndr, $varname);); if (defined($e-{SWITCH_TYPE})) { $self-pidl(NDR_CHECK(ndr_push_$e-{SWITCH_TYPE}($ndr, NDR_SCALARS, level));); @@ -1733,7 +1733,7 @@ sub ParseUnionPushDeferred() my $have_default = 0; - $self-pidl(int level = ndr_push_get_switch_value($ndr, $varname);); + $self-pidl(uint32_t level = ndr_push_get_switch_value($ndr, $varname);); if (defined($e-{PROPERTIES}{relative_base})) { # retrieve the current offset as base for relative pointers # based on the toplevel struct/union @@ -1792,7 +1792,7 @@ sub ParseUnionPrint($) my ($self,$e,$ndr,$name,$varname) = @_; my $have_default = 0; - $self-pidl(int level;); + $self-pidl(uint32_t level;); foreach my $el (@{$e-{ELEMENTS}}) { $self-DeclareArrayVariables($el); } @@ -1919,7 +1919,7 @@ sub ParseUnionPull() my ($self,$e,$ndr,$varname) = @_; my $switch_type = $e-{SWITCH_TYPE}; - $self-pidl(int level;); + $self-pidl(uint32_t level;); if (defined($switch_type)) { if (Parse::Pidl::Typelist::typeIs($switch_type, ENUM)) { $switch_type = Parse::Pidl::Typelist::enum_type_fn(getType($switch_type)-{DATA}); -- Samba Shared Repository
=?ISO-8859-1?Q?Automated Reply from Tim Oakley toak...@maury-imprimeur.fr?=
I will be on vacation until the 2nd August 2010. Urgent enquiries can be adressed to Jean Pierre CLEMOT at 0238323433 ** Je serai en conge jusqu'au 2 août 2010. En cas d'urgence, merci d'appeler Jean Pierre CLEMOT au 0238323433 PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7e49a58... s4 torture: Warn on NOT_IMPLEMENTED in addition to NOT_SUPPORTED for RAW-QFILEINFO from 2a0340b... s3:registry: remove unused function normalize_dbkey() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7e49a58ab9a66a709ee2a15d40db7c59bf55cbac Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Tue Jun 22 10:42:20 2010 -0700 s4 torture: Warn on NOT_IMPLEMENTED in addition to NOT_SUPPORTED for RAW-QFILEINFO Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source4/torture/raw/qfileinfo.c | 12 +--- 1 files changed, 9 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/qfileinfo.c b/source4/torture/raw/qfileinfo.c index 12897ef..54f1d12 100644 --- a/source4/torture/raw/qfileinfo.c +++ b/source4/torture/raw/qfileinfo.c @@ -278,8 +278,10 @@ static bool torture_raw_qfileinfo_internals(struct torture_context *torture, count++; } if (!levels[i].only_paths + (NT_STATUS_EQUAL(levels[i].fnum_status, + NT_STATUS_NOT_SUPPORTED) || NT_STATUS_EQUAL(levels[i].fnum_status, - NT_STATUS_NOT_SUPPORTED)) { + NT_STATUS_NOT_IMPLEMENTED))) { torture_warning(torture, fnum level %s %s, levels[i].name, nt_errstr(levels[i].fnum_status)); @@ -293,8 +295,10 @@ static bool torture_raw_qfileinfo_internals(struct torture_context *torture, } } else { if (!levels[i].only_paths + (NT_STATUS_EQUAL(levels[i].fnum_status, + NT_STATUS_NOT_SUPPORTED) || NT_STATUS_EQUAL(levels[i].fnum_status, - NT_STATUS_NOT_SUPPORTED)) { + NT_STATUS_NOT_IMPLEMENTED))) { torture_warning(torture, fnum level %s %s, levels[i].name, nt_errstr(levels[i].fnum_status)); @@ -302,8 +306,10 @@ static bool torture_raw_qfileinfo_internals(struct torture_context *torture, } if (!levels[i].only_handles + (NT_STATUS_EQUAL(levels[i].fname_status, + NT_STATUS_NOT_SUPPORTED) || NT_STATUS_EQUAL(levels[i].fname_status, - NT_STATUS_NOT_SUPPORTED)) { + NT_STATUS_NOT_IMPLEMENTED))) { torture_warning(torture, fname level %s %s, levels[i].name, nt_errstr(levels[i].fname_status)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c668b21... s4 torture: RAW-SFILEINFO display warning instead of error on unsupported info level from f570997... smbtorture: Fix missing includes. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c668b21cd6460e3baa12f8ef0375a58ee6b2d1d2 Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Thu Jan 21 18:18:03 2010 + s4 torture: RAW-SFILEINFO display warning instead of error on unsupported info level Also add a test to make sure setting the directory attribute is disallowed. Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source4/torture/raw/setfileinfo.c | 28 1 files changed, 24 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/setfileinfo.c b/source4/torture/raw/setfileinfo.c index 3b6de67..1973e7d 100644 --- a/source4/torture/raw/setfileinfo.c +++ b/source4/torture/raw/setfileinfo.c @@ -79,7 +79,11 @@ torture_raw_sfileinfo_base(struct torture_context *torture, struct smbcli_state sfinfo.generic.level = RAW_SFILEINFO_ ## call; \ sfinfo.generic.in.file.fnum = fnum; \ status = smb_raw_setfileinfo(cli-tree, sfinfo); \ - if (!NT_STATUS_EQUAL(status, rightstatus)) { \ + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { \ +torture_warning(torture, \ + (%s) %s - %s, __location__, #call, \ +nt_errstr(status)); \ +} else if (!NT_STATUS_EQUAL(status, rightstatus)) { \ printf((%s) %s - %s (should be %s)\n, __location__, #call, \ nt_errstr(status), nt_errstr(rightstatus)); \ ret = false; \ @@ -87,7 +91,11 @@ torture_raw_sfileinfo_base(struct torture_context *torture, struct smbcli_state finfo1.generic.level = RAW_FILEINFO_ALL_INFO; \ finfo1.generic.in.file.fnum = fnum; \ status2 = smb_raw_fileinfo(cli-tree, torture, finfo1); \ - if (!NT_STATUS_IS_OK(status2)) { \ + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { \ +torture_warning(torture, \ + (%s) %s - %s, __location__, #call, \ +nt_errstr(status)); \ +} else if (!NT_STATUS_IS_OK(status2)) { \ printf((%s) %s pathinfo - %s\n, __location__, #call, nt_errstr(status)); \ ret = false; \ }} while (0) @@ -102,7 +110,11 @@ torture_raw_sfileinfo_base(struct torture_context *torture, struct smbcli_state sfinfo.generic.in.file.path = path_fname_new; \ status = smb_raw_setpathinfo(cli-tree, sfinfo); \ } \ - if (!NT_STATUS_EQUAL(status, rightstatus)) { \ + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { \ +torture_warning(torture, \ + (%s) %s - %s, __location__, #call, \ +nt_errstr(status)); \ +} else if (!NT_STATUS_EQUAL(status, rightstatus)) { \ printf((%s) %s - %s (should be %s)\n, __location__, #call, \ nt_errstr(status), nt_errstr(rightstatus)); \ ret = false; \ @@ -114,7 +126,11 @@ torture_raw_sfileinfo_base(struct torture_context *torture, struct smbcli_state finfo1.generic.in.file.path = path_fname_new; \ status2 = smb_raw_pathinfo(cli-tree, torture, finfo1); \ } \ - if (!NT_STATUS_IS_OK(status2)) { \ + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { \ +torture_warning(torture, \ + (%s) %s - %s, __location__, #call, \ +nt_errstr(status)); \ +} else if (!NT_STATUS_IS_OK(status2)) { \ printf((%s) %s pathinfo - %s\n, __location__, #call, nt_errstr(status2)); \ ret = false; \ }} while (0) @@ -277,6 +293,10 @@ torture_raw_sfileinfo_base(struct torture_context *torture, struct smbcli_state CHECK_TIME(ALL_INFO, all_info, change_time, basetime + 400); CHECK_VALUE(ALL_INFO, all_info, attrib, FILE_ATTRIBUTE_NORMAL); + torture_comment(torture, try to change a file to a directory\n); + sfinfo.basic_info.in.attrib = FILE_ATTRIBUTE_DIRECTORY; + CHECK_CALL_FNUM(BASIC_INFO, NT_STATUS_INVALID_PARAMETER); + printf(a zero time means don't change\n); unix_to_nt_time(sfinfo.basic_info.in.create_time, 0); unix_to_nt_time(sfinfo.basic_info.in.access_time, 0); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6da4875... s4 torture: RAW-SEARCH: break out some of the old search levels via 2170a59... s4 torture: RAW-SEARCH: Only test supported info levels from a4a127e... s4-waf: Fix build of libldb_ildap against system ldb. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6da487580e9fac388ce3f3a2decaae03d5ae99a5 Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Tue Jun 15 11:21:34 2010 -0700 s4 torture: RAW-SEARCH: break out some of the old search levels * Added two new parameters: raw_search_search and raw_ea_size which can be enabled/disabled based on whether the server supports RAW_SEARCH_SEARCH and/or RAW_SEARCH_EA_SIZE levels * Skip unsupported levels from the server and give a warning rather than failing. Signed-off-by: Tim Prouty tpro...@samba.org commit 2170a59215d00554b97dc2053eeb6dde38ef3e97 Author: Tim Prouty tpro...@samba.org Date: Mon Jun 14 16:50:29 2010 -0700 s4 torture: RAW-SEARCH: Only test supported info levels --- Summary of changes: source4/torture/raw/search.c | 76 +++-- source4/torture/smbtorture.c |2 + source4/torture/smbtorture.h | 11 ++ 3 files changed, 78 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/search.c b/source4/torture/raw/search.c index 3951605..f5419dc 100644 --- a/source4/torture/raw/search.c +++ b/source4/torture/raw/search.c @@ -28,6 +28,23 @@ #define BASEDIR \\testsearch +#define CHECK_STATUS_LEVEL(__tctx, __status, __level, __supp) \ + do {\ + if (NT_STATUS_EQUAL(__status, \ + NT_STATUS_NOT_SUPPORTED) || \ + NT_STATUS_EQUAL(__status, \ + NT_STATUS_NOT_IMPLEMENTED)) { \ + torture_warning(__tctx, (%s) Info \ + level #__level is %s, \ + __location__, nt_errstr(__status)); \ + __supp = false; \ + } else {\ + torture_assert_ntstatus_ok_goto(__tctx, \ + __status, ret, done, #__level failed);\ + __supp = true; \ + } \ + } while (0) + /* callback function for single_search */ @@ -242,6 +259,8 @@ static bool test_one_file(struct torture_context *tctx, NTSTATUS status; int i; union smb_fileinfo all_info, alt_info, name_info, internal_info; + bool all_info_supported, alt_info_supported, name_info_supported, + internal_info_supported; union smb_search_data *s; fnum = create_complex_file(cli, tctx, fname); @@ -265,7 +284,8 @@ static bool test_one_file(struct torture_context *tctx, levels[i].data); /* see if this server claims to support this level */ - if ((cap levels[i].capability_mask) != levels[i].capability_mask) { + if (((cap levels[i].capability_mask) != levels[i].capability_mask) + || NT_STATUS_EQUAL(levels[i].status, NT_STATUS_NOT_SUPPORTED)) { printf(search level %s(%d) not supported by server\n, levels[i].name, (int)levels[i].level); continue; @@ -304,22 +324,26 @@ static bool test_one_file(struct torture_context *tctx, all_info.generic.level = RAW_FILEINFO_ALL_INFO; all_info.generic.in.file.path = fname; status = smb_raw_pathinfo(cli-tree, tctx, all_info); - torture_assert_ntstatus_ok(tctx, status, RAW_FILEINFO_ALL_INFO failed); + CHECK_STATUS_LEVEL(tctx, status, RAW_FILEINFO_ALL_INFO, + all_info_supported); alt_info.generic.level = RAW_FILEINFO_ALT_NAME_INFO; alt_info.generic.in.file.path = fname; status = smb_raw_pathinfo(cli-tree, tctx, alt_info); - torture_assert_ntstatus_ok(tctx, status, RAW_FILEINFO_ALT_NAME_INFO failed); + CHECK_STATUS_LEVEL(tctx, status, RAW_FILEINFO_ALT_NAME_INFO, + alt_info_supported); internal_info.generic.level = RAW_FILEINFO_INTERNAL_INFORMATION; internal_info.generic.in.file.path = fname; status = smb_raw_pathinfo(cli-tree, tctx, internal_info); - torture_assert_ntstatus_ok(tctx, status
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2977c65... s4 torture: RAW-WRITE should check lockread_supported from dd2fad0... SMB2 correctness fix. As we've already returned the credits in an interim response, don't add more in the final return. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2977c659ea1c2b647b8afd4c83cf82eac7e3ec2f Author: Zachary Loafman zachary.loaf...@isilon.com Date: Wed Nov 18 00:21:44 2009 + s4 torture: RAW-WRITE should check lockread_supported Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source4/torture/raw/write.c |5 + 1 files changed, 5 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/write.c b/source4/torture/raw/write.c index a1fde16..9a21611 100644 --- a/source4/torture/raw/write.c +++ b/source4/torture/raw/write.c @@ -243,6 +243,11 @@ static bool test_writex(struct torture_context *tctx, buf = talloc_zero_array(tctx, uint8_t, maxsize); + if (!cli-transport-negotiate.lockread_supported) { + printf(Server does not support writeunlock - skipping\n); + return true; + } + if (!torture_setup_dir(cli, BASEDIR)) { return false; } -- Samba Shared Repository
[Samba] SAMBA on OpenVMS
People, We are running SAMBA version 1-1 on OpenVMS 8.3-1h on integrity servers, we want to stop the domain (OpenVMS) from asking for account information when people try to access a share from another environment. We have the domain master defined on the server running SAMBA as NO. How can we stop the entry screen being displayed and asking for account login information, plus we have placed no password using pdedit on account in SAMBA security control file, this did not stop the entry screen being displayed requesting account name and password for the fileshare access to the defined samba fileshare. Regards, Tim Walsh -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] PHPLDAPAAdmin: SMB-Password not hashed
Hi, all there, first of all I like to introduce me cause this is my first post on this list: I am a networkadmin from Germany, struggling with Apple, Linux and Windows for a couple of years now ... I have occassionally worked with samba as a domain controller for three or four years now, but with systems windows 2000 / windows 2003 server / windows XP clients. I have successfully installed some samba-servers working as PDC, even with LDAP as smbpasswd-Backend. my question is a bit off-topic, but I found no useful help on the web: on our current project, I have installed a samba PDC with LDAP on Debian Lenny 5.0.4. there seems to be a bug in phldapadmin (the one shipping with Debian Lenny), because the smb-password is not longer hashed. when setting a new domainuser via phpldapadmin with the Samba 3 account-scheme, I can not log in to the domain. I have to do a smbpasswd user to get it work. when I use smbldap-useradd user smbldap-passwd user everything is working fine. I tried this on three different installations (with Debian Lenny 5.0.3 through 5.0.4), always the same problem. I have installed the mkntpwd-Tool (as in former installations), but it is not longer needed and I cant even choose it in the phpldapadmin/config-File because there is no longer such a file ... :-( I have installed all the perl-crypt-modules, tried it with different settings in the smb.conf: unix password sync = yes ldap password sync = yes but nothing helped. anyone else who has the same problem? any hints or maybe the solution? thany a lot in advance! tim-ole golz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Steps to move away parts away from samba?
hi, Mike, maybe it won´t be that helpful, but we are exactly on the opposite path ... why? because we are struggling with Windows since Windows NT (currently with 2008 Server), and there are LOTS of appointments as well. it happens that Microsoft is changing a config from 2k3 to 2k8, things are broken , not always working very well ... Samba, on the other hand, is an ever-ongoing battle, yes, but thats Windows server as well, and you dont have to pay the license fee for Samba. we are servicing some small and medium size companys, and many of the users are frustrated about Microsoft products, especially there where we introduced Vista. and Windows 2003 terminalserver is a horror! more specific: yes, you can activate AD in a windows 2008 server, and you can authenticate Unix machines at a ADS domain. but dont expect that everything will work very well or without searching fpor solutions and googling and messing around with hundreds of mouseclicks in the Microsoft configuration-menu-jungle ... greetings toag Am 19. mai 2010 um 17.29 schrieb Mike Eggleston: Morning, I like samba, but I'm tired of what I feel is fighting battles. I want to move the PDC portion of samba to an Active Directory server (I've been told AD is a part of Server 2008?). Would someone please list the steps for doing this? My rough idea so far is: - take an LDIF from OpenLDAP - install the server 2008 box - load the LDIF into AD - join the AD box to the samba domain - modify samba to look at AD instead of OpenLDAP - ... now I'm lost, is this done? - point all unix boxes from OpenLDAP to AD - turn off OpenLDAP After this migration my next migration is to move from Cyrus to Exchange. I hate to do this. I like Cyrus and don't like Microsoft. I'm a unix person, not a windows person. With one exception everyone here has windows on their desktop. I don't want to hack any more registery entries, or have people complain about permissions not being, or have users question where are these [dot] files in my home directory My company is a small software development shop and how has licenses as part of joining something inside Microsoft. I don't think they'll balk at this move. Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] home directory share definition for AD integration
I've currently got an installation of Samba 3.4.0 with AD integration in place, its all working correctly except for 1 case, the [homes] share. currently the share is defined as [homes] comment = Home Directories valid users = %S @CATS+Domain\ Admins @CATS+hazelmereusers read only = No browseable = Yes The share shows up in the network browser fine when navigating to \\serverip From a windows PC on the domain, accessing all static defined shares works without a hitch, however when attempting to access the homes share, I get given a login prompt which rejects users from the 2 groups with permissions for access. Is it possible to share the home directories in this way with AD domain users, and if so what's the correct syntax for configuring it? Thanks in advance for any assistance Cheers Tim Allingham -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Windows permissions on NTFS share mounted with NTFS-3g on linux
Hi all, I've been trying to get this to work for a while now but no luck... I have a NTFS formatted drive mounted using ntfs-3g on a linux computer. This drive is then shared using Samba. When I connect to the share from a windows machine and create new files their permissions are set for three users: Everyone, Root (unix user) and Root (unix group) but the actual user which created the file does not exits. My actual user name on windows is Tim Hattrell and on Linux tim. I have created a User Mapping File and placed in /mnt/NTFS_Files/.NTFS-3G/UserMapping to no avail. How do I get the permissions to map properly from Windows-Samba-ntfs-3g and back again? How can I tell if this is a Samba problem or an ntfs-3g problem? Here are some extracts from config files... smb.conf: [windows_files] path = /mnt/NTFS_Files/windows_files writeable = yes ;browseable = yes valid users = sarah, tim fstab: # Entry for /dev/mapper/isw_dfchagcefe_Volume11: UUID=57B736B4506A93C4 /mnt/NTFS_Files ntfs-3g defaults,locale=en_GB.utf8 0 2 Thanks in advance. Tim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Client access without asking password
Yassine AYACHI wrote: Hi All, I want to configure my samba [version 3.4.0] to permit access from windows clients without asking password, can any one propose me an example of configuration witch allows this, Thanks in advance, Yassine On one of my work boxes I have one of the following (I can't remember which and I'm not there): map to guest = bad user or map to guest = bad password This will make Samba access things as guest if they are not sending correct username/password. Remember that this will mean all users not already logged in will access shares as guest if guest is allowed in those shares. I specifically deny guest access to most shares on my work server to be sure I am preventing this. The few that need guest access deny write access to guest. TB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Noob (it seems) can't get XP client to join Samba Domain
Jim Christiansen wrote: I keep getting the error message: The following error occured attempting to join the domain ROOM101 The username could not be found Generally when I've seen that error, it was because the computer account wasn't being created for some reason. Have you checked your add machine script works? Remember machine account names end in a dollar sign ($), and some adduser programs don't like that. TB ** This message is intended for the addressee named and may contain privileged information or confidential information or both. If you are not the intended recipient please delete it and notify the sender. ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 57be1d0... s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open directories as files via 34f0cff... s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd with security=share from dc68982... s3:auth: don't update the bad pw count if pw is among last 2 history entries http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 57be1d07afc2a0725b79327636204a9238ab94aa Author: Tim Prouty tpro...@samba.org Date: Mon Jan 4 13:01:23 2010 -0800 s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open directories as files commit 34f0cff0664f1c160ee7442461e9f875e8d8f4dc Author: Tim Prouty tpro...@samba.org Date: Mon Jan 4 12:57:34 2010 -0800 s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd with security=share --- Summary of changes: source3/libsmb/cliconnect.c |5 + source4/torture/raw/open.c | 198 +++ 2 files changed, 203 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 31216b8..fa79ebc 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -1573,6 +1573,8 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx, char *tmp = NULL; uint8_t *bytes; + *psmbreq = NULL; + req = tevent_req_create(mem_ctx, state, struct cli_tcon_andx_state); if (req == NULL) { return NULL; @@ -1708,6 +1710,9 @@ struct tevent_req *cli_tcon_andx_send(TALLOC_CTX *mem_ctx, if (req == NULL) { return NULL; } + if (subreq == NULL) { + return req; + } status = cli_smb_req_send(subreq); if (!NT_STATUS_IS_OK(status)) { tevent_req_nterror(req, status); diff --git a/source4/torture/raw/open.c b/source4/torture/raw/open.c index 8c4311b..e37fd8e 100644 --- a/source4/torture/raw/open.c +++ b/source4/torture/raw/open.c @@ -1879,6 +1879,203 @@ done: return ret; } +/** + * Test what happens when trying to open a file with directory parameters and + * vice-versa. Also test that NTCREATEX_OPTIONS_DIRECTORY is treated as + * mandatory and FILE_ATTRIBUTE_DIRECTORY is advisory for directory + * creation/opening. + */ +static bool test_ntcreatexdir(struct torture_context *tctx, +struct smbcli_state *cli) +{ + union smb_open io; + union smb_fileinfo finfo; + const char *fname = BASEDIR \\torture_ntcreatex.txt; + const char *dname = BASEDIR \\torture_ntcreatex_dir; + NTSTATUS status, expected_status; + bool ret = true; + int i; + uint32_t access_mask = 0; + + struct { + uint32_t open_disp; + uint32_t file_attr; + uint32_t create_options; + NTSTATUS correct_status; + } open_funcs[] = { + { NTCREATEX_DISP_SUPERSEDE, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_INVALID_PARAMETER }, + { NTCREATEX_DISP_OPEN, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_OBJECT_NAME_NOT_FOUND }, + { NTCREATEX_DISP_CREATE,0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_OK }, + { NTCREATEX_DISP_OPEN_IF, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_OK }, + { NTCREATEX_DISP_OVERWRITE, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_INVALID_PARAMETER }, + { NTCREATEX_DISP_OVERWRITE_IF, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_INVALID_PARAMETER }, + { NTCREATEX_DISP_SUPERSEDE, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + { NTCREATEX_DISP_OPEN, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OBJECT_NAME_NOT_FOUND }, + { NTCREATEX_DISP_CREATE,FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + { NTCREATEX_DISP_OPEN_IF, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + { NTCREATEX_DISP_OVERWRITE, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OBJECT_NAME_NOT_FOUND }, + { NTCREATEX_DISP_OVERWRITE_IF, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + + }; + + if (!torture_setup_dir(cli, BASEDIR)) { + return false; + } + + /* setup some base params. */ + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED; + io.ntcreatex.in.root_fid.fnum = 0; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL; + io.ntcreatex.in.alloc_size = 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fd5350d... s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19 via 43a8b49... s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior via c33988c... s4 torture: Be more permissive with share modes for oplock testing via fd0c3a2... s4 torture: Do a better job of closing open files in RAW-OPLOCK. from 2a9c227... param: Fix build on systems without ldb installed. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fd5350de1f6c233b275b463a35eac48f85478337 Author: Tim Prouty tpro...@samba.org Date: Wed Dec 2 11:39:50 2009 -0800 s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19 commit 43a8b49f836fd22b85c0d028873a234319334076 Author: Tim Prouty tpro...@samba.org Date: Tue Dec 1 17:40:30 2009 -0800 s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior commit c33988c0404ec57fc595000f6dbb477b04e9346d Author: Tim Prouty tpro...@samba.org Date: Mon Dec 21 14:48:43 2009 -0800 s4 torture: Be more permissive with share modes for oplock testing Share modes are tested elsewhere, and there is currently an outstanding issue about share mode contention for nt-passthrough levels: http://lists.samba.org/archive/cifs-protocol/2009-December/001227.html commit fd0c3a226486eae63166a05d3746626f9f833693 Author: Tim Prouty tpro...@samba.org Date: Mon Dec 21 14:38:45 2009 -0800 s4 torture: Do a better job of closing open files in RAW-OPLOCK. --- Summary of changes: source4/torture/raw/oplock.c | 265 ++--- 1 files changed, 245 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/oplock.c b/source4/torture/raw/oplock.c index 78987e3..8bf3a2d 100644 --- a/source4/torture/raw/oplock.c +++ b/source4/torture/raw/oplock.c @@ -697,6 +697,176 @@ done: return ret; } +/** + * Exclusive version of batch19 + */ +static bool test_raw_oplock_exclusive7(struct torture_context *tctx, +struct smbcli_state *cli1, struct smbcli_state *cli2) +{ + const char *fname1 = BASEDIR \\test_exclusiv6_1.dat; + const char *fname2 = BASEDIR \\test_exclusiv6_2.dat; + const char *fname3 = BASEDIR \\test_exclusiv6_3.dat; + NTSTATUS status; + bool ret = true; + union smb_open io; + union smb_fileinfo qfi; + union smb_setfileinfo sfi; + uint16_t fnum=0; + uint16_t fnum2 = 0; + + if (!torture_setup_dir(cli1, BASEDIR)) { + return false; + } + + /* cleanup */ + smbcli_unlink(cli1-tree, fname1); + smbcli_unlink(cli1-tree, fname2); + smbcli_unlink(cli1-tree, fname3); + + smbcli_oplock_handler(cli1-transport, oplock_handler_ack_to_given, + cli1-tree); + + /* + base ntcreatex parms + */ + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid.fnum = 0; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE | NTCREATEX_SHARE_ACCESS_DELETE; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname1; + + torture_comment(tctx, open a file with an exclusive oplock (share + mode: none)\n); + ZERO_STRUCT(break_info); + io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | + NTCREATEX_FLAGS_REQUEST_OPLOCK; + status = smb_raw_open(cli1-tree, tctx, io); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + fnum = io.ntcreatex.out.file.fnum; + CHECK_VAL(io.ntcreatex.out.oplock_level, EXCLUSIVE_OPLOCK_RETURN); + + torture_comment(tctx, setpathinfo rename info should trigger a break + to none\n); + ZERO_STRUCT(sfi); + sfi.generic.level = RAW_SFILEINFO_RENAME_INFORMATION; + sfi.generic.in.file.path = fname1; + sfi.rename_information.in.overwrite = 0; + sfi.rename_information.in.root_fid = 0; + sfi.rename_information.in.new_name = fname2+strlen(BASEDIR)+1; + +status = smb_raw_setpathinfo(cli2-tree, sfi); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + + torture_wait_for_oplock_break(tctx); + CHECK_VAL(break_info.failures, 0); + + if (TARGET_IS_WINXP(tctx)) { + /* XP incorrectly breaks to level2. */ + CHECK_VAL(break_info.count, 1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via daa561d... s4 torture: Add test to show archive bit behavior with directories via 9b86923... s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3 from ea365af... Added freeing a successful req so it doesnt croud the ldb context http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit daa561d75ba64f8034cd529243a4e71219b01c6f Author: Zachary Loafman zachary.loaf...@isilon.com Date: Thu Dec 17 22:32:58 2009 + s4 torture: Add test to show archive bit behavior with directories Signed-off-by: Tim Prouty tpro...@samba.org commit 9b869230a724dc00ea21d00a222f4eb9396a385f Author: Tim Prouty tpro...@samba.org Date: Fri Dec 18 09:35:57 2009 -0800 s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3 --- Summary of changes: source4/torture/raw/setfileinfo.c | 153 + source4/torture/raw/streams.c |3 +- 2 files changed, 155 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/setfileinfo.c b/source4/torture/raw/setfileinfo.c index 42f4f32..1f8adfb 100644 --- a/source4/torture/raw/setfileinfo.c +++ b/source4/torture/raw/setfileinfo.c @@ -970,6 +970,158 @@ done: return ret; } +static bool +torture_raw_sfileinfo_archive(struct torture_context *tctx, +struct smbcli_state *cli) +{ + const char *fname = BASEDIR \\test_archive.dat; + NTSTATUS status; + bool ret = true; + union smb_open io; + union smb_setfileinfo sfinfo; + union smb_fileinfo finfo; + uint16_t fnum=0; + uint32_t access_mask = 0; + + if (!torture_setup_dir(cli, BASEDIR)) { + return false; + } + + /* cleanup */ + smbcli_unlink(cli-tree, fname); + + /* +* create a normal file, verify archive bit +*/ + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid.fnum = 0; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname; + io.ntcreatex.in.flags = 0; + status = smb_raw_open(cli-tree, tctx, io); + torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OK, + ret, done, open failed); + fnum = io.ntcreatex.out.file.fnum; + + torture_assert_int_equal(tctx, + io.ntcreatex.out.attrib ~FILE_ATTRIBUTE_NONINDEXED, + FILE_ATTRIBUTE_ARCHIVE, + archive bit not set); + + /* +* try to turn off archive bit +*/ + ZERO_STRUCT(sfinfo); + sfinfo.generic.level = RAW_SFILEINFO_BASIC_INFO; + sfinfo.generic.in.file.fnum = fnum; + sfinfo.basic_info.in.attrib = FILE_ATTRIBUTE_NORMAL; + status = smb_raw_setfileinfo(cli-tree, sfinfo); + torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OK, + ret, done, setfileinfo failed); + + finfo.generic.level = RAW_FILEINFO_ALL_INFO; + finfo.generic.in.file.fnum = fnum; + status = smb_raw_fileinfo(cli-tree, tctx, finfo); + torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OK, + ret, done, fileinfo failed); + + torture_assert_int_equal(tctx, + finfo.all_info.out.attrib ~FILE_ATTRIBUTE_NONINDEXED, + FILE_ATTRIBUTE_NORMAL, + archive bit set); + + status = smbcli_close(cli-tree, fnum); + torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OK, + ret, done, close failed); + + status = smbcli_unlink(cli-tree, fname); + torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OK, + ret, done, unlink failed); + + /* +* create a directory, verify no archive bit +*/ + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid.fnum = 0; + io.ntcreatex.in.access_mask = SEC_RIGHTS_DIR_ALL; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; + io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname; + io.ntcreatex.in.flags = 0; + status = smb_raw_open(cli-tree, tctx, io
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cfbf62d... s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file via c3582f9... s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle via f8bb5a6... s4 torture: Parameterize streams delete behavior rather than commenting out the check. via f02206d... s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode via 5c13a90... s4 torture: close handle instead of using exit from fbf4923... Update default with correct value. Add a note about Win7 behavior here. Jeremy. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cfbf62dbfd18465d1a3f699cd22a35f9303f87fe Author: Tim Prouty tpro...@samba.org Date: Thu Dec 17 13:42:24 2009 -0800 s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file commit c3582f923e6adf2f3332540b062a2f994aeb7122 Author: Tim Prouty tpro...@samba.org Date: Thu Dec 17 10:39:51 2009 -0800 s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle A normal file overwrite in this case would return NT_STATUS_ACCESS_DENIED, but if a stream is the target NT_STATUS_INVALID_PARAMETER is returned. commit f8bb5a60e71bd51971ef05a23037cac4523dee25 Author: Tim Prouty tpro...@samba.org Date: Wed Dec 16 14:31:54 2009 -0800 s4 torture: Parameterize streams delete behavior rather than commenting out the check. commit f02206d933c2952b9b9674b94290142f269248c5 Author: Tim Prouty tpro...@samba.org Date: Thu Dec 17 13:35:01 2009 -0800 s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode commit 5c13a90abebbd9f23c4e426b2f52c7440aa49586 Author: Tim Prouty tpro...@samba.org Date: Tue Dec 15 17:17:48 2009 -0800 s4 torture: close handle instead of using exit --- Summary of changes: source4/torture/raw/rename.c |2 +- source4/torture/raw/streams.c | 128 +++- 2 files changed, 125 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/rename.c b/source4/torture/raw/rename.c index 7c9d15b..187645f 100644 --- a/source4/torture/raw/rename.c +++ b/source4/torture/raw/rename.c @@ -305,7 +305,7 @@ static bool test_ntrename(struct torture_context *tctx, status = smb_raw_rename(cli-tree, io); CHECK_STATUS(status, NT_STATUS_SHARING_VIOLATION); - smb_raw_exit(cli-session); + smbcli_close(cli-tree, fnum); status = smb_raw_rename(cli-tree, io); CHECK_STATUS(status, NT_STATUS_OK); diff --git a/source4/torture/raw/streams.c b/source4/torture/raw/streams.c index c0cb64b..79cacff 100644 --- a/source4/torture/raw/streams.c +++ b/source4/torture/raw/streams.c @@ -607,9 +607,13 @@ static bool test_stream_delete(struct torture_context *tctx, status = smb_raw_fileinfo(cli-tree, tctx, finfo); CHECK_STATUS(status, NT_STATUS_OK); - /* w2k and w2k3 return 0 and w2k8 returns 1 - CHECK_VALUE(finfo.all_info.out.delete_pending, 0); - */ + + /* w2k and w2k3 return 0 and w2k8 returns 1 */ + if (TARGET_IS_WINXP(tctx) || TARGET_IS_W2K3(tctx)) { + CHECK_VALUE(finfo.all_info.out.delete_pending, 0); + } else { + CHECK_VALUE(finfo.all_info.out.delete_pending, 1); + } smbcli_close(cli-tree, fnum); @@ -711,6 +715,30 @@ static bool test_stream_names(struct torture_context *tctx, io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname; + + status = smb_raw_open(cli-tree, tctx, io); + CHECK_STATUS(status, NT_STATUS_OK); + fnum1 = io.ntcreatex.out.file.fnum; + + /* +* Make sure the create time of the streams are different from the +* base file. +*/ + sleep(2); + smbcli_close(cli-tree, fnum1); + + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid.fnum = 0; + io.ntcreatex.in.flags = 0; + io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.share_access = 0; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = sname1; status = smb_raw_open(cli-tree, tctx, io); @@ -1327,6 +1355,97 @@ static bool test_stream_rename2(struct torture_context
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5930f77... s4 torture: Convert RAW-OPEN to suite form via d732fb4... s4 torture: Add SHARE_DELETE to create_directory_handle from 7f95686... Fix release script to work with recent git versions http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5930f770d279a5aee2aed805b8732aafd9288c26 Author: Zach Loafman zachary.loaf...@isilon.com Date: Mon Dec 14 10:31:02 2009 -0800 s4 torture: Convert RAW-OPEN to suite form commit d732fb43a6ba6932b966ff382954e52a0489efda Author: Tim Prouty tpro...@samba.org Date: Mon Dec 14 17:00:43 2009 -0800 s4 torture: Add SHARE_DELETE to create_directory_handle Tests explicitly checking share modes should open the dir/file with the share mode they want to test. --- Summary of changes: source4/torture/raw/open.c | 180 source4/torture/raw/raw.c |2 +- source4/torture/util_smb.c |2 +- 3 files changed, 101 insertions(+), 83 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/open.c b/source4/torture/raw/open.c index adec6a9..8c4311b 100644 --- a/source4/torture/raw/open.c +++ b/source4/torture/raw/open.c @@ -157,7 +157,7 @@ static const char *rdwr_string(enum rdwr_mode m) /* test RAW_OPEN_OPEN */ -static bool test_open(struct smbcli_state *cli, struct torture_context *tctx) +static bool test_open(struct torture_context *tctx, struct smbcli_state *cli) { union smb_open io; union smb_fileinfo finfo; @@ -166,7 +166,9 @@ static bool test_open(struct smbcli_state *cli, struct torture_context *tctx) int fnum = -1, fnum2; bool ret = true; - torture_comment(tctx, Checking RAW_OPEN_OPEN\n); + if (!torture_setup_dir(cli, BASEDIR)) { + return false; + } io.openold.level = RAW_OPEN_OPEN; io.openold.in.fname = fname; @@ -259,7 +261,7 @@ static bool test_open(struct smbcli_state *cli, struct torture_context *tctx) done: smbcli_close(cli-tree, fnum); - smbcli_unlink(cli-tree, fname); + smbcli_deltree(cli-tree, BASEDIR); return ret; } @@ -268,7 +270,7 @@ done: /* test RAW_OPEN_OPENX */ -static bool test_openx(struct smbcli_state *cli, struct torture_context *tctx) +static bool test_openx(struct torture_context *tctx, struct smbcli_state *cli) { union smb_open io; union smb_fileinfo finfo; @@ -298,8 +300,9 @@ static bool test_openx(struct smbcli_state *cli, struct torture_context *tctx) { OPENX_OPEN_FUNC_TRUNC | OPENX_OPEN_FUNC_CREATE, false, NT_STATUS_OK }, }; - torture_comment(tctx, Checking RAW_OPEN_OPENX\n); - smbcli_unlink(cli-tree, fname); + if (!torture_setup_dir(cli, BASEDIR)) { + return false; + } io.openx.level = RAW_OPEN_OPENX; io.openx.in.fname = fname; @@ -494,8 +497,7 @@ static bool test_openx(struct smbcli_state *cli, struct torture_context *tctx) done: smbcli_close(cli-tree, fnum); - smbcli_unlink(cli-tree, fname_exe); - smbcli_unlink(cli-tree, fname); + smbcli_deltree(cli-tree, BASEDIR); return ret; } @@ -506,7 +508,7 @@ done: many thanks to kukks for a sniff showing how this works with os2-w2k */ -static bool test_t2open(struct smbcli_state *cli, struct torture_context *tctx) +static bool test_t2open(struct torture_context *tctx, struct smbcli_state *cli) { union smb_open io; union smb_fileinfo finfo; @@ -536,6 +538,10 @@ static bool test_t2open(struct smbcli_state *cli, struct torture_context *tctx) { OPENX_OPEN_FUNC_TRUNC | OPENX_OPEN_FUNC_CREATE, false, NT_STATUS_OK }, }; + if (!torture_setup_dir(cli, BASEDIR)) { + return false; + } + fnum = create_complex_file(cli, tctx, fname1); if (fnum == -1) { torture_result(tctx, TORTURE_FAIL, @@ -546,8 +552,6 @@ static bool test_t2open(struct smbcli_state *cli, struct torture_context *tctx) } smbcli_close(cli-tree, fnum); - torture_comment(tctx, Checking RAW_OPEN_T2OPEN\n); - io.t2open.level = RAW_OPEN_T2OPEN; io.t2open.in.flags = OPENX_FLAGS_ADDITIONAL_INFO; io.t2open.in.open_mode = OPENX_MODE_DENY_NONE | OPENX_MODE_ACCESS_RDWR; @@ -669,7 +673,7 @@ static bool test_t2open(struct smbcli_state *cli, struct torture_context *tctx) done: smbcli_close(cli-tree, fnum); - smbcli_unlink(cli-tree, fname); + smbcli_deltree(cli-tree, BASEDIR); return ret; } @@ -678,7 +682,7 @@ done: /* test RAW_OPEN_NTCREATEX */ -static bool test_ntcreatex(struct smbcli_state *cli, struct torture_context *tctx) +static bool test_ntcreatex(struct torture_context *tctx, struct
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b85f6f6... s4 torture: Add new RAW-SEARCH test to explore strange max count behavior via 8ba02d9... s4 torture: Update RAW-QFILEINFO to only test info levels that are supported by the server from 5930f77... s4 torture: Convert RAW-OPEN to suite form http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b85f6f63e6e957970f09acb2aab14e63d2661a22 Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Tue Dec 15 09:49:08 2009 -0800 s4 torture: Add new RAW-SEARCH test to explore strange max count behavior Signed-off-by: Tim Prouty tpro...@samba.org commit 8ba02d9ed9d1f6f330ed1f72d919bfa3869e37f5 Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Tue Dec 15 09:22:07 2009 -0800 s4 torture: Update RAW-QFILEINFO to only test info levels that are supported by the server Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source4/torture/raw/qfileinfo.c | 33 + source4/torture/raw/search.c| 75 +++ 2 files changed, 108 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/qfileinfo.c b/source4/torture/raw/qfileinfo.c index d21d1dc..85f9f1b 100644 --- a/source4/torture/raw/qfileinfo.c +++ b/source4/torture/raw/qfileinfo.c @@ -265,11 +265,26 @@ static bool torture_raw_qfileinfo_internals(struct torture_context *torture, if (is_ipc) { if (levels[i].expected_ipc_access_denied NT_STATUS_EQUAL(NT_STATUS_ACCESS_DENIED, levels[i].fname_status)) { + } else if (!levels[i].only_handles + NT_STATUS_EQUAL(levels[i].fname_status, + NT_STATUS_NOT_SUPPORTED)) { + torture_warning(torture, fname level %s %s, + levels[i].name, + nt_errstr(levels[i].fname_status)); + continue; } else if (!levels[i].only_handles !NT_STATUS_EQUAL(NT_STATUS_INVALID_DEVICE_REQUEST, levels[i].fname_status)) { printf(ERROR: fname level %s failed, expected NT_STATUS_INVALID_DEVICE_REQUEST - %s\n, levels[i].name, nt_errstr(levels[i].fname_status)); count++; } + if (!levels[i].only_paths + NT_STATUS_EQUAL(levels[i].fnum_status, + NT_STATUS_NOT_SUPPORTED)) { + torture_warning(torture, fnum level %s %s, + levels[i].name, + nt_errstr(levels[i].fnum_status)); + continue; + } if (!levels[i].only_paths !NT_STATUS_EQUAL(levels[i].expected_ipc_fnum_status, levels[i].fnum_status)) { printf(ERROR: fnum level %s failed, expected %s - %s\n, levels[i].name, nt_errstr(levels[i].expected_ipc_fnum_status), @@ -277,6 +292,24 @@ static bool torture_raw_qfileinfo_internals(struct torture_context *torture, count++; } } else { + if (!levels[i].only_paths + NT_STATUS_EQUAL(levels[i].fnum_status, + NT_STATUS_NOT_SUPPORTED)) { + torture_warning(torture, fnum level %s %s, + levels[i].name, + nt_errstr(levels[i].fnum_status)); + continue; + } + + if (!levels[i].only_handles + NT_STATUS_EQUAL(levels[i].fname_status, + NT_STATUS_NOT_SUPPORTED)) { +torture_warning(torture, fname level %s %s, + levels[i].name, + nt_errstr(levels[i].fname_status)); + continue; + } + if (!levels[i].only_paths !NT_STATUS_IS_OK(levels[i].fnum_status)) { printf(ERROR: fnum level %s failed - %s\n, levels[i].name, nt_errstr(levels[i].fnum_status)); diff --git a/source4/torture/raw/search.c b/source4/torture/raw/search.c index 74186e3..dec7da0 100644 --- a/source4/torture/raw/search.c +++ b/source4/torture/raw/search.c @@ -1376,7 +1376,81 @@ static bool
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4a19ada... smbtorture4: Add rpc-samba3-getaliasmembership-0 from 20bcdf8... s3: Fix _samr_GetAliasMembership for results with 0 rids http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4a19adadcc543f289f4f1c70e696153b488f79c6 Author: Volker Lendecke v...@samba.org Date: Tue Dec 15 17:49:24 2009 +0100 smbtorture4: Add rpc-samba3-getaliasmembership-0 --- Summary of changes: source4/torture/rpc/rpc.c |2 + source4/torture/rpc/samba3rpc.c | 60 +++ 2 files changed, 62 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c index 141a39e..3362bad 100644 --- a/source4/torture/rpc/rpc.c +++ b/source4/torture/rpc/rpc.c @@ -488,6 +488,8 @@ NTSTATUS torture_rpc_init(void) torture_suite_add_simple_test(suite, SAMBA3-SPOOLSS, torture_samba3_rpc_spoolss); torture_suite_add_simple_test(suite, SAMBA3-WKSSVC, torture_samba3_rpc_wkssvc); torture_suite_add_simple_test(suite, SAMBA3-WINREG, torture_samba3_rpc_winreg); + torture_suite_add_simple_test(suite, SAMBA3-GETALIASMEMBERSHIP-0, + torture_samba3_getaliasmembership_0); torture_rpc_drsuapi_tcase(suite); torture_rpc_drsuapi_cracknames_tcase(suite); torture_suite_add_suite(suite, torture_rpc_dssetup(suite)); diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index d439e1f..7cae8db 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -3541,3 +3541,63 @@ bool torture_samba3_regconfig(struct torture_context *torture) talloc_free(cli); return ret; } + +/* + * Test that even with a result of 0 rids the array is returned as a + * non-NULL pointer. Yes, XP does notice. + */ + +bool torture_samba3_getaliasmembership_0(struct torture_context *torture) +{ + struct dcerpc_pipe *p; + NTSTATUS status; + bool ret; + struct samr_Connect2 c; + struct samr_OpenDomain o; + struct dom_sid sid; + struct lsa_SidPtr ptr; + struct lsa_SidArray sids; + struct samr_GetAliasMembership g; + struct samr_Ids rids; + struct policy_handle samr, domain; + + status = torture_rpc_connection(torture, p, ndr_table_samr); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + c.in.system_name = NULL; + c.in.access_mask = SAMR_ACCESS_LOOKUP_DOMAIN; + c.out.connect_handle = samr; + status = dcerpc_samr_Connect2(p, torture, c); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + dom_sid_parse(S-1-5-32, sid); + o.in.connect_handle = samr; + o.in.access_mask = SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS; + o.in.sid = sid; + o.out.domain_handle = domain; + status = dcerpc_samr_OpenDomain(p, torture, o); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + dom_sid_parse(S-1-2-3-4-5, sid); + ptr.sid = sid; + sids.num_sids = 1; + sids.sids = ptr; + g.in.domain_handle = domain; + g.in.sids = sids; + g.out.rids = rids; + status = dcerpc_samr_GetAliasMembership(p, torture, g); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + if (rids.ids == NULL) { + /* This is the piece to test here */ + torture_warning(torture, + torture_samba3_getaliasmembership_0: + Server returns NULL rids array\n); + return false; + } + return true; +} -- Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch master updated
On Dec 8, 2009, at 4:50 AM, Stefan Metzmacher wrote: The branch, master has been updated via dd650ed... s4:selftest: skip SMB2-ACLS for now via 33ecfb0... s4:selftest: run RAW-STREAMS again via d3d2e39... RAW-STREAMS: convert failing tests to torture api from 1b6c444... spoolss: fix spoolss_DriverInfo8 IDL. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dd650edff2e1e5a22e9ba89a7bda811256a136b1 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 8 12:53:51 2009 +0100 s4:selftest: skip SMB2-ACLS for now metze commit 33ecfb05a4f6292cd60c4ceeacc4070bb31abccd Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 8 11:52:25 2009 +0100 s4:selftest: run RAW-STREAMS again metze commit d3d2e3988f07aa666cc1b9a0eb8f1f24f84f6952 Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 8 11:47:06 2009 +0100 RAW-STREAMS: convert failing tests to torture api This is needed as we want to mark failing tests as known failures. Metze, thank you for your help on this! I was really racking my brain last night trying to figure out why knownfail wasn't being honored. Is it the call to torture_result() that is doing the secret step to inform selftest? I'm guessing the context-last_result = result does the trick.
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 105eb95... s4 quicktest: exclude raw-streams from quicktest until bug is fixed via f717a79... s4 torture: Add a new torture:hide_on_access_denied parameter via f4aa47b... s4 torture: win 7 doesn't like the sequential_only flag for directories via d252d23... s4 torture: Port RAW-ACLS tests to SMB2 via 8ceb428... s4 torure: Add SMB2 utility functions via 1724273... s4 torture: RAW-ACL Improvements via 919440a... s4 torture: Convert RAW-STREAMS to a set of test suites rather than a monolithic test via 6bc8a2b... s4 torture: Update RAW-RENAME to pass against win7 via cd72301... s4 torture: Add a new RAW-STREAMS test to simulate the summary tab via 5d66d43... s4 torture: Fix the streams create disposition tests to actually return an error on failure from 47f5aac... s4/torture: add test for zero byte read contention with byte range locks http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 105eb95a57c48e0cb3cf69864e24e958ab2b3c59 Author: Tim Prouty tpro...@samba.org Date: Fri Dec 4 13:02:51 2009 -0800 s4 quicktest: exclude raw-streams from quicktest until bug is fixed commit f717a79eff334835eb33783adcbb261e126185d6 Author: Tim Prouty tpro...@samba.org Date: Fri Dec 4 16:07:35 2009 -0800 s4 torture: Add a new torture:hide_on_access_denied parameter It appears some newer versions of windows return NT_STATUS_OBJECT_NAME_NOT_FOUND on a createfile when access is denied rather than NT_STATUS_ACCESS_DENIED. I'm not sure how this translates to directory enumeration yet, but for now make this a parameter that can be checked in the various torture tests. This also gets RAW-ACLS and SMB2-CREATE passing against win7. commit f4aa47b5ab265b30a0708b72936e1bc26a793df6 Author: Tim Prouty tpro...@samba.org Date: Thu Aug 6 14:31:01 2009 -0700 s4 torture: win 7 doesn't like the sequential_only flag for directories Remove it for now commit d252d23ff15577e2c7049181b5b30692c4bcd6bc Author: Zack Kirsch zack.kir...@isilon.com Date: Sat Jul 4 16:16:23 2009 -0700 s4 torture: Port RAW-ACLS tests to SMB2 - The smblsa calls had to be commented out for now and should be fixed later, but they aren't crucial to the test. - The first two tests from RAW-ACLS were already ported to torture_smb2_setinfo() and test_create_acl(). Modifications were made similar to the RAW-ACLS changes. - test_sd_get_set() was ported, but does not pass against XP or Vista; it is not added to the SMB2-ACLS test suite. - printf - torture_comment / torture_warning / torture_result commit 8ceb428c5568bd690cb6811a0618f7866633705b Author: Zack Kirsch zack.kir...@isilon.com Date: Wed Jul 1 13:30:12 2009 -0700 s4 torure: Add SMB2 utility functions - Add a torture_setup_dir() equivalent in SMB2, called smb2_util_setup_dir(). - Add verify_sd() and verify_attrib() helper functions for SMB2. commit 1724273ab94269783ddbe367c5c9ec2bf690b70b Author: Zack Kirsch zack.kir...@isilon.com Date: Thu Jul 2 14:08:41 2009 -0700 s4 torture: RAW-ACL Improvements - Change RAW-ACLS test suite so each test can be run individually. - Add verify_sd() and verify_attrib() helper functions. - Change test_nttrans_create() to work for both files and directories. - Fix a segfault in test_inheritance() when the test errors out early. - test_sd_get_set() does not pass against XP or Vista, so it is no longer added to the RAW-ACLS test suite. - Minor fixes to test_inheritance(). - New INHERITFLAGS test, which tests the auto inheritance flags a bit more. - printf - torture_comment / torture_warning / torture_result commit 919440a2aa19b8e0eeb6387fea99dd049132b7dd Author: Tim Prouty tpro...@samba.org Date: Fri Dec 4 13:04:12 2009 -0800 s4 torture: Convert RAW-STREAMS to a set of test suites rather than a monolithic test commit 6bc8a2bf0a180c86c12f6ce9a587ab869ee91e2d Author: Tim Prouty tpro...@samba.org Date: Mon Oct 26 17:16:37 2009 -0700 s4 torture: Update RAW-RENAME to pass against win7 commit cd72301efa13f5c77a6d0e3e8f25330fbe62ed41 Author: Tim Prouty tpro...@samba.org Date: Mon Oct 26 17:17:45 2009 -0700 s4 torture: Add a new RAW-STREAMS test to simulate the summary tab commit 5d66d43667f9356b50dade6b5ed04b7a4fd2 Author: Tim Prouty tpro...@samba.org Date: Wed Oct 21 16:51:17 2009 -0700 s4 torture: Fix the streams create disposition tests to actually return an error on failure --- Summary of changes: source4/libcli/smb2/util.c |1 + source4/selftest/knownfail | 10 + source4/selftest/quick |2 +- source4/torture/raw/acls.c | 966 +++-- source4
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1bf825b... s4 torture: Cleanup RAW-ACLS a bit from 978dc61... s4-selftest: don't consider spoolss failures to be an error in s4 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1bf825b6f8df8b37816350ad670a5955025eb788 Author: Tim Prouty tpro...@samba.org Date: Mon Dec 7 17:19:30 2009 -0800 s4 torture: Cleanup RAW-ACLS a bit Don't check SEC_DESC_DACL_AUTO_INHERITED right now Disable RAW-ACLS-INHERITFLAGS for the short term Update samba4's knownfail accordingly --- Summary of changes: source4/selftest/knownfail |1 - source4/torture/raw/acls.c |6 -- 2 files changed, 4 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index 9d52df1..93a9f38 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -74,7 +74,6 @@ samba4.raw.streams.*.CREATEDISP samba4.raw.streams.*.SUMTAB samba4.raw.acls.*.CREATE_DIR samba4.raw.acls.*.CREATE_FILE -samba4.raw.acls.*.INHERITFLAGS samba4.smb2.create.*.ACLDIR samba4.smb2.acls.*.GENERIC samba4.smb2.acls.*.INHERITFLAGS diff --git a/source4/torture/raw/acls.c b/source4/torture/raw/acls.c index e34a901..82eaba4 100644 --- a/source4/torture/raw/acls.c +++ b/source4/torture/raw/acls.c @@ -82,7 +82,8 @@ static bool verify_sd(TALLOC_CTX *tctx, struct smbcli_state *cli, status = smb_raw_fileinfo(cli-tree, tctx, q); CHECK_STATUS(status, NT_STATUS_OK); - /* sd-type = ~SEC_DESC_DACL_AUTO_INHERITED; */ + /* More work is needed if we're going to check this bit. */ + sd-type = ~SEC_DESC_DACL_AUTO_INHERITED; CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd); } @@ -2447,7 +2448,8 @@ struct torture_suite *torture_raw_acls(TALLOC_CTX *mem_ctx) torture_suite_add_1smb_test(suite, GENERIC, test_generic_bits); torture_suite_add_1smb_test(suite, OWNER, test_owner_bits); torture_suite_add_1smb_test(suite, INHERITANCE, test_inheritance); - torture_suite_add_1smb_test(suite, INHERITFLAGS, test_inheritance_flags); + + /* torture_suite_add_1smb_test(suite, INHERITFLAGS, test_inheritance_flags); */ torture_suite_add_1smb_test(suite, DYNAMIC, test_inheritance_dynamic); /* XXX This test does not work against XP or Vista. torture_suite_add_1smb_test(suite, GETSET, test_sd_get_set); -- Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch master updated
On Dec 4, 2009, at 2:47 AM, Stefan (metze) Metzmacher wrote: Hi Tim, diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index e2ae2cf..37c9f6a 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -10,9 +10,7 @@ base.delete.*.deltest20a base.delete.*.deltest20b raw.rename.*.osxrename raw.rename.*.directory rename +raw.sfileinfo.*.END_OF_FILE rpc.winreg.*security samba4.local.registry.(dir|ldb).check hive security samba4.local.registry.local.security Unfortunately, I'm still seeing failures in source4 'make test'. Am I missing something simple? yes, it's END-OF-FILE not END_OF_FILE:-) Thanks for the followup. This should be fixed now as of: 5c857768d1415c4e70a9b7a96b8a9de1ec8efdee -Tim
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5c85776... s4 selftest/quicktest: Update known failures for the sfileinfo and oplock changes via 15e1c61... s4 torture: Add a new RAW-OPLOCK test: BATCH26 via 8f7e573... s4 torture: Close the third handle in RAW-OPLOCK-BATCH22 via 522d6bc... s4 torture: Convert an error to a warning in RAW-OPLOCK-BATCH22 via b14da4f... s4 torture: Add a few more windows target types via fc78326... s4 torture: Convert to a more modern version of read in RAW-OPLOCK-BATCH4 via af8b785... s4 torture: Allow some implementations to break from level1 to none with two breaks from 66c9687... Make sure we're not using the old smb_fname data. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5c857768d1415c4e70a9b7a96b8a9de1ec8efdee Author: Tim Prouty tpro...@samba.org Date: Thu Dec 3 17:01:53 2009 -0800 s4 selftest/quicktest: Update known failures for the sfileinfo and oplock changes Two new samba4 bugs have been filed for the two corresponding known failures. For the short term raw.sfileinfo had to be removed from quicktest. It is no longer an individual test, but a test-suite and quicktest can only run top level tests. commit 15e1c610273766a548a28b4d8731c6e9bad4496e Author: Tim Prouty tpro...@samba.org Date: Thu Dec 3 13:46:11 2009 -0800 s4 torture: Add a new RAW-OPLOCK test: BATCH26 Try a rename with a wide-open share mode on an already open file and the there is still share mode contention. For the reason why see: http://social.msdn.microsoft.com/Forums/en-US/os_fileservices/thread/3ca14dc9-da1f-4786-a8f7-a86e9903db0c Msft's anser: After further review, The reason for server to fail with sharing violation is that the windows server that executes a path-based rename request opens the file for DELETE access, but only with FILE_SHARED_READ as ShareAccess . Therefore, the existing open(frame 76), which has shared read/write/delete , is compatible with the Windows servers access mode (DELETE), but Windows servers open is not compatible with access mode in existing open. Note that it is correct to state that the logic in Windows server could have been written to allow shared read/write/delete in which case it would succeed as you mention. The behavior here is historical based on the existing implementation. commit 8f7e5732ef3accd833906276f4a13891bac26726 Author: Tim Prouty tpro...@samba.org Date: Thu Dec 3 13:16:18 2009 -0800 s4 torture: Close the third handle in RAW-OPLOCK-BATCH22 commit 522d6bc58891b8c25e935bcee3206f03c8ab73cb Author: Tim Prouty tpro...@samba.org Date: Wed Dec 2 18:39:05 2009 -0800 s4 torture: Convert an error to a warning in RAW-OPLOCK-BATCH22 Some servers choose to mark a client as bad if they fail an oplock break request by timing out (win7 is an example). Once the client is marked as bad, future oplock requests will timeout instantly. This causes subsequent runs of this test to fail, so rather than erroring out as a failure, a warning is printed instead. There is also a bug in w2k3 where it was incorrectly returning contending a share mode lock. It worked in XP and has been re-fixed in win7. This can also now be run against samba3. commit b14da4f7c54e88e615f2bb19bec43bacb7f11de8 Author: Tim Prouty tpro...@samba.org Date: Tue Dec 1 16:27:10 2009 -0800 s4 torture: Add a few more windows target types commit fc7832602d149dee61ff003902bc5f54cd0de0f2 Author: Tim Prouty tpro...@samba.org Date: Fri Nov 20 11:25:43 2009 -0800 s4 torture: Convert to a more modern version of read in RAW-OPLOCK-BATCH4 commit af8b7857ca4b9f81d2240d2592c4d02893b04f76 Author: Tim Prouty tpro...@samba.org Date: Tue Dec 1 15:29:00 2009 -0800 s4 torture: Allow some implementations to break from level1 to none with two breaks --- Summary of changes: source4/selftest/knownfail |2 + source4/selftest/quick |1 - source4/torture/raw/oplock.c | 186 -- source4/torture/smbtorture.c |6 ++ source4/torture/smbtorture.h |6 ++ source4/torture/util.h |2 + 6 files changed, 176 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index 56bf718..b9d40f2 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -65,3 +65,5 @@ samba4.base.createx_access # this test is broken for non-administrator users samba4.smb2.oplock # oplocks in the s4 SMB2 server are a mess samba4.raw.lock.*.async # bug 6960 samba4.smb2.lock.*.MULTIPLE-UNLOCK # bug 6959 +samba4.raw.sfileinfo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4f6d5d0... s4 torture: Convert create_complex_file to use BASIC_INFO instead of deprecated command via 3507350... s4 torture: Fix call to smbcli_open via a3df55b... s4 torture: Make RAW-SEARCH pass against win7 via 2dc5bd1... s4 torture: Parameterize WRITE_AND_CLOSE support via f26a500... s4 torture: Add lockread_supported based off of CAP_LOCK_AND_READ via 5882282... s4 torture: Allow READ to be parameterized, add more readx tests via 60d9828... s4-torture: Allow the legacy DENY_FCB/DENY_DOS share modes to be ignored from 5c85776... s4 selftest/quicktest: Update known failures for the sfileinfo and oplock changes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4f6d5d0b865a077185e2441d401709325c3e7304 Author: Zachary Loafman zachary.loaf...@isilon.com Date: Tue Nov 24 23:42:56 2009 + s4 torture: Convert create_complex_file to use BASIC_INFO instead of deprecated command Signed-off-by: Tim Prouty tpro...@samba.org commit 3507350ad24643336b392befc52af493098638b9 Author: Zachary Loafman zachary.loaf...@isilon.com Date: Wed Nov 18 22:42:31 2009 + s4 torture: Fix call to smbcli_open Signed-off-by: Tim Prouty tpro...@samba.org commit a3df55b26f6afaab4364cb96efb121a3f8fa2c82 Author: Zachary Loafman zachary.loaf...@isilon.com Date: Wed Nov 18 00:29:23 2009 + s4 torture: Make RAW-SEARCH pass against win7 Signed-off-by: Tim Prouty tpro...@samba.org commit 2dc5bd19d42f31e3d9f54108bd147c4371634a50 Author: Zachary Loafman zachary.loaf...@isilon.com Date: Wed Nov 18 00:29:21 2009 + s4 torture: Parameterize WRITE_AND_CLOSE support Signed-off-by: Tim Prouty tpro...@samba.org commit f26a500d9ff854734decdcb196136dc8cc19eb4a Author: Zachary Loafman zachary.loaf...@isilon.com Date: Tue Nov 17 23:25:58 2009 + s4 torture: Add lockread_supported based off of CAP_LOCK_AND_READ Signed-off-by: Tim Prouty tpro...@samba.org commit 5882282deaf3ce06c18fe2102f7f8dcc6e79b409 Author: Zachary Loafman zachary.loaf...@isilon.com Date: Mon Nov 16 21:13:26 2009 + s4 torture: Allow READ to be parameterized, add more readx tests Signed-off-by: Tim Prouty tpro...@samba.org commit 60d9828ade304dc7aa9b01f1be1dfea86b04248e Author: Zachary Loafman zachary.loaf...@isilon.com Date: Mon Nov 9 18:32:06 2009 + s4-torture: Allow the legacy DENY_FCB/DENY_DOS share modes to be ignored Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source4/libcli/raw/libcliraw.h|1 + source4/libcli/raw/rawnegotiate.c |3 ++ source4/torture/basic/denytest.c | 20 source4/torture/raw/lookuprate.c |2 +- source4/torture/raw/read.c| 36 +++- source4/torture/raw/search.c | 11 +++- source4/torture/raw/write.c | 10 source4/torture/smbtorture.c | 13 ++ source4/torture/smbtorture.h | 22 + source4/torture/util_smb.c| 46 + 10 files changed, 139 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/libcli/raw/libcliraw.h b/source4/libcli/raw/libcliraw.h index 37e158a..69de33c 100644 --- a/source4/libcli/raw/libcliraw.h +++ b/source4/libcli/raw/libcliraw.h @@ -65,6 +65,7 @@ struct smbcli_negotiate { time_t server_time; uint_t readbraw_supported:1; uint_t writebraw_supported:1; + uint_t lockread_supported:1; char *server_domain; }; diff --git a/source4/libcli/raw/rawnegotiate.c b/source4/libcli/raw/rawnegotiate.c index dedc891..67f3bfa 100644 --- a/source4/libcli/raw/rawnegotiate.c +++ b/source4/libcli/raw/rawnegotiate.c @@ -152,6 +152,9 @@ NTSTATUS smb_raw_negotiate_recv(struct smbcli_request *req) transport-negotiate.readbraw_supported = true; transport-negotiate.writebraw_supported = true; } + + if (transport-negotiate.capabilities CAP_LOCK_AND_READ) + transport-negotiate.lockread_supported = true; } else if (transport-negotiate.protocol = PROTOCOL_LANMAN1) { SMBCLI_CHECK_WCT(req, 13); transport-negotiate.sec_mode = SVAL(req-in.vwv,VWV(1)); diff --git a/source4/torture/basic/denytest.c b/source4/torture/basic/denytest.c index a2ad5e6..501647e 100644 --- a/source4/torture/basic/denytest.c +++ b/source4/torture/basic/denytest.c @@ -1439,6 +1439,16 @@ bool torture_denytest1(struct torture_context *tctx, progress_bar(tctx, i, ARRAY_SIZE(denytable1)); + if (!torture_setting_bool(tctx, deny_fcb_support, true
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ae64978... s3: Fix smbd to correctly return INVALID_LEVEL on set_file_end_of_file_info for paths via 4e8b6c5... s4 torture: Change oplock to use passthrough for exclusive3/batch11 via 5035a90... s4 torture: Update RAW-SFILEINFO-END-OF-FILE to test some additional corner cases via 5a934fd... Revert s4 torture: Allow onefs to be checked like samba3 and samba4 via 66bf780... s4 torture: Change RAW-SFILEINFO-END-OF-FILE to check for share modes by default via 2738e31... s4 torture: Move target macros to a common header instead of redefining them in multiple files from 9d8867f... s3:build: fix detection of CTDB headers on systems without system-libtalloc http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ae649782df6e22c8e1922aaa03c248e5af68a036 Author: Tim Prouty tpro...@samba.org Date: Tue Dec 1 10:47:08 2009 -0800 s3: Fix smbd to correctly return INVALID_LEVEL on set_file_end_of_file_info for paths This allows smbd to pass the freshly updated RAW-SFILEINFO-END-OF-FILE torture test. commit 4e8b6c5992494e1177cd98e47d96498a259b9056 Author: Tim Prouty tpro...@samba.org Date: Mon Nov 30 16:43:00 2009 -0800 s4 torture: Change oplock to use passthrough for exclusive3/batch11 In light of the INVALID_LEVEL that is seen for RAW_SFILEINFO_END_OF_FILE_INFO requests on a path, I'm changing these back to using the passthrough RAW_SFILEINFO_END_OF_FILE_INFORMATION to test the oplock break behavior as originally intended commit 5035a900051c7946346d4e8b32e8f13f802ce5be Author: Tim Prouty tpro...@samba.org Date: Mon Nov 30 11:59:19 2009 -0800 s4 torture: Update RAW-SFILEINFO-END-OF-FILE to test some additional corner cases It turns out setting the end-of-file with Trans2SetPathInfo using the snia spec's info level will attempt to open the file, enforcing share modes, but then subsequentlys fail the setpathinfo with a dos error of INVALID_LEVEL. Doing a Trans2SetFileInfo with either end-of-file info level succeeds as expected. commit 5a934fd8da61196d829a601a85b9871b226239d4 Author: Tim Prouty tpro...@samba.org Date: Wed Nov 25 14:26:18 2009 -0800 Revert s4 torture: Allow onefs to be checked like samba3 and samba4 This reverts commit 98f595036e196dd61340fef0faf63ca762a25307. No longer necessary commit 66bf780e6edac110b85d2a0d08d01274fe7417bd Author: Tim Prouty tpro...@samba.org Date: Wed Nov 25 14:40:54 2009 -0800 s4 torture: Change RAW-SFILEINFO-END-OF-FILE to check for share modes by default Since the windows behavior appears to be a bug, only check for the windows-style share mode bug if target=windows variant is specified commit 2738e316746b078899dd30e07665d8e7b515581e Author: Tim Prouty tpro...@samba.org Date: Wed Nov 25 14:38:55 2009 -0800 s4 torture: Move target macros to a common header instead of redefining them in multiple files --- Summary of changes: source3/smbd/trans2.c | 31 -- source4/torture/raw/lock.c|5 -- source4/torture/raw/oplock.c |4 +- source4/torture/raw/setfileinfo.c | 129 ++--- source4/torture/smb2/create.c |2 - source4/torture/smbtorture.c |1 - source4/torture/util.h|8 ++ 7 files changed, 142 insertions(+), 38 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 2892e26..5f50b64 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -5538,7 +5538,8 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, files_struct *fsp, const struct smb_filename *smb_fname, const SMB_STRUCT_STAT *psbuf, - SMB_OFF_T size) + SMB_OFF_T size, + bool fail_after_createfile) { NTSTATUS status = NT_STATUS_OK; struct smb_filename *smb_fname_tmp = NULL; @@ -5598,6 +5599,12 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, return status; } + /* See RAW-SFILEINFO-END-OF-FILE */ + if (fail_after_createfile) { + close_file(req, new_fsp,NORMAL_CLOSE); + return NT_STATUS_INVALID_LEVEL; + } + if (vfs_set_filelen(new_fsp, size) == -1) { status = map_nt_error_from_unix(errno); close_file(req, new_fsp,NORMAL_CLOSE); @@ -6474,7 +6481,8 @@ static NTSTATUS smb_set_file_end_of_file_info(connection_struct *conn, const char *pdata, int
Re: [SCM] Samba Shared Repository - branch master updated
Hi Metze, Thank you for the response! On Nov 26, 2009, at 4:24 AM, Stefan (metze) Metzmacher wrote: Hi Tim, I would like to solicit some help from a selftest/samba 4 expert on how to get selftest working with this recent commit. The reason is that we use smbtorture --list in source4/selftest/ tests.sh and --list only outputs the first 2 levels of torture suites nesting. So we just pass RAW-SFILEINFO to smbtorture, which means it runs all subtests. Ok, if I'm understanding you correctly, there is no easy way to keep raw-sfileinfo in the quick list and only run a subtest. I wanted to avoid removing it, but it sounds like it may be the best option at this point. As we're getting this in make test now: UNEXPECTED(failure): samba4.raw.sfileinfo (dc).END-OF-FILE command: ./bin/smbtorture --configfile=$SMB_CONF_PATH --maximum-runtime=1200 --target=samba4 --basedir=/home/metze/tmp/st-master4/s4client --option=torture:progress=no --format=subunit //$SERVER/tmp -U$USERNAME%$PASSWORD --option=torture:sharedelay=1 --option=torture:oplocktimeout=3 --option=torture:writetimeupdatedelay=5 RAW-SFILEINFO ERROR: Testsuite[samba4.raw.sfileinfo (dc)] REASON: Exit code was 1 we should add something like raw.sfileinfo.*.END-OF-FILE to source4/selftest/knownfail I've been attempting to do that with: diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index e2ae2cf..37c9f6a 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -10,9 +10,7 @@ base.delete.*.deltest20a base.delete.*.deltest20b raw.rename.*.osxrename raw.rename.*.directory rename +raw.sfileinfo.*.END_OF_FILE rpc.winreg.*security samba4.local.registry.(dir|ldb).check hive security samba4.local.registry.local.security Unfortunately, I'm still seeing failures in source4 'make test'. Am I missing something simple?
Re: [Samba] LDAP instructions failing
On 28/11/2009 8:02 AM, jeff sacksteder wrote: I'm following along in the instructions for migrating from a NT4 PDC to a ldapsam configuration. When I get to step 13, getent does not show the new users and groups in ldap. I can view my directory with a LDAP browser and see the entries, but I notice that root and nobody are inetorgpersons and not posixaccounts. Not sure if this is a problem or if there's an issue with nss. Where have I gone wrong? Problem is likely with nss. Mismatched basedn or wrong ou name can easily cause them to not show in getent. TB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 17caf63... s3 selftest: Add RAW-SFILEINFO-END-OF-FILE to selftest via af610a6... s3 setfileinfo: Open with FILE_WRITE_DATA when setting the file size via b6f9722... s4 torture: Change RAW-OPLOCK to use the documented version of SET_END_OF_FILE_INFO via 98f5950... s4 torture: Allow onefs to be checked like samba3 and samba4 via 6074a05... s4 torture: Add two new setfileinfo tests via ce9ac3a... s4 torture: Split up the torture suite setup for RAW-SFILEINFO from 56eca75... The start of a WHATSNEW for Samba4 alpha9 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 17caf63640b344aec304eca9cc527f32f88ae308 Author: Tim Prouty tpro...@samba.org Date: Wed Nov 25 08:15:31 2009 -0800 s3 selftest: Add RAW-SFILEINFO-END-OF-FILE to selftest commit af610a6f263994e7a0ded8acf0fa9237d5b7d366 Author: Tim Prouty tpro...@samba.org Date: Tue Nov 24 16:48:16 2009 -0800 s3 setfileinfo: Open with FILE_WRITE_DATA when setting the file size This matches what is outlined here: http://msdn.microsoft.com/en-us/library/ms804363.aspx This is also inline with how winXP/win7 handle this. See RAW-SFILEINFO-END-OF-FILE* in smbtorture4. commit b6f97f271263f68cf5ead8bb0daca08158fa Author: Tim Prouty tpro...@samba.org Date: Wed Nov 25 08:03:36 2009 -0800 s4 torture: Change RAW-OPLOCK to use the documented version of SET_END_OF_FILE_INFO The passtrhough version of SET_END_OF_FILE_INFO is tested in RAW-SFILEINFO-END-OF-FILE. Additionally, the first opener is changed to use SHARE_WRITE for the share mode since SET_END_OF_FILE_INFO actually writes data to the file via truncating/extending. commit 98f595036e196dd61340fef0faf63ca762a25307 Author: Tim Prouty tpro...@samba.org Date: Wed Nov 25 08:17:13 2009 -0800 s4 torture: Allow onefs to be checked like samba3 and samba4 This is needed for the new RAW-SFILEINFO-END-OF-FILE test to differentiate what appears to be a windows bug. commit 6074a058df3e637ad5eb333b278d89cd1be5a8c0 Author: Tim Prouty tpro...@samba.org Date: Tue Nov 24 16:29:19 2009 -0800 s4 torture: Add two new setfileinfo tests These tests expose a potential bug in winXP, win7, and likely others. There is also a bug in samba where share modes aren't being enforced where they should. For more details see: http://lists.samba.org/archive/cifs-protocol/2009-November/001130.html commit ce9ac3a685e2a23b30952bf20dbe3f9bf24dfaaa Author: Tim Prouty tpro...@samba.org Date: Tue Nov 24 16:25:02 2009 -0800 s4 torture: Split up the torture suite setup for RAW-SFILEINFO A side effect of this change is that RAW-SFILEINFO now runs the whole suite instead of just the first test. I changed the name of the first test to RAW-SFILEINFO-BASE and changed all of the selftest scripts that call it. --- Summary of changes: source3/script/tests/test_posix_s3.sh |6 +- source3/smbd/trans2.c |2 +- source4/selftest/test_w2k3_file.sh|2 +- source4/selftest/win/wintest_raw.sh |2 +- source4/torture/raw/oplock.c |8 +- source4/torture/raw/raw.c |5 +- source4/torture/raw/setfileinfo.c | 217 - source4/torture/smbtorture.c |1 + 8 files changed, 223 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_posix_s3.sh b/source3/script/tests/test_posix_s3.sh index 11fe247..60ed3e4 100755 --- a/source3/script/tests/test_posix_s3.sh +++ b/source3/script/tests/test_posix_s3.sh @@ -32,10 +32,10 @@ base=$base BASE-XCOPY BASE-SAMBA3ERROR raw=RAW-ACLS RAW-CHKPATH RAW-CLOSE RAW-COMPOSITE RAW-CONTEXT RAW-EAS raw=$raw RAW-IOCTL RAW-LOCK RAW-MKDIR RAW-MUX RAW-NOTIFY RAW-OPEN RAW-OPLOCK raw=$raw RAW-QFILEINFO RAW-QFSINFO RAW-READ RAW-RENAME RAW-SEARCH RAW-SEEK -raw=$raw RAW-SFILEINFO RAW-SFILEINFO-BUG RAW-STREAMS RAW-UNLINK RAW-WRITE +raw=$raw RAW-SFILEINFO-BASE RAW-SFILEINFO-BUG RAW-STREAMS RAW-UNLINK RAW-WRITE raw=$raw RAW-SAMBA3HIDE RAW-SAMBA3BADPATH RAW-SFILEINFO-RENAME raw=$raw RAW-SAMBA3CASEINSENSITIVE RAW-SAMBA3POSIXTIMEDLOCK -raw=$raw RAW-SAMBA3ROOTDIRFID +raw=$raw RAW-SAMBA3ROOTDIRFID RAW-SFILEINFO-END-OF-FILE rpc=RPC-AUTHCONTEXT RPC-BINDSAMBA3 RPC-SAMBA3-SRVSVC RPC-SAMBA3-SHARESEC rpc=$rpc RPC-SAMBA3-SPOOLSS RPC-SAMBA3-WKSSVC @@ -67,7 +67,7 @@ skipped=BASE-CHARSET BASE-TCONDEV skipped=$skipped RAW-ACLS RAW-COMPOSITE RAW-CONTEXT skipped=$skipped RAW-IOCTL skipped=$skipped RAW-QFILEINFO RAW-QFSINFO -skipped=$skipped RAW-SFILEINFO +skipped=$skipped RAW-SFILEINFO-BASE echo WARNING: Skipping tests $skipped diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index
Re: [SCM] Samba Shared Repository - branch master updated
On Nov 25, 2009, at 8:49 AM, Tim Prouty wrote: The branch, master has been updated via 17caf63... s3 selftest: Add RAW-SFILEINFO-END-OF-FILE to selftest via af610a6... s3 setfileinfo: Open with FILE_WRITE_DATA when setting the file size via b6f9722... s4 torture: Change RAW-OPLOCK to use the documented version of SET_END_OF_FILE_INFO via 98f5950... s4 torture: Allow onefs to be checked like samba3 and samba4 via 6074a05... s4 torture: Add two new setfileinfo tests via ce9ac3a... s4 torture: Split up the torture suite setup for RAW-SFILEINFO from 56eca75... The start of a WHATSNEW for Samba4 alpha9 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master commit ce9ac3a685e2a23b30952bf20dbe3f9bf24dfaaa Author: Tim Prouty tpro...@samba.org Date: Tue Nov 24 16:25:02 2009 -0800 s4 torture: Split up the torture suite setup for RAW-SFILEINFO A side effect of this change is that RAW-SFILEINFO now runs the whole suite instead of just the first test. I changed the name of the first test to RAW-SFILEINFO-BASE and changed all of the selftest scripts that call it. I would like to solicit some help from a selftest/samba 4 expert on how to get selftest working with this recent commit. RAW-SFILEINFO was explcitly defined in raw.c along with subtests such as RAW-SFILEINFO-BUG. I modified RAW-SFILEINFO to reference the suite of tests which now includes subtests such as RAW-SFILEINFO-BUG. Since it is no longer possible to have a specific test called RAW-SFILEINFO, I modified it to be called RAW-SFILEINFO-BASE. I changed all of the samba3 make test references from RAW-SFILEINFO to RAW-SFILEINFO-BASE, but I'm having trouble doing the same in samba4. I tried changing source4/selftest/quick to include a line raw.sfileinfo.base rather than raw.sfileinfo, but it doesn't seem to parse correctly and just skips the test. I could just remove it from quicktest, but that seems like a last resort. Additionally, the full 'make test' far samba4 needs a similar adjustment. I've been looking at this now for a few hours and need some guidance from someone who knows how this all fits together a little better than me :). Thanks! -Tim
[Samba] RHEL Cluster Samba and AD
Dear All, My head is spinning and I fear I am trying to start this from far too far behind to keep ploughing on. Essentially we are having difficulty with our samba shares at work. We have moved to server 2k8 DCs and this seeems to have reeked havoc on our setup. Our difficulty seems to stem from authentication issues. We have bodged a work around though it is neither very secure nor indeed particularly easy to maintain. Our difficulty seemed to stem from winbindd not being able to read uid/gid from our AD. From what I understand this was down to AD only having a ticket for the resource and not for the cluster. Red Hat support have stated that winbind is legacy and therefore not really supported, nice. This led to me pondering about using LDAP to passthrough authentication to AD but so far I am starting from so far behind the drag curve my ears are starting to bleed. I can find a few tutorials on the web about clustered samba and ldap but alot of them assume having openLdap as the primary authentication point or directory, this is not an option for us as we are very much tied in to our new 2008 servers and esx setup. I suppose my query in a nutshell is has anyone managed to configure running win based machines that authenticate to a 2008 DC and have need to connect to some user/group controlled samba shared directories that are run under a RHEL cluster? essentailly some user only need to see the data while others need to be able to write data to the shares. This would ideally be controlled from AD groups etc. If this could avoid running openLDAP in mirrored (and slightly modified) tandem to AD that would be ideal though i am fearing the worst on this point. I apologise if this is a simple query but I have got myself bogged down in kerberos/samba/likewise/openldap tutorials and guides and feel like i am slowly drowning. any pointers would be greatly appreciated!! Thanks in advance Tim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] TDB files and moving them
On 21/10/2009 3:11 AM, MikeSch wrote: Is it possible to place my tdb files on another partition different from the one that samba is installed on? Can I do that from the .conf file? If so how? As you know the locking.tdb file can get rather large and I'd like to place that on a partition that has some more space then where my / is mounted. Thanks for your help! Can't you just move it and then create a symbolic link? Or is there some technical reason not to do that? TB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-694-gad96c11
The branch, master has been updated via ad96c11182db093fe41a4f6177580e70271574ea (commit) via 86b1a4cb868ee646326bff8b5c3ba807fb0556be (commit) via 32ee9767088fcd395e1f1a22d781d33b076aa78b (commit) via 637901c24288740d51f28e2378c02d956dd7b17d (commit) via c870043b27dff10010e45358d924cbdd688f6555 (commit) from 42c3eca0d5ccbe116d7b101bc9adaa3b39ca5da2 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ad96c11182db093fe41a4f6177580e70271574ea Author: Tim Prouty tpro...@samba.org Date: Fri Aug 28 22:53:09 2009 + s4 torture: Fix RAW-STREAMS to request more specific permissions This allows RAW-STREAMS to pass when the user isn't root on some systems that don't give full access rights to non-root users. commit 86b1a4cb868ee646326bff8b5c3ba807fb0556be Author: Tim Prouty tpro...@samba.org Date: Fri Aug 28 22:53:05 2009 + s3: Add more helpful debugging to some of the streams code commit 32ee9767088fcd395e1f1a22d781d33b076aa78b Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Wed Sep 23 20:37:04 2009 + vfs catia: Fix a NULL dereference when CATIA is loaded with no mappings specified. When we use the CATIA vfs module and don't have any mapping specified, we return NULL for the mapped_name, thereby resulting in segfaults. When we don't have catia mapping, we should just use the old name instead of returning NULL for the mapped_name. Signed-off-by: Tim Prouty tpro...@samba.org commit 637901c24288740d51f28e2378c02d956dd7b17d Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Thu Sep 3 20:46:10 2009 + vfs catia: Fix the double translation that was happening with createfile and open. Since the catia translation is implemented for open, it should not also be done in createfile. By removing createfile from catia, translation is now done correctly for the primary open path. In order to support systems that have custom createfile implementations that don't eventually call SMB_VFS_OPEN, SMB_VFS_TRANSLATE_NAME has been expanded to take an additional argument that specifies direction. Signed-off-by: Tim Prouty tpro...@samba.org commit c870043b27dff10010e45358d924cbdd688f6555 Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Wed Sep 2 17:20:21 2009 + vfs catia: Fix a possible NULL dereference Also free some unfreed memory. Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source3/include/vfs.h| 11 +++- source3/include/vfs_macros.h |8 +- source3/modules/onefs_streams.c | 23 ++ source3/modules/onefs_system.c | 27 ++-- source3/modules/vfs_catia.c | 138 ++--- source3/modules/vfs_full_audit.c |5 +- source3/smbd/filename.c |2 +- source3/smbd/vfs.c |8 ++- source4/torture/raw/streams.c|3 +- 9 files changed, 120 insertions(+), 105 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 38d60a0..ed49d1f 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -158,6 +158,11 @@ struct smb_filename; handle = handle-next; \ } +enum vfs_translate_direction { + vfs_translate_to_unix = 0, + vfs_translate_to_windows +}; + /* Available VFS operations. These values must be in sync with vfs_ops struct (struct vfs_fn_pointers and struct vfs_handle_pointers inside of struct vfs_ops). @@ -302,7 +307,8 @@ struct vfs_fn_pointers { struct lock_struct *plock); NTSTATUS (*translate_name)(struct vfs_handle_struct *handle, - char **mapped_name); + char **mapped_name, + enum vfs_translate_direction direction); /* NT ACL operations. */ @@ -650,7 +656,8 @@ void smb_vfs_call_strict_unlock(struct vfs_handle_struct *handle, struct files_struct *fsp, struct lock_struct *plock); NTSTATUS smb_vfs_call_translate_name(struct vfs_handle_struct *handle, -char **mapped_name); +char **mapped_name, +enum vfs_translate_direction direction); NTSTATUS smb_vfs_call_fget_nt_acl(struct vfs_handle_struct *handle, struct files_struct *fsp, uint32 security_info, diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 7cc5579..8ca7f37 100644 --- a/source3/include
[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-697-g60433b1
The branch, master has been updated via 60433b154dc345f8883b15d657e3f7d5c21fc6a1 (commit) via 74c0a7a1d34a75abec32cc46ab0b02b483160215 (commit) via 5e9aade51657a22dba2c65ffc1aab1be7c532e61 (commit) from ad96c11182db093fe41a4f6177580e70271574ea (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 60433b154dc345f8883b15d657e3f7d5c21fc6a1 Author: Steven Danneman steven.danne...@isilon.com Date: Thu May 14 23:14:03 2009 + s3 onefs: Fix 1 second share mode delay handling When racing to the open and loosing we may get a share_mode violation. In this case handle the 1-second delay via a defferred open properly. This requires us to retrieve the share_mode_lock before deferring open so we don't dereference a NULL pointer assuming we already had the lck because we were the first opener. commit 74c0a7a1d34a75abec32cc46ab0b02b483160215 Author: Steven Danneman steven.danne...@isilon.com Date: Thu May 14 23:12:23 2009 + s3 onefs: Fix a race condition exists in onefs_open.c between multiple opens to the same file. Two openers can stat a file at the same time, see that it doesn't exist, and then both race to open it first. The loser will enter onefs_open_file_ntcreate believing that the file doesnt exist, and thus skip any current state lookups for that file. This includes setting the file_id, and having a valid stat buffer. Normally on first create the file_id will be set during the open, but the second opener in this scenario may fail the open (oplock/share mode) and file_id will not be set, nor will the stat buffer be valid. In the error paths of this patch, we now double check that the file_id and the stat buffer are valid before doing other operations. commit 5e9aade51657a22dba2c65ffc1aab1be7c532e61 Author: Zack Kirsch zack.kir...@isilon.com Date: Wed Apr 22 23:30:55 2009 + s3 onefs: Add some debugging/asserts to give more info when there is bad deferred open state. Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source3/modules/onefs_open.c | 93 ++ source3/smbd/process.c |2 + 2 files changed, 78 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c index 31f27e9..b9a2c30 100644 --- a/source3/modules/onefs_open.c +++ b/source3/modules/onefs_open.c @@ -423,6 +423,13 @@ static void schedule_defer_open(struct share_mode_lock *lck, if (!request_timed_out(request_time, timeout)) { defer_open(lck, request_time, timeout, req, state); + } else { + /* A delayed-for-oplocks deferred open timing out should only +* happen if there is a bug or extreme load, since we set the +* timeout to 300 seconds. */ + DEBUG(0, (Deferred open timeout! request_time=%d.%d, + mid=%d\n, request_time.tv_sec, request_time.tv_usec, + req-mid)); } } @@ -817,7 +824,6 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, DEBUG(10, (fsp = %p\n, fsp)); - fsp-file_id = vfs_file_id_from_sbuf(conn, smb_fname-st); fsp-share_access = share_access; fsp-fh-private_options = create_options; fsp-access_mask = open_access_mask; /* We change this to the @@ -885,6 +891,12 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, * stat-only open at this point. */ SMB_ASSERT(fsp-oplock_type == NO_OPLOCK); + + /* The kernel and Samba's version of stat-only differs +* slightly: The kernel doesn't think its stat-only if we're +* truncating. We'd better have a req in order to defer the +* open. */ + SMB_ASSERT(!((flags|flags2) O_TRUNC)); } /* Do the open. */ @@ -910,13 +922,22 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, /* OneFS Oplock Handling */ if (errno == EINPROGRESS) { + /* If we get EINPROGRESS, the kernel will send us an +* asynchronous semlock event back. Ensure we can defer +* the open, by asserting req. */ + SMB_ASSERT(req); + if (lck == NULL) { + /* +* We hit the race that when we did the stat +* on the file it did not exist, and someone +* has created it in between the stat and the +* open_file() call. Defer our open
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1266-gc1b8eb8
The branch, master has been updated via c1b8eb884b71727fa12f4f62e0261c07b47c943a (commit) via ad88284038104f57e383418e1a0a5abc938b18f6 (commit) via e046b382f24f507a19bfb020b145ea2ec8acafcb (commit) from 77e2403f1314a28722f0fb21f6682320b2e9935d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c1b8eb884b71727fa12f4f62e0261c07b47c943a Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Wed Aug 26 14:54:58 2009 -0700 s3: Add catia to the list of modules compiled by default Signed-off-by: Tim Prouty tpro...@samba.org commit ad88284038104f57e383418e1a0a5abc938b18f6 Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Wed Aug 26 14:55:38 2009 -0700 s3: Major revamp for catia vfs module This patch builds out catia to allow fully configurable mappings, including mappings from single byte to multi-byte characters. Additionally, a much more complete list of vfs operations are now covered. Signed-off-by: Tim Prouty tpro...@samba.org commit e046b382f24f507a19bfb020b145ea2ec8acafcb Author: Aravind Srinivasan aravind.sriniva...@isilon.com Date: Wed Aug 26 14:56:09 2009 -0700 s3: Add a new VFS op called SMB_VFS_TRANSLATE_NAME This vop is designed to work in tandem with SMB_VFS_READDIR to allow vfs modules to make modifications to arbitrary filenames before they're consumed by callers. Subsequently the core directory enumeration code in smbd is now changed to free the memory that may be allocated in a module. This vop enables the new version of catia in the following patch. Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source3/configure.in|2 +- source3/include/proto.h |2 +- source3/include/vfs.h |7 + source3/include/vfs_macros.h|8 + source3/modules/vfs_catia.c | 982 +- source3/modules/vfs_default.c | 11 + source3/modules/vfs_full_audit.c| 15 + source3/modules/vfs_streams_depot.c |5 +- source3/smbd/dir.c | 35 +- source3/smbd/filename.c |6 +- source3/smbd/msdfs.c|4 + source3/smbd/reply.c| 50 ++- source3/smbd/vfs.c | 21 +- 13 files changed, 976 insertions(+), 172 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 0e7594e..6a4fd08 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -384,7 +384,7 @@ dnl These have to be built static: default_static_modules=pdb_smbpasswd pdb_tdbsam pdb_wbc_sam rpc_lsarpc rpc_samr rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl rpc_ntsvcs rpc_netlogon rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog auth_sam auth_unix auth_winbind auth_wbc auth_server auth_domain auth_builtin auth_netlogond vfs_default nss_info_template dnl These are preferably build shared, and static if dlopen() is not available -default_shared_modules=vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy vfs_shadow_copy2 charset_CP850 charset_CP437 auth_script vfs_readahead vfs_xattr_tdb vfs_streams_xattr vfs_streams_depot vfs_acl_xattr vfs_acl_tdb vfs_smb_traffic_analyzer vfs_preopen +default_shared_modules=vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy vfs_shadow_copy2 charset_CP850 charset_CP437 auth_script vfs_readahead vfs_xattr_tdb vfs_streams_xattr vfs_streams_depot vfs_acl_xattr vfs_acl_tdb vfs_smb_traffic_analyzer vfs_preopen vfs_catia if test x$developer = xyes; then default_static_modules=$default_static_modules rpc_rpcecho pdb_ads diff --git a/source3/include/proto.h b/source3/include/proto.h index ac0eed2..9314e57 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6216,7 +6216,7 @@ bool get_dir_entry(TALLOC_CTX *ctx, bool is_visible_file(connection_struct *conn, const char *dir_path, const char *name, SMB_STRUCT_STAT *pst, bool use_veto); struct smb_Dir *OpenDir(TALLOC_CTX *mem_ctx, connection_struct *conn, const char *name, const char *mask, uint32 attr); -const char *ReadDirName(struct smb_Dir *dirp, long *poffset, +char *ReadDirName(struct smb_Dir *dirp, long *poffset, SMB_STRUCT_STAT *sbuf); void RewindDir(struct smb_Dir *dirp, long *poffset); void SeekDir(struct smb_Dir *dirp, long offset); diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 38a972f..38d60a0 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -123,6 +123,8
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1199-g17829cb
The branch, master has been updated via 17829cbc82b8f647374712285492dbb3210fe346 (commit) via 3ad9d108a7404d625454efda0d000e4caa543e7a (commit) via 22ee1cd7dbcd07470c915343872ee83ae90e3511 (commit) from d49ab9226f849d1f08f7cf83956d35cf4950906e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 17829cbc82b8f647374712285492dbb3210fe346 Author: tprouty tpro...@b72e2a10-2d34-0410-9a71-d3beadf02b57 Date: Wed Aug 26 01:38:17 2009 + s3 onefs: Canonicalize the ACL in the correct order commit 3ad9d108a7404d625454efda0d000e4caa543e7a Author: tprouty tpro...@b72e2a10-2d34-0410-9a71-d3beadf02b57 Date: Wed Aug 26 01:38:14 2009 + s3: Allow full_audit to play nice with smbd if it's using syslog Explictly pass the facility from both smbd and full_audit to syslog. Really the only major change is to not call openlog() in full_audit if WITH_SYSLOG is defined, which implies that smbd is already using syslog. This allows full audit to piggy-back on the same ident as smbd, while still differentiating the logging via the facility. commit 22ee1cd7dbcd07470c915343872ee83ae90e3511 Author: tprouty tpro...@b72e2a10-2d34-0410-9a71-d3beadf02b57 Date: Wed Aug 26 01:38:07 2009 + s3 audit: Change create_file in full_audit to print whether a directory or file was requested full_audit will now print out whether the createfile was requested for a file or directory. The create disposition is also printed out. --- Summary of changes: source3/lib/debug.c |6 + source3/modules/onefs_acl.c | 12 +++--- source3/modules/vfs_full_audit.c | 42 +++-- 3 files changed, 53 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/debug.c b/source3/lib/debug.c index e7dcfb4..2e19f89 100644 --- a/source3/lib/debug.c +++ b/source3/lib/debug.c @@ -856,6 +856,12 @@ void check_log_size( void ) else priority = priority_map[syslog_level]; + /* +* Specify the facility to interoperate with other syslog +* callers (vfs_full_audit for example). +*/ + priority |= SYSLOG_FACILITY; + va_start(ap, format_str); ret = vasprintf(msgbuf, format_str, ap); va_end(ap); diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c index df4efd5..2593012 100644 --- a/source3/modules/onefs_acl.c +++ b/source3/modules/onefs_acl.c @@ -417,23 +417,27 @@ onefs_canon_acl(files_struct *fsp, struct ifs_security_descriptor *sd) * By walking down the list 3 separate times, we can avoid the need * to create multiple temp buffers and extra copies. */ - for (cur = 0; cur sd-dacl-num_aces; cur++) { - if (sd-dacl-aces[cur].flags IFS_ACE_FLAG_INHERITED_ACE) - new_aces[new_aces_count++] = sd-dacl-aces[cur]; - } + /* Explict deny aces first */ for (cur = 0; cur sd-dacl-num_aces; cur++) { if (!(sd-dacl-aces[cur].flags IFS_ACE_FLAG_INHERITED_ACE) (sd-dacl-aces[cur].type == IFS_ACE_TYPE_ACCESS_DENIED)) new_aces[new_aces_count++] = sd-dacl-aces[cur]; } + /* Explict allow aces second */ for (cur = 0; cur sd-dacl-num_aces; cur++) { if (!(sd-dacl-aces[cur].flags IFS_ACE_FLAG_INHERITED_ACE) !(sd-dacl-aces[cur].type == IFS_ACE_TYPE_ACCESS_DENIED)) new_aces[new_aces_count++] = sd-dacl-aces[cur]; } + /* Inherited deny/allow aces third */ + for (cur = 0; cur sd-dacl-num_aces; cur++) { + if ((sd-dacl-aces[cur].flags IFS_ACE_FLAG_INHERITED_ACE)) + new_aces[new_aces_count++] = sd-dacl-aces[cur]; + } + SMB_ASSERT(new_aces_count == sd-dacl-num_aces); DEBUG(10, (Performed canonicalization of ACLs for file %s\n, fsp_str_dbg(fsp))); diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 6930a55..0f6de79 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -510,6 +510,7 @@ static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle, char *audit_pre = NULL; va_list ap; char *op_msg = NULL; + int priority; if (success (!log_success(handle, op))) goto out; @@ -530,8 +531,15 @@ static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle, goto out; } + /* +* Specify the facility to interoperate with other syslog callers +* (smbd for
Re: [SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1164-gc69f92d
Hi Jeremy, On Aug 24, 2009, at 8:58 PM, Jeremy Allison wrote: The branch, master has been updated via c69f92d16d57c2387d31b5dfd01aab0685a671d0 (commit) from 9a86f26a5f0b421f8cf259e579fe5946b39623f6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c69f92d16d57c2387d31b5dfd01aab0685a671d0 Author: Jeremy Allison j...@samba.org Date: Mon Aug 24 20:57:37 2009 -0700 Second attempt at fix for bug 6529 - Offline files conflict with Vista and Office 2003. Confirmation from reporter that this fixes the issue in master on ext3/ext4. Back-ports to follow. Jeremy. --- diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 2722352..38a972f 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -121,8 +121,9 @@ /* Changed to version 26 - Plumb struct smb_filename to SMB_VFS_CREATE_FILE, SMB_VFS_OPEN, SMB_VFS_STAT, SMB_VFS_LSTAT, SMB_VFS_RENAME, SMB_VFS_UNLINK, SMB_VFS_NTIMES. */ - -#define SMB_VFS_INTERFACE_VERSION 26 +/* Changed to version 27 - not yet released. Added enum timestamp_set_resolution + *return to fs_capabilities call. JRA. */ +#define SMB_VFS_INTERFACE_VERSION 27 This is minor, but you should be able to leave the interface version at 26 since there hasn't been a release since it was incremented to 26. -Tim
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1173-g808a0d4
The branch, master has been updated via 808a0d44f84ed668c906eaa6777d2c0743351560 (commit) from 1df18922c613d2d3c8c23b919e435cb1de915eaa (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 808a0d44f84ed668c906eaa6777d2c0743351560 Author: Zach Loafman zachary.loaf...@isilon.com Date: Tue Aug 25 10:46:37 2009 -0700 Allow for name array strings that don't end in a slash Fix set_namearray to allow for strings that don't end in a slash. Also remove unnecessary strdup()s. Signed-off-by: Tim Prouty tpro...@samba.org --- Summary of changes: source3/lib/util.c | 29 + 1 files changed, 17 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/util.c b/source3/lib/util.c index 74b7921..ae63082 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -1691,7 +1691,7 @@ bool is_in_path(const char *name, name_compare_entry *namelist, bool case_sensit void set_namearray(name_compare_entry **ppname_array, const char *namelist) { char *name_end; - const char *nameptr = namelist; + char *nameptr = (char *)namelist; int num_entries = 0; int i; @@ -1711,12 +1711,14 @@ void set_namearray(name_compare_entry **ppname_array, const char *namelist) nameptr++; continue; } - /* find the next / */ - name_end = strchr_m(nameptr, '/'); + /* anything left? */ + if ( *nameptr == '\0' ) + break; - /* oops - the last check for a / didn't find one. */ + /* find the next '/' or consume remaining */ + name_end = strchr_m(nameptr, '/'); if (name_end == NULL) - break; + name_end = (char *)nameptr + strlen(nameptr); /* next segment please */ nameptr = name_end + 1; @@ -1732,7 +1734,7 @@ void set_namearray(name_compare_entry **ppname_array, const char *namelist) } /* Now copy out the names */ - nameptr = namelist; + nameptr = (char *)namelist; i = 0; while(*nameptr) { if ( *nameptr == '/' ) { @@ -1740,14 +1742,17 @@ void set_namearray(name_compare_entry **ppname_array, const char *namelist) nameptr++; continue; } - /* find the next / */ - if ((name_end = strchr_m(nameptr, '/')) != NULL) - *name_end = 0; - - /* oops - the last check for a / didn't find one. */ - if(name_end == NULL) + /* anything left? */ + if ( *nameptr == '\0' ) break; + /* find the next '/' or consume remaining */ + name_end = strchr_m(nameptr, '/'); + if (name_end) + *name_end = '\0'; + else + name_end = nameptr + strlen(nameptr); + (*ppname_array)[i].is_wild = ms_has_wild(nameptr); if(((*ppname_array)[i].name = SMB_STRDUP(nameptr)) == NULL) { DEBUG(0,(set_namearray: malloc fail (1)\n)); -- Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-861-g457191e
I don't remember exactly what we agreed upon for the process of backporting bug fixes to maintenance releases, but I think it was something like, get the patch signed off by someone else, and then Karolin will actually do the pushing. Does that sound right? 3121249243f52dcbf8083f5ff137bd580515efa7 allowed us to correctly handle renaming directories when a client has files open underneath it, but it also introduced a bug. If a client holds open a handle to the directory, and then tries to rename it, the rename should be allowed, but in 3.4.x the client will get NT_STATUS_ACCESS_DENIED. We have already seen a few instances of SMB clients doing this in the field, and customers seeing this seemingly random NT_STATUS_ACCESS_DENIED. The attached patches fix the problem against v3-4-test and add a regression test so it's not broken by any future patches. The fix is slightly different in 3.4 than it was for master due to the smb_filename changes. Karolin, let me know if you would like me to push these myself, once I get an ack. -Tim On Aug 6, 2009, at 6:01 PM, Tim Prouty wrote: The branch, master has been updated via 457191e9f396898b8a511cf860f24986f36fd879 (commit) via 09e9904f18634b135944f466c48c4be1a43b4272 (commit) from 890dfe003c91f8df737e5e2e4e440e1a9f416ae8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 457191e9f396898b8a511cf860f24986f36fd879 Author: Tim Prouty tpro...@samba.org Date: Thu Aug 6 15:53:33 2009 -0700 s3: Fix a bug in renames of directories
Re: [SCM] Samba Shared Repository - branch master updated -release-4-0-0alpha8-861-g457191e
On Aug 7, 2009, at 10:16 AM, Jeremy Allison wrote: Actually you need a bug report to attach the patch to, then get it reviewed and signed off by someone else, then Karolin pushes it :-). Done. Thank you! https://bugzilla.samba.org/show_bug.cgi?id=6620 -Tim
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-861-g457191e
The branch, master has been updated via 457191e9f396898b8a511cf860f24986f36fd879 (commit) via 09e9904f18634b135944f466c48c4be1a43b4272 (commit) from 890dfe003c91f8df737e5e2e4e440e1a9f416ae8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 457191e9f396898b8a511cf860f24986f36fd879 Author: Tim Prouty tpro...@samba.org Date: Thu Aug 6 15:53:33 2009 -0700 s3: Fix a bug in renames of directories Recently code was added to match windows semantics of denying the rename of a directory if there are open files underneath it. This does partly match windows semantics, but it turns out the rename should be allowed if the open file handle is for the directory being renamed, or for a stream on the directory being renamed. This patch refines the check to better follow these rename semantics. commit 09e9904f18634b135944f466c48c4be1a43b4272 Author: Tim Prouty tpro...@samba.org Date: Thu Aug 6 11:23:23 2009 -0700 s4 torture: Extend the RAW-RENAME test to more fully test directory renames. The existing test was only covering files opened underneath the directory that was being renamed. It is not uncommon for windows clients to actually hold a read-only handle to a directory open across the rename, which it turns out doesn't return NT_STATUS_ACCESS_DENIED. Additionally, holding a handle open to a stream on the directory is also allowed. --- Summary of changes: source3/smbd/files.c | 25 - source4/torture/raw/rename.c | 50 ++ 2 files changed, 69 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/files.c b/source3/smbd/files.c index a170f77..146d809 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -404,14 +404,15 @@ bool file_find_subpath(files_struct *dir_fsp) { files_struct *fsp; size_t dlen; - char *d_fullname; + char *d_fullname = NULL; + bool ret = false; d_fullname = talloc_asprintf(talloc_tos(), %s/%s, dir_fsp-conn-connectpath, dir_fsp-fsp_name-base_name); if (!d_fullname) { - return false; + goto out; } dlen = strlen(d_fullname); @@ -429,15 +430,27 @@ bool file_find_subpath(files_struct *dir_fsp) fsp-fsp_name-base_name); if (strnequal(d_fullname, d1_fullname, dlen)) { - TALLOC_FREE(d_fullname); + int d1_len = strlen(d1_fullname); + + /* +* If the open file is a second file handle to the +* same name or is a stream on the original file, then +* don't return true. +*/ + if (d1_len == dlen) { + TALLOC_FREE(d1_fullname); + continue; + } + TALLOC_FREE(d1_fullname); - return true; + ret = true; + goto out; } TALLOC_FREE(d1_fullname); } - + out: TALLOC_FREE(d_fullname); - return false; + return ret; } / diff --git a/source4/torture/raw/rename.c b/source4/torture/raw/rename.c index e91c3b2..15fed0e 100644 --- a/source4/torture/raw/rename.c +++ b/source4/torture/raw/rename.c @@ -529,6 +529,7 @@ static bool test_dir_rename(struct torture_context *tctx, struct smbcli_state *c const char *dname1 = BASEDIR \\dir_for_rename; const char *dname2 = BASEDIR \\renamed_dir; const char *fname = BASEDIR \\dir_for_rename\\file.txt; + const char *sname = BASEDIR \\dir_for_rename:a stream:$DATA; bool ret = true; int fnum = -1; @@ -593,6 +594,55 @@ static bool test_dir_rename(struct torture_context *tctx, struct smbcli_state *c status = smb_raw_rename(cli-tree, ren_io); CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED); + /* Close the file and try the rename. */ + smbcli_close(cli-tree, fnum); + + status = smb_raw_rename(cli-tree, ren_io); + CHECK_STATUS(status, NT_STATUS_OK); + + /* +* Now try just holding a second handle on the directory and holding +* it open across a rename. This should be allowed. +*/ + io.ntcreatex.in.fname = dname2; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + + io.ntcreatex.in.access_mask = SEC_STD_READ_CONTROL | + SEC_FILE_READ_ATTRIBUTE
Re: [SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-616-g3532882
On Jul 27, 2009, at 7:16 AM, Volker Lendecke wrote: The branch, master has been updated via 3532882d02ff30c1ea47dd433715246351297e4e (commit) via 5135ebd6f099518f0a0b5796e8057210be824740 (commit) via d3132e21f3c93043e3d29584f4094b6edfc02c5a (commit) via e30509f037098feac8345f39524902061712039f (commit) from cdd7a5208fbcb65e4a75ee08f8f015530f418c15 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5135ebd6f099518f0a0b5796e8057210be824740 Author: Volker Lendecke v...@samba.org Date: Mon Jul 27 14:47:41 2009 +0200 Fix a valgrind error in chain_reply construct_reply() references the request after chain_reply has freed it. Hi Volker, Shouldn't this go into v3-4-test also? -Tim
[Samba] CTDB Node unnecessarily banning other nodes
Hi, We are using CTDB version 1.0.77 and yesterday we saw an instance of node running into issues and banning itself to recover (as listed below): node1: 2009/07/29 23:23:37.748251 [22371]: Banning node 0 for 300 seconds 2009/07/29 23:23:37.748263 [22371]: self ban - lowering our election priority 2009/07/29 23:23:37.748503 [22275]: This node has been banned - forcing freeze and recovery Now other nodes part of CTDB cluster receives the ban message, but even though the ID does not belong to its CURRENT ID, other nodes bans itself and goes into recovery mode. I guess this is not supposed to happen? node2 (should not ban itself): 2009/07/29 23:23:37.748659 [19905]: Got a ban request for pnn:0 but our pnn is 1. Ignoring ban request 2009/07/29 23:23:37.748994 [19776]: This node has been banned - forcing freeze and recovery node3 (should not ban itself): 2009/07/29 23:23:37.748506 [19892]: Got a ban request for pnn:0 but our pnn is 2. Ignoring ban request 2009/07/29 23:23:37.749575 [19750]: This node has been banned - forcing freeze and recovery Existing Version 1.0.77: ctdb-1.0.77/ctdb_monitor.c 241 if ((node-flags NODE_FLAGS_BANNED) !(c-old_flags NODE_FLAGS_BANNED)) { 242 /* make sure we are frozen */ 243 DEBUG(DEBUG_NOTICE,(This node has been banned - forcing freeze and recovery\n)); -- I see a condition added in the ban algorithm in the latest 1.0.88 to ensure the banned node ID matches with node's PNN ID ((node-pnn == ctdb-pnn)) -- Version 1.0.88: 311 /* if we have become banned, we should go into recovery mode */ 312 if ((node-flags NODE_FLAGS_BANNED) !(c-old_flags NODE_FLAGS_BANNED) (node-pnn == ctdb-pnn)) { 313 /* make sure we are frozen */ 314 DEBUG(DEBUG_NOTICE,(This node has been banned - forcing freeze and recovery\n)); Can you please confirm if upgrading to 1.0.88 would fix the issue of a node getting banned does not cause banning of other nodes, unnecessarily? Thanks, -Tim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-667-g9b461ad
The branch, master has been updated via 9b461ad7eb4d478397fe56f37f7c8ffca6724b23 (commit) from d498532389df7b1f6b1d01e47166f5697a742147 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9b461ad7eb4d478397fe56f37f7c8ffca6724b23 Author: Tim Prouty tpro...@samba.org Date: Wed Jul 29 10:12:11 2009 -0700 s3: Attempt to fix hpuxacl module --- Summary of changes: source3/modules/vfs_hpuxacl.c | 16 source3/modules/vfs_hpuxacl.h |2 +- 2 files changed, 13 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_hpuxacl.c b/source3/modules/vfs_hpuxacl.c index 3638636..abc80dc 100644 --- a/source3/modules/vfs_hpuxacl.c +++ b/source3/modules/vfs_hpuxacl.c @@ -208,17 +208,23 @@ SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle, int hpuxacl_sys_acl_set_file(vfs_handle_struct *handle, -struct smb_filename *smb_fname, +const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) { int ret = -1; HPUX_ACL_T hpux_acl = NULL; int count; + struct smb_filename *smb_fname = NULL; DEBUG(10, (hpuxacl_sys_acl_set_file called for file '%s'\n, - smb_fname_str_dbg(smb_fname))); + name)); + status = create_synthetic_smb_fname(talloc_tos(), name, NULL, NULL, + smb_fname); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } if(hpux_acl_call_present() == False) { /* Looks like we don't have the acl() system call on HPUX. @@ -299,6 +305,7 @@ int hpuxacl_sys_acl_set_file(vfs_handle_struct *handle, done: DEBUG(10, (hpuxacl_sys_acl_set_file %s.\n, ((ret != 0) ? failed : succeeded))); + TALLOC_FREE(smb_fname); SAFE_FREE(hpux_acl); return ret; } @@ -327,8 +334,9 @@ int hpuxacl_sys_acl_set_fd(vfs_handle_struct *handle, DEBUG(10, (redirecting call of hpuxacl_sys_acl_set_fd to hpuxacl_sys_acl_set_file (no facl syscall on HPUX)\n)); -return hpuxacl_sys_acl_set_file(handle, file_struct_p-fsp_name, - SMB_ACL_TYPE_ACCESS, theacl); +return hpuxacl_sys_acl_set_file(handle, + file_struct_p-fsp_name-base_name, + SMB_ACL_TYPE_ACCESS, theacl); } diff --git a/source3/modules/vfs_hpuxacl.h b/source3/modules/vfs_hpuxacl.h index 9baed57..07b32d6 100644 --- a/source3/modules/vfs_hpuxacl.h +++ b/source3/modules/vfs_hpuxacl.h @@ -41,7 +41,7 @@ SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp); int hpuxacl_sys_acl_set_file(vfs_handle_struct *handle, -struct smb_filename *smb_fname, +const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-587-gcd5133b
The branch, master has been updated via cd5133b1127579fa47152e4c38f4a6534bdf37c7 (commit) via 10324b177ed2c5de07039f035905b8272f51fbf7 (commit) from c472bca42c587d46bd9d11a1c02fe53808cee08e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cd5133b1127579fa47152e4c38f4a6534bdf37c7 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 24 11:39:56 2009 -0700 s3: Simplify rename_internals() by passing in smb_filename structs commit 10324b177ed2c5de07039f035905b8272f51fbf7 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 24 12:13:07 2009 -0700 s3: Allow filename_convert() to pass through unix_convert_flags and let the caller know if the path has a wildcard This also eliminates the need for resolve_dfspath(). --- Summary of changes: source3/include/proto.h|6 +- source3/rpc_server/srv_srvsvc_nt.c |4 + source3/smbd/filename.c| 41 ++-- source3/smbd/msdfs.c | 45 +++-- source3/smbd/nttrans.c | 121 +--- source3/smbd/reply.c | 106 --- source3/smbd/smb2_create.c |2 + source3/smbd/trans2.c | 81 ++-- 8 files changed, 211 insertions(+), 195 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 63a82a8..a79c7eb 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6320,6 +6320,8 @@ NTSTATUS filename_convert(TALLOC_CTX *mem_ctx, connection_struct *conn, bool dfs_path, const char *name_in, + uint32_t ucf_flags, + bool *ppath_contains_wcard, struct smb_filename **pp_smb_fname); /* The following definitions come from smbd/filename_utils.c */ @@ -6882,8 +6884,8 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, NTSTATUS rename_internals(TALLOC_CTX *ctx, connection_struct *conn, struct smb_request *req, - const char *name_in, - const char *newname_in, + struct smb_filename *smb_fname_src, + struct smb_filename *smb_fname_dst, uint32 attrs, bool replace_if_exists, bool src_has_wild, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index b9d1ed6..15b2290 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2072,6 +2072,8 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, conn, false, r-in.file, + 0, + NULL, smb_fname); if (!NT_STATUS_IS_OK(nt_status)) { werr = ntstatus_to_werror(nt_status); @@ -2200,6 +2202,8 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, conn, false, r-in.file, + 0, + NULL, smb_fname); if (!NT_STATUS_IS_OK(nt_status)) { werr = ntstatus_to_werror(nt_status); diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 09f9a41..a13c66c 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -1027,14 +1027,30 @@ static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, return status; } -/ - Go through all the steps to validate a filename. -/ - +/** + * Go through all the steps to validate a filename. + * + * @param ctx talloc_ctx to allocate memory with. + * @param conn connection struct for vfs calls. + * @param dfs_path Whether this path requires dfs resolution. + * @param name_in The unconverted name. + * @param ucf_flagsflags to pass through to unix_convert(). + * UCF_ALLOW_WCARD_LCOMP will be stripped out if + * p_cont_wcard == NULL or is false. + * @param p_cont_wcard If not NULL, will be set to true if the dfs path + * resolution detects a wildcard. + * @param pp_smb_fname The final converted name will be allocated if the + * return is NT_STATUS_OK. + * + * @return NT_STATUS_OK
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-589-g247a77a
The branch, master has been updated via 247a77a422192d7f270952334f06a512fcd339aa (commit) from ff547a23ae464475fa9a6f0c9b8a5d1d721dde64 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 247a77a422192d7f270952334f06a512fcd339aa Author: Tim Prouty tpro...@samba.org Date: Fri Jul 24 17:09:42 2009 -0700 s3 onefs: Fix the onefs modules after the big refactoring --- Summary of changes: source3/modules/onefs.h |4 ++-- source3/modules/onefs_acl.c |4 ++-- source3/modules/vfs_onefs.c |8 source3/modules/vfs_onefs_shadow_copy.c |4 ++-- source3/smbd/oplock_onefs.c | 24 5 files changed, 22 insertions(+), 22 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h index e0e4637..dd27d44 100644 --- a/source3/modules/onefs.h +++ b/source3/modules/onefs.h @@ -126,13 +126,13 @@ NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, uint32 security_info, SEC_DESC **ppdesc); NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info_sent, SEC_DESC *psd); + uint32 security_info_sent, const SEC_DESC *psd); /* * Utility functions */ struct ifs_security_descriptor; -NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, SEC_DESC *psd, +NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd, struct ifs_security_descriptor *sd, int snum, uint32_t *security_info_effective); diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c index 2753a9e..df4efd5 100644 --- a/source3/modules/onefs_acl.c +++ b/source3/modules/onefs_acl.c @@ -819,7 +819,7 @@ onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, * * @return NTSTATUS_OK if successful */ -NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, SEC_DESC *psd, +NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, const SEC_DESC *psd, struct ifs_security_descriptor *sd, int snum, uint32_t *security_info_effective) { @@ -905,7 +905,7 @@ NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent, SEC_DESC *psd, */ NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32_t sec_info_sent, SEC_DESC *psd) + uint32_t sec_info_sent, const SEC_DESC *psd) { struct ifs_security_descriptor sd = {}; int fd = -1; diff --git a/source3/modules/vfs_onefs.c b/source3/modules/vfs_onefs.c index 05f6cfd..31f0b85 100644 --- a/source3/modules/vfs_onefs.c +++ b/source3/modules/vfs_onefs.c @@ -108,7 +108,7 @@ static uint64_t onefs_get_alloc_size(struct vfs_handle_struct *handle, } static struct file_id onefs_file_id_create(struct vfs_handle_struct *handle, -SMB_STRUCT_STAT *sbuf) + const SMB_STRUCT_STAT *sbuf) { struct file_id key; @@ -247,19 +247,19 @@ static uint32_t onefs_fs_capabilities(struct vfs_handle_struct *handle) } static struct vfs_fn_pointers onefs_fns = { - .connect = onefs_connect, + .connect_fn = onefs_connect, .fs_capabilities = onefs_fs_capabilities, .opendir = onefs_opendir, .readdir = onefs_readdir, .seekdir = onefs_seekdir, .telldir = onefs_telldir, - .rewinddir = onefs_rewinddir, + .rewind_dir = onefs_rewinddir, .mkdir = onefs_mkdir, .closedir = onefs_closedir, .init_search_op = onefs_init_search_op, .open = onefs_open, .create_file = onefs_create_file, - .close = onefs_close, + .close_fn = onefs_close, .sendfile = onefs_sendfile, .recvfile = onefs_recvfile, .rename = onefs_rename, diff --git a/source3/modules/vfs_onefs_shadow_copy.c b/source3/modules/vfs_onefs_shadow_copy.c index b8febdc..c733392 100644 --- a/source3/modules/vfs_onefs_shadow_copy.c +++ b/source3/modules/vfs_onefs_shadow_copy.c @@ -397,7 +397,7 @@ onefs_shadow_copy_ntimes(vfs_handle_struct *handle, /** * XXX: macro-ize */ -static bool +static int onefs_shadow_copy_symlink(vfs_handle_struct *handle, const char *oldpath, const char *newpath) { @@ -671,7 +671,7 @@ static struct vfs_fn_pointers onefs_shadow_copy_fns = { .chdir = onefs_shadow_copy_chdir, .ntimes = onefs_shadow_copy_ntimes, .symlink = onefs_shadow_copy_symlink, - .readlink = onefs_shadow_copy_readlink, + .vfs_readlink = onefs_shadow_copy_readlink, .link = onefs_shadow_copy_link, .mknod
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-591-gf49f3fc
The branch, master has been updated via f49f3fcb0127b6ed19fec94f93658180ead04ac5 (commit) via 7197ba3abd6dfad74a28d5e3f8a73367ab22810b (commit) from 247a77a422192d7f270952334f06a512fcd339aa (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f49f3fcb0127b6ed19fec94f93658180ead04ac5 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 24 18:38:40 2009 -0700 s3: Convert a few callers of unix_convert() over to filename_convert() This patch also changes the unix convert flags to make sure the correct semantics are preservered for allowing/disallowing wildcards in the last component of the path. commit 7197ba3abd6dfad74a28d5e3f8a73367ab22810b Author: Tim Prouty tpro...@samba.org Date: Fri Jul 24 16:05:44 2009 -0700 s3: Remove a few callers of get_full_smb_filename() --- Summary of changes: source3/include/proto.h|3 +- source3/include/smb.h |3 +- source3/printing/nt_printing.c | 28 -- source3/smbd/filename.c| 22 source3/smbd/msdfs.c | 54 +++ source3/smbd/nttrans.c |4 +- source3/smbd/reply.c | 112 ++-- source3/smbd/trans2.c | 102 +--- 8 files changed, 171 insertions(+), 157 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 92386f5..aed2c4c 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6846,7 +6846,8 @@ void reply_ulogoffX(struct smb_request *req); void reply_mknew(struct smb_request *req); void reply_ctemp(struct smb_request *req); NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, - uint32 dirtype, const char *name_in, bool has_wild); + uint32 dirtype, struct smb_filename *smb_fname, + bool has_wild); void reply_unlink(struct smb_request *req); void reply_readbraw(struct smb_request *req); void reply_lockread(struct smb_request *req); diff --git a/source3/include/smb.h b/source3/include/smb.h index 1c4ac54..6ccdd96 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1900,7 +1900,8 @@ struct smb_file_time { * unix_convert_flags */ #define UCF_SAVE_LCOMP 0x0001 -#define UCF_ALLOW_WCARD_LCOMP 0x0002 +#define UCF_ALWAYS_ALLOW_WCARD_LCOMP 0x0002 +#define UCF_COND_ALLOW_WCARD_LCOMP 0x0004 /* * smb_filename diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 3e206be..26b8d9d 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -5145,6 +5145,24 @@ bool printer_driver_files_in_use ( NT_PRINTER_DRIVER_INFO_LEVEL_3 *info ) return in_use; } +static NTSTATUS driver_unlink_internals(connection_struct *conn, + const char *name) +{ + struct smb_filename *smb_fname = NULL; + NTSTATUS status; + + status = create_synthetic_smb_fname(talloc_tos(), name, NULL, NULL, + smb_fname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + status = unlink_internals(conn, NULL, 0, smb_fname, false); + + TALLOC_FREE(smb_fname); + return status; +} + / Actually delete the driver files. Make sure that printer_driver_files_in_use() return False before calling @@ -5197,7 +5215,7 @@ static bool delete_driver_files(struct pipes_struct *rpc_pipe, if ( (s = strchr( info_3-driverpath[1], '\\' )) != NULL ) { file = s; DEBUG(10,(deleting driverfile [%s]\n, s)); - unlink_internals(conn, NULL, 0, file, False); + driver_unlink_internals(conn, file); } } @@ -5205,7 +5223,7 @@ static bool delete_driver_files(struct pipes_struct *rpc_pipe, if ( (s = strchr( info_3-configfile[1], '\\' )) != NULL ) { file = s; DEBUG(10,(deleting configfile [%s]\n, s)); - unlink_internals(conn, NULL, 0, file, False); + driver_unlink_internals(conn, file); } } @@ -5213,7 +5231,7 @@ static bool delete_driver_files(struct pipes_struct *rpc_pipe, if ( (s = strchr( info_3-datafile[1], '\\' )) != NULL ) { file = s; DEBUG(10,(deleting datafile [%s]\n, s)); - unlink_internals(conn, NULL, 0, file, False); + driver_unlink_internals(conn, file
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-560-g07d3b69
The branch, master has been updated via 07d3b69b55c37f26ba6fa8b0c1c59e800325b435 (commit) via 83284e13f91f685b8dcccb9202e33fe64e6930b2 (commit) via 4b42927ec31a0819b1e5ec415fd1a16061cff677 (commit) from 84eced142551a1986ba727d4c57aed1296ac87b4 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 07d3b69b55c37f26ba6fa8b0c1c59e800325b435 Author: Tim Prouty tpro...@samba.org Date: Wed Jul 22 09:52:09 2009 -0700 s3: Change unix_convert to use an smb_filename struct internally This allows SMB_VFS_[L]STAT to be called directly. Additionally, I changed NTSTATUS result to be named status for consistency. I also removed the stat_cache_add() from build_stream_path() because stat_cache_lookup() is never actually called on a file with a stream. There is no reason why the stat cache couldn't be consulted for streams in the future. Jeremy/Volker, please take a look at this one when you get a chance. commit 83284e13f91f685b8dcccb9202e33fe64e6930b2 Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 15:55:25 2009 -0700 s3: Convert some callers of vfs_lstat_smb_fname to SMB_VFS_LSTAT() commit 4b42927ec31a0819b1e5ec415fd1a16061cff677 Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 13:57:56 2009 -0700 s3: Convert some callers of vfs_stat_smb_fname to SMB_VFS_STAT() --- Summary of changes: source3/smbd/filename.c | 291 +++ source3/smbd/globals.h |1 - source3/smbd/msdfs.c| 20 ++- source3/smbd/posix_acls.c | 24 +++- source3/smbd/smb2_getinfo.c | 10 -- source3/smbd/statcache.c| 15 ++- source3/smbd/trans2.c | 28 +++-- source3/smbd/vfs.c | 19 +++- 8 files changed, 235 insertions(+), 173 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 541b0cd..09f9a41 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -117,23 +117,21 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, struct smb_filename **smb_fname_out, uint32_t ucf_flags) { - SMB_STRUCT_STAT st; struct smb_filename *smb_fname = NULL; char *start, *end; char *dirpath = NULL; - char *name = NULL; char *stream = NULL; bool component_was_mangled = False; bool name_has_wildcard = False; bool posix_pathnames = false; bool allow_wcard_last_component = ucf_flags UCF_ALLOW_WCARD_LCOMP; bool save_last_component = ucf_flags UCF_SAVE_LCOMP; - NTSTATUS result; + NTSTATUS status; int ret = -1; *smb_fname_out = NULL; - smb_fname = talloc_zero(talloc_tos(), struct smb_filename); + smb_fname = talloc_zero(ctx, struct smb_filename); if (smb_fname == NULL) { return NT_STATUS_NO_MEMORY; } @@ -143,10 +141,10 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, filename - so don't convert them */ if (!(smb_fname-base_name = talloc_strdup(smb_fname, orig_path))) { - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto err; } - *smb_fname_out = smb_fname; - return NT_STATUS_OK; + goto done; } DEBUG(5, (unix_convert called on file \%s\\n, orig_path)); @@ -174,15 +172,16 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (!*orig_path) { - if (!(name = talloc_strdup(ctx,.))) { - return NT_STATUS_NO_MEMORY; + if (!(smb_fname-base_name = talloc_strdup(smb_fname, .))) { + status = NT_STATUS_NO_MEMORY; + goto err; } - if (vfs_stat_smb_fname(conn,name,st) == 0) { - smb_fname-st = st; - } else { - return map_nt_error_from_unix(errno); + if (SMB_VFS_STAT(conn, smb_fname) != 0) { + status = map_nt_error_from_unix(errno); + goto err; } - DEBUG(5,(conversion finished \\ - %s\n,name)); + DEBUG(5, (conversion finished \\ - %s\n, + smb_fname-base_name)); goto done; } @@ -190,17 +189,19 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, orig_path[1] == '\0')) { /* Start of pathname can't be . only. */ if (orig_path[1] == '\0' || orig_path[2] == '\0') { - result = NT_STATUS_OBJECT_NAME_INVALID
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-554-g605649e
The branch, master has been updated via 605649edc3d3ce4f760b08fd8ee5684007369be8 (commit) via 23c703a01eddfa9103352e0ad43bc9fe39ea0c27 (commit) via 00e267008defe18475115a4300addf3cbcabff5a (commit) via 4860fc4951a7dbd80d8938f4dba49c42a12b4d00 (commit) via 78ce9dd471568773760292ea18478af51c11d71a (commit) via 6b49f28592af5c998642bd5d5f76b77c79a22cd7 (commit) from 424e7636957f07c044ee24a9bbf650b02291939b (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 605649edc3d3ce4f760b08fd8ee5684007369be8 Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 11:37:51 2009 -0700 s3: plumb smb_filename through some of the trans2 posix_* functions commit 23c703a01eddfa9103352e0ad43bc9fe39ea0c27 Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 11:35:17 2009 -0700 s3: Remove unnecessary callers of get_full_smb_filename This often times means explicitly denying certain operations on a stream as they are not supported or don't make sense at a particular level. At some point in the future these can be enabled, but for now it's better to remove ambiguity commit 00e267008defe18475115a4300addf3cbcabff5a Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 10:28:28 2009 -0700 s3: Remove the now unused fname parameter from filename_convert() commit 4860fc4951a7dbd80d8938f4dba49c42a12b4d00 Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 10:19:00 2009 -0700 s3: Fix RENAME_FLAG_RENAME path to stop calling unix_convert twice commit 78ce9dd471568773760292ea18478af51c11d71a Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 10:18:10 2009 -0700 s3: Remove unnecessary fname argument from callers of filename_convert commit 6b49f28592af5c998642bd5d5f76b77c79a22cd7 Author: Tim Prouty tpro...@samba.org Date: Tue Jul 21 09:29:59 2009 -0700 s3: Plumb smb_filename through map_open_params_to_ntcreate --- Summary of changes: source3/include/proto.h|6 +- source3/modules/vfs_default.c | 58 +++--- source3/rpc_server/srv_srvsvc_nt.c |6 +- source3/smbd/close.c |5 +- source3/smbd/file_access.c | 10 +-- source3/smbd/filename.c| 16 +-- source3/smbd/nttrans.c | 129 - source3/smbd/open.c| 10 +- source3/smbd/reply.c | 132 -- source3/smbd/smb2_create.c |3 +- source3/smbd/trans2.c | 223 +++- 11 files changed, 250 insertions(+), 348 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index c48cebc..77283d9 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6320,8 +6320,7 @@ NTSTATUS filename_convert(TALLOC_CTX *mem_ctx, connection_struct *conn, bool dfs_path, const char *name_in, - struct smb_filename **pp_smb_fname, - char **pp_name); + struct smb_filename **pp_smb_fname); /* The following definitions come from smbd/filename_utils.c */ @@ -6589,7 +6588,8 @@ NTSTATUS fcb_or_dos_open(struct smb_request *req, uint32 access_mask, uint32 share_access, uint32 create_options); -bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func, +bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname, +int deny_mode, int open_func, uint32 *paccess_mask, uint32 *pshare_mode, uint32 *pcreate_disposition, diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index d6a66b0..cdfd28c 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -218,27 +218,17 @@ static int vfswrap_open(vfs_handle_struct *handle, struct smb_filename *smb_fname, files_struct *fsp, int flags, mode_t mode) { - int result; - NTSTATUS status; - char *fname = NULL; + int result = -1; START_PROFILE(syscall_open); - /* -* XXX: Should an error be returned if there is a stream rather than -* trying to open a filename with a ':'? -*/ - status = get_full_smb_filename(talloc_tos(), smb_fname, - fname); - if (!NT_STATUS_IS_OK(status)) { - errno = map_errno_from_nt_status(status); - return -1; + if (smb_fname-stream_name) { + errno = ENOENT; + goto out
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-532-g04c3dfd
The branch, master has been updated via 04c3dfde0f0bc12daf0922a0fe578e3bde587fc8 (commit) from 93570491712bf42b5c8dba825e7d2a40e71c0378 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 04c3dfde0f0bc12daf0922a0fe578e3bde587fc8 Author: Tim Prouty tpro...@samba.org Date: Mon Jul 20 15:37:18 2009 -0700 lib util: Fix const warning --- Summary of changes: lib/util/genrand.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/genrand.c b/lib/util/genrand.c index c51f938..5b84565 100644 --- a/lib/util/genrand.c +++ b/lib/util/genrand.c @@ -294,7 +294,7 @@ _PUBLIC_ uint32_t generate_random(void) _PUBLIC_ bool check_password_quality(const char *s) { int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0; - char* reals = s; + const char* reals = s; while (*s) { if (isdigit((unsigned char)*s)) { has_digit |= 1; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-540-g8e04c69
The branch, master has been updated via 8e04c69e027260e7e1f0a4cf3e58e31ed4084d8b (commit) via f4530f6d2a0688e350c3c7be23f256ebceffa636 (commit) via 841efce8b5e931a7ec910afb7d0d8b6a123c6900 (commit) via 82c3f505fe2e50022b5102e6388dc3b830d235da (commit) via c9b8a017147211d86662f40dcf835b152ab90cf4 (commit) via 5a8d70d465f28ae02f4df7a3c2905e028c2e3142 (commit) via 635e5e7ff038378d28c52bd5f81d24db99a77a76 (commit) via 12a5db45e2814b6992210d8f30908ab3e8b6bc65 (commit) from 04c3dfde0f0bc12daf0922a0fe578e3bde587fc8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8e04c69e027260e7e1f0a4cf3e58e31ed4084d8b Author: Tim Prouty tpro...@samba.org Date: Mon Jul 20 14:32:32 2009 -0700 s3: Add some asserts to the filename util functions In the smb_filename struct stream_name must equal NULL if there is no stream name. These asserts should catch any future offenders of this invariant early. commit f4530f6d2a0688e350c3c7be23f256ebceffa636 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 10 15:43:21 2009 -0700 s3: Plumb smb_filename through open_fake_file commit 841efce8b5e931a7ec910afb7d0d8b6a123c6900 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 10 15:35:08 2009 -0700 s3: Separate out a new file: filename_utils.c This is to ease the linking pain of everything that links LOCKING_OBJ commit 82c3f505fe2e50022b5102e6388dc3b830d235da Author: Tim Prouty tpro...@samba.org Date: Fri Jul 10 15:10:35 2009 -0700 s3: Move is_ntfs_stream*() to filename.c commit c9b8a017147211d86662f40dcf835b152ab90cf4 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 10 18:11:32 2009 -0700 s3: Finish plumbing the fsp-fsp_name smb_fname conversion through the modules. commit 5a8d70d465f28ae02f4df7a3c2905e028c2e3142 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 10 14:50:37 2009 -0700 s3: Change fsp-fsp_name to be an smb_filename struct! commit 635e5e7ff038378d28c52bd5f81d24db99a77a76 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 10 11:50:30 2009 -0700 s3 onefs oplocks: Replace static fstring with talloc'd dbg_ctx() commit 12a5db45e2814b6992210d8f30908ab3e8b6bc65 Author: Tim Prouty tpro...@samba.org Date: Fri Jul 10 10:38:56 2009 -0700 s3: Change file_structs to be allocated with talloc instead of malloc --- Summary of changes: source3/Makefile.in| 14 +- source3/include/proto.h| 52 --- source3/include/smb.h |2 +- source3/locking/brlock.c |4 +- source3/locking/locking.c | 29 ++-- source3/locking/posix.c| 37 +++-- source3/modules/nfs4_acls.c| 34 ++-- source3/modules/onefs_acl.c| 51 +++--- source3/modules/onefs_open.c | 18 +- source3/modules/onefs_streams.c| 10 +- source3/modules/vfs_acl_tdb.c | 98 +-- source3/modules/vfs_acl_xattr.c| 60 --- source3/modules/vfs_afsacl.c | 35 +++-- source3/modules/vfs_aixacl2.c | 16 +- source3/modules/vfs_audit.c|4 +- source3/modules/vfs_cacheprime.c |2 +- source3/modules/vfs_default.c |4 +- source3/modules/vfs_extd_audit.c |8 +- source3/modules/vfs_full_audit.c | 93 ++- source3/modules/vfs_gpfs.c | 33 +++- source3/modules/vfs_hpuxacl.c | 20 ++- source3/modules/vfs_hpuxacl.h |2 +- source3/modules/vfs_shadow_copy2.c |4 +- source3/modules/vfs_smb_traffic_analyzer.c | 18 +- source3/modules/vfs_streams_xattr.c| 25 +-- source3/modules/vfs_tsmsm.c|6 +- source3/modules/vfs_zfsacl.c | 11 +- source3/printing/printfsp.c| 10 +- source3/smbd/aio.c | 28 ++-- source3/smbd/blocking.c| 15 +- source3/smbd/close.c | 163 --- source3/smbd/dosmode.c |2 +- source3/smbd/fake_file.c | 29 +++- source3/smbd/fileio.c | 57 +++ source3/smbd/filename.c| 195 -- source3/smbd/filename_util.c | 206 +++ source3/smbd/files.c | 89 +++--- source3/smbd/ipc.c |2 +- source3/smbd/notify.c |7 +- source3/smbd/nttrans.c | 44 ++ source3/smbd/open.c| 87 +-- source3/smbd/oplock.c | 24 ++- source3/smbd/oplock_irix.c