[Samba] Samba Password Expiry Date
Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Hello, so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. the password expires in Unix and Samba. Samba does all changes for itself. You can set password-age to 60 days by typing: # pdbedit -P maximum password age -C 5007600 For Linux you have to change shadowlastchange in LDAP. I wrote a script for this: smb.conf: #- unix password sync = yes passwd program = /etc/samba/scripts/ldap_userPassword_change %u passwd chat = *New*password* %n\n *new*password* %n\n *Success* #- /etc/samba/scripts/ldap_userPassword_change: #- #!/bin/sh LDAP_SERVER=ldapserver LDAP_USER=uid=userPassChange,o=mydomain,c=com LDAP_PASS=secret LDAP_PASSWD=/usr/bin/ldappasswd LDAP_MODIFY=/usr/bin/ldapmodify #DN of User USER_DN=uid=$1,ou=users,o=mydomain,c=com #Get Date TS=`date +%s` SLC=$(($TS/24/3600)) #- MODIFY userPassword $LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN #- MODIFY shadowlastchange if [ $? -eq 0 ]; then echo dn: $USER_DN changetype: modify replace: shadowLastChange shadowLastChange: $SLC | $LDAP_MODIFY -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS /dev/null 21 fi exit #- kind regards Matthias Hiu Yen Onn schrieb: Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP Home accessing a Samba PDC
Thanks to everyone for your help, I've got some useful suggestions there to try out. Thanks again! Hopefully, this will be enough to stop them migrating the server to Windows, at $ENORMOUS_COST. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. the password expires in Unix and Samba. Samba does all changes for itself. You can set password-age to 60 days by typing: # pdbedit -P maximum password age -C 5007600 For Linux you have to change shadowlastchange in LDAP. I wrote a script for this: smb.conf: #- unix password sync = yes passwd program = /etc/samba/scripts/ldap_userPassword_change %u passwd chat = *New*password* %n\n *new*password* %n\n *Success* #- /etc/samba/scripts/ldap_userPassword_change: #- #!/bin/sh LDAP_SERVER=ldapserver LDAP_USER=uid=userPassChange,o=mydomain,c=com LDAP_PASS=secret LDAP_PASSWD=/usr/bin/ldappasswd LDAP_MODIFY=/usr/bin/ldapmodify #DN of User USER_DN=uid=$1,ou=users,o=mydomain,c=com #Get Date TS=`date +%s` SLC=$(($TS/24/3600)) #- MODIFY userPassword $LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN #- MODIFY shadowlastchange if [ $? -eq 0 ]; then echo dn: $USER_DN changetype: modify replace: shadowLastChange shadowLastChange: $SLC | $LDAP_MODIFY -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS /dev/null 21 fi exit #- kind regards Matthias Hiu Yen Onn schrieb: Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn how can u calculate the 5007600. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. the password expires in Unix and Samba. Samba does all changes for itself. You can set password-age to 60 days by typing: # pdbedit -P maximum password age -C 5007600 For Linux you have to change shadowlastchange in LDAP. I wrote a script for this: smb.conf: #- unix password sync = yes passwd program = /etc/samba/scripts/ldap_userPassword_change %u passwd chat = *New*password* %n\n *new*password* %n\n *Success* #- /etc/samba/scripts/ldap_userPassword_change: #- #!/bin/sh LDAP_SERVER=ldapserver LDAP_USER=uid=userPassChange,o=mydomain,c=com LDAP_PASS=secret LDAP_PASSWD=/usr/bin/ldappasswd LDAP_MODIFY=/usr/bin/ldapmodify #DN of User USER_DN=uid=$1,ou=users,o=mydomain,c=com #Get Date TS=`date +%s` SLC=$(($TS/24/3600)) #- MODIFY userPassword $LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN #- MODIFY shadowlastchange if [ $? -eq 0 ]; then echo dn: $USER_DN changetype: modify replace: shadowLastChange shadowLastChange: $SLC | $LDAP_MODIFY -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS /dev/null 21 fi exit #- kind regards Matthias Hiu Yen Onn schrieb: Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn i prompt in the pdbedit -P maximum password age. it yields to me this account policy value for maximum password age is 4294967295 what is the digits means to me?? how can i make use of it??? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Normally for compute the value must be set : nb days * 24 * 60 * 60 * 24 for 24 hours * 60 for minutes * 60 for secondes ex : for 60 days : 5184000 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 02/06/2005 10:15:01 : Matthias Spork wrote: Hello, so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. the password expires in Unix and Samba. Samba does all changes for itself. You can set password-age to 60 days by typing: # pdbedit -P maximum password age -C 5007600 For Linux you have to change shadowlastchange in LDAP. I wrote a script for this: smb.conf: #- unix password sync = yes passwd program = /etc/samba/scripts/ldap_userPassword_change %u passwd chat = *New*password* %n\n *new*password* %n\n *Success* #- /etc/samba/scripts/ldap_userPassword_change: #- #!/bin/sh LDAP_SERVER=ldapserver LDAP_USER=uid=userPassChange,o=mydomain,c=com LDAP_PASS=secret LDAP_PASSWD=/usr/bin/ldappasswd LDAP_MODIFY=/usr/bin/ldapmodify #DN of User USER_DN=uid=$1,ou=users,o=mydomain,c=com #Get Date TS=`date +%s` SLC=$(($TS/24/3600)) #- MODIFY userPassword $LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN #- MODIFY shadowlastchange if [ $? -eq 0 ]; then echo dn: $USER_DN changetype: modify replace: shadowLastChange shadowLastChange: $SLC | $LDAP_MODIFY -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS /dev/null 21 fi exit #- kind regards Matthias Hiu Yen Onn schrieb: Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn how can u calculate the 5007600. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot share printer HP1012, using Ubuntu and Samba
Hello! I have a big problem - I cann't share the printer HP1012. I am using GNU Linux Ubuntu, I try to share the printer, using Samba (when I used RH9, then it was very easy to share the printer and I hadn't any problem with sharing (except PCL, but thats the other story)). So, can you tell me, whats the problem? I use cups. My /etc/smb.conf file: ## Printing ## # If you want to automatically load your printer list rather # than setting them up individually then you'll need this load printers = yes # lpr(ng) printing. You may wish to override the location of the # printcap file ; printing = bsd ; printcap name = /etc/printcap #the printcap in Ubunutu is located in # /var/run/spool/printcap (or something like that) # CUPS printing. See also the cupsaddsmb(Cool manpage in the # cupsys-client package. printing = cups printcap name = cups # When using [print$], root is implicitly a 'printer admin', but you can # also give this right to other users to add drivers and set printer # properties ; printer admin = @ntadmin === Share Definitions === [printers] comment = All Printers browseable = yes path = /tmp path = /tmp printable = yes public = yes writable = no create mode = 0700 [HP1012] comment = HP LaserJet 1012 path = /tmp # not in /var/spool/samba printable = yes guest ok = yes public = yes # Windows clients look for this share name as a source of downloadable # printer drivers [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = yes someone adviced make simlink: cd /usr/lib/cups/backend/ ln -n /usr/bin/smbspool smb so I did, but no results... I Also tryed to share folder (to check out whether the samba have problem), so it work, but printer share don't...?:-((( Somebody can help me? --- http://www.one.lv - Tavs mobilais e-pasts! Tagad lasi savu e-pastu ar mobilo telefonu - wap.one.lv! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Hello, # pdbedit -P maximum password age -C 5007600 Does it apply for all users in my domain??? This feature must be activated on yout domain-master. I've set this option also at all other samba domain-controllers (PDC's an BDC's). I don't know, if this is required. There is the ldap-attribute shadowMax: 60 for each user, but I don't know if this works yet with samba 3.0.14. matze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
tor, 02.06.2005 kl. 10.17 skrev Hiu Yen Onn: [...] i prompt in the pdbedit -P maximum password age. it yields to me this account policy value for maximum password age is 4294967295 what is the digits means to me?? how can i make use of it??? thanks 'convdate -c 4294967295' --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Home Directories
Hi all. Quick question, (background 1st) Using Win2k3 AD with samba as a service (filestore) Added a user called sb05 C:\net user sb05 User namesb05 Full NameSomeone Bright Comment stu00 User's comment Country code 000 (System Default) Account active Yes Account expires Never Password last set5/27/2005 10:49 AM Password expires 7/9/2005 9:37 AM Password changeable 5/28/2005 10:49 AM Password requiredYes User may change password Yes Workstations allowed All Logon script logon.bat User profile \\DEV1\sb05\PC\Profile Home directory \\DEV1\sb05 Last logon Never Logon hours allowed All Local Group Memberships Global Group memberships *Domain Users *students The command completed successfully. Home directory is set to \\dev1\sb05 etc However, getent passwd shows sb05:x:10017:10018:sb05:/home/DEV-DOMAIN/sb05:/bin/false Ergo they don't match up :/ [EMAIL PROTECTED] 2005]# cd ~sb05 -bash: cd: /home/DEV-DOMAIN/sb05: No such file or directory Technically the home is /home/Students/2005/sb05 Any thoughts / ideas why they are different? Thanks Ross -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and Windows ACL Issue
tor, 02.06.2005 kl. 11.08 skrev Ross McInnes: I think acl's are working. But it doesnt work from windows. I also get an error message with setfacl. Is there an easy way to tell if ACL is enabled in the kernel? I know ive put in the right syntax in /etc/fstab You're running RHEL3. RHAS3 has native POSIX ACL support, so RHEL3 should have, too. And samba is compiled with acl support. Do 'ldd /path/to/smbd-binary'. You should see both: libattr.so.1 = /lib/libattr.so.1 (0x00387000) and libacl.so.1 = /lib/libacl.so.1 (0x00716000) or suchlike. what does 'mount' show you for the partition for which you think you have ACL support? E.g., on my test rig: /dev/hda10 on /m type ext3 (rw,acl,user_xattr) --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problems regarding the security of your PayPal account.
Now and then, ball bearing defined by buy an expensive gift for corporation inside.A few ruffians, and crank case beyond abstraction) to arrive at a state of briar patchA few dilettantes, and espadrille around) to arrive at a state of turn signal -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and Windows ACL Issue
tor, 02.06.2005 kl. 12.34 skrev Ross McInnes: [EMAIL PROTECTED] FixUserPerms]# ldd /usr/local/samba/sbin/smbd | grep attr libattr.so.1 = /lib/libattr.so.1 (0xb74ec000) [EMAIL PROTECTED] FixUserPerms]# ldd /usr/local/samba/sbin/smbd | grep acl libacl.so.1 = /lib/libacl.so.1 (0xb74e6000) /dev/sdb1 on /export/1 type ext3 (rw,acl,user_xattr) /dev/sdc1 on /export/2 type ext3 (rw,acl,user_xattr) Is what I get :/ Still cannot add another user to a file/directory cd /lib/modules/2.4.21-20.EL/kernel/fs/ext3 grep -i acl ext3.o Binary file ext3.o matches or strings ext3.o | less search for acl: system.posix_acl_access system.posix_acl_default ext3_xattr_set_acl Please do at least CC the samba list. I'd far rather answer there, and others can help you - not just me. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Problem adding users from Windows using svrtool package
Hi, I have exactly the same situation: # pdbedit -a -u user ...works as expected. However adding a user without explicitly setting logon script, logon path and logon drive in USRMGR.EXE ignores the settings in smb.conf and leaves these fields empty in tsbsam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and Windows ACL Issue
Yeah sorry about that, replied to all this time :) All of those returned positive, so from that I can assume that its running acl/xattr? Many thanks Ross -Original Message- From: Tony Earnshaw [mailto:[EMAIL PROTECTED] Sent: 02 June 2005 12:19 To: Ross McInnes Cc: samba@lists.samba.org Subject: RE: [Samba] Samba and Windows ACL Issue tor, 02.06.2005 kl. 12.34 skrev Ross McInnes: [EMAIL PROTECTED] FixUserPerms]# ldd /usr/local/samba/sbin/smbd | grep attr libattr.so.1 = /lib/libattr.so.1 (0xb74ec000) [EMAIL PROTECTED] FixUserPerms]# ldd /usr/local/samba/sbin/smbd | grep acl libacl.so.1 = /lib/libacl.so.1 (0xb74e6000) /dev/sdb1 on /export/1 type ext3 (rw,acl,user_xattr) /dev/sdc1 on /export/2 type ext3 (rw,acl,user_xattr) Is what I get :/ Still cannot add another user to a file/directory cd /lib/modules/2.4.21-20.EL/kernel/fs/ext3 grep -i acl ext3.o Binary file ext3.o matches or strings ext3.o | less search for acl: system.posix_acl_access system.posix_acl_default ext3_xattr_set_acl Please do at least CC the samba list. I'd far rather answer there, and others can help you - not just me. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problems sending transferling large files from windows 2000 to Linux, via gigabit ethernet.
Hi All, I am currently using Samba v3.0.14a and it's incredibly responsive...except when it comes to large files. Currently my specs are as follows: Santiago Dell PowerEdge SC1420, which is using SATA (RAID 5), and reiserfs 3.6 Ottawa: Desktop PC Windows XP 100/10 Ethernet Card. Douglas: Desktop PC Windows XP Gigabit Ethernet Card. These are the tests that I have performed: Test Set 1: 1. Windows Copy from Ottawa to Santiago. (1 GB) - Works but extremely slow...copy times vary wildly from 3 minutes to 30 minutes, but copy completes. 2. Windows Copy from Ottawa to Santiago. (1 GB) - Works wonderfully. 3. FTP Copy from Ottawa to Santiago. - Works perfectly. 4. SCP Copy from Ottawa - Works perfectly. Test Set 2: -- 1. Windows Copy from Douglas to Santiago. (1 GB) -Fails after 1 GB mark, approx 20 seconds in: 2. Windows Copy from Douglas to Santiago. (1 GB) - Works wonderfully. 3. FTP Copy from Douglas to Santiago. -Works Perfectly 4. SCP Copy from Douglas to Santiago. -Works Perfectly. - Here is my Smb.conf file. socket options = TCP_NODELAY SO_RCVBUF=65535 SO_SNDBUF=65535 SO_KEEPALIVE IPTOS_LOWDELAY read size=65535 max xmit=65535 hosts allow = 10. 127. max log size = 0 security = server password server = SRV01 password level = 8 username level = 8 username map = /usr/local/samba/private/smbusers wins server = 10.0.0.212 [data] path = /data/SMB_Store/ comment = CVS/Datashare browseable = yes writeable = yes create mode = 0777 directory mode = 0777 public = yes guest ok = yes read only = no Has anyone come across this before ? Thanks very much for all for your help, Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net setlocalsid for doimain doesn't work as wanted
Hallo Herr Trapp, ich bin am verzweifeln. Haben Sie eine Lösung gefunden, um mittels setlocalsid die DomänenSID zu ändern? Ich weiss, es ist schon länger her. Ich soll einen alten SAMBA 2 durch eine neue Maschine mit SAMBA 3 ersetzen. Der Server läuft gut, aber mit net setlocalsid, dem Kommando profiles (es ersetzt mir die USER und GRUPPEN-ID in der NTUSER.dat, aber nur im Output; physikalisch ändert er die Datei nicht) oder pdbedit habe ich keinen Erfolg. Keines dieser Kommandos funktioniert wie erwartet. Wenn Sie einen Hinweis hätten, wie ich die SID anpassen kann, ohne auf den Workstations die registry zu editieren, wäre ich glücklich. Mit freundlichen Grüßen Marcus Hermsen bofest consult GmbH Christinenstraße 14 D-40880 Ratingen fon: +49(0) 2102 770 89 0 fax: +49(0) 2102 770 89 20 mobil : +49(0) 177 493 10 96 mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: kerberos problem
Ima li ovde Darka? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Logon script execution intermittent
Using Suse Enterprise 9.1 and Samba 3.013 and Win XP SP1 and SP2 workstations. Users logon scripts are not being run during logon in a reliable fashion. The could run without issue for 10 logons and on the 11th no mapped drives doesn't seem to be a specific workstation or XP version. Currently running with cranked up logging levels looking for a needle in a haystack. Anyone run into this? Douglas Sterner -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] more on ailing printer system
[2005/06/01 17:15:17, 3] smbd/service.c:find_service(164) checking whether HP Color LaserJet 4500 PCL 6 is a valid printer name... [2005/06/01 17:15:17, 3] smbd/service.c:find_service(174) HP Color LaserJet 4500 PCL 6 is not a valid printer name [2005/06/01 17:15:17, 3] smbd/service.c:find_service(211) find_service() failed to find service HP Color LaserJet 4500 PCL 6 [2005/06/01 17:15:17, 10] printing/nt_printing.c:get_a_printer(4095) get_a_printer: [printers] level 2 What is the name of your printer spool on the unix side? Perhaps something without spaces? What would happen if you renamed your printer to not have spaces, like hp4500? I don't know if it applies currently but there are some references on the web to the 2.2 series that cannot handle spaces in printer names. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Unable to display security information
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 jkelly wrote: | Hello, | | When adding a new printer it appears in the list | and the administrator can add the printer, but no | one else can. The security tab for printers is coming up | with an error (Unable to display security | information) when we try to access it from windows | (via the printers and faxes area). This does | not happen with the printers that are already | installed (it comes up like a normal windows | printer would). Is there something we need to | add to the samba config to allow us to change | the security settings? What Samba version ? I made some changes to the code that creates the default printer security descriptor but I've not seen any issues with it. And I don't remember which version the change went in to. Might have been post 3.0.14a. Can you run `rpcclient samba -U adminuser%pw -c 'getprinter printername 3' and send me the output? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCnwXNIR7qMdg1EfYRAjZqAKCeQ7933XmhL1uvqzW/b/ZjlkmB6wCgs4+m ajCKlQiRq+xeFIF4XtThbIg= =WcEf -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] The Samba project particpating Google's summer of code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just to let everyone know in case you don't already: Samba is now listed as a mentor organization for Google's Summer of Code. More details on Samba's participation can be found at http://www.samba.org/samba/projects/summercode05.html More details on Google's program can be found here: http://code.google.com/summerofcode.html cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCnwhPIR7qMdg1EfYRAu1YAKDcuDxHvu7Yl5jLz4ODVE4aKrw9JQCfUi+0 lik2F78rIOeWzj1w+d6cq4Y= =sEg6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and Windows ACL Issue
tor, 02.06.2005 kl. 13.55 skrev Ross McInnes: Yeah sorry about that, replied to all this time :) No sweat :) All of those returned positive, so from that I can assume that its running acl/xattr? Well, that's what I have; in short, you have all that I have. But then I can't understand that you're getting errors with setfacl, let alone Windows. Check your syntax, use the examples in 'man setfacl'. As for Samba, you don't have 'nt acl support = no' in smb.conf? Naaaeh :) --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] list of all shared resources
Hi ! Is exist possibillity get list of all samba and win shared resources from *nix box, like in windows Network Environment ? Prompt, please, how ? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] list of all shared resources
smbtree ? Hi ! Is exist possibillity get list of all samba and win shared resources from *nix box, like in windows Network Environment ? Prompt, please, how ? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and Windows ACL Issue
Heh, nope. Ah... I can use setfacl setfacl -m user:ross:rwx crap Getfacl shows that ross has rwx perms too. However, its not reported back into windows, i.e security permissions for the file crap still shows administrator/domain admins :/ also when I try and add another user, still nothing. But progress! Cheers Ross -Original Message- From: Tony Earnshaw [mailto:[EMAIL PROTECTED] Sent: 02 June 2005 13:22 To: Ross McInnes Cc: samba@lists.samba.org Subject: RE: [Samba] Samba and Windows ACL Issue tor, 02.06.2005 kl. 13.55 skrev Ross McInnes: Yeah sorry about that, replied to all this time :) No sweat :) All of those returned positive, so from that I can assume that its running acl/xattr? Well, that's what I have; in short, you have all that I have. But then I can't understand that you're getting errors with setfacl, let alone Windows. Check your syntax, use the examples in 'man setfacl'. As for Samba, you don't have 'nt acl support = no' in smb.conf? Naaaeh :) --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Problem adding users from Windows using svrtool package
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bill Lumbergh wrote: | Hi, | | I have exactly the same situation: | | # pdbedit -a -u user | | ...works as expected. However adding a user | without explicitly setting logon script, | logon path and logon drive in USRMGR.EXE | ignores the settings in smb.conf and leaves | these fields empty in tsbsam. That's expected. usrmgr.exe sets these fields to an emtpy string unless you explicitly define otherwise. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCnxBZIR7qMdg1EfYRAk1+AKDTvJ2ajbZvAODWQ7ZPd0b7TfF1tQCeOVwe 8DefAABoxo+obqu4xNNmRIg= =xaVQ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Can we export Cluster File System mounted partitions using Samba?
Hi All, I was wondering if SAMBA server can be used to export CFS (Cluster File System) mounted partitions. That is, can you view a CFS directory present on a UNIX machine, from a Windows machine, with the SAMBA server running on the UNIX machine without any hitch. If so is there any issue related to performance or something? Could you please clarify this for me? Also can multiple SAMBA servers running on multiple machines which have the same CFS mount point export the same directory without any problem? I want this info urgently. Thanking you in advance, Sudhindra. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Accesse Outside...
En/na Tomasz Chmielewski ha escrit: Deleo Paulo Ribeiro Junior schrieb: Hello! Today, my second client asked me if it is possible to have access, using Samba, from the data they have in their networks. I am trying to make this work but, despite of all my efforts, I can not access the shared directories. Could, please, anyone tell me if this is possible and how to make it. I have read a lot about it but I did not find any information... Perhaps if you could write more clearly, someone would give you an answer? So my guess is you have a Samba server with files in some company, and its employee (or boss) wants to access these files when he/she is at home? VPN would be an answer here - try looking for OpenVPN, it has a Windows and Linux server/clients and is good supported / relatively easy to install. Another option could be smbwebclient: http://smbwebclient.sourceforge.net What is SMB Web Client? SMB Web Client is a simple script written by Victor M. Varela to use Windows Networks from a web browser. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can we export Cluster File System mounted partitions using Samba?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sudhindra Prasad wrote: | Hi All, | I was wondering if SAMBA server can be used to | export CFS (Cluster File System) mounted partitions. | That is, can you view a CFS directory present on a | UNIX machine, from a Windows machine, with the SAMBA | server running on the UNIX machine without any hitch. | If so is there any issue related to performance or | something? Could you please clarify this for me? | | Also can multiple SAMBA servers running on multiple | machines which have the same CFS mount point export | the same directory without any problem? As a user space daemon, smbd doesn't really care about the type of underlying file system as long as it is posix compliant. However, the difficulty in clustering Samba is the state needed for each session on each node. The state needs to be shared among all nodes exporting the same directory tree in order to get share modes and oplocks correct. This state is stored in various tdbs. These tdb's are mmap()'d on each node so if your share the tdb's between nodes (assuming your file system gets this right in the first place), the shared memory performance better be really good. btw...if you had searched some, this information has been discussed on the mailing lists before and you would probably find some presentations on the topic as well. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCnxU6IR7qMdg1EfYRAn49AJ4v3cB4p8HI8JkpnYA0m2eJNvNNWACeJ+g2 yAPLhqm8S5wPiC40o5IW4X4= =ow+D -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Accesse Outside...
an option is also access files using webdav via https: http://davenport.sourceforge.net/ -Original Message- From: Luca Olivetti [mailto:[EMAIL PROTECTED] Sent: 02 June 2005 16:12 To: samba@lists.samba.org Subject: Re: [Samba] Accesse Outside... En/na Tomasz Chmielewski ha escrit: Deleo Paulo Ribeiro Junior schrieb: Hello! Today, my second client asked me if it is possible to have access, using Samba, from the data they have in their networks. I am trying to make this work but, despite of all my efforts, I can not access the shared directories. Could, please, anyone tell me if this is possible and how to make it. I have read a lot about it but I did not find any information... Perhaps if you could write more clearly, someone would give you an answer? So my guess is you have a Samba server with files in some company, and its employee (or boss) wants to access these files when he/she is at home? VPN would be an answer here - try looking for OpenVPN, it has a Windows and Linux server/clients and is good supported / relatively easy to install. Another option could be smbwebclient: http://smbwebclient.sourceforge.net What is SMB Web Client? SMB Web Client is a simple script written by Victor M. Varela to use Windows Networks from a web browser. Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbclient not using winbind to authenticate
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Clinton Gormley wrote: | | I have followed all the steps in the instructions, and | wbinfo -a DOMAIN\\user%pass succeeds, as does getent | passwd user, but I can't seem to persuade smbclient | to trigger authentication through winbind. | | My smb.conf file on the standalone server looks like this: | | [global] | workgroup = DOMAINNAME | netbios name = SERVERNAME | username map = /etc/samba/smbusers | log level = 3 | syslog = 0 | log file = /var/log/samba/%m | max log size = 50 | smb ports = 139 445 | name resolve order = wins bcast hosts | time server = Yes | utmp = Yes | map acl inherit = Yes | veto files = /*.eml/*.nws/*.{*}/ | veto oplock files = /*.doc/*.xls/*.mdb/ | preferred master = Yes | wins server = 192.168.0.3 | idmap uid = 15000-2 | idmap gid = 15000-2 With security = user (the default) all authentication is against the local passdb backend. I think you want security = domain. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCnxbLIR7qMdg1EfYRAh2dAJ0WKELKJgCUrKarI139Se8bAKnt0QCfXW48 7PmN42TIT3d33CbupGDIof0= =1dez -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: net ads join - No such file or directory error ???
Rex Dieter wrote: Chin Teongli wrote: On Thursday 26 May 2005 18:50, Rex Dieter wrote: Here's one that's got me baffled. No such file or directory? # net ads join -U'AD-Administrator' AD-Administrator's password: [2005/05/26 08:15:00, 0] utils/net_ads.c:ads_startup(191) ads_connect: No such file or directory I've been testing 'net ads join' to our AD all week, but I've not seen this error before. I don't even know what it means so I don't know what to do about it. Hope you have the /etc/krb5.conf... I was able to replicate the same No such file or directory error on another box where I had inadvertantly made a typo specifying the Kerberos realm (Thought in this case, I'm 95% certain that I had it set correctly). Regardless of a typo or not, the error is still not very helpful in diagnosing the real problem. Let's consider this one a fluke unless I can reproduce the error again. -- Rex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: [EMAIL PROTECTED]@DOMAIN.LOCAL failed: Preauthentication failed
Rex Dieter wrote: OK, now after having some more wierdness, I tried re-joining our domain, and now I get: # net ads join [2005/05/16 14:37:04, 0] libads/ldap.c:ads_add_machine_acct(1405) ads_add_machine_acct: Host account for SAMBA_CLIENT1 already exists - modifying old account Using short domain name -- DOMAIN [2005/05/16 14:37:20, 0] libads/kerberos.c:get_service_ticket(337) get_service_ticket: kerberos_kinit_password [EMAIL PROTECTED]@DOMAIN.LOCAL failed: Preauthentication failed Joined 'SAMBA_CLIENT1' to realm 'DOMAIN.LOCAL' except it doesn't work. Is this something wrong with samba or with AD? (This same setup was working a couple of days ago). I'm able to faithfully reproduce this problem over the past few days. Attached is the output of: $ net ads join -d8 I'll open a bugzilla ticket for this issue later today, unless I hear something otherwise soon. -- Rex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and Windows ACL Issue
tor, 02.06.2005 kl. 15.46 skrev Ross McInnes: Ah... I can use setfacl setfacl -m user:ross:rwx crap Getfacl shows that ross has rwx perms too. However, its not reported back into windows, i.e security permissions for the file crap still shows administrator/domain admins :/ also when I try and add another user, still nothing. But progress! Ok. Now for the last attempt: right click on file crap, security tab, advanced button, try it from one of the tabs there (I've fscked my only Win XP Pro test m/c here, so can't try it for you). --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help: Failed to verify incoming ticket! revisited, problems with Samba/2003
I am struggling with a Samba/Server 2003 problem which doesn't make sense. I have compiled Samba 3.0.14a and MIT Kerberos 1.3.6 several times on different machines. I have a set of RPMS which work fine on one of my workstations, but do not work on the server. On the server I get the dreaded: reply_spnego_kerberos(173) Failed to verify incoming ticket! in the logs. I have compiled kerberos and samba on this machine, and still get the same error message. What is strange is that everything was working with this version of Kerberos and Samba a few days ago. I deleted this and installed from my custom RPMS and nothing has worked since. I've deleted all old executables. I've made sure libnss_winbind.so is installed properly. nsswitch.conf is configured. I've checked the system time. The server is joined to the domain, yet still it doesn't work. wbinfo, getent passwd both work correctly on the server. kinit works correctly on the server. -- log.smbd with log level 3 -- [2005/06/02 11:47:24, 3] smbd/process.c:process_smb(1091) Transaction 7 of length 1418 [2005/06/02 11:47:24, 3] smbd/process.c:switch_message(886) switch message SMBsesssetupX (pid 5968) conn 0x0 [2005/06/02 11:47:24, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=12 flg2=0xc807 [2005/06/02 11:47:24, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) Doing spnego session setup [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 48018 1 2 2 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 113554 1 2 2 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 3 6 1 4 1 311 2 2 10 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(447) Got secblob of size 1187 [2005/06/02 11:47:24, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(235) ads_secrets_verify_ticket: enc type [23] failed to decrypt with error Decrypt integrity check failed [2005/06/02 11:47:24, 3] libads/kerberos_verify.c:ads_verify_ticket(347) ads_verify_ticket: krb5_rd_req with auth failed (Unknown code 0) [2005/06/02 11:47:24, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! [2005/06/02 11:47:24, 3] smbd/error.c:error_packet(129) error packet at smbd/sesssetup.c(174) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2005/06/02 11:47:24, 3] smbd/process.c:process_smb(1091) Transaction 8 of length 1568 [2005/06/02 11:47:24, 3] smbd/process.c:switch_message(886) switch message SMBsesssetupX (pid 5968) conn 0x0 [2005/06/02 11:47:24, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=12 flg2=0xc807 [2005/06/02 11:47:24, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535) Doing spnego session setup [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566) NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 48018 1 2 2 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 2 840 113554 1 2 2 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(444) Got OID 1 3 6 1 4 1 311 2 2 10 [2005/06/02 11:47:24, 3] smbd/sesssetup.c:reply_spnego_negotiate(447) Got secblob of size 1337 [2005/06/02 11:47:24, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(235) ads_secrets_verify_ticket: enc type [23] failed to decrypt with error Decrypt integrity check failed [2005/06/02 11:47:24, 3] libads/kerberos_verify.c:ads_verify_ticket(347) ads_verify_ticket: krb5_rd_req with auth failed (Unknown code 0) [2005/06/02 11:47:24, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! [2005/06/02 11:47:24, 3] smbd/error.c:error_packet(129) error packet at smbd/sesssetup.c(174) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2005/06/02 11:48:24, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Any suggestions? Josh __ Discover Yahoo! Get on-the-go sports scores, stock quotes, news and more. Check it out! http://discover.yahoo.com/mobile.html -- To unsubscribe from this list go to the following URL and read the
RE: [Samba] Samba and AD
Do you have kerberos compiled on your machine? If so you may need to include the path to kerberos in your configure line Something like this: ./configure --with-ads --with-krb5=base=/usr/kerberos (or wherever kerberos lives..) Read the docs for version compatibilities between samba kerberos first though.. HTH Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mattier, Ricardo Sent: Wednesday, June 01, 2005 2:33 PM To: [EMAIL PROTECTED] Subject: [Samba] Samba and AD Hello, I can't seem to get Samba-3 to work with Active Directory. I'm currently running Solaris 9(Sparc). When I run ./configure --with-ads it seems to compile fine. However, when I goto join the AD domain, It come with an error.,ADS support not compiled in and ideas? Rick Mattier Systems Analyst II Windriver Systems 120 Royall St Canton, Ma 02021 [EMAIL PROTECTED] Canton: 781 364-2002 Nashua: 603 897-2084 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbindd chokes on W2K users in only one group
Hi there, I've been trying to set up Samba 3.0.14a with Active Directory integration on a network with an ordinary W2k Server PDC. I'm currently having a problem which I'm convinced has nothing to do with my Windows or Samba configuration. The problem only occurs when trying to connect to the Samba server from an authenticated domain account which is only a member of the default 'Domain users' group. When this is the case, the 'make_server_info_from_pw' function returns NT_STATUS_NO_SUCH_USER, incorrectly. Here is an appropriate log fragment (debug = 5): [2005/06/02 12:51:19, 3] libads/ads_ldap.c:ads_sid_to_dn(222) ads sid_to_dn mapped CN=Neil Klopfenstein,CN=Users,DC=geovectra,DC=cl [2005/06/02 12:51:19, 5] libads/ldap_utils.c:ads_do_search_retry(56) Search for (objectclass=*) gave 1 replies [2005/06/02 12:51:19, 3] nsswitch/winbindd_ads.c:lookup_usergroups_alt(463) ads: lookup_usergroups_alt [2005/06/02 12:51:19, 5] libads/ldap_utils.c:ads_do_search_retry(56) Search for ((member=CN=Neil Klopfenstein,CN=Users,DC=geovectra,DC=cl)(objectClass=group)) gave 0 replies [2005/06/02 12:51:19, 5] nsswitch/winbindd_ads.c:lookup_usergroups_alt(498) lookup_usergroups: No supp groups found [2005/06/02 12:51:19, 4] auth/auth_util.c:add_user_groups(796) get_user_groups_from_local_sam failed [2005/06/02 12:51:19, 5] auth/auth_util.c:free_server_info(1406) attempting to free (and zero) a server_info structure [2005/06/02 12:51:19, 1] smbd/sesssetup.c:reply_spnego_kerberos(265) make_server_info_from_pw failed! [2005/06/02 12:51:19, 3] smbd/error.c:error_packet(105) error string = No such file or directory [2005/06/02 12:51:19, 3] smbd/error.c:error_packet(129) error packet at smbd/sesssetup.c(270) cmd=115 (SMBsesssetupX) NT_STATUS_NO_SUCH_USER If the same user is added to another group, it works fine, though. I'm a little surprised that I have not seen this problem reported anywhere else, so there is probably something else going on. For what it's worth, I am using a Spanish version of Redhat 9, compiling Samba with the 'makerpms.sh' script, and also using the Spanish version of Windows 2000 Server with the most recent service pack. I have experienced this problem in 3.0.13 and 3.0.14a. I didn't try any earlier versions. -- neil klopfenstein -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] more on ailing printer system
The Unix print spools are cni-hp-8150 and the like, letters, numbers, and dashes. The printcap file is /etc/printers.conf: lauterbur{75}# more /etc/printers.conf # # If you hand edit this file, comments and structure may change. # The preferred method of modifying this file is through the use of # lpset(1M) # cni-hp-8150:\ :bsdaddr=lauterbur,cni-hp-8150,Solaris:\ :description=HP 8150 in the MRI Control Room: cni-hp-2200:\ :bsdaddr=lauterbur,cni-hp-2200,Solaris:\ :description=HP 2200 in the Image Analysis Room: cni-oki-c7400:\ :bsdaddr=lauterbur,cni-oki-c7400,Solaris:\ :description=Oki Color Printer: cni-hp-4500:\ :bsdaddr=lauterbur,cni-hp-4500,Solaris:\ :description=HP 4500 in the MR Control Room: lauterbur{76}# I think the fancy names presented by Samba come from the actual driver files, perhaps some .inf file. Adding sections to smb.conf for each printer did not improve the situation, I still have clients who can, after waiting minutes, obtain a Properties dialog for some printers, but not others. Other clients go off forever, permitting me to restart explorer.exe if I need to get rid of those windows. For now, I am turning off everything related to printing in Samba - the users are beginning to contemplate what it would be like to print their documents again - and going with locally installed printers. Installing drivers on each of 20 workstations beats the headache I have now. Cheers, Chuck At 06:09 AM 6/2/2005, Paul Gienger wrote: [2005/06/01 17:15:17, 3] smbd/service.c:find_service(164) checking whether HP Color LaserJet 4500 PCL 6 is a valid printer name... [2005/06/01 17:15:17, 3] smbd/service.c:find_service(174) HP Color LaserJet 4500 PCL 6 is not a valid printer name [2005/06/01 17:15:17, 3] smbd/service.c:find_service(211) find_service() failed to find service HP Color LaserJet 4500 PCL 6 [2005/06/01 17:15:17, 10] printing/nt_printing.c:get_a_printer(4095) get_a_printer: [printers] level 2 What is the name of your printer spool on the unix side? Perhaps something without spaces? What would happen if you renamed your printer to not have spaces, like hp4500? I don't know if it applies currently but there are some references on the web to the 2.2 series that cannot handle spaces in printer names. Chuck Theobald System Administrator The Robert and Beverly Lewis Center for Neuroimaging University of Oregon P: 541-346-0343 F: 541-346-0345 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] more on ailing printer system
I think the fancy names presented by Samba come from the actual driver files, perhaps some .inf file. Yep, they sure are, and you can rename them. For now, I am turning off everything related to printing in Samba - the users are beginning to contemplate what it would be like to print their documents again - and going with locally installed printers. Installing drivers on each of 20 workstations beats the headache I have now. Did things change at all when you tried my suggestion of renaming them to a shortened, no-spaces version? I know I've had problems when the names were long and obnoxious, but I honestly can't remember what versions with -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Access Permissions for Network Resource
Hello, I have used Samba to create a file share of a folder on a linux box that I have setup for testing purposes. When I go to map a drive to this share on my Windows XP machine I can see the shared folder on this computer. However when I try to open this folder or map it to a drive even after entering the root user and the associated password for this Linux box I am continually seeing the message \\Mytest\linuxWWW is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. Multiple connections to a server or shared resource by the same user, using more then one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.. I have look five times over the resources that I have set up and I am not seeing another connection. Just in case it might be of use to sombody who can help me I am going to post sbm.conf file that I currently have on this linux box. # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command testparm # to check that you have not made any basic syntactic errors. # #=== Global Settings = [global] dns proxy = no log file = /var/log/samba/log.%m smb passwd file = /etc/samba/smbpasswd load printers = yes printing = cups server string = Samba Server %v socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 workgroup = MDKGROUP map to guest = bad user encrypt passwords = yes printcap name = cups security = user printer admin = @adm max log size = 50 [homes] browseable = no comment = Home Directories valid users = andy,ericl,root writeable = yes public = yes [printers] comment = All Printers path = /var/spool/samba browseable = no # to allow user 'guest account' to print. guest ok = yes writable = no printable = yes create mode = 0700 # = # print command: see above for details. # = print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. # print command = lpr-cups -P %p %s # using cups own drivers (use generic PostScript on clients). # If you install drivers on the server, you will want to uncomment this so # clients request the driver use client driver = yes # This share is used for Windows NT-style point-and-print support. # To be able to install drivers, you need to be either root, or listed # in the printer admin parameter above. Note that you also need write access # to the directory and share definition to be able to upload the drivers. # For more information on this, please see the Printing Support Section of # /usr/share/doc/samba-version/docs/Samba-HOWTO-Collection.pdf # # A special case is using the CUPS Windows Postscript driver, which allows # all features available via CUPS on the client, by publishing the ppd file # and the cups driver by using the 'cupsaddsmb' tool. This requires the # installation of the CUPS driver (http://www.cups.org/windows.php) # on the server, but doesn't require you to use Windows at all :-). [print$] path = /var/lib/samba/printers browseable = yes write list = @adm root guest ok = yes inherit permissions = yes # Settings suitable for Winbind: # write list = @Domain Admins root # force group = +@Domain Admins # A useful application of samba is to make a PDF-generation service # To streamline this, install windows postscript drivers (preferably colour) # on the samba server, so that clients can automatically install them. # Note that this only works if 'printing' is *not* set to 'cups' [pdf-gen] path = /var/tmp guest ok = No printable = Yes comment = PDF Generator (only valid users) printing = bsd #print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP print command = /usr/share/samba/scripts/print-pdf %s %H //%L/%u %m %I %J lpq command = /bin/true # A share allowing administrators to set ACLs on, or access for backup purposes # ll files (as root). #[admin] # path = / # admin users = @Domain Admins # valid users = @Domain Admins # browseable = no # writeable = yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the staff group ;[public] ; comment =
RE: [Samba] printing totally broken
Had a similar, if not identical problem on our network too. Wasn't so much a problem with samba though. Turned out to be a resolution issue between CUPS and any network print servers (mostly built-in or external HP Jet Direct Units). Seems CUPS wants a hostname to resolve one way or another to an IP address, we did manage to fix the problem relatively easily at that. We simply gave each of the printer servers on the network a legit hostname and associated reverse dns entry as well and the delay pretty much disappeared. Seems the HP units in particular (by default too) have various protocols enabled, and reply using their own 'default' hostnames on the network ... If no actual mapping for this hostname exists, then huge communication delays occur between cups and the jet directs, which in turn seemed to delay samba from requests to/from the queue... Like I said though, simple DNS records did solve it - may or may not be the same for yourself, but worth looking at nonetheless. -- Nathan Vidican [EMAIL PROTECTED] Windsor Match Plate Tool Ltd. http://www.wmptl.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chuck Theobald Sent: Wednesday, June 01, 2005 4:58 PM To: samba@lists.samba.org Subject: [Samba] printing totally broken Hi All, I have a serious problem with my Samba printing. Basically, it is totally broken. The symptoms include client machines waiting forever for a print dialog to appear, especially Win2k machines, and a complete inability to get a properties dialog reliably. I run Samba 3.0.14a + OpenLDAP 2.2.24 on Solaris 8 on a V880. My smb.conf is as below. Any advice would be appreciated. lauterbur{33}# more /usr/local/samba/lib/smb.conf ## LCNI Configuration, passed through testparm, 2005.05.15.cdt ## # Global parameters [global] workgroup = LCNI server string = Lauterbur Server passdb backend = ldapsam:ldap://lauterbur.uoregon.edu password level = 8 username level = 8 log level = 2 winbind:10 log file = /var/adm/samba/smblog.%m max log size = 500 printcap name = /etc/printers.conf add user script = /usr/local/samba/sbin/smbldap-useradd -m %u delete user script = /usr/local/samba/sbin/smbldap-userdel %u add group script = /usr/local/samba/sbin/smbldap-groupadd -p %g delete group script = /usr/local/samba/sbin/smbldap-groupdel %g add user to group script = /usr/local/samba/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/samba/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/samba/sbin/smbldap-usermod -g %g %u add machine script = /usr/local/samba/sbin/smbldap-useradd -w %u ##logon script = logon.bat logon path = logon drive = H: logon home = domain logons = Yes os level = 33 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=smbadmin,ou=People,dc=lcni,dc=uoregon,dc=edu ldap delete dn = Yes ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = dc=lcni,dc=uoregon,dc=edu ldap ssl = start tls ldap user suffix = ou=People admin users = chuck printer admin = chuck, @sysadmin, root, @staff printing = sysv ##print command = /usr/ucb/lpr -r -h -P'%p' %s ##lpq command = /usr/ucb/lpq -P'%p' ##lprm command = /usr/ucb/lprm -P'%p' %j [printers] path = /var/spool/samba printable = Yes browseable = No [print$] comment = Print Driver Area path = /usr/local/samba/lib/printers write list = chuck, @sysadmin, root, @staff browseable = No [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Domain Logon path = /usr/local/samba/lib/netlogon browseable = No [profiles] comment = Roaming Profiles path = /usr/local/samba/lib/profiles read only = No create mask = 0600 directory mask = 0700 browseable = No [staff] comment = Lauterbur Staff Share path = /vxfsvol/staff read only = No [public] comment = Lauterbur Public Share path = /vxfsvol/public read only = No [office-admin] comment = Office Administrative Share path = /vxfsvol/home/staff/office-admin read only = No lauterbur{34}# Chuck Theobald System Administrator The Robert and Beverly Lewis Center for Neuroimaging University of Oregon P: 541-346-0343 F: 541-346-0345 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe
[Samba] Re: net password from OS/2 client
Jeremy Allison wrote: Can you compile with -DDEBUG_PASSWORD and send in a debug level 100 for an attempt to change the password for a dummy user. Jeremy. I have done so and sent the log but evidently it was too large to be posted. I took at stab at editing it to make it smaller, hopefully I have not cut out important information. If I have let me know and I will post the parts that I have edited out. liv [2005/06/01 13:04:12, 5] lib/util.c:show_msg(464) size=134 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=3 smb_tid=1 smb_pid=168 smb_uid=100 smb_mid=2356 smt_wct=14 smb_vwv[ 0]= 58 (0x3A) smb_vwv[ 1]=0 (0x0) smb_vwv[ 2]=4 (0x4) smb_vwv[ 3]=0 (0x0) smb_vwv[ 4]=0 (0x0) smb_vwv[ 5]=0 (0x0) smb_vwv[ 6]= 5000 (0x1388) smb_vwv[ 7]=0 (0x0) smb_vwv[ 8]=0 (0x0) smb_vwv[ 9]= 58 (0x3A) smb_vwv[10]= 76 (0x4C) smb_vwv[11]=0 (0x0) smb_vwv[12]=0 (0x0) smb_vwv[13]=0 (0x0) smb_bcc=71 [2005/06/01 13:04:12, 10] lib/util.c:dump_data(2034) [000] 5C 50 49 50 45 5C 4C 41 4E 4D 41 4E 00 73 00 7A \PIPE\LA NMAN.s.z [010] 62 31 36 62 31 36 57 57 00 00 74 65 73 74 75 73 b16b16WW ..testus [020] 65 72 00 2F CD 40 B6 8B 92 EF 62 FD F6 06 9E 35 er./[EMAIL PROTECTED] ..b5 [030] 78 8D 05 F1 9E AA EA C7 B4 45 A5 81 99 25 49 F6 x... .E...%I. [040] 34 25 9B 01 00 08 00 4%. [2005/06/01 13:04:12, 3] smbd/process.c:switch_message(893) switch message SMBtrans (pid 5495) conn 0x83c67b0 [2005/06/01 13:04:12, 0] smbd/process.c:smb_dump(847) created /tmp/SMBtrans.20.req len 138 [2005/06/01 13:04:12, 4] smbd/uid.c:change_to_user(194) change_to_user: Skipping user change - already user [2005/06/01 13:04:12, 3] smbd/ipc.c:reply_trans(539) trans \PIPE\LANMAN data=0 params=58 setup=0 [2005/06/01 13:04:12, 5] smbd/ipc.c:reply_trans(560) calling named_pipe [2005/06/01 13:04:12, 3] smbd/ipc.c:named_pipe(334) named pipe command on LANMAN name [2005/06/01 13:04:12, 3] smbd/lanman.c:api_reply(3580) Got API command 115 of form zb16b16WW (tdscnt=0,tpscnt=58,mdrcnt=0,mprcnt=4) [2005/06/01 13:04:12, 3] smbd/lanman.c:api_reply(3584) Doing SetUserPassword [2005/06/01 13:04:12, 3] smbd/lanman.c:api_SetUserPassword(2012) Set password for testuser [2005/06/01 13:04:12, 5] auth/auth.c:make_auth_context_subsystem(480) Making default auth method list for standalone security=user, encrypt passwords = yes [2005/06/01 13:04:12, 5] auth/auth.c:load_auth_module(384) load_auth_module: Attempting to find an auth method to match guest [2005/06/01 13:04:12, 5] auth/auth.c:load_auth_module(409) load_auth_module: auth method guest has a valid init [2005/06/01 13:04:12, 5] auth/auth.c:load_auth_module(384) load_auth_module: Attempting to find an auth method to match sam [2005/06/01 13:04:12, 5] auth/auth.c:load_auth_module(409) load_auth_module: auth method sam has a valid init [2005/06/01 13:04:12, 5] auth/auth.c:get_ntlm_challenge(95) auth_get_challenge: module guest did not want to specify a challenge [2005/06/01 13:04:12, 5] auth/auth.c:get_ntlm_challenge(95) auth_get_challenge: module sam did not want to specify a challenge [2005/06/01 13:04:12, 5] auth/auth.c:get_ntlm_challenge(135) auth_context challenge created by random [2005/06/01 13:04:12, 5] auth/auth.c:get_ntlm_challenge(136) challenge is: [2005/06/01 13:04:12, 5] lib/util.c:dump_data(2034) [000] 3F E9 0C D4 32 81 1F 8A ?...2... [2005/06/01 13:04:12, 5] auth/auth_util.c:make_user_info_for_reply(397) make_user_info_for_reply: User passwords not in encrypted format. [2005/06/01 13:04:12, 10] auth/auth_util.c:make_user_info_for_reply(403) Unencrypted password (len 17): [2005/06/01 13:04:12, 100] lib/util.c:dump_data(2034) [000] 2F CD 40 B6 8B 92 EF 62 FD F6 06 9E 35 78 8D 05 /[EMAIL PROTECTED] 5x.. [010] 00. [2005/06/01 13:04:12, 3] lib/charcnv.c:convert_string_allocate(585) convert_string_allocate: Conversion error: Illegal multibyte sequence([EMAIL PROTECTED]) [2005/06/01 13:04:12, 3] lib/charcnv.c:convert_string_allocate(576) convert_string_allocate: Conversion error: Incomplete multibyte sequence(¶ïbýö5x) [2005/06/01 13:04:12, 3] lib/charcnv.c:convert_string_allocate(576) convert_string_allocate: Conversion error: Incomplete multibyte sequence(ïbýö5x) [2005/06/01 13:04:12, 3] lib/charcnv.c:convert_string_allocate(576) convert_string_allocate: Conversion error: Incomplete multibyte sequence(ïbýö5x) [2005/06/01 13:04:12, 3] lib/charcnv.c:convert_string_allocate(585) convert_string_allocate: Conversion error: Illegal multibyte sequence(ïbýö5x) [2005/06/01 13:04:12, 3] lib/charcnv.c:convert_string_allocate(576) convert_string_allocate: Conversion error: Incomplete multibyte sequence(ýö5x) [2005/06/01 13:04:12, 3] lib/charcnv.c:convert_string_allocate(585)
[Samba] multiple connections failure
Sorry to bother those of you who are faced with issues probably not as trivial my concern, but I am hitting a brick wall. I am upgrading from Samba 2.2.5 to 3.0.14a on a Solaris 8 box. I have configured, run make, makepkg and installed using pkgadd. I am using the same smbpasswd file and smb.conf file I used with 2.2.5. However, these files are now in the /etc/samba directory rather than the directory where Samba is installed. When I start the smbd and nmbd daemons (as follows), /opt/samba-3.0.14a/sbin/smdb -D /opt/samba-3.0.14a/sbin/nmdb -D I am able to see (on WinXp SP1) the two UNIX file systems that I have mapped to the F: and G: drives. Things seem to be OK. However, when a second user tries the same thing, the Windows Explorer locks up and the Unix file system is not recognized. If the explorer is killed, all of the XP icons (and the entire desktop) is erased until I kill the Samba processes. It feels like there is only one connection being allowed. I set the 'max connections' flag in the smb.conf file but it made no difference. I have searched the docs included with the installation, but since I am not really sure what I am looking for (what is causing the problem) I have not found a solution. Is there something elementary that I have failed to realize or is there a ton of modifications required to the .conf file for 3.0.14a which I have not addressed (since I am using the same smb.conf used with 2.2.5). Thank you for any insight you may have on what I have missed. Lance Murri 208 526 2661 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba trusted domains and access control lists problem (cannot delete or rename)
Hi, I am having difficuly deleting and renaming files with users from a foreign domain using acls. My setup is as follows : I have two Samba (3.0.14a)/LDAP domains connected via a VPN (OpenVPN) with a bi-directional trust relationship established. The trust relationship appears to be working correctly. I can log on onto PC's at either end on either Domain :) and the browse lists of both domains are syncronising properly. I am using the same WINS server for both domains and this is located in DomA on the Primary Domain Controller. I want users on DomB to be able to access shares on Domain Member servers on DomA. Winbind is running on my fileservers and i am using ldap as an idmap backend. Users from DomA are mapped on my Domain member server using ldap and DomB users are mapped using winbind. I have the following entry in my nsswitch.conf file: passwd: files ldap winbind shadow: files ldap winbind group: files ldap winbind I have not seen anyone else do this so i am not sure if it is correct :). It appears to work however as 'getent passwd' and 'getent group' return users from both Domains. Users of DomB are prepended with DomB+ (as expected). So far so good ... The following is a share on one of my Domain member server on DomA [Materials] comment = Materials Share path = /var/shares/Materials read only = No inherit permissions = Yes inherit acls = Yes I can successfully set the acls's from the shell using setfacl. The permissions on the above share are as follows # file: Materials # owner: root # group: DomA Users user::rwx group::rwx group:DomB+DomB users:rwx mask::rwx other::--- default:user::rwx default:user:root:rwx default:group::rwx default:group:DomA Users:rwx default:group:DomB+DomB users:rwx default:mask::rwx default:other::--- Users from DomB can successfully access the share. They can even create files as follows in the root directory of the above share : # file: New Text Document.txt # owner: DomB+yorketom # group: DomB+domain users user::rwx user:root:rwx #effective:rw- group::rwx #effective:rw- group:DomA Users:rwx #effective:rw- group:DomB+DomB users:rwx #effective:rw- mask::rw- other::--- However, I cannot delete or rename this file ?!. So to summerise i have two main questions: 1. Why are the effective permissions on the file above 'rw-' ? 2. In windows i can see permissions for the owner, group and also Everyone but none of the other permissions, for example 'group:DomA Users:rwx #effective:rw-' as listed above ? If you've managed to get this far, thanks for reading :). regards, Ian -- Ian Clancy IT Systems Engineer Connaught Electronics Ltd. Dunmore Rd, Tuam, Co. Galway, Ireland. P : ++353 93 23151 F : ++353 93 23110 E : mailto:[EMAIL PROTECTED] W : http://www.cel-europe.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] failed to add domain dn= sambaDomainName=hostname
On Tue, May 31, 2005 at 12:38:13AM +0200, Geert Stappers wrote: Hello, On a computer, a sparc64 with Debian, with hostname tw89 and domain name KUDDE thinks `smbpasswd` that the domain name is TW89 snip/ | tw89:~ | # smbpasswd -D 4 -a mymom | Searching for:[((objectClass=sambaDomain)(sambaDomainName=TW89))] | smbldap_open_connection: connection opened | ldap_connect_system: succesful connection to the LDAP server | ldap_connect_system: LDAP server does support paged results | The LDAP server is succesfully connected | Got no domain info entries for domain | Adding new domain | failed to add domain dn= sambaDomainName=TW89,dc=gst,dc=stappers,dc=nl | with: Insufficient access | no write access to parent | Adding domain info for TW89 failed with NT_STATUS_UNSUCCESSFUL | pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the | domain | pdb_init_ldapsam: Continuing on regardless, will be unable to allocate | new users/groups, and will risk BDCs having inconsistant SIDs | New SMB password: ^C | Interupted by signal. | tw89:~ | # Why does it use it's hostname and the workgroup? and not the workgroup? It seems to happen in source/passdb/pdb_ldap.c and from what I can see now, is that works fine. Cheers Geert Stappers TNX -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Crashing Suse 9.2 box - Samba prime suspect
I'm running Suse 9.2, up to date via Yast, samba 3.0.9-2.3, openssh 3.9p1-3.2. I had two hard crashes on my Suse 9.2 server in the last four days since I mounted two Windows server shares to the Linux box. Prior to that, machine has been stable for several months. Primary use is cvs server with ssh tunnelling pserver from PuTTY. Crash 1: I connected in from home using WSFTP Pro 9.01 in FTP/SSH mode to download a Windows directory tree mounted to the Suse server via smbmount. After transfer was successfully completed, Linux went down hard as I tried to start another transfer. I repeated process using direct a LAN connection with the same result. The messages log shows : May 29 01:27:40 engsrv sshd[13206]: Accepted publickey for my name deleted from my IP deleted port 12690 ssh2 May 29 01:27:40 engsrv pure-ftpd: ([EMAIL PROTECTED]) [INFO] New connection from local host May 29 01:27:40 engsrv pure-ftpd: ([EMAIL PROTECTED]) [INFO] Logout. May 29 01:27:41 engsrv sshd[13209]: subsystem request for sftp May 29 11:50:29 engsrv syslogd 1.4.1: restart. text in is my comment. I deduce from the timestamps that the subsystem request for sftp line is the last thing written before the crash. Crash 2: User using ssh shell on local lan does a find, and the server crashes. I see in the messages logfile a string of errors like this : Jun 2 07:50:19 engsrv kernel: smb_proc_readdir_long: dirent pointer outside buffer! c084bba3 [EMAIL PROTECTED] followed by a restart entry. As these two error events both relate to samba, I thought this would be a place to ask for help. Can anyone offer any clues or suggestions? Cheers, julian. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Authenticate users through PAM
Sorry if you've heard this question a lot of times before, but, ¿Is there any way to use the users in /etc/passwd /etc/shadow as Samba users? I am using Fedora Core 3 and samba-3.0.10-1.fc3 and I don't want to have two separated user databases. Maybe through PAM or something... Thanks! Carlos __ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.espanol.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows logon doesn't work, Samba says it's fine
This is an immensely frustrating problem. I try to logon to my Samba 3.0.11 PDC running on SuSE, and the Samba logs report that it all went swimmingly: [2005/06/02 16:34:45, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [stpierre] - [stpierre] - [stpierre] succeeded So w00t, right. But no! Windows rejects my login with a bad password error. The strange thing is that I can mount volumes from that server without a problem -- it's only domain logons that are broken. Googling didn't turn up much, but it seemed in general to be a problem with mismatched SIDs. Here are mine: From the server: # net getlocalsid SID for domain FLUFFY is: S-1-5-21-2946021175-1172358965-46922411 In my LDAP backend (all of these were copied directly from the results of ldapsearch): The machine account: sambaSID=S-1-5-21-2946021175-1172358965-46922411-3048 The user account: sambaSID=S-1-5-21-2946021175-1172358965-46922411-5546 The domain account: sambaSID=S-1-5-21-2946021175-1172358965-46922411 As you can see, they're all identical. I dearly wish the problem could be mismatched SIDs, but it doesn't appear to be. My full smb.conf is below. Any ideas? Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University --- smb.conf: --- [global] server string = Fluffy workgroup = NWU_FLUFFY netbios name = FLUFFY log level = 2 encrypt passwords = yes max smbd processes = 0 socket options = TCP_NODELAY use sendfile = no add machine script = /usr/local/samba/scripts/trust-acct.pl '%u' logon script = scripts\logon.bat logon path = \\%L\profiles\%U domain logons = yes domain master = yes local master = yes preferred master = yes wins server = 10.9.1.12 security = user admin users = stpierre os level = 33 passdb backend = ldapsam:ldap://ldap.nebrwesleyan.edu ldap suffix = o=nebrwesleyan.edu,o=isp ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap filter = (uid=%u) ldap admin dn = cn=manager ldap ssl = no #idmap backend = ldap:ldap://newman.nebrwesleyan.edu idmap uid = 1-2 idmap gid = 1-2 [netlogon] comment = Network Logon Service path = /usr/local/samba/var/netlogon guest ok = yes locking = No [profiles] [profiles] comment = Profile Share path = /usr/local/samba/var/profiles read only = No create mask = 0600 directory mask = 0700 nt acl support = Yes csc policy = disable share modes = no profile acls = yes [tmp] comment = temporary files path = /tmp read only = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, # pdbedit -P maximum password age -C 5007600 Does it apply for all users in my domain??? This feature must be activated on yout domain-master. I've set this option also at all other samba domain-controllers (PDC's an BDC's). I don't know, if this is required. There is the ldap-attribute shadowMax: 60 for each user, but I don't know if this works yet with samba 3.0.14. matze how to activated this account -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbfs intermittent errors: tdb_lock failed, ERRDOS 71
Hi, I recently upgraded an older box running as a file server for a small company to Mandriva (Mandrake) 10.1. It's running Samba 3.0.10.1, the default Mandrake package. We have a custom script that mounts a Windows share using smbfs, backs up specific directories, and unmounts when it's done. The problem is, it's not mounting reliably. There is an entry in /etc/fstab for the share, complete with login credentials. Usually I can just log in as root and run: mount /home/dubois/smb/dumas ... and it mounts and runs just fine. But sometimes it fails to mount, returning Mounting: /home/dubois/smb/dumas 6606: tree connect failed: ERRDOS - 71 SMB connection failed Other shares on other computers mount just fine--it's always this same remote computer, which is running Windows XP Professional. I find in the /var/log/samba/smbmount.log this: [2005/06/02 03:19:50, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/cache/samba/gencache.tdb): tdb_lock failed on list 16 ltype=0 (Bad file descriptor) [2005/06/02 03:19:50, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/cache/samba/gencache.tdb): tdb_lock failed on list 16 ltype=1 (Bad file descriptor) [2005/06/02 03:19:50, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/cache/samba/gencache.tdb): tdb_lock failed on list 48 ltype=0 (Bad file descriptor) [2005/06/02 03:19:51, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/cache/samba/gencache.tdb): tdb_lock failed on list 16 ltype=1 (Bad file descriptor) With the previous Linux installation, an older Red Hat install with somewhere around version 2.1, this share had been mounting flawlessly every night for the last month. Since upgrading, it seems to fail 50% of the time, and succeed 50% of the time. I'm using the old smb.conf and smbpasswd files, but otherwise all the other supporting Samba files are from the new installation. Anybody have any hints, tips, fixes, or troubleshooting steps? What more information should I provide? Thanks, -- John Locke Open Source Solutions for Small Business Problems published by Charles River Media, June 2004 http://www.freelock.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, # pdbedit -P maximum password age -C 5007600 Does it apply for all users in my domain??? This feature must be activated on yout domain-master. I've set this option also at all other samba domain-controllers (PDC's an BDC's). I don't know, if this is required. There is the ldap-attribute shadowMax: 60 for each user, but I don't know if this works yet with samba 3.0.14. matze i think i have prompt in pdbedit -P maximum password age -C 86400 it is almost 1 day, just for testing only purpose. then, when i get to show all the accounts, it shows this to me Unix username:yohiu NT username: yohiu Account Flags:[U ] User SID: S-1-5-21-1584484687-1589642492-3641120062-3006 Primary Group SID:S-1-5-21-1584484687-1589642492-3641120062-513 Full Name:Hiu Yen Onn Home Directory: \\SY\homes\yohiu HomeDir Drive:H: Logon Script: mis.bat Profile Path: \\SY\profiles\yohiu Domain: SHINYANG Account desc: Network Engineer Workstations: Munged dial: Logon time: 0 Logoff time: Sat, 14 Dec 1901 04:45:51 GMT Kickoff time: 0 Password last set:Thu, 02 Jun 2005 15:17:38 GMT Password can change: Thu, 02 Jun 2005 15:17:38 GMT Password must change: Sat, 14 Dec 1901 04:45:51 GMT Last bad password : 0 Bad password count : 0 from the above, the password must change flag indicating the password is expired on Sat, 14 Dec 1901 04:45:51 GMT, but, it is not 1 day after the password have been changed. weird i am so confusing... thanks for helps...anyway... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Migration from NT Domain to AD
My company is in the process of migrating from an NT 4.0 Domain to a Windows 2003 Active Directory Domain. We have setup a pristine AD domain and have begun moving machines and users over to it. Part of this migration process is moving to a new domain name. We have several Samba servers that are currently members of the NT 4.0 domain. These Samba servers are running on a mix of both Linux and AIX machines. The Samba servers are all used for basic file and print sharing. My plan is to leave these servers in security = domain mode, rather than switching to security = ads; at least initially. The Linux servers are all running fairly current versions of Samba, ranging from 3.0.7 to 3.0.11. On most of these servers we are using winbind to authenticate through the NT domain. On a test server I updated the smb.conf to reflect the new domain name and the new password servers, and joined the new AD domain. Everything seems to be working OK on this test system. The one question I have on these Linux/winbind servers is: Are there any tools or scripts available to update file and folder security? For example, File.txt is owned by OLDDOMAIN+USER1. Is there anything available to update this file so that it is now owned by NEWDOMAIN+USER1? I know I can use the chown command to update the file, but I'm wondering if there are any tools to do this on a complete directory structure. My bigger problem is with the AIX servers. They are currently running Samba version 2.2.8a. I tried joining the new AD domain on one of these systems and ran into Access denied problems. I knew it was probably about time to get these servers more up to date with Samba, so I didn't waste too much time trying to figure out this problem. Instead I compiled and installed the latest (3.0.14a) version. After doing this I first checked to make sure everything was OK with this version before migrating to the new domain. Once I verified that things were OK, I updated the smb.conf and joined the new AD domain (successfully). However, when I started Samba back up I began getting errors and/or prompts for user-name/password on the client side. In the server logs I am also seeing errors, the most significant of which seems to be the following: domain_client_validate: could not fetch trust account password for domain BROSCO. After trying a few things unsuccessfully, I tried rejoining the original NT 4.0 domain. Again the join was successful, but I was getting the same errors/problems on both the client and server. I eventually had to restore Samba from backup in order to get things working again. I'm not sure where the problem lies or what to try next. Any help or suggestions for either my Linux/winbind question or (mostly) my AIX problem would be appreciated. Thanks in advance. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Dreaded homes not sharing problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I just upgraded to Mdv LE 2005 fm MDK 10.1. Sure enough, I've got the dreaded homes not sharing problem. Anybody got the answer to this? Jim C. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCn9gS57L0B7uXm9oRAs/9AJ9irks7SWmCiaAAEqsYz0dr5JYq/ACfXNA/ A4tceyTN1Ued0AsBvf3ERNs= =epiP -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] reverse veto files?
I know how veto files works, but there is anyway to have some valid files like the valid users to ONLY allow files with some extension and not have to restrict one by one on the veto files? tnxs in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Unable to see linux filesystem with samba running
Hi I am new to Linux. I am using Redhat 9.0. I have installed the Samba software, configured the smb.conf, added my client Windows XP box into the hosts.allow, hosts.equiv etc and started the smb service. Still I am unable to map the Linux share on to my Windows XP box. I have tried enabling and disabling the XP firewall also. I can see the Linux machine name in the Windows explorer My network Places under the configured workgroup, but I can not see the shares. It gives me the error Network path \\as01pgoelvm1\apac file:///\\as01pgoelvm1\apac not found apac is the name of the share I have created on my Linux VMware machine as01pgoelvm1 Can some please help me? Thanks Regards Parveen Goel Honeywell Software Center 2 Richardson Place, North Ryde, NSW 2113, Australia Ph: (612)9353 7268 Fax: (612)93537237 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r7191 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2005-06-02 06:19:02 + (Thu, 02 Jun 2005) New Revision: 7191 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7191 Log: Squeezing out more unnecessary memset's gets us up 20% over older code :-). Getting medieval on our ass about memset Jeremy. Modified: branches/SAMBA_3_0/source/smbd/trans2.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/trans2.c === --- branches/SAMBA_3_0/source/smbd/trans2.c 2005-06-02 05:27:37 UTC (rev 7190) +++ branches/SAMBA_3_0/source/smbd/trans2.c 2005-06-02 06:19:02 UTC (rev 7191) @@ -858,12 +858,12 @@ } *pparams = params; - memset((char *)params,'\0',30); SSVAL(params,0,fsp-fnum); SSVAL(params,2,fmode); put_dos_date2(params,4, mtime); SIVAL(params,8, (uint32)size); SSVAL(params,12,rmode); + SSVAL(params,16,0); /* Padding. */ if (oplock_request lp_fake_oplocks(SNUM(conn))) { smb_action |= EXTENDED_OPLOCK_GRANTED; @@ -875,9 +875,12 @@ * WARNING - this may need to be changed if SMB_INO_T 4 bytes. */ SIVAL(params,20,inode); + SSVAL(params,24,0); /* Padding. */ if (flags 8) { uint32 ea_size = estimate_ea_size(conn, fsp, fname); SIVAL(params, 26, ea_size); + } else { + SIVAL(params, 26, 0); } /* Send the required number of replies */ @@ -1164,13 +1167,13 @@ SIVAL(p,0,reskey); p += 4; } - put_dos_date2(p,l1_fdateCreation,cdate); - put_dos_date2(p,l1_fdateLastAccess,adate); - put_dos_date2(p,l1_fdateLastWrite,mdate); - SIVAL(p,l1_cbFile,(uint32)file_size); - SIVAL(p,l1_cbFileAlloc,(uint32)allocation_size); - SSVAL(p,l1_attrFile,mode); - p += l1_achName; + put_dos_date2(p,0,cdate); + put_dos_date2(p,4,adate); + put_dos_date2(p,8,mdate); + SIVAL(p,12,(uint32)file_size); + SIVAL(p,16,(uint32)allocation_size); + SSVAL(p,20,mode); + p += 23; nameptr = p; p += align_string(outbuf, p, 0); len = srvstr_push(outbuf, p, fname, -1, STR_TERMINATE); @@ -1196,17 +1199,17 @@ SIVAL(p,0,reskey); p += 4; } - put_dos_date2(p,l2_fdateCreation,cdate); - put_dos_date2(p,l2_fdateLastAccess,adate); - put_dos_date2(p,l2_fdateLastWrite,mdate); - SIVAL(p,l2_cbFile,(uint32)file_size); - SIVAL(p,l2_cbFileAlloc,(uint32)allocation_size); - SSVAL(p,l2_attrFile,mode); + put_dos_date2(p,0,cdate); + put_dos_date2(p,4,adate); + put_dos_date2(p,8,mdate); + SIVAL(p,12,(uint32)file_size); + SIVAL(p,16,(uint32)allocation_size); + SSVAL(p,20,mode); { unsigned int ea_size = estimate_ea_size(conn, NULL, pathreal); - SIVAL(p,l2_cbList,ea_size); /* Extended attributes */ + SIVAL(p,22,ea_size); /* Extended attributes */ } - p += l2_achName; + p += 27; nameptr = p - 1; len = srvstr_push(outbuf, p, fname, -1, STR_TERMINATE | STR_NOALIGN); if (SVAL(outbuf, smb_flg2) FLAGS2_UNICODE_STRINGS) { @@ -1240,13 +1243,13 @@ SIVAL(p,0,reskey); p += 4; } - put_dos_date2(p,l2_fdateCreation,cdate); - put_dos_date2(p,l2_fdateLastAccess,adate); - put_dos_date2(p,l2_fdateLastWrite,mdate); - SIVAL(p,l2_cbFile,(uint32)file_size); - SIVAL(p,l2_cbFileAlloc,(uint32)allocation_size); - SSVAL(p,l2_attrFile,mode); - p += l2_cbList; /* p now points to the EA area. */ + put_dos_date2(p,0,cdate); + put_dos_date2(p,4,adate); + put_dos_date2(p,8,mdate); + SIVAL(p,12,(uint32)file_size); + SIVAL(p,16,(uint32)allocation_size); + SSVAL(p,20,mode); + p += 22; /* p now points to
svn commit: samba r7192 - in trunk/source/smbd: .
Author: jra Date: 2005-06-02 06:19:22 + (Thu, 02 Jun 2005) New Revision: 7192 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7192 Log: Squeezing out more unnecessary memset's gets us up 20% over older code :-). Getting medieval on our ass about memset Jeremy. Modified: trunk/source/smbd/trans2.c Changeset: Modified: trunk/source/smbd/trans2.c === --- trunk/source/smbd/trans2.c 2005-06-02 06:19:02 UTC (rev 7191) +++ trunk/source/smbd/trans2.c 2005-06-02 06:19:22 UTC (rev 7192) @@ -858,12 +858,12 @@ } *pparams = params; - memset((char *)params,'\0',30); SSVAL(params,0,fsp-fnum); SSVAL(params,2,fmode); put_dos_date2(params,4, mtime); SIVAL(params,8, (uint32)size); SSVAL(params,12,rmode); + SSVAL(params,16,0); /* Padding. */ if (oplock_request lp_fake_oplocks(SNUM(conn))) { smb_action |= EXTENDED_OPLOCK_GRANTED; @@ -875,9 +875,12 @@ * WARNING - this may need to be changed if SMB_INO_T 4 bytes. */ SIVAL(params,20,inode); + SSVAL(params,24,0); /* Padding. */ if (flags 8) { uint32 ea_size = estimate_ea_size(conn, fsp, fname); SIVAL(params, 26, ea_size); + } else { + SIVAL(params, 26, 0); } /* Send the required number of replies */ @@ -1164,13 +1167,13 @@ SIVAL(p,0,reskey); p += 4; } - put_dos_date2(p,l1_fdateCreation,cdate); - put_dos_date2(p,l1_fdateLastAccess,adate); - put_dos_date2(p,l1_fdateLastWrite,mdate); - SIVAL(p,l1_cbFile,(uint32)file_size); - SIVAL(p,l1_cbFileAlloc,(uint32)allocation_size); - SSVAL(p,l1_attrFile,mode); - p += l1_achName; + put_dos_date2(p,0,cdate); + put_dos_date2(p,4,adate); + put_dos_date2(p,8,mdate); + SIVAL(p,12,(uint32)file_size); + SIVAL(p,16,(uint32)allocation_size); + SSVAL(p,20,mode); + p += 23; nameptr = p; p += align_string(outbuf, p, 0); len = srvstr_push(outbuf, p, fname, -1, STR_TERMINATE); @@ -1196,17 +1199,17 @@ SIVAL(p,0,reskey); p += 4; } - put_dos_date2(p,l2_fdateCreation,cdate); - put_dos_date2(p,l2_fdateLastAccess,adate); - put_dos_date2(p,l2_fdateLastWrite,mdate); - SIVAL(p,l2_cbFile,(uint32)file_size); - SIVAL(p,l2_cbFileAlloc,(uint32)allocation_size); - SSVAL(p,l2_attrFile,mode); + put_dos_date2(p,0,cdate); + put_dos_date2(p,4,adate); + put_dos_date2(p,8,mdate); + SIVAL(p,12,(uint32)file_size); + SIVAL(p,16,(uint32)allocation_size); + SSVAL(p,20,mode); { unsigned int ea_size = estimate_ea_size(conn, NULL, pathreal); - SIVAL(p,l2_cbList,ea_size); /* Extended attributes */ + SIVAL(p,22,ea_size); /* Extended attributes */ } - p += l2_achName; + p += 27; nameptr = p - 1; len = srvstr_push(outbuf, p, fname, -1, STR_TERMINATE | STR_NOALIGN); if (SVAL(outbuf, smb_flg2) FLAGS2_UNICODE_STRINGS) { @@ -1240,13 +1243,13 @@ SIVAL(p,0,reskey); p += 4; } - put_dos_date2(p,l2_fdateCreation,cdate); - put_dos_date2(p,l2_fdateLastAccess,adate); - put_dos_date2(p,l2_fdateLastWrite,mdate); - SIVAL(p,l2_cbFile,(uint32)file_size); - SIVAL(p,l2_cbFileAlloc,(uint32)allocation_size); - SSVAL(p,l2_attrFile,mode); - p += l2_cbList; /* p now points to the EA area. */ + put_dos_date2(p,0,cdate); + put_dos_date2(p,4,adate); + put_dos_date2(p,8,mdate); + SIVAL(p,12,(uint32)file_size); + SIVAL(p,16,(uint32)allocation_size); + SSVAL(p,20,mode); + p += 22; /* p now points to the EA area. */ file_list =
svn commit: samba r7193 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-06-02 06:25:48 + (Thu, 02 Jun 2005) New Revision: 7193 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7193 Log: add some bail out checks and fix pushing of relative pointers metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr.c 2005-06-02 06:19:22 UTC (rev 7192) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr.c 2005-06-02 06:25:48 UTC (rev 7193) @@ -770,12 +770,24 @@ NTSTATUS ndr_push_relative_ptr2(struct ndr_push *ndr, const void *p) { struct ndr_push_save save; + uint32_t ptr_offset = 0x; if (p == NULL) { return NT_STATUS_OK; } ndr_push_save(ndr, save); - NDR_CHECK(ndr_token_retrieve(ndr-relative_list, p, ndr-offset)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, save.offset)); + NDR_CHECK(ndr_token_retrieve(ndr-relative_list, p, ptr_offset)); + if (ptr_offset ndr-offset) { + return ndr_push_error(ndr, NDR_ERR_BUFSIZE, + ndr_push_relative_ptr2 ptr_offset(%u) ndr-offset(%u), + ptr_offset, ndr-offset); + } + ndr-offset = ptr_offset; + if (save.offset ndr-relative_base_offset) { + return ndr_push_error(ndr, NDR_ERR_BUFSIZE, + ndr_push_relative_ptr2 save.offset(%u) ndr-relative_base_offset(%u), + save.offset, ndr-relative_base_offset); + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, save.offset - ndr-relative_base_offset)); ndr_push_restore(ndr, save); return NT_STATUS_OK; } @@ -822,6 +834,11 @@ NTSTATUS ndr_pull_relative_ptr1(struct ndr_pull *ndr, const void *p, uint32_t rel_offset) { rel_offset += ndr-relative_base_offset; + if (rel_offset ndr-data_size) { + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, + ndr_pull_relative_ptr1 rel_offset(%u) ndr-data_size(%u), + rel_offset, ndr-data_size); + } return ndr_token_store(ndr, ndr-relative_list, p, rel_offset); }
svn commit: samba r7194 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-06-02 06:27:40 + (Thu, 02 Jun 2005) New Revision: 7194 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7194 Log: fix pulling of the NDR_IN data, [validate] works for the NDR_IN side now... metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c 2005-06-02 06:25:48 UTC (rev 7193) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c 2005-06-02 06:27:40 UTC (rev 7194) @@ -102,8 +102,9 @@ #define NDR_SPOOLSS_PULL_ENUM(fn,in,out) do { \ struct _##fn _r;\ if (flags NDR_IN) {\ + out;\ + NDR_SPOOLSS_PULL_ENUM_IN(fn);\ in;\ - NDR_SPOOLSS_PULL_ENUM_IN(fn);\ }\ if (flags NDR_OUT) {\ out;\
svn commit: lorikeet r319 - in trunk/heimdal/lib/hdb: .
Author: abartlet Date: 2005-06-02 07:27:08 + (Thu, 02 Jun 2005) New Revision: 319 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=319 Log: Add const (not yet finished). Andrew Bartlett Modified: trunk/heimdal/lib/hdb/hdb-ldap.c trunk/heimdal/lib/hdb/hdb.h Changeset: Modified: trunk/heimdal/lib/hdb/hdb-ldap.c === --- trunk/heimdal/lib/hdb/hdb-ldap.c2005-06-01 23:00:33 UTC (rev 318) +++ trunk/heimdal/lib/hdb/hdb-ldap.c2005-06-02 07:27:08 UTC (rev 319) @@ -832,7 +832,7 @@ static krb5_error_code LDAP_principal2message(krb5_context context, HDB * db, - krb5_principal princ, LDAPMessage ** msg) + krb5_const_principal princ, LDAPMessage ** msg) { char *name, *name_short = NULL; krb5_error_code ret; @@ -1470,7 +1470,7 @@ static krb5_error_code LDAP_fetch(krb5_context context, HDB * db, unsigned flags, - krb5_principal principal, + krb5_const_principal principal, enum hdb_ent_type ent_type, hdb_entry * entry) { Modified: trunk/heimdal/lib/hdb/hdb.h === --- trunk/heimdal/lib/hdb/hdb.h 2005-06-01 23:00:33 UTC (rev 318) +++ trunk/heimdal/lib/hdb/hdb.h 2005-06-02 07:27:08 UTC (rev 319) @@ -63,7 +63,7 @@ krb5_error_code (*hdb_open)(krb5_context, struct HDB*, int, mode_t); krb5_error_code (*hdb_close)(krb5_context, struct HDB*); -krb5_error_code (*hdb_fetch)(krb5_context,struct HDB*,unsigned hdb_flags, krb5_principal principal, +krb5_error_code (*hdb_fetch)(krb5_context,struct HDB*,unsigned hdb_flags, krb5_const_principal principal, enum hdb_ent_type ent_type, hdb_entry*); krb5_error_code (*hdb_store)(krb5_context,struct HDB*,unsigned,hdb_entry*); krb5_error_code (*hdb_remove)(krb5_context, struct HDB*, hdb_entry*);
svn commit: lorikeet r320 - in trunk/heimdal: cf kdc
Author: abartlet Date: 2005-06-02 08:14:29 + (Thu, 02 Jun 2005) New Revision: 320 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=320 Log: To support libkdc operation, Samba needs to be able to configure the KDC 'directly', rather than via config files. This commit puts most of the KDC's configuration into a strucutre passed as an argument to the functions in the KDC. When we link this into Samba, we can then setup an alternate initialisation of that structure, and call into the new process.c file. This will also allow the hdb-ldb code to be inside smbd, and avoid needing to dlopen() it. Andrew Bartlett Added: trunk/heimdal/kdc/process.c Modified: trunk/heimdal/cf/Makefile.am.common trunk/heimdal/kdc/524.c trunk/heimdal/kdc/Makefile.am trunk/heimdal/kdc/config.c trunk/heimdal/kdc/connect.c trunk/heimdal/kdc/kaserver.c trunk/heimdal/kdc/kdc_locl.h trunk/heimdal/kdc/kerberos4.c trunk/heimdal/kdc/kerberos5.c trunk/heimdal/kdc/log.c trunk/heimdal/kdc/main.c trunk/heimdal/kdc/misc.c trunk/heimdal/kdc/pkinit.c Changeset: Sorry, the patch is too large (3831 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=320
svn commit: lorikeet r321 - in trunk/heimdal/lib: hdb krb5
Author: abartlet Date: 2005-06-02 09:22:27 + (Thu, 02 Jun 2005) New Revision: 321 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=321 Log: Add more const. I'm not sure of the technical implications of adding const to the lib/krb5 stuff however... (Given it is in theory a public library interface) Andrew Bartlett Modified: trunk/heimdal/lib/hdb/hdb-ldb.c trunk/heimdal/lib/krb5/krb5-protos.h trunk/heimdal/lib/krb5/principal.c Changeset: Modified: trunk/heimdal/lib/hdb/hdb-ldb.c === --- trunk/heimdal/lib/hdb/hdb-ldb.c 2005-06-02 08:14:29 UTC (rev 320) +++ trunk/heimdal/lib/hdb/hdb-ldb.c 2005-06-02 09:22:27 UTC (rev 321) @@ -217,7 +217,7 @@ * Construct an hdb_entry from a directory entry. */ static krb5_error_code LDB_message2entry(krb5_context context, HDB *db, -TALLOC_CTX *mem_ctx, krb5_principal principal, +TALLOC_CTX *mem_ctx, krb5_const_principal principal, enum hdb_ent_type ent_type, struct ldb_message *realm_msg, struct ldb_message *msg, hdb_entry *ent) @@ -453,7 +453,7 @@ static krb5_error_code LDB_lookup_principal(krb5_context context, struct ldb_context *ldb_ctx, TALLOC_CTX *mem_ctx, - krb5_principal principal, + krb5_const_principal principal, enum hdb_ent_type ent_type, const char *realm_dn, struct ldb_message ***pmsg) @@ -733,7 +733,7 @@ } static krb5_error_code LDB_fetch(krb5_context context, HDB *db, unsigned flags, -krb5_principal principal, +krb5_const_principal principal, enum hdb_ent_type ent_type, hdb_entry *entry) { @@ -762,13 +762,14 @@ realm_dn = realm_msg[0]-dn; - /* Cludge, cludge cludge. If the realm part of krbtgt/realm + /* Cludge, cludge cludge. If the realm part of krbtgt/realm, * is in our db, then direct the caller at our primary * krgtgt */ - if(principal-name.name_string.len == 2 - (strcmp(principal-name.name_string.val[0], KRB5_TGS_NAME) == 0) -(LDB_lookup_realm(context, (struct ldb_context *)db-hdb_db, -mem_ctx, principal-name.name_string.val[1], NULL) == 0)) { + if (ent_type != HDB_ENT_TYPE_KRBTGT +principal-name.name_string.len == 2 +(strcmp(principal-name.name_string.val[0], KRB5_TGS_NAME) == 0) +(LDB_lookup_realm(context, (struct ldb_context *)db-hdb_db, +mem_ctx, principal-name.name_string.val[1], NULL) == 0)) { ent_type = HDB_ENT_TYPE_KRBTGT; } Modified: trunk/heimdal/lib/krb5/krb5-protos.h === --- trunk/heimdal/lib/krb5/krb5-protos.h2005-06-02 08:14:29 UTC (rev 320) +++ trunk/heimdal/lib/krb5/krb5-protos.h2005-06-02 09:22:27 UTC (rev 321) @@ -20,6 +20,15 @@ #endif #endif +void +initialize_heim_error_table_r (struct et_list **/*list*/); + +void +initialize_k524_error_table_r (struct et_list **/*list*/); + +void +initialize_krb5_error_table_r (struct et_list **/*list*/); + krb5_error_code KRB5_LIB_FUNCTION krb524_convert_creds_kdc ( krb5_context /*context*/, @@ -2413,7 +2422,7 @@ const char* KRB5_LIB_FUNCTION krb5_principal_get_realm ( krb5_context /*context*/, - krb5_principal /*principal*/); + krb5_const_principal /*principal*/); int KRB5_LIB_FUNCTION krb5_principal_get_type ( Modified: trunk/heimdal/lib/krb5/principal.c === --- trunk/heimdal/lib/krb5/principal.c 2005-06-02 08:14:29 UTC (rev 320) +++ trunk/heimdal/lib/krb5/principal.c 2005-06-02 09:22:27 UTC (rev 321) @@ -76,7 +76,7 @@ const char* KRB5_LIB_FUNCTION krb5_principal_get_realm(krb5_context context, -krb5_principal principal) +krb5_const_principal principal) { return princ_realm(principal); }
svn commit: lorikeet r322 - in trunk/heimdal/kdc: .
Author: abartlet Date: 2005-06-02 09:25:48 + (Thu, 02 Jun 2005) New Revision: 322 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=322 Log: A first stab at creating a sensible public interface .h file for libkdc. Much more work to come... Andrew Bartlett Added: trunk/heimdal/kdc/kdc.h Modified: trunk/heimdal/kdc/connect.c trunk/heimdal/kdc/kdc_locl.h trunk/heimdal/kdc/kerberos5.c trunk/heimdal/kdc/process.c Changeset: Sorry, the patch is too large (281 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=322
svn commit: lorikeet r323 - in trunk/heimdal/kdc: .
Author: abartlet Date: 2005-06-02 09:50:20 + (Thu, 02 Jun 2005) New Revision: 323 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=323 Log: Oops, I forgot a file. It doens't do much for now, but I'll move some of the defaults out of config.c soon. Andrew Bartlett Added: trunk/heimdal/kdc/default_config.c Changeset: Added: trunk/heimdal/kdc/default_config.c === --- trunk/heimdal/kdc/default_config.c 2005-06-02 09:25:48 UTC (rev 322) +++ trunk/heimdal/kdc/default_config.c 2005-06-02 09:50:20 UTC (rev 323) @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2005 Andrew Bartlett [EMAIL PROTECTED] + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + *may be used to endorse or promote products derived from this software + *without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include kdc_locl.h + +struct krb5_kdc_configuration *default_krb5_kdc_config(void) +{ + + struct krb5_kdc_configuration *config = malloc(sizeof(struct krb5_kdc_configuration)); + if (!config) { + return NULL; + } + + memset(config, '\0', sizeof(*config)); + + config-require_preauth = -1; /* 1 == require preauth for all principals */ + + config-enable_v4 = -1; + config-enable_kaserver = -1; + + config-enable_524 = -1; + config-enable_v4_cross_realm = -1; + + return config; +} +
svn commit: lorikeet r324 - in trunk/heimdal/kdc: .
Author: abartlet Date: 2005-06-02 09:59:40 + (Thu, 02 Jun 2005) New Revision: 324 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=324 Log: Install kdc.h Andrew Bartlett Modified: trunk/heimdal/kdc/Makefile.am Changeset: Modified: trunk/heimdal/kdc/Makefile.am === --- trunk/heimdal/kdc/Makefile.am 2005-06-02 09:50:20 UTC (rev 323) +++ trunk/heimdal/kdc/Makefile.am 2005-06-02 09:59:40 UTC (rev 324) @@ -81,3 +81,4 @@ kdc_LDADD = libkdc.la $(LIB_pidfile) +include_HEADERS = kdc.h
svn commit: samba-web r677 - in trunk/projects: .
Author: deryck Date: 2005-06-02 10:23:26 + (Thu, 02 Jun 2005) New Revision: 677 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=677 Log: A Under construction note while I work this morning. Modified: trunk/projects/summercode05.html Changeset: Modified: trunk/projects/summercode05.html === --- trunk/projects/summercode05.html2005-06-01 20:48:17 UTC (rev 676) +++ trunk/projects/summercode05.html2005-06-02 10:23:26 UTC (rev 677) @@ -0,0 +1,11 @@ +!--#include virtual=/samba/header.html -- + titleSamba -- Summer of Code Projects/title +!--#include virtual=/samba/header_columns.html -- + +h2Summer of Code Projects/h2 + +pThis page is currently being updated and will be available by 6:00 AM (GMT +-5, US Central), Thursday, 02 June./p + + +!--#include virtual=/samba/footer.html --
svn commit: samba-web r678 - in trunk/projects: .
Author: deryck Date: 2005-06-02 10:47:01 + (Thu, 02 Jun 2005) New Revision: 678 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=678 Log: First pass at Summer of Code projects list. deryck Modified: trunk/projects/summercode05.html Changeset: Modified: trunk/projects/summercode05.html === --- trunk/projects/summercode05.html2005-06-02 10:23:26 UTC (rev 677) +++ trunk/projects/summercode05.html2005-06-02 10:47:01 UTC (rev 678) @@ -4,8 +4,54 @@ h2Summer of Code Projects/h2 -pThis page is currently being updated and will be available by 6:00 AM (GMT --5, US Central), Thursday, 02 June./p +div class=request style=margin:0 0 35px 0 +pThe following is an outline of potential projects for those interested in +working on Samba through Google's Summer of Code program. For more on that +program see a href=http://code.google.com/summerofcode.html;Google's +overview/a./p +pThis is just a holding area for project ideas. The projects listed here +may be updated as developers refine a projet's outline./p +/div +table class=real + thProject Infrastructure/th + trtdDevelop a database back end for managing Samba support provider + information listed at http://www.samba.org/samba/support//td/tr + + thLinux CIFS FS/th + trtdCreate a GUI for managing Linux cifs mounts and + displaying /proc/fs/cifs statistics and mount status/td/tr + trtdCreate a common uid mapping mechanism for Linux + nfs and cifs vfs clients, that can be configured to + remap, on a particular mount on the client, the uids + returned by the server to uids which would be valid on + the client (or to a default if such uid does not exist)/td/tr + trtdFinish the Linux cifs vfs change notification support + by completing the D_NOTIFY fcntl mapping to the FindNotify + mechanism supported by the CIFS protocol/td/tr + + thSamba 3/th + trtdImplement support for EMF print jobs/td/tr + trtdFinish off portions of the PDClt;-gt;BDC SAM replication/td/tr + trtdDevelop new VFS modules/td/tr + trtdImplement an interactive command line remote registry viewer/td/tr + trtdImplement administrative log events and log file parsing + utilities for smbd, nmbd, winbindd/td/tr + trtdRewrite smbclient using the libsmbclient API/td/tr + trtdDevelop more client tools/td/tr + trtdAdd MS-DFS support to libsmbclient/td/tr + trtdCreate a tool for monitoring the health of a Samba server/td/tr + + thSamba 4/th + trtdImplement the DsSync replication protocol and regression + tests/td/tr + trtdImplement the spoolss printing RPCs and regression tests/td/tr + trtdHelp complete the sqlite3 backend for ldb./td/tr + trtdImplement support for the CIFS unix extensions/td/tr + + thMisc/th + trtdImplement journaling support for the tdb database library/td/tr +/table + !--#include virtual=/samba/footer.html --
svn commit: samba-web r679 - in trunk/projects: .
Author: deryck Date: 2005-06-02 10:54:51 + (Thu, 02 Jun 2005) New Revision: 679 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=679 Log: XHTML validation fixes. deryck Modified: trunk/projects/summercode05.html Changeset: Modified: trunk/projects/summercode05.html === --- trunk/projects/summercode05.html2005-06-02 10:47:01 UTC (rev 678) +++ trunk/projects/summercode05.html2005-06-02 10:54:51 UTC (rev 679) @@ -15,11 +15,11 @@ /div table class=real - thProject Infrastructure/th + trthProject Infrastructure/th/tr trtdDevelop a database back end for managing Samba support provider - information listed at http://www.samba.org/samba/support//td/tr +information listed at http://www.samba.org/samba/support//td/tr - thLinux CIFS FS/th + trthLinux CIFS FS/th/tr trtdCreate a GUI for managing Linux cifs mounts and displaying /proc/fs/cifs statistics and mount status/td/tr trtdCreate a common uid mapping mechanism for Linux @@ -31,26 +31,26 @@ by completing the D_NOTIFY fcntl mapping to the FindNotify mechanism supported by the CIFS protocol/td/tr - thSamba 3/th + trthSamba 3/th/tr trtdImplement support for EMF print jobs/td/tr trtdFinish off portions of the PDClt;-gt;BDC SAM replication/td/tr trtdDevelop new VFS modules/td/tr trtdImplement an interactive command line remote registry viewer/td/tr trtdImplement administrative log events and log file parsing - utilities for smbd, nmbd, winbindd/td/tr + utilities for smbd, nmbd, amp; winbindd/td/tr trtdRewrite smbclient using the libsmbclient API/td/tr trtdDevelop more client tools/td/tr trtdAdd MS-DFS support to libsmbclient/td/tr trtdCreate a tool for monitoring the health of a Samba server/td/tr - thSamba 4/th + trthSamba 4/th/tr trtdImplement the DsSync replication protocol and regression tests/td/tr trtdImplement the spoolss printing RPCs and regression tests/td/tr trtdHelp complete the sqlite3 backend for ldb./td/tr trtdImplement support for the CIFS unix extensions/td/tr - thMisc/th + trthMisc/th/tr trtdImplement journaling support for the tdb database library/td/tr /table
svn commit: lorikeet r325 - in trunk/heimdal/kdc: .
Author: abartlet Date: 2005-06-02 12:46:36 + (Thu, 02 Jun 2005) New Revision: 325 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=325 Log: Better split default values into default_config.c Andrew Bartlett Modified: trunk/heimdal/kdc/config.c trunk/heimdal/kdc/default_config.c Changeset: Modified: trunk/heimdal/kdc/config.c === --- trunk/heimdal/kdc/config.c 2005-06-02 09:59:40 UTC (rev 324) +++ trunk/heimdal/kdc/config.c 2005-06-02 12:46:36 UTC (rev 325) @@ -325,9 +325,12 @@ max_request = parse_bytes(p, NULL); } -if(require_preauth == -1) - require_preauth = krb5_config_get_bool(context, NULL, kdc, - require-preauth, NULL); +if(require_preauth == -1) { + config-require_preauth = krb5_config_get_bool(context, NULL, kdc, + require-preauth, NULL); +} else { + config-require_preauth = require_preauth; +} if(port_str == NULL){ p = krb5_config_get_string(context, NULL, kdc, ports, NULL); @@ -356,7 +359,8 @@ if(enable_v4 == -1) { config-enable_v4 = krb5_config_get_bool_default(context, NULL, -FALSE, kdc, +config-enable_v4, +kdc, enable-kerberos4, NULL); } else { @@ -366,7 +370,8 @@ if(enable_v4_cross_realm == -1) { config-enable_v4_cross_realm = krb5_config_get_bool_default(context, NULL, -FALSE, kdc, +config-enable_v4_cross_realm, +kdc, enable-kerberos4-cross-realm, NULL); } else { @@ -375,40 +380,47 @@ if(enable_524 == -1) { config-enable_524 = krb5_config_get_bool_default(context, NULL, - enable_v4, + config-enable_v4, kdc, enable-524, NULL); } else { config-enable_524 = enable_524; } + if(enable_http == -1) enable_http = krb5_config_get_bool(context, NULL, kdc, - enable-http, NULL); + enable-http, NULL); config-check_ticket_addresses = - krb5_config_get_bool_default(context, NULL, TRUE, kdc, + krb5_config_get_bool_default(context, NULL, +config-check_ticket_addresses, +kdc, check-ticket-addresses, NULL); config-allow_null_ticket_addresses = - krb5_config_get_bool_default(context, NULL, TRUE, kdc, + krb5_config_get_bool_default(context, NULL, +config-allow_null_ticket_addresses, +kdc, allow-null-ticket-addresses, NULL); config-allow_anonymous = krb5_config_get_bool(context, NULL, kdc, allow-anonymous, NULL); + trpolicy_str = - krb5_config_get_string_default(context, NULL, always-check, kdc, + krb5_config_get_string_default(context, NULL, DEFAULT, kdc, transited-policy, NULL); -if(strcasecmp(trpolicy_str, always-check) == 0) +if(strcasecmp(trpolicy_str, always-check) == 0) { config-trpolicy = TRPOLICY_ALWAYS_CHECK; -else if(strcasecmp(trpolicy_str, allow-per-principal) == 0) +} else if(strcasecmp(trpolicy_str, allow-per-principal) == 0) { config-trpolicy = TRPOLICY_ALLOW_PER_PRINCIPAL; -else if(strcasecmp(trpolicy_str, always-honour-request) == 0) +} else if(strcasecmp(trpolicy_str, always-honour-request) == 0) { config-trpolicy = TRPOLICY_ALWAYS_HONOUR_REQUEST; -else { +} else if(strcasecmp(trpolicy_str, DEFAULT) == 0) { + /* default */ +} else { kdc_log(context, config, - 0, unknown transited-policy: %s, reverting to always-check, + 0, unknown transited-policy: %s, reverting to default (always-check), trpolicy_str); - config-trpolicy = TRPOLICY_ALWAYS_CHECK; } if (krb5_config_get_string(context, NULL, kdc, @@ -433,10 +445,12 @@ } if (enable_kaserver == -1) { - config-enable_kaserver =
svn commit: samba-web r680 - in trunk/projects: .
Author: jerry Date: 2005-06-02 13:07:18 + (Thu, 02 Jun 2005) New Revision: 680 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=680 Log: adding contact email link and updating project ideas some Modified: trunk/projects/summercode05.html Changeset: Modified: trunk/projects/summercode05.html === --- trunk/projects/summercode05.html2005-06-02 10:54:51 UTC (rev 679) +++ trunk/projects/summercode05.html2005-06-02 13:07:18 UTC (rev 680) @@ -6,31 +6,16 @@ div class=request style=margin:0 0 35px 0 pThe following is an outline of potential projects for those interested in -working on Samba through Google's Summer of Code program. For more on that -program see a href=http://code.google.com/summerofcode.html;Google's -overview/a./p +working on Samba through a href=http://code.google.com/summerofcode.html;Google's +Summer of Code/a program./p pThis is just a holding area for project ideas. The projects listed here -may be updated as developers refine a projet's outline./p +may be updated as developers refine a projet's outline. Questions about +Samba's participation in the program can be mailed to +a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a./p /div table class=real - trthProject Infrastructure/th/tr - trtdDevelop a database back end for managing Samba support provider -information listed at http://www.samba.org/samba/support//td/tr - - trthLinux CIFS FS/th/tr - trtdCreate a GUI for managing Linux cifs mounts and - displaying /proc/fs/cifs statistics and mount status/td/tr - trtdCreate a common uid mapping mechanism for Linux - nfs and cifs vfs clients, that can be configured to - remap, on a particular mount on the client, the uids - returned by the server to uids which would be valid on - the client (or to a default if such uid does not exist)/td/tr - trtdFinish the Linux cifs vfs change notification support - by completing the D_NOTIFY fcntl mapping to the FindNotify - mechanism supported by the CIFS protocol/td/tr - trthSamba 3/th/tr trtdImplement support for EMF print jobs/td/tr trtdFinish off portions of the PDClt;-gt;BDC SAM replication/td/tr @@ -42,16 +27,32 @@ trtdDevelop more client tools/td/tr trtdAdd MS-DFS support to libsmbclient/td/tr trtdCreate a tool for monitoring the health of a Samba server/td/tr + trtdImplement a Samba 3 backend code generator for PIDL (from Samba 4) + in order to share IDL files between the two branches/td/tr trthSamba 4/th/tr - trtdImplement the DsSync replication protocol and regression - tests/td/tr + trtdImplement the DsSync replication protocol and regression tests/td/tr trtdImplement the spoolss printing RPCs and regression tests/td/tr trtdHelp complete the sqlite3 backend for ldb./td/tr trtdImplement support for the CIFS unix extensions/td/tr + trtdImplement journaling support for the tdb database library + (code shared by Samba 3)/td/tr - trthMisc/th/tr - trtdImplement journaling support for the tdb database library/td/tr + trthLinux CIFS FS/th/tr + trtdCreate a GUI for managing Linux cifs mounts and + displaying /proc/fs/cifs statistics and mount status/td/tr + trtdCreate a common uid mapping mechanism for Linux + nfs and cifs vfs clients, that can be configured to + remap, on a particular mount on the client, the uids + returned by the server to uids which would be valid on + the client (or to a default if such uid does not exist)/td/tr + trtdFinish the Linux cifs vfs change notification support + by completing the D_NOTIFY fcntl mapping to the FindNotify + mechanism supported by the CIFS protocol/td/tr + + trthProject Infrastructure/th/tr + trtdDevelop a database back end for managing Samba support provider +information listed at http://www.samba.org/samba/support//td/tr /table !--#include virtual=/samba/footer.html --
svn commit: samba-web r681 - in trunk/projects: .
Author: jerry Date: 2005-06-02 13:18:48 + (Thu, 02 Jun 2005) New Revision: 681 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=681 Log: a few more project updates Modified: trunk/projects/summercode05.html Changeset: Modified: trunk/projects/summercode05.html === --- trunk/projects/summercode05.html2005-06-02 13:07:18 UTC (rev 680) +++ trunk/projects/summercode05.html2005-06-02 13:18:48 UTC (rev 681) @@ -22,18 +22,18 @@ trtdDevelop new VFS modules/td/tr trtdImplement an interactive command line remote registry viewer/td/tr trtdImplement administrative log events and log file parsing - utilities for smbd, nmbd, amp; winbindd/td/tr + utilities for smbd, nmbd, amp; winbindd/td/tr trtdRewrite smbclient using the libsmbclient API/td/tr trtdDevelop more client tools/td/tr trtdAdd MS-DFS support to libsmbclient/td/tr trtdCreate a tool for monitoring the health of a Samba server/td/tr + trtdEnhanced support for Microsoft user and group management tools/td/tr trtdImplement a Samba 3 backend code generator for PIDL (from Samba 4) in order to share IDL files between the two branches/td/tr trthSamba 4/th/tr trtdImplement the DsSync replication protocol and regression tests/td/tr trtdImplement the spoolss printing RPCs and regression tests/td/tr - trtdHelp complete the sqlite3 backend for ldb./td/tr trtdImplement support for the CIFS unix extensions/td/tr trtdImplement journaling support for the tdb database library (code shared by Samba 3)/td/tr
svn commit: samba r7195 - in branches/SAMBA_4_0/source: build/pidl rpc_server/echo torture/rpc
Author: jelmer Date: 2005-06-02 13:21:11 + (Thu, 02 Jun 2005) New Revision: 7195 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7195 Log: - Fix echo pipe - Don't allocate strings - Give higher preference to the [out] part of variables when they are being used by another [out] variable. Also make sure that [in] variables never use [out] variables (i.e. switch_is() on an [in] variable can no longer use an [out] variable). Modified: branches/SAMBA_4_0/source/build/pidl/ndr_parser.pm branches/SAMBA_4_0/source/rpc_server/echo/rpc_echo.c branches/SAMBA_4_0/source/torture/rpc/echo.c Changeset: Modified: branches/SAMBA_4_0/source/build/pidl/ndr_parser.pm === --- branches/SAMBA_4_0/source/build/pidl/ndr_parser.pm 2005-06-02 06:27:40 UTC (rev 7194) +++ branches/SAMBA_4_0/source/build/pidl/ndr_parser.pm 2005-06-02 13:21:11 UTC (rev 7195) @@ -208,16 +208,29 @@ return \%env; } -sub GenerateFunctionEnv($) +sub GenerateFunctionInEnv($) { my $fn = shift; my %env; foreach my $e (@{$fn-{ELEMENTS}}) { + if (grep (/in/, @{$e-{DIRECTION}})) { + $env{$e-{NAME}} = r-in.$e-{NAME}; + } + } + + return \%env; +} + +sub GenerateFunctionOutEnv($) +{ + my $fn = shift; + my %env; + + foreach my $e (@{$fn-{ELEMENTS}}) { if (grep (/out/, @{$e-{DIRECTION}})) { $env{$e-{NAME}} = r-out.$e-{NAME}; - } - if (grep (/in/, @{$e-{DIRECTION}})) { + } elsif (grep (/in/, @{$e-{DIRECTION}})) { $env{$e-{NAME}} = r-in.$e-{NAME}; } } @@ -1031,13 +1044,15 @@ my $nl = Ndr::GetNextLevel($e, $l); my $next_is_array = ($nl-{TYPE} eq ARRAY); + my $next_is_string = (($nl-{TYPE} eq DATA) and +($nl-{DATA_TYPE} eq string)); if ($l-{POINTER_TYPE} eq ref) { unless ($l-{LEVEL} eq TOP) { pidl NDR_CHECK(ndr_pull_ref_ptr($ndr, _ptr_$e-{NAME}));; } - unless ($next_is_array) { + unless ($next_is_array or $next_is_string) { pidl if (ndr-flags LIBNDR_FLAG_REF_ALLOC) {; pidl \tNDR_ALLOC($ndr, $var_name);; pidl }; @@ -1052,7 +1067,7 @@ # Don't do this for arrays, they're allocated at the actual level # of the array - unless ($next_is_array) { + unless ($next_is_array or $next_is_string) { pidl NDR_ALLOC($ndr, $var_name);; } else { pidl NDR_ALLOC_SIZE($ndr, $var_name, 1);; # FIXME: Yes, this is nasty. We allocate an array twice - once just to indicate that it's there, then the real allocation... @@ -1861,8 +1876,6 @@ return if util::has_property($fn, noprint); - my $env = GenerateFunctionEnv($fn); - pidl void ndr_print_$fn-{NAME}(struct ndr_print *ndr, const char *name, int flags, struct $fn-{NAME} *r); pidl {; indent; @@ -1883,6 +1896,8 @@ pidl ndr_print_struct(ndr, \in\, \$fn-{NAME}\);; pidl ndr-depth++;; + my $env = GenerateFunctionInEnv($fn); + foreach my $e (@{$fn-{ELEMENTS}}) { if (grep(/in/,@{$e-{DIRECTION}})) { ParseElementPrint($e, r-in.$e-{NAME}, $env); @@ -1896,6 +1911,8 @@ indent; pidl ndr_print_struct(ndr, \out\, \$fn-{NAME}\);; pidl ndr-depth++;; + + $env = GenerateFunctionOutEnv($fn); foreach my $e (@{$fn-{ELEMENTS}}) { if (grep(/out/,@{$e-{DIRECTION}})) { ParseElementPrint($e, r-out.$e-{NAME}, $env); @@ -1922,8 +1939,6 @@ return if util::has_property($fn, nopush); - my $env = GenerateFunctionEnv($fn); - pidl fn_prefix($fn) . NTSTATUS ndr_push_$fn-{NAME}(struct ndr_push *ndr, int flags, struct $fn-{NAME} *r); pidl {; indent; @@ -1935,6 +1950,8 @@ pidl if (flags NDR_IN) {; indent; + my $env = GenerateFunctionInEnv($fn); + foreach my $e (@{$fn-{ELEMENTS}}) { if (grep(/in/,@{$e-{DIRECTION}})) { ParseElementPush($e, ndr, r-in., $env, 1, 1); @@ -1947,6 +1964,7 @@ pidl if (flags NDR_OUT) {; indent; + $env = GenerateFunctionOutEnv($fn); foreach my $e (@{$fn-{ELEMENTS}}) { if (grep(/out/,@{$e-{DIRECTION}})) { ParseElementPush($e, ndr, r-out., $env, 1, 1); @@ -2001,8 +2019,6 @@ return if util::has_property($fn, nopull); - my $env = GenerateFunctionEnv($fn); - # pull function args pidl fn_prefix($fn) . NTSTATUS ndr_pull_$fn-{NAME}(struct ndr_pull *ndr, int flags, struct $fn-{NAME} *r);
svn commit: samba r7196 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-06-02 15:11:06 + (Thu, 02 Jun 2005) New Revision: 7196 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7196 Log: fix typo, that makes the spoolss test working with [validate] ([validate,bigendian] is still failing badly...) metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c 2005-06-02 13:21:11 UTC (rev 7195) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c 2005-06-02 15:11:06 UTC (rev 7196) @@ -333,8 +333,8 @@ NTSTATUS ndr_pull_spoolss_EnumPrintProcessors(struct ndr_pull *ndr, int flags, struct spoolss_EnumPrintProcessors *r) { NDR_SPOOLSS_PULL_ENUM(spoolss_EnumPrintProcessors,{ - r-in.servername= r-in.servername; - r-in.environment = r-in.environment; + r-in.servername= _r.in.servername; + r-in.environment = _r.in.environment; },{ _r.in.servername= r-in.servername; _r.in.environment = r-in.environment;
svn commit: samba r7197 - branches/SAMBA_3_0/source trunk/source
Author: jerry Date: 2005-06-02 16:11:14 + (Thu, 02 Jun 2005) New Revision: 7197 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7197 Log: fix build failure when running 'make torture' without first running 'make all' first Modified: branches/SAMBA_3_0/source/Makefile.in trunk/source/Makefile.in Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in === --- branches/SAMBA_3_0/source/Makefile.in 2005-06-02 15:11:06 UTC (rev 7196) +++ branches/SAMBA_3_0/source/Makefile.in 2005-06-02 16:11:14 UTC (rev 7197) @@ -560,10 +560,10 @@ torture/denytest.o torture/mangle_test.o SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) \ - $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) + $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ - $(LIB_NONSMBD_OBJ) + $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) MSGTEST_OBJ = torture/msgtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) @@ -914,7 +914,7 @@ bin/[EMAIL PROTECTED]@: $(SMBTORTURE_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(SECRETS_OBJ) + @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) bin/[EMAIL PROTECTED]@: $(TALLOCTORT_OBJ) bin/.dummy @echo Linking $@ @@ -922,7 +922,7 @@ bin/[EMAIL PROTECTED]@: $(MASKTEST_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(SECRETS_OBJ) + @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) bin/[EMAIL PROTECTED]@: $(MSGTEST_OBJ) bin/.dummy @echo Linking $@ Modified: trunk/source/Makefile.in === --- trunk/source/Makefile.in2005-06-02 15:11:06 UTC (rev 7196) +++ trunk/source/Makefile.in2005-06-02 16:11:14 UTC (rev 7197) @@ -566,10 +566,10 @@ torture/denytest.o torture/mangle_test.o SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) \ - $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) + $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) MASKTEST_OBJ = torture/masktest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ - $(LIB_NONSMBD_OBJ) + $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) MSGTEST_OBJ = torture/msgtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) @@ -923,7 +923,7 @@ bin/[EMAIL PROTECTED]@: $(SMBTORTURE_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(SECRETS_OBJ) + @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) bin/[EMAIL PROTECTED]@: $(TALLOCTORT_OBJ) bin/.dummy @echo Linking $@ @@ -931,7 +931,7 @@ bin/[EMAIL PROTECTED]@: $(MASKTEST_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(SECRETS_OBJ) + @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) bin/[EMAIL PROTECTED]@: $(MSGTEST_OBJ) bin/.dummy @echo Linking $@
svn commit: samba-web r682 - in trunk/news/announcements: .
Author: deryck Date: 2005-06-02 16:13:15 + (Thu, 02 Jun 2005) New Revision: 682 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=682 Log: Adding news announcement for 'Summer of Code'. deryck Added: trunk/news/announcements/summer_code05.html Changeset: Added: trunk/news/announcements/summer_code05.html === --- trunk/news/announcements/summer_code05.html 2005-06-02 13:18:48 UTC (rev 681) +++ trunk/news/announcements/summer_code05.html 2005-06-02 16:13:15 UTC (rev 682) @@ -0,0 +1,22 @@ +h3a name=summer_code05Samba and Google's Summer of Code/a/h3 + +div class=article + pIf you haven't yet heard, a href=http://www.google.com/;Google/a + recently announced its a href=http://code.google.com/summerofcode.html; + Summer of Code/a program. Samba is proud to be involved as a mentor + organization, so if you're a student and have some time on your + hands.../p + + blockquote + This Summer, don't let your programming skills lie fallow...Use them + for the greater good of Open Source Software and computer science! + Google will provide a $4500 award to each student who successfully + completes an open source project by the end of the Summer. + /blockquote + + pFor a list of potential projects in Samba development, see our + a href=/samba/projects/summercode05.htmlSummer of Code project + page/a./p +/div + +
svn commit: samba r7198 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: jelmer Date: 2005-06-02 16:58:18 + (Thu, 02 Jun 2005) New Revision: 7198 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7198 Log: Add IDL for browse service Added: branches/SAMBA_4_0/source/librpc/idl/browse.idl Changeset: Added: branches/SAMBA_4_0/source/librpc/idl/browse.idl === --- branches/SAMBA_4_0/source/librpc/idl/browse.idl 2005-06-02 16:11:14 UTC (rev 7197) +++ branches/SAMBA_4_0/source/librpc/idl/browse.idl 2005-06-02 16:58:18 UTC (rev 7198) @@ -0,0 +1,111 @@ +#include idl_types.h + +/* + IDL structures for Browse service over mailslot operations +*/ + +[ uuid(1-2-3-4), + depends(security) +] interface browse +{ + const string browse_mailslot = \\MAILSLOT\\BROWSE; + + typedef enum { + HostAnnouncement= 1, + AnnouncementRequest = 2, + Election= 8, + GetBackupListReq= 9, + GetBackupListResp = 10, + BecomeBackup= 11, + DomainAnnouncment = 12, + MasterAnnouncement = 13, + ResetBrowserState = 14, + LocalMasterAnnouncement = 15 + } brow_opcodes; + + typedef bitmap { + SV_TYPE_WORKSTATION = 0x0001, + SV_TYPE_SERVER = 0x0002, + SV_TYPE_SQLSERVER = 0x0004, + SV_TYPE_DOMAIN_CTRL = 0x0008, + SV_TYPE_DOMAIN_BAKCTRL = 0x0010, + SV_TYPE_TIME_SOURCE = 0x0020, + SV_TYPE_AFP = 0x0040, + SV_TYPE_NOVELL = 0x0080, + SV_TYPE_DOMAIN_MEMBER = 0x0100, + SV_TYPE_PRINTQ_SERVER = 0x0200, + SV_TYPE_DIALIN_SERVER = 0x0400, + SV_TYPE_XENIX_SERVER= 0x0800, + SV_TYPE_NT = 0x1000, + SV_TYPE_POTENTIAL_BROWSER = 0x0001, + SV_TYPE_BACKUP_BROWSER = 0x0002, + SV_TYPE_MASTER_BROWSER = 0x0004, + SV_TYPE_DOMAIN_MASTER = 0x0008, + SV_TYPE_LOCAL_LIST_ONLY = 0x4000, + SV_TYPE_DOMAIN_ENUM = 0x8000 + } brow_server_type; + + typedef struct { + uint8 update_count; + uint32 ttl; + char name[16]; + uint8 os_major; + uint8 os_minor; + uint32 server_type; + astring comment; + } host_announcement; + + typedef struct { + uint8 unknown; + astring ResponseComputerName; + } request_announcement; + + typedef struct { + uint8 count; + uint32 token; + } backup_list_request; + + typedef struct { + uint8 count; + uint32 token; + astring BackupServerList[count]; + } backup_list_response; + + typedef struct { + astring BrowserToPromote; + } become_backup; + + typedef struct { + uint8 version; + uint32 criteria; + uint32 time_up; /* In milliseconds */ + uint32 reserved; /* Must be zero */ + astring ServerName; + } election_request; + + typedef struct { + uint8 options; + } reset_state; + + typedef struct { + astring MasterBrowserServerName; + } master_announcement; + + typedef [nodiscriminant] union { + [case(HostAnnouncement)] host_announcement host_annoucement; + [case(AnnouncementRequest)] request_announcement announcement_request; + [case(Election)] election_request election_request; + [case(GetBackupListReq)] backup_list_request backup_list_request; + [case(GetBackupListResp)] backup_list_response backup_list_response; + [case(BecomeBackup)] become_backup become_backup; + [case(DomainAnnouncement)] master_announcement domain_announcement; + [case(MasterAnnouncement)] master_announcement master_announcement; + [case(ResetBrowserState)] reset_state reset_browser_state; + [case(LocalMasterAnnouncement)] master_announcement local_master_announcement; + } browse_payload; + + typedef [public] struct { + browse_opcode opcode; + browse_payload payload; + } browse_packet; +}
svn commit: samba r7199 - in trunk/source: include lib rpc_server
Author: jerry Date: 2005-06-02 20:42:38 + (Thu, 02 Jun 2005) New Revision: 7199 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7199 Log: starting workon RegRestoreKey(); adding SeRestorePrivilege and SeTakeOwnershipPrivilege Modified: trunk/source/include/privileges.h trunk/source/lib/privileges.c trunk/source/rpc_server/srv_reg_nt.c Changeset: Modified: trunk/source/include/privileges.h === --- trunk/source/include/privileges.h 2005-06-02 16:58:18 UTC (rev 7198) +++ trunk/source/include/privileges.h 2005-06-02 20:42:38 UTC (rev 7199) @@ -58,6 +58,8 @@ #define SE_DISK_OPERATOR { { 0x0080, 0x, 0x, 0x } } #define SE_REMOTE_SHUTDOWN { { 0x0100, 0x, 0x, 0x } } #define SE_BACKUP { { 0x0200, 0x, 0x, 0x } } +#define SE_RESTORE { { 0x0400, 0x, 0x, 0x } } +#define SE_TAKE_OWNERSHIP { { 0x0800, 0x, 0x, 0x } } /* defined in lib/privilegs.c */ @@ -67,6 +69,7 @@ extern const SE_PRIV se_add_users; extern const SE_PRIV se_disk_operators; extern const SE_PRIV se_remote_shutdown; +extern const SE_PRIV se_restore; /* Modified: trunk/source/lib/privileges.c === --- trunk/source/lib/privileges.c 2005-06-02 16:58:18 UTC (rev 7198) +++ trunk/source/lib/privileges.c 2005-06-02 20:42:38 UTC (rev 7199) @@ -39,6 +39,7 @@ const SE_PRIV se_add_users = SE_ADD_USERS; const SE_PRIV se_disk_operators = SE_DISK_OPERATOR; const SE_PRIV se_remote_shutdown = SE_REMOTE_SHUTDOWN; +const SE_PRIV se_restore = SE_RESTORE; / This is a list of privileges reported by a WIndows 2000 SP4 AD DC @@ -92,6 +93,8 @@ {SE_REMOTE_SHUTDOWN,SeRemoteShutdownPrivilege, Force shutdown from a remote system}, {SE_DISK_OPERATOR, SeDiskOperatorPrivilege, Manage disk shares}, {SE_BACKUP, SeBackupPrivilege, Back up files and directories}, +{SE_RESTORE,SeRestorePrivilege, Restore files and directories}, + {SE_TAKE_OWNERSHIP, SeTakeOwnershipPrivilege, Take ownership of files or other objects}, {SE_END,, } }; Modified: trunk/source/rpc_server/srv_reg_nt.c === --- trunk/source/rpc_server/srv_reg_nt.c2005-06-02 16:58:18 UTC (rev 7198) +++ trunk/source/rpc_server/srv_reg_nt.c2005-06-02 20:42:38 UTC (rev 7199) @@ -765,6 +765,15 @@ /*** / +static WERROR restore_registry_key ( REGISTRY_KEY *krecord, const char *fname ) +{ + + return WERR_OK; +} + +/*** + / + WERROR _reg_restore_key(pipes_struct *p, REG_Q_RESTORE_KEY *q_u, REG_R_RESTORE_KEY *r_u) { REGISTRY_KEY*regkey = find_regkey_index_by_hnd( p, q_u-pol ); @@ -783,13 +792,14 @@ if ( (snum = validate_reg_filename( filename )) == -1 ) return WERR_OBJECT_PATH_INVALID; + /* user must posses SeRestorePrivilege for this this proceed */ + + if ( !user_has_privileges( p-pipe_user.nt_user_token, se_restore ) ) + return WERR_ACCESS_DENIED; + DEBUG(2,(_reg_restore_key: Restoring [%s] from %s in share %s\n, regkey-name, filename, lp_servicename(snum) )); -#if 0 return restore_registry_key( regkey, filename ); -#endif - - return WERR_OK; } /
svn commit: lorikeet r326 - in trunk/heimdal/kdc: .
Author: abartlet Date: 2005-06-02 23:17:25 + (Thu, 02 Jun 2005) New Revision: 326 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=326 Log: More cleanup on the config structures, we only need the final HDB form there. Andrew Bartlett Modified: trunk/heimdal/kdc/config.c trunk/heimdal/kdc/kdc.h Changeset: Modified: trunk/heimdal/kdc/config.c === --- trunk/heimdal/kdc/config.c 2005-06-02 12:46:36 UTC (rev 325) +++ trunk/heimdal/kdc/config.c 2005-06-02 23:17:25 UTC (rev 326) @@ -40,6 +40,13 @@ RCSID($Id: config.c,v 1.59 2005/05/23 17:34:12 lha Exp $); +struct dbinfo { + char *realm; + char *dbname; + char *mkey_file; + struct dbinfo *next; +}; + static const char *config_file;/* location of kdc config file */ static int require_preauth = -1; /* 1 == require preauth for all principals */ @@ -74,12 +81,6 @@ max-request, 0, arg_string, max_request, max size for a kdc-request, size }, -#if 0 -{ - database, 'd',arg_string, databases, - location of database, database -}, -#endif { enable-http, 'H', arg_flag, enable_http, turn on HTTP support }, { 524, 0, arg_negative_flag, enable_524, don't respond to 524 requests @@ -143,9 +144,10 @@ const char *default_mkey = HDB_DB_DIR /m-key; const char *p; krb5_error_code ret; + +struct dbinfo *databases = NULL; -config-databases = NULL; -dt = config-databases; +dt = databases; while((db_binding = (const krb5_config_binding *) krb5_config_get_next(context, NULL, top_binding, krb5_config_list, @@ -187,7 +189,7 @@ } *dt = di; dt = di-next; -} else if(config-databases == NULL) { +} else if(databases == NULL) { /* if there are none specified, use some default */ di = calloc(1, sizeof(*di)); di-dbname = strdup(default_dbname); @@ -195,7 +197,7 @@ *dt = di; dt = di-next; } -for(di = config-databases; di; di = di-next) { +for(di = databases; di; di = di-next) { if(di-dbname == NULL) di-dbname = strdup(default_dbname); if(di-mkey_file == NULL) { @@ -211,7 +213,7 @@ } } -if (config-databases == NULL) { +if (databases == NULL) { config-db = malloc(sizeof(*config-db)); config-num_db = 1; ret = hdb_create(context, config-db[0], NULL); @@ -224,9 +226,9 @@ struct dbinfo *d; int i; /* count databases */ - for(d = config-databases, i = 0; d; d = d-next, i++); + for(d = databases, i = 0; d; d = d-next, i++); config-db = malloc(i * sizeof(*config-db)); - for(d = config-databases, config-num_db = 0; d; d = d-next, config-num_db++) { + for(d = databases, config-num_db = 0; d; d = d-next, config-num_db++) { ret = hdb_create(context, config-db[config-num_db], d-dbname); if(ret) krb5_err(context, 1, ret, hdb_create %s, d-dbname); @@ -460,9 +462,9 @@ NULL); config-kdc_warn_pwexpire = krb5_config_get_time (context, NULL, - kdc, - kdc_warn_pwexpire, - NULL); + kdc, + kdc_warn_pwexpire, + NULL); if(detach_from_console == -1) detach_from_console = krb5_config_get_bool_default(context, NULL, Modified: trunk/heimdal/kdc/kdc.h === --- trunk/heimdal/kdc/kdc.h 2005-06-02 12:46:36 UTC (rev 325) +++ trunk/heimdal/kdc/kdc.h 2005-06-02 23:17:25 UTC (rev 326) @@ -41,13 +41,6 @@ #ifndef __KDC_H__ #define __KDC_H__ -struct dbinfo { -char *realm; -char *dbname; -char *mkey_file; -struct dbinfo *next; -}; - enum { TRPOLICY_ALWAYS_CHECK, TRPOLICY_ALLOW_PER_PRINCIPAL, TRPOLICY_ALWAYS_HONOUR_REQUEST }; @@ -57,7 +50,6 @@ time_t kdc_warn_pwexpire; /* time before expiration to print a warning */ - struct dbinfo *databases; struct HDB **db; int num_db;
svn commit: samba r7200 - in branches/SAMBA_3_0/source: include printing smbd
Author: jra Date: 2005-06-02 23:18:52 + (Thu, 02 Jun 2005) New Revision: 7200 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7200 Log: Don't use memset, use SET_STAT_INVALID (has the same effect). Jeremy. Modified: branches/SAMBA_3_0/source/include/smb_macros.h branches/SAMBA_3_0/source/printing/nt_printing.c branches/SAMBA_3_0/source/smbd/dir.c branches/SAMBA_3_0/source/smbd/filename.c branches/SAMBA_3_0/source/smbd/notify_hash.c branches/SAMBA_3_0/source/smbd/service.c Changeset: Modified: branches/SAMBA_3_0/source/include/smb_macros.h === --- branches/SAMBA_3_0/source/include/smb_macros.h 2005-06-02 20:42:38 UTC (rev 7199) +++ branches/SAMBA_3_0/source/include/smb_macros.h 2005-06-02 23:18:52 UTC (rev 7200) @@ -143,6 +143,7 @@ #define VALID_STAT(st) ((st).st_nlink != 0) #define VALID_STAT_OF_DIR(st) (VALID_STAT(st) S_ISDIR((st).st_mode)) +#define SET_STAT_INVALID(st) ((st).st_nlink = 0) #ifndef MIN #define MIN(a,b) ((a)(b)?(a):(b)) Modified: branches/SAMBA_3_0/source/printing/nt_printing.c === --- branches/SAMBA_3_0/source/printing/nt_printing.c2005-06-02 20:42:38 UTC (rev 7199) +++ branches/SAMBA_3_0/source/printing/nt_printing.c2005-06-02 23:18:52 UTC (rev 7200) @@ -1152,8 +1152,8 @@ SMB_STRUCT_STAT stat_buf; BOOL bad_path; - ZERO_STRUCT(st); - ZERO_STRUCT(stat_buf); + SET_STAT_INVALID(st); + SET_STAT_INVALID(stat_buf); new_create_time = (time_t)0; old_create_time = (time_t)0; @@ -1265,7 +1265,7 @@ SMB_STRUCT_STAT st; connection_struct *conn; - ZERO_STRUCT(st); + SET_STAT_INVALID(st); *perr = WERR_INVALID_PARAM; Modified: branches/SAMBA_3_0/source/smbd/dir.c === --- branches/SAMBA_3_0/source/smbd/dir.c2005-06-02 20:42:38 UTC (rev 7199) +++ branches/SAMBA_3_0/source/smbd/dir.c2005-06-02 23:18:52 UTC (rev 7200) @@ -560,7 +560,7 @@ { pstring pathreal; - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); if (dptr-has_wild) { return dptr_normal_ReadDirName(dptr, poffset, pst); @@ -629,7 +629,7 @@ BOOL dptr_SearchDir(struct dptr_struct *dptr, const char *name, long *poffset, SMB_STRUCT_STAT *pst) { - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); if (!dptr-has_wild (dptr-dir_hnd-offset == -1)) { /* This is a singleton directory and we're already at the end. */ @@ -958,7 +958,7 @@ BOOL hide_unwriteable = lp_hideunwriteable_files(SNUM(conn)); BOOL hide_special = lp_hide_special_files(SNUM(conn)); - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); if ((strcmp(.,name) == 0) || (strcmp(..,name) == 0)) { return True; /* . and .. are always visible. */ Modified: branches/SAMBA_3_0/source/smbd/filename.c === --- branches/SAMBA_3_0/source/smbd/filename.c 2005-06-02 20:42:38 UTC (rev 7199) +++ branches/SAMBA_3_0/source/smbd/filename.c 2005-06-02 23:18:52 UTC (rev 7200) @@ -92,7 +92,7 @@ BOOL component_was_mangled = False; BOOL name_has_wildcard = False; - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); *dirpath = 0; *bad_path = False; @@ -258,7 +258,7 @@ pstring rest; /* Stat failed - ensure we don't use it. */ - ZERO_STRUCT(st); + SET_STAT_INVALID(st); *rest = 0; /* @@ -346,7 +346,7 @@ if (SMB_VFS_STAT(conn,name, st) == 0) { *pst = st; } else { - ZERO_STRUCT(st); + SET_STAT_INVALID(st); } } } /* end else */ Modified: branches/SAMBA_3_0/source/smbd/notify_hash.c === --- branches/SAMBA_3_0/source/smbd/notify_hash.c2005-06-02 20:42:38 UTC (rev 7199) +++ branches/SAMBA_3_0/source/smbd/notify_hash.c2005-06-02 23:18:52 UTC (rev 7200) @@ -91,7 +91,7 @@ offset = 0; while ((fname = ReadDirName(dp, offset))) { - ZERO_STRUCT(st); + SET_STAT_INVALID(st); if(strequal(fname, .) || strequal(fname, ..)) continue; Modified: branches/SAMBA_3_0/source/smbd/service.c === --- branches/SAMBA_3_0/source/smbd/service.c2005-06-02 20:42:38 UTC (rev 7199)
svn commit: samba r7201 - in trunk/source: include printing smbd
Author: jra Date: 2005-06-02 23:18:57 + (Thu, 02 Jun 2005) New Revision: 7201 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7201 Log: Don't use memset, use SET_STAT_INVALID (has the same effect). Jeremy. Modified: trunk/source/include/smb_macros.h trunk/source/printing/nt_printing.c trunk/source/smbd/dir.c trunk/source/smbd/filename.c trunk/source/smbd/notify_hash.c trunk/source/smbd/service.c Changeset: Modified: trunk/source/include/smb_macros.h === --- trunk/source/include/smb_macros.h 2005-06-02 23:18:52 UTC (rev 7200) +++ trunk/source/include/smb_macros.h 2005-06-02 23:18:57 UTC (rev 7201) @@ -143,6 +143,7 @@ #define VALID_STAT(st) ((st).st_nlink != 0) #define VALID_STAT_OF_DIR(st) (VALID_STAT(st) S_ISDIR((st).st_mode)) +#define SET_STAT_INVALID(st) ((st).st_nlink = 0) #ifndef MIN #define MIN(a,b) ((a)(b)?(a):(b)) Modified: trunk/source/printing/nt_printing.c === --- trunk/source/printing/nt_printing.c 2005-06-02 23:18:52 UTC (rev 7200) +++ trunk/source/printing/nt_printing.c 2005-06-02 23:18:57 UTC (rev 7201) @@ -1152,8 +1152,8 @@ SMB_STRUCT_STAT stat_buf; BOOL bad_path; - ZERO_STRUCT(st); - ZERO_STRUCT(stat_buf); + SET_STAT_INVALID(st); + SET_STAT_INVALID(stat_buf); new_create_time = (time_t)0; old_create_time = (time_t)0; @@ -1265,7 +1265,7 @@ SMB_STRUCT_STAT st; connection_struct *conn; - ZERO_STRUCT(st); + SET_STAT_INVALID(st); *perr = WERR_INVALID_PARAM; Modified: trunk/source/smbd/dir.c === --- trunk/source/smbd/dir.c 2005-06-02 23:18:52 UTC (rev 7200) +++ trunk/source/smbd/dir.c 2005-06-02 23:18:57 UTC (rev 7201) @@ -560,7 +560,7 @@ { pstring pathreal; - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); if (dptr-has_wild) { return dptr_normal_ReadDirName(dptr, poffset, pst); @@ -629,7 +629,7 @@ BOOL dptr_SearchDir(struct dptr_struct *dptr, const char *name, long *poffset, SMB_STRUCT_STAT *pst) { - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); if (!dptr-has_wild (dptr-dir_hnd-offset == -1)) { /* This is a singleton directory and we're already at the end. */ @@ -958,7 +958,7 @@ BOOL hide_unwriteable = lp_hideunwriteable_files(SNUM(conn)); BOOL hide_special = lp_hide_special_files(SNUM(conn)); - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); if ((strcmp(.,name) == 0) || (strcmp(..,name) == 0)) { return True; /* . and .. are always visible. */ Modified: trunk/source/smbd/filename.c === --- trunk/source/smbd/filename.c2005-06-02 23:18:52 UTC (rev 7200) +++ trunk/source/smbd/filename.c2005-06-02 23:18:57 UTC (rev 7201) @@ -92,7 +92,7 @@ BOOL component_was_mangled = False; BOOL name_has_wildcard = False; - ZERO_STRUCTP(pst); + SET_STAT_INVALID(pst); *dirpath = 0; *bad_path = False; @@ -258,7 +258,7 @@ pstring rest; /* Stat failed - ensure we don't use it. */ - ZERO_STRUCT(st); + SET_STAT_INVALID(st); *rest = 0; /* @@ -346,7 +346,7 @@ if (SMB_VFS_STAT(conn,name, st) == 0) { *pst = st; } else { - ZERO_STRUCT(st); + SET_STAT_INVALID(st); } } } /* end else */ Modified: trunk/source/smbd/notify_hash.c === --- trunk/source/smbd/notify_hash.c 2005-06-02 23:18:52 UTC (rev 7200) +++ trunk/source/smbd/notify_hash.c 2005-06-02 23:18:57 UTC (rev 7201) @@ -91,7 +91,7 @@ offset = 0; while ((fname = ReadDirName(dp, offset))) { - ZERO_STRUCT(st); + SET_STAT_INVALID(st); if(strequal(fname, .) || strequal(fname, ..)) continue; Modified: trunk/source/smbd/service.c === --- trunk/source/smbd/service.c 2005-06-02 23:18:52 UTC (rev 7200) +++ trunk/source/smbd/service.c 2005-06-02 23:18:57 UTC (rev 7201) @@ -275,7 +275,7 @@ *user = 0; fstrcpy(dev, pdev); - ZERO_STRUCT(st); + SET_STAT_INVALD(st); if (NT_STATUS_IS_ERR(*status = share_sanity_checks(snum, dev))) { return NULL;
Build status as of Fri Jun 3 00:00:01 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-06-01 00:03:02.0 + +++ /home/build/master/cache/broken_results.txt 2005-06-03 00:00:30.0 + @@ -1,29 +1,39 @@ -Build status as of Wed Jun 1 00:00:02 2005 +Build status as of Fri Jun 3 00:00:01 2005 Build counts: Tree Total Broken Panic -ccache 39 7 0 -distcc 38 0 0 -lorikeet-heimdal 34 14 0 -ppp 22 1 0 -rsync38 1 0 +ccache 42 9 0 +distcc 41 1 0 +lorikeet-heimdal 37 12 0 +ppp 23 1 0 +rsync41 1 0 samba1 1 1 samba-docs 0 0 0 -samba4 42 23 0 -samba_3_038 7 0 -talloc 35 19 0 -tdb 34 34 0 +samba4 44 25 0 +samba_3_041 11 0 +talloc 37 20 0 +tdb 37 37 0 Currently broken builds: Host Tree Compiler Status aix1 lorikeet-heimdal gccok/ 2/?/? aix1 talloc gccok/ok/ 2/? aix1 tdb gccok/ 2/?/? +oehmesrs6k ccache cc ok/ok/ 2/? +oehmesrs6k distcc cc ok/ 2/?/? +oehmesrs6k lorikeet-heimdal cc ok/ 2/?/? +oehmesrs6k samba4 cc ok/ 2/?/? +oehmesrs6k talloc cc ok/ok/ 2/? +oehmesrs6k tdb cc ok/ 2/?/? lithiumlorikeet-heimdal gccok/ 2/?/? lithiumtdb gcc 2/?/?/? -cyberone lorikeet-heimdal gccok/ 2/?/? +cyberone lorikeet-heimdal gccok/ok/ok/ 2 cyberone samba4 gccok/ 2/?/? +cyberone samba_3_0gcc 1/?/?/? cyberone tdb gcc 2/?/?/? +fusberta lorikeet-heimdal gccok/ 2/?/? +fusberta samba4 gccok/ 2/?/? +fusberta tdb gcc 2/?/?/? samba-s390 lorikeet-heimdal gccok/ 2/?/? samba-s390 samba4 gccok/ 2/?/? samba-s390 talloc gccok/ 2/?/? @@ -49,15 +59,11 @@ gc8samba4 gccok/ 1/?/? gc8talloc gccok/ok/ 2/? gc8tdb gcc 2/?/?/? -aretnaplorikeet-heimdal gccok/ok/ok/ 1 aretnapsamba4 gccok/ok/ 1/? -aretnapsamba_3_0gccok/ok/ok/ 2 aretnaptalloc gccok/ok/ 2/? aretnaptdb gcc 2/?/?/? aretnapccache iccok/ok/ok/ 1 -aretnaplorikeet-heimdal iccok/ok/ok/ 1 aretnapsamba4 iccok/ok/ 1/? -aretnapsamba_3_0iccok/ok/ok/ 5 aretnaptalloc iccok/ok/ 2/? aretnaptdb icc 2/?/?/? gc4samba4 gccok/ok/ 1/? @@ -85,26 +91,31 @@ us4samba4 cc ok/ 1/?/? us4samba4 gccok/ 1/?/? trip tdb gcc 2/?/?/? +hummel-netbsd3-samba ccache gcc 1/?/?/? +hummel-netbsd3-samba tdb gcc 2/?/?/? homer tdb gcc 2/?/?/? -shubnigurath lorikeet-heimdal cc ok/ok/ok/ 1 shubnigurath samba4 cc ok/ 1/?/? +shubnigurath samba_3_0cc ok/ 1/?/? shubnigurath tdb cc 2/?/?/? sol10 lorikeet-heimdal gccok/ok/ 1/? sol10 samba4 gccok/ 1/?/? +sol10 samba_3_0gccok/ 1/?/? sol10 tdb gcc 2/?/?/? gc20 lorikeet-heimdal gccok/ 2/?/? gc20 samba4 gccok/ 2/?/? +gc20 samba_3_0gccok/ 2/?/? gc20 talloc gccok/ok/ok/ 2 gc20 tdb gccok/ 2/?/? -sun1 lorikeet-heimdal cc ok/ok/ok/ 2 sun1 samba4 cc ok/ 2/?/? sun1 samba_3_0cc ok/ 2/?/? sun1 talloc cc ok/ok/ok/ 2 sun1 tdb cc 2/?/?/? sun1 samba4 gccok/ 2/?/? +sun1 samba_3_0gccok/ 2/?/? sun1 talloc gccok/ok/ok/ 2 sun1 tdb gcc 2/?/?/? fire1 samba4 gccok/ 2/?/? +fire1 samba_3_0gccok/ 2/?/? fire1 talloc gcc
svn commit: samba r7202 - in branches/SAMBA_3_0/source/client: .
Author: sfrench Date: 2005-06-03 00:34:13 + (Fri, 03 Jun 2005) New Revision: 7202 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7202 Log: lock mtab when updating it during umount.cifs, also delete only one matching entry at a time Modified: branches/SAMBA_3_0/source/client/umount.cifs.c Changeset: Modified: branches/SAMBA_3_0/source/client/umount.cifs.c === --- branches/SAMBA_3_0/source/client/umount.cifs.c 2005-06-02 23:18:57 UTC (rev 7201) +++ branches/SAMBA_3_0/source/client/umount.cifs.c 2005-06-03 00:34:13 UTC (rev 7202) @@ -37,7 +37,7 @@ #include fstab.h #define UNMOUNT_CIFS_VERSION_MAJOR 0 -#define UNMOUNT_CIFS_VERSION_MINOR 4 +#define UNMOUNT_CIFS_VERSION_MINOR 5 #ifndef UNMOUNT_CIFS_VENDOR_SUFFIX #define UNMOUNT_CIFS_VENDOR_SUFFIX @@ -93,7 +93,8 @@ printf(\n\tman 8 umount.cifs\n); printf(\nTo display the version number of the cifs umount utility:); printf(\n\t%s -V\n,thisprogram); - printf(\nNote that invoking the umount utility on cifs mounts, can execute /sbin/umount.cifs (if it is present and -i is not specified to umount).\n); + printf(\nInvoking the umount utility on cifs mounts, can execute); + printf( /sbin/umount.cifs (if present and umount -i is not specified.\n); } static int umount_check_perm(char * dir) @@ -118,18 +119,39 @@ if(verboseflg) printf(ioctl returned %d with errno %d %s\n,rc,errno,strerror(errno)); - if(rc == ENOTTY) - printf(user unmounting via %s is an optional feature of the cifs filesystem driver (cifs.ko)\n\tand requires cifs.ko version 1.32 or later\n,thisprogram); - else if (rc 0) + if(rc == ENOTTY) { + printf(user unmounting via %s is an optional feature of,thisprogram); + printf( the cifs filesystem driver (cifs.ko)); + printf(\n\tand requires cifs.ko version 1.32 or later\n); + } else if (rc 0) printf(user unmount of %s failed with %d %s\n,dir,errno,strerror(errno)); close(fileid); return rc; } +int lock_mtab(void) +{ + int rc; + + rc = mknod(MOUNTED_LOCK , 0600, 0); + if(rc == -1) + printf(\ngetting lock file %s failed with %s\n,MOUNTED_LOCK, + strerror(errno)); + + return rc; + +} + +void unlock_mtab(void) +{ + unlink(MOUNTED_LOCK); +} + int remove_from_mtab(char * mountpoint) { - int rc = 0; + int rc; + int num_matches; FILE * org_fd; FILE * new_fd; struct mntent * mount_entry; @@ -139,11 +161,11 @@ /* Do we first need to check if it is writable? */ - /* BB lock_mtab - the smbumount and mount-utils package appear to lock - in a different incompat. way, and it seems that mount-utils have - changed the way they lock a few times. We should fix this someday - or at least find out how the mount-utils are supposed to handle this */ - + if (lock_mtab()) { + printf(Mount table locked\n); + return -EACCES; + } + if(verboseflg) printf(attempting to remove from mtab\n); @@ -151,6 +173,7 @@ if(org_fd == NULL) { printf(Can not open %s\n,MOUNTED); + unlock_mtab(); return -EIO; } @@ -158,18 +181,40 @@ if(new_fd == NULL) { printf(Can not open temp file %s, MOUNTED_TEMP); endmntent(org_fd); + unlock_mtab(); return -EIO; } /* BB fix so we only remove the last entry that matches BB */ + num_matches = 0; while((mount_entry = getmntent(org_fd)) != NULL) { + if(strcmp(mount_entry-mnt_dir, mountpoint) == 0) { + num_matches++; + } + } + if(verboseflg) + printf(%d matching entries in mount table\n, num_matches); + + /* Is there a better way to seek back to the first entry in mtab? */ + endmntent(org_fd); + org_fd = setmntent(MOUNTED, r); + + if(org_fd == NULL) { + printf(Can not open %s\n,MOUNTED); + unlock_mtab(); + return -EIO; + } + + while((mount_entry = getmntent(org_fd)) != NULL) { if(strcmp(mount_entry-mnt_dir, mountpoint) != 0) { addmntent(new_fd, mount_entry); } else { - if(verboseflg) - printf(entry not copied (removed)\n); + if(num_matches != 1) { + addmntent(new_fd, mount_entry); + num_matches--; + } else if(verboseflg) +
svn commit: samba r7203 - in branches/SAMBA_4_0/source/libnet: .
Author: abartlet Date: 2005-06-03 00:38:51 + (Fri, 03 Jun 2005) New Revision: 7203 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7203 Log: Fill in the error message and fail if we can't open the secrets database. Andrew Bartlett Modified: branches/SAMBA_4_0/source/libnet/libnet_join.c Changeset: Modified: branches/SAMBA_4_0/source/libnet/libnet_join.c === --- branches/SAMBA_4_0/source/libnet/libnet_join.c 2005-06-03 00:34:13 UTC (rev 7202) +++ branches/SAMBA_4_0/source/libnet/libnet_join.c 2005-06-03 00:38:51 UTC (rev 7203) @@ -359,6 +359,12 @@ /* Local secrets are stored in secrets.ldb */ ldb = secrets_db_connect(mem_ctx); + if (!ldb) { + r-generic.out.error_string + = talloc_asprintf(mem_ctx, + Could not open secrets database\n); + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } /* join domain */ status = libnet_JoinDomain(ctx, mem_ctx, r2);
svn commit: samba r7204 - in branches/SAMBA_4_0/source/libnet: .
Author: abartlet Date: 2005-06-03 00:39:31 + (Fri, 03 Jun 2005) New Revision: 7204 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7204 Log: Also fall back to different password set methods on WRITE_FAULT, as NT4 apparently returns this. Andrew Bartlett Modified: branches/SAMBA_4_0/source/libnet/libnet_passwd.c Changeset: Modified: branches/SAMBA_4_0/source/libnet/libnet_passwd.c === --- branches/SAMBA_4_0/source/libnet/libnet_passwd.c2005-06-03 00:38:51 UTC (rev 7203) +++ branches/SAMBA_4_0/source/libnet/libnet_passwd.c2005-06-03 00:39:31 UTC (rev 7204) @@ -481,7 +481,7 @@ for (i=0; i ARRAY_SIZE(levels); i++) { r-generic.level = levels[i]; status = libnet_SetPassword(ctx, mem_ctx, r); - if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) { + if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS) !NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { break; } }
svn commit: samba r7205 - in branches/SAMBA_4_0/source/lib/socket: .
Author: tridge Date: 2005-06-03 04:19:32 + (Fri, 03 Jun 2005) New Revision: 7205 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7205 Log: added support for sendto() on unix domain sockets Modified: branches/SAMBA_4_0/source/lib/socket/socket_unix.c Changeset: Modified: branches/SAMBA_4_0/source/lib/socket/socket_unix.c === --- branches/SAMBA_4_0/source/lib/socket/socket_unix.c 2005-06-03 00:39:31 UTC (rev 7204) +++ branches/SAMBA_4_0/source/lib/socket/socket_unix.c 2005-06-03 04:19:32 UTC (rev 7205) @@ -249,6 +249,37 @@ return NT_STATUS_OK; } + +static NTSTATUS unixdom_sendto(struct socket_context *sock, + const DATA_BLOB *blob, size_t *sendlen, uint32_t flags, + const char *dest_addr, int dest_port) +{ + ssize_t len; + int flgs = 0; + struct sockaddr_un srv_addr; + + if (strlen(dest_addr)+1 sizeof(srv_addr.sun_path)) { + return NT_STATUS_INVALID_PARAMETER; + } + + ZERO_STRUCT(srv_addr); + srv_addr.sun_family = AF_UNIX; + strncpy(srv_addr.sun_path, dest_addr, sizeof(srv_addr.sun_path)); + + *sendlen = 0; + + len = sendto(sock-fd, blob-data, blob-length, flgs, +(struct sockaddr *)srv_addr, sizeof(srv_addr)); + if (len == -1) { + return map_nt_error_from_unix(errno); + } + + *sendlen = len; + + return NT_STATUS_OK; +} + + static NTSTATUS unixdom_set_option(struct socket_context *sock, const char *option, const char *val) { @@ -294,6 +325,7 @@ .fn_accept = unixdom_accept, .fn_recv= unixdom_recv, .fn_send= unixdom_send, + .fn_sendto = unixdom_sendto, .fn_close = unixdom_close, .fn_set_option = unixdom_set_option,
svn commit: samba r7206 - in branches/SAMBA_4_0/source/lib/messaging: .
Author: tridge Date: 2005-06-03 04:21:25 + (Fri, 03 Jun 2005) New Revision: 7206 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7206 Log: changed the messaging library to use sendto instead of a connected send on the unix domain datagram socket. This gains us about 50% in speed, and also means that we don't run the risk of running out of file descriptors due to heavy messaging traffic. We now use a single file descriptor no matter how many messages are pending to any number of servers. Modified: branches/SAMBA_4_0/source/lib/messaging/messaging.c Changeset: Sorry, the patch is too large (326 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7206
svn commit: samba r7207 - in trunk/source/smbd: .
Author: jerry Date: 2005-06-03 05:26:19 + (Fri, 03 Jun 2005) New Revision: 7207 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7207 Log: fix compile break Modified: trunk/source/smbd/dir.c Changeset: Modified: trunk/source/smbd/dir.c === --- trunk/source/smbd/dir.c 2005-06-03 04:21:25 UTC (rev 7206) +++ trunk/source/smbd/dir.c 2005-06-03 05:26:19 UTC (rev 7207) @@ -560,7 +560,7 @@ { pstring pathreal; - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); if (dptr-has_wild) { return dptr_normal_ReadDirName(dptr, poffset, pst); @@ -629,7 +629,7 @@ BOOL dptr_SearchDir(struct dptr_struct *dptr, const char *name, long *poffset, SMB_STRUCT_STAT *pst) { - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); if (!dptr-has_wild (dptr-dir_hnd-offset == -1)) { /* This is a singleton directory and we're already at the end. */ @@ -958,7 +958,7 @@ BOOL hide_unwriteable = lp_hideunwriteable_files(SNUM(conn)); BOOL hide_special = lp_hide_special_files(SNUM(conn)); - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); if ((strcmp(.,name) == 0) || (strcmp(..,name) == 0)) { return True; /* . and .. are always visible. */
svn commit: samba r7208 - in trunk/source/smbd: .
Author: jerry Date: 2005-06-03 05:29:41 + (Fri, 03 Jun 2005) New Revision: 7208 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7208 Log: more compile fixes Modified: trunk/source/smbd/filename.c trunk/source/smbd/service.c Changeset: Modified: trunk/source/smbd/filename.c === --- trunk/source/smbd/filename.c2005-06-03 05:26:19 UTC (rev 7207) +++ trunk/source/smbd/filename.c2005-06-03 05:29:41 UTC (rev 7208) @@ -92,7 +92,7 @@ BOOL component_was_mangled = False; BOOL name_has_wildcard = False; - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); *dirpath = 0; *bad_path = False; Modified: trunk/source/smbd/service.c === --- trunk/source/smbd/service.c 2005-06-03 05:26:19 UTC (rev 7207) +++ trunk/source/smbd/service.c 2005-06-03 05:29:41 UTC (rev 7208) @@ -275,7 +275,7 @@ *user = 0; fstrcpy(dev, pdev); - SET_STAT_INVALD(st); + SET_STAT_INVALID(st); if (NT_STATUS_IS_ERR(*status = share_sanity_checks(snum, dev))) { return NULL;
svn commit: samba r7209 - in trunk/source: include registry rpc_server
Author: jerry Date: 2005-06-03 05:32:46 + (Fri, 03 Jun 2005) New Revision: 7209 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7209 Log: add initial frontend for RegRestoreKey(); now need to fill in the backend store key/value functions in reg_printing.c Modified: trunk/source/include/doserr.h trunk/source/registry/reg_cachehook.c trunk/source/rpc_server/srv_reg_nt.c Changeset: Modified: trunk/source/include/doserr.h === --- trunk/source/include/doserr.h 2005-06-03 05:29:41 UTC (rev 7208) +++ trunk/source/include/doserr.h 2005-06-03 05:32:46 UTC (rev 7209) @@ -185,6 +185,9 @@ #define WERR_INVALID_OWNER W_ERROR(1307) #define WERR_IO_PENDING W_ERROR(997) #define WERR_CAN_NOT_COMPLETE W_ERROR(1003) +#define WERR_REG_CORRUPT W_ERROR(1015) +#define WERR_REG_IO_FAILURE W_ERROR(1016) +#define WERR_REG_FILE_INVALID W_ERROR(1017) #define WERR_NO_SUCH_SERVICE W_ERROR(1060) #define WERR_INVALID_SERVICE_CONTROL W_ERROR(1052) #define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338) Modified: trunk/source/registry/reg_cachehook.c === --- trunk/source/registry/reg_cachehook.c 2005-06-03 05:29:41 UTC (rev 7208) +++ trunk/source/registry/reg_cachehook.c 2005-06-03 05:32:46 UTC (rev 7209) @@ -67,7 +67,7 @@ Initialize the cache tree */ -REGISTRY_HOOK* reghook_cache_find( char *keyname ) +REGISTRY_HOOK* reghook_cache_find( const char *keyname ) { char *key; int len; Modified: trunk/source/rpc_server/srv_reg_nt.c === --- trunk/source/rpc_server/srv_reg_nt.c2005-06-03 05:29:41 UTC (rev 7208) +++ trunk/source/rpc_server/srv_reg_nt.c2005-06-03 05:32:46 UTC (rev 7209) @@ -763,17 +763,115 @@ } /*** + Note: topkeypaty is the *full* path that this *key will be + loaded into (including the name of the key) / -static WERROR restore_registry_key ( REGISTRY_KEY *krecord, const char *fname ) +static WERROR reg_load_tree( REGF_FILE *regfile, const char *topkeypath, + REGF_NK_REC *key ) { + REGF_NK_REC *subkey; + REGISTRY_KEY registry_key; + REGVAL_CTR values; + REGSUBKEY_CTR subkeys; + int i; + pstring path; + WERROR result = WERR_OK; + + /* initialize the REGISTRY_KEY structure */ + + if ( !(registry_key.hook = reghook_cache_find(topkeypath)) ) { + DEBUG(0,(reg_load_tree: Failed to assigned a REGISTRY_HOOK to [%s]\n, + topkeypath )); + return WERR_BADFILE; + } + pstrcpy( registry_key.name, topkeypath ); + + /* now start parsing the values and subkeys */ - return WERR_OK; + ZERO_STRUCT( values ); + ZERO_STRUCT( subkeys ); + + regsubkey_ctr_init( subkeys ); + regval_ctr_init( values ); + + /* copy values into the REGVAL_CTR */ + + for ( i=0; ikey-num_values; i++ ) { + regval_ctr_addvalue( values, key-values[i].valuename, key-values[i].type, + key-values[i].data, (key-values[i].data_size ~VK_DATA_IN_OFFSET) ); + } + + /* copy subkeys into the REGSUBKEY_CTR */ + + key-subkey_index = 0; + while ( (subkey = regfio_fetch_subkey( regfile, key )) ) { + regsubkey_ctr_addkey( subkeys, subkey-keyname ); + } + + /* write this key and values out */ + + if ( !store_reg_values( registry_key, values ) + || !store_reg_keys( registry_key, subkeys ) ) + { + DEBUG(0,(reg_load_tree: Failed to load %s!\n, topkeypath)); + result = WERR_REG_IO_FAILURE; + } + + regval_ctr_destroy( values ); + regsubkey_ctr_destroy( subkeys ); + + if ( !W_ERROR_IS_OK(result) ) + return result; + + /* now continue to load each subkey registry tree */ + + key-subkey_index = 0; + while ( (subkey = regfio_fetch_subkey( regfile, key )) ) { + pstr_sprintf( path, %s%s%s, topkeypath, \\, subkey-keyname ); + result = reg_load_tree( regfile, path, subkey ); + if ( !W_ERROR_IS_OK(result) ) + break; + } + + return result; } /*** / +static WERROR restore_registry_key ( REGISTRY_KEY *krecord, const char *fname ) +{ + REGF_FILE *regfile; + REGF_NK_REC *rootkey; + WERROR result; +
svn commit: samba r7210 - in branches/SAMBA_3_0/source/smbd: .
Author: jra Date: 2005-06-03 05:35:04 + (Fri, 03 Jun 2005) New Revision: 7210 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=7210 Log: Fix my own mistakes up, sorry. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/dir.c branches/SAMBA_3_0/source/smbd/filename.c branches/SAMBA_3_0/source/smbd/service.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/dir.c === --- branches/SAMBA_3_0/source/smbd/dir.c2005-06-03 05:32:46 UTC (rev 7209) +++ branches/SAMBA_3_0/source/smbd/dir.c2005-06-03 05:35:04 UTC (rev 7210) @@ -560,7 +560,7 @@ { pstring pathreal; - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); if (dptr-has_wild) { return dptr_normal_ReadDirName(dptr, poffset, pst); @@ -629,7 +629,7 @@ BOOL dptr_SearchDir(struct dptr_struct *dptr, const char *name, long *poffset, SMB_STRUCT_STAT *pst) { - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); if (!dptr-has_wild (dptr-dir_hnd-offset == -1)) { /* This is a singleton directory and we're already at the end. */ @@ -958,7 +958,7 @@ BOOL hide_unwriteable = lp_hideunwriteable_files(SNUM(conn)); BOOL hide_special = lp_hide_special_files(SNUM(conn)); - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); if ((strcmp(.,name) == 0) || (strcmp(..,name) == 0)) { return True; /* . and .. are always visible. */ Modified: branches/SAMBA_3_0/source/smbd/filename.c === --- branches/SAMBA_3_0/source/smbd/filename.c 2005-06-03 05:32:46 UTC (rev 7209) +++ branches/SAMBA_3_0/source/smbd/filename.c 2005-06-03 05:35:04 UTC (rev 7210) @@ -92,7 +92,7 @@ BOOL component_was_mangled = False; BOOL name_has_wildcard = False; - SET_STAT_INVALID(pst); + SET_STAT_INVALID(*pst); *dirpath = 0; *bad_path = False; Modified: branches/SAMBA_3_0/source/smbd/service.c === --- branches/SAMBA_3_0/source/smbd/service.c2005-06-03 05:32:46 UTC (rev 7209) +++ branches/SAMBA_3_0/source/smbd/service.c2005-06-03 05:35:04 UTC (rev 7210) @@ -275,7 +275,7 @@ *user = 0; fstrcpy(dev, pdev); - SET_STAT_INVALD(st); + SET_STAT_INVALID(st); if (NT_STATUS_IS_ERR(*status = share_sanity_checks(snum, dev))) { return NULL;