[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1d81e52 selftest: Add tests for expected behaviour on directories
as well as files
via a6a0155 pysmbd: Add SMB_ACL_EXECUTE to the mask set by
make_simple_acl()
via 312f8dd selftest: Make samba.tests.ntacl also use TestCaseInTempDir
via b4d8629 samba-tool: Rework ldap attribute fetch in classicupgrade
for missing attributes
from c06d602 s3:smbd: Fix typo in got_duplicate_group check
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1d81e52bba65f05378db7027537aa27eb5bfa70a
Author: Andrew Bartlett abart...@samba.org
Date: Sun Nov 11 21:33:41 2012 +1100
selftest: Add tests for expected behaviour on directories as well as files
This is important because it covers the codepath which had the talloc
error fixed by commit 60cf4cb5a630506747431ecbf00d890509baf2f3
(vfs_acl_common: In add_directory_inheritable_components allocate on
psd as parent)
Andrew Bartlett
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Sun Nov 11 15:48:10 CET 2012 on sn-devel-104
commit a6a01552efe69f6450425b001ad600ec056bd18c
Author: Andrew Bartlett abart...@samba.org
Date: Sun Nov 11 22:07:49 2012 +1100
pysmbd: Add SMB_ACL_EXECUTE to the mask set by make_simple_acl()
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 312f8ddae27f6fdf4f325edfa890a7b96cd348b8
Author: Andrew Bartlett abart...@samba.org
Date: Sun Nov 11 14:01:44 2012 +1100
selftest: Make samba.tests.ntacl also use TestCaseInTempDir
This follows on from the successful conversion of samba.tests.posixacl.
Andrew Bartlett
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit b4d8629f511005540cb1fbbbe9abfb278c064ba2
Author: Andrew Bartlett abart...@samba.org
Date: Sun Nov 11 11:35:02 2012 +1100
samba-tool: Rework ldap attribute fetch in classicupgrade for missing
attributes
Is is not required that these additional attributes be filled in, so
catch KeyError in both the nsswitch and ldap backend case.
We rework get_posix_attr_from_ldap_backend() so it raises KeyError
rather than trying to return None, and does not ignore other errors.
Andrew Bartlett
Tested-by: Chirana Gheorghita Eugeniu Theodor off...@adaptcom.ro
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
---
Summary of changes:
source3/smbd/pysmbd.c|2 +-
source4/scripting/python/samba/tests/ntacls.py | 68
source4/scripting/python/samba/tests/posixacl.py | 201 +-
source4/scripting/python/samba/upgrade.py| 41 +++--
4 files changed, 255 insertions(+), 57 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index ed3e23a..6a6a812 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -179,7 +179,7 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t
chmod_mode)
{
TALLOC_CTX *frame = talloc_stackframe();
- mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE;
+ mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE;
mode_t mode_user = (chmod_mode 0700) 6;
mode_t mode_group = (chmod_mode 070) 3;
diff --git a/source4/scripting/python/samba/tests/ntacls.py
b/source4/scripting/python/samba/tests/ntacls.py
index 8cdf613..aa9ef68 100644
--- a/source4/scripting/python/samba/tests/ntacls.py
+++ b/source4/scripting/python/samba/tests/ntacls.py
@@ -1,5 +1,6 @@
# Unix SMB/CIFS implementation. Tests for ntacls manipulation
# Copyright (C) Matthieu Patou m...@matws.net 2009-2010
+# Copyright (C) Andrew Bartlett 2012
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -20,70 +21,63 @@
from samba.ntacls import setntacl, getntacl, XattrBackendError
from samba.dcerpc import xattr, security
from samba.param import LoadParm
-from samba.tests import TestCase, TestSkipped
+from samba.tests import TestCaseInTempDir, TestSkipped
import random
import os
-class NtaclsTests(TestCase):
+class NtaclsTests(TestCaseInTempDir):
def test_setntacl(self):
-random.seed()
lp = LoadParm()
-path = os.environ['SELFTEST_PREFIX']
acl =
O:S-1-5-21-2212615479-2695158682-2101375467
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e0ab14f s4:dsdb/acl_read: make sure confidential attributes require
CONTROL_ACCESS (bug #8620)
via 21dfaef s4:dsdb/acl_read: fix whitespace formatting errors
via f6fa724 s4:dsdb/acl: only give administrators access to attributes
marked as confidential (bug #8620)
via ed8b275 s4:dsdb/acl: reorganize the logic flow in the password
filtering checks
via 54ad5c7 s4:dsdb/acl: fix search filter cleanup for password
attributes
via 94649e4 selftest: Avoid test cross-contamination in
samba.tests.posixacl
from 1d81e52 selftest: Add tests for expected behaviour on directories
as well as files
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e0ab14f52a52c8317473b4c4cd3cf50265e1f9e4
Author: Stefan Metzmacher me...@samba.org
Date: Fri Nov 9 17:23:53 2012 +0100
s4:dsdb/acl_read: make sure confidential attributes require CONTROL_ACCESS
(bug #8620)
Signed-off-by: Stefan Metzmacher me...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Mon Nov 12 01:25:21 CET 2012 on sn-devel-104
commit 21dfaefda0e22f7ddaac62bfd8b32e6fb9fc253d
Author: Stefan Metzmacher me...@samba.org
Date: Fri Nov 9 17:22:44 2012 +0100
s4:dsdb/acl_read: fix whitespace formatting errors
Signed-off-by: Stefan Metzmacher me...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit f6fa7243f81891cb7703264da526fd873a9745e4
Author: Stefan Metzmacher me...@samba.org
Date: Fri Nov 9 17:05:44 2012 +0100
s4:dsdb/acl: only give administrators access to attributes marked as
confidential (bug #8620)
The full fix will to implement and use the code of the read_acl module,
but this is better than nothing for now.
Signed-off-by: Stefan Metzmacher me...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit ed8b27516b212b59167bb932de949a7b54dc44cb
Author: Stefan Metzmacher me...@samba.org
Date: Fri Nov 9 11:23:47 2012 +0100
s4:dsdb/acl: reorganize the logic flow in the password filtering checks
This avoids some nesting levels and does early returns.
Signed-off-by: Stefan Metzmacher me...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 54ad5c70e3cc731c872913841cbcd2ef29ec0e54
Author: Stefan Metzmacher me...@samba.org
Date: Fri Nov 9 11:25:21 2012 +0100
s4:dsdb/acl: fix search filter cleanup for password attributes
We need to this when we're *not* system.
Signed-off-by: Stefan Metzmacher me...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 94649e46b4dec528ab7e750d06a65ada3d978342
Author: Andrew Bartlett abart...@samba.org
Date: Mon Nov 12 07:53:40 2012 +1100
selftest: Avoid test cross-contamination in samba.tests.posixacl
This creates a new xattr.tdb per unit test, which avoids once and for all
the issue of dev/inode reuse.
For test_setposixacl_dir_getntacl_smbd the file ownership also set
specifically.
Andrew Bartlett
Reviewed-by: Jelmer Vernooij jel...@samba.org
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/acl.c | 231 +++-
source4/dsdb/samdb/ldb_modules/acl_read.c| 256 +++---
source4/scripting/python/samba/tests/posixacl.py | 140 +---
3 files changed, 369 insertions(+), 258 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c
b/source4/dsdb/samdb/ldb_modules/acl.c
index 843d17e..1a41ee2 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -51,12 +51,19 @@ struct extended_access_check_attribute {
struct acl_private {
bool acl_perform;
const char **password_attrs;
+ void *cached_schema_ptr;
+ uint64_t cached_schema_metadata_usn;
+ uint64_t cached_schema_loaded_usn;
+ const char **confidential_attrs;
};
struct acl_context {
struct ldb_module *module;
struct ldb_request *req;
bool am_system;
+ bool am_administrator;
+ bool modify_search;
+ bool constructed_attrs;
bool allowedAttributes;
bool allowedAttributesEffective;
bool allowedChildClasses;
@@ -88,12 +95,11 @@ static int acl_module_init(struct ldb_module *module)
return ldb_operr(ldb);
}
- data = talloc(module, struct acl_private
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ab30a8b provision: Make dsacl2fsacl() take a security.dom_sid, not str via 0334515 provision: Also walk directories checking ACLs via ab5 wintest: Try harder to recover from apparent failure to dcpromo via 0b7bb77 selftest: check that samba-tool gpo works for basic operations via 26faa8f dsdb: Simplify DsCrackNameOneFilter a bit via ec3cbb6 wafsamba.abi: Fix abi_match with both excludes and includes. via d02c8ba wafsamba.samba_abi: Add basic unit tests. via 97102fa buildtools: Remove extra space from global: line via ea5ef95 wafsamba.samba_abi: Refactor abi_write_vscript to take file argument. from 3d93616 s3:smbd: pass the current time to make_connection[_smb1]() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ab30a8bf0fb9bd4ee3c907183132f3b9abb67c7a Author: Andrew Bartlett abart...@samba.org Date: Mon Nov 5 20:44:14 2012 +1100 provision: Make dsacl2fsacl() take a security.dom_sid, not str Reviewed-by: Jelmer Vernooij jel...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Nov 6 00:12:43 CET 2012 on sn-devel-104 commit 033451587db21d6e4b829e89a64f894a32682131 Author: Andrew Bartlett abart...@samba.org Date: Mon Nov 5 15:22:02 2012 +1100 provision: Also walk directories checking ACLs The directory walk was missed due to a cut-and-paste error. Andrew Bartlett Reviewed-by: Jelmer Vernooij jel...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit ab5cdc39b71c0f243ff1e660d1f35a4923e3 Author: Andrew Bartlett abart...@samba.org Date: Mon Nov 5 19:35:51 2012 +1100 wintest: Try harder to recover from apparent failure to dcpromo Reviewed-by: Jelmer Vernooij jel...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit 0b7bb774ce836722d219d6e466a76b12c1a03de3 Author: Andrew Bartlett abart...@samba.org Date: Mon Nov 5 12:57:17 2012 +1100 selftest: check that samba-tool gpo works for basic operations Reviewed-by: Jelmer Vernooij jel...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org commit 26faa8fe3a42f9d1278d81773c8808b05fcd76f8 Author: Volker Lendecke v...@samba.org Date: Sat Nov 3 09:36:29 2012 +0100 dsdb: Simplify DsCrackNameOneFilter a bit For me else branches clutter my flow reading code. If we do a hard return at the end of an if branch, else is not required. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit ec3cbb6c476698523c9b5ac047787df101746891 Author: Jelmer Vernooij jel...@samba.org Date: Mon Nov 5 19:36:30 2012 +0100 wafsamba.abi: Fix abi_match with both excludes and includes. This fixes a regression introduced by 9c3e294400234ebdf9b98031bae583524fd0b0ac which caused internal symbols in libldb to be exposed. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9357 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stephen Gallagher sgall...@redhat.com commit d02c8ba122cef7d8b254e5be3ae757eb3bb14235 Author: Jelmer Vernooij jel...@samba.org Date: Mon Nov 5 19:36:29 2012 +0100 wafsamba.samba_abi: Add basic unit tests. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stephen Gallagher sgall...@redhat.com commit 97102fa9963ba88f4ab72165a02071990031a73b Author: Andrew Bartlett abart...@samba.org Date: Tue Nov 6 07:48:52 2012 +1100 buildtools: Remove extra space from global: line This makes it easier to put the expected values in a file as we will not have trailing whitespace that is against git style. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Jelmer Vernooij jel...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit ea5ef95fbebe28cca11f86a9015aab77522f5e18 Author: Jelmer Vernooij jel...@samba.org Date: Mon Nov 5 19:36:28 2012 +0100 wafsamba.samba_abi: Refactor abi_write_vscript to take file argument. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stephen Gallagher sgall...@redhat.com --- Summary of changes: buildtools/wafsamba/samba_abi.py | 32 + buildtools/wafsamba/tests/test_abi.py | 67 selftest/target/Samba4.pm |2 +- source4/dsdb/samdb/cracknames.c|5 +- source4/scripting/python/samba/netcmd
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6073d21 ldb_secrets_tdb_sync: Add dependency on gssapi.
via ed63300 dsdb: Rename _res argument to _result.
from ab30a8b provision: Make dsacl2fsacl() take a security.dom_sid, not
str
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6073d214aa8bfeff8dae8cf151357f890dd37a48
Author: Jelmer Vernooij jel...@samba.org
Date: Tue Nov 6 01:25:00 2012 +0100
ldb_secrets_tdb_sync: Add dependency on gssapi.
This is required when building with the system heimdal, as
gssapi/gssapi_spnego.h is included.
Reviewed-by: Andrew Bartlett abart...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Nov 6 05:12:28 CET 2012 on sn-devel-104
commit ed6330094b47408f33c2d933e9c80b079dd891d6
Author: Jelmer Vernooij jel...@samba.org
Date: Tue Nov 6 01:24:59 2012 +0100
dsdb: Rename _res argument to _result.
Newer versions of heimdal include a macro that is unfortunately named
'_res'. This change prevents the clash.
Reviewed-by: Andrew Bartlett abart...@samba.org
Signed-off-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
source4/dsdb/common/util.c | 12 ++--
.../dsdb/samdb/ldb_modules/wscript_build_server|2 +-
2 files changed, 7 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 086f2a5..632d5bf 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -3845,7 +3845,7 @@ int dsdb_replace(struct ldb_context *ldb, struct
ldb_message *msg, uint32_t dsdb
*/
int dsdb_search_dn(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- struct ldb_result **_res,
+ struct ldb_result **_result,
struct ldb_dn *basedn,
const char * const *attrs,
uint32_t dsdb_flags)
@@ -3890,7 +3890,7 @@ int dsdb_search_dn(struct ldb_context *ldb,
return ret;
}
- *_res = res;
+ *_result = res;
return LDB_SUCCESS;
}
@@ -3900,7 +3900,7 @@ int dsdb_search_dn(struct ldb_context *ldb,
*/
int dsdb_search_by_dn_guid(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- struct ldb_result **_res,
+ struct ldb_result **_result,
const struct GUID *guid,
const char * const *attrs,
uint32_t dsdb_flags)
@@ -3915,7 +3915,7 @@ int dsdb_search_by_dn_guid(struct ldb_context *ldb,
return ldb_oom(ldb);
}
- ret = dsdb_search_dn(ldb, mem_ctx, _res, dn, attrs, dsdb_flags);
+ ret = dsdb_search_dn(ldb, mem_ctx, _result, dn, attrs, dsdb_flags);
talloc_free(tmp_ctx);
return ret;
}
@@ -3925,7 +3925,7 @@ int dsdb_search_by_dn_guid(struct ldb_context *ldb,
*/
int dsdb_search(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- struct ldb_result **_res,
+ struct ldb_result **_result,
struct ldb_dn *basedn,
enum ldb_scope scope,
const char * const *attrs,
@@ -4003,7 +4003,7 @@ int dsdb_search(struct ldb_context *ldb,
}
}
- *_res = talloc_steal(mem_ctx, res);
+ *_result = talloc_steal(mem_ctx, res);
talloc_free(tmp_ctx);
return LDB_SUCCESS;
diff --git a/source4/dsdb/samdb/ldb_modules/wscript_build_server
b/source4/dsdb/samdb/ldb_modules/wscript_build_server
index 5d09c40..c23ad16 100755
--- a/source4/dsdb/samdb/ldb_modules/wscript_build_server
+++ b/source4/dsdb/samdb/ldb_modules/wscript_build_server
@@ -205,7 +205,7 @@ bld.SAMBA_MODULE('ldb_secrets_tdb_sync',
init_function='ldb_secrets_tdb_sync_module_init',
module_init_name='ldb_init_module',
internal_module=False,
- deps='talloc secrets3 DSDB_MODULE_HELPERS dbwrap'
+ deps='talloc secrets3 DSDB_MODULE_HELPERS dbwrap gssapi'
)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c452efe selftest: Add skip for DIR1 test which loops on 64 bit ext4 from 1f55865 s4-dns: Fix format string vulnerability in an error message (bug #9354) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c452efe977753a44807dd12a1b2ff8ce1387bfa6 Author: Andrew Bartlett abart...@samba.org Date: Sat Nov 3 09:57:40 2012 +1100 selftest: Add skip for DIR1 test which loops on 64 bit ext4 Reviewed-by: Jelmer Vernooij jel...@samba.org Signed-off-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Mon Nov 5 00:34:56 CET 2012 on sn-devel-104 --- Summary of changes: selftest/skip |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/skip b/selftest/skip index 171eee0..66bb85c 100644 --- a/selftest/skip +++ b/selftest/skip @@ -33,6 +33,7 @@ ^samba3.smbtorture_s3.*.utable ^samba3.smbtorture_s3.*.pipe_number ^samba3.smbtorture_s3.LOCAL-DBTRANS #hangs for some reason +^samba3.smbtorture_s3.*.DIR1 #loops on 64 bit linux with ext4 ^samba3.*base.charset ^samba3.*raw.context ^samba3.*raw.ioctl -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 71e1c08 libads: Always free the talloc_stackframe() on error path
from c452efe selftest: Add skip for DIR1 test which loops on 64 bit ext4
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 71e1c080cbd033b3118952c2da05186252fc411a
Author: Andrew Bartlett abart...@samba.org
Date: Mon Nov 5 09:46:49 2012 +1100
libads: Always free the talloc_stackframe() on error path
Reviewed-by: Michael Adam ob...@samba.org
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Mon Nov 5 03:33:32 CET 2012 on sn-devel-104
---
Summary of changes:
source3/libads/kerberos.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 3183e26..50a409c 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -701,6 +701,7 @@ static char *get_kdc_ip_string(char *mem_ctx,
char *kdc_str = print_kdc_line(mem_ctx, , pss, kdc_name);
if (kdc_str == NULL) {
+ TALLOC_FREE(frame);
return NULL;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a71ad96 ldb: Add ldbdump, based on tdbdump via 4b2f3c6 ldb: Remove no-longer-existing ltdb_unpack_data_free from ldb_tdb.h via cc6d0de ldb: Change ltdb_unpack_data to take an ldb_context via 42c379f samba-tool: Add samba-tool processes subcommand via a732f2a pymessaging: Add irpc_servers_byname() and irpc_all_servers() via 76b7348 pymessaging: Use the server_id IDL structure rather than a tuple via 3b4ef03 imessaging: Add irpc_all_servers() to list all available servers from 39e58d6 s3fs-utils: Free the popt context in smbcacls and smbquotas. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a71ad96bd046f1199e67b4fe8fc7783cbd8dd771 Author: Andrew Bartlett abart...@samba.org Date: Tue Oct 30 15:41:27 2012 +1100 ldb: Add ldbdump, based on tdbdump This uses a tdb_traverse or (more usefully) the tdb_rescue API, like tdbdump. The difference here is that it uses ldb helper functions to further eliminate faulty records, which avoids creating duplicates in the output. (The duplicates come from parts of records that are left in blank space in the db, which tdb_rescue finds, but which are not actually a full record). Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Oct 30 23:56:11 CET 2012 on sn-devel-104 commit 4b2f3c6dec997b0dd4bcafeae662a71ebd34e12b Author: Andrew Bartlett abart...@samba.org Date: Tue Oct 30 10:22:28 2012 +1100 ldb: Remove no-longer-existing ltdb_unpack_data_free from ldb_tdb.h commit cc6d0decc7980028293168aee267e7610752fc80 Author: Andrew Bartlett abart...@samba.org Date: Tue Oct 30 10:21:42 2012 +1100 ldb: Change ltdb_unpack_data to take an ldb_context It always de-references the module to find the ldb anyway. Andrew Bartlett commit 42c379f0dfdeb36598bb2636aa2b6e3ca4410930 Author: Andrew Bartlett abart...@samba.org Date: Mon Oct 29 15:36:36 2012 +1100 samba-tool: Add samba-tool processes subcommand This will allow administrators to inspect the process list in a similar way to what running on a platform with setproctitle might permit. --pid= returns the registered server names for a PID (eg kdc, cldap_server) --name= returns the pids registered with a particular name. Andrew Bartlett commit a732f2a621665923322422c5a3d788c9d1aa8df9 Author: Andrew Bartlett abart...@samba.org Date: Mon Oct 29 15:34:41 2012 +1100 pymessaging: Add irpc_servers_byname() and irpc_all_servers() This will allow python scripts to inspect the process list. Andrew Bartlett commit 76b7348299870279acec5b7c9f02f4e4b2461703 Author: Andrew Bartlett abart...@samba.org Date: Mon Oct 29 15:33:59 2012 +1100 pymessaging: Use the server_id IDL structure rather than a tuple This will make it easier to pass this structure in and out. The tuple is still accepted as input. Andrew Bartlett commit 3b4ef03097293f758d8f11cbe434063ed1dc6b91 Author: Andrew Bartlett abart...@samba.org Date: Mon Oct 29 15:32:21 2012 +1100 imessaging: Add irpc_all_servers() to list all available servers This is implemented with a tdb_traverse_read(), and will allow a tool to disover the name and server_id of all Samba processes, as each process registers itself to recieve messages. Andrew Bartlett --- Summary of changes: lib/ldb/ldb_tdb/ldb_index.c|2 +- lib/ldb/ldb_tdb/ldb_pack.c |4 +- lib/ldb/ldb_tdb/ldb_search.c |6 +- lib/ldb/ldb_tdb/ldb_tdb.c |2 +- lib/ldb/ldb_tdb/ldb_tdb.h |4 +- lib/ldb/tools/ldbdump.c| 219 lib/ldb/wscript|4 + librpc/wscript_build |5 + source4/lib/messaging/irpc.h |2 + source4/lib/messaging/messaging.c | 71 +++ source4/lib/messaging/pymessaging.c| 124 +++- source4/librpc/idl/irpc.idl| 13 +- source4/librpc/wscript_build |6 + source4/scripting/python/samba/netcmd/main.py |2 + source4/scripting/python/samba/netcmd/processes.py | 78 +++ source4/scripting/python/samba/tests/messaging.py | 13 +- .../python/samba/tests/samba_tool/processes.py | 35 +++ source4/selftest/tests.py |1 + 18 files changed, 572 insertions(+), 19 deletions(-) create mode 100644 lib/ldb/tools/ldbdump.c create mode 100644 source4/scripting/python/samba/netcmd
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via cb50e85 vfstest: set umask(0) in vfstest
via e146fe5 pysmbd: Set umask to 0 during smbd operations
via 728e56b pysmbd: Remember to close files after setting the NT ACL
via e107c6a pysmbd: Add hook for unlink() so python scripts can remove
xattr.tdb entries
from 52ace67 s3:smbd:durable: factor stat checks out into
vfs_default_durable_reconnect_check_stat()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit cb50e85a5a054eeb59bf4c27c886679285732548
Author: Andrew Bartlett abart...@samba.org
Date: Fri Oct 26 14:23:39 2012 +1100
vfstest: set umask(0) in vfstest
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Oct 26 10:07:03 CEST 2012 on sn-devel-104
commit e146fe5ef96c1522175a8e81db15d1e8879e5652
Author: Andrew Bartlett abart...@samba.org
Date: Fri Oct 26 14:22:07 2012 +1100
pysmbd: Set umask to 0 during smbd operations
commit 728e56b4636b668aaac60ec557d6fe16b530a6f9
Author: Andrew Bartlett abart...@samba.org
Date: Fri Oct 26 10:07:02 2012 +1100
pysmbd: Remember to close files after setting the NT ACL
commit e107c6ace73ac40894fdd66860cfeae9115d5cd9
Author: Andrew Bartlett abart...@samba.org
Date: Fri Oct 26 17:25:53 2012 +1100
pysmbd: Add hook for unlink() so python scripts can remove xattr.tdb entries
If we do not provide a way to remove files from xattr.tdb, we can re-use
the inode.
Andrew Bartlett
---
Summary of changes:
source3/smbd/pysmbd.c| 110 -
source3/torture/vfstest.c|5 +
source4/scripting/python/samba/tests/posixacl.py | 40
3 files changed, 129 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 5e2daa1..5e8691a 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -43,6 +43,7 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
connection_struct *conn;
NTSTATUS status = NT_STATUS_OK;
int ret;
+ mode_t saved_umask;
conn = talloc_zero(NULL, connection_struct);
if (conn == NULL) {
@@ -56,6 +57,10 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
return NT_STATUS_NO_MEMORY;
}
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
conn-params-service = -1;
set_conn_connectpath(conn, /);
@@ -69,6 +74,8 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
returned zero.\n));
}
+ umask(saved_umask);
+
conn_free(conn);
return status;
@@ -83,9 +90,16 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
files_struct *fsp;
struct smb_filename *smb_fname = NULL;
int flags;
+ mode_t saved_umask;
+
+ if (!posix_locking_init(false)) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
conn = talloc_zero(frame, connection_struct);
if (conn == NULL) {
+ TALLOC_FREE(frame);
DEBUG(0, (talloc failed\n));
return NT_STATUS_NO_MEMORY;
}
@@ -96,12 +110,6 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
return NT_STATUS_NO_MEMORY;
}
- conn-params-service = -1;
-
- set_conn_connectpath(conn, /);
-
- smbd_vfs_init(conn);
-
fsp = talloc_zero(frame, struct files_struct);
if (fsp == NULL) {
TALLOC_FREE(frame);
@@ -114,10 +122,21 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
}
fsp-conn = conn;
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
+ conn-params-service = -1;
+
+ set_conn_connectpath(conn, /);
+
+ smbd_vfs_init(conn);
+
status = create_synthetic_smb_fname_split(fsp, fname, NULL,
smb_fname);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame);
+ umask(saved_umask);
return status;
}
@@ -137,6 +156,7 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
if (fsp-fh-fd == -1) {
printf(open: error=%d (%s)\n, errno, strerror(errno));
TALLOC_FREE(frame);
+ umask(saved_umask);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -145,9 +165,12 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
DEBUG(0,(set_nt_acl_no_snum: fset_nt_acl returned %s.\n,
nt_errstr(status
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3180a10 sefltest: use TestCaseInTempDir and setUp/tearDown for
posixacl.py temp file
via 7e90a06 provision: Fix comments in checksysvolacl
from ec0f51b pam_winbind: fix segfault in pam_sm_authenticate()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3180a1082a79698a69f6721282cb8c45900f884c
Author: Andrew Bartlett abart...@samba.org
Date: Sat Oct 27 10:59:43 2012 +1100
sefltest: use TestCaseInTempDir and setUp/tearDown for posixacl.py temp file
This manages the temp file more reliably, and reduces the repeated
code in each test case.
Pair-Programmed-With: Jelmer Vernooij jel...@samba.org
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Sat Oct 27 04:37:58 CEST 2012 on sn-devel-104
commit 7e90a064437790789726d701ada5de9503816281
Author: Andrew Bartlett abart...@samba.org
Date: Sat Oct 27 09:20:52 2012 +1100
provision: Fix comments in checksysvolacl
---
Summary of changes:
.../scripting/python/samba/provision/__init__.py |3 +-
source4/scripting/python/samba/tests/posixacl.py | 232 ++--
2 files changed, 64 insertions(+), 171 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/provision/__init__.py
b/source4/scripting/python/samba/provision/__init__.py
index f6c11b5..b385556 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -1559,8 +1559,9 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid,
dnsdomain, domaindn,
if domain_info[dns_domain].upper() != dnsdomain.upper():
raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not
match Realm as seen by the provision script [%s]!' %
(domain_info[dns_domain].upper(), dnsdomain.upper()))
-# Set the SYSVOL_ACL on the sysvol folder and subfolder (first level)
+# Ensure we can read this directly, and via the smbd VFS
for direct_db_access in [True, False]:
+# Check the SYSVOL_ACL on the sysvol folder and subfolder (first level)
for dir_path in [os.path.join(sysvol, dnsdomain), netlogon]:
fsacl = getntacl(lp, dir_path, direct_db_access=direct_db_access)
if fsacl is None:
diff --git a/source4/scripting/python/samba/tests/posixacl.py
b/source4/scripting/python/samba/tests/posixacl.py
index 2450470..5e10f8d 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -21,7 +21,7 @@
from samba.ntacls import setntacl, getntacl, checkset_backend
from samba.dcerpc import xattr, security, smb_acl, idmap
from samba.param import LoadParm
-from samba.tests import TestCase
+from samba.tests import TestCaseInTempDir
from samba import provision
import random
import os
@@ -35,224 +35,148 @@ from samba.samba3 import param as s3param
#print uid: %d % entry.uid
#print gid: %d % entry.gid
-class PosixAclMappingTests(TestCase):
+class PosixAclMappingTests(TestCaseInTempDir):
def test_setntacl(self):
-random.seed()
lp = LoadParm()
-path = os.environ['SELFTEST_PREFIX']
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
-tempf = os.path.join(path,pytests+str(int(10*random.random(
-open(tempf, 'w').write(empty)
-setntacl(lp, tempf, acl, S-1-5-21-2212615479-2695158682-2101375467,
use_ntvfs=False)
-smbd.unlink(tempf)
+setntacl(lp, self.tempf, acl,
S-1-5-21-2212615479-2695158682-2101375467, use_ntvfs=False)
def test_setntacl_smbd_getntacl(self):
-random.seed()
lp = LoadParm()
-path = None
-path = os.environ['SELFTEST_PREFIX']
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
-tempf = os.path.join(path,pytests+str(int(10*random.random(
-open(tempf, 'w').write(empty)
-setntacl(lp,tempf,acl,S-1-5-21-2212615479-2695158682-2101375467,
use_ntvfs=True)
-facl = getntacl(lp,tempf, direct_db_access=True)
+
setntacl(lp,self.tempf,acl,S-1-5-21-2212615479-2695158682-2101375467,
use_ntvfs=True)
+facl = getntacl(lp,self.tempf, direct_db_access=True)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
-smbd.unlink(tempf)
def test_setntacl_smbd_setposixacl_getntacl(self):
-random.seed()
lp = LoadParm()
-path = None
-path = os.environ
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e9b6b23 selftest: Add many more tests for our posix ACL handling via 3cdd888 pysmbd: Fix pysmbd octal mode handling from 9dbb645 dsdb-cracknames: Return DRSUAPI_DS_NAME_STATUS_NO_MAPPING when there is no SID http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e9b6b23fbdafff700ceb788dbff2ba69584ff833 Author: Andrew Bartlett abart...@samba.org Date: Thu Oct 25 16:27:19 2012 +1100 selftest: Add many more tests for our posix ACL handling This tests the mapping of posix ACLs to NT ACLs, the invalidation of NT ACLs stored as an xattr and ensures this security-critical code continues to work in the long term. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Thu Oct 25 10:05:16 CEST 2012 on sn-devel-104 commit 3cdd888093e57a8cfc29d82ea47c8887a50e73a4 Author: Andrew Bartlett abart...@samba.org Date: Thu Oct 25 16:25:22 2012 +1100 pysmbd: Fix pysmbd octal mode handling It is clearly too long since Computer Science 101... ;-) Andrew Bartlett --- Summary of changes: source3/smbd/pysmbd.c|4 +- source4/scripting/python/samba/tests/posixacl.py | 237 +- 2 files changed, 238 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c index 66aba21..5e2daa1 100644 --- a/source3/smbd/pysmbd.c +++ b/source3/smbd/pysmbd.c @@ -158,8 +158,8 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode) mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE; - mode_t mode_user = (chmod_mode 0700) 16; - mode_t mode_group = (chmod_mode 070) 8; + mode_t mode_user = (chmod_mode 0700) 6; + mode_t mode_group = (chmod_mode 070) 3; mode_t mode_other = chmod_mode 07; SMB_ACL_ENTRY_T entry; SMB_ACL_T acl = sys_acl_init(frame); diff --git a/source4/scripting/python/samba/tests/posixacl.py b/source4/scripting/python/samba/tests/posixacl.py index 78a07f7..449a87c 100644 --- a/source4/scripting/python/samba/tests/posixacl.py +++ b/source4/scripting/python/samba/tests/posixacl.py @@ -18,7 +18,7 @@ Tests for the Samba3 NT - posix ACL layer -from samba.ntacls import setntacl, getntacl +from samba.ntacls import setntacl, getntacl, checkset_backend from samba.dcerpc import xattr, security, smb_acl, idmap from samba.param import LoadParm from samba.tests import TestCase @@ -61,6 +61,70 @@ class PosixAclMappingTests(TestCase): self.assertEquals(facl.as_sddl(anysid),acl) os.unlink(tempf) +def test_setntacl_smbd_setposixacl_getntacl(self): +random.seed() +lp = LoadParm() +path = None +path = os.environ['SELFTEST_PREFIX'] +acl = O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512) +tempf = os.path.join(path,pytests+str(int(10*random.random( +open(tempf, 'w').write(empty) +setntacl(lp,tempf,acl,S-1-5-21-2212615479-2695158682-2101375467, use_ntvfs=True) + +# This will invalidate the ACL, as we have a hook! +smbd.set_simple_acl(tempf, 0640) + +# However, this only asks the xattr +try: +facl = getntacl(lp,tempf, direct_db_access=True) +self.assertTrue(False) +except TypeError: +pass +os.unlink(tempf) + +def test_setntacl_smbd_chmod_getntacl(self): +random.seed() +lp = LoadParm() +path = None +path = os.environ['SELFTEST_PREFIX'] +acl = O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512) +tempf = os.path.join(path,pytests+str(int(10*random.random( +open(tempf, 'w').write(empty) +setntacl(lp,tempf,acl,S-1-5-21-2212615479-2695158682-2101375467, use_ntvfs=True) + +# This should invalidate the ACL, as we include the posix ACL in the hash +(backend_obj, dbname) = checkset_backend(lp, None, None) +backend_obj.wrap_setxattr(dbname, + tempf, system.fake_access_acl, ) + +#however, as this is direct DB access, we do not notice it +facl = getntacl(lp,tempf, direct_db_access=True) +anysid = security.dom_sid(security.SID_NT_SELF) +self.assertEquals(acl, facl.as_sddl(anysid)) +os.unlink(tempf) + +def test_setntacl_smbd_chmod_getntacl_smbd(self): +random.seed() +lp = LoadParm() +path = None +path = os.environ['SELFTEST_PREFIX'] +acl
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a2d5326 python-ntacls: Cope with ACL revision 4
via f8e6bb4 dbwrap: use talloc_stackframe() in db_tdb_log_key()
via 1008f6f selftest: Always unlink the tempf in posixacl test
via 117d5f4 selftest: Cover the important non-Samba invalidation of the
NT ACL
via 53244c9 selftest: Cover one more NT ACL invalidation case and
improve comments
from e9b6b23 selftest: Add many more tests for our posix ACL handling
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a2d53262e835b0c74282d389b1dd6dad2395f0f1
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 24 18:24:12 2012 +1100
python-ntacls: Cope with ACL revision 4
This is the new revision with the hash of the posix or system ACL.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Oct 25 15:04:39 CEST 2012 on sn-devel-104
commit f8e6bb46c005e82d5a8646e691de9282828005cc
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 24 18:23:04 2012 +1100
dbwrap: use talloc_stackframe() in db_tdb_log_key()
We can not be sure that there is already a talloc_stackframe() in place
so we must create one.
Andrew Bartlett
commit 1008f6fbf49d5b797c7d968ea7ffdcb29d623644
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 25 20:18:28 2012 +1100
selftest: Always unlink the tempf in posixacl test
commit 117d5f4c372c02d69106df45e12ac69d1c047f50
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 25 20:17:55 2012 +1100
selftest: Cover the important non-Samba invalidation of the NT ACL
This covers the case where we have a valid hash of the posix ACL (or the NT
ACL from the
POSIX ACL) and we notice it no longer matches.
Andrew Bartlett
commit 53244c915113cef87692756e9ad545ff75074df0
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 25 19:58:15 2012 +1100
selftest: Cover one more NT ACL invalidation case and improve comments
This tries to show the difference between the cases where we trap
the POSIX ACL change and where we actually detect an OS-level change.
Andrew Bartlett
---
Summary of changes:
lib/dbwrap/dbwrap_tdb.c |7 ++--
source4/scripting/python/samba/ntacls.py |2 +
source4/scripting/python/samba/tests/posixacl.py | 41 +
3 files changed, 39 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/dbwrap/dbwrap_tdb.c b/lib/dbwrap/dbwrap_tdb.c
index 80d41b4..a3a6c87 100644
--- a/lib/dbwrap/dbwrap_tdb.c
+++ b/lib/dbwrap/dbwrap_tdb.c
@@ -42,10 +42,11 @@ static void db_tdb_log_key(const char *prefix, TDB_DATA key)
{
size_t len;
char *keystr;
-
+ TALLOC_CTX *frame;
if (DEBUGLEVEL 10) {
return;
}
+ frame = talloc_stackframe();
len = key.dsize;
if (DEBUGLEVEL == 10) {
/*
@@ -53,10 +54,10 @@ static void db_tdb_log_key(const char *prefix, TDB_DATA key)
*/
len = MIN(10, key.dsize);
}
- keystr = hex_encode_talloc(talloc_tos(), (unsigned char *)(key.dptr),
+ keystr = hex_encode_talloc(frame, (unsigned char *)(key.dptr),
len);
DEBUG(10, (%s key %s\n, prefix, keystr));
- TALLOC_FREE(keystr);
+ TALLOC_FREE(frame);
}
static int db_tdb_record_destr(struct db_record* data)
diff --git a/source4/scripting/python/samba/ntacls.py
b/source4/scripting/python/samba/ntacls.py
index 44cbbe9..f304047 100644
--- a/source4/scripting/python/samba/ntacls.py
+++ b/source4/scripting/python/samba/ntacls.py
@@ -78,6 +78,8 @@ def getntacl(lp, file, backend=None, eadbfile=None,
direct_db_access=True):
return ntacl.info.sd
elif ntacl.version == 3:
return ntacl.info.sd
+elif ntacl.version == 4:
+return ntacl.info.sd
else:
return smbd.get_nt_acl(file, security.SECINFO_OWNER |
security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL)
diff --git a/source4/scripting/python/samba/tests/posixacl.py
b/source4/scripting/python/samba/tests/posixacl.py
index 449a87c..482b48b 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -82,7 +82,7 @@ class PosixAclMappingTests(TestCase):
pass
os.unlink(tempf)
-def test_setntacl_smbd_chmod_getntacl(self):
+def test_setntacl_invalidate_getntacl(self):
random.seed()
lp = LoadParm()
path = None
@@ -103,25 +103,47 @@ class PosixAclMappingTests(TestCase):
self.assertEquals(acl, facl.as_sddl(anysid))
os.unlink(tempf
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9dbb645 dsdb-cracknames: Return DRSUAPI_DS_NAME_STATUS_NO_MAPPING
when there is no SID
from a9a3841 s4:dns_server: fix formatting difference compared to
v4-0-test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9dbb64563c35003311d3f3d47e6c4ef0f546ffab
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 24 16:41:52 2012 +1100
dsdb-cracknames: Return DRSUAPI_DS_NAME_STATUS_NO_MAPPING when there is no
SID
If there is no SID for an object being mapped, then there is no NT4 name.
We need to return DRSUAPI_DS_NAME_STATUS_NO_MAPPING rather than
error out with anything other than WERR_OK as the return value.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Oct 25 04:43:25 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/dsdb/samdb/cracknames.c | 10 +++---
1 files changed, 7 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 6ad8026..8b52aa3 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -1067,9 +1067,13 @@ static WERROR DsCrackNameOneFilter(struct ldb_context
*sam_ctx, TALLOC_CTX *mem_
const struct dom_sid *sid = samdb_result_dom_sid(mem_ctx,
result, objectSid);
const char *_acc = , *_dom = ;
-
- if (samdb_find_attribute(sam_ctx, result, objectClass,
domain)) {
-
+ if (sid == NULL) {
+ info1-status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING;
+ return WERR_OK;
+ } else if (samdb_find_attribute(sam_ctx, result, objectClass,
domain)) {
+ /* This can also find a DomainDNSZones entry,
+* but it won't have the SID we just
+* checked. */
ldb_ret = ldb_search(sam_ctx, mem_ctx, domain_res,
partitions_basedn,
LDB_SCOPE_ONELEVEL,
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7138b21 build: Add #define FREEBSD on FreeBSD
via 6d73fd0 lib/replace: Fix configure on FreeBSD: define_ret is not
correct here
via 80f42df lib/replace: Fix detection of prctl
via debb2b2 lib/replace: Fix detection of rpcsrv/yp_prot.h on FreeBSD
via 60a06ff vfs: Fix compilation of ACL support on solaris
from bd099c4 waf: Create a libnss_wins.so symlink.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7138b2138ba1f67386c6aa1e1c5ef49fde07cc41
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 23 17:53:58 2012 +1100
build: Add #define FREEBSD on FreeBSD
This makes waf match autoconf
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Oct 23 11:11:44 CEST 2012 on sn-devel-104
commit 6d73fd07f94ae23f3eacaab3b220ffca201b1300
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 23 17:31:03 2012 +1100
lib/replace: Fix configure on FreeBSD: define_ret is not correct here
define_ret is for when the output of the compiled and run program
should be put into the configure define. This is not the case
here.
Andrew Bartlett
commit 80f42df4ec9194ff00aeeb3c2cf6acfa1f2ab5c3
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 23 17:14:55 2012 +1100
lib/replace: Fix detection of prctl
commit debb2b2b9e9a495b0f9f31753ac5e75e4b2d5364
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 23 17:14:43 2012 +1100
lib/replace: Fix detection of rpcsrv/yp_prot.h on FreeBSD
commit 60a06ff09cb62d4102a89194ce8fef5c4c5a2f16
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 23 16:13:28 2012 +1100
vfs: Fix compilation of ACL support on solaris
---
Summary of changes:
lib/replace/wscript |6 --
source3/modules/vfs_solarisacl.h |6 --
source3/wscript |9 +
3 files changed, 17 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 732c664..c21a8f8 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -89,7 +89,10 @@ struct foo bar = { .y = 'X', .x = 1 };
conf.CHECK_HEADERS('rpcsvc/nis.h rpcsvc/ypclnt.h sys/prctl.h sys/sysctl.h')
conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h
sys/sysmacros.h')
-conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h rpcsvc/yp_prot.h')
+conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h')
+
+conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h',
define='HAVE_RPCSVC_YP_PROT_H')
+
conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
@@ -227,7 +230,6 @@ struct foo bar = { .y = 'X', .x = 1 };
msg=Checking correct behavior of strtoll,
headers = 'errno.h',
execute = True,
-define_ret = True,
define = 'HAVE_BSD_STRTOLL',
)
conf.CHECK_FUNCS('if_nametoindex strerror_r')
diff --git a/source3/modules/vfs_solarisacl.h b/source3/modules/vfs_solarisacl.h
index 84c2cb7..20f1051 100644
--- a/source3/modules/vfs_solarisacl.h
+++ b/source3/modules/vfs_solarisacl.h
@@ -22,10 +22,12 @@
SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle,
const char *path_p,
- SMB_ACL_TYPE_T type);
+ SMB_ACL_TYPE_T type,
+ TALLOC_CTX *mem_ctx);
SMB_ACL_T solarisacl_sys_acl_get_fd(vfs_handle_struct *handle,
- files_struct *fsp);
+ files_struct *fsp,
+ TALLOC_CTX *mem_ctx);
int solarisacl_sys_acl_set_file(vfs_handle_struct *handle,
const char *name,
diff --git a/source3/wscript b/source3/wscript
index 92575c8..f049700 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -266,6 +266,14 @@ __sys_llseek syslog _telldir __telldir textdomain timegm
utimensat vsyslog _write __write __xstat
''')
+conf.CHECK_CODE('''
+#ifdef HAVE_SYS_PRCTL_H
+#include sys/prctl.h
+#endif
+int i; i = prtcl(0);
+''',
+'HAVE_PRCTL', link=False)
+
conf.CHECK_SAMBA3_CHARSET() # see build/charset.py
# FIXME: these should be tests for features, but the old build system just
@@ -289,6 +297,7 @@ utimensat vsyslog _write __write __xstat
conf.ADD_CFLAGS('-fno-common')
conf.DEFINE('STAT_ST_BLOCKSIZE', '512')
elif (host_os.rfind('freebsd') -1):
+conf.DEFINE
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d2aa785 lib/tsocket: fix loop in tdgram_bsd_recvfrom() (bug #9184)
from 7138b21 build: Add #define FREEBSD on FreeBSD
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d2aa785290a283e06624f22a381a7ea02baae5ad
Author: Stefan Metzmacher me...@samba.org
Date: Tue Oct 2 12:20:26 2012 +0200
lib/tsocket: fix loop in tdgram_bsd_recvfrom() (bug #9184)
If the socket is not readable yet, we need to retry
if tsocket_bsd_pending() returns 0.
See also
https://lists.samba.org/archive/samba-technical/2012-October/087164.html
metze
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Oct 23 14:44:21 CEST 2012 on sn-devel-104
---
Summary of changes:
lib/tsocket/tsocket_bsd.c | 10 +-
1 files changed, 9 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tsocket/tsocket_bsd.c b/lib/tsocket/tsocket_bsd.c
index d5721b4..135fd02 100644
--- a/lib/tsocket/tsocket_bsd.c
+++ b/lib/tsocket/tsocket_bsd.c
@@ -792,7 +792,7 @@ static int tdgram_bsd_set_writeable_handler(struct
tdgram_bsd *bsds,
struct tdgram_bsd_recvfrom_state {
struct tdgram_context *dgram;
-
+ bool first_try;
uint8_t *buf;
size_t len;
struct tsocket_address *src;
@@ -826,6 +826,7 @@ static struct tevent_req
*tdgram_bsd_recvfrom_send(TALLOC_CTX *mem_ctx,
}
state-dgram= dgram;
+ state-first_try= true;
state-buf = NULL;
state-len = 0;
state-src = NULL;
@@ -876,6 +877,13 @@ static void tdgram_bsd_recvfrom_handler(void *private_data)
bool retry;
ret = tsocket_bsd_pending(bsds-fd);
+ if (state-first_try ret == 0) {
+ state-first_try = false;
+ /* retry later */
+ return;
+ }
+ state-first_try = false;
+
err = tsocket_bsd_error_from_errno(ret, errno, retry);
if (retry) {
/* retry later */
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8697acd dsdb-cracknames: Always use talloc_zero() from d5d0a45 build(waf): Fix the --with-cluster build http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8697acd4b08354fb4185b05da07f4399bda917bc Author: Andrew Bartlett abart...@samba.org Date: Wed Oct 24 11:56:02 2012 +1100 dsdb-cracknames: Always use talloc_zero() Otherwise, we will return un-initialised values to the caller, which will attempt to push them onto the wire. Found by Greg Dickie g...@justaguy.ca. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Wed Oct 24 05:12:04 CEST 2012 on sn-devel-104 --- Summary of changes: source4/dsdb/samdb/cracknames.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c index c366019..6ad8026 100644 --- a/source4/dsdb/samdb/cracknames.c +++ b/source4/dsdb/samdb/cracknames.c @@ -1472,7 +1472,7 @@ WERROR dcesrv_drsuapi_CrackNamesByNameFormat(struct ldb_context *sam_ctx, TALLOC uint32_t i, count; WERROR status; - *ctr1 = talloc(mem_ctx, struct drsuapi_DsNameCtr1); + *ctr1 = talloc_zero(mem_ctx, struct drsuapi_DsNameCtr1); W_ERROR_HAVE_NO_MEMORY(*ctr1); count = req1-count; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 64886e3 Warn when setting UID/GID without idmap_ldb:use rfc2307 = Yes via 071047e Tests for 'samba-tool user create' with RFC2307 attributes via bfdaaf2 Set RFC2307 attributes in samba-tool create via 9eb022c provision: No longer use the wheel group in new AD Domains from b557f34 s3:smbd: fix brace placements in validate_my_share_entries() for readability http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 64886e312fe76145c2c4bc900b794274594368aa Author: Alexander Wuerstlein a...@arw.name Date: Sun Sep 30 04:32:01 2012 +0200 Warn when setting UID/GID without idmap_ldb:use rfc2307 = Yes Signed-off-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Thu Oct 18 09:51:35 CEST 2012 on sn-devel-104 commit 071047e8953f36a4c71c30d9540323578a4204f2 Author: Alexander Wuerstlein a...@arw.name Date: Sun Sep 30 04:32:00 2012 +0200 Tests for 'samba-tool user create' with RFC2307 attributes Check if attributes are correctly set and read from SamDB Test automatic creation of attributes from getpwent (NSS) Check if overriding NSS attributes works getpwent will be skipped if the current UID of the user running the tests has no passwd entry (getpwuid(geteuid())). If a user with the name of the current UID already exists in the directory, the getpwent test will fail. If that should happen, the test would need to be updated to use a nonexistent UID that is visible to the Python 'pwd' module. Signed-off-by: Andrew Bartlett abart...@samba.org commit bfdaaf2327441c0cf909a70f9b3ca781caadbddc Author: Alexander Wuerstlein a...@arw.name Date: Sun Sep 30 04:31:59 2012 +0200 Set RFC2307 attributes in samba-tool create Optionally set RFC2307 (NIS Schema) attributes in samba-tool create. Mainly needed for UID mapping to be usable. Not all attributes are set-able, only harmless and non-overlapping ones (uid, uidNumber, gidNumber, loginShell, gecos). Description and homeDirectory should already be set, userPassword seems problematic. Signed-off-by: Andrew Bartlett abart...@samba.org commit 9eb022c8c65663425e60a10a12c2ec52c3017a59 Author: Andrew Bartlett abart...@samba.org Date: Tue Oct 16 13:08:22 2012 +1100 provision: No longer use the wheel group in new AD Domains The issue here is that if we set S-1-5-32-544 (administrators) to a GID only, then users cannot force a mandetory profile to be owned by administrators (which is a requirement). There is no particularly useful reason for us to enforce this matching a system group. Andrew Bartlett --- Summary of changes: source4/scripting/bin/samba_upgradedns |2 +- source4/scripting/python/samba/netcmd/domain.py|5 +- source4/scripting/python/samba/netcmd/user.py | 39 +- .../scripting/python/samba/provision/__init__.py | 39 +++--- source4/scripting/python/samba/samdb.py| 26 - source4/scripting/python/samba/tests/posixacl.py |8 +- .../python/samba/tests/samba_tool/base.py |6 + .../python/samba/tests/samba_tool/user.py | 141 ++- source4/scripting/python/samba/upgrade.py |2 +- source4/scripting/python/samba/upgradehelpers.py |4 +- 10 files changed, 230 insertions(+), 42 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns index 8304134..ba597cf 100755 --- a/source4/scripting/bin/samba_upgradedns +++ b/source4/scripting/bin/samba_upgradedns @@ -91,7 +91,7 @@ def fix_names(pnames): names.domaindn = pnames.domaindn[0] names.configdn = pnames.configdn[0] names.schemadn = pnames.schemadn[0] -names.wheel_gid = pnames.wheel_gid[0] +names.root_gid = pnames.root_gid names.serverdn = str(pnames.serverdn) return names diff --git a/source4/scripting/python/samba/netcmd/domain.py b/source4/scripting/python/samba/netcmd/domain.py index 6e3f35a..4ba305c 100644 --- a/source4/scripting/python/samba/netcmd/domain.py +++ b/source4/scripting/python/samba/netcmd/domain.py @@ -186,8 +186,6 @@ class cmd_domain_provision(Command): help=choose 'root' unix username), Option(--nobody, type=string, metavar=USERNAME, help=choose 'nobody' user), - Option(--wheel, type=string, metavar=GROUPNAME, -help=choose 'wheel' privileged group), Option(--users, type=string, metavar=GROUPNAME, help=choose 'users' group), Option(--quiet, help=Be quiet, action=store_true), @@ -237,7 +235,6 @@ class
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d09ac96 Removed phpldapadmin inclusion for Samba 4.
via 83d34bb dns_server: Try and use the dns-SERVER account if we were
configured with it
from 0296548 ccan: check for all the used config.h defines
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d09ac9636af6a31098156ca65ab62e11ce3a5d15
Author: Ricky Nance ricky.na...@weaubleau.k12.mo.us
Date: Tue Oct 16 00:52:51 2012 -0500
Removed phpldapadmin inclusion for Samba 4.
Signed-off-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Oct 17 12:55:44 CEST 2012 on sn-devel-104
commit 83d34bb2bbcbc0ebbcb81825590363e996979e08
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 16 15:08:30 2012 +1100
dns_server: Try and use the dns-SERVER account if we were configured with it
---
Summary of changes:
source4/dns_server/dns_server.c| 61 +++-
.../scripting/python/samba/provision/__init__.py | 20 ---
source4/scripting/python/samba/tests/provision.py | 10 ---
source4/setup/phpldapadmin-config.php | 20 ---
4 files changed, 47 insertions(+), 64 deletions(-)
delete mode 100644 source4/setup/phpldapadmin-config.php
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 8e25396..6824fef 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -748,7 +748,11 @@ static void dns_task_init(struct task_server *task)
int ret;
struct ldb_result *res;
static const char * const attrs[] = { name, NULL};
+ static const char * const attrs_none[] = { NULL};
unsigned int i;
+ struct ldb_message *dns_acc;
+ char *hostname_lower;
+ char *dns_spn;
switch (lpcfg_server_role(task-lp_ctx)) {
case ROLE_STANDALONE:
@@ -787,29 +791,58 @@ static void dns_task_init(struct task_server *task)
return;
}
- cli_credentials_set_conf(dns-server_credentials, task-lp_ctx);
- status = cli_credentials_set_machine_account(dns-server_credentials,
task-lp_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- task_server_terminate(task,
- talloc_asprintf(task, Failed to obtain server
credentials, perhaps a standalone server?: %s\n,
- nt_errstr(status)),
- true);
+ dns-samdb = samdb_connect(dns, dns-task-event_ctx, dns-task-lp_ctx,
+ system_session(dns-task-lp_ctx), 0);
+ if (!dns-samdb) {
+ task_server_terminate(task, dns: samdb_connect failed, true);
return;
}
+ cli_credentials_set_conf(dns-server_credentials, task-lp_ctx);
+
+ hostname_lower = strlower_talloc(dns, lpcfg_netbios_name(task-lp_ctx));
+ dns_spn = talloc_asprintf(dns, DNS/%s.%s,
+ hostname_lower,
+ lpcfg_dnsdomain(task-lp_ctx));
+ TALLOC_FREE(hostname_lower);
+
+ ret = dsdb_search_one(dns-samdb, dns, dns_acc,
+ ldb_get_default_basedn(dns-samdb),
LDB_SCOPE_SUBTREE,
+ attrs_none, 0, (servicePrincipalName=%s),
+ dns_spn);
+ if (ret == LDB_SUCCESS) {
+ TALLOC_FREE(dns_acc);
+ if (!dns_spn) {
+ task_server_terminate(task, dns: talloc_asprintf
failed, true);
+ return;
+ }
+ status =
cli_credentials_set_stored_principal(dns-server_credentials, task-lp_ctx,
dns_spn);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task,
+ talloc_asprintf(task, Failed to
obtain server credentials for DNS,
+ despite finding
it in the samdb! %s\n,
+
nt_errstr(status)),
+ true);
+ return;
+ }
+ } else {
+ TALLOC_FREE(dns_spn);
+ status =
cli_credentials_set_machine_account(dns-server_credentials, task-lp_ctx);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task,
+ talloc_asprintf(task, Failed to
obtain server credentials, perhaps a standalone server?: %s\n,
+
nt_errstr(status)),
+ true
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1ec5486 smbd: Always free the talloc_stackframe() before leaving
smbd_do_query_security_desc
from a11595b docs: Add very basic samba manpage.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1ec5486338772cecf953e150ebb717a8845c98d4
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 11 22:29:43 2012 +1100
smbd: Always free the talloc_stackframe() before leaving
smbd_do_query_security_desc
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Oct 11 15:20:54 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/smbd/nttrans.c |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 1011bd7..f5e5877 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1916,12 +1916,14 @@ NTSTATUS smbd_do_query_security_desc(connection_struct
*conn,
if ((security_info_wanted SECINFO_SACL)
!(fsp-access_mask SEC_FLAG_SYSTEM_SECURITY)) {
DEBUG(10, (Access to SACL denied.\n));
+ TALLOC_FREE(frame);
return NT_STATUS_ACCESS_DENIED;
}
if ((security_info_wanted (SECINFO_DACL|SECINFO_OWNER|SECINFO_GROUP))
!(fsp-access_mask SEC_STD_READ_CONTROL)) {
DEBUG(10, (Access to DACL, OWNER, or GROUP denied.\n));
+ TALLOC_FREE(frame);
return NT_STATUS_ACCESS_DENIED;
}
@@ -1942,6 +1944,7 @@ NTSTATUS smbd_do_query_security_desc(connection_struct
*conn,
fsp, security_info_wanted, frame, psd);
}
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
return status;
}
--
Samba Shared Repository
provision: Always create DNS user.
On Thu, 2012-10-11 at 21:23 +0200, Stefan (metze) Metzmacher wrote: Hi Jelmer, - Log - commit c2d14747d608d406de6410556807d467cd0b85ef Author: Jelmer Vernooij jel...@samba.org Date: Thu Oct 11 14:45:10 2012 +0200 provision: Always create DNS user. The DNS user is currently only used by the bind9 plugin. This makes it easier to later on switch between the builtin DNS server and bind backend. In addition, ideally the internal DNS server would use that (separate) user too. Why? Isn't that the job of samba_upgradedns? I removed this behavior because I want us to match windows as much as possible. Jelmer, We discussed this, but I think you misunderstood me. Certainly we can't do this unless we first change the internal DNS server to know about the possibility of a dns-SERVER user. Otherwise it won't use the right key on the kerberos acceptor. I was more thinking that we would keep the previous behaviour (which is more like windows), but allow the internal DNS server to work if a dns-SERVER user exists (rather than strictly requiring it to be removed). Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 547a260 vfs: Improve formatting of vfs_fake_acls
via d07d888 vfs: Improve formatting of vfs_default
via a581b3d examples: Re-indent and reformat skel VFS modules
via 38416cc vfs: Use a blocking function in vfs_zfsacl for system ACL
blobs
via bac3ed2 vfs: Use posix_sys_acl_blob_get_file in vfs_tru64acl for
posix ACLs
via 998bdd5 vfs: Use posix_sys_acl_blob_get_file in vfs_solarisacl for
posix ACLs
via 010e589 vfs: Use posix_sys_acl_blob_get_file in vfs_posixacl for
posix ACLs
via 598b565c vfs: Use posix_sys_acl_blob_get_file in vfs_irix for posix
ACLs
via 4eb0e40 vfs: Use posix_sys_acl_blob_get_file in vfs_hpux for posix
ACLs
via abee79f vfs: Use posix_sys_acl_blob_get_file in vfs_gpfs for posix
ACLs
via 594 vfs: Use posix_sys_acl_blob_get_file in vfs_fake_acls for
posix ACLs
via 76b38f7 vfs: Use posix_sys_acl_blob_get_file in vfs_default for
posix ACLs
via 274ace3 vfs: Use posix_sys_acl_blob_get_file in vfs_aixacl2 for
posix ACLs
via 79edc54 vfs: Use posix_sys_acl_blob_get_file in vfs_aixacl
via c960a49 vfs: Use a blocking function in vfs_afsacl for system ACL
blobs
via ddcaac9 vfs: Implement a sys_acl_blob_get_{fd,file} for POSIX ACL
backends
via 1f36ec1 vfs: Remove type parameter from sys_acl_blob_get_{fd,file}
via c8ade07 smbd: Add mem_ctx to {f,}get_nt_acl VFS call
via 9158974 smbd: Add mem_ctx to sys_acl_init() and all callers
via a4d1f22 build: Add vfs_media_harmony to the waf build
via bb99cf1 posixacls: Add IDL changes for vfs_acl_xattr using hash of
the sys acl
from 5bb60df s3-rpc_server: fix build warning
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 547a260a2865d547a4ffc756b21fa648349654fd
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 11 10:47:17 2012 +1100
vfs: Improve formatting of vfs_fake_acls
This avoids this bad style being copied into new modules.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Oct 11 05:10:16 CEST 2012 on sn-devel-104
commit d07d888ce1394c51019804d5717e02d088a715f8
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 11 10:46:37 2012 +1100
vfs: Improve formatting of vfs_default
This avoids this bad style being copied into new modules.
Andrew Bartlett
commit a581b3d48edb1b3f8205e5b1dd2935e265aaba42
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 11 07:53:29 2012 +1100
examples: Re-indent and reformat skel VFS modules
This avoids some of the poor style here from propogating to new VFS modules.
Andrew Bartlett
commit 38416ccac3970b2bf63fe218ef85d535d848302c
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 17:00:42 2012 +1100
vfs: Use a blocking function in vfs_zfsacl for system ACL blobs
This is so we do not query some other module for the ACL blob, as zfs
ACLs are not posix ACLs. We may add a linearisation later.
Andrew Bartlett
commit bac3ed2696e621ee18f4332e5404bbf2af0c7ccb
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:59:53 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_tru64acl for posix ACLs
commit 998bdd516adf5edb5c5884f92f04dc690aa1ce27
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:59:43 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_solarisacl for posix ACLs
commit 010e589c29335fc48446051347d6af5f787981a4
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:59:35 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_posixacl for posix ACLs
commit 598b565c632aae8792dc2917eda2e2b7365d4cec
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:59:25 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_irix for posix ACLs
commit 4eb0e406f15c5fcf3b73361978edcac0a8db5b58
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:59:18 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_hpux for posix ACLs
commit abee79f99db802adc8e13a2baedf7817bf937786
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:58:59 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_gpfs for posix ACLs
commit 59429e9b08b3d88ed6ba8fc86ec837ef23d8
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:53:43 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_fake_acls for posix ACLs
commit 76b38f75e98ed68de9e649c2a0ef3b4b317292ae
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:53:22 2012 +1100
vfs: Use posix_sys_acl_blob_get_file in vfs_default for posix ACLs
commit 274ace37fd413240bac3d5f45fa9a481aba0bfb1
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 16:52:17 2012
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 957f9fa rpc_server:srvsvc Remove psd variable that was no longer
set by SMB_VFS_FGET_NT_ACL
via 0f435a7 build: Remove --disable-shared
via 1722074 vfs: Remove irixacl module (all the fucntions in it are
unimplemented)
via a0588fd vfs: Fix alternative posix and no-op sys acl
implementations to take a mem_ctx
from 547a260 vfs: Improve formatting of vfs_fake_acls
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 957f9fa3ff2ba838bb1669c371da0f70ddeb2360
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 11 15:08:25 2012 +1100
rpc_server:srvsvc Remove psd variable that was no longer set by
SMB_VFS_FGET_NT_ACL
This fixes up an error introduced by
c8ade07760ae0ccfdf2d875c9f3027926e62321b.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Oct 11 07:53:36 CEST 2012 on sn-devel-104
commit 0f435a7adceb6bb7e2cc57eda3bf5a4a615d6a79
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 10 21:20:24 2012 +1100
build: Remove --disable-shared
This does not work, and has no known use cases. Remove it so we do
not waste time trying to support it.
This also removes it for ldb/tdb/ntdb/talloc, but as these are first
shared libraries, and then tools on top of those, rpath or (for
emergency tools) --nonshared-binary= seems more appropriate.
Andrew Bartlett
commit 1722074a9b4b7370ae50ba7a0b787c5f325f592b
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 11 14:49:13 2012 +1100
vfs: Remove irixacl module (all the fucntions in it are unimplemented)
commit a0588fdea82ab1b5d4dbd8bf75b01b82c0879d21
Author: Andrew Bartlett abart...@samba.org
Date: Thu Oct 11 14:42:39 2012 +1100
vfs: Fix alternative posix and no-op sys acl implementations to take a
mem_ctx
These were missed with the initial conversion to use a talloc context.
Andrew Bartlett
---
Summary of changes:
buildtools/wafsamba/samba_bundled.py |4 -
buildtools/wafsamba/wscript | 13 +
source3/Makefile.in |5 --
source3/configure.in |6 --
source3/lib/sysacls.c | 84 ++-
source3/modules/vfs_aixacl.c | 12 ++--
source3/modules/vfs_irixacl.c | 90 -
source3/modules/vfs_irixacl.h | 45 --
source3/modules/vfs_solarisacl.c |2 +-
source3/modules/wscript_build |8 ---
source3/rpc_server/srvsvc/srv_srvsvc_nt.c |8 +--
source3/wscript |4 -
12 files changed, 44 insertions(+), 237 deletions(-)
delete mode 100644 source3/modules/vfs_irixacl.c
delete mode 100644 source3/modules/vfs_irixacl.h
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_bundled.py
b/buildtools/wafsamba/samba_bundled.py
index b8a4101..afcf708 100644
--- a/buildtools/wafsamba/samba_bundled.py
+++ b/buildtools/wafsamba/samba_bundled.py
@@ -30,8 +30,6 @@ def target_in_list(target, lst, default):
def BUILTIN_LIBRARY(bld, name):
'''return True if a library should be builtin
instead of being built as a shared lib'''
-if bld.env.DISABLE_SHARED:
-return True
return target_in_list(name, bld.env.BUILTIN_LIBRARIES, False)
Build.BuildContext.BUILTIN_LIBRARY = BUILTIN_LIBRARY
@@ -249,8 +247,6 @@ def CHECK_BUNDLED_SYSTEM_PYTHON(conf, libname, modulename,
minversion='0.0.0'):
def NONSHARED_BINARY(bld, name):
'''return True if a binary should be built without non-system shared
libs'''
-if bld.env.DISABLE_SHARED:
-return True
return target_in_list(name, bld.env.NONSHARED_BINARIES, False)
Build.BuildContext.NONSHARED_BINARY = NONSHARED_BINARY
diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript
index 5e1898c..441e727 100755
--- a/buildtools/wafsamba/wscript
+++ b/buildtools/wafsamba/wscript
@@ -50,9 +50,6 @@ def set_options(opt):
help=(list of minimum system library versions
(LIBNAME1:version,LIBNAME2:version)),
action=store, dest='MINIMUM_LIBRARY_VERSION', default='')
-gr.add_option('--disable-shared',
- help=(Disable all use of shared libraries),
- action=store_true, dest='disable_shared', default=False)
gr.add_option('--disable-rpath',
help=(Disable use of rpath for build binaries),
action=store_true, dest='disable_rpath_build',
default=False)
@@ -248,7 +245,6 @@ def configure(conf):
conf.env.BUNDLED_LIBS = Options.options.BUNDLED_LIBS.split(',')
conf.env.PRIVATE_LIBS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2f0753b samba-tool: skip chown in sysvolreset when it would fail on a GID from 1c35c22 s3: Pass down smb_filename to smbacl4_fill_ace4 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2f0753b456c4d9b4eb52f128a83c8ba19adde160 Author: Andrew Bartlett abart...@samba.org Date: Fri Oct 5 10:19:17 2012 +1000 samba-tool: skip chown in sysvolreset when it would fail on a GID This skips the chown of the files if (for example) the domain Admins group were to own the file and not be able to because the group maps only to a GID. This essentially papers over the problem, but may be enough to get us past the Samba 4.0 release. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Oct 9 15:24:44 CEST 2012 on sn-devel-104 --- Summary of changes: source4/scripting/python/samba/ntacls.py | 37 ++- .../scripting/python/samba/provision/__init__.py | 24 +++-- 2 files changed, 48 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py index 2108a64..44cbbe9 100644 --- a/source4/scripting/python/samba/ntacls.py +++ b/source4/scripting/python/samba/ntacls.py @@ -21,7 +21,7 @@ import os import samba.xattr_native, samba.xattr_tdb, samba.posix_eadb -from samba.dcerpc import security, xattr +from samba.dcerpc import security, xattr, idmap from samba.ndr import ndr_pack, ndr_unpack from samba.samba3 import smbd @@ -82,10 +82,43 @@ def getntacl(lp, file, backend=None, eadbfile=None, direct_db_access=True): return smbd.get_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL) -def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True): +def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True, skip_invalid_chown=False, passdb=None): sid = security.dom_sid(domsid) sd = security.descriptor.from_sddl(sddl, sid) +if not use_ntvfs and skip_invalid_chown: +# Check if the owner can be resolved as a UID +(owner_id, owner_type) = passdb.sid_to_id(sd.owner_sid) +if ((owner_type != idmap.ID_TYPE_UID) and (owner_type != idmap.ID_TYPE_BOTH)): +# Check if this particular owner SID was domain admins, +# because we special-case this as mapping to +# 'administrator' instead. +if sd.owner_sid == security.dom_sid(%s-%d % (domsid, security.DOMAIN_RID_ADMINS)): +administrator = security.dom_sid(%s-%d % (domsid, security.DOMAIN_RID_ADMINISTRATOR)) +(admin_id, admin_type) = passdb.sid_to_id(administrator) + +# Confirm we have a UID for administrator +if ((admin_type == idmap.ID_TYPE_UID) or (admin_type == idmap.ID_TYPE_BOTH)): + +# Set it, changing the owner to 'administrator' rather than domain admins +sd2 = security.descriptor.from_sddl(sddl, sid) +sd2.owner_sid = administrator + +smbd.set_nt_acl(file, security.SECINFO_OWNER |security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd2) + +# and then set an NTVFS ACL (which does not set the posix ACL) to pretend the owner really was set +use_ntvfs = True +else: +raise XattrBackendError(Unable to find UID for domain administrator %s, got id %d of type %d % (administrator, admin_id, admin_type)) +else: +# For all other owning users, reset the owner to root +# and then set the ACL without changing the owner +# +# This won't work in test environments, as it tries a real (rather than xattr-based fake) chown + +os.chown(file, 0, 0) +smbd.set_nt_acl(file, security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd) + if use_ntvfs: (backend_obj, dbname) = checkset_backend(lp, backend, eadbfile) ntacl = xattr.NTACL() diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index d5d57d2..9966192 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -1365,18 +1365,18 @@ SYSVOL_ACL = O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI POLICIES_ACL = O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001301bf;;;PA) -def set_dir_acl
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6245c5c wintest: Give dcpromo more time
via 10eba77 wintest: Give netdom join more time to complete
via 535fe95 wintest: Add config file for a second host
via 1773fc0 wintest: bump version to 4.1
via 1f267ca nsswitch: Build nss_winbind on all supported platforms
via 0e037bf selftest: Always build a linux-style nss_winbind for
nss_wrapper
from df23b17 provision: Use logger rather than print.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6245c5cba29abb54df2f961d9cbe300a49ffdacf
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 3 08:22:27 2012 +1000
wintest: Give dcpromo more time
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Oct 3 16:04:44 CEST 2012 on sn-devel-104
commit 10eba77dcbeec4b389aeb0a456884b7f067c1a3e
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 2 18:45:39 2012 +1000
wintest: Give netdom join more time to complete
commit 535fe95f3c884b247d374685cc4408aeabc64437
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 2 12:34:10 2012 +1000
wintest: Add config file for a second host
commit 1773fc06738846dac6c9cbfa3f3157a19f2567c1
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 2 12:33:48 2012 +1000
wintest: bump version to 4.1
commit 1f267ca10e174ec3661631df2169e381136c2540
Author: Andrew Bartlett abart...@samba.org
Date: Tue Oct 2 08:12:16 2012 +1000
nsswitch: Build nss_winbind on all supported platforms
This matches what the autoconf build can do.
Andrew Bartlett
commit 0e037bfc60162aa094df3e3cda59f7b9c2327ca9
Author: Andrew Bartlett abart...@samba.org
Date: Wed Oct 3 16:36:34 2012 +1000
selftest: Always build a linux-style nss_winbind for nss_wrapper
---
Summary of changes:
nsswitch/wscript_build | 68 +---
selftest/target/Samba.pm |9 +++
selftest/target/Samba3.pm |5 +-
selftest/target/Samba4.pm |2 +-
.../conf/{abartlet.conf = abartlet-jesse.conf}| 38 ++--
wintest/test-s4-howto.py |6 +-
wintest/wintest.py |2 +-
7 files changed, 92 insertions(+), 38 deletions(-)
copy wintest/conf/{abartlet.conf = abartlet-jesse.conf} (79%)
Changeset truncated at 500 lines:
diff --git a/nsswitch/wscript_build b/nsswitch/wscript_build
index 3931445..8499c62 100644
--- a/nsswitch/wscript_build
+++ b/nsswitch/wscript_build
@@ -1,5 +1,7 @@
#!/usr/bin/env python
import Utils
+import sys
+host_os = sys.platform
bld.SAMBA_LIBRARY('winbind-client',
source='wb_common.c',
@@ -14,19 +16,65 @@ bld.SAMBA_BINARY('nsstest',
deps='replace dl'
)
-if Utils.unversioned_sys_platform() == 'linux':
+# The nss_wrapper code relies strictly on the linux implementation and
+# name, so compile but do not install a copy under this name.
+bld.SAMBA_LIBRARY('nss_wrapper_winbind',
+ source='winbind_nss_linux.c',
+ deps='winbind-client',
+ realname='libnss_wrapper_winbind.so.2',
+ install=False,
+ vnum='2')
+
+# FIXME: original was *linux* | gnu* | k*bsd*-gnu | kopensolaris*-gnu)
+# the search for .rfind('gnu') covers gnu* and *-gnu is that too broad?
+
+if (Utils.unversioned_sys_platform() == 'linux' or (host_os.rfind('gnu')
-1)):
bld.SAMBA_LIBRARY('nss_winbind',
- source='winbind_nss_linux.c',
- deps='winbind-client',
- realname='libnss_winbind.so.2',
- vnum='2')
+ source='winbind_nss_linux.c',
+ deps='winbind-client',
+ realname='libnss_winbind.so.2',
+ vnum='2')
+elif (host_os.rfind('freebsd') -1):
+ # FreeBSD winbind client is implemented as a wrapper around
+ # the Linux version.
+ bld.SAMBA_LIBRARY('nss_winbind',
+ source='winbind_nss_linux.c winbind_nss_freebsd.c',
+ deps='winbind-client',
+ realname='libnss_winbind.so.1',
+ vnum='1')
+
+elif (host_os.rfind('netbsd') -1):
+ # NetBSD winbind client is implemented as a wrapper
+ # around the Linux version. It needs getpwent_r() to
+ # indicate libc's use of the correct nsdispatch API.
-if Utils.unversioned_sys_platform() == 'sunos':
+ if bld.CONFIG_SET(HAVE_GETPWENT_R):
+ bld.SAMBA_LIBRARY('nss_winbind',
+ source='winbind_nss_linux.c
winbind_nss_netbsd.c',
+ deps='winbind-client
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f0f310c build: Remove duplicate check for struct getquota_rslt
member getquota_rslt_u
via 006bdc0 build: Fix quota tests, including move of sysquotas.c to
the top level
via 931ed25 lib/replace: Add test for what flag we need for -Werror
behaviour
from 837f47d s3-winbindd: Adjust error code loop logic in
rpc_trusted_domains().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f0f310c21d0d3863323a7759be104ee3d2d6c23d
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 29 14:31:28 2012 +1000
build: Remove duplicate check for struct getquota_rslt member
getquota_rslt_u
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Sat Sep 29 08:51:03 CEST 2012 on sn-devel-104
commit 006bdc0be0bf2ef70b3eb24d679bd49f6d8079fd
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 29 14:28:57 2012 +1000
build: Fix quota tests, including move of sysquotas.c to the top level
This correctly detects quotas on FreeBSD
Andrew Bartlett
commit 931ed2509d93110b525f763ffb15ee3feff87fa0
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 29 14:36:41 2012 +1000
lib/replace: Add test for what flag we need for -Werror behaviour
---
Summary of changes:
lib/replace/wscript |9 +
source3/configure.in |4 ++--
source3/wscript | 18 +++---
{source3/tests = tests}/sysquotas.c |4 ++--
4 files changed, 20 insertions(+), 15 deletions(-)
rename {source3/tests = tests}/sysquotas.c (99%)
Changeset truncated at 500 lines:
diff --git a/lib/replace/wscript b/lib/replace/wscript
index f1f1cef..732c664 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -53,6 +53,15 @@ struct foo bar = { .y = 'X', .x = 1 };
conf.ADD_CFLAGS(f)
break
+# Try to find the right extra flags for -Werror behaviour
+for f in [-Werror, -w2, -errwarn]:
+if conf.CHECK_CFLAGS([f], '''
+'''):
+if not 'WERROR_CFLAGS' in conf.env:
+conf.env['WERROR_CFLAGS'] = []
+conf.env['WERROR_CFLAGS'].extend([f])
+break
+
conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h')
conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h')
conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h')
diff --git a/source3/configure.in b/source3/configure.in
index 5045742..d47f08a 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -4617,7 +4617,7 @@ AC_TRY_RUN_STRICT([
#define HAVE_QUOTACTL_4A 1
#define AUTOCONF_TEST 1
#include confdefs.h
-#include ${srcdir-.}/../tests/sysquotas.c],[$CFLAGS
$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS],
+#include ${srcdir-.}/../../tests/sysquotas.c],[$CFLAGS
$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS],
samba_cv_HAVE_QUOTACTL_4A=yes,samba_cv_HAVE_QUOTACTL_4A=no,samba_cv_HAVE_QUOTACTL_4A=cross)])
if test x$samba_cv_HAVE_QUOTACTL_4A = xyes; then
samba_cv_SYSQUOTA_FOUND=yes;
@@ -4631,7 +4631,7 @@ AC_TRY_RUN_STRICT([
#define HAVE_QUOTACTL_4B 1
#define AUTOCONF_TEST 1
#include confdefs.h
-#include ${srcdir-.}/../tests/sysquotas.c],[$CFLAGS
$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS],
+#include ${srcdir-.}/../../tests/sysquotas.c],[$CFLAGS
$Werror_FLAGS],[$CPPFLAGS],[$LDFLAGS],
samba_cv_HAVE_QUOTACTL_4B=yes,samba_cv_HAVE_QUOTACTL_4B=no,samba_cv_HAVE_QUOTACTL_4B=cross)])
if test x$samba_cv_HAVE_QUOTACTL_4B = xyes; then
samba_cv_SYSQUOTA_FOUND=yes;
diff --git a/source3/wscript b/source3/wscript
index 3815c7c..765f761 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -1238,23 +1238,24 @@ main() {
if not conf.CHECK_CODE('''
#define HAVE_QUOTACTL_4A 1
#define AUTOCONF_TEST 1
-#include confdefs.h
-#include ${srcdir-.}/../tests/sysquotas.c
+#include ../tests/sysquotas.c
''',
+ cflags=conf.env['WERROR_CFLAGS'],
define='HAVE_QUOTACTL_4A',
msg='for QUOTACTL_4A: long quotactl(int
cmd, char *special, qid_t id, caddr_t addr)',
execute=True,
- local_include=False):
+ addmain=False):
+
conf.CHECK_CODE('''
#define HAVE_QUOTACTL_4B 1
#define AUTOCONF_TEST 1
-#include confdefs.h
-#include ${srcdir-.}/../tests/sysquotas.c
+#include ../tests/sysquotas.c
''',
+cflags=conf.env['WERROR_CFLAGS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7d0a9f5 selftest: use an array when starting testenv with system()
from e576bf5 s3: Fix opening a file under kernel oplocks
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7d0a9f5a06c807855335b9553a15ba312a7562ff
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 29 20:40:13 2012 +1000
selftest: use an array when starting testenv with system()
By reduing the need for escapes and forcing the use of bash, this
seems to allow 'make testenv' to start on FreeBSD
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Sun Sep 30 02:30:40 CEST 2012 on sn-devel-104
---
Summary of changes:
selftest/selftest.pl | 14 +++---
1 files changed, 11 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/selftest.pl b/selftest/selftest.pl
index b636910..b50853e 100755
--- a/selftest/selftest.pl
+++ b/selftest/selftest.pl
@@ -838,8 +838,13 @@ if ($opt_testenv) {
my $envvarstr = exported_envvars_str($testenv_vars);
- my $term = ($ENV{TERMINAL} or xterm -e);
- system($term 'echo -e \
+ my @term = ();
+ if ($ENV{TERMINAL}) {
+ @term = ($ENV{TERMINAL});
+ } else {
+ @term = (xterm, -e);
+ }
+ my @term_args = (bash, -c, echo -e \
Welcome to the Samba4 Test environment '$testenv_name'
This matches the client environment used in make test
@@ -850,7 +855,10 @@ TORTURE_OPTIONS=\$TORTURE_OPTIONS
SMB_CONF_PATH=\$SMB_CONF_PATH
$envvarstr
-\ LD_LIBRARY_PATH=$ENV{LD_LIBRARY_PATH} bash');
+\ LD_LIBRARY_PATH=$ENV{LD_LIBRARY_PATH} bash);
+
+ system(@term, @term_args);
+
teardown_env($testenv_name);
} elsif ($opt_list) {
foreach (@todo) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 968da5f nsswitch: Add waf tests for solaris special cases
via 128fb54 build: Remove unused --with-sys-quotas option
via afbc87b build: Set HAVE_SYS_QUOTAS and WITH_QUOTAS if we have any
supported sysquota backend
via 7ad1971 build: Remove unused samba_cv_sysquotas_file variable from
autoconf configure
via e1f17ee build: Add waf configure support for non-linux quotas
from 11634e6 smb.conf(5): Remove documentation for removed 'lock spin
count' parameter.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 968da5f890a978f482f56f9eaff0c56a0d52980c
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 18:09:20 2012 +1000
nsswitch: Add waf tests for solaris special cases
These are in configure.in for autoconf. Found in the config.h comparison on
the smbtorture4 build.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Sep 26 11:50:10 CEST 2012 on sn-devel-104
commit 128fb54ab4feb0c665f438f56dca5f734e355be1
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 13:10:17 2012 +1000
build: Remove unused --with-sys-quotas option
commit afbc87b8cc5b068feadb773bdf755abc26f7d0db
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 12:42:15 2012 +1000
build: Set HAVE_SYS_QUOTAS and WITH_QUOTAS if we have any supported
sysquota backend
commit 7ad1971e2240eccda70783c4de77b7c5bc7893d3
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 12:33:50 2012 +1000
build: Remove unused samba_cv_sysquotas_file variable from autoconf
configure
commit e1f17eef970cd8432a3391b0bb79de4857fac177
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 12:33:13 2012 +1000
build: Add waf configure support for non-linux quotas
---
Summary of changes:
nsswitch/wscript_configure | 16
source3/configure.in |3 ---
source3/wscript| 44 +---
3 files changed, 57 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/wscript_configure b/nsswitch/wscript_configure
index 7d6ea82..3048f48 100644
--- a/nsswitch/wscript_configure
+++ b/nsswitch/wscript_configure
@@ -4,3 +4,19 @@ conf.CHECK_HEADERS('nss.h nss_common.h ns_api.h')
conf.CHECK_HEADERS('security/pam_appl.h security/pam_modules.h
pam/pam_modules.h', together=True)
conf.CHECK_FUNCS_IN('pam_start', 'pam', checklibc=True,
headers='security/pam_appl.h')
+
+# Solaris 10 does have new member in nss_XbyY_key
+conf.CHECK_STRUCTURE_MEMBER('union nss_XbyY_key', 'ipnode.af_family',
+define='HAVE_NSS_XBYY_KEY_IPNODE',
+headers='nss_dbdefs.h')
+
+# Solaris has some extra fields in struct passwd that need to be
+# initialised otherwise nscd crashes.
+
+conf.CHECK_STRUCTURE_MEMBER('struct passwd', 'pw_comment',
+define='HAVE_PASSWD_PW_COMMENT',
+headers='pwd.h')
+
+conf.CHECK_STRUCTURE_MEMBER('struct passwd', 'pw_age',
+define='HAVE_PASSWD_PW_AGE',
+headers='pwd.h')
diff --git a/source3/configure.in b/source3/configure.in
index 489b017..5045742 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -4539,7 +4539,6 @@ case $host_os in
*linux*)
samba_cv_SYSQUOTA_FOUND=yes
AC_DEFINE(HAVE_QUOTACTL_LINUX,1,[Whether Linux quota support is
available])
- samba_cv_sysquotas_file=lib/sysquotas_linux.c
AC_MSG_CHECKING(whether to use the lib/sysquotas_linux.c builtin
support)
AC_MSG_RESULT(yes)
@@ -4623,7 +4622,6 @@ AC_TRY_RUN_STRICT([
if test x$samba_cv_HAVE_QUOTACTL_4A = xyes; then
samba_cv_SYSQUOTA_FOUND=yes;
AC_DEFINE(HAVE_QUOTACTL_4A,1,[Whether long quotactl(int cmd, char
*special, qid_t id, caddr_t addr) is available])
-samba_cv_sysquotas_file=lib/sysquotas_4A.c
fi
fi
@@ -4638,7 +4636,6 @@ AC_TRY_RUN_STRICT([
if test x$samba_cv_HAVE_QUOTACTL_4B = xyes; then
samba_cv_SYSQUOTA_FOUND=yes;
AC_DEFINE(HAVE_QUOTACTL_4B,1,[Whether int quotactl(const char *path, int
cmd, int id, char *addr) is available])
-samba_cv_sysquotas_file=lib/sysquotas_4B.c
AC_CHECK_MEMBERS([struct dqblk.dqb_curbytes], # Darwin bytecount style
[ AC_DEFINE([HAVE_STRUCT_DQBLK_DQB_CURBYTES],[1],[darwin style quota
bytecount])],,
[#include sys/types.h
diff --git a/source3/wscript b/source3/wscript
index cb76293..3815c7c 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -31,7 +31,6 @@ def set_options(opt):
opt.SAMBA3_ADD_OPTION('pam')
opt.SAMBA3_ADD_OPTION('pam_smbpass')
opt.SAMBA3_ADD_OPTION('quotas
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1c1ae6d docs: Change TOSHARG-VFS to avoid suggesting VFS modules are Linux/IRIX only via a92d95b docs: Remove mention of auth methods in TOSHARG-Passdb via 39b1ce1 docs: Fix typo in TOSHARG-Passdb via e3f554a docs: Remove Win9X/WinMe mentions from TOSHARG-PDC via f82affa docs: Add mention of AD DC support in TOSHARG-PDC via 6fcb95b docs: Explain the no-domain-logons restriction applies to all HOME editions via 3be323c docs: Remove references to default paramters in TOSHARG-PDC via f3ab050 docs: Update TOSHARG-Install via c4f143f client: Fix talloc_stackframe() free order assertion in developer mode from 6749cfb replace: Avoid returning value in void setproctitle() replacement. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1c1ae6d639364533c4b23cb71c471d0d46bfff36 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 25 11:05:37 2012 +1000 docs: Change TOSHARG-VFS to avoid suggesting VFS modules are Linux/IRIX only Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Sep 25 08:27:15 CEST 2012 on sn-devel-104 commit a92d95b1773cb024349a0a06432b685d69d59976 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 25 11:05:01 2012 +1000 docs: Remove mention of auth methods in TOSHARG-Passdb This is not connected to the passdb system, and we should not encourage setting of auth methods in any case. Andrew Bartlett commit 39b1ce102d4d8bca472ae96966e2afab83e8f1c0 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 25 11:04:14 2012 +1000 docs: Fix typo in TOSHARG-Passdb commit e3f554a99f3871eabac35db1ba3236772ef58f64 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 04:55:20 2012 +1000 docs: Remove Win9X/WinMe mentions from TOSHARG-PDC commit f82affaa6defef52696f69f114143cfb80fee241 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 04:54:24 2012 +1000 docs: Add mention of AD DC support in TOSHARG-PDC commit 6fcb95bad7db8f970ae6c74f1fdd7b4c2a41f25c Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 04:53:55 2012 +1000 docs: Explain the no-domain-logons restriction applies to all HOME editions commit 3be323c6110f1a241f86aacb94c8ff1ba69351c5 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 04:52:56 2012 +1000 docs: Remove references to default paramters in TOSHARG-PDC commit f3ab05003ea94ba2717b544d912ec3e15fb629d5 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 03:09:32 2012 +1000 docs: Update TOSHARG-Install - winbindd runs as many processes now - open_oplock_ipc errors do not happen any more, we do not use UDP messaging any more. Andrew Bartlett commit c4f143f9d7a1502712d8a6b1c872a13632a5cff3 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 25 10:41:05 2012 +1000 client: Fix talloc_stackframe() free order assertion in developer mode Reported-by: Ricky Nance ricky.na...@weaubleau.k12.mo.us --- Summary of changes: docs-xml/Samba3-HOWTO/TOSHARG-Install.xml | 20 +-- docs-xml/Samba3-HOWTO/TOSHARG-PDC.xml | 386 ++--- docs-xml/Samba3-HOWTO/TOSHARG-Passdb.xml | 14 +- docs-xml/Samba3-HOWTO/TOSHARG-VFS.xml |3 +- source3/client/client.c |1 + 5 files changed, 76 insertions(+), 348 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-Install.xml b/docs-xml/Samba3-HOWTO/TOSHARG-Install.xml index 673ba93..88e0ed8 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-Install.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-Install.xml @@ -657,24 +657,8 @@ The following questions and issues are raised repeatedly on the Samba mailing li /para para - winbindd; will run as one or two daemons, depending on whether or not it is being - run in emphasissplit mode/emphasis (in which case there will be two instances). - /para - - /sect2 - - sect2 - titleError Message: open_oplock_ipc/title - - para - An error message is observed in the log files when smbd; is started: quoteopen_oplock_ipc: Failed to - get local UDP socket for address 17f. Error was Cannot assign requested./quote - /para - - para - Your loopback device isn't working correctly. Make sure it is configured correctly. The loopback - device is an internal (virtual) network device with the IP address emphasis127.0.0.1/emphasis. - Read your OS documentation for details on how to configure the loopback on your system. + winbindd; will run as many processes depending in part on how many + domains it needs to contact. /para
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3902e73 lib/util/charset: We do not use fucntions from wchar.h any
more
via 1c5c96d lib/util/charset: Try to find iconv on HP-UX
via 6146b60 wscript: Removed executable bit.
from 7600fd8 s3: Factor out calculate_open_access_flags
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3902e7332d3d79c257fca451635d08a58d327d70
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 08:10:29 2012 +1000
lib/util/charset: We do not use fucntions from wchar.h any more
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Sep 26 02:13:10 CEST 2012 on sn-devel-104
commit 1c5c96d7cd63ad1d46fb120119c5ad6594e103cf
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 07:41:38 2012 +1000
lib/util/charset: Try to find iconv on HP-UX
commit 6146b609e7add16a34067a4c40902f63d19fe5fe
Author: Ricky Nance ricky.na...@weaubleau.k12.mo.us
Date: Tue Sep 25 01:10:42 2012 -0500
wscript: Removed executable bit.
Removed the executable for both wscript and wscript_build.
---
Summary of changes:
lib/util/charset/wscript_configure | 11 ---
source3/passdb/pdb_nds.c |1 -
source3/registry/reg_parse.c |1 -
3 files changed, 4 insertions(+), 9 deletions(-)
mode change 100755 = 100644 wscript
mode change 100755 = 100644 wscript_build
Changeset truncated at 500 lines:
diff --git a/lib/util/charset/wscript_configure
b/lib/util/charset/wscript_configure
index 98756fe..804c266 100644
--- a/lib/util/charset/wscript_configure
+++ b/lib/util/charset/wscript_configure
@@ -10,12 +10,9 @@
conf.CHECK_LIB(libs=iconv, shlib=True)
+#HP-UX can use libiconv as an add-on package, which has #define iconv_open
libiconv_open
if (conf.CHECK_FUNCS_IN('iconv_open', 'iconv', checklibc=False,
headers='iconv.h') or
+conf.CHECK_FUNCS_IN('libiconv_open', 'iconv', checklibc=False,
headers='iconv.h') or
conf.CHECK_FUNCS('iconv_open', headers='iconv.h')):
-if conf.env['HAVE_LIBICONV']:
-if conf.CHECK_FUNCS('mbrtowc', headers='wchar.h'):
-conf.DEFINE('HAVE_NATIVE_ICONV', 1)
-elif conf.env.LIB_ICONV:
-del conf.env['LIB_ICONV']
-else:
-conf.DEFINE('HAVE_NATIVE_ICONV', 1)
+
+conf.DEFINE('HAVE_NATIVE_ICONV', 1)
diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c
index 3e1bdfc..cce4937 100644
--- a/source3/passdb/pdb_nds.c
+++ b/source3/passdb/pdb_nds.c
@@ -23,7 +23,6 @@
#include lber.h
#include ldap.h
-#include wchar.h
#include smbldap.h
#include passdb/pdb_ldap.h
diff --git a/source3/registry/reg_parse.c b/source3/registry/reg_parse.c
index babf5c0..c276c7e 100644
--- a/source3/registry/reg_parse.c
+++ b/source3/registry/reg_parse.c
@@ -34,7 +34,6 @@
#include reg_format.h
#include stdio.h
-#include wchar.h
#include talloc.h
#include stdbool.h
#include string.h
diff --git a/wscript b/wscript
old mode 100755
new mode 100644
diff --git a/wscript_build b/wscript_build
old mode 100755
new mode 100644
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3c4d0ce samba_dnsupdate: Safely update/create names for Samba3
targets as well
via 6d7c651 samba_dnsupdate: Move to using tmpfile/rename to keep the
dns_hosts_file consistent
via b320e7f selftest: Remove invalid security=share and rename secshare
to simpleserver
from 83f6067 Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause
invalid free.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3c4d0ce46995f82921f538757783fa7a678a7fc1
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 10:02:43 2012 +1000
samba_dnsupdate: Safely update/create names for Samba3 targets as well
This avoids unlocked writes to the dns_hosts_file, and may fix some of our
issues on the build farm where large numbers of tests fail due to failed
name resolution.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Sep 26 05:48:25 CEST 2012 on sn-devel-104
commit 6d7c651f2f61b481c1e1ade1e2e0e756ccef2210
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 09:48:48 2012 +1000
samba_dnsupdate: Move to using tmpfile/rename to keep the dns_hosts_file
consistent
This may be the cause of some of the large failure modes on the build farm.
Andrew Bartlett
commit b320e7f93b5905558efa879992c125af66f0043c
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 26 10:40:17 2012 +1000
selftest: Remove invalid security=share and rename secshare to simpleserver
This avoids the loadparm code failing due to the invalid smb.conf entry,
and removes
the very last hint of security=share!
Andrew Bartlett
---
Summary of changes:
selftest/target/Samba3.pm | 24 +---
source3/Makefile.in |2 +-
source3/selftest/tests.py |6 +++---
source4/scripting/bin/samba_dnsupdate | 29 +++--
4 files changed, 40 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index c1f8fbd..df8b55c 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -153,8 +153,8 @@ sub setup_env($$$)
if ($envname eq s3dc) {
return $self-setup_s3dc($path/s3dc);
- } elsif ($envname eq secshare) {
- return $self-setup_secshare($path/secshare);
+ } elsif ($envname eq simpleserver) {
+ return $self-setup_simpleserver($path/simpleserver);
} elsif ($envname eq maptoguest) {
return $self-setup_maptoguest($path/maptoguest);
} elsif ($envname eq ktest) {
@@ -337,7 +337,7 @@ sub setup_admember()
return $ret;
}
-sub setup_secshare($$)
+sub setup_simpleserver($$)
{
my ($self, $path) = @_;
my $vfs_modulesdir_abs = $ENV{VFSLIBDIR};
@@ -346,8 +346,7 @@ sub setup_secshare($$)
my $prefix_abs = abs_path($path);
- my $secshare_options =
- security = share
+ my $simpleserver_options =
lanman auth = yes
vfs objects = $vfs_modulesdir_abs/xattr_tdb.so
$vfs_modulesdir_abs/streams_depot.so
@@ -361,7 +360,7 @@ sub setup_secshare($$)
my $vars = $self-provision($path,
LOCALSHARE4,
local4pass,
- $secshare_options);
+ $simpleserver_options);
$vars or return undef;
@@ -371,7 +370,7 @@ sub setup_secshare($$)
return undef;
}
- $self-{vars}-{secshare} = $vars;
+ $self-{vars}-{simpleserver} = $vars;
return $vars;
}
@@ -1068,10 +1067,13 @@ domusers:X:$gid_domusers:
}
print DONE\n;
- open(HOSTS, $ENV{SELFTEST_PREFIX}/dns_host_file) or die(Unable to
open $ENV{SELFTEST_PREFIX}/dns_host_file);
- print HOSTS A $server. $server_ip
-;
- close(HOSTS);
+ open(DNS_UPDATE_LIST, $prefix/dns_update_list) or die(Unable to
open $$prefix/dns_update_list);
+ print DNS_UPDATE_LIST A $server. $server_ip;
+ close(DNS_UPDATE_LIST);
+
+if (system($ENV{SRCDIR_ABS}/source4/scripting/bin/samba_dnsupdate
--all-interfaces --use-file=$dns_host_file -s $conffile
--update-list=$prefix/dns_update_list --no-substiutions --no-credentials) !=
0) {
+die Unable to update hostname into $dns_host_file;
+}
$ret{SERVER_IP} = $server_ip;
$ret{NMBD_TEST_LOG} = $prefix/nmbd_test.log;
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 2ad8ecc..0e72fea 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -3328,7 +3328,7 @@ test:: all torture timelimit
VFSLIBDIR
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 67230c4 build: Fix detection of quotas on macos from 13c2878 s3-pylibsmb: Use Py_RETURN_NONE http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 67230c43db5eb955c89ccc89d8e8d8aca1f35a1c Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 24 18:02:01 2012 +1000 build: Fix detection of quotas on macos This is a weird one. While visually OK, the . in sys/types.h was not made up of the typical ASCII character, so of course did not find types.h! Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Mon Sep 24 12:24:45 CEST 2012 on sn-devel-104 --- Summary of changes: source3/configure.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 89e813e..489b017 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -4641,7 +4641,7 @@ if test x$samba_cv_HAVE_QUOTACTL_4B = xyes; then samba_cv_sysquotas_file=lib/sysquotas_4B.c AC_CHECK_MEMBERS([struct dqblk.dqb_curbytes], # Darwin bytecount style [ AC_DEFINE([HAVE_STRUCT_DQBLK_DQB_CURBYTES],[1],[darwin style quota bytecount])],, - [#include sys/typeѕ.h + [#include sys/types.h #include sys/quota.h]) fi -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8e5f30c build: Remove unused define UNIXWARE via ffb3f2a lib/replace: Remove unused nap and therefore the SCO define via 0f69bf2 build: Make waf configure match autoconf for HPUX ACLs via e0bcce5 build: Rework waf STAT_ST_BLOCKSIZE to match autoconf, with 512 as the default via 73bdb2a lib/util: Remove unbuilt file util_getent.c and BROKEN_GETGRNAM via 41b9cb3 build: Remove unused IRIX and IRIX6 defines via 502135d lib/replace: Try to fix build on HP-UX for os2_delete test via 08d3062 ntdb: Try to fix the build on Solaris which does not have err from a4c54f6 s4:torture:smb2: add a durable-open.read-only test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8e5f30c830c23d8223c38e34669f069e44fee64b Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 14:37:24 2012 +1000 build: Remove unused define UNIXWARE Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Sun Sep 23 08:33:02 CEST 2012 on sn-devel-104 commit ffb3f2a19f4780e45ea0b95520aeb73c20893c44 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 14:35:58 2012 +1000 lib/replace: Remove unused nap and therefore the SCO define In any case, the Samba Team stopped supporting SCO systems a long time ago. Andrew Bartlett commit 0f69bf2cc9ce8ab76afefa693f3d50e458459854 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 14:30:37 2012 +1000 build: Make waf configure match autoconf for HPUX ACLs commit e0bcce55033f27ffa734b839e23bc731d82614f0 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 14:30:10 2012 +1000 build: Rework waf STAT_ST_BLOCKSIZE to match autoconf, with 512 as the default The autoconf build simply has 512 as the default, without a warning. Rather than enumerate every OS ever made, just handle the known exceptions. Andrew Bartlett commit 73bdb2a6c2f04c22780e2441a3e671722b16dfab Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 14:25:00 2012 +1000 lib/util: Remove unbuilt file util_getent.c and BROKEN_GETGRNAM Removing this unbuilt file allows removing BROKEN_GETGRNAM which was only ever defined per-OS, not based on an actual test. Andrew Bartlett commit 41b9cb32ce82a33b5dd8f5bd00d05ac0708a5a4d Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 13:57:44 2012 +1000 build: Remove unused IRIX and IRIX6 defines commit 502135df9f0d839e75907260f5dcdab4052d995e Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 13:39:01 2012 +1000 lib/replace: Try to fix build on HP-UX for os2_delete test The issue is that this file is both used in an autoconf test, and later in a smbtorture test. Because os2_delete.c does not include replace.h, bool may not be defined. So, instead we shift the need for bool to a different header. (The readdir tests in repdir.m4 are not yet in the waf configure). Andrew Bartlett commit 08d3062fc3ece6b5d98e32bad5f1d54c088b0dd0 Author: Andrew Bartlett abart...@samba.org Date: Sun Sep 23 13:20:45 2012 +1000 ntdb: Try to fix the build on Solaris which does not have err --- Summary of changes: lib/ccan/wscript|2 +- lib/ntdb/wscript|2 +- lib/replace/replace-test.h |4 - lib/replace/replace-testsuite.h | 10 ++ lib/replace/replace.c | 10 -- lib/replace/test/main.c |4 +- lib/replace/test/testsuite.c|6 +- lib/util/util_getent.c | 283 --- source3/configure.in| 18 +-- source3/wscript | 20 ++- source4/torture/local/local.c |2 +- 11 files changed, 33 insertions(+), 328 deletions(-) create mode 100644 lib/replace/replace-testsuite.h delete mode 100644 lib/util/util_getent.c Changeset truncated at 500 lines: diff --git a/lib/ccan/wscript b/lib/ccan/wscript index be5eab2..334f8fe 100644 --- a/lib/ccan/wscript +++ b/lib/ccan/wscript @@ -147,11 +147,11 @@ def build(bld): ccan_module(bld, 'endian') ccan_module(bld, 'likely', 'ccan-str') ccan_module(bld, 'typesafe_cb') +ccan_module(bld, 'err', 'ccan-compiler') # Failtest pulls in a lot of stuff, and it's only for unit tests. if bld.env.DEVELOPER_MODE: ccan_module(bld, 'container_of', 'ccan-check_type') -ccan_module(bld, 'err', 'ccan-compiler') ccan_module(bld, 'htable', 'ccan-compiler') ccan_module(bld, 'list', 'ccan-container_of') ccan_module(bld, 'time') diff --git a/lib/ntdb/wscript b/lib/ntdb/wscript index 39802db..1a4b02b 100644 --- a/lib/ntdb/wscript +++ b/lib/ntdb/wscript @@ -155,7 +155,7 @@ def build(bld
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via fe2071c build: Fix enabled handling for HAVE_LDAP, we need to use
bld.CONFIG_SET
via b8eaa57 build: Try not build with LDAP if we do not have ldap.h
from cb157e1 s4:dns.py: reproducer for (bug #9184)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit fe2071cd3bae655b9aa7908059f0e19520e2db90
Author: Andrew Bartlett abart...@samba.org
Date: Fri Sep 21 22:27:24 2012 -0700
build: Fix enabled handling for HAVE_LDAP, we need to use bld.CONFIG_SET
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Sat Sep 22 09:09:17 CEST 2012 on sn-devel-104
commit b8eaa57a100818d337c85ac42828801a59062587
Author: Andrew Bartlett abart...@samba.org
Date: Fri Sep 21 21:57:22 2012 -0700
build: Try not build with LDAP if we do not have ldap.h
---
Summary of changes:
source3/passdb/wscript_build |2 +-
source3/winbindd/wscript_build | 12 ++--
source3/wscript|2 +-
source3/wscript_build |4 ++--
4 files changed, 10 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/wscript_build b/source3/passdb/wscript_build
index d26afc2..03a0df4 100644
--- a/source3/passdb/wscript_build
+++ b/source3/passdb/wscript_build
@@ -19,7 +19,7 @@ bld.SAMBA3_MODULE('pdb_ldap',
source=PDB_LDAP_SRC,
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_ldap'),
- enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_ldap') and
bld.env.HAVE_LDAP)
+ enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_ldap') and
bld.CONFIG_SET('HAVE_LDAP'))
bld.SAMBA3_MODULE('pdb_smbpasswd',
subsystem='pdb',
diff --git a/source3/winbindd/wscript_build b/source3/winbindd/wscript_build
index 302b9ee..0d826f0 100644
--- a/source3/winbindd/wscript_build
+++ b/source3/winbindd/wscript_build
@@ -32,7 +32,7 @@ bld.SAMBA3_SUBSYSTEM('IDMAP_AD',
source=IDMAP_AD_SRC,
deps='ads nss_info',
vars=locals(),
-enabled=bld.env.HAVE_LDAP)
+enabled=bld.CONFIG_SET(HAVE_LDAP))
bld.SAMBA3_MODULE('idmap_ad',
subsystem='idmap',
@@ -41,7 +41,7 @@ bld.SAMBA3_MODULE('idmap_ad',
deps='IDMAP_AD',
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_ad'),
- enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.env.HAVE_LDAP)
+ enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.CONFIG_SET(HAVE_LDAP))
bld.SAMBA3_MODULE('idmap_rid',
subsystem='idmap',
@@ -65,7 +65,7 @@ bld.SAMBA3_MODULE('idmap_ldap',
deps='smbldap smbldaphelper pdb',
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_ldap'),
- enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ldap') and
bld.env.HAVE_LDAP)
+ enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ldap') and
bld.CONFIG_SET(HAVE_LDAP))
bld.SAMBA3_MODULE('idmap_nss',
subsystem='idmap',
@@ -143,7 +143,7 @@ bld.SAMBA3_MODULE('nss_info_rfc2307',
allow_undefined_symbols=True,
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_ad'),
- enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.env.HAVE_LDAP)
+ enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.CONFIG_SET(HAVE_LDAP))
bld.SAMBA3_MODULE('nss_info_sfu20',
subsystem='nss_info',
@@ -152,7 +152,7 @@ bld.SAMBA3_MODULE('nss_info_sfu20',
allow_undefined_symbols=True,
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_ad'),
- enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.env.HAVE_LDAP)
+ enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.CONFIG_SET(HAVE_LDAP))
bld.SAMBA3_MODULE('nss_info_sfu',
subsystem='nss_info',
@@ -161,4 +161,4 @@ bld.SAMBA3_MODULE('nss_info_sfu',
allow_undefined_symbols=True,
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('idmap_ad'),
- enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.env.HAVE_LDAP)
+ enabled=bld.SAMBA3_IS_ENABLED_MODULE('idmap_ad') and
bld.CONFIG_SET(HAVE_LDAP))
diff --git a/source3/wscript b/source3/wscript
index d0e76f3..23ea327 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -541,7 +541,7 @@ msg.msg_acctrightslen = sizeof(fd);
conf.DEFINE('LDAP_SET_REBIND_PROC_ARGS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d59688a auth/kerberos: add HAVE_KRB5 guard to fix non-krb5 build after winbindd pac changes from 7a493fd s3:smbd: release the share mode lock before calling exit_server() (bug #9191) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d59688a8e749454a59174b545f152a5c2880f999 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 21 15:59:11 2012 -0700 auth/kerberos: add HAVE_KRB5 guard to fix non-krb5 build after winbindd pac changes Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Sat Sep 22 02:44:07 CEST 2012 on sn-devel-104 --- Summary of changes: auth/kerberos/pac_utils.h |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/kerberos/pac_utils.h b/auth/kerberos/pac_utils.h index b9b6664..d09e7b6 100644 --- a/auth/kerberos/pac_utils.h +++ b/auth/kerberos/pac_utils.h @@ -21,6 +21,8 @@ #ifndef _PAC_UTILS_H #define _PAC_UTILS_H +#ifdef HAVE_KRB5 + #include lib/krb5_wrap/krb5_samba.h #include lib/krb5_wrap/gss_samba.h @@ -65,4 +67,5 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx, char *gssapi_error_string(TALLOC_CTX *mem_ctx, OM_uint32 maj_stat, OM_uint32 min_stat, const gss_OID mech); +#endif /* HAVE_KRB5 */ #endif /* _PAC_UTILS_H */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 914b02b libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now
provides PAC parsing
via d9747b1 s4-torture: Complete test for winbindd PAC parsing
via 05befd2 auth/kerberos: Adjust log level for failed PAC signature
verification
via 1bc2f28 winbind: Extend wbcAuthenticateUserEx to provide PAC
via 8a6a13a auth: Fix some nonempty blank lines
from 0231575 waf: Make samba ok with directories for install being
symlinks
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 914b02be5a3e7805110f517e39ed9f6fe760c2bc
Author: Andrew Bartlett abart...@samba.org
Date: Thu Sep 20 19:46:31 2012 -0700
libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now provides PAC
parsing
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Sep 21 06:37:15 CEST 2012 on sn-devel-104
commit d9747b15c4a737a1422d0156d92efed762bb672d
Author: Christof Schmitt christof.schm...@us.ibm.com
Date: Thu Sep 20 18:30:07 2012 -0700
s4-torture: Complete test for winbindd PAC parsing
Decode the PAC through the wbcAuthenticateUserEx call, also decode it
locally and compare the result.
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 05befd2f734d3962619ebc0cc137bbe5cedfd81d
Author: Christof Schmitt christof.schm...@us.ibm.com
Date: Mon Jul 30 11:03:54 2012 -0700
auth/kerberos: Adjust log level for failed PAC signature verification
With winbindd trying to verify the signature of an application provided
PAC, this message can be easily triggered. Adjust the debug level to
avoid filling up the logs.
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 1bc2f28b9420829645ed571daf2a17e6688b2103
Author: Christof Schmitt christof.schm...@us.ibm.com
Date: Wed Jul 18 14:38:47 2012 -0700
winbind: Extend wbcAuthenticateUserEx to provide PAC
With this new interface, external applications that have authenticated
to an ADS can pass the PAC from the Kerberos ticket to
wbcAuthenticateUserEx. winbindd decodes and extracts the info3
information for the external application. If winbindd can verify the PAC
signature, the info3 from the PACis also added to the netsamlogon_cache.
The info3 data can be used by the external application to get the uid
and primary gid. The data in netsamlogon_cache allows to retrieve the
complete group list through the NSS function getgrouplist.
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 8a6a13ab51f404525ff18f65d5a22132c465898e
Author: Volker Lendecke v...@samba.org
Date: Tue Sep 18 10:34:48 2012 -0700
auth: Fix some nonempty blank lines
Signed-off-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
auth/gensec/spnego.c | 120 +-
auth/kerberos/kerberos_pac.c |2 +-
.../ABI/{wbclient-0.10.sigs = wbclient-0.11.sigs} |0
nsswitch/libwbclient/wbc_pam.c | 16 +++-
nsswitch/libwbclient/wbclient.h| 45 ---
nsswitch/libwbclient/wscript |2 +-
nsswitch/winbind_struct_protocol.h |1 +
source3/winbindd/winbindd_pam.c| 128 +++-
source3/winbindd/winbindd_pam_auth_crap.c | 23
source3/winbindd/winbindd_proto.h |8 ++
source4/torture/winbind/winbind.c | 92 +-
11 files changed, 340 insertions(+), 97 deletions(-)
copy nsswitch/libwbclient/ABI/{wbclient-0.10.sigs = wbclient-0.11.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 5923200..da1fc0e 100644
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -2,7 +2,7 @@
Unix SMB/CIFS implementation.
RFC2478 Compliant SPNEGO implementation
-
+
Copyright (C) Jim McDonough j...@us.ibm.com 2003
Copyright (C) Andrew Bartlett abart...@samba.org 2004-2005
Copyright (C) Stefan Metzmacher me...@samba.org 2004-2008
@@ -11,13 +11,13 @@
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
*/
@@ -121,7 +121,7 @@ static NTSTATUS gensec_spnego_unseal_packet
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ffd61e2 ldb: bump version to 1.1.13 so the 4.0 release can get the isprint fix via 0eae4cd docs: Remove another reference to security=share via 8e95dee docs: Remove references to specific windows versions, instead mention Home/Professional/Server via 36bfb1e docs: Remove references to mulitple passdb backends via e221985 docs: Remove references to sysv-style CUPS from TOSHARG-CUPS-printing via d4efb94 docs: Remove very outdated TOSHARG-Other-Clients section via cbfeba7 docs: Remove very outdated TOSHARG-Portability section via 6786efa docs: Update FastStart: remove security=share, avoid disable spoolss via 6bc8616 docs: Clarify TOSHARG-Bugs for 2012 via 27359ac docs: Remove reference to inetd startup, it is not recommended via 64e3f1c docs: Update BDC docs to recognise the AD DC and to exclusivly recommend LDAP via 4de3718 docs: Remove referenece to old Red Hat Linux habits on winbindd via a5084a3 docs: Remove referenece to autogen.sh and document waf build instead via f995749 docs: Remove out of date links to pserver.samba.org and old tarballs via 0d73ce1 docs: Remove references to Subversion, replace with wiki link via 2dcc4fe docs: Remove references to old kerberos behaviour via 48e547c docs: Remove confusing reference to smb signing and client use spnego from b06dbfb s3:libsmb fix a double free error http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ffd61e2bbf46ab8660c32b90c547beb8b77fcb9d Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 17 11:57:33 2012 -0700 ldb: bump version to 1.1.13 so the 4.0 release can get the isprint fix Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Mon Sep 17 23:47:57 CEST 2012 on sn-devel-104 commit 0eae4cd787179b40375e298cfd95df817c67a94f Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 17 11:56:28 2012 -0700 docs: Remove another reference to security=share commit 8e95dee5cfc4175c7a93f1c55b08db8ab5f822c3 Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 17 11:56:08 2012 -0700 docs: Remove references to specific windows versions, instead mention Home/Professional/Server The flavours of windows seem to last longer than the individual products. Andrew Bartlett commit 36bfb1e2282d24d2cc20f812bc59ea1ede0e660c Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 17 11:55:12 2012 -0700 docs: Remove references to mulitple passdb backends These are long-gone and confusing. Andrew Bartlett commit e2219850d604470e484e9f8eb6e573c97d474298 Author: Andrew Bartlett abart...@samba.org Date: Mon Sep 17 11:54:25 2012 -0700 docs: Remove references to sysv-style CUPS from TOSHARG-CUPS-printing This also simplifies the cups config by not duplicating the printcap name parameter that is already set by default when printing=cups is set. Andrew Bartlett commit d4efb94dbb3121ccaf17366585ba7ca325f8d699 Author: Andrew Bartlett abart...@samba.org Date: Sat Sep 15 15:55:55 2012 -0700 docs: Remove very outdated TOSHARG-Other-Clients section commit cbfeba71bcd2223c8e919c7d7d73597b03d12b99 Author: Andrew Bartlett abart...@samba.org Date: Sat Sep 15 15:52:47 2012 -0700 docs: Remove very outdated TOSHARG-Portability section commit 6786efa358b471956b017570938676e2306d29c5 Author: Andrew Bartlett abart...@samba.org Date: Sat Sep 15 12:53:37 2012 -0700 docs: Update FastStart: remove security=share, avoid disable spoolss As I understand it, all printing is via spoolss, so do not disable it! Andrew Bartlett commit 6bc861663526e1234899ca5815df7a3c122c2b2e Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 23:13:33 2012 -0700 docs: Clarify TOSHARG-Bugs for 2012 commit 27359acf59cc7899e8de164f9311ef3b2b6db85a Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 23:08:53 2012 -0700 docs: Remove reference to inetd startup, it is not recommended commit 64e3f1c637b940e60d3d6988a033f4d391b7dab9 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 23:06:59 2012 -0700 docs: Update BDC docs to recognise the AD DC and to exclusivly recommend LDAP The confusing references to the not-recommended techniques and outdated steps (like net rpc getsid, replaced by simply having the SID just be in LDAP) just detract from the clarity of this document. Andrew Bartlett commit 4de371818504c522613845a1ae4fa97a69bcf412 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 22:30:06 2012 -0700 docs: Remove referenece to old Red Hat Linux habits on winbindd commit a5084a3077b0fecde0772e99302e0e7353c59da3 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 35a4a1e build: Fix build on systems without ldap development headers via 7ef7ec7 docs: update for modern kerberos libs via f84893a docs: remove references to security=server via 963664e docs: Remove distinction between server and domain accounts via c5151b6 docs: Update docs to the modern age of Samba 4.0 from 58e62ae s4:torture: fix error reporting in the raw.oplock-brl3 test http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 35a4a1ed1f0fc6f1cbccd31bb7db9431b2518a5b Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 11:58:02 2012 -0700 build: Fix build on systems without ldap development headers Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Fri Sep 14 22:53:30 CEST 2012 on sn-devel-104 commit 7ef7ec7be88f365ebd0c9da425283375188be2d1 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 11:57:38 2012 -0700 docs: update for modern kerberos libs commit f84893a54b27828946ca75e72542116a560315d6 Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 11:57:05 2012 -0700 docs: remove references to security=server commit 963664eccce0e7e221ab2c465a430b4d8e2e081b Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 09:29:51 2012 -0700 docs: Remove distinction between server and domain accounts Accounts on a server become accounts on the DC when upgraded. If they do not then this is simply a bug (in say tdbsam), not a feature to be documented. Andrew Bartlett commit c5151b62679edd11940023e757378c7aac66933a Author: Andrew Bartlett abart...@samba.org Date: Fri Sep 14 09:28:06 2012 -0700 docs: Update docs to the modern age of Samba 4.0 This removes references to security=share, security=server and other outdated things. It also updates to a world where encrypted passwords are the norm. Andrew Bartlett --- Summary of changes: docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml| 40 +--- docs-xml/Samba3-HOWTO/TOSHARG-DomainMember.xml | 118 +-- docs-xml/Samba3-HOWTO/TOSHARG-ServerType.xml | 272 +--- source3/wscript_build |1 + 4 files changed, 18 insertions(+), 413 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml b/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml index 951c879..5ea2db2 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-Diagnosis.xml @@ -130,9 +130,9 @@ configuration file is faulty. notepara indextermprimary/etc/samba/primary/indexterm -indextermprimary/usr/local/samba/lib/primary/indexterm +indextermprimary/usr/local/samba/etc/primary/indexterm Your smb.conf; file may be located in filename/etc/samba/filename -or in filename/usr/local/samba/lib/filename. +or in filename/usr/local/samba/etc/filename. /para/note /step @@ -431,8 +431,9 @@ If it says quoteerrornamebad password,/errorname/quote then the likely c orderedlist listitem para - You have shadow passwords (or some other password system) but didn't - compile in support for them in smbd;. + Password encryption is enabled by default, but you have not + yet set a password for your samba user. Run + commandsmbpasswd -a username/command /para /listitem @@ -444,7 +445,8 @@ If it says quoteerrornamebad password,/errorname/quote then the likely c listitem para - You have a mixed-case password and you haven't enabled the smbconfoption name=password level/ option at a high enough level. + You have explicitly disabled encrypted passwords with + smbconfoption name=encrypt passwordsno/smbconfoption have a mixed-case password and you haven't enabled the smbconfoption name=password level/ option at a high enough level. /para /listitem @@ -454,12 +456,6 @@ If it says quoteerrornamebad password,/errorname/quote then the likely c /para /listitem -listitem - para - You enabled password encryption but didn't map UNIX to Samba users. Run - commandsmbpasswd -a username/command - /para -/listitem /orderedlist para @@ -544,17 +540,7 @@ and other config lines in smb.conf; are correct. /para para -It's also possible that the server can't work out what username to connect you as. -To see if this is the problem, add the line -smbconfoption name=userusername/smbconfoption to the -smbconfsection name=[tmp]/ section of -smb.conf; where parameterusername/parameter is the -username corresponding to the password you typed. If you find this -fixes things, you may need the username mapping option. -/para - -para -It might also be the case that your client only sends encrypted
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 33d9a22 smbd: Print ACL used to create hash in vfs_xattr_common
via 6fbce90 provision: Only give the no posix ACLs exception if we
could not set the SD
via 1a3d6de torture: Add discard_const_p() to work around dlz_create
prototype
from 69c2e18 selftest: we fail the smb2.durable-open.delete_on_close2
test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 33d9a22dcb3662e8a5e33d490d2739712151677c
Author: Andrew Bartlett abart...@samba.org
Date: Mon Sep 10 08:43:09 2012 +1000
smbd: Print ACL used to create hash in vfs_xattr_common
This should help us understand why sometimes an ACL set won't stick.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Sep 11 18:19:53 CEST 2012 on sn-devel-104
commit 6fbce905db5bc4ea5463727a13ea063811556db7
Author: Andrew Bartlett abart...@samba.org
Date: Sun Sep 9 17:08:49 2012 +1000
provision: Only give the no posix ACLs exception if we could not set the
SD
This will allow us to run make test on all platforms again, as we emululate
the posix ACLs using the fake_acls
module. By then testing smbd.have_posix_acls() we gain a more specific
error message.
Andrew Bartlett
commit 1a3d6de20aa4e45dd1c5a8ed6f8b5193efa52167
Author: Andrew Bartlett abart...@samba.org
Date: Fri Sep 7 15:10:24 2012 +1000
torture: Add discard_const_p() to work around dlz_create prototype
---
Summary of changes:
source3/modules/vfs_acl_common.c | 10 ++
.../scripting/python/samba/provision/__init__.py | 12 ++--
source4/torture/dns/dlz_bind9.c|4 ++--
3 files changed, 18 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index a3d53a1..c2ac875 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -375,6 +375,12 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct
*handle,
file system SD mapping.\n,
name ));
+ if (DEBUGLEVEL = 10) {
+ DEBUG(10,(get_nt_acl_internal: acl for blob hash for %s is:\n,
+ name ));
+ NDR_PRINT_DEBUG(security_descriptor, pdesc_next);
+ }
+
TALLOC_FREE(psd);
psd = pdesc_next;
@@ -596,6 +602,10 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct
*handle, files_struct *fsp,
fsp_str_dbg(fsp)));
NDR_PRINT_DEBUG(security_descriptor,
discard_const_p(struct security_descriptor, psd));
+
+ DEBUG(10,(fset_nt_acl_xattr: storing has in xattr sd based on
\n));
+ NDR_PRINT_DEBUG(security_descriptor,
+ discard_const_p(struct security_descriptor,
pdesc_next));
}
status = create_acl_blob(psd, blob, XATTR_SD_HASH_TYPE_SHA256, hash);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source4/scripting/python/samba/provision/__init__.py
b/source4/scripting/python/samba/provision/__init__.py
index 12904a7..862a0c7 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -1906,17 +1906,17 @@ def provision(logger, session_info, credentials,
smbconf=None,
if paths.sysvol is None:
raise MissingShareError(sysvol, paths.smbconf)
-if not smbd.have_posix_acls():
-# This clue is only strictly correct for RPM and
-# Debian-like Linux systems, but hopefully other users
-# will get enough clue from it.
-raise ProvisioningError(Samba was compiled without the posix ACL
support that s3fs requires. Try installing libacl1-dev or libacl-devel, then
re-run configure and make.)
-
file = tempfile.NamedTemporaryFile(dir=os.path.abspath(paths.sysvol))
try:
try:
smbd.set_simple_acl(file.name, 0755, wheel_gid)
except Exception:
+if not smbd.have_posix_acls():
+# This clue is only strictly correct for RPM and
+# Debian-like Linux systems, but hopefully other users
+# will get enough clue from it.
+raise ProvisioningError(Samba was compiled without the
posix ACL support that s3fs requires. Try installing libacl1-dev or
libacl-devel, then re-run configure and make.)
+
raise ProvisioningError(Your filesystem or build does not
support posix ACLs, which s3fs requires. Try the mounting the filesystem with
the 'acl' option.)
try:
smbd.chown(file.name
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e8375dd smbd: Add extra VFS hooks to get the posix ACL as a blob
via 6638d10 smbd: Remove pre-allocation of ACL array in sys_acl_init()
via ac804f0 smbd-posix_acls: Use a IDL union to store the ACL entry
from bd2f160 Make metze happy and the code clearer :-).
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e8375ddf2d29b12cfe84ceec7195de957d0a743c
Author: Andrew Bartlett abart...@samba.org
Date: Mon Sep 10 12:44:01 2012 +1000
smbd: Add extra VFS hooks to get the posix ACL as a blob
This will allow us to hash this, rather than the NT ACL it maps to.
This will in turn allow us to know if the NT ACL is valid even if we
have to change the mapping code.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Sep 12 07:06:01 CEST 2012 on sn-devel-104
commit 6638d1036688f7b0f15a1a18c9a251ab0a7ab626
Author: Andrew Bartlett abart...@samba.org
Date: Fri Sep 7 17:44:24 2012 +1000
smbd: Remove pre-allocation of ACL array in sys_acl_init()
Instead, this is just handled with realloc in sys_acl_create_entry()
This allows us to remove the size element from the SMB_ACL_T.
Andrew Bartlett
commit ac804f0d7f5a93ff2710e213d9213ad9960a15d6
Author: Andrew Bartlett abart...@samba.org
Date: Fri Sep 7 15:49:47 2012 +1000
smbd-posix_acls: Use a IDL union to store the ACL entry
This is a clearer, long-term-stable structure we can hash without
risking it changing.
Andrew Bartlett
---
Summary of changes:
examples/VFS/skel_opaque.c | 15 +
examples/VFS/skel_transparent.c | 18 ++
librpc/idl/smb_acl.idl | 25 ++--
source3/include/smb_acls.h |2 +-
source3/include/vfs.h| 18 ++
source3/include/vfs_macros.h | 10 +++
source3/lib/sysacls.c| 37 +---
source3/modules/vfs_fake_acls.c | 68 ++
source3/modules/vfs_full_audit.c | 37
source3/modules/vfs_posixacl.c | 10 ++--
source3/modules/vfs_time_audit.c | 48 +++
source3/smbd/posix_acls.c|6 +-
source3/smbd/pysmbd.c|2 +-
source3/smbd/vfs.c | 21 +++
source4/scripting/python/samba/tests/posixacl.py | 52 -
15 files changed, 292 insertions(+), 77 deletions(-)
Changeset truncated at 500 lines:
diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c
index edfb772..a786a23 100644
--- a/examples/VFS/skel_opaque.c
+++ b/examples/VFS/skel_opaque.c
@@ -586,6 +586,18 @@ static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct
*handle, files_struct *fs
return (SMB_ACL_T)NULL;
}
+static int skel_sys_acl_blob_get_file(vfs_handle_struct *handle, const char
*path_p, SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx, char **blob_description,
DATA_BLOB *blob)
+{
+ errno = ENOSYS;
+ return -1;
+}
+
+static int skel_sys_acl_blob_get_fd(vfs_handle_struct *handle, files_struct
*fsp, TALLOC_CTX *mem_ctx, char **blob_description, DATA_BLOB *blob)
+{
+ errno = ENOSYS;
+ return -1;
+}
+
static int skel_sys_acl_set_file(vfs_handle_struct *handle, const char *name,
SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
{
errno = ENOSYS;
@@ -771,10 +783,13 @@ struct vfs_fn_pointers skel_opaque_fns = {
.sys_acl_get_file_fn = skel_sys_acl_get_file,
.sys_acl_get_fd_fn = skel_sys_acl_get_fd,
+ .sys_acl_blob_get_file_fn = skel_sys_acl_blob_get_file,
+ .sys_acl_blob_get_fd_fn = skel_sys_acl_blob_get_fd,
.sys_acl_set_file_fn = skel_sys_acl_set_file,
.sys_acl_set_fd_fn = skel_sys_acl_set_fd,
.sys_acl_delete_def_file_fn = skel_sys_acl_delete_def_file,
+
/* EA operations. */
.getxattr_fn = skel_getxattr,
.fgetxattr_fn = skel_fgetxattr,
diff --git a/examples/VFS/skel_transparent.c b/examples/VFS/skel_transparent.c
index 711b7fc..02a994c 100644
--- a/examples/VFS/skel_transparent.c
+++ b/examples/VFS/skel_transparent.c
@@ -699,6 +699,22 @@ static SMB_ACL_T skel_sys_acl_get_fd(vfs_handle_struct
*handle, files_struct *fs
return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
}
+static int skel_sys_acl_blob_get_file(vfs_handle_struct *handle, const char
*path_p, SMB_ACL_TYPE_T type,
+ TALLOC_CTX *mem_ctx,
+ char **blob_description,
+ DATA_BLOB *blob)
+{
+ return
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via baf2db6 selftest: Test configure stage of dlz_bind9
via 52f0ded selftest: Add tests for the dlz_bind9 module
from 0d99175 join.py: Only replicate DNS zones if the source DC had DNS
zones
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit baf2db685f1d2bff712d45288abf116f903039ed
Author: Andrew Bartlett abart...@samba.org
Date: Thu Sep 6 15:22:17 2012 +1000
selftest: Test configure stage of dlz_bind9
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Sep 6 09:07:11 CEST 2012 on sn-devel-104
commit 52f0dedc1a63c75f87adc0f70f10aae2b2bfaf72
Author: Andrew Bartlett abart...@samba.org
Date: Thu Sep 6 14:26:57 2012 +1000
selftest: Add tests for the dlz_bind9 module
This will help ensure that we do not break the fundemental loading etc.
From here, it should be easy to extend this to more comprehensive tests.
Andrew Bartlett
---
Summary of changes:
source4/dns_server/wscript_build |7 ++
source4/selftest/tests.py |4 +
source4/torture/dns/dlz_bind9.c | 152 +
source4/torture/dns/wscript_build | 10 +++
source4/torture/wscript_build |1 +
5 files changed, 174 insertions(+), 0 deletions(-)
create mode 100644 source4/torture/dns/dlz_bind9.c
create mode 100644 source4/torture/dns/wscript_build
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/wscript_build b/source4/dns_server/wscript_build
index b8e2708..280f8de 100644
--- a/source4/dns_server/wscript_build
+++ b/source4/dns_server/wscript_build
@@ -30,3 +30,10 @@ bld.SAMBA_LIBRARY('dlz_bind9_9',
install_path='${MODULESDIR}/bind9',
deps='samba-hostconfig samdb-common gensec popt',
enabled=bld.AD_DC_BUILD_IS_ENABLED())
+
+bld.SAMBA_LIBRARY('dlz_bind9_for_torture',
+ source='dlz_bind9.c',
+ cflags='-DBIND_VERSION_9_8',
+ private_library=True,
+ deps='samba-hostconfig samdb-common gensec popt',
+ enabled=bld.AD_DC_BUILD_IS_ENABLED())
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index b9944cb..fd4b669 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -296,6 +296,10 @@ for f in sorted(os.listdir(os.path.join(samba4srcdir,
../pidl/tests))):
# DNS tests
planpythontestsuite(dc, samba.tests.dns)
+# Local tests
+for t in smb4torture_testsuites(dlz_bind9.):
+#The dlz_bind9 tests needs to look at the DNS database
+plansmbtorturetestsuite(t, dc:local, ncalrpc:localhost)
planpythontestsuite(s3dc, samba.tests.libsmb_samba_internal);
diff --git a/source4/torture/dns/dlz_bind9.c b/source4/torture/dns/dlz_bind9.c
new file mode 100644
index 000..d01e506
--- /dev/null
+++ b/source4/torture/dns/dlz_bind9.c
@@ -0,0 +1,152 @@
+/*
+ Unix SMB/CIFS implementation.
+ SMB torture tester
+ Copyright (C) Andrew Bartlett 2012
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see http://www.gnu.org/licenses/.
+*/
+
+#include includes.h
+#include torture/smbtorture.h
+#include dlz_minimal.h
+#include talloc.h
+#include ldb.h
+#include lib/param/param.h
+#include dsdb/samdb/samdb.h
+#include dsdb/common/util.h
+#include auth/session.h
+
+struct torture_context *tctx_static;
+
+static void dlz_bind9_log_wrapper(int level, const char *fmt, ...)
+{
+ va_list ap;
+ char *msg;
+ va_start(ap, fmt);
+ msg = talloc_vasprintf(NULL, fmt, ap);
+ torture_comment(tctx_static, %s\n, msg);
+ TALLOC_FREE(msg);
+ va_end(ap);
+}
+
+static bool test_dlz_bind9_version(struct torture_context *tctx)
+{
+ unsigned int flags = 0;
+ torture_assert_int_equal(tctx, dlz_version(flags),
+DLZ_DLOPEN_VERSION, got wrong DLZ version);
+ return true;
+}
+
+static bool test_dlz_bind9_create(struct torture_context *tctx)
+{
+ void *dbdata;
+ const char *argv[] = {
+ samba_dlz,
+ -H,
+ lpcfg_private_path(tctx, tctx-lp_ctx, dns/sam.ldb),
+ NULL
+ };
+ tctx_static = tctx;
+ torture_assert_int_equal
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7b86c18 selftest: Add python blackbox tests for samba-tool ntacl get/set via f9cee8d samba_tool: Improve samba-tool ntacl get/set to use the local sam.ldb SID via 7b5ba30 samba_tool: Fix ntacl get to correctly output in sddl via c19208e s4-provision: Fix error message to contain the string SSDL of the failed-to-match ACL from 558fa4c s4 dns: Revert erroneous push from wrong branch http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7b86c18f38412c621b3c316776067d949b0b0bbb Author: Andrew Bartlett abart...@samba.org Date: Wed Sep 5 18:13:53 2012 +1000 selftest: Add python blackbox tests for samba-tool ntacl get/set Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Wed Sep 5 15:47:55 CEST 2012 on sn-devel-104 commit f9cee8d832495798beb025c16afed5bd6a13799b Author: Andrew Bartlett abart...@samba.org Date: Wed Sep 5 18:12:52 2012 +1000 samba_tool: Improve samba-tool ntacl get/set to use the local sam.ldb SID This gets the SID for the local machine correctly. We also add options for --use-ntvfs and --use-s3fs to help control exactly which database is being read and written. Andrew Bartlett commit 7b5ba3013867ae77d516b5ac3cd264fbaf5ca372 Author: Andrew Bartlett abart...@samba.org Date: Wed Sep 5 17:06:33 2012 +1000 samba_tool: Fix ntacl get to correctly output in sddl commit c19208e93ce401b5ef0b752b32648926f9f39824 Author: Andrew Bartlett abart...@samba.org Date: Wed Sep 5 15:16:40 2012 +1000 s4-provision: Fix error message to contain the string SSDL of the failed-to-match ACL --- Summary of changes: source4/scripting/python/samba/netcmd/ntacl.py | 76 ++-- .../scripting/python/samba/provision/__init__.py |4 +- .../python/samba/tests/samba_tool/ntacl.py | 69 +- 3 files changed, 124 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/netcmd/ntacl.py b/source4/scripting/python/samba/netcmd/ntacl.py index 661af80..92239a7 100644 --- a/source4/scripting/python/samba/netcmd/ntacl.py +++ b/source4/scripting/python/samba/netcmd/ntacl.py @@ -21,7 +21,7 @@ import samba.getopt as options from samba.dcerpc import security, idmap from samba.ntacls import setntacl, getntacl from samba import Ldb -from samba.ndr import ndr_unpack +from samba.ndr import ndr_unpack, ndr_print from samba.samdb import SamDB from samba.samba3 import param as s3param, passdb, smbd from samba import provision @@ -55,31 +55,42 @@ class cmd_ntacl_set(Command): Option(--xattr-backend, type=choice, help=xattr backend type (native fs or tdb), choices=[native,tdb]), Option(--eadb-file, help=Name of the tdb file where attributes are stored, type=string), +Option(--use-ntvfs, help=Set the ACLs directly to the TDB or xattr for use with the ntvfs file server, action=store_true), +Option(--use-s3fs, help=Set the ACLs for use with the default s3fs file server via the VFS layer, action=store_true) ] takes_args = [acl,file] -def run(self, acl, file, quiet=False,xattr_backend=None,eadb_file=None, +def run(self, acl, file, use_ntvfs=False, use_s3fs=False, +quiet=False,xattr_backend=None,eadb_file=None, credopts=None, sambaopts=None, versionopts=None): +logger = self.get_logger() lp = sambaopts.get_loadparm() -path = lp.private_path(secrets.ldb) -creds = credopts.get_credentials(lp) -creds.set_kerberos_state(DONT_USE_KERBEROS) try: -ldb = Ldb(path, session_info=system_session(), credentials=creds, - lp=lp) +samdb = SamDB(session_info=system_session(), + lp=lp) except Exception, e: -raise CommandError(Unable to read domain SID from configuration files, e) -attrs = [objectSid] -res = ldb.search(expression=(objectClass=*), -base=flatname=%s,cn=Primary Domains % lp.get(workgroup), -scope=SCOPE_BASE, attrs=attrs) -if len(res) !=0: -domainsid = ndr_unpack(security.dom_sid, res[0][objectSid][0]) -setntacl(lp, file, acl, str(domainsid), xattr_backend, eadb_file) -else: +raise CommandError(Unable to open samdb:, e) + +if not use_ntvfs and not use_s3fs: +use_ntvfs = smb in lp.get(server services) +elif use_s3fs: +use_ntvfs = False + +try: +domain_sid = security.dom_sid(samdb.domain_sid) +except: raise CommandError(Unable to read domain SID from configuration files) +s3conf
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 0d99175 join.py: Only replicate DNS zones if the source DC had DNS
zones
via f453117 s3-printing: Restrict printing=cups to systems with cups
development headers at build time
from e00ac55 Free protect_ids in secret_store_domain_sid() as the caller
of fetch_secrets() must free the result in order to not leak memory.
Signed-off-by: Jeremy Allison j...@samba.org
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 0d99175f2afb4badd61ba903f3752a0207b049a3
Author: Andrew Bartlett abart...@samba.org
Date: Thu Sep 6 10:37:18 2012 +1000
join.py: Only replicate DNS zones if the source DC had DNS zones
This avoid folks needing to specify --dns-backend=NONE
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Sep 6 04:48:55 CEST 2012 on sn-devel-104
commit f453117569e04087ae461677717b14cdd65a4cd4
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 5 15:03:31 2012 +1000
s3-printing: Restrict printing=cups to systems with cups development
headers at build time
This means that instead of failing due to the default commandline values
not being quite correct
that we clearly fail at loadparm and testparm time when parsing the
printing= line.
Andrew Bartlett
---
Summary of changes:
docs-xml/smbdotconf/printing/printing.xml |6 +-
lib/param/param_table.c |4
source3/param/loadparm.c | 14 --
source3/utils/testparm.c |2 --
source4/scripting/python/samba/join.py| 25 ++---
5 files changed, 27 insertions(+), 24 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/printing/printing.xml
b/docs-xml/smbdotconf/printing/printing.xml
index c365594..eb5925f 100644
--- a/docs-xml/smbdotconf/printing/printing.xml
+++ b/docs-xml/smbdotconf/printing/printing.xml
@@ -18,7 +18,11 @@
constantLPRNG/constant, constantPLP/constant,
constantSYSV/constant, constantHPUX/constant,
constantQNX/constant, constantSOFTQ/constant,
-and constantCUPS/constant./para
+constantCUPS/constant and constantIPRINT/constant./para
+
+paraBe aware that CUPS and IPRINT are only available if the CUPS
+development library was available at the time Samba was compiled
+or packaged./para
paraTo see what the defaults are for the other print
commands when using the various options use the
citerefentryrefentrytitletestparm/refentrytitle
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index 4126d89..2aa392a 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -186,8 +186,12 @@ static const struct enum_list enum_printing[] = {
{PRINT_QNX, qnx},
{PRINT_PLP, plp},
{PRINT_LPRNG, lprng},
+#ifdef HAVE_CUPS
{PRINT_CUPS, cups},
+#endif
+#ifdef HAVE_IPRINT
{PRINT_IPRINT, iprint},
+#endif
{PRINT_LPRNT, nt},
{PRINT_LPROS2, os2},
#if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 1e41825..2c77691 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -408,7 +408,6 @@ static void init_printer_values(struct loadparm_service
*pService)
case PRINT_CUPS:
case PRINT_IPRINT:
-#ifdef HAVE_CUPS
/* set the lpq command to contain the destination
printer
name only. This is used by cups_queue_get() */
string_set(pService-szLpqcommand, %p);
@@ -418,15 +417,6 @@ static void init_printer_values(struct loadparm_service
*pService)
string_set(pService-szLpresumecommand, );
string_set(pService-szQueuepausecommand, );
string_set(pService-szQueueresumecommand, );
-#else
- string_set(pService-szLpqcommand, lpq -P'%p');
- string_set(pService-szLprmcommand, lprm -P'%p' %j);
- string_set(pService-szPrintcommand, lpr -P'%p' %s;
rm %s);
- string_set(pService-szLppausecommand, lp -i '%p-%j'
-H hold);
- string_set(pService-szLpresumecommand, lp -i '%p-%j'
-H resume);
- string_set(pService-szQueuepausecommand, disable
'%p');
- string_set(pService-szQueueresumecommand, enable
'%p');
-#endif /* HAVE_CUPS */
break;
case PRINT_SYSV:
@@ -5284,11 +5274,7 @@ const char *lp_printcapname(void)
return Globals.szPrintcapname;
if (sDefault.iPrinting == PRINT_CUPS) {
-#ifdef HAVE_CUPS
return cups
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4437547 s4-selftest: Try a more complex ACL - this example from a
GPO
via 97a1f8d s4-selftest: Try to make ntacl unit tests better match
their names
via 6c9d22d file_server: Clarify code by avoiding a goto
via 30253c1 s4-samba-tool: Ensure we also sync the SACL as well as the
DACL during sysvolreset
from 9983ad7 s3-passdb: Rename pdb_samba4 to samba_dsdb and
autoconfigure when we are a AD DC
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4437547afab2def2b53f2be1b10ac7b376f5ee8f
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 17:56:38 2012 +1000
s4-selftest: Try a more complex ACL - this example from a GPO
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Sep 4 11:30:17 CEST 2012 on sn-devel-104
commit 97a1f8d20be2068e3214361f844a6282e10ab28d
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 17:54:34 2012 +1000
s4-selftest: Try to make ntacl unit tests better match their names
We are trying to test combinations of setting and getting via the VFS
and directly to the underlying DB.
Andrew Bartlett
commit 6c9d22d1ed5cc886b7a7c886f7298fea8c60089c
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 17:18:45 2012 +1000
file_server: Clarify code by avoiding a goto
As suggested by Ricky Nance ricky.na...@weaubleau.k12.mo.us
Andrew Bartlett
commit 30253c11cca5be8b5eaddeb12f1a749315928679
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 17:17:34 2012 +1000
s4-samba-tool: Ensure we also sync the SACL as well as the DACL during
sysvolreset
---
Summary of changes:
file_server/file_server.c|6 +---
source4/scripting/python/samba/ntacls.py |2 +-
source4/scripting/python/samba/tests/posixacl.py | 24 +
3 files changed, 22 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/file_server/file_server.c b/file_server/file_server.c
index a3efcb2..e1560c2 100644
--- a/file_server/file_server.c
+++ b/file_server/file_server.c
@@ -117,15 +117,13 @@ static void s3fs_task_init(struct task_server *task)
NULL);
if (req == NULL) {
DEBUG(0, (Failed to start smbd as child daemon\n));
- goto failed;
+ task_server_terminate(task, Failed to startup s3fs smb task,
true);
+ return;
}
tevent_req_set_callback(req, file_server_smbd_done, task);
DEBUG(1,(Started file server smbd with config %s\n, fileserver_conf));
- return;
-failed:
- task_server_terminate(task, Failed to startup s3fs smb task, true);
}
/* called at smbd startup - register ourselves as a server service */
diff --git a/source4/scripting/python/samba/ntacls.py
b/source4/scripting/python/samba/ntacls.py
index ac4aad0..38c31c6 100644
--- a/source4/scripting/python/samba/ntacls.py
+++ b/source4/scripting/python/samba/ntacls.py
@@ -105,7 +105,7 @@ def setntacl(lp, file, sddl, domsid, backend=None,
eadbfile=None, use_ntvfs=True
samba.xattr_native.wrap_setxattr(file, xattr.XATTR_NTACL_NAME,
ndr_pack(ntacl))
else:
-smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP
| security.SECINFO_DACL, sd)
+smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP
| security.SECINFO_DACL | security.SECINFO_SACL, sd)
def ldapmask2filemask(ldm):
diff --git a/source4/scripting/python/samba/tests/posixacl.py
b/source4/scripting/python/samba/tests/posixacl.py
index 64c997d..ba0911d 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -59,7 +59,7 @@ class PosixAclMappingTests(TestCase):
tempf = os.path.join(path,pytests+str(int(10*random.random(
open(tempf, 'w').write(empty)
setntacl(lp,tempf,acl,S-1-5-21-2212615479-2695158682-2101375467,
use_ntvfs=True)
-facl = getntacl(lp,tempf)
+facl = getntacl(lp,tempf, direct_db_access=True)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
os.unlink(tempf)
@@ -72,8 +72,8 @@ class PosixAclMappingTests(TestCase):
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
tempf = os.path.join(path,pytests+str(int(10*random.random(
open(tempf, 'w').write(empty)
-setntacl(lp,tempf,acl,S-1-5-21-2212615479-2695158682-2101375467,
use_ntvfs=False)
-facl
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4def1c1 file_server: Remove explicit set of passdb backend in
fileserver.conf
via 7afd476 build: sync the waf ACL checks with configure.in
via a566404 build: Remove references to charset modules - we no longer
have these
via cac1ebf build: vfs_fake_acls does not need the acl lib
via 73932a3 file_server: Run task_server_terminate when smbd exists
via 8d3e193 file_server: use 'subreq' as variable instead of 'req'
via 2c9c589 build: remove unused HAVE_NO_ACLS define
from 4437547 s4-selftest: Try a more complex ACL - this example from a
GPO
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4def1c1780c98d6595b778a6647818b79dea797a
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 20:31:03 2012 +1000
file_server: Remove explicit set of passdb backend in fileserver.conf
The default is now set during smb.conf loading based on the server role
or during provision.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Sep 4 14:05:34 CEST 2012 on sn-devel-104
commit 7afd476fe412a3cacad4671673f8cb05592bbb94
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 20:15:28 2012 +1000
build: sync the waf ACL checks with configure.in
This should give us full ACLs on the same set of hosts that the autoconf
build supports.
Andrew Bartlett
commit a566404362cc7e45b5ce619db81175b55c55c288
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 20:06:12 2012 +1000
build: Remove references to charset modules - we no longer have these
commit cac1ebfff6c83bfe6cec3a740dface97f706f9ff
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 19:41:38 2012 +1000
build: vfs_fake_acls does not need the acl lib
commit 73932a3aa40bb4b2c2bd22f1be3abc546ab83481
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 11:06:15 2012 +0200
file_server: Run task_server_terminate when smbd exists
This will help us shut down when smbd cannot bind to ports or perform
some other critical startup operation.
Based on a patch by Stefan Metzmacher me...@samba.org
Andrew Bartlett
commit 8d3e193fa153eb0c219953707db5ac4cb93cc853
Author: Stefan Metzmacher me...@samba.org
Date: Tue Sep 4 11:04:16 2012 +0200
file_server: use 'subreq' as variable instead of 'req'
This matches the style of all other tevent_req users.
metze
commit 2c9c58993cf36bc959d3bf1ca634fbaf9bb3a08f
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 18:58:53 2012 +1000
build: remove unused HAVE_NO_ACLS define
---
Summary of changes:
file_server/file_server.c | 13 ++
source3/configure.in |3 --
source3/modules/wscript_build |3 +-
source3/wscript | 52 +++-
4 files changed, 45 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/file_server/file_server.c b/file_server/file_server.c
index e1560c2..0777de5 100644
--- a/file_server/file_server.c
+++ b/file_server/file_server.c
@@ -51,7 +51,6 @@ static const char *generate_smb_conf(struct task_server *task)
fdprintf(fd, [globals]\n);
fdprintf(fd, # auto-generated config for fileserver\n);
fdprintf(fd, server role check:inhibit=yes\n);
- fdprintf(fd, passdb backend = samba4\n);
fdprintf(fd, rpc_server:default = external\n);
fdprintf(fd, rpc_server:svcctl = embedded\n);
fdprintf(fd, rpc_server:srvsvc = embedded\n);
@@ -78,6 +77,9 @@ static const char *generate_smb_conf(struct task_server *task)
*/
static void file_server_smbd_done(struct tevent_req *subreq)
{
+ struct task_server *task =
+ tevent_req_callback_data(subreq,
+ struct task_server);
int sys_errno;
int ret;
@@ -87,6 +89,7 @@ static void file_server_smbd_done(struct tevent_req *subreq)
} else {
DEBUG(0,(file_server smbd daemon exited normally\n));
}
+ task_server_terminate(task, smbd child process exited, true);
}
@@ -96,7 +99,7 @@ static void file_server_smbd_done(struct tevent_req *subreq)
static void s3fs_task_init(struct task_server *task)
{
const char *fileserver_conf;
- struct tevent_req *req;
+ struct tevent_req *subreq;
const char *smbd_path;
const char *smbd_cmd[2] = { NULL, NULL };
@@ -109,19 +112,19 @@ static void s3fs_task_init(struct task_server *task)
smbd_cmd[0] = smbd_path;
/* start it as a child process */
- req = samba_runcmd_send(task, task-event_ctx, timeval_zero(), 1, 0,
+ subreq = samba_runcmd_send(task, task-event_ctx, timeval_zero(), 1, 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 15e3991 build: Remove unused deps from vfs modules
from 084978f s3: Slightly simplify fd_open_atomic
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 15e3991b39d2e9496d01d18479db2804804a39f6
Author: Andrew Bartlett abart...@samba.org
Date: Wed Sep 5 08:55:41 2012 +1000
build: Remove unused deps from vfs modules
Both these modules are just implemented in terms of other modules.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Sep 5 03:34:08 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/modules/wscript_build |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/wscript_build b/source3/modules/wscript_build
index dee7ea3..594b27c 100644
--- a/source3/modules/wscript_build
+++ b/source3/modules/wscript_build
@@ -99,7 +99,7 @@ bld.SAMBA3_MODULE('vfs_full_audit',
bld.SAMBA3_MODULE('vfs_fake_perms',
subsystem='vfs',
source=VFS_FAKE_PERMS_SRC,
- deps='acl attr samba-util',
+ deps='samba-util',
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_fake_perms'),
enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_fake_perms'))
@@ -107,7 +107,7 @@ bld.SAMBA3_MODULE('vfs_fake_perms',
bld.SAMBA3_MODULE('vfs_fake_acls',
subsystem='vfs',
source=VFS_FAKE_ACLS_SRC,
- deps='attr samba-util',
+ deps='samba-util',
init_function='',
internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_fake_acls'),
enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_fake_acls'))
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 18c0d87 build: skip shipping the alpha13 provision in the release
tarballs
via 2dd0e71 s4-classicupgrade: Show more clearly what is wrong with the
Adminstrator SID
via 3b3d7bb build: Only make bin/ if it does not exist
via 3ad9c52 selftest: skip tests if the tarball did not include the
alpha13 provision
from 05f9829 waf: add new quota header checks and sysquota_4B source file
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 18c0d872d119f47f3f82f6fa1f4fa8a2afc36750
Author: Andrew Bartlett abart...@samba.org
Date: Mon Sep 3 18:55:06 2012 +1000
build: skip shipping the alpha13 provision in the release tarballs
This test is important, but it is not important enough to include this
volume of data
in every tarball.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Mon Sep 3 13:01:58 CEST 2012 on sn-devel-104
commit 2dd0e7141f24a4e92e165c3aadaaa3a97eb26712
Author: Andrew Bartlett abart...@samba.org
Date: Mon Sep 3 18:50:16 2012 +1000
s4-classicupgrade: Show more clearly what is wrong with the Adminstrator SID
commit 3b3d7bb6029bf7c89abec0fb0b455a6154b0d0bf
Author: Andrew Bartlett abart...@samba.org
Date: Mon Sep 3 18:43:33 2012 +1000
build: Only make bin/ if it does not exist
commit 3ad9c52b1471da7192aa39f878d3ec22ea52d665
Author: Andrew Bartlett abart...@samba.org
Date: Mon Sep 3 18:42:55 2012 +1000
selftest: skip tests if the tarball did not include the alpha13 provision
---
Summary of changes:
source4/scripting/python/samba/upgrade.py |1 +
testprogs/blackbox/dbcheck-alpha13.sh | 34 +++-
wscript |5 ++-
3 files changed, 32 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/upgrade.py
b/source4/scripting/python/samba/upgrade.py
index d3f0b8d..6b6a188 100644
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@@ -869,6 +869,7 @@ Please fix this account before attempting to upgrade again
for username in userdata:
if username.lower() == 'administrator':
if userdata[username].user_sid != dom_sid(str(domainsid) + -500):
+logger.error(User 'Administrator' in your existing directory
has SID %s, expected it to be %s % (userdata[username].user_sid,
dom_sid(str(domainsid) + -500)))
raise ProvisioningError(User 'Administrator' in your existing
directory does not have SID ending in -500)
if username.lower() == 'root':
if userdata[username].user_sid == dom_sid(str(domainsid) + -500):
diff --git a/testprogs/blackbox/dbcheck-alpha13.sh
b/testprogs/blackbox/dbcheck-alpha13.sh
index 00cb97a..a028116 100755
--- a/testprogs/blackbox/dbcheck-alpha13.sh
+++ b/testprogs/blackbox/dbcheck-alpha13.sh
@@ -12,12 +12,14 @@ shift 1
. `dirname $0`/subunit.sh
+alpha13_dir=`dirname $0`/../../source4/selftest/provisions/alpha13
+
alpha13() {
if test -x $BINDIR/tdbrestore;
then
- `dirname $0`/../../source4/selftest/provisions/undump.sh `dirname
$0`/../../source4/selftest/provisions/alpha13 $PREFIX_ABS/alpha13
$BINDIR/tdbrestore
+ `dirname $0`/../../source4/selftest/provisions/undump.sh $alpha13_dir
$PREFIX_ABS/alpha13 $BINDIR/tdbrestore
else
- `dirname $0`/../../source4/selftest/provisions/undump.sh `dirname
$0`/../../source4/selftest/provisions/alpha13 $PREFIX_ABS/alpha13
+ `dirname $0`/../../source4/selftest/provisions/undump.sh $alpha13_dir
$PREFIX_ABS/alpha13
fi
}
@@ -34,9 +36,29 @@ dbcheck_clean() {
$BINDIR/samba-tool dbcheck --cross-ncs -H
tdb://$PREFIX_ABS/alpha13/private/sam.ldb $@
}
-testit alpha13 alpha13
-testit reindex reindex
-testit_expect_failure dbcheck dbcheck
-testit dbcheck_clean dbcheck_clean
+if [ -d $alpha13_dir ]; then
+testit alpha13 alpha13
+testit reindex reindex
+testit_expect_failure dbcheck dbcheck
+testit dbcheck_clean dbcheck_clean
+else
+subunit_start_test alpha13
+subunit_skip_test alpha13 EOF
+no test provision
+EOF
+
+subunit_start_test reindex
+subunit_skip_test reindex EOF
+no test provision
+EOF
+subunit_start_test dbcheck
+subunit_skip_test dbcheck EOF
+no test provision
+EOF
+subunit_start_test dbcheck_clean
+subunit_skip_test dbcheck_clean EOF
+no test provision
+EOF
+fi
exit $failed
diff --git a/wscript b/wscript
index fcf4a0f..64aaaf2 100755
--- a/wscript
+++ b/wscript
@@ -12,7 +12,7 @@ import wafsamba, Options, samba_dist, Scripting, Utils,
samba_version
samba_dist.DIST_DIRS('.')
-samba_dist.DIST_BLACKLIST('.gitignore .bzrignore
[SCM] build.samba.org - branch master updated
The branch, master has been updated
via 8976254 build: Fix build farm for hosts other than our coverage test
from 178df90 Add action_none to assist hosts with no extra_actions
http://gitweb.samba.org/?p=build-farm.git;a=shortlog;h=master
- Log -
commit 89762541cf479b8656040daf78127255b529c4d7
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 09:56:38 2012 +1000
build: Fix build farm for hosts other than our coverage test
---
Summary of changes:
build_test.fns |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/build_test.fns b/build_test.fns
index 3b0a4b8..ded4d09 100644
--- a/build_test.fns
+++ b/build_test.fns
@@ -814,7 +814,7 @@ test_tree() {
fi
if [ $extra_actions = ]; then
- actions=none
+ extra_actions=none
fi
# start the build
--
build.samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 68f68d0 docs: Move Samba4 HOWTO link into README via 8be652a docs: Update Roadmap via 3f42619 docs: Remove merged-branches.txt via 0010828 docs: Remove docs for removed parameter 'display charset' via 339fb7e remove extra tab from Makefile via f9e8f08 docs: Fix undocumented target to find smb.conf directives in the right place via 28499b0 docs: Remove references to security=share and security=server from the smb.conf docs via 4a52a3f docs: Remove docs for removed parameter 'parinoid server security' from 75484f4 docs: Rename manpages-3 - manpages. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 68f68d01529e159d965cefa1da497f3472a36972 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 09:31:27 2012 +1000 docs: Move Samba4 HOWTO link into README This allows us to make clear that it applies to the AD DC deployment. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Sep 4 03:05:02 CEST 2012 on sn-devel-104 commit 8be652a675efb5f25f0e2c573b9c8d6c0f3a9b5f Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 09:24:52 2012 +1000 docs: Update Roadmap commit 3f42619e802b9dc13dc4dd770d419a0e4e9fce9d Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 09:20:19 2012 +1000 docs: Remove merged-branches.txt We are now well past simply having two projects in once tree, and each continued reference to 'samba3' and 'samba4' causes user confusion. Andrew Bartlett commit 00108282d046c2d4948c7c5977c98b412e08fb0a Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 09:12:17 2012 +1000 docs: Remove docs for removed parameter 'display charset' commit 339fb7ef61e675c1db7743e039f2c1e6c45c08a0 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 09:10:59 2012 +1000 remove extra tab from Makefile commit f9e8f08197651f053bf6a23584bf04814440fec0 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 09:09:38 2012 +1000 docs: Fix undocumented target to find smb.conf directives in the right place The manpages target needs to be reworked to know about waf. Andrew Bartlett commit 28499b04769ee0d310e48576b868e11c0d2b1422 Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 08:46:06 2012 +1000 docs: Remove references to security=share and security=server from the smb.conf docs commit 4a52a3f48de60c79113018ca20a420dab536f46d Author: Andrew Bartlett abart...@samba.org Date: Tue Sep 4 08:27:23 2012 +1000 docs: Remove docs for removed parameter 'parinoid server security' --- Summary of changes: README | 11 +++- Roadmap|8 ++-- docs-xml/Makefile |6 +- docs-xml/Makefile.settings.in |2 +- docs-xml/scripts/find_missing_doc.pl |2 +- docs-xml/smbdotconf/base/displaycharset.xml| 17 -- docs-xml/smbdotconf/logon/adduserscript.xml|8 --- docs-xml/smbdotconf/security/adminusers.xml|3 - docs-xml/smbdotconf/security/encryptpasswords.xml |2 +- docs-xml/smbdotconf/security/maptoguest.xml| 18 +-- docs-xml/smbdotconf/security/passwordserver.xml| 55 ++-- docs-xml/smbdotconf/security/readlist.xml |4 -- docs-xml/smbdotconf/security/security.xml |2 +- docs-xml/smbdotconf/security/usernamemap.xml |6 +- docs-xml/smbdotconf/security/writelist.xml |5 -- .../smbdotconf/tuning/paranoidserversecurity.xml | 19 --- howto4.txt |7 --- merged-branches.txt|6 -- 18 files changed, 29 insertions(+), 152 deletions(-) delete mode 100644 docs-xml/smbdotconf/base/displaycharset.xml delete mode 100644 docs-xml/smbdotconf/tuning/paranoidserversecurity.xml delete mode 100644 howto4.txt delete mode 100644 merged-branches.txt Changeset truncated at 500 lines: diff --git a/README b/README index 6c842c3..6fc98e6 100644 --- a/README +++ b/README @@ -1,13 +1,18 @@ This is the release version of Samba, the free SMB and CIFS client and -server for UNIX and other operating systems. Samba is maintained by -the Samba Team, who support the original author, Andrew Tridgell. +server and Domain Controller for UNIX and other operating +systems. Samba is maintained by the Samba Team, who support the +original author, Andrew Tridgell. Please read THE WHOLE of this file as it gives important information about the configuration and use of Samba. -NOTE: Installation instructions may be found
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9983ad7 s3-passdb: Rename pdb_samba4 to samba_dsdb and
autoconfigure when we are a AD DC
from 68f68d0 docs: Move Samba4 HOWTO link into README
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9983ad7a80477d816488a93dffc6a32dd1ef
Author: Andrew Bartlett abart...@samba.org
Date: Tue Sep 4 10:27:50 2012 +1000
s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a
AD DC
The name samba_dsdb is not ideal, but it matches the primary ldb
module we use, and more importantly it avoids having '4' in the name.
We should slowly avoid using the term samba4 in long-term places like
the smb.conf because it is confusing to users given we are shipping
Samba 4.0 as an AD DC as well as all the other supported roles (domain
member/standalone server/classic DC)
Additionally, samba4 will be an odd name when we eventually release
Samba 5.0!
samba4 remains accepted as an alias to ensure existing smb.conf files
load, but to allow changes here in the future, we set the value during
the smb.conf load, and not during the provision when we are an AD DC.
This simplifies the default smb.conf for the vast majority of our
users and reduces the number of things listed in smb.conf files that
we later have to work around if we wish to change the
name/implementation of the passdb glue module again.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Sep 4 04:45:16 CEST 2012 on sn-devel-104
---
Summary of changes:
selftest/target/Samba4.pm |2 -
source3/param/loadparm.c |1 +
source3/passdb/{pdb_samba4.c = pdb_samba_dsdb.c} | 549 ++--
source3/passdb/wscript_build |8 +-
source3/wscript|2 +-
source4/scripting/python/samba/netcmd/ntacl.py |4 +-
.../scripting/python/samba/provision/__init__.py | 23 +-
7 files changed, 297 insertions(+), 292 deletions(-)
rename source3/passdb/{pdb_samba4.c = pdb_samba_dsdb.c} (76%)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index fb437d7..d2e890e 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -603,8 +603,6 @@ sub provision_raw_step1($$)
dreplsrv:periodic_startup_interval = 0
dsdb:schema update allowed = yes
- passdb backend = samba4
-
vfs objects = dfs_samba4 acl_xattr fake_acls xattr_tdb streams_depot
# remove this again, when our smb2 client library
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index c92b631..1e41825 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4914,6 +4914,7 @@ static bool lp_load_ex(const char *pszFname,
lp_do_parameter(-1, vfs objects, dfs_samba4
acl_xattr);
}
}
+ lp_do_parameter(-1, passdb backend, samba_dsdb);
}
bAllowIncludeRegistry = true;
diff --git a/source3/passdb/pdb_samba4.c b/source3/passdb/pdb_samba_dsdb.c
similarity index 76%
rename from source3/passdb/pdb_samba4.c
rename to source3/passdb/pdb_samba_dsdb.c
index 01eb4ba..2552fb9 100644
--- a/source3/passdb/pdb_samba4.c
+++ b/source3/passdb/pdb_samba_dsdb.c
@@ -1,8 +1,8 @@
/*
Unix SMB/CIFS implementation.
- pdb glue module for samba4
+ pdb glue module for direct access to the dsdb via LDB APIs
Copyright (C) Volker Lendecke 2009-2011
- Copyright (C) Andrew Bartlett 2010
+ Copyright (C) Andrew Bartlett 2010-2012
Copyright (C) Matthias Dieter Wallnöfer 2009
This program is free software; you can redistribute it and/or modify
@@ -36,24 +36,24 @@
#include source4/dsdb/common/util.h
#include source3/include/secrets.h
-struct pdb_samba4_state {
+struct pdb_samba_dsdb_state {
struct tevent_context *ev;
struct ldb_context *ldb;
struct idmap_context *idmap_ctx;
struct loadparm_context *lp_ctx;
};
-static NTSTATUS pdb_samba4_getsampwsid(struct pdb_methods *m,
+static NTSTATUS pdb_samba_dsdb_getsampwsid(struct pdb_methods *m,
struct samu *sam_acct,
const struct dom_sid *sid);
-static NTSTATUS pdb_samba4_getsamupriv(struct pdb_samba4_state *state,
+static NTSTATUS pdb_samba_dsdb_getsamupriv(struct pdb_samba_dsdb_state *state,
const char *filter,
TALLOC_CTX *mem_ctx,
struct ldb_message **pmsg);
-static bool pdb_samba4_sid_to_id(struct pdb_methods *m, const
[SCM] build.samba.org - branch master updated
The branch, master has been updated
via 52601dd double the number of possible open files
from 5a76ae9 move pidl build into the compiler loop
http://gitweb.samba.org/?p=build-farm.git;a=shortlog;h=master
- Log -
commit 52601dd6844a450c51ca0862e341e7e71d7e6ec0
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 1 19:34:18 2012 +1000
double the number of possible open files
With all the test environments we need a few more files. This new
limit is a guess however.
Andrew Bartlett
---
Summary of changes:
build_test.fns | 61 ---
1 files changed, 57 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/build_test.fns b/build_test.fns
index ff5078c..400b802 100644
--- a/build_test.fns
+++ b/build_test.fns
@@ -610,9 +610,9 @@ test_tree() {
# darn, this affects sparse files too! disable it
# ulimit -f 10 2 /dev/null
- # try and limit the number of open files to 250. That means we'll
discover
- # fd leaks faster
- ulimit -n 250 2 /dev/null
+ # try and limit the number of open files to 500, up from 250. That
means we'll discover
+ # fd leaks faster while allowing our very complex make test to run
+ ulimit -n 500 2 /dev/null
# Keep stuff private
umask 077
@@ -799,9 +799,14 @@ test_tree() {
#Action == what to do ie. configure config_log ...
actions=$*
+ extra_actions=$EXTRA_ACTIONS
if [ $actions = ]; then
- actions=configure config_log config_header build install test
$EXTRA_ACTIONS
+ actions=configure config_log config_header build install test
+ fi
+
+ if [ $extra_actions = ]; then
+ actions=none
fi
# start the build
@@ -909,6 +914,54 @@ test_tree() {
fi
done
+ for action in $extra_actions; do
+ if [ x$action = x ]; then
+ break;
+ fi
+
+ echo Running action $action
+
+ date
+
+ cd $builddir || exit 1
+ export srcdir
+ df .
+ mount
+ vmstat
+
+ if [ x$PREHOOKS != x ]; then
+ for hooks in $PREHOOKS; do
+ if [ x$hooks = x$action ]; then
+ ( prehook_$action )
+ fi
+ done
+ fi
+
+ ( action_$action )
+ action_status=$?
+
+ if [ x$POSTHOOKS != x ]; then
+ for hooks in $POSTHOOKS; do
+ if [ x$hooks = x$action ]; then
+ ( posthook_$action )
+ fi
+ done
+ fi
+
+ df .
+
+ if [ $action_status != 0 ]; then
+ echo ACTION FAILED: $action;
+ echo return code $action_status $action;
+ else
+ echo ACTION PASSED: $action;
+ fi
+
+ if [ $action_status != 0 ]; then
+ break;
+ fi
+ done
+
if [ $noclean = yes ]; then
echo cleanup skipped!
--
build.samba.org
[SCM] build.samba.org - branch master updated
The branch, master has been updated
via 178df90 Add action_none to assist hosts with no extra_actions
from 52601dd double the number of possible open files
http://gitweb.samba.org/?p=build-farm.git;a=shortlog;h=master
- Log -
commit 178df903c098abc262c2a412d8e5c22957c14b42
Author: Andrew Bartlett abart...@samba.org
Date: Sun Sep 2 10:21:59 2012 +1000
Add action_none to assist hosts with no extra_actions
The previous commit added a handler for extra_actions that are not tied to
the success
of the previous actions (allowing lcov and callcatcher to run even on
failed tests).
This was missing an action_none for all the other hosts.
Andrew Bartlett
---
Summary of changes:
build_test.fns |8
1 files changed, 8 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/build_test.fns b/build_test.fns
index 400b802..3b0a4b8 100644
--- a/build_test.fns
+++ b/build_test.fns
@@ -579,6 +579,14 @@ action_test() {
esac
}
+#
+# Do nothing (needed if we have nothing to do for extra_actions)
+#
+
+action_none() {
+return 0;
+}
+
###
# do a test build of a particular tree
# This is the master function called by generic.fns or
--
build.samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d2c0387 s4-kdc: Give information on how long the password history is
via efec5a9 s4-libnet: Fix memory leak of lsa_RefDomainList and
lsa_String onto libnet_ctx
via a5d57a0 auth/credentials: Do not print passwords in a talloc memory
dump
from a3b67e5 VERSION: Move on to beta9
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d2c0387d66038fb474daa1507923c2138a6e584f
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 31 14:02:28 2012 +1000
s4-kdc: Give information on how long the password history is
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Aug 31 08:06:17 CEST 2012 on sn-devel-104
commit efec5a9299455bd53cc770f2bc364f9a6f4f8def
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 31 12:38:41 2012 +1000
s4-libnet: Fix memory leak of lsa_RefDomainList and lsa_String onto
libnet_ctx
These are only needed for as long as the call, and should be children of the
private context.
This was found based on a log provided by Ricky Nance
ricky.na...@weaubleau.k12.mo.us. Thanks Ricky!
Andrew Bartlett
commit a5d57a04c2e515212cc1f2b51c9a02acb33a79ba
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 31 11:19:54 2012 +1000
auth/credentials: Do not print passwords in a talloc memory dump
The fact that a password was created here is enough information, so
overwrite with the function name and line.
Andrew Bartlett
---
Summary of changes:
auth/credentials/credentials.c |8
source4/kdc/kpasswdd.c |3 ++-
source4/libnet/libnet_lookup.c |4 ++--
3 files changed, 12 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index 05f0a62..e636123 100644
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -371,6 +371,10 @@ _PUBLIC_ bool cli_credentials_set_password(struct
cli_credentials *cred,
{
if (obtained = cred-password_obtained) {
cred-password = talloc_strdup(cred, val);
+ if (cred-password) {
+ /* Don't print the actual password in talloc memory
dumps */
+ talloc_set_name_const(cred-password, password set via
cli_credentials_set_password);
+ }
cred-password_obtained = obtained;
cli_credentials_invalidate_ccache(cred,
cred-password_obtained);
@@ -416,6 +420,10 @@ _PUBLIC_ bool cli_credentials_set_old_password(struct
cli_credentials *cred,
enum credentials_obtained obtained)
{
cred-old_password = talloc_strdup(cred, val);
+ if (cred-old_password) {
+ /* Don't print the actual password in talloc memory dumps */
+ talloc_set_name_const(cred-old_password, password set via
cli_credentials_set_old_password);
+ }
return true;
}
diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c
index 8bed20e..c05ea82 100644
--- a/source4/kdc/kpasswdd.c
+++ b/source4/kdc/kpasswdd.c
@@ -119,7 +119,8 @@ static bool kpasswd_make_pwchange_reply(struct kdc_server
*kdc,
reject_string = Password does not meet complexity
requirements;
break;
case SAM_PWD_CHANGE_PWD_IN_HISTORY:
- reject_string = Password is already in password
history;
+ reject_string = talloc_asprintf(mem_ctx, Password is
already in password history, cannot match any of your %d passwords,
+
dominfo-password_history_length);
break;
default:
reject_string = talloc_asprintf(mem_ctx, Password must
be at least %d characters long, and cannot match any of your %d previous
passwords,
diff --git a/source4/libnet/libnet_lookup.c b/source4/libnet/libnet_lookup.c
index 31ac6e4..cf2d70c 100644
--- a/source4/libnet/libnet_lookup.c
+++ b/source4/libnet/libnet_lookup.c
@@ -308,7 +308,7 @@ static bool prepare_lookup_params(struct libnet_context
*ctx,
s-sids.count = 0;
s-sids.sids = NULL;
- s-names = talloc_array(ctx, struct lsa_String, single_name);
+ s-names = talloc_array(s, struct lsa_String, single_name);
if (composite_nomem(s-names, c)) return false;
s-names[0].string = s-name;
@@ -320,7 +320,7 @@ static bool prepare_lookup_params(struct libnet_context
*ctx,
s-lookup.in.count = s-count;
s-lookup.out.count= s-count;
s-lookup.out.sids = s-sids;
- s-lookup.out.domains = talloc_zero(ctx, struct lsa_RefDomainList
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4d7dad1 s4-dsdb: Remove unused variables
via 8557c69 s4-kdc: Improve grammer and clarity of password change
failure messages.
via f0a9180 s3: Fix warnings in aio_fork.c
via 2ffe690 s3: Remove a shadowing variable declaration
via 01ade93 s4-dsdb: Remove unused tmp_ctx leaked onto long-term
ldb_context
from c256566 s4 dns: Store TKEYs in a ringbuffer
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4d7dad13158fe6d998d7f63ed0f4ac7935a29bf8
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 1 11:36:36 2012 +1000
s4-dsdb: Remove unused variables
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Sat Sep 1 05:10:47 CEST 2012 on sn-devel-104
commit 8557c692f613847d190891b6d79498f4e8fb9096
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 1 11:34:33 2012 +1000
s4-kdc: Improve grammer and clarity of password change failure messages.
This can still be improved further, but avoid mentioning reasons that
clearly do not apply in this case.
Andrew Bartlett
commit f0a9180ae9dd565e4772ba9027ade0edfe1fc8d8
Author: Volker Lendecke v...@samba.org
Date: Fri Aug 31 14:45:08 2012 +0200
s3: Fix warnings in aio_fork.c
commit 2ffe69082e23675a96e59eea0954a6b17530e82c
Author: Volker Lendecke v...@samba.org
Date: Fri Aug 31 14:17:49 2012 +0200
s3: Remove a shadowing variable declaration
commit 01ade93c7c0c2f2e992f5295976bbfc20429023a
Author: Andrew Bartlett abart...@samba.org
Date: Sat Sep 1 11:29:46 2012 +1000
s4-dsdb: Remove unused tmp_ctx leaked onto long-term ldb_context
This was found based on a log provided by Ricky Nance
ricky.na...@weaubleau.k12.mo.us. Thanks Ricky!
Andrew Bartlett
---
Summary of changes:
source3/modules/vfs_aio_fork.c |6 --
source3/passdb/lookup_sid.c|2 --
source4/dsdb/common/util.c |5 -
source4/kdc/kpasswdd.c |7 +++
4 files changed, 7 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_aio_fork.c b/source3/modules/vfs_aio_fork.c
index 2ec3d3d..3db336f 100644
--- a/source3/modules/vfs_aio_fork.c
+++ b/source3/modules/vfs_aio_fork.c
@@ -590,9 +590,10 @@ static struct tevent_req *aio_fork_pread_send(struct
vfs_handle_struct *handle,
ssize_t written;
int err;
struct aio_fork_config *config;
+
SMB_VFS_HANDLE_GET_DATA(handle, config,
struct aio_fork_config,
- return -1);
+ return NULL);
req = tevent_req_create(mem_ctx, state, struct aio_fork_pread_state);
if (req == NULL) {
@@ -821,9 +822,10 @@ static struct tevent_req *aio_fork_fsync_send(
ssize_t written;
int err;
struct aio_fork_config *config;
+
SMB_VFS_HANDLE_GET_DATA(handle, config,
struct aio_fork_config,
- return -1);
+ return NULL);
req = tevent_req_create(mem_ctx, state, struct aio_fork_fsync_state);
if (req == NULL) {
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 530fa6b..76a454c 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1096,8 +1096,6 @@ static bool legacy_sid_to_unixid(const struct dom_sid
*psid, struct unixid *id)
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
- bool ret;
-
map = talloc_zero(NULL, GROUP_MAP);
if (!map) {
return false;
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 5d73df2..086f2a5 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1618,12 +1618,10 @@ int samdb_reference_dn(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx, struct ldb_
int samdb_dn_is_our_ntdsa(struct ldb_context *ldb, struct ldb_dn *dn, bool
*is_ntdsa)
{
NTSTATUS status;
- TALLOC_CTX *tmp_ctx = talloc_new(ldb);
struct GUID dn_guid;
const struct GUID *our_ntds_guid;
status = dsdb_get_extended_dn_guid(dn, dn_guid, GUID);
if (!NT_STATUS_IS_OK(status)) {
- talloc_free(tmp_ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
@@ -1645,10 +1643,7 @@ int samdb_reference_dn_is_our_ntdsa(struct ldb_context
*ldb, struct ldb_dn *base
{
int ret;
struct ldb_dn *referenced_dn;
- NTSTATUS status;
TALLOC_CTX *tmp_ctx = talloc_new(ldb);
- struct GUID referenced_guid;
- const struct GUID *our_ntds_guid;
if (tmp_ctx == NULL) {
return
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a3b67e5 VERSION: Move on to beta9 via 524876a VERSION: Mark as the beta8 release via 757df37 WHATSNEW: prepare for 4.0 beta8 from 4ff4466 The NTVFS server doesn't pass the SMB1 INHERITFLAGS test. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a3b67e5299e9d975b7216e398311420a9524f926 Author: Andrew Bartlett abart...@samba.org Date: Fri Aug 31 08:34:03 2012 +1000 VERSION: Move on to beta9 We home beta8 will be the last beta, but to avoid confusion and allow more releases if required I won't mark it as rc1 until the actual release candidate. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Fri Aug 31 02:07:23 CEST 2012 on sn-devel-104 commit 524876aa511b3a034c324df9025f693a24842bca Author: Andrew Bartlett abart...@samba.org Date: Fri Aug 31 08:32:15 2012 +1000 VERSION: Mark as the beta8 release commit 757df37e7099fe29e6af728fccbd15ebd82e6ffd Author: Andrew Bartlett abart...@samba.org Date: Fri Aug 31 08:31:45 2012 +1000 WHATSNEW: prepare for 4.0 beta8 --- Summary of changes: VERSION |2 +- WHATSNEW.txt | 65 ++--- 2 files changed, 31 insertions(+), 36 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 14c0561..fa77135 100644 --- a/VERSION +++ b/VERSION @@ -67,7 +67,7 @@ SAMBA_VERSION_ALPHA_RELEASE= # e.g. SAMBA_VERSION_BETA_RELEASE=1# # - 4.0.0beta1# -SAMBA_VERSION_BETA_RELEASE=8 +SAMBA_VERSION_BETA_RELEASE=9 # For 'pre' releases the version will be # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d9f2333..4b1f0fe 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,4 @@ -What's new in Samba 4.0 beta7 +What's new in Samba 4.0 beta8 = Samba 4.0 will be the next version of the Samba suite and incorporates @@ -11,7 +11,7 @@ and above. WARNINGS -Samba 4.0 beta7 is not a final Samba release, however we are now making +Samba 4.0 beta8 is not a final Samba release, however we are now making good progress towards a Samba 4.0 release. However, this is expected to be the last beta release before we start on our release candidate series. @@ -77,7 +77,7 @@ the longer term. For pure file server work, the binaries users would expect from that series (nmbd, winbindd, smbpasswd) continue to be available. When running an AD DC, you only need to run 'samba' (not -nmbd/smbd/winbind), as the required services are co-ordinated by this +nmbd/smbd/winbind), as the required services are co-coordinated by this master binary. As DNS is an integral part of Active Directory, we also provide a DNS @@ -98,56 +98,51 @@ Python programs to interface to Samba's internals, and many tools and internal workings of the DC code is now implemented in python. -CHANGES SINCE beta6 +CHANGES SINCE beta7 = -For a list of changes since beta6, please see the git log. +For a list of changes since beta7, please see the git log. $ git clone git://git.samba.org/samba.git $ cd samba.git -$ git log samba-4.0.0beta6..samba-4.0.0beta7 +$ git log samba-4.0.0beta7..samba-4.0.0beta8 Some major user-visible changes include: -- ACLs are now set during provision at the POSIX layer for the sysvol - share. This allows group policies to be modified by Domain - Administrators (Policy Administrators) that are not the actual - Administrator user. +- A fix for a segfault/abort on startup of the 'samba' binary in the + credentials_secrets code. -- A number of verified fixes for expanding memory use across the AD - domain controller, including in the Bind9 DLZ module. +- A fix for samba-tool classicupgrade of pdb_ldap-based domains -- A fix for bug #9097 (the winbind in the AD DC would lock up under - parallel requests). +- A fix for samba-tool domain exportkeyab only exporting DES keys -- wbinfo --ping-dc now returns helpful information on what failed and - against which DC it failed +- Printing is now enabled on the AD DC -- SMB3 encryption support +- Fix bug #9124 - Samba fails to set inherited bit on inherited ACE's. -- New 'samba-tool ntacl' commands: - - samba-tool ntacl sysvolreset - - samba-tool ntacl sysvolcheck +- We now avoid printing secret attributes (such as unicodePwd and + suppliementalCredentials) in ldb trace logs -Less visible, but important changes under the hood include: +- s3-printing: fix bug 9123 lprng job tracking errors -- Continued work to support SMB2 and SMB3 - -- Continued work to use async IO
[SCM] Samba Shared Repository - annotated tag samba-4.0.0beta8 created
The annotated tag, samba-4.0.0beta8 has been created at a7b9327dd48793eca878588e43ee8f06f7fa8dbe (tag) tagging 524876aa511b3a034c324df9025f693a24842bca (commit) replaces ldb-1.1.11 tagged by Andrew Bartlett on Fri Aug 31 11:43:39 2012 +1000 - Log - samba4: tag release samba-4.0.0beta8 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUAUEAWy2jGT3QfUnJfAQKgsA/+JX2BzrA2QULHwKS0IpVteL8YsmILnN20 oSSPp3tMgBwuOBzK1/17KOns2LH0CZul/n0FhZQxv8I8BVP+ZWu5ysNHZcnBu1uW pbj9T6fz4D0Mv4n+7Y+JcuXmpqorm7INi+zdxes3cZMBefnkhNnGLki/u3F7mTSa usZDXvmKwQA0siOtmMs2GeQFUKKgHHUH/6sVGHTNZxaMGtIA8YMSVoLccLSMElH1 jnWL3wmIvbrHrBHakn594EKbb2NR37bNBc7zfTtwcNoozCpZ+/h75+TCQYOmF7M2 nORa5e5ueMg9SSqFgpwQfEBq/6cCUB2Ep2GykfpXj7WEBzDghv4FYIpCrRXxkcAb R7C3wXbiYi620IAu8AWbdsAjrlxz1VD3fhBvZfFzzO5ApuY30EOFC7OZlwnmwlUz ARJz2ZE5V2NGogclfRGkcBt+414caaohGESlYuAW5d3KN4UmLfJ7VYaLV0z09AV0 eo6L6jqJN/dpjnvV+giGsMtDRDRkF8BY1ZOFd2i+evqZD4b9Nxg04tyhsAaO1x8Y 0APGqybsYKSAJtFnb+iORepkMrGbLBu6ib7JoboP/nAUSTZHXn6YlHv99SMzIGdJ 4qJJhWiLJZ5aHMfDqFfxdG6WUtXxfMX6m1Xo85jo+PGYZChhqHScr43YcKngUt+1 uZ2KVxcbdMM= =52Ul -END PGP SIGNATURE- Andreas Schneider (6): s3-smbd: Fix flooding the logs with records we don't find in pcap. libkrb5: Fix build with MIT Kerberos. selftest: Define the log directory for s3fs. file_server: Fix spoolss support with s3fs. selftest: Add missing printing options for plugin_s4_dc. selftest: Remove spoolss tests from knownfail. Andrew Bartlett (14): s3-classicupgrade: Fix import from ldap auth/credentials: Avoid double-free in the failure case selftest: Add a test for smbclient --machine-pass without secrets.tdb auth/credentials: Improve memory handling in cli_credentials_set_machine_account auth/credentials: Better integrate fetch of secrets.tdb and secrets.ldb records auth/credentials: Remove unused, and un-declared cli_credentials_set_krbtgt() lib/ldb: Avoid printing secret attributes in ldb trace logs s4-dsdb: Avoid printing secret attributes in ldb trace logs s4-libnet: Fix passing samba_all_enctypes as a fn rather than the encrypt array it returns lib/krb4_wrap: Add const to kt_copy_one_principal s4-torture: Add start of a test to confirm winbindd PAC parsing auth/credentials: Support match-by-key in cli_credentials_get_server_gss_creds() WHATSNEW: prepare for 4.0 beta8 VERSION: Mark as the beta8 release Björn Jacke (1): vfs_media_harmony: fix some compile warnings with llvm Christian Ambach (1): s3:libsmb correctly set isFsctl for snapshot list Christof Schmitt (1): s3:vfs_gpfs: Use directory not file to get fileset id David Disseldorp (1): s3-printing: fix bug 9123 lprng job tracking errors Jeremy Allison (8): Rename set_sd() to set_sd_blob() - this describes what it does. Re-add set_sd(), called from set_sd_blob(). Allows us to centralize all ACL canonicalization. Change the other two places where we set a security descriptor given by the client to got through set_sd(), Windows does canonicalization of inheritance bits. Do the same. Fix bug #9124 - Samba fails to set inherited bit on inherited ACE's. With the inheritance ACL changes we now pass samba3.smb2.acls.INHERITFLAGS. Now ACL inheritance flags are working, add test_inheritance_flags() back into raw.acls to ensure we don't regress. The NTVFS server doesn't pass the SMB1 INHERITFLAGS test. --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated
via 524876a VERSION: Mark as the beta8 release
via 757df37 WHATSNEW: prepare for 4.0 beta8
via 4ff4466 The NTVFS server doesn't pass the SMB1 INHERITFLAGS test.
via 7c4ae72 Now ACL inheritance flags are working, add
test_inheritance_flags() back into raw.acls to ensure we don't regress.
via da670e4 With the inheritance ACL changes we now pass
samba3.smb2.acls.INHERITFLAGS.
via cf29863 Fix bug #9124 - Samba fails to set inherited bit on
inherited ACE's.
via 3d34406 Windows does canonicalization of inheritance bits. Do the
same.
via 795920c Change the other two places where we set a security
descriptor given by the client to got through set_sd(), the canonicalize sd
function.
via 70ebf1d Re-add set_sd(), called from set_sd_blob(). Allows us to
centralize all ACL canonicalization.
via 8c84ece Rename set_sd() to set_sd_blob() - this describes what it
does.
via 02aacb1 s3:libsmb correctly set isFsctl for snapshot list
via 4612092 selftest: Remove spoolss tests from knownfail.
via 20cfa38 selftest: Add missing printing options for plugin_s4_dc.
via fb917eb file_server: Fix spoolss support with s3fs.
via bf36462 selftest: Define the log directory for s3fs.
via 5131359 auth/credentials: Support match-by-key in
cli_credentials_get_server_gss_creds()
via a58bf44 s4-torture: Add start of a test to confirm winbindd PAC
parsing
via fe36bb4 lib/krb4_wrap: Add const to kt_copy_one_principal
via 6678907 s3:vfs_gpfs: Use directory not file to get fileset id
via f31d0d0 vfs_media_harmony: fix some compile warnings with llvm
via fb15e5a s3-printing: fix bug 9123 lprng job tracking errors
via 24356f3 libkrb5: Fix build with MIT Kerberos.
via e39cce4 s4-libnet: Fix passing samba_all_enctypes as a fn rather
than the encrypt array it returns
via 5d96498 s4-dsdb: Avoid printing secret attributes in ldb trace logs
via 395b8e4 lib/ldb: Avoid printing secret attributes in ldb trace logs
via 17337cf auth/credentials: Remove unused, and un-declared
cli_credentials_set_krbtgt()
via beafdd6 auth/credentials: Better integrate fetch of secrets.tdb and
secrets.ldb records
via a0e4bdc auth/credentials: Improve memory handling in
cli_credentials_set_machine_account
via 3a303ae5 selftest: Add a test for smbclient --machine-pass without
secrets.tdb
via bcc29f9 auth/credentials: Avoid double-free in the failure case
via ba862f4 s3-smbd: Fix flooding the logs with records we don't find
in pcap.
via 9e441c4 s3-classicupgrade: Fix import from ldap
via dd21bb0 lib/ldb: Bump ldb version to 1.1.11
via dc8d29c s3-vfs: Indicate the symlink destination when failing
check_reduced_name
via f2ccff7 s3-vfs: Try to be consistent about localtime vs GMT
handling in vfs_shadow_copy2
via de20958 s3-vfs_shadow_copy2: Also accept a sscanf result
via 11a5646 VERSION: Move on to beta8
from c41894c VERSION: Mark as the beta7 release
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -
---
Summary of changes:
VERSION|2 +-
WHATSNEW.txt | 65
auth/credentials/credentials_krb5.c| 11 +-
auth/credentials/credentials_secrets.c | 168 ++--
file_server/file_server.c |2 +-
lib/krb5_wrap/enctype_convert.c| 12 +-
lib/krb5_wrap/keytab_util.c|2 +-
lib/krb5_wrap/krb5_samba.h |2 +-
lib/ldb-samba/ldif_handlers.c |8 +
lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.11.sigs} |0
lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.12.sigs} |1 +
...ldb-util-1.1.10.sigs = pyldb-util-1.1.11.sigs} |0
...ldb-util-1.1.10.sigs = pyldb-util-1.1.12.sigs} |0
lib/ldb/common/ldb.c | 31 +++-
lib/ldb/common/ldb_ldif.c | 47 +-
lib/ldb/common/ldb_modules.c | 15 ++-
lib/ldb/include/ldb_module.h |4 +
lib/ldb/include/ldb_private.h |5 +
lib/ldb/wscript|2 +-
libcli/security/secdesc.c | 10 +-
selftest/knownfail | 68 +
selftest/target/Samba4.pm | 36
source3/libsmb/clifile.c |2 +-
source3/modules/gpfs.c | 16 ++-
source3/modules/vfs_gpfs.c | 24 +++-
[SCM] Samba Shared Repository - branch v4-0-stable updated
The branch, v4-0-stable has been updated
via 524876a VERSION: Mark as the beta8 release
via 757df37 WHATSNEW: prepare for 4.0 beta8
via 4ff4466 The NTVFS server doesn't pass the SMB1 INHERITFLAGS test.
via 7c4ae72 Now ACL inheritance flags are working, add
test_inheritance_flags() back into raw.acls to ensure we don't regress.
via da670e4 With the inheritance ACL changes we now pass
samba3.smb2.acls.INHERITFLAGS.
via cf29863 Fix bug #9124 - Samba fails to set inherited bit on
inherited ACE's.
via 3d34406 Windows does canonicalization of inheritance bits. Do the
same.
via 795920c Change the other two places where we set a security
descriptor given by the client to got through set_sd(), the canonicalize sd
function.
via 70ebf1d Re-add set_sd(), called from set_sd_blob(). Allows us to
centralize all ACL canonicalization.
via 8c84ece Rename set_sd() to set_sd_blob() - this describes what it
does.
via 02aacb1 s3:libsmb correctly set isFsctl for snapshot list
via 4612092 selftest: Remove spoolss tests from knownfail.
via 20cfa38 selftest: Add missing printing options for plugin_s4_dc.
via fb917eb file_server: Fix spoolss support with s3fs.
via bf36462 selftest: Define the log directory for s3fs.
via 5131359 auth/credentials: Support match-by-key in
cli_credentials_get_server_gss_creds()
via a58bf44 s4-torture: Add start of a test to confirm winbindd PAC
parsing
via fe36bb4 lib/krb4_wrap: Add const to kt_copy_one_principal
via 6678907 s3:vfs_gpfs: Use directory not file to get fileset id
via f31d0d0 vfs_media_harmony: fix some compile warnings with llvm
via fb15e5a s3-printing: fix bug 9123 lprng job tracking errors
via 24356f3 libkrb5: Fix build with MIT Kerberos.
via e39cce4 s4-libnet: Fix passing samba_all_enctypes as a fn rather
than the encrypt array it returns
via 5d96498 s4-dsdb: Avoid printing secret attributes in ldb trace logs
via 395b8e4 lib/ldb: Avoid printing secret attributes in ldb trace logs
via 17337cf auth/credentials: Remove unused, and un-declared
cli_credentials_set_krbtgt()
via beafdd6 auth/credentials: Better integrate fetch of secrets.tdb and
secrets.ldb records
via a0e4bdc auth/credentials: Improve memory handling in
cli_credentials_set_machine_account
via 3a303ae5 selftest: Add a test for smbclient --machine-pass without
secrets.tdb
via bcc29f9 auth/credentials: Avoid double-free in the failure case
via ba862f4 s3-smbd: Fix flooding the logs with records we don't find
in pcap.
via 9e441c4 s3-classicupgrade: Fix import from ldap
via dd21bb0 lib/ldb: Bump ldb version to 1.1.11
via dc8d29c s3-vfs: Indicate the symlink destination when failing
check_reduced_name
via f2ccff7 s3-vfs: Try to be consistent about localtime vs GMT
handling in vfs_shadow_copy2
via de20958 s3-vfs_shadow_copy2: Also accept a sscanf result
via 11a5646 VERSION: Move on to beta8
from c41894c VERSION: Mark as the beta7 release
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-stable
- Log -
---
Summary of changes:
VERSION|2 +-
WHATSNEW.txt | 65
auth/credentials/credentials_krb5.c| 11 +-
auth/credentials/credentials_secrets.c | 168 ++--
file_server/file_server.c |2 +-
lib/krb5_wrap/enctype_convert.c| 12 +-
lib/krb5_wrap/keytab_util.c|2 +-
lib/krb5_wrap/krb5_samba.h |2 +-
lib/ldb-samba/ldif_handlers.c |8 +
lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.11.sigs} |0
lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.12.sigs} |1 +
...ldb-util-1.1.10.sigs = pyldb-util-1.1.11.sigs} |0
...ldb-util-1.1.10.sigs = pyldb-util-1.1.12.sigs} |0
lib/ldb/common/ldb.c | 31 +++-
lib/ldb/common/ldb_ldif.c | 47 +-
lib/ldb/common/ldb_modules.c | 15 ++-
lib/ldb/include/ldb_module.h |4 +
lib/ldb/include/ldb_private.h |5 +
lib/ldb/wscript|2 +-
libcli/security/secdesc.c | 10 +-
selftest/knownfail | 68 +
selftest/target/Samba4.pm | 36
source3/libsmb/clifile.c |2 +-
source3/modules/gpfs.c | 16 ++-
source3/modules/vfs_gpfs.c | 24 +++-
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e39cce4 s4-libnet: Fix passing samba_all_enctypes as a fn rather
than the encrypt array it returns
from 5d96498 s4-dsdb: Avoid printing secret attributes in ldb trace logs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e39cce4214b8df14aa123d63a9ac8e1c03925f2d
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 16:22:24 2012 +1000
s4-libnet: Fix passing samba_all_enctypes as a fn rather than the encrypt
array it returns
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Aug 29 09:56:27 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/libnet/libnet_export_keytab.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libnet/libnet_export_keytab.c
b/source4/libnet/libnet_export_keytab.c
index 9763726..16165b8 100644
--- a/source4/libnet/libnet_export_keytab.c
+++ b/source4/libnet/libnet_export_keytab.c
@@ -63,7 +63,7 @@ NTSTATUS libnet_export_keytab(struct libnet_context *ctx,
TALLOC_CTX *mem_ctx, s
}
if (r-in.principal) {
- ret = kt_copy_one_principal(smb_krb5_context-krb5_context,
from_keytab, r-in.keytab_name, r-in.principal, 0, samba_all_enctypes);
+ ret = kt_copy_one_principal(smb_krb5_context-krb5_context,
from_keytab, r-in.keytab_name, r-in.principal, 0, samba_all_enctypes());
} else {
unlink(r-in.keytab_name);
ret = kt_copy(smb_krb5_context-krb5_context, from_keytab,
r-in.keytab_name);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5131359 auth/credentials: Support match-by-key in
cli_credentials_get_server_gss_creds()
via a58bf44 s4-torture: Add start of a test to confirm winbindd PAC
parsing
via fe36bb4 lib/krb4_wrap: Add const to kt_copy_one_principal
from 6678907 s3:vfs_gpfs: Use directory not file to get fileset id
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5131359edae7a5c7092c0d41bb225941596ddcac
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 30 07:49:21 2012 +1000
auth/credentials: Support match-by-key in
cli_credentials_get_server_gss_creds()
This allows a password alone to be used to accept kerberos tickets.
Of course, we need to have got the salt right, but we do not need also
the correct kvno. This allows gensec_gssapi to accept tickets based on
a secrets.tdb entry.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 30 01:26:12 CEST 2012 on sn-devel-104
commit a58bf44c1ec62736fc20e0e7dedb8a1c0306380c
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 24 10:01:42 2012 +1000
s4-torture: Add start of a test to confirm winbindd PAC parsing
So far this confirms that we can accept a ticket using the secrets.tdb
entry.
Andrew Bartlett
commit fe36bb4bcc35cccbc6f0a91a9ef4a29e908048a0
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 17:58:45 2012 +1000
lib/krb4_wrap: Add const to kt_copy_one_principal
---
Summary of changes:
auth/credentials/credentials_krb5.c | 11 ++-
lib/krb5_wrap/keytab_util.c |2 +-
lib/krb5_wrap/krb5_samba.h|2 +-
source3/selftest/tests.py |4 +-
source4/auth/kerberos/kerberos.h |1 +
source4/auth/kerberos/kerberos_util.c |1 +
source4/torture/rpc/remote_pac.c |2 +-
source4/torture/winbind/winbind.c | 153 +
8 files changed, 169 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/credentials/credentials_krb5.c
b/auth/credentials/credentials_krb5.c
index 2a23688..459e948 100644
--- a/auth/credentials/credentials_krb5.c
+++ b/auth/credentials/credentials_krb5.c
@@ -717,6 +717,11 @@ _PUBLIC_ int cli_credentials_get_keytab(struct
cli_credentials *cred,
cred-keytab_obtained = (MAX(cred-principal_obtained,
cred-username_obtained));
+ /* We make this keytab up based on a password. Therefore
+* match-by-key is acceptable, we can't match on the wrong
+* principal */
+ ktc-password_based = true;
+
talloc_steal(cred, ktc);
cred-keytab = ktc;
*_ktc = cred-keytab;
@@ -818,12 +823,12 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct
cli_credentials *cred,
return ENOMEM;
}
- if (obtained CRED_SPECIFIED) {
- /* This creates a GSSAPI cred_id_t with the principal and
keytab set */
+ if (ktc-password_based || obtained CRED_SPECIFIED) {
+ /* This creates a GSSAPI cred_id_t for match-by-key with only
the keytab set */
maj_stat = gss_krb5_import_cred(min_stat, NULL, NULL,
ktc-keytab,
gcc-creds);
} else {
- /* This creates a GSSAPI cred_id_t with the principal and
keytab set */
+ /* This creates a GSSAPI cred_id_t with the principal and
keytab set, matching by name */
maj_stat = gss_krb5_import_cred(min_stat, NULL, princ,
ktc-keytab,
gcc-creds);
}
diff --git a/lib/krb5_wrap/keytab_util.c b/lib/krb5_wrap/keytab_util.c
index 91e4990..f9a8679 100644
--- a/lib/krb5_wrap/keytab_util.c
+++ b/lib/krb5_wrap/keytab_util.c
@@ -162,7 +162,7 @@ krb5_error_code kt_copy_one_principal(krb5_context context,
const char *to,
const char *principal,
krb5_kvno kvno,
- krb5_enctype *enctypes)
+ const krb5_enctype *enctypes)
{
krb5_error_code ret;
krb5_keytab src_keytab, dst_keytab;
diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index c823c73..73a52a5 100644
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -281,7 +281,7 @@ krb5_error_code kt_copy_one_principal(krb5_context context,
const char *to,
const char *principal,
krb5_kvno kvno,
- krb5_enctype *enctypes
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9e441c4 s3-classicupgrade: Fix import from ldap
via dd21bb0 lib/ldb: Bump ldb version to 1.1.11
via dc8d29c s3-vfs: Indicate the symlink destination when failing
check_reduced_name
via f2ccff7 s3-vfs: Try to be consistent about localtime vs GMT
handling in vfs_shadow_copy2
via de20958 s3-vfs_shadow_copy2: Also accept a sscanf result
from 11a5646 VERSION: Move on to beta8
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9e441c4ed98b1a2b83069ad5fa54b2b30dc75598
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 28 11:19:04 2012 +1000
s3-classicupgrade: Fix import from ldap
We must not reference result before provision(), and do not need
session_info and lp for reading a normal ldap backend anyway.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 28 09:49:39 CEST 2012 on sn-devel-104
commit dd21bb0b728a9c6dfc70f1785a642474fe7bd78b
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 28 10:00:34 2012 +1000
lib/ldb: Bump ldb version to 1.1.11
This will ensure the next Samba release requires an ldb with the recent
fixes.
Andrew Bartlett
commit dc8d29cdae68e96a3e8a0d647ee952611e69b49e
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 3 13:09:33 2012 +1000
s3-vfs: Indicate the symlink destination when failing check_reduced_name
commit f2ccff7b06a2ad762103f98a736f37da94d7cfdd
Author: Andrew Bartlett abart...@samba.org
Date: Mon Jul 2 22:31:49 2012 +1000
s3-vfs: Try to be consistent about localtime vs GMT handling in
vfs_shadow_copy2
With the ability to handle times a abolute time_t values since 1970
this becomes more important to get absolutly correct.
Andrew Bartlett
commit de209587f9ddbe19d321753bb8f160ce19eb4517
Author: Andrew Bartlett abart...@samba.org
Date: Mon Jul 2 19:31:58 2012 +1000
s3-vfs_shadow_copy2: Also accept a sscanf result
---
Summary of changes:
lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.11.sigs} |0
...ldb-util-1.1.10.sigs = pyldb-util-1.1.11.sigs} |0
lib/ldb/wscript|2 +-
source3/modules/vfs_shadow_copy2.c | 87 ++--
source3/smbd/vfs.c |4 +-
source4/scripting/python/samba/upgrade.py |4 +-
6 files changed, 66 insertions(+), 31 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.11.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.11.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ABI/ldb-1.1.10.sigs b/lib/ldb/ABI/ldb-1.1.11.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-1.1.10.sigs
copy to lib/ldb/ABI/ldb-1.1.11.sigs
diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs
b/lib/ldb/ABI/pyldb-util-1.1.11.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs
copy to lib/ldb/ABI/pyldb-util-1.1.11.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 611eebf..3978dd2 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'ldb'
-VERSION = '1.1.10'
+VERSION = '1.1.11'
blddir = 'bin'
diff --git a/source3/modules/vfs_shadow_copy2.c
b/source3/modules/vfs_shadow_copy2.c
index af14e04..7c42052 100644
--- a/source3/modules/vfs_shadow_copy2.c
+++ b/source3/modules/vfs_shadow_copy2.c
@@ -84,6 +84,12 @@
be compatible with the conversion specifications recognized
by str[fp]time. The default value is @GMT-%Y.%m.%d-%H.%M.%S.
+ shadow:sscanf = yes/no (default is no)
+
+ The time is the unsigned long integer (%lu) in the format string
+ rather than a time strptime() can parse. The result must be a unix
time_t
+ time.
+
shadow:localtime = yes/no (default is no)
This is an optional parameter that indicates whether the
@@ -142,27 +148,45 @@ static char *shadow_copy2_insert_string(TALLOC_CTX
*mem_ctx,
struct vfs_handle_struct *handle,
time_t snapshot)
{
+ const char *fmt;
struct tm snap_tm;
- fstring gmt;
- size_t gmt_len;
+ fstring snaptime_string;
+ size_t snaptime_len;
- if (localtime_r(snapshot, snap_tm) == 0) {
- DEBUG(10, (gmtime_r failed\n));
- return NULL;
- }
- gmt_len = strftime(gmt, sizeof(gmt),
- lp_parm_const_string(SNUM(handle-conn), shadow,
- format, GMT_FORMAT),
- snap_tm);
- if (gmt_len == 0) {
- DEBUG(10, (strftime failed\n));
- return NULL;
+ fmt
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a0e4bdc auth/credentials: Improve memory handling in
cli_credentials_set_machine_account
via 3a303ae5 selftest: Add a test for smbclient --machine-pass without
secrets.tdb
via bcc29f9 auth/credentials: Avoid double-free in the failure case
from ba862f4 s3-smbd: Fix flooding the logs with records we don't find
in pcap.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a0e4bdcb5b374a4259164aed8fdbcc7b1761f09b
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 09:21:52 2012 +1000
auth/credentials: Improve memory handling in
cli_credentials_set_machine_account
By using a tempoary talloc context this is much tidier and more reliable
code.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Aug 29 03:11:10 CEST 2012 on sn-devel-104
commit 3a303ae5ab2bfef58e0ea281e3a99406ff8fd53f
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 09:10:40 2012 +1000
selftest: Add a test for smbclient --machine-pass without secrets.tdb
Errors in handling the upgrade case without a matching secrets.tdb caused
segfaults
in the server. This essentially tests both sides.
Andrew Bartlett
commit bcc29f9e7317601737858184f5ec6243552e0c0c
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 09:09:10 2012 +1000
auth/credentials: Avoid double-free in the failure case
This pointer is only valid if dbwrap_fetch returned success.
Andrew Bartlett
---
Summary of changes:
auth/credentials/credentials_secrets.c | 52
selftest/target/Samba4.pm |9 +
source4/selftest/tests.py |2 +-
3 files changed, 36 insertions(+), 27 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/credentials/credentials_secrets.c
b/auth/credentials/credentials_secrets.c
index 3304200..8c8c567 100644
--- a/auth/credentials/credentials_secrets.c
+++ b/auth/credentials/credentials_secrets.c
@@ -73,7 +73,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct
cli_credentials *cred,
/* some other parts of the system will key off this */
cred-machine_account = true;
- mem_ctx = talloc_named(cred, 0, cli_credentials fetch machine
password);
+ mem_ctx = talloc_named(cred, 0, cli_credentials_set_secrets from ldb);
if (!ldb) {
/* Local secrets are stored in secrets.ldb */
@@ -209,10 +209,21 @@ _PUBLIC_ NTSTATUS
cli_credentials_set_machine_account(struct cli_credentials *cr
char *secrets_tdb_password = NULL;
char *keystr;
char *keystr_upper = NULL;
- char *secrets_tdb = lpcfg_private_path(cred, lp_ctx, secrets.tdb);
- struct db_context *db_ctx = dbwrap_local_open(cred, lp_ctx,
secrets_tdb, 0,
- TDB_DEFAULT, O_RDWR, 0600,
- DBWRAP_LOCK_ORDER_1);
+ char *secrets_tdb;
+ struct db_context *db_ctx;
+ TALLOC_CTX *tmp_ctx = talloc_named(cred, 0,
cli_credentials_set_secrets from ldb);
+ if (!tmp_ctx) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ secrets_tdb = lpcfg_private_path(cred, lp_ctx, secrets.tdb);
+ if (!secrets_tdb) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ db_ctx = dbwrap_local_open(cred, lp_ctx, secrets_tdb, 0,
+ TDB_DEFAULT, O_RDWR, 0600,
+ DBWRAP_LOCK_ORDER_1);
/* Bleh, nasty recursion issues: We are setting a machine
* account here, so we don't want the 'pending' flag around
* any more */
@@ -225,25 +236,21 @@ _PUBLIC_ NTSTATUS
cli_credentials_set_machine_account(struct cli_credentials *cr
if (db_ctx) {
TDB_DATA dbuf;
- keystr = talloc_asprintf(cred, %s/%s,
+ keystr = talloc_asprintf(tmp_ctx, %s/%s,
SECRETS_MACHINE_LAST_CHANGE_TIME,
domain);
- keystr_upper = strupper_talloc(cred, keystr);
- TALLOC_FREE(keystr);
- status = dbwrap_fetch(db_ctx, cred,
string_tdb_data(keystr_upper),
+ keystr_upper = strupper_talloc(tmp_ctx, keystr);
+ status = dbwrap_fetch(db_ctx, tmp_ctx,
string_tdb_data(keystr_upper),
dbuf);
- TALLOC_FREE(keystr_upper);
if (NT_STATUS_IS_OK(status) dbuf.dsize == 4) {
secrets_tdb_lct = IVAL(dbuf.dptr,0);
}
- TALLOC_FREE(dbuf.dptr
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5d96498 s4-dsdb: Avoid printing secret attributes in ldb trace logs
via 395b8e4 lib/ldb: Avoid printing secret attributes in ldb trace logs
via 17337cf auth/credentials: Remove unused, and un-declared
cli_credentials_set_krbtgt()
via beafdd6 auth/credentials: Better integrate fetch of secrets.tdb and
secrets.ldb records
from a0e4bdc auth/credentials: Improve memory handling in
cli_credentials_set_machine_account
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5d96498680ec4209142ea7dc460a3fd921413a5e
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 11:32:26 2012 +1000
s4-dsdb: Avoid printing secret attributes in ldb trace logs
These are printed when Samba has debug level 10, which is often used for
debugging.
To indicate that these attributes are secret, we set an opaque.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Aug 29 06:04:33 CEST 2012 on sn-devel-104
commit 395b8e4d58e2815d9848f8a6390f23d8c7d10a91
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 11:29:44 2012 +1000
lib/ldb: Avoid printing secret attributes in ldb trace logs
These are printed when Samba has debug level 10, which is often used for
debugging.
Instead, print a note to say that this attribute has been skipped.
Andrew Bartlett
commit 17337cfec071f7f82fa4c50ace751d51277a4b20
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 09:44:52 2012 +1000
auth/credentials: Remove unused, and un-declared
cli_credentials_set_krbtgt()
commit beafdd6410f122d39c32d51629dd7eaf20a8a6c1
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 29 09:44:12 2012 +1000
auth/credentials: Better integrate fetch of secrets.tdb and secrets.ldb
records
By checking first if there is a secrets.tdb record and passing in the
password and last change time
we avoid setting one series of values and then replacing them. We also
avoid the need to work
around the setting of anonymous.
Andrew Bartlett
---
Summary of changes:
auth/credentials/credentials_secrets.c | 116 ++--
lib/ldb-samba/ldif_handlers.c |8 ++
lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.12.sigs} |1 +
...ldb-util-1.1.10.sigs = pyldb-util-1.1.12.sigs} |0
lib/ldb/common/ldb.c | 31 -
lib/ldb/common/ldb_ldif.c | 47 +++-
lib/ldb/common/ldb_modules.c | 15 +++-
lib/ldb/include/ldb_module.h |4 +
lib/ldb/include/ldb_private.h |5 +
lib/ldb/wscript|2 +-
10 files changed, 157 insertions(+), 72 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.10.sigs = ldb-1.1.12.sigs} (99%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.12.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/auth/credentials/credentials_secrets.c
b/auth/credentials/credentials_secrets.c
index 8c8c567..a44fe1c 100644
--- a/auth/credentials/credentials_secrets.c
+++ b/auth/credentials/credentials_secrets.c
@@ -46,12 +46,14 @@
* @param cred Credentials structure to fill in
* @retval NTSTATUS error detailing any failure
*/
-_PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
- struct loadparm_context *lp_ctx,
- struct ldb_context *ldb,
- const char *base,
- const char *filter,
- char **error_string)
+static NTSTATUS cli_credentials_set_secrets_lct(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ struct ldb_context *ldb,
+ const char *base,
+ const char *filter,
+ time_t
secrets_tdb_last_change_time,
+ const char
*secrets_tdb_password,
+ char **error_string)
{
TALLOC_CTX *mem_ctx;
@@ -66,6 +68,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct
cli_credentials *cred,
const char *salt_principal;
char *keytab;
const struct ldb_val *whenChanged;
+ time_t lct;
/* ok, we are going to get it now, don't recurse back here */
cred-machine_account_pending = false;
@@ -79,8 +82,6 @@ _PUBLIC_ NTSTATUS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 11a5646 VERSION: Move on to beta8 via c41894c VERSION: Mark as the beta7 release via 3460340 WHATSNEW: prepare for 4.0 beta7 via 24f3147 selftest: Fix comment in blackbox_s3upgrade.sh via 444c9ff s4-classicupgrade: Do the setting of the sysvol ACLs last, after idmap is configured via 5aa9a6c s3-passdb: Allow reload of the static passdb from python via f873d42 auth/credentials: Rework credentials handling to try and find the most recent machine pw via 1a8fd71 selftest: Add test of smbclient --machine-pass against and using both s3 and s4 via e66fa2c auth/credentials: Expand secrets.tdb fetch of secrets to preserve workstation and realm via 43904cb s4-dsdb: Remove double-free in update_keytab module via 8c20539 s4-dsdb: Add secrets_tdb_sync - an ldb module to keep secrets.tdb in sync via f2d9be5 s3-secrets: Use talloc_stackframe() in secrets_init_path() via 5adf8c8 s3-secrets: Handle all valid ROLE_ values in get_default_sec_channel() via 708ce41 s3-secrets: Add helper function to set machine account password from secrets_tdb_sync via 62373b8 lib/krb5_wrap: Move enctype conversion functions into a simple helper file via d5b9972 s4-classicupgrade: Read WINS DB before the provision via 85f1c4f s4-classicupgrade: Do all the queries of data before the provision() via 738f4ac s4-classicupgrade: Use s3param.get_context() instead of result.lp via 1ed6070 lib/krb5_wrap: Move kerberos_enctype_to_bitmap() into krb5_wrap via 0f7aa3d lib/krb5_wrap: Bring list of all enc types into krb5_wrap via 8613539 s4-libnet: Ensure termination of enctype array in libnet_export_keytab() via 098c5ec examples: Remove security=share and security=server from example smb.conf via e17bf6a s3-param: Avoid assert on use of talloc_tos() without stackframe from f118eae s4-torture: Test for #9058 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 11a5646cd47bb8e845aa364120979194d95b3e16 Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 28 07:43:06 2012 +1000 VERSION: Move on to beta8 We actually expect beta7 to be the last beta, but to avoid confusion I won't mark it as rc1 until the actual release candidate. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Aug 28 01:48:16 CEST 2012 on sn-devel-104 commit c41894c7dd512eeddacb6810405b64ad180af6e0 Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 28 07:41:11 2012 +1000 VERSION: Mark as the beta7 release commit 3460340bf2cc65a89d441478a12bfc2deb3fd55f Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 28 07:39:36 2012 +1000 WHATSNEW: prepare for 4.0 beta7 commit 24f3147019899cdc05cd95a53ce91ded7436c9a6 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 27 22:39:35 2012 +1000 selftest: Fix comment in blackbox_s3upgrade.sh commit 444c9ffad75cfe4f1948a09a870c87b17aed21a9 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 27 22:38:53 2012 +1000 s4-classicupgrade: Do the setting of the sysvol ACLs last, after idmap is configured This will allow files to be correctly owned by the idmap that is imported. This appears to fix an issue that came up after s3fs-compatible ACLs were merged into provision. Andrew Bartlett commit 5aa9a6c936cbf4fb8a7a9d9a03b1678d6419e78f Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 27 22:37:19 2012 +1000 s3-passdb: Allow reload of the static passdb from python This is then used in provision when the passdb backend is forced. Andrew Bartlett commit f873d422b153c55754c0d1e83670cda7c3a7f7e3 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 27 21:37:19 2012 +1000 auth/credentials: Rework credentials handling to try and find the most recent machine pw As winbindd will update secrets.tdb but not secrets.ldb, we need to detect this and use secrets.tdb Andrew Bartlett commit 1a8fd711d7e4f97a6749b5d6c4806b11c38f20f4 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 27 21:02:28 2012 +1000 selftest: Add test of smbclient --machine-pass against and using both s3 and s4 This uses both smbclient binaries to ensure that both work in both environments. Andrew Bartlett commit e66fa2c8134a886f52419f4a33992b200b00ff49 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 27 21:01:10 2012 +1000 auth/credentials: Expand secrets.tdb fetch of secrets to preserve workstation and realm These would otherwise be set during the fetch from the secrets.ldb, but are wiped when that fails. Andrew Bartlett commit 43904cb4f5e775a5ba72553d1a59ffd30204a83d
[SCM] Samba Shared Repository - annotated tag samba-4.0.0beta7 created
The annotated tag, samba-4.0.0beta7 has been created at 1f3d4c321be9547e04a8895073fce2366add7fc3 (tag) tagging c41894c7dd512eeddacb6810405b64ad180af6e0 (commit) replaces tevent-0.9.17 tagged by Andrew Bartlett on Tue Aug 28 10:18:12 2012 +1000 - Log - samba4: tag release samba-4.0.0beta7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUAUDwORGjGT3QfUnJfAQIkFhAAoec0rA/3rkPjTqg+t2xqHi2DZYL0NOCp RyrkbtIZHZjUCRD7T2eNtsM/7Q1t58xMyis18CGu7+coQFeAUuiH2Vx+JAegmccj 952uACW59GBZgpg0V6KrmpsI8tyWe8qpDFoxuAuaFjLXxH+E8mEOimmQBQjzsryH 2Malo3bbziA/sumhynFVgZ8BMPCz/QSgu2dVI12o16Dji27lqsOFRDh01c9+Eq8Y Y20qAmIkiWtiO0YhRfH5AzDceD34WGuZsgrtsyxLbW4M87Nz0b+p5UcRBKJyv1yk FMt7JwZPiVedNJnOe0c19A8nf5OfwsepuRplAgZ5I17+TqcfrF1TK0NMY9xtWejT Uu72VEG1XCUjqqnS6KnbdHFki8HrKR0uG7Q/xUYwuLY+dXIEgzgL3GVIEdXMYWeC sx29CbwMDSKQvXNv+QJQDMO0PcwgaACkzxJgv2B5LGFQmWtJczhQ1LgKe4lQg5Ja zONqc/59m6UNmXL1sgfwrDAU6bcGFEYphKM3LA636flja3gf8PjKVM8jJZBwyEZl 3159fyIOUHkREYJqZMaAczktRBTR8GP5ZuToV0KawoyZxSTxQ0tM1pKcmcC0gNoP cWYxvBPFLpxymIgPVBAwNMTDjyGIdaSeMhkEaC5vXJT1j9ZoBdzkWzZq4JEsFX4y kzvTHBho4kA= =aDj6 -END PGP SIGNATURE- Andrew Bartlett (89): s3-torture: Allow vfstest to set ACLs on a directory s4-dsdb: Ensure we always free tmp_ctx in schema refresh check build: Ensure -Werror=format works with -Wformat=2 on NULL format strings s4-kcc: Avoid use-after-free of dn and add tmp_ctx s4-dsdb: Use tmp_ctx in kccsrv_check_deleted to avoid leaking memory onto part-dn s3-vfs: Allow vfs_xattr_tdb to work without a connected share s4-ntvfs: Ensure we do not attempt to write EAs on streams s4-ntvfs: Add TODO on ea_size s3-smbd: Push smb_fname into estimate_ea_size s3-smbd: Do not look for EA information on a stream s3-smbd: ensure we give appropriate errors for EA requests on streams s3-vfs: Use the system. namespace for fake ACLs s3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file() s3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module s3-build: Enable vfs_fake_acls when in developer mode or on the build farm build: Do not put a .distversion file into the GIT tree WHATSNEW: Remove over-caution on s3fs and explain browsing better doc-BUILD_SYSTEMS.txt: The grand rename is complete s4-torture: Improve raw.streams test to cover EAs and to use torture_assert() s4-torture: Show that we cannot have extended attributes on streams s4-torture: Show that we cannot list extended attributes on streams selftest: Use new fake_acls module s4-torture: Use torture_fail() in the unix.unix_info2 test build: Remove accidentily added line in samba_version.py build: Remove special case for the build farm s3-pysmbd: Add hook for a VFS chown() s3-passdb: Allow pdb_sid_to_id to work on any SID s3-pysmbd: Correct comments in python VFS bindings s3-pysmbd: Add get/set functions for the posix ACL layer build: Create bin/ when doing 'waf dist' from a fresh checkout s3-vfs: Make vfs_aio_fork erratic timing behaviour a run-time option selftest: Add tests for vfs_aio_fork s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire s4-classicupgrade: Add --use-ntvfs option selftest: Specify --use-ntvfs to provision in test scripts selftest: Pass --use-ntvfs to provison in renamedc test s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA s4-python: complete python bindigns for smb_acls.idl s3-pysmbd: Correct the python type for smb_acl_t s4-python: Complete python bindings for idmap.idl selftest: Specify --use-ntvfs for the chdcpass environment selftest: Specify --use-ntvfs when testing the LDAP backend init code selftest: Specify --use-ntvfs when testing the newuser code selftest: Specify --use-ntvfs when testing the group code selftest: Set --use-ntvfs for rodc, vampire_dc, promoted_vampire_dc and subdom_dc s4-upgradeprovision: Use ntvfs in reference provision s4-dsdb: Do not use a possibly-old loadparm context in schema reload s4-dsdb: Remove unused variables file_server: Move default VFS module settings to loadparm.c s4-provision: set POSIX ACLs to for use with the smbd file server (s3fs) s4-scripting: Redefine getntacl() as accessing via the smbd VFS or directly selftest: Add a test of the NT ACL - posix ACL mapping layer selftest: Extend posixacl test to check the actual ACL selftest: Cope with the multiple possible representations of -1 in posixacl.py selftest: Add a test of the NT ACL - posix ACL mapping layer to selftest s4-samba-tool: Add 'samba-tool ntacl sysvolreset' tool s3-pysmbd: Allow a mode to be specified for the simple ACL s4-provision: Fix internal documentation
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e14bf39 s4-selftest: Always set vfs objects in selftest smb.conf via 123ee7f s4-selftest: Add test for samba-tool ntacl sysvolcheck via ebcdc4a s4-samba-tool: Add samba-tool ntacl sysvolcheck command via 0aed291 s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snum via e058dfb s3-pysmbd: Fix return type of smbd.get_nt_acl via e8e24a2 s3-smbd: Add talloc_stackframe() to get_nt_acl_no_snum() via 7cf50b9 s4-selftest: Add testing of samba-tool ntacl sysvolreset via 8c71dc3 param: Add startup checks for valid server role/binary combinations via 332efe1 s3-pysmbd: Fix error message via 7e7ed72 s4-provision: Fix internal documentation via 51e3547 s3-pysmbd: Allow a mode to be specified for the simple ACL via 8f90919 s4-samba-tool: Add 'samba-tool ntacl sysvolreset' tool via 56fd072 selftest: Add a test of the NT ACL - posix ACL mapping layer to selftest via 4fe344e selftest: Cope with the multiple possible representations of -1 in posixacl.py via bd00c92 selftest: Extend posixacl test to check the actual ACL via 318b8cb selftest: Add a test of the NT ACL - posix ACL mapping layer via b1825c6 s4-scripting: Redefine getntacl() as accessing via the smbd VFS or directly via a778662 s4-provision: set POSIX ACLs to for use with the smbd file server (s3fs) via 8518dd6 file_server: Move default VFS module settings to loadparm.c via be9a8cf s4-dsdb: Remove unused variables via d1eac79 s4-dsdb: Do not use a possibly-old loadparm context in schema reload via a58ac39 s4-upgradeprovision: Use ntvfs in reference provision via ccac50c selftest: Set --use-ntvfs for rodc, vampire_dc, promoted_vampire_dc and subdom_dc via c1012c6 selftest: Specify --use-ntvfs when testing the group code via b2ff365 selftest: Specify --use-ntvfs when testing the newuser code via 2fc6760 selftest: Specify --use-ntvfs when testing the LDAP backend init code via 8c7f4f0 selftest: Specify --use-ntvfs for the chdcpass environment from 069db9b s3:smb2_break: encrypt OPLOCK BREAK notifications http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e14bf399cfa767ffa065a1f50df07b3cf446b375 Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 23 20:13:45 2012 +1000 s4-selftest: Always set vfs objects in selftest smb.conf This sets it for all enviornments, as it is harmless if ntvfs is used and critical if the provision script runs in s3fs mode. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Thu Aug 23 16:42:41 CEST 2012 on sn-devel-104 commit 123ee7f9b5e5ccac6740e5fdfff2a8a24f98087d Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 23 10:38:06 2012 +1000 s4-selftest: Add test for samba-tool ntacl sysvolcheck commit ebcdc4a36be9b79325b11ec0c44a43db93e29519 Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 23 10:37:46 2012 +1000 s4-samba-tool: Add samba-tool ntacl sysvolcheck command This command verifies that the current on-disk ACLs match the directory and the defaults from provision. Unlike sysvolreset, this does not change any of the permissions. Andrew Bartlett commit 0aed29105e9d8ddcd27a70d7af820da8813ca47b Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 23 09:45:07 2012 +1000 s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snum I need to get at the owner, group, DACL and SACL when testing correct ACL storage. Andrew Bartlett commit e058dfb3b0714da229d1bddf96c72611af7b1fab Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 23 09:39:32 2012 +1000 s3-pysmbd: Fix return type of smbd.get_nt_acl The security_ prefix is stripped off in the python bindings. Andrew Bartlett commit e8e24a251b7625647352764298f108769bbad922 Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 23 09:38:54 2012 +1000 s3-smbd: Add talloc_stackframe() to get_nt_acl_no_snum() This is required because the functions it calls use talloc_tos(). Andrew Bartlett commit 7cf50b9f305d6c2cdc57f38c9b4e5f8b73301f8a Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 22 21:19:41 2012 +1000 s4-selftest: Add testing of samba-tool ntacl sysvolreset commit 8c71dc3505ab83ce95ab40a56f77313c4448be16 Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 22 21:01:16 2012 +1000 param: Add startup checks for valid server role/binary combinations This should eliminate confusion from our users about what they can expect to successfully run. Andrew Bartlett commit 332efe1539d83c0971f151f902f234e5a8bf0690 Author: Andrew Bartlett abart
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a817959 build: Create bin/ when doing 'waf dist' from a fresh
checkout
via dc063bf s3-pysmbd: Add get/set functions for the posix ACL layer
via 4df2c65 s3-pysmbd: Correct comments in python VFS bindings
via 02e25b2 s3-passdb: Allow pdb_sid_to_id to work on any SID
via d963aaf s3-pysmbd: Add hook for a VFS chown()
from 4d5471f build: Remove special case for the build farm
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a81795974ca838f48f8c323bc7563c56795e6bdd
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 15:22:25 2012 +1000
build: Create bin/ when doing 'waf dist' from a fresh checkout
As suggested by Amitay.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 21 09:03:02 CEST 2012 on sn-devel-104
commit dc063bf3bdf06aff1582c5c8784a8e0d5b06d378
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 15:11:30 2012 +1000
s3-pysmbd: Add get/set functions for the posix ACL layer
These will be used to verify that an ACL set as an NT ACL creates
the correct posix ACL.
Andrew Bartlett
commit 4df2c65ea637618971c406f05e68a93feb44c70c
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 15:10:43 2012 +1000
s3-pysmbd: Correct comments in python VFS bindings
commit 02e25b2a43ae02205a3412f862a1482d24b70aa4
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 14:56:45 2012 +1000
s3-passdb: Allow pdb_sid_to_id to work on any SID
This is needed so that pdb_samba4 can map any SID during a provision.
At runtime, winbindd will be asked first, but this shortcut direct to the
ldb file makes it possible to set the permissions on the sysvol share at
provision time.
Andrew Bartlett
commit d963aaf73be22b0a027b3636c6c51292412b5931
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 14:23:35 2012 +1000
s3-pysmbd: Add hook for a VFS chown()
---
Summary of changes:
source3/passdb/lookup_sid.c| 22 +++
source3/passdb/pdb_interface.c |5 ++
source3/passdb/pdb_ldap.c |5 ++
source3/smbd/pysmbd.c | 146 +++-
wscript|1 +
5 files changed, 164 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index a2d793f..26ce41c 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1084,20 +1084,16 @@ static void legacy_gid_to_sid(struct dom_sid *psid,
gid_t gid)
static bool legacy_sid_to_unixid(const struct dom_sid *psid, struct unixid *id)
{
GROUP_MAP *map;
- if (sid_check_is_in_our_sam(psid)) {
- bool ret;
-
- become_root();
- ret = pdb_sid_to_id(psid, id);
- unbecome_root();
-
- if (ret) {
- goto done;
- }
-
- /* This was ours, but it was not mapped. Fail */
+ bool ret;
+
+ become_root();
+ ret = pdb_sid_to_id(psid, id);
+ unbecome_root();
+
+ if (ret) {
+ goto done;
}
-
+
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
bool ret;
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index cdbb378..d24301a 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1429,6 +1429,11 @@ static bool pdb_default_sid_to_id(struct pdb_methods
*methods,
uint32_t rid;
id-id = -1;
+ if (!sid_check_is_in_our_sam(sid)) {
+ /* Not our SID */
+ return False;
+ }
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 9b4d8a6..ffd5743 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -4938,6 +4938,11 @@ static bool ldapsam_sid_to_id(struct pdb_methods
*methods,
TALLOC_CTX *mem_ctx;
+ if (!sid_check_is_in_our_sam(sid)) {
+ /* Not our SID */
+ return False;
+ }
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
DEBUG(0, (talloc_new failed\n));
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 0004887..8fca4e7 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -274,6 +274,56 @@ static PyObject *py_smbd_set_simple_acl(PyObject *self,
PyObject *args)
}
/*
+ chown a file
+ */
+static PyObject *py_smbd_chown(PyObject *self, PyObject *args)
+{
+ connection_struct *conn;
+ NTSTATUS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via ebb776f selftest: Add tests for vfs_aio_fork
via e79ed4f s3-vfs: Make vfs_aio_fork erratic timing behaviour a
run-time option
from a817959 build: Create bin/ when doing 'waf dist' from a fresh
checkout
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit ebb776f51f697ece62ed5c7ee6aa4865397347c2
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 19:22:54 2012 +1000
selftest: Add tests for vfs_aio_fork
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 21 13:12:33 CEST 2012 on sn-devel-104
commit e79ed4fe72208e632cd980d4adec07f1c78f1511
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 19:22:37 2012 +1000
s3-vfs: Make vfs_aio_fork erratic timing behaviour a run-time option
This will allow this to be tested as part of a normal selftest.
Andrew Bartlett
---
Summary of changes:
selftest/target/Samba3.pm |8 ++
source3/modules/vfs_aio_fork.c | 49 +++
source3/selftest/tests.py |4 +++
3 files changed, 56 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 31bd15b..cb11827 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -344,10 +344,18 @@ sub setup_secshare($$)
print PROVISIONING server with security=share...;
+ my $prefix_abs = abs_path($path);
+
my $secshare_options =
security = share
lanman auth = yes
vfs objects = $vfs_modulesdir_abs/xattr_tdb.so
$vfs_modulesdir_abs/streams_depot.so
+
+[vfs_aio_fork]
+ path = $prefix_abs/share
+vfs objects = $vfs_modulesdir_abs/aio_fork.so
+read only = no
+vfs_aio_fork:erratic_testing_mode=yes
;
my $vars = $self-provision($path,
diff --git a/source3/modules/vfs_aio_fork.c b/source3/modules/vfs_aio_fork.c
index 811d44e..2ec3d3d 100644
--- a/source3/modules/vfs_aio_fork.c
+++ b/source3/modules/vfs_aio_fork.c
@@ -33,6 +33,10 @@
#define MAP_FILE 0
#endif
+struct aio_fork_config {
+ bool erratic_testing_mode;
+};
+
struct mmap_area {
size_t size;
volatile void *ptr;
@@ -112,6 +116,7 @@ struct rw_cmd {
size_t n;
off_t offset;
enum cmd_type cmd;
+ bool erratic_testing_mode;
};
struct rw_ret {
@@ -355,8 +360,7 @@ static void aio_child_loop(int sockfd, struct mmap_area
*map)
cmd_type_str(cmd_struct.cmd),
(int)cmd_struct.n, (int)cmd_struct.offset, fd));
-#ifdef DEVELOPER
- {
+ if (cmd_struct.erratic_testing_mode) {
/*
* For developer testing, we want erratic behaviour for
* async I/O times
@@ -372,8 +376,6 @@ static void aio_child_loop(int sockfd, struct mmap_area
*map)
DEBUG(10, (delaying for %u msecs\n, msecs));
smb_msleep(msecs);
}
-#endif
-
ZERO_STRUCT(ret_struct);
@@ -587,6 +589,10 @@ static struct tevent_req *aio_fork_pread_send(struct
vfs_handle_struct *handle,
struct rw_cmd cmd;
ssize_t written;
int err;
+ struct aio_fork_config *config;
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct aio_fork_config,
+ return -1);
req = tevent_req_create(mem_ctx, state, struct aio_fork_pread_state);
if (req == NULL) {
@@ -609,6 +615,7 @@ static struct tevent_req *aio_fork_pread_send(struct
vfs_handle_struct *handle,
cmd.n = n;
cmd.offset = offset;
cmd.cmd = READ_CMD;
+ cmd.erratic_testing_mode = config-erratic_testing_mode;
DEBUG(10, (sending fd %d to child %d\n, fsp-fh-fd,
(int)state-child-pid));
@@ -698,6 +705,10 @@ static struct tevent_req *aio_fork_pwrite_send(
struct rw_cmd cmd;
ssize_t written;
int err;
+ struct aio_fork_config *config;
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct aio_fork_config,
+ return NULL);
req = tevent_req_create(mem_ctx, state, struct aio_fork_pwrite_state);
if (req == NULL) {
@@ -720,6 +731,7 @@ static struct tevent_req *aio_fork_pwrite_send(
cmd.n = n;
cmd.offset = offset;
cmd.cmd = WRITE_CMD;
+ cmd.erratic_testing_mode = config-erratic_testing_mode;
DEBUG(10, (sending fd %d to child %d\n, fsp-fh-fd,
(int)state-child-pid));
@@ -808,6 +820,10 @@ static struct tevent_req *aio_fork_fsync_send(
struct rw_cmd cmd
[SCM] build.samba.org - branch master updated
The branch, master has been updated
via b7bc145 Use --enable-selftest only on master
from dd6b02d build samba_3 with --enable-selftest
http://gitweb.samba.org/?p=build-farm.git;a=shortlog;h=master
- Log -
commit b7bc1451ced1ec73ac3eca4dda03e036f6b79e2a
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 23:39:16 2012 +1000
Use --enable-selftest only on master
---
Summary of changes:
build_test.fns |6 +-
1 files changed, 5 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/build_test.fns b/build_test.fns
index 46ebc37..ff5078c 100644
--- a/build_test.fns
+++ b/build_test.fns
@@ -748,9 +748,13 @@ test_tree() {
samba_4*)
sw_config=$config --enable-selftest
;;
- samba_3*)
+ samba_3_master)
sw_config=$config --enable-selftest
;;
+ samba_3*)
+ sw_config=$config --enable-socket-wrapper
+ sw_config=$sw_config --enable-nss-wrapper
+ ;;
samba-gtk)
PKG_CONFIG_PATH=$test_root/prefix/samba_4_0_test.$compiler/lib/pkgconfig
export PKG_CONFIG_PATH
--
build.samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1219eaf s4-python: Complete python bindings for idmap.idl via 125e93c s3-pysmbd: Correct the python type for smb_acl_t via 10267f1 s4-python: complete python bindigns for smb_acls.idl via 450fcd7 s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA via 2b40446 selftest: Pass --use-ntvfs to provison in renamedc test via 9170f9c selftest: Specify --use-ntvfs to provision in test scripts via 97b1379 s4-classicupgrade: Add --use-ntvfs option via b5c2747 s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire via c4b9c3a s4:samldb LDB module - remove unused member attribute from search filter via 32cd618 LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets via cb63b34 LDB:ldbsearch - add search filter tests via 6a8c697 LDB:ldbsearch - search filters do not only contain = via c8bfb8e s4:dsdb - always fail if a search filter could not be parsed via 536c082 LDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as = or = via 5f8006c s4:dsdb_sort_objectClass_attr - simplify memory context handling via 166a7d3 s4:dsdb_sort_objectClass_attr - use data_blob_string_const for setting values from db075b0 libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLE http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1219eaffbe60ea875306f84d3ce7965ce4ae6384 Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 21 23:21:41 2012 +1000 s4-python: Complete python bindings for idmap.idl Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Wed Aug 22 03:08:51 CEST 2012 on sn-devel-104 commit 125e93cdde0798f306cd8a5778ecbf985aa63d3e Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 21 22:41:13 2012 +1000 s3-pysmbd: Correct the python type for smb_acl_t The t is weird, but the python bindings trim the traditional IDL name prefix of each element, as it is usually rudundent. Andrew Bartlett commit 10267f153c590838d2440e71b535e55874d82d9c Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 21 22:40:12 2012 +1000 s4-python: complete python bindigns for smb_acls.idl commit 450fcd79c795698c33ef2e0e4e85460128ba7bfd Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 21 21:22:31 2012 +1000 s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA Found by the talloc_stackframe() out of order checker! Andrew Bartlett commit 2b404462f5b055843ecc7af27bfd05d5d11d09e4 Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 22 07:25:59 2012 +1000 selftest: Pass --use-ntvfs to provison in renamedc test Also fix test prefix to match the test Andrew Bartlett commit 9170f9ce95583f30d108d4a2d23b05f246a3514c Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 21 20:04:16 2012 +1000 selftest: Specify --use-ntvfs to provision in test scripts Because these run as non-root, we need to avoid doing things that will fail during the provision. The main test of the s3fs provision is the plugin_s4_dc environment with a smb.conf that specifies vfs_fake_acls. Andrew Bartlett commit 97b13799ce4786f03602fba8eb6ad5da7023bb5c Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 22 06:58:19 2012 +1000 s4-classicupgrade: Add --use-ntvfs option This is an odd option, but is needed because I wish to add assertions about ACL setting that will not work in make test without the vfs_fake_acls module loaded. Andrew Bartlett commit b5c2747cad0f9bbb69cceb4b90aab20546a5cf66 Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 21 19:58:18 2012 +1000 s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire None of these cases need the complexity of the s3fs backend. Andrew Bartlett commit c4b9c3aba8a448812d401fc28ad65ac818af5b04 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Fri May 11 11:53:46 2012 +0200 s4:samldb LDB module - remove unused member attribute from search filter Signed-off-by: Andrew Bartlett abart...@samba.org commit 32cd618e6c0d44e0f64409ceda8451cc4665e625 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu May 10 16:18:37 2012 +0200 LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets This refers to LDB add operations as well, we have only to be careful on @ATTRIBUTES entries. E.g. dn: cn=testperson,cn=users,dc=...,dc=... objectClass: person url: www.example.com url: www.example.com should not work. Signed-off-by: Andrew Bartlett abart...@samba.org commit cb63b34b053119fcab093e95f555840afa9cfdcf Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu May 10
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 84d6e09 s4-torture: Use torture_fail() in the unix.unix_info2 test via 74a4c40 selftest: Use new fake_acls module via c75b615 s4-torture: Show that we cannot list extended attributes on streams via f9837d1 s4-torture: Show that we cannot have extended attributes on streams via bf1e27b s4-torture: Improve raw.streams test to cover EAs and to use torture_assert() via 3787dcf doc-BUILD_SYSTEMS.txt: The grand rename is complete via 0e44163 WHATSNEW: Remove over-caution on s3fs and explain browsing better via 921b927 build: Do not put a .distversion file into the GIT tree via 7a59c3d s3-build: Enable vfs_fake_acls when in developer mode or on the build farm via ae4195d s3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module via cbe758c s3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file() via 6c0bef1 s3-vfs: Use the system. namespace for fake ACLs via 0f2d288 s3-smbd: ensure we give appropriate errors for EA requests on streams via 6ce084f s3-smbd: Do not look for EA information on a stream via f9f8a8c s3-smbd: Push smb_fname into estimate_ea_size via 3ef0e22 s4-ntvfs: Add TODO on ea_size via 0769d67 s4-ntvfs: Ensure we do not attempt to write EAs on streams via 9699c33 s3-vfs: Allow vfs_xattr_tdb to work without a connected share from 4f4bb1f s4:torture:basic: add more delete test - variants of deltest16 and deltest17 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 84d6e09b954548d90d996f3ef6ce89edcbef3c24 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 20 21:29:26 2012 +1000 s4-torture: Use torture_fail() in the unix.unix_info2 test Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Mon Aug 20 15:36:48 CEST 2012 on sn-devel-104 commit 74a4c40d4f4bd092d4a71d273f45aab39a8b1cb0 Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 15 20:35:05 2012 +1000 selftest: Use new fake_acls module This isolates us from the OS ACL library, and allows chown to 'work' when we are non-root. In turn, this ensures that we can test the SMB - POSIX layer even when the OS would refuse the set due to non-root or simply not having acls enabled on this particular file system. This should make a number of build farm tests much more reliable, and allows a number more tests to pass. Andrew Bartlett commit c75b6154e475a89c1a43b62c8d8324834397da69 Author: Andrew Bartlett abart...@samba.org Date: Sun Aug 19 22:46:21 2012 +1000 s4-torture: Show that we cannot list extended attributes on streams commit f9837d15f30c88cc4dca19e3a54433302c11b9ae Author: Andrew Bartlett abart...@samba.org Date: Sun Aug 19 21:55:13 2012 +1000 s4-torture: Show that we cannot have extended attributes on streams commit bf1e27bd8fa509d4039ec617a486589607d0d204 Author: Andrew Bartlett abart...@samba.org Date: Sun Aug 19 21:01:33 2012 +1000 s4-torture: Improve raw.streams test to cover EAs and to use torture_assert() The extension of this test is to create an extended attribute, so we can confirm that the easize field on a stream actually refers to the parent file. This has been run against Windows 7. Andrew Bartlett commit 3787dcf42c9ab9ec5a3648b14f86e8bb2032958e Author: Andrew Bartlett abart...@samba.org Date: Sun Aug 19 08:17:45 2012 +1000 doc-BUILD_SYSTEMS.txt: The grand rename is complete commit 0e441636afd5923a92f7eb29d66dfa52e2f0a5c3 Author: Andrew Bartlett abart...@samba.org Date: Sat Aug 18 23:58:26 2012 +1000 WHATSNEW: Remove over-caution on s3fs and explain browsing better commit 921b927d3011b753a51d450a451d5f49abac9e56 Author: Andrew Bartlett abart...@samba.org Date: Sat Aug 18 21:25:30 2012 +1000 build: Do not put a .distversion file into the GIT tree This places the file only in the tarball, and shows how to auto-generate other files for placement in the tarball. Andrew Bartlett commit 7a59c3d9b8e4a5bab21d9b82cec6a77d1f808f90 Author: Andrew Bartlett abart...@samba.org Date: Sun Aug 19 00:27:01 2012 +1000 s3-build: Enable vfs_fake_acls when in developer mode or on the build farm commit ae4195dd407d96a4b8768d1c43c58ce2f19d4ef5 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 20 21:28:57 2012 +1000 s3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module commit cbe758cfbb8febd02c0a80bf8f813fd464c71ce5 Author: Andrew Bartlett abart...@samba.org Date: Sun Aug 19 00:01:57 2012 +1000 s3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file() commit 6c0bef17569d650c32ab82396f43d435ab9ef831 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 20 10:10:27 2012 +1000 s3
[SCM] build.samba.org - branch master updated
The branch, master has been updated
via c0b97eb build samba_4 with --enable-selftest
from 9a03d5b use killall on hape after a build run to do what
killbysubdir should do
http://gitweb.samba.org/?p=build-farm.git;a=shortlog;h=master
- Log -
commit c0b97eb9640dfbc3a01fc3fb1f00cac58def53f3
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 07:55:48 2012 +1000
build samba_4 with --enable-selftest
This turns on all the required selftest stuff, rather than specifying it
one-by-one.
Andrew Bartlett
---
Summary of changes:
build_test.fns |4 +---
1 files changed, 1 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/build_test.fns b/build_test.fns
index 2358524..44a87f6 100644
--- a/build_test.fns
+++ b/build_test.fns
@@ -746,9 +746,7 @@ test_tree() {
sw_config=$config --enable-socket-wrapper
;;
samba_4*)
- sw_config=$config --enable-socket-wrapper
- sw_config=$sw_config --enable-nss-wrapper
- sw_config=$sw_config --enable-uid-wrapper
+ sw_config=$config --enable-selftest
;;
samba_3*)
sw_config=$config --enable-socket-wrapper
--
build.samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7cd4eb0 build: Remove accidentily added line in samba_version.py from 21e67bd Fix bug #9104 - winbindd can mis-identify idle clients - can cause crashes and NDR parsing errors. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7cd4eb0ca69026031620cbe578cfd7216ea9ac6c Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 21 07:57:14 2012 +1000 build: Remove accidentily added line in samba_version.py This was incorrectly added in 0e441636afd5923a92f7eb29d66dfa52e2f0a5c3. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Aug 21 03:11:16 CEST 2012 on sn-devel-104 --- Summary of changes: buildtools/wafsamba/samba_version.py |1 - 1 files changed, 0 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_version.py b/buildtools/wafsamba/samba_version.py index b5cfc26..e82fd47 100644 --- a/buildtools/wafsamba/samba_version.py +++ b/buildtools/wafsamba/samba_version.py @@ -269,7 +269,6 @@ also accepted as dictionary entries here string+=#define SAMBA_VERSION_VENDOR_SUFFIX + self.VENDOR_SUFFIX + \n if self.VENDOR_PATCH is not None: string+=#define SAMBA_VERSION_VENDOR_PATCH + self.VENDOR_PATCH + \n -string+='#define SAMBA_VERSION_VENDOR_PATCH_STRING ' + self.VENDOR_PATCH + '\n' if self.RELEASE_NICKNAME is not None: string+=#define SAMBA_VERSION_RELEASE_NICKNAME + self.RELEASE_NICKNAME + \n -- Samba Shared Repository
[SCM] build.samba.org - branch master updated
The branch, master has been updated
via dd6b02d build samba_3 with --enable-selftest
from c0b97eb build samba_4 with --enable-selftest
http://gitweb.samba.org/?p=build-farm.git;a=shortlog;h=master
- Log -
commit dd6b02d814b4c38ccec1edc3b7732f2284d8f542
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 12:54:46 2012 +1000
build samba_3 with --enable-selftest
This turns on all the required selftest stuff, rather than specifying it
one-by-one.
Andrew Bartlett
---
Summary of changes:
build_test.fns |3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/build_test.fns b/build_test.fns
index 44a87f6..46ebc37 100644
--- a/build_test.fns
+++ b/build_test.fns
@@ -749,8 +749,7 @@ test_tree() {
sw_config=$config --enable-selftest
;;
samba_3*)
- sw_config=$config --enable-socket-wrapper
- sw_config=$sw_config --enable-nss-wrapper
+ sw_config=$config --enable-selftest
;;
samba-gtk)
PKG_CONFIG_PATH=$test_root/prefix/samba_4_0_test.$compiler/lib/pkgconfig
--
build.samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4d5471f build: Remove special case for the build farm
from 7cd4eb0 build: Remove accidentily added line in samba_version.py
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4d5471f1c634450020c4530f8d0c8dfcd7252fb3
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 21 08:16:24 2012 +1000
build: Remove special case for the build farm
Except in the formatting of the selftest output, this removes the special
case
of the build farm, so that an autobuild, a manual make test and the build
farm
are more similar.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 21 06:39:04 CEST 2012 on sn-devel-104
---
Summary of changes:
buildtools/wafsamba/symbols.py |2 +-
lib/nss_wrapper/config.m4 |2 +-
lib/param/loadparm.h |2 +-
lib/param/param_table.c|2 +-
lib/socket_wrapper/config.m4 |2 +-
lib/uid_wrapper/config.m4 |2 +-
source3/configure.in |8
source3/m4/check_path.m4 |8
source3/modules/vfs_aio_fork.c |6 +++---
source3/param/loadparm.c |2 +-
source3/wscript|3 ---
wscript|6 --
12 files changed, 22 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/symbols.py b/buildtools/wafsamba/symbols.py
index c4b5599..13d84b9 100644
--- a/buildtools/wafsamba/symbols.py
+++ b/buildtools/wafsamba/symbols.py
@@ -647,7 +647,7 @@ def SYMBOL_CHECK(bld):
Build.BuildContext.SYMBOL_CHECK = SYMBOL_CHECK
def DUP_SYMBOL_CHECK(bld):
-if Options.options.DUP_SYMBOLCHECK and bld.env.DEVELOPER and not
bld.env.BUILD_FARM:
+if Options.options.DUP_SYMBOLCHECK and bld.env.DEVELOPER:
'''check for duplicate symbols'''
bld.SET_BUILD_GROUP('syslibcheck')
task = bld(rule=symbols_dupcheck_fatal, always=True, name='symbol
duplicate checking')
diff --git a/lib/nss_wrapper/config.m4 b/lib/nss_wrapper/config.m4
index ad1a168..1e864bf 100644
--- a/lib/nss_wrapper/config.m4
+++ b/lib/nss_wrapper/config.m4
@@ -3,7 +3,7 @@ AS_HELP_STRING([--enable-nss-wrapper], [Turn on nss wrapper
library (default=no)
HAVE_NSS_WRAPPER=no
-if eval test x$developer = xyes; then
+if eval test x$developer = xyes -o x$selftest = xyes; then
enable_nss_wrapper=yes
fi
diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h
index 591e6e5..f9624d6 100644
--- a/lib/param/loadparm.h
+++ b/lib/param/loadparm.h
@@ -157,7 +157,7 @@ enum acl_compatibility {ACL_COMPAT_AUTO, ACL_COMPAT_WINNT,
ACL_COMPAT_WIN2K};
enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX,
PRINT_QNX,PRINT_PLP,PRINT_LPRNG,PRINT_SOFTQ,
PRINT_CUPS,PRINT_LPRNT,PRINT_LPROS2,PRINT_IPRINT
-#if defined(DEVELOPER) || defined(ENABLE_SELFTEST) ||
defined(ENABLE_BUILD_FARM_HACKS)
+#if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
,PRINT_TEST,PRINT_VLP
#endif /* DEVELOPER */
};
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index ea0fa3d..4126d89 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -190,7 +190,7 @@ static const struct enum_list enum_printing[] = {
{PRINT_IPRINT, iprint},
{PRINT_LPRNT, nt},
{PRINT_LPROS2, os2},
-#if defined(DEVELOPER) || defined(ENABLE_SELFTEST) ||
defined(ENABLE_BUILD_FARM_HACKS)
+#if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
{PRINT_TEST, test},
{PRINT_VLP, vlp},
#endif /* DEVELOPER */
diff --git a/lib/socket_wrapper/config.m4 b/lib/socket_wrapper/config.m4
index e20333e..ff6b67b 100644
--- a/lib/socket_wrapper/config.m4
+++ b/lib/socket_wrapper/config.m4
@@ -4,7 +4,7 @@ AS_HELP_STRING([--enable-socket-wrapper], [Turn on socket
wrapper library (defau
DEFAULT_TEST_OPTIONS=
HAVE_SOCKET_WRAPPER=no
-if eval test x$developer = xyes; then
+if eval test x$developer = xyes -o x$selftest = xyes; then
enable_socket_wrapper=yes
fi
diff --git a/lib/uid_wrapper/config.m4 b/lib/uid_wrapper/config.m4
index 2cd573e..a565233 100644
--- a/lib/uid_wrapper/config.m4
+++ b/lib/uid_wrapper/config.m4
@@ -3,7 +3,7 @@ AS_HELP_STRING([--enable-uid-wrapper], [Turn on uid wrapper
library (default=no)
HAVE_UID_WRAPPER=no
-if eval test x$developer = xyes; then
+if eval test x$developer = xyes -o x$selftest = xyes; then
enable_uid_wrapper=yes
fi
diff --git a/source3/configure.in b/source3/configure.in
index f0dde64..db7df4d 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -476,7 +476,7 @@ if test x$developer = xyes; then
default_shared_modules=$default_shared_modules perfcount_test
fi
-if test x$RUN_FROM_BUILD_FARM = xyes -o x$developer = xyes
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6ce362a build: Ensure -Werror=format works with -Wformat=2 on NULL
format strings
from a7b8e9f5 s4-dsdb: Ensure we always free tmp_ctx in schema refresh
check
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6ce362afeff0cb5094eb6b1ecfa639252cdcc7f8
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 17 20:43:07 2012 +1000
build: Ensure -Werror=format works with -Wformat=2 on NULL format strings
This should fix the build on some gcc versions, (noticed on FreeBSD by
Volker).
We want the protection of -Werror=format without the errors extending
to the format string itself being NULL, because that is valid for
ldb_search().
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Aug 17 14:50:16 CEST 2012 on sn-devel-104
---
Summary of changes:
buildtools/wafsamba/samba_autoconf.py |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_autoconf.py
b/buildtools/wafsamba/samba_autoconf.py
index 03c2b24..50039fc 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -629,7 +629,7 @@ def SAMBA_CONFIG_H(conf, path=None):
# This check is because for ldb_search(), a NULL format string
# is not an error, but some compilers complain about that.
-if CHECK_CFLAGS(conf, -Werror=format, '''
+if CHECK_CFLAGS(conf, [-Werror=format, -Wformat=2], '''
int testformat(char *format, ...) __attribute__ ((format (__printf__, 1, 2)));
int main(void) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2e1ab13 s4-dsdb: Use tmp_ctx in kccsrv_check_deleted to avoid
leaking memory onto part-dn
via 26bfe70 s4-kcc: Avoid use-after-free of dn and add tmp_ctx
from 1b487ad s3:selftest: add some tests against a share the requires
encryption
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2e1ab13f6ebb2c2cf746457d4783fe9bc5e86de0
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 17 23:04:56 2012 +1000
s4-dsdb: Use tmp_ctx in kccsrv_check_deleted to avoid leaking memory onto
part-dn
The confusing use of do_dn as a memory context while legitimate
created a bug when it was copied and modified to search on a DN from
long-term state.
By always using a temporary memory context it is clear what paramter
is the memory context.
This was found based on a log provided by Ricky Nance
ricky.na...@weaubleau.k12.mo.us. Thanks Ricky!
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Aug 17 18:24:10 CEST 2012 on sn-devel-104
commit 26bfe70def9905674c74bfe6f9d687b243af4891
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 17 22:47:44 2012 +1000
s4-kcc: Avoid use-after-free of dn and add tmp_ctx
By using a tmp_ctx we are clearer about allocating temporary memory.
Andrew Bartlett
---
Summary of changes:
source4/dsdb/kcc/kcc_deleted.c | 17 +++--
source4/dsdb/kcc/kcc_periodic.c | 11 +--
2 files changed, 20 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/kcc/kcc_deleted.c b/source4/dsdb/kcc/kcc_deleted.c
index 0e1a428..63bb97c 100644
--- a/source4/dsdb/kcc/kcc_deleted.c
+++ b/source4/dsdb/kcc/kcc_deleted.c
@@ -83,30 +83,35 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s,
TALLOC_CTX *mem_ctx)
struct ldb_result *res;
const char *attrs[] = { whenChanged, NULL };
unsigned int i;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ if (!tmp_ctx) {
+ return NT_STATUS_NO_MEMORY;
+ }
- ret = dsdb_get_deleted_objects_dn(s-samdb, mem_ctx, part-dn,
do_dn);
+ ret = dsdb_get_deleted_objects_dn(s-samdb, tmp_ctx, part-dn,
do_dn);
if (ret != LDB_SUCCESS) {
+ TALLOC_FREE(tmp_ctx);
/* some partitions have no Deleted Objects
container */
continue;
}
if (!do_fs ldb_dn_compare(ldb_get_config_basedn(s-samdb),
part-dn)) {
- ret = dsdb_search(s-samdb, do_dn, res, do_dn,
LDB_SCOPE_ONELEVEL, attrs,
+ ret = dsdb_search(s-samdb, tmp_ctx, res, do_dn,
LDB_SCOPE_ONELEVEL, attrs,
DSDB_SEARCH_SHOW_RECYCLED, NULL);
} else {
if (do_fs) {
DEBUG(1, (Doing a full scan on %s and looking
for deleted object\n,
ldb_dn_get_linearized(part-dn)));
}
- ret = dsdb_search(s-samdb, part-dn, res, part-dn,
LDB_SCOPE_SUBTREE, attrs,
+ ret = dsdb_search(s-samdb, tmp_ctx, res, part-dn,
LDB_SCOPE_SUBTREE, attrs,
DSDB_SEARCH_SHOW_RECYCLED,
(isDeleted=TRUE));
}
if (ret != LDB_SUCCESS) {
DEBUG(1,(__location__ : Failed to search for deleted
objects in %s\n,
-ldb_dn_get_linearized(do_dn)));
- talloc_free(do_dn);
+ldb_dn_get_linearized(do_dn)));
+ TALLOC_FREE(tmp_ctx);
continue;
}
@@ -134,7 +139,7 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s,
TALLOC_CTX *mem_ctx)
}
}
- talloc_free(do_dn);
+ TALLOC_FREE(tmp_ctx);
}
return NT_STATUS_OK;
diff --git a/source4/dsdb/kcc/kcc_periodic.c b/source4/dsdb/kcc/kcc_periodic.c
index f96347f..8f705d7 100644
--- a/source4/dsdb/kcc/kcc_periodic.c
+++ b/source4/dsdb/kcc/kcc_periodic.c
@@ -70,10 +70,16 @@ static bool check_MasterNC(struct kccsrv_partition *p,
struct repsFromToBlob *r,
struct repsFromTo1 *r1 = r-ctr.ctr1;
struct GUID invocation_id = r1-source_dsa_invocation_id;
unsigned int i, j;
+ TALLOC_CTX *tmp_ctx;
/* we are expecting only version 1 */
SMB_ASSERT(r-version == 1);
+ tmp_ctx = talloc_new(p);
+ if (!tmp_ctx
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via df8e9c1 s3-selftest: Add a seperate test for ACL tests using vfstest
via 05885a8 s3-torture: Add ACL commands to vfstest
via 345b980 s3-torture: Use talloc more in vfstest
via 43255a1 s3-torture: Initialise fsp fully in vfstest open
via 1157db2 s3-smbd: Do not check no_acl_syscall_error(errno) after
sys_acl_init()
via 802d67c selftest: Extend xattr-tdb-1 vfstest to call stat
via 820d179 s3-vfs: Continue to make vfs_xattr_tdb non-recursive
via 843e19e s3-vfs: Add new VFS module to fake setting an ACL
via 2129495 librpc/idl: Fix acl array definition in smb_acl_t
from 97e7c3b s3-selftest: convert xattr-tdb-1 vfstest driver into a
subunit test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit df8e9c128716c89f5a1d58f032e3d641e033c8b0
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 13:46:02 2012 +1000
s3-selftest: Add a seperate test for ACL tests using vfstest
This does not check for consistency or correctness yet, that will be
done with python unit tests. The purpose of this test is to ensure
that the vfstest wrapper doesn't crash.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 16 09:32:25 CEST 2012 on sn-devel-104
commit 05885a84f9ea67a986bdcb10a2bd07c00a2df0d4
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 13:44:48 2012 +1000
s3-torture: Add ACL commands to vfstest
This will allow easier investigation of our ACL layer.
Andrew Bartlett
commit 345b980c3e55645009150ef9a7ab35245e8e55db
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 15:16:01 2012 +1000
s3-torture: Use talloc more in vfstest
This matches the rest of Samba, which allocates many of these structures
with talloc.
Andrew Bartlett
commit 43255a1d18b714ab108b21f5a1065a82e44e3490
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 14:37:42 2012 +1000
s3-torture: Initialise fsp fully in vfstest open
commit 1157db293f5db7909f84f021581ddb916cfd8c7e
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 13:44:01 2012 +1000
s3-smbd: Do not check no_acl_syscall_error(errno) after sys_acl_init()
This is no longer a VFS call, so will no longer fail in this way.
Andrew Bartlett
commit 802d67cabe63f5c1e9f5445fc9e5ef26dca43efe
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 10:03:35 2012 +1000
selftest: Extend xattr-tdb-1 vfstest to call stat
commit 820d1795d739706c45fdf32adbaaf5d817eef868
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 10:02:44 2012 +1000
s3-vfs: Continue to make vfs_xattr_tdb non-recursive
We now always use _NEXT_ VFS calls, even to build the file id.
Andrew Bartlett
commit 843e19eff40d300e1b671fb0e78300e6a4cc3683
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 15 20:34:41 2012 +1000
s3-vfs: Add new VFS module to fake setting an ACL
The purpose of this module is to remove the relience on the system having
ACL support
to test NT ACLs.
Andrew Bartlett
commit 2129495319adda28dbe21e1ac9846fcae9373989
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 14:13:00 2012 +1000
librpc/idl: Fix acl array definition in smb_acl_t
---
Summary of changes:
librpc/idl/smb_acl.idl |2 +-
selftest/knownfail |1 +
source3/modules/vfs_fake_acls.c| 374 +++
source3/modules/vfs_xattr_tdb.c| 74 +++--
.../tests/{xattr-tdb-1 = vfstest-acl}/run.sh |0
source3/script/tests/vfstest-acl/vfstest.cmd |6 +
source3/script/tests/xattr-tdb-1/vfstest.cmd |1 +
source3/selftest/tests.py |2 +-
source3/smbd/posix_acls.c | 13 +-
source3/torture/cmd_vfs.c | 385 +++-
source3/torture/vfstest.c | 35 +-
source3/wscript|4 +
12 files changed, 833 insertions(+), 64 deletions(-)
create mode 100644 source3/modules/vfs_fake_acls.c
copy source3/script/tests/{xattr-tdb-1 = vfstest-acl}/run.sh (100%)
create mode 100644 source3/script/tests/vfstest-acl/vfstest.cmd
Changeset truncated at 500 lines:
diff --git a/librpc/idl/smb_acl.idl b/librpc/idl/smb_acl.idl
index 856312f..7f67299 100644
--- a/librpc/idl/smb_acl.idl
+++ b/librpc/idl/smb_acl.idl
@@ -52,7 +52,7 @@ interface smb_acl
int size;
int count;
int next;
- smb_acl_entry *acl;
+ [size_is(count
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6b7a9910 s3-torture: Allow vfstest to set ACLs on a directory
via 5251d07 s4: Fix returns in py_check_dcerpc_type
from 16edb6e s3:smb2_server: try to sign an error response if we have a
signing key
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6b7a99107d956651fae43a7e62d1fbf69d97d0c7
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 16:50:47 2012 +1000
s3-torture: Allow vfstest to set ACLs on a directory
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Aug 17 02:35:49 CEST 2012 on sn-devel-104
commit 5251d07e625d945f90b746d4dabcfe6d98cc5d89
Author: Volker Lendecke v...@samba.org
Date: Thu Aug 16 11:38:26 2012 +0200
s4: Fix returns in py_check_dcerpc_type
Signed-off-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
source3/script/tests/vfstest-acl/vfstest.cmd |9 +
source3/torture/cmd_vfs.c| 17 +++--
source4/librpc/rpc/pyrpc_util.c |4 ++--
3 files changed, 22 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/script/tests/vfstest-acl/vfstest.cmd
b/source3/script/tests/vfstest-acl/vfstest.cmd
index 19f5fd6..6168671 100644
--- a/source3/script/tests/vfstest-acl/vfstest.cmd
+++ b/source3/script/tests/vfstest-acl/vfstest.cmd
@@ -1,6 +1,15 @@
connect
open x RC 0700
+sys_acl_get_file . 0
+sys_acl_get_file . 1
+get_nt_acl .
+set_nt_acl .
G:DAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)
+get_nt_acl .
+sys_acl_get_file . 0
+sys_acl_get_file . 1
get_nt_acl x
+sys_acl_get_file x 0
set_nt_acl x
G:DAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)
get_nt_acl x
sys_acl_get_file x 0
+
diff --git a/source3/torture/cmd_vfs.c b/source3/torture/cmd_vfs.c
index 9c19f2f..236b9c0 100644
--- a/source3/torture/cmd_vfs.c
+++ b/source3/torture/cmd_vfs.c
@@ -1459,8 +1459,6 @@ static NTSTATUS cmd_set_nt_acl(struct vfs_state *vfs,
TALLOC_CTX *mem_ctx, int a
mode = 00400;
- flags = O_RDWR;
-
fsp = talloc_zero(vfs, struct files_struct);
if (fsp == NULL) {
return NT_STATUS_NO_MEMORY;
@@ -1481,7 +1479,17 @@ static NTSTATUS cmd_set_nt_acl(struct vfs_state *vfs,
TALLOC_CTX *mem_ctx, int a
fsp-fsp_name = smb_fname;
- fsp-fh-fd = SMB_VFS_OPEN(vfs-conn, smb_fname, fsp, flags, mode);
+#ifdef O_DIRECTORY
+ flags = O_RDONLY|O_DIRECTORY;
+#else
+ /* POSIX allows us to open a directory with O_RDONLY. */
+ flags = O_RDONLY;
+#endif
+
+ fsp-fh-fd = SMB_VFS_OPEN(vfs-conn, smb_fname, fsp, O_RDWR, mode);
+ if (fsp-fh-fd == -1 errno == EISDIR) {
+ fsp-fh-fd = SMB_VFS_OPEN(vfs-conn, smb_fname, fsp, flags,
mode);
+ }
if (fsp-fh-fd == -1) {
printf(open: error=%d (%s)\n, errno, strerror(errno));
TALLOC_FREE(fsp);
@@ -1497,9 +1505,6 @@ static NTSTATUS cmd_set_nt_acl(struct vfs_state *vfs,
TALLOC_CTX *mem_ctx, int a
smb_fname_str_dbg(smb_fname),
strerror(errno) ));
status = map_nt_error_from_unix(errno);
- } else if (S_ISDIR(smb_fname-st.st_ex_mode)) {
- errno = EISDIR;
- status = NT_STATUS_FILE_IS_A_DIRECTORY;
}
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source4/librpc/rpc/pyrpc_util.c b/source4/librpc/rpc/pyrpc_util.c
index d0fa5d7..a000c76 100644
--- a/source4/librpc/rpc/pyrpc_util.c
+++ b/source4/librpc/rpc/pyrpc_util.c
@@ -42,7 +42,7 @@ bool py_check_dcerpc_type(PyObject *obj, const char *module,
const char *type_na
if (mod == NULL) {
PyErr_Format(PyExc_RuntimeError, Unable to import %s to check
type %s,
module, type_name);
- return NULL;
+ return false;
}
type = (PyTypeObject *)PyObject_GetAttrString(mod, type_name);
@@ -50,7 +50,7 @@ bool py_check_dcerpc_type(PyObject *obj, const char *module,
const char *type_na
if (type == NULL) {
PyErr_Format(PyExc_RuntimeError, Unable to find type %s in
module %s,
module, type_name);
- return NULL;
+ return false;
}
ret = PyObject_TypeCheck(obj, type);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a7b8e9f5 s4-dsdb: Ensure we always free tmp_ctx in schema refresh
check
from 21c8fa25 Fix bug #9085 - NMB registration for a duplicate
workstation fails with registration refuse
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a7b8e9f562780dc6a3487644623decd1cff226e2
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 17 12:42:15 2012 +1000
s4-dsdb: Ensure we always free tmp_ctx in schema refresh check
This was found based on a log provided by Ricky Nance
ricky.na...@weaubleau.k12.mo.us. Thanks Ricky!
In that log, over 2.5 days this particular allocation was repeated:
1715099 talloc_new: ../source4/dsdb/samdb/ldb_modules/schema_load.c:120
contains 0 bytes in 1 blocks
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Aug 17 06:21:18 CEST 2012 on sn-devel-104
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/schema_load.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/schema_load.c
b/source4/dsdb/samdb/ldb_modules/schema_load.c
index 82ae7d8..be7915e 100644
--- a/source4/dsdb/samdb/ldb_modules/schema_load.c
+++ b/source4/dsdb/samdb/ldb_modules/schema_load.c
@@ -131,8 +131,10 @@ static int schema_metadata_get_uint64(struct ldb_module
*module,
if (!tdb_data.dptr) {
if (tdb_error(tdb) == TDB_ERR_NOEXIST) {
*value = default_value;
+ talloc_free(tmp_ctx);
return LDB_SUCCESS;
} else {
+ talloc_free(tmp_ctx);
return ldb_module_error(module,
LDB_ERR_OPERATIONS_ERROR,
tdb_errorstr_compat(tdb));
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 65976d6 s3-vfs: Set errno in xattr emulation
via cc3bdaa s3-vfs: Avoid loops in VFS modules: call _NEXT functions in
xattr emulation
via 898c5e1 s3-vfs: ensure we strictly free the talloc_stackframe
via f9b9433 s4-selftest: Fix test name for samba.tests.dcerpc.bare
via fd42bc1 librpc/idl: Make smb_acl_t public so we can pull/push it as
a blob
from d2d5fb1 libcli/smb: verify decrypted SMB2 pdus correctly
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 65976d680acd48aa9f59664f715fa9ce40185955
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 15 22:22:26 2012 +1000
s3-vfs: Set errno in xattr emulation
The caller may check this errno.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Wed Aug 15 18:05:33 CEST 2012 on sn-devel-104
commit cc3bdaaf0a5586e0f840466719f9f8387c5cddd0
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 15 22:21:48 2012 +1000
s3-vfs: Avoid loops in VFS modules: call _NEXT functions in xattr emulation
We need to call the next module in the stack otherwise we will loop if
the stat call is in turn implemented in terms of extended attribute
lookup.
Andrew Bartlett
commit 898c5e140ddca47eac9e2150fb571d6eac3ed7d2
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 15 21:22:18 2012 +1000
s3-vfs: ensure we strictly free the talloc_stackframe
We must do this when leaving the function or else in development, we
will panic.
Andrew Bartlett
commit f9b9433b752a663cdfda03967bd969cac5cf16bf
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 15 20:33:46 2012 +1000
s4-selftest: Fix test name for samba.tests.dcerpc.bare
commit fd42bc1846929d163cdf25a0e66feba16bffc442
Author: Andrew Bartlett abart...@samba.org
Date: Wed Aug 15 20:33:27 2012 +1000
librpc/idl: Make smb_acl_t public so we can pull/push it as a blob
---
Summary of changes:
librpc/idl/smb_acl.idl |2 +-
source3/modules/vfs_posix_eadb.c |9 +++--
source3/modules/vfs_xattr_tdb.c| 16 +---
source3/modules/wscript_build |9 +
.../scripting/python/samba/tests/dcerpc/bare.py|2 +-
5 files changed, 27 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/smb_acl.idl b/librpc/idl/smb_acl.idl
index 9586958..856312f 100644
--- a/librpc/idl/smb_acl.idl
+++ b/librpc/idl/smb_acl.idl
@@ -48,7 +48,7 @@ interface smb_acl
gid_t gid;
} smb_acl_entry;
- typedef struct {
+ [public] typedef struct {
int size;
int count;
int next;
diff --git a/source3/modules/vfs_posix_eadb.c b/source3/modules/vfs_posix_eadb.c
index e1b90ff..fff7c11 100644
--- a/source3/modules/vfs_posix_eadb.c
+++ b/source3/modules/vfs_posix_eadb.c
@@ -52,6 +52,11 @@ static ssize_t posix_eadb_getattr(struct tdb_wrap *db_ctx,
status = pull_xattr_blob_tdb_raw(db_ctx, talloc_tos(), name, fname, fd,
size, blob);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
+ errno = ENOATTR;
+ return -1;
+ }
+
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, (posix_eadb_fetch_attrs failed: %s\n,
nt_errstr(status)));
@@ -293,9 +298,9 @@ static int posix_eadb_unlink(vfs_handle_struct *handle,
}
if (lp_posix_pathnames()) {
- ret = SMB_VFS_LSTAT(handle-conn, smb_fname_tmp);
+ ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname_tmp);
} else {
- ret = SMB_VFS_STAT(handle-conn, smb_fname_tmp);
+ ret = SMB_VFS_NEXT_STAT(handle, smb_fname_tmp);
}
if (ret == -1) {
goto out;
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 0352539..719ac0c 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -50,6 +50,7 @@ static ssize_t xattr_tdb_getxattr(struct vfs_handle_struct
*handle,
xattr_size = xattr_tdb_getattr(db, frame, id, name, blob);
if (xattr_size 0) {
+ errno = ENOATTR;
TALLOC_FREE(frame);
return -1;
}
@@ -74,9 +75,9 @@ static ssize_t xattr_tdb_fgetxattr(struct vfs_handle_struct
*handle,
DATA_BLOB blob;
TALLOC_CTX *frame = talloc_stackframe();
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
+ SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
TALLOC_FREE(frame); return -1);
- if (SMB_VFS_FSTAT(fsp, sbuf) == -1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 97e7c3b s3-selftest: convert xattr-tdb-1 vfstest driver into a
subunit test
via 748d8f5 s3-selftest: convert stream_depot vfstest driver into a
subunit test
via 08baa11 fix printf warning in net connections
via 31980cf s3:utils: remove standalone cclean tool
via 37ed821 s3:doc manpage for net connections cleanup
via 1c2bae0 s3:net add command connections cleanup
from 65976d6 s3-vfs: Set errno in xattr emulation
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 97e7c3b8bd84edd69f6344249b24ae64e2a8b0fe
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 08:55:43 2012 +1000
s3-selftest: convert xattr-tdb-1 vfstest driver into a subunit test
We don't use the simple smb.conf because we need to override all the
paths for this to work as non-root without a panic, so we use the s3dc
environment, which already loads this module.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 16 02:55:19 CEST 2012 on sn-devel-104
commit 748d8f5310501bb585c9be1b261554ec690a3132
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 08:37:54 2012 +1000
s3-selftest: convert stream_depot vfstest driver into a subunit test
This gives us our first automated coverage of the vfstest binary.
We don't use the simple smb.conf because we need to override all the
paths for this to work as non-root without a panic, so we use the s3dc
environment, which already loads this module.
Andrew Bartlett
commit 08baa11ab869551f61dc7a7d363587b70582ffeb
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 16 07:47:57 2012 +1000
fix printf warning in net connections
commit 31980cf5cb9fd6238d1ed096e885410e85d5ac00
Author: Gregor Beck gb...@sernet.de
Date: Fri Jul 13 15:31:16 2012 +0200
s3:utils: remove standalone cclean tool
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 37ed821798a0c141efe01096f3669f8fb9a62928
Author: Gregor Beck gb...@sernet.de
Date: Mon Jul 16 15:10:46 2012 +0200
s3:doc manpage for net connections cleanup
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 1c2bae062d202c69d5b92b634f6b9ced3ea2a0ba
Author: Gregor Beck gb...@sernet.de
Date: Mon Jul 16 09:34:15 2012 +0200
s3:net add command connections cleanup
Signed-off-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
docs-xml/manpages-3/net.8.xml | 39 +++
packaging/RHEL-CTDB/samba.spec.tmpl |1 -
source3/Makefile.in | 14 +--
source3/script/tests/stream-depot/run.sh | 37 ++-
source3/script/tests/stream-depot/smb.conf|5 -
source3/script/tests/xattr-tdb-1/run.sh | 55 +-
source3/script/tests/xattr-tdb-1/smb.conf |5 -
source3/selftest/tests.py |5 +
source3/utils/net.c |7 ++
source3/utils/{cclean.c = net_connections.c} | 144 ++---
source3/utils/net_proto.h |4 +
source3/wscript_build | 14 +---
12 files changed, 196 insertions(+), 134 deletions(-)
delete mode 100644 source3/script/tests/stream-depot/smb.conf
delete mode 100644 source3/script/tests/xattr-tdb-1/smb.conf
rename source3/utils/{cclean.c = net_connections.c} (64%)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml
index c85f87f..7a7ca6d 100644
--- a/docs-xml/manpages-3/net.8.xml
+++ b/docs-xml/manpages-3/net.8.xml
@@ -2112,6 +2112,45 @@ string./member
/refsect2
refsect2
+titleCONNECTIONS/title
+para
+Manipulate Samba's connections database.
+/para
+
+paraThe registry commands are:
+simplelist
+membernet connections cleanup - Remove orphaned entries from the connections
database./member
+/simplelist
+/para
+
+refsect3
+ titleCONNECTIONS CLEANUP [-avT]/title
+ para Remove orphaned entries from the connections database. This may be
necessary if restarting smbd isn't an option.
+ variablelist
+varlistentryterm-a|--auto/term
+listitempara
+ Noninteractive mode, don't ask.
+/para/listitem
+/varlistentry
+
+varlistentryterm-v|--verbose/term
+ listitempara
+ Produce more output.
+ /para/listitem
+/varlistentry
+
+varlistentryterm-T|--test/term
+ listitempara
+ Dry run, show what changes would be made but don't touch anything.
+ /para/listitem
+/varlistentry
+ /variablelist
+ /para
+/refsect3
+
+/refsect2
+
+refsect2
titleEVENTLOG/title
paraStarting with version 3.4.0 net can read, dump, import and export native
diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl
b
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9566786 s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dn
via 0f2a87b s4-dsdb: Improve memory handling in
dsdb_schema_from_ldb_results() by adding a tmp_ctx
via 1f74773 s4-dsdb: Improve memory handling in kccsrv_add_connection()
via 77990c1 s4-dsdb: Improve memory handling in
kccsrv_find_connections() by adding a tmp_ctx
via f74e7b5 s4-dsdb: Add const
from 9db35c9 VERSION: Move on to beta6!
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 956678685325a79a315f4ef19c0d834fd1747e4c
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 14 16:08:47 2012 +1000
s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dn
As this value is calculated new each time, we need to give it a context to
live on.
If the value is the forced value during provision, a reference is taken.
This was responsible for the memory leak in the replication process. In the
example I was given, this DN appeared in memory 13596 times!
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
commit 0f2a87b547be43b4764c48350fd03ff22e086806
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 14 16:05:53 2012 +1000
s4-dsdb: Improve memory handling in dsdb_schema_from_ldb_results() by
adding a tmp_ctx
commit 1f7477349f1602b405df180d02f0bdef397ca589
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 14 15:58:59 2012 +1000
s4-dsdb: Improve memory handling in kccsrv_add_connection()
commit 77990c183155d3bacbb5dae7f276ed7c2081553a
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 14 15:56:04 2012 +1000
s4-dsdb: Improve memory handling in kccsrv_find_connections() by adding a
tmp_ctx
commit f74e7b5606b8c8281acac66973a8f48e6fd85a78
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 14 15:54:26 2012 +1000
s4-dsdb: Add const
---
Summary of changes:
source4/dsdb/common/util.c | 36 --
source4/dsdb/kcc/kcc_connection.c| 28
source4/dsdb/kcc/kcc_periodic.c |2 +-
source4/dsdb/kcc/kcc_topology.c |2 +-
source4/dsdb/repl/drepl_fsmo.c |8 +-
source4/dsdb/repl/drepl_partitions.c |2 +-
source4/dsdb/repl/drepl_ridalloc.c |4 +-
source4/dsdb/samdb/ldb_modules/objectclass.c |2 +-
source4/dsdb/samdb/ldb_modules/ridalloc.c|4 +-
source4/dsdb/samdb/ldb_modules/rootdse.c |4 +-
source4/dsdb/samdb/ldb_modules/util.c|7 +++--
source4/dsdb/schema/schema_init.c| 18 +++--
source4/rpc_server/drsuapi/dcesrv_drsuapi.c |2 +-
source4/rpc_server/drsuapi/getncchanges.c|4 +-
14 files changed, 83 insertions(+), 40 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index e320a41..251e177 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1241,7 +1241,7 @@ failed:
/*
work out the ntds settings dn for the current open ldb
*/
-struct ldb_dn *samdb_ntds_settings_dn(struct ldb_context *ldb)
+struct ldb_dn *samdb_ntds_settings_dn(struct ldb_context *ldb, TALLOC_CTX
*mem_ctx)
{
TALLOC_CTX *tmp_ctx;
const char *root_attrs[] = { dsServiceName, NULL };
@@ -1252,10 +1252,10 @@ struct ldb_dn *samdb_ntds_settings_dn(struct
ldb_context *ldb)
/* see if we have a cached copy */
settings_dn = (struct ldb_dn *)ldb_get_opaque(ldb,
forced.ntds_settings_dn);
if (settings_dn) {
- return settings_dn;
+ return talloc_reference(mem_ctx, settings_dn);
}
- tmp_ctx = talloc_new(ldb);
+ tmp_ctx = talloc_new(mem_ctx);
if (tmp_ctx == NULL) {
goto failed;
}
@@ -1277,7 +1277,7 @@ struct ldb_dn *samdb_ntds_settings_dn(struct ldb_context
*ldb)
* we could not handle server renames at runtime. Only
* provision sets up forced.ntds_settings_dn */
- talloc_steal(ldb, settings_dn);
+ talloc_steal(mem_ctx, settings_dn);
talloc_free(tmp_ctx);
return settings_dn;
@@ -1310,7 +1310,7 @@ const struct GUID *samdb_ntds_invocation_id(struct
ldb_context *ldb)
goto failed;
}
- ret = ldb_search(ldb, tmp_ctx, res, samdb_ntds_settings_dn(ldb),
LDB_SCOPE_BASE, attrs, NULL);
+ ret = ldb_search(ldb, tmp_ctx, res, samdb_ntds_settings_dn(ldb,
tmp_ctx), LDB_SCOPE_BASE, attrs, NULL);
if (ret) {
goto failed;
}
@@ -1403,7 +1403,7 @@ const struct GUID *samdb_ntds_objectGUID(struct
ldb_context *ldb)
goto
[SCM] Samba Shared Repository - annotated tag samba-4.0.0beta6 created
The annotated tag, samba-4.0.0beta6 has been created at fde386f6ceea8f7c1ff99ce893e869f2ed89caef (tag) tagging b5281eb473426f5f8674652cb7e3fb83ffdecab8 (commit) replaces ldb-1.1.10 tagged by Andrew Bartlett on Tue Aug 14 20:16:52 2012 +1000 - Log - samba4: tag release samba-4.0.0beta6 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQBQKiWUz4A8Wyi0NrsRAiuJAKCIsdJE5+inUCuaAfgNZLAOui1UKACfYCgS ypsUw6r6Lb2JkOR328Lu81g= =SZbc -END PGP SIGNATURE- Andrew Bartlett (14): s4-ldb_wrap: Do not vasprintf() the ldb debug messages that will not be shown lib/ldb: Use tdb_parse_record and a callback rather than tdb_fetch() s4-dsdb: Explain better what records are written during schema set nsswitch: add ABI checking and symbol versions to libwbclient s3-smbd: Create a shortcut for building the token of a user by SID for posix_acls s3-smbd: Convert posix_acls.c to use struct unixid internally s3-smbd: Merge ACE entries based on mapped UID/GID not SID s3-nfs4acls: Remove lookup_sid and sidmap from NFSv4 ACL mapping and check gid first s4-dsdb: Use only the replication USN for schema reload. s4-dsdb: Remove support for per-partition sequence numbers s4-dsdb: Take more care in handling of global schema memory s3-vfs: Put vfs_aixacl_util.c helper functions into a header file WHATSNEW: prepare for 4.0 beta6 VERSION: Mark as the beta6 release Björn Jacke (3): build: rename security → samba-security tdb/test: fix build on OSF/1 s3: skip loading vfs modules for printer connections Jeremy Allison (11): Fix bad return values in unix_strlower/unix_strupper. Prepare to remove smb_panic() from unix_strlower(). Fix bad return in unix_strupper. Change strupper_m() to return a value. Fix missing ads_destroy in error path. Check error returns from strupper_m() (in all reasonable places). Check error returns on strnorm(). Fix strlower_m() to return an error indication. Correctly check for errors in strlower_m() returns. Remove smb_panic() from unix_strlower(). Just rely on error code return. Ensure we update last_access on the winbindd child struct on each request. Matthias Dieter Wallnöfer (1): s4:kdc/wdc-samba4.c - fix user logins on specific workstations Michael Adam (35): s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untanlge function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: untangle function call from result check s3:torture:delete: fix a message (counting the opens) s3:torture:delete: fix a message s3:torture:delete: fix a message s3:torture:delete: fix a message s3:torture:delete: fix a comment s3:torture:delete: really fail the test in a failure case s3:torture:delete: remove an else, reducing indentation s3:torture:delete: remove an else, reducing indentation s3:torture:delete: remove an else, reducing indentation s3:torture:delete: remove an else, reducing indentation s3:torture:delete: move the success message for a subtest to the correct place s3:torture:delete: add a comment s3:torture:delete: add a comment s3:torture:delete: add a comment s3:torture:delete: reduce indentation s3:torture:delete: simplify return code handling, fixing a couple of return codes in error cases s3:torture:delete: fix 11th test to work against windows s3:torture:delete: add a 12th subtest to the delete-on-close tests s4:torture:basic:delete: fix 4 vs 8 spc tab formatting in check_delete_on_close() s4:torture:basic: fix abundance of spaces in deltest6 s4:torture:basic: fix a message typo in the delete17 test s4:torture:basic: check the return status of the last open in deltest16 Salvador I. Gonzalez (3): Fix smbclient/tarmode panic on connecting to Windows 2000 clients. s3-selftest: Fix copy/paste error in test usage string s3-selftest: Add smbclient tarmode test Stefan Metzmacher (5): s3:param: fix compiler warnings with FN_GLOBAL_CONST_STRING() s3:smbXsrv.idl: remove smbXsrv_*0 defines
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 24b1143 s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-op via 6ccfd05 s3-sysacls: Remove sys_acl_free_acl() and replace with TALLOC_FREE() via e25830d s3-smbd: Remove sys_acl_*() VFS wrapper functions via a63a2a7 s3-smbd: Remove unused conn argument from convert_permset_to_mode_t() via 3d031f2 s3-smbd: Call sys_acl_set_permset() directly rather than via the VFS via 9f16fcf s3-smbd: Call sys_acl_set_qualifier() directly rather than via the VFS via 21e0b91 s3-smbd: Call sys_acl_set_tag_type() directly rather than via the VFS via 50d147b s3-smbd: Call sys_acl_create_entry() directly rather than via the VFS via db54479 s3-smbd: Call sys_acl_add_perm() directly rather than via the VFS via 631a356 s3-smbd: Call sys_acl_clear_perms() directly rather than via the VFS via d78c7c3 s3-smbd: Call sys_acl_init() directly rather than via the VFS via 8b3227e s3-smbd: Call sys_acl_free_acl() directly rather than via the VFS via 6a46fbb s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFS via e019b93 s3-smbd: Call sys_acl_get_entry() directly rather than via the VFS via d8fb9e7 s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFS via 6a2f142 s3-smbd: Call sys_acl_get_qualifier() directly rather than via the VFS via d83276c s3-smbd: Call sys_acl_get_tagtype() directly rather than via the VFS via 3b40932 s3-smbd: Call sys_acl_get_permset() directly rather than via the VFS via 7dff34f s3-smbd: Call sys_acl_get_perm() directly rather than via the VFS via 0705391 s3-smbd: Move smb_acl_t declaration to smb_acl.idl via d5a8e58 pidl: Add mode_t as an alias so we can marshall posix ACL structures via dcfb6aa s3-smbd: Change allocation of smb_acl_t to talloc() via 47082ad libwbclient: Add test for wbcPingDc2 via 4c8616f wbinfo: Improve output of wbinfo --ping-dc via bdb1f23 libwbclient: Add wbcPingDc2 via bd23c8f s3-winbind: Return the DC name from DC_PING via 7baa709 s3-winbind: Pass ping-dc result to client via 807fb16 selftest: Add knownfail for samba3.winbind.wbclient.wbcPingDc2 from 4ee602c s4:dsdb/repl: fix the usage of 'GC/' prefixed principal names http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 24b11430680ebd20303168ec73142226543ad6de Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 13 20:54:24 2012 +1000 s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-op Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Wed Aug 15 05:23:18 CEST 2012 on sn-devel-104 commit 6ccfd05e72bc010ccb291a169922cedd6a5ab702 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 13 20:51:41 2012 +1000 s3-sysacls: Remove sys_acl_free_acl() and replace with TALLOC_FREE() commit e25830dcd87387a237b96f0d70deb204a5bf0a54 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 13 20:03:48 2012 +1000 s3-smbd: Remove sys_acl_*() VFS wrapper functions We no longer do struct smb_acl_t manipuations via the VFS layer, which is now reduced to handling the get/set functions. The only backend that implemented these functions (aside from audit) was the vfs_default module calling the sys_acl code. The various ACL implementation modules either worked on the fully initilaised smb_acl_t object or on NT ACLs. This not only makes the operation of the posix ACL code more efficient (as allocation and free is not put via the VFS), it makes it easier to test and removes the fantasy that a module could safely redefine this structure or the behaviour here. The smb_acls.idl now defines the structure, and it is now allocated with talloc. These operations were originally added to the VFS in commit 3bb219161a270f12c27c3bc7e1220829c6e9f284. Andrew Bartlett commit a63a2a72ebb3d9c9a41c5519c85e8b294f1110a8 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 13 20:00:59 2012 +1000 s3-smbd: Remove unused conn argument from convert_permset_to_mode_t() commit 3d031f2189a29a12320b424a4a192ac4e8b4622c Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 13 20:00:21 2012 +1000 s3-smbd: Call sys_acl_set_permset() directly rather than via the VFS This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett commit 9f16fcfd3f5e0fde9e857f18faaad01ee631320c Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 13 19:59:54 2012 +1000 s3-smbd: Call sys_acl_set_qualifier() directly rather than via the VFS This will allow us to remove
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via fe29535 s3-vfs: Put vfs_aixacl_util.c helper functions into a
header file
via f11a1a4 s4:kdc/wdc-samba4.c - fix user logins on specific
workstations
via a57c5eb s4-classicupgrade: Tests if sam policies exist before
trying to import them.
via 34c4664 s3-selftest: Add smbclient tarmode test
via 1428500 s3-selftest: Fix copy/paste error in test usage string
from 4e4c306 Fix smbclient/tarmode panic on connecting to Windows 2000
clients.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit fe295358dfa495c8f4b564784d728b37882e877d
Author: Andrew Bartlett abart...@samba.org
Date: Mon Aug 13 20:14:43 2012 +1000
s3-vfs: Put vfs_aixacl_util.c helper functions into a header file
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 14 02:16:11 CEST 2012 on sn-devel-104
commit f11a1a4a0796c8e77eee721f1ed1406b01e2b007
Author: Matthias Dieter Wallnöfer m...@samba.org
Date: Mon Aug 13 20:17:20 2012 +0200
s4:kdc/wdc-samba4.c - fix user logins on specific workstations
The decrement operation has been missing.
Problem found by Mohammad Ebrahim Abravi lamp@gmail.com
Signed-off-by: Andrew Bartlett abart...@samba.org
commit a57c5eb848698a4231f851744949c6a44e92784a
Author: Wesley Young wes...@wesleyy.com
Date: Mon Aug 13 01:08:36 2012 +
s4-classicupgrade: Tests if sam policies exist before trying to import them.
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 34c4664dc0a52862ea6a36cc44d09593557a6396
Author: Salvador I. Gonzalez sgonza...@codejunkie.net
Date: Sat Aug 11 10:48:36 2012 -0400
s3-selftest: Add smbclient tarmode test
(With small changes to have test complete by Andrew Bartlett)
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 14285005ec5f208327ab8236e9c33bfefe38126a
Author: Salvador I. Gonzalez sgonza...@codejunkie.net
Date: Sat Aug 11 10:47:58 2012 -0400
s3-selftest: Fix copy/paste error in test usage string
Signed-off-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
source3/modules/vfs_aixacl.c |4 +-
source3/modules/vfs_aixacl_util.c |1 +
.../modules/vfs_aixacl_util.h | 14 +-
source3/script/tests/test_smbclient_auth.sh|2 +-
source3/script/tests/test_smbclient_tarmode.sh | 181
source3/selftest/tests.py |5 +-
source4/kdc/wdc-samba4.c |9 +-
source4/scripting/python/samba/upgrade.py | 55 ---
8 files changed, 229 insertions(+), 42 deletions(-)
copy source4/auth/ntlm/auth_server_service.c =
source3/modules/vfs_aixacl_util.h (71%)
create mode 100755 source3/script/tests/test_smbclient_tarmode.sh
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_aixacl.c b/source3/modules/vfs_aixacl.c
index c4bb02e..9f66d2a 100644
--- a/source3/modules/vfs_aixacl.c
+++ b/source3/modules/vfs_aixacl.c
@@ -20,9 +20,7 @@
#include includes.h
#include system/filesys.h
#include smbd/smbd.h
-
-extern SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl);
-extern struct acl *aixacl_smb_to_aixacl(SMB_ACL_TYPE_T acltype, SMB_ACL_T
theacl);
+#include vfs_aixacl_util.h
SMB_ACL_T aixacl_sys_acl_get_file(vfs_handle_struct *handle,
const char *path_p,
diff --git a/source3/modules/vfs_aixacl_util.c
b/source3/modules/vfs_aixacl_util.c
index d867f9d..b359c40 100644
--- a/source3/modules/vfs_aixacl_util.c
+++ b/source3/modules/vfs_aixacl_util.c
@@ -20,6 +20,7 @@
#include includes.h
#include system/filesys.h
#include smbd/smbd.h
+#include vfs_aixacl_util.h
SMB_ACL_T aixacl_to_smbacl(struct acl *file_acl)
{
diff --git a/source4/auth/ntlm/auth_server_service.c
b/source3/modules/vfs_aixacl_util.h
similarity index 71%
copy from source4/auth/ntlm/auth_server_service.c
copy to source3/modules/vfs_aixacl_util.h
index 65b9dc2..2447252 100644
--- a/source4/auth/ntlm/auth_server_service.c
+++ b/source3/modules/vfs_aixacl_util.h
@@ -1,7 +1,7 @@
/*
- Unix SMB/CIFS implementation.
- Password and authentication handling
- Copyright (C) Andrew Bartlett 2010
+ Unix SMB/Netbios implementation.
+ VFS module to get and set posix acls
+ Copyright (C) Jim McDonough j...@us.ibm.com 2006
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -17,10 +17,6 @@
along with this program. If not, see http://www.gnu.org/licenses/.
*/
-#include includes.h
-#include auth/auth.h
+SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl);
+struct acl *aixacl_smb_to_aixacl(SMB_ACL_TYPE_T
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9db35c9 VERSION: Move on to beta6! via b5281eb VERSION: Mark as the beta6 release via 03a20ae WHATSNEW: prepare for 4.0 beta6 from fe29535 s3-vfs: Put vfs_aixacl_util.c helper functions into a header file http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9db35c939c57f152f1e42cfcb9ae16cf3fada3f1 Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 14 09:32:00 2012 +1000 VERSION: Move on to beta6! Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Tue Aug 14 04:05:06 CEST 2012 on sn-devel-104 commit b5281eb473426f5f8674652cb7e3fb83ffdecab8 Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 14 09:31:26 2012 +1000 VERSION: Mark as the beta6 release commit 03a20ae9ee03089a939372d7a8a475a79ceb4f86 Author: Andrew Bartlett abart...@samba.org Date: Tue Aug 14 09:30:30 2012 +1000 WHATSNEW: prepare for 4.0 beta6 --- Summary of changes: VERSION |2 +- WHATSNEW.txt | 47 --- 2 files changed, 17 insertions(+), 32 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 1012cd9..781a283 100644 --- a/VERSION +++ b/VERSION @@ -67,7 +67,7 @@ SAMBA_VERSION_ALPHA_RELEASE= # e.g. SAMBA_VERSION_BETA_RELEASE=1# # - 4.0.0beta1# -SAMBA_VERSION_BETA_RELEASE=6 +SAMBA_VERSION_BETA_RELEASE=7 # For 'pre' releases the version will be # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 1b08ff3..a4b5d8c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,4 @@ -What's new in Samba 4.0 beta5 +What's new in Samba 4.0 beta6 = Samba 4.0 will be the next version of the Samba suite and incorporates @@ -11,7 +11,7 @@ and above. WARNINGS -Samba 4.0 beta5 is not a final Samba release, however we are now making +Samba 4.0 beta6 is not a final Samba release, however we are now making good progress towards a Samba 4.0 release, of which this is a preview. Be aware the this release contains the best of all of Samba's technology parts, both a file server (that you can reasonably expect @@ -94,46 +94,29 @@ Python programs to interface to Samba's internals, and many tools and internal workings of the DC code is now implemented in python. -CHANGES SINCE beta4 +CHANGES SINCE beta5 = -For a list of changes since beta4, please see the git log. +For a list of changes since beta5, please see the git log. $ git clone git://git.samba.org/samba.git $ cd samba.git -$ git log samba-4.0.0beta4..samba-4.0.0beta5 +$ git log samba-4.0.0beta5..samba-4.0.0beta6 Some major user-visible changes include: -- The issue with beta4 being unable to build with a released version of - ldb has been resolved. +- Provision is now faster, as we now correctly use the database + indicies during the provision -- The two parameter tables for our two smb.conf parsing engines have - been merged. This removes the ugly (but harmless) unknown - parameter xxx warnings, particularly from the smbd child process. +- Support for handling of Extended Signatures (Session Key Protection) -- Major issues have been fixed in conflict and missing/deleted parent - handling in or DRS replication engine. +- A (unverified at this time) fix for expanding memory use in our + AD DRS replication server. -- Safety improvements to prevent corruption of read-write replicas - by manual replication from a read-only replica. +- A fix for supporting the userWorkstations restriction in the KDC -- Improvements to dbcheck to correct incorrect instanceType values from - the above and to relocate objects with missing parents. - -- smbd no longer places all accounts in the 'Domain Users' of the AD - domain to which it is joined - -- AES support in NETLOGON Schannel - -- DCE/RPC timeout handling no longer crashes - -- socket address is now nbt client socket address as it only - controls the binding of the NetBIOS client, not other protocols. - See 'bind interfaces only = yes'. This parameter is also now depricated. - -- nmbd now always binds to it's broadcast sockets explicitly, rather - than just relying on the socket address above. +- Support for upgrading classic domains that may not have all the + default domain policies set. Less visible, but important changes under the hood include: @@ -144,6 +127,8 @@ Less visible, but important changes under the hood include: - Patches to ensure that talloc_tos() and talloc_stackframe() are always used correctly. +- Preparation for correctly setting POSIX ACLs during provision. + KNOWN
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4631723 s4-dsdb: Take more care in handling of global schema memory
via 329e374 s4-dsdb: Remove support for per-partition sequence numbers
via 2d21a9b s4-dsdb: Use only the replication USN for schema reload.
from f36e28d s3-nfs4acls: Remove lookup_sid and sidmap from NFSv4 ACL
mapping and check gid first
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4631723c988b46be8af4e67f5aea9187b08b9187
Author: Andrew Bartlett abart...@samba.org
Date: Sat Aug 11 12:29:06 2012 +1000
s4-dsdb: Take more care in handling of global schema memory
This reworks dsdb_replicated_objects_commit() to have a proper local
tmp_ctx and
to be more careful about what schema is set (only setting a global schema if
the original schema was global).
In particular, the new working_schema is not given a talloc reference
to the old schema. This ensures that the old schema can go away when
no longer used.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Sat Aug 11 10:31:57 CEST 2012 on sn-devel-104
commit 329e3749381fee4182fdbf6015a42e4bdca07168
Author: Andrew Bartlett abart...@samba.org
Date: Sat Aug 11 11:00:53 2012 +1000
s4-dsdb: Remove support for per-partition sequence numbers
These sequence numbers were only used for telling if the schema was
changed, and are no longer directly related to the replication USN.
The per-partition replication USN can be obtained from the
@REPLCHANGED record on the per-partition database, and this is done
with an ldb_search().
Andrew Bartlett
commit 2d21a9bf5eeb88d738e998ee8f1720487b55e12e
Author: Andrew Bartlett abart...@samba.org
Date: Sat Aug 11 10:56:58 2012 +1000
s4-dsdb: Use only the replication USN for schema reload.
This way we do not track both the partition seq number and the
replication USN for schema reload purposes.
We only need one indication of actual data change, and the replication
per-partition sequence number is no more expensive to obtain than the
ldb per-partition sequence number.
Andrew Bartlett
---
Summary of changes:
source4/dsdb/repl/replicated_objects.c | 88 ++
source4/dsdb/samdb/ldb_modules/partition.c | 23 ---
source4/dsdb/samdb/ldb_modules/schema_load.c | 64 +--
source4/dsdb/schema/schema.h |6 --
4 files changed, 64 insertions(+), 117 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/repl/replicated_objects.c
b/source4/dsdb/repl/replicated_objects.c
index a8c210f..564befe 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -543,8 +543,16 @@ WERROR dsdb_replicated_objects_commit(struct ldb_context
*ldb,
WERROR werr;
struct ldb_result *ext_res;
struct dsdb_schema *cur_schema = NULL;
+ struct dsdb_schema *new_schema = NULL;
int ret;
uint64_t seq_num1, seq_num2;
+ bool used_global_schema = false;
+
+ TALLOC_CTX *tmp_ctx = talloc_new(objects);
+ if (!tmp_ctx) {
+ DEBUG(0,(Failed to start talloc\n));
+ return WERR_NOMEM;
+ }
/* TODO: handle linked attributes */
@@ -561,6 +569,7 @@ WERROR dsdb_replicated_objects_commit(struct ldb_context
*ldb,
if (ret != LDB_SUCCESS) {
DEBUG(0,(__location__ Failed to load partition uSN\n));
ldb_transaction_cancel(ldb);
+ TALLOC_FREE(tmp_ctx);
return WERR_FOOBAR;
}
@@ -572,7 +581,8 @@ WERROR dsdb_replicated_objects_commit(struct ldb_context
*ldb,
*/
if (working_schema) {
/* store current schema so we can fall back in case of failure
*/
- cur_schema = dsdb_get_schema(ldb, working_schema);
+ cur_schema = dsdb_get_schema(ldb, tmp_ctx);
+ used_global_schema = dsdb_uses_global_schema(ldb);
ret = dsdb_reference_schema(ldb, working_schema, false);
if (ret != LDB_SUCCESS) {
@@ -580,6 +590,7 @@ WERROR dsdb_replicated_objects_commit(struct ldb_context
*ldb,
ldb_strerror(ret)));
/* TODO: Map LDB Error to NTSTATUS? */
ldb_transaction_cancel(ldb);
+ TALLOC_FREE(tmp_ctx);
return WERR_INTERNAL_ERROR;
}
}
@@ -587,14 +598,16 @@ WERROR dsdb_replicated_objects_commit(struct ldb_context
*ldb,
ret = ldb_extended(ldb, DSDB_EXTENDED_REPLICATED_OBJECTS_OID, objects,
ext_res);
if (ret != LDB_SUCCESS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a117fd6 s4-dsdb: Ensure we have indexing enabled during the provision via ef87b4e s4-pydsdb: Provide control of if we should write index attributes when reloading a schema from 1a1f01e s4-dsdb: Change talloc parent http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a117fd6d11aef5360a1af1fc6da542829da8b7b0 Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 9 14:33:49 2012 +1000 s4-dsdb: Ensure we have indexing enabled during the provision Because we set the schema before we connected the ldb to a file, the @INDEX records were not added until next startup. This cost 100% more time in running provision on my laptop. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Thu Aug 9 08:20:36 CEST 2012 on sn-devel-104 commit ef87b4e4f10eb7d5974cb0e0861648d537153a00 Author: Andrew Bartlett abart...@samba.org Date: Thu Aug 9 14:23:12 2012 +1000 s4-pydsdb: Provide control of if we should write index attributes when reloading a schema This allows us to carefully control the loading of the schema. Andrew Bartlett --- Summary of changes: source4/dsdb/pydsdb.c |6 -- .../scripting/python/samba/provision/__init__.py |7 ++- source4/scripting/python/samba/samdb.py|8 3 files changed, 14 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c index 3558049..9023d69 100644 --- a/source4/dsdb/pydsdb.c +++ b/source4/dsdb/pydsdb.c @@ -873,7 +873,9 @@ static PyObject *py_dsdb_set_schema_from_ldb(PyObject *self, PyObject *args) struct ldb_context *from_ldb; struct dsdb_schema *schema; int ret; - if (!PyArg_ParseTuple(args, OO, py_ldb, py_from_ldb)) + char write_attributes = true; + if (!PyArg_ParseTuple(args, OO|b, + py_ldb, py_from_ldb, write_attributes)) return NULL; PyErr_LDB_OR_RAISE(py_ldb, ldb); @@ -886,7 +888,7 @@ static PyObject *py_dsdb_set_schema_from_ldb(PyObject *self, PyObject *args) return NULL; } - ret = dsdb_reference_schema(ldb, schema, true); + ret = dsdb_reference_schema(ldb, schema, write_attributes); PyErr_LDB_ERROR_IS_ERR_RAISE(py_ldb_get_exception(), ret, ldb); Py_RETURN_NONE; diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index 192130e..94e857e 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -1121,7 +1121,7 @@ def setup_samdb(path, session_info, provision_backend, lp, names, logger.info(Pre-loading the Samba 4 and AD schema) # Load the schema from the one we computed earlier -samdb.set_schema(schema) +samdb.set_schema(schema, write_attributes=False) # Set the NTDS settings DN manually - in order to have it already around # before the provisioned tree exists and we connect @@ -1131,6 +1131,11 @@ def setup_samdb(path, session_info, provision_backend, lp, names, # DB samdb.connect(path) +# But we have to give it one more kick to have it use the schema +# during provision - it needs, now that it is connected, to write +# the schema @INDEX records to the database. +samdb.set_schema(schema, write_attributes=True) + return samdb diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index 7451b6c..3355e9a 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -608,11 +608,11 @@ accountExpires: %u def load_partition_usn(self, base_dn): return dsdb._dsdb_load_partition_usn(self, base_dn) -def set_schema(self, schema): -self.set_schema_from_ldb(schema.ldb) +def set_schema(self, schema, write_attributes=True): +self.set_schema_from_ldb(schema.ldb, write_attributes=write_attributes) -def set_schema_from_ldb(self, ldb_conn): -dsdb._dsdb_set_schema_from_ldb(self, ldb_conn) +def set_schema_from_ldb(self, ldb_conn, write_attributes=True): +dsdb._dsdb_set_schema_from_ldb(self, ldb_conn, write_attributes) def dsdb_DsReplicaAttribute(self, ldb, ldap_display_name, ldif_elements): '''convert a list of attribute values to a DRSUAPI DsReplicaAttribute''' -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d799b25 s4-dsdb: Remove strcasecmp() fallback in
replmd_ldb_message_element_attid_sort
via 8dd09ef s4-dsdb: Do not reload partition metadata except on
transaction start
from 0d7b17f s3:smb2_sesssetup: setup global-[en|de]cryption_key
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d799b25dd3ed0f72ee03949225ba241c5538d7d6
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 16:16:03 2012 +1000
s4-dsdb: Remove strcasecmp() fallback in
replmd_ldb_message_element_attid_sort
In all callers, we must already have a attributeID for each of the
values or else we would have already given an error, or could not have
obtained the message over DRS.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 9 11:39:54 CEST 2012 on sn-devel-104
commit 8dd09ef46dee1056e1ea029375a250b12dacae10
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 15:16:37 2012 +1000
s4-dsdb: Do not reload partition metadata except on transaction start
This ensures that we do not add objects that should go into a partition,
but we
simply return that an object is not present if the connection was created
before the partition was loaded. It is rare to create a new partition.
Andrew Bartlett
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/partition.c | 11 ---
source4/dsdb/samdb/ldb_modules/repl_meta_data.c |7 ---
2 files changed, 0 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c
b/source4/dsdb/samdb/ldb_modules/partition.c
index 4a9216b..f980b67 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -549,12 +549,6 @@ static int partition_search(struct ldb_module *module,
struct ldb_request *req)
int ret;
bool domain_scope = false, phantom_root = false;
- /* see if we are still up-to-date */
- ret = partition_reload_if_required(module, data, req);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
p = find_partition(data, NULL, req);
if (p != NULL) {
/* the caller specified what partition they want the
@@ -1129,11 +1123,6 @@ static int partition_sequence_number(struct ldb_module
*module, struct ldb_reque
* this reload for every query of the next global seq
* number
*/
- ret = partition_reload_if_required(module, data, req);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
p = find_partition(data, NULL, req);
if (p != NULL) {
/* the caller specified what partition they want the
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 4bfbee1..6b5e121 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -661,13 +661,6 @@ static int replmd_ldb_message_element_attid_sort(const
struct ldb_message_elemen
a1 = dsdb_attribute_by_lDAPDisplayName(schema, e1-name);
a2 = dsdb_attribute_by_lDAPDisplayName(schema, e2-name);
- /*
-* TODO: remove this check, we should rely on e1 and e2 having valid
attribute names
-* in the schema
-*/
- if (!a1 || !a2) {
- return strcasecmp(e1-name, e2-name);
- }
if (a1-attributeID_id == a2-attributeID_id) {
return 0;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 11d60d1 s4-ldb_wrap: Do not vasprintf() the ldb debug messages that
will not be shown
via 73f0cb5 lib/ldb: Do not vasprintf() the tevent debug messages that
will not be shown
via 7e562cf s4-events: Do not vasprintf() the tevent debug messages
that will not be shown
via 434bed7 s3-events: Do not vasprintf() the tevent debug messages
that will not be shown
via 299fc75 lib/ldb: Use tdb_exists() rather than
tdb_fetch()/talloc_free()
from d799b25 s4-dsdb: Remove strcasecmp() fallback in
replmd_ldb_message_element_attid_sort
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 11d60d13dc54ff154b2a7bb53e326ed2180d473c
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 19:41:05 2012 +1000
s4-ldb_wrap: Do not vasprintf() the ldb debug messages that will not be
shown
This malloc() and free() actually shows up quite high on a call profile of
provision of the AD DC.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 9 13:51:06 CEST 2012 on sn-devel-104
commit 73f0cb5278e714740d0de75e6b0d0bf4c815491a
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 19:40:45 2012 +1000
lib/ldb: Do not vasprintf() the tevent debug messages that will not be shown
This malloc() and free() actually shows up quite high on a call profile of
provision of the AD DC.
This allows the debug handler to decide if the argument list should be
printed.
Andrew Bartlett
commit 7e562cf3eb8d8aabf9b5d62a92e67221e4f07e3a
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 18:34:48 2012 +1000
s4-events: Do not vasprintf() the tevent debug messages that will not be
shown
This malloc() and free() actually shows up quite high on a call profile of
provision of the AD DC.
Andrew Bartlett
commit 434bed75c43d3d7854bd9433913448810d3ff511
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 18:34:28 2012 +1000
s3-events: Do not vasprintf() the tevent debug messages that will not be
shown
This malloc() and free() actually shows up quite high on a call profile of
provision of the AD DC (and this is the matching patch for source3).
Andrew Bartlett
commit 299fc7522858e2d7ee6c54310a4e157c8142c74f
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 19:58:31 2012 +1000
lib/ldb: Use tdb_exists() rather than tdb_fetch()/talloc_free()
This avoids pulling the record and doing an allocation when we just
want to know if it exists.
Andrew Bartlett
---
Summary of changes:
lib/ldb-samba/ldb_wrap.c | 12 +++-
lib/ldb/ABI/{ldb-1.1.6.sigs = ldb-1.1.10.sigs}|1 +
...yldb-util-1.1.2.sigs = pyldb-util-1.1.10.sigs} |0
lib/ldb/common/ldb.c |9 -
lib/ldb/common/ldb_debug.c | 16
lib/ldb/include/ldb_module.h |1 +
lib/ldb/ldb_tdb/ldb_search.c | 14 +++---
lib/ldb/wscript|2 +-
source3/lib/events.c | 10 ++
source4/lib/events/tevent_s4.c | 10 ++
10 files changed, 45 insertions(+), 30 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.6.sigs = ldb-1.1.10.sigs} (99%)
copy lib/ldb/ABI/{pyldb-util-1.1.2.sigs = pyldb-util-1.1.10.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/ldb-samba/ldb_wrap.c b/lib/ldb-samba/ldb_wrap.c
index 83a0674..028bd6f 100644
--- a/lib/ldb-samba/ldb_wrap.c
+++ b/lib/ldb-samba/ldb_wrap.c
@@ -47,7 +47,6 @@ static void ldb_wrap_debug(void *context, enum
ldb_debug_level level,
const char *fmt, va_list ap)
{
int samba_level = -1;
- char *s = NULL;
switch (level) {
case LDB_DEBUG_FATAL:
samba_level = 0;
@@ -63,10 +62,13 @@ static void ldb_wrap_debug(void *context, enum
ldb_debug_level level,
break;
};
- vasprintf(s, fmt, ap);
- if (!s) return;
- DEBUG(samba_level, (ldb: %s\n, s));
- free(s);
+ if (CHECK_DEBUGLVL(samba_level)) {
+ char *s = NULL;
+ vasprintf(s, fmt, ap);
+ if (!s) return;
+ DEBUG(samba_level, (ldb: %s\n, s));
+ free(s);
+ }
}
diff --git a/lib/ldb/ABI/ldb-1.1.6.sigs b/lib/ldb/ABI/ldb-1.1.10.sigs
similarity index 99%
copy from lib/ldb/ABI/ldb-1.1.6.sigs
copy to lib/ldb/ABI/ldb-1.1.10.sigs
index f90fa13..de5026e 100644
--- a/lib/ldb/ABI/ldb-1.1.6.sigs
+++ b/lib/ldb/ABI/ldb-1.1.10.sigs
@@ -255,4 +255,5 @@ ldb_val_map_remote: struct
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 51a7154 nsswitch: add ABI checking and symbol versions to
libwbclient
via fdd07e8 s4-dsdb: Explain better what records are written during
schema set
via 1d1bdc3 lib/ldb: Use tdb_parse_record and a callback rather than
tdb_fetch()
from a5495bc Remove smb_panic() from unix_strlower(). Just rely on error
code return.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 51a71547ef0c883970e9ef86a33c42e1b815cc4d
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 10 10:17:31 2012 +1000
nsswitch: add ABI checking and symbol versions to libwbclient
This will ensure that we do not unintentionally break the ABI.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Aug 10 04:08:54 CEST 2012 on sn-devel-104
commit fdd07e87c6fc7a4a0ea7c6f99080d78e526042e6
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 10 08:44:04 2012 +1000
s4-dsdb: Explain better what records are written during schema set
This is controlled by setting write_indices_and_attributes.
Andrew Bartlett
commit 1d1bdc315b4619f0ca5b2a0db602cbe283f8dca8
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 22:46:48 2012 +1000
lib/ldb: Use tdb_parse_record and a callback rather than tdb_fetch()
This avoid allocation at the tdb layer as we will allocate this
with talloc right away anyway.
Andrew Bartlett
---
Summary of changes:
lib/ldb/ldb_tdb/ldb_search.c | 54 ++
nsswitch/libwbclient/ABI/wbclient-0.9.sigs | 75
nsswitch/libwbclient/wscript |3 +
source4/dsdb/pydsdb.c |6 +-
source4/dsdb/schema/schema_set.c | 23 --
.../scripting/python/samba/provision/__init__.py |6 +-
source4/scripting/python/samba/samdb.py|8 +-
7 files changed, 142 insertions(+), 33 deletions(-)
create mode 100644 nsswitch/libwbclient/ABI/wbclient-0.9.sigs
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ldb_tdb/ldb_search.c b/lib/ldb/ldb_tdb/ldb_search.c
index e631f7b..703ad6a 100644
--- a/lib/ldb/ldb_tdb/ldb_search.c
+++ b/lib/ldb/ldb_tdb/ldb_search.c
@@ -234,6 +234,26 @@ static int ltdb_search_base(struct ldb_module *module,
struct ldb_dn *dn)
return LDB_ERR_NO_SUCH_OBJECT;
}
+struct ltdb_parse_data_unpack_ctx {
+ struct ldb_message *msg;
+ struct ldb_module *module;
+};
+
+static int ltdb_parse_data_unpack(TDB_DATA key, TDB_DATA data,
+ void *private_data)
+{
+ struct ltdb_parse_data_unpack_ctx *ctx = private_data;
+
+ int ret = ltdb_unpack_data(ctx-module, data, ctx-msg);
+ if (ret == -1) {
+ struct ldb_context *ldb = ldb_module_get_ctx(ctx-module);
+ ldb_debug(ldb, LDB_DEBUG_ERROR, Invalid data for index
%*.*s\n,
+ (int)key.dsize, (int)key.dsize, key.dptr);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ return ret;
+}
+
/*
search the database for a single simple dn, returning all attributes
in a single message
@@ -246,9 +266,11 @@ int ltdb_search_dn1(struct ldb_module *module, struct
ldb_dn *dn, struct ldb_mes
void *data = ldb_module_get_private(module);
struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
int ret;
- TDB_DATA tdb_key, tdb_data;
-
- memset(msg, 0, sizeof(*msg));
+ TDB_DATA tdb_key;
+ struct ltdb_parse_data_unpack_ctx ctx = {
+ .msg = msg,
+ .module = module
+ };
/* form the key */
tdb_key = ltdb_key(module, dn);
@@ -256,24 +278,24 @@ int ltdb_search_dn1(struct ldb_module *module, struct
ldb_dn *dn, struct ldb_mes
return LDB_ERR_OPERATIONS_ERROR;
}
- tdb_data = tdb_fetch(ltdb-tdb, tdb_key);
- talloc_free(tdb_key.dptr);
- if (!tdb_data.dptr) {
- return LDB_ERR_NO_SUCH_OBJECT;
- }
-
+ memset(msg, 0, sizeof(*msg));
+
msg-num_elements = 0;
msg-elements = NULL;
- ret = ltdb_unpack_data(module, tdb_data, msg);
- free(tdb_data.dptr);
+ ret = tdb_parse_record(ltdb-tdb, tdb_key,
+ ltdb_parse_data_unpack, ctx);
+ talloc_free(tdb_key.dptr);
+
if (ret == -1) {
- struct ldb_context *ldb = ldb_module_get_ctx(module);
- ldb_debug(ldb, LDB_DEBUG_ERROR, Invalid data for index %s\n,
- ldb_dn_get_linearized(msg-dn));
- return LDB_ERR_OPERATIONS_ERROR;
+ if (tdb_error(ltdb-tdb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 51dd39b selftest: Rename samba4.blackbox.pdbtest to samba.blackbox.pdbtest via b7b4879 s3-torture: Extend pdbtest to also run an authentication unit-test via de2d813 build: Remove pdbtest from the autoconf build from 528d3fe libcli/smb: do not set SMB2_TF_MSG_SIZE in the caller http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 51dd39b2cf800ccf89cc1ae5ce6fe1ce2edff9c3 Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 8 16:02:29 2012 +1000 selftest: Rename samba4.blackbox.pdbtest to samba.blackbox.pdbtest This test covers s3dc as well. Andrew Bartlett Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Wed Aug 8 09:57:14 CEST 2012 on sn-devel-104 commit b7b48793501915ecf5cb52b3044fd2f902987802 Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 8 15:22:03 2012 +1000 s3-torture: Extend pdbtest to also run an authentication unit-test This tests both the builtin auth_sam against passdb directly and the configured auth module. Andrew Bartlett commit de2d813898bcfc530d13753a57ac8356b7c7bf0e Author: Andrew Bartlett abart...@samba.org Date: Wed Aug 8 15:53:36 2012 +1000 build: Remove pdbtest from the autoconf build pdbtest is internal test utility that is not installed. It is only run from the full (waf) make test, and does not need to be built in the autoconf build. Removing it from the autoconf build makes it easier to expand this test to depend on more parts of Samba. Andrew Bartlett --- Summary of changes: source3/Makefile.in | 13 +- source3/torture/pdbtest.c | 117 - source3/wscript_build |4 +- source4/selftest/tests.py |2 +- 4 files changed, 121 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index e42c1b5..2635cfa 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -223,7 +223,7 @@ BIN_PROGS3 = bin/smbpasswd bin/rpcclient bin/smbcacls \ TORTURE_PROGS = bin/smbtorture bin/msgtest \ bin/masktest bin/locktest \ bin/locktest2 bin/nsstest bin/vfstest \ - bin/pdbtest $(TALLOCTORT) bin/replacetort \ + $(TALLOCTORT) bin/replacetort \ $(TDBTORTURE) $(PTHREADPOOLTEST) \ bin/smbconftort bin/vlp @@ -1323,11 +1323,6 @@ LOCKTEST_OBJ = torture/locktest.o $(PARAM_OBJ) $(LOCKING_OBJ) $(KRBCLIENT_OBJ) \ NSSTEST_OBJ = ../nsswitch/nsstest.o ../lib/util/setid.o $(LIBSAMBAUTIL_OBJ) -PDBTEST_OBJ = torture/pdbtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ - $(LIB_NONSMBD_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ - $(SMBLDAP_OBJ) $(POPT_LIB_OBJ) \ - $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) - VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(SMBD_OBJ_BASE) $(READLINE_OBJ) \ torture/vfstest_chain.o @@ -2073,12 +2068,6 @@ bin/nsstest: $(BINARY_PREREQS) $(NSSTEST_OBJ) $(LIBTALLOC) @$(CC) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \ $(LIBTALLOC_LIBS) -bin/pdbtest: $(BINARY_PREREQS) $(PDBTEST_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) - @echo Linking $@ - @$(CC) -o $@ $(PDBTEST_OBJ) $(LDFLAGS) $(DYNEXP) \ - $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) \ - $(POPT_LIBS) $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) $(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) - bin/vfstest: $(BINARY_PREREQS) $(VFSTEST_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT) @echo Linking $@ @$(CC) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(AVAHI_LIBS) \ diff --git a/source3/torture/pdbtest.c b/source3/torture/pdbtest.c index 821f39b..d0d529e 100644 --- a/source3/torture/pdbtest.c +++ b/source3/torture/pdbtest.c @@ -4,6 +4,7 @@ Copyright (C) Wilco Baan Hofman 2006 Copyright (C) Jelmer Vernooij 2006 + Copyright (C) Andrew Bartlett 2012 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -27,6 +28,10 @@ #include ../librpc/gen_ndr/drsblobs.h #include ../librpc/gen_ndr/ndr_drsblobs.h #include ../libcli/security/dom_sid.h +#include ../libcli/auth/libcli_auth.h +#include ../auth/common_auth.h +#include lib/tsocket/tsocket.h +#include include/auth.h #define TRUST_DOM trustdom #define TRUST_PWD trustpwd1232 @@ -38,6 +43,7 @@ static bool samu_correct(struct samu *s1, struct samu *s2) uint32 s1_len, s2_len; const char *s1_buf, *s2_buf; const uint8 *d1_buf, *d2_buf; + const struct dom_sid *s1_sid, *s2_sid; /* Check Unix username */ s1_buf = pdb_get_username(s1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1a1f01e s4-dsdb: Change talloc parent
via 1727556 s4-dsdb: Remove ldb_sequence_type argument from
partition_primary_sequence_number
via 6ec963e s4-dsdb: simplify migration of old-style seqence numbers to
metadata.tdb
via 6a648b7 s4-dsdb: Reduce calls to the ldb layer by reloading less
often
from 47c5900 s3:nmbd: log a failure in
get_domain_master_name_node_status_success() as level 1
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1a1f01ee7a754f2ee4f385fba6cb55d82518
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 12:23:58 2012 +1000
s4-dsdb: Change talloc parent
This matches the rest of the function.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 9 06:26:36 CEST 2012 on sn-devel-104
commit 17275561a062b0453f9d2547ecebd6dff08aaa24
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 12:23:13 2012 +1000
s4-dsdb: Remove ldb_sequence_type argument from
partition_primary_sequence_number
We always want LDB_SEQ_HIGHEST_SEQ here.
Andrew Bartlett
commit 6ec963eef7c00315b2d941951602825a89fabb6e
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 12:20:37 2012 +1000
s4-dsdb: simplify migration of old-style seqence numbers to metadata.tdb
This simple operation does not need to be encased in generic ldb extended
operations.
Andrew Bartlett
commit 6a648b727f50e33a4c66a77e3980d7c0c2adcb49
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 9 10:21:38 2012 +1000
s4-dsdb: Reduce calls to the ldb layer by reloading less often
We do not need to reload the partition list to get the global sequence
number, as that number is stored in the metadata.tdb, not the ldb files.
Andrew Bartlett
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/partition.c | 184
source4/dsdb/samdb/ldb_modules/partition_init.c|8 +-
.../dsdb/samdb/ldb_modules/partition_metadata.c| 57 +--
3 files changed, 82 insertions(+), 167 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c
b/source4/dsdb/samdb/ldb_modules/partition.c
index d4f020f..4a9216b 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -985,7 +985,7 @@ static int partition_del_trans(struct ldb_module *module)
}
int partition_primary_sequence_number(struct ldb_module *module, TALLOC_CTX
*mem_ctx,
- enum ldb_sequence_type type, uint64_t
*seq_number,
+ uint64_t *seq_number,
struct ldb_request *parent)
{
int ret;
@@ -997,7 +997,7 @@ int partition_primary_sequence_number(struct ldb_module
*module, TALLOC_CTX *mem
if (tseq == NULL) {
return ldb_oom(ldb_module_get_ctx(module));
}
- tseq-type = type;
+ tseq-type = LDB_SEQ_HIGHEST_SEQ;
ret = dsdb_module_extended(module, tseq, res,
LDB_EXTENDED_SEQUENCE_NUMBER,
@@ -1027,115 +1027,73 @@ int partition_primary_sequence_number(struct
ldb_module *module, TALLOC_CTX *mem
* Older version of sequence number as sum of sequence numbers for each
partition
*/
int partition_sequence_number_from_partitions(struct ldb_module *module,
- struct ldb_request *req,
- struct ldb_extended **ext)
+ uint64_t *seqr)
{
int ret;
unsigned int i;
uint64_t seq_number = 0;
struct partition_private_data *data =
talloc_get_type(ldb_module_get_private(module),
struct
partition_private_data);
- struct ldb_seqnum_request *seq;
- struct ldb_seqnum_result *seqr;
- struct ldb_request *treq;
- struct ldb_seqnum_request *tseq;
- struct ldb_seqnum_result *tseqr;
- struct ldb_result *res;
- struct dsdb_partition *p;
- p = find_partition(data, NULL, req);
- if (p != NULL) {
- /* the caller specified what partition they want the
-* sequence number operation on - just pass it on
-*/
- return ldb_next_request(p-module, req);
+ ret = partition_primary_sequence_number(module, data, seq_number,
NULL);
+ if (ret != LDB_SUCCESS) {
+ return ret;
}
-
- seq = talloc_get_type(req-op.extended.data, struct ldb_seqnum_request);
-
- switch (seq-type) {
- case
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f06c216 s3-pysmbd: Try opening as a file, then as a directory
via e571d5c s3-pysmbd: Use talloc_zero()
via e658421 s3-passdb: Simplify idmap wrapper in pdb_samba4
via 227d490 s3-pysmbd: Add talloc_stackframe() to smbd_set_simple_acl
wrapper
from 721096b s3:smb2_server: make use of
smbd_smb2_inbuf_parse_compound() in smbd_smb2_request_read*()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f06c216d0b3ffd036ac10f9abe9b2fe3ff319f09
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 14:19:06 2012 +1000
s3-pysmbd: Try opening as a file, then as a directory
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 7 08:59:21 CEST 2012 on sn-devel-104
commit e571d5c03ef416bc7f6a1eb66567ec2715da9d21
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 14:18:41 2012 +1000
s3-pysmbd: Use talloc_zero()
This avoids operating on uninitialised data
Andrew Bartlett
commit e658421fe1f724da0e627c0ae407804993c2521e
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 14:17:09 2012 +1000
s3-passdb: Simplify idmap wrapper in pdb_samba4
The source3 consumers of this API are now quite happy to be given an answer
of ID_TYPE_BOTH, so we do not need this extra code to try and force the
answer to UID or GID.
Andrew Bartlett
commit 227d490477230cfdd6b912b6f6a63314fa64ca88
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 10:45:14 2012 +1000
s3-pysmbd: Add talloc_stackframe() to smbd_set_simple_acl wrapper
---
Summary of changes:
source3/passdb/pdb_samba4.c | 59 ++
source3/smbd/pysmbd.c | 12 ++--
2 files changed, 18 insertions(+), 53 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/pdb_samba4.c b/source3/passdb/pdb_samba4.c
index 40827df..01eb4ba 100644
--- a/source3/passdb/pdb_samba4.c
+++ b/source3/passdb/pdb_samba4.c
@@ -2058,67 +2058,26 @@ static bool pdb_samba4_sid_to_id(struct pdb_methods *m,
const struct dom_sid *si
m-private_data, struct pdb_samba4_state);
struct id_map id_map;
struct id_map *id_maps[2];
- const char *attrs[] = { objectClass, NULL };
- struct ldb_message *msg;
- struct ldb_dn *dn;
NTSTATUS status;
- int rc;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
if (!tmp_ctx) {
return false;
}
ZERO_STRUCT(id_map);
+ id_map.sid = sid;
+ id_maps[0] = id_map;
+ id_maps[1] = NULL;
- dn = ldb_dn_new_fmt(tmp_ctx, state-ldb, SID=%s,
dom_sid_string(tmp_ctx, sid));
- if (!dn || !ldb_dn_validate(dn)) {
- talloc_free(tmp_ctx);
+ status = idmap_sids_to_xids(state-idmap_ctx, tmp_ctx, id_maps);
+ talloc_free(tmp_ctx);
+ if (!NT_STATUS_IS_OK(status)) {
return false;
}
- rc = dsdb_search_one(state-ldb, tmp_ctx, msg, dn, LDB_SCOPE_BASE,
attrs, 0, NULL);
- if (rc == LDB_ERR_NO_SUCH_OBJECT) {
- DEBUG(5, (__location__ SID to Unix ID lookup failed because
SID %s could not be found in the samdb\n, dom_sid_string(tmp_ctx, sid)));
- talloc_free(tmp_ctx);
- return false;
+ if (id_map.xid.type != ID_TYPE_NOT_SPECIFIED) {
+ *id = id_map.xid;
+ return true;
}
- if (samdb_find_attribute(state-ldb, msg, objectClass, group)) {
- id-type = ID_TYPE_GID;
-
- ZERO_STRUCT(id_map);
- id_map.sid = sid;
- id_maps[0] = id_map;
- id_maps[1] = NULL;
-
- status = idmap_sids_to_xids(state-idmap_ctx, tmp_ctx, id_maps);
- talloc_free(tmp_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- return false;
- }
- if (id_map.xid.type == ID_TYPE_GID || id_map.xid.type ==
ID_TYPE_BOTH) {
- id-id = id_map.xid.id;
- return true;
- }
- return false;
- } else if (samdb_find_attribute(state-ldb, msg, objectClass,
user)) {
- id-type = ID_TYPE_UID;
- ZERO_STRUCT(id_map);
- id_map.sid = sid;
- id_maps[0] = id_map;
- id_maps[1] = NULL;
-
- status = idmap_sids_to_xids(state-idmap_ctx, tmp_ctx, id_maps);
- talloc_free(tmp_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- return false;
- }
- if (id_map.xid.type == ID_TYPE_UID || id_map.xid.type ==
ID_TYPE_BOTH) {
- id-id
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 33705f4 s4-scripting: Remove unused variables from ntacl tests
via 4aca56c s4-smbd: Check for failure of irpc_add_name
from f06c216 s3-pysmbd: Try opening as a file, then as a directory
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 33705f4cc1773ff4fc37a6e6927af7a327aeb31d
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 16:55:58 2012 +1000
s4-scripting: Remove unused variables from ntacl tests
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 7 11:15:41 CEST 2012 on sn-devel-104
commit 4aca56cd848df11d79a8a0333d3e9944f176bcd9
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 15:50:46 2012 +1000
s4-smbd: Check for failure of irpc_add_name
---
Summary of changes:
source4/scripting/python/samba/tests/ntacls.py | 10 --
source4/smbd/server.c |5 -
2 files changed, 4 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/tests/ntacls.py
b/source4/scripting/python/samba/tests/ntacls.py
index c7e4101..c867c95 100644
--- a/source4/scripting/python/samba/tests/ntacls.py
+++ b/source4/scripting/python/samba/tests/ntacls.py
@@ -32,8 +32,6 @@ class NtaclsTests(TestCase):
path = os.environ['SELFTEST_PREFIX']
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
tempf = os.path.join(path,pytests+str(int(10*random.random(
-ntacl = xattr.NTACL()
-ntacl.version = 1
open(tempf, 'w').write(empty)
lp.set(posix:eadb,os.path.join(path,eadbtest.tdb))
setntacl(lp, tempf, acl, S-1-5-21-2212615479-2695158682-2101375467)
@@ -46,8 +44,6 @@ class NtaclsTests(TestCase):
path = os.environ['SELFTEST_PREFIX']
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
tempf = os.path.join(path,pytests+str(int(10*random.random(
-ntacl = xattr.NTACL()
-ntacl.version = 1
open(tempf, 'w').write(empty)
lp.set(posix:eadb,os.path.join(path,eadbtest.tdb))
setntacl(lp,tempf,acl,S-1-5-21-2212615479-2695158682-2101375467)
@@ -62,8 +58,6 @@ class NtaclsTests(TestCase):
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
path = os.environ['SELFTEST_PREFIX']
tempf = os.path.join(path,pytests+str(int(10*random.random(
-ntacl = xattr.NTACL()
-ntacl.version = 1
open(tempf, 'w').write(empty)
setntacl(lp,tempf,acl,S-1-5-21-2212615479-2695158682-2101375467,tdb,os.path.join(path,eadbtest.tdb))
facl=getntacl(lp,tempf,tdb,os.path.join(path,eadbtest.tdb))
@@ -77,8 +71,6 @@ class NtaclsTests(TestCase):
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
path = os.environ['SELFTEST_PREFIX']
tempf = os.path.join(path,pytests+str(int(10*random.random(
-ntacl = xattr.NTACL()
-ntacl.version = 1
open(tempf, 'w').write(empty)
self.assertRaises(XattrBackendError, setntacl, lp, tempf, acl,
S-1-5-21-2212615479-2695158682-2101375467,ttdb,
os.path.join(path,eadbtest.tdb))
@@ -90,8 +82,6 @@ class NtaclsTests(TestCase):
acl =
O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)
path = os.environ['SELFTEST_PREFIX']
tempf = os.path.join(path,pytests+str(int(10*random.random(
-ntacl = xattr.NTACL()
-ntacl.version = 1
open(tempf, 'w').write(empty)
lp.set(posix:eadb, os.path.join(path,eadbtest.tdb))
self.assertRaises(Exception, setntacl, lp, tempf ,acl,
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index a6ebcd6..f3405a7 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -225,7 +225,10 @@ static NTSTATUS setup_parent_messaging(struct
tevent_context *event_ctx,
cluster_id(0, SAMBA_PARENT_TASKID), event_ctx,
false);
NT_STATUS_HAVE_NO_MEMORY(msg);
- irpc_add_name(msg, samba);
+ status = irpc_add_name(msg, samba);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
status = IRPC_REGISTER(msg, irpc
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d825adf s3-param: Remove never-reached condition for popts == NULL
via 31d1fde s3-param: Remove never-reached condition for opt_list ==
NULL
via d65bded source3/loadparm.c: Move string_set/string_free inside.
via 3bb65aa source3/smbd/conn.c: wean off string_set/string_free
via a14c02d source3/loadparm: make struct loadparm_service a talloc
object.
via 592e3f4 loadparm: Add ctx member to struct loadparm_global.
from 9b7b736 media_harmony VFS module: Add and build by default.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d825adf86a91aa08588ef5fa95ce3f91abb9fd40
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 21:29:53 2012 +1000
s3-param: Remove never-reached condition for popts == NULL
All the callers provide a parametric options pointer to fill in.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Aug 7 17:16:38 CEST 2012 on sn-devel-104
commit 31d1fde037d78e2c2becdedb9016a859e5e38437
Author: Andrew Bartlett abart...@samba.org
Date: Tue Aug 7 21:20:47 2012 +1000
s3-param: Remove never-reached condition for opt_list == NULL
All the callers provide a parametric options pointer to fill in.
Andrew Bartlett
commit d65bded0c2435a62bf0fe33828d6dc5b9a74f936
Author: Rusty Russell ru...@rustcorp.com.au
Date: Mon Jul 23 14:51:39 2012 +0930
source3/loadparm.c: Move string_set/string_free inside.
The only user, so make them static inside loadparm.c
Signed-off-by: Rusty Russell ru...@rustcorp.com.au
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 3bb65aa159cae310b2a5d4998c258d72ace2fa3f
Author: Rusty Russell ru...@rustcorp.com.au
Date: Mon Jul 23 14:51:34 2012 +0930
source3/smbd/conn.c: wean off string_set/string_free
Use straight talloc strings. This is the only user outside loadparm.c.
Signed-off-by: Rusty Russell ru...@rustcorp.com.au
Signed-off-by: Andrew Bartlett abart...@samba.org
commit a14c02d2a7b9d070a6338a360103a34e7673454c
Author: Rusty Russell ru...@rustcorp.com.au
Date: Mon Jul 23 12:20:26 2012 +0930
source3/loadparm: make struct loadparm_service a talloc object.
This gives us a place to allocate members from.
Signed-off-by: Rusty Russell ru...@rustcorp.com.au
Signed-off-by: Andrew Bartlett abart...@samba.org
commit 592e3f4b236b3b5c056faca6ca6f060560a3204d
Author: Rusty Russell ru...@rustcorp.com.au
Date: Mon Jul 23 12:19:46 2012 +0930
loadparm: Add ctx member to struct loadparm_global.
Rather than tallocing global parameters off NULL, keep it neat by having
a Global.ctx member.
Signed-off-by: Rusty Russell ru...@rustcorp.com.au
Signed-off-by: Andrew Bartlett abart...@samba.org
---
Summary of changes:
script/mkparamdefs.pl |4 ++-
source3/Makefile.in |2 +-
source3/include/proto.h |2 -
source3/lib/string_init.c | 77 -
source3/param/loadparm.c | 66 +-
source3/smbd/conn.c | 10 ++
source3/smbd/service.c|9 +++--
source3/wscript_build |2 +-
8 files changed, 70 insertions(+), 102 deletions(-)
delete mode 100644 source3/lib/string_init.c
Changeset truncated at 500 lines:
diff --git a/script/mkparamdefs.pl b/script/mkparamdefs.pl
index b489cc9..6b59230 100644
--- a/script/mkparamdefs.pl
+++ b/script/mkparamdefs.pl
@@ -91,12 +91,14 @@ $file-(/* This file was automatically generated by
mkparamdefs.pl. DO NOT EDIT
$file-( * This structure describes global (ie., server-wide)
parameters.\n);
$file-( */\n);
$file-(struct loadparm_global \n);
+ $file-({\n);
+ $file-(\tTALLOC_CTX *ctx; /* Context for talloced members */\n);
} elsif ($generate_scope eq LOCAL) {
$file-( * This structure describes a single service.\n);
$file-( */\n);
$file-(struct loadparm_service \n);
+ $file-({\n);
}
-$file-({\n);
}
sub print_footer($$$)
diff --git a/source3/Makefile.in b/source3/Makefile.in
index ff0f1f4..e42c1b5 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -466,7 +466,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) $(UTIL_OBJ) $(CRYPTO_OBJ)
$(LIBTSOCKET_OBJ) \
../libds/common/flag_mapping.o \
lib/access.o lib/smbrun.o \
../lib/util/bitmap.o ../lib/util/dprintf.o $(UTIL_REG_OBJ) \
- lib/wins_srv.o lib/string_init.o \
+ lib/wins_srv.o \
lib/util_str.o ../lib/util/util_str_common.o \
../lib/util/util_str.o \
../lib/util/base64.o lib/util_sid.o \
diff --git a/source3/include/proto.h
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4e0fb8b Revert ldb: Add parameter to avoid NULL format string
flagged by -Werror=format
via 33c79c8 build: Make -Werror=format check only run where NULL is
still accepted
via 0514a84 Rework recursive waf build to be a selftest-enabled not a
developer build
via dd8c0e5 build: Remove duplicate declaration of --enable-selftest
via 49b2720 lib/param: Also enable vlp when --enable-selftest is
specified
from 1c7bd2b s3:smbd: remove unused variable in sesssetup.c
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4e0fb8b4b1b7eadf315aeb599a079eb1d22a4d22
Author: Andrew Bartlett abart...@samba.org
Date: Mon Aug 6 18:46:41 2012 +1000
Revert ldb: Add parameter to avoid NULL format string flagged by
-Werror=format
This reverts commit cddcaf7bd2c272bc578ac1e4f7ec438ab94fc243.
-Werror=format is no longer uses when it would cause this to fail.
This is a legitimate use of the ldb_search API.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Mon Aug 6 14:47:27 CEST 2012 on sn-devel-104
commit 33c79c8731ea0c1ab78583a7c50953c56aea539f
Author: Andrew Bartlett abart...@samba.org
Date: Mon Aug 6 18:46:30 2012 +1000
build: Make -Werror=format check only run where NULL is still accepted
This is needed because ldb_search() allows a NULL parameter for the format
string
and this needs to be permitted by the format string checker before we want
to
make this error fatal.
Andrew Bartlett
commit 0514a84f7e7d44eae3c7fcc85fc804af6fbfda6b
Author: Andrew Bartlett abart...@samba.org
Date: Mon Aug 6 18:33:35 2012 +1000
Rework recursive waf build to be a selftest-enabled not a developer build
This essentially reverts commit a943a9ba2f739e8aee630f774915e8204aa8cf3a.
I've fixed this by making lib/param/parm_table.c honour --enable-selftest.
Andrew Bartlett
commit dd8c0e59a327c697e5f86a0fd3b18478c02c8c63
Author: Andrew Bartlett abart...@samba.org
Date: Mon Aug 6 18:32:32 2012 +1000
build: Remove duplicate declaration of --enable-selftest
commit 49b27203174647d66fbf6a35266d587cc9e2e5cc
Author: Andrew Bartlett abart...@samba.org
Date: Mon Aug 6 18:32:21 2012 +1000
lib/param: Also enable vlp when --enable-selftest is specified
---
Summary of changes:
buildtools/wafsamba/samba_autoconf.py | 21 ++---
lib/ldb/ldb_map/ldb_map.c |2 +-
lib/param/loadparm.h |2 +-
lib/param/param_table.c |2 +-
selftest/wscript |4
source3/Makefile-smbtorture4 |2 +-
source3/param/loadparm.c |2 +-
source3/wscript |3 ---
8 files changed, 27 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_autoconf.py
b/buildtools/wafsamba/samba_autoconf.py
index cfab476..03c2b24 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -437,10 +437,10 @@ def CHECK_STRUCTURE_MEMBER(conf, structname, member,
@conf
-def CHECK_CFLAGS(conf, cflags):
+def CHECK_CFLAGS(conf, cflags, fragment='int main(void) { return 0; }\n'):
'''check if the given cflags are accepted by the compiler
'''
-return conf.check(fragment='int main(void) { return 0; }\n',
+return conf.check(fragment=fragment,
execute=0,
type='nolink',
ccflags=cflags,
@@ -622,11 +622,26 @@ def SAMBA_CONFIG_H(conf, path=None):
if Options.options.developer:
# we add these here to ensure that -Wstrict-prototypes is not set
during configure
-conf.ADD_CFLAGS('-Wall -g -Wshadow -Werror=strict-prototypes
-Wstrict-prototypes -Werror=pointer-arith -Wpointer-arith -Wcast-align
-Werror=write-strings -Wwrite-strings -Werror-implicit-function-declaration
-Werror=format -Wformat=2 -Wno-format-y2k -Wmissing-prototypes -fno-common
-Werror=address',
+conf.ADD_CFLAGS('-Wall -g -Wshadow -Werror=strict-prototypes
-Wstrict-prototypes -Werror=pointer-arith -Wpointer-arith -Wcast-align
-Werror=write-strings -Wwrite-strings -Werror-implicit-function-declaration
-Wformat=2 -Wno-format-y2k -Wmissing-prototypes -fno-common -Werror=address',
testflags=True)
conf.ADD_CFLAGS('-Wcast-qual', testflags=True)
conf.env.DEVELOPER_MODE = True
+# This check is because for ldb_search(), a NULL format string
+# is not an error, but some compilers complain about that.
+if CHECK_CFLAGS(conf, -Werror=format, '''
+int testformat(char *format, ...) __attribute__ ((format (__printf__, 1, 2
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1e5098d s3-pysmbd: Add hook for get_nt_acl()
via 64f494d s3-pysmbd: fix DEBUG
via e5686a4 s3-pysmbd: Add my copyright
via 55a0d66 s3-pysmbd: Add set_nt_acl() function based on parts of
vfstest
via b041d29 s3-pypassdb: Fix wrapper for pdb_domain_info to return
correct dns_{domain,forest}
from e956253 s4:torture: send the TCONX_FLAG_EXTENDED_RESPONSE flag
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1e5098d5e1bb4dd2df6af690ade1b4b52a8d
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 2 15:16:13 2012 +1000
s3-pysmbd: Add hook for get_nt_acl()
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 2 13:27:55 CEST 2012 on sn-devel-104
commit 64f494de5e8e468a3adde62b02843d734d6cc483
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 2 13:36:55 2012 +1000
s3-pysmbd: fix DEBUG
commit e5686a4cf0931d8a89ed8f5922fd00d93b7893ea
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 2 13:36:43 2012 +1000
s3-pysmbd: Add my copyright
commit 55a0d6606c76463296188582c52821a7607ade7b
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 2 13:35:24 2012 +1000
s3-pysmbd: Add set_nt_acl() function based on parts of vfstest
This will allow us to set the full NT ACL on a file, using the VFS
layer, during provision of the AD DC.
Andrew Bartlett
commit b041d29c116a5d93b70a2cea5f808e81b9e12556
Author: Andrew Bartlett abart...@samba.org
Date: Thu Aug 2 18:05:03 2012 +1000
s3-pypassdb: Fix wrapper for pdb_domain_info to return correct
dns_{domain,forest}
---
Summary of changes:
source3/passdb/py_passdb.c |4 +-
source3/smbd/pysmbd.c | 143 +++-
source3/wscript_build |2 +-
3 files changed, 144 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c
index 7043ce6..bd332e1 100644
--- a/source3/passdb/py_passdb.c
+++ b/source3/passdb/py_passdb.c
@@ -1368,8 +1368,8 @@ static PyObject *py_pdb_domain_info(pytalloc_Object
*self, PyObject *args)
}
PyDict_SetItemString(py_domain_info, name,
PyString_FromString(domain_info-name));
- PyDict_SetItemString(py_domain_info, dns_domain,
PyString_FromString(domain_info-name));
- PyDict_SetItemString(py_domain_info, dns_forest,
PyString_FromString(domain_info-name));
+ PyDict_SetItemString(py_domain_info, dns_domain,
PyString_FromString(domain_info-dns_domain));
+ PyDict_SetItemString(py_domain_info, dns_forest,
PyString_FromString(domain_info-dns_forest));
PyDict_SetItemString(py_domain_info, dom_sid,
pytalloc_steal(dom_sid_Type, sid));
PyDict_SetItemString(py_domain_info, guid, pytalloc_steal(guid_Type,
guid));
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 5badb3a..9a44d25 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -1,9 +1,13 @@
/*
Unix SMB/CIFS implementation.
- SMB NT Security Descriptor / Unix permission conversion.
+ Set NT and POSIX ACLs and other VFS operations from Python
+
+ Copyrigyt (C) Andrew Bartlett 2012
Copyright (C) Jeremy Allison 1994-2009.
Copyright (C) Andreas Gruenbacher 2002.
Copyright (C) Simo Sorce i...@samba.org 2009.
+ Copyright (C) Simo Sorce 2002
+ Copyright (C) Eric Lorimer 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -23,6 +27,9 @@
#include smbd/smbd.h
#include Python.h
#include libcli/util/pyerrors.h
+#include librpc/rpc/pyrpc_util.h
+#include pytalloc.h
+#include system/filesys.h
extern const struct generic_mapping file_generic_mapping;
@@ -58,7 +65,7 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
ret = SMB_VFS_SYS_ACL_SET_FILE( conn, fname, acltype, theacl);
if (ret != 0) {
status = map_nt_error_from_unix_common(ret);
- DEBUG(0,(get_nt_acl_no_snum: fset_nt_acl returned zero.\n));
+ DEBUG(0,(set_nt_acl_no_snum: fset_nt_acl returned zero.\n));
}
conn_free(conn);
@@ -66,6 +73,83 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
return status;
}
+static NTSTATUS set_nt_acl_no_snum(const char *fname,
+ uint32 security_info_sent, const struct
security_descriptor *sd)
+{
+ TALLOC_CTX *frame = talloc_stackframe();
+ connection_struct *conn;
+ NTSTATUS status = NT_STATUS_OK;
+ files_struct *fsp;
+ struct smb_filename *smb_fname = NULL;
+ int flags;
+
+ conn = talloc_zero(frame, connection_struct);
+ if (conn == NULL
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8dde55c build: fix typo
from 1e5098d s3-pysmbd: Add hook for get_nt_acl()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8dde55c7fb55f3a03c222609d7340db8056c3365
Author: Andrew Bartlett abart...@samba.org
Date: Fri Aug 3 10:00:56 2012 +1000
build: fix typo
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Fri Aug 3 03:56:38 CEST 2012 on sn-devel-104
---
Summary of changes:
dynconfig/wscript |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/dynconfig/wscript b/dynconfig/wscript
index 2a60a2a..44e8f19 100755
--- a/dynconfig/wscript
+++ b/dynconfig/wscript
@@ -269,7 +269,7 @@ def set_options(opt):
fhs_help = Use FHS-compliant paths (default no)\n
fhs_help += You should consider using this together with:\n
-fhs_help += --prefix=/usr --sysconfdir=/etc --locatestatedir=/var
+fhs_help += --prefix=/usr --sysconfdir=/etc --localstatedir=/var
opt_group.add_option('--enable-fhs', help=fhs_help,
action=store_true, dest='ENABLE_FHS', default=False)
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag samba-4.0.0beta5 created
The annotated tag, samba-4.0.0beta5 has been created at e20618e6ff98277475ad914d96f163885c09bfc4 (tag) tagging 50d6483ab8acd9a2af7558b6831c170a5bce3721 (commit) replaces samba-4.0.0beta4 tagged by Andrew Bartlett on Wed Aug 1 19:40:41 2012 +1000 - Log - samba4: tag release samba-4.0.0beta5 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUAUBj5mWjGT3QfUnJfAQLQzQ/8DIJtrxfcIISnoc8iTyYtVbtUHUJUPR0n a8tjSn575Ea654CjAKPxM6eUOMDSCe1q0dBq7O/yrlKeTp5C5hujs9kIw/LA/1tg SMezdHQNCBeZJVb/WGdLFq722X20JMQoOL4iMVZrhgtf/1j3upqECL4jXCvTXgjZ SJB9FL/emA59MzSZmFXCNdCPfPKNnKMQfw6dm7j375H3lL3HwxkbK6HejEYI6FhN wv32fjB/V6ycSLMAlF8BzPx8sIBIKe3DKaPacGQ8VR6oZJud0zux1JUnIXS3nELi sdcWhGr+ES9dxxsgt52jvRbb67QB1EXrhUVuG+lTL147b+DXurZqr0CCS3/gsD6H AFzKPkoESaJA54ClZedtTAKtBr03b3ltI9yokrJqv2VAOwneSKdc/c0Yh6BL081e MQV0kj7oEc6GXgAFiNvVLAceNVu387Vx9jTx+5C06H2IhCvi1an0yCl/qzLYVKsJ rGGd/01NPcNKh8kPiDcCPaCDmCqw2iQ+JGM7akHIUFdy/FXXUcCX1NGXV35ofPOf 74f0xCxjZHWzvISkpaDBrrqXECzH1HIhCLlanXp9u4eAYQwRpfw72GekSCCpfzRV eAdrXVBe5E4F8of9pbUAm05nYFBkMiTWdfzbYUAacQyXjsBUcs69pjg2/lPB8VvT KqjBoYWJuAw= =FmB6 -END PGP SIGNATURE- Alexander Werth (1): s3:Really ignore unknown special ids in NFSv4 ACLs. Andreas Schneider (8): s4-torture: Add DCERPC_SCHANNEL_AES tests. s4-torture: Improve samlogon test. s4-librpc: Add capabilities check for AES encrypted connections. s4-auth: Make sure we use the correct credential state. s3-rpc_client: Add capabilities check for AES encrypted connections. s3-rpc_client: Fix updating netlogon credentials. Enable AES in winbind. s3-winbind: Fix bug #9052 resolving our own Domain Local groups. Andrew Bartlett (92): VERSION: Move on to beta5! s4-dsdb: Ensure we never write read-only objects onto a read-write replica s4-dsdb: Allow dbcheck to correct an incorrect instanceType dsdb: Allocate new OID to allow updates of a read-only replica s4-dbcheck: Check for and correct incorrect instanceType values s4-librpc: Ensure we do not call call the decrpc timeout handler during gensec_update() s4-lib/tls: Try socket_send() multiple times to send partial packets s4-torture: Also print GID values in whoami test s4-torture: Allow unix.whoami to test against a member server s4-torture: Move check of map-to-guest above SID list check Revert s3:auth make sure the primary group sid is usable selftest: Run unix.whomai against the machine acccount as well auth/credentials: Remove extra newline s3-rpc_server: Remove make_server_info_info3() call from make_server_pipes_struct() s3-auth Use correct RID for domain guests primary group lib/param: bring lp_time_server() into common lib/param: Add my copyright s4-param: Remove unused idmap trusted only s3-param: Make lp_name_resolve_order() return a list lib/param: bring lp_smb_ports() into common by making it a list everywhere s3-param: Remove special case for lp_ctdbd_socket(), set CTDB_PATH as default build: Add -Werror=address to the developer build param: Make the 'unicode' parameter common param: Make internal handler for 'server role' common s3-param: Merge a number of s4 parameters from lib/param to make this table common s3-param: fix indent on cups encrypt s3-param: Merge parameter varaibles with lib/param lib/param: Remove ntptr providor and hard-code in s4 spoolss server lib/param: Remove 'case insensitive filesystem' lib/param: Rename param_enums.c to param_table.c lib/param: Move all enum declarations to lib/param lib/param: Make lp_usershare_max_shares() a common parameter lib/param: Merge handling of security/domain master/domain logons/server role lib/param: Add handler overrides lib/param: Re-arrange TLS parameters into their own section lib/param: Rearrange AD DC options to make a merge with the source3 table easier lib/param: Merge DNS parameters with source3 param lib/param: Merge Winbind parameters from source3 into lib/param lib/param: Merge VFS and MSDFS parameters from source3 into lib/param waf: Update to newer upstream snapshot. lib/param: Merge Miscellaneous Options section from source3/param lib/param: Merge EventLog Options section from source3/param lib/param: Merge Ldap Options section from source3/param lib/param: Merge Locking Options section from source3/param lib/param: Merge WINS Options section from source3/param lib/param: Merge Browse Options section from source3/param lib/param: Merge Logon Options section from source3/param lib/param: Merge Domain Options section from source3/param lib/param: Merge Filename Handling section from source3/param s3-build: Make recursive waf build a developer
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 23df816 VERSION: Move on to beta6!
via 50d6483 VERSION: Mark as the beta5 release
via fb24f47 WHATSNEW: prepare for 4.0 beta5
via 3178741 s4-repl: Add tests for add replication conflicts and use of
LostAndFound
via 6d1b8ff s4-dsdb: Replace any existing lastKnownParent attribute
during delete
via fcb54ca s4-dsdb: Improve tracing in repl_meta_data
via bc5be09 s4-dsdb: Handle rename conflicts in both directions
via 8208d7b lib/ldb: Ensure rename target does not exist before
deleting old record
via 221cd52 s4-dsdb: Request extended DN and show deleted when
searching for a possible parent
from eaa381a s3: Fix Coverity ID 710791 Resource leak
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 23df816328bf10f06a7c7a018c7a1e896c62f3bf
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 31 12:25:56 2012 +1000
VERSION: Move on to beta6!
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Tue Jul 31 16:09:23 CEST 2012 on sn-devel-104
commit 50d6483ab8acd9a2af7558b6831c170a5bce3721
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 31 12:25:16 2012 +1000
VERSION: Mark as the beta5 release
commit fb24f471be6af42a5a1f49c58d4d3e52e25f10b6
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 31 12:24:49 2012 +1000
WHATSNEW: prepare for 4.0 beta5
commit 31787417ca9d01965a9f5221ff6adc48a4b1a15f
Author: Andrew Bartlett abart...@samba.org
Date: Mon Jul 30 16:00:58 2012 +1000
s4-repl: Add tests for add replication conflicts and use of LostAndFound
LostAndFound is used when we find children of a deleted object that are not
themselves deleted.
Andrew Bartlett
commit 6d1b8ff8a7b803601f8142396e659d0f1dbef331
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 31 10:47:57 2012 +1000
s4-dsdb: Replace any existing lastKnownParent attribute during delete
This allows a lastKnownParent from LostAndFound to be replaced.
Andrew Bartlett
commit fcb54ca25f0a28940d239c457ef1a295d6e5e325
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 31 10:18:43 2012 +1000
s4-dsdb: Improve tracing in repl_meta_data
When we call ldb_module_done() rather than just calling the callback, we
make log entries
that are critical in debugging.
Andrew Bartlett
commit bc5be09bae77c5e34380a2204be2f489f45ed85b
Author: Andrew Bartlett abart...@samba.org
Date: Mon Jul 30 12:11:35 2012 +1000
s4-dsdb: Handle rename conflicts in both directions
Previously we would only consider renaming the local object, now we can
cope with
renaming the remote object as well.
This should avoid most of the cases where Samba AD replication can just
stop.
Andrew Bartlett
commit 8208d7b2c207c39c3d45f96f85728c233dce126d
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 31 10:17:20 2012 +1000
lib/ldb: Ensure rename target does not exist before deleting old record
This is all in a transaction, but when we are handling rename errors in the
repl_meta_data
module, we key off the error, and do not close the transaction. We found
that the
old record was gone and so could not try renaming it again to a conflict DN.
Andrew Bartlett
commit 221cd524e31fce5efa2de179074cfe97bf2c909c
Author: Andrew Bartlett abart...@samba.org
Date: Tue Jul 31 17:10:42 2012 +1000
s4-dsdb: Request extended DN and show deleted when searching for a possible
parent
This fixes up the lastKnownParent attribute on lostAndFound objects to have
a GUID
(found by dbcheck).
Andrew Bartlett
---
Summary of changes:
VERSION|2 +-
WHATSNEW.txt | 54 ++--
lib/ldb/ABI/{ldb-1.1.6.sigs = ldb-1.1.9.sigs} |0
...pyldb-util-1.1.2.sigs = pyldb-util-1.1.9.sigs} |0
lib/ldb/ldb_tdb/ldb_tdb.c | 42 +++-
lib/ldb/wscript|2 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c| 159 +++
source4/torture/drs/python/drs_base.py |8 +
source4/torture/drs/python/replica_sync.py | 301
9 files changed, 481 insertions(+), 87 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.6.sigs = ldb-1.1.9.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.2.sigs = pyldb-util-1.1.9.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index a9c261b..1012cd9 100644
--- a/VERSION
+++ b/VERSION
@@ -67,7 +67,7 @@ SAMBA_VERSION_ALPHA_RELEASE=
# e.g. SAMBA_VERSION_BETA_RELEASE=1#
# - 4.0.0beta1
