aking sssd-
> ad-common.
We can't put a version number in samba-libs as there are multiple
public libraries in there.
(Upstream) Samba doesn't promise not to keep doing this - the
underlying change has happened before, but this time we were honest and
bumped the .so - so sssd may need to have a depende
a python bug, it should not be setting HAVE_STROPTS_H.
See bug 954582
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
Python.
The correct fix is for Python not to leak these defines.
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
bols doesn't match
> completely debian/python3-talloc.symbols
See also https://github.com/samba-team/samba/pull/110 for BaT trying to
fix this kind of thing on FreeBSD.
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.o
On Thu, 2017-07-13 at 18:05 +1200, Andrew Bartlett wrote:
> On Thu, 2017-07-13 at 07:14 +0200, Raphael Hertzog wrote:
> > Source: samba
> > Severity: grave
> > Tags: security patch
> > Version: 2:4.1.11+dfsg-1
> >
> > Hi,
> >
> > the followin
.
Proposed updates are in jessie and stretch branches at:
git://git.samba.org/abartlet/samba-debian.git
I've only built them, not tested them. Then again, the upstream
patches were not manually tested either (we relied on autobuild), such
was the rush...
I can upload the buil
On Thu, 2016-05-26 at 11:40 +0200, Santiago Ruano Rincón wrote:
> El 23/05/16 a las 22:28, Andrew Bartlett escribió:
> >
> > On Wed, 2016-05-18 at 15:47 -0400, Antoine Beaupré wrote:
> > >
> > > On 2016-04-29 08:55:43, Santiago Ruano Rincón wrote:
> &
is point.
I'm happy to review things, just not had the time to switch back on to
debian matters.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
e. 'net cache flush' or similar may have helped.
That is, I think wbcListUsers() returned 0 entries, which causes other
code to think a realloc of length 0 'failed'.
wbinfo -u would probably have failed in a similar way, but with a more
useful error message.
Andrew Bartlett
--
Andrew Bartlett
php?pkg=ldb=2%3A1.1.24-1
> https://buildd.debian.org/status/fetch.php?pkg=ldb=ppc64=2%3
> A1.1.24-1=1450397581
> https://buildd.debian.org/status/fetch.php?pkg=ldb=ppc64=2%3
> A1.1.24-1=1450616129
>
> Regards
>
> Mathieu Parent
>
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
On Sat, 2016-01-02 at 21:51 +, Jelmer Vernooij wrote:
> On Sun, Jan 03, 2016 at 10:38:12AM +1300, Andrew Bartlett wrote:
> > On Thu, 2015-12-31 at 18:53 +1300, Andrew Bartlett wrote:
> > > Just a quick note to say that the LDB build failure isn't a
> > > regression
On Thu, 2015-12-31 at 18:53 +1300, Andrew Bartlett wrote:
> Just a quick note to say that the LDB build failure isn't a
> regression
> - whatever is going on here has always been going on, it just wasn't
> tested before ldb 1.1.23.
> That said, fixing this is going to requir
On Sat, 2016-01-02 at 22:22 +, Jelmer Vernooij wrote:
> On Sun, Jan 03, 2016 at 11:00:44AM +1300, Andrew Bartlett wrote:
> > On Sat, 2016-01-02 at 21:51 +, Jelmer Vernooij wrote:
> > > On Sun, Jan 03, 2016 at 10:38:12AM +1300, Andrew Bartlett wrote:
> > > > On
gative test for Dn.__contains__
Add a helper function to register a dummy DN extension for testing.
Signed-off-by: Petr Viktorin <pvikt...@redhat.com>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
That sa
le for
> all users?
We can reproduce this at will on i686 Ubuntu images on the Catalyst
cloud.
Douglas chased it as far as the kernel page layout! It seems to come
down to differences in opinion on how deep a nested stack should be
able to go.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
also need a fix).
This is my first fix for squeeze-lts, so I'm using this lower-impact
issue to learn the ropes, so feedback most welcome. I'm also not yet a
Debian Maintainer, but will apply for that soon so I can also do the
announcement next time.
Thanks!
Andrew Bartlett
--
Andrew Bartlett
On Thu, 2014-10-16 at 01:36 +0200, Marco d'Itri wrote:
On Oct 16, Andrew Bartlett abartlet+deb...@catalyst.net.nz wrote:
I've prepared a a fix for CVE-2014-3158, an integer overflow potentially
permitting a user in the dip group to abuse the privileges of the setuid
root pppd binary
On Thu, 2014-10-16 at 02:30 +0200, Marco d'Itri wrote:
On Oct 16, Andrew Bartlett abartlet+deb...@catalyst.net.nz wrote:
Thanks. How do you wish to proceed?
I suggest that you just upload the package.
Just to be clear, I'm not (yet) a Debian Maintainer, so I don't have
upload rights
On Sun, 2014-01-19 at 11:30 +1100, Brian May wrote:
On 16 January 2014 14:03, Andrew Bartlett abart...@samba.org wrote:
Can we get this patch into the Heimdal package, so we can fix
that side
of bug #732342?
Once I know the version number
On Wed, 2014-01-15 at 02:32 +1300, Andrew Bartlett wrote:
On Thu, 2014-01-09 at 18:04 -0600, Jeff Clark wrote:
No problem. Will send it over in a few hours.
With all the false starts on this, I've sat on the patches until I can
test it with the developer at Catalyst IT who also reproduced
On Tue, 2014-01-07 at 16:58 -0800, Steve Langasek wrote:
On Wed, Jan 08, 2014 at 01:54:32PM +1300, Andrew Bartlett wrote:
Reading symbols from /usr/lib/x86_64-linux-gnu/libhdb.so.9...Reading
symbols from
/usr/lib/debug/usr/lib/x86_64-linux-gnu/libhdb.so.9.2.0...done.
done
, and get the
matching Heimdal patch in.
Brian,
This bug needs a patch to Heimdal as well as to Samba. I'll post you
the patch once I've tested it, and then I guess we need to work on a
stricter version dep here to make sure this all keeps in sync.
Andrew Bartlett
--
Andrew Bartlett
if anyone is interested.
Thanks for looking into this. I was coming to exactly the same
conclusion.
For upstream, I'll patch Samba, can you submit the patch to Heimdal
(feel free to CC me)?
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba
On Fri, 2014-01-10 at 12:12 +1300, Andrew Bartlett wrote:
On Thu, 2014-01-09 at 16:04 -0600, Jeff Clark wrote:
Samba needs the hdb plugin updated to support hdb version 8.
Heimdal needs the hdb callback function patched because even when the
plugin is registered properly
corruption errors at runtime /before/ they clobber the
stack.
I strongly suspect in this and in 734355 that Heimdal and Samba have got
out of sync. We use libhdb (and other parts) from Heimdal in a quite
intimate manner.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication
On Tue, 2014-01-07 at 16:58 -0800, Steve Langasek wrote:
On Wed, Jan 08, 2014 at 01:54:32PM +1300, Andrew Bartlett wrote:
Reading symbols from /usr/lib/x86_64-linux-gnu/libhdb.so.9...Reading
symbols from
/usr/lib/debug/usr/lib/x86_64-linux-gnu/libhdb.so.9.2.0...done.
done
On Wed, 2014-01-08 at 14:29 +1300, Andrew Bartlett wrote:
On Tue, 2014-01-07 at 16:58 -0800, Steve Langasek wrote:
On Wed, Jan 08, 2014 at 01:54:32PM +1300, Andrew Bartlett wrote:
Reading symbols from /usr/lib/x86_64-linux-gnu/libhdb.so.9...Reading
symbols from
/usr/lib/debug
should
be fixed by the earlier changes.
Thank you so much for you diligent attention to this difficult problem.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
--
To UNSUBSCRIBE
On Wed, 2013-10-30 at 10:22 +0100, Ivo De Decker wrote:
Hi Andrew,
On Wed, Oct 30, 2013 at 11:34:25AM +1300, Andrew Bartlett wrote:
That'll also cause some confusion though, as those files will be in
sysstatedir on debian but in privatedir on other systems...
I'm not sure
On Tue, 2013-10-29 at 00:35 +0100, Jelmer Vernooij wrote:
On Mon, Oct 28, 2013 at 10:00:12PM +0100, Ivo De Decker wrote:
Hi,
On Mon, Oct 21, 2013 at 10:37:49PM +1300, Andrew Bartlett wrote:
Ok. I think we need to undo this /var/lib/samba/private nonsense. It
is a
pointless
On Mon, 2013-10-28 at 22:00 +0100, Ivo De Decker wrote:
Hi,
On Mon, Oct 21, 2013 at 10:37:49PM +1300, Andrew Bartlett wrote:
Ok. I think we need to undo this /var/lib/samba/private nonsense. It is
a
pointless and imperfect migration (as shown by this bug report), and the
only
not change it again, having
once more Debian packages special and different.
Or in the alternate, propose such changes upstream.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
on a
affected system?
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Mon, 2013-10-21 at 12:20 +0200, Ivo De Decker wrote:
Hi Andrew,
On Mon, Oct 21, 2013 at 10:45:22PM +1300, Andrew Bartlett wrote:
Almost certainly this is due to the output of cups-config. We have had
similar issues before, including a patch posted to the list just last
week.
Can
On Mon, 2013-10-21 at 12:44 +0200, Ivo De Decker wrote:
Andrew,
On Mon, Oct 21, 2013 at 11:32:14PM +1300, Andrew Bartlett wrote:
cups-config --libs:
-lcups -Wl,-z,relro -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lgnutls
-lgcrypt -lz -lpthread -lm -lcrypt -lz
cups-config
that this was the case? Samba should
print it's version in the logs when starting up.
We changed the default passdb backend long before 3.6.
Is there as passdb.tdb anywhere else on your system?
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication
to one using tdbsam by default, but I can't find any
evidence in the packaging source tree for that.
Steve, how was this handled at the time?
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer
: pbuilder: Failed extracting the source
All because we carry a patch to add a source copy of a build system we
don't use and which upstream removes essential files from (so won't work
anyway).
(In versions where we use waf in Debian, the waf code has been included
as source).
Andrew Bartlett
version of Samba including the fix upstream.
That said, I don't propose we do anything other than migrate samba4 in
from experimental to fix this.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http
samba_4.0, so that is where the
effort needs to be made.
Thanks,
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
On Fri, 2013-06-21 at 10:33 +0200, Raphael Hertzog wrote:
On Fri, 21 Jun 2013, Andrew Bartlett wrote:
dbwrap*.so is now in samba-common-bin. The issue is that this almost
certainly depends on the credentials library, so we may need yet another
library package, or to re-consider
documentations.
That is because aside from interesting hacks with Linux clients, the
only Samba Kerberised DC is Samba4.
(and yes, running Heimdal as the KDC and Samba for windows works, but
it isn't a kerberised DC).
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication
syntax changes.
Our list code allows these separators.
If you can point me to some resource that said to use the comma, then I'll
happily implement that check.
I'm pretty sure it has been standard smb.conf syntax for a very long
while.
Andrew Bartlett
--
Andrew Bartlett
.
That said, a system that can't even report that the loopback device
exists is a pretty poor system...
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc
of this.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-0700, Steve Langasek wrote:
On Sat, May 28, 2005 at 05:17:39AM +1000, Andrew Bartlett wrote:
Yeah, on second look I see that it can be done in smbmount, and this
would
be a far more expedient fix.
You mean something like the patch below ?
(Not tested yet, want to be sure
On Sat, 2005-05-28 at 18:39 +0200, Bill Allombert wrote:
On Fri, May 27, 2005 at 12:20:49PM -0700, Steve Langasek wrote:
On Sat, May 28, 2005 at 05:17:39AM +1000, Andrew Bartlett wrote:
Yeah, on second look I see that it can be done in smbmount, and this would
be a far more expedient fix
/gid options have been passed to mount.
This is also a very sensible way to handle it, and is the only 'secure'
way, given that smbmount is unprivileged.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team
the client and server code.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally
will end up in the normal Samba logfiles (we redirect
stderr).
Thanks,
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
trace of the deamon crashing, to find where the double-free is.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
51 matches
Mail list logo
