Re: [Samba] winbind stop working
Il 04/05/2012 23:47, Kevin Elliott ha scritto: So what's happening is that the idmap cache is expiring but winbind is unable to create new entries until its restarted? Here's my idmap cache values: idmap backend = tdb idmap alloc backend = idmap cache time = 604800 idmap negative cache time = 120 idmap uid = 1-7 idmap gid = 1-7 winbind separator = + winbind cache time = 300 winbind reconnect delay = 30 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind trusted domains only = No winbind nested groups = Yes winbind expand groups = 1 winbind nss info = template winbind refresh tickets = No winbind offline logon = No winbind normalize names = No After playing with parameters I found that lowering idmap cache time has some effects. Now, with a value of 300, looks good. I have to do other tests to understand what is happening, but it seems a good staring point. Daniele -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] About Samba running in a Solaris 11 Express container
Hi Samba Gurus, Would like to check if Samba release (latest 3.6.5) is already supporting Solaris 11 Express (x86) running in non-global zone or only in global-zone ? Appreciate highlight any pre-requisite. Thx a lot, Sam -- Oracle Tagliine Sam Sit | Sr Manager, ACS Delivery Phone: HYPERLINK tel:+85233657403+85233657403 | | Fax: HYPERLINK fax:+85233657403+85233657403 | | Mobile: HYPERLINK tel:+85296689998+85296689998 | Oracle Customer Services, ACS ORACLE Hong Kong HK HYPERLINK http://www.oracle.com/commitment; \nGreen Oracle Oracle is committed to developing practices and products that help protect the environment -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba ADS security mode not accesible by work group computer
Dear Concern, I have little problem regerding samba share i had tried my best to search it from internet but cant get it.samba security mode is ADS and domain (Server 2003 SP2) is joined successfully each domain member/user can access its shares but i cant access these shares from a work group(not joined domain) computer windows having XP or win 7.i had chaged the security options on workgroup computer's console Send unencrypted password to third party SMB srver i have enabled this option and also changed the second option NETWORK SECURITY:LAN MANAGER AUTHENTICATION LEVEL:SEND LM NTLM-USE NTLMV2 SESSION SECURITY IF NEGOTIATED and important thing to mention here is that iam using fedora 14.kernal 3.5.5-68. before this i was using RHEL 5.1 and it doesnot create such kind of problem for this same configuration... plz help me about this i am stuck up and having a lot of problem ... i waiting for your kind response -- Regards, ADNAN JAHANGIR -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help with migration
Hello to all, my name is Alejandro and I have a little question to anyone of this list. I´ve created ,6 years ago, an ldap+smb proyect for a big company. Back then, samba (Lenny server) only worked with NT hashes but now (Squeeze server) they want to authenticate with Win7 (ntlm2 protocols) And configurating windows7 to accept old NT hashes is not an exit. I want to update ONLY the smb package from samba (2:3.2.5-4lenny15) to samba (2:3.5.6~dfsg-3squeeze8). PD: I'm using an OLD and modified by myself openldap version so i cant touch it. My question is this: Have someone of you did this kind of migration any time? can you give me advices? i need to know if something could go wrong in the relation with openldap. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with migration
Hello Alejandro, Probably to check all the details you need to create a build environment, at first. It's the general advice. As for your question, I had samba-3.5 server (upgraded from 3.0.28) which was able to authenticate all windows: from win98 to win7 (domain members). So I think it's possible to do. Actually I cannot recall any problems I had during the upgrade process, except very little ones. I used 'SerNet' samba builds (btw, many thanks to them!) --- wbr, Denis. On Fri, May 4, 2012 at 8:17 PM, Alejandro Iacobelli aiacobe...@khutech.com.ar wrote: Hello to all, my name is Alejandro and I have a little question to anyone of this list. I´ve created ,6 years ago, an ldap+smb proyect for a big company. Back then, samba (Lenny server) only worked with NT hashes but now (Squeeze server) they want to authenticate with Win7 (ntlm2 protocols) And configurating windows7 to accept old NT hashes is not an exit. I want to update ONLY the smb package from samba (2:3.2.5-4lenny15) to samba (2:3.5.6~dfsg-3squeeze8). PD: I'm using an OLD and modified by myself openldap version so i cant touch it. My question is this: Have someone of you did this kind of migration any time? can you give me advices? i need to know if something could go wrong in the relation with openldap. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with migration
You may want to set up a test environment. I have not been able to get NTLMv2 working properly. I believe enabling NTLMv2 should still systems to negotiate ver 2 but that didn't happen- at least I was unable to login from a Windows 2003 client with a samba PDC. NTLMv2 uses better encryption for authenticating the users than NTLM v1 but I am not sure if the actual password itself gets store differently in LDAP.I think the same hash mechanism is used to store the password. I upgrade from samba 3.0.x to samba 3.4.x. (both with LDAP backend.) I believe some of the issues I found were - the nobody user and nobody group need to be explicitly mapped - some functionality with domain trusts were fixed, others broken - I may have needed to explicitly grant privilegedes to the Domain Administrators group. (But that may have been because I initially mixed up the group mapping for some groups.) At some point joining machines to the domain got a little trickier.I need to make sure that some samba attributes were precreated type: sambaPrimaryGroupSID value:S-1-5-21-XXX-XXX-XXX-515 type: sambaAccountFlags value: [W ] I am not sure if this issue happened with samba 3.4.x or would have happened in 3.1.x, 3.2x or 3.3.x. It may also be a schema checking hiccup on the LDAP server. On 05/07/12 05:54, Denis Fateyev wrote: Hello Alejandro, Probably to check all the details you need to create a build environment, at first. It's the general advice. As for your question, I had samba-3.5 server (upgraded from 3.0.28) which was able to authenticate all windows: from win98 to win7 (domain members). So I think it's possible to do. Actually I cannot recall any problems I had during the upgrade process, except very little ones. I used 'SerNet' samba builds (btw, many thanks to them!) --- wbr, Denis. On Fri, May 4, 2012 at 8:17 PM, Alejandro Iacobelli aiacobe...@khutech.com.ar wrote: Hello to all, my name is Alejandro and I have a little question to anyone of this list. I´ve created ,6 years ago, an ldap+smb proyect for a big company. Back then, samba (Lenny server) only worked with NT hashes but now (Squeeze server) they want to authenticate with Win7 (ntlm2 protocols) And configurating windows7 to accept old NT hashes is not an exit. I want to update ONLY the smb package from samba (2:3.2.5-4lenny15) to samba (2:3.5.6~dfsg-3squeeze8). PD: I'm using an OLD and modified by myself openldap version so i cant touch it. My question is this: Have someone of you did this kind of migration any time? can you give me advices? i need to know if something could go wrong in the relation with openldap. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] unknown files of samba server
Hi Im maintaining a samba server and Im with an unknown files inside /var/spool/samba. It seems to refer users but I don't know If I can delete something or not. files are type -rw--- 1 usuari Domain Users0 2012-03-07 17:05 smbprn.4993.KyICia Someone knows what is it? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] unknown files of samba server
I believe that is a print job. since the date is a couple month old, and the size is zero, I believe that it would be safe to delete. --- CONFIDENTIALITY WARNING: Pseudo-legal disclaimers do not buy you or your employer any legal recourse for leaked information. E-mail messages should never contain privileged or confidential information. Always treat e-mail as public. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of deconya Sent: Monday, May 07, 2012 10:35 AM To: samba@lists.samba.org Subject: [Samba] unknown files of samba server Hi Im maintaining a samba server and Im with an unknown files inside /var/spool/samba. It seems to refer users but I don't know If I can delete something or not. files are type -rw--- 1 usuari Domain Users0 2012-03-07 17:05 smbprn.4993.KyICia Someone knows what is it? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4: fileserver and Posix ACL's
Hi Scenario: user steve member of group called staff share called 'reports' with permissions 0750 root:staff When steve tries to access reports on xp or win7 he gets permission denied. We have to set 'reports' to 0755 for steve to have access. No amount of security tab work on the share in windows will allow him entry. We only want members of the group staff in reports but we can't if we have to set it 0755. The same scenario over kerberized nfs to Linux clients respects the access fine. Is this a spin off of the samba4 fileserver not being recommended at the moment? Will this be fixed with s3fs? Will s3fs need a reprovision when available. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Nt acl inherit on samba4
Hi there, I want to know if there is any setting at smb.conf at Samba4 that could works like nt acl inherit = true per share config, as it did on samba 3.5.x. Thanks for your help. German Molano -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to build Samba4 using static linked libraries
Hi All: I am building the torture/smbtorture forsamba-4.0.0alpha17. After build, I am running the test in another environment. I not only need to copy the binary smbtorture, I also need to copy the shared libraries. This is HUGE inconvenient for us. Could somebody tell me how to build the binary using static linked libraries? Thanks very much Peixing libpthread.so.0 = /lib64/libpthread.so.0 (0x00374540) libcmdline-credentials.so = not found libldb.so.1 = not found libcli-nbt.so = not found libsamdb-common.so = not found libsmbclient.so.0 = /usr/lib64/libsmbclient.so.0 (0x2b7566e79000) libsmbclient-raw.so.0 = not found libtevent-util.so.0 = not found libreplace.so = not found libcluster.so = not found libsamba-credentials.so.0 = not found libUTIL_TDB.so = not found libndr-samba.so = not found libauthkrb5.so = not found libsamba-hostconfig.so.0 = not found libldbsamba.so = not found libcliauth.so = not found liberrors.so = not found libnetapi.so.0 = not found libsamdb.so.0 = not found libndr-samba4.so = not found libwbclient.so.0 = not found libshares.so = not found libsmbpasswdparser.so = not found libcli-ldap.so = not found libdcerpc-binding.so.0 = not found libevents.so = not found libgensec.so.0 = not found libtorture.so.0 = not found libsamba-net.so = not found libdcerpc.so.0 = not found libdsdb-module.so = not found libregistry.so.0 = not found libasn1util.so = not found libtevent.so.0 = not found libsamba-sockets.so = not found libcli_cldap.so = not found libnetif.so = not found libtdb-wrap.so = not found libservice.so = not found libndr.so.0 = not found libtalloc.so.2 = not found libauth4.so = not found libntvfs.so = not found libdcerpc-samba.so = not found libndr-standard.so.0 = not found -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] transfer users after samba upgrade to new server
On 05/06/2012 10:14 AM, Bill Szkotnicki wrote: Hi, I want to transfer all of my users from an older version of samba to a new one here. The old version is 3.0.28 and the file with user passwords is /etc/samba/smbpasswd and the new version is 3.6.5 and there does not seem to be that file anymore. I think the user info is now in /var/lib/samba/private/passdb.tdb /var/lib/samba/private/secrets.tdb My question is how to transport my users to my new system? i.e. How to convert /etc/samba/smbpasswd -- /var/lib/samba/private/passdb.tdb Any suggestions would be greatly appreciated. Bill Bill, The smbpasswd backend is still available; it's just no longer the default. You must explicitly state passdb backend = smbpasswd in smb.conf. To convert, copy the smbpasswd file from the old machine to the new one, then follow the example in the Samba HowTo under Account Import/Export found at http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#pdbeditthing Good luck. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to build Samba4 using static linked libraries
On Mon, May 07, 2012 at 02:23:22PM -0400, peixing@emc.com wrote: I am building the torture/smbtorture for samba-4.0.0alpha17. After build, I am running the test in another environment. I not only need to copy the binary smbtorture, I also need to copy the shared libraries. This is HUGE inconvenient for us. Could somebody tell me how to build the binary using static linked libraries? For me if I do a ./autogen.sh; ./configure.developer; make; make bin/smbtorture4 in the source3 directory, bin/smbtorture4 links only against system libs. You might want to try that. With best regards, Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to build Samba4 using static linked libraries
Hi, I am building the torture/smbtorture forsamba-4.0.0alpha17. After build, I am running the test in another environment. I not only need to copy the binary smbtorture, I also need to copy the shared libraries. This is HUGE inconvenient for us. Could somebody tell me how to build the binary using static linked libraries? Take a look at https://gitweb.samba.org/?p=samba.git;a=blob;f=source3/Makefile-smbtorture4; This should build a statically linked smbtorture4: cd source3 ./configure.developer make bin/smbtorture4 metze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to build Samba4 using static linked libraries
Thanks very much for answers from both Stefan and Volker. The solutions from both of you are built for source3/torture/ I actually want to build the smbtorture using source code under source4/torture/smb2 I am trying the solutions you gave, but not sure if they apply to source4/torture/smb2. Thanks a lot Peixing -Original Message- From: Stefan (metze) Metzmacher [mailto:me...@samba.org] Sent: Monday, May 07, 2012 3:48 PM To: Sun, Peixing Cc: samba-techni...@lists.samba.org; samba@lists.samba.org Subject: Re: How to build Samba4 using static linked libraries Hi, I am building the torture/smbtorture forsamba-4.0.0alpha17. After build, I am running the test in another environment. I not only need to copy the binary smbtorture, I also need to copy the shared libraries. This is HUGE inconvenient for us. Could somebody tell me how to build the binary using static linked libraries? Take a look at https://gitweb.samba.org/?p=samba.git;a=blob;f=source3/Makefile-smbtorture4; This should build a statically linked smbtorture4: cd source3 ./configure.developer make bin/smbtorture4 metze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to build Samba4 using static linked libraries
I did following steps and building failed. Under dir: samba-4.0.0alpha17, I did: ./configure.developer; Then type: make all; I got following error: If I use ./configure under samba-4.0.0alpha17, I could build source4/torture/smb2 using shared libraries. Please note that there is no configure file under source4. Thanks for help Peixing Waf: Entering directory `/mnt/ip-dart-qa/Personal_Folders/sunp/samba-4.0.0alpha17/bin' bld.curdir /root/samba-4.0.0alpha17/lib/replace/../../buildtools/wafsamba is not a child of /mnt/ip-dart-qa/Personal_Folders/sunp/samba-4.0.0alpha17 /root/samba-4.0.0alpha17/wscript: error: Traceback (most recent call last): File /mnt/ip-dart-qa/Personal_Folders/sunp/samba-4.0.0alpha17/buildtools/bin/.waf-1.5.19-99e3e36c10f9f8c669e9625176121647/wafadmin/Utils.py, line 474, in recurse exec(compile(txt,file_path,'exec'),dc) File /root/samba-4.0.0alpha17/wscript_build, line 32, in ? bld.RECURSE('lib/replace') File ./buildtools/wafsamba/samba_utils.py, line 463, in RECURSE return ctx.add_subdirs(relpath) File /mnt/ip-dart-qa/Personal_Folders/sunp/samba-4.0.0alpha17/buildtools/bin/.waf-1.5.19-99e3e36c10f9f8c669e9625176121647/wafadmin/Build.py, line 646, in add_subdirs self.recurse(dirs,'build') File /mnt/ip-dart-qa/Personal_Folders/sunp/samba-4.0.0alpha17/buildtools/bin/.waf-1.5.19-99e3e36c10f9f8c669e9625176121647/wafadmin/Utils.py, line 461, in recurse f(self) File /root/samba-4.0.0alpha17/lib/replace/wscript, line 398, in build bld.RECURSE('buildtools/wafsamba') File ./buildtools/wafsamba/samba_utils.py, line 463, in RECURSE return ctx.add_subdirs(relpath) File /mnt/ip-dart-qa/Personal_Folders/sunp/samba-4.0.0alpha17/buildtools/bin/.waf-1.5.19-99e3e36c10f9f8c669e9625176121647/wafadmin/Build.py, line 646, in add_subdirs self.recurse(dirs,'build') File /mnt/ip-dart-qa/Personal_Folders/sunp/samba-4.0.0alpha17/buildtools/bin/.waf-1.5.19-99e3e36c10f9f8c669e9625176121647/wafadmin/Utils.py, line 461, in recurse f(self) File /root/samba-4.0.0alpha17/lib/replace/../../buildtools/wafsamba/wscript, line 404, in build raise Utils.WafError('''The top source directory has moved. Please run distclean and reconfigure''') WafError: The top source directory has moved. Please run distclean and reconfigure -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of peixing@emc.com Sent: Monday, May 07, 2012 6:22 PM To: me...@samba.org; volker.lende...@sernet.de Cc: samba@lists.samba.org; samba-techni...@lists.samba.org Subject: Re: [Samba] How to build Samba4 using static linked libraries Thanks very much for answers from both Stefan and Volker. The solutions from both of you are built for source3/torture/ I actually want to build the smbtorture using source code under source4/torture/smb2 I am trying the solutions you gave, but not sure if they apply to source4/torture/smb2. Thanks a lot Peixing -Original Message- From: Stefan (metze) Metzmacher [mailto:me...@samba.org] Sent: Monday, May 07, 2012 3:48 PM To: Sun, Peixing Cc: samba-techni...@lists.samba.org; samba@lists.samba.org Subject: Re: How to build Samba4 using static linked libraries Hi, I am building the torture/smbtorture forsamba-4.0.0alpha17. After build, I am running the test in another environment. I not only need to copy the binary smbtorture, I also need to copy the shared libraries. This is HUGE inconvenient for us. Could somebody tell me how to build the binary using static linked libraries? Take a look at https://gitweb.samba.org/?p=samba.git;a=blob;f=source3/Makefile-smbtorture4; This should build a statically linked smbtorture4: cd source3 ./configure.developer make bin/smbtorture4 metze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to build Samba4 using static linked libraries
On Mon, 2012-05-07 at 18:21 -0400, peixing@emc.com wrote: Thanks very much for answers from both Stefan and Volker. The solutions from both of you are built for source3/torture/ I actually want to build the smbtorture using source code under source4/torture/smb2 I am trying the solutions you gave, but not sure if they apply to source4/torture/smb2. Yes, this is a recursive invocation of the waf build from the autoconf build, which (by design) produces the static linked smbtorture4 that you desire. You can of course produce this directly at the top level build, just follow the pattern in the Makefile-smbtorture4 that was indicated. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba ADS security mode not accesible by work group computer
From: Adnan Jahangir writetooad...@googlemail.com Date: Mon, 7 May 2012 11:17:20 +0500 Dear Concern, I have little problem regerding samba share i had tried my best to search it from internet but cant get it.samba security mode is ADS and domain (Server 2003 SP2) is joined successfully each domain member/user can access its shares but i cant access these shares from a work group(not joined domain) computer windows having XP or win 7. How did you input your username when you accessed from workgroup computers? I think if you input DOMAIN\UserName pattern and correct password, you would access without any security changes. See map untrusted to domain parameter in smb.conf(5) --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: fileserver and Posix ACL's
On Mon, 2012-05-07 at 19:12 +0200, steve wrote: Hi Scenario: user steve member of group called staff share called 'reports' with permissions 0750 root:staff When steve tries to access reports on xp or win7 he gets permission denied. We have to set 'reports' to 0755 for steve to have access. No amount of security tab work on the share in windows will allow him entry. We only want members of the group staff in reports but we can't if we have to set it 0755. The same scenario over kerberized nfs to Linux clients respects the access fine. Is this a spin off of the samba4 fileserver not being recommended at the moment? Yes Will this be fixed with s3fs? Yes Will s3fs need a reprovision when available. No. At most you will need to set some settings into the smb.conf, until it is made the default. I hope this clarifies things. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Franky vs s3fs vs ...
On Fri, 2012-05-04 at 12:27 +0200, steve wrote: Hi We don't use winbind either and we also use nslcd (what a superb piece of kit). We simply store the rfc2307 attributes in the dn of the user or group and have setup scripts to manipulate uses and groups in this way. All I'm looking for is an altrernative to the file sever that ships with S4 at the moment. I think the new fileserver will become stable soon. Just looking at the possibilites for having something now rather than wait. Franky on the same box is attractive. Steve, Attempting to run Franky at this point will give you more, not less pain. There isn't some magic solution that we are hiding from you. We are working to allow smbd to become the default file server in Samba 4.0, and have added the --use-s3fs option to provision to allow early adopters to test it for us. However, we do not recommend it at this stage, as in particular it fails to correctly set ACLs for group policy objects. This is the last issue we hope that is blocking us changing, but in the meantime switching to 'Franky' won't solve these issues as they are common to any use of smbd in a Samba4 AD DC. If you do, you will instead bring up other issues that we have spent the time since the Franky proposal was made correcting or working around (such as not using the correct authentication plugins, needing to manually forward the correct pipes etc). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] testing samba 4 alongside samba 3
On Thu, 2012-05-03 at 14:59 +0200, Stefan Mueller wrote: ** hello folks, all started with searching for an MS exchange server connector to fetch my office my by Thunderbord on my private machine. So far I used Davmaill (OWA) but I'm not that satisfied, so I found OpenChange but that needs Samba4 installed on my NAS. So I was checking the Samba wiki and mailing archive but I'm bit confused. There are several version available, plus franky, what seemed to be not supported anymore, according to the wiki. We are working to release Samba 4.0 with the smbd file server. The name for the current effort in this area is s3fs: https://wiki.samba.org/index.php/Samba4/s3fs Many of the ideas that first started with Franky have been incorporated into the master branch, and a Samba 4.0 release will not require any special configuration to be both a great file server and a AD DC. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] CTDB repository - branch 1.0.114 updated - ctdb-1.0.114.4-15-g44e5406
The branch, 1.0.114 has been updated via 44e540648477217e37ba43f664124e0996b4496b (commit) via e14a771817182547c6b72cab81f33c1469fad925 (commit) via 2a6e17e75f73e492d0da118ef00e8d37d6a7fa07 (commit) via 2bbf862517e10f38a4271bfd1a62e788ce7b81a5 (commit) via 57d4c6c50082603e8ddbe77f969dc0bffe8452f5 (commit) via 839e59a153f176089dc38e73ffdce8c05bf3d09b (commit) via bf26780c46a2fb9ce799bec6ea5e80abd0c1644e (commit) via 86d02ccdac9873fff646c0aec1b7d9719332ba37 (commit) via 8070ab284e311d4eea9e46e0121944d4b7139b07 (commit) via dce8248b16ea51a19026fb8d1256a06af13af786 (commit) via 41a5e9b5f51633b6c20f3ab08977f2004d95bde5 (commit) via f730da217c0ec2e72c37f4cc4f69ce7373c81791 (commit) via 821af530cfffe8573c97b4c98490dc4b2d2db931 (commit) via badde008663e15e7d43c98b1a1fd14338922dd8f (commit) via ae5ef4997e474092e1a07ef52ca2f02fb9368bf6 (commit) from 10dce70bf8a238702a5b81ffa8ea89edea9fc61f (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.0.114 - Log - commit 44e540648477217e37ba43f664124e0996b4496b Author: Michael Adam ob...@samba.org Date: Mon May 7 11:51:28 2012 +0200 New version 1.0.114.5. commit e14a771817182547c6b72cab81f33c1469fad925 Author: Michael Adam ob...@samba.org Date: Wed Feb 23 17:39:57 2011 +0100 recover: finish pending trans3 commits when a recovery is finished. When the end_recovery control is received, pending trans3 commits are finished. During the recovery, all the actions like persistent_callback and persistent_store_timeout had been disabled to let the recovery do its job. After the recover is completed, send the reply to the waiting clients. (cherry picked from commit f7dfeb7143f574c2434f7dd16917380dfd1f4f64) Signed-off-by: Michael Adam ob...@samba.org commit 2a6e17e75f73e492d0da118ef00e8d37d6a7fa07 Author: Michael Adam ob...@samba.org Date: Wed Feb 23 17:38:40 2011 +0100 persistent: add ctdb_persistent_finish_trans3_commits(). This function walks all databases and checks for running trans3 commits. It sends replies to all of them (with error code) and ends them. To be called when a recovery finishes. (cherry picked from commit 70ba153b532528bdccea70c5ea28972257f384c1) Signed-off-by: Michael Adam ob...@samba.org commit 2bbf862517e10f38a4271bfd1a62e788ce7b81a5 Author: Michael Adam ob...@samba.org Date: Wed Feb 23 17:37:42 2011 +0100 daemon: correctly end a running trans3_commit if the client disconnects. (cherry picked from commit 9e0898db6df52d9bc799dd87bfea8c72d5f70ba0) Signed-off-by: Michael Adam ob...@samba.org commit 57d4c6c50082603e8ddbe77f969dc0bffe8452f5 Author: Michael Adam ob...@samba.org Date: Wed Feb 23 17:35:27 2011 +0100 persistent: add a client context to the persistent_stat and track the db_id The db_id is tracked in the client context as an indication that a transaction commit is in progress. This is cleared in the persistent_state talloc destructor. This is in order to properly treat running trans3_commits if the client disconnects. (cherry picked from commit e886ff24f4e3e250944289db95916b948893d26c) Signed-off-by: Michael Adam ob...@samba.org commit 839e59a153f176089dc38e73ffdce8c05bf3d09b Author: Michael Adam ob...@samba.org Date: Wed Feb 23 00:03:07 2011 +0100 persistent: reject trans3_control when a commit is already active. This should actually never happen. (cherry picked from commit f416e76838fe2adf629d4356d1cc87054b1af164) Signed-off-by: Michael Adam ob...@samba.org commit bf26780c46a2fb9ce799bec6ea5e80abd0c1644e Author: Michael Adam ob...@samba.org Date: Wed Feb 23 00:01:13 2011 +0100 persistent: allocate the persistent state in the ctdb_db struct in trans3_commit Make sure that ctdb_db-persistent_state is correctly NULL-ed when the state is freed. This way, we can use ctdb_db-persistent_state as an indication for whether a transaction commit is currently running. (cherry picked from commit 761cb235193564a0f337d0308f0a9e6de0ef2710) Signed-off-by: Michael Adam ob...@samba.org commit 86d02ccdac9873fff646c0aec1b7d9719332ba37 Author: Michael Adam ob...@samba.org Date: Wed Feb 23 00:23:18 2011 +0100 persistent: add a ctdb_db context to the ctdb_persistent_state struct. (cherry picked from commit a14917c983c3b9bbbf38f5ddeecdbbe5bde32364) Signed-off-by: Michael Adam ob...@samba.org commit 8070ab284e311d4eea9e46e0121944d4b7139b07 Author: Michael Adam ob...@samba.org Date: Wed Feb 23 00:00:04 2011 +0100 persistent: add a ctdb_persistent_state member to the ctdb_db context. To be used for tracking running transaction commits through recoveries. (Backported from commit
[SCM] CTDB repository - annotated tag ctdb-1.0.114.5 created - ctdb-1.0.114.5
The annotated tag, ctdb-1.0.114.5 has been created at 4660de10d208ccab73382cf8f1122b65cd65bfc7 (tag) tagging 44e540648477217e37ba43f664124e0996b4496b (commit) replaces ctdb-1.0.114.4 tagged by Michael Adam on Mon May 7 11:52:15 2012 +0200 - Log - Release 1.0.114.5 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk+nm1YACgkQyU9JOBhPkDQZUQCdGL22QR195EVQtEpSrVUIcHee wXIAnj9zjvCNgPVxBIbtfi9ClbMkj8l1 =R+2W -END PGP SIGNATURE- Michael Adam (14): persistent_callback: ignore the update-recordreturn code of remote node in recovery persistent_store_timout: do not really time out the trans3_commit control in recovery persistent: if a node failed to update_record, trigger a recovery persistent: reduce indentation for the finishing moves in ctdb_persistent_callback persistent_callback: print no error message given instead of (null) persistent: add a ctdb_persistent_state member to the ctdb_db context. persistent: add a ctdb_db context to the ctdb_persistent_state struct. persistent: allocate the persistent state in the ctdb_db struct in trans3_commit persistent: reject trans3_control when a commit is already active. persistent: add a client context to the persistent_stat and track the db_id daemon: correctly end a running trans3_commit if the client disconnects. persistent: add ctdb_persistent_finish_trans3_commits(). recover: finish pending trans3 commits when a recovery is finished. New version 1.0.114.5. Rusty Russell (1): config: wrap iptables in flock to avoid concurrancy. --- -- CTDB repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 237d4da s3: Fix a segfault with debug level 3 on Solaris from 3882e0a WHATSNEW: Start release notes for 3.6.6. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 237d4dacfed478ce7f23a5f46b609189215259d3 Author: Volker Lendecke v...@samba.org Date: Thu Apr 12 12:15:50 2012 +0200 s3: Fix a segfault with debug level 3 on Solaris printf can not deal with NULL strings Fix bug #8861 (smbd crashes on high debug level with anonymous logins). --- Summary of changes: source3/smbd/password.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/password.c b/source3/smbd/password.c index ddc7ad1..f032a56 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -294,7 +294,8 @@ int register_existing_vuid(struct smbd_server_connection *sconn, DEBUG(3, (register_existing_vuid: User name: %s\t Real name: %s\n, vuser-session_info-unix_name, - vuser-session_info-info3-base.full_name.string)); + vuser-session_info-info3-base.full_name.string ? + vuser-session_info-info3-base.full_name.string : )); if (!vuser-session_info-security_token) { DEBUG(1, (register_existing_vuid: session_info does not -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via e686621 s3: Fix bug 8904 -- wbinfo --lookup-sids crashes winbind from 237d4da s3: Fix a segfault with debug level 3 on Solaris http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit e68662130c6c4c081d23f1a24cc3e9a3d2993224 Author: Volker Lendecke v...@samba.org Date: Sat Apr 28 19:51:46 2012 +0200 s3: Fix bug 8904 -- wbinfo --lookup-sids crashes winbind Much of the code further down and up the call chain expects the structures wb_lookupsids returns to be allocated. Do that despite we have nothing to look up. --- Summary of changes: source3/winbindd/wb_lookupsids.c | 10 +- 1 files changed, 5 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c index cdca7c7..2fd735d 100644 --- a/source3/winbindd/wb_lookupsids.c +++ b/source3/winbindd/wb_lookupsids.c @@ -123,11 +123,6 @@ struct tevent_req *wb_lookupsids_send(TALLOC_CTX *mem_ctx, state-sids = sids; state-num_sids = num_sids; - if (num_sids == 0) { - tevent_req_done(req); - return tevent_req_post(req, ev); - } - state-single_sids = TALLOC_ARRAY(state, uint32_t, num_sids); if (tevent_req_nomem(state-single_sids, req)) { return tevent_req_post(req, ev); @@ -153,6 +148,11 @@ struct tevent_req *wb_lookupsids_send(TALLOC_CTX *mem_ctx, return tevent_req_post(req, ev); } + if (num_sids == 0) { + tevent_req_done(req); + return tevent_req_post(req, ev); + } + for (i=0; inum_sids; i++) { struct wb_lookupsids_domain *d; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4754743 s3:registry: let reg_values_need_update() return true if the backend does not implement the method via fb58951 s3:registry: let reg_subkeys_need_update() return true if the backend does not implement the method from 246409e s4-dns: Build BIND DLZ modules with correct private library http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4754743860b4601465aa122021a8ae7ddb42f6a1 Author: Michael Adam ob...@samba.org Date: Mon May 7 14:09:28 2012 +0200 s3:registry: let reg_values_need_update() return true if the backend does not implement the method Otherwise the value cache might become outdated. Autobuild-User: Michael Adam ob...@samba.org Autobuild-Date: Mon May 7 16:11:05 CEST 2012 on sn-devel-104 commit fb58951f93909e95504eebc06119b96d864c8425 Author: Michael Adam ob...@samba.org Date: Mon May 7 14:08:13 2012 +0200 s3:registry: let reg_subkeys_need_update() return true if the backend does not implement the method Otherwise the subkey cache might become outdated. --- Summary of changes: source3/registry/reg_dispatcher.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/registry/reg_dispatcher.c b/source3/registry/reg_dispatcher.c index 765954e..e9ed14b 100644 --- a/source3/registry/reg_dispatcher.c +++ b/source3/registry/reg_dispatcher.c @@ -244,7 +244,7 @@ bool reg_subkeys_need_update(struct registry_key_handle *key, return key-ops-subkeys_need_update(subkeys); } - return false; + return true; } /** @@ -259,6 +259,6 @@ bool reg_values_need_update(struct registry_key_handle *key, return key-ops-values_need_update(values); } - return false; + return true; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 3d9a8dd Final back port of fix for bug #8837 - smbd crashes when deleting directory and veto files are enabled. via 5b53510 Convert parse_delete_tokens_list() and unparse_share_modes() to use ndr encoding for the struct security_unix_token. We can do this as libsmb_share_modes never looks inside the delete tokens list, only implicitly gets the length. via a66a725 The delete tokens are unique to each name hash representing a pathname, if we don't correctly return here we'll add duplicate tokens for a given pasname hash. via e691385 Fix the talloc heirarchy when adding the unix delete token. via 483c25e Third part of fix for bug #8837 - smbd crashes when deleting directory and veto files are enabled. via dd2246f First part of fix for bug 8837 - smbd crashes when deleting directory and veto files are enabled. from e686621 s3: Fix bug 8904 -- wbinfo --lookup-sids crashes winbind http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 3d9a8dd1a97f68df7d91cef5afe4dda80cc03454 Author: Jeremy Allison j...@samba.org Date: Mon Apr 9 14:15:22 2012 -0700 Final back port of fix for bug #8837 - smbd crashes when deleting directory and veto files are enabled. Use ndr encoding to add the NT security token into the stored data when delete on close is set. commit 5b5351022fb81da09d28ab3e7c8c2e2a8956c45e Author: Jeremy Allison j...@samba.org Date: Mon Apr 9 11:47:27 2012 -0700 Convert parse_delete_tokens_list() and unparse_share_modes() to use ndr encoding for the struct security_unix_token. We can do this as libsmb_share_modes never looks inside the delete tokens list, only implicitly gets the length. commit a66a725f6190fe48b6c83dc7f0e65bac6fa4bbac Author: Jeremy Allison j...@samba.org Date: Fri Apr 6 15:39:03 2012 -0700 The delete tokens are unique to each name hash representing a pathname, if we don't correctly return here we'll add duplicate tokens for a given pasname hash. commit e691385e25804c744fc820fdd6e039c3cf6b6128 Author: Jeremy Allison j...@samba.org Date: Fri Apr 6 14:53:48 2012 -0700 Fix the talloc heirarchy when adding the unix delete token. commit 483c25eb0c88178012cec11f713b714c3c54f8d6 Author: Jeremy Allison j...@samba.org Date: Wed Apr 4 14:57:12 2012 -0700 Third part of fix for bug #8837 - smbd crashes when deleting directory and veto files are enabled. Use correct check to see if veto files has been enabled. Even if not set lp_veto_files() returns a valid string address (to a '\0' character). Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Thu Apr 5 01:36:04 CEST 2012 on sn-devel-104 (cherry picked from commit 704ea4729b499ae2716cfe6ad5d952bcb1251a3b) commit dd2246f0262ef1002bf9e348d6097734596ce100 Author: Jeremy Allison j...@samba.org Date: Wed Apr 4 14:53:10 2012 -0700 First part of fix for bug 8837 - smbd crashes when deleting directory and veto files are enabled. Add some const to the sec_ctx code. (cherry picked from commit f042de2f346c98a852957cdbb09a7f8ac871b69c) --- Summary of changes: librpc/idl/security.idl |4 +- source3/include/smb.h |1 + source3/locking/locking.c | 231 +++-- source3/locking/proto.h | 10 ++- source3/smbd/close.c | 25 +++-- source3/smbd/proto.h |2 +- source3/smbd/reply.c |8 +- source3/smbd/sec_ctx.c|2 +- source3/smbd/trans2.c |1 + 9 files changed, 174 insertions(+), 110 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 3378367..696d5a5 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -570,7 +570,7 @@ interface security } sec_desc_buf; /* This is not yet sent over the network, but is simply defined in IDL */ - typedef [public] struct { + typedef [public,gensize] struct { uint32 num_sids; [size_is(num_sids)] dom_sid sids[*]; se_privilege privilege_mask; @@ -578,7 +578,7 @@ interface security } security_token; /* This is not yet sent over the network, but is simply defined in IDL */ - typedef [public] struct { + typedef [public,gensize] struct { uid_t uid; uid_t gid; uint32 ngroups; diff --git a/source3/include/smb.h b/source3/include/smb.h index 549ebb2..873657a 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -637,6 +637,7 @@ struct delete_token_list { struct delete_token_list *next, *prev; uint32_t name_hash; struct security_unix_token *delete_token; + struct security_token *delete_nt_token; };
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 56b0ec0 Fix bug #8897 - winbind_krb5_locator only returns one IP address. from 3d9a8dd Final back port of fix for bug #8837 - smbd crashes when deleting directory and veto files are enabled. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 56b0ec0e91f9af0eb6c109fc1cc300ad5fee3fe6 Author: Jeremy Allison j...@samba.org Date: Wed Apr 25 15:17:09 2012 -0700 Fix bug #8897 - winbind_krb5_locator only returns one IP address. Reported by dina_f...@dell.com. Don't ask the DC for an IP list when locating kdc's. Ask for the name and use getaddrinfo to get all possible addresses instead. --- Summary of changes: nsswitch/winbind_krb5_locator.c | 35 +++ 1 files changed, 19 insertions(+), 16 deletions(-) Changeset truncated at 500 lines: diff --git a/nsswitch/winbind_krb5_locator.c b/nsswitch/winbind_krb5_locator.c index e921cae..385a156 100644 --- a/nsswitch/winbind_krb5_locator.c +++ b/nsswitch/winbind_krb5_locator.c @@ -182,7 +182,8 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name, void *cbdata) { struct addrinfo *out = NULL; - int ret; + int ret = 0; + struct addrinfo *res = NULL; int count = 3; while (count) { @@ -206,16 +207,25 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name, return KRB5_PLUGIN_NO_HANDLE; } - ret = cbfunc(cbdata, out-ai_socktype, out-ai_addr); + for (res = out; res; res = res-ai_next) { + if (!res-ai_addr || res-ai_addrlen == 0) { + continue; + } + + ret = cbfunc(cbdata, res-ai_socktype, res-ai_addr); + if (ret) { #ifdef DEBUG_KRB5 - if (ret) { - fprintf(stderr, [%5u]: smb_krb5_locator_lookup: - failed to call callback: %s (%d)\n, - (unsigned int)getpid(), error_message(ret), ret); - } + fprintf(stderr, [%5u]: smb_krb5_locator_lookup: + failed to call callback: %s (%d)\n, + (unsigned int)getpid(), error_message(ret), ret); #endif + break; + } + } - freeaddrinfo(out); + if (out) { + freeaddrinfo(out); + } return ret; } @@ -257,8 +267,7 @@ static bool ask_winbind(const char *realm, char **dcname) flags = WBC_LOOKUP_DC_KDC_REQUIRED | WBC_LOOKUP_DC_IS_DNS_NAME | - WBC_LOOKUP_DC_RETURN_DNS_NAME | - WBC_LOOKUP_DC_IP_REQUIRED; + WBC_LOOKUP_DC_RETURN_DNS_NAME; wbc_status = wbcLookupDomainControllerEx(realm, NULL, NULL, flags, dc_info); @@ -270,12 +279,6 @@ static bool ask_winbind(const char *realm, char **dcname) return false; } - if (dc_info-dc_address) { - dc = dc_info-dc_address; - if (dc[0] == '\\') dc++; - if (dc[0] == '\\') dc++; - } - if (!dc dc_info-dc_unc) { dc = dc_info-dc_unc; if (dc[0] == '\\') dc++; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via cf39e01 Fix bug #8897 - winbind_krb5_locator only returns one IP address. from d9377cc WHATSNEW: Start release notes for 3.5.16. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit cf39e013930d29574826f6ad3a259fe47203c000 Author: Jeremy Allison j...@samba.org Date: Wed Apr 25 15:17:09 2012 -0700 Fix bug #8897 - winbind_krb5_locator only returns one IP address. Reported by dina_f...@dell.com. Don't ask the DC for an IP list when locating kdc's. Ask for the name and use getaddrinfo to get all possible addresses instead. (cherry picked from commit 56b0ec0e91f9af0eb6c109fc1cc300ad5fee3fe6) --- Summary of changes: nsswitch/winbind_krb5_locator.c | 35 +++ 1 files changed, 19 insertions(+), 16 deletions(-) Changeset truncated at 500 lines: diff --git a/nsswitch/winbind_krb5_locator.c b/nsswitch/winbind_krb5_locator.c index e921cae..385a156 100644 --- a/nsswitch/winbind_krb5_locator.c +++ b/nsswitch/winbind_krb5_locator.c @@ -182,7 +182,8 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name, void *cbdata) { struct addrinfo *out = NULL; - int ret; + int ret = 0; + struct addrinfo *res = NULL; int count = 3; while (count) { @@ -206,16 +207,25 @@ static krb5_error_code smb_krb5_locator_call_cbfunc(const char *name, return KRB5_PLUGIN_NO_HANDLE; } - ret = cbfunc(cbdata, out-ai_socktype, out-ai_addr); + for (res = out; res; res = res-ai_next) { + if (!res-ai_addr || res-ai_addrlen == 0) { + continue; + } + + ret = cbfunc(cbdata, res-ai_socktype, res-ai_addr); + if (ret) { #ifdef DEBUG_KRB5 - if (ret) { - fprintf(stderr, [%5u]: smb_krb5_locator_lookup: - failed to call callback: %s (%d)\n, - (unsigned int)getpid(), error_message(ret), ret); - } + fprintf(stderr, [%5u]: smb_krb5_locator_lookup: + failed to call callback: %s (%d)\n, + (unsigned int)getpid(), error_message(ret), ret); #endif + break; + } + } - freeaddrinfo(out); + if (out) { + freeaddrinfo(out); + } return ret; } @@ -257,8 +267,7 @@ static bool ask_winbind(const char *realm, char **dcname) flags = WBC_LOOKUP_DC_KDC_REQUIRED | WBC_LOOKUP_DC_IS_DNS_NAME | - WBC_LOOKUP_DC_RETURN_DNS_NAME | - WBC_LOOKUP_DC_IP_REQUIRED; + WBC_LOOKUP_DC_RETURN_DNS_NAME; wbc_status = wbcLookupDomainControllerEx(realm, NULL, NULL, flags, dc_info); @@ -270,12 +279,6 @@ static bool ask_winbind(const char *realm, char **dcname) return false; } - if (dc_info-dc_address) { - dc = dc_info-dc_address; - if (dc[0] == '\\') dc++; - if (dc[0] == '\\') dc++; - } - if (!dc dc_info-dc_unc) { dc = dc_info-dc_unc; if (dc[0] == '\\') dc++; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via b2f7288 Wrong assertion/comparison: Compare value not pointer from 56b0ec0 Fix bug #8897 - winbind_krb5_locator only returns one IP address. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit b2f728823e8976e2ce5a2e630134ae8e01d83e82 Author: Olaf Flebbe o.fle...@science-computing.de Date: Thu Apr 12 11:29:41 2012 +0200 Wrong assertion/comparison: Compare value not pointer Fix bug #8859 (Wrong assertion: Checks pointer not value). --- Summary of changes: source3/registry/reg_parse.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/registry/reg_parse.c b/source3/registry/reg_parse.c index 908faca..b8ad4d7 100644 --- a/source3/registry/reg_parse.c +++ b/source3/registry/reg_parse.c @@ -793,12 +793,12 @@ handle_iconv_errno(int err, const char* obuf, size_t linenum, DEBUG(0, (Illegal multibyte sequence at line %lu: %s, (long unsigned)(linenum+1), pos)); - assert(ilen 0); + assert((*ilen) 0); do { size_t il = 1; DEBUGADD(0, (%02x, (unsigned char)**iptr)); - if (olen 0) { + if ((*olen) 0) { *(*optr)++ = '\?'; (*iptr)++; /* Todo: parametrize, e.g. skip: *optr++ = *iptr++; */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 815ba9d Fix bug #8831 - Inconsistent (with manpage) command-line switch for help in smbtree from b2f7288 Wrong assertion/comparison: Compare value not pointer http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 815ba9db6f9ae405c6e8a590ee96a31cf30ba481 Author: Jeremy Allison j...@samba.org Date: Fri Mar 30 12:23:07 2012 -0700 Fix bug #8831 - Inconsistent (with manpage) command-line switch for help in smbtree Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Fri Mar 30 22:59:53 CEST 2012 on sn-devel-104 (cherry picked from commit efd94d159883cb0841d8ac83223a1e63098a8d72) --- Summary of changes: docs-xml/build/DTD/samba.entities |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities index d204156..f5d8cd2 100644 --- a/docs-xml/build/DTD/samba.entities +++ b/docs-xml/build/DTD/samba.entities @@ -440,7 +440,7 @@ Try to use the credentials cached by winbind. !ENTITY stdarg.help ' varlistentry -term-h|--help/term +term-?|--help/term listitemparaPrint a summary of command line options. /para/listitem /varlistentry' -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 890485b heimdal: Cope with newer Heimdal versions accepting a keyset argument to hdb_enctype2key. from 4754743 s3:registry: let reg_values_need_update() return true if the backend does not implement the method http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 890485bd17142ac9bbaf71c24d3d3ec1fa4a6724 Author: Jelmer Vernooij jel...@samba.org Date: Mon May 7 16:43:17 2012 +0200 heimdal: Cope with newer Heimdal versions accepting a keyset argument to hdb_enctype2key. Autobuild-User: Jelmer Vernooij jel...@samba.org Autobuild-Date: Mon May 7 18:33:10 CEST 2012 on sn-devel-104 --- Summary of changes: source4/heimdal_build/wscript_configure | 26 ++ source4/kdc/pac-glue.c |4 2 files changed, 26 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/heimdal_build/wscript_configure b/source4/heimdal_build/wscript_configure index a350a8b..619944d 100755 --- a/source4/heimdal_build/wscript_configure +++ b/source4/heimdal_build/wscript_configure @@ -213,15 +213,33 @@ check_system_heimdal_lib(gssapi, gss_oid_to_name, gssapi.h, onlyif=hcrypto asn1 roken krb5 com_err wind) check_system_heimdal_lib(heimntlm, heim_ntlm_ntlmv2_key, heimntlm.h, onlyif=roken hcrypto krb5) -check_system_heimdal_lib(hdb, hdb_db_dir, krb5.h hdb.h, -onlyif=roken krb5 hcrypto com_err wind) +if check_system_heimdal_lib(hdb, hdb_db_dir, krb5.h hdb.h, +onlyif=roken krb5 hcrypto com_err wind): +CCDEFINES = list(conf.env.CCDEFINES) +conf.undefine(HAVE_CONFIG_H) +while HAVE_CONFIG_H=1 in conf.env.CCDEFINES: +conf.env.CCDEFINES.remove(HAVE_CONFIG_H=1) +try: +conf.CHECK_CODE(''' +#include hdb.h +int main(void) { hdb_enctype2key(NULL, NULL, NULL, 0, NULL); } +''', +define='HDB_ENCTYPE2KEY_TAKES_KEYSET', +addmain=False, +lib='hdb', +msg='Checking whether hdb_enctype2key takes a keyset argument', +local_include=False) +finally: +conf.env.CCDEFINES = CCDEFINES +conf.define(HAVE_CONFIG_H, 1) + check_system_heimdal_lib(kdc, kdc_log, kdc.h, onlyif=roken krb5 hdb asn1 heimntlm hcrypto com_err wind heimbase) # With the proper checks in place we should be able to build against the system libtommath. -# conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h') -# conf.define('USING_SYSTEM_TOMMATH', 1) +#if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'): +#conf.define('USING_SYSTEM_TOMMATH', 1) check_system_heimdal_binary(compile_et) check_system_heimdal_binary(asn1_compile) diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index d654dc3..cca74d8 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -482,7 +482,11 @@ int kdc_check_pac(krb5_context context, } } +#if HDB_ENCTYPE2KEY_TAKES_KEYSET + ret = hdb_enctype2key(context, ent-entry, NULL, etype, key); +#else ret = hdb_enctype2key(context, ent-entry, etype, key); +#endif if (ret != 0) { return ret; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 6692bd5 Fix bug #8831 - Inconsistent (with manpage) command-line switch for help in smbtree from cf39e01 Fix bug #8897 - winbind_krb5_locator only returns one IP address. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 6692bd5944bcc060453a8ae3424cef71b47d37f4 Author: Jeremy Allison j...@samba.org Date: Fri Mar 30 12:23:07 2012 -0700 Fix bug #8831 - Inconsistent (with manpage) command-line switch for help in smbtree Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Fri Mar 30 22:59:53 CEST 2012 on sn-devel-104 (cherry picked from commit efd94d159883cb0841d8ac83223a1e63098a8d72) (cherry picked from commit 815ba9db6f9ae405c6e8a590ee96a31cf30ba481) --- Summary of changes: docs-xml/build/DTD/samba.entities |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities index d204156..f5d8cd2 100644 --- a/docs-xml/build/DTD/samba.entities +++ b/docs-xml/build/DTD/samba.entities @@ -440,7 +440,7 @@ Try to use the credentials cached by winbind. !ENTITY stdarg.help ' varlistentry -term-h|--help/term +term-?|--help/term listitemparaPrint a summary of command line options. /para/listitem /varlistentry' -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via faafade Bugfix for #8857 - Setting traverse rights fails to enable directory traversal when acl_xattr in use. via bed05b8 Fix incorrect debug - parent_name is never set ! from 815ba9d Fix bug #8831 - Inconsistent (with manpage) command-line switch for help in smbtree http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit faafade5dd948918a27284b82384340995d1bf55 Author: Jeremy Allison j...@samba.org Date: Mon Apr 16 18:17:25 2012 -0700 Bugfix for #8857 - Setting traverse rights fails to enable directory traversal when acl_xattr in use. We were incorrectly checking the parent directory ACL, instead of the ACL of the directory we're trying to open. commit bed05b8d6b10c77a98a73318ba483bafcccb8a34 Author: Jeremy Allison j...@samba.org Date: Mon Apr 16 18:04:51 2012 -0700 Fix incorrect debug - parent_name is never set ! --- Summary of changes: source3/modules/vfs_acl_common.c | 39 + 1 files changed, 34 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index 016bb9f..097fd20 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -559,7 +559,6 @@ static NTSTATUS check_parent_acl_common(vfs_handle_struct *handle, uint32_t access_mask, struct security_descriptor **pp_parent_desc) { - char *parent_name = NULL; struct security_descriptor *parent_desc = NULL; uint32_t access_granted = 0; NTSTATUS status; @@ -578,9 +577,8 @@ static NTSTATUS check_parent_acl_common(vfs_handle_struct *handle, access_granted); if(!NT_STATUS_IS_OK(status)) { DEBUG(10,(check_parent_acl_common: access check - on directory %s for + on parent directory of path %s for mask 0x%x returned %s\n, - parent_name, path, access_mask, nt_errstr(status) )); @@ -815,13 +813,44 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, static SMB_STRUCT_DIR *opendir_acl_common(vfs_handle_struct *handle, const char *fname, const char *mask, uint32 attr) { - NTSTATUS status = check_parent_acl_common(handle, fname, - SEC_DIR_LIST, NULL); + NTSTATUS status; + uint32_t access_granted = 0; + struct security_descriptor *sd = NULL; + status = get_nt_acl_internal(handle, + NULL, + fname, + (SECINFO_OWNER | +SECINFO_GROUP | +SECINFO_DACL | +SECINFO_SACL), + sd); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10,(opendir_acl_common: + get_nt_acl_internal for dir %s + failed with error %s\n, + fname, + nt_errstr(status) )); + errno = map_errno_from_nt_status(status); + return NULL; + } + + /* See if we can access it. */ + status = smb1_file_se_access_check(handle-conn, + sd, + get_current_nttok(handle-conn), + SEC_DIR_LIST, + access_granted); if (!NT_STATUS_IS_OK(status)) { + DEBUG(10,(opendir_acl_common: %s open + for access SEC_DIR_LIST + refused with error %s\n, + fname, + nt_errstr(status) )); errno = map_errno_from_nt_status(status); return NULL; } + return SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 50973b9 Fix bug #8877 - Syslog broken owing to mistyping of debug_settings.syslog. from faafade Bugfix for #8857 - Setting traverse rights fails to enable directory traversal when acl_xattr in use. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 50973b96e2e5bf1f8a434a8be986e359a9e3b3e5 Author: Joseph Tam jtam.h...@gmail.com Date: Thu Apr 19 11:46:16 2012 -0700 Fix bug #8877 - Syslog broken owing to mistyping of debug_settings.syslog. Setting syslog only = yes did not divert log messages to syslog. The test in lib/util/debug.c:Debug1():747 if( syslog_level state.settings.syslog ) produces wrong results since .syslog is typed bool rather than int. The attached patch fixes this by typing this field correctly as int. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Fri Apr 20 00:06:12 CEST 2012 on sn-devel-104 (cherry picked from commit 00d5f32025bf13285ab3f8ffae914107c9eca275) Signed-off-by: Jeremy Allison j...@samba.org --- Summary of changes: lib/util/debug.h |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/debug.h b/lib/util/debug.h index c01fa92..4117d3f 100644 --- a/lib/util/debug.h +++ b/lib/util/debug.h @@ -201,7 +201,7 @@ enum debug_logtype {DEBUG_DEFAULT_STDERR = 0, DEBUG_STDOUT = 1, DEBUG_FILE = 2, struct debug_settings { size_t max_log_size; - bool syslog; + int syslog; bool syslog_only; bool timestamp_logs; bool debug_prefix_timestamp; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5909188 talloc: Update doxygen config. via 2040828 doc: Remove latex to doxygen conversion leftovers in talloc. via 6952699 doc: Fixes for the talloc best practices tutorial. via c1c9ab1 doc: Fixes for the talloc debugging tutorial. via 5a758f4 doc: Fixes for the talloc pool tutorial. via 79efc9d doc: Fixes for the talloc destructor tutorial. via 7d5565e doc: Fixes for the talloc dynamic type system tutorial. via dc112dc doc: Fixes for the talloc stealing tutorial. via 9423ac0 doc: Fixes for the talloc context tutorial. via d99b7d0 doc: Add talloc tutorial. from 890485b heimdal: Cope with newer Heimdal versions accepting a keyset argument to hdb_enctype2key. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 59091884922eda5a1524ad97fa1a5d7477cb5b96 Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:57:34 2012 +0200 talloc: Update doxygen config. Autobuild-User: Andreas Schneider a...@cryptomilk.org Autobuild-Date: Mon May 7 21:13:15 CEST 2012 on sn-devel-104 commit 20408286e2845ebca64b28e7e8ec0ed8dc9130c2 Author: Pavel Březina pbrez...@redhat.com Date: Mon May 7 12:30:44 2012 +0200 doc: Remove latex to doxygen conversion leftovers in talloc. Signed-off-by: Andreas Schneider a...@samba.org commit 69526997e5636211824f8c041a9e57d039cc62f4 Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:56:39 2012 +0200 doc: Fixes for the talloc best practices tutorial. commit c1c9ab1c79571dfa1ae0a9f92f401ea89a50ca0e Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:42:44 2012 +0200 doc: Fixes for the talloc debugging tutorial. commit 5a758f448d61f327aa510b9b4506a509e346c5df Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:36:37 2012 +0200 doc: Fixes for the talloc pool tutorial. commit 79efc9d6e2c57c6acd8216be4b3387180032addd Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:30:06 2012 +0200 doc: Fixes for the talloc destructor tutorial. commit 7d5565e22d0ad8994225da18ef025bfdfa56c245 Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:25:50 2012 +0200 doc: Fixes for the talloc dynamic type system tutorial. commit dc112dcee058f2f1a211a50790f659a629ab2978 Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:18:26 2012 +0200 doc: Fixes for the talloc stealing tutorial. commit 9423ac06aa2a88a1cf64d5256e948bbec33ecb91 Author: Andreas Schneider a...@samba.org Date: Mon May 7 11:09:56 2012 +0200 doc: Fixes for the talloc context tutorial. commit d99b7d0220d8bd694c0d997622a7a87eb09c5570 Author: Pavel Březina pbrez...@redhat.com Date: Sun May 6 14:34:48 2012 +0200 doc: Add talloc tutorial. Signed-off-by: Andreas Schneider a...@samba.org --- Summary of changes: lib/talloc/doc/context.png| Bin 0 - 4715 bytes lib/talloc/doc/context_tree.png | Bin 0 - 6158 bytes lib/talloc/doc/mainpage.dox |5 + lib/talloc/doc/stealing.png | Bin 0 - 6994 bytes lib/talloc/doc/tutorial_bestpractices.dox | 192 +++ lib/talloc/doc/tutorial_context.dox | 198 +++ lib/talloc/doc/tutorial_debugging.dox | 116 +++ lib/talloc/doc/tutorial_destructors.dox | 82 + lib/talloc/doc/tutorial_dts.dox | 109 ++ lib/talloc/doc/tutorial_introduction.dox | 43 +++ lib/talloc/doc/tutorial_pools.dox | 93 ++ lib/talloc/doc/tutorial_stealing.dox | 55 +++ lib/talloc/doxy.config| 512 ++--- 13 files changed, 1285 insertions(+), 120 deletions(-) create mode 100644 lib/talloc/doc/context.png create mode 100644 lib/talloc/doc/context_tree.png create mode 100644 lib/talloc/doc/stealing.png create mode 100644 lib/talloc/doc/tutorial_bestpractices.dox create mode 100644 lib/talloc/doc/tutorial_context.dox create mode 100644 lib/talloc/doc/tutorial_debugging.dox create mode 100644 lib/talloc/doc/tutorial_destructors.dox create mode 100644 lib/talloc/doc/tutorial_dts.dox create mode 100644 lib/talloc/doc/tutorial_introduction.dox create mode 100644 lib/talloc/doc/tutorial_pools.dox create mode 100644 lib/talloc/doc/tutorial_stealing.dox Changeset truncated at 500 lines: diff --git a/lib/talloc/doc/context.png b/lib/talloc/doc/context.png new file mode 100644 index 000..48a6ca0 Binary files /dev/null and b/lib/talloc/doc/context.png differ diff --git a/lib/talloc/doc/context_tree.png b/lib/talloc/doc/context_tree.png new file mode 100644 index 000..9723459 Binary files /dev/null and b/lib/talloc/doc/context_tree.png differ diff --git a/lib/talloc/doc/mainpage.dox b/lib/talloc/doc/mainpage.dox index 3204e8a..3b56898 100644
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 75494f7 selftest: samba4 doesn't support reauth via c68cba3 s4:torture/raw/session: make sure we got a reauth of the existing session via 0ded6f9 selftest: mark ^samba4.raw.session.reauth as flapping from 5909188 talloc: Update doxygen config. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 75494f75fa27ded7b9d3c8c7342c8aa682c2949b Author: Stefan Metzmacher me...@samba.org Date: Mon May 7 11:50:59 2012 +0200 selftest: samba4 doesn't support reauth metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue May 8 02:43:49 CEST 2012 on sn-devel-104 commit c68cba36aabd816fcf70fc800eb36e54a3164d55 Author: Stefan Metzmacher me...@samba.org Date: Mon May 7 11:32:32 2012 +0200 s4:torture/raw/session: make sure we got a reauth of the existing session metze commit 0ded6f9cb71719605e06abea0883d2e59a1e8d39 Author: Stefan Metzmacher me...@samba.org Date: Mon May 7 12:07:30 2012 +0200 selftest: mark ^samba4.raw.session.reauth as flapping Because the test is wrong... metze --- Summary of changes: selftest/knownfail|1 + source4/torture/raw/session.c |2 ++ 2 files changed, 3 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index 1fa11e9..35da8b3 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -47,6 +47,7 @@ ^samba4..*base.delete.*.deltest17 ^samba4..*base.delete.*.deltest20a ^samba4..*base.delete.*.deltest20b +^samba4.raw.session.reauth ^samba4.raw.rename.*.osxrename ^samba4.raw.rename.*.directory rename ^samba4.rpc.winreg.*security diff --git a/source4/torture/raw/session.c b/source4/torture/raw/session.c index 66092d2..3402693 100644 --- a/source4/torture/raw/session.c +++ b/source4/torture/raw/session.c @@ -38,6 +38,7 @@ static bool test_session_reauth(struct torture_context *tctx, char fname[256]; char buf[dlen+1]; bool ok = true; + uint16_t vuid1 = cli-session-vuid; data = generate_random_str(tctx, dlen); torture_assert(tctx, (data != NULL), memory allocation failed); @@ -65,6 +66,7 @@ static bool test_session_reauth(struct torture_context *tctx, io.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx-lp_ctx); status = smb_composite_sesssetup(cli-session, io); torture_assert_ntstatus_ok_goto(tctx, status, ok, done, setup2); + torture_assert_int_equal_goto(tctx, io.out.vuid, vuid1, ok, done, setup2); num = smbcli_read(cli-tree, fnum, buf, 0, dlen); torture_assert_int_equal_goto(tctx, num, dlen, ok, done, read file); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5d4d8fe s4:torture/raw/context: add subtests as torture testcases via dd804dd s4:torture/raw/context: INVALID_PARAMETER vs. LOGON_FAILURE... via 7c0c1fa s4:torture/raw: make torture_raw_context a test suite via 05bed62 s4:torture/raw/context: make use of torture_* macros and avoid 'printf' via 27efeab s4:torture/raw/context: pass tctx to test_pid_exit_only_sees_open() from 75494f7 selftest: samba4 doesn't support reauth http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5d4d8fefe28051ace587494bff5e16b4e4211773 Author: Stefan Metzmacher me...@samba.org Date: Thu May 3 14:41:21 2012 +0200 s4:torture/raw/context: add subtests as torture testcases TODO: add test_session with 'use spnego = false'. We need a way to do set an option just for one test case. Note: the 'use spnego = false' was ignored before as it's only used on the first session setup on a connection. metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue May 8 04:50:39 CEST 2012 on sn-devel-104 commit dd804dd8caf2744aba5968b86724a538159708eb Author: Stefan Metzmacher me...@samba.org Date: Tue May 1 12:38:06 2012 +0200 s4:torture/raw/context: INVALID_PARAMETER vs. LOGON_FAILURE... If the try a session setup without EXTENDED_SECURITY after one with EXTENDED_SECURITY Windows 2008 R2 returns INVALID_PARAMETER, while Windows 2000 sp4 returns LOGON_FAILURE... metze commit 7c0c1fabd08cac83f306240f00a98901543a367f Author: Stefan Metzmacher me...@samba.org Date: Wed May 2 13:46:34 2012 +0200 s4:torture/raw: make torture_raw_context a test suite metze commit 05bed62371e3acfb1813024ae45bd563e3a1d749 Author: Stefan Metzmacher me...@samba.org Date: Tue May 1 12:39:21 2012 +0200 s4:torture/raw/context: make use of torture_* macros and avoid 'printf' metze commit 27efeabab47694cb2f147d4c964c62213cc03fef Author: Stefan Metzmacher me...@samba.org Date: Tue May 1 12:35:28 2012 +0200 s4:torture/raw/context: pass tctx to test_pid_exit_only_sees_open() metze --- Summary of changes: source4/torture/raw/context.c | 262 +++-- source4/torture/raw/raw.c |2 +- 2 files changed, 121 insertions(+), 143 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/raw/context.c b/source4/torture/raw/context.c index 45e7482..af53453 100644 --- a/source4/torture/raw/context.c +++ b/source4/torture/raw/context.c @@ -30,35 +30,23 @@ #define BASEDIR \\rawcontext -#define CHECK_STATUS(status, correct) do { \ - if (!NT_STATUS_EQUAL(status, correct)) { \ - printf((%s) Incorrect status %s - should be %s\n, \ - __location__, nt_errstr(status), nt_errstr(correct)); \ - ret = false; \ - goto done; \ - }} while (0) - -#define CHECK_VALUE(v, correct) do { \ - if ((v) != (correct)) { \ - printf((%s) Incorrect value %s=%d - should be %d\n, \ - __location__, #v, v, correct); \ - ret = false; \ - goto done; \ - }} while (0) - -#define CHECK_NOT_VALUE(v, correct) do { \ - if ((v) == (correct)) { \ - printf((%s) Incorrect value %s=%d - should not be %d\n, \ - __location__, #v, v, correct); \ - ret = false; \ - goto done; \ - }} while (0) +#define CHECK_STATUS(status, correct) \ + torture_assert_ntstatus_equal_goto(tctx, status, correct, ret, done, __location__) + +#define CHECK_VALUE(v, correct) \ + torture_assert_int_equal_goto(tctx, v, correct, ret, done, __location__) + +#define CHECK_NOT_VALUE(v, correct) \ + torture_assert_goto(tctx, ((v) != (correct)), ret, done, \ + talloc_asprintf(tctx, (%s) Incorrect value %s=%d - should not be %d\n, \ + __location__, #v, v, correct)); /* test session ops */ -static bool test_session(struct smbcli_state *cli, struct torture_context *tctx) +static bool test_session(struct torture_context *tctx, +struct smbcli_state *cli) { NTSTATUS status; bool ret = true; @@ -82,13 +70,13 @@ static bool test_session(struct smbcli_state *cli, struct torture_context *tctx) int i; struct smbcli_session_options options; - printf(TESTING SESSION HANDLING\n); + torture_comment(tctx, TESTING SESSION HANDLING\n); if (!torture_setup_dir(cli, BASEDIR)) { return false; } - printf(create a second security context on the same transport\n); + torture_comment(tctx, create a second security context on
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 470cfb3 lib/util: Map 0x7fffLL as 0x7fffLL in time conversion via 0678eb6 s4-provision Ensure we have posix ACLs before we permit a s3fs-based Samba4 to be configured via 859aa43 s3-python: Add python bindings for posix ACL layer from 5d4d8fe s4:torture/raw/context: add subtests as torture testcases http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 470cfb34aea693cdb774b648d51ceccda130f329 Author: Andrew Bartlett abart...@samba.org Date: Mon May 7 19:21:10 2012 +1000 lib/util: Map 0x7fffLL as 0x7fffLL in time conversion TIME_T_MAX is not actually INT64_MAX at the moment, so check both values and set to the magic end-of-time value. Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Tue May 8 06:41:43 CEST 2012 on sn-devel-104 commit 0678eb6cdfa19f27de8093eee2a15b7493bbce67 Author: Andrew Bartlett abart...@samba.org Date: Mon May 7 17:06:23 2012 +1000 s4-provision Ensure we have posix ACLs before we permit a s3fs-based Samba4 to be configured commit 859aa43f7348e721a6ce0417d300d9db8086fc7b Author: Andrew Bartlett abart...@samba.org Date: Mon May 7 16:24:03 2012 +1000 s3-python: Add python bindings for posix ACL layer This will allow us to check that posix ACLs work in the s4 provision, and avoid --use-s3fs if they do not. Andrew Bartlett --- Summary of changes: lib/util/time.c|2 +- source3/smbd/pysmbd.c | 203 source3/wscript_build |6 + .../scripting/python/samba/provision/__init__.py | 14 ++ 4 files changed, 224 insertions(+), 1 deletions(-) create mode 100644 source3/smbd/pysmbd.c Changeset truncated at 500 lines: diff --git a/lib/util/time.c b/lib/util/time.c index dc3ca68..d5a429a 100644 --- a/lib/util/time.c +++ b/lib/util/time.c @@ -148,7 +148,7 @@ _PUBLIC_ void unix_to_nt_time(NTTIME *nt, time_t t) return; } - if (t == TIME_T_MAX) { + if (t == TIME_T_MAX || t == INT64_MAX) { *nt = 0x7fffLL; return; } diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c new file mode 100644 index 000..76167e1 --- /dev/null +++ b/source3/smbd/pysmbd.c @@ -0,0 +1,203 @@ +/* + Unix SMB/CIFS implementation. + SMB NT Security Descriptor / Unix permission conversion. + Copyright (C) Jeremy Allison 1994-2009. + Copyright (C) Andreas Gruenbacher 2002. + Copyright (C) Simo Sorce i...@samba.org 2009. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see http://www.gnu.org/licenses/. +*/ + +#include includes.h +#include smbd/smbd.h +#include Python.h +#include libcli/util/pyerrors.h + +extern const struct generic_mapping file_generic_mapping; + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ACLS + +static NTSTATUS set_sys_acl_no_snum(const char *fname, +SMB_ACL_TYPE_T acltype, +SMB_ACL_T theacl) +{ + connection_struct *conn; + NTSTATUS status = NT_STATUS_OK; + int ret; + + conn = talloc_zero(NULL, connection_struct); + if (conn == NULL) { + DEBUG(0, (talloc failed\n)); + return NT_STATUS_NO_MEMORY; + } + + if (!(conn-params = talloc(conn, struct share_params))) { + DEBUG(0,(get_nt_acl_no_snum: talloc() failed!\n)); + TALLOC_FREE(conn); + return NT_STATUS_NO_MEMORY; + } + + conn-params-service = -1; + + set_conn_connectpath(conn, /); + + smbd_vfs_init(conn); + + ret = SMB_VFS_SYS_ACL_SET_FILE( conn, fname, acltype, theacl); + if (ret != 0) { + status = map_nt_error_from_unix_common(ret); + DEBUG(0,(get_nt_acl_no_snum: fset_nt_acl returned zero.\n)); + } + + conn_free(conn); + + return status; +} + + +static SMB_ACL_T make_simple_acl(uid_t uid, gid_t gid) +{ + mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE; + mode_t mode0 = 0; + + SMB_ACL_ENTRY_T entry; +