Samba-2.2.8pre2 compiler warnings
Hello I just compiled Samba-2.2.8pre2 on 4 different systems: 1) Solaris 7 + cc: WorkShop Compilers 5.0 98/12/15 C 5.0 2) Solaris 9 + cc: WorkShop Compilers 5.0 98/12/15 C 5.0 3) Solaris 9 + cc: Forte Developer 7 C 5.4 2002/03/09 4) IRIX 6.5 + MIPSpro Compilers: Version 7.30 It compiled OK on all systems. I only ran it on 2) since the other systems are 'production' systems. It seems to run OK. There were a number of compiler warnings though. Two of the warnings looks like they could be serious: CLITAR == client/clitar.c, line 688: warning: argument #4 is incompatible with prototype: prototype: pointer to uint : include/proto.h, line 303 argument : pointer to ullong A 64 bit integer being used where a 32 bit integer is expected? smbtar make not work on bigendian machines? smbtar may not work for files over 2GB on little endian machines? IRIX TDBUTIL cc-1164 cc: WARNING File = tdb/tdbutil.c, Line = 46 Argument of type SIG_ATOMIC_T * is incompatible with parameter of type sig_atomic_t *. tdb_set_lock_alarm(gotalarm); A fuller list of warnings is: On 1) I got the following rpc_parse/parse_spoolss.c, line 1209: warning: assignment type mismatch: pointer to uchar = pointer to char rpc_parse/parse_spoolss.c, line : warning: assignment type mismatch: pointer to uchar = pointer to char passdb/secrets.c, line 291: warning: argument #2 is incompatible with prototype: prototype: pointer to char : include/proto.h, line 5018 argument : pointer to const char lib/util.c, line 62: warning: initializer does not fit or is out of range: -1 tdb/tdbutil.c, line 46: warning: argument #1 is incompatible with prototype: prototype: pointer to int : include/../tdb/tdb.h, line 130 argument : pointer to volatile int smbd/quotas.c, line 404: warning: argument #2 is incompatible with prototype: prototype: pointer to int : /usr/include/rpc/xdr.h, line 340 argument : pointer to uint smbd/quotas.c, line 408: warning: argument #2 is incompatible with prototype: prototype: pointer to int : /usr/include/rpc/xdr.h, line 340 argument : pointer to uint smbd/quotas.c, line 412: warning: argument #2 is incompatible with prototype: prototype: pointer to int : /usr/include/rpc/xdr.h, line 340 argument : pointer to uint client/clitar.c, line 688: warning: argument #4 is incompatible with prototype: prototype: pointer to uint : include/proto.h, line 303 argument : pointer to ullong Compiling tdb/tdbutil.c with -KPIC tdb/tdbutil.c, line 46: warning: argument #1 is incompatible with prototype: prototype: pointer to int : include/../tdb/tdb.h, line 130 argument : pointer to volatile int Compiling nsswitch/winbind_nss.c with -KPIC nsswitch/winbind_nss.c, line 600: warning: argument #2 is incompatible with prototype: prototype: pointer to int : nsswitch/winbind_nss.c, line 529 argument : pointer to uint (plus about 20 similar messages in nsswitch/winbind_nss.c). On 2) I get the same warnings as 1). On 3) I get the same as 1) and 2) with the following additions/changes: Compiling passdb/pass_check.c passdb/pass_check.c, line 669: warning: implicit function declaration: crypt Compiling client/clitar.c client/clitar.c, line 688: warning: argument #4 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 303 argument : pointer to unsigned long long Compiling smbwrapper/smbw.c with -KPIC smbwrapper/smbw.c, line 1413: warning: implicit function declaration: _fork Compiling smbwrapper/smbw_dir.c with -KPIC smbwrapper/smbw_dir.c, line 570: warning: implicit function declaration: _getcwd Compiling smbwrapper/wrapped.c with -KPIC smbwrapper/wrapped.c, line 39: warning: implicit function declaration: smbw_path smbwrapper/wrapped.c, line 40: warning: implicit function declaration: smbw_open (plus lots of similar messages). On 4) I there are lots of warnings but these are the most interesting ones: Compiling smbd/password.c cc-1164 cc: WARNING File = smbd/password.c, Line = 664 Argument of type const char * is incompatible with parameter of type char \ * . setnetgrent(group); ^ Compiling smbd/reply.c cc-1552 cc: WARNING File = smbd/reply.c, Line = 2575 The variable data is set but never used. char *data; ^ cc-1552 cc: WARNING File = rpc_server/srv_spoolss_nt.c, Line = 335 The variable i is set but never used. int i; Compiling rpc_parse/parse_spoolss.c cc-1515 cc: WARNING File = rpc_parse/parse_spoolss.c, Line = 1209 A value of type char * cannot be assigned to an entity of type unsigned char *. r_u-data = prs_alloc_mem(ps, r_u-size); ^ cc-1515 cc: WARNING File = rpc_parse/parse_spoolss.c, Line = A value of type char * cannot be assigned to an
Re: client: browse doesn't work with only win98 in workgroup
[EMAIL PROTECTED] writes: Christopher R. Hertel [EMAIL PROTECTED] writes: I am interested in looking into this, but I won't have time until the weekend. ... In the mean time, I have modified smbw_dir.c to include a new function smbw_browse_workgroup_alternate() with the following patch. The code is basically stolen from nmblookup.c. More testing (and the Duh! factor upon reviewing the code) reveals that the code I added does not find all hosts in a workgroup; it finds some of the hosts. Actually, it finds _one_ host each time it's run, not necessarily the same host each time. I'll have to work on this some more if the cli_session_request() method can't be made to work properly with win98 and win95 machines as master browsers. Derrell
Re: client: browse doesn't work with only win98 in workgroup
[EMAIL PROTECTED] wrote: [EMAIL PROTECTED] writes: Christopher R. Hertel [EMAIL PROTECTED] writes: I am interested in looking into this, but I won't have time until the weekend. ... In the mean time, I have modified smbw_dir.c to include a new function smbw_browse_workgroup_alternate() with the following patch. The code is basically stolen from nmblookup.c. More testing (and the Duh! factor upon reviewing the code) reveals that the code I added does not find all hosts in a workgroup; it finds some of the hosts. Actually, it finds _one_ host each time it's run, not necessarily the same host each time. I'll have to work on this some more if the cli_session_request() method can't be made to work properly with win98 and win95 machines as master browsers. Derrell, Can you give me a better idea of what you are trying to do? Above, you say you are trying to find all hosts that are members of a given workgroup. The question is: why? What is it that you are actually trying to accomplish? Keep in mind that there is a *very* big difference between the set of hosts that are members of a workgroup and the set of servers offering services within that workgroup. Two distinct systems are used to gather those two lists. Chris -)- -- Samba Team -- http://www.samba.org/ -)- Christopher R. Hertel jCIFS Team -- http://jcifs.samba.org/ -)- ubiqx development, uninq. ubiqx Team -- http://www.ubiqx.org/ -)- [EMAIL PROTECTED] OnLineBook -- http://ubiqx.org/cifs/-)- [EMAIL PROTECTED]
Re: client: browse doesn't work with only win98 in workgroup
Christopher R. Hertel [EMAIL PROTECTED] writes: Derrell, Can you give me a better idea of what you are trying to do? Above, you say you are trying to find all hosts that are members of a given workgroup. The question is: why? What is it that you are actually trying to accomplish? I'm working on providing a tree-style view of the network in a fashion similar to what Windows Explorer does. The top level of an SMB/CIFS network is something like Microsoft Windows Network. The next level down is the list of workgroups/domains within the network; then the hosts within each workgroup; then the shares within each share, etc. I don't know what version of Windows will be the master browser, and I don't want to force it by using Samba as the master browser. Therefore I have to be able to enumerate the hosts within a workgroup regardless of what versions of Windows happen to be on the network. Keep in mind that there is a *very* big difference between the set of hosts that are members of a workgroup and the set of servers offering services within that workgroup. Two distinct systems are used to gather those two lists. The latter works fine. If I already know the host name, I can see the shares on that host. The problem is enumerating the hosts within a workgroup. In the case of smbwrapper and smbsh, one is supposed to be able to do: ls /smb to see the list of workgroups/domains, and ls /smb/WORKGROUP to see the list of hosts within the workgroup WORKGROUP, and ls /smb/WORKGROUP/HOST to see a list of shares on the computer called HOST. All of these work with the method implemented in smbwrapper, except for enumerating the list of hosts within a workgroup where the master browser for the workgroup is a Windows 98 or Windows 95 machine. If there is a Windows 2000 server acting as the master browser for the workgroup, then obtaining the list of hosts within the workgroup works fine. However, the cli_session_request() call fails (gets a result of 0x83 from the peer) when the master browser is a win98 machine, so the list of hosts within the workgroup is therefore unavailable. Does this help clarify the problem? If not, please query me again and I'll try to explain differently. Thanks for your help! Derrell
auto-detecting krb versions for build
As some of you may have noticed, the UL builds on the farm don't work. The culprit is the pre- 0.5 heimdal that is installed, as it doesn't have AP_OPTS_USE_SUBKEY, which is needed to do password changes. Unless someone knows how to accomplish password changes to a win KDC without it, we need to be able to detect the package and release of kerberos installed. Heimdal before 0.5 doesn't have it. I'm not sure how far you have to go back in MIT to not find it. krb5-config takes a --version option and prints something like: heimdal 0.4d $Id: krb5-config.in,v 1.8 2001/01/29 06:56:51 assar Exp $ or in the case of MIT: Kerberos 5 release 0.0.0 Yes, 0.0.0, but I'm using a dev version. In any case, I'd like to take that output, and if it has heimdal, make a decision based on the number...since I'm not a wiz (more like a whiz) at these sorts of string cutting/comparing in shells...anyone want to tell me how to do it? Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA [EMAIL PROTECTED] [EMAIL PROTECTED] Phone: (207) 885-5565 IBM tie-line: 776-9984
Windows client disconnect identification
Hi, The scenario I am testing is this: - Open an MS word file from windows client A - Disconnect the network cable from that windows client (emulate client failure) - Try to open the file from windows client B - file is locked. - Wait a few minutes (see below - the exact time is the issue here) - Try to open the file from windows client B - file is opened RW. I am wondering what sets the time that it will take for samba to find out that the first client is gone. At first, I tried to use the deadtime variable - but it is only valid when there are no open files (by the way, why?). Then I tried to set various timeouts in the TCP socket definition (socket options, various sysctl values), nothing worked. The lock release time is incosistent, and goes between 10 to over 20 minutes. I am wondering how can I shorten this timeout.. Here a transcript from the log, this time shows a 23 minutes timeout: [2003/02/28 18:22:42, 0] locking/posix.c:posix_fcntl_lock(662) on 32 bit NFS mounted file systems. [2003/02/28 18:46:05, 0] lib/util_sock.c:read_socket_data(431) read_socket_data: recv failure for 4. Error = No route to host Pay attention that the error came from read() and not from select(). How can read timeout be controlled? Why does receive_message_or_smb() calls receive_smb() without any timeout? I am using samba-3.0-alpha20 on a Linux 2.4.18 machine, and windows 2k clients. Thanks, --yuval
Re: auto-detecting krb versions for build
Jim McDonough [EMAIL PROTECTED] writes: As some of you may have noticed, the UL builds on the farm don't work. The culprit is the pre- 0.5 heimdal that is installed, as it doesn't have AP_OPTS_USE_SUBKEY, which is needed to do password changes. Unless someone knows how to accomplish password changes to a win KDC without it, we need to be able to detect the package and release of kerberos installed. Heimdal before 0.5 doesn't have it. I'm not sure how far you have to go back in MIT to not find it. Heimdal before 0.5 didn't have AP_OPTS_USE_SUBKEY, however I think it allways generated and used a subkey anyway, so defining it to 0 should make it work. krb5-config takes a --version option and prints something like: heimdal 0.4d $Id: krb5-config.in,v 1.8 2001/01/29 06:56:51 assar Exp $ or in the case of MIT: Kerberos 5 release 0.0.0 Yes, 0.0.0, but I'm using a dev version. In any case, I'd like to take that output, and if it has heimdal, make a decision based on the number...since I'm not a wiz (more like a whiz) at these sorts of string cutting/comparing in shells...anyone want to tell me how to do it? `expr expr1 : expr2` or case statement is usully what I use. Love
Re: client: browse doesn't work with only win98 in workgroup
On Sat, 1 Mar 2003 [EMAIL PROTECTED] wrote: Christopher R. Hertel [EMAIL PROTECTED] writes: I'm working on providing a tree-style view of the network in a fashion similar to what Windows Explorer does. The top level of an SMB/CIFS network is something like Microsoft Windows Network. The next level down is the list of workgroups/domains within the network; then the hosts within each workgroup; then the shares within each share, etc. I don't know what version of Windows will be the master browser, and I don't want to force it by using Samba as the master browser. Therefore I have to be able to enumerate the hosts within a workgroup regardless of what versions of Windows happen to be on the network. Hmmm, are you using libsmbclient? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: client: browse doesn't work with only win98 in workgroup
Okay, I understand the problem now. The problem is that W/9x boxes do not recognize the generic *SMBSERVER name in the NBT Session Setup Request. Also, W/9x boxes will send back an error if the called name is not correct in the NBT Session Setup Request. You should get a NEGATIVE SESSION RESPONSE (0x83) message with an error code of: 0x82: Called Name Not Present Since W/9x systems do not support the generic *SMBSERVER name, this error message is correct. Basically, it's the NBT equivalent of That port isn't listening for a connection. The solution is to find the Server Service name on the remote machine. This is typically done by sending a Node Status query and looking for a name with a suffix byte value of 0x20. More inline below... [EMAIL PROTECTED] wrote: Christopher R. Hertel [EMAIL PROTECTED] writes: Derrell, Can you give me a better idea of what you are trying to do? Above, you say you are trying to find all hosts that are members of a given workgroup. The question is: why? What is it that you are actually trying to accomplish? I'm working on providing a tree-style view of the network in a fashion similar to what Windows Explorer does. The top level of an SMB/CIFS network is something like Microsoft Windows Network. The next level down is the list of workgroups/domains within the network; Okay. At this level what you need to do is talk to *a\ny* Local Master Browser on the local LAN. If you know a specific workgroup name you can use that, otherwise you can find a list of workgroups by querying for the \x01\x02__MSBROWSE__\x0201 name. (That last 01 is the suffix byte, value 0x01). If the network is relatively stable, the LMBs will have exchanged data with one another, and any LMB will have the list of all other workgroups that are known. Anyway, once you have one (or more) LMB IP addresses, you can try to query for the Browse List. In this case, you want only the workgroup/domain entries, so what you should see on the wire is a NetServerEnum2 Domain Enum request. then the hosts within each workgroup; Nope. You can only get the list of servers in the workgroup that are advertising services. The list of all hosts which are workgroup members is not kept by the browse service. ...but that's not what you really want, anyway. What you really want is the list of known servers. That's a NetServerEnum2 with all the server type bits turned on. The LMB (or any available backup browser) should have this list. then the shares within each share, etc. Shares offered by the server. Okay. Note that some servers require authentication before they allow enumeration of shares. I don't know what version of Windows will be the master browser, and I don't want to force it by using Samba as the master browser. Right. Therefore I have to be able to enumerate the hosts within a workgroup regardless of what versions of Windows happen to be on the network. That's not a problem, as long as you have a valid CALLED name in the NBT Session Request. Samba ignores the CALLED name, W/NT and W2K accept the generic *SMBSERVER name (so Samba can 'guess'), and I don't know about W/XP. W/9x, as you've seen, requires the correct name in this field. Keep in mind that there is a *very* big difference between the set of hosts that are members of a workgroup and the set of servers offering services within that workgroup. Two distinct systems are used to gather those two lists. The latter works fine. If I already know the host name, I can see the shares on that host. No. That's not what I said. The latter in my note above is the set of servers offering services within a workgroup which is exactly what you're having trouble finding. The problem is enumerating the hosts within a workgroup. I know that this is pedantic, but it's important to understand that there is a difference between the set of hosts in a workgroup and the servers offering SMB services in the workgroup. A host may be a client and it may not be offering SMB services, in which case it will not show up when you try listing the servers in the workgroup. In the case of smbwrapper and smbsh, one is supposed to be able to do: ls /smb to see the list of workgroups/domains, and ls /smb/WORKGROUP to see the list of hosts within the workgroup WORKGROUP, and ...all of the servers in the workgroup... ls /smb/WORKGROUP/HOST to see a list of shares on the computer called HOST. Right. We leverage that hierarchy with the SMB URL. See: http://www.ietf.org/internet-drafts/draft-crhertel-smb-url-04.txt All of these work with the method implemented in smbwrapper, except for enumerating the list of hosts within a workgroup where the master browser for the workgroup is a Windows 98 or Windows 95 machine. Ah! Okay. As Richard asked... What tool are you using (libsmbclient?) to do this? It may be that you need to do the extra reverse-resolution step yourself. If there is a
Re: client: browse doesn't work with only win98 in workgroup
On Sat, 1 Mar 2003, Christopher R. Hertel wrote: Okay, I understand the problem now. The problem is that W/9x boxes do not recognize the generic *SMBSERVER name in the NBT Session Setup Request. Also, W/9x boxes will send back an error if the called name is not correct in the NBT Session Setup Request. You should get a NEGATIVE SESSION RESPONSE (0x83) message with an error code of: 0x82: Called Name Not Present Since W/9x systems do not support the generic *SMBSERVER name, this error message is correct. Basically, it's the NBT equivalent of That port isn't listening for a connection. The solution is to find the Server Service name on the remote machine. This is typically done by sending a Node Status query and looking for a name with a suffix byte value of 0x20. There is code in libsmbclient to deal with this problem ... Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: samba + w2k + kerberos + trusted realm
On Sun, Mar 02, 2003 at 01:44:22AM +0100, Love wrote: - Using a keytab file would solve the problem below. Using /etc/krb5.keytab is bad idea, how about a own keytab for samba ? Doing hoops of strace stuff seems, well, strange. Why is using /etc/krb5.keytab a bad idea? The only reason I've ever seen for using separate keytabs is if you want different services to run in separate security contexts. Samba has to run as root, so /etc/krb5.keytab seems appropriate to me (as much as any keytab is appropriate -- there seem to still be some issues with using the keytab at all). What is it that limit samba to root ? When I use samba with afs beeing root will certenly not help samba access files, what else do samba need. While you wouldn't need to be root to gain access to a user's AFS-based files, uid-based access control is at the core of Samba's current implementation. Using an alternative keytab is only a benefit if this changes. This is not what I free is the important part of my mail. And the only reason why I did the comment was that the comment in the samba code that did hoops to store the key in the auth context instead of just using a keytab. Well, it's the part I felt I could comment on, since I don't know the Samba Kerberos code all that well. :) It is my understanding that the key is being stored in the secrets file instead of in a keytab because Samba also needs to have the plaintext password for salting, so until this is addressed, storing the keys in a keytab would only serve to confuse admins familiar with traditional Unix keytab handling. Or has this been addressed when I wasn't looking? -- Steve Langasek postmodern programmer pgp0.pgp Description: PGP signature
Re: samba + w2k + kerberos + trusted realm
What is it that limit samba to root ? When I use samba with afs beeing root will certenly not help samba access files, what else do samba need. SAMBA does need to bind to privileged ports. -- Luke -- Luke Howard | PADL Software Pty Ltd | www.padl.com
Re: samba + w2k + kerberos + trusted realm
Luke Howard [EMAIL PROTECTED] writes: What is it that limit samba to root ? When I use samba with afs beeing root will certenly not help samba access files, what else do samba need. SAMBA does need to bind to privileged ports. Ok, sure. Now concentrate on the other issues :) Its not that simple as my patch it since samba breaks itself after a couple of hours and the key seem to change. Dunno what key, if its the in memory key or the key in the (ad/kdc) database. Love
Re: Samba doesn't free network resource with XP clients
Charles Bueche wrote: Hi, OK, I understand why this fix wasn't implemented as such, but still, my problem remain. Here is a copy of my post to [EMAIL PROTECTED] Subject is Samba doesn't free network resource with XP clients, and the previous post, on 21.2.03, title 2.2.7a breaks on ATM stack on AIX 4.3. I would appreciate having your opinion on the best way to solve this problem. My opinion is that the best way to slove this problem is to figure out what is causing it and then fix whatever is broken. One random thought is to look at the socket options parameter in smb.conf and enable SO_KEEPALIVE ...or perhaps use the keepalive parameter. I don't know if these will fix anything because I can't tell from where I sit what the problem really is. I can't offer you any solutions if I don't know what is actually wrong. I can only offer guesses. Good luck. Chris -)- -- Samba Team -- http://www.samba.org/ -)- Christopher R. Hertel jCIFS Team -- http://jcifs.samba.org/ -)- ubiqx development, uninq. ubiqx Team -- http://www.ubiqx.org/ -)- [EMAIL PROTECTED] OnLineBook -- http://ubiqx.org/cifs/-)- [EMAIL PROTECTED]
Re: [Samba] [Fwd: samba 30alpha21 + NT4/2K WS-s]
On Fri, 2003-02-28 at 13:09, [EMAIL PROTECTED] wrote: [netlogon] share is like that: [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = no writable = no browseable = yes public = yes this is what i'm using ... [netlogon] path = /etc/samba/netlogon write list = root guest ok = Yes nt acl support = No do you have scriptPath set in ldap? i don't use logon scripts so i'm not sure you need it - just an idea. yes, when I put scriptPath: START.BAT in ldap then it works and START.BAT gets executed. but why it doesnt find it when in smb.conf logon script = START.BAT ? get_domain_user_groups: primary gid of user [john] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that i get that sometimes - i just ignore it... btw it still comlpains same thing although I added users primary group to Domain Users and Users group? whats the catch?