Re: [Samba] Can't join Windows 7 Pro/XP to samba PDC
2011/3/24 Chris Weiss cwe...@gmail.com: On Thu, Mar 24, 2011 at 8:40 AM, John Drescher dresche...@gmail.com wrote: On Thu, Mar 24, 2011 at 9:36 AM, Andres Tarallo atara...@acm.org wrote: 2011/3/23 Gaiseric Vandal gaiseric.van...@gmail.com: Did you try manually creating a unix user account for the samba machine? Does getent passwd show that machine? Yes, I've created a user account with smbldap-passwd. We can login through ssh and from console. Did you create the a account for the machine you are trying to add? John add machine script is in the conf, so manual creation should not be needed. better question is: does the machine account actually get created in the right place? Yes, tne machines account are created under the Computers OU, where samba should lookup them. As said before: we runned out of ideas. So your ideas are highly appreciated. Andrés PS: Did you see something wrong in our smb.conf.? Andrés -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't join Windows 7 Pro/XP to samba PDC
2011/3/24 John Drescher dresche...@gmail.com: On Thu, Mar 24, 2011 at 9:45 AM, Chris Weiss cwe...@gmail.com wrote: On Thu, Mar 24, 2011 at 8:40 AM, John Drescher dresche...@gmail.com wrote: On Thu, Mar 24, 2011 at 9:36 AM, Andres Tarallo atara...@acm.org wrote: 2011/3/23 Gaiseric Vandal gaiseric.van...@gmail.com: Did you try manually creating a unix user account for the samba machine? Does getent passwd show that machine? Yes, I've created a user account with smbldap-passwd. We can login through ssh and from console. Did you create the a account for the machine you are trying to add? John add machine script is in the conf, so manual creation should not be needed. What I was getting at is when that fails if you manually create the machine account and then adding the workstation to the domain works you will know where the problem is... In the first attempt to create the machine account the machine is created in LDAP. In the next attempt we see the script exitng with error level 9 (user exists) but we can't join it to the domain. Any ideas appreciated. Andrés -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't join Windows 7 Pro/XP to samba PDC
For a windows 7, I modify the following key in the windows registry : [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Para meters] DNSNameResolutionRequired=dword: DomainCompatibilityMode=dword:0001 Some calls to check the SAMBA PDC : testparm -v nmblookup -B myboard __SAMBA__ nmblookup -M mygroup nmblookup -d 2 '*' findsmb smbclient -L myboard Uxxx smbclient //myboard/public -Uxxx Can send me your smb.conf to check. Gérard -Message d'origine- De : samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] De la part de Andres Tarallo Envoyé : mercredi 30 mars 2011 12:25 À : samba Objet : Re: [Samba] Can't join Windows 7 Pro/XP to samba PDC 2011/3/24 Chris Weiss cwe...@gmail.com: On Thu, Mar 24, 2011 at 8:40 AM, John Drescher dresche...@gmail.com wrote: On Thu, Mar 24, 2011 at 9:36 AM, Andres Tarallo atara...@acm.org wrote: 2011/3/23 Gaiseric Vandal gaiseric.van...@gmail.com: Did you try manually creating a unix user account for the samba machine? Does getent passwd show that machine? Yes, I've created a user account with smbldap-passwd. We can login through ssh and from console. Did you create the a account for the machine you are trying to add? John add machine script is in the conf, so manual creation should not be needed. better question is: does the machine account actually get created in the right place? Yes, tne machines account are created under the Computers OU, where samba should lookup them. As said before: we runned out of ideas. So your ideas are highly appreciated. Andrés PS: Did you see something wrong in our smb.conf.? Andrés -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba __ Information provenant d'ESET NOD32 Antivirus, version de la base des signatures de virus 5999 (20110330) __ Le message a été vérifié par ESET NOD32 Antivirus. http://www.eset.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't join Windows 7 Pro/XP to samba PDC
Gerard: Here is my smb.conf [global] workgroup = ARAMDA map to guest = Bad User passdb backend = ldapsam:ldap://localhost log level = 3 log file = /var/log/samba.log printcap name = cups add user script = ldapsmb -a -u %u delete user script = ldapsmb -d -u %u add group script = ldapsmb -a -g %g delete group script = ldapsmb -d -g %g add user to group script = ldapsmb -j -u %u -g %g delete user from group script = ldapsmb -j -u %u -g %g set primary group script = ldapsmb -m -u %u -gid %g add machine script = /usr/sbin/smbldap-useradd -t 0 -g 1515 -w %u logon path = \\%L\profiles\.msprofile logon drive = Z: logon home = \\%L\%U\.9xprofile domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = cn=replicasamba,dc=aramda,dc=uy ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = yes ldap suffix = dc=aramda,dc=uy ldap ssl = no ldap user suffix = ou=People add share command = /var/lib/samba/scripts/modify_samba_config.pl delete share command = /var/lib/samba/scripts/modify_samba_config.pl usershare allow guests = Yes hosts allow = 127.0.0.1, 172.16.1. cups options = raw I will test your suggestions. Andrés 2011/3/30 Gérard Guével ggue...@interfaceconcept.com: For a windows 7, I modify the following key in the windows registry : [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Para meters] DNSNameResolutionRequired=dword: DomainCompatibilityMode=dword:0001 Some calls to check the SAMBA PDC : • testparm -v • nmblookup -B myboard __SAMBA__ • nmblookup -M mygroup • nmblookup -d 2 '*' • findsmb • smbclient -L myboard –Uxxx • smbclient //myboard/public -Uxxx Can send me your smb.conf to check. Gérard -Message d'origine- De : samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] De la part de Andres Tarallo Envoyé : mercredi 30 mars 2011 12:25 À : samba Objet : Re: [Samba] Can't join Windows 7 Pro/XP to samba PDC 2011/3/24 Chris Weiss cwe...@gmail.com: On Thu, Mar 24, 2011 at 8:40 AM, John Drescher dresche...@gmail.com wrote: On Thu, Mar 24, 2011 at 9:36 AM, Andres Tarallo atara...@acm.org wrote: 2011/3/23 Gaiseric Vandal gaiseric.van...@gmail.com: Did you try manually creating a unix user account for the samba machine? Does getent passwd show that machine? Yes, I've created a user account with smbldap-passwd. We can login through ssh and from console. Did you create the a account for the machine you are trying to add? John add machine script is in the conf, so manual creation should not be needed. better question is: does the machine account actually get created in the right place? Yes, tne machines account are created under the Computers OU, where samba should lookup them. As said before: we runned out of ideas. So your ideas are highly appreciated. Andrés PS: Did you see something wrong in our smb.conf.? Andrés -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba __ Information provenant d'ESET NOD32 Antivirus, version de la base des signatures de virus 5999 (20110330) __ Le message a été vérifié par ESET NOD32 Antivirus. http://www.eset.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba Authentication wrecking my head [ADS]
Ive recently installed three servers with RHEL5u5. After some messing on the original, I got samba working with ADS authentication. I then went and got it working so that users could log in using their domain name password to the box. I got this working with both no restriction, and ADS group restriction. I have left it on no restriction wheil I get these systems up and running. I then copied my configuration files (krb5.conf, samba.conf, system-auth.conf) to the second machine. Everything works. Rebooted, everything is fine. System running as expected. I copied to the third machine. Everything worked fine. I was able to log in using two users (mine and a colleagues). Set up some other machine stuff, rebooted, and passed the machine over. I was then informed (naturally 5mins after I left the office) that there was something wrong. Those two accounts worked from both a samba perspective, and a login perspective. However a third account that was supposed to work, failed with su: user ccadm does not exist. Now samba doesn't work for any user other than the original too, and the same goes for logins. I tried net ads leave, kdestory, renaming the system, rebooting. I have rejoined the domain as both that system name, and a new one, with no issues: [root@akbarTRAP log]# wbinfo -t checking the trust secret via RPC calls succeeded [root@akbarTRAP log]# net ads testjoin Join is OK [root@akbarTRAP log]# wbinfo -u | grep ccadm Ccadm So my questions are: 1. Where the hell are these accounts being cached, that work. 2. What the hell has happened to make this no longer work. 3. Why if I can see all the users groups can I not log in, or get samba working. This is really starting to get on my nerves. I just cannot understand why if it can see the users using wbinfo, why it is telling me they don't exist. Would really appreciate some help on this. Regards B [root@akbarTRAP etc]# cat /etc/nsswitch.conf | grep winbind passwd: files winbind shadow: files winbind group: files winbind log.winbind: [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:03, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:05, 3] winbindd/winbindd_pam.c:829(winbindd_pam_auth) [ 7381]: pam auth ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm Secure log: Mar 30 14:29:03 akbartrap sshd[7381]: Invalid user ccadm from 172.16.165.248 Mar 30 14:29:03 akbartrap sshd[7382]: input_userauth_request: invalid user ccadm Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): check pass; user unknown Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=galvatron.MYDOMAIN.com Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): getting password (0x0010) Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): pam_get_item returned a password Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_AUTH_ERR (7), NTSTATUS: NT_STATUS_WRONG_PASSWORD, Error message was: Wrong Password [I know the pass is right here. It works elsewhere] Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): user 'ccadm' denied access (incorrect password or invalid membership) Mar 30 14:29:05 akbartrap sshd[7381]: pam_succeed_if(sshd:auth): error retrieving information about user ccadm Mar 30 14:29:07 akbartrap sshd[7381]: Failed password for invalid user ccadm from 172.16.165.248 port 39699 ssh2 # Global parameters [global] workgroup = GROUP realm = MYDOMAIN.COM security = ads idmap uid = 1-2 idmap gid = 1-2 winbind use default domain = Yes winbind separator = / encrypt passwords = Yes log level = 3 log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 preferred master = No dns proxy = No wins server = 172.16.164.100 template homedir = /home/%U template shell = /bin/bash authrequired pam_env.so authsufficientpam_unix.so nullok try_first_pass authsufficientpam_winbind.so use_first_pass authrequisite pam_succeed_if.so uid = 500 quiet
Re: [Samba] CIFS mount with non-ascii (UTF8) password is not working
This is a windows share.nbsp; But I am trying to mount it from Linux. I tried iocharset=utf8 option, but it didn't work. If I map the same share from laptop (Windows OS), it work fine. I enabled CIFS debugging. Following are errors: == kernel: Status code returned 0xc06d NT_STATUS_LOGON_FAILURE nbsp; !!Mapping smb error code 5 to POSIX err -13 !! nbsp;nt_status is c06d == I am using username : ùrkkknbsp; and password ùrkkk. And user ùrkkk is in Administrators group. ~rahulnbsp; On Sun, 27 Mar 2011 14:00:38 +0530 Jeff Layton lt;jlay...@redhat.comgt; wrote gt;On Fri, 25 Mar 2011 10:44:42 + gt;Moray Henderson lt;moray.hender...@ict-software.orggt; wrote: gt; gt;gt; Katariya Rahul wrote: gt;gt; gt; I have French CIFS server. gt;gt; gt; gt;gt; gt; If I try to map a share from any windows machine with non-ascii (UTF-8, gt;gt; gt; french characters are part of password) password, it is successful. gt;gt; gt; gt;gt; gt; But If I try from linux machine, it fails. gt;gt; gt; gt;gt; gt; mount -t cifs //MACHINE/DatasetFIGS_ùÉÀÊÚÎÏŒÄÑ£₣€amp;nbsp; /tmp/rahul -o gt;gt; gt; user=ùù,password=ùù,domain=eKKDr gt;gt; gt; mount error 13 = Permission denied gt;gt; gt; Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) gt;gt; gt; amp;nbsp; gt;gt; gt; gt;gt; gt; Does CIFS supports non-ascii password? gt;gt; gt;gt; On the Linux machine, what output does the locale command give you? gt;gt; gt;gt; If you type the password at the Linux prompt where you can see it, do you get the right characters? If the keyboard isn't set right in Linux, it won't work. To see exactly how the password is being encoded, use echo lt;passwordgt; | xxd (although obviously don't post the output for a real password here). gt;gt; gt;gt; Was the password set from Windows or from Linux? If from Windows, then I would expect the encoding to be in either UTF-16 or the Windows locale 8-bit encoding, not UTF-8. For example, Latin Small Letter E With Acute is encoded as 0xE9 in the Windows Western encoding, 0xE900 in UTF-16, and 0xC3A9 in UTF-8. gt;gt; gt;gt; Does it work any better if you use Samba's own mount.cifs program directly rather than going through mount? gt;gt; gt;gt; I do not know what (if any) character encoding translation the cifs module does. Check whether the locale and testparm -vs | grep char on your CIFS server match the settings on the Linux machine you are doing the mapping from. gt;gt; gt;gt; gt; gt;Linux CIFS generally treats passwords as an opaque series of bytes. It gt;does no translation of that piece. gt; gt;-- gt;Jeff Layton lt;jlay...@redhat.comgt; gt; -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] compressed file VFS
Hallo, we have a clinical system that generate lot of files that once written are never changed. This file consume lot of disk and tape space*, so my idea was to compress this files. The problem is that it can happen, that the users have to open this files later. Is there a VFS module for samba that show gzipped** read only files as if they were standard files ? Bye Andreas * Disks are cheap, but the are no more disk-slots in the server and the server has to be up 24*7 so we can not simply change the disks ** bzip2 would be preferable because of the better compression, but the orginal size is not stored in the header so I assume it can not be used for this purpose -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Authentication wrecking my head [ADS]
After a bit of googling, I found that the idmap has been corrupted. Why would/could this happen? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Brian O'Mahony Sent: Wednesday, March 30, 2011 2:37 PM To: samba@lists.samba.org Subject: [Samba] Samba Authentication wrecking my head [ADS] Ive recently installed three servers with RHEL5u5. After some messing on the original, I got samba working with ADS authentication. I then went and got it working so that users could log in using their domain name password to the box. I got this working with both no restriction, and ADS group restriction. I have left it on no restriction wheil I get these systems up and running. I then copied my configuration files (krb5.conf, samba.conf, system-auth.conf) to the second machine. Everything works. Rebooted, everything is fine. System running as expected. I copied to the third machine. Everything worked fine. I was able to log in using two users (mine and a colleagues). Set up some other machine stuff, rebooted, and passed the machine over. I was then informed (naturally 5mins after I left the office) that there was something wrong. Those two accounts worked from both a samba perspective, and a login perspective. However a third account that was supposed to work, failed with su: user ccadm does not exist. Now samba doesn't work for any user other than the original too, and the same goes for logins. I tried net ads leave, kdestory, renaming the system, rebooting. I have rejoined the domain as both that system name, and a new one, with no issues: [root@akbarTRAP log]# wbinfo -t checking the trust secret via RPC calls succeeded [root@akbarTRAP log]# net ads testjoin Join is OK [root@akbarTRAP log]# wbinfo -u | grep ccadm Ccadm So my questions are: 1. Where the hell are these accounts being cached, that work. 2. What the hell has happened to make this no longer work. 3. Why if I can see all the users groups can I not log in, or get samba working. This is really starting to get on my nerves. I just cannot understand why if it can see the users using wbinfo, why it is telling me they don't exist. Would really appreciate some help on this. Regards B [root@akbarTRAP etc]# cat /etc/nsswitch.conf | grep winbind passwd: files winbind shadow: files winbind group: files winbind log.winbind: [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:03, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:05, 3] winbindd/winbindd_pam.c:829(winbindd_pam_auth) [ 7381]: pam auth ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm Secure log: Mar 30 14:29:03 akbartrap sshd[7381]: Invalid user ccadm from 172.16.165.248 Mar 30 14:29:03 akbartrap sshd[7382]: input_userauth_request: invalid user ccadm Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): check pass; user unknown Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=galvatron.MYDOMAIN.com Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): getting password (0x0010) Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): pam_get_item returned a password Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_AUTH_ERR (7), NTSTATUS: NT_STATUS_WRONG_PASSWORD, Error message was: Wrong Password [I know the pass is right here. It works elsewhere] Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): user 'ccadm' denied access (incorrect password or invalid membership) Mar 30 14:29:05 ak bartrap sshd[7381]: pam_succeed_if(sshd:auth): error retrieving information about user ccadm Mar 30 14:29:07 akbartrap sshd[7381]: Failed password for invalid user ccadm from 172.16.165.248 port 39699 ssh2 # Global parameters [global] workgroup = GROUP realm = MYDOMAIN.COM security = ads idmap uid = 1-2 idmap gid = 1-2 winbind use default domain = Yes winbind separator = / encrypt passwords = Yes log level = 3 log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
Re: [Samba] compressed file VFS
Il 30/03/2011 15:41, Andreas Moroder ha scritto: Hallo, we have a clinical system that generate lot of files that once written are never changed. This file consume lot of disk and tape space*, so my idea was to compress this files. The problem is that it can happen, that the users have to open this files later. Is there a VFS module for samba that show gzipped** read only files as if they were standard files ? Bye Andreas * Disks are cheap, but the are no more disk-slots in the server and the server has to be up 24*7 so we can not simply change the disks ** bzip2 would be preferable because of the better compression, but the orginal size is not stored in the header so I assume it can not be used for this purpose A similar question has been posted here (with an answer): http://askubuntu.com/questions/5212/can-i-transparently-compress-some-files-on-a-samba-share HTH -- Marcello Romani -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] compressed file VFS
Il 30/03/2011 15:41, Andreas Moroder ha scritto: Hallo, we have a clinical system that generate lot of files that once written are never changed. This file consume lot of disk and tape space*, so my idea was to compress this files. The problem is that it can happen, that the users have to open this files later. Is there a VFS module for samba that show gzipped** read only files as if they were standard files ? Bye Andreas * Disks are cheap, but the are no more disk-slots in the server and the server has to be up 24*7 so we can not simply change the disks ** bzip2 would be preferable because of the better compression, but the orginal size is not stored in the header so I assume it can not be used for this purpose See also this interesting thread http://www.mail-archive.com/rsync@lists.samba.org/msg23263.html where fusecompress is mentioned. -- Marcello Romani -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] compressed file VFS
On Wed, Mar 30, 2011 at 9:41 AM, Andreas Moroder andreas.moro...@sb-brixen.it wrote: Hallo, we have a clinical system that generate lot of files that once written are never changed. This file consume lot of disk and tape space*, so my idea was to compress this files. The problem is that it can happen, that the users have to open this files later. Is there a VFS module for samba that show gzipped** read only files as if they were standard files ? On top of the fuse modules mentioned a previous link, there are also 3 filesystems under linux that support compression. btrfs, reiser4 and zfs. All like the fuse modules are considered experimental and I would avoid reiser4 since the main developer Hans Reiser is in jail. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Mounting samba volume by IP fails trust in AD
Hi. I've got some samba servers (3.0.33-3.29.el5_6.2, on redhat 5) that join a windows 2003 AD. When mounting the volume from a windows workstation, if I use \\ip.address.here it fails saying The trust relationship between this workstation and the primary domain failed' If I mount with \\fully.qualified.name it works just fine. Forward and reverse DNS match, and \\ip.address.here works for a microsoft box but not any of the samba boxes. When I check the smbd.log, I never see the failed connections at the samba box, only the ones that worked with FQDN, which to me suggests the failure happens because AD isn't passing the connection to samba, which my AD admins say is because something in samba isn't working like windows, so the AD doesn't pass the request to the samba box because it doesn't look right to AD. my smbd.conf is : # Global parameters [global] workgroup = MYDOMAIN security = ADS realm = MY.DOMAIN load printers = No printing = bsd preferred master = No domain master = No local master = no os level = 0 wins server = xxx.xxx.xxx.xxx ldap ssl = no browseable = yes restrict anonymous = yes guest account = nobody invalid users = nobody encrypt passwords = yes [homes] comment = Home Directories writeable = Yes browseable = No --- Any idea why IP mount fails trust with 2003 AD but Name would be ok? Is this a microsoft-ism to hate on samba, or am I missing something in my config? Does this fail for everyone or just me? test: startrun: \\ip.of.samba.box startrun: \\dns.name.of.box if you have browse, it should show the available shares. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] compressed file VFS
John Drescher wrote: On Wed, Mar 30, 2011 at 9:41 AM, Andreas Moroder andreas.moro...@sb-brixen.it wrote: Hallo, we have a clinical system that generate lot of files that once written are never changed. This file consume lot of disk and tape space*, so my idea was to compress this files. The problem is that it can happen, that the users have to open this files later. Is there a VFS module for samba that show gzipped** read only files as if they were standard files ? On top of the fuse modules mentioned a previous link, there are also 3 filesystems under linux that support compression. btrfs, reiser4 and zfs. All like the fuse modules are considered experimental and I would avoid reiser4 since the main developer Hans Reiser is in jail. And ntfs (ntfs-3g) Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] compressed file VFS
On Wed, Mar 30, 2011 at 11:08 AM, Jean-Pierre jean-pierre.an...@wanadoo.fr wrote: John Drescher wrote: On Wed, Mar 30, 2011 at 9:41 AM, Andreas Moroder andreas.moro...@sb-brixen.it wrote: Hallo, we have a clinical system that generate lot of files that once written are never changed. This file consume lot of disk and tape space*, so my idea was to compress this files. The problem is that it can happen, that the users have to open this files later. Is there a VFS module for samba that show gzipped** read only files as if they were standard files ? On top of the fuse modules mentioned a previous link, there are also 3 filesystems under linux that support compression. btrfs, reiser4 and zfs. All like the fuse modules are considered experimental and I would avoid reiser4 since the main developer Hans Reiser is in jail. And ntfs (ntfs-3g) Compression now works with that? For a long time it was not supported. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] compressed file VFS
On Wed, Mar 30, 2011 at 11:11 AM, John Drescher dresche...@gmail.com wrote: On Wed, Mar 30, 2011 at 11:08 AM, Jean-Pierre jean-pierre.an...@wanadoo.fr wrote: John Drescher wrote: On Wed, Mar 30, 2011 at 9:41 AM, Andreas Moroder andreas.moro...@sb-brixen.it wrote: Hallo, we have a clinical system that generate lot of files that once written are never changed. This file consume lot of disk and tape space*, so my idea was to compress this files. The problem is that it can happen, that the users have to open this files later. Is there a VFS module for samba that show gzipped** read only files as if they were standard files ? On top of the fuse modules mentioned a previous link, there are also 3 filesystems under linux that support compression. btrfs, reiser4 and zfs. All like the fuse modules are considered experimental and I would avoid reiser4 since the main developer Hans Reiser is in jail. And ntfs (ntfs-3g) Compression now works with that? For a long time it was not supported. http://www.tuxera.com/community/ntfs-3g-advanced/data-compression/ -- John M. Drescher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mounting samba volume by IP fails trust in AD
I have run into issues where by IP it worked, but not by name (this was with one particular samba server, with VPN clients, with WINS and Netbios not enabled over VPN.) So it does seem possible that the server handles requests based on name and IP differently. Are all machines (samba, win 2003, clients) pointing to the same WINS server? Are all machines pointing to the same DNS server? Is the AD DC the WINS and DNS server? Does the AD domain name space match the DNS domain name space? Does the samba server krb5.conf have entries for the AD DC? (Not sure if this is really necessary.) In smb.conf, what is name resolve order set to? On 03/30/2011 10:42 AM, Walt Park wrote: Hi. I've got some samba servers (3.0.33-3.29.el5_6.2, on redhat 5) that join a windows 2003 AD. When mounting the volume from a windows workstation, if I use \\ip.address.here it fails saying The trust relationship between this workstation and the primary domain failed' If I mount with \\fully.qualified.name it works just fine. Forward and reverse DNS match, and \\ip.address.here works for a microsoft box but not any of the samba boxes. When I check the smbd.log, I never see the failed connections at the samba box, only the ones that worked with FQDN, which to me suggests the failure happens because AD isn't passing the connection to samba, which my AD admins say is because something in samba isn't working like windows, so the AD doesn't pass the request to the samba box because it doesn't look right to AD. my smbd.conf is : # Global parameters [global] workgroup = MYDOMAIN security = ADS realm = MY.DOMAIN load printers = No printing = bsd preferred master = No domain master = No local master = no os level = 0 wins server = xxx.xxx.xxx.xxx ldap ssl = no browseable = yes restrict anonymous = yes guest account = nobody invalid users = nobody encrypt passwords = yes [homes] comment = Home Directories writeable = Yes browseable = No --- Any idea why IP mount fails trust with 2003 AD but Name would be ok? Is this a microsoft-ism to hate on samba, or am I missing something in my config? Does this fail for everyone or just me? test: startrun: \\ip.of.samba.box startrun: \\dns.name.of.box if you have browse, it should show the available shares. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Authentication wrecking my head [ADS]
What version of samba? I found that samba 3.0.x (as bundled with solaris) had problems with idmap. This was with LDAP backend, a Samba DC with trusts to Windows 2003 domain (in NT domain compatibility mode.) Samba would allocate idmap entries in ldap, and would populate the TDB cache files. but when the cache timeout expired, the cache files were not repopulated. Long and short- I don't think Samba 3.0.x plays nice with Windows 2003. It doesn't work with Windows 2008 domains (2003 mode.) On 03/30/2011 10:07 AM, Brian O'Mahony wrote: After a bit of googling, I found that the idmap has been corrupted. Why would/could this happen? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Brian O'Mahony Sent: Wednesday, March 30, 2011 2:37 PM To: samba@lists.samba.org Subject: [Samba] Samba Authentication wrecking my head [ADS] Ive recently installed three servers with RHEL5u5. After some messing on the original, I got samba working with ADS authentication. I then went and got it working so that users could log in using their domain name password to the box. I got this working with both no restriction, and ADS group restriction. I have left it on no restriction wheil I get these systems up and running. I then copied my configuration files (krb5.conf, samba.conf, system-auth.conf) to the second machine. Everything works. Rebooted, everything is fine. System running as expected. I copied to the third machine. Everything worked fine. I was able to log in using two users (mine and a colleagues). Set up some other machine stuff, rebooted, and passed the machine over. I was then informed (naturally 5mins after I left the office) that there was something wrong. Those two accounts worked from both a samba perspective, and a login perspective. However a third account that was supposed to work, failed with su: user ccadm does not exist. Now samba doesn't work for any user other than the original too, and the same goes for logins. I tried net ads leave, kdestory, renaming the system, rebooting. I have rejoined the domain as both that system name, and a new one, with no issues: [root@akbarTRAP log]# wbinfo -t checking the trust secret via RPC calls succeeded [root@akbarTRAP log]# net ads testjoin Join is OK [root@akbarTRAP log]# wbinfo -u | grep ccadm Ccadm So my questions are: 1. Where the hell are these accounts being cached, that work. 2. What the hell has happened to make this no longer work. 3. Why if I can see all the users groups can I not log in, or get samba working. This is really starting to get on my nerves. I just cannot understand why if it can see the users using wbinfo, why it is telling me they don't exist. Would really appreciate some help on this. Regards B [root@akbarTRAP etc]# cat /etc/nsswitch.conf | grep winbind passwd: files winbind shadow: files winbind group: files winbind log.winbind: [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:03, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:05, 3] winbindd/winbindd_pam.c:829(winbindd_pam_auth) [ 7381]: pam auth ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm Secure log: Mar 30 14:29:03 akbartrap sshd[7381]: Invalid user ccadm from 172.16.165.248 Mar 30 14:29:03 akbartrap sshd[7382]: input_userauth_request: invalid user ccadm Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): check pass; user unknown Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=galvatron.MYDOMAIN.com Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): getting password (0x0010) Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): pam_get_item returned a password Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_AUTH_ERR (7), NTSTATUS: NT_STATUS_WRONG_PASSWORD, Error message was: Wrong Password [I know the pass is right here. It works elsewhere] Mar 30 14:29:05 akbartrap sshd[7381]: pam_winbind(sshd:auth): user 'ccadm' denied access (incorrect password or invalid membership) Mar 30 14:29:05 ak bartrap sshd[7381]: pam_succeed_if(sshd:auth): error retrieving information about user
Re: [Samba] Mounting samba volume by IP fails trust in AD
Well.. all my samba boxes are behaving the same way. When joined to the AD, they work when addressed by name, but fail trust with the AD when addressed by IP. AD is controlled by windows 2003, not by samba. I'm pretty sure if I made a samba PDC, I could get this to work, but I can't because that's not our architecture here. I have a mixture of a couple different versions on both solaris and linux, and they all seem to behave the same. All the samba boxes use the same wins, which is the PDC. They also use a mix of DNS, for a couple of internal reasons, but for name/ip in regards to the AD, they will get the same responses because of the way delegation is setup among name servers. The AD does not run it's own name space and defers to the bind clusters for dns. The krb5.conf does point to the AD, as samba is the only thing on these boxes that use kerberos. name resolve order is not explicitly set, so defaults to lmhosts host wins bcast Anyway, the samba servers are not seeing the connection attempt when they get the trust failure error. The AD seems to be rejecting the connection attempt and not directing the connection to the samba box. When I use a FQDN, I see the connection attempt, and it works fine. It's only when I use IP. We have a security scanner that is failing because it is using IP since that's how it's network discovery works, which is what I'm trying to fix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mounting samba volume by IP fails trust in AD
On Wed, Mar 30, 2011 at 09:42:33AM -0500, Walt Park wrote: Any idea why IP mount fails trust with 2003 AD but Name would be ok? Is this a microsoft-ism to hate on samba, or am I missing something in my config? It's possible that via name you're using kerberos but via ip you're using ntlm. In the kerberos case Samba does not have to ask the DC, in the ntlm case it does. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mounting samba volume by IP fails trust in AD
Do you have PTR entries in DNS for all the servers? On 03/30/2011 12:35 PM, Walt Park wrote: Well.. all my samba boxes are behaving the same way. When joined to the AD, they work when addressed by name, but fail trust with the AD when addressed by IP. AD is controlled by windows 2003, not by samba. I'm pretty sure if I made a samba PDC, I could get this to work, but I can't because that's not our architecture here. I have a mixture of a couple different versions on both solaris and linux, and they all seem to behave the same. All the samba boxes use the same wins, which is the PDC. They also use a mix of DNS, for a couple of internal reasons, but for name/ip in regards to the AD, they will get the same responses because of the way delegation is setup among name servers. The AD does not run it's own name space and defers to the bind clusters for dns. The krb5.conf does point to the AD, as samba is the only thing on these boxes that use kerberos. name resolve order is not explicitly set, so defaults to lmhosts host wins bcast Anyway, the samba servers are not seeing the connection attempt when they get the trust failure error. The AD seems to be rejecting the connection attempt and not directing the connection to the samba box. When I use a FQDN, I see the connection attempt, and it works fine. It's only when I use IP. We have a security scanner that is failing because it is using IP since that's how it's network discovery works, which is what I'm trying to fix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Authentication wrecking my head [ADS]
samba3-3.4.11-42.el5 However I have moved to using idmap_rid, as I will have cold standbys of machines that I want to be able to access SAN data, with the same IDs. So how does one go about clearing the samba user cache? I had it set up with users starting at 1. With RID I have now brought this down to 500 (so I can easily see the difference). I deleted the winbindd_* files folder in /var/lib/samba, but when I use a getent passwd brian.omahony its showing the id as 10 Thanks B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Gaiseric Vandal Sent: Wednesday, March 30, 2011 4:28 PM To: Samba Subject: Re: [Samba] Samba Authentication wrecking my head [ADS] What version of samba? I found that samba 3.0.x (as bundled with solaris) had problems with idmap. This was with LDAP backend, a Samba DC with trusts to Windows 2003 domain (in NT domain compatibility mode.) Samba would allocate idmap entries in ldap, and would populate the TDB cache files. but when the cache timeout expired, the cache files were not repopulated. Long and short- I don't think Samba 3.0.x plays nice with Windows 2003. It doesn't work with Windows 2008 domains (2003 mode.) On 03/30/2011 10:07 AM, Brian O'Mahony wrote: After a bit of googling, I found that the idmap has been corrupted. Why would/could this happen? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Brian O'Mahony Sent: Wednesday, March 30, 2011 2:37 PM To: samba@lists.samba.org Subject: [Samba] Samba Authentication wrecking my head [ADS] Ive recently installed three servers with RHEL5u5. After some messing on the original, I got samba working with ADS authentication. I then went and got it working so that users could log in using their domain name password to the box. I got this working with both no restriction, and ADS group restriction. I have left it on no restriction wheil I get these systems up and running. I then copied my configuration files (krb5.conf, samba.conf, system-auth.conf) to the second machine. Everything works. Rebooted, everything is fine. System running as expected. I copied to the third machine. Everything worked fine. I was able to log in using two users (mine and a colleagues). Set up some other machine stuff, rebooted, and passed the machine over. I was then informed (naturally 5mins after I left the office) that there was something wrong. Those two accounts worked from both a samba perspective, and a login perspective. However a third account that was supposed to work, failed with su: user ccadm does not exist. Now samba doesn't work for any user other than the original too, and the same goes for logins. I tried net ads leave, kdestory, renaming the system, rebooting. I have rejoined the domain as both that system name, and a new one, with no issues: [root@akbarTRAP log]# wbinfo -t checking the trust secret via RPC calls succeeded [root@akbarTRAP log]# net ads testjoin Join is OK [root@akbarTRAP log]# wbinfo -u | grep ccadm Ccadm So my questions are: 1. Where the hell are these accounts being cached, that work. 2. What the hell has happened to make this no longer work. 3. Why if I can see all the users groups can I not log in, or get samba working. This is really starting to get on my nerves. I just cannot understand why if it can see the users using wbinfo, why it is telling me they don't exist. Would really appreciate some help on this. Regards B [root@akbarTRAP etc]# cat /etc/nsswitch.conf | grep winbind passwd: files winbind shadow: files winbind group: files winbind log.winbind: [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:03, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:05, 3] winbindd/winbindd_pam.c:829(winbindd_pam_auth) [ 7381]: pam auth ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm Secure log: Mar 30 14:29:03 akbartrap sshd[7381]: Invalid user ccadm from 172.16.165.248 Mar 30 14:29:03 akbartrap sshd[7382]: input_userauth_request: invalid user ccadm Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): check pass; user unknown Mar 30 14:29:05 akbartrap
Re: [Samba] Can't get 'dos filemode' to work as expected
On Fri, 25 Mar 2011 22:43:38 +0900, TAKAHASHI Motonobu wrote: From: Felix Brack f...@ltec.ch Date: Thu, 24 Mar 2011 10:09:53 +0100 After an upgrade to samba 3.5.8 (from 3.2.5) the option 'dos filemode' does not seem to work anymore. If I (as a user) do not own the file I can't change permissions. I am user 'felix' and member of supplementary group 'Development'. To test things I use the following share definition: [Temp] path = /srv/samba/file-shares/tmp browseable = yes read only = no invalid users = root administrator delete readonly = yes inherit owner = yes force group = Development dos filemode = yes A 'getfacl' on /srv/samba/file-shares/tmp returns: # file: srv/samba/file-shares/tmp # owner: root # group: root # flags: -s- user::rwx group::r-x group:Development:rwx mask::rwx other::--- default:user::rwx default:group::r-x default:group:Development:rwx default:mask::rwx default:other::--- As far as I examined, dos filemode works file at Samba 3.5.8. I connect to \\lenny5\aclshare2a and can change the other's permission (same as running chmod o+r test2.txt). Here is my settings: - lenny5:/var/lib/samba/shares# cat /usr/local/samba/lib/smb.conf [global] [aclshare2] path = /var/lib/samba/shares/aclshare2 writeable = yes force group = root inherit permissions = yes dos filemode = yes store dos attributes = yes map archive = no map read only = no [aclshare2a] path = /var/lib/samba/shares/aclshare2 browseable = yes read only = no invalid users = root administrator delete readonly = yes inherit owner = yes force group = Development dos filemode = yes - Both for aclshare2 and aclshare2a Samba works fine. lenny5:/var/lib/samba/shares# /usr/local/samba/sbin/smbd -V Version 3.5.8 lenny5:/var/lib/samba/shares# getfacl aclshare2/ # file: aclshare2/ # owner: root # group: root user::rwx group::r-x group:Development:rwx mask::rwx other::--- default:user::rwx default:group::r-x default:group:Development:rwx default:mask::rwx default:other::--- lenny5:/var/lib/samba/shares# getfacl aclshare2/test2.txt # file: aclshare2/test2.txt # owner: root # group: root user::rw- group::rw- group:Development:rwx mask::rwx other::r-- lenny5:/var/lib/samba/shares# id monyo uid=1000(monyo) gid=100(users) groups=100(users),1016(Development) --- TAKAHASHI Motonobu mo...@samba.gr.jp Many thanks for your response. I just double checked but the problem remains: I can do things if the share is owned by myself ('felix') but not if it is owned by 'root' if me having access by being a member of supplementary group 'Development'. Using debug level 3 on the samba server I found this: [2011/03/30 18:21:38.525408, 3] smbd/process.c:1298(switch_message) switch message SMBtrans2 (pid 31379) conn 0x7fe6ffbecf50 [2011/03/30 18:21:38.525427, 3] smbd/trans2.c:7722 (call_trans2setfilepathinfo) call_trans2setfilepathinfo(8) test-root/.svn (fnum 13314) info_level=1004 totdata=40 [2011/03/30 18:21:38.525453, 3] smbd/trans2.c:7320 (smbd_do_setfilepathinfo) smbd_do_setfilepathinfo: test-root/.svn (fnum 13314) info_level=1004 totdata=40 [2011/03/30 18:21:38.525487, 3] smbd/dosmode.c:166(unix_mode) unix_mode(test-root/.svn) returning 0775 [2011/03/30 18:21:38.525527, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [test-root/.svn] [/srv/samba/file-shares/testshare] [2011/03/30 18:21:38.525561, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: test-root/.svn reduced to /srv/samba/file-shares/ testshare/test-root/.svn [2011/03/30 18:21:38.525625, 3] smbd/dosmode.c:166(unix_mode) unix_mode(test-root/.svn) returning 0764 [2011/03/30 18:21:38.525653, 3] smbd/vfs.c:881(check_reduced_name) check_reduced_name [test-root/.svn] [/srv/samba/file-shares/testshare] [2011/03/30 18:21:38.525684, 3] smbd/vfs.c:1038(check_reduced_name) check_reduced_name: test-root/.svn reduced to /srv/samba/file-shares/ testshare/test-root/.svn [2011/03/30 18:21:38.525720, 3] smbd/open.c:461(open_file) Error opening file test-root/.svn (NT_STATUS_FILE_IS_A_DIRECTORY) (local_flags=1) (flags=1) The subdirectory '.svn' is created and has correct mode (0775, i.e. rwx for the group). Somewhat later a call to 'unix_mode' returns 0764 (i.e. rw- for th group). Now things fail because a directory should have the x flag set so it can be browsed, correct? Does anybody understand why the mode of directory '.svn' gets changed at all? Felix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mounting samba volume by IP fails trust in AD
Why would it be different between a microsoft share, and a samba share? A microsoft share works wth either name or IP, but samba only works for name, and not IP. Also, when it fails with trust error I never see a connection attempt at the samba server. On Wed, Mar 30, 2011 at 11:34 AM, Volker Lendecke volker.lende...@sernet.de wrote: On Wed, Mar 30, 2011 at 09:42:33AM -0500, Walt Park wrote: Any idea why IP mount fails trust with 2003 AD but Name would be ok? Is this a microsoft-ism to hate on samba, or am I missing something in my config? It's possible that via name you're using kerberos but via ip you're using ntlm. In the kerberos case Samba does not have to ask the DC, in the ntlm case it does. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mounting samba volume by IP fails trust in AD
my guess is that reverse DNS lookups are failing for the IP Walt Park wrote: Why would it be different between a microsoft share, and a samba share? A microsoft share works wth either name or IP, but samba only works for name, and not IP. Also, when it fails with trust error I never see a connection attempt at the samba server. On Wed, Mar 30, 2011 at 11:34 AM, Volker Lendecke volker.lende...@sernet.de wrote: On Wed, Mar 30, 2011 at 09:42:33AM -0500, Walt Park wrote: Any idea why IP mount fails trust with 2003 AD but Name would be ok? Is this a microsoft-ism to hate on samba, or am I missing something in my config? It's possible that via name you're using kerberos but via ip you're using ntlm. In the kerberos case Samba does not have to ask the DC, in the ntlm case it does. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mounting samba volume by IP fails trust in AD
In answer to vandal: Yes, they are A/PTR records, and not cname. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Authentication wrecking my head [ADS]
Also check /var/cache/samba Dale On 03/30/2011 11:48 AM, Brian O'Mahony wrote: samba3-3.4.11-42.el5 However I have moved to using idmap_rid, as I will have cold standbys of machines that I want to be able to access SAN data, with the same IDs. So how does one go about clearing the samba user cache? I had it set up with users starting at 1. With RID I have now brought this down to 500 (so I can easily see the difference). I deleted the winbindd_* files folder in /var/lib/samba, but when I use a getent passwd brian.omahony its showing the id as 10 Thanks B -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Gaiseric Vandal Sent: Wednesday, March 30, 2011 4:28 PM To: Samba Subject: Re: [Samba] Samba Authentication wrecking my head [ADS] What version of samba? I found that samba 3.0.x (as bundled with solaris) had problems with idmap. This was with LDAP backend, a Samba DC with trusts to Windows 2003 domain (in NT domain compatibility mode.) Samba would allocate idmap entries in ldap, and would populate the TDB cache files. but when the cache timeout expired, the cache files were not repopulated. Long and short- I don't think Samba 3.0.x plays nice with Windows 2003. It doesn't work with Windows 2008 domains (2003 mode.) On 03/30/2011 10:07 AM, Brian O'Mahony wrote: After a bit of googling, I found that the idmap has been corrupted. Why would/could this happen? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Brian O'Mahony Sent: Wednesday, March 30, 2011 2:37 PM To: samba@lists.samba.org Subject: [Samba] Samba Authentication wrecking my head [ADS] Ive recently installed three servers with RHEL5u5. After some messing on the original, I got samba working with ADS authentication. I then went and got it working so that users could log in using their domain name password to the box. I got this working with both no restriction, and ADS group restriction. I have left it on no restriction wheil I get these systems up and running. I then copied my configuration files (krb5.conf, samba.conf, system-auth.conf) to the second machine. Everything works. Rebooted, everything is fine. System running as expected. I copied to the third machine. Everything worked fine. I was able to log in using two users (mine and a colleagues). Set up some other machine stuff, rebooted, and passed the machine over. I was then informed (naturally 5mins after I left the office) that there was something wrong. Those two accounts worked from both a samba perspective, and a login perspective. However a third account that was supposed to work, failed with su: user ccadm does not exist. Now samba doesn't work for any user other than the original too, and the same goes for logins. I tried net ads leave, kdestory, renaming the system, rebooting. I have rejoined the domain as both that system name, and a new one, with no issues: [root@akbarTRAP log]# wbinfo -t checking the trust secret via RPC calls succeeded [root@akbarTRAP log]# net ads testjoin Join is OK [root@akbarTRAP log]# wbinfo -u | grep ccadm Ccadm So my questions are: 1. Where the hell are these accounts being cached, that work. 2. What the hell has happened to make this no longer work. 3. Why if I can see all the users groups can I not log in, or get samba working. This is really starting to get on my nerves. I just cannot understand why if it can see the users using wbinfo, why it is telling me they don't exist. Would really appreciate some help on this. Regards B [root@akbarTRAP etc]# cat /etc/nsswitch.conf | grep winbind passwd: files winbind shadow: files winbind group: files winbind log.winbind: [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:03, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:03, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:754(winbindd_interface_version) [ 7381]: request interface version [2011/03/30 14:29:05, 3] winbindd/winbindd_misc.c:787(winbindd_priv_pipe_dir) [ 7381]: request location of privileged pipe [2011/03/30 14:29:05, 3] winbindd/winbindd_pam.c:829(winbindd_pam_auth) [ 7381]: pam auth ccadm [2011/03/30 14:29:05, 3] winbindd/winbindd_user.c:438(winbindd_getpwnam) [ 7381]: getpwnam ccadm Secure log: Mar 30 14:29:03 akbartrap sshd[7381]: Invalid user ccadm from 172.16.165.248 Mar 30 14:29:03 akbartrap sshd[7382]: input_userauth_request: invalid user ccadm Mar 30 14:29:05 akbartrap sshd[7381]: pam_unix(sshd:auth): check pass; user unknown Mar 30
[Samba] Unreliable connection to Samba PDC - Connections get lost, Roaming Profiles do not sync, Files can't be written, etc..
Hello all! I am having severe problems with my Samba PDC. 1. My Roaming profile in 3 out of 10 times does not get synchronized correctly with the server - without any obvious reason. This sometimes destroys my profile by losing data and commonly from then on the profile is never again synchronized correctly. A backup restore of the computer is necessary. 2. When I edit a document (e.g. word .docx) which is located on a samba-share, sometimes when I want to save it to a new (!) file name, Word says that it can't save to the new file name because the document is in use by someone else. Word creates the new file name anyway, but it remains 0kb. When I select save again and chose to overwrite the new 0kb file, it does it without any problem. 3. Sometimes the connection to the PDC get's lost in the middle of a day's session. Thus all my network drives get disconnected and I have to reboot the client to get connected again. If in this time I had Outlook 2007 opened (my outlook.pst lives on a network share, too), I have to close Outlook and reboot to be able to edit anything in Outlook again. What I have tried: 1. Changed TP-Cable between client and server 2. Changed Network Switch between client and server (and switched from 100MBit to Gigabit) 3. Upgraded Samba to the (then) newest version, which was 1 year newer than the previous one 4. Re-added the client to the domain Nothing helped... ;-( What is going on here? The client that connects to the PDC is Windows 7, 64bit ANY ideas, hints, approaches are HIGHLY APPRECIATED!! Tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unreliable connection to Samba PDC - Connections get lost, Roaming Profiles do not sync, Files can't be written, etc..
Is this with one Windows 7 X64 client or all of them? Do XP machines have the same problem? Do the disconnects occur after the machine has been in sleep mode? On 03/30/2011 04:21 PM, Tom H. Lautenbacher wrote: Hello all! I am having severe problems with my Samba PDC. 1. My Roaming profile in 3 out of 10 times does not get synchronized correctly with the server - without any obvious reason. This sometimes destroys my profile by losing data and commonly from then on the profile is never again synchronized correctly. A backup restore of the computer is necessary. 2. When I edit a document (e.g. word .docx) which is located on a samba-share, sometimes when I want to save it to a new (!) file name, Word says that it can't save to the new file name because the document is in use by someone else. Word creates the new file name anyway, but it remains 0kb. When I select save again and chose to overwrite the new 0kb file, it does it without any problem. 3. Sometimes the connection to the PDC get's lost in the middle of a day's session. Thus all my network drives get disconnected and I have to reboot the client to get connected again. If in this time I had Outlook 2007 opened (my outlook.pst lives on a network share, too), I have to close Outlook and reboot to be able to edit anything in Outlook again. What I have tried: 1. Changed TP-Cable between client and server 2. Changed Network Switch between client and server (and switched from 100MBit to Gigabit) 3. Upgraded Samba to the (then) newest version, which was 1 year newer than the previous one 4. Re-added the client to the domain Nothing helped... ;-( What is going on here? The client that connects to the PDC is Windows 7, 64bit ANY ideas, hints, approaches are HIGHLY APPRECIATED!! Tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind is not taking default domain
Not sure if you import all the users and groups into your /etc/passwd and /etc/group file respectively, would fix your problem. On 29/03/2011, at 11:39 PM, Werner Durgarten wrote: Similar Problem here: Since Upgrading to Sernet Samba 3.5.8 logging in without typing in the default domain does not work any more. Original-Nachricht Datum: Mon, 28 Mar 2011 16:34:19 +1300 Von: Marco Huang marco.hu...@auckland.ac.nz An: samba@lists.samba.org Betreff: [Samba] winbind is not taking default domain Hi, We have been running samba file server about 2 years without this problem. The problem appeared at the same time on our debian and centos servers. Not sure if it's related to any updates on our windows AD servers. Debian Squeeze sernet-samba-3.5.8-27 Centos 5.5 samba3-3.5.5-43.el5 Use Active Directory for user login authentication Use uid/gid from ldap The reason we still want winbind is for managing permissions from client end. Since last week, users failed on login with valid users = @staff until I stopped winbind. I found if I change to valid users = @ABC\staff, users can login, however the change can not resolve the problem of ACLs on the folders/files. Of cause, if I stop winbind, works ok - user can login, and following the current permissions, but we do need winbind for managing permissions from client end. # smb.conf [global] realm = ad.mydomain workgroup = ABC server string = %h server enable privileges = yes dns proxy = no netbios name = linfiles smb ports = 139 445 load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes log file = /var/log/samba/%U.log log level = 10 winbind:10 debug timestamp = yes max log size = 1000 syslog only = no syslog = 2 panic action = /usr/share/samba/panic-action %d security = ADS encrypt passwords = true obey pam restrictions = no invalid users = root unix extensions = no idmap backend = nss idmap config ABC : default = yes idmap config ABC : backend = nss idmap alloc backend = nss idmap cache time = 30 allow trusted domains = no socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=65536 SO_SNDBUF=65536 locking = yes strict locking = no posix locking = yes kernel oplocks = no oplocks = yes level2 oplocks = yes winbind trusted domains only = yes winbind use default domain = yes winbind enum users = no winbind enum groups = no winbind cache time = 3600 acl compatibility = auto [sit] comment = Shares browseable = yes writable = yes create mask = 0770 directory mask = 0770 acl group control = yes acl check permissions = True nt acl support = yes force directory security mode = 770 inherit permissions = yes inherit acls = yes inherit owner = no map acl inherit = yes path = /mnt/sit valid users = @staff # /etc/nsswitch.conf passwd: files ldap shadow: files group: files ldap # getent group staff returns group members with testuser. # wbinfo --own-domain ABC # Here are some logs from debug mode, winbind just trying to lookup domain LINFILES and Unix Group rather than ABC. [2011/03/25 12:43:50.645636, 3] lib/util_sid.c:228(string_to_sid) string_to_sid: Sid @staff does not start with 'S-'. [2011/03/25 12:43:50.645683, 5] smbd/password.c:423(user_in_netgroup) Unable to get default yp domain, let's try without specifying it [2011/03/25 12:43:50.645694, 5] smbd/password.c:430(user_in_netgroup) looking for user testuser of domain (ANY) in netgroup staff [2011/03/25 12:43:50.645733, 10] passdb/lookup_sid.c:69(lookup_name) lookup_name: LINFILES\staff = LINFILES (domain), staff (name) [2011/03/25 12:43:50.645744, 10] passdb/lookup_sid.c:70(lookup_name) lookup_name: flags = 0x077 [2011/03/25 12:43:50.645753, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2011/03/25 12:43:50.645764, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2011/03/25 12:43:50.645773, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2011/03/25 12:43:50.645783, 5] auth/token_util.c:525(debug_nt_user_token) NT user token: (NULL) [2011/03/25 12:43:50.645792, 5] auth/token_util.c:551(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2011/03/25 12:43:50.645825, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/03/25 12:43:50.645837, 10] passdb/lookup_sid.c:69(lookup_name) lookup_name: Unix Group\staff = Unix Group (domain), staff (name) [2011/03/25 12:43:50.645847, 10] passdb/lookup_sid.c:70(lookup_name) lookup_name: flags = 0x077 [2011/03/25 12:43:50.647804, 10] smbd/share_access.c:216(user_ok_token) User testuser not in 'valid users' [2011/03/25
Re: [Samba] Unreliable connection to Samba PDC - Connections get lost, Roaming Profiles do not sync, Files can't be written, etc..
On Wed, Mar 30, 2011 at 11:21:13PM +0300, Tom H. Lautenbacher wrote: Hello all! I am having severe problems with my Samba PDC. 1. My Roaming profile in 3 out of 10 times does not get synchronized ... 2. When I edit a document (e.g. word .docx) which is located on a ... 3. Sometimes the connection to the PDC get's lost in the middle of a ... What I have tried: 1. Changed TP-Cable between client and server 2. Changed Network Switch between client and server (and switched from 100MBit to Gigabit) 3. Upgraded Samba to the (then) newest version, which was 1 year newer than the previous one 4. Re-added the client to the domain and? What is missing here? 5. change (probably broken) network adapter and/or motherboard (interrupt or DMA controllers else run iperf or nuttcp apt-get install iperf or apt-get install nuttcp 6. an don't forget to try memtest86+ on both sides... Nothing helped... ;-( What is going on here? The client that connects to the PDC is Windows 7, 64bit ANY ideas, hints, approaches are HIGHLY APPRECIATED!! done :-) If problem found, remember to post here in anycase! -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 32a76ca s4:lib/policy/gp_ldap.c - make more use of LDB result constants via dcdfc27 s4:lib/registry/registry.h - align a copyright line in header comment via 6723e90 talloc - improve doxygen comment of talloc_move via 05a9b7c s4:smb_server/smb/trans2.c - talloc_move isn't strictly necessary here from 72833e4 s3-ctdb_wrap: remove unused variable from db_ctdb_fetch_persistent(). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 32a76ca146104e94a974e23668e93464c2b35a9a Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Mar 27 22:14:56 2011 +0200 s4:lib/policy/gp_ldap.c - make more use of LDB result constants Autobuild-User: Matthias Dieter Wallnöfer m...@samba.org Autobuild-Date: Wed Mar 30 09:33:38 CEST 2011 on sn-devel-104 commit dcdfc27dbf3e2f47a3fea0c2ee7e18918430be60 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Fri Mar 25 20:03:42 2011 +0100 s4:lib/registry/registry.h - align a copyright line in header comment commit 6723e90d524c8e73f19c06b3ff28867a1a89b14b Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Mar 24 09:41:19 2011 +0100 talloc - improve doxygen comment of talloc_move Express better that this should be a pointer of a pointer. Reviewed-by: Tridge commit 05a9b7c32dd5831d2099a1c634d9380fe12a530e Author: Matthias Dieter Wallnöfer m...@samba.org Date: Thu Mar 24 10:28:10 2011 +0100 s4:smb_server/smb/trans2.c - talloc_move isn't strictly necessary here Since the set will be free'd afterwards talloc_steal is enough. Reviewed-by: Tridge --- Summary of changes: lib/talloc/talloc.h |6 +++--- source4/lib/policy/gp_ldap.c| 26 +- source4/lib/registry/registry.h |2 +- source4/smb_server/smb/trans2.c |2 +- 4 files changed, 18 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/talloc/talloc.h b/lib/talloc/talloc.h index 5710861..64879b7 100644 --- a/lib/talloc/talloc.h +++ b/lib/talloc/talloc.h @@ -402,14 +402,14 @@ const char *talloc_set_name(const void *ptr, const char *fmt, ...) PRINTF_ATTRIB * * @param[in] new_ctx The new parent context. * - * @param[in] ptr Pointer to the talloc chunk to move. + * @param[in] pptr Pointer to the talloc chunk to move. * * @return The pointer of the talloc chunk it has been moved to, * NULL on error. */ -void *talloc_move(const void *new_ctx, const void *ptr); +void *talloc_move(const void *new_ctx, void **pptr); #else -#define talloc_move(ctx, ptr) (_TALLOC_TYPEOF(*(ptr)))_talloc_move((ctx),(void *)(ptr)) +#define talloc_move(ctx, pptr) (_TALLOC_TYPEOF(*(pptr)))_talloc_move((ctx),(void *)(pptr)) void *_talloc_move(const void *new_ctx, const void *pptr); #endif diff --git a/source4/lib/policy/gp_ldap.c b/source4/lib/policy/gp_ldap.c index 091af2e..de56e4c 100644 --- a/source4/lib/policy/gp_ldap.c +++ b/source4/lib/policy/gp_ldap.c @@ -641,7 +641,7 @@ NTSTATUS gp_set_gplink(struct gp_context *gp_ctx, const char *dn_str, struct gp_ msg-dn = dn; rv = ldb_msg_add_string(msg, gPLink, gplink_str); - if (rv != 0) { + if (rv != LDB_SUCCESS) { DEBUG(0, (LDB message add string failed: %s\n, ldb_strerror(rv))); talloc_free(mem_ctx); return NT_STATUS_UNSUCCESSFUL; @@ -649,7 +649,7 @@ NTSTATUS gp_set_gplink(struct gp_context *gp_ctx, const char *dn_str, struct gp_ msg-elements[0].flags = LDB_FLAG_MOD_REPLACE; rv = ldb_modify(gp_ctx-ldb_ctx, msg); - if (rv != 0) { + if (rv != LDB_SUCCESS) { DEBUG(0, (LDB modify failed: %s\n, ldb_strerror(rv))); talloc_free(mem_ctx); return NT_STATUS_UNSUCCESSFUL; @@ -717,14 +717,14 @@ NTSTATUS gp_del_gplink(struct gp_context *gp_ctx, const char *dn_str, const char if (strcmp(gplink_str, ) == 0) { rv = ldb_msg_add_empty(msg, gPLink, LDB_FLAG_MOD_DELETE, NULL); - if (rv != 0) { + if (rv != LDB_SUCCESS) { DEBUG(0, (LDB message add empty element failed: %s\n, ldb_strerror(rv))); talloc_free(mem_ctx); return NT_STATUS_UNSUCCESSFUL; } } else { rv = ldb_msg_add_string(msg, gPLink, gplink_str); - if (rv != 0) { + if (rv != LDB_SUCCESS) { DEBUG(0, (LDB message add string failed: %s\n, ldb_strerror(rv))); talloc_free(mem_ctx); return NT_STATUS_UNSUCCESSFUL; @@ -732,7 +732,7 @@ NTSTATUS gp_del_gplink(struct gp_context *gp_ctx, const
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0fea80c s3: Fix Coverity ID 2217: RESOURCE_LEAK via 40306f2 s3: Fix Coverity ID 2220: RESOURCE_LEAK via a56eb9b s3: Fix Coverity ID 2221: RESOURCE_LEAK via 9a97a83 s3: Fix Coverity ID : RESOURCE_LEAK via 12bf847 s3: Fix Coverity ID 2223: RESOURCE_LEAK via 8486f0f s3: Fix Coverity ID 2236: REVERSE_INULL via de635fe s3: Fix Coverity ID 2332: MISSING_BREAK via 0764e72 s3: Fix Coverity ID 2237: REVERSE_INULL via 0080f94 tdb: Fix Coverity ID 2238: SECURE_CODING via 014d409 s3: Fix Coverity ID 2304: FORWARD_NULL from 32a76ca s4:lib/policy/gp_ldap.c - make more use of LDB result constants http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0fea80c1d6e3ad819e66fc7feafecb1e8b54728e Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID 2217: RESOURCE_LEAK Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Mar 30 10:45:44 CEST 2011 on sn-devel-104 commit 40306f2247cfedb2b0c3af3a7392b1a7e83c57ab Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID 2220: RESOURCE_LEAK commit a56eb9b88733fbee30e3640d3e4b0ede6bf434d7 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID 2221: RESOURCE_LEAK commit 9a97a8307ccda6d5a78de5e7e615209578d3a672 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID : RESOURCE_LEAK commit 12bf8470588ad38b415327f92dfbce5c321b3715 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:04:47 2011 +0200 s3: Fix Coverity ID 2223: RESOURCE_LEAK commit 8486f0fa0495e51d204dca970bf864041123b631 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:57:05 2011 +0200 s3: Fix Coverity ID 2236: REVERSE_INULL We have already dereferenced b, and the other calls in this loop can only have worked with a valid handle commit de635fe1f71abfdce50e49dc517b4a55f8449c2f Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:41:18 2011 +0200 s3: Fix Coverity ID 2332: MISSING_BREAK commit 0764e72051c6b74efe07539736f09c90b2e52672 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:53:15 2011 +0200 s3: Fix Coverity ID 2237: REVERSE_INULL commit 0080f944b47f3afa676153e5da7093a8667fc005 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:51:40 2011 +0200 tdb: Fix Coverity ID 2238: SECURE_CODING commit 014d4093c3bdf0481a415b2df3084b743a9b4845 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:45:04 2011 +0200 s3: Fix Coverity ID 2304: FORWARD_NULL --- Summary of changes: lib/tdb/common/summary.c| 48 +- nsswitch/libwbclient/wbc_sid.c |2 +- nsswitch/wbinfo.c |8 ++ source3/rpc_server/lsa/srv_lsa_nt.c |1 + source3/smbd/lanman.c |4 +-- source3/smbd/sesssetup.c|4 +-- source3/winbindd/winbindd_msrpc.c |4 +-- 7 files changed, 37 insertions(+), 34 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/summary.c b/lib/tdb/common/summary.c index da1ec2b..b222a59 100644 --- a/lib/tdb/common/summary.c +++ b/lib/tdb/common/summary.c @@ -159,30 +159,30 @@ _PUBLIC_ char *tdb_summary(struct tdb_context *tdb) if (!ret) goto unlock; - sprintf(ret, SUMMARY_FORMAT, - tdb-map_size, keys.total+data.total, - keys.num, - keys.min, tally_mean(keys), keys.max, - data.min, tally_mean(data), data.max, - extra.min, tally_mean(extra), extra.max, - dead.num, - dead.min, tally_mean(dead), dead.max, - freet.num, - freet.min, tally_mean(freet), freet.max, - hash.num, - hash.min, tally_mean(hash), hash.max, - uncoal.total, - uncoal.min, tally_mean(uncoal), uncoal.max, - keys.total * 100.0 / tdb-map_size, - data.total * 100.0 / tdb-map_size, - extra.total * 100.0 / tdb-map_size, - freet.total * 100.0 / tdb-map_size, - dead.total * 100.0 / tdb-map_size, - (keys.num + freet.num + dead.num) - * (sizeof(struct tdb_record) + sizeof(uint32_t)) - * 100.0 / tdb-map_size, - tdb-header.hash_size * sizeof(tdb_off_t) - * 100.0 / tdb-map_size); + snprintf(ret, len, SUMMARY_FORMAT, +tdb-map_size, keys.total+data.total, +keys.num, +keys.min, tally_mean(keys), keys.max, +data.min, tally_mean(data),
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via c9f1cd6 s3: Fix Coverity ID 2217: RESOURCE_LEAK via 6dd0a66 s3: Fix Coverity ID 2220: RESOURCE_LEAK (cherry picked from commit 40306f2247cfedb2b0c3af3a7392b1a7e83c57ab) via 94daaf0 s3: Fix Coverity ID 2221: RESOURCE_LEAK (cherry picked from commit a56eb9b88733fbee30e3640d3e4b0ede6bf434d7) via c8a48a8 s3: Fix Coverity ID : RESOURCE_LEAK (cherry picked from commit 9a97a8307ccda6d5a78de5e7e615209578d3a672) via 511ed20 s3: Fix Coverity ID 2223: RESOURCE_LEAK (cherry picked from commit 12bf8470588ad38b415327f92dfbce5c321b3715) via 195ba5d s3: Fix Coverity ID 2236: REVERSE_INULL via 49a3685 s3: Fix Coverity ID 2332: MISSING_BREAK (cherry picked from commit de635fe1f71abfdce50e49dc517b4a55f8449c2f) via e354de4 s3: Fix Coverity ID 2237: REVERSE_INULL (cherry picked from commit 0764e72051c6b74efe07539736f09c90b2e52672) via b659b6c tdb: Fix Coverity ID 2238: SECURE_CODING (cherry picked from commit 0080f944b47f3afa676153e5da7093a8667fc005) via 34edfc5 s3: Fix Coverity ID 2304: FORWARD_NULL (cherry picked from commit 014d4093c3bdf0481a415b2df3084b743a9b4845) from 29ccbca s3-libsmb: remove duplicate NTSTATUS variable. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit c9f1cd67d1c798e361db5949e5cacea15db805a7 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID 2217: RESOURCE_LEAK Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Mar 30 10:45:44 CEST 2011 on sn-devel-104 (cherry picked from commit 0fea80c1d6e3ad819e66fc7feafecb1e8b54728e) commit 6dd0a66c0b096e5b384b9cf550cc4e62f93d9b7f Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID 2220: RESOURCE_LEAK (cherry picked from commit 40306f2247cfedb2b0c3af3a7392b1a7e83c57ab) commit 94daaf056d34a3546174e9ddb6c6db632dd17983 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID 2221: RESOURCE_LEAK (cherry picked from commit a56eb9b88733fbee30e3640d3e4b0ede6bf434d7) commit c8a48a8a70bc41d3c51524c61b718f9ce24a6191 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:06:18 2011 +0200 s3: Fix Coverity ID : RESOURCE_LEAK (cherry picked from commit 9a97a8307ccda6d5a78de5e7e615209578d3a672) commit 511ed20ef82c75911a984ff9c1776a0d91df5f65 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 07:04:47 2011 +0200 s3: Fix Coverity ID 2223: RESOURCE_LEAK (cherry picked from commit 12bf8470588ad38b415327f92dfbce5c321b3715) commit 195ba5dd6b3757eb42f4a05ab488306053c6cf39 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:57:05 2011 +0200 s3: Fix Coverity ID 2236: REVERSE_INULL We have already dereferenced b, and the other calls in this loop can only have worked with a valid handle (cherry picked from commit 8486f0fa0495e51d204dca970bf864041123b631) commit 49a3685374e23b61cc5454309d83eec05764e527 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:41:18 2011 +0200 s3: Fix Coverity ID 2332: MISSING_BREAK (cherry picked from commit de635fe1f71abfdce50e49dc517b4a55f8449c2f) commit e354de4addd71a0deeb7b8c2a7e668e27e168163 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:53:15 2011 +0200 s3: Fix Coverity ID 2237: REVERSE_INULL (cherry picked from commit 0764e72051c6b74efe07539736f09c90b2e52672) commit b659b6c63a895348efb9b1a1420e54148f4bcebc Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:51:40 2011 +0200 tdb: Fix Coverity ID 2238: SECURE_CODING (cherry picked from commit 0080f944b47f3afa676153e5da7093a8667fc005) commit 34edfc5494c0172aea860486080a779dce949596 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 06:45:04 2011 +0200 s3: Fix Coverity ID 2304: FORWARD_NULL (cherry picked from commit 014d4093c3bdf0481a415b2df3084b743a9b4845) --- Summary of changes: lib/tdb/common/summary.c| 48 +- nsswitch/libwbclient/wbc_sid.c |2 +- nsswitch/wbinfo.c |8 ++ source3/rpc_server/lsa/srv_lsa_nt.c |1 + source3/smbd/lanman.c |4 +-- source3/smbd/sesssetup.c|4 +-- source3/winbindd/winbindd_msrpc.c |4 +-- 7 files changed, 37 insertions(+), 34 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/summary.c b/lib/tdb/common/summary.c index da1ec2b..b222a59 100644 --- a/lib/tdb/common/summary.c +++ b/lib/tdb/common/summary.c @@ -159,30 +159,30 @@ _PUBLIC_ char *tdb_summary(struct tdb_context *tdb) if (!ret) goto unlock; - sprintf(ret, SUMMARY_FORMAT, - tdb-map_size,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fbd0ff6 s3: try to fix the build on some non-linux buildfarm machines. from 0fea80c s3: Fix Coverity ID 2217: RESOURCE_LEAK http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fbd0ff69ec07c55a2858f49b1effb40bd871d4a6 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 10:50:10 2011 +0200 s3: try to fix the build on some non-linux buildfarm machines. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Mar 30 11:39:31 CEST 2011 on sn-devel-104 --- Summary of changes: source3/auth/pass_check.c |1 + source3/include/event.h |2 +- source3/lib/packet.c |1 + source3/smbd/utmp.c |1 + 4 files changed, 4 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c index 93aa89c..a7a1c3d 100644 --- a/source3/auth/pass_check.c +++ b/source3/auth/pass_check.c @@ -21,6 +21,7 @@ password database. The SMB encrypted password support is elsewhere */ #include includes.h +#include system/passwd.h #include auth.h #undef DBGC_CLASS diff --git a/source3/include/event.h b/source3/include/event.h index d69b333..1e5dfab 100644 --- a/source3/include/event.h +++ b/source3/include/event.h @@ -25,7 +25,7 @@ #define event_context_init(mem_ctx) s3_tevent_context_init(mem_ctx) /* The following definitions come from lib/events.c */ - +struct pollfd; struct timeval *get_timed_events_timeout(struct event_context *event_ctx, struct timeval *to_ret); void dump_event_list(struct event_context *event_ctx); diff --git a/source3/lib/packet.c b/source3/lib/packet.c index 26ca1da..133983d 100644 --- a/source3/lib/packet.c +++ b/source3/lib/packet.c @@ -19,6 +19,7 @@ #include includes.h #include ../lib/util/select.h +#include system/filesys.h #include system/select.h #include packet.h diff --git a/source3/smbd/utmp.c b/source3/smbd/utmp.c index 2d6beab..47462f6 100644 --- a/source3/smbd/utmp.c +++ b/source3/smbd/utmp.c @@ -19,6 +19,7 @@ */ #include includes.h +#include system/filesys.h #include smbd/smbd.h / -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 43e364e lib/util/charset Add tests for convert_string_talloc_handle() via a64958a lib/util Move base64 functions into lib/util/base64.c via 48d0abe s3:lib make lazy_initialize_conv() static via c395209 lib/util/charset Remove pointless static bool initialised from fbd0ff6 s3: try to fix the build on some non-linux buildfarm machines. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 43e364e61bc232e167ed1a18de037f8a278c8c24 Author: Andrew Bartlett abart...@samba.org Date: Wed Mar 30 17:49:30 2011 +1100 lib/util/charset Add tests for convert_string_talloc_handle() Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Wed Mar 30 13:02:47 CEST 2011 on sn-devel-104 commit a64958a8805b6ef1758293697e63309d3ddbe4ae Author: Andrew Bartlett abart...@samba.org Date: Wed Mar 30 17:49:01 2011 +1100 lib/util Move base64 functions into lib/util/base64.c Andrew Bartlett commit 48d0abe0b50b4e0414f5dcb46aae2a4b5bfaac7e Author: Andrew Bartlett abart...@samba.org Date: Tue Mar 29 13:21:52 2011 +1100 s3:lib make lazy_initialize_conv() static commit c3952097910bb34ac8c00b1a23261fea7ce56bfc Author: Andrew Bartlett abart...@samba.org Date: Tue Mar 29 09:45:22 2011 +1100 lib/util/charset Remove pointless static bool initialised --- Summary of changes: lib/util/base64.c | 141 +++ lib/util/charset/charset.h |4 + lib/util/charset/codepoints.c | 14 +- lib/util/charset/tests/convert_string.c | 418 +++ lib/util/util.h | 13 + lib/util/util_str.c |2 - lib/util/wscript_build |2 +- source3/Makefile.in |2 +- source3/include/proto.h |4 - source3/lib/charcnv.c |2 +- source3/lib/util_str.c | 115 - source4/torture/local/local.c |1 + source4/torture/local/wscript_build |1 + source4/utils/ntlm_auth.c | 31 +--- 14 files changed, 592 insertions(+), 158 deletions(-) create mode 100644 lib/util/base64.c create mode 100644 lib/util/charset/tests/convert_string.c Changeset truncated at 500 lines: diff --git a/lib/util/base64.c b/lib/util/base64.c new file mode 100644 index 000..19ce2d1 --- /dev/null +++ b/lib/util/base64.c @@ -0,0 +1,141 @@ +/* + Unix SMB/CIFS implementation. + Samba utility functions + + Copyright (C) Andrew Tridgell 1992-2001 + Copyright (C) Simo Sorce 2001-2002 + Copyright (C) Martin Pool 2003 + Copyright (C) James Peach2006 + Copyright (C) Jeremy Allison 1992-2007 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see http://www.gnu.org/licenses/. +*/ + +#include includes.h + +static const char b64[] = ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/; + +/** + * Decode a base64 string into a DATA_BLOB - simple and slow algorithm + **/ +_PUBLIC_ DATA_BLOB base64_decode_data_blob(const char *s) +{ + int bit_offset, byte_offset, idx, i, n; + DATA_BLOB decoded = data_blob(s, strlen(s)+1); + unsigned char *d = decoded.data; + char *p; + + n=i=0; + + while (*s (p=strchr_m(b64,*s))) { + idx = (int)(p - b64); + byte_offset = (i*6)/8; + bit_offset = (i*6)%8; + d[byte_offset] = ~((1(8-bit_offset))-1); + if (bit_offset 3) { + d[byte_offset] |= (idx (2-bit_offset)); + n = byte_offset+1; + } else { + d[byte_offset] |= (idx (bit_offset-2)); + d[byte_offset+1] = 0; + d[byte_offset+1] |= (idx (8-(bit_offset-2))) 0xFF; + n = byte_offset+2; + } + s++; i++; + } + + if ((n 0) (*s == '=')) { + n -= 1; + } + + /* fix up length */ + decoded.length = n; + return decoded; +} + +/** + * Decode a base64 string in-place - wrapper for the above + **/ +_PUBLIC_ void base64_decode_inplace(char
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 65c9d2e s3: Fix Coverity ID 2041, UNUSED_VALUE from 43e364e lib/util/charset Add tests for convert_string_talloc_handle() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 65c9d2e6216f71f258ea796d0959bf7e1e4d8732 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 12:39:36 2011 +0200 s3: Fix Coverity ID 2041, UNUSED_VALUE Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Mar 30 13:49:35 CEST 2011 on sn-devel-104 --- Summary of changes: source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 14 ++ 1 files changed, 10 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c index 77627dc..df882d7 100644 --- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c +++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c @@ -494,16 +494,20 @@ static void init_srv_share_info_1007(struct pipes_struct *p, / static void init_srv_share_info_1501(struct pipes_struct *p, -struct sec_desc_buf *r, +struct sec_desc_buf **r, int snum) { struct security_descriptor *sd; + struct sec_desc_buf *sd_buf = NULL; size_t sd_size; TALLOC_CTX *ctx = p-mem_ctx; sd = get_share_security(ctx, lp_servicename(snum), sd_size); + if (sd) { + sd_buf = make_sec_desc_buf(p-mem_ctx, sd_size, sd); + } - r = make_sec_desc_buf(p-mem_ctx, sd_size, sd); + *r = sd_buf; } /*** @@ -749,7 +753,9 @@ static WERROR init_srv_share_info_ctr(struct pipes_struct *p, for (snum = 0; snum num_services; snum++) { if (allowed[snum] (resume_handle = (i + valid_share_count++)) ) { - init_srv_share_info_1501(p, ctr.ctr1501-array[i++], snum); + struct sec_desc_buf *sd_buf = NULL; + init_srv_share_info_1501(p, sd_buf, snum); + ctr.ctr1501-array[i++] = *sd_buf; } } @@ -1483,7 +1489,7 @@ WERROR _srvsvc_NetShareGetInfo(struct pipes_struct *p, init_srv_share_info_1007(p, info-info1007, snum); break; case 1501: - init_srv_share_info_1501(p, info-info1501, snum); + init_srv_share_info_1501(p, info-info1501, snum); break; default: DEBUG(5,(_srvsvc_NetShareGetInfo: unsupported switch value %d\n, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 25b43d3 s3: Use cli_ntcreate to when listing snapshots from 65c9d2e s3: Fix Coverity ID 2041, UNUSED_VALUE http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 25b43d317f7e59002323c8804bea7a75623d3513 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 13:19:46 2011 +0200 s3: Use cli_ntcreate to when listing snapshots This works for directories as well Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Mar 30 14:37:02 CEST 2011 on sn-devel-104 --- Summary of changes: source3/client/client.c |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index 1ad20da..a12f8a2 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -1715,7 +1715,11 @@ static int do_allinfo(const char *name) (unsigned long long)streams[i].size); } - status = cli_open(cli, name, O_RDONLY, DENY_NONE, fnum); + status = cli_ntcreate(cli, name, 0, + CREATE_ACCESS_READ, 0, + FILE_SHARE_READ|FILE_SHARE_WRITE + |FILE_SHARE_DELETE, + FILE_OPEN, 0x0, 0x0, fnum); if (!NT_STATUS_IS_OK(status)) { /* * Ignore failure, it does not hurt if we can't list -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via bbf0762 s3: Use cli_ntcreate to when listing snapshots via 87151e4 s3: Fix Coverity ID 2041, UNUSED_VALUE from c9f1cd6 s3: Fix Coverity ID 2217: RESOURCE_LEAK http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit bbf0762dc1244f4627b590b478703a16ceb1f604 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 13:19:46 2011 +0200 s3: Use cli_ntcreate to when listing snapshots This works for directories as well Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Mar 30 14:37:02 CEST 2011 on sn-devel-104 (cherry picked from commit 25b43d317f7e59002323c8804bea7a75623d3513) commit 87151e4238fa280fc3438b9ac80fb60eaf9ee00c Author: Günther Deschner g...@samba.org Date: Wed Mar 30 12:39:36 2011 +0200 s3: Fix Coverity ID 2041, UNUSED_VALUE Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Mar 30 13:49:35 CEST 2011 on sn-devel-104 (cherry picked from commit 65c9d2e6216f71f258ea796d0959bf7e1e4d8732) --- Summary of changes: source3/client/client.c |6 +- source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 14 ++ 2 files changed, 15 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index 000970e..749a987 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -1712,7 +1712,11 @@ static int do_allinfo(const char *name) (unsigned long long)streams[i].size); } - status = cli_open(cli, name, O_RDONLY, DENY_NONE, fnum); + status = cli_ntcreate(cli, name, 0, + CREATE_ACCESS_READ, 0, + FILE_SHARE_READ|FILE_SHARE_WRITE + |FILE_SHARE_DELETE, + FILE_OPEN, 0x0, 0x0, fnum); if (!NT_STATUS_IS_OK(status)) { /* * Ignore failure, it does not hurt if we can't list diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c index f0a105e..6d77ff0 100644 --- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c +++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c @@ -489,16 +489,20 @@ static void init_srv_share_info_1007(struct pipes_struct *p, / static void init_srv_share_info_1501(struct pipes_struct *p, -struct sec_desc_buf *r, +struct sec_desc_buf **r, int snum) { struct security_descriptor *sd; + struct sec_desc_buf *sd_buf = NULL; size_t sd_size; TALLOC_CTX *ctx = p-mem_ctx; sd = get_share_security(ctx, lp_servicename(snum), sd_size); + if (sd) { + sd_buf = make_sec_desc_buf(p-mem_ctx, sd_size, sd); + } - r = make_sec_desc_buf(p-mem_ctx, sd_size, sd); + *r = sd_buf; } /*** @@ -744,7 +748,9 @@ static WERROR init_srv_share_info_ctr(struct pipes_struct *p, for (snum = 0; snum num_services; snum++) { if (allowed[snum] (resume_handle = (i + valid_share_count++)) ) { - init_srv_share_info_1501(p, ctr.ctr1501-array[i++], snum); + struct sec_desc_buf *sd_buf = NULL; + init_srv_share_info_1501(p, sd_buf, snum); + ctr.ctr1501-array[i++] = *sd_buf; } } @@ -1478,7 +1484,7 @@ WERROR _srvsvc_NetShareGetInfo(struct pipes_struct *p, init_srv_share_info_1007(p, info-info1007, snum); break; case 1501: - init_srv_share_info_1501(p, info-info1501, snum); + init_srv_share_info_1501(p, info-info1501, snum); break; default: DEBUG(5,(_srvsvc_NetShareGetInfo: unsupported switch value %d\n, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 54afca7 s3-waf: fix spoolssd compile. via 52882e7 s3-rpc_server: Fixed rpc_pipe_open_internal documentation. via cfe3e48 s3-rpc_server: Only allow embedded, daemon and external server type. via 1c5609b s3-spoolssd: Start the spoolss service correctly. via ba5938e s3-spoolssd: Register spoolssd endpoints. via 3fe8a94 s3-epmap: Make rpc_ep_setup_register an internal function. via 84dc7f8 s3-spoolssd: Fixed logfile creation. via 86c2e7f s3-spoolssd: Added missing include. via 56c5813 s3-spoolssd: Pass down event and messanging context. via 3df906d s3-spoolssd: Fixed reopening of logs. via 8bb609e s3:spoolssd Start spoolss from smbd via 953f9b9 s3:spoolssd Initialize the spoolss rpc interfaces via ef2e27c s3:spoolssd Add spoolss own signal handlers via e63d8bf s3:spoolssd handle smb.conf reloads directly via e9dd62b s3:spoolssd Create our own log file via be4e2cf s3:spoolssd Add skeleton for spoolss daemon via 7dbe832 s3:printing Make print_queue_receive public from bbf0762 s3: Use cli_ntcreate to when listing snapshots http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 54afca72d33d3ab291f41d101c3ed5ff88abefb7 Author: Günther Deschner g...@samba.org Date: Mon Mar 28 16:42:21 2011 +0200 s3-waf: fix spoolssd compile. Guenther Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 6a27928cedf31e7e76572775a7f6d4a9e2f01c95) commit 52882e79724e1bca0e847666c7a216e475627401 Author: Andreas Schneider a...@samba.org Date: Tue Mar 29 12:51:45 2011 +0200 s3-rpc_server: Fixed rpc_pipe_open_internal documentation. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 2cb797456a3fa016dff31b92bf846b316d47b8a2) commit cfe3e4886a168df63a78954ed5a80cae7819fca3 Author: Andreas Schneider a...@samba.org Date: Tue Mar 29 10:58:05 2011 +0200 s3-rpc_server: Only allow embedded, daemon and external server type. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 8dc58057382806d0ac5702321e5b0d4a5186bf6b) commit 1c5609b31a709a22edc60742cf60ca5c93fcf681 Author: Andreas Schneider a...@samba.org Date: Tue Mar 29 10:52:32 2011 +0200 s3-spoolssd: Start the spoolss service correctly. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 991fa3a5fecc05a01b2d3696fe23cba109de10c0) commit ba5938e6588ff7eaa4d8ba78caa860a1cfdab28d Author: Andreas Schneider a...@samba.org Date: Mon Mar 28 14:18:23 2011 +0200 s3-spoolssd: Register spoolssd endpoints. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 28b204601556105ad57d7ac69210eb75f248f764) commit 3fe8a9468299f1bf57e8ed96ffb3dfd7f26e0c0b Author: Andreas Schneider a...@samba.org Date: Mon Mar 28 14:18:00 2011 +0200 s3-epmap: Make rpc_ep_setup_register an internal function. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 8c635b669c557cfe6fb5de2bd90302ada54b0fb9) commit 84dc7f83d362da5b6393bbd9a579d289b0fc4745 Author: Andreas Schneider a...@samba.org Date: Mon Mar 28 14:30:29 2011 +0200 s3-spoolssd: Fixed logfile creation. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 80fe8fa8d0d2ec787e4d70a3553c1d4e066f4163) commit 86c2e7f9dcd53050db56624af88540910b402627 Author: Andreas Schneider a...@samba.org Date: Thu Mar 24 10:22:57 2011 +0100 s3-spoolssd: Added missing include. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit a956c57cf939d0a4cdd5793b129e1fa87e63fffd) commit 56c5813241e5815af782ac006b72aeb5cefd911e Author: Andreas Schneider a...@samba.org Date: Thu Jan 20 18:59:40 2011 +0100 s3-spoolssd: Pass down event and messanging context. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit c1b7c0c2b78417aac4365a03e858397324728605) commit 3df906dc8f2c64336121bf4e9e9670dcbc7929cf Author: Andreas Schneider a...@samba.org Date: Wed Aug 25 10:15:47 2010 +0200 s3-spoolssd: Fixed reopening of logs. Everytime the log was reopened a .spoolssd has been appended which resulted in long file names. Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit 851f95b121f2fc16ef5cc532b8ad818f5c32e69f) commit 8bb609eedd4698353aa8d394fec3677d2202244d Author: Simo Sorce sso...@redhat.com Date: Thu May 20 08:33:14 2010 -0400 s3:spoolssd Start spoolss from smbd Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit fe0e079bc12ebe2e9204ca492337dc754e13832b) commit 953f9b93730410027c0cdbf0e09edb658e2c93a7 Author: Simo Sorce i...@samba.org Date: Tue Jun 15
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 53bdf43 s3-vfs acl modules: more non-linux build fixes. via 33082d0 s3-passdb: move LOOKUP_NAME_ flags to passdb where they belong to. via 3253d5a s3-passdb: move some passdb defines to passdb.h via c8ed33a s3-proto: pure cosmetics, remove some generated comments. via 6206156 s3-winbind: try to fix the build on hosts w/o winbind support. via b09b694 s3-vfs_solarisacl: try to fix the solaris build. from 25b43d3 s3: Use cli_ntcreate to when listing snapshots http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 53bdf43acab2f8808fb205a719ff6323543a6440 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 15:14:05 2011 +0200 s3-vfs acl modules: more non-linux build fixes. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Mar 30 16:00:02 CEST 2011 on sn-devel-104 commit 33082d016ee27537af0514d5eebcdaf0360fa4f7 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 15:09:10 2011 +0200 s3-passdb: move LOOKUP_NAME_ flags to passdb where they belong to. Guenther commit 3253d5ad0515198083b0b185c06b659fc6972830 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 14:49:37 2011 +0200 s3-passdb: move some passdb defines to passdb.h Guenther commit c8ed33ae9c26a63fd8adffa2041fe46a2542f0ba Author: Günther Deschner g...@samba.org Date: Wed Mar 30 14:48:18 2011 +0200 s3-proto: pure cosmetics, remove some generated comments. Guenther commit 6206156465b32aa565a1f7fbabfc62d668985d68 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 14:03:13 2011 +0200 s3-winbind: try to fix the build on hosts w/o winbind support. Guenther commit b09b694dddfa4284b2c92d289694013e48b1e3f6 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 13:46:59 2011 +0200 s3-vfs_solarisacl: try to fix the solaris build. Guenther --- Summary of changes: source3/include/passdb.h | 29 + source3/include/proto.h | 55 - source3/include/smb.h | 50 -- source3/lib/winbind_util.c|2 +- source3/modules/vfs_afsacl.c |1 + source3/modules/vfs_aixacl.c |1 + source3/modules/vfs_hpuxacl.c |1 + source3/modules/vfs_irixacl.c |1 + source3/modules/vfs_posixacl.c|2 +- source3/modules/vfs_solarisacl.c |1 + source3/modules/vfs_tru64acl.c|1 + source3/modules/vfs_zfsacl.c |1 + source3/passdb/lookup_sid.h | 48 source3/winbindd/winbindd_getgroups.c |1 + source3/winbindd/winbindd_getpwnam.c |1 + 15 files changed, 88 insertions(+), 107 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/passdb.h b/source3/include/passdb.h index cae599b..855d253 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -41,6 +41,35 @@ #define GROUP_RID_TYPE 1 /* + * Flags for local user manipulation. + */ + +#define LOCAL_ADD_USER 0x1 +#define LOCAL_DELETE_USER 0x2 +#define LOCAL_DISABLE_USER 0x4 +#define LOCAL_ENABLE_USER 0x8 +#define LOCAL_TRUST_ACCOUNT 0x10 +#define LOCAL_SET_NO_PASSWORD 0x20 +#define LOCAL_SET_PASSWORD 0x40 +#define LOCAL_SET_LDAP_ADMIN_PW 0x80 +#define LOCAL_INTERDOM_ACCOUNT 0x100 +#define LOCAL_AM_ROOT 0x200 /* Act as root */ + +/* + * Size of new password account encoding string. This is enough space to + * hold 11 ACB characters, plus the surrounding [] and a terminating null. + * Do not change unless you are adding new ACB bits! + */ + +#define NEW_PW_FORMAT_SPACE_PADDED_LEN 14 + +/* Password history contants. */ +#define PW_HISTORY_SALT_LEN 16 +#define SALTED_MD5_HASH_LEN 16 +#define PW_HISTORY_ENTRY_LEN (PW_HISTORY_SALT_LEN+SALTED_MD5_HASH_LEN) +#define MAX_PW_HISTORY_LEN 24 + +/* * bit flags representing initialized fields in struct samu */ enum pdb_elements { diff --git a/source3/include/proto.h b/source3/include/proto.h index 91ff45d..c19e3a4 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2755,8 +2755,6 @@ NTSTATUS rpc_transport_tstream_init(TALLOC_CTX *mem_ctx, struct rpc_cli_transport **presult); struct cli_state *rpc_pipe_np_smb_conn(struct rpc_pipe_client *p); -/* The following definitions come from rpc_server/srv_eventlog_nt.c */ - /* The following definitions come from rpc_server/rpc_handles.c */ size_t num_pipe_handles(struct pipes_struct *p); @@ -2861,59 +2859,6 @@ char *valid_share_pathname(TALLOC_CTX *ctx, const char *dos_pathname); bool init_service_op_table( void ); bool shutdown_service_op_table(void); -/* The
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 220db5a s3-smbd: try to fix the irix build. from 53bdf43 s3-vfs acl modules: more non-linux build fixes. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 220db5aad629451d24fcf678a5aa2f3637bc5eeb Author: Günther Deschner g...@samba.org Date: Wed Mar 30 16:18:38 2011 +0200 s3-smbd: try to fix the irix build. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Mar 30 17:17:58 CEST 2011 on sn-devel-104 --- Summary of changes: source3/smbd/oplock_irix.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/oplock_irix.c b/source3/smbd/oplock_irix.c index d1be2ef..207952d 100644 --- a/source3/smbd/oplock_irix.c +++ b/source3/smbd/oplock_irix.c @@ -19,6 +19,7 @@ #define DBGC_CLASS DBGC_LOCKING #include includes.h +#include system/filesys.h #include smbd/smbd.h #include smbd/globals.h -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8f4e39f s3: Fix g_lock_lock after the select/poll conversion from 220db5a s3-smbd: try to fix the irix build. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8f4e39f6f7636ad36d686a52aaefc18a411a7f02 Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 16:38:31 2011 +0200 s3: Fix g_lock_lock after the select/poll conversion Without clustering we don't have an fd to listen on, and sys_poll needs one element of space Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Mar 30 18:36:50 CEST 2011 on sn-devel-104 --- Summary of changes: source3/lib/g_lock.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c index 7a9161e..184da9b 100644 --- a/source3/lib/g_lock.c +++ b/source3/lib/g_lock.c @@ -397,7 +397,7 @@ NTSTATUS g_lock_lock(struct g_lock_ctx *ctx, const char *name, status = NT_STATUS_NO_MEMORY; break; } - num_pollfds = 1; + num_pollfds = 0; #ifdef CLUSTER_SUPPORT if (lp_clustering()) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via d9f71d0 s3: Fix g_lock_lock after the select/poll conversion from 54afca7 s3-waf: fix spoolssd compile. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit d9f71d0b6a8dc9be89dc78dff081401940bfa57d Author: Volker Lendecke v...@samba.org Date: Wed Mar 30 16:38:31 2011 +0200 s3: Fix g_lock_lock after the select/poll conversion Without clustering we don't have an fd to listen on, and sys_poll needs one element of space Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Wed Mar 30 18:36:50 CEST 2011 on sn-devel-104 (cherry picked from commit 8f4e39f6f7636ad36d686a52aaefc18a411a7f02) --- Summary of changes: source3/lib/g_lock.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c index dfbcf84..35ff1f1 100644 --- a/source3/lib/g_lock.c +++ b/source3/lib/g_lock.c @@ -396,7 +396,7 @@ NTSTATUS g_lock_lock(struct g_lock_ctx *ctx, const char *name, status = NT_STATUS_NO_MEMORY; break; } - num_pollfds = 1; + num_pollfds = 0; #ifdef CLUSTER_SUPPORT if (lp_clustering()) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d546ade Change convert_string_internal() and convert_string_error() to bool return. via 048471d Fix the nstring calls to use the correct sizes. via c964744 This doesn't look like it has anything to do with character set conversion, but it does :-). from 8f4e39f s3: Fix g_lock_lock after the select/poll conversion http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d546adeab54af123eff66cee61a487c88b6ba61b Author: Jeremy Allison j...@samba.org Date: Wed Mar 30 10:27:04 2011 -0700 Change convert_string_internal() and convert_string_error() to bool return. Move closer to makeing all convert_string_XXX functions return bool. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Wed Mar 30 20:58:10 CEST 2011 on sn-devel-104 commit 048471d14b3ed65fe83e8f225e03af925aaf0c47 Author: Jeremy Allison j...@samba.org Date: Wed Mar 30 10:13:01 2011 -0700 Fix the nstring calls to use the correct sizes. commit c964744001cd231e585c5c5c9016becda145340b Author: Jeremy Allison j...@samba.org Date: Wed Mar 30 09:58:22 2011 -0700 This doesn't look like it has anything to do with character set conversion, but it does :-). Turns out one of the *really* significant differences between convert_string() in source4 and source3, is that the one in source3 will return 0 for byte length converted when called with dest_len = 0 whereas the one in source4 returns (size_t)-1 and sets errno to E2BIG. Allow the ndr_string code to cope with the (arguably correct) way that the source4 implementation works. This code only gets excercised in the print spooler tests, which aren't run in source4, which is why this bug has lasted for so long. You don't want to know how long it took me to find this :-). Jeremy. --- Summary of changes: librpc/ndr/ndr_string.c | 17 +--- source3/include/proto.h |2 +- source3/lib/charcnv.c | 97 ++ source3/lib/fstring.c | 18 + 4 files changed, 67 insertions(+), 67 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/ndr_string.c b/librpc/ndr/ndr_string.c index 402cf4e..9cc26da 100644 --- a/librpc/ndr/ndr_string.c +++ b/librpc/ndr/ndr_string.c @@ -705,17 +705,20 @@ _PUBLIC_ enum ndr_err_code ndr_push_charset(struct ndr_push *ndr, int ndr_flags, required = byte_mul * length; NDR_PUSH_NEED_BYTES(ndr, required); - ret = convert_string(CH_UNIX, chset, + + if (required) { + ret = convert_string(CH_UNIX, chset, var, strlen(var), ndr-data+ndr-offset, required); - if (ret == -1) { - return ndr_push_error(ndr, NDR_ERR_CHARCNV, + if (ret == -1) { + return ndr_push_error(ndr, NDR_ERR_CHARCNV, Bad character conversion); - } + } - /* Make sure the remaining part of the string is filled with zeroes */ - if (ret required) { - memset(ndr-data+ndr-offset+ret, 0, required-ret); + /* Make sure the remaining part of the string is filled with zeroes */ + if (ret required) { + memset(ndr-data+ndr-offset+ret, 0, required-ret); + } } ndr-offset += required; diff --git a/source3/include/proto.h b/source3/include/proto.h index c19e3a4..94c9245 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -77,7 +77,7 @@ void init_iconv(void); size_t convert_string(charset_t from, charset_t to, void const *src, size_t srclen, void *dest, size_t destlen); -size_t convert_string_error(charset_t from, charset_t to, +bool convert_string_error(charset_t from, charset_t to, void const *src, size_t srclen, void *dest, size_t destlen, size_t *converted_size); diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c index 7468540..76fa968 100644 --- a/source3/lib/charcnv.c +++ b/source3/lib/charcnv.c @@ -80,13 +80,15 @@ void init_iconv(void) * @param srclen length of the source string in bytes * @param dest pointer to destination string (multibyte or singlebyte) * @param destlen maximal length allowed for string - * @returns the number of bytes occupied in the destination + * @param converted size is the number of bytes occupied in the destination + * + * @returns false and sets errno on fail, true on success. * * Ensure the srclen contains the terminating zero. * **/ -static size_t convert_string_internal(charset_t from, charset_t to,
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 02f252a Add Samba-S-only logo to have an almost square logo 65x65 pixels for the GSoC website from b5245a3 Announce Samba 3.5.8. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 02f252aff7e9a7e40b98de13e8f420a48c4b36cc Author: Kai Blin k...@samba.org Date: Wed Mar 30 22:37:26 2011 +0200 Add Samba-S-only logo to have an almost square logo 65x65 pixels for the GSoC website Signed-off-by: Kai Blin k...@samba.org --- Summary of changes: style/2010/samba_2010_logo_transparent_s_only.png | Bin 0 - 7993 bytes .../samba_2010_logo_transparent_s_only_64x52.png | Bin 0 - 1048 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 style/2010/samba_2010_logo_transparent_s_only.png create mode 100644 style/2010/samba_2010_logo_transparent_s_only_64x52.png Changeset truncated at 500 lines: diff --git a/style/2010/samba_2010_logo_transparent_s_only.png b/style/2010/samba_2010_logo_transparent_s_only.png new file mode 100644 index 000..988d7b9 Binary files /dev/null and b/style/2010/samba_2010_logo_transparent_s_only.png differ diff --git a/style/2010/samba_2010_logo_transparent_s_only_64x52.png b/style/2010/samba_2010_logo_transparent_s_only_64x52.png new file mode 100644 index 000..b39556d Binary files /dev/null and b/style/2010/samba_2010_logo_transparent_s_only_64x52.png differ -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9ede19f s3-build: make it a little easier to build smbtorture4. via 3800bae s3-vfs: try to fix build of aio_fork module. from d546ade Change convert_string_internal() and convert_string_error() to bool return. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9ede19fdccaf09303012208129a093197403ef2c Author: Günther Deschner g...@samba.org Date: Wed Mar 30 22:24:42 2011 +0200 s3-build: make it a little easier to build smbtorture4. Only configure with --enable-socket-wrapper --enable-nss-wrapper --enable-uid-wrapper, not --enable-developer which turns on at least one -Werror switch. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Mar 30 23:12:42 CEST 2011 on sn-devel-104 commit 3800bae260ed3998317ce5e492a8f0a42fb2fd5f Author: Günther Deschner g...@samba.org Date: Wed Mar 30 22:24:18 2011 +0200 s3-vfs: try to fix build of aio_fork module. Guenther --- Summary of changes: source3/Makefile-smbtorture4 |2 +- source3/modules/vfs_aio_fork.c |3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/Makefile-smbtorture4 b/source3/Makefile-smbtorture4 index 939d4d4..4a1bed7 100644 --- a/source3/Makefile-smbtorture4 +++ b/source3/Makefile-smbtorture4 @@ -6,7 +6,7 @@ SAMBA4_BINARIES=smbtorture,ndrdump samba4-configure: @(cd .. \ CFLAGS='' $(WAF) reconfigure || \ - CFLAGS='' $(WAF) configure --enable-developer --nonshared-binary=$(SAMBA4_BINARIES) --enable-auto-reconfigure ) + CFLAGS='' $(WAF) configure --enable-socket-wrapper --enable-nss-wrapper --enable-uid-wrapper --nonshared-binary=$(SAMBA4_BINARIES) --enable-auto-reconfigure ) .PHONY: samba4-configure diff --git a/source3/modules/vfs_aio_fork.c b/source3/modules/vfs_aio_fork.c index fc8ffef..881bc51 100644 --- a/source3/modules/vfs_aio_fork.c +++ b/source3/modules/vfs_aio_fork.c @@ -20,8 +20,9 @@ */ #include includes.h -#include smbd/smbd.h +#include system/filesys.h #include system/shmem.h +#include smbd/smbd.h struct mmap_area { size_t size; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c109a70 Fix convert_string() to take a *converted_size arg. and return a bool. from 9ede19f s3-build: make it a little easier to build smbtorture4. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c109a70531de72eef30a695248b91704bd0c7c24 Author: Jeremy Allison j...@samba.org Date: Wed Mar 30 13:08:31 2011 -0700 Fix convert_string() to take a *converted_size arg. and return a bool. Makes these interfaces much harder to misuse and easier to ensure error checking. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104 --- Summary of changes: lib/tdr/tdr.c | 11 +++--- lib/util/charset/charcnv.c |6 ++-- lib/util/charset/charset.h |5 ++- lib/util/charset/util_unistr.c | 68 +--- librpc/ndr/ndr_string.c| 12 +++--- source3/include/proto.h|9 +++-- source3/lib/charcnv.c | 74 +-- source3/lib/dprintf.c |5 ++- source3/lib/fstring.c |7 ++-- source3/lib/smbldap.c |3 +- source3/smbd/mangle_hash2.c| 11 -- source3/torture/utable.c | 19 +++--- source3/web/cgi.c | 13 +-- source4/torture/basic/utable.c | 18 ++--- 14 files changed, 153 insertions(+), 108 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdr/tdr.c b/lib/tdr/tdr.c index 8ce238b..616cc98 100644 --- a/lib/tdr/tdr.c +++ b/lib/tdr/tdr.c @@ -174,7 +174,8 @@ NTSTATUS tdr_pull_charset(struct tdr_pull *tdr, TALLOC_CTX *ctx, const char **v, NTSTATUS tdr_push_charset(struct tdr_push *tdr, const char **v, uint32_t length, uint32_t el_size, charset_t chset) { - size_t ret, required; + size_t required, size = 0; + bool ret; if (length == -1) { length = strlen(*v) + 1; /* Extra element for null character */ @@ -183,14 +184,14 @@ NTSTATUS tdr_push_charset(struct tdr_push *tdr, const char **v, uint32_t length, required = el_size * length; TDR_PUSH_NEED_BYTES(tdr, required); - ret = convert_string(CH_UNIX, chset, *v, strlen(*v), tdr-data.data+tdr-data.length, required); - if (ret == -1) { + ret = convert_string(CH_UNIX, chset, *v, strlen(*v), tdr-data.data+tdr-data.length, required, size); + if (ret == false) { return NT_STATUS_INVALID_PARAMETER; } /* Make sure the remaining part of the string is filled with zeroes */ - if (ret required) { - memset(tdr-data.data+tdr-data.length+ret, 0, required-ret); + if (size required) { + memset(tdr-data.data+tdr-data.length+size, 0, required-size); } tdr-data.length += required; diff --git a/lib/util/charset/charcnv.c b/lib/util/charset/charcnv.c index 3b7dbb3..cefc788 100644 --- a/lib/util/charset/charcnv.c +++ b/lib/util/charset/charcnv.c @@ -184,12 +184,12 @@ _PUBLIC_ bool convert_string_handle(struct smb_iconv_handle *ic, case E2BIG: reason=No more room; if (from == CH_UNIX) { - DEBUG(0,(E2BIG: convert_string(%s,%s): srclen=%d destlen=%d - '%s'\n, + DEBUG(0,(E2BIG: convert_string_handle(%s,%s): srclen=%d destlen=%d - '%s'\n, charset_name(ic, from), charset_name(ic, to), (int)srclen, (int)destlen, (const char *)src)); } else { - DEBUG(0,(E2BIG: convert_string(%s,%s): srclen=%d destlen=%d\n, + DEBUG(0,(E2BIG: convert_string_handle(%s,%s): srclen=%d destlen=%d\n, charset_name(ic, from), charset_name(ic, to), (int)srclen, (int)destlen)); } @@ -233,7 +233,7 @@ _PUBLIC_ bool convert_string_talloc_handle(TALLOC_CTX *ctx, if (descriptor == (smb_iconv_t)-1 || descriptor == (smb_iconv_t)0) { /* conversion not supported, return -1*/ - DEBUG(3, (convert_string_talloc: conversion from %s to %s not supported!\n, + DEBUG(3, (convert_string_talloc_handle: conversion from %s to %s not supported!\n, charset_name(ic, from), charset_name(ic, to))); return false; diff --git a/lib/util/charset/charset.h b/lib/util/charset/charset.h index b17ceab..7374d6e 100644 --- a/lib/util/charset/charset.h +++ b/lib/util/charset/charset.h @@ -150,9 +150,10 @@ bool
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0e46e09 s3-samr: make getgrgid() failure a little more visible in _samr_CreateDomAlias(). via e54f292 s3-idmap: fix the build of idmap_hash on FreeBSD. via a730dff s3-libndr: add ../librpc/ndr/libndr.h include in some places. via 2352e7c s3-rpcclient: include rpc_client/cli_pipe.h globally in rpcclient.h via 5fcb4d3 rep_parse_prs: remove some dead, unused code. from c109a70 Fix convert_string() to take a *converted_size arg. and return a bool. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0e46e09122b43ff237ca45173129813a875767bd Author: Günther Deschner g...@samba.org Date: Thu Mar 31 00:08:57 2011 +0200 s3-samr: make getgrgid() failure a little more visible in _samr_CreateDomAlias(). Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Thu Mar 31 01:00:42 CEST 2011 on sn-devel-104 commit e54f292a4f4e9ea9726479333883d63035efc8d4 Author: Günther Deschner g...@samba.org Date: Thu Mar 31 00:08:19 2011 +0200 s3-idmap: fix the build of idmap_hash on FreeBSD. Guenther commit a730dff78318a0bfe8c6b2b8a2cefed63cc586e8 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 23:47:34 2011 +0200 s3-libndr: add ../librpc/ndr/libndr.h include in some places. Guenther commit 2352e7cb7fe43b2a3cb5c4876f21cd655823288a Author: Günther Deschner g...@samba.org Date: Wed Mar 30 23:21:42 2011 +0200 s3-rpcclient: include rpc_client/cli_pipe.h globally in rpcclient.h Guenther commit 5fcb4d328ce28e6c4f413f2b31d70e07818c0527 Author: Günther Deschner g...@samba.org Date: Wed Mar 30 23:17:25 2011 +0200 rep_parse_prs: remove some dead, unused code. Guenther --- Summary of changes: libgpo/gpo_sec.c |1 + source3/lib/tldap_util.c |1 + source3/libads/disp_sec.c|1 + source3/libads/dns.c |1 + source3/librpc/ndr/util.c|1 + source3/passdb/machine_account_secrets.c |1 + source3/passdb/pdb_ipa.c |1 + source3/registry/reg_parse_prs.c | 401 -- source3/registry/reg_parse_prs.h | 20 -- source3/rpc_server/samr/srv_samr_nt.c|2 +- source3/rpcclient/cmd_drsuapi.c |1 - source3/rpcclient/cmd_lsarpc.c |1 - source3/rpcclient/cmd_netlogon.c |1 - source3/rpcclient/cmd_samr.c |1 - source3/rpcclient/cmd_spoolss.c |1 - source3/rpcclient/cmd_test.c |1 - source3/rpcclient/rpcclient.c|1 - source3/rpcclient/rpcclient.h|2 + source3/winbindd/idmap_hash/mapfile.c|1 + 19 files changed, 11 insertions(+), 429 deletions(-) Changeset truncated at 500 lines: diff --git a/libgpo/gpo_sec.c b/libgpo/gpo_sec.c index 4e1612d..05b011b 100644 --- a/libgpo/gpo_sec.c +++ b/libgpo/gpo_sec.c @@ -21,6 +21,7 @@ #include libcli/security/security.h #include ../libgpo/gpo.h #include auth.h +#include ../librpc/ndr/libndr.h #if _SAMBA_BUILD_ == 4 #include libgpo/ads_convenience.h #include librpc/gen_ndr/security.h diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c index ae3dab3..a908301 100644 --- a/source3/lib/tldap_util.c +++ b/source3/lib/tldap_util.c @@ -22,6 +22,7 @@ #include tldap_util.h #include ../libcli/security/security.h #include ../lib/util/asn1.h +#include ../librpc/ndr/libndr.h bool tldap_entry_values(struct tldap_message *msg, const char *attribute, DATA_BLOB **values, int *num_values) diff --git a/source3/libads/disp_sec.c b/source3/libads/disp_sec.c index b06276e..7dcdc95 100644 --- a/source3/libads/disp_sec.c +++ b/source3/libads/disp_sec.c @@ -21,6 +21,7 @@ #include ads.h #include libads/ldap_schema.h #include ../libcli/security/secace.h +#include ../librpc/ndr/libndr.h /* for ADS */ #define SEC_RIGHTS_FULL_CTRL 0xf01ff diff --git a/source3/libads/dns.c b/source3/libads/dns.c index e7d8a40..113e637 100644 --- a/source3/libads/dns.c +++ b/source3/libads/dns.c @@ -20,6 +20,7 @@ #include includes.h #include libads/dns.h +#include ../librpc/ndr/libndr.h /* AIX resolv.h uses 'class' in struct ns_rr */ diff --git a/source3/librpc/ndr/util.c b/source3/librpc/ndr/util.c index a026ecc..6bbe054 100644 --- a/source3/librpc/ndr/util.c +++ b/source3/librpc/ndr/util.c @@ -20,6 +20,7 @@ */ #include includes.h +#include ../librpc/ndr/libndr.h #include librpc/ndr/util.h _PUBLIC_ void ndr_print_sockaddr_storage(struct ndr_print *ndr, const char *name, const struct sockaddr_storage *ss) diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index dcf37d1..a51a99c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b3ffcf8 lib/util/charset smb_panic() on incorrect use of strlen_m_ext via 7fe9bb8 lib/util/charset Add tests for strlen_m_ext() and convert_string_talloc() via d4f3a38 lib/util/charset Add wrapper to allow testing of strlen_m_ext() via 46db53b lib/util/charset correct calculation of UTF8 character sizes from 0e46e09 s3-samr: make getgrgid() failure a little more visible in _samr_CreateDomAlias(). http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b3ffcf888ca5c72b403e696d556e5af35a95534f Author: Andrew Bartlett abart...@samba.org Date: Thu Mar 31 10:32:52 2011 +1100 lib/util/charset smb_panic() on incorrect use of strlen_m_ext This may save a developer some time in the future. Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Thu Mar 31 02:40:31 CEST 2011 on sn-devel-104 commit 7fe9bb8c8410ce47c6256e2430905988ca3429a0 Author: Andrew Bartlett abart...@samba.org Date: Thu Mar 31 10:28:36 2011 +1100 lib/util/charset Add tests for strlen_m_ext() and convert_string_talloc() This convers a few more cases for convert_string_talloc() and introduces tests for strlen_m_ext() across complex multibyte strings. Andrew Bartlett commit d4f3a380e429b9b8a4960a11995846c2b0f8c85d Author: Andrew Bartlett abart...@samba.org Date: Thu Mar 31 10:27:41 2011 +1100 lib/util/charset Add wrapper to allow testing of strlen_m_ext() This allows test routines to force in particular character sets, and not rely on the smb.conf. Andrew Bartlett commit 46db53b1596cccdd22cf44dc376e39601f01c29c Author: Andrew Bartlett abart...@samba.org Date: Thu Mar 31 10:26:08 2011 +1100 lib/util/charset correct calculation of UTF8 character sizes Characters between 0x800 0x0 are 3 bytes long. Andrew Bartlett --- Summary of changes: lib/util/charset/charset.h |8 +++ lib/util/charset/tests/convert_string.c | 89 ++- lib/util/charset/util_str.c | 36 +++- 3 files changed, 128 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/charset/charset.h b/lib/util/charset/charset.h index 7374d6e..82396e1 100644 --- a/lib/util/charset/charset.h +++ b/lib/util/charset/charset.h @@ -111,6 +111,14 @@ struct smb_iconv_handle; #define strupper(s) strupper_m(s) char *strchr_m(const char *s, char c); +/** + * Calculate the number of units (8 or 16-bit, depending on the + * destination charset), that would be needed to convert the input + * string which is expected to be in in src_charset encoding to the + * destination charset (which should be a unicode charset). + */ +size_t strlen_m_ext_handle(struct smb_iconv_handle *ic, + const char *s, charset_t src_charset, charset_t dst_charset); size_t strlen_m_ext(const char *s, charset_t src_charset, charset_t dst_charset); size_t strlen_m_ext_term(const char *s, charset_t src_charset, charset_t dst_charset); diff --git a/lib/util/charset/tests/convert_string.c b/lib/util/charset/tests/convert_string.c index d57491c..5c7bdcb 100644 --- a/lib/util/charset/tests/convert_string.c +++ b/lib/util/charset/tests/convert_string.c @@ -180,6 +180,25 @@ static bool test_gd_iso8859_cp850(struct torture_context *tctx) (void *)gd_output.data, gd_output.length), conversion from (dos charset) ISO8859-1 to UTF16LE); torture_assert_data_blob_equal(tctx, gd_output, gd_utf16le, conversion from (dos charset) ISO8859-1 to UTF16LE); + torture_assert_int_equal(tctx, +strlen_m_ext_handle(iconv_handle, +(const char *)gd_iso8859_1.data, +CH_DOS, CH_UTF16LE), +gd_output.length / 2, +checking strlen_m_ext of round trip conversion of UTF16 latin charset greek to display charset UTF8 and back again); + + torture_assert(tctx, convert_string_talloc_handle(tctx, iconv_handle, + CH_DOS, CH_UTF8, + gd_iso8859_1.data, gd_iso8859_1.length, + (void *)gd_output.data, gd_output.length), + conversion from (dos charset) ISO8859-1 to UTF8); + torture_assert_data_blob_equal(tctx, gd_output, gd_utf8, conversion from (dos charset) ISO8859-1 to UTF8); + torture_assert_int_equal(tctx, +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 21193c8 Don't burn 2k of stack on every iconv, use the heap when it's a slow call. via f9a2f4f Fix bug #7996 - sgid bit lost on folder rename. via cf5ed92 SMBTA: make vfs_smb_traffic_analyzer aware of the sendfile and recvfile functionality and store the results as common read/write results. from b3ffcf8 lib/util/charset smb_panic() on incorrect use of strlen_m_ext http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 21193c8eeba6d03f680ad34acbbb4cff14d87809 Author: Jeremy Allison j...@samba.org Date: Wed Mar 30 18:13:05 2011 -0700 Don't burn 2k of stack on every iconv, use the heap when it's a slow call. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Thu Mar 31 04:09:09 CEST 2011 on sn-devel-104 commit f9a2f4f47c71e5054c05703e72c24f2f5a87d993 Author: Jeremy Allison j...@samba.org Date: Wed Mar 30 18:00:09 2011 -0700 Fix bug #7996 - sgid bit lost on folder rename. Refuse to set dos attributes into unix mode bits on such a folder. commit cf5ed92bb78806403a857b371ef15f985a4e2b64 Author: Holger Hetterich hhet...@novell.com Date: Tue Mar 29 22:16:10 2011 +0200 SMBTA: make vfs_smb_traffic_analyzer aware of the sendfile and recvfile functionality and store the results as common read/write results. --- Summary of changes: lib/util/charset/iconv.c | 41 -- source3/modules/vfs_smb_traffic_analyzer.c | 42 +++- source3/smbd/dosmode.c | 21 ++ source3/smbd/posix_acls.c |2 +- source3/smbd/proto.h |1 + 5 files changed, 89 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/charset/iconv.c b/lib/util/charset/iconv.c index e3cdbdf..24434ec 100644 --- a/lib/util/charset/iconv.c +++ b/lib/util/charset/iconv.c @@ -164,32 +164,41 @@ _PUBLIC_ size_t smb_iconv(smb_iconv_t cd, const char **inbuf, size_t *inbytesleft, char **outbuf, size_t *outbytesleft) { - char cvtbuf[2048]; - size_t bufsize; - /* in many cases we can go direct */ if (cd-direct) { return cd-direct(cd-cd_direct, inbuf, inbytesleft, outbuf, outbytesleft); } - /* otherwise we have to do it chunks at a time */ - while (*inbytesleft 0) { - char *bufp1 = cvtbuf; - const char *bufp2 = cvtbuf; + { +#ifndef SMB_ICONV_BUFSIZE +#define SMB_ICONV_BUFSIZE 2048 +#endif + size_t bufsize; + char *cvtbuf = talloc_array(cd, char, SMB_ICONV_BUFSIZE); - bufsize = sizeof(cvtbuf); - - if (cd-pull(cd-cd_pull, -inbuf, inbytesleft, bufp1, bufsize) == -1 -errno != E2BIG) return -1; + if (!cvtbuf) { + return (size_t)-1; + } - bufsize = sizeof(cvtbuf) - bufsize; + while (*inbytesleft 0) { + char *bufp1 = cvtbuf; + const char *bufp2 = cvtbuf; - if (cd-push(cd-cd_push, -bufp2, bufsize, -outbuf, outbytesleft) == -1) return -1; + bufsize = SMB_ICONV_BUFSIZE; + + if (cd-pull(cd-cd_pull, +inbuf, inbytesleft, bufp1, bufsize) == -1 +errno != E2BIG) return -1; + + bufsize = SMB_ICONV_BUFSIZE - bufsize; + + if (cd-push(cd-cd_push, +bufp2, bufsize, +outbuf, outbytesleft) == -1) return -1; + } + talloc_free(cvtbuf); } return 0; diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c index 9f968b0..48251bb 100644 --- a/source3/modules/vfs_smb_traffic_analyzer.c +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -748,6 +748,44 @@ static int smb_traffic_analyzer_mkdir(vfs_handle_struct *handle, \ return s_data.result; } +static ssize_t smb_traffic_analyzer_sendfile(vfs_handle_struct *handle, + int tofd, + files_struct *fromfsp, + const DATA_BLOB *hdr, + SMB_OFF_T offset, + size_t n) +{ + struct rw_data s_data; + s_data.len = SMB_VFS_NEXT_SENDFILE(handle, + tofd, fromfsp, hdr, offset, n); + s_data.filename =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7cd5a79 Arg. I hate the if (xxx) return foo all on one line style of code. from 21193c8 Don't burn 2k of stack on every iconv, use the heap when it's a slow call. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7cd5a79cd45fdc10d73ff32d81c4d86c5613f347 Author: Jeremy Allison j...@samba.org Date: Wed Mar 30 19:27:29 2011 -0700 Arg. I hate the if (xxx) return foo all on one line style of code. Fix the talloc leaks I introduced by not spotting these returns. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Thu Mar 31 05:19:34 CEST 2011 on sn-devel-104 --- Summary of changes: lib/util/charset/iconv.c | 10 -- 1 files changed, 8 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/charset/iconv.c b/lib/util/charset/iconv.c index 24434ec..74b931f 100644 --- a/lib/util/charset/iconv.c +++ b/lib/util/charset/iconv.c @@ -190,13 +190,19 @@ _PUBLIC_ size_t smb_iconv(smb_iconv_t cd, if (cd-pull(cd-cd_pull, inbuf, inbytesleft, bufp1, bufsize) == -1 -errno != E2BIG) return -1; +errno != E2BIG) { + talloc_free(cvtbuf); + return -1; + } bufsize = SMB_ICONV_BUFSIZE - bufsize; if (cd-push(cd-cd_push, bufp2, bufsize, -outbuf, outbytesleft) == -1) return -1; +outbuf, outbytesleft) == -1) { + talloc_free(cvtbuf); + return -1; + } } talloc_free(cvtbuf); } -- Samba Shared Repository