[Samba] Samba 3.0.9 Needs glibC 2.3.4. Where to get IT for RH9
Dear Friends, Today I tried to Upgrade the Samba Server to samba-3.0.9-2.i386.rpm but needs glibc 2.3.4 onwards. Can somebody help me in getting the respective RPM for Red Hat 9.0 Thanks and Best regards. R. S. Patil -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-HOWTO-Collection/StandAloneServer.html#simplynice
Hi, after installing samba i added the config mentioned above. tux / # smbclient -L GANDALF Connection to GANDALF failed tux / # smbclient -L myip Password: Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.7] Sharename Type Comment - --- Error returning browse list: NT_STATUS_NETWORK_ACCESS_DENIED Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.7] Server Comment ---- WorkgroupMaster ---- After reading smb.conf the option passdb backend = guest looks wrong? guest isnt listed as a possibility in the manpage. Ive changed nothing in my passwd/smbpasswd file. Why is it not working? Regards Julius -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-Domainmembers in a Samba-Domain / sambaDomainName=HOSTNAME
Hello, I have running a domain with 3 Subnets and 3 Servers (one per Subnet). Now, I need some Samba-Member Servers. The new Servers used the same LDAP-Configuration as the others, they had a legal Machine-Account and where normally added to the Domain net join domain. All works fine. But: Every new Member-Server creates an own LDAP-Entry under the root-path: sambaDomainName=HOSTNAME Why? matze [global] netbios name = HOSTNAME workgroup = DOMAIN server string = FAXSERVER (%v) security = user wins server = 192.168.1.1 encrypt passwords = yes passdb backend = ldapsam:ldap://first:389 ldap://second:389 ldap://third:389 ldap://fourth:389; ldap admin dn = uid=samba,ou=administration,o=dom,c=com ldap suffix = o=dom,c=com ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap filter = ((uid=%u) (objectclass=sambaSamAccount)) ldap ssl = no ldap delete dn = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba-HOWTO-Collection/StandAloneServer.html#simplynice
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | After reading smb.conf the option passdb backend = guest looks wrong? | guest isnt listed as a possibility in the manpage. | Ive changed nothing in my passwd/smbpasswd file. | Why is it not working? passdb backend tells samba where to find it's records. You need to read up on this. http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html Jim C. - -- - - | I can be reached on the following Instant Messenger services: | |---| | MSN: j_c_llings @ hotmail.com AIM: WyteLi0n ICQ: 123291844 | |---| | Y!: j_c_llingsJabber: jcllings @ njs.netlab.cz| - - -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBxJBr57L0B7uXm9oRAlWBAJ9JZPkLKqonhFyrMsu8S3x+hU/9BQCeNCmp 9yutCrXH38CMx87PhoCi8ro= =FLPR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.9 Needs glibC 2.3.4. Where to get IT for RH9
On Sat, Dec 18, 2004 at 04:26:18PM +0530, R. S. Patil wrote: Dear Friends, Today I tried to Upgrade the Samba Server to samba-3.0.9-2.i386.rpm but needs glibc 2.3.4 onwards. Can somebody help me in getting the respective RPM for Red Hat 9.0 Thanks and Best regards. R. S. Patil I think you should get the srpm and build it for your system. -- Steve Feehan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: svn commit: samba r4261 - in branches/SAMBA_4_0/source: include libcli/raw ntvfs/posix smb_server torture
[EMAIL PROTECTED] schrieb: Author: tridge Date: 2004-12-17 22:47:49 + (Fri, 17 Dec 2004) New Revision: 4261 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4261 Log: added the RAW_FILEINFO_EA_LIST trans2 qfileinfo and qpathinfo level. Interestingly, this level did now show up on our trans2 scanner previously as we didn't have the FLAGS2_EXTENDED_ATTRIBUTES bit set in the client code. Now that we set that bit, new levels appear in windows servers. Modified: branches/SAMBA_4_0/source/include/smb_interfaces.h branches/SAMBA_4_0/source/include/trans2.h branches/SAMBA_4_0/source/libcli/raw/raweas.c branches/SAMBA_4_0/source/libcli/raw/rawfileinfo.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_qfileinfo.c branches/SAMBA_4_0/source/smb_server/trans2.c branches/SAMBA_4_0/source/torture/torture_util.c - /* trans2 RAW_FILEINFO_ALL_EAS interface */ + /* trans2 RAW_FILEINFO_EA_LIST interface */ struct { enum smb_fileinfo_level level; - union smb_fileinfo_in in; + union smb_fileinfo_in file; + struct { + uint_t num_names; + struct ea_name { + WIRE_STRING name; + } *ea_names; + } in; + Hi tridge, reading through the patch union smb_fileinfo_in file is not used, is that correct? how does it apears on the wire? if it's needed I would move it into the in struct to make it more clear that this in an input parameter and also make it consitent with the other unions where we always only have .level, .in and .out. -- metze Stefan Metzmacher metze at samba.org www.samba.org
svn commit: samba r4264 - in branches/SAMBA_4_0/source/ntvfs/posix: .
Author: tridge Date: 2004-12-18 23:31:17 + (Sat, 18 Dec 2004) New Revision: 4264 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4264 Log: fix acl handling on systems without xattr support Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_xattr.c Changeset: Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_xattr.c === --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_xattr.c 2004-12-18 04:38:43 UTC (rev 4263) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_xattr.c 2004-12-18 23:31:17 UTC (rev 4264) @@ -35,12 +35,24 @@ size_t estimated_size, DATA_BLOB *blob) { + NTSTATUS status; + if (pvfs-ea_db) { return pull_xattr_blob_tdb(pvfs, mem_ctx, attr_name, fname, fd, estimated_size, blob); } - return pull_xattr_blob_system(pvfs, mem_ctx, attr_name, fname, - fd, estimated_size, blob); + + status = pull_xattr_blob_system(pvfs, mem_ctx, attr_name, fname, + fd, estimated_size, blob); + + /* if the filesystem doesn't support them, then tell pvfs not to try again */ + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { + DEBUG(5,(pvfs_xattr: xattr not supported in filesystem\n)); + pvfs-flags = ~PVFS_FLAG_XATTR_ENABLE; + status = NT_STATUS_NOT_FOUND; + } + + return status; } /* @@ -158,14 +170,6 @@ attrib, (ndr_pull_flags_fn_t)ndr_pull_xattr_DosAttrib); - /* if the filesystem doesn't support them, then tell pvfs not to try again */ - if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { - DEBUG(5,(pvfs_xattr: xattr not supported in filesystem\n)); - pvfs-flags = ~PVFS_FLAG_XATTR_ENABLE; - talloc_free(mem_ctx); - return NT_STATUS_OK; - } - /* not having a DosAttrib is not an error */ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { talloc_free(mem_ctx); @@ -341,7 +345,7 @@ NTSTATUS status; ZERO_STRUCTP(acl); if (!(pvfs-flags PVFS_FLAG_XATTR_ENABLE)) { - return NT_STATUS_OK; + return NT_STATUS_NOT_FOUND; } status = pvfs_xattr_ndr_load(pvfs, acl, name-full_name, fd, XATTR_NTACL_NAME,
svn commit: samba r4265 - in trunk/source/rpc_server: .
Author: tpot Date: 2004-12-19 00:09:22 + (Sun, 19 Dec 2004) New Revision: 4265 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4265 Log: Unremove unused extern (?) as it is actually used. Modified: trunk/source/rpc_server/srv_spoolss_nt.c Changeset: Modified: trunk/source/rpc_server/srv_spoolss_nt.c === --- trunk/source/rpc_server/srv_spoolss_nt.c2004-12-18 23:31:17 UTC (rev 4264) +++ trunk/source/rpc_server/srv_spoolss_nt.c2004-12-19 00:09:22 UTC (rev 4265) @@ -5847,6 +5847,7 @@ pipes_struct *p, SEC_DESC_BUF *secdesc_ctr) { SEC_DESC_BUF *new_secdesc_ctr = NULL, *old_secdesc_ctr = NULL; + struct current_user user; WERROR result; int snum;
svn commit: samba r4266 - in trunk/source: include profile torture
Author: tpot Date: 2004-12-19 00:11:18 + (Sun, 19 Dec 2004) New Revision: 4266 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4266 Log: Use sys/types.h constants for permissions in shmget() call. Bugzilla #2150 filed by lukem. (Shared memory is only used in smbtorture now). Modified: trunk/source/include/includes.h trunk/source/profile/profile.c trunk/source/torture/torture.c Changeset: Modified: trunk/source/include/includes.h === --- trunk/source/include/includes.h 2004-12-19 00:09:22 UTC (rev 4265) +++ trunk/source/include/includes.h 2004-12-19 00:11:18 UTC (rev 4266) @@ -1209,15 +1209,6 @@ #define LOG_DEBUG 7 /* debug-level messages */ #endif -/* NetBSD doesn't have these */ -#ifndef SHM_R -#define SHM_R 0400 -#endif - -#ifndef SHM_W -#define SHM_W 0200 -#endif - #if HAVE_KERNEL_SHARE_MODES #ifndef LOCK_MAND #define LOCK_MAND 32 /* This is a mandatory flock */ Modified: trunk/source/profile/profile.c === --- trunk/source/profile/profile.c 2004-12-19 00:09:22 UTC (rev 4265) +++ trunk/source/profile/profile.c 2004-12-19 00:11:18 UTC (rev 4266) @@ -22,7 +22,7 @@ #include includes.h #ifdef WITH_PROFILE -#define IPC_PERMS ((SHM_R | SHM_W) | (SHM_R3) | (SHM_R6)) +#define IPC_PERMS ((S_IRUSR | S_IWUSR) | S_IRGRP | S_IROTH) #endif /* WITH_PROFILE */ #ifdef WITH_PROFILE Modified: trunk/source/torture/torture.c === --- trunk/source/torture/torture.c 2004-12-19 00:09:22 UTC (rev 4265) +++ trunk/source/torture/torture.c 2004-12-19 00:11:18 UTC (rev 4266) @@ -70,7 +70,7 @@ int shmid; void *ret; - shmid = shmget(IPC_PRIVATE, size, SHM_R | SHM_W); + shmid = shmget(IPC_PRIVATE, size, S_IRUSR | S_IWUSR); if (shmid == -1) { printf(can't get shared memory\n); exit(1);
svn commit: samba r4268 - in branches/SAMBA_3_0/source: include profile torture
Author: tpot Date: 2004-12-19 00:31:31 + (Sun, 19 Dec 2004) New Revision: 4268 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4268 Log: Merge fix for bugzilla #2150. Modified: branches/SAMBA_3_0/source/include/includes.h branches/SAMBA_3_0/source/profile/profile.c branches/SAMBA_3_0/source/torture/torture.c Changeset: Modified: branches/SAMBA_3_0/source/include/includes.h === --- branches/SAMBA_3_0/source/include/includes.h2004-12-19 00:13:24 UTC (rev 4267) +++ branches/SAMBA_3_0/source/include/includes.h2004-12-19 00:31:31 UTC (rev 4268) @@ -1202,15 +1202,6 @@ #define LOG_DEBUG 7 /* debug-level messages */ #endif -/* NetBSD doesn't have these */ -#ifndef SHM_R -#define SHM_R 0400 -#endif - -#ifndef SHM_W -#define SHM_W 0200 -#endif - #if HAVE_KERNEL_SHARE_MODES #ifndef LOCK_MAND #define LOCK_MAND 32 /* This is a mandatory flock */ Modified: branches/SAMBA_3_0/source/profile/profile.c === --- branches/SAMBA_3_0/source/profile/profile.c 2004-12-19 00:13:24 UTC (rev 4267) +++ branches/SAMBA_3_0/source/profile/profile.c 2004-12-19 00:31:31 UTC (rev 4268) @@ -22,7 +22,7 @@ #include includes.h #ifdef WITH_PROFILE -#define IPC_PERMS ((SHM_R | SHM_W) | (SHM_R3) | (SHM_R6)) +#define IPC_PERMS ((S_IRUSR | S_IWUSR) | S_IRGRP | S_IROTH) #endif /* WITH_PROFILE */ #ifdef WITH_PROFILE Modified: branches/SAMBA_3_0/source/torture/torture.c === --- branches/SAMBA_3_0/source/torture/torture.c 2004-12-19 00:13:24 UTC (rev 4267) +++ branches/SAMBA_3_0/source/torture/torture.c 2004-12-19 00:31:31 UTC (rev 4268) @@ -70,7 +70,7 @@ int shmid; void *ret; - shmid = shmget(IPC_PRIVATE, size, SHM_R | SHM_W); + shmid = shmget(IPC_PRIVATE, size, S_IRUSR | S_IWUSR); if (shmid == -1) { printf(can't get shared memory\n); exit(1);
svn commit: samba r4269 - in branches/SAMBA_4_0: .
Author: tridge Date: 2004-12-19 00:52:08 + (Sun, 19 Dec 2004) New Revision: 4269 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4269 Log: expanded the note about what you need on linux for xattr support Modified: branches/SAMBA_4_0/howto.txt Changeset: Modified: branches/SAMBA_4_0/howto.txt === --- branches/SAMBA_4_0/howto.txt2004-12-19 00:31:31 UTC (rev 4268) +++ branches/SAMBA_4_0/howto.txt2004-12-19 00:52:08 UTC (rev 4269) @@ -109,11 +109,24 @@ or ./script/tests/test_posix.sh //localhost/test administrator SOMEPASSWORD -Note that to pass all the tests you would need to be using a -filesystem with user_xattr support. On many Linux systems with an ext3 -filesystem this means mounting with the -o user_xattr -option. Consult your filesystem and kernel docs for more details. +NOTE about filesystem support +- + +To use the advanced features of Samba4 you need a filesystem that +supports both the user and system xattr namespaces. + +If you run Linux with a 2.6 kernel and ext3 this means you need to +include the option user_xattr in your /etc/fstab. For example: + +/dev/hda3 /home ext3user_xattr 1 1 + +You also need to compile your kernel with the XATTR and SECURITY +options for your filesystem. For ext3 that means you need: + + CONFIG_EXT3_FS_XATTR=y + CONFIG_EXT3_FS_SECURITY=y + If you don't have a filesystem with xattr support, then you can simulate it by using the option:
svn commit: samba r4270 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: tpot Date: 2004-12-19 00:53:52 + (Sun, 19 Dec 2004) New Revision: 4270 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4270 Log: Add some const as a fix for bugzilla #2135. Modified: branches/SAMBA_3_0/source/lib/replace.c trunk/source/lib/replace.c Changeset: Modified: branches/SAMBA_3_0/source/lib/replace.c === --- branches/SAMBA_3_0/source/lib/replace.c 2004-12-19 00:52:08 UTC (rev 4269) +++ branches/SAMBA_3_0/source/lib/replace.c 2004-12-19 00:53:52 UTC (rev 4270) @@ -420,7 +420,7 @@ #ifndef HAVE_VSYSLOG #ifdef HAVE_SYSLOG - void vsyslog (int facility_priority, char *format, va_list arglist) + void vsyslog (int facility_priority, const char *format, va_list arglist) { char *msg = NULL; vasprintf(msg, format, arglist); Modified: trunk/source/lib/replace.c === --- trunk/source/lib/replace.c 2004-12-19 00:52:08 UTC (rev 4269) +++ trunk/source/lib/replace.c 2004-12-19 00:53:52 UTC (rev 4270) @@ -420,7 +420,7 @@ #ifndef HAVE_VSYSLOG #ifdef HAVE_SYSLOG - void vsyslog (int facility_priority, char *format, va_list arglist) + void vsyslog (int facility_priority, const char *format, va_list arglist) { char *msg = NULL; vasprintf(msg, format, arglist);
svn commit: samba r4271 - in trunk/source: .
Author: tpot Date: 2004-12-19 01:02:45 + (Sun, 19 Dec 2004) New Revision: 4271 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4271 Log: Bugzilla #1988. Apparently this fixes linking on AIX 5.3 for non-gcc compilers. Modified: trunk/source/configure.in Changeset: Modified: trunk/source/configure.in === --- trunk/source/configure.in 2004-12-19 00:53:52 UTC (rev 4270) +++ trunk/source/configure.in 2004-12-19 01:02:45 UTC (rev 4271) @@ -1224,6 +1224,7 @@ if test ${GCC} != yes; then ## for funky AIX compiler using strncpy() CFLAGS=$CFLAGS -D_LINUX_SOURCE_COMPAT -qmaxmem=32000 + PICSUFFIX=po.o fi AC_DEFINE(STAT_ST_BLOCKSIZE,DEV_BSIZE,[The size of a block])
svn commit: samba r4272 - in trunk/source/libads: .
Author: tpot Date: 2004-12-19 03:22:14 + (Sun, 19 Dec 2004) New Revision: 4272 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4272 Log: Move variable declaration before first statement in block. Modified: trunk/source/libads/ads_status.c Changeset: Modified: trunk/source/libads/ads_status.c === --- trunk/source/libads/ads_status.c2004-12-19 01:02:45 UTC (rev 4271) +++ trunk/source/libads/ads_status.c2004-12-19 03:22:14 UTC (rev 4272) @@ -116,10 +116,10 @@ { uint32 msg_ctx; uint32 minor; + gss_buffer_desc msg1, msg2; msg_ctx = 0; - gss_buffer_desc msg1, msg2; msg1.value = NULL; msg2.value = NULL; gss_display_status(minor, status.err.rc, GSS_C_GSS_CODE,
svn commit: samba r4273 - in branches/SAMBA_3_0/source/libads: .
Author: tpot Date: 2004-12-19 03:23:10 + (Sun, 19 Dec 2004) New Revision: 4273 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4273 Log: Same fix for r4272 in SAMBA_3_0 branch. Modified: branches/SAMBA_3_0/source/libads/ads_status.c Changeset: Modified: branches/SAMBA_3_0/source/libads/ads_status.c === --- branches/SAMBA_3_0/source/libads/ads_status.c 2004-12-19 03:22:14 UTC (rev 4272) +++ branches/SAMBA_3_0/source/libads/ads_status.c 2004-12-19 03:23:10 UTC (rev 4273) @@ -116,10 +116,10 @@ { uint32 msg_ctx; uint32 minor; + gss_buffer_desc msg1, msg2; msg_ctx = 0; - gss_buffer_desc msg1, msg2; msg1.value = NULL; msg2.value = NULL; gss_display_status(minor, status.err.rc, GSS_C_GSS_CODE,
svn commit: samba r4274 - in branches/SAMBA_4_0/source/ntvfs/ipc: .
Author: tridge Date: 2004-12-19 03:31:57 + (Sun, 19 Dec 2004) New Revision: 4274 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4274 Log: make the prototype RAP netshareenum call return something a bit more sensible. Modified: branches/SAMBA_4_0/source/ntvfs/ipc/rap_server.c Changeset: Modified: branches/SAMBA_4_0/source/ntvfs/ipc/rap_server.c === --- branches/SAMBA_4_0/source/ntvfs/ipc/rap_server.c2004-12-19 03:23:10 UTC (rev 4273) +++ branches/SAMBA_4_0/source/ntvfs/ipc/rap_server.c2004-12-19 03:31:57 UTC (rev 4274) @@ -28,21 +28,22 @@ NTSTATUS rap_netshareenum(struct smbsrv_request *req, struct rap_NetShareEnum *r) { + int i; r-out.status = 0; - r-out.available = 2; + r-out.available = dcesrv_common_get_count_of_shares(req, NULL); r-out.info = talloc_array_p(req, -union rap_shareenum_info, 2); +union rap_shareenum_info, r-out.available); - strncpy(r-out.info[0].info1.name, C$, sizeof(r-out.info[0].info1.name)); - r-out.info[0].info1.pad = 0; - r-out.info[0].info1.type = 0; - r-out.info[0].info1.comment = talloc_strdup(req, Bla); + for (i=0;ir-out.available;i++) { + strncpy(r-out.info[i].info1.name, + dcesrv_common_get_share_name(req, NULL, i), + sizeof(r-out.info[0].info1.name)); + r-out.info[i].info1.pad = 0; + r-out.info[i].info1.type = dcesrv_common_get_share_type(req, NULL, i); + r-out.info[i].info1.comment = talloc_strdup(req, + dcesrv_common_get_share_comment(req, NULL, i)); + } - strncpy(r-out.info[1].info1.name, IPC$, sizeof(r-out.info[0].info1.name)); - r-out.info[1].info1.pad = 0; - r-out.info[1].info1.type = 1; - r-out.info[1].info1.comment = talloc_strdup(req, Blub); - return NT_STATUS_OK; }
svn commit: samba r4275 - in branches/SAMBA_4_0/source/rpc_server/common: .
Author: tridge Date: 2004-12-19 04:23:29 + (Sun, 19 Dec 2004) New Revision: 4275 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4275 Log: improve the share type info Modified: branches/SAMBA_4_0/source/rpc_server/common/share_info.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/common/share_info.c === --- branches/SAMBA_4_0/source/rpc_server/common/share_info.c2004-12-19 03:31:57 UTC (rev 4274) +++ branches/SAMBA_4_0/source/rpc_server/common/share_info.c2004-12-19 04:23:29 UTC (rev 4275) @@ -72,6 +72,12 @@ * ADMIN$, IPC$, C$, D$, E$ ... are type |= 0x8000 * this ones are hidden in NetShareEnum, but shown in NetShareEnumAll */ + if (strcasecmp(lp_servicename(snum), IPC$) == 0) { + return 3; + } + if (lp_print_ok(snum)) { + return 1; + } return 0; }
svn commit: samba r4276 - in branches/SAMBA_4_0/source/rpc_server/lsa: .
Author: tridge Date: 2004-12-19 05:01:52 + (Sun, 19 Dec 2004) New Revision: 4276 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4276 Log: added server side support for lsa_OpenAccount() Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c === --- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-19 04:23:29 UTC (rev 4275) +++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-19 05:01:52 UTC (rev 4276) @@ -51,6 +51,18 @@ /* + state associated with a lsa_OpenAccount() operation +*/ +struct lsa_account_state { + struct lsa_policy_state *policy; + uint32_t access_mask; + struct dom_sid *account_sid; + const char *account_sid_str; + const char *account_name; +}; + + +/* destroy an open policy. This closes the database connection */ static void lsa_Policy_destroy(struct dcesrv_connection *conn, struct dcesrv_handle *h) @@ -59,6 +71,15 @@ talloc_free(state); } +/* + destroy an open account. +*/ +static void lsa_Account_destroy(struct dcesrv_connection *conn, struct dcesrv_handle *h) +{ + struct lsa_account_state *astate = h-data; + talloc_free(astate); +} + /* lsa_Close */ @@ -682,9 +703,59 @@ lsa_OpenAccount */ static NTSTATUS lsa_OpenAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_OpenAccount *r) + struct lsa_OpenAccount *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct dcesrv_handle *h, *ah; + struct lsa_policy_state *state; + struct lsa_account_state *astate; + + ZERO_STRUCTP(r-out.acct_handle); + + DCESRV_PULL_HANDLE(h, r-in.handle, LSA_HANDLE_POLICY); + + state = h-data; + + astate = talloc_p(dce_call-conn, struct lsa_account_state); + if (astate == NULL) { + return NT_STATUS_NO_MEMORY; + } + + astate-account_sid = dom_sid_dup(astate, r-in.sid); + if (astate-account_sid == NULL) { + talloc_free(astate); + return NT_STATUS_NO_MEMORY; + } + + astate-account_sid_str = dom_sid_string(astate, astate-account_sid); + if (astate-account_sid_str == NULL) { + talloc_free(astate); + return NT_STATUS_NO_MEMORY; + } + + /* check it really exists */ + astate-account_name = samdb_search_string(state-sam_ctx, astate, + NULL, sAMAccountName, + objectSid=%s, astate-account_sid_str); + if (astate-account_name == NULL) { + talloc_free(astate); + return NT_STATUS_NO_SUCH_USER; + } + + astate-policy = talloc_reference(astate, state); + astate-access_mask = r-in.access_mask; + + ah = dcesrv_handle_new(dce_call-conn, LSA_HANDLE_ACCOUNT); + if (!ah) { + talloc_free(astate); + return NT_STATUS_NO_MEMORY; + } + + ah-data = astate; + ah-destroy = lsa_Account_destroy; + + *r-out.acct_handle = ah-wire_handle; + + return NT_STATUS_OK; }
svn commit: samba r4277 - in branches/SAMBA_4_0/source: rpc_server/lsa torture/rpc
Author: tridge Date: 2004-12-19 05:53:13 + (Sun, 19 Dec 2004) New Revision: 4277 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4277 Log: - added server support for lsa_EnumAccounts() - expanded the lsa test suite to better test lsa_EnumAccounts() Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c branches/SAMBA_4_0/source/torture/rpc/lsa.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c === --- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-19 05:01:52 UTC (rev 4276) +++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-19 05:53:13 UTC (rev 4277) @@ -44,6 +44,7 @@ struct sidmap_context *sidmap; uint32_t access_mask; const char *domain_dn; + const char *builtin_dn; const char *domain_name; struct dom_sid *domain_sid; struct dom_sid *builtin_sid; @@ -225,6 +226,15 @@ return NT_STATUS_NO_SUCH_DOMAIN; } + /* work out the builtin_dn - useful for so many calls its worth + fetching here */ + state-builtin_dn = samdb_search_string(state-sam_ctx, state, NULL, + dn, objectClass=builtinDomain); + if (!state-builtin_dn) { + talloc_free(state); + return NT_STATUS_NO_SUCH_DOMAIN; + } + sid_str = samdb_search_string(state-sam_ctx, state, NULL, objectSid, dn=%s, state-domain_dn); if (!sid_str) { @@ -427,7 +437,58 @@ static NTSTATUS lsa_EnumAccounts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct lsa_EnumAccounts *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct dcesrv_handle *h; + struct lsa_policy_state *state; + int ret, i; + struct ldb_message **res; + const char * const attrs[] = { objectSid, NULL}; + uint32_t count; + + DCESRV_PULL_HANDLE(h, r-in.handle, LSA_HANDLE_POLICY); + + state = h-data; + + ret = samdb_search(state-sam_ctx, mem_ctx, state-builtin_dn, res, attrs, objectClass=group); + if (ret = 0) { + return NT_STATUS_NO_SUCH_USER; + } + + if (*r-in.resume_handle = ret) { + return NT_STATUS_NO_MORE_ENTRIES; + } + + count = ret - *r-in.resume_handle; + if (count r-in.num_entries) { + count = r-in.num_entries; + } + + if (count == 0) { + return NT_STATUS_NO_MORE_ENTRIES; + } + + r-out.sids-sids = talloc_array_p(r-out.sids, struct lsa_SidPtr, count); + if (r-out.sids-sids == NULL) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0;icount;i++) { + const char *sidstr; + + sidstr = samdb_result_string(res[i + *r-in.resume_handle], objectSid, NULL); + if (sidstr == NULL) { + return NT_STATUS_NO_MEMORY; + } + r-out.sids-sids[i].sid = dom_sid_parse_talloc(r-out.sids-sids, sidstr); + if (r-out.sids-sids[i].sid == NULL) { + return NT_STATUS_NO_MEMORY; + } + } + + r-out.sids-num_sids = count; + *r-out.resume_handle = count + *r-in.resume_handle; + + return NT_STATUS_OK; + } Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c === --- branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-19 05:01:52 UTC (rev 4276) +++ branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-19 05:53:13 UTC (rev 4277) @@ -702,26 +702,31 @@ r.out.sids = sids1; resume_handle = 0; - status = dcerpc_lsa_EnumAccounts(p, mem_ctx, r); - if (!NT_STATUS_IS_OK(status)) { - printf(EnumAccounts failed - %s\n, nt_errstr(status)); - return False; - } + while (True) { + status = dcerpc_lsa_EnumAccounts(p, mem_ctx, r); + if (NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) { + break; + } + if (!NT_STATUS_IS_OK(status)) { + printf(EnumAccounts failed - %s\n, nt_errstr(status)); + return False; + } - if (!test_LookupSids(p, mem_ctx, handle, sids1)) { - return False; - } + if (!test_LookupSids(p, mem_ctx, handle, sids1)) { + return False; + } - if (!test_LookupSids2(p, mem_ctx, handle, sids1)) { - return False; - } + if (!test_LookupSids2(p, mem_ctx, handle, sids1)) { + return False; + } - printf(testing all accounts\n); - for
svn commit: samba r4278 - in branches/SAMBA_4_0/source/rpc_server/lsa: .
Author: tridge Date: 2004-12-19 06:41:27 + (Sun, 19 Dec 2004) New Revision: 4278 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4278 Log: - added server support for lsa_EnumPrivsAccount() Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c === --- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-19 05:53:13 UTC (rev 4277) +++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2004-12-19 06:41:27 UTC (rev 4278) @@ -59,7 +59,7 @@ uint32_t access_mask; struct dom_sid *account_sid; const char *account_sid_str; - const char *account_name; + const char *account_dn; }; @@ -794,10 +794,11 @@ } /* check it really exists */ - astate-account_name = samdb_search_string(state-sam_ctx, astate, - NULL, sAMAccountName, - objectSid=%s, astate-account_sid_str); - if (astate-account_name == NULL) { + astate-account_dn = samdb_search_string(state-sam_ctx, astate, +NULL, dn, + ((objectSid=%s)(objectClass=group)), +astate-account_sid_str); + if (astate-account_dn == NULL) { talloc_free(astate); return NT_STATUS_NO_SUCH_USER; } @@ -827,7 +828,52 @@ TALLOC_CTX *mem_ctx, struct lsa_EnumPrivsAccount *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct dcesrv_handle *h; + struct lsa_account_state *astate; + int ret, i; + struct ldb_message **res; + const char * const attrs[] = { privilege, NULL}; + struct ldb_message_element *el; + + DCESRV_PULL_HANDLE(h, r-in.handle, LSA_HANDLE_ACCOUNT); + + astate = h-data; + + r-out.privs = talloc_p(mem_ctx, struct lsa_PrivilegeSet); + r-out.privs-count = 0; + r-out.privs-unknown = 0; + r-out.privs-set = NULL; + + ret = samdb_search(astate-policy-sam_ctx, mem_ctx, NULL, res, attrs, + dn=%s, astate-account_dn); + if (ret != 1) { + return NT_STATUS_OK; + } + + el = ldb_msg_find_element(res[0], privilege); + if (el == NULL || el-num_values == 0) { + return NT_STATUS_OK; + } + + r-out.privs-set = talloc_array_p(r-out.privs, + struct lsa_LUIDAttribute, el-num_values); + if (r-out.privs-set == NULL) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0;iel-num_values;i++) { + int id = sec_privilege_id(el-values[i].data); + if (id == -1) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + r-out.privs-set[i].attribute = 0; + r-out.privs-set[i].luid.low = id; + r-out.privs-set[i].luid.high = 0; + } + + r-out.privs-count = el-num_values; + + return NT_STATUS_OK; }
svn commit: samba r4279 - in branches/SAMBA_4_0/source: librpc/idl torture/rpc
Author: tridge Date: 2004-12-19 07:20:55 + (Sun, 19 Dec 2004) New Revision: 4279 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4279 Log: added IDL and test code for lsa_AddPrivilegesToAccount() and lsa_RemovePrivilegesFromAccount() Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/torture/rpc/lsa.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl === --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-12-19 06:41:27 UTC (rev 4278) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl2004-12-19 07:20:55 UTC (rev 4279) @@ -368,7 +368,7 @@ } lsa_LUIDAttribute; typedef struct { - uint32 count; + [range(0,1000)] uint32 count; uint32 unknown; [size_is(count)] lsa_LUIDAttribute set[*]; } lsa_PrivilegeSet; @@ -379,11 +379,21 @@ ); + // /* Function:0x13 */ - NTSTATUS lsa_AddPrivilegesToAccount(); + NTSTATUS lsa_AddPrivilegesToAccount( + [in,ref] policy_handle *handle, + [in,ref] lsa_PrivilegeSet *privs + ); + + // /* Function: 0x14 */ - NTSTATUS lsa_RemovePrivilegesFromAccount(); + NTSTATUS lsa_RemovePrivilegesFromAccount( + [in,ref] policy_handle *handle, + [in] uint8 remove_all, + [in] lsa_PrivilegeSet *privs + ); /* Function: 0x15 */ NTSTATUS lsa_GetQuotasForAccount(); Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c === --- branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-19 06:41:27 UTC (rev 4278) +++ branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-19 07:20:55 UTC (rev 4279) @@ -357,6 +357,67 @@ return True; } +static BOOL test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, +TALLOC_CTX *mem_ctx, +struct policy_handle *acct_handle, +struct lsa_LUID *luid) +{ + NTSTATUS status; + struct lsa_RemovePrivilegesFromAccount r; + struct lsa_PrivilegeSet privs; + BOOL ret = True; + + printf(Testing RemovePrivilegesFromAccount\n); + + r.in.handle = acct_handle; + r.in.remove_all = 0; + r.in.privs = privs; + + privs.count = 1; + privs.unknown = 0; + privs.set = talloc_array_p(mem_ctx, struct lsa_LUIDAttribute, 1); + privs.set[0].luid = *luid; + privs.set[0].attribute = 0; + + status = dcerpc_lsa_RemovePrivilegesFromAccount(p, mem_ctx, r); + if (!NT_STATUS_IS_OK(status)) { + printf(RemovePrivilegesFromAccount failed - %s\n, nt_errstr(status)); + return False; + } + + return ret; +} + +static BOOL test_AddPrivilegesToAccount(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *acct_handle, + struct lsa_LUID *luid) +{ + NTSTATUS status; + struct lsa_AddPrivilegesToAccount r; + struct lsa_PrivilegeSet privs; + BOOL ret = True; + + printf(Testing AddPrivilegesToAccount\n); + + r.in.handle = acct_handle; + r.in.privs = privs; + + privs.count = 1; + privs.unknown = 0; + privs.set = talloc_array_p(mem_ctx, struct lsa_LUIDAttribute, 1); + privs.set[0].luid = *luid; + privs.set[0].attribute = 0; + + status = dcerpc_lsa_AddPrivilegesToAccount(p, mem_ctx, r); + if (!NT_STATUS_IS_OK(status)) { + printf(AddPrivilegesToAccount failed - %s\n, nt_errstr(status)); + return False; + } + + return ret; +} + static BOOL test_EnumPrivsAccount(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, @@ -364,6 +425,7 @@ { NTSTATUS status; struct lsa_EnumPrivsAccount r; + BOOL ret = True; printf(Testing EnumPrivsAccount\n); @@ -375,15 +437,20 @@ return False; } - if (r.out.privs) { + if (r.out.privs r.out.privs-count 0) { int i; for (i=0;ir.out.privs-count;i++) { test_LookupPrivName(p, mem_ctx, handle, r.out.privs-set[i].luid); } + + ret =
svn commit: samba r4280 - in branches/SAMBA_4_0/source/rpc_server/lsa: .
Author: tridge Date: 2004-12-19 07:50:19 + (Sun, 19 Dec 2004) New Revision: 4280 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4280 Log: added server side support for lsa_AddPrivilegesToAccount() and lsa_RemovePrivilegesFromAccount() these are the last of the server side privileges functions. We should now have a complete privileges implementation. Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c Changeset: Sorry, the patch is too large (366 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=4280