Re: [Samba] Working simultaneously with the same user account
On Mon, Feb 28, 2011 at 9:37 PM, Gaiseric Vandal gaiseric.van...@gmail.com wrote: Are users logging into the PC with this one account? Or are they logging into PC's with unique accounts? Are they accessing other shares besides this one? If this is the only share, it shouldn't be a problem (technically.) Users are logging into the pc with unique accounts. I would like to have them access other shares as well. The idea is to have a simple setup with a standard username and password for shares. Here's a more complete example: Greate folders === mkdir /media/test chmod -R 770 /media/test chmod g+s /media/test chown -R root:users /media/test mkdir /media/samba chmod -R 770 /media/samba chmod g+s /media/samba groupadd office chown -R root:office /media/samba Add users smbpasswd -a user smbpasswd -a user2 Add users to relevant groups gpasswd -a user users gpasswd -a user2 office Create /etc/samba/smb.conf == [global] workgroup = WORKGROUP netbios name = TESTSERVER security = user [test] path = /media/test read only = No store dos attributes = yes inherit permissions = yes [samba] path = /media/samba read only = No store dos attributes = yes inherit permissions = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Configure rid for computer account
Hello: I have a samba PDC with LDAP, samba 3.0.33 and 389DS 1.2.5, and I adding computer accounts with a rid that I don't understand why samba creates like that. The users acounts have a rid = (2 * userid) + 1000, and groups accounts have rid = (2 * groupid) + 1001. The computers accounts have a different rid, Isn't a computer accout the same as an user account? my question is how samba generates the rid for the computer account and If I can use the old style of rid generation for computers accounts. Regards, Moises -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
On Mon, Feb 28, 2011 at 12:21:32AM -0300, J. L. Cabral wrote: Chris, after following Marco guideline and fail I followed the tutorial you recommend to me, please see below: [...] just to remember you to post even when successful. We are interested in knowing what went wrong... -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cross-Compiling Samba 3.5.6 to MIPS
Additional info: If I remove: export libreplace_cv_HAVE_IFACE_IFCONF=yes It compiles well, but when i execute any binarie, the same error message appears. For example: [root@stb:/rw/Test/Pruebas-Samba-3.5.6/segundo_int] # ./smbtree -NS ERROR: Could not determine network interfaces, you must use a interfaces config line Any ideas? Maybe it's a network problem? Thanks a lot! -- View this message in context: http://samba.2283325.n4.nabble.com/Cross-Compiling-Samba-3-5-6-to-MIPS-tp3328039p3329725.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
Just a moment please, now I'll test with your instructions and I'll tell youthanks. On Tue, Mar 1, 2011 at 9:19 AM, Marco Ciampa ciam...@libero.it wrote: On Mon, Feb 28, 2011 at 12:21:32AM -0300, J. L. Cabral wrote: Chris, after following Marco guideline and fail I followed the tutorial you recommend to me, please see below: [...] just to remember you to post even when successful. We are interested in knowing what went wrong... -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Windows 7 Client - Samba Domain
Hi, All the information I found shows that Windows 7 may operate in a samba domain only if aunt made these changes in the registry: HKLM \ System \ CCS \ Services \ LanmanWorkstation \ Parameters DomainCompatibilityMode DWORD = 1 DWORD DNSNameResolutionRequired = 0 But what do these values? Why should you be DomainCompatibilityMode = 1 and not 0 or DNSNameResolutionRequired = 0 and not 1, to work? Thank you, Claudiu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] OSX 10.6 Clients on a 3.4.11 Server
This particular server is a standalone unit, meaning that it is not part of a cluster. It was almost like the client is maintaining it's own list of locks and sending them to the server? - David On 02/28/2011 10:26 PM, Yu Liao wrote: I am interesting about you remove the tdb files and they come back. Do you use ctdb mode? What is the value of clustering option? 2011/3/1 David Irving dirv...@workflowbydesign.com mailto:dirv...@workflowbydesign.com Hello, I'm running Samba 3.4.11 on CentOS 5.2.. I Have some users at my company that have recently upgraded their macs to Snow Leopard 10.6.6 and are running in to some SMB issues. When they mount a share they can move,delete,copy folders just fine. If they open and close a file in one of those folders though, they cannot rename, delete, or move the folder because samba has it locked and it appears to stay locked until they dismount the volume (even though all files/folders are closed). This has only started happening since we upgraded our macs to 10.6.x (10.5.x works just fine). I'm completely at the end of my rope regarding this problem. I've tried tweaking various server side configuration options for oplocking, etc and have made 0 headway. One funny thing that I did notice is that, as a test, I shutdown Samba, deleted the lock tdb file, and restarted samba. As soon as the client reestablished it's connection with the server all the old locks (displayed using smbstatus) were put back in to place (I'm talking about something like 100 or so locks, some as old as 2 days). It looks like the client is requesting the locks on the folders for some reason. I'm 95% sure that this is a OSX client bug but I was hoping someone out there had a workaround for it. Thanks, David -- David Irving, Technical Director Workflow By Design, LLC tel 978.998.6630 mobile 207.320.5026 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Best Regards. Liao Yu Tel:13880992031 -- David Irving, Technical Director Workflow By Design, LLC tel 978.998.6630 mobile 207.320.5026 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
Dear, we still continue without access to samba share. Just a question: maybe the administrator of the Windows Domain has setup any policy ti avoide tha access from domain's users to samba ??? Has the administrator of my Windows domain allow any access or do something specific related to samba machine ??? Thanks again On Tue, Mar 1, 2011 at 10:07 AM, J. L. Cabral jelocab...@gmail.com wrote: Just a moment please, now I'll test with your instructions and I'll tell youthanks. On Tue, Mar 1, 2011 at 9:19 AM, Marco Ciampa ciam...@libero.it wrote: On Mon, Feb 28, 2011 at 12:21:32AM -0300, J. L. Cabral wrote: Chris, after following Marco guideline and fail I followed the tutorial you recommend to me, please see below: [...] just to remember you to post even when successful. We are interested in knowing what went wrong... -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Working simultaneously with the same user account
Are you using a domain (PC's are in the domain and user accounts are in the domain not on each PC) or a workgroup (each user account is defined on his or her own PC.)If the PC's are domain members then you should just be able to have all the users in a group and the group has access to that common share. If the PC's are in a workgroup, the user can map a drive letter to each share- this can be a persistent drive mapping that stores the credentials. However, my experience has been that you can not connect to two different shares on one server, each with a different credentials. At least this is the case when connecting from an XP Pro client. E.g. net use x: \\server1\share1 /user:jsmith (that will work) net use y: \\server1\share2 /user:rsmith (that will fail with a warning that you are already connected to the server with different credentials.) On 03/01/2011 03:09 AM, Aniruddha wrote: On Mon, Feb 28, 2011 at 9:37 PM, Gaiseric Vandal gaiseric.van...@gmail.com wrote: Are users logging into the PC with this one account? Or are they logging into PC's with unique accounts? Are they accessing other shares besides this one? If this is the only share, it shouldn't be a problem (technically.) Users are logging into the pc with unique accounts. I would like to have them access other shares as well. The idea is to have a simple setup with a standard username and password for shares. Here's a more complete example: Greate folders === mkdir /media/test chmod -R 770 /media/test chmod g+s /media/test chown -R root:users /media/test mkdir /media/samba chmod -R 770 /media/samba chmod g+s /media/samba groupadd office chown -R root:office /media/samba Add users smbpasswd -a user smbpasswd -a user2 Add users to relevant groups gpasswd -a user users gpasswd -a user2 office Create /etc/samba/smb.conf == [global] workgroup = WORKGROUP netbios name = TESTSERVER security = user [test] path = /media/test read only = No store dos attributes = yes inherit permissions = yes [samba] path = /media/samba read only = No store dos attributes = yes inherit permissions = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Should krb.conf and krb5.conf have entries for multiple domain controllers?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/28/2011 09:29 PM, Robinson, Eric wrote: There are three DCs in my Windows AD domain, but I have noticed that only one of them is referenced in my krb.conf and krb5.conf. Should there be a reference to one or two of the other domain controllers? If the DC goes down, how will my Samba/Winbind servers authenticate? -- Eric Robinson Eric, There should be no problem putting each DC in your krb.conf file. It does allow for failover for kerberos. In your smb.conf file you will also want to list the servers in your password server parameter, separated by spaces. Depending on how your samba/winbind is implemented, and the default way most windows domain member machines work, is that they will go to kerberos first then go to lanman/ntlm/ntlmv2. Robert - -- Robert Freeman-Day https://launchpad.net/~presgas GPG Public Key: http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0xBA9DF9ED3E4C7D36 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1s+8AACgkQup357T5MfTavTQCgtr2iYkBpIaAGwGvgu0ZwCb5t 45cAoIePLwkKfp/+SXR6IS+6iXH+AoUj =2sXL -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
Il 01/03/2011 14:43, J. L. Cabral ha scritto: Dear, we still continue without access to samba share. Just a question: maybe the administrator of the Windows Domain has setup any policy ti avoide tha access from domain's users to samba ??? Has the administrator of my Windows domain allow any access or do something specific related to samba machine ??? Thanks again On Tue, Mar 1, 2011 at 10:07 AM, J. L. Cabraljelocab...@gmail.com wrote: Just a moment please, now I'll test with your instructions and I'll tell youthanks. On Tue, Mar 1, 2011 at 9:19 AM, Marco Ciampaciam...@libero.it wrote: On Mon, Feb 28, 2011 at 12:21:32AM -0300, J. L. Cabral wrote: Chris, after following Marco guideline and fail I followed the tutorial you recommend to me, please see below: [...] just to remember you to post even when successful. We are interested in knowing what went wrong... -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba IIRC there is a registry setting which prevents a windows machine from accessing non-authenticated smb shares. I'm sorry but can't find the key name right now... HTH -- Marcello Romani -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Working simultaneously with the same user account
However, my experience has been that you can not connect to two different shares on one server, each with a different credentials. At least this is the case when connecting from an XP Pro client. E.g. net use x: \\server1\share1 /user:jsmith (that will work) net use y: \\server1\share2 /user:rsmith (that will fail with a warning that you are already connected to the server with different credentials.) This is the case with all windows NT versions that I know of. You can not login to the same server with different credentials. There are ways around this. I believe if you do the second mount by ipaddress or use an alias in samba the client will allow the second (or more with more aliases) set of credentials to connect to your samba server. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Working simultaneously with the same user account
On Tue, Mar 1, 2011 at 2:09 AM, Aniruddha mailingdotl...@gmail.com wrote: Users are logging into the pc with unique accounts. I would like to have them access other shares as well. The idea is to have a simple setup with a standard username and password for shares. Here's a more complete example: having separate usernames and password per share is never simple, SMB wasn't designed to work like that. the simple way is to make user groups for shares and add the users accounts to the groups they need access to. This is far simpler as when you need to take a users rights away from a share due to job position changes you just remove them from the group instead of making everyone else remember a new password. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
On Tue, Mar 1, 2011 at 8:25 AM, J. L. Cabral jelocab...@gmail.com wrote: OK thanks, but when I try to access from a Linux Debian machine as guest, I fail againlook: Debian:~# smbclient //10.4.133.109/share -U guest Enter guest's password: I put any password because guest is not a samba nor Linux user guest access doesn't actually use a username, this may be the problem. to force-use the anonymous account, you can do: -U % I'd start here: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html you don't have to get very down that page to have a anonymous read-write share. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
Chris, I'v efollowed your tutorial, see below the configuration of my Linux CentOS 5.5 please: testparm output: [global] workgroup = CASA map to guest = Bad User passdb backend = tdbsam username map = /etc/samba/smbusers cups options = raw (I put security = user but is not displayed in testparm) [share] comment = File server path = /var/share read only = No create mask = 0700 directory mask = 0700 guest ok = Yes In smbusers: root = administrator admin nobody = guest pcguest smbguest The share: Debian:~# smbclient -U guest -L 10.4.133.109 Enter guest's password: ANY PASS Domain=[BANGKOK] OS=[Unix] Server=[Samba 3.0.33-3.29.el5_5.1] Sharename Type Comment - --- share Disk File share IPC$IPC IPC Service (Samba 3.0.33-3.29.el5_5.1) Domain=[BANGKOK] OS=[Unix] Server=[Samba 3.0.33-3.29.el5_5.1] Server Comment ---- WorkgroupMaster ---- CASA BANGKOK And finally try to enter the share resource: Debian:~# smbclient //10.4.133.109/grabar -U guest Enter guest's password: ANY PASS Domain=[BANGKOK] OS=[Unix] Server=[Samba 3.0.33-3.29.el5_5.1] smb: \ ls NT_STATUS_ACCESS_DENIED listing \* 56892 blocks of size 8388608. 53742 blocks available What can be the problem ??? THANKS drwxrwxrwx 2 nobody nobody 4096 feb 28 16:21 share nobody is a Linux local user with /sbin/nologin shell. From a Linux Debian machine I try to connect: On Fri, Feb 25, 2011 at 3:13 PM, Chris Smith smb...@chrissmith.org wrote: On Fri, Feb 25, 2011 at 10:22 AM, J. L. Cabral jelocab...@gmail.com wrote: I want to access a Linux share resource in /var/share without password from WXP desktop FROM ANY USER. See: http://blog.realcomputerguy.com/2010/12/samba-and-guest-shares-with-security.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
Chris I tried to connect with -U % and see: Debian:~# smbclient //10.4.133.109/share -U % Domain=[CASA] OS=[Unix] Server=[Samba 3.0.33-3.29.el5_5.1] smb: \ ls NT_STATUS_ACCESS_DENIED listing \* 56892 blocks of size 8388608. 53742 blocks available Always the error !!! On Tue, Mar 1, 2011 at 12:12 PM, Chris Weiss cwe...@gmail.com wrote: On Tue, Mar 1, 2011 at 8:25 AM, J. L. Cabral jelocab...@gmail.com wrote: OK thanks, but when I try to access from a Linux Debian machine as guest, I fail againlook: Debian:~# smbclient //10.4.133.109/share -U guest Enter guest's password: I put any password because guest is not a samba nor Linux user guest access doesn't actually use a username, this may be the problem. to force-use the anonymous account, you can do: -U % I'd start here: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html you don't have to get very down that page to have a anonymous read-write share. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Hide the not allowed to open shared directories inthe client
hide unreadable = yes on global config This parameter is really good for my usage, it hides directories and files that user cannot access. -- Eero, RHCE It works like a charm. Thank you. I found this post on the list, and it' not the solution for me. My questions is: Do we have a setting to hide files on samba share1 if the files' owner is not me? and, still I can readwrite those files through samba share2. Samba share1 and share2 point to the same /path/folder. Thanks, Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
On Tue, Mar 1, 2011 at 9:24 AM, J. L. Cabral jelocab...@gmail.com wrote: Chris I tried to connect with -U % and see: Debian:~# smbclient //10.4.133.109/share -U % Domain=[CASA] OS=[Unix] Server=[Samba 3.0.33-3.29.el5_5.1] smb: \ ls NT_STATUS_ACCESS_DENIED listing \* if security isn't in your testparm, them something is odd with how you entered it. I think user is the default, test with this: testparm -v | grep security Also check your guest settings, this will show what account samba will use for anonymous access, among other things: testparm -v | grep guest Make sure the account listed can access the directory you are sharing, or use force user to override the shares filesystem access, which is what the howto does. Also, i never use smbusers file for anything, ever. I find that it only adds confusion. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba quota for AD users
2011/3/1 system minami minami.sys...@gmail.com: I would like to ask you if it is possible to enable Samba quota for Active Directory user ? As far as I examine with Samba 3.5.6, yes. Under Winbind env, I edit quota settings for W2K8AD1\samba02 user with edquota and run repquota: # repquota -a (snip) monyo -- 40 0 0 7 0 0 (snip) W2K8AD1\administrator -- 124 0 0 28 0 0 W2K8AD1\samba02 -- 4 0 10 1 0 0 If W2K8AD1\samba02 user writes files more than limitation, he cannot write. My env; DC: Windows Server 2008 RTM, Samba 3.5.6. --- TAKAHASHI Motonobu mo...@monyo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
See inline please: if security isn't in your testparm, them something is odd with how you entered it. I think user is the default, test with this: testparm -v | grep security security = USER paranoid server security = Yes security mask = 0777 force security mode = 00 directory security mask = 0777 force directory security mode = 00 Also check your guest settings, this will show what account samba will use for anonymous access, among other things: testparm -v | grep guest map to guest = Bad User guest account = nobody usershare allow guests = No guest only = No guest ok = No guest ok = Yes Make sure the account listed can access the directory you are sharing, or use force user to override the shares filesystem access, which is what the howto does. drwxrwxrwx nobody nobody /var/share Also, i never use smbusers file for anything, ever. I find that it only adds confusion. But the tutorial you show me points: username map = /etc/samba/smbusers I repeat my smb.conf file: [global] workgroup = CASA interfaces = lo eth0 map to guest = Bad User security = user passdb backend = tdbsam username map = /etc/samba/smbusers [grabar] comment = File share path = /var/share borowseable = yes read only = No create mask = 0700 directory mask = 0700 guest ok = Yes And the NT_STATUS_ACCESS_DENIED listing \* error appear again !!! Any other idea please ??? Thanks and sorry for interrupting you... JeLo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
On Tue, Mar 1, 2011 at 9:53 AM, J. L. Cabral jelocab...@gmail.com wrote: And the NT_STATUS_ACCESS_DENIED listing \* error appear again !!! I guess all that's left is to turn up the log level and see if anything looks odd. it's possible that you aren't actually accessing it mapped to guest due to the accounts you've created, or that the smbusers is confusing it, or any number of oddities specific to your server config. what I do know is that on a clean server, that howto works perfectly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
Hallo, J., Du meintest am 01.03.11: testparm output: [global] workgroup = CASA map to guest = Bad User passdb backend = tdbsam username map = /etc/samba/smbusers cups options = raw (I put security = user but is not displayed in testparm) There's a big difference between testparm and testparm -v; the -v option shows what is, including the defaults. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
2011/2/26 J. L. Cabral jelocab...@gmail.com: Dear, I have a Linux Samba server and a Windows XP SP2 client joined to the g-company.net domain. I want to access a Linux share resource in /var/share without password from WXP desktop FROM ANY USER. This is my scenario: - I don't create any Linux local user because I want total access from any user - I use security = share - My smbusers file is: root = administrator admin nobody = guest pcguest smbguest - The Windows XP guest account is guest but I don't know if it has any password setup. Form Windows XP I execute: \\samba_server\share but I get the error DENIED ACCESS. What can I do to access this resource ??? What is your distro and filesystems? Can you access with correct username and password? And if you use Fedora or CentOS or such kind of OSes, have you already stopped SELinux? If you have not, type setenforce 0 and try again. --- TAKAHASHI Motonobu mo...@monyo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Map multiple NT users to the same Unix user with tdbsam
Hi! I have an NTFS partition on an USB HDD mounted with uid=1000, gid=1000. Several users should be able to backup to that partition via Samba shares. They should be able to log in each with their own user/pass. I'd rather not have a separate unix account (/etc/passwd) for each of them (plus that runs into trouble with the uid==gid==1000 problem on the NTFS partition; I'd rather not set the whole NTFS disk world-writeable to circumvent that). And I'd really like to avoid ldap, sticking with tdbsam. What I wish I could do was having multiple user/password combinations on the Windows side and map them all to one user on the unix side. username map looked like the solution, but isn't; quoting the documentation: ... for user or share mode security, the username map is applied prior to validating the user credentials. Thus AIUI all the users would be required to share a password (that of the user they are mapped to). The only other thing I can think of is using share level security, and giving every user one share he can use. Seems possible but suboptimal. Having something like username map, but with it being applied after credential validation would exactly solve my problem (if smbpasswd let me create users absent from /etc/passwd). Is there any way to achieve something like this? Anyone got another solution for my scenario? Cheers, Christian PS: running Samba 3.5.6 on Debian Squeeze Linux on i386, currently security=user PPS: please CC me as I'm not on the list -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Map multiple NT users to the same Unix user with tdbsam
On Tue, Mar 1, 2011 at 1:12 PM, Christian Aichinger gre...@gmx.net wrote: Hi! I have an NTFS partition on an USB HDD mounted with uid=1000, gid=1000. Several users should be able to backup to that partition via Samba shares. They should be able to log in each with their own user/pass. I'd rather not have a separate unix account (/etc/passwd) for each of them (plus that runs into trouble with the uid==gid==1000 problem on the NTFS partition; I'd rather not set the whole NTFS disk world-writeable to circumvent that). And I'd really like to avoid ldap, sticking with tdbsam. What I wish I could do was having multiple user/password combinations on the Windows side and map them all to one user on the unix side. username map looked like the solution, but isn't; quoting the documentation: ... for user or share mode security, the username map is applied prior to validating the user credentials. Thus AIUI all the users would be required to share a password (that of the user they are mapped to). The only other thing I can think of is using share level security, and giving every user one share he can use. Seems possible but suboptimal. Having something like username map, but with it being applied after credential validation would exactly solve my problem (if smbpasswd let me create users absent from /etc/passwd). Is there any way to achieve something like this? Anyone got another solution for my scenario? check out the force user and force group share options. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] CTDB repository - branch 1.3 updated - ctdb-1.9.1-338-g939e7c9
The branch, 1.3 has been updated via 939e7c925edf14e89f94f7084f35e3992cab08ce (commit) via e3522164c42ff36154dc6be4d96441bd46dcdacb (commit) via c906747d52c08588cdace0f92480b533f87ca95f (commit) via fffee2f8d7e78afdb375f457064d0e9ef77c8d30 (commit) from b629b1146543c397cb10cb0339720daa0fbee0e0 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.3 - Log - commit 939e7c925edf14e89f94f7084f35e3992cab08ce Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 1 12:09:42 2011 +1100 If/when the recovery daemon terminates unexpectedly, try to restart it again from the main daemon instead of just shutting down the main deamon too. While it does not address the reason for recovery daemon shutting down, it reduces the impact of such issues and makes the system more robust. commit e3522164c42ff36154dc6be4d96441bd46dcdacb Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 1 10:48:04 2011 +1100 version 1.2.200 commit c906747d52c08588cdace0f92480b533f87ca95f Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 25 10:33:12 2011 +1100 ATTACH_DB: simplify the code slightly and change the semantics to only refuse a db attach during recovery IF we can associate the request from a genuine real client instead of deciding this on whether client_id is zero or This will suppress/avoid messages like these : DB Attach to database %s refused. Can not match clientid... commit fffee2f8d7e78afdb375f457064d0e9ef77c8d30 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 25 10:06:08 2011 +1100 Dont return error if trying to set db priority on a db that does not yet exist. Just treat as a nop. When the database is created later it will get its priority set properly. --- Summary of changes: packaging/RPM/ctdb.spec.in |4 +++- server/ctdb_ltdb_server.c | 15 ++- server/ctdb_recoverd.c | 25 +++-- 3 files changed, 24 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/packaging/RPM/ctdb.spec.in b/packaging/RPM/ctdb.spec.in index 06ca44b..97c42b4 100644 --- a/packaging/RPM/ctdb.spec.in +++ b/packaging/RPM/ctdb.spec.in @@ -3,7 +3,7 @@ Name: ctdb Summary: Clustered TDB Vendor: Samba Team Packager: Samba Team sa...@samba.org -Version: 1.3.2 +Version: 1.2.200 Release: 1GITHASH Epoch: 0 License: GNU GPL version 3 @@ -143,6 +143,8 @@ development libraries for ctdb %{_libdir}/libctdb.a %changelog +* Tue Mar 1 2011 : Version 1.2.200 + - Rename the version to 1.2.200 instead of 1.3.x * Fri Feb 25 2011 : Version 1.3.2 - Fix for split brain during early startup - fix for TRANS3 causing transactions to fail diff --git a/server/ctdb_ltdb_server.c b/server/ctdb_ltdb_server.c index 3e90b2d..19a68ec 100644 --- a/server/ctdb_ltdb_server.c +++ b/server/ctdb_ltdb_server.c @@ -805,6 +805,7 @@ int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata, const char *db_name = (const char *)indata.dptr; struct ctdb_db_context *db; struct ctdb_node *node = ctdb-nodes[ctdb-pnn]; + struct ctdb_client *client = NULL; /* dont allow any local clients to attach while we are in recovery mode * except for the recovery daemon. @@ -812,13 +813,9 @@ int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata, * recovery daemons. */ if (client_id != 0) { - struct ctdb_client *client = ctdb_reqid_find(ctdb, client_id, struct ctdb_client); - - if (client == NULL) { - DEBUG(DEBUG_ERR,(DB Attach to database %s refused. Can not match clientid:%d to a client structure.\n, db_name, client_id)); - return -1; - } - + client = ctdb_reqid_find(ctdb, client_id, struct ctdb_client); + } + if (client != NULL) { /* If the node is inactive it is not part of the cluster and we should not allow clients to attach to any databases @@ -1195,12 +1192,12 @@ int32_t ctdb_control_set_db_priority(struct ctdb_context *ctdb, TDB_DATA indata) ctdb_db = find_ctdb_db(ctdb, db_prio-db_id); if (!ctdb_db) { DEBUG(DEBUG_ERR,(Unknown db_id 0x%x in ctdb_set_db_priority\n, db_prio-db_id)); - return -1; + return 0; } if ((db_prio-priority1) || (db_prio-priorityNUM_DB_PRIORITIES)) { DEBUG(DEBUG_ERR,(Trying to set invalid priority : %u\n, db_prio-priority)); - return -1; + return 0; } ctdb_db-priority = db_prio-priority; diff --git a/server/ctdb_recoverd.c b/server/ctdb_recoverd.c index b82f0e7..13dafa7 100644 ---
[SCM] CTDB repository - branch master updated - ctdb-1.10-107-g0566ef3
The branch, master has been updated via 0566ef3d6cef809bda204877c493c80ff9eb2c40 (commit) via b05ccf366df985e0a3365aacc75761ebd438deaf (commit) via eeaabd579841f60ab2c5b004cbbb1f5de2bfe685 (commit) via 05c934b10ad2690be9d75c9033a0b849bf16455d (commit) from 81663b81687c0ba681500cca6aa8174bb9587ad2 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit 0566ef3d6cef809bda204877c493c80ff9eb2c40 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 1 12:09:42 2011 +1100 If/when the recovery daemon terminates unexpectedly, try to restart it again from the main daemon instead of just shutting down the main deamon too. While it does not address the reason for recovery daemon shutting down, it reduces the impact of such issues and makes the system more robust. commit b05ccf366df985e0a3365aacc75761ebd438deaf Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 25 10:33:12 2011 +1100 ATTACH_DB: simplify the code slightly and change the semantics to only refuse a db attach during recovery IF we can associate the request from a genuine real client instead of deciding this on whether client_id is zero or This will suppress/avoid messages like these : DB Attach to database %s refused. Can not match clientid... commit eeaabd579841f60ab2c5b004cbbb1f5de2bfe685 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Wed Feb 23 15:46:36 2011 +1100 Deferred attach : at early startup, defer any db attach calls until we are out of recovery. commit 05c934b10ad2690be9d75c9033a0b849bf16455d Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 25 10:06:08 2011 +1100 Dont return error if trying to set db priority on a db that does not yet exist. Just treat as a nop. When the database is created later it will get its priority set properly. --- Summary of changes: include/ctdb_private.h| 11 - server/ctdb_control.c |4 +- server/ctdb_ltdb_server.c | 107 +++- server/ctdb_recover.c | 10 server/ctdb_recoverd.c| 25 ++ server/ctdb_tunables.c|3 +- 6 files changed, 133 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/include/ctdb_private.h b/include/ctdb_private.h index db5594d..68877ec 100644 --- a/include/ctdb_private.h +++ b/include/ctdb_private.h @@ -118,6 +118,7 @@ struct ctdb_tunable { uint32_t use_status_events_for_monitoring; uint32_t allow_unhealthy_db_read; uint32_t stat_history_interval; + uint32_t deferred_attach_timeout; }; /* @@ -488,6 +489,9 @@ struct ctdb_context { /* used in the recovery daemon to remember the ip allocation */ struct trbt_tree *ip_tree; + + /* Used to defer db attach requests while in recovery mode */ + struct ctdb_deferred_attach_context *deferred_attach; }; struct ctdb_db_context { @@ -800,7 +804,10 @@ int ctdb_daemon_send_control(struct ctdb_context *ctdb, uint32_t destnode, void *private_data); int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata, - TDB_DATA *outdata, uint64_t tdb_flags, bool persistent); + TDB_DATA *outdata, uint64_t tdb_flags, + bool persistent, uint32_t client_id, + struct ctdb_req_control *c, + bool *async_reply); int ctdb_daemon_set_call(struct ctdb_context *ctdb, uint32_t db_id, ctdb_fn_t fn, int id); @@ -1366,4 +1373,6 @@ int32_t ctdb_control_get_stat_history(struct ctdb_context *ctdb, int ctdb_deferred_drop_all_ips(struct ctdb_context *ctdb); +int ctdb_process_deferred_attach(struct ctdb_context *ctdb); + #endif diff --git a/server/ctdb_control.c b/server/ctdb_control.c index 90900c9..69724e3 100644 --- a/server/ctdb_control.c +++ b/server/ctdb_control.c @@ -221,10 +221,10 @@ static int32_t ctdb_control_dispatch(struct ctdb_context *ctdb, } case CTDB_CONTROL_DB_ATTACH: - return ctdb_control_db_attach(ctdb, indata, outdata, srvid, false); + return ctdb_control_db_attach(ctdb, indata, outdata, srvid, false, client_id, c, async_reply); case CTDB_CONTROL_DB_ATTACH_PERSISTENT: - return ctdb_control_db_attach(ctdb, indata, outdata, srvid, true); + return ctdb_control_db_attach(ctdb, indata, outdata, srvid, true, client_id, c, async_reply); case CTDB_CONTROL_SET_CALL: { struct ctdb_control_set_call *sc = diff --git a/server/ctdb_ltdb_server.c b/server/ctdb_ltdb_server.c index ba2a9cb..19a68ec 100644 --- a/server/ctdb_ltdb_server.c +++
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-154-gf26749e
The branch, 1.0.112 has been updated via f26749ea3080ccfabc8d6dfe482e8b72495c9c10 (commit) via f003e9131784419f36741bad0b1029713d7f9b77 (commit) via ea0953db764085011358cb0cfa36a4d91fdf0058 (commit) via ccf39ce5191b3d5ebd536bee8c04a86c4f07a58e (commit) from 96c29a83f6c937d45785c3d14434f95c48564dd3 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit f26749ea3080ccfabc8d6dfe482e8b72495c9c10 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 1 19:42:35 2011 +1100 new version 1.0.112-40 commit f003e9131784419f36741bad0b1029713d7f9b77 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 1 19:41:43 2011 +1100 dont log an error if we waitpid but there is no child process to wait for commit ea0953db764085011358cb0cfa36a4d91fdf0058 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 1 12:09:42 2011 +1100 If/when the recovery daemon terminates unexpectedly, try to restart it again from the main daemon instead of just shutting down the main deamon too. While it does not address the reason for recovery daemon shutting down, it reduces the impact of such issues and makes the system more robust. commit ccf39ce5191b3d5ebd536bee8c04a86c4f07a58e Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 1 19:09:52 2011 +1100 re-sync to 1.0.112-39 srpm --- Summary of changes: config/events.d/11.natgw |4 +--- config/events.d/60.nfs |1 + packaging/RPM/ctdb.spec.in |7 ++- server/ctdb_daemon.c |2 +- server/ctdb_recoverd.c | 25 +++-- 5 files changed, 24 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/config/events.d/11.natgw b/config/events.d/11.natgw index ac34a24..2fc232a 100755 --- a/config/events.d/11.natgw +++ b/config/events.d/11.natgw @@ -77,10 +77,8 @@ case $1 in # We do this so that the ip address will exist on a # non-loopback interface so that samba may send it along in the # KDC requests. + ip addr add $CTDB_NATGW_PUBLIC_IP_HOST dev lo scope host ip route add 0.0.0.0/0 via $NATGWIP metric 10 - # Make sure winbindd does not stay bound to this address - # if we are no longer natgwmaster - smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP /dev/null 2/dev/null fi # flush our route cache diff --git a/config/events.d/60.nfs b/config/events.d/60.nfs index 2c48d05..645b3b1 100755 --- a/config/events.d/60.nfs +++ b/config/events.d/60.nfs @@ -96,6 +96,7 @@ case $1 in (ctdb_check_rpc lockd 100021 1) [ $? = 0 ] || { echo Trying to restart lock manager service + startstop_nfs restart startstop_nfslock restart exit 1 } diff --git a/packaging/RPM/ctdb.spec.in b/packaging/RPM/ctdb.spec.in index 0adb693..3ca8a45 100644 --- a/packaging/RPM/ctdb.spec.in +++ b/packaging/RPM/ctdb.spec.in @@ -5,7 +5,7 @@ Vendor: Samba Team Packager: Samba Team sa...@samba.org Name: ctdb Version: 1.0.112 -Release: 38 +Release: 40 Epoch: 0 License: GNU GPL version 3 Group: System Environment/Daemons @@ -125,6 +125,11 @@ rm -rf $RPM_BUILD_ROOT %{_docdir}/ctdb/tests/bin/ctdb_transaction %changelog +* Tue Mar 1 2011 : Version 1.0.112-40 + - Try restarting the recovery daemon when it fails. +* Wed Oct 27 2010 : Version 1.0.112-39 + - When restarting lockmanager, also restart nfs itself in case nfs failed to + start. * Wed Oct 14 2010 : Version 1.0.112-38 - Try to restart LOCKD if service nfslock start fails. * Wed Oct 13 2010 : Version 1.0.112-37 diff --git a/server/ctdb_daemon.c b/server/ctdb_daemon.c index 1dbf3e6..3eb832e 100644 --- a/server/ctdb_daemon.c +++ b/server/ctdb_daemon.c @@ -695,7 +695,7 @@ static void sig_child_handler(struct event_context *ev, while (pid != 0) { pid = waitpid(-1, status, WNOHANG); - if (pid == -1) { + if (pid == -1 errno != ECHILD) { DEBUG(DEBUG_ERR, (__location__ waitpid() returned error. errno:%d\n, errno)); return; } diff --git a/server/ctdb_recoverd.c b/server/ctdb_recoverd.c index fbc5eec..fe0f535 100644 --- a/server/ctdb_recoverd.c +++ b/server/ctdb_recoverd.c @@ -72,6 +72,7 @@ struct ctdb_recoverd { #define CONTROL_TIMEOUT() timeval_current_ofs(ctdb-tunable.recover_timeout, 0) #define MONITOR_TIMEOUT() timeval_current_ofs(ctdb-tunable.recover_interval, 0) +static void ctdb_restart_recd(struct event_context *ev, struct timed_event *te, struct timeval t, void *private_data); /* ban a node for a period of time @@ -3455,18 +3456,12 @@ static void ctdb_check_recd(struct event_context *ev,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0e68867 s4:dsdb - always handle the attribute options as 32bit unsigned integer from 86aa05e libcli/security Add unix_token and unix_info to auth_session_info too http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0e68867b269ad54a8b05441fa81a9ce523b0325b Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Mar 1 11:40:23 2011 +0100 s4:dsdb - always handle the attribute options as 32bit unsigned integer It is defined as LDAP syntax 2.5.5.9 so no need at all to treat it as 64-bit integer. Reviewed by: Kamenim and Metze Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Tue Mar 1 12:46:15 CET 2011 on sn-devel-104 --- Summary of changes: source4/dsdb/common/util.c |5 ++- source4/dsdb/kcc/kcc_connection.c |2 +- source4/dsdb/kcc/kcc_topology.c | 37 ++- source4/rpc_server/drsuapi/dcesrv_drsuapi.c |2 +- 4 files changed, 24 insertions(+), 22 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index fb742f9..d0efa05 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -1862,7 +1862,8 @@ failed: bool samdb_is_gc(struct ldb_context *ldb) { const char *attrs[] = { options, NULL }; - int ret, options; + uint32_t options; + int ret; struct ldb_result *res; TALLOC_CTX *tmp_ctx; @@ -1883,7 +1884,7 @@ bool samdb_is_gc(struct ldb_context *ldb) return false; } - options = ldb_msg_find_attr_as_int(res-msgs[0], options, 0); + options = ldb_msg_find_attr_as_uint(res-msgs[0], options, 0); talloc_free(tmp_ctx); /* if options attribute has the 0x0001 flag set, then enable the global catlog */ diff --git a/source4/dsdb/kcc/kcc_connection.c b/source4/dsdb/kcc/kcc_connection.c index 3c30909..66cd415 100644 --- a/source4/dsdb/kcc/kcc_connection.c +++ b/source4/dsdb/kcc/kcc_connection.c @@ -80,7 +80,7 @@ static int kccsrv_add_connection(struct kccsrv_service *s, ldb_msg_add_string(msg, enabledConnection, TRUE); ldb_msg_add_linearized_dn(msg, fromServer, server_dn); /* ldb_msg_add_value(msg, schedule, schedule_val, NULL); */ - ldb_msg_add_string(msg, options, 1); + samdb_msg_add_uint(s-samdb, msg, msg, options, 1); ret = ldb_add(s-samdb, msg); if (ret == LDB_SUCCESS) { diff --git a/source4/dsdb/kcc/kcc_topology.c b/source4/dsdb/kcc/kcc_topology.c index c13e330..6cf3d41 100644 --- a/source4/dsdb/kcc/kcc_topology.c +++ b/source4/dsdb/kcc/kcc_topology.c @@ -257,13 +257,14 @@ static int kcctpl_sort_bridgeheads(const void *bridgehead1, const void *bridgehead2) { const struct ldb_message *bh1, *bh2; - uint64_t bh1_opts, bh2_opts, cmp_gc; + uint32_t bh1_opts, bh2_opts; + int cmp_gc; bh1 = (const struct ldb_message *) bridgehead1; bh2 = (const struct ldb_message *) bridgehead2; - bh1_opts = ldb_msg_find_attr_as_int64(bh1, options, 0); - bh2_opts = ldb_msg_find_attr_as_int64(bh2, options, 0); + bh1_opts = ldb_msg_find_attr_as_uint(bh1, options, 0); + bh2_opts = ldb_msg_find_attr_as_uint(bh2, options, 0); cmp_gc = (bh1_opts NTDSDSA_OPT_IS_GC) - (bh2_opts NTDSDSA_OPT_IS_GC); @@ -619,7 +620,7 @@ static NTSTATUS kcctpl_create_edge(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, } edge-repl_info.cost = ldb_msg_find_attr_as_int64(site_link, cost, 0); - edge-repl_info.options = ldb_msg_find_attr_as_int64(site_link, options, 0); + edge-repl_info.options = ldb_msg_find_attr_as_uint(site_link, options, 0); edge-repl_info.interval = ldb_msg_find_attr_as_int64(site_link, replInterval, 0); /* TODO: edge-repl_info.schedule = site_link!schedule */ @@ -795,7 +796,7 @@ static NTSTATUS kcctpl_setup_graph(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, unsigned int i; NTSTATUS status; struct ldb_message *site; - uint64_t site_opts; + uint32_t site_opts; tmp_ctx = talloc_new(mem_ctx); NT_STATUS_HAVE_NO_MEMORY(tmp_ctx); @@ -850,7 +851,7 @@ static NTSTATUS kcctpl_setup_graph(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, talloc_free(tmp_ctx); return NT_STATUS_INTERNAL_DB_CORRUPTION; } - site_opts = ldb_msg_find_attr_as_int64(site, options, 0); + site_opts = ldb_msg_find_attr_as_uint(site, options, 0); transports_dn = kcctpl_transports_dn(ldb, tmp_ctx); if (!transports_dn) { @@ -878,7 +879,7 @@ static
Re: [SCM] Samba Shared Repository - branch master updated
On Tue, 2011-03-01 at 07:35 +0100, Volker Lendecke wrote: On Tue, Mar 01, 2011 at 04:33:01AM +0100, Andrew Bartlett wrote: The branch, master has been updated via 5f5ca91 lib/util: new merged debug system via 4acef31 lib/util move debug.[ch] out of the way from b1f68b6 s4-libnet_vampire: Ignore some attributes when building working schema cache http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f5ca913b7abfcf95782339fac2dc8c1541b1126 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 24 16:14:03 2011 +1100 lib/util: new merged debug system This is the s3 debug system, with a number of changes to tidy it up for common use. The debug class system is simplified by the removal of the ISSET table, the system no longer attempts to cope with assignment of DEBUGLEVEL, and the full class table is always available (rather than just DEBUGLEVEL_CLASS[DBCG_ALL]) from startup. It is also no longer confusingly described as a hack, but as the initial table. The way git diff / git whatchanged works makes it more difficult than necessary to compare the actual code changes if you make changes and move the files at the same time. Next time, can you please split those two changes into two commits? Volker, If you want to see this patch in a slightly better form you can use a command like this: git showh -M -C --patience 5f5ca913b7abfcf95782339fac2dc8c1541b1126 With this one git is told to detect the rename and does show only the differences. you can use the same arguments for generating better patches when you want to send them around for review, like this: git format-patch -M -C --patience --full-index -1 5f5ca913b7abfcf95782339fac2dc8c1541b1126 Simo. -- Simo Sorce Samba Team GPL Compliance Officer s...@samba.org Principal Software Engineer at Red Hat, Inc. s...@redhat.com
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0b5719f s4:netlogon RPC server - LogonGetDomainInfo - check for NULL attributes via fecf925 s4:drsuapi RPC server - check for the SPN attribute != NULL from 0e68867 s4:dsdb - always handle the attribute options as 32bit unsigned integer http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0b5719f5fce6c7069c2faac72c83c20bb22db09f Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Mar 1 13:06:19 2011 +0100 s4:netlogon RPC server - LogonGetDomainInfo - check for NULL attributes This is needed to complete the transition from samdb_msg_add_string to ldb_msg_add_string. And this patch yields better NTSTATUS error results than before (INVALID_PARAMETER rather than OUT_OF_MEMORY). Reviewed-by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Tue Mar 1 14:42:15 CET 2011 on sn-devel-104 commit fecf925043be5de1ed9d6f3a171ffeab1530d9c9 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Mar 1 13:03:59 2011 +0100 s4:drsuapi RPC server - check for the SPN attribute != NULL The SPN attribute could derive from an untrusted source (client). Reviewed-by: Jelmer --- Summary of changes: source4/rpc_server/drsuapi/writespn.c |6 +++ source4/rpc_server/netlogon/dcerpc_netlogon.c | 46 +++- 2 files changed, 35 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/drsuapi/writespn.c b/source4/rpc_server/drsuapi/writespn.c index e2e12f1..63fdef2 100644 --- a/source4/rpc_server/drsuapi/writespn.c +++ b/source4/rpc_server/drsuapi/writespn.c @@ -59,6 +59,12 @@ static bool writespn_check_spn(struct drsuapi_bind_state *b_state, krb5_principal principal; const char *dns_name, *dnsHostName; + /* The service principal name shouldn't be NULL */ + if (spn == NULL) { + talloc_free(tmp_ctx); + return false; + } + /* get the objectSid of the DN that is being modified, and check it matches the user_sid in their token diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 3ec..8cd8257 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -1378,7 +1378,6 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal struct ldb_dn *workstation_dn; struct netr_DomainInformation *domain_info; struct netr_LsaPolicyInformation *lsa_policy_info; - struct netr_OsVersionInfoEx *os_version; uint32_t default_supported_enc_types = 0x; bool update_dns_hostname = true; int ret, ret3, i; @@ -1478,9 +1477,13 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal new_msg-dn = workstation_dn; /* Sets the OS name */ - ret = samdb_msg_set_string(sam_ctx, mem_ctx, new_msg, - operatingSystem, - r-in.query-workstation_info-os_name.string); + + if (r-in.query-workstation_info-os_name.string == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + ret = ldb_msg_add_string(new_msg, operatingSystem, + r-in.query-workstation_info-os_name.string); if (ret != LDB_SUCCESS) { return NT_STATUS_NO_MEMORY; } @@ -1490,22 +1493,31 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal * the values are cleared. */ if (r-in.query-workstation_info-os_version.os != NULL) { + struct netr_OsVersionInfoEx *os_version; + const char *os_version_str; + os_version = r-in.query-workstation_info-os_version.os-os; - ret = samdb_msg_set_string(sam_ctx, mem_ctx, new_msg, - operatingSystemServicePack, - os_version-CSDVersion); + if (os_version-CSDVersion == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + os_version_str = talloc_asprintf(new_msg, %u.%u (%u), + os_version-MajorVersion, + os_version-MinorVersion, + os_version-BuildNumber);
Re: [SCM] Samba Shared Repository - branch master updated
On Tue, Mar 01, 2011 at 07:55:28AM -0500, simo wrote: If you want to see this patch in a slightly better form you can use a command like this: git showh -M -C --patience 5f5ca913b7abfcf95782339fac2dc8c1541b1126 With this one git is told to detect the rename and does show only the differences. Ok, thanks. Then I rephrase my comment a bit. It would be highly desirable to make small patches to both implementations until there is no difference anymore or the diff is really trivial. That patch is almost 2000 lines, which is for my taste a LOT too much for a single patch unless there is a very good reason for this. Please in the future divide that kind of patches into much smaller chunks if you do not want to actively feed resistance against any kind of changes to Samba3. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ef224aa librpc/ndr: handle NOALIGN flag for relative pointers and alignment DATA_BLOBs from 0b5719f s4:netlogon RPC server - LogonGetDomainInfo - check for NULL attributes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ef224aa004d5f1726d8dca020e0ef96d8c58565e Author: Stefan Metzmacher me...@samba.org Date: Tue Mar 1 14:20:32 2011 +0100 librpc/ndr: handle NOALIGN flag for relative pointers and alignment DATA_BLOBs metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue Mar 1 17:11:03 CET 2011 on sn-devel-104 --- Summary of changes: librpc/ndr/ndr.c |8 ++-- librpc/ndr/ndr_basic.c | 11 --- 2 files changed, 14 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/ndr.c b/librpc/ndr/ndr.c index e7850d3..cfeb231 100644 --- a/librpc/ndr/ndr.c +++ b/librpc/ndr/ndr.c @@ -1191,7 +1191,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_relative_ptr2_start(struct ndr_push *ndr, co relative_offset = ndr-offset - ndr-relative_base_offset; - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + align = 1; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { align = 2; } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { align = 4; @@ -1270,7 +1272,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_relative_ptr2_end(struct ndr_push *ndr, cons /* the reversed offset is at the end of the main buffer */ correct_offset = ndr-relative_end_offset - len; - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + align = 1; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { align = 2; } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { align = 4; diff --git a/librpc/ndr/ndr_basic.c b/librpc/ndr/ndr_basic.c index 7323f6d..8e0789a 100644 --- a/librpc/ndr/ndr_basic.c +++ b/librpc/ndr/ndr_basic.c @@ -1218,8 +1218,11 @@ _PUBLIC_ void ndr_print_DATA_BLOB(struct ndr_print *ndr, const char *name, DATA_ _PUBLIC_ enum ndr_err_code ndr_push_DATA_BLOB(struct ndr_push *ndr, int ndr_flags, DATA_BLOB blob) { if (ndr-flags LIBNDR_FLAG_REMAINING) { + /* nothing to do */ } else if (ndr-flags LIBNDR_ALIGN_FLAGS) { - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + blob.length = 0; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { blob.length = NDR_ALIGN(ndr, 2); } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { blob.length = NDR_ALIGN(ndr, 4); @@ -1228,7 +1231,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_DATA_BLOB(struct ndr_push *ndr, int ndr_flag } NDR_PUSH_ALLOC_SIZE(ndr, blob.data, blob.length); data_blob_clear(blob); - } else if (!(ndr-flags LIBNDR_FLAG_REMAINING)) { + } else { NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, blob.length)); } NDR_CHECK(ndr_push_bytes(ndr, blob.data, blob.length)); @@ -1245,7 +1248,9 @@ _PUBLIC_ enum ndr_err_code ndr_pull_DATA_BLOB(struct ndr_pull *ndr, int ndr_flag if (ndr-flags LIBNDR_FLAG_REMAINING) { length = ndr-data_size - ndr-offset; } else if (ndr-flags LIBNDR_ALIGN_FLAGS) { - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + length = 0; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { length = NDR_ALIGN(ndr, 2); } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { length = NDR_ALIGN(ndr, 4); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 80995fd s4:drsuapi RPC server - this resembles more samdb_is_gc from ef224aa librpc/ndr: handle NOALIGN flag for relative pointers and alignment DATA_BLOBs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 80995fde5a6b0ba274972676864e1985d990e1ea Author: Matthias Dieter Wallnöfer m...@samba.org Date: Tue Mar 1 14:06:23 2011 +0100 s4:drsuapi RPC server - this resembles more samdb_is_gc Reviewed by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Tue Mar 1 17:57:47 CET 2011 on sn-devel-104 --- Summary of changes: source4/rpc_server/drsuapi/dcesrv_drsuapi.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c index 63eed63..5dbb238 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c @@ -702,7 +702,7 @@ static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_sta LDB_SCOPE_BASE, attrs_ntds, objectClass=nTDSDSA); if (ret == LDB_SUCCESS res_ntds-count == 1) { ctr2-array[i].is_gc - = (ldb_msg_find_attr_as_uint(res_ntds-msgs[0], options, 0) == 1); + = (ldb_msg_find_attr_as_uint(res_ntds-msgs[0], options, 0) DS_NTDSDSA_OPT_IS_GC); ctr2-array[i].ntds_guid = samdb_result_guid(res_ntds-msgs[0], objectGUID); ctr2-array[i].ntds_dn = ldb_dn_get_linearized(res_ntds-msgs[0]-dn); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 1ea17ba librpc/ndr: handle NOALIGN flag for relative pointers and alignment DATA_BLOBs from ba1a72c spoolss.idl: align spoolss_DriverFileInfo relative pointer to 4 byte http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 1ea17bacdb09d28a12a8b6ddeba3ac285cd9f905 Author: Stefan Metzmacher me...@samba.org Date: Tue Mar 1 14:20:32 2011 +0100 librpc/ndr: handle NOALIGN flag for relative pointers and alignment DATA_BLOBs metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue Mar 1 17:11:03 CET 2011 on sn-devel-104 (cherry picked from commit ef224aa004d5f1726d8dca020e0ef96d8c58565e) --- Summary of changes: librpc/ndr/ndr.c |8 ++-- librpc/ndr/ndr_basic.c | 11 --- 2 files changed, 14 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/ndr.c b/librpc/ndr/ndr.c index e7850d3..cfeb231 100644 --- a/librpc/ndr/ndr.c +++ b/librpc/ndr/ndr.c @@ -1191,7 +1191,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_relative_ptr2_start(struct ndr_push *ndr, co relative_offset = ndr-offset - ndr-relative_base_offset; - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + align = 1; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { align = 2; } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { align = 4; @@ -1270,7 +1272,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_relative_ptr2_end(struct ndr_push *ndr, cons /* the reversed offset is at the end of the main buffer */ correct_offset = ndr-relative_end_offset - len; - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + align = 1; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { align = 2; } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { align = 4; diff --git a/librpc/ndr/ndr_basic.c b/librpc/ndr/ndr_basic.c index d8e1cf0..9062f7c 100644 --- a/librpc/ndr/ndr_basic.c +++ b/librpc/ndr/ndr_basic.c @@ -1158,8 +1158,11 @@ _PUBLIC_ void ndr_print_DATA_BLOB(struct ndr_print *ndr, const char *name, DATA_ _PUBLIC_ enum ndr_err_code ndr_push_DATA_BLOB(struct ndr_push *ndr, int ndr_flags, DATA_BLOB blob) { if (ndr-flags LIBNDR_FLAG_REMAINING) { + /* nothing to do */ } else if (ndr-flags LIBNDR_ALIGN_FLAGS) { - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + blob.length = 0; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { blob.length = NDR_ALIGN(ndr, 2); } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { blob.length = NDR_ALIGN(ndr, 4); @@ -1168,7 +1171,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_DATA_BLOB(struct ndr_push *ndr, int ndr_flag } NDR_PUSH_ALLOC_SIZE(ndr, blob.data, blob.length); data_blob_clear(blob); - } else if (!(ndr-flags LIBNDR_FLAG_REMAINING)) { + } else { NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, blob.length)); } NDR_CHECK(ndr_push_bytes(ndr, blob.data, blob.length)); @@ -1185,7 +1188,9 @@ _PUBLIC_ enum ndr_err_code ndr_pull_DATA_BLOB(struct ndr_pull *ndr, int ndr_flag if (ndr-flags LIBNDR_FLAG_REMAINING) { length = ndr-data_size - ndr-offset; } else if (ndr-flags LIBNDR_ALIGN_FLAGS) { - if (ndr-flags LIBNDR_FLAG_ALIGN2) { + if (ndr-flags LIBNDR_FLAG_NOALIGN) { + length = 0; + } else if (ndr-flags LIBNDR_FLAG_ALIGN2) { length = NDR_ALIGN(ndr, 2); } else if (ndr-flags LIBNDR_FLAG_ALIGN4) { length = NDR_ALIGN(ndr, 4); -- Samba Shared Repository
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-155-g9b95d6c
The branch, 1.0.112 has been updated via 9b95d6c9332977c1a216782ba57c4d9072b5de1e (commit) from f26749ea3080ccfabc8d6dfe482e8b72495c9c10 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit 9b95d6c9332977c1a216782ba57c4d9072b5de1e Author: Ronnie Sahlberg sahlberg@lenovo-laptop.(none) Date: Wed Mar 2 04:24:15 2011 +1100 Suppress a log message properly --- Summary of changes: server/ctdb_daemon.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/server/ctdb_daemon.c b/server/ctdb_daemon.c index 3eb832e..4c35b1c 100644 --- a/server/ctdb_daemon.c +++ b/server/ctdb_daemon.c @@ -695,8 +695,10 @@ static void sig_child_handler(struct event_context *ev, while (pid != 0) { pid = waitpid(-1, status, WNOHANG); - if (pid == -1 errno != ECHILD) { - DEBUG(DEBUG_ERR, (__location__ waitpid() returned error. errno:%d\n, errno)); + if (pid == -1) { + if (errno != ECHILD) { + DEBUG(DEBUG_ERR, (__location__ waitpid() returned error. errno:%d\n, errno)); + } return; } if (pid 0) { -- CTDB repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e1e3b5c libds/common/flag_mapping.c - fix another build dependency from 80995fd s4:drsuapi RPC server - this resembles more samdb_is_gc http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e1e3b5c4295bd09f5ed5ec6c7f68cb43eb8fb91c Author: Sean Finney sean...@seanius.net Date: Tue Mar 1 18:07:18 2011 +0100 libds/common/flag_mapping.c - fix another build dependency Signed-off-by: Matthias Dieter Wallnöfer m...@samba.org Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Tue Mar 1 18:53:40 CET 2011 on sn-devel-104 --- Summary of changes: libds/common/wscript_build |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/libds/common/wscript_build b/libds/common/wscript_build index 46787db..f6ed209 100644 --- a/libds/common/wscript_build +++ b/libds/common/wscript_build @@ -1,3 +1,4 @@ bld.SAMBA_SUBSYSTEM('flag_mapping', +public_deps='talloc replace', source='flag_mapping.c') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 203b4aa Fix bug 7950 - Samba 3.5.x fails BASE-CREATEX_SHAREMODES_DIR smbtorture4 test We need to revalidate the pathname once re-constructed from a root fsp. from e20d2b7 WHATSNEW: Start release notes for 3.5.8. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 203b4aa318ce2aa64812006ed94a1e4e1becf66f Author: Jeremy Allison j...@samba.org Date: Wed Feb 23 18:24:41 2011 -0800 Fix bug 7950 - Samba 3.5.x fails BASE-CREATEX_SHAREMODES_DIR smbtorture4 test We need to revalidate the pathname once re-constructed from a root fsp. Jeremy. (cherry picked from commit 916e82823b56a70d7761644b38a250ea8c38e204) --- Summary of changes: source3/include/proto.h |3 ++- source3/modules/onefs_open.c |4 +++- source3/smbd/open.c | 22 -- 3 files changed, 21 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index ce33b70..ef80b92 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6663,7 +6663,8 @@ NTSTATUS create_file_default(connection_struct *conn, NTSTATUS get_relative_fid_filename(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, - struct smb_filename *smb_fname); + const struct smb_filename *smb_fname, + struct smb_filename **smb_fname_out); /* The following definitions come from smbd/oplock.c */ diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c index 2b4e106..a3b919f 100644 --- a/source3/modules/onefs_open.c +++ b/source3/modules/onefs_open.c @@ -2094,11 +2094,13 @@ NTSTATUS onefs_create_file(vfs_handle_struct *handle, /* Get the file name if root_dir_fid was specified. */ if (root_dir_fid != 0) { + struct smb_filename *smb_fname_out = NULL; status = get_relative_fid_filename(conn, req, root_dir_fid, - smb_fname); + smb_fname, smb_fname_out); if (!NT_STATUS_IS_OK(status)) { goto fail; } + smb_fname = smb_fname_out; } /* All file access must go through check_name() */ diff --git a/source3/smbd/open.c b/source3/smbd/open.c index f7ed495..bd748f9 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3233,7 +3233,8 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, NTSTATUS get_relative_fid_filename(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, - struct smb_filename *smb_fname) + const struct smb_filename *smb_fname, + struct smb_filename **smb_fname_out) { files_struct *dir_fsp; char *parent_fname = NULL; @@ -3321,16 +3322,23 @@ NTSTATUS get_relative_fid_filename(connection_struct *conn, } } - new_base_name = talloc_asprintf(smb_fname, %s%s, parent_fname, + new_base_name = talloc_asprintf(talloc_tos(), %s%s, parent_fname, smb_fname-base_name); if (new_base_name == NULL) { status = NT_STATUS_NO_MEMORY; goto out; } - TALLOC_FREE(smb_fname-base_name); - smb_fname-base_name = new_base_name; - status = NT_STATUS_OK; + status = filename_convert(req, + conn, + req-flags2 FLAGS2_DFS_PATHNAMES, + new_base_name, + 0, + NULL, + smb_fname_out); + if (!NT_STATUS_IS_OK(status)) { + goto out; + } out: TALLOC_FREE(parent_fname); @@ -3377,11 +3385,13 @@ NTSTATUS create_file_default(connection_struct *conn, */ if (root_dir_fid != 0) { + struct smb_filename *smb_fname_out = NULL; status = get_relative_fid_filename(conn, req, root_dir_fid, - smb_fname); + smb_fname, smb_fname_out); if (!NT_STATUS_IS_OK(status)) { goto fail; } + smb_fname = smb_fname_out; } /* -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via fd6af89 s3:vfs:gpfs: fix logic when gpfs:winattr is false (the default!) from 203b4aa Fix bug 7950 - Samba 3.5.x fails BASE-CREATEX_SHAREMODES_DIR smbtorture4 test We need to revalidate the pathname once re-constructed from a root fsp. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit fd6af89cb86c7ffb99ba4de986d932ec58182c81 Author: Rusty Russell ru...@rustcorp.com.au Date: Fri Nov 20 10:39:57 2009 +0100 s3:vfs:gpfs: fix logic when gpfs:winattr is false (the default!) On my autocluster setup, it's not set. Maybe it should be? Otherwise smbclient and some Windows client programs will get errors like: # smbclient //localhost/data -Uadministrator%XXX Domain=[VSOFS1] OS=[Unix] Server=[Samba 3.4.2-ctdb-10] smb: \ put /etc/resolv.conf resolv.conf NT_STATUS_ACCESS_DENIED closing remote file \resolv.conf smb: \ Caused by attempting to update the time on close. Signed-off-by: Rusty Russell ru...@rustcorp.com.au Signed-off-by: Michael Adam ob...@samba.org (cherry picked from commit 385d925f7e0fedca7d480e4f25d89e3194433b88) Fix bug #7498 (robocopy fails to a GPFS share when setting the date). --- Summary of changes: source3/modules/vfs_gpfs.c | 12 +++- 1 files changed, 11 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 7c481d6..262d167 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -939,6 +939,11 @@ static int gpfs_set_xattr(struct vfs_handle_struct *handle, const char *path, ret = set_gpfs_winattrs(CONST_DISCARD(char *, path), GPFS_WINATTR_SET_ATTRS, attrs); if ( ret == -1){ + if (errno == ENOSYS) { + return SMB_VFS_NEXT_SETXATTR(handle, path, name, value, +size, flags); + } + DEBUG(1, (gpfs_set_xattr:Set GPFS attributes failed %d\n,ret)); return -1; } @@ -964,6 +969,11 @@ static ssize_t gpfs_get_xattr(struct vfs_handle_struct *handle, const char *pat ret = get_gpfs_winattrs(CONST_DISCARD(char *, path), attrs); if ( ret == -1){ + if (errno == ENOSYS) { + return SMB_VFS_NEXT_GETXATTR(handle, path, name, value, +size); + } + DEBUG(1, (gpfs_get_xattr: Get GPFS attributes failed: %d\n,ret)); return -1; } @@ -1095,7 +1105,7 @@ static int vfs_gpfs_ntimes(struct vfs_handle_struct *handle, ret = set_gpfs_winattrs(CONST_DISCARD(char *, path), GPFS_WINATTR_SET_CREATION_TIME, attrs); -if(ret == -1){ +if(ret == -1 errno != ENOSYS){ DEBUG(1,(vfs_gpfs_ntimes: set GPFS ntimes failed %d\n,ret)); return -1; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 5d525ea s3-param: Make rlimit_max below minimum Windows limit notification less scary from fd6af89 s3:vfs:gpfs: fix logic when gpfs:winattr is false (the default!) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 5d525ea0ed937e4146dee0859d0218ef730bfa27 Author: Jonathan Nieder jrnie...@gmail.com Date: Sun Jan 2 02:40:09 2011 -0600 s3-param: Make rlimit_max below minimum Windows limit notification less scary The fix to bug #6837 results in messages from testparm that look like a misconfiguration even though they aren't: rlimit_max: rlimit_max (8192) below minimum Windows limit (16384) Apply a slight change in wording (increasing rlimit_max to minimum Windows limit) to make it clearer that the user has done nothing wrong. (Similarly for sysctl_max.) Reported-by: Miguel Medalha miguelmeda...@sapo.pt Signed-off-by: Jonathan Nieder jrnie...@gmail.com --- Summary of changes: source3/param/loadparm.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 57ea2cd..76e2303 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4774,7 +4774,7 @@ static int max_open_files(void) #endif if (sysctl_max MIN_OPEN_FILES_WINDOWS) { - DEBUG(2,(max_open_files: sysctl_max (%d) below + DEBUG(2,(max_open_files: increasing sysctl_max (%d) to minimum Windows limit (%d)\n, sysctl_max, MIN_OPEN_FILES_WINDOWS)); @@ -4782,7 +4782,7 @@ static int max_open_files(void) } if (rlimit_max MIN_OPEN_FILES_WINDOWS) { - DEBUG(2,(rlimit_max: rlimit_max (%d) below + DEBUG(2,(rlimit_max: increasing rlimit_max (%d) to minimum Windows limit (%d)\n, rlimit_max, MIN_OPEN_FILES_WINDOWS)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 64e06b7 Revert examples/LDAP: remove overoutdated samba-schema.IBMSecureWay via 90b0f86 examples/LDAP: remove overoutdated samba-schema.IBMSecureWay via 24e257c examples/LDAP: delete unmaintained samba-schema-netscapeds4.x from e1e3b5c libds/common/flag_mapping.c - fix another build dependency http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 64e06b743b1c2f956945d27860f10f6e387834ba Author: Björn Jacke b...@sernet.de Date: Tue Mar 1 22:55:39 2011 +0100 Revert examples/LDAP: remove overoutdated samba-schema.IBMSecureWay This reverts commit 90b0f86d81d4c68bf326c3e7c2247d9dabd75058. this isn't that outdated at all. Got confused by the splitted oc/at files Autobuild-User: Björn Jacke b...@sernet.de Autobuild-Date: Tue Mar 1 23:43:51 CET 2011 on sn-devel-104 commit 90b0f86d81d4c68bf326c3e7c2247d9dabd75058 Author: Björn Jacke b...@sernet.de Date: Tue Mar 1 22:46:53 2011 +0100 examples/LDAP: remove overoutdated samba-schema.IBMSecureWay commit 24e257c87d38dbd77f6e51d506fff2a93bf64cd2 Author: Björn Jacke b...@sernet.de Date: Tue Mar 1 22:38:35 2011 +0100 examples/LDAP: delete unmaintained samba-schema-netscapeds4.x --- Summary of changes: examples/LDAP/samba-schema-netscapeds4.x | 112 -- 1 files changed, 0 insertions(+), 112 deletions(-) delete mode 100644 examples/LDAP/samba-schema-netscapeds4.x Changeset truncated at 500 lines: diff --git a/examples/LDAP/samba-schema-netscapeds4.x b/examples/LDAP/samba-schema-netscapeds4.x deleted file mode 100644 index 082471b..000 --- a/examples/LDAP/samba-schema-netscapeds4.x +++ /dev/null @@ -1,112 +0,0 @@ -# -# LDAP Schema file for SAMBA 3.0 attribute storage -# For Netscape Directory Server 4.1x -# Prepared by Osman Demirhan - -attribute sambaLMPassword 1.3.6.1.4.1.7165.2.1.24 cis single -attribute sambaNTPassword 1.3.6.1.4.1.7165.2.1.25 cis single -attribute sambaAcctFlags 1.3.6.1.4.1.7165.2.1.26 cis single -attribute sambaPwdLastSet 1.3.6.1.4.1.7165.2.1.27 int single -attribute sambaPwdCanChange 1.3.6.1.4.1.7165.2.1.28 int single -attribute sambaPwdMustChange 1.3.6.1.4.1.7165.2.1.29 int single -attribute sambaLogonTime 1.3.6.1.4.1.7165.2.1.30 int single -attribute sambaLogoffTime 1.3.6.1.4.1.7165.2.1.31 int single -attribute sambaKickoffTime1.3.6.1.4.1.7165.2.1.32 int single -attribute sambaHomeDrive 1.3.6.1.4.1.7165.2.1.33 cis single -attribute sambaLogonScript1.3.6.1.4.1.7165.2.1.34 cis single -attribute sambaProfilePath1.3.6.1.4.1.7165.2.1.35 cis single -attribute sambaUserWorkstations 1.3.6.1.4.1.7165.2.1.36 cis single -attribute sambaHomePath 1.3.6.1.4.1.7165.2.1.37 cis single -attribute sambaDomainName 1.3.6.1.4.1.7165.2.1.38 cis single -attribute sambaSID1.3.6.1.4.1.7165.2.1.20 cis single -attribute sambaPrimaryGroupSID1.3.6.1.4.1.7165.2.1.23 cis single -attribute sambaGroupType 1.3.6.1.4.1.7165.2.1.19 int single -attribute sambaNextUserRid1.3.6.1.4.1.7165.2.1.21 int single -attribute sambaNextGroupRid 1.3.6.1.4.1.7165.2.1.22 int single -attribute sambaNextRid1.3.6.1.4.1.7165.2.1.39 int single -attribute sambaAlgorithmicRidBase 1.3.6.1.4.1.7165.2.1.40 int single - -objectclass sambaSamAccount - oid - 1.3.6.1.4.1.7165.2.2.6 - superior - top - requires - objectClass, - uid, - sambaSID - allows - cn, - sambaLMPassword, - sambaNTPassword, - sambaPwdLastSet, - sambaLogonTime, - sambaLogoffTime, - sambaKickoffTime, - sambaPwdCanChange, - sambaPwdMustChange, - sambaAcctFlags, - displayName, - sambaHomePath, - sambaHomeDrive, -
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 529291b s3-printing: vfs_connect prior to driver/dfs IO via faf4b99 s3-printing: clean up get_correct_cversion error paths via 47b978d s3-printing: fix move_driver_to_download_area() error paths from 1ea17ba librpc/ndr: handle NOALIGN flag for relative pointers and alignment DATA_BLOBs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 529291bb20db44b9a253ee0183fc40abf6b2fc6c Author: David Disseldorp dd...@suse.de Date: Tue Mar 1 19:17:49 2011 +0100 s3-printing: vfs_connect prior to driver/dfs IO samba3.posix_s3.rpc.spoolss.driver fails with the xattr_tdb vfs module loaded as a part of make test. The (now checked) create_directory() call in move_driver_to_download_area() fails, uncovering another bug in the printer driver upload code path. move_driver_to_download_area() creates a new conn_struct for manipulating files in [print$]. The VFS layer is plumbed through with the call to create_conn_struct(), however SMB_VFS_CONNECT() is never called. Many vfs modules expect state stored at connect time with SMB_VFS_HANDLE_SET_DATA() to be available on any IO operation and fail if this is not the case. This fix adds a call to SMB_VFS_CONNECT() in create_conn_struct() prior to IO. https://bugzilla.samba.org/show_bug.cgi?id=7976 commit faf4b99182c62f43896f74b09947badc215e7d02 Author: David Disseldorp dd...@suse.de Date: Tue Mar 1 19:17:48 2011 +0100 s3-printing: clean up get_correct_cversion error paths Remove an unneeded variable and simplify error paths. commit 47b978d4119e797af3c0098e01add503d598eca0 Author: David Disseldorp dd...@suse.de Date: Tue Mar 1 19:17:47 2011 +0100 s3-printing: fix move_driver_to_download_area() error paths WERR_ACCESS_DENIED errors are mapped to WERR_UNKNOWN_PRINTER_DRIVER, resulting in incorrect error messages on Windows clients. move_driver_to_download_area() returns the same error status values to the caller via the *perr argument as well as the return value. The create_directory() call is not checked for error. --- Summary of changes: source3/include/nt_printing.h |3 +- source3/printing/nt_printing.c | 156 --- source3/rpc_server/spoolss/srv_spoolss_nt.c |4 +- source3/rpc_server/srvsvc/srv_srvsvc_nt.c |2 + source3/smbd/msdfs.c| 34 -- 5 files changed, 99 insertions(+), 100 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/nt_printing.h b/source3/include/nt_printing.h index 6db306e..02a72b3 100644 --- a/source3/include/nt_printing.h +++ b/source3/include/nt_printing.h @@ -170,8 +170,7 @@ bool delete_driver_files(const struct auth_serversupplied_info *server_info, const struct spoolss_DriverInfo8 *r); WERROR move_driver_to_download_area(struct pipes_struct *p, - struct spoolss_AddDriverInfoCtr *r, - WERROR *perr); + struct spoolss_AddDriverInfoCtr *r); WERROR clean_up_driver_struct(TALLOC_CTX *mem_ctx, struct pipes_struct *rpc_pipe, diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 5a0781b..5d4c071 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -579,13 +579,12 @@ static uint32 get_correct_cversion(struct pipes_struct *p, const char *driverpath_in, WERROR *perr) { - int cversion; + int cversion = -1; NTSTATUS nt_status; struct smb_filename *smb_fname = NULL; char *driverpath = NULL; files_struct *fsp = NULL; connection_struct *conn = NULL; - NTSTATUS status; char *oldcwd; char *printdollar = NULL; int printdollar_snum; @@ -650,7 +649,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, goto error_exit; } - status = SMB_VFS_CREATE_FILE( + nt_status = SMB_VFS_CREATE_FILE( conn, /* conn */ NULL, /* req */ 0, /* root_dir_fid */ @@ -668,7 +667,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, fsp, /* result */ NULL); /* pinfo */ - if (!NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(3,(get_correct_cversion: Can't open file [%s],
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9f61937 s3: remove superfluous debug messages from msg_idmap from 64e06b7 Revert examples/LDAP: remove overoutdated samba-schema.IBMSecureWay http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9f6193724e8f55854aaba39591edecf7029ad8f3 Author: Gregor Beck gb...@sernet.de Date: Tue Mar 1 17:20:16 2011 +0100 s3: remove superfluous debug messages from msg_idmap Signed-off-by: Michael Adam ob...@samba.org Autobuild-User: Michael Adam ob...@samba.org Autobuild-Date: Wed Mar 2 00:30:41 CET 2011 on sn-devel-104 --- Summary of changes: source3/smbd/msg_idmap.c |4 1 files changed, 0 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/msg_idmap.c b/source3/smbd/msg_idmap.c index 8e4d475..8d6a998 100644 --- a/source3/smbd/msg_idmap.c +++ b/source3/smbd/msg_idmap.c @@ -157,8 +157,6 @@ static void message_idmap_flush(struct messaging_context *msg_ctx, { const char* msg = data ? (const char*)data-data : NULL; - DEBUG(0, (Foo: idmap flush cache message(0x%.2x): %s\n, msg_type, msg ? msg : NULL)); - if ((msg == NULL) || (msg[0] == '\0')) { flush_gid_cache(); flush_uid_cache(); @@ -183,8 +181,6 @@ static void message_idmap_delete(struct messaging_context *msg_ctx, struct user_struct* validated_users = smbd_server_conn-smb1.sessions.validated_users; struct id id; - DEBUG(0, (Foo: idmap delete message(0x%.2x): %s\n, msg_type, msg)); - if (!parse_id(msg, id)) { DEBUG(0, (Invalid ?ID: %s\n, msg)); return; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 016a8d2 s3-printing: vfs_connect prior to driver/dfs IO via 09b4acf s3-printing: clean up get_correct_cversion error paths via 14446b5 s3-printing: fix move_driver_to_download_area() error paths from 9f61937 s3: remove superfluous debug messages from msg_idmap http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 016a8d214ab23883e9d50c46d3a8cc18f9454368 Author: David Disseldorp dd...@suse.de Date: Tue Mar 1 19:17:49 2011 +0100 s3-printing: vfs_connect prior to driver/dfs IO samba3.posix_s3.rpc.spoolss.driver fails with the xattr_tdb vfs module loaded as a part of make test. The (now checked) create_directory() call in move_driver_to_download_area() fails, uncovering another bug in the printer driver upload code path. move_driver_to_download_area() creates a new conn_struct for manipulating files in [print$]. The VFS layer is plumbed through with the call to create_conn_struct(), however SMB_VFS_CONNECT() is never called. Many vfs modules expect state stored at connect time with SMB_VFS_HANDLE_SET_DATA() to be available on any IO operation and fail if this is not the case. This fix adds a call to SMB_VFS_CONNECT() in create_conn_struct() prior to IO. https://bugzilla.samba.org/show_bug.cgi?id=7976 Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Wed Mar 2 01:16:30 CET 2011 on sn-devel-104 commit 09b4acfd81669583a38352550dc61107c72a1d42 Author: David Disseldorp dd...@suse.de Date: Tue Mar 1 19:17:48 2011 +0100 s3-printing: clean up get_correct_cversion error paths Remove an unneeded variable and simplify error paths. commit 14446b528069bc27222929bb38cf72099e450018 Author: David Disseldorp dd...@suse.de Date: Tue Mar 1 19:17:47 2011 +0100 s3-printing: fix move_driver_to_download_area() error paths WERR_ACCESS_DENIED errors are mapped to WERR_UNKNOWN_PRINTER_DRIVER, resulting in incorrect error messages on Windows clients. move_driver_to_download_area() returns the same error status values to the caller via the *perr argument as well as the return value. The create_directory() call is not checked for error. --- Summary of changes: source3/include/nt_printing.h |3 +- source3/printing/nt_printing.c | 156 --- source3/rpc_server/spoolss/srv_spoolss_nt.c |4 +- source3/rpc_server/srvsvc/srv_srvsvc_nt.c |2 + source3/smbd/msdfs.c| 34 -- 5 files changed, 99 insertions(+), 100 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/nt_printing.h b/source3/include/nt_printing.h index 6db306e..02a72b3 100644 --- a/source3/include/nt_printing.h +++ b/source3/include/nt_printing.h @@ -170,8 +170,7 @@ bool delete_driver_files(const struct auth_serversupplied_info *server_info, const struct spoolss_DriverInfo8 *r); WERROR move_driver_to_download_area(struct pipes_struct *p, - struct spoolss_AddDriverInfoCtr *r, - WERROR *perr); + struct spoolss_AddDriverInfoCtr *r); WERROR clean_up_driver_struct(TALLOC_CTX *mem_ctx, struct pipes_struct *rpc_pipe, diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 869fcad..d77320c 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -579,13 +579,12 @@ static uint32 get_correct_cversion(struct pipes_struct *p, const char *driverpath_in, WERROR *perr) { - int cversion; + int cversion = -1; NTSTATUS nt_status; struct smb_filename *smb_fname = NULL; char *driverpath = NULL; files_struct *fsp = NULL; connection_struct *conn = NULL; - NTSTATUS status; char *oldcwd; char *printdollar = NULL; int printdollar_snum; @@ -650,7 +649,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, goto error_exit; } - status = SMB_VFS_CREATE_FILE( + nt_status = SMB_VFS_CREATE_FILE( conn, /* conn */ NULL, /* req */ 0, /* root_dir_fid */ @@ -668,7 +667,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, fsp, /* result */ NULL); /* pinfo */ - if (!NT_STATUS_IS_OK(status)) { + if
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0a78c57 s4-dsdb: Ensure we permit multi-valued backlinks on single-valued attributes from 016a8d2 s3-printing: vfs_connect prior to driver/dfs IO http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0a78c57be64c3b47b0a685c248c7738559a64bf0 Author: Andrew Bartlett abart...@samba.org Date: Tue Mar 1 22:47:33 2011 +1100 s4-dsdb: Ensure we permit multi-valued backlinks on single-valued attributes This was already done in repl_meta_data, but it needs to be done here as well to cope with Windows 2000 level links. Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Wed Mar 2 02:03:58 CET 2011 on sn-devel-104 --- Summary of changes: source4/dsdb/samdb/ldb_modules/linked_attributes.c |7 +++ 1 files changed, 7 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index 324faa2..393f00f 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -975,6 +975,13 @@ static int la_do_op_request(struct ldb_module *module, struct la_context *ac, st ret_el-values[0] = data_blob_string_const(ldb_dn_get_extended_linearized(new_msg, ac-del_dn, 1)); } + /* a backlink should never be single valued. Unfortunately the + exchange schema has a attribute + msExchBridgeheadedLocalConnectorsDNBL which is single + valued and a backlink. We need to cope with that by + ignoring the single value flag */ + ret_el-flags |= LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK; + #if 0 ldb_debug(ldb, LDB_DEBUG_WARNING, link on %s %s: %s %s\n, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8870fcb build: fixed the ELF name for private libraries from 0a78c57 s4-dsdb: Ensure we permit multi-valued backlinks on single-valued attributes http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8870fcb154d27c0d10d3de3f926a95743b6e4e28 Author: Andrew Tridgell tri...@samba.org Date: Wed Mar 2 11:40:33 2011 +1100 build: fixed the ELF name for private libraries thanks to Simo and rpmbuild for spotting this! Autobuild-User: Andrew Tridgell tri...@samba.org Autobuild-Date: Wed Mar 2 02:49:34 CET 2011 on sn-devel-104 --- Summary of changes: buildtools/wafsamba/samba_install.py |8 ++-- 1 files changed, 6 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_install.py b/buildtools/wafsamba/samba_install.py index 3e055d7..d755d01 100644 --- a/buildtools/wafsamba/samba_install.py +++ b/buildtools/wafsamba/samba_install.py @@ -124,8 +124,12 @@ def install_library(self): install_link = None inst_name= bld.make_libname(t.target) -if t.env.SONAME_ST and install_link: -t.env.append_value('LINKFLAGS', t.env.SONAME_ST % install_link) +if t.env.SONAME_ST: +# ensure we get the right names in the library +if install_link: +t.env.append_value('LINKFLAGS', t.env.SONAME_ST % install_link) +else: +t.env.append_value('LINKFLAGS', t.env.SONAME_ST % install_name) t.env.SONAME_ST = '' # tell waf to install the library -- Samba Shared Repository