Re: [Samba] Can SAMBA work with 2008 R2 Read Only Domain controller
Hello, I am sorry, I was not clear enough. I am not planing to add the SAMBA server to the domain as a Domain Controller, I would like to add it to the domain as a domain member. How ever, when I try to join the domain when pointing my SAMBA machine to a Microsoft Read Only domain Controller I fail with the error I have mentioned (when pointing to a normal Domain Controller this work, how ever in the planned implementation I might have access only to Microsoft RODC's for joining the domain). Should this work? Best Regards, Hagai --- On Sun, 6/6/10, hagai yaffe hag...@yahoo.com wrote: From: hagai yaffe hag...@yahoo.com Subject: Can SAMBA work with 2008 R2 Read Only Domain controller To: samba@lists.samba.org Date: Sunday, June 6, 2010, 6:12 PM Hello, We are planing to utilize Microsoft 2008 R2 Read Only Domain controller, and deploy RODC's in branches. If I would like to have SAMBA servers in those branches, will I be able to add them to the domain (using net ads join) and work with them, when using the RODC's as domain controllers configured in my smb.conf krb5.conf? I have looked around and did not find any documentation for SAMBA supporting / not supporting this. I have done some testing and failed (I got Failed to join domain: failed to connect to AD: Decrypt integrity check failed Ok from the net ads join command), before investing more time in troubleshooting I hoped that someone could assist and tell me if such a configuration is possible. If this is not possible, it would be great to know why. Best Regards, Hagai -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Installation and management of printer drivers from windows 7 clients (printers and faxes missing!)
En/na Lars Erik Kolden ha escrit: It looks like I have configured everything according to docs, but when I connect to the samba server from windows explorer there is no Printers and faxes icon, just the printers that are picked up from the cups configuration. In a not unexpected twist (coming from microsoft, a company that routinely takes inspiration from Tomasi da Lampedusa's literary work[*]) it's called something different in windows 7 (I don't have a windows 7 box at hand now, but it's view remote printers or something similar on the top address line). printer admin = root, @ntadmins, @smbprintadm It's been deprecated for a while, you now have to grant the SePrintOperatorPrivilege to users/groups: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html#id2608715 Bye [*]http://en.wikipedia.org/wiki/Giuseppe_Tomasi_di_Lampedusa#Works If we want things to stay as they are, things will have to change -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 (Ext.133) Fax +34 93 5883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Slow domain logons with samba PDC
Hi all, I'm using samba 3.4.7 on a debian stable with kernel version 2.6.26-2 smp running on a P4 3.0Ghz with 1Go memory. There are about 50 users in the domain, all worked fine til i upgrade from samba 3.0.14 to samba 3.2.5 from the stable debian repository and then to samba 3.4.7 from the lenny-backports rep, as i've already seen slow logon with the samba 3.2.5. here is the result of a testparm global section: [global] unix charset = iso8859-15 workgroup = X netbios name = SRV interfaces = eth1, lo bind interfaces only = Yes update encrypted = Yes passwd program = /usr/bin/useraccount passwd %u -S passwd chat = *new*password* %n\n *new*password* %n\n *succ* username map = /etc/samba/smbusers unix password sync = Yes log level = 3 log file = /var/log/samba/log.%U max log size = 500 server signing = auto load printers = No logon script = %U.bat logon drive = u: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes wins support = Yes dns proxy = yes The delay from the time we authenticate to the message Loading personal settings is between 10 and 20 seconds, and after everything works fine. I can shortcut this delay by entering Ctrl+alt+Suppr. I don't see nothing in the log, if i tcpdump i don't see any network traffic during this delay. Before the problem appeared, logons took between 1 and 2 seconds. Does someone has an idea of the problem? Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] resolve KDC network address error
Hello Samba-List-Users I have a problem with KDC network name resolution. I tried to google it and sought help on IRC#samba, to no avail. So I'll post my problem here. In the spirit of privacy and normalization all server names in this post are replaced. CAPTIAL server names are actually capitalized in the configuration files. Setup: 1x Debian5 x64 server running samba 3.2.5 2x Windows Server 2008R2 domain controllers (Active Directory running in native mode) some Windows7 Clients here are my configuration files: smb.conf (global section) 8-- # Global parameters [global] netbios name = SAMBASERVER01 workgroup = DOMAIN realm = DOMAIN.LOCAL preferred master = no server string = Productive Datastore interfaces = eth0 172.16.1.15 map to guest = bad user security = ADS encrypt passwords = yes log level = 2 syslog = 2 winbind separator = + printcap name = /etc/printcap printing = load printers = no winbind enum users = yes winbind enum groups = yes winbind use default domain = yes idmap uid = 1-2 idmap gid = 1-2 usershare allow guests = no hide files = /$RECYCLE.BIN/desktop.ini/ vfs objects = full_audit full_audit:prefix = %u|%I|%m|%S full_audit:success = mkdir rename unlink rmdir pwrite full_audit:failure = none #full_audit:facility = LOCAL7 full_audit:priority = NOTICE 8-- krb5.conf 8-- [libdefaults] default_realm = DOMAIN.LOCAL [realms] DOMAIN.LOCAL = { # dc01 is FSMO server kdc = dc01.domain.local kdc = dc02.domain.local admin_server = dc01.megasol.local default_domain = domain.local } [domain_realm] .domain.local = DOMAIN.LOCAL domain.local = DOMAIN.LOCAL 8-- the domain join ran without errors: SAMBASERVER01:~# net ads join -U Administrator Enter Administrator's password: Using short domain name -- DOMAIN Joined 'SAMBASERVER01' to realm 'domain.local' kinit is contempt, too: SAMBASERVER01:~# kinit -V Administrator Password for administra...@domain.local: Authenticated to Kerberos v5 I logged into DC01 using the domain administrator account: I can connect to the samba server; no problems. I logged into a windows7 client using a domain user: I can connect to the samba server; no problems. I logged into a windows7 client user local admin (no domain login): I can't connect to the samba server I use smbclient on SAMBASERVER01: SAMBASERVER01:~# smbclient //SAMBASERVER01/SHARE -U Administrator Enter Administrator's password: session setup failed: NT code 0x0721 I use smbclient on SAMBASERVER01 again: SAMBASERVER01:~# smbclient //SAMBASERVER01/IT -U Administrator Enter Administrator password: session setup failed: NT_STATUS_PIPE_DISCONNECTED I use smbclient using Kerberos authentication: SAMBASERVER01:~# smbclient //SAMBASERVER01/IT -k OS=[Unix] Server=[Samba 3.2.5] smb: \ that works! the smbd and nmbd logs are clean but it seems that winbind ist struggling: log.winbindd 8-- [2010/06/07 10:17:59, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(619) Doing kerberos session setup [2010/06/07 10:17:59, 1] libsmb/clikrb5.c:ads_krb5_mk_req(680) ads_krb5_mk_req: krb5_get_credentials failed for dc...@domain (Cannot resolve network address for KDC in requested realm) [2010/06/07 10:17:59, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(626) cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Cannot resolve network address for KDC in requested realm [2010/06/07 10:17:59, 1] winbindd/winbindd_util.c:trustdom_recv(260) Could not receive trustdoms 8-- I'm at a loss here... can anyone help? Or point me into the right direction? Cheers Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] I have a weird problem with PDC on samba 3.5.3 and I think I need developers' help :)
I'm sorry for the very long debug pasted below but I'm afraid lower debug levels would not give enough useful information about the problem. I've been investigating it for over two weeks with no result. Maybe developers can tell me where to search for the cause - browsing source code is very hard... I have a Samba PDC with LDAP backend. Configuration works fine on 3.0.x version but when I moved to 3.5.x (which I need in order to connect Win7 machines to domain), new machines (Win XP and Win 7) can't join the domain. I tried as well a configuration smbldap-tools (as machine add script) as well as configuration with idmap and winbind. Both don't work. When using the first one Windows returned an error A device connected to the computer doesn't work when trying to join the domain. When using idmap I get an error about wrong password. A record in LDAP directory is created for a moment and then deleted. In both situations logs seem similar - I think key information are (after them the record is deleted): * _netr_ServerAuthenticate: no challenge sent to client D_DEPTULA_VIRT * decode_pw_buffer: incorrect password length (some random number here) It seems to me that machine password is an empty string (but why?) Below parts of logs (debug level=10) which I think can be useful. I'm running out of ideas... please help me... I'm not even sure where to search for the problem... I'm able to browse shared drives, net and smbclient tools also work fine - I can add and delete users, grant rights etc. User Administrator is a member of Domain Admins group which has SeMachineAccountPrivilege. If you need more information don't hestitate to ask! PDC name = MYSMB workstation trying to join = D_DEPTULA_VIRT domain name = MYDOMAIN Debug (samba version 3.5.3): [2010/06/07 11:13:59.288214, 3] rpc_server/srv_pipe.c:2414(api_rpcTNP) api_rpcTNP: rpc command: NETR_SERVERREQCHALLENGE [2010/06/07 11:13:59.288249, 6] rpc_server/srv_pipe.c:2433(api_rpcTNP) api_rpc_cmds[4].fn == 0xb72b9e80 [2010/06/07 11:13:59.288302, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge in: struct netr_ServerReqChallenge server_name : * server_name : '\\MYSMB' computer_name: * computer_name: 'D_DEPTULA_VIRT' credentials : * credentials: struct netr_Credential data : c1d4e6ab7380e9a3 [2010/06/07 11:13:59.288453, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge out: struct netr_ServerReqChallenge return_credentials : * return_credentials: struct netr_Credential data : e7bb0cb2dc4a891a result : NT_STATUS_OK ... [2010/06/07 11:13:59.306615, 3] rpc_server/srv_pipe.c:2414(api_rpcTNP) api_rpcTNP: rpc command: NETR_SERVERAUTHENTICATE [2010/06/07 11:13:59.306650, 6] rpc_server/srv_pipe.c:2433(api_rpcTNP) api_rpc_cmds[5].fn == 0xb72b9b50 [2010/06/07 11:13:59.306698, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate: struct netr_ServerAuthenticate in: struct netr_ServerAuthenticate server_name : * server_name : '\\MYSMB' account_name : * account_name : 'D_DEPTULA_VIRT$' secure_channel_type : SEC_CHAN_WKSTA (2) computer_name: * computer_name: 'D_DEPTULA_VIRT' credentials : * credentials: struct netr_Credential data : ec0ace4aa0ec64ac [2010/06/07 11:13:59.306857, 0] rpc_server/srv_netlog_nt.c:669(_netr_ServerAuthenticate3) _netr_ServerAuthenticate: no challenge sent to client D_DEPTULA_VIRT [2010/06/07 11:13:59.306890, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate: struct netr_ServerAuthenticate out: struct netr_ServerAuthenticate return_credentials : * return_credentials: struct netr_Credential data : result : NT_STATUS_ACCESS_DENIED ... [2010/06/07 11:13:59.922829, 5] auth/auth.c:97(get_ntlm_challenge) auth_get_challenge: module guest did not want to specify a challenge [2010/06/07 11:13:59.922871, 5] auth/auth.c:97(get_ntlm_challenge) auth_get_challenge: module sam did not want to specify a challenge [2010/06/07 11:13:59.922919, 5] auth/auth.c:97(get_ntlm_challenge) auth_get_challenge: module winbind did not want to specify a challenge
Re: [Samba] resolve KDC network address error
On Mon, Jun 7, 2010 at 2:31 AM, Daniel Mueller da_muel...@gmx.net wrote: Hello Samba-List-Users I have a problem with KDC network name resolution. I tried to google it and sought help on IRC#samba, to no avail. So I'll post my problem here. In the spirit of privacy and normalization all server names in this post are replaced. CAPTIAL server names are actually capitalized in the configuration files. Setup: 1x Debian5 x64 server running samba 3.2.5 2x Windows Server 2008R2 domain controllers (Active Directory running in native mode) some Windows7 Clients here are my configuration files: smb.conf (global section) 8-- # Global parameters [global] netbios name = SAMBASERVER01 workgroup = DOMAIN realm = DOMAIN.LOCAL preferred master = no server string = Productive Datastore interfaces = eth0 172.16.1.15 map to guest = bad user security = ADS encrypt passwords = yes log level = 2 syslog = 2 winbind separator = + printcap name = /etc/printcap printing = load printers = no winbind enum users = yes winbind enum groups = yes winbind use default domain = yes idmap uid = 1-2 idmap gid = 1-2 usershare allow guests = no hide files = /$RECYCLE.BIN/desktop.ini/ vfs objects = full_audit full_audit:prefix = %u|%I|%m|%S full_audit:success = mkdir rename unlink rmdir pwrite full_audit:failure = none #full_audit:facility = LOCAL7 full_audit:priority = NOTICE 8-- krb5.conf 8-- [libdefaults] default_realm = DOMAIN.LOCAL [realms] DOMAIN.LOCAL = { # dc01 is FSMO server kdc = dc01.domain.local kdc = dc02.domain.local admin_server = dc01.megasol.local default_domain = domain.local } [domain_realm] .domain.local = DOMAIN.LOCAL domain.local = DOMAIN.LOCAL 8-- the domain join ran without errors: SAMBASERVER01:~# net ads join -U Administrator Enter Administrator's password: Using short domain name -- DOMAIN Joined 'SAMBASERVER01' to realm 'domain.local' kinit is contempt, too: SAMBASERVER01:~# kinit -V Administrator Password for administra...@domain.local: Authenticated to Kerberos v5 I logged into DC01 using the domain administrator account: I can connect to the samba server; no problems. I logged into a windows7 client using a domain user: I can connect to the samba server; no problems. I logged into a windows7 client user local admin (no domain login): I can't connect to the samba server I use smbclient on SAMBASERVER01: SAMBASERVER01:~# smbclient //SAMBASERVER01/SHARE -U Administrator Enter Administrator's password: session setup failed: NT code 0x0721 I use smbclient on SAMBASERVER01 again: SAMBASERVER01:~# smbclient //SAMBASERVER01/IT -U Administrator Enter Administrator password: session setup failed: NT_STATUS_PIPE_DISCONNECTED I use smbclient using Kerberos authentication: SAMBASERVER01:~# smbclient //SAMBASERVER01/IT -k OS=[Unix] Server=[Samba 3.2.5] smb: \ that works! the smbd and nmbd logs are clean but it seems that winbind ist struggling: log.winbindd 8-- [2010/06/07 10:17:59, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(619) Doing kerberos session setup [2010/06/07 10:17:59, 1] libsmb/clikrb5.c:ads_krb5_mk_req(680) ads_krb5_mk_req: krb5_get_credentials failed for dc...@domain (Cannot resolve network address for KDC in requested realm) [2010/06/07 10:17:59, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(626) cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Cannot resolve network address for KDC in requested realm [2010/06/07 10:17:59, 1] winbindd/winbindd_util.c:trustdom_recv(260) Could not receive trustdoms 8-- I'm at a loss here... can anyone help? Or point me into the right direction? Cheers Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba I found this bug and submitted a patch, however, 3.2.x was in security fix status only at the time. I use backports for Lenny as the samba packages in it has the fix. The patch is very simple and could be applied to 3.2.x, see bug 6700 for the patch if you want to recompile 3.2.x. https://bugzilla.samba.org/show_bug.cgi?id=6700 Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] GPFS, samba, robocopy and timestamps
Hi list, I'm trying to use robocopy to move some files over to a samba share backed by GPFS. I keep getting ERROR 50 (0x0032) Time-stamping destination file ... The network request is not supported. What is strange is that the files are still coped over, even though robocopy believes the copy failed, and in the smb log I don't have any errors or erroneous NT_STATS messages. From all indications on the server it looks like the copy was good. Any ideas? Anyone know if GPFS doesn't support the correct precision of timestamps that samba is trying to apply? Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] GPFS, samba, robocopy and timestamps
On Mon, Jun 07, 2010 at 09:21:05AM -0700, big beer wrote: Hi list, I'm trying to use robocopy to move some files over to a samba share backed by GPFS. I keep getting ERROR 50 (0x0032) Time-stamping destination file ... The network request is not supported. What is strange is that the files are still coped over, even though robocopy believes the copy failed, and in the smb log I don't have any errors or erroneous NT_STATS messages. From all indications on the server it looks like the copy was good. Any ideas? Anyone know if GPFS doesn't support the correct precision of timestamps that samba is trying to apply? Can you log a bug and attach a debug level 10 log from smbd and also a wireshark trace of the error request. Can't promise we can fix this given it may be a GPFS bug, but we can certainly take a look. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] strange couldn't find service error message
Hi All. This has got me stumped!!! I created a share the other day like I do all the time. There's about 10 users in the group. All of them can access the share fine, except for one guy. He's a valid user and has many other share drives on this system that are working fine. All 10 users are using a Windows XP platform. The log.smbd has an entry like this for his requests: username (192.168.1.145) couldn't find service share-name for the folder The for the folder part of the error stands out to me, but I don't know what it means. using smbclient locally (and remotely) I can map to this share using his credentials fine.. the share in smb.conf looks like this [share-name] path=/usr/local/share/groups/share-name valid users = @share-name @ntadmin admin users = @ntadmin force group = share-name create mask = 0660 directory mask = 0770 any thoughts ? Matt. -- Matt Ingram Intermediate Unix Administrator, IS Canadian Bank Note Company, Limited \m/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 7 Home to Ubuntu 10.4 Samba 3.4.7 Access denied
Quoting Guy Rouillier (guyr-...@burntmail.com): I have spent many hours researching and trying many different things, starting with this: http://wiki.samba.org/index.php/Windows7. However, I still cannot get Windows 7 Home Premium to connect to a Samba share using user-based security. XP works fine. I keep getting access denied. Just this evening, I finally tried share level security, and both XP and 7 can connect to that, so I'm using that for now. A good way to get some help could be by sending some debug material, such as logs obtained by setting log level = 3 and look in /var/log/samba files? Has the Ubuntu box been upgraded from a situation where it was working well, with an older version of samba? BTW, this valid users = %S thing shoul dbe removed from your [global] section. valid users is a share-level setting and %S is meant to be replace by the share name. IMHO, having it in the [global] section can't do anything good. At best, it is just useless. At worse, this could be the cause of some problems. Not yours, probably as it is overriden by the valid users = guy setting in [data]but I would suggest dropping settings that are piled up in smb.conf *unless* you *know* that there is a need for them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Asynchronous I/O
Hello, Is there any straightforward way to see whether Samba is using asynchronous i/o? In other words, if you specify in smb.conf to use aio for all transfers larger than 1 KB (pretty much everything), how can you tell that aio is actually being used? Are there any counters in Linux or in some samba logs that you can see incrementing over time? Thanks in advance. -- Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Asynchronous I/O
On Mon, Jun 07, 2010 at 07:07:46PM -0400, Andy Liebman wrote: Hello, Is there any straightforward way to see whether Samba is using asynchronous i/o? In other words, if you specify in smb.conf to use aio for all transfers larger than 1 KB (pretty much everything), how can you tell that aio is actually being used? Are there any counters in Linux or in some samba logs that you can see incrementing over time? Currently aio on Linux is horribly broken due to a conservative glibc, which limits asynchronous requests to one outstanding one per file descriptor (which pretty much makes all io synchronous on Linux, whether you set aio sizes or not :-( ). I think this is a bug which needs fixing but haven't yet had time to do the work to prove this to glibc maintanence. This will be increasingly important for SMB2, as the Windows redirector now properly pipelines io (which the SMB1 redirector doesn't). Currently the only way to get real aio on Linux is to use Volker's vfs_aio_fork module, which uses processes to get true async io working. Volker is also doing a lot of work making aio work correctly on Linux (he has a git branch you can track for this). Should be working properly in 3.6.x and above (that's the plan :-). aio on Solaris, HPUX, AIX and other platforms that implement the POSIX aio_XX calls without limitations should be fine. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Microsoft OneNote 2007 painfully slow
We have a user trying to share a OneNote 2007 notebook and it takes minutes to load a 20 KB notebook. I've opened a 500 KB Excel spreadsheet from the same share and it took seconds. Has anyone else run into this problem? We are running Samba 3.4.8 on Debian Squeeze. Thanks, Robert LeBlanc Life Sciences Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] wins or windbind problem? - help please
I have four domains in my LAN. I set up trust relationships for the domains, having each PDC working as wins server for each domain but I hd not set up winbind. I have samba3-3.3.12 + ldap (openldap 2.4.21) as users backend. I mean, I have wins support = yes for each PDC, and I can access to the shared folders of each PDC from any windows computer from my LAN. The samba docs are pretty clear. In order for interdomain trusts to work all PDC's must use the same wins server. I apreciate your time and your answer. Well, in the samba docs you can also read that the use of interdomain trusts requires use of winbind, that's why I'm asking. Well, In the redhat docs, I found also: In a mixed NT/2000/2003 server and Samba environment, it is recommended that you use the Microsoft WINS capabilities. That's why I'm asking for an advice from people who have more experience and knowledge. Thank you, Pablo Chamorro The problem is accessing to windows PCs from different domains. I mean, from pc1-domain1 I can't list the shares of pc2-domain2 (access denied), and when I try to connect to \\pc2-domain2\share the error message is: \\pc2-domain2 is not accesible There are currently no logon servers to service the request logon. Previously I shared the 'share' folder in pc2-domain2 PC and added permissions for users from domain1 and domain2 successfully. Trying from a Linux server, a guest try shows: [user]$ smbclient //pc2-domain2/share Password: Anonymous login successful Domain=[SMINERO] OS=[Windows Server 2003 R2 3790 Service Pack 2] Server=[Windows Server 2003 R2 5.2] tree connect failed: NT_STATUS_ACCESS_DENIED Trying using a user account from domain2: [user]$ smbclient //pc2-domain2/share -U domain2/user Password: session setup failed: NT_STATUS_NO_LOGON_SERVERS The domain2 PDC log is: domain_client_validate: Domain password server not available. [2010/06/05 08:43:40, 5] auth/auth.c:check_ntlm_password(272) check_ntlm_password: winbind authentication for user [x] FAILED with error NT_STATUS_NO_LOGON_SERVERS [2010/06/05 08:43:40, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [xx] - [x] FAILED with error NT_STATUS_NO_LOGON_SERVERS. I tried adding PDC data from the wins.dat file from PDC2 to the wins.file from PDC1 (and in the other way) but it didn't work. I have this: PDC2#00 1275960126 172.25.1.24 66R PDC2#03 1275960126 172.25.1.24 66R PDC2#20 1275960126 172.25.1.24 66R PDC1#00 1276005993 172.25.1.8 66R PDC1#03 1276005993 172.25.1.8 66R PDC1#20 1276005993 172.25.1.8 66R Please, here my questions: 1. Could you please give me an advice for my problem? 2. Should I setup only an only wins server? The one from samba4wins? Where? In one of the PDCs or in other server? Thank you, Pablo Chamorro --- Ext. 8705 Tel: +57 (2) 7302593/7320752/7323272 - Fax: +57 (2) 7325014 Calle 27 N° 9 ESTE - 25, Barrio La Carolina - Pasto Este mensaje de correo electrónico fue analizado por el antivirus institucional Mcafee y su contenido está dirigido para el uso exclusivo de los destinatarios direccionados y puede contener información que es privilegiada, confidencial y exime de divulgación bajo Ley Aplicable. Si usted no es un destinatario previsto o el agente responsable de entregar este email al destinatario (s) previsto, se le notifica por este medio que cualquier uso, difusión, distribución o copia de esta comunicación está prohibida y puede terminantemente ser ilegal. Si usted recibió este email por error, notifique por favor al remitente inmediatamente contestando a este email o por teléfono y borre el email que se le envió por error. This electronic mail message was scanned by the Mcafee anti-virus and its contents are intended only for the use of the addressed recipient(s) and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not an intended recipient, or the agent responsible for dlivering this email to the intended recipient(s), you are hereby notified that any use, dissemination, distribution or copying of this communication is strictly prohibited and may be unlawful. If you received this email in error, please notify the sender immediately by replying to this email or by telephone and delete the email sent in error. Este mensaje de correo electrónico fue analizado por el antivirus institucional Mcafee y su contenido está dirigido para el uso exclusivo de los destinatarios direccionados y puede contener información que es privilegiada, confidencial y exime de divulgación bajo Ley Aplicable. Si usted no es un destinatario previsto o el agente responsable de entregar este email al destinatario (s) previsto, se le notifica por este medio que cualquier uso, difusión, distribución o copia de esta comunicación está prohibida y puede terminantemente ser ilegal. Si usted recibió este email por error, notifique por favor al remitente
[Samba] samba printing from 64-bit windows server 2008
I have a redhat EL5 samba server hosting a collection of printers and joined to a domain. I can connect to this server and print happily from a 32-bit XP box on the domain, but a 64-bit windows server 2008 box cannot connect, and returns the error 0x06d1. I get the same results with samba 3.0.33 (came with redhat), 3.5.3 (the latest from sernet), and 3.3.12 (this message from the samba-technical archives - http://lists.samba.org/archive/samba-technical/2010-February/069145.html - mentions that at least as of February there were issues with 3.4.x+ and 64-bit OS'.) /var/log/samba/log.smb from the time around the failed connection contains: [2010/06/07 14:45:24, 2] lib/access.c:check_access(406) Allowed connection from :::134.114.138.126 (:::134.114.138.126) [Repeated many times] [2010/06/07 14:45:24, 2] rpc_server/srv_spoolss_nt.c:find_printer_index_by_hnd(273) find_printer_index_by_hnd: Printer handle not found: find_printer_index_by_hnd: Printer handle not found: close_printer_handle: Invalid handle (OURS:29459:29459) From the 2008 machine, I can browse the samba server in wexplorer and see the printers, but trying to set up a networked printer generates the error above. Any suggestions? Thanks, - rob. # testparm Load smb config files from /etc/samba/smb.conf Unknown parameter encountered: idmap domains Ignoring unknown parameter idmap domains Processing section [printers] Processing section [print$] Processing section [drivers$] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = NAU-STUDENTS realm = STUDENTS.FROOT.NAU.EDU netbios aliases = dev-acadprtsrv2.ucc.nau.edu server string = Samba Server security = ADS log level = 2 max log size = 50 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 SO_KEEPALIVE printcap name = cups wins server = 134.114.138.35 idmap alloc backend = tdb idmap uid = 1 - 400 idmap gid = 1 - 400 winbind use default domain = Yes idmap alloc config:range = 1 - 400 idmap config FROOT:range = 301 - 400 idmap config FROOT:backend = tdb idmap config FROOT:default = no idmap config NAU:range = 201 - 300 idmap config NAU:backend = tdb idmap config NAU:default = no idmap config NAU-STUDENTS:range = 1 - 200 idmap config NAU-STUDENTS:backend = tdb idmap config NAU-STUDENTS:default = yes hosts allow = 127., 134.114., 10.5. [printers] comment = All Printers path = /var/spool/samba printable = Yes default devmode = No browseable = No [print$] path = /var/lib/samba/drivers write list = @NAU-STUDENTS\Domain Admins, @domain admins force user = root force group = domain admins force create mode = 0664 force directory mode = 0774 browseable = No [drivers$] path = /usr/local/printbilling/drivers/ write list = @NAU-STUDENTS\Domain Admins, @domain admins force user = root force group = domain admins force create mode = 0664 force directory mode = 0774 browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Microsoft OneNote 2007 painfully slow
On Mon, Jun 07, 2010 at 02:44:50PM -0600, Robert LeBlanc wrote: We have a user trying to share a OneNote 2007 notebook and it takes minutes to load a 20 KB notebook. I've opened a 500 KB Excel spreadsheet from the same share and it took seconds. Has anyone else run into this problem? We are running Samba 3.4.8 on Debian Squeeze. Minutes is very strange. Can you set the user's smbd to debug level 10 and look into the timestamped log and see where there are gaps in the timestamp record ? That should give you a clue as to what might be going on. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbldap-tools
For some unknown reason when adding a computer to my domain there are some entries in ldap it is not creating. sambaPrimaryGroupSID sambaPwdCanChange sambaPwdLastSet sambaPwdMustChange Two part question. One, doesnt anyone know of a change to smbldap-tools that would have stopped this from working? I have noticed my user still get those entries. Two, if I know what I would normally have in those entries, is it safe for me just to add them by hand? Thanks for any input. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbldap-tools
Which version of smbldap-tools are you using? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] problems with old and new passwords being accessible
Hey All, I'm using samba and winbind for user authentication, though I'm seeing a problem whereby the users are able to still login with their old passwords for up to 12 hours when they change their password. Is anyone familiar with why this would be occurring? Thanks, Matt Delves -- - Matthew Delves System Administrator Information Systems Networks Infrastructure University of Ballarat ph: 03 5327 9732 email: m.del...@ballarat.edu.au -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Build status as of Mon Jun 7 06:00:01 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-06-06 00:00:02.0 -0600 +++ /home/build/master/cache/broken_results.txt 2010-06-07 00:00:03.0 -0600 @@ -1,4 +1,4 @@ -Build status as of Sun Jun 6 06:00:01 2010 +Build status as of Mon Jun 7 06:00:01 2010 Build counts: Tree Total Broken Panic
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f769671... Fix bug with incorrect flag values for inherited ace in some cases. from 98b98a2... s4:password_hash LDB module - adapt the module to the new ldb_msg_remove_attr behaviour http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f7696717800e82193e2b1ab1b3467e117306a769 Author: Matthew McGillis matt...@mcgillis.org Date: Fri Jun 4 17:48:40 2010 -0700 Fix bug with incorrect flag values for inherited ace in some cases. --- Summary of changes: source3/utils/smbcacls.c |5 + 1 files changed, 5 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 0c7a722..46361ad 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -1026,6 +1026,9 @@ static int inherit(struct cli_state *cli, const char *filename, parent = get_secdesc(cli,parentname); for (i=0;iparent-dacl-num_aces;i++) { struct security_ace *ace=parent-dacl-aces[i]; + /* Add inherited flag to all aces */ + ace-flags=ace-flags| + SEC_ACE_FLAG_INHERITED_ACE; if ((oldattr aDIR) == aDIR) { if ((ace-flags SEC_ACE_FLAG_CONTAINER_INHERIT) == SEC_ACE_FLAG_CONTAINER_INHERIT) { @@ -1034,6 +1037,8 @@ static int inherit(struct cli_state *cli, const char *filename, } else { if ((ace-flags SEC_ACE_FLAG_OBJECT_INHERIT) == SEC_ACE_FLAG_OBJECT_INHERIT) { + /* clear flags for files */ + ace-flags=0; add_ace(old-dacl, ace); } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4591fdb... s3-privileges: use LUID defines from lsa IDL. from f769671... Fix bug with incorrect flag values for inherited ace in some cases. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4591fdbc18b0d7a1117de196675067e88bc341b7 Author: Günther Deschner g...@samba.org Date: Sat Jun 5 02:39:11 2010 +0200 s3-privileges: use LUID defines from lsa IDL. Guenther --- Summary of changes: source3/include/privileges.h| 16 source3/include/proto.h |6 +++--- source3/lib/privileges.c|8 source3/lib/privileges_basic.c | 22 +++--- source3/rpc_server/srv_lsa_nt.c | 10 -- 5 files changed, 26 insertions(+), 36 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/privileges.h b/source3/include/privileges.h index 57d3fc0..35fccd3 100644 --- a/source3/include/privileges.h +++ b/source3/include/privileges.h @@ -25,6 +25,8 @@ #ifndef PRIVILEGES_H #define PRIVILEGES_H +#include ../librpc/gen_ndr/lsa.h + /* privilege bitmask */ #define SE_PRIV_MASKSIZE 4 @@ -79,28 +81,18 @@ extern const SE_PRIV se_take_ownership; */ typedef struct { - uint32 high; - uint32 low; -} LUID; - -typedef struct { - LUID luid; - uint32 attr; -} LUID_ATTR; - -typedef struct { TALLOC_CTX *mem_ctx; bool ext_ctx; uint32 count; uint32 control; - LUID_ATTR *set; + struct lsa_LUIDAttribute *set; } PRIVILEGE_SET; typedef struct { SE_PRIV se_priv; const char *name; const char *description; - LUID luid; + struct lsa_LUID luid; } PRIVS; #endif /* PRIVILEGES_H */ diff --git a/source3/include/proto.h b/source3/include/proto.h index 41ab440..86a725a 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -694,7 +694,7 @@ NTSTATUS privilege_delete_account(const struct dom_sid *sid); NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set); NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set); void privilege_set_free(PRIVILEGE_SET *priv_set); -NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la, int count); +NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la, struct lsa_LUIDAttribute *old_la, int count); bool is_privileged_sid( const struct dom_sid *sid ); bool grant_all_privileges( const struct dom_sid *sid ); @@ -713,8 +713,8 @@ const char* get_privilege_dispname( const char *name ); bool user_has_privileges(const NT_USER_TOKEN *token, const SE_PRIV *privilege); bool user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege); int count_all_privileges( void ); -LUID_ATTR get_privilege_luid( SE_PRIV *mask ); -const char *luid_to_privilege_name(const LUID *set); +struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask ); +const char *luid_to_privilege_name(const struct lsa_LUID *set); bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask ); bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset ); diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 6da8aaa..86f8490 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -441,7 +441,7 @@ void privilege_set_free(PRIVILEGE_SET *priv_set) duplicate alloc luid_attr / -NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la, int count) +NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, struct lsa_LUIDAttribute **new_la, struct lsa_LUIDAttribute *old_la, int count) { int i; @@ -449,9 +449,9 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l return NT_STATUS_OK; if (count) { - *new_la = TALLOC_ARRAY(mem_ctx, LUID_ATTR, count); + *new_la = TALLOC_ARRAY(mem_ctx, struct lsa_LUIDAttribute, count); if ( !*new_la ) { - DEBUG(0,(dup_luid_attr: failed to alloc new LUID_ATTR array [%d]\n, count)); + DEBUG(0,(dup_luid_attr: failed to alloc new struct lsa_LUIDAttribute array [%d]\n, count)); return NT_STATUS_NO_MEMORY; } } else { @@ -461,7 +461,7 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l for (i=0; icount; i++) { (*new_la)[i].luid.high = old_la[i].luid.high; (*new_la)[i].luid.low = old_la[i].luid.low; - (*new_la)[i].attr = old_la[i].attr; + (*new_la)[i].attribute = old_la[i].attribute; } return NT_STATUS_OK; diff --git
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e271a2b... s4-smbtorture: handle printservers w/o printers in RPC-SPOOLSS-ACCESS. from 4591fdb... s3-privileges: use LUID defines from lsa IDL. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e271a2b861206eef65e3c9cc14c3403579d4621a Author: Günther Deschner g...@samba.org Date: Mon Jun 7 11:21:26 2010 +0200 s4-smbtorture: handle printservers w/o printers in RPC-SPOOLSS-ACCESS. Guenther --- Summary of changes: source4/torture/rpc/spoolss_access.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/spoolss_access.c b/source4/torture/rpc/spoolss_access.c index 812a280..2bf0331 100644 --- a/source4/torture/rpc/spoolss_access.c +++ b/source4/torture/rpc/spoolss_access.c @@ -470,7 +470,7 @@ static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx test_EnumPrinters_findone(tctx, spoolss_pipe, printername), failed to enumerate printers); - if (t-user.sd) { + if (t-user.sd printername) { torture_assert(tctx, spoolss_access_setup_sd(tctx, spoolss_pipe, printername, @@ -573,7 +573,7 @@ static bool torture_rpc_spoolss_access_teardown_common(struct torture_context *t } /* restore sd */ - if (t-user.sd) { + if (t-user.sd t-printername) { struct policy_handle handle; struct spoolss_SetPrinterInfoCtr info_ctr; struct spoolss_SetPrinterInfo3 info3; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e206109... s4:ldb python bindings - implement comparison on Python LDB Message objects via 315aeef... s4: Remove an uselessly exposed control from e271a2b... s4-smbtorture: handle printservers w/o printers in RPC-SPOOLSS-ACCESS. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e2061095b52a198fa221d190117dcebbb63058e6 Author: Matthieu Patou m...@matws.net Date: Fri May 7 04:15:28 2010 +0400 s4:ldb python bindings - implement comparison on Python LDB Message objects Coauthors: Jelmer Vernooij, Matthias Dieter Wallnöfer commit 315aeef0f9fa20a4628783241f90dbeacf0b6dc4 Author: Matthieu Patou m...@matws.net Date: Sat Jun 5 19:25:18 2010 +0400 s4: Remove an uselessly exposed control --- Summary of changes: source4/lib/ldb/pyldb.c | 40 +- source4/libcli/ldap/ldap_controls.c |1 - 2 files changed, 38 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c index fd7584d..bbb2e71 100644 --- a/source4/lib/ldb/pyldb.c +++ b/source4/lib/ldb/pyldb.c @@ -5,8 +5,8 @@ Copyright (C) 2005,2006 Tim Potter t...@samba.org Copyright (C) 2006 Simo Sorce i...@samba.org - Copyright (C) 2007-2009 Jelmer Vernooij jel...@samba.org - Copyright (C) 2009 Matthias Dieter Wallnöfer + Copyright (C) 2007-2010 Jelmer Vernooij jel...@samba.org + Copyright (C) 2009-2010 Matthias Dieter Wallnöfer ** NOTE! The following LGPL license applies to the ldb ** library. This does NOT imply that all of Samba is released @@ -2079,6 +2079,41 @@ static void py_ldb_msg_dealloc(PyLdbMessageObject *self) self-ob_type-tp_free(self); } +static int py_ldb_msg_compare(PyLdbMessageObject *py_msg1, + PyLdbMessageObject *py_msg2) +{ + struct ldb_message *msg1 = PyLdbMessage_AsMessage(py_msg1), + *msg2 = PyLdbMessage_AsMessage(py_msg2); + unsigned int i; + int ret; + + ret = ldb_dn_compare(msg1-dn, msg2-dn); + if (ret != 0) { + return ret; + } + + ret = msg1-num_elements - msg2-num_elements; + if (ret != 0) { + return ret; + } + + for (i = 0; i msg1-num_elements; i++) { + ret = ldb_msg_element_compare_name(msg1-elements[i], + msg2-elements[i]); + if (ret != 0) { + return ret; + } + + ret = ldb_msg_element_compare(msg1-elements[i], + msg2-elements[i]); + if (ret != 0) { + return ret; + } + } + + return 0; +} + PyTypeObject PyLdbMessage = { .tp_name = ldb.Message, .tp_methods = py_ldb_msg_methods, @@ -2090,6 +2125,7 @@ PyTypeObject PyLdbMessage = { .tp_repr = (reprfunc)py_ldb_msg_repr, .tp_flags = Py_TPFLAGS_DEFAULT, .tp_iter = (getiterfunc)py_ldb_msg_iter, + .tp_compare = (cmpfunc)py_ldb_msg_compare, }; PyObject *PyLdbTree_FromTree(struct ldb_parse_tree *tree) diff --git a/source4/libcli/ldap/ldap_controls.c b/source4/libcli/ldap/ldap_controls.c index b0c024a..40ce50f 100644 --- a/source4/libcli/ldap/ldap_controls.c +++ b/source4/libcli/ldap/ldap_controls.c @@ -1315,7 +1315,6 @@ static const struct ldap_control_handler ldap_known_controls[] = { { 1.3.6.1.4.1.7165.4.3.7, NULL, NULL }, /* DSDB_EXTENDED_REPLICATED_OBJECTS_OID is internal only, and has no network representation */ { 1.3.6.1.4.1.7165.4.4.1, NULL, NULL }, - { LDB_CONTROL_RECALCULATE_SD_OID, decode_recalculate_sd_request, encode_recalculate_sd_request}, { DSDB_OPENLDAP_DEREFERENCE_CONTROL, decode_openldap_dereference, encode_openldap_dereference}, { LDB_CONTROL_RELAX_OID, decode_relax_request, encode_relax_request }, { NULL, NULL, NULL } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0604df5... s3-lsa: Fix static list of luids in our privileges implementation. via 5def19e... s4-smbtorture: test workstation auth as well in RPC-SPOOLSS-ACCESS. from e206109... s4:ldb python bindings - implement comparison on Python LDB Message objects http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0604df52e3b161e010ad4f1aba1a4bc7973c64c1 Author: Günther Deschner g...@samba.org Date: Mon Jun 7 12:55:43 2010 +0200 s3-lsa: Fix static list of luids in our privileges implementation. The high/low order changed while moving to LSA defines. Found by torture test. Guenther commit 5def19e4dc0b9f15fa30f7895a2b016c4e59abb0 Author: Günther Deschner g...@samba.org Date: Mon Jun 7 12:41:39 2010 +0200 s4-smbtorture: test workstation auth as well in RPC-SPOOLSS-ACCESS. Guenther --- Summary of changes: source3/lib/privileges_basic.c | 18 source4/torture/rpc/spoolss_access.c | 36 - 2 files changed, 43 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c index d174c70..c970478 100644 --- a/source3/lib/privileges_basic.c +++ b/source3/lib/privileges_basic.c @@ -97,15 +97,15 @@ PRIVS privs[] = { {SE_BATCH_LOGON,SeBatchLogonRight,Log on as a batch job, { 0x0, 0x0 }}, {SE_SERVICE_LOGON, SeServiceLogonRight, Log on as a service, { 0x0, 0x0 }}, #endif - {SE_MACHINE_ACCOUNT,SeMachineAccountPrivilege,Add machines to domain, { 0x0, 0x0006 }}, - {SE_TAKE_OWNERSHIP, SeTakeOwnershipPrivilege, Take ownership of files or other objects,{ 0x0, 0x0009 }}, -{SE_BACKUP, SeBackupPrivilege,Back up files and directories, { 0x0, 0x0011 }}, -{SE_RESTORE,SeRestorePrivilege, Restore files and directories, { 0x0, 0x0012 }}, - {SE_REMOTE_SHUTDOWN,SeRemoteShutdownPrivilege,Force shutdown from a remote system, { 0x0, 0x0018 }}, - - {SE_PRINT_OPERATOR, SePrintOperatorPrivilege, Manage printers, { 0x0, 0x1001 }}, - {SE_ADD_USERS, SeAddUsersPrivilege, Add users and groups to the domain, { 0x0, 0x1002 }}, - {SE_DISK_OPERATOR, SeDiskOperatorPrivilege, Manage disk shares, { 0x0, 0x1003 }}, + {SE_MACHINE_ACCOUNT,SeMachineAccountPrivilege,Add machines to domain, { 0x0006,0x0 }}, + {SE_TAKE_OWNERSHIP, SeTakeOwnershipPrivilege, Take ownership of files or other objects,{ 0x0009,0x0 }}, +{SE_BACKUP, SeBackupPrivilege,Back up files and directories, { 0x0011,0x0 }}, +{SE_RESTORE,SeRestorePrivilege, Restore files and directories, { 0x0012,0x0 }}, + {SE_REMOTE_SHUTDOWN,SeRemoteShutdownPrivilege,Force shutdown from a remote system, { 0x0018,0x0 }}, + + {SE_PRINT_OPERATOR, SePrintOperatorPrivilege, Manage printers, { 0x1001,0x0 }}, + {SE_ADD_USERS, SeAddUsersPrivilege, Add users and groups to the domain, { 0x1002,0x0 }}, + {SE_DISK_OPERATOR, SeDiskOperatorPrivilege, Manage disk shares, { 0x1003,0x0 }}, {SE_END, , , { 0x0, 0x0 }} }; diff --git a/source4/torture/rpc/spoolss_access.c b/source4/torture/rpc/spoolss_access.c index 2bf0331..4123664 100644 --- a/source4/torture/rpc/spoolss_access.c +++ b/source4/torture/rpc/spoolss_access.c @@ -36,6 +36,7 @@ #define TORTURE_USER_PRINTOPGROUP torture_user_550 #define TORTURE_USER_PRINTOPPRIV torture_user_priv #define TORTURE_USER_SDtorture_user_sd +#define TORTURE_WORKSTATIONtorture_workstation struct torture_user { const char *username; @@ -414,6 +415,7 @@ static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx struct dcerpc_pipe *p; const char *printername; const char *binding = torture_setting_string(tctx, binding, NULL); + struct dcerpc_pipe *spoolss_pipe; testuser = torture_create_testuser_max_pwlen(tctx, t-user.username, torture_setting_string(tctx, workgroup, NULL), @@ -460,8 +462,6 @@ static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx talloc_free(lsa_pipe); } - struct dcerpc_pipe *spoolss_pipe; -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 04c7484... s3-waf: Build rpc_server/srv_spoolss_util.c too. from 0604df5... s3-lsa: Fix static list of luids in our privileges implementation. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 04c7484cf9e8dd6d2d0b641eb942fcb97a604d9b Author: Andreas Schneider a...@samba.org Date: Thu May 27 09:07:03 2010 +0200 s3-waf: Build rpc_server/srv_spoolss_util.c too. Signed-off-by: Günther Deschner g...@samba.org --- Summary of changes: source3/wscript_build |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/wscript_build b/source3/wscript_build index 983538f..c0e102c 100644 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -389,6 +389,7 @@ RPC_NTSVCS_SRC = '''rpc_server/srv_ntsvcs_nt.c RPC_DFS_SRC = ''' ../librpc/gen_ndr/srv_dfs.c rpc_server/srv_dfs_nt.c''' RPC_SPOOLSS_SRC = '''rpc_server/srv_spoolss_nt.c + rpc_server/srv_spoolss_util.c ../librpc/gen_ndr/srv_spoolss.c''' RPC_EVENTLOG_SRC = '''rpc_server/srv_eventlog_nt.c -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aa32725... s4:ldap.py - add some objectclass behaviour tests via e3c686d... s4:objectclass LDB module - rework the code which handles the objectclasses modification via 17f465a... s4:ldap.py - enhance the attributes testcase to demonstrate how the attributes are checked against the schema and the specified objectclasses via ee278bf... s4:acl LDB module - LDB attribute names should be compared using ldb_attr_cmp or strcasecmp via 566d13c... s4:acl LDB module - adaption for objectclass_attrs module via e7eef53... s4:objectclass LDB module - remove fix_check_attributes via 227144e... s4:samldb LDB module - adjust the module to set always a defaultObjectCategory on objectclass add operations via bd91095... s4:remove the validate_update LDB module - the task is now handled by the far more complete objectclass_attrs LDB module via 2586cba... s4:dsdb - introduce a new objectclass_attrs LDB module which performs the objectclass attributes checking via 9e56b54... s4:objectclass LDB module - instanciate the schema variable centrally on the ac context creation via da90868... s4:samldb LDB module - finally we can remove the RDN check via 9ab3365... s4:ldap.py - enhance the rename tests to demonstrate the functionality via ec9b6f3... s4:objectclass LDB module - finally implement the correct entry rename protections via 0ca17ea... s4:objectclass LDB module - cosmetic change via c6020cc... s4:objectclass LDB module - remove duplicated code via 95da724... s4:objectclass LDB module - fix counter variable types via 0408ec1... s4:objectclass LDB module - explain why the search can return with an empty return via 6afa5a7... s4:objectclass LDB module - this talloc_steal is not necessary via 2d3760c... s4:objectclass LDB module - fix error result if an entry doesn't contain a structural objectclass via 2a294d3... s4:objectclass LDB module - use ldb_oom for expressing out of memory via 3c4336b... s4:objectclass LDB module - fix header and add my copyright from 04c7484... s3-waf: Build rpc_server/srv_spoolss_util.c too. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aa3272588662f1389138a177a4c6644668c052fa Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Jun 3 20:58:43 2010 +0200 s4:ldap.py - add some objectclass behaviour tests commit e3c686daec130fb3c4a7457943173f31851a8e7d Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Jun 5 23:02:25 2010 +0200 s4:objectclass LDB module - rework the code which handles the objectclasses modification Before it has been very incomplete. We try now to match the Windows Server behaviour as close as possible. commit 17f465a4ac5562bec1b40dc97ac414fb3920175b Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Jun 6 23:09:28 2010 +0200 s4:ldap.py - enhance the attributes testcase to demonstrate how the attributes are checked against the schema and the specified objectclasses This demonstrates the bew objectclass_attrs LDB module behaviour. commit ee278bf0c48dbc8b7afc37762ad4f305014a2e2c Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Jun 6 19:06:58 2010 +0200 s4:acl LDB module - LDB attribute names should be compared using ldb_attr_cmp or strcasecmp commit 566d13c5d11ae832285c09f74d25ffdcf0397735 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Jun 5 20:19:31 2010 +0200 s4:acl LDB module - adaption for objectclass_attrs module Since the attribute schema checking code moved back we need to give here the LDB_ERR_NO_SUCH_ATTRIBUTE error. commit e7eef53fe543c940f7a792b16d037fed8d7743ec Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Jun 5 19:11:25 2010 +0200 s4:objectclass LDB module - remove fix_check_attributes Also this task is now performed by the objectclass_attrs LDB module. commit 227144e0503504d4c716af4a4e92dc6397c705de Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Jun 6 19:53:33 2010 +0200 s4:samldb LDB module - adjust the module to set always a defaultObjectCategory on objectclass add operations This is needed to make the objectclass_attrs LDB module happy. The search check and case adjustment are done as it was using a second modify operation. commit bd910952ba2256ff54c0e48a6feda285b9fbb8a5 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Jun 5 19:09:51 2010 +0200 s4:remove the validate_update LDB module - the task is now handled by the far more complete objectclass_attrs LDB module commit 2586cbaadcdf9baf77be5ec5b612cff324ab19a8 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sat Jun 5 17:34:35 2010 +0200 s4:dsdb - introduce a new
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 00089fd... s3:auth make sure the primary group sid is usable via 048575d... s3:auth return the full passwd struct from check_account via 0a7ff14... s3:passdb Export function to calculate the proper primary group sid via aaf45cd... s3:auth remove unused structure member via aa1a3cb... s3:auth create nt token from info3 directly via e6456df... s3:auth handle unix domain sids in samu via 61823fb... s3:auth set the resolved user sid in the fake sam account via ef94217... s3:auth check the user is valid first via 1bb0afa... s3:auth make sure we set the right username from aa32725... s4:ldap.py - add some objectclass behaviour tests http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 00089fd74af740f832573d904312854e494a869e Author: Simo Sorce sso...@redhat.com Date: Sat May 29 11:29:29 2010 -0400 s3:auth make sure the primary group sid is usable This function was previously performed under the cover by converting back and forth from info3 to samu and then later from samu to info3. Since we now shortcircuit that in some cases, check explicitly using get_primary_group_sid() Signed-off-by: Andrew Bartlett abart...@samba.org commit 048575defba064a8d9f0e4eb542a299dc8730327 Author: Simo Sorce sso...@redhat.com Date: Sat May 29 11:02:47 2010 -0400 s3:auth return the full passwd struct from check_account Signed-off-by: Andrew Bartlett abart...@samba.org commit 0a7ff146171abd2dee4aac44e4f2c6c812f1027e Author: Simo Sorce sso...@redhat.com Date: Sat May 29 10:51:40 2010 -0400 s3:passdb Export function to calculate the proper primary group sid Don't keep it buried in passdb, this function need to be available for use in places where we do not want to construct an artificial samu struct just to play tricks. Signed-off-by: Andrew Bartlett abart...@samba.org commit aaf45cd48ecf8e9f640a6f487b66785d47b8154a Author: Simo Sorce sso...@redhat.com Date: Fri May 28 17:03:18 2010 -0400 s3:auth remove unused structure member sids are now completely handled using info3, remove dead code that fills server info sids and the structure members themselves Signed-off-by: Andrew Bartlett abart...@samba.org commit aa1a3cbad2ed62d5b59c48a6e7726eef4776f461 Author: Simo Sorce sso...@redhat.com Date: Fri May 28 16:16:53 2010 -0400 s3:auth create nt token from info3 directly Signed-off-by: Andrew Bartlett abart...@samba.org commit e6456df1489ec964445dfd6f009f9f75377b3d11 Author: Simo Sorce sso...@redhat.com Date: Fri May 28 13:18:13 2010 -0400 s3:auth handle unix domain sids in samu When we generate a user out of thin air we may end up adding sids that are not part of the sam domain (unix domain sids). Handle the case and preserve these sids as extra sids. Signed-off-by: Andrew Bartlett abart...@samba.org commit 61823fb8852cb8d66c341ecd54e7fb96abc4363a Author: Simo Sorce sso...@redhat.com Date: Fri May 28 13:22:41 2010 -0400 s3:auth set the resolved user sid in the fake sam account Signed-off-by: Andrew Bartlett abart...@samba.org commit ef942172b9dfe3c30b86161445c7d6290579b6f2 Author: Simo Sorce sso...@redhat.com Date: Fri May 28 11:14:01 2010 -0400 s3:auth check the user is valid first It makes no sense to go through all the hoops to build samu and convert it to info3, just to discard them later if the user was not valid. Signed-off-by: Andrew Bartlett abart...@samba.org commit 1bb0afa662cb65ad8eeec59d40008c6604b791bc Author: Simo Sorce sso...@redhat.com Date: Fri May 28 11:07:49 2010 -0400 s3:auth make sure we set the right username Signed-off-by: Andrew Bartlett abart...@samba.org --- Summary of changes: source3/auth/auth_util.c | 219 ++-- source3/auth/server_info.c | 158 +++-- source3/auth/server_info_sam.c | 36 +-- source3/auth/token_util.c | 183 - source3/include/auth.h | 16 ++- source3/include/proto.h| 12 ++- source3/passdb/lookup_sid.c| 124 +++ source3/passdb/pdb_get_set.c | 94 ++ 8 files changed, 516 insertions(+), 326 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index a64fd33..a93d44f 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -30,34 +30,6 @@ #define DBGC_CLASS DBGC_AUTH / - Ensure primary group SID is always at position 0 in a - auth_serversupplied_info struct.
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 63a8c65... s4:samba_dsdb LDB module - enhance/fix module rule comments from 00089fd... s3:auth make sure the primary group sid is usable http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 63a8c658611cdd1aa975670965120c617519b190 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Mon Jun 7 14:58:30 2010 +0200 s4:samba_dsdb LDB module - enhance/fix module rule comments --- Summary of changes: source4/dsdb/samdb/ldb_modules/samba_dsdb.c |8 +--- 1 files changed, 5 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c index 3c9fd75..12356d3 100644 --- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c +++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c @@ -155,9 +155,11 @@ static int samba_dsdb_init(struct ldb_module *module) Some Known ordering constraints: - rootdse must be first, as it makes redirects from - cn=rootdse - extended_dn_in must be before objectclass.c, as it resolves the DN - - objectclass must be before password_hash, because password_hash checks - that the objectclass is of type person (filled in by objectclass - module when expanding the objectclass list) + - objectclass must be before password_hash and samldb since these LDB + modules require the expanded objectClass list + - objectclass_attrs must be behind operational in order to see all + attributes (the operational attributes protects and therefore + suppresses per default some important ontes) - partition must be last - each partition has its own module list then -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0dc88d2... s4:samba_dsdb LDB module - fix typos from 63a8c65... s4:samba_dsdb LDB module - enhance/fix module rule comments http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0dc88d2745e89096fda0e097bcf958949d7efc2d Author: Matthias Dieter Wallnöfer m...@samba.org Date: Mon Jun 7 15:02:38 2010 +0200 s4:samba_dsdb LDB module - fix typos --- Summary of changes: source4/dsdb/samdb/ldb_modules/samba_dsdb.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c index 12356d3..08df460 100644 --- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c +++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c @@ -158,8 +158,8 @@ static int samba_dsdb_init(struct ldb_module *module) - objectclass must be before password_hash and samldb since these LDB modules require the expanded objectClass list - objectclass_attrs must be behind operational in order to see all - attributes (the operational attributes protects and therefore - suppresses per default some important ontes) + attributes (the operational module protects and therefore + suppresses per default some important ones) - partition must be last - each partition has its own module list then -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9a747d5... s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSP via edba46c... s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS via 0af2dc4... s3:named pipe proxy Improve error messages when named pipes fail to forward via 4a7f45b... s3:smbd Give the kerberos session key a parent via d25e9ab... named_pipe_auth Always lower case the incoming pipe name via 8f1cec5... s3:smbd Fix segfault if register_existing_vuid() fails via fc956cf... s3:auth Rename user_info-domain - user_info-mapped.domain_name via deabae1... s3:auth Rename user_info-client_domain - user_info-client.domain_name via e21935f... s3:auth fix header comment for internal_username - mapped.account_name via 7a021df... s3:auth Rename user_info-internal_username - user_info-mapped.account_name via 2315945... s3:auth Rename user_info-smb_name - user_info-client.account_name from 0dc88d2... s4:samba_dsdb LDB module - fix typos http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9a747d500fad699038ecf75615c680a9fd9e4cc7 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 2 22:52:56 2010 +1000 s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSP This allows the right hooks to be called in GENSEC when s3compat implements the auth_ntlmssp interface. Otherwise, we can't do the signing or sealing as we have not negoitated it's use. Andrew Bartlett commit edba46ce94c335411ab337eeb4ef6f88fb3aae80 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 2 22:35:53 2010 +1000 s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS It's nicer to have an NTSTATUS return, and in s3compat there may be a reason other than 'no memory' why this can fail. Andrew Bartlett commit 0af2dc43ade4f819ebbb192e3f5493838f99d89b Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 3 21:05:57 2010 +1000 s3:named pipe proxy Improve error messages when named pipes fail to forward I hope this helps the next person who needs to debug this. Andrew Bartlett commit 4a7f45b7e1cef13bc28d7ee50dd4b5519bdec397 Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 3 21:15:33 2010 +1000 s3:smbd Give the kerberos session key a parent I can't see what would free this, so this should prevent a memory leak. Andrew Bartlett commit d25e9ab9a1b8c07a65034d36818819019e170e8d Author: Andrew Bartlett abart...@samba.org Date: Thu Jun 3 20:59:25 2010 +1000 named_pipe_auth Always lower case the incoming pipe name Windows connects to an upper case NETLOGON pipe, and we can't find the socket to connect to until we lower case the name. Andrew Bartlett commit 8f1cec5faf4e26de8b979059e99f2a66558b Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 1 19:19:01 2010 +1000 s3:smbd Fix segfault if register_existing_vuid() fails The register_existing_vuid() call will handle both the ntlmssp_end and vuid invalidation internally, so we don't want to do it again. Andrew Bartlett commit fc956cfcbb53103ed46a3729364e88536d569dc9 Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 1 21:11:14 2010 +1000 s3:auth Rename user_info-domain - user_info-mapped.domain_name This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett commit deabae191b34bdd350c7fe6c0c9ad05defa8d08c Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 1 21:08:38 2010 +1000 s3:auth Rename user_info-client_domain - user_info-client.domain_name This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett commit e21935fc74e8bd64bbd231d6388ea424708c3acd Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 1 21:01:23 2010 +1000 s3:auth fix header comment for internal_username - mapped.account_name commit 7a021df96deaf6dbe9f1abdfc16f6276e4a192fa Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 1 20:30:56 2010 +1000 s3:auth Rename user_info-internal_username - user_info-mapped.account_name This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett commit 23159453d3e61e2ad47fe6f86f3763280a11ea0c Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 1 20:27:03 2010 +1000 s3:auth Rename user_info-smb_name - user_info-client.account_name This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett --- Summary of changes: libcli/named_pipe_auth/npa_tstream.c |8 ++- source3/auth/auth.c
Re: [SCM] Samba Shared Repository - branch master updated
Hi Matthias, On Mon, 2010-06-07 at 05:00 -0500, Matthias Dieter Wallnöfer wrote: The branch, master has been updated via e206109... s4:ldb python bindings - implement comparison on Python LDB Message objects via 315aeef... s4: Remove an uselessly exposed control from e271a2b... s4-smbtorture: handle printservers w/o printers in RPC-SPOOLSS-ACCESS. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e2061095b52a198fa221d190117dcebbb63058e6 Author: Matthieu Patou m...@matws.net Date: Fri May 7 04:15:28 2010 +0400 s4:ldb python bindings - implement comparison on Python LDB Message objects Coauthors: Jelmer Vernooij, Matthias Dieter Wallnöfer Please push the tests that came with this patch as well. Cheers, Jelmer
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 8e3cb4d... Added Gekko entry. from 8ada4e2... Add news about Samba Team Blog #4 (sambaXP 2010) http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 8e3cb4dc34f4f4622d89709a92dbad747ab1d1a4 Author: John H Terpstra j...@samba.org Date: Mon Jun 7 10:11:18 2010 -0500 Added Gekko entry. --- Summary of changes: support/austria.html | 22 ++ 1 files changed, 22 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/support/austria.html b/support/austria.html index 4d4b600..62d9ca9 100644 --- a/support/austria.html +++ b/support/austria.html @@ -27,5 +27,27 @@ Specialty samba capabilities: Samba as PDC, High-Availability /p +!-- Added JHT 20100606 at request of Gekko -- +hr / +h3 Gekko GmbH/h3 +presmall +Gekko GmbH +Deutschstrasse 4 +Vienna, Vienna +Austria + +a href=http://www.gekko.at;http://www.gekko.at/a +Tel: +43 1 710 56 56 +a href=mailto:t.stee...@gekko.at;t.stee...@gekko.at/a +a href=mailto:;t.stee...@gekko.at/a +a href=mailto:j.kunsch...@gekko.at;j.kunsch...@gekko.at/a + +/small +p +Gekko is a Austrian Full Service IT Company with 15 employees and 2 locations, one in Vienna an one in Hartberg - Styria. +/pp +Our specialities: Samba as Member Server, Stackable Modules, Samba and Replication via rsync. +/p + !--#include virtual=footer_support.html -- -- Samba Website Repository
Re: [SCM] Samba Shared Repository - branch master updated
Jelmer, I'm performing some tests and then I will push this test commit. Thanks for pointing this out. Cheers, Matthias Jelmer Vernooij wrote: Hi Matthias, On Mon, 2010-06-07 at 05:00 -0500, Matthias Dieter Wallnöfer wrote: The branch, master has been updated via e206109... s4:ldb python bindings - implement comparison on Python LDB Message objects via 315aeef... s4: Remove an uselessly exposed control from e271a2b... s4-smbtorture: handle printservers w/o printers in RPC-SPOOLSS-ACCESS. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e2061095b52a198fa221d190117dcebbb63058e6 Author: Matthieu Patoum...@matws.net Date: Fri May 7 04:15:28 2010 +0400 s4:ldb python bindings - implement comparison on Python LDB Message objects Coauthors: Jelmer Vernooij, Matthias Dieter Wallnöfer Please push the tests that came with this patch as well. Cheers, Jelmer
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 99c9e35... ldb:pyldb.c - we cannot use ldb_dn_compare if both message DNs are NULL in py_ldb_msg_compare via 0c3dfd7... s4 python: add more unit tests to verify the compare tests via 1949864... s4:objectclass_attrs LDB module - move the single-valued attribute check into this module via a75d271... s4:rdn_name LDB module - move the distinguishedName write prevent check here from 9a747d5... s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSP http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 99c9e358c54b170b01e614483514026fddbd2688 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Mon Jun 7 21:26:33 2010 +0200 ldb:pyldb.c - we cannot use ldb_dn_compare if both message DNs are NULL in py_ldb_msg_compare Discovered by the testcase. commit 0c3dfd7a79d48ef5bdcd996537521868e479f1a4 Author: Matthieu Patou m...@matws.net Date: Fri May 7 04:16:11 2010 +0400 s4 python: add more unit tests to verify the compare tests commit 1949864417f3d10fb8996df7db259649eb777271 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Mon Jun 7 20:46:59 2010 +0200 s4:objectclass_attrs LDB module - move the single-valued attribute check into this module It seems to me more consistent (and also to keep the same behaviour on all backends). Also the DRS hack should therefore not be needed anymore since the repl_meta_data module launches requests behind objectclass_attrs. commit a75d271373dbbff973544865c2c9715510d67669 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Mon Jun 7 20:31:22 2010 +0200 s4:rdn_name LDB module - move the distinguishedName write prevent check here In my eyes it fits better here than in the TDB backend code. --- Summary of changes: source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 14 +- source4/lib/ldb/ldb_tdb/ldb_tdb.c | 51 source4/lib/ldb/modules/rdn_name.c |6 ++ source4/lib/ldb/pyldb.c|8 ++- source4/lib/ldb/tests/python/api.py| 19 +++ 5 files changed, 43 insertions(+), 55 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c index 042d26b..5b76a0b 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c @@ -180,7 +180,7 @@ static int attr_handler2(struct oc_context *ac) } /* Check if all specified attributes are valid in the given -* objectclasses. */ +* objectclasses and if they meet additional schema restrictions. */ msg = ac-search_res-message; for (i = 0; i msg-num_elements; i++) { attr = dsdb_attribute_by_lDAPDisplayName(ac-schema, @@ -189,6 +189,18 @@ static int attr_handler2(struct oc_context *ac) return LDB_ERR_OPERATIONS_ERROR; } + /* Check if they're single-valued if this is requested */ + if ((msg-elements[i].num_values 1) (attr-isSingleValued)) { + ldb_asprintf_errstring(ldb, objectclass_attrs: attribute '%s' on entry '%s' is single-valued!, + msg-elements[i].name, + ldb_dn_get_linearized(msg-dn)); + if (ac-req-operation == LDB_ADD) { + return LDB_ERR_CONSTRAINT_VIOLATION; + } else { + return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS; + } + } + /* We can use str_list_check with strcmp here since the * attribute informations from the schema are always equal * up-down-cased. */ diff --git a/source4/lib/ldb/ldb_tdb/ldb_tdb.c b/source4/lib/ldb/ldb_tdb/ldb_tdb.c index 42e1bd5..c421dda 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_tdb.c +++ b/source4/lib/ldb/ldb_tdb/ldb_tdb.c @@ -294,20 +294,12 @@ static int ltdb_add_internal(struct ldb_module *module, for (i=0;imsg-num_elements;i++) { struct ldb_message_element *el = msg-elements[i]; - const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el-name); if (el-num_values == 0) { ldb_asprintf_errstring(ldb, attribute %s on %s specified, but with 0 values (illegal), el-name, ldb_dn_get_linearized(msg-dn)); return LDB_ERR_CONSTRAINT_VIOLATION; } - if (a a-flags
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 711a30a... s3: fix build on platforms without st_blocks and st_blksize stat struct members from 99c9e35... ldb:pyldb.c - we cannot use ldb_dn_compare if both message DNs are NULL in py_ldb_msg_compare http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 711a30aa61bb5f6a9b3970007bad8a70f411fb87 Author: Björn Jacke b...@sernet.de Date: Mon Jun 7 23:06:28 2010 +0200 s3: fix build on platforms without st_blocks and st_blksize stat struct members This fixes bug 7474. --- Summary of changes: source3/lib/system.c |9 + 1 files changed, 9 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/system.c b/source3/lib/system.c index 5aab441..7859c61 100644 --- a/source3/lib/system.c +++ b/source3/lib/system.c @@ -534,8 +534,17 @@ static void init_stat_ex_from_stat (struct stat_ex *dst, dst-st_ex_mtime = get_mtimespec(src); dst-st_ex_ctime = get_ctimespec(src); make_create_timespec(src, dst, fake_dir_create_times); +#ifdef HAVE_STAT_ST_BLKSIZE dst-st_ex_blksize = src-st_blksize; +#else + dst-st_ex_blksize = STAT_ST_BLOCKSIZE; +#endif + +#ifdef HAVE_STAT_ST_BLOCKS dst-st_ex_blocks = src-st_blocks; +#else + dst-st_ex_blocks = src-st_size % STAT_ST_BLOCKSIZE + 1; +#endif #ifdef HAVE_STAT_ST_FLAGS dst-st_ex_flags = src-st_flags; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5da783f... s3:smbd add utility function to check if there are open pipes via f9fc4df... s3:rpc make num_pipe_handles get an actual pipe as argument via 22e9015... s3:rpc handles are used by all pipes, use better name via f7e2e83... s3:rpc fix potential out of bound memory access from 711a30a... s3: fix build on platforms without st_blocks and st_blksize stat struct members http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5da783f4a79ee0a927f2483ae20b691074bb3007 Author: Simo Sorce sso...@redhat.com Date: Mon Jun 7 14:08:05 2010 -0400 s3:smbd add utility function to check if there are open pipes commit f9fc4df0c0a6401d185b057c17d6b30ef549b3d0 Author: Simo Sorce sso...@redhat.com Date: Mon Jun 7 16:02:14 2010 -0400 s3:rpc make num_pipe_handles get an actual pipe as argument Let the function abstract out how handles are counted commit 22e9015e975096acf075240cc7d33f12c7c77395 Author: Simo Sorce sso...@redhat.com Date: Sun Jun 6 16:33:28 2010 -0400 s3:rpc handles are used by all pipes, use better name commit f7e2e8370bfa91ad8dbd9de4f69bf1cfe0947573 Author: Simo Sorce sso...@redhat.com Date: Mon Jun 7 15:07:38 2010 -0400 s3:rpc fix potential out of bound memory access memcpy copies memory unconditionally, we are passing in some cases here. Use strncpy which will stop reading from src if the null byte is found and will fill with nulls the destination. --- Summary of changes: source3/Makefile.in|2 +- source3/include/proto.h|5 +++-- .../rpc_server/{srv_lsa_hnd.c = rpc_handles.c}|6 +++--- source3/rpc_server/rpc_ncacn_np_internal.c | 14 +- source3/rpc_server/srv_spoolss_nt.c|2 +- source3/smbd/conn.c| 11 +++ 6 files changed, 24 insertions(+), 16 deletions(-) rename source3/rpc_server/{srv_lsa_hnd.c = rpc_handles.c} (99%) Changeset truncated at 500 lines: diff --git a/source3/Makefile.in b/source3/Makefile.in index d9e4ec5..8e2c003 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -654,7 +654,7 @@ RPC_EVENTLOG_OBJ = rpc_server/srv_eventlog_nt.o \ NPA_TSTREAM_OBJ = ../libcli/named_pipe_auth/npa_tstream.o RPC_NCACN_NP_INTERNAL = rpc_server/srv_pipe_register.o rpc_server/rpc_ncacn_np_internal.o \ - rpc_server/srv_lsa_hnd.o + rpc_server/rpc_handles.o RPC_PIPE_OBJ = rpc_server/srv_pipe.o rpc_server/srv_pipe_hnd.o \ $(RPC_NCACN_NP_INTERNAL) diff --git a/source3/include/proto.h b/source3/include/proto.h index 9582884..2f68f0e 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5152,9 +5152,9 @@ bool smb_io_rpc_hdr_auth(const char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, in /* The following definitions come from rpc_server/srv_eventlog_nt.c */ -/* The following definitions come from rpc_server/srv_lsa_hnd.c */ +/* The following definitions come from rpc_server/rpc_handles.c */ -size_t num_pipe_handles(struct handle_list *list); +size_t num_pipe_handles(pipes_struct *p); bool init_pipe_handle_list(pipes_struct *p, const struct ndr_syntax_id *syntax); bool create_policy_hnd(pipes_struct *p, struct policy_handle *hnd, void *data_ptr); @@ -5208,6 +5208,7 @@ bool api_pipe_request(pipes_struct *p); pipes_struct *get_first_internal_pipe(void); pipes_struct *get_next_internal_pipe(pipes_struct *p); +bool check_open_pipes(void); bool fsp_is_np(struct files_struct *fsp); struct tsocket_address; diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/rpc_handles.c similarity index 99% rename from source3/rpc_server/srv_lsa_hnd.c rename to source3/rpc_server/rpc_handles.c index 7cc1b43..fa4100f 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/rpc_handles.c @@ -62,12 +62,12 @@ static bool is_samr_lsa_pipe(const struct ndr_syntax_id *syntax) || ndr_syntax_id_equal(syntax, ndr_table_lsarpc.syntax_id)); } -size_t num_pipe_handles(struct handle_list *list) +size_t num_pipe_handles(pipes_struct *p) { - if (list == NULL) { + if (p-pipe_handles == NULL) { return 0; } - return list-count; + return p-pipe_handles-count; } / diff --git a/source3/rpc_server/rpc_ncacn_np_internal.c b/source3/rpc_server/rpc_ncacn_np_internal.c index 6002489..18251c6 100644 --- a/source3/rpc_server/rpc_ncacn_np_internal.c +++ b/source3/rpc_server/rpc_ncacn_np_internal.c @@ -68,6 +68,18 @@ static void free_pipe_rpc_context_internal( PIPE_RPC_FNS *list ) return; } +bool
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 096a3d3... Make aio_ex owned by a talloc context, not neccessarily on the null context. via d70413f... Move write_though into aio_ex struct. from 5da783f... s3:smbd add utility function to check if there are open pipes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 096a3d3eea60d514a5d8fe8a35b3e463238b3766 Author: Jeremy Allison j...@samba.org Date: Mon Jun 7 16:26:30 2010 -0700 Make aio_ex owned by a talloc context, not neccessarily on the null context. commit d70413fa0cba9338fbf2adad0db6e4b88da9ad65 Author: Jeremy Allison j...@samba.org Date: Mon Jun 7 16:25:18 2010 -0700 Move write_though into aio_ex struct. --- Summary of changes: source3/smbd/aio.c | 30 +- 1 files changed, 17 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c index ab88b12..bce95be 100644 --- a/source3/smbd/aio.c +++ b/source3/smbd/aio.c @@ -46,6 +46,7 @@ struct aio_extra { struct smb_request *smbreq; DATA_BLOB outbuf; struct lock_struct lock; + bool write_through; int (*handle_completion)(struct aio_extra *ex, int errcode); }; @@ -99,9 +100,11 @@ static int aio_extra_destructor(struct aio_extra *aio_ex) of the aio call. */ -static struct aio_extra *create_aio_extra(files_struct *fsp, size_t buflen) +static struct aio_extra *create_aio_extra(TALLOC_CTX *mem_ctx, + files_struct *fsp, + size_t buflen) { - struct aio_extra *aio_ex = TALLOC_ZERO_P(NULL, struct aio_extra); + struct aio_extra *aio_ex = TALLOC_ZERO_P(mem_ctx, struct aio_extra); if (!aio_ex) { return NULL; @@ -111,10 +114,12 @@ static struct aio_extra *create_aio_extra(files_struct *fsp, size_t buflen) the smb return buffer. The buffer used in the acb is the start of the reply data portion of that buffer. */ - aio_ex-outbuf = data_blob_talloc(aio_ex, NULL, buflen); - if (!aio_ex-outbuf.data) { - TALLOC_FREE(aio_ex); - return NULL; + if (buflen) { + aio_ex-outbuf = data_blob_talloc(aio_ex, NULL, buflen); + if (!aio_ex-outbuf.data) { + TALLOC_FREE(aio_ex); + return NULL; + } } DLIST_ADD(aio_list_head, aio_ex); talloc_set_destructor(aio_ex, aio_extra_destructor); @@ -174,7 +179,7 @@ NTSTATUS schedule_aio_read_and_X(connection_struct *conn, bufsize = smb_size + 12 * 2 + smb_maxcnt; - if ((aio_ex = create_aio_extra(fsp, bufsize)) == NULL) { + if ((aio_ex = create_aio_extra(NULL, fsp, bufsize)) == NULL) { DEBUG(10,(schedule_aio_read_and_X: malloc fail.\n)); return NT_STATUS_NO_MEMORY; } @@ -239,7 +244,6 @@ NTSTATUS schedule_aio_write_and_X(connection_struct *conn, struct aio_extra *aio_ex; SMB_STRUCT_AIOCB *a; size_t bufsize; - bool write_through = BITSETW(smbreq-vwv+7,0); size_t min_aio_write_size = lp_aio_write_size(SNUM(conn)); int ret; @@ -262,7 +266,7 @@ NTSTATUS schedule_aio_write_and_X(connection_struct *conn, return NT_STATUS_RETRY; } - /* Only do this on non-chained and non-chaining reads not using the + /* Only do this on non-chained and non-chaining writes not using the * write cache. */ if (req_is_in_chain(smbreq) || (lp_write_cache_size(SNUM(conn)) != 0)) { return NT_STATUS_RETRY; @@ -283,11 +287,12 @@ NTSTATUS schedule_aio_write_and_X(connection_struct *conn, bufsize = smb_size + 6*2; - if (!(aio_ex = create_aio_extra(fsp, bufsize))) { + if (!(aio_ex = create_aio_extra(NULL, fsp, bufsize))) { DEBUG(0,(schedule_aio_write_and_X: malloc fail.\n)); return NT_STATUS_NO_MEMORY; } aio_ex-handle_completion = handle_aio_write_complete; + aio_ex-write_through = BITSETW(smbreq-vwv+7,0); construct_reply_common_req(smbreq, (char *)aio_ex-outbuf.data); srv_set_message((char *)aio_ex-outbuf.data, 6, 0, True); @@ -331,7 +336,7 @@ NTSTATUS schedule_aio_write_and_X(connection_struct *conn, contend_level2_oplocks_begin(fsp, LEVEL2_CONTEND_WRITE); contend_level2_oplocks_end(fsp, LEVEL2_CONTEND_WRITE); - if (!write_through !lp_syncalways(SNUM(fsp-conn)) + if (!aio_ex-write_through !lp_syncalways(SNUM(fsp-conn)) fsp-aio_write_behind) { /* Lie to the client and immediately claim we finished the
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-95-g9a38f95
The branch, 1.0.112 has been updated via 9a38f9598e6f81fe25347487b51b62703a41922f (commit) via 599fd54ea34a9b007828ffe32392709e8f2628f9 (commit) via e682860568cdeabeecbd50aca3568848fc5b923e (commit) from 968a88f0bf0747d2ca7da48d5661d7b2df090c83 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit 9a38f9598e6f81fe25347487b51b62703a41922f Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Jun 8 12:17:01 2010 +1000 New version 1.0.112-23 * Tue Jun 8 2010 : Version 1.0.112-23 - Fix a SEGV that can be triggered by ctdb delip BZ 62783 - Add iptables filters to stop clients from connecting to the NATGW address. BZ62613 - Add timestamps to the ctdb statistics output - Change ctdb addip to block until the address is active BZ63191 - Add additional log messages when tdbs can no longer be locked/chain unlocked BZ64688 commit 599fd54ea34a9b007828ffe32392709e8f2628f9 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Jun 8 12:09:19 2010 +1000 Additional log messages when tdb databases can no longer be chainlocked or chainunlocked BZ64688 commit e682860568cdeabeecbd50aca3568848fc5b923e Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Mon Jun 7 14:26:08 2010 +1000 change the addip command to wait until the ip address is taken by the proper node BZ63191 --- Summary of changes: common/ctdb_ltdb.c |2 +- packaging/RPM/ctdb.spec.in | 14 ++- server/ctdb_freeze.c |2 + tools/ctdb.c | 58 +--- 4 files changed, 65 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/common/ctdb_ltdb.c b/common/ctdb_ltdb.c index b2fd189..d35b690 100644 --- a/common/ctdb_ltdb.c +++ b/common/ctdb_ltdb.c @@ -191,7 +191,7 @@ int ctdb_ltdb_unlock(struct ctdb_db_context *ctdb_db, TDB_DATA key) { int ret = tdb_chainunlock(ctdb_db-ltdb-tdb, key); if (ret != 0) { - DEBUG(DEBUG_ERR,(tdb_chainunlock failed\n)); + DEBUG(DEBUG_ERR,(__location__ tdb_chainunlock failed on database %s\n, ctdb_db-db_name)); } return ret; } diff --git a/packaging/RPM/ctdb.spec.in b/packaging/RPM/ctdb.spec.in index 42179e5..bdcf6e2 100644 --- a/packaging/RPM/ctdb.spec.in +++ b/packaging/RPM/ctdb.spec.in @@ -5,7 +5,7 @@ Vendor: Samba Team Packager: Samba Team sa...@samba.org Name: ctdb Version: 1.0.112 -Release: 22 +Release: 23 Epoch: 0 License: GNU GPL version 3 Group: System Environment/Daemons @@ -125,6 +125,18 @@ rm -rf $RPM_BUILD_ROOT %{_docdir}/ctdb/tests/bin/ctdb_transaction %changelog +* Tue Jun 8 2010 : Version 1.0.112-23 + - Fix a SEGV that can be triggered by ctdb delip + BZ 62783 + - Add iptables filters to stop clients from connecting to the NATGW + address. + BZ62613 + - Add timestamps to the ctdb statistics output + - Change ctdb addip to block until the address is active + BZ63191 + - Add additional log messages when tdbs can no longer be locked/chain + unlocked + BZ64688 * Mon May 24 2010 : Version 1.0.112-22 - Fix bug in 62.cnfs to allow exports that are quoted. - Add monitoring og Quorum for the 62.cnfs script diff --git a/server/ctdb_freeze.c b/server/ctdb_freeze.c index 3852008..70333b0 100644 --- a/server/ctdb_freeze.c +++ b/server/ctdb_freeze.c @@ -48,6 +48,7 @@ static int ctdb_lock_all_databases(struct ctdb_context *ctdb, uint32_t priority) } DEBUG(DEBUG_INFO,(locking database 0x%08x priority:%u %s\n, ctdb_db-db_id, ctdb_db-priority, ctdb_db-db_name)); if (tdb_lockall(ctdb_db-ltdb-tdb) != 0) { + DEBUG(DEBUG_ERR,(__location__ Failed to lock database %s\n, ctdb_db-db_name)); return -1; } } @@ -60,6 +61,7 @@ static int ctdb_lock_all_databases(struct ctdb_context *ctdb, uint32_t priority) } DEBUG(DEBUG_INFO,(locking database 0x%08x priority:%u %s\n, ctdb_db-db_id, ctdb_db-priority, ctdb_db-db_name)); if (tdb_lockall(ctdb_db-ltdb-tdb) != 0) { + DEBUG(DEBUG_ERR,(__location__ Failed to lock database %s\n, ctdb_db-db_name)); return -1; } } diff --git a/tools/ctdb.c b/tools/ctdb.c index c59a8b4..6daddb0 100644 --- a/tools/ctdb.c +++ b/tools/ctdb.c @@ -56,6 +56,8 @@ static int control_version(struct ctdb_context *ctdb, int argc, const char **arg } #endif +static int control_ipreallocate(struct ctdb_context *ctdb, int argc, const char **argv); + /* verify that a node exists and is reachable @@ -1057,6 +1059,7 @@ static int move_ip(struct ctdb_context *ctdb, ctdb_sock_addr
[SCM] CTDB repository - branch master updated - ctdb-1.0.114-142-gb977901
The branch, master has been updated via b977901a49a9fed45cc8a2fe880eb749f58278f6 (commit) from f62c7e44dc303f274bbc1dd59fad2167e72a2af0 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit b977901a49a9fed45cc8a2fe880eb749f58278f6 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Jun 8 12:09:19 2010 +1000 Additional log messages when tdb databases can no longer be chainlocked or chainunlocked BZ64688 --- Summary of changes: common/ctdb_ltdb.c |2 +- server/ctdb_freeze.c |2 ++ 2 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/common/ctdb_ltdb.c b/common/ctdb_ltdb.c index b2fd189..d35b690 100644 --- a/common/ctdb_ltdb.c +++ b/common/ctdb_ltdb.c @@ -191,7 +191,7 @@ int ctdb_ltdb_unlock(struct ctdb_db_context *ctdb_db, TDB_DATA key) { int ret = tdb_chainunlock(ctdb_db-ltdb-tdb, key); if (ret != 0) { - DEBUG(DEBUG_ERR,(tdb_chainunlock failed\n)); + DEBUG(DEBUG_ERR,(__location__ tdb_chainunlock failed on database %s\n, ctdb_db-db_name)); } return ret; } diff --git a/server/ctdb_freeze.c b/server/ctdb_freeze.c index 3852008..70333b0 100644 --- a/server/ctdb_freeze.c +++ b/server/ctdb_freeze.c @@ -48,6 +48,7 @@ static int ctdb_lock_all_databases(struct ctdb_context *ctdb, uint32_t priority) } DEBUG(DEBUG_INFO,(locking database 0x%08x priority:%u %s\n, ctdb_db-db_id, ctdb_db-priority, ctdb_db-db_name)); if (tdb_lockall(ctdb_db-ltdb-tdb) != 0) { + DEBUG(DEBUG_ERR,(__location__ Failed to lock database %s\n, ctdb_db-db_name)); return -1; } } @@ -60,6 +61,7 @@ static int ctdb_lock_all_databases(struct ctdb_context *ctdb, uint32_t priority) } DEBUG(DEBUG_INFO,(locking database 0x%08x priority:%u %s\n, ctdb_db-db_id, ctdb_db-priority, ctdb_db-db_name)); if (tdb_lockall(ctdb_db-ltdb-tdb) != 0) { + DEBUG(DEBUG_ERR,(__location__ Failed to lock database %s\n, ctdb_db-db_name)); return -1; } } -- CTDB repository