Re: [Samba] Not able to display domain users using wbinfo
Also, I have entered the following in smb.conf file winbind uid = 1-2 winbind gid = 1-2 winbind use default domain = yes Restarted Samba and i checked wbinfo. wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc233) Can anyone help Avinash On Mon, Aug 17, 2009 at 11:07 AM, Avinash Rao avinash@gmail.com wrote: Hi, I am using Ubuntu 8.04 Server 64-bit Edition and i have installed samba as a PDC. Samba version is 3.0.28a and all the required OS updates are installed. smb.conf [global] workgroup = abc server string = Samba for abc log level = 1 interfaces = eth0 bind interfaces only = True log file = /var/log/samba/log.%m max log size = 1000 domain logons = yes os level = 65 prefered master = yes domain master = yes local master = yes add machine script = /usr/sbin/useradd -s /bin/false -d /home/nobody %u dns proxy =No hosts allow = 127. 10.10.10. wins support = Yes passdb backend = tdbsam encrypt passwords = true ;smb passwd file = /etc/samba/smbpasswd security = user netbios name = human ;username map = /etc/samba/smbusers [homes] comment = Home Dir read only = NO browseable = NO valid users = %S path = %H directory mask = 0700 create mask = 0700 [share] comment = Common Share path = /export create mask = 0765 read only = NO I am not able to list the domain users using wbinfo command. a...@human:~$ wbinfo -u Error looking up domain users a...@human:~$ wbinfo -g Error looking up domain groups a...@human:~$ wbinfo --ping Ping to winbindd succeeded on fd 3 How do i make this work? Winbindd was installed when i installed samba using the apt-get command and its running? Samba is working without any problems, even if i stop winbindd process, samba works. What exactly is the use of winbind and when do we use it? Many Thanks Avinash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Not able to display domain users using wbinfo
Hi guys, Sorry for creating a chain of emails. After reading the man page, i realized that wbinfo -t is to verify On Mon, Aug 17, 2009 at 12:58 PM, Avinash Raoavinash@gmail.com wrote: Also, I have entered the following in smb.conf file winbind uid = 1-2 winbind gid = 1-2 winbind use default domain = yes Restarted Samba and i checked wbinfo. wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc233) Can anyone help Avinash On Mon, Aug 17, 2009 at 11:07 AM, Avinash Rao avinash@gmail.com wrote: Hi, I am using Ubuntu 8.04 Server 64-bit Edition and i have installed samba as a PDC. Samba version is 3.0.28a and all the required OS updates are installed. smb.conf [global] workgroup = abc server string = Samba for abc log level = 1 interfaces = eth0 bind interfaces only = True log file = /var/log/samba/log.%m max log size = 1000 domain logons = yes os level = 65 prefered master = yes domain master = yes local master = yes add machine script = /usr/sbin/useradd -s /bin/false -d /home/nobody %u dns proxy =No hosts allow = 127. 10.10.10. wins support = Yes passdb backend = tdbsam encrypt passwords = true ;smb passwd file = /etc/samba/smbpasswd security = user netbios name = human ;username map = /etc/samba/smbusers [homes] comment = Home Dir read only = NO browseable = NO valid users = %S path = %H directory mask = 0700 create mask = 0700 [share] comment = Common Share path = /export create mask = 0765 read only = NO I am not able to list the domain users using wbinfo command. a...@human:~$ wbinfo -u Error looking up domain users a...@human:~$ wbinfo -g Error looking up domain groups a...@human:~$ wbinfo --ping Ping to winbindd succeeded on fd 3 How do i make this work? Winbindd was installed when i installed samba using the apt-get command and its running? Samba is working without any problems, even if i stop winbindd process, samba works. What exactly is the use of winbind and when do we use it? Many Thanks Avinash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Fwd: Re: Samba PDC + OpenLDAP (Debian Lenny)]
Henrik Dige Semark skrev: Adam Tauno WIlliams skrev: [2009/08/14 18:22:24, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) pdb_get_group_sid: Failed to find Unix account for DomAdmin [2009/08/14 18:22:24, 1] auth/auth_util.c:make_server_info_sam(562) User DomAdmin in passdb, but getpwnam() fails! I don't know why it is looking for a DomAdmin account. Perhaps your directory is not fully initialized? Loaded with the required users, etc... DomAdmin, is a Domain-administrator accaunt I have created instead of admin ore root I have ran smbldap-populate -u 1 -g 1 -a admin -g guest and it populates LDAP with all the default users and groupes windows need to be able to join. -u uidNumber first uidNumber to allocate (default: 1000) -g gidNumber first uidNumber to allocate (default: 1000) -a user administrator login name (default: root) -b user guest login name (default: nobody) Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 1083. [2009/08/14 18:22:48, 0] passdb/pdb_interface.c:pdb_default_create_user(336) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -t 0 -w -i hds$' gave 127 I don't use smblap-tools but this looks like they don't have sufficient config to authenticate to the DSA. Don't know what the problem is with smbldap-useradd, but when I run the command alone it creates a windows machine user: # smbldap-useradd -w -i testcomputer New password : 1234 Retype new password : 1234 *failed to add entry: structural object class modification from 'account' to 'inetOrgPerson' not allowed at /usr/sbin/smbldap-useradd line 311, STDIN line 2. * I have the schemas that provite account and inetOrgPerson # smbldap-useradd -? (c) Jerome Tournier - (jtourn...@gmail.com)- Licensed under the GPL Usage: /usr/sbin/smbldap-useradd [-awmugdsckABCDEFGHMNPST?] username -ais a Windows User (otherwise, Posix stuff only) -bis a AIX User -cgecos -dhome -ggid -iis a trust account (Windows Workstation) -kskeleton dir (with -m) -mcreates home directory and copies /etc/skel -ndo not create a group -oadd the user in the organizational unit (relative to the user suffix. Ex: 'ou=admin,ou=all') -uuid -sshell -ttime. Wait 'time' seconds before exiting (when adding Windows Workstation) -wis a Windows Workstation (otherwise, Posix stuff only) -Acan change password ? 0 if no, 1 if yes -Bmust change password ? 0 if no, 1 if yes -CsambaHomePath (SMB home share, like '\\PDC-SRV\homes') -DsambaHomeDrive (letter associated with home share, like 'H:') -EsambaLogonScript (DOS script to execute on login) -FsambaProfilePath (profile directory, like '\\PDC-SRV\profiles\foo') -Gsupplementary comma-separated groups -HsambaAcctFlags (samba account control bits like '[NDHTUMWSLKI]') -Mlocal mailAddress (comma seperated) -Ngiven name -Pends by invoking smbldap-passwd -Ssurname (Family name) -TmailToAddress (forward address) (comma seperated) -?show this help message Mike Eggleston skrev: I'm not at work and am unable to compare your configuration with my production configuration. I have a similar environment, though, and found for windows boxes I needed to create the account in LDAP first (I use smbldap-adduser ...), then I must also add my samba server as a WINS server to the windows box, then I can join the windows box to my samba pdc domain. Mike I have now tryed to set my server as wins-server - still samme problem More info: There is something I don't understand when I try to join the domain there is no traffic to LDAP at all, but when i do # wbinfo -u guest domadmin # wbinfo -g domain admins domain users domain guests domain computers BUILTIN%users # wbinfo --ping Ping to winbindd succeeded It looks up in LDAP just fine, so the link is apparently working fine -- Med Venlig Hilsen / Best regards Henrik Dige Semark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Renaming a computer on the domain
John Drescher wrote: How come I have to disconnect from the domain, rename the computer, reboot, join the domain and then reboot again. I usually I do all of that minus the first reboot. John I was thinking that I had to reboot after the first step. Thought it gave me an error, but maybe I am wrong. I'll try it and see. Thanks. -- Scott Mayo - System Administrator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Question: Because it reverses the logical flow of conversation. Answer: Why is putting a reply at the top of the message frowned upon? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Renaming a computer on the domain
I was thinking that I had to reboot after the first step. Thought it gave me an error, but maybe I am wrong. I'll try it and see. It does. I just ignore the box. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CTDB+GFS2+CMAN. clean_start=0 or clean_start=1?
I've tried to get OCFS2 1.4.1 with CTDB but no success. Maybe you give me idea what I did wrong. We have 2 nodes. Both nodes are running on Debian/Lenny. I've tried 2.6.26 and backported 2.6.29/2.6.30. The access to OCFS2 partition is by iscsi. The configuration file on both nodes: smb01:~# cat /etc/ocfs2/cluster.conf cluster: node_count = 2 name = smb-cluster node: ip_port= ip_address = 10.0.1.2 number = 1 name = smb01 cluster = smb-cluster node: ip_port= ip_address = 10.0.1.3 number = 2 name = smb02 cluster = smb-cluster All partitions are mounted: /dev/sdb1 on /smb-ocfs2 type ocfs2 (rw,_netdev,heartbeat=local) /dev/sdc1 on /smb-ctdb-ocfs2 type ocfs2 (rw,_netdev,heartbeat=local) CTDB puts locking file on /smb-ctdb-ocfs2/.ctdb_locking. When I starts CTDB on both nodes I have in log: server/ctdb_recover.c:634 Recovery mode set to NORMAL ctdb_recovery_lock: Got recovery lock on '/smb-ctdb-ocfs2/.ctdb_locking' ERROR: recovery lock file /smb-ctdb-ocfs2/.ctdb_locking not locked when recovering! server/ctdb_recover.c:968 startrecovery eventscript has been invoked What configuration did you use? Or rather to say what besides CTDB you used? I've met a post that pacemaker should be used to get CTDB worked with OCFS2. In what context pacemaker is used? Yauheni Labko (Eugene Lobko) Junior System Administrator Chapdelaine Co. (212)208-9150 On Wednesday 12 August 2009 01:17:46 pm Jim McDonough wrote: On Tue, Aug 11, 2009 at 11:10 PM, Michael Adamob...@samba.org wrote: Btw, i thought OCFS2 is not ready to use with CTDB due to the lacks of some features. This was primary reason why I started with GFS. OCFS2 was lacking support of POSIX fcntl byte range locks (which are required to run ctdb) until recently. But this has changed! I have not tried it myself, but I think Jim McDonough (j...@samba.org, I have added him to Cc) might be able to give you some details (versions and such). OCFS2 supports posix fcntl byte range locks since 1.4, and I've been running ctdb on 1.4.1. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Permission Issues - Email found in subject
Hi All, Here is the version number. r...@akaza-fs:/usr/local/samba/sbin# ./smbd --version Version 3.2.0 r...@akaza-fs:/usr/local/samba/sbin# ./nmbd --version Version 3.2.0 Thanks, Shaun From: Jeremy Allison j...@samba.org Reply-To: Jeremy Allison j...@samba.org Date: Fri, 14 Aug 2009 14:46:57 -0700 To: Shaun Martin smar...@akazaresearch.com Cc: samba@lists.samba.org Subject: Re: [Samba] Permission Issues - Email found in subject On Fri, Aug 14, 2009 at 04:22:22PM -0400, Shaun Martin wrote: Hi All, I am trying to achieve something pretty simple. I have a samba share and I would like all new directories and files within that share to have 775 permissions. My config for that share is below. Whenever I create a dir I get 755 permissions. I have set every force permission their is. Both configs below produced the same directory. I feel like this should be very easy and my settings are correct. I have been managing samba server for years and have never run into this issue before. PLEASE HELP!! Thanks, Shaun ls of newly created dir drwxr-xr-x 2 smartin akaza 48 2009-08-14 16:15 shaun Orig Config: delete readonly = yes writeable = yes path = /shared force directory mode = 0775 force create mode = 0775 comment = Shared Files public = no create mask = 0775 directory mask = 0775 browseable = yes Crazy Config setting every force option: delete readonly = yes writeable = yes path = /shared force directory mode = 0775 force create mode = 0775 comment = Shared Files public = no create mask = 0775 directory mask = 0775 force directory security mask = 0775 directory security mask = 0775 force security mode = 775 security mask = 0755 browseable = yes That should work. What version of Samba ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CTDB+GFS2+CMAN. clean_start=0 or clean_start=1?
Thank you Michael. I tried OCFS2. OCFS2 administration looks easier than GFS one. Yauheni Labko (Eugene Lobko) Junior System Administrator Chapdelaine Co. (212)208-9150 On Tuesday 11 August 2009 05:10:22 pm Michael Adam wrote: Yauheni Labko wrote: Thank you for the answer, Michael. As far as I understood clean_star=1 is absolutely ok for GFS/GFS2? Sorry, I am not an expert in GFS settings. (But read on...) CTDB is not going to work without Red Hat Cluster manage. CMAN starts dlm_controld and gfs_controld. ccsd handles node-to-node communication. Well GFS needs the cman processes, so CTDB needs them, too. But CTDB only uses one lock file in the cluster file system. Apart from that, the CTDB daemons communicate with each other via tcp all on their own. I think GPFS has the similar manager like CMAN. The clean_start=1 is the only setting which can provide the necessary access to the GFS/GFS2 partitions as CTDB required. Correct me if I'm wrong. Sorry again. CTDB is completely ignorant with respect to GFS or CMAN configuration options. It only needs a cluster file system that supports POSIX fcntl() byte range locks. CTDB basicall treats the file system as a black box. So CTDB does not care about the value clean_start as such. Just make sure you don't sure that you don't start ctdbd before the cman stuff is up and running and the GFS file system is mounted. Btw, i thought OCFS2 is not ready to use with CTDB due to the lacks of some features. This was primary reason why I started with GFS. OCFS2 was lacking support of POSIX fcntl byte range locks (which are required to run ctdb) until recently. But this has changed! I have not tried it myself, but I think Jim McDonough (j...@samba.org, I have added him to Cc) might be able to give you some details (versions and such). I left manual fencing for testing only. I was going to use iLO in production. OK. Hope this somewhat helps... :-) Cheers - Michael Yauheni Labko (Eugene Lobko) Junior System Administrator Chapdelaine Co. (212)208-9150 CTDB is pretty ignorant of CMAN as such. It just relies on a cluster file system, like GFS2. So you should only start ctdbd when the cluster is up and the gfs2 file system is mounted. I think you should not start ctdbd as a cluster service managed by cman, since ctdbd can be considered a cluster manager for certain services (like samba...) itself. Apart from that, ctdb should be considered pretty much independent of the red hat cluster manager. CTDB needs a file in the cluster file system, the recovery lock file. The location of this file (or a directory, in which such a file can be created) should be specified in the CTDB_RECOVERY_LOCK=... setting in /etc/sysconfig/ctdb. At a glance, your cluster.conf looks sane, but I think manual fencing can be a real problem with cman. GPFS is very well tested with ctdb. I think there are many people testing ctdb with gfs2. I have heard positive feedback of people using ctdb with GlusterFS and lustre (and recently with ocfs2). You might want to join the #ctdb irc channel on freenode. There are ususally some people around with more expertise in gfs2 than me. Cheers - Michael Yauheni Labko wrote: Hi everybody, I have tested CTDB+GFS2+CMAN under Debian. It works good but I do not understand some points. It is possible to run the CTDB defining it under services section in cluster.conf but running it on the second node shuts down the process at the first one. My CTDB configuration implies 2 active-active nodes. Does CTDB care if the node starts with clean_start=0 or clean_start=1? man fenced says this is a safe way especially during startup because it prevents a data corruption if a node was dead for some reason. From my understanding CTDB uses CMAN only as module to get access to gfs/gfs2 partitions. Or maybe it is better to look at GPFS and LustreFS? Could anybody show the working configuration of cluster.conf for CTDB+GFS2+CMAN? I used the following cluster.conf and ctd conf: ?xml version=1.0? cluster name=smb-cluster config_version=8 fence_daemon clean_start=0 post_fail_delay=0 post_join_delay=3/ cman expected_votes=1 two_node=1/ cman cluster_id=101/ clusternodes clusternode name=smb01 votes=1 nodeid=1 fence !-- Handle fencing manually -- method name=human device name=human nodename=smb01/ /method /fence /clusternode clusternode name=smb02 votes=1 nodeid=2 fence !-- Handle fencing manually -- method name=human device name=human nodename=smb02/ /method /fence /clusternode /clusternodes fencedevices !-- Define manual fencing
[Samba] Samba 3.4 - merged-build
Hi, I try it once again: If I compile 3.4 with --enable-merged-build, do I get a own smbd4 binary or does samba just starts 2 smbd processes? regards martin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4 - merged-build
On Mon, Aug 17, 2009 at 03:51:15PM +0200, Martin Hochreiter wrote: I try it once again: If I compile 3.4 with --enable-merged-build, do I get a own smbd4 binary or does samba just starts 2 smbd processes? You get a samba4 binary. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Fwd: Not able to display domain users using wbinfo
Sorry for the missing text.. what i meant was verify that the workstation trust account created when the Samba server is added to the Windows NT domain is working. I don't have a windows NT domain, I have a samba server running on Ubuntu 8.04 Server and WinXP clients! And I am trying to get squid working for samba domain users through http://wiki.squid-cache.org/ConfigExamples/Authenticate/Ntlm and wbinfo -a mydomain\\myuser%mypasswd didn't succeed.. So, is there anything that i need to do to get this working? Avinash -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4 - merged-build
You get a samba4 binary. Volker Thank you for your answer ... and here is my problem, I get various xxx4 binaries (like smbtorture4 or smbclient4) but I do not find any samba4 in my the installation target /opt/samba3_4 Did I miss something while compiling? regards Martin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4 - merged-build
On Mon, Aug 17, 2009 at 04:09:12PM +0200, Martin Hochreiter wrote: You get a samba4 binary. Volker Thank you for your answer ... and here is my problem, I get various xxx4 binaries (like smbtorture4 or smbclient4) but I do not find any samba4 in my the installation target /opt/samba3_4 Did I miss something while compiling? Do you have a samba4 binary in the bin/ subdirectory of the place where you compiled it from? If so, then we're just missing samba4 in the make install target. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Not able to display domain users using wbinfo
Hallo, Avinash, Du meintest am 17.08.09: Sorry for the missing text.. what i meant was verify that the workstation trust account created when the Samba server is added to the Windows NT domain is working. I don't have a windows NT domain, I have a samba server running on Ubuntu 8.04 Server and WinXP clients! Do you need winbind? Without any Windows server (PDC) you don't need the winbind crap. And I am trying to get squid working for samba domain users through http://wiki.squid-cache.org/ConfigExamples/Authenticate/Ntlm and wbinfo -a mydomain\\myuser%mypasswd didn't succeed.. So, is there anything that i need to do to get this working? Authentification is a hard work. I'm maintainer of a school server (arktur.de), some colleagues ask for such a tool: it doesn't work well, it doesn't work in any case. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Peculiar difference between two Samba servers
Solved my own problem no thanks to y'all! ;) There was a difference between the two servers after all, Server 1 had one network interface, Server 2 had two. Set the following option in smb.conf on Server 2: socket address = LISTENING_ADDRESS And the problem went away, I'm curious though why auto authentication via kerberos didn't work unless I manually entered the username and password... best, -Leon - Original Message - From: leon roy leon@gmail.com To: samba@lists.samba.org Sent: Sunday, 16 August, 2009 00:14:48 GMT +00:00 GMT Britain, Ireland, Portugal Subject: [Samba] Peculiar difference between two Samba servers I have two Samba servers acting with Server role: ROLE_DOMAIN_MEMBER running Samba 3.2.5. Both have shares in their smb.conf, both are joined to Active Directory, and are using pam, nis, etc. so that users can authenticate against them (without having to re enter their passwords for each share) and see all permitted files. Clients are a mixture Macs running OS X 10.5 and Windows clients. Windows clients authenticate fine, Macs however display a curious problem: When I access the first server via Finder I am automatically granted a kerberos ticket and can see all permitted shares. However if I access the second server via Finder I get a Connection Failed error and have to manually enter my details, after which the kerberos ticket is granted. I'm puzzled as to why the first server grants the ticket automatically, whereas the second server doesn't. Looking at the two with log level set to 4 I see: Server 1: [2009/08/16 00:58:17, 3] smbd/process.c:process_smb(1549) Transaction 0 of length 51 (0 toread) [2009/08/16 00:58:17, 3] smbd/process.c:switch_message(1361) switch message SMBnegprot (pid 4445) conn 0x0 [2009/08/16 00:58:17, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/08/16 00:58:17, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [NT LM 0.12] [2009/08/16 00:58:17, 3] smbd/negprot.c:reply_nt1(392) using SPNEGO [2009/08/16 00:58:17, 3] smbd/negprot.c:reply_negprot(673) Selected protocol NT LM 0.12 [2009/08/16 00:58:17, 3] smbd/process.c:process_smb(1549) Transaction 1 of length 1358 (0 toread) [2009/08/16 00:58:17, 3] smbd/process.c:switch_message(1361) switch message SMBsesssetupX (pid 4445) conn 0x0 [2009/08/16 00:58:17, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Server 2: [2009/08/16 00:58:42, 3] smbd/process.c:process_smb(1549) Transaction 0 of length 51 (0 toread) [2009/08/16 00:58:42, 3] smbd/process.c:switch_message(1361) switch message SMBnegprot (pid 6636) conn 0x0 [2009/08/16 00:58:42, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/08/16 00:58:42, 3] smbd/negprot.c:reply_negprot(568) Requested protocol [NT LM 0.12] [2009/08/16 00:58:42, 3] smbd/negprot.c:reply_nt1(392) using SPNEGO [2009/08/16 00:58:42, 3] smbd/negprot.c:reply_negprot(673) Selected protocol NT LM 0.12 [2009/08/16 00:58:42, 3] smbd/process.c:smbd_process(2035) receive_message_or_smb failed: NT_STATUS_END_OF_FILE, exiting [2009/08/16 00:58:42, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 To further troubleshoot I upped the log level to 10 and see no difference in the logs between the two servers until we get to: Server 1: [2009/08/16 00:43:37, 10] lib/util.c:dump_data(2223) [000] 6D 65 72 63 75 72 79 00 00 00 00 00 00 00 00 00 mercury. [010] 60 5C 06 06 2B 06 01 05 05 02 A0 52 30 50 A0 24 `\..+... ...R0P.$ [020] 30 22 06 09 2A 86 48 86 F7 12 01 02 02 06 09 2A 0..*.H. ...* [030] 86 48 82 F7 12 01 02 02 06 0A 2B 06 01 04 01 82 .H.. ..+. [040] 37 02 02 0A A3 28 30 26 A0 24 1B 22 63 69 66 73 7(0 .$.cifs [050] 2F 6D 65 72 63 75 72 79 2E 62 6F 78 70 65 67 2E /mercury .london. [060] 6E 65 74 40 42 4F 58 50 45 47 2E 4E 45 54p...@lond ON.PRV [2009/08/16 00:43:37, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187) got smb length of 1354 [2009/08/16 00:43:37, 6] smbd/process.c:process_smb(1546) got message type 0x0 of len 0x54a Server 2: [2009/08/16 00:42:45, 10] lib/util.c:dump_data(2223) [000] 6A 75 70 69 74 65 72 00 00 00 00 00 00 00 00 00 jupiter. [010] 60 5C 06 06 2B 06 01 05 05 02 A0 52 30 50 A0 24 `\..+... ...R0P.$ [020] 30 22 06 09 2A 86 48 86 F7 12 01 02 02 06 09 2A 0..*.H. ...* [030] 86 48 82 F7 12 01 02 02 06 0A 2B 06 01 04 01 82 .H.. ..+. [040] 37 02 02 0A A3 28 30 26 A0 24 1B 22 63 69 66 73 7(0 .$.cifs [050] 2F 6A 75 70 69 74 65 72 2E 62 6F 78 70 65 67 2E /jupiter .london. [060] 6E 65 74 40 42 4F 58 50 45 47 2E 4E 45 54p...@lond ON.PRV [2009/08/16 00:42:45, 5] lib/util_sock.c:read_socket_with_timeout(928) read_socket_with_timeout: blocking read. EOF from client. [2009/08/16 00:42:45, 10]
Re: [Samba] Fwd: Not able to display domain users using wbinfo
On Mon, Aug 17, 2009 at 04:28:00PM +0200, Helmut Hullen wrote: Do you need winbind? Without any Windows server (PDC) you don't need the winbind crap. winbind crap? Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4 - merged-build
Do you have a samba4 binary in the bin/ subdirectory of the place where you compiled it from? If so, then we're just missing samba4 in the make install target. Volker Yes there it is - /root/samba-3.4/source3/bin/samba4 but the install script does not copy the binary ok, now I am confused - the merged-build samba version is working without problems or complains although the samba4 binary is missing ... How do I get samba3 to start samba4 as second daemon - or do I have to start both manually? regards martin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Not able to display domain users using wbinfo
Hallo, Volker, Du meintest am 17.08.09: Do you need winbind? Without any Windows server (PDC) you don't need the winbind crap. winbind crap? Beg your pardon - in a LAN without any Windows PDC or BDC I don't need it. It's fine to know that it works in mixed LANs ... but it's a crutch. And (if possible) I like to walk without crutches. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Renaming a computer on the domain
John Drescher wrote: I was thinking that I had to reboot after the first step. Thought it gave me an error, but maybe I am wrong. I'll try it and see. It does. I just ignore the box. I get the error: The following error occurred attempting to change the computer name to comp: (The domain domain was joined under the old computer name comp) Access is denied. I click on OK and it acts like it got added and asks me to reboot. When I reboot and try to logon to the domain it tells me that it cannot because the domain controller is down or the computer account was not found. I then have to logon locally, remove the computer from the domain and readd it for it to work correctly. So basically I have to. Remove computer from domain rename computer reboot computer add computer back to domain reboot computer Instead of: Remove computer from domain rename computer add computer back to domain reboot computer Basically just one more reboot, but would be nice not to have to do it. thanks. -- Scott Mayo - System Administrator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Question: Because it reverses the logical flow of conversation. Answer: Why is putting a reply at the top of the message frowned upon? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CTDB+GFS2+CMAN. clean_start=0 or clean_start=1?
On Mon, Aug 17, 2009 at 8:59 AM, Yauheni Labkoy...@chappy.com wrote: I've tried to get OCFS2 1.4.1 with CTDB but no success. Maybe you give me idea what I did wrong. It looks like you're using the ocfs2 standalone kernel cluster stack. This one doesn't support the locks CTDB needs. You'll need to use pacemaker, so setup will be a bit bigger. However, take a look at http://www.novell.com/documentation/sle_ha/book_sleha/?page=/documentation/sle_ha/book_sleha/data/book_sleha.html The section on seting up ocfs2 has a cookbook to follow for doing the right cluster commands. I don't know exactly what packages you'll need on Debian, or if the appropriate levels are available in packages there. The SHA1 I gave you earlier should show whether the kernel ocfs2 module even supports the locks. -- Jim McDonough Samba Team SUSE labs jmcd at samba dot org jmcd at themcdonoughs dot org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4 - merged-build
On Mon, Aug 17, 2009 at 04:47:13PM +0200, Martin Hochreiter wrote: ok, now I am confused - the merged-build samba version is working without problems or complains although the samba4 binary is missing ... How do I get samba3 to start samba4 as second daemon - or do I have to start both manually You have to start both manually, with some special config settings. I'm afraid I do not have the time right now to walk you through all this, I'm VERY sorry for that. But none of this is really finished yet, so it would not really gain you much anyway. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4 - merged-build
You have to start both manually, with some special config settings. I'm afraid I do not have the time right now to walk you through all this, I'm VERY sorry for that. But none of this is really finished yet, so it would not really gain you much anyway. Volker Ok Volker, thank you for your help, just one short question: We wanted to use the merged-build 3.4 of samba in production environment - so if i understand your last comment correctly than that is not recommended yet anyway ... or am I wrong here? regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Renaming a computer on the domain
It does. I just ignore the box. I get the error: The following error occurred attempting to change the computer name to comp: (The domain domain was joined under the old computer name comp) Access is denied. I vaguely remember that error. I am sorry perhaps I was wrong and you need the two reboots.. Are you using ldap and nscd on your samba pdc? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4 - merged-build
On Mon, Aug 17, 2009 at 05:11:28PM +0200, Martin Hochreiter wrote: We wanted to use the merged-build 3.4 of samba in production environment - so if i understand your last comment correctly than that is not recommended yet anyway ... or am I wrong here? You're right, this is not finished. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Renaming a computer on the domain
John Drescher wrote: It does. I just ignore the box. I get the error: The following error occurred attempting to change the computer name to comp: (The domain domain was joined under the old computer name comp) Access is denied. I vaguely remember that error. I am sorry perhaps I was wrong and you need the two reboots.. Are you using ldap and nscd on your samba pdc? Yes I am. Thanks. -- Scott Mayo - System Administrator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Question: Because it reverses the logical flow of conversation. Answer: Why is putting a reply at the top of the message frowned upon? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] reviews of Samba 3.4?
Does anyone know any reviews/articles on Samba 3.4, where it is built together with Samba4? I would like to know how it behaves, what are its good and/or bad sides etc., but generally lack resources to test it myself. -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] reviews of Samba 3.4?
Tomasz Chmielewski wrote: Does anyone know any reviews/articles on Samba 3.4, where it is built together with Samba4? I would like to know how it behaves, what are its good and/or bad sides etc., but generally lack resources to test it myself. Any pointer to mailing posts touching the subject (where such setup was actually used) would be also appreciated - so far, I've been finding build problems mostly. -- Tomasz Chmielewski 5 4 3 2 1 0 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Keeping a list of NetBIOS names on a network?
I'm trying to make some DNS server software aware of NetBIOS names on the local network. Is there an easy and efficient way using Samba to keep track of what NetBIOS names are present? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Keeping a list of NetBIOS names on a network?
On 08/17/2009 12:53 PM, Matthew Dempsky wrote: I'm trying to make some DNS server software aware of NetBIOS names on the local network. Is there an easy and efficient way using Samba to keep track of what NetBIOS names are present? Thanks. Use the findsmb utility that ships as part of the Samba tarball. Hopefully your favorite Linux distribution does include it. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Keeping a list of NetBIOS names on a network?
John H Terpstra - Samba Team wrote: On 08/17/2009 12:53 PM, Matthew Dempsky wrote: I'm trying to make some DNS server software aware of NetBIOS names on the local network. Is there an easy and efficient way using Samba to keep track of what NetBIOS names are present? Thanks. Use the findsmb utility that ships as part of the Samba tarball. Hopefully your favorite Linux distribution does include it. Another alternative would be to look at integrating your DNS server with nmbd, perhaps using the wins.dat (or whatever the WINS db is backed up to now). cheers, jerry -- = http://www.plainjoe.org/ What man is a man who does not make the world better? --Balian signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Keeping a list of NetBIOS names on a network?
Thanks for the findsmb and wins.dat tips! :) On Mon, Aug 17, 2009 at 11:03 AM, Gerald Carterje...@plainjoe.org wrote: Another alternative would be to look at integrating your DNS server with nmbd, perhaps using the wins.dat (or whatever the WINS db is backed up to now). Running nmbd is an option, but according to the man pages, it only maintains wins.dat and/or browse.dat if it's the WINS server and/or browse master (respectively), of which there can only be one of either on a network. If possible, I'd like to avoid requiring network administrators to alter their network configuration. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Keeping a list of NetBIOS names on a network?
winbindd has the capability of doing hostname resolution for NetBIOS names and can then be added to nsswitch.conf. Check out the man pages. Matthew Dempsky wrote: Thanks for the findsmb and wins.dat tips! :) On Mon, Aug 17, 2009 at 11:03 AM, Gerald Carterje...@plainjoe.org wrote: Another alternative would be to look at integrating your DNS server with nmbd, perhaps using the wins.dat (or whatever the WINS db is backed up to now). Running nmbd is an option, but according to the man pages, it only maintains wins.dat and/or browse.dat if it's the WINS server and/or browse master (respectively), of which there can only be one of either on a network. If possible, I'd like to avoid requiring network administrators to alter their network configuration. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Keeping a list of NetBIOS names on a network?
Actually it looks like this is only available for IRIX. I thought it had been ported to other platforms as well. :-( Herb Lewis wrote: winbindd has the capability of doing hostname resolution for NetBIOS names and can then be added to nsswitch.conf. Check out the man pages. Matthew Dempsky wrote: Thanks for the findsmb and wins.dat tips! :) On Mon, Aug 17, 2009 at 11:03 AM, Gerald Carterje...@plainjoe.org wrote: Another alternative would be to look at integrating your DNS server with nmbd, perhaps using the wins.dat (or whatever the WINS db is backed up to now). Running nmbd is an option, but according to the man pages, it only maintains wins.dat and/or browse.dat if it's the WINS server and/or browse master (respectively), of which there can only be one of either on a network. If possible, I'd like to avoid requiring network administrators to alter their network configuration. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Not able to display domain users using wbinfo
Do you need winbind? Without any Windows server (PDC) you don't need the winbind crap winbind crap? Beg your pardon - in a LAN without any Windows PDC or BDC I don't need it. Do you usually call crap to everything you don't need? That's interesting... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba with ldap PDC cannot join my windows to domain?
On Thu, Aug 13, 2009 at 12:02 PM, Dale Schroederd...@briannassaladdressing.com wrote: Alberto Moreno wrote: Hello my friends. Looks like I had seen some light with this small issue. Normally wet u have a PDC in your network, with Winboxes, AD, NT4, u must have at least 1 Master Browser rigth? Well at home I have just 2 winboxes xp pro sp3, every time I setup a samba server, nomally I stop the computer browser services of my clients, in this case my 2 winboxes, this way samba could quickly became the master browser of my network. Like I told u before, one of my issues is that my domain name doesn't appear at my network, just the workgroup of the winboxes machines, every time I try to browse my networks with my winboxes, it took a while to answer or some times just stop working and finally, won't show me my samba domain. If I read the nmbd.log, it tells me that samba is the master browser... cool but is not happening. Last night I decide to enable one of my winboxes Computer Browser service and boom, I could browse my network and see my domain. This tell me that samba is having issues trying to handle the network browser, right now I could not add my box to the doman, but at least I could see my domain there. I follow the manuals Dale at work and no issue here, even that I have 2 domains running, but as soon as I start samba, it appears at my network. The issue is at home. Well If u have some tips guys about how to troubleshoot this I will appreciated. Thanks all for your help and time!!! To ensure that samba is the master browser against xp machines, I use [global] domain master = Yes os level = 65 announce version = 5.9 This has always worked for me. Dale Hi my friends. I got finally my test server working. What I did: 1) My server wasn't working as I describe to u. Them I decide to start from scratch. 2) Read about 4 how-to's(one of them was about ubuntu thanks Dale). I decide to start from scratch, because for some reason even that I delete the samba info (/var/cache/samba, /var/lib/ldap) and some other files we create each time we setup this, my windows xp machine could not reach my samba server and my server act very strange. Right the server is working, I could finally add my windows xp machine to the domain without any issue. I'm just continue learning more about samba. Thanks all for your help and time!!! -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Not able to display domain users using wbinfo
Hallo, Miguel, Du meintest am 17.08.09: Do you need winbind? Without any Windows server (PDC) you don't need the winbind crap winbind crap? Beg your pardon - in a LAN without any Windows PDC or BDC I don't need it. Do you usually call crap to everything you don't need? No. That's interesting... No - that a wrong assumption. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Question concerning file permissions in Samba 3.3.4
We're running Samba 3.3.4 on RHEL 5 Linux, using Active Directory authentication. I've noticed that we are able to assign NTFS Full Control permissions to directories; however, we are unable to do the same on the files contained within those directories. Is there a default setting that is preventing us from being able to assign them? Note that this happens even at the very top of the directory tree... Here is our smb.conf: [global] workgroup = WORKGROUP realm = REALM server string = storage interfaces = eth0 bind interfaces only = Yes security = ADS allow trusted domains = No password server = passwordserver username map = /usr/local/samba/lib/smbusers use kerberos keytab = Yes log file = /var/log/samba/%m.log ;server signing = auto socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No printcap name = /etc/printcap dns proxy = No idmap alloc backend = tdb idmap backend = rid:WORKGROUP=16777216-33554431 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template homedir = /home/%U winbind use default domain = No cups options = raw smb ports = 445 [array2] comment = Disk Array 2 path = /mnt/array2 read only = No admin users = admindude1 inherit acls = yes map acl inherit = yes [array3] comment = Disk Array 3 path = /mnt/array3 read only = No admin users = admindude1 inherit acls = yes map acl inherit = yes Thanks, Bill Dorrian Unix/Linux Systems Support (904) 232-2742 I did not get my Spaghetti-O's. I got spaghetti. I want the press to know this. - Thomas J. Grasso, executed by lethal injection on March 20, 1995 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] is it possible to convert linux shadow passwords to smbpasswd format?
Just wondering if it possible to fetch shadow file from other server and easily convert it to smbpasswd format ? So that users can use same password on samba that on mailserver? (without ldap or similar configurations?) -- Eero -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] is it possible to convert linux shadow passwords to smbpasswd format?
On Mon, Aug 17, 2009 at 10:35:44PM +0300, Eero Volotinen wrote: Just wondering if it possible to fetch shadow file from other server and easily convert it to smbpasswd format ? So that users can use same password on samba that on mailserver? (without ldap or similar configurations?) No. You need to use the smbpasswd utility and set the passwords new. Once there, with the unix password sync option you can keep both in sync. Volker pgpoxv5SDVKkN.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Is Samba useful in an all-Linux environment?
Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? Thanks SteveT Steve Litt Recession Relief Package http://www.recession-relief.US Twitter: http://www.twitter.com/stevelitt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
Am 17.08.2009 um 21:40 schrieb Steve Litt: Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? no. Thanks SteveT Steve Litt Recession Relief Package http://www.recession-relief.US Twitter: http://www.twitter.com/stevelitt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
Steve Litt kirjoitti: Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? Well, atleast it is more secure than nfsv3 ? -- Eero -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
On Mon, Aug 17, 2009 at 3:52 PM, Eero Volotineneero.voloti...@iki.fi wrote: Steve Litt kirjoitti: Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? Well, atleast it is more secure than nfsv3 ? That along with better performance and also better handling of disconnections are a couple of reasons to use samba/cifs over nfs3. -- John M. Drescher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
On Mon, Aug 17, 2009 at 03:55:34PM -0400, John Drescher wrote: On Mon, Aug 17, 2009 at 3:52 PM, Eero Volotineneero.voloti...@iki.fi wrote: Steve Litt kirjoitti: Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? Well, atleast it is more secure than nfsv3 ? That along with better performance and also better handling of disconnections are a couple of reasons to use samba/cifs over nfs3. Plus if Steve French or Jeff ever write the client code for CIFSFS it has transport encryption built into the UNIX extensions (krb5 or NTLMv2 keying). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4.0 + windows 7
On Sun, Aug 16, 2009 at 07:52:59PM +0300, Eero Volotinen wrote: What is status of Windows 7 with samba 3.4.0 version? We're trying to make sure that 3.4.1 will work seamlessly with Win7 RTM code (at least I'm considering any such bug a show-stopper for 3.4.1). So 3.4.1 might slip a little for this - this is Karolin's final decision of course. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
On Mon, Aug 17, 2009 at 01:18:41PM -0700, Jeremy Allison wrote: Plus if Steve French or Jeff ever write the client code for CIFSFS it has transport encryption built into the UNIX extensions (krb5 or NTLMv2 keying). Next one: Once I'm done with my winbind cleanup the next project there is to provide an alternative to nss_ldap or nss_nis: winbind as a member of a samba domain will just be a plug-in replacement for nss_ldap, secure without the hassles to set up TLS transport. The security will be provided the same way Windows does it, by means of the workstation membership in the domain. Volker pgpkAX3fvgDya.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Question concerning file permissions in Samba 3.3.4
On Mon, Aug 17, 2009 at 03:15:59PM -0400, Dorrian, William M Contractor ace...@saj wrote: We're running Samba 3.3.4 on RHEL 5 Linux, using Active Directory authentication. I've noticed that we are able to assign NTFS Full Control permissions to directories; however, we are unable to do the same on the files contained within those directories. Is there a default setting that is preventing us from being able to assign them? Note that this happens even at the very top of the directory tree... Ok, here is the deal. With Samba 3.3.x, we moved to using the returned Windows permissions (as mapped from POSIX ACLs) to control all file access. This gets us closer to Windows behavior, but there's one catch. Full Control includes the ability to delete a file, but in POSIX the ability to delete a file belongs to the containing directory, not the file itself. So when we return the Windows permissions for a file ACL with rwx set, by default we'd like to map to Full Control (see the default setting of the parameter acl map full control) but we must remove the DELETE_ACCESS flag from the mapping, as that is not a permission that is granted. Thus the ACL editor doesn't see DELETE_ACCESS in the returned ACE entry, and so doesn't believe it's Full Control. If we don't remove the DELETE_ACCESS bit, the client will open a file for delete, and successfully get a file handle back, but the delete will fail when the set file info (delete this file) call is made. Windows clients only check the error return on the open for delete call, not the actual set file info that allows the delete - if you fail that call Windows explorer silently ignores the error, tells you you have deleted the file, but the file is still there and will reappear on the next directory refresh, thus confusing users. Hopefully this explains why we can't map completely into Full Control but must remove the DELETE_ACCESS bit. It may confuse users a bit, but that's better than confusing them when they're wondering why files they've deleted keep coming back from the dead (trust me, people complained more about that for a *long* time until I discovered this work-around). Jeremy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
On Monday 17 August 2009 15:55:34 John Drescher wrote: On Mon, Aug 17, 2009 at 3:52 PM, Eero Volotineneero.voloti...@iki.fi wrote: Steve Litt kirjoitti: Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? Well, atleast it is more secure than nfsv3 ? That along with better performance and also better handling of disconnections are a couple of reasons to use samba/cifs over nfs3. How about performance and security of Samba vs. NFS4 on an all Linux network? Thanks SteveT Steve Litt Recession Relief Package http://www.recession-relief.US Twitter: http://www.twitter.com/stevelitt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
Steve Litt skrev: On Monday 17 August 2009 15:55:34 John Drescher wrote: On Mon, Aug 17, 2009 at 3:52 PM, Eero Volotineneero.voloti...@iki.fi wrote: Steve Litt kirjoitti: Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? Well, atleast it is more secure than nfsv3 ? That along with better performance and also better handling of disconnections are a couple of reasons to use samba/cifs over nfs3. How about performance and security of Samba vs. NFS4 on an all Linux network? Samba is definitely more secure then NFS but performance wise it is definitely my expiration that NFS is much fasten with small files, but about the same on big files. Thanks SteveT Steve Litt Recession Relief Package http://www.recession-relief.US Twitter: http://www.twitter.com/stevelitt -- Med Venlig Hilsen / Best regards Henrik Dige Semark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? no. Yes. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
On 08/17/2009 04:25 PM, Henrik Dige Semark wrote: Steve Litt skrev: On Monday 17 August 2009 15:55:34 John Drescher wrote: On Mon, Aug 17, 2009 at 3:52 PM, Eero Volotineneero.voloti...@iki.fi wrote: Steve Litt kirjoitti: Hi all, This isn't meant to be a troll. It's a legitimate question asked because I haven't done much with Samba for 9 years. Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? Well, atleast it is more secure than nfsv3 ? That along with better performance and also better handling of disconnections are a couple of reasons to use samba/cifs over nfs3. How about performance and security of Samba vs. NFS4 on an all Linux network? Samba is definitely more secure then NFS but performance wise it is definitely my expiration that NFS is much fasten with small files, but about the same on big files. (I'm not trying to inflame on a thread that is not trying to troll, but...) I'd like to see some backing that Samba is more secure than NFS -- I don't think that it's black-and-white enough for a blanket statement of that sort. I will certainly grant that many common configurations of NFS have security issues, but with the ability to run NFS in kerberized modes I would think that it has a very similar security model to Samba+ADS. And more secure than Samba with other security models like user or share, I believe. I don't think there is a significant difference in the quality of software (both Samba and NFS are well written pieces of code), but configurations can vary greatly. Samba does provide some very useful functionality to an all Linux environment in that a user can take a stock linux box that knows nothing of your local network setups and connect to a Samba share. It requires very little training since users already are aware of this from the Windows world. If ease of support of unsecured clients is a primary concern, Samba would be a good choice. If you have full control over the clients, NFS can work without any user intervention. This has it's own support benefit, but you need to ensure that client security is taken care of as well. Samba allows an extra layer of configuration via smb.conf that can help with sharing and access controls, but it can also add a layer of confusion if used improperly. Also, you have to enable special Samba extensions to get full support for things that come native to NFS -- full permission support, symbolic links, hard links, special devices/fifos. If your applications need these things, then you are likely better off using NFS. (And as noted by the earlier posters -- if you use NFS, you'll find better utility from NFSv4 than NFSv3). There are certainly trade offs, but yes, I can see a reason to implement samba in an all Linux environment if it is the right choice for your user base/application needs. -Ty! -- -===- Ty! Boyack NREL Unix Network Manager t...@nrel.colostate.edu (970) 491-1186 -===- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] 'inherit owner' doesn't play nice with 'force directory mode'
Hello I am trying to create a 'dropbox' share, using the sticky bit and 'inherit owner'. By themselves they work, but when a directory is created in this share, its permissions are not quite what I need. Therefore, I try to use 'force directory mode' or 'inherit permissions'. However, whenever I do that, the owner on the newly-created directory is no longer correct w/regard to 'inherit owner'. Is this correct behavior, or a bug? Here are details: The directory I'm sharing: drwsrwsr-t 2 nobody sambaguest 512 Aug 17 22:18 myshare My smb.config (well, the relevant part): # ... snip guest account = sambaguest # ... snip [myshare] comment = my share path = /path/to/myshare public = yes read only = no writable = yes browseable = yes printable = no inherit owner = yes #inherit permissions = yes #directory mode = 3770 #force directory mode = 3770 As it is written above, when I create a directory from a windows box it looks like: drwxr-xr-x 2 nobody sambaguest 512 Aug 17 22:19 New Folder Correct ownership but I want group write and the sticky bit to be set, as in the parent directory. So I uncomment 'inherit permissions', create another directory, and get: drwxr-xr-x 2 nobody sambaguest 512 Aug 17 22:26 New Folder (2) No change. Anyone know why inherit permissions would have no effect here? I would expect the sticky bit, sgid, and the group-write of the parent directory to apply to the new directory. So I comment 'inherit permissions' back out, and instead try the pair of lines with 'directory mode' and 'force directory mode'. Then a newly created dir looks like: drwxrwsr-t 2 sambaguest sambaguest 512 Aug 17 22:32 New Folder (3) ARG! Perfect permissions, but the user is wrong, which lets people modify (rename, delete, etc) the directory. Normally, the sticky bit would prevent this since the owner would be 'nobody'. But now the owner is 'sambaguest', so users can wreak havoc on these newly created dirs... Can anybody explain to me what I'm missing? I have researched this a bit and tried various things, but nothing has worked so far... This is Samba 3.3.6 on FreeBSD 7.2-RELEASE Thanks, John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is Samba useful in an all-Linux environment?
Hallo, Steve, Du meintest am 17.08.09: Is there anything Samba can contribute to an all-Linux environment with no Windows or Mac computers? I prefer mounting shares via cifs, not via NFS. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Mon Aug 17 06:00:02 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-08-16 00:00:04.0 -0600 +++ /home/build/master/cache/broken_results.txt 2009-08-17 00:01:12.0 -0600 @@ -1,4 +1,4 @@ -Build status as of Sun Aug 16 06:00:02 2009 +Build status as of Mon Aug 17 06:00:02 2009 Build counts: Tree Total Broken Panic @@ -6,17 +6,17 @@ ccache 2 1 0 distcc 0 0 0 ldb 32 32 0 -libreplace 31 12 0 +libreplace 2 1 0 lorikeet 0 0 0 -pidl 23 2 0 +pidl 1 0 0 ppp 0 0 0 rsync32 13 0 samba-docs 0 0 0 samba-web0 0 0 -samba_3_current 2 2 0 -samba_3_master 31 27 8 +samba_3_current 0 0 0 +samba_3_master 30 28 6 samba_3_next 30 28 3 samba_4_0_test 32 29 2 -talloc 31 31 0 -tdb 29 29 0 +talloc 3 3 0 +tdb 3 3 0
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1047-gb62ce48
The branch, master has been updated via b62ce48f007aa93b6c6a7f066f1daf06c7fd1389 (commit) via 47452b8cecaa9ad17d88e259a9972c5ddd007629 (commit) via d60f049eaf30d7a717291b2f295cc889efc7afa9 (commit) via 3b3bde938cd404605b43710478cf7999551071b4 (commit) via 97a1ed53ca4255ac7fc5643292019ad30c276de5 (commit) via 45e4be0d96abdc729252df1e97bb9a56302e5a4a (commit) from 26e114b83ce1de7515bfbf365da03ec3f18c95fd (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b62ce48f007aa93b6c6a7f066f1daf06c7fd1389 Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 15 10:11:16 2009 +0200 s3:smbd: add support for canceling SMB2 Notify calls. metze commit 47452b8cecaa9ad17d88e259a9972c5ddd007629 Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 15 10:07:00 2009 +0200 s3:smbd: add smbd_notify_cancel_by_smbreq() This function will be used by the SMB2 notify code. metze commit d60f049eaf30d7a717291b2f295cc889efc7afa9 Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 15 10:01:38 2009 +0200 s3:smbd: implement SMB2 Cancel correctly. metze commit 3b3bde938cd404605b43710478cf7999551071b4 Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 15 10:45:21 2009 +0200 s4:build: require tevent 0.9.7 with tevent_req_cancel() metze commit 97a1ed53ca4255ac7fc5643292019ad30c276de5 Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 15 10:44:50 2009 +0200 tevent: change version to 0.9.7 after adding tevent_req_cancel infrastructure metze commit 45e4be0d96abdc729252df1e97bb9a56302e5a4a Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 15 09:46:23 2009 +0200 tevent: add tevent_req_cancel() infrastructure This offers a generic way for callers to cancel an async request. metze --- Summary of changes: lib/tevent/configure.ac |2 +- lib/tevent/tevent.h |8 +++ lib/tevent/tevent_internal.h | 19 ++ lib/tevent/tevent_req.c | 43 ++ source3/smbd/globals.h | 12 ++- source3/smbd/notify.c| 20 +++ source3/smbd/smb2_break.c|6 + source3/smbd/smb2_create.c |6 + source3/smbd/smb2_find.c |6 + source3/smbd/smb2_flush.c|6 + source3/smbd/smb2_getinfo.c |6 + source3/smbd/smb2_ioctl.c|6 + source3/smbd/smb2_lock.c |6 + source3/smbd/smb2_notify.c | 23 + source3/smbd/smb2_read.c |6 + source3/smbd/smb2_server.c | 17 --- source3/smbd/smb2_setinfo.c |6 + source3/smbd/smb2_write.c|6 + source4/min_versions.m4 |2 +- 19 files changed, 144 insertions(+), 62 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/configure.ac b/lib/tevent/configure.ac index d40e02e..89190af 100644 --- a/lib/tevent/configure.ac +++ b/lib/tevent/configure.ac @@ -1,5 +1,5 @@ AC_PREREQ(2.50) -AC_INIT(tevent, 0.9.6) +AC_INIT(tevent, 0.9.7) AC_CONFIG_SRCDIR([tevent.c]) AC_CONFIG_HEADER(config.h) diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h index 56ae0ee..d355605 100644 --- a/lib/tevent/tevent.h +++ b/lib/tevent/tevent.h @@ -238,6 +238,14 @@ char *tevent_req_default_print(struct tevent_req *req, TALLOC_CTX *mem_ctx); char *tevent_req_print(TALLOC_CTX *mem_ctx, struct tevent_req *req); +typedef bool (*tevent_req_cancel_fn)(struct tevent_req *); + +void tevent_req_set_cancel_fn(struct tevent_req *req, tevent_req_cancel_fn fn); + +bool _tevent_req_cancel(struct tevent_req *req, const char *location); +#define tevent_req_cancel(req) \ + _tevent_req_cancel(req, __location__) + struct tevent_req *_tevent_req_create(TALLOC_CTX *mem_ctx, void *pstate, size_t state_size, diff --git a/lib/tevent/tevent_internal.h b/lib/tevent/tevent_internal.h index e260524..513ca1c 100644 --- a/lib/tevent/tevent_internal.h +++ b/lib/tevent/tevent_internal.h @@ -65,6 +65,15 @@ struct tevent_req { tevent_req_print_fn private_print; /** +* @brief A function to cancel the request +* +* The implementation might want to set a function +* that is called when the tevent_req_cancel() function +* was called. +*/ + tevent_req_cancel_fn private_cancel; + + /** * @brief Internal state of the request * * Callers should only access this via functions and never directly. @@ -100,6 +109,16 @@ struct tevent_req { const char *finish_location; /** +* @brief The location where the request was canceled +
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1048-g905db32
The branch, master has been updated via 905db3288532131171ca1c54198660d86eef1ae9 (commit) from b62ce48f007aa93b6c6a7f066f1daf06c7fd1389 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 905db3288532131171ca1c54198660d86eef1ae9 Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 17 17:34:22 2009 +1000 more fixups from provision changes Andrew, can you please check this? The idmap.setup_name_mapping tests look totally out of place here. I'm also not sure I captured your intention with the other changes --- Summary of changes: source4/scripting/python/samba/provision.py | 32 +++- source4/scripting/python/samba/tests/samdb.py | 16 +++- 2 files changed, 24 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index c029bea..026e85d 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -474,33 +474,18 @@ def setup_name_mappings(samdb, idmap, sid, domaindn, root_uid, nobody_uid, :param users_gid: gid of the UNIX users group. :param wheel_gid: gid of the UNIX wheel group. -def add_foreign(self, domaindn, sid, desc): -Add a foreign security principle. -add = +def add_foreign(self, domaindn, sid, desc): +Add a foreign security principle. +add = dn: CN=%s,CN=ForeignSecurityPrincipals,%s objectClass: top objectClass: foreignSecurityPrincipal description: %s % (sid, domaindn, desc) -# deliberately ignore errors from this, as the records may -# already exist -for msg in self.parse_ldif(add): -self.add(msg[1]) - -# add some foreign sids -add_foreign(samdb, domaindn, S-1-5-7, Anonymous) -add_foreign(samdb, domaindn, S-1-1-0, World) -add_foreign(samdb, domaindn, S-1-5-2, Network) -add_foreign(samdb, domaindn, S-1-5-18, System) -add_foreign(samdb, domaindn, S-1-5-11, Authenticated Users) - - -idmap.setup_name_mapping(S-1-5-7, idmap.TYPE_UID, nobody_uid) -idmap.setup_name_mapping(S-1-5-32-544, idmap.TYPE_GID, wheel_gid) - -idmap.setup_name_mapping(sid + -500, idmap.TYPE_UID, root_uid) -idmap.setup_name_mapping(sid + -513, idmap.TYPE_GID, users_gid) - +# deliberately ignore errors from this, as the records may +# already exist +for msg in self.parse_ldif(add): +self.add(msg[1]) def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, credentials, names, @@ -818,6 +803,9 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, names=names, ldap_backend=ldap_backend, serverrole=serverrole) +if (schema == None): +schema = Schema(setup_path, schemadn=names.schemadn, serverdn=names.serverdn) + # Load the database, but importantly, use Ldb not SamDB as we don't want to load the global schema samdb = Ldb(session_info=session_info, credentials=credentials, lp=lp) diff --git a/source4/scripting/python/samba/tests/samdb.py b/source4/scripting/python/samba/tests/samdb.py index ab5e595..12618c9 100644 --- a/source4/scripting/python/samba/tests/samdb.py +++ b/source4/scripting/python/samba/tests/samdb.py @@ -19,7 +19,7 @@ from samba.auth import system_session from samba.credentials import Credentials import os -from samba.provision import setup_samdb, guess_names, setup_templatesdb, make_smbconf, find_setup_dir +from samba.provision import setup_samdb, guess_names, setup_templatesdb, make_smbconf, find_setup_dir, add_foreign from samba.samdb import SamDB from samba.tests import TestCaseInTempDir from samba.dcerpc import security @@ -92,5 +92,17 @@ class SamDBTests(SamDBTestCase): Tests for the SamDB implementation. def test_add_foreign(self): -self.samdb.add_foreign(self.domaindn, S-1-5-7, Somedescription) +add_foreign(self.samdb, self.domaindn, S-1-5-7, Anonymous) +add_foreign(self.samdb, self.domaindn, S-1-1-0, World) +add_foreign(self.samdb, self.domaindn, S-1-5-2, Network) +add_foreign(self.samdb, self.domaindn, S-1-5-18, System) +add_foreign(self.samdb, self.domaindn, S-1-5-11, Authenticated Users) + +# I don't think these should be here ... +#idmap.setup_name_mapping(S-1-5-7, idmap.TYPE_UID, nobody_uid) +#idmap.setup_name_mapping(S-1-5-32-544, idmap.TYPE_GID, wheel_gid) +# +#idmap.setup_name_mapping(sid + -500, idmap.TYPE_UID, root_uid) +#idmap.setup_name_mapping(sid + -513, idmap.TYPE_GID, users_gid) + -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1049-g52108a1
The branch, master has been updated via 52108a19a4130af0c241794898c61bf425b914e5 (commit) from 905db3288532131171ca1c54198660d86eef1ae9 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 52108a19a4130af0c241794898c61bf425b914e5 Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 17 17:48:27 2009 +1000 fixed up add_foreign again my last patch was not even close ... I'll leave abartlet to work out how to fix the test case --- Summary of changes: source4/scripting/python/samba/provision.py | 26 ++-- source4/scripting/python/samba/tests/samdb.py | 20 +++--- 2 files changed, 23 insertions(+), 23 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 026e85d..e2abb05 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -474,18 +474,30 @@ def setup_name_mappings(samdb, idmap, sid, domaindn, root_uid, nobody_uid, :param users_gid: gid of the UNIX users group. :param wheel_gid: gid of the UNIX wheel group. -def add_foreign(self, domaindn, sid, desc): -Add a foreign security principle. -add = +def add_foreign(self, domaindn, sid, desc): +Add a foreign security principle. +add = dn: CN=%s,CN=ForeignSecurityPrincipals,%s objectClass: top objectClass: foreignSecurityPrincipal description: %s % (sid, domaindn, desc) -# deliberately ignore errors from this, as the records may -# already exist -for msg in self.parse_ldif(add): -self.add(msg[1]) +# deliberately ignore errors from this, as the records may +# already exist +for msg in self.parse_ldif(add): +self.add(msg[1]) + +add_foreign(samdb, self.domaindn, S-1-5-7, Anonymous) +add_foreign(samdb, self.domaindn, S-1-1-0, World) +add_foreign(samdb, self.domaindn, S-1-5-2, Network) +add_foreign(samdb, self.domaindn, S-1-5-18, System) +add_foreign(samdb, self.domaindn, S-1-5-11, Authenticated Users) + +idmap.setup_name_mapping(S-1-5-7, idmap.TYPE_UID, nobody_uid) +idmap.setup_name_mapping(S-1-5-32-544, idmap.TYPE_GID, wheel_gid) + +idmap.setup_name_mapping(sid + -500, idmap.TYPE_UID, root_uid) +idmap.setup_name_mapping(sid + -513, idmap.TYPE_GID, users_gid) def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, credentials, names, diff --git a/source4/scripting/python/samba/tests/samdb.py b/source4/scripting/python/samba/tests/samdb.py index 12618c9..8c7bb0a 100644 --- a/source4/scripting/python/samba/tests/samdb.py +++ b/source4/scripting/python/samba/tests/samdb.py @@ -19,7 +19,7 @@ from samba.auth import system_session from samba.credentials import Credentials import os -from samba.provision import setup_samdb, guess_names, setup_templatesdb, make_smbconf, find_setup_dir, add_foreign +from samba.provision import setup_samdb, guess_names, setup_templatesdb, make_smbconf, find_setup_dir from samba.samdb import SamDB from samba.tests import TestCaseInTempDir from samba.dcerpc import security @@ -88,21 +88,9 @@ class SamDBTestCase(TestCaseInTempDir): super(SamDBTestCase, self).tearDown() +# disable this test till andrew works it out ... class SamDBTests(SamDBTestCase): Tests for the SamDB implementation. -def test_add_foreign(self): -add_foreign(self.samdb, self.domaindn, S-1-5-7, Anonymous) -add_foreign(self.samdb, self.domaindn, S-1-1-0, World) -add_foreign(self.samdb, self.domaindn, S-1-5-2, Network) -add_foreign(self.samdb, self.domaindn, S-1-5-18, System) -add_foreign(self.samdb, self.domaindn, S-1-5-11, Authenticated Users) - -# I don't think these should be here ... -#idmap.setup_name_mapping(S-1-5-7, idmap.TYPE_UID, nobody_uid) -#idmap.setup_name_mapping(S-1-5-32-544, idmap.TYPE_GID, wheel_gid) -# -#idmap.setup_name_mapping(sid + -500, idmap.TYPE_UID, root_uid) -#idmap.setup_name_mapping(sid + -513, idmap.TYPE_GID, users_gid) - - +print samdb add_foreign disabled for now +#def test_add_foreign(self): -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1050-g87921bf
The branch, master has been updated via 87921bf694cf5c733de0179cf188c6a5cbaf48f0 (commit) from 52108a19a4130af0c241794898c61bf425b914e5 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 87921bf694cf5c733de0179cf188c6a5cbaf48f0 Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 17 17:50:26 2009 +1000 sigh - still not right --- Summary of changes: source4/scripting/python/samba/provision.py | 10 +- 1 files changed, 5 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index e2abb05..39ae33b 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -487,11 +487,11 @@ description: %s for msg in self.parse_ldif(add): self.add(msg[1]) -add_foreign(samdb, self.domaindn, S-1-5-7, Anonymous) -add_foreign(samdb, self.domaindn, S-1-1-0, World) -add_foreign(samdb, self.domaindn, S-1-5-2, Network) -add_foreign(samdb, self.domaindn, S-1-5-18, System) -add_foreign(samdb, self.domaindn, S-1-5-11, Authenticated Users) +add_foreign(samdb, domaindn, S-1-5-7, Anonymous) +add_foreign(samdb, domaindn, S-1-1-0, World) +add_foreign(samdb, domaindn, S-1-5-2, Network) +add_foreign(samdb, domaindn, S-1-5-18, System) +add_foreign(samdb, domaindn, S-1-5-11, Authenticated Users) idmap.setup_name_mapping(S-1-5-7, idmap.TYPE_UID, nobody_uid) idmap.setup_name_mapping(S-1-5-32-544, idmap.TYPE_GID, wheel_gid) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1051-g36f828b
The branch, master has been updated via 36f828bafb973586157e9745593418994a962a34 (commit) from 87921bf694cf5c733de0179cf188c6a5cbaf48f0 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 36f828bafb973586157e9745593418994a962a34 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Mon Aug 17 11:06:39 2009 +0200 Revert s4:samdb python bindings - we don't need the attributes here This reverts commit 53ef426e6f68728763436bd0cd3dd91180c00579. As abartlet pointed out this causes to load all attributes and therefore gives us more here than we need (only the check for the DN)! --- Summary of changes: source4/scripting/python/samba/samdb.py |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index 4daa40d..d9d1212 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -165,7 +165,8 @@ pwdLastSet: 0 assert(domain_dn is not None) res = self.search(domain_dn, scope=ldb.SCOPE_SUBTREE, - expression=filter) + expression=filter, + attrs=[]) assert(len(res) == 1) user_dn = res[0].dn -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1217-g3be12b1
The branch, v3-4-test has been updated via 3be12b15f1758b54456d49368dbca7f25a99f4cc (commit) from e873995e31e2f04e708194287a64c66a32cc4948 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 3be12b15f1758b54456d49368dbca7f25a99f4cc Author: Matt Kraai mkr...@beckman.com Date: Wed Aug 12 08:49:24 2009 +0200 libreplace: undef AI_ADDRCONFIG on QNX 6.3.0 (fix bug #6630) Some of the functions in source3/lib/util_sock.c use AI_ADDRCONFIG. On QNX 6.3.0, this macro is defined but, if it's used, getaddrinfo will fail. This prevents smbd from opening any sockets. If I undefine AI_ADDRCONFIG on such systems and allow lib/replace/system/network.h to define it to be 0, this works around the issue. Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 91d13b68be55728a85b3832e2da9267dbf4f2464) Fixes bug #6630. --- Summary of changes: lib/replace/system/network.h | 14 ++ 1 files changed, 14 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/system/network.h b/lib/replace/system/network.h index 6add99c..4fe1084 100644 --- a/lib/replace/system/network.h +++ b/lib/replace/system/network.h @@ -195,6 +195,20 @@ int rep_socketpair(int d, int type, int protocol, int sv[2]); #endif #endif +/* + * Some of the functions in source3/lib/util_sock.c use AI_ADDRCONFIG. On QNX + * 6.3.0, this macro is defined but, if it's used, getaddrinfo will fail. This + * prevents smbd from opening any sockets. + * + * If I undefine AI_ADDRCONFIG on such systems and define it to be 0, + * this works around the issue. + */ +#ifdef __QNX__ +#include sys/neutrino.h +#if _NTO_VERSION == 630 +#undef AI_ADDRCONFIG +#endif +#endif #ifndef AI_ADDRCONFIG /* * logic copied from AI_NUMERICHOST -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1218-g9fa042b
The branch, v3-4-test has been updated via 9fa042bb9f71057fc869e37d4cc180e8a772b1bb (commit) from 3be12b15f1758b54456d49368dbca7f25a99f4cc (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 9fa042bb9f71057fc869e37d4cc180e8a772b1bb Author: Günther Deschner g...@samba.org Date: Thu Aug 6 17:17:26 2009 +0200 s3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5. Patch from TAKEDA Yasuma yas...@osstech.co.jp. Guenther --- Summary of changes: examples/LDAP/samba-schema-netscapeds5.x |7 ++- 1 files changed, 6 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/LDAP/samba-schema-netscapeds5.x b/examples/LDAP/samba-schema-netscapeds5.x index efc528b..661521c 100644 --- a/examples/LDAP/samba-schema-netscapeds5.x +++ b/examples/LDAP/samba-schema-netscapeds5.x @@ -4,9 +4,11 @@ ## Thomas Mueller 12.04.2003, thomas.muel...@christ-wasser.de ## Richard Renard rren...@idealx.com 2005-01-28 ## - added support for MungedDial, BadPasswordCount, BadPasswordTime, PasswordHistory, LogonHours +## TAKEDA Yasuma yas...@osstech.co.jp 2008-11-06 +## - added sambaTrustedDomainPassword objectClasses ## - in Sun One 5.2 copy it as 99samba-schema-netscapeds5.ldif ## -## Samba 3.0 schema file for Netscape DS 5.x +## Samba 3.2 schema file for Netscape DS 5.x ## ## INSTALL-DIRECTORY/slapd-your_name/config/schema/samba-schema-netscapeds5.ldif @@ -33,6 +35,7 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DE objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY DESC 'Mapping from a SID to an ID' MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL DESC 'Structural Class for a SID' MUST ( sambaSID ) X-ORIGIN 'user defined' ) +objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ) X-ORIGIN 'user defined') attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE X-ORIGIN 'user defined' ) @@ -60,3 +63,5 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT attributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') +attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-5342-ga01f0a4
The branch, v3-3-test has been updated via a01f0a4025d382c1bc82f4992ea4566db4df3818 (commit) from 8d57806544dade748aaac9cc493deb75d4e95735 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit a01f0a4025d382c1bc82f4992ea4566db4df3818 Author: Günther Deschner g...@samba.org Date: Thu Aug 6 17:17:26 2009 +0200 s3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5. Patch from TAKEDA Yasuma yas...@osstech.co.jp. Guenther (cherry picked from commit 9fa042bb9f71057fc869e37d4cc180e8a772b1bb) --- Summary of changes: examples/LDAP/samba-schema-netscapeds5.x |7 ++- 1 files changed, 6 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/LDAP/samba-schema-netscapeds5.x b/examples/LDAP/samba-schema-netscapeds5.x index efc528b..661521c 100644 --- a/examples/LDAP/samba-schema-netscapeds5.x +++ b/examples/LDAP/samba-schema-netscapeds5.x @@ -4,9 +4,11 @@ ## Thomas Mueller 12.04.2003, thomas.muel...@christ-wasser.de ## Richard Renard rren...@idealx.com 2005-01-28 ## - added support for MungedDial, BadPasswordCount, BadPasswordTime, PasswordHistory, LogonHours +## TAKEDA Yasuma yas...@osstech.co.jp 2008-11-06 +## - added sambaTrustedDomainPassword objectClasses ## - in Sun One 5.2 copy it as 99samba-schema-netscapeds5.ldif ## -## Samba 3.0 schema file for Netscape DS 5.x +## Samba 3.2 schema file for Netscape DS 5.x ## ## INSTALL-DIRECTORY/slapd-your_name/config/schema/samba-schema-netscapeds5.ldif @@ -33,6 +35,7 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DE objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY DESC 'Mapping from a SID to an ID' MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL DESC 'Structural Class for a SID' MUST ( sambaSID ) X-ORIGIN 'user defined' ) +objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ) X-ORIGIN 'user defined') attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE X-ORIGIN 'user defined' ) @@ -60,3 +63,5 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT attributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') +attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-3654-g6a91468
The branch, v3-2-test has been updated via 6a91468853d9c37993d109b079eb042d1b33cba9 (commit) from bdccf9831ae530b55d1819c040a3ee5448b24ac3 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 6a91468853d9c37993d109b079eb042d1b33cba9 Author: Günther Deschner g...@samba.org Date: Thu Aug 6 17:17:26 2009 +0200 s3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5. Patch from TAKEDA Yasuma yas...@osstech.co.jp. Guenther (cherry picked from commit 9fa042bb9f71057fc869e37d4cc180e8a772b1bb) (cherry picked from commit a01f0a4025d382c1bc82f4992ea4566db4df3818) --- Summary of changes: examples/LDAP/samba-schema-netscapeds5.x |7 ++- 1 files changed, 6 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/LDAP/samba-schema-netscapeds5.x b/examples/LDAP/samba-schema-netscapeds5.x index efc528b..661521c 100644 --- a/examples/LDAP/samba-schema-netscapeds5.x +++ b/examples/LDAP/samba-schema-netscapeds5.x @@ -4,9 +4,11 @@ ## Thomas Mueller 12.04.2003, thomas.muel...@christ-wasser.de ## Richard Renard rren...@idealx.com 2005-01-28 ## - added support for MungedDial, BadPasswordCount, BadPasswordTime, PasswordHistory, LogonHours +## TAKEDA Yasuma yas...@osstech.co.jp 2008-11-06 +## - added sambaTrustedDomainPassword objectClasses ## - in Sun One 5.2 copy it as 99samba-schema-netscapeds5.ldif ## -## Samba 3.0 schema file for Netscape DS 5.x +## Samba 3.2 schema file for Netscape DS 5.x ## ## INSTALL-DIRECTORY/slapd-your_name/config/schema/samba-schema-netscapeds5.ldif @@ -33,6 +35,7 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DE objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY DESC 'Mapping from a SID to an ID' MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL DESC 'Structural Class for a SID' MUST ( sambaSID ) X-ORIGIN 'user defined' ) +objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ) X-ORIGIN 'user defined') attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE X-ORIGIN 'user defined' ) @@ -60,3 +63,5 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT attributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') +attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-3655-g58ec192
The branch, v3-2-test has been updated via 58ec19243e59e05e0356760115c394b3a0158a63 (commit) from 6a91468853d9c37993d109b079eb042d1b33cba9 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 58ec19243e59e05e0356760115c394b3a0158a63 Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 17 11:25:42 2009 +0200 Revert s3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5. This reverts commit 6a91468853d9c37993d109b079eb042d1b33cba9. Forgot for a second that there won't be any 3.2 maintenance releases... --- Summary of changes: examples/LDAP/samba-schema-netscapeds5.x |7 +-- 1 files changed, 1 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/LDAP/samba-schema-netscapeds5.x b/examples/LDAP/samba-schema-netscapeds5.x index 661521c..efc528b 100644 --- a/examples/LDAP/samba-schema-netscapeds5.x +++ b/examples/LDAP/samba-schema-netscapeds5.x @@ -4,11 +4,9 @@ ## Thomas Mueller 12.04.2003, thomas.muel...@christ-wasser.de ## Richard Renard rren...@idealx.com 2005-01-28 ## - added support for MungedDial, BadPasswordCount, BadPasswordTime, PasswordHistory, LogonHours -## TAKEDA Yasuma yas...@osstech.co.jp 2008-11-06 -## - added sambaTrustedDomainPassword objectClasses ## - in Sun One 5.2 copy it as 99samba-schema-netscapeds5.ldif ## -## Samba 3.2 schema file for Netscape DS 5.x +## Samba 3.0 schema file for Netscape DS 5.x ## ## INSTALL-DIRECTORY/slapd-your_name/config/schema/samba-schema-netscapeds5.ldif @@ -35,7 +33,6 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DE objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY DESC 'Mapping from a SID to an ID' MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL DESC 'Structural Class for a SID' MUST ( sambaSID ) X-ORIGIN 'user defined' ) -objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ) X-ORIGIN 'user defined') attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE X-ORIGIN 'user defined' ) @@ -63,5 +60,3 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT attributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) -attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') -attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1055-g7a79d16
The branch, master has been updated via 7a79d161838efcec27a159fc40481e7be419b778 (commit) via 0a5ea25d21a9745508e118a20fca837e74b031df (commit) via 0a46fd630e38134a080214119e5712673687f7c0 (commit) via faedda0455da90aa8d5500eb2263b6ade3b72ec1 (commit) from 36f828bafb973586157e9745593418994a962a34 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7a79d161838efcec27a159fc40481e7be419b778 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Aug 15 15:20:09 2009 +0200 s4: Major rework of the LDB/SAMDB/IDMAP python bindings - Centralise the lookups for the default domain (root) in the call domain_dn - Reduce the LDB connections attempts (connect calls) from three to one - tools should load faster - Make the LDB connection init more like the ldb_wrap_connection call - Load the right UTF8 casefolder which fixes up problems with special characters (discovered by me: e.g. small Umlaute (ä, ö, ü, ...) in the DN weren't upcased - so records seemed lost in TDB) commit 0a5ea25d21a9745508e118a20fca837e74b031df Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Mon Aug 17 11:47:53 2009 +0200 s4:python tools - Centralise the lookups for the default domain (root) in the call domain_dn from SamDB commit 0a46fd630e38134a080214119e5712673687f7c0 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Mon Aug 17 11:46:23 2009 +0200 s4:pyglue Add a wrapper for loading the correct UTF8 casefolder Needed for special characters (e.g. in German Umlaute) commit faedda0455da90aa8d5500eb2263b6ade3b72ec1 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Sat Aug 15 15:18:46 2009 +0200 s4:ldb python bindings: Handle the parameters of the connect call in the right way --- Summary of changes: source4/lib/ldb/pyldb.c| 10 +++- source4/scripting/python/pyglue.c | 20 source4/scripting/python/samba/__init__.py | 35 +- source4/scripting/python/samba/idmap.py| 26 +- source4/scripting/python/samba/samdb.py| 51 source4/setup/enableaccount| 11 +--- source4/setup/pwsettings | 12 ++--- 7 files changed, 92 insertions(+), 73 deletions(-) delete mode 100644 source4/scripting/python/samba/tests/dcerpc/__init__.py Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c index a9425b5..5825f88 100644 --- a/source4/lib/ldb/pyldb.c +++ b/source4/lib/ldb/pyldb.c @@ -6,6 +6,7 @@ Copyright (C) 2005,2006 Tim Potter t...@samba.org Copyright (C) 2006 Simo Sorce i...@samba.org Copyright (C) 2007-2009 Jelmer Vernooij jel...@samba.org + Copyright (C) 2009 Matthias Dieter Wallnöfer ** NOTE! The following LGPL license applies to the ldb ** library. This does NOT imply that all of Samba is released @@ -612,7 +613,7 @@ static PyObject *py_ldb_connect(PyLdbObject *self, PyObject *args, PyObject *kwa const char **options; const char * const kwnames[] = { url, flags, options, NULL }; - if (!PyArg_ParseTupleAndKeywords(args, kwargs, s|iO, + if (!PyArg_ParseTupleAndKeywords(args, kwargs, |ziO, discard_const_p(char *, kwnames), url, flags, py_options)) return NULL; @@ -2327,9 +2328,14 @@ void initldb(void) PyModule_AddObject(m, ERR_ENTRY_ALREADY_EXISTS, PyInt_FromLong(LDB_ERR_ENTRY_ALREADY_EXISTS)); PyModule_AddObject(m, ERR_OBJECT_CLASS_MODS_PROHIBITED, PyInt_FromLong(LDB_ERR_OBJECT_CLASS_MODS_PROHIBITED)); PyModule_AddObject(m, ERR_AFFECTS_MULTIPLE_DSAS, PyInt_FromLong(LDB_ERR_AFFECTS_MULTIPLE_DSAS)); - PyModule_AddObject(m, ERR_OTHER, PyInt_FromLong(LDB_ERR_OTHER)); +PyModule_AddObject(m, FLG_RDONLY, PyInt_FromLong(LDB_FLG_RDONLY)); +PyModule_AddObject(m, FLG_NOSYNC, PyInt_FromLong(LDB_FLG_NOSYNC)); +PyModule_AddObject(m, FLG_RECONNECT, PyInt_FromLong(LDB_FLG_RECONNECT)); +PyModule_AddObject(m, FLG_NOMMAP, PyInt_FromLong(LDB_FLG_NOMMAP)); + + PyModule_AddObject(m, __docformat__, PyString_FromString(restructuredText)); PyExc_LdbError = PyErr_NewException(discard_const_p(char, _ldb.LdbError), NULL, NULL); diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c index d4db554..f5694e1 100644 --- a/source4/scripting/python/pyglue.c +++ b/source4/scripting/python/pyglue.c @@ -1,6 +1,7 @@ /* Unix SMB/CIFS implementation. Copyright (C) Jelmer Vernooij jel...@samba.org 2007 + Copyright (C) Matthias Dieter Wallnöfer
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1219-g7505f03
The branch, v3-4-test has been updated via 7505f03eee949bb861f6138be8b5ef86be9c7b7f (commit) from 9fa042bb9f71057fc869e37d4cc180e8a772b1bb (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 7505f03eee949bb861f6138be8b5ef86be9c7b7f Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 17 12:50:41 2009 +0200 WHATSNEW: Update changes since 3.4.0. Karolin --- Summary of changes: WHATSNEW.txt |8 1 files changed, 8 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 8ce3f56..2d89514 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -41,6 +41,10 @@ o Günther Deschner g...@samba.org * BUG 6607: Fix crash bug in spoolss_addprinterex_level_2. +o Matt Kraai mkr...@beckman.com +* BUG 6630: Fix opening of sockets on QNX. + + o Volker Lendecke v...@samba.org * BUG 6611: Fix a valgrind error in chain_reply. * Fix linking on Solaris. @@ -60,6 +64,10 @@ o Rusty Russell ru...@rustcorp.com.au * BUG 6601: Avoid global fd limits. +o TAKEDA Yasuma yas...@osstech.co.jp +* BUG 5879: Update LDAP schema for Netscape DS 5. + + o Bo Yang boy...@samba.org * BUG 6560: Fix lookupname. * BUG 6615: Fix browsing of DFS when using kerberos in libsmbclient. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-stable updated - release-3-4-0-35-ge1d73ad
The branch, v3-4-stable has been updated via e1d73ad5256466c078cee699a71244fb4de7f8a4 (commit) via 0f05b1585485ec6dee142bd811e6cc85923bed23 (commit) via ce3636bb502da954dfd79afdeb040b1fbfef6faf (commit) via 3ac99dded70132326ec3f310ad93993ffc68952a (commit) from 2cc5abf53dfe00a4d0fea1edb9d0445fc2f6fa23 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-stable - Log - commit e1d73ad5256466c078cee699a71244fb4de7f8a4 Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 17 12:50:41 2009 +0200 WHATSNEW: Update changes since 3.4.0. Karolin (cherry picked from commit 7505f03eee949bb861f6138be8b5ef86be9c7b7f) commit 0f05b1585485ec6dee142bd811e6cc85923bed23 Author: Günther Deschner g...@samba.org Date: Thu Aug 6 17:17:26 2009 +0200 s3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5. Patch from TAKEDA Yasuma yas...@osstech.co.jp. Guenther (cherry picked from commit 9fa042bb9f71057fc869e37d4cc180e8a772b1bb) commit ce3636bb502da954dfd79afdeb040b1fbfef6faf Author: Matt Kraai mkr...@beckman.com Date: Wed Aug 12 08:49:24 2009 +0200 libreplace: undef AI_ADDRCONFIG on QNX 6.3.0 (fix bug #6630) Some of the functions in source3/lib/util_sock.c use AI_ADDRCONFIG. On QNX 6.3.0, this macro is defined but, if it's used, getaddrinfo will fail. This prevents smbd from opening any sockets. If I undefine AI_ADDRCONFIG on such systems and allow lib/replace/system/network.h to define it to be 0, this works around the issue. Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 91d13b68be55728a85b3832e2da9267dbf4f2464) Fixes bug #6630. (cherry picked from commit 3be12b15f1758b54456d49368dbca7f25a99f4cc) commit 3ac99dded70132326ec3f310ad93993ffc68952a Author: Karolin Seeger ksee...@samba.org Date: Fri Aug 14 16:18:36 2009 +0200 WHATSNEW: Update changes. Karolin (cherry picked from commit e873995e31e2f04e708194287a64c66a32cc4948) --- Summary of changes: WHATSNEW.txt |8 ++-- examples/LDAP/samba-schema-netscapeds5.x |7 ++- lib/replace/system/network.h | 14 ++ 3 files changed, 26 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index fb63551..2d89514 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -41,6 +41,10 @@ o Günther Deschner g...@samba.org * BUG 6607: Fix crash bug in spoolss_addprinterex_level_2. +o Matt Kraai mkr...@beckman.com +* BUG 6630: Fix opening of sockets on QNX. + + o Volker Lendecke v...@samba.org * BUG 6611: Fix a valgrind error in chain_reply. * Fix linking on Solaris. @@ -60,8 +64,8 @@ o Rusty Russell ru...@rustcorp.com.au * BUG 6601: Avoid global fd limits. -o Jelmer Vernooij jel...@samba.org -* Fix build with external talloc. +o TAKEDA Yasuma yas...@osstech.co.jp +* BUG 5879: Update LDAP schema for Netscape DS 5. o Bo Yang boy...@samba.org diff --git a/examples/LDAP/samba-schema-netscapeds5.x b/examples/LDAP/samba-schema-netscapeds5.x index efc528b..661521c 100644 --- a/examples/LDAP/samba-schema-netscapeds5.x +++ b/examples/LDAP/samba-schema-netscapeds5.x @@ -4,9 +4,11 @@ ## Thomas Mueller 12.04.2003, thomas.muel...@christ-wasser.de ## Richard Renard rren...@idealx.com 2005-01-28 ## - added support for MungedDial, BadPasswordCount, BadPasswordTime, PasswordHistory, LogonHours +## TAKEDA Yasuma yas...@osstech.co.jp 2008-11-06 +## - added sambaTrustedDomainPassword objectClasses ## - in Sun One 5.2 copy it as 99samba-schema-netscapeds5.ldif ## -## Samba 3.0 schema file for Netscape DS 5.x +## Samba 3.2 schema file for Netscape DS 5.x ## ## INSTALL-DIRECTORY/slapd-your_name/config/schema/samba-schema-netscapeds5.ldif @@ -33,6 +35,7 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DE objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY DESC 'Mapping from a SID to an ID' MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL DESC 'Structural Class for a SID' MUST ( sambaSID ) X-ORIGIN 'user defined' ) +objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY (
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1056-g3dee92f
The branch, master has been updated via 3dee92fcb9af917da439e2c0cb10449d09d4c9ff (commit) from 7a79d161838efcec27a159fc40481e7be419b778 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3dee92fcb9af917da439e2c0cb10449d09d4c9ff Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 17 21:40:19 2009 +1000 fixed the build the changes from Matthias didn't take account of url and lp being None in some ldb python instances in 'make test' --- Summary of changes: source4/scripting/python/samba/__init__.py |8 +--- 1 files changed, 5 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py index 5379530..59a6e00 100644 --- a/source4/scripting/python/samba/__init__.py +++ b/source4/scripting/python/samba/__init__.py @@ -98,11 +98,13 @@ class Ldb(ldb.Ldb): glue.ldb_set_utf8_casefold(self) # Allow admins to force non-sync ldb for all databases -nosync_p = lp.get(nosync, ldb) -if nosync_p is not None and nosync_p == true: +if lp is not None: +nosync_p = lp.get(nosync, ldb) +if nosync_p is not None and nosync_p == true: flags |= FLG_NOSYNC -self.connect(url, flags, options) +if url is not None: +self.connect(url, flags, options) def set_credentials(self, credentials): glue.ldb_set_credentials(self, credentials) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1057-g6cc9e4b
The branch, master has been updated via 6cc9e4b9006e3f10ff88d20ecd0dd26c2fa63611 (commit) from 3dee92fcb9af917da439e2c0cb10449d09d4c9ff (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6cc9e4b9006e3f10ff88d20ecd0dd26c2fa63611 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Mon Aug 17 13:10:16 2009 +0200 s4: Fixed the int32 datatype support Should finally fix bug #6136 (groupType, sAMAccountType ... attributes). --- Summary of changes: source4/dsdb/samdb/ldb_modules/simple_ldap_map.c |2 +- source4/lib/ldb-samba/ldif_handlers.c|6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c index fe1de1c..8fb639f 100644 --- a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c +++ b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c @@ -147,7 +147,7 @@ static struct ldb_val objectCategory_always_dn(struct ldb_module *module, TALLOC static struct ldb_val normalise_to_signed32(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val) { struct ldb_val out; - int32_t i = (int32_t) strtol((char *)val-data, NULL, 0); + int32_t i = (int32_t) strtoll((char *)val-data, NULL, 0); out = data_blob_string_const(talloc_asprintf(ctx, %d, i)); return out; } diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c index 2d3d2b9..acf8af7 100644 --- a/source4/lib/ldb-samba/ldif_handlers.c +++ b/source4/lib/ldb-samba/ldif_handlers.c @@ -649,7 +649,7 @@ static int ldif_canonicalise_int32(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out) { char *end; - int32_t i = (int32_t) strtol((char *)in-data, end, 0); + int32_t i = (int32_t) strtoll((char *)in-data, end, 0); if (*end != 0) { return -1; } @@ -665,8 +665,8 @@ static int ldif_canonicalise_int32(struct ldb_context *ldb, void *mem_ctx, static int ldif_comparison_int32(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *v1, const struct ldb_val *v2) { - return (int32_t) strtol((char *)v1-data, NULL, 0) -- (int32_t) strtol((char *)v2-data, NULL, 0); + return (int32_t) strtoll((char *)v1-data, NULL, 0) +- (int32_t) strtoll((char *)v2-data, NULL, 0); } static int extended_dn_write_hex(struct ldb_context *ldb, void *mem_ctx, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1058-g1b09e36
The branch, master has been updated via 1b09e36f0bc1942a5156715db21aed1ad403800e (commit) from 6cc9e4b9006e3f10ff88d20ecd0dd26c2fa63611 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1b09e36f0bc1942a5156715db21aed1ad403800e Author: Andrew Tridgell tri...@samba.org Date: Mon Aug 17 22:45:51 2009 +1000 fixed make test reporting success when provision fails We were getting build test 'pass' on the build farm when the provision is failing. The cause was the use of filter pipelines in the selftest code in the makefile. A bourne shell will by default report the error status of the last element of the pipeline, which means when provision failed, make thought everything had passed. We could use the bash 'pipefail' option to fix this, but it isn't portable, so instead I've modified the makefile to touch st/st_done when the first element in the pipeline completes successfully. That means we now get errors in make test, at the expense of making the makefile even more horrible than it was. --- Summary of changes: source4/selftest/config.mk | 75 ++-- 1 files changed, 51 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/selftest/config.mk b/source4/selftest/config.mk index 51aa771..9d4fb4b 100644 --- a/source4/selftest/config.mk +++ b/source4/selftest/config.mk @@ -1,10 +1,16 @@ TEST_FORMAT = plain -SELFTEST = $(LD_LIBPATH_OVERRIDE) PYTHON=$(PYTHON) \ +SELFTEST = ( rm -f $(selftest_prefix)/st_done $(LD_LIBPATH_OVERRIDE) PYTHON=$(PYTHON) \ $(PERL) $(selftestdir)/selftest.pl --prefix=${selftest_prefix} \ --builddir=$(builddir) --srcdir=$(srcdir) \ --exclude=$(srcdir)/selftest/skip --testlist=./selftest/tests.sh| \ -$(TEST_OPTIONS) +$(TEST_OPTIONS) +# this strange code is to handle the fact that the bash pipefail option is +# not portable. When we run selftest we use a pipeline, and the first element +# of that pipeline might abort. We need to catch this and mark the test +# as having failed +ST_TOUCH = touch $(selftest_prefix)/st_done ) +ST_DONE_TEST = @test -f $(selftest_prefix)/st_done || { echo SELFTEST FAILED; exit 1; } SELFTEST_NOSLOW_OPTS = --exclude=$(srcdir)/selftest/slow SELFTEST_QUICK_OPTS = $(SELFTEST_NOSLOW_OPTS) --quick --include=$(srcdir)/selftest/quick @@ -12,56 +18,71 @@ FILTER_XFAIL = $(PERL) $(selftestdir)/filter-subunit.pl --expected-failures=$(sr FORMAT_TEST_OUTPUT = $(FILTER_XFAIL) | $(PERL) $(selftestdir)/format-subunit.pl --format=$(TEST_FORMAT) test-subunit:: everything - $(SELFTEST) --socket-wrapper $(TESTS) + $(SELFTEST) --socket-wrapper $(TESTS) $(ST_TOUCH) + $(ST_DONE_TEST) slowtest:: everything - $(SELFTEST) $(DEFAULT_TEST_OPTIONS) $(TESTS) | $(FORMAT_TEST_OUTPUT) --immediate + $(SELFTEST) $(DEFAULT_TEST_OPTIONS) $(TESTS) $(ST_TOUCH) | $(FORMAT_TEST_OUTPUT) --immediate + $(ST_DONE_TEST) ifeq ($(RUN_FROM_BUILD_FARM),yes) test:: everything - $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) $(TESTS) | $(FILTER_XFAIL) --strip-passed-output + $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) $(TESTS) $(ST_TOUCH) | $(FILTER_XFAIL) --strip-passed-output + $(ST_DONE_TEST) else test:: everything - $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) $(TESTS) | $(FORMAT_TEST_OUTPUT) --immediate + $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) $(TESTS) $(ST_TOUCH) | $(FORMAT_TEST_OUTPUT) --immediate + $(ST_DONE_TEST) endif kvmtest:: everything $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) \ - --target=kvm --image=$(KVM_IMAGE) | $(FORMAT_TEST_OUTPUT) --immediate + --target=kvm --image=$(KVM_IMAGE) $(ST_TOUCH) | $(FORMAT_TEST_OUTPUT) --immediate + $(ST_DONE_TEST) kvmquicktest:: everything $(SELFTEST) $(DEFAULT_TEST_OPTIONS) \ - $(SELFTEST_QUICK_OPTS) --target=kvm --image=$(KVM_IMAGE) | $(FORMAT_TEST_OUTPUT) | $(FORMAT_TEST_OUTPUT) --immediate + $(SELFTEST_QUICK_OPTS) --target=kvm --image=$(KVM_IMAGE) $(ST_TOUCH) | $(FORMAT_TEST_OUTPUT) | $(FORMAT_TEST_OUTPUT) --immediate + $(ST_DONE_TEST) testone:: everything - $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) --one $(TESTS) | $(FORMAT_TEST_OUTPUT) + $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) --one $(TESTS) $(ST_TOUCH) | $(FORMAT_TEST_OUTPUT) + $(ST_DONE_TEST) test-swrap:: everything - $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --socket-wrapper $(TESTS) | $(FORMAT_TEST_OUTPUT) --immediate + $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --socket-wrapper $(TESTS) $(ST_TOUCH) | $(FORMAT_TEST_OUTPUT)
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1060-gabe7648
The branch, master has been updated via abe7648609949847c15089cb5096176eba8a6dfa (commit) via 53196955d47293ebf5956ddbdbbbc131e7116a78 (commit) from 1b09e36f0bc1942a5156715db21aed1ad403800e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit abe7648609949847c15089cb5096176eba8a6dfa Author: Günther Deschner g...@samba.org Date: Mon Aug 17 16:49:24 2009 +0200 netlogon: document some more MSVC flags. Some of these were observed during password changing from win7 using a samba 3.4 PDC. Guenther commit 53196955d47293ebf5956ddbdbbbc131e7116a78 Author: Günther Deschner g...@samba.org Date: Wed Aug 12 14:59:44 2009 +0200 s3-spoolss: remove another duplicate copy of print_architecture_table. Guenther --- Summary of changes: librpc/gen_ndr/ndr_netlogon.c | 13 + librpc/gen_ndr/netlogon.h | 13 + librpc/idl/netlogon.idl | 15 ++- source3/rpc_server/srv_spoolss_nt.c | 35 --- 4 files changed, 52 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/gen_ndr/ndr_netlogon.c b/librpc/gen_ndr/ndr_netlogon.c index 30c8d9d..18969ec 100644 --- a/librpc/gen_ndr/ndr_netlogon.c +++ b/librpc/gen_ndr/ndr_netlogon.c @@ -296,9 +296,22 @@ _PUBLIC_ void ndr_print_netr_LogonParameterControl(struct ndr_print *ndr, const ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_CLEARTEXT_PASSWORD_ALLOWED, MSV1_0_CLEARTEXT_PASSWORD_ALLOWED, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_UPDATE_LOGON_STATISTICS, MSV1_0_UPDATE_LOGON_STATISTICS, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_RETURN_USER_PARAMETERS, MSV1_0_RETURN_USER_PARAMETERS, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_DONT_TRY_GUEST_ACCOUNT, MSV1_0_DONT_TRY_GUEST_ACCOUNT, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT, MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_RETURN_PASSWORD_EXPIRY, MSV1_0_RETURN_PASSWORD_EXPIRY, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_USE_CLIENT_CHALLENGE, MSV1_0_USE_CLIENT_CHALLENGE, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_TRY_GUEST_ACCOUNT_ONLY, MSV1_0_TRY_GUEST_ACCOUNT_ONLY, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_RETURN_PROFILE_PATH, MSV1_0_RETURN_PROFILE_PATH, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY, MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT, MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_DISABLE_PERSONAL_FALLBACK, MSV1_0_DISABLE_PERSONAL_FALLBACK, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_ALLOW_FORCE_GUEST, MSV1_0_ALLOW_FORCE_GUEST, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED, MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY, MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_ALLOW_MSVCHAPV2, MSV1_0_ALLOW_MSVCHAPV2, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_S4U2SELF, MSV1_0_S4U2SELF, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_CHECK_LOGONHOURS_FOR_S4U, MSV1_0_CHECK_LOGONHOURS_FOR_S4U, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), MSV1_0_SUBAUTHENTICATION_DLL_EX, MSV1_0_SUBAUTHENTICATION_DLL_EX, r); ndr-depth--; } diff --git a/librpc/gen_ndr/netlogon.h b/librpc/gen_ndr/netlogon.h index 6f62107..28307ff 100644 --- a/librpc/gen_ndr/netlogon.h +++ b/librpc/gen_ndr/netlogon.h @@ -53,9 +53,22 @@ struct netr_AcctLockStr { #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED ( 0x0002 ) #define MSV1_0_UPDATE_LOGON_STATISTICS ( 0x0004 ) #define MSV1_0_RETURN_USER_PARAMETERS ( 0x0008 ) +#define MSV1_0_DONT_TRY_GUEST_ACCOUNT ( 0x0010 ) #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT ( 0x0020 ) +#define MSV1_0_RETURN_PASSWORD_EXPIRY ( 0x0040 ) +#define MSV1_0_USE_CLIENT_CHALLENGE ( 0x0080 ) +#define MSV1_0_TRY_GUEST_ACCOUNT_ONLY ( 0x0100 ) #define MSV1_0_RETURN_PROFILE_PATH ( 0x0200 ) +#define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY ( 0x0400 ) #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT ( 0x0800 ) +#define MSV1_0_DISABLE_PERSONAL_FALLBACK ( 0x1000 ) +#define MSV1_0_ALLOW_FORCE_GUEST ( 0x2000 ) +#define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED ( 0x4000 ) +#define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY ( 0x8000 ) +#define MSV1_0_ALLOW_MSVCHAPV2 ( 0x0001 )
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1220-g7def4ab
The branch, v3-4-test has been updated via 7def4ab2da002e9ecc1feaed2916035c214add9f (commit) from 7505f03eee949bb861f6138be8b5ef86be9c7b7f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 7def4ab2da002e9ecc1feaed2916035c214add9f Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 14 16:41:49 2009 +0200 s3:configure: fix the build with external talloc Fixes bug #6532. metze --- Summary of changes: source3/configure.in | 21 + 1 files changed, 13 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index dd60c73..892b836 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -39,17 +39,11 @@ then ]) fi -if test x$enable_external_libtalloc = xno +if test x$enable_external_libtalloc != xyes then m4_include(../lib/talloc/libtalloc.m4) fi -LIBTALLOC_OBJ0= -for obj in ${TALLOC_OBJ}; do - LIBTALLOC_OBJ0=${LIBTALLOC_OBJ0} ${tallocdir}/${obj} -done -AC_SUBST(LIBTALLOC_OBJ0) - m4_include(../lib/tevent/libtevent.m4) LIBTEVENT_OBJ0= @@ -4748,7 +4742,18 @@ LINK_LIBSMBCLIENT=STATIC # TODO: for talloc and tdb (at least), these should # be extracted from their respective source directories # -SMB_LIBRARY(talloc, 1) +if test x$enable_external_libtalloc != xyes +then + SMB_LIBRARY(talloc, 1) + LIBTALLOC_OBJ0= + for obj in ${TALLOC_OBJ}; do + LIBTALLOC_OBJ0=${LIBTALLOC_OBJ0} ${tallocdir}/${obj} + done + AC_SUBST(LIBTALLOC_OBJ0) +else + LIBTALLOC_LIBS=${TALLOC_LIBS} +fi + SMB_LIBRARY(tdb, 1) SMB_LIBRARY(netapi, 0) SMB_LIBRARY(smbclient, 0) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1221-g97e1703
The branch, v3-4-test has been updated via 97e1703ee5f647755129c6e859ea77a38200b3af (commit) from 7def4ab2da002e9ecc1feaed2916035c214add9f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 97e1703ee5f647755129c6e859ea77a38200b3af Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 17 20:27:00 2009 +0200 WHATSNEW: Update changes. Karolin --- Summary of changes: WHATSNEW.txt |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 2d89514..050d342 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -52,6 +52,7 @@ o Volker Lendecke v...@samba.org o Stefan Metzmacher me...@samba.org * BUG 6222: Default to DRSUAPI replication for net rpc vampire keytab. +* BUG 6532: Fix the build with external talloc. * BUG 6538: Cancel all locks that are made before the first failure. * BUG 6627: Raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-stable updated - release-3-4-0-37-g25e378d
The branch, v3-4-stable has been updated via 25e378df1869a7ac514124bb699344a1426556b3 (commit) via 83236f7761f7b526f5e234382b39ead813c8b819 (commit) from e1d73ad5256466c078cee699a71244fb4de7f8a4 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-stable - Log - commit 25e378df1869a7ac514124bb699344a1426556b3 Author: Karolin Seeger ksee...@samba.org Date: Mon Aug 17 20:27:00 2009 +0200 WHATSNEW: Update changes. Karolin (cherry picked from commit 97e1703ee5f647755129c6e859ea77a38200b3af) commit 83236f7761f7b526f5e234382b39ead813c8b819 Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 14 16:41:49 2009 +0200 s3:configure: fix the build with external talloc Fixes bug #6532. metze (cherry picked from commit 7def4ab2da002e9ecc1feaed2916035c214add9f) --- Summary of changes: WHATSNEW.txt |1 + source3/configure.in | 21 + 2 files changed, 14 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 2d89514..050d342 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -52,6 +52,7 @@ o Volker Lendecke v...@samba.org o Stefan Metzmacher me...@samba.org * BUG 6222: Default to DRSUAPI replication for net rpc vampire keytab. +* BUG 6532: Fix the build with external talloc. * BUG 6538: Cancel all locks that are made before the first failure. * BUG 6627: Raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds. diff --git a/source3/configure.in b/source3/configure.in index dd60c73..892b836 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -39,17 +39,11 @@ then ]) fi -if test x$enable_external_libtalloc = xno +if test x$enable_external_libtalloc != xyes then m4_include(../lib/talloc/libtalloc.m4) fi -LIBTALLOC_OBJ0= -for obj in ${TALLOC_OBJ}; do - LIBTALLOC_OBJ0=${LIBTALLOC_OBJ0} ${tallocdir}/${obj} -done -AC_SUBST(LIBTALLOC_OBJ0) - m4_include(../lib/tevent/libtevent.m4) LIBTEVENT_OBJ0= @@ -4748,7 +4742,18 @@ LINK_LIBSMBCLIENT=STATIC # TODO: for talloc and tdb (at least), these should # be extracted from their respective source directories # -SMB_LIBRARY(talloc, 1) +if test x$enable_external_libtalloc != xyes +then + SMB_LIBRARY(talloc, 1) + LIBTALLOC_OBJ0= + for obj in ${TALLOC_OBJ}; do + LIBTALLOC_OBJ0=${LIBTALLOC_OBJ0} ${tallocdir}/${obj} + done + AC_SUBST(LIBTALLOC_OBJ0) +else + LIBTALLOC_LIBS=${TALLOC_LIBS} +fi + SMB_LIBRARY(tdb, 1) SMB_LIBRARY(netapi, 0) SMB_LIBRARY(smbclient, 0) -- Samba Shared Repository