date:20130710

[Samba] Sync - sysvol and getfacl

2013-07-10 Thread Sandbox

Hi,

I'm using Samba 4.0.5 and when I use  ls -la or getfacl on eg:
sysvol/Policies directory Samba dies with this error message:

== samba/samba.log ==
[2013/07/10 07:49:30,  0] ../lib/util/fault.c:72(fault_report)
  ===
[2013/07/10 07:49:30,  0] ../lib/util/fault.c:73(fault_report)
  INTERNAL ERROR: Signal 11 in pid 3222 (4.0.5)
  Please read the Trouble-Shooting section of the Samba HOWTO
[2013/07/10 07:49:30,  0] ../lib/util/fault.c:75(fault_report)
  ===

but the command gave this info:

# file: Policies/
# owner: root
# group: 300
user::rwx
user:root:rwx
group::rwx
group:300:rwx
group:301:r-x
group:302:rwx
group:303:r-x
group:304:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:group::---
default:group:300:rwx
default:group:301:r-x
default:group:302:rwx
default:group:303:r-x
default:group:304:rwx
default:mask::rwx
default:other::---


It is interesting because I dont have that kind of groups with those ID's
(according to getent group and wbinfo -g) except 304 which is Group
Policy Creator Owners.
I suppose the other four groups are (checked from windows side):
Administrators, Server Operators, SYSTEM and Authenticated Users.
Can I do anything with this?

My next question is: sysvol sync.
My PDC's and BDC's user and group ID's are totaly different.

Is it possible to set my PDC/BDC ID's equal, because as I see BDC couldn't
do his job while this isn't solved.

Regards, Robert
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Sync - sysvol and getfacl

2013-07-10 Thread steve

On Wed, 2013-07-10 at 08:30 +0200, Sandbox wrote:

 My PDC's and BDC's user and group ID's are totaly different.
 
 Is it possible to set my PDC/BDC ID's equal, because as I see BDC couldn't
 do his job while this isn't solved.


Hi
You can have the same id's everywhere by putting uidNumber and gidNumber
attributes in the directory in the DN of the user or group and then
recovering them using nss with winbind, nslcd or sssd. But make sure
that if you use winbind you actually configure it to pull the values
from AD and not any external database.

If you already have groups and users, only add the new attributes to one
of the DC's. Disable the other DC while you do this. Take the id's from
whatever the xidNumber is on the DC you choose.
hth
Steve


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Help Samba license

2013-07-10 Thread Andrew Bartlett

On Wed, 2013-07-10 at 11:30 +0800, blue_sky886 wrote:
  Hi,
 
 I want to use library of samba that license is GPLv2 in my program that is 
 proprietary.
 
 The source code version of samba is 3.0.6.
 
 Is it possible to modify the license to LGPL?
 
 Thanks.

No, it is not possible.  We can only suggest you licence your program
under GPL compatible terms.

Additionally, all supported Samba versions are now licensed under GPLv3
or later, with only some specific support libraries under other less
protective licences. 

I hope this clarifies things,

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba4 - File Share

2013-07-10 Thread Natália Vaz

Hi.
I'm trying to set up a file server in a Samba4 domain, but when I use
permission groups, I can't access the directories. How can I set the shares
with restricted groups?
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba4 - File Share

2013-07-10 Thread Marc Muehlfeld


Hello Natalia,

Am 10.07.2013 16:00, schrieb Natália Vaz:

I'm trying to set up a file server in a Samba4 domain, but when I use
permission groups, I can't access the directories. How can I set the shares
with restricted groups?


I published a HowTo about file shares yesterday evening:
https://wiki.samba.org/index.php/Setup_and_configure_file_shares


If your problem can't be solved with the HowTo, please give some more 
details what you try to do, what exactly went wrong and how you tried it.



Regards,
Marc


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

2013-07-10 Thread Nicolas Pagliaro

Samba 3.0.6.9 is the version I have in yum.
Is this version ok to act as a member server? Or I should install 3.0.2?

-Mensaje original-
De: Nico Kadel-Garcia [mailto:nka...@gmail.com] 
Enviado el: martes, 09 de julio de 2013 23:01
Para: Nicolas Pagliaro
CC: samba@lists.samba.org
Asunto: Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

On Tue, Jul 9, 2013 at 6:35 AM, Nicolas Pagliaro npagli...@espectador.com.uy 
wrote:
 Hi Nico, thanks for your answer. I don't need to have an AD server installed 
 in my centos.
 I just needs to connect to my Windows DC that have AD because I need to have 
 samba shares with AD users permissions.
 Now I remove all samba4 package with. Yum remove samba4* I am 
 downloading the last version of samba from git samba and samba-commons

 The rpm that you made for me will work for me?

I only publish RPM building tools, not binaries. I don't consider my github or 
other personally available repositories secure enough for me to publush such 
critical binaries as Samba, but I'm happy to publish open source tools that 
way. So you'd have to build it. But if you're wirking with an upstream 
supported, stable environment like CentOS or Scientific Linux, why experiment 
with new tools you don't need? I wind up needing the newer tools, but suggest 
that for just a plain client, you should be fine with the default Samba 3.x 
from CentOS.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] NT_STATUS_TOO_MANY_OPENED_FILES with Samba 4.0.6 and Internal DNS

2013-07-10 Thread Andrew Martin

Hello,

I am using Samba 4.0.6 on Ubuntu 12.04 with the internal DNS and dns forwarder 
set to forward to an upstream dnsmasq server as follows:
[global]
workgroup = EXAMPLE
realm = EXAMPLE.COM
netbios name = DC0
server role = active directory domain controller
dns forwarder = 192.168.010
idmap_ldb:use rfc2307 = Yes

# disable printing since we're not using it and to get rid of printcap 
errors in log
printcap name = /dev/null
load printers = no
printing = bsd

[netlogon]
path = /var/lib/samba/sysvol/example.com/scripts
read only = No

[sysvol]
path = /var/lib/samba/sysvol
read only = No


Samba 4 has been working well so far as an AD DC, however I have seen this 
message appear in the samba log:
[2013/07/10 08:52:35,  0] 
../source4/smbd/process_single.c:57(single_accept_connection)
  single_accept_connection: accept: NT_STATUS_TOO_MANY_OPENED_FILES

I found this bug report and thread regarding this issue, and stating that it 
had been fixed in 4.0.0 rc3:
https://bugzilla.samba.org/show_bug.cgi?id=8878
http://samba.2283325.n4.nabble.com/Samba3-gt-samba-4-td4638214.html

I confirmed that the attached patch is indeed applied in my copy of 4.0.6. What 
else can I do to debug this problem?

Thanks,

Andrew
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Help Samba license

2013-07-10 Thread Jeremy Allison

On Wed, Jul 10, 2013 at 11:30:35AM +0800, blue_sky886 wrote:
  Hi,
 
 I want to use library of samba that license is GPLv2 in my program that is 
 proprietary.
 
 The source code version of samba is 3.0.6.
 
 Is it possible to modify the license to LGPL?

I'm afraid not. Your only options are to
release your own code under a GPLv2 compatible
license or to cease using the Samba library
with your proprietary code.

Regards,

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] domain RODC fails with default provisioning

2013-07-10 Thread Andreas Calvo

We're evaluating joining another samba domain controller in read-only mode.
With a default provisioning, when running the samba-tool domain RODC, it
fails with the following error:
ldb: ldb_trace_request: (tdb)-search
ldb: ldb_asprintf/set_errstring: NULL Base DN invalid for a base search
ldb_wrap open of hklm.ldb
ldb: start ldb transaction (nesting: 0)
ldb: ldb_trace_request: (tdb)-start_transaction
ldb: start ldb transaction error: (null)
ldb: ldb_trace_request: ADD
dn: @ATTRIBUTES
changetype: add
key: CASE_INSENSITIVE
value: CASE_INSENSITIVE


 control: NONE

ldb: ldb_trace_request: (tdb)-add
ldb: ldb_trace_request: (tdb)-prepare_commit
ldb: commit ldb transaction (nesting: 0)
ldb: ldb_trace_request: (tdb)-end_transaction
Key 'key=SOFTWARE,hive=NONE' not found
key added: key=SOFTWARE,hive=NONE
Key 'key=Microsoft,key=SOFTWARE,hive=NONE' not found
key added: key=Microsoft,key=SOFTWARE,hive=NONE
Key 'key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
key added: key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE
Key 'key=CurrentVersion,key=Windows
NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
key added: key=CurrentVersion,key=Windows
NT,key=Microsoft,key=SOFTWARE,hive=NONE
About to write CurrentVersion with type (null), length 3: 6.1
Key 'key=SYSTEM,hive=NONE' not found
key added: key=SYSTEM,hive=NONE
Key 'key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
About to write ProductType with type (null), length 8: LanmanNT
Key 'key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not
found
key added: key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Terminal
Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=Terminal
Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
About to write RefusePasswordChange with type dword, length 8: 
Key 'key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
lpcfg_servicenumber: couldn't find ldb
lpcfg_servicenumber: couldn't find ldb
lpcfg_servicenumber: couldn't find ldb
lpcfg_servicenumber: couldn't find ldb
partition_metadata: Migrating partition metadata
krb5_init_context failed (Invalid argument)
smb_krb5_context_init_basic failed (Invalid argument)
talloc: access after free error - first free may be at @ �3
Bad talloc magic value - access after free
Aborted

Is there something special to be done prior to the domain join command?
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] domain RODC fails with default provisioning

2013-07-10 Thread Andreas Calvo

Nevermind, it was an incorrect krb5.conf on the RODC (hence the krb5 init
fail).


On Wed, Jul 10, 2013 at 5:27 PM, Andreas Calvo flipy@gmail.com wrote:

 We're evaluating joining another samba domain controller in read-only mode.
 With a default provisioning, when running the samba-tool domain RODC, it
 fails with the following error:
 ldb: ldb_trace_request: (tdb)-search
 ldb: ldb_asprintf/set_errstring: NULL Base DN invalid for a base search
 ldb_wrap open of hklm.ldb
 ldb: start ldb transaction (nesting: 0)
 ldb: ldb_trace_request: (tdb)-start_transaction
 ldb: start ldb transaction error: (null)
 ldb: ldb_trace_request: ADD
 dn: @ATTRIBUTES
 changetype: add
 key: CASE_INSENSITIVE
 value: CASE_INSENSITIVE


  control: NONE

 ldb: ldb_trace_request: (tdb)-add
 ldb: ldb_trace_request: (tdb)-prepare_commit
 ldb: commit ldb transaction (nesting: 0)
 ldb: ldb_trace_request: (tdb)-end_transaction
 Key 'key=SOFTWARE,hive=NONE' not found
 key added: key=SOFTWARE,hive=NONE
 Key 'key=Microsoft,key=SOFTWARE,hive=NONE' not found
 key added: key=Microsoft,key=SOFTWARE,hive=NONE
 Key 'key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
 key added: key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE
 Key 'key=CurrentVersion,key=Windows
 NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
 key added: key=CurrentVersion,key=Windows
 NT,key=Microsoft,key=SOFTWARE,hive=NONE
 About to write CurrentVersion with type (null), length 3: 6.1
 Key 'key=SYSTEM,hive=NONE' not found
 key added: key=SYSTEM,hive=NONE
 Key 'key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key
 'key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 About to write ProductType with type (null), length 8: LanmanNT
 Key 'key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not
 found
 key added: key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Terminal
 Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=Terminal
 Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key
 'key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 About to write RefusePasswordChange with type dword, length 8: 
 Key 'key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key
 'key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 lpcfg_servicenumber: couldn't find ldb
 lpcfg_servicenumber: couldn't find ldb
 lpcfg_servicenumber: couldn't find ldb
 lpcfg_servicenumber: couldn't find ldb
 partition_metadata: Migrating partition metadata
 krb5_init_context failed (Invalid argument)
 smb_krb5_context_init_basic failed (Invalid argument)
 talloc: access after free error - first free may be at @ �3
 Bad talloc magic value - access after free
 Aborted

 Is there something special to be done prior to the domain join command?




-- 
Atentamente,
Andreas Calvo
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

2013-07-10 Thread Jonathan Buzzard

On Wed, 2013-07-10 at 11:38 -0300, Nicolas Pagliaro wrote:
 Samba 3.0.6.9 is the version I have in yum.

No you don't.

 Is this version ok to act as a member server? Or I should install 3.0.2?
 

Eh, what are you talking about. If you have the latest CentOS 6.4 then
yum should be bringing in a 3.6.9-151 version of Samba, which is
perfectly adequate as a member file server in an 2008 domain.

JAB.

-- 
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

2013-07-10 Thread Nicolas Pagliaro

Sorry. 3.6.9
That will work like a member?
That was the first try and wbinfo -u doesn't work. 
The join to the domain work ok but I can't see the users

Enviado desde mi iPhone

El 10/07/2013, a las 13:14, Jonathan Buzzard jonat...@buzzard.me.uk 
escribió:

 On Wed, 2013-07-10 at 11:38 -0300, Nicolas Pagliaro wrote:
 Samba 3.0.6.9 is the version I have in yum.
 
 No you don't.
 
 Is this version ok to act as a member server? Or I should install 3.0.2?
 
 Eh, what are you talking about. If you have the latest CentOS 6.4 then
 yum should be bringing in a 3.6.9-151 version of Samba, which is
 perfectly adequate as a member file server in an 2008 domain.
 
 JAB.
 
 -- 
 Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
 Fife, United Kingdom.
 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

2013-07-10 Thread Jonn Taylor



On 7/10/2013 11:49 AM, Nicolas Pagliaro wrote:

Sorry. 3.6.9
That will work like a member?
That was the first try and wbinfo -u doesn't work.
The join to the domain work ok but I can't see the users

Did you restart winbind after the join?


Enviado desde mi iPhone

El 10/07/2013, a las 13:14, Jonathan Buzzard jonat...@buzzard.me.uk 
escribió:


On Wed, 2013-07-10 at 11:38 -0300, Nicolas Pagliaro wrote:

Samba 3.0.6.9 is the version I have in yum.

No you don't.


Is this version ok to act as a member server? Or I should install 3.0.2?

Eh, what are you talking about. If you have the latest CentOS 6.4 then
yum should be bringing in a 3.6.9-151 version of Samba, which is
perfectly adequate as a member file server in an 2008 domain.

JAB.

--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

2013-07-10 Thread Nicolas Pagliaro

Great! Now I have samba 3.6.9 running from my yum package
I have wbinfo -u and wbinfo -t running but getent passwd only show my local 
users.
Any idea?

-Mensaje original-
De: Jonn Taylor [mailto:jo...@taylortelephone.com] 
Enviado el: miércoles, 10 de julio de 2013 15:34
Para: Nicolas Pagliaro
CC: Jonathan Buzzard; samba@lists.samba.org
Asunto: Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008


On 7/10/2013 11:49 AM, Nicolas Pagliaro wrote:
 Sorry. 3.6.9
 That will work like a member?
 That was the first try and wbinfo -u doesn't work.
 The join to the domain work ok but I can't see the users
Did you restart winbind after the join?

 Enviado desde mi iPhone

 El 10/07/2013, a las 13:14, Jonathan Buzzard jonat...@buzzard.me.uk 
 escribió:

 On Wed, 2013-07-10 at 11:38 -0300, Nicolas Pagliaro wrote:
 Samba 3.0.6.9 is the version I have in yum.
 No you don't.

 Is this version ok to act as a member server? Or I should install 3.0.2?
 Eh, what are you talking about. If you have the latest CentOS 6.4 
 then yum should be bringing in a 3.6.9-151 version of Samba, which is 
 perfectly adequate as a member file server in an 2008 domain.

 JAB.

 -- 
 Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
 Fife, United Kingdom.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

2013-07-10 Thread Nicolas Pagliaro

Now it works!! I forget to add this in smb.conf
   idmap uid = 16777216-43554431
   idmap gid = 16777216-43554431

I am not sure which range to use...

-Mensaje original-
De: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] En 
nombre de Nicolas Pagliaro
Enviado el: miércoles, 10 de julio de 2013 15:54
Para: Jonn Taylor
CC: samba@lists.samba.org
Asunto: Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

Great! Now I have samba 3.6.9 running from my yum package I have wbinfo -u and 
wbinfo -t running but getent passwd only show my local users.
Any idea?

-Mensaje original-
De: Jonn Taylor [mailto:jo...@taylortelephone.com]
Enviado el: miércoles, 10 de julio de 2013 15:34
Para: Nicolas Pagliaro
CC: Jonathan Buzzard; samba@lists.samba.org
Asunto: Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008


On 7/10/2013 11:49 AM, Nicolas Pagliaro wrote:
 Sorry. 3.6.9
 That will work like a member?
 That was the first try and wbinfo -u doesn't work.
 The join to the domain work ok but I can't see the users
Did you restart winbind after the join?

 Enviado desde mi iPhone

 El 10/07/2013, a las 13:14, Jonathan Buzzard jonat...@buzzard.me.uk 
 escribió:

 On Wed, 2013-07-10 at 11:38 -0300, Nicolas Pagliaro wrote:
 Samba 3.0.6.9 is the version I have in yum.
 No you don't.

 Is this version ok to act as a member server? Or I should install 3.0.2?
 Eh, what are you talking about. If you have the latest CentOS 6.4 
 then yum should be bringing in a 3.6.9-151 version of Samba, which is 
 perfectly adequate as a member file server in an 2008 domain.

 JAB.

 -- 
 Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
 Fife, United Kingdom.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] [PLEASE TEST] Samba AD DC winbind hangs and timeouts

2013-07-10 Thread Andrew Bartlett

A number of patches aimed at fixing the nasty set of hangs, timeouts and
crashes hitting our winbind implementation in the AD DC have been merged
into master.  It would be really, really helpful if you could re-test
master and see if your specific problem has been addressed.  (It turns
out there are multiple overlapping issues here, which all seem to have
been uncovered by the one interfaces patch). 

If not, we will continue to chase this down, otherwise this should allow
us to merge the fixes into 4.0 and the new 4.1 branch.

Thanks,

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Losing Permissions of Files

2013-07-10 Thread viranit

Thanks everyone. The changes suggested seems to have done the trick.

Tanveer



--
View this message in context: 
http://samba.2283325.n4.nabble.com/Losing-Permissions-of-Files-tp4649847p4650904.html
Sent from the Samba - General mailing list archive at Nabble.com.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] domain RODC fails with default provisioning

2013-07-10 Thread Andrew Bartlett

On Wed, 2013-07-10 at 17:27 +0200, Andreas Calvo wrote:
 We're evaluating joining another samba domain controller in read-only mode.
 With a default provisioning, when running the samba-tool domain RODC, it
 fails with the following error:
 ldb: ldb_trace_request: (tdb)-search
 ldb: ldb_asprintf/set_errstring: NULL Base DN invalid for a base search
 ldb_wrap open of hklm.ldb
 ldb: start ldb transaction (nesting: 0)
 ldb: ldb_trace_request: (tdb)-start_transaction
 ldb: start ldb transaction error: (null)
 ldb: ldb_trace_request: ADD
 dn: @ATTRIBUTES
 changetype: add
 key: CASE_INSENSITIVE
 value: CASE_INSENSITIVE
 
 
  control: NONE
 
 ldb: ldb_trace_request: (tdb)-add
 ldb: ldb_trace_request: (tdb)-prepare_commit
 ldb: commit ldb transaction (nesting: 0)
 ldb: ldb_trace_request: (tdb)-end_transaction
 Key 'key=SOFTWARE,hive=NONE' not found
 key added: key=SOFTWARE,hive=NONE
 Key 'key=Microsoft,key=SOFTWARE,hive=NONE' not found
 key added: key=Microsoft,key=SOFTWARE,hive=NONE
 Key 'key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
 key added: key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE
 Key 'key=CurrentVersion,key=Windows
 NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
 key added: key=CurrentVersion,key=Windows
 NT,key=Microsoft,key=SOFTWARE,hive=NONE
 About to write CurrentVersion with type (null), length 3: 6.1
 Key 'key=SYSTEM,hive=NONE' not found
 key added: key=SYSTEM,hive=NONE
 Key 'key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key
 'key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 About to write ProductType with type (null), length 8: LanmanNT
 Key 'key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not
 found
 key added: key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Terminal
 Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=Terminal
 Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
 key added: key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key 'key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key
 'key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 About to write RefusePasswordChange with type dword, length 8: 
 Key 'key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 Key
 'key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
 not found
 key added:
 key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
 lpcfg_servicenumber: couldn't find ldb
 lpcfg_servicenumber: couldn't find ldb
 lpcfg_servicenumber: couldn't find ldb
 lpcfg_servicenumber: couldn't find ldb
 partition_metadata: Migrating partition metadata
 krb5_init_context failed (Invalid argument)
 smb_krb5_context_init_basic failed (Invalid argument)
 talloc: access after free error - first free may be at @ �3
 Bad talloc magic value - access after free
 Aborted
 
 Is there something special to be done prior to the domain join command?

Can you re-run this under valgrind?  While krb5_init_context should not
fail (I did see your reply), it also shouldn't cause a crash, and we can
at least fix that much. 

Thanks,

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] About NAS versus Samba

2013-07-10 Thread Fernando Lozano

Hi there,

Has anyone tried to configure a NAS server to authenticate users using a
Samba PDC, or even a Samba4 DC (AD-compatible) or an IPA server?

I'm evaluating replacing some Linux file server for a NAS product, but
all them make me nervous when the vendor talks about Active Directory
support and nothing else.

In theory, many NASes are Linux boxes running samba, so there shouldn't
be a problem, except if the web admin interface won't support a samba DC
setup and I won't have SSH access to configure the NAS samba myself.

So I'm asking if someone there has had any real experience, be it using
Fedora, CentOS or RHEL as the Samba3 PDC or Samba4 DC.


PS: I'm cross-posting because I asked before on the samba mailing list
and nobody cared to answer. Or nobody has had any real experience. I'm
hoing many sysadmins on the Fedora list also works on companies with
RHEL or CentOS and had a real experience to share.


[]s, Fernando Lozano

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] About NAS versus Samba

2013-07-10 Thread Chris Weiss

On Wed, Jul 10, 2013 at 8:44 PM, Fernando Lozano ferna...@lozano.eti.br wrote:
 Hi there,

 Has anyone tried to configure a NAS server to authenticate users using a
 Samba PDC, or even a Samba4 DC (AD-compatible) or an IPA server?

not in a while, but I have done a samba 3 DC

 I'm evaluating replacing some Linux file server for a NAS product, but
 all them make me nervous when the vendor talks about Active Directory
 support and nothing else.

if 3rd party support is your concern, why are you using fedora instead of RHEL?

 In theory, many NASes are Linux boxes running samba, so there shouldn't
 be a problem, except if the web admin interface won't support a samba DC
 setup and I won't have SSH access to configure the NAS samba myself.

a cheaper nas will probably use samba, but not all NASs do.  there are
several commercial SMB/CIFS implementation out there.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] About NAS versus Samba

2013-07-10 Thread Jeremy Allison

On Wed, Jul 10, 2013 at 10:17:56PM -0500, Chris Weiss wrote:
 
 a cheaper nas will probably use samba,

Or a very expensive one :-). Samba is used mainly in the
low end NAS (due to cost), or extremely high end NAS
(due to flexibility for the vendor to make it do *anything* :-)

 but not all NASs do.  there are
 several commercial SMB/CIFS implementation out there.

Sure, but non available to buy as a software-only 
product to my knowledge. They all come with hardware
attached :-).

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] About NAS versus Samba

2013-07-10 Thread fernando


Hi Cris,


Hi there, Has anyone tried to configure a NAS server to authenticate
users using a Samba PDC, or even a Samba4 DC (AD-compatible) or an 
IPA

server?


not in a while, but I have done a samba 3 DC


This was not my question. I'm ok running samba 3 DCs. :-)

Have you ever configured a NAS so it would authenticate users from your 
Samba DC and them serve SMB file shares (aka network drives) to Windows 
desktops?



I'm evaluating replacing some Linux file server for a NAS product, 
but
all them make me nervous when the vendor talks about Active 
Directory

support and nothing else.


if 3rd party support is your concern, why are you using fedora 
instead of

RHEL?


Are you trying to sell me RHEL subscriptions or help me with my 
question? ;-) Anything wrong about asking about Fedora on a Fedora list, 
or any server issue is forbidden for Fedora users? ;-)


AFAIK it shouldn't matter, from a technical perspective, if the samba 
DC runs Fedora, Debian, Slackware, RHEL, SuSE, Ubuntu, Solaris, 
whatever. I am not talking about OS level FC drivers or iSCSI 
initiators. Either a NAS will be compatible with Samba3, Samba4, both or 
neither. This depends on the SMB and MSRPC features needed by the NAS, 
all them application level protocols, not kernel modules. If I'll need 
Red Hat support for managing this system is another, unrelated, 
question.


If the NAS vendors state they suṕport RHEL, that's not que question 
either, as supporting RHEL could mean the RHEL linux kernel smbfs and 
cifsfs driver talks to the NAS, not the NAS talks to the Samba DC. Or 
else, RHEL support may mean just that the NAS talks NFS and so a RHEL 
machine can mount volumes from tne NAS. That's not what I want.


Most times I see linux servers they are simply members of a MSAD 
domain, not the DC themselves. But mine are. All vendors I talked to 
assume MSAD, and don't know about Samba. :-(


Anyway Fedora is my desktop system and development workstation. The DC 
in question runs RHEL. But if this works I can try someday using Fedora 
or CentOS with the same (or other) NAS.




In theory, many NASes are Linux boxes running samba, so there
shouldn't be a problem, except if the web admin interface won't 
support
a samba DC setup and I won't have SSH access to configure the NAS 
samba

myself



a cheaper nas will probably use samba, but not all NASs do. there are
several commercial SMB/CIFS implementation out there.


At least iomega/lenovo/emc state their NAS runs Samba. And a lot of 
less know vendors also. I'll buy a single, cheap NAS, not a high end EMC 
rack full of boxes. :-)


But... will any NAS you know work with a Samba DC, or else, using an 
IPA server? Or will they only work with Microsoft Windows Server AD?


All vendors I contacted talk only about MS Active Directory. They don't 
even know about NT4-style domains, which would mean a Samba3 DC should 
work. Besides, AFAIK a Samba4 DC isn't supported by RHEL at all -- 
that's why I included IPA in my question -- I'd have to use Sernet 
packages for Samba4. Even then, Samba4 is very new, I don't know if a 
NAS implementation would accept it in place of a MSAD DC.


Most vendors talk to me about vmware, exchange and sql server support. 
They offer me windows-only backup servers and the like. Some even offer 
me SAP R/3 agents, while my ERP is another one. They can only follow 
their standard script for windows shops. So I ask for the collective 
knowledge from the Fedora and Samba lists... can anyone tell me I tried 
this NAS and it worked? Or should I better forget about this and keep 
using cheap intel boxes as file servers?


Am I the first linux sysadmin in the world who's considering to have a 
NAS replacing some file servers but keeping his samba DCs?



[]s, Fernando Lozano

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[SCM] Samba Shared Repository - branch master updated

2013-07-10 Thread Stefan Metzmacher

The branch, master has been updated
   via  e6a58d3 s4:rpc_server: make sure we don't terminate a connection 
with pending requests (bug #9820)
   via  2505d48 s4-winbindd: Do not terminate a connection that is still 
pending (bug #9820)
   via  df929d6 service_stream: Log if the connection termination is 
deferred or not (bug #9820)
  from  577cef8 s3-smbstatus: display [u|g]id of -1 as -1 in connection 
list

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit e6a58d370403e818bc2cfb8389751b78adcc14fd
Author: Stefan Metzmacher me...@samba.org
Date:   Tue Jul 9 16:38:59 2013 +0200

s4:rpc_server: make sure we don't terminate a connection with pending 
requests (bug #9820)

Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104

commit 2505d48e4fbcd8a805a88ad0b05fb1a16a588197
Author: Andrew Bartlett abart...@samba.org
Date:   Thu Jun 27 11:28:03 2013 +1000

s4-winbindd: Do not terminate a connection that is still pending (bug #9820)

Instead, wait until the call attempts to reply, and let it terminate then

(often this happens in the attempt to then write to the broken pipe).

Andrew Bartlett

Pair-Programmed-With: Stefan Metzmacher me...@samba.org

Signed-off-by: Andrew Bartlett abart...@samba.org
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org

commit df929d6feb857668ad9da277213e9fae1480ff63
Author: Andrew Bartlett abart...@samba.org
Date:   Thu Jun 27 11:27:03 2013 +1000

service_stream: Log if the connection termination is deferred or not (bug 
#9820)

Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org

---

Summary of changes:
 source4/rpc_server/dcerpc_server.c   |   55 -
 source4/rpc_server/dcerpc_server.h   |8 -
 source4/smbd/service_stream.c|6 +++-
 source4/winbind/wb_samba3_protocol.c |5 +++
 source4/winbind/wb_server.c  |   51 ++-
 source4/winbind/wb_server.h  |   10 +-
 6 files changed, 129 insertions(+), 6 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/rpc_server/dcerpc_server.c 
b/source4/rpc_server/dcerpc_server.c
index 389cbe3..10e711b 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -386,6 +386,8 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct 
dcesrv_context *dce_ctx,
return NT_STATUS_NO_MEMORY;
}
 
+   p-prev = NULL;
+   p-next = NULL;
p-dce_ctx = dce_ctx;
p-endpoint = ep;
p-contexts = NULL;
@@ -402,7 +404,7 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct 
dcesrv_context *dce_ctx,
p-event_ctx = event_ctx;
p-msg_ctx = msg_ctx;
p-server_id = server_id;
-   p-processing = false;
+   p-terminate = NULL;
p-state_flags = state_flags;
ZERO_STRUCT(p-transport);
 
@@ -1143,6 +1145,7 @@ _PUBLIC_ NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx,
dce_ctx-lp_ctx = lp_ctx;
dce_ctx-assoc_groups_idr = idr_init(dce_ctx);
NT_STATUS_HAVE_NO_MEMORY(dce_ctx-assoc_groups_idr);
+   dce_ctx-broken_connections = NULL;
 
for (i=0;endpoint_servers[i];i++) {
const struct dcesrv_endpoint_server *ep_server;
@@ -1269,12 +1272,45 @@ const struct dcesrv_critical_sizes 
*dcerpc_module_version(void)
 
 static void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn, 
const char *reason)
 {
+   struct dcesrv_context *dce_ctx = dce_conn-dce_ctx;
struct stream_connection *srv_conn;
srv_conn = talloc_get_type(dce_conn-transport.private_data,
   struct stream_connection);
 
-   stream_terminate_connection(srv_conn, reason);
+   if (dce_conn-pending_call_list == NULL) {
+   char *full_reason = talloc_asprintf(dce_conn, dcesrv: %s, 
reason);
+
+   DLIST_REMOVE(dce_ctx-broken_connections, dce_conn);
+   stream_terminate_connection(srv_conn, full_reason ? full_reason 
: reason);
+   return;
+   }
+
+   if (dce_conn-terminate != NULL) {
+   return;
+   }
+
+   DEBUG(3,(dcesrv: terminating connection due to '%s' defered due to 
pending calls\n,
+reason));
+   dce_conn-terminate = talloc_strdup(dce_conn, reason);
+   if

autobuild: intermittent test failure detected

2013-07-10 Thread autobuild

The autobuild test system has detected an intermittent failing test in 
the current master tree.

The autobuild log of the failure is available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1344/flakey.log

The samba3 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1344/samba3.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-1344/samba3.stdout

The source4 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1344/samba.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-1344/samba.stdout
  
The top commit at the time of the failure was:

commit e6a58d370403e818bc2cfb8389751b78adcc14fd
Author: Stefan Metzmacher me...@samba.org
Date:   Tue Jul 9 16:38:59 2013 +0200

s4:rpc_server: make sure we don't terminate a connection with pending 
requests (bug #9820)

Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104

autobuild: intermittent test failure detected

2013-07-10 Thread autobuild

The autobuild test system has detected an intermittent failing test in 
the current master tree.

The autobuild log of the failure is available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1445/flakey.log

The samba3 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1445/samba3.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-1445/samba3.stdout

The source4 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1445/samba.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-1445/samba.stdout
  
The top commit at the time of the failure was:

commit e6a58d370403e818bc2cfb8389751b78adcc14fd
Author: Stefan Metzmacher me...@samba.org
Date:   Tue Jul 9 16:38:59 2013 +0200

s4:rpc_server: make sure we don't terminate a connection with pending 
requests (bug #9820)

Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104

[SCM] Samba Shared Repository - branch master updated

2013-07-10 Thread Simo Sorce

The branch, master has been updated
   via  1573638 Fix typos in man-pages
  from  e6a58d3 s4:rpc_server: make sure we don't terminate a connection 
with pending requests (bug #9820)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 1573638212a9733a44939a4d38a226f38dca36f1
Author: Michele Baldessari mich...@acksyn.org
Date:   Tue Jul 9 23:23:33 2013 +0200

Fix typos in man-pages

Fix some typos in the man-pages.

Signed-off-by: Michele Baldessari mich...@acksyn.org
Reviewed-by: Simo Sorce i...@samba.org

Autobuild-User(master): Simo Sorce i...@samba.org
Autobuild-Date(master): Wed Jul 10 16:45:07 CEST 2013 on sn-devel-104

---

Summary of changes:
 docs-xml/manpages/dbwrap_tool.1.xml  |2 +-
 docs-xml/manpages/idmap_autorid.8.xml|2 +-
 docs-xml/manpages/net.8.xml  |2 +-
 docs-xml/manpages/pdbedit.8.xml  |2 +-
 docs-xml/manpages/samba.7.xml|2 +-
 docs-xml/manpages/smbclient.1.xml|2 +-
 docs-xml/manpages/smbpasswd.5.xml|2 +-
 docs-xml/manpages/vfs_smb_traffic_analyzer.8.xml |2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/manpages/dbwrap_tool.1.xml 
b/docs-xml/manpages/dbwrap_tool.1.xml
index e2b2cee..a1a2f97 100644
--- a/docs-xml/manpages/dbwrap_tool.1.xml
+++ b/docs-xml/manpages/dbwrap_tool.1.xml
@@ -49,7 +49,7 @@
listitemparafetch: fetch a record/para/listitem
listitemparastore: create or modify a 
record/para/listitem
listitemparadelete: remove a record/para/listitem
-   listitemparaexists: test for existance of a 
record/para/listitem
+   listitemparaexists: test for existence of a 
record/para/listitem
listitemparaerase: remove all records/para/listitem
listitemparalistkeys: list all available 
records/para/listitem
listitemparalistwatchers: list processes, which are waiting 
for changes in a record/para/listitem
diff --git a/docs-xml/manpages/idmap_autorid.8.xml 
b/docs-xml/manpages/idmap_autorid.8.xml
index c35f903..7446d53 100644
--- a/docs-xml/manpages/idmap_autorid.8.xml
+++ b/docs-xml/manpages/idmap_autorid.8.xml
@@ -109,7 +109,7 @@
titleEXAMPLES/title
para
This example shows you the minimal configuration that will
-   work for the principial domain and 19 trusted domains / range
+   work for the principal domain and 19 trusted domains / range
extensions.
/para
 
diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml
index dd5b3ab..0df2e07 100644
--- a/docs-xml/manpages/net.8.xml
+++ b/docs-xml/manpages/net.8.xml
@@ -1671,7 +1671,7 @@ shares created by other users.
 
 paraStarting with version 3.2.0, a Samba server can be configured by data
 stored in registry. This configuration data can be edited with the new net
-conf commands. There is also the possiblity to configure a remote Samba server
+conf commands. There is also the possibility to configure a remote Samba 
server
 by enabling the RPC conf mode and specifying the the address of the remote 
server.
 /para
 
diff --git a/docs-xml/manpages/pdbedit.8.xml b/docs-xml/manpages/pdbedit.8.xml
index 4bb3751..c5d6b23 100644
--- a/docs-xml/manpages/pdbedit.8.xml
+++ b/docs-xml/manpages/pdbedit.8.xml
@@ -289,7 +289,7 @@ retype new password
 /programlisting
 /para
 
-   noteparapdbedit does not call the unix password 
syncronisation 
+   noteparapdbedit does not call the unix password 
synchronization 
script if smbconfoption name=unix password 
sync/
has been set. It only updates the data in the 
Samba 
user database. 
diff --git a/docs-xml/manpages/samba.7.xml b/docs-xml/manpages/samba.7.xml
index 9299660..cedb4e4 100644
--- a/docs-xml/manpages/samba.7.xml
+++ b/docs-xml/manpages/samba.7.xml
@@ -91,7 +91,7 @@
manvolnum8/manvolnum/citerefentry/term
listitemparaThe commandsamba-tool/command
is the main Samba Administration tool regarding
-   Acitive Directory services./para
+   Active Directory services./para
/listitem
/varlistentry
 
diff --git a/docs-xml/manpages/smbclient.1.xml 
b/docs-xml/manpages/smbclient.1.xml
index 328fd50..b222c56 100644
--- a/docs-xml/manpages/smbclient.1.xml
+++ b/docs-xml/manpages/smbclient.1.xml
@@ -564,7 +564,7 @@
sent to the server on directory listings and file opens. If
the backup intent flag is true, the server will try and
bypass

autobuild: intermittent test failure detected

2013-07-10 Thread autobuild

The autobuild test system has detected an intermittent failing test in 
the current master tree.

The autobuild log of the failure is available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1830/flakey.log

The samba3 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1830/samba3.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-1830/samba3.stdout

The source4 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-1830/samba.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-1830/samba.stdout
  
The top commit at the time of the failure was:

commit 1573638212a9733a44939a4d38a226f38dca36f1
Author: Michele Baldessari mich...@acksyn.org
Date:   Tue Jul 9 23:23:33 2013 +0200

Fix typos in man-pages

Fix some typos in the man-pages.

Signed-off-by: Michele Baldessari mich...@acksyn.org
Reviewed-by: Simo Sorce i...@samba.org

Autobuild-User(master): Simo Sorce i...@samba.org
Autobuild-Date(master): Wed Jul 10 16:45:07 CEST 2013 on sn-devel-104

autobuild: intermittent test failure detected

2013-07-10 Thread autobuild

The autobuild test system has detected an intermittent failing test in 
the current master tree.

The autobuild log of the failure is available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-2044/flakey.log

The samba3 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-2044/samba3.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-2044/samba3.stdout

The source4 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-10-2044/samba.stderr
   http://git.samba.org/autobuild.flakey/2013-07-10-2044/samba.stdout
  
The top commit at the time of the failure was:

commit 1573638212a9733a44939a4d38a226f38dca36f1
Author: Michele Baldessari mich...@acksyn.org
Date:   Tue Jul 9 23:23:33 2013 +0200

Fix typos in man-pages

Fix some typos in the man-pages.

Signed-off-by: Michele Baldessari mich...@acksyn.org
Reviewed-by: Simo Sorce i...@samba.org

Autobuild-User(master): Simo Sorce i...@samba.org
Autobuild-Date(master): Wed Jul 10 16:45:07 CEST 2013 on sn-devel-104

[SCM] Samba Shared Repository - branch master updated

2013-07-10 Thread Stefan Metzmacher

The branch, master has been updated
   via  596b51c s4:server: avoid calling into nss_winbind from within 
'samba'
  from  1573638 Fix typos in man-pages

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 596b51c666e549fb518d92931d8837922154a2fe
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 10 14:48:18 2013 +0200

s4:server: avoid calling into nss_winbind from within 'samba'

The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().

As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104

---

Summary of changes:
 file_server/file_server.c |9 +
 source4/smbd/server.c |7 +++
 2 files changed, 16 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/file_server/file_server.c b/file_server/file_server.c
index 5d44d5a..aab5f39 100644
--- a/file_server/file_server.c
+++ b/file_server/file_server.c
@@ -28,6 +28,7 @@
 #include source4/smbd/process_model.h
 #include file_server/file_server.h
 #include dynconfig.h
+#include nsswitch/winbind_client.h
 
 /*
   called if smbd exits
@@ -64,6 +65,8 @@ static void s3fs_task_init(struct task_server *task)
smbd_path = talloc_asprintf(task, %s/smbd, dyn_SBINDIR);
smbd_cmd[0] = smbd_path;
 
+   /* the child should be able to call through nss_winbind */
+   (void)winbind_on();
/* start it as a child process */
subreq = samba_runcmd_send(task, task-event_ctx, timeval_zero(), 1, 0,
smbd_cmd,
@@ -72,6 +75,12 @@ static void s3fs_task_init(struct task_server *task)
--foreground,

debug_get_output_is_stdout()?--log-stdout:NULL,
NULL);
+   /* the parent should not be able to call through nss_winbind */
+   if (!winbind_off()) {
+   DEBUG(0,(Failed to re-disable recursive winbindd calls after 
forking smbd\n));
+   task_server_terminate(task, Failed to re-disable recursive 
winbindd calls, true);
+   return;
+   }
if (subreq == NULL) {
DEBUG(0, (Failed to start smbd as child daemon\n));
task_server_terminate(task, Failed to startup s3fs smb task, 
true);
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 0ad3e6b..37aac62 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -43,6 +43,7 @@
 #include cluster/cluster.h
 #include dynconfig/dynconfig.h
 #include lib/util/samba_modules.h
+#include nsswitch/winbind_client.h
 
 /*
   recursively delete a directory tree
@@ -402,6 +403,12 @@ static int binary_smbd_main(const char *binary_name, int 
argc, const char *argv[
}
}
 
+   /* make sure we won't go through nss_winbind */
+   if (!winbind_off()) {
+   DEBUG(0,(Failed to disable recusive winbindd calls.  
Exiting.\n));
+   exit(1);
+   }
+
gensec_init(); /* FIXME: */
 
ntptr_init();   /* FIXME: maybe run this in the initialization function 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

2013-07-10 Thread Andrew Bartlett

The branch, master has been updated
   via  6ac6bf9 docs: Bump version in meta data up to 4.1.
  from  596b51c s4:server: avoid calling into nss_winbind from within 
'samba'

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 6ac6bf9c8c59fa679436d0d674a1b4525b4c6dbb
Author: Karolin Seeger ksee...@samba.org
Date:   Mon Jul 8 09:07:32 2013 +0200

docs: Bump version in meta data up to 4.1.

Signed-off-by: Karolin Seeger ksee...@samba.org

Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Jul 11 02:53:34 CEST 2013 on sn-devel-104

---

Summary of changes:
 docs-xml/manpages/dbwrap_tool.1.xml  |2 +-
 docs-xml/manpages/eventlogadm.8.xml  |2 +-
 docs-xml/manpages/findsmb.1.xml  |2 +-
 docs-xml/manpages/idmap_ad.8.xml |2 +-
 docs-xml/manpages/idmap_autorid.8.xml|2 +-
 docs-xml/manpages/idmap_hash.8.xml   |2 +-
 docs-xml/manpages/idmap_ldap.8.xml   |2 +-
 docs-xml/manpages/idmap_nss.8.xml|2 +-
 docs-xml/manpages/idmap_rfc2307.8.xml|2 +-
 docs-xml/manpages/idmap_rid.8.xml|2 +-
 docs-xml/manpages/idmap_tdb.8.xml|2 +-
 docs-xml/manpages/idmap_tdb2.8.xml   |2 +-
 docs-xml/manpages/libsmbclient.7.xml |2 +-
 docs-xml/manpages/lmhosts.5.xml  |2 +-
 docs-xml/manpages/log2pcap.1.xml |2 +-
 docs-xml/manpages/net.8.xml  |2 +-
 docs-xml/manpages/nmbd.8.xml |2 +-
 docs-xml/manpages/nmblookup.1.xml|2 +-
 docs-xml/manpages/ntlm_auth.1.xml|2 +-
 docs-xml/manpages/pam_winbind.8.xml  |2 +-
 docs-xml/manpages/pam_winbind.conf.5.xml |2 +-
 docs-xml/manpages/pdbedit.8.xml  |2 +-
 docs-xml/manpages/profiles.1.xml |2 +-
 docs-xml/manpages/rpcclient.1.xml|2 +-
 docs-xml/manpages/samba-tool.8.xml   |2 +-
 docs-xml/manpages/samba.7.xml|2 +-
 docs-xml/manpages/samba.8.xml|2 +-
 docs-xml/manpages/sharesec.1.xml |2 +-
 docs-xml/manpages/smb.conf.5.xml |2 +-
 docs-xml/manpages/smbcacls.1.xml |2 +-
 docs-xml/manpages/smbclient.1.xml|2 +-
 docs-xml/manpages/smbcontrol.1.xml   |2 +-
 docs-xml/manpages/smbcquotas.1.xml   |2 +-
 docs-xml/manpages/smbd.8.xml |2 +-
 docs-xml/manpages/smbget.1.xml   |2 +-
 docs-xml/manpages/smbgetrc.5.xml |2 +-
 docs-xml/manpages/smbpasswd.5.xml|2 +-
 docs-xml/manpages/smbpasswd.8.xml|2 +-
 docs-xml/manpages/smbspool.8.xml |2 +-
 docs-xml/manpages/smbstatus.1.xml|2 +-
 docs-xml/manpages/smbta-util.8.xml   |2 +-
 docs-xml/manpages/smbtar.1.xml   |2 +-
 docs-xml/manpages/smbtree.1.xml  |2 +-
 docs-xml/manpages/swat.8.xml |2 +-
 docs-xml/manpages/testparm.1.xml |2 +-
 docs-xml/manpages/vfs_acl_tdb.8.xml  |2 +-
 docs-xml/manpages/vfs_acl_xattr.8.xml|2 +-
 docs-xml/manpages/vfs_aio_fork.8.xml |2 +-
 docs-xml/manpages/vfs_aio_linux.8.xml|2 +-
 docs-xml/manpages/vfs_aio_pthread.8.xml  |2 +-
 docs-xml/manpages/vfs_audit.8.xml|2 +-
 docs-xml/manpages/vfs_btrfs.8.xml|2 +-
 docs-xml/manpages/vfs_cacheprime.8.xml   |2 +-
 docs-xml/manpages/vfs_cap.8.xml  |2 +-
 docs-xml/manpages/vfs_catia.8.xml|2 +-
 docs-xml/manpages/vfs_commit.8.xml   |2 +-
 docs-xml/manpages/vfs_crossrename.8.xml  |2 +-
 docs-xml/manpages/vfs_default_quota.8.xml|2 +-
 docs-xml/manpages/vfs_dirsort.8.xml  |2 +-
 docs-xml/manpages/vfs_extd_audit.8.xml   |2 +-
 docs-xml/manpages/vfs_fake_perms.8.xml   |2 +-
 docs-xml/manpages/vfs_fileid.8.xml   |2 +-
 docs-xml/manpages/vfs_full_audit.8.xml   |2 +-
 docs-xml/manpages/vfs_gpfs.8.xml |2 +-
 docs-xml/manpages/vfs_media_harmony.8.xml|2 +-
 docs-xml/manpages/vfs_netatalk.8.xml |2 +-
 docs-xml/manpages/vfs_notify_fam.8.xml   |2 +-
 docs-xml/manpages/vfs_prealloc.8.xml |2 +-
 docs-xml/manpages/vfs_preopen.8.xml  |2 +-

autobuild: intermittent test failure detected

2013-07-10 Thread autobuild

The autobuild test system has detected an intermittent failing test in 
the current master tree.

The autobuild log of the failure is available here:

   http://git.samba.org/autobuild.flakey/2013-07-11-0258/flakey.log

The samba3 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-11-0258/samba3.stderr
   http://git.samba.org/autobuild.flakey/2013-07-11-0258/samba3.stdout

The source4 build logs are available here:

   http://git.samba.org/autobuild.flakey/2013-07-11-0258/samba.stderr
   http://git.samba.org/autobuild.flakey/2013-07-11-0258/samba.stdout
  
The top commit at the time of the failure was:

commit 596b51c666e549fb518d92931d8837922154a2fe
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Jul 10 14:48:18 2013 +0200

s4:server: avoid calling into nss_winbind from within 'samba'

The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().

As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.

Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104

[SCM] CTDB repository - branch master updated - ctdb-2.2-110-g9ffcd6a

2013-07-10 Thread Amitay Isaacs

The branch, master has been updated
   via  9ffcd6a91287d86bae7b0c73aa129c81126e08e7 (commit)
   via  14141b02b61d2783b750ee5b30f9520253e88f09 (commit)
   via  e43a4b7b69a21c4cec2453dcac436b64bf5d7f06 (commit)
   via  30a0040fbb7c4d97d107f0e55c600295c2603a68 (commit)
   via  b6bbfb4c464c39e322830cbbebcc51c225508584 (commit)
   via  e3abc7eebab5cceddc4ce7817890dd5db9be3450 (commit)
   via  c6fded59fa4da67f738a90fdacb51900e41801f9 (commit)
   via  846109169ee5e3d03135156e45c8dac93aa2e95b (commit)
   via  2493f57ce268d6fe7e4c40a87852c347fd60d29e (commit)
   via  fc3689c977f48d7988eed0654fb8e5ce4b8bfc8b (commit)
   via  dc834d5e78c3fb97ae15cddf1139b3c4a4051a7c (commit)
   via  1a74192aa7d51ed99553e7292860027f06b6ef37 (commit)
   via  faabce1b99fb3de9ff03bf54d303e7656538fee3 (commit)
   via  8225b3e77e140db34b52571a95d553d1e59e3f1e (commit)
   via  2211cd94bea266547d3e6f167d3160a6b23bec88 (commit)
   via  a415a1986900135f889efc25ecaf2761b1dae81a (commit)
   via  c711ff4702c5f95b75e4bf030665fc2afffc2f9e (commit)
   via  2bfb8499366d530f16515b08928056bbda40f781 (commit)
   via  6fc36a7036933237d09151a0baf4d8ccd2bc2c99 (commit)
   via  dcc42a75b4638b3aa40c44ed9e0aaae26483e2b0 (commit)
   via  594c421f90ce132c75fbd985872114e4967f92b5 (commit)
   via  26a4653df594d351ca0dc1bd5f5b2f5b0eb0a9a5 (commit)
   via  545a46437dfb2b755bb2fddb11dea8c4ccce3ed7 (commit)
  from  41182623891d74a7e9e9c453183411a161201e67 (commit)

http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master


- Log -
commit 9ffcd6a91287d86bae7b0c73aa129c81126e08e7
Author: Amitay Isaacs ami...@gmail.com
Date:   Thu Jul 11 11:34:46 2013 +1000

Tests: Correct the arguments to memset

Signed-off-by: Amitay Isaacs ami...@gmail.com

commit 14141b02b61d2783b750ee5b30f9520253e88f09
Author: Amitay Isaacs ami...@gmail.com
Date:   Wed Jul 10 14:44:56 2013 +1000

doc: Update NEWS

Signed-off-by: Amitay Isaacs ami...@gmail.com
Pair-programmed-with: Martin Schwenke mar...@meltin.net

commit e43a4b7b69a21c4cec2453dcac436b64bf5d7f06
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 10 17:19:55 2013 +1000

packaging: Add systemd support

Based on an original patch by Sumit Bose sb...@redhat.com.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit 30a0040fbb7c4d97d107f0e55c600295c2603a68
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 10 16:35:53 2013 +1000

build: Turn off all deprecation warnings

The âtevent_loop_allow_nestingâ is deprecated warnings will be
around for a while and are annoying.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit b6bbfb4c464c39e322830cbbebcc51c225508584
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 10 16:30:29 2013 +1000

build: Remove -DTEVENT_DEPRECATED_QUIET=1 from CFLAGS

This reverts the last part of 788cdbddbc902a5b076d23473450065b551d274d
- the rest of this has been implicitly reverted via tevent syncs.
This is just leftover noise.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit e3abc7eebab5cceddc4ce7817890dd5db9be3450
Author: Martin Schwenke mar...@meltin.net
Date:   Tue Jul 9 15:22:07 2013 +1000

initscript: Simpify initscript and control CTDB via new ctdbd_wrapper

Currently the initscript is very complex.  This makes it hard to read
and hard to add support for new init systems, such as systemd.

Create a wrapper called ctdbd_wrapper to be installed alongside ctdbd.
This is called by the initscript to start and stop ctdbd.  It does the
ctdbd option construct and waits until ctdbd is properly initialised
before it exits.

Signed-off-by: Martin Schwenke mar...@meltin.net
Pair-programmed-with: Amitay Isaacs ami...@gmail.com

commit c6fded59fa4da67f738a90fdacb51900e41801f9
Author: Martin Schwenke mar...@meltin.net
Date:   Mon Jul 8 12:45:31 2013 +1000

recoverd: Recovery daemon should use ctdb_get_pnn, which can't fail

Signed-off-by: Martin Schwenke mar...@meltin.net

commit 846109169ee5e3d03135156e45c8dac93aa2e95b
Author: Amitay Isaacs ami...@gmail.com
Date:   Wed Jul 10 12:23:30 2013 +1000

ctdbd: Print tdb flags when logging attached to database message

Signed-off-by: Amitay Isaacs ami...@gmail.com

commit 2493f57ce268d6fe7e4c40a87852c347fd60d29e
Author: Amitay Isaacs ami...@gmail.com
Date:   Tue Jul 9 12:32:53 2013 +1000

ctdbd: Set process names for child processes

This helps distinguish processes in process list in top, perf, etc.

Signed-off-by: Amitay Isaacs ami...@gmail.com

commit fc3689c977f48d7988eed0654fb8e5ce4b8bfc8b
Author: Amitay Isaacs ami...@gmail.com
Date:   Tue Jul 9 12:24:59 2013 +1000

common/system: Add ctdb_set_process_name() function

Signed-off-by: Amitay Isaacs ami...@gmail.com

commit

[Samba] Sync - sysvol and getfacl

Re: [Samba] Sync - sysvol and getfacl

Re: [Samba] Help Samba license

[Samba] Samba4 - File Share

Re: [Samba] Samba4 - File Share

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

[Samba] NT_STATUS_TOO_MANY_OPENED_FILES with Samba 4.0.6 and Internal DNS

Re: [Samba] Help Samba license

[Samba] domain RODC fails with default provisioning

Re: [Samba] domain RODC fails with default provisioning

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

Re: [Samba] Centos 6 + Samba 4 + Memeber server of AD 2008

[Samba] [PLEASE TEST] Samba AD DC winbind hangs and timeouts

Re: [Samba] Losing Permissions of Files

Re: [Samba] domain RODC fails with default provisioning

[Samba] About NAS versus Samba

Re: [Samba] About NAS versus Samba

Re: [Samba] About NAS versus Samba

Re: [Samba] About NAS versus Samba

[SCM] Samba Shared Repository - branch master updated

autobuild: intermittent test failure detected

autobuild: intermittent test failure detected

[SCM] Samba Shared Repository - branch master updated

autobuild: intermittent test failure detected

autobuild: intermittent test failure detected

[SCM] Samba Shared Repository - branch master updated

[SCM] Samba Shared Repository - branch master updated

autobuild: intermittent test failure detected

[SCM] CTDB repository - branch master updated - ctdb-2.2-110-g9ffcd6a

32 matches

Site Navigation

Mail list logo

Footer information