Re: [Samba] stale name lookup result SOLVED
On Mon, 19 Sep 2005, Brandon Kuczenski wrote: I am running a Samba 3.0.10 server on freeBSD and 3.0.10-Debian client. I just had a perplexing problem. The client is a laptop and moves about different samba networks. My home computer's name (Unix hostname and samba name) is 'ocean'. When I'm at home I run smbmount //ocean/mydir /mnt/samba/ocean/mydir -o options Normally this is fine. I've been running the same script to do this for about 2 years, without problems. But this morning when I tried to connect it kept telling me timeout connecting to NOT.MY.IP.ADDR:445 timeout connecting to NOT.MY.IP.ADDR:139 [NOT.MY.IP.ADDR is replaced by an actual IP address that I've never seen before, but belongs to a separate wireless network that I occasionally visit] Running nmblookup: # nmblookup ocean querying ocean on 192.168.0.255 -- this IS my network 192.168.0.5 ocean00 -- this IS the right IP address Ocean is right there in the next room -- AND it's acting as a WINS server -- AND nmblookup seems to find it just fine. Why is my laptop trying to connect to the wrong host? The last time I had connected to a wireless network, my client software created a file /etc/samba/dhcp.conf which had stale information. I deleted that file, and then deleted /var/run/samba/gencache.tdb, and that solved the problem. -Brandon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] deny writing to share root
Hi, is it possible to deny writing to the share root, allowing writing to the subfolders of such root? In other words, I don't want the root to be changed (adding/removing) folders and files, while I want to allow users to change the content of the subfolders of the root. How to reach this? Thanks, Luca -- Luca Ferrari [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] vfs module problem with new samba version
Sorry, I was using old testparm version (3.0.4), so wrong warnings... And I needed to recompile the clamav module (3.0.6b with 2.0.20 of SAMBA) Works great now! thanks Xavier -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File access rights on a NFS share: please help !
Jeremy, Tom, First of all thanks a lot for your help. Jeremy Any way you can move to an NFS server that supports more groups ? Actually, I set up 3 NFS servers for the tests: a Solaris 8, a Linux SuSe E9 and an EMC NAS NS600 one but each time I came to the same conclusion... Tom Something I'd look at though is the actual gid of the iis directory by simply using Tom ls -n and verify for sure that the gid of the iis directory is 16777328. Tom Possibly you have two gids both named NCEDOM\dev-iis and it isn't gid 16777328 Tom that the iis directory belongs to. I tested that also but I confirm that there is only one gid 16777328... Any more idea ? Rgds, Sabrina To Sabrina Lautier [EMAIL PROTECTED] cc samba@lists.samba.org, [EMAIL PROTECTED] Jeremy Allison [EMAIL PROTECTED] Subject Re: [Samba] File access rights on a NFS share: please help ! Please respond to Jeremy Allison [EMAIL PROTECTED] 19/09/2005 18:07 On Mon, Sep 19, 2005 at 05:03:34PM +0200, Sabrina Lautier wrote: Hello, As I didn't get any answer, I'm posting my question again. Sorry to insist but I'm very embarrassed... I'm having troubles with access rights on files located on a NFS server (Solaris 8). The client machine is a Linux SuSe E9.0 and the samba suite version is samba-3.0.20, directly installed from a Linux package. Solaris 8 has a limit of 16 groups I believe. If your user is in more than 16 groups the groups over 16 will be silently truncated for NFS access. Any way you can move to an NFS server that supports more groups ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] file to large
Hi I cannont copying files larger than 2 GB over samba share (monted with smbmount). Do you have a solution? Stephan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] share disconnect timeout
Hello everybody, is there a possibility in samba (3.0.14a) to prevent the server from closing the connection to a client after a thirten time? I played with the deadtime option without succes. Background is an application,claiming the server to have disconnected the share. The app. reconnects without problems but logs an annoying warnig message. Any suggestions? Thanks in advance Carsten John -- Max Planck Institut fuer marine Mikrobiologie - Network Administration - Celsiustr. 1 D-28359 Bremen Tel.: +49 421 2028568 Fax.: +49 421 2028565 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 as PDC with Debian Linux server and Windows XP clients
Dear list I am relatively new to networking problems of this kind so apologies for the potentially simple question. I am trying to upgrade an existing network to one using Samba 3 to configure roaming XP profiles on a limited number of clients. I have re-written the smb.conf file to reflect what I think are the appropriate settings, and this passed testparm successfully, but I am unclear what to do next, despite the help offered in the usual howtos. Additionally when i try to run smbclient -L [hostname] read_socket_with_timeout: timeout read. read error = Connection reset by peer.tree connect failed: Read error: Connection reset by peer Can anyone let me know what I should be doing next? Part of my confusion is whether I need to move or otherwise re-set existing user-logins (for Unix, currently matched but not synchronised in the samba database) and passwords for them to act as individual profiles for XP. Many thanks for any help Andy Dr Andrew Bevan Lecturer Institute of Archaeology University College London 31-34 Gordon Square London WC1H 0PY tel: +44 (0)20 7679 7523 (internal 27523) fax: +44 (0)20 7383 2572 email: [EMAIL PROTECTED] info: www.ucl.ac.uk/archaeology/staff/profiles/bevan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP (How to Expires an Account on Specified date)
you must change sambakickofftime, e.g. by smbldap-usermod ... from idealx greez Arun Sharma wrote: Hi Everybody, Structure of my server environment : Using Samba 3.0.20, Openldap V3 My requiremnt : 1) How to expire an user Account on a specified date.? Thanks all -- Michael Gasch Max Planck Institute for Evolutionary Anthropology Department of Human Evolution (IT) Deutscher Platz 6 D-04103 Leipzig Germany Phone: 49 (0)341 - 3550 137 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RES: RES: [Samba] Re: ACLs with Problem
Luis Henrique de Faria Guimarães wrote: [2005/09/26 17:11:53, 3] smbd/posix_acls.c:convert_canon_ace_to_posix_perms(2581) convert_canon_ace_to_posix_perms: Too many ACE entries for file teste.txt to convert to posix perms. I wonder why convert_canon_ace_to_posix_perms is called with an file_ace_list with more than three canon_ace elements. set_nt_acl should never call convert_canon_ace_to_posix_perms that way. I guess it fails because you have an ACL_USER_OBJ which makes the file_ace_list longer than three entries but for some reason set_nt_acl thinks it cannot use set_canon_ace_list. I just start to read the code so maybe someone who really knows what's going on could clear this up a bit. hth Paul BTW: check your samba binary for ACL support, could be that ./configure failed to pick up some libs or headers and the whole feature is not present. Use strings $(which smbd) | grep HAVE_POSIX_ACLS. If you don't get anything back your binary lacks ACL support. PS: Try not to start a new thread with each response and please keep your replies on the list. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Option deprecated.
Hi, I have noticed in my log files an error the winbind enable local accounts option is deprecated. Sometimes winbind crash, it is possible that I have remove this option? But I have need the option to enable local accounts. How can I replace this future? RH9 + samba-3.0.14a-1. Thanks. Marco. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Need help with IDMAP storage in LDAP using Winbind
Hello @ll,
First a small sketch of my working environment.
There is one PDC, W2000 server, which contains an Active directory, so
basically all the windows users are maintained there. And the Linux/Unix
accounts are stored on a NIS server.
My goal would be the following 2 things.
Firstly currently all the Linux/Unix servers are setup with individual
winbind setups to make the windows users known, which work nicely. But
recently the ID's of all the users should be identical on all the
servers.
Therefore I'm trying to implement the IDMAP Storage in LDAP using
Winbind chapter.
And secondly migrating all the NIS users also to the same LDAP but under
a different OU.
This is my setup thus far :
/etc/samba/smb.conf: I think the way I setup this configuration is so
that winbind points to the PDC to collect al the windows users
information, and uses the LDAP backend to store it. Please correct me if
I'm wrong.
# Global parameters
[global]
log level = 3
workgroup = THALES-IS
#Is the windows domain name
realm = THALES-IS.BE
#winbind needs this to point to the PDC
server string = Samba Server
security = ads
password server = 192.168.1.99
username map = /etc/opt/samba/smbusers
log file = /var/log/samba/smbd.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
ldap ssl = no
ldap admin dn = cn=Manager,dc=thales,dc=be#Is the new domain
I'm trying to setup thales.be, just to avoid confusion with the
existing thales-is.be
ldap idmap suffix = ou=idmap
ldap suffix = dc=thales,dc=be
idmap backend = ldap:ldap://127.0.0.1
encrypt passwords = yes
idmap uid = 1-2
idmap gid = 1-2
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
winbind separator = /
winbind cache time = 10
winbind use default domain = yes
[homes]
comment = Home Directories
path = %H
read only = No
browseable = No
/etc/krb5.conf: As far as I can figure this is needed to do the
kerberos authentication, this is only pointing to the windows domain,
and not the new thales.be. But I'm not sure this is significant since
it is only needed by winbind to retrieve information from the PDC.
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = THALES-IS.BE
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
THALES-IS.BE = {
kdc = backup1.thales-is.be:88
kdc = 192.168.1.99
admin_server = backup1.thales-is.be:749
kdc = 192.168.1.99
}
thales-is.be = {
kdc = 192.168.1.99
}
[domain_realm]
.thales-is.be = THALES-IS.BE
thales-is.be = THALES-IS.BE
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
/etc/nsswitch.conf:
passwd: files winbind ldap
shadow: files winbind ldap
group: files winbind ldap
hosts: files dns
/etc/openldap/slapd.conf :
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/slapd.pid
argsfile/var/run/slapd.args
databaseldbm
##
suffix dc=thales,dc=be
###
rootdn cn=Manager,dc=thales,dc=be
###
rootpw secret
###
directory /var/lib/ldap/thales.be
###
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShelleq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntryeq,pres,sub
/etc/ldap.conf : Only shown changes, rest is default
# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each
[Samba] net join between Solaris member and Linux Samba PDC
net rpc join member -S FRANKFURT -U rwiegand Password: Create of workstation account failed Unable to join domain DOMAIN. This is the message I'm getting when I try joining a Solaris 9/samba 3.0.10 member server ./testparm Load smb config files from /usr/local/samba/lib/smb.conf Can't find include file /var/samba/log. Processing section [homes] Processing section [printers] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = DOMAIN server string = Proxy Samba Server interfaces = 172.18.1.1/16 security = DOMAIN password server = FRANKFURT log level = 3 passdb:5 auth:10 winbind:2 log file = /usr/sfw/lib/smb.conf.%m max log size = 50 dns proxy = No idmap uid = 1-2 idmap gid = 1-2 winbind use default domain = Yes include = /var/samba/log. [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /usr/spool/samba printable = Yes browseable = No and a Linux FC3 samba PDC server: [global] smb passwd file = /etc/samba/smbpasswd passwd program = /usr/bin/passwd %u printing = lprng dns proxy = no encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap preferred master = no debug level = 4 passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authenticat ion*tokens*updated*successfully* domain admin group = @admins admin users = @admins security = domain unix password sync = Yes server string = Samba Server workgroup = domain preferred master = yes log file = /var/log/samba/%m.log netbios name = Frankfurt load printers = yes domain logons = yes logon script = %G.bat domain master = yes [netlogon] browsable = yes path = /home/netlogon public = yes # read only = yes # guest ok = yes # share modes = no writable = yes # no comment = Network Login Service [homes] comment = Home Directories browseable = no writable = yes valid users = %S create mode = 0664 directory mode = 0775 [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [TML1] path = /data1 writable = yes public = yes comment = Data share data1 Looks like I'm missing something here? My goal is to have LAN users authenticate via a samba PDC when they pass through a Squid server to the internet. I'm trying to keep it simple for now. So I'm not using AD, but I will have to set this up in the near future as well. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Need help with IDMAP storage in LDAP using Winbind
Kristof Bruyninckx wrote: # Use the OpenLDAP password change # extended operation to update the password. pam_password md5 If you want it to do what the comment suggest this should read: pam_password exop dn: cn=Manager,dc=thales,dc=be objectClass: organizationalRole cn: Manager description: Directory Manager I think that may be your problem. The DN is the same as your rootdn in slapd.conf but does not have a userPassword attribute. It might shadow your rootdn making binds with that DN fail (see below). You don't have to add the rootdn from slapd.conf to your directory but it is generally discouraged to use it in daily operations as ACLs do not apply to rootdn. Sep 27 13:31:47 linux14 slapd: = access_allowed: auth access to cn=Manager,dc=thales,dc=be userPassword requested Sep 27 13:31:47 linux14 slapd: = access_allowed: backend default auth access granted to (anonymous) Sep 27 13:31:47 linux14 slapd: send_ldap_result: err=49 matched= err=49 means invalid credentials most likely due to the missing userPassword attribute of cn=manager,dc=thales,dc=be. Try removing cn=Manager,dc=thales,dc=be from your ldif and see if you can bind with rootdn and rootpw from your slapd.conf. If that works create another entry in your DIT with a userPassword attribute, give it appropriate permissions in slapd.conf and use that for your ldap admin dn in smb.conf hth Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Slow shutdowns and tmp files?[VASCL:A1037FCE7F5]
I am having problems with long shutdown periods. The machines are building large tmp files, like prf2E6.tmp. These files are over 1 gig. I am running Windows 2000 and Windows XP clients to a Redhat ES 4.0 with Samba 3.0.14. I have a domain setup. In each of these machines there are large amounts of files in My Documents. When I end up with these tmp files, the clients build temp profiles. How can this be avoided. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3 as PDC with Debian Linux server and Windows XP clients
I'm running Samba 3 on Debian/Sarge. The roaming profiles seems to come by default if you follow the example/directions in the Official Samba 3 Howto Reference Guide. There's also the newer Samba 3 by example. Both are available at samba.org. Make sure you have a samba folder with netlogon and profiles subfolders. I keep mine in /home. When you say upgrading, do you have an existing Domain and controller or are you starting up a domain? If you are starting a new domain, make it easy on yourself and use SWAT. You need to uncomment the swat line in /etc/inetd.conf and restart it. If you are converting from a Windows domain controller, there is a vampire mode that sucks the existing date from your domain controller. Then you need to remove your old domain controller and promote your new one. However, I've had problems after doing this. You may prefer just to set up a new domain if you only have a limited number of clients. Andrew Bevan wrote: Dear list I am relatively new to networking problems of this kind so apologies for the potentially simple question. I am trying to upgrade an existing network to one using Samba 3 to configure roaming XP profiles on a limited number of clients. I have re-written the smb.conf file to reflect what I think are the appropriate settings, and this passed testparm successfully, but I am unclear what to do next, despite the help offered in the usual howtos. Additionally when i try to run smbclient -L [hostname] read_socket_with_timeout: timeout read. read error = Connection reset by peer.tree connect failed: Read error: Connection reset by peer Can anyone let me know what I should be doing next? Part of my confusion is whether I need to move or otherwise re-set existing user-logins (for Unix, currently matched but not synchronised in the samba database) and passwords for them to act as individual profiles for XP. Many thanks for any help Andy Dr Andrew Bevan Lecturer Institute of Archaeology University College London 31-34 Gordon Square London WC1H 0PY tel: +44 (0)20 7679 7523 (internal 27523) fax: +44 (0)20 7383 2572 email: [EMAIL PROTECTED] info: www.ucl.ac.uk/archaeology/staff/profiles/bevan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Need help with IDMAP storage in LDAP using Winbind
Hi, I removed the entry for cn=manager,dc=thales,dc=be and checked
with ldapmodigy if I could change the existing NIS users, which seems to
still work.
Now I added a user called Admin , output from slapcat :
dn: ou=People,dc=thales,dc=be
ou: People
description: All Nis people
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: 15579caa-c053-1029-82d3-9e2135f77083
creatorsName: cn=Manager,dc=thales,dc=be
createTimestamp: 20050923075459Z
entryCSN: 20050923075459Z#01#00#00
modifiersName: cn=Manager,dc=thales,dc=be
modifyTimestamp: 20050923075459Z
dn: uid=root,ou=Idmap,dc=thales,dc=be
structuralObjectClass: account
entryUUID: 1d5990e8-c053-1029-82d4-9e2135f77083
creatorsName: cn=Manager,dc=thales,dc=be
createTimestamp: 20050923075512Z
uid: root
cn: Admin
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: secret
shadowLastChange: 13041
shadowMax: 9
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: root
entryCSN: 20050927142003Z#01#00#00
modifiersName: cn=Manager,dc=thales,dc=be
modifyTimestamp: 20050927142003Z
And then added the access permissions inside slapd.conf.
access to attr=userPassword
by self write
by anonymous auth
by dn.base=cn=Admin,dc=thales,dc=be write
by * none
access to *
by self write
by dn.base=cn=Admin,dc=thales,dc=be write
by * read
and also changed the ldap admin in samba to :
ldap admin dn = cn=Admin,dc=thales,dc=be
Now when I restart the winbind daemons he is still complaining about the
dn entry:
[2005/09/27 17:05:43, 1] lib/smbldap.c:another_ldap_try(951)
Connection to LDAP server failed for the 15 try!
[2005/09/27 17:05:44, 2] lib/smbldap.c:smbldap_open_connection(630)
smbldap_open_connection: connection opened
[2005/09/27 17:05:44, 2] lib/smbldap.c:smbldap_connect_system(790)
failed to bind to server ldap://127.0.0.1 with
dn=cn=Admin,dc=thales,dc=be Error: Invalid credentials
The ldif I used to add the Admin acount is identical ass that of the
Manager :
root.ldif
dn: uid=root,ou=Idmap,dc=thales,dc=be
uid: root
cn: Admin
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypt}$1$lB0twC9d$i542IIFLEH11VLUzdEUr91
shadowLastChange: 13041
shadowMax: 9
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: root
Any ideas off what I'm doing wrong?
Thanks,
On Tue, 2005-09-27 at 15:02 +0200, paul kölle wrote:
Kristof Bruyninckx wrote:
# Use the OpenLDAP password change
# extended operation to update the password.
pam_password md5
If you want it to do what the comment suggest this should read:
pam_password exop
dn: cn=Manager,dc=thales,dc=be
objectClass: organizationalRole
cn: Manager
description: Directory Manager
I think that may be your problem. The DN is the same as your rootdn in
slapd.conf but does not have a userPassword attribute. It might shadow
your rootdn making binds with that DN fail (see below). You don't have
to add the rootdn from slapd.conf to your directory but it is
generally discouraged to use it in daily operations as ACLs do not apply
to rootdn.
Sep 27 13:31:47 linux14 slapd: = access_allowed: auth access to
cn=Manager,dc=thales,dc=be userPassword requested
Sep 27 13:31:47 linux14 slapd: = access_allowed: backend default auth
access granted to (anonymous)
Sep 27 13:31:47 linux14 slapd: send_ldap_result: err=49 matched=
err=49 means invalid credentials most likely due to the missing
userPassword attribute of cn=manager,dc=thales,dc=be.
Try removing cn=Manager,dc=thales,dc=be from your ldif and see if you
can bind with rootdn and rootpw from your slapd.conf. If that works
create another entry in your DIT with a userPassword attribute, give it
appropriate permissions in slapd.conf and use that for your ldap admin
dn in smb.conf
hth
Paul
--
Kristof.Bruyninckx
We are Microsoft. What you are experiencing is not a problem; it is an
undocumented feature.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Print$ share for athlon 64bit systems or xeon 64bit
Does any one know if there is to be a seperate folder created under the print$ share for any of the 64 bit systems? Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Print$ share for athlon 64bit systems or xeon 64bit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | Does any one know if there is to be a seperate | folder created under the print$ share for any of the 64 | bit systems? Thanks in advance. yes. You need an x64 directory. But you probably also are interested in https://bugzilla.samba.org/bug/3057 cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDOWnBIR7qMdg1EfYRAqrVAJ992eD9I07XKUVgRm0BVgDSlVWWiwCfV0Wv vZJnjhWaMBpoXdcXIGws2ck= =CcLn -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SMB/LDAP: Confused...
Hi.
I have an existing departmental network based on AFS, Kerberos 5 and
LDAP. All unixes work nicely, logging in remotely. So, Samba acting
as a PDC with OpenLDAP. Now I'd like to interoperate with all windows
workstations. I chose the LDAP way, since it's the most flexible and
secure way... or at least, it seems to me more flexible than using a
single /etc/passwd file on a distributed environment.
LDAP contains a rootdc=dept and we already have
groups and persons just working, and experimental hosts:
# group example
dn: cn=deptafs,ou=info,dc=dept
objectClass: top
objectClass: posixGroup
cn: diaafs
gidNumber: 1
description: general afs group
# user example
dn: uid=doe,ou=info,dc=dept
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
cn: John
uid: Doe
uidNumber: 1
gidNumber: 1
description: info will be here
title: Mr.
sn: Doe
o: MyUniversity
ou: Dept
st: State
l: City
mail: [EMAIL PROTECTED]
gecos: ,,,
givenName: John
displayName: John Doe
homeDirectory: /afs/my.dept.org/users/d/doe
loginShell: /bin/bash
# host example
dn: cn=host.dept.org,ou=host,dc=dept
objectClass: locality
objectClass: ipHost
objectClass: ieee802Device
objectClass: bootableDevice
ipHostNumber: 123.123.123.11
cn: host.dept.org
macAddress: 00:00:00:00:00:00
My ldap admin is cn=sysadmin and there's just a rootdn entry in
slapd.conf, the password is provided by kerberos via GSSAPI/SASL.
I've got many questions, but one important thing is not to mess with
ldap database so much... I don't like to rewrite the db from scratch.
Now my concerns :)
The smbldap-tools are of no use probably for us, since all the docs
I've read start with smbldap-populate... but I have a db just
working. So, I need to add the minimum required entries into ldap and
modify the existing names in order to make all users use the remote
profiling.
My UIDs are LDAP-only. I generate them from AFS, and so they are
unmodifiable. Of course, this shouldn't be an issue... I hope.
As long as I've understood, I must add a dn for the domain. I have no
idea how to generate a SID, and I have no idea how RidBase works with
samba if we do not use smbldap-tools. This is my example:
# TESTING, dia
dn: sambaDomainName=TESTING,dc=dept
sambaDomainName: TESTING
sambaSID: S-1-1-21-3138413446-3899332943-2322914696
sambaAlgorithmicRidBase: 1000
objectClass: sambaDomain
All users must be modified using samba schema. Again. What I can do
with SIDs (user and groups)? I mean, can I use *any* sid I want from
the UID I have or I must make some kind of trick? What about LM
password and NT password? I will use, if I understand, the
userPassword field, not the other two. The profile can be put
wherever I want, if I understand... so I'd like to store them under /
afs/../username/windows, so username-dependent... this is difficult
to understand for me: how to specity a UNC path for user profiling,
given this unix pattern /afs/my.dept.org/users/d/doe, and putting
profiles under windows/ on each home directory. That's my guess,
wrong for sure:
dn: uid=doe,ou=info,dc=dept
uidNumber: 1
gidNumber: 1
homeDirectory: /afs/my.dept.org/users/d/doe
loginShell: /bin/bash
gecos: ,,,
description: info will be here
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
displayName: John Doe
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-3000
sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-513
sambaLogonScript: common.bat
sambaProfilePath: \\TESTINGPDC\users\d\doe\windows
sambaHomePath: \\TESTINGPDC\users\d\doe
sambaHomeDrive: Z:
sambaLMPassword: 7584248B8D2C9F9EAAD3B435B51404EE
sambaAcctFlags: [U]
sambaNTPassword: 186CB09181E2C2ECAAC768C47C729904
sambaPwdLastSet: 1081281346
sambaPwdMustChange: 1085169346
userPassword: {SSHA}jg1v0WaeBkymhWasjeiprxzHxdmTAHd+
[global]
workgroup=TESTING
netbios name=TESTINGPDC
enable privileges=yes
server string=Samba-LDAP
ldap passwd sync=yes
passdb backend=ldapsam:ldap://ldap.dept.org/
ldap admin dn=cn=sysadmin,dc=dept
ldap suffix=dc=dept
ldap group suffix=ou=info,dc=dept
ldap user suffix=ou=info,dc=dept
ldap machine suffix=ou=host,dc=dept
ldap ssl=no
logon script=scripts\logon.bat
domain logons=yes
os level=64
preferred master=yes
domain master=yes
#[profiles]
#path=/var/local/samba/profiles
#read only=no
#create mask=0600
#directory mask=0700
#browseable=no
#guest ok=yes
#profile acls=yes
#csc policy=disable
#force user=%U
[netlogon]
path=/var/local/samba/netlogon
browseable=no
read only=yes
--
Sensei [EMAIL PROTECTED]
The difference between stupidity and genius is that genius has its
limits. (A. Einstein)
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Authentication confusion - may be LDAP related
All; I think I may have a clue about what's going wrong in my little environment here, but I could really use a more experienced eye on it. I've been having some strange authentication problems on a new install. With some digging, I may have a clue about what's going wrong. Some background: I'm only looking to use samba to share Unix directories to the Windows community. I'm not looking to build a full up login server. This is usually a VERY basic, and simple thing to to. You simply have to be sure that the windows users also have a matching account on the *nix side (doesn't need to be an smbpasswd account, just a very generic *nix account). I've done this several times, so when it blew up on me this time, it has caused me some sleepless nights trying to figure out. Here goes: In the last install I did ( at another company ), I did a very simple install, and it worked for what it was needed to do (simply provide the windows users with access to Unix directories, via shares). I didn't need a login controller, and I don't now. In that case, there was an LDAP server that validated Unix logins, but I pretty much just ignored it, and all was well. The *nix OS handled the authentication just fine (a very basic setup. For this kind of setup, the user only has to exist. The OS could check that very easily). So, I was trying to do the same here. When nothing would work right without making samba specific users (via smbpasswd), I started digging into the LDAP server. This environment is tortured. Here's what I found. On the Windows ADS, user IDs are pure numeric. So, for example, my Windows login is: 123456 Unix doesn't like that.So the unix logins are: u123456 Handling the translation for samba is just a usermap entry u123456 = 123456 Should be simple enough. But I'm getting No Such User errors. So I dug into the LDAP server. The user identification is strange. the dn: here looks like: dn: username=u123456,ou=aixuser,cn=aixsecdb,cn=aixdata uid: 1040 username: u123456 snip with u123456 being my *nix login. To me, this looks very wrong (not to mention that there's no dc=). My last LDAP server it looked like: dn: uid=tibbetts,ou=People,dc=ldap-test,dc=com uidNumber: 123456 uid: tibbetts snip with tibbetts being my login. If I'm seeing this right, shouldn't the login be the uid not username? Is that what Samba is looking for? With the login being set to username, and uid being (what should be) the uidNumber, I believe that it's confusing Samba, and that's why I'm getting the user not found errors. Is a way to work around this? Or am I just SOL? Or am I all wet, and looking in the wrong place? I'd really appreciate a fresh set of eyes on this. Thanks in advance for any advice on this one!!! -Ric -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Need help with IDMAP storage in LDAP using Winbind
Kristof Bruyninckx wrote:
Hi, I removed the entry for cn=manager,dc=thales,dc=be and checked
with ldapmodigy if I could change the existing NIS users, which seems to
still work.
Now I added a user called Admin , output from slapcat :
no, you have not. You authenticate with a DN and a password so a user
object in LDAP is identified with a DistinguishedName, not something
with a cn=whatever attribute.
Any ideas off what I'm doing wrong?
Your accounts are still messed up. You create an entry with DN
uid=root,ou=Idmap,dc=thales,dc=be but your admin dn is
cn=Admin,dc=thales,dc=be how is that supposed to work?
given the admin should not be used for other stuff (think of least
privileges model;) it could look like:
dn: uid=samba,ou=services,dc=thales,dc=be
objectClass: top
objectClass: simpleSecurityObject
objectClass: account
uid: samba
userPassword: {CLEARTEXT}whatever
description: DN for samba
then you would do:
1. change the ou to your needs
2. change the password
3. fix your ACLs
3. put exactly that DN in your smb.conf
4. run: smbpasswd -w DN as in ldap admin dn - type in password from
step 2.
Of course you can use whatever DN you like, it needs just a userPassword
attribute.
hth
Paul
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Free space/capacity displayed as garbage...
Dear, I'm having some strange problems with Samba. I have shared a linux folder on my samba and have mapped it to a drive letter in Windows XP (I also tried with Windows 2000). When I right click my mapped drive and click on properties to view the free space and capacity, I get all garbage as can be seen from the screenshot at: http://www.nuonsoft.com/temp/samba_free_space.jpg I'm running the latest version 3.0.20 and it is running on AlphaCore which is Fedora Core 3 for the Alpha (64 bit platform). It compiled without problems with gcc 3.4.3. Because of this issue, I'm unable to use my samba network share from programs that check the freespace before doing something, like for example creating a cd image. Any help will be appreciated. My smb.conf is as follows: [global] workgroup = GREGOIRE server string = Alpha Server printcap name = cups cups options = raw log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 dns proxy = no winbind uid = 16777216-33554431 winbind gid = 16777216-33554431 restrict anonymous = no domain master = no preferred master = no max protocol = NT ldap ssl = No server signing = Auto username map = /etc/samba/smbusers [homes] comment = Home Directories browseable = no read only = no [printers] comment = All Printers path = /var/spool/samba printable = yes printer name = EPSPHOTO guest ok = yes [mydocs] case sensitive = no guest ok = yes msdfs proxy = no read only = no path = /mydocs Some more system info: [EMAIL PROTECTED] ~]# smbd --version Version 3.0.20 [EMAIL PROTECTED] ~]# nmbd --version Version 3.0.20 [EMAIL PROTECTED] ~]# uname -a Linux alpha 2.6.11-1.1180axp_FC3 #1 Mon Apr 18 11:34:15 EEST 2005 alpha alpha alpha GNU/Linux If you need other system information, please ask. Kind Regards, Marc -- Marc Gregoire NuonSoft Website: http://www.nuonsoft.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] error NT_STATUS_ACCESS_DENIED
Hello I'm running Samba version 3.0.2a on Solaris 9 and can not get access to my defined shares. My config is below. I believe my configuration is good and I can see the server in the Windows Network browser but can not authenticate. Any one have any ideas? Thanks Steve [global] netbios name = f2z32-07 workgroup = LEVEL3 server string = %h # do not change anything in the [global] section beyond this point. # Security settings to allow operation with Windows domain credentials. # Misconfiguration will impact the availability of this system # and is a severity 3 exposure. security = domain password server = * allow trusted domains = yes encrypt passwords = yes client use spnego = yes # We don't want Samba to become a master browser on the network, and # never act as the Primary Domain Controller. # Misconfiguration will impact the stability of the production # network and is a severity 4 exposure. local master = no domain logons = no domain master = no # Set up to be a WINS client, but definitely not a WINS server. # Misconfiguration will impact the availability of this system # and is a severity 3 exposure. wins support = no wins server = 10.1.7.10 10.1.7.11 # Only allow access from internal clients # Misconfiguration could allow unauthorized access and is a # severity 3 exposure. hosts allow = 10.0.0.0/8 hosts deny = ALL interfaces = 127.0.0.1 10.0.0.0/8 bind interfaces only = yes # Root is explicitly not allowed access. # Misconfiguration could allow connection with root privilege # and is a severity 3 exposure. invalid users = root # Only users in the ntusers group are allowed access # Misconfiguration could contribute to allowing access # to unauthorized users and is a severity 2 exposure. valid users = @ntusers # We need to map NT usernames to UNIX usernames # Misconfiguration could allow unauthorized access and is # a severity 3 exposure. username map = /usr/local/samba/lib/usernames.map # don't allow older, weaker encryption spec to be used lanman auth = no # no OS/2 client support is needed lm announce = no # NT/2000/XP should all be able to cope, and the added strength is necessary min protocol = NT1 # We're on a Local Area Network, so these settings are appropriate socket options = TCP_NODELAY SO_RCVBUF=8192 IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Logging options, record Create / Delete / Rename / Perm Change / Open / Close # Misconfiguration will impact monitoring and is a severity 2 exposure. vfs objects = extd_audit log level = 2 ; log file = /var/log/samba.log # Set up umasks for object creation # Misconfiguration could allow files to be created with undesireable # permissions and is a severity 2 exposure. inherit permissions = no create mask = 0644 directory mask = 0755 # Authenticated access is required to all resources # Misconfiguration could allow unauthorized access to the resources and # is a severity 3 exposure. guest ok = no # As a further safety, shares are read only by default. read only = yes [public] path = /home/public read only = no # [lecinv] guest ok = yes path = /lecinv valid users = wfarrell,sbrown writeable = yes bash-2.05# Steve Brown Unix Systems Administration Level 3 Communications 1025 Eldorado Blvd (720)888-3545 Pager Pin 8774636766 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Page Print Jobs Wont Sort
Hello List, Im running samba 3 with cups. When I change the sort order in msword when printing multiple pages the sort order is stuck to page 1,1 then page 2,2 etc. So printing 2 copies of a multiple page ducument will not result in a sort order of 1,2,3 .. per document. I'm running multiple HPjetdirect printers in a mixed windows environment, using client printer driver = yes. However, using cups drivers or raw queue'ing doesn't solve the issue. Any hints would be greatly appriciated. Frank -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.14a-0.4-SUSE winbind -t error with NT4 domain
I am trying to use winbind on SLES 9 (SP2) with Samba version 3.0.14a-0.4-SUSE as a member server. Using wbinfo -u and -g work great (and getent passwd/group). When I try wbinfo -t, I receive the following error: checking the trust secret via RPC calls failed error code was NT_STATUS_INVALID_COMPUTER_NAME (0xc122) Could not check secret With winbind running I can not view shares on system (net view \\xxx). From Windows system I receive: System error 1210 has occurred. The format of the specified computer name is invalid. If I stop winbind, the shares are visible. I'm sure it is something I have mis-configured but can't find it. Any help would be greatly appreciated!!! Bob Dehn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Authentication confusion - may be LDAP related
Ric Tibbetts wrote: dn: username=u123456,ou=aixuser,cn=aixsecdb,cn=aixdata uid: 1040 username: u123456 snip with u123456 being my *nix login. To me, this looks very wrong (not to mention that there's no dc=). It looks wrong and the author surely has had no clue what cn means etc. nevertheless it should work. If I'm seeing this right, shouldn't the login be the uid not username? Is that what Samba is looking for? You can set ldap filter = (username=%u) in smb.conf along with a suitable value for ldap suffix. Check the users with getent passwd to test if they are visible to the system. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba/Firewall issues?
Greetings, I am running into *possible* Samba/Firewall issues. Our Samba v3.0.11 server is also running iptables. In our log.nmbd file we have noticed the following: [2005/09/27 15:43:41, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 15:50:21, 0] libsmb/nmblib.c:send_udp(790) Packet send failed to 130.xx.xx.xx(138) ERRNO=Operation not permitted [2005/09/27 14:07:57, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (No route to host) [2005/09/27 14:12:51, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 14:23:04, 1] libsmb/cliconnect.c:cli_connect(1313) A search turned up the following: http://seclists.org/lists/bugtraq/2001/Mar/0285.html Obviously, the netfilter nat code breaks nmap while using the -O flag or using decoy options. The (sendto in send_tcp_raw: sendto) error is a symptom of this. It also breaks other packet shaping utilities such as hping, etc., so this does not appear to be an nmap problem. I don't believe the connection tracking portion of netfilter is to blame in this case. In my tests the connection tracking code, whether it was loaded as a module or built statically into the kernel, didn't seem to get in the way. The cause of the 'sendto..' errors seems to be caused solely by the iptable_nat.o module(which is huge, of course). Once you load that one, or build it into the kernel, nmap -O no worky. Without it, nmap/hping/everything works just peachy. Best Regards, Steve - Now I have removed iptable_nat with rmmod but I am still seeing errors. For our end users the error shows up as Domain not found. Anyone see these errors before ?? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Authentication confusion - may be LDAP related
At 02:20 PM 9/27/2005, paul kölle wrote: Ric Tibbetts wrote: dn: username=u123456,ou=aixuser,cn=aixsecdb,cn=aixdata uid: 1040 username: u123456 snip with u123456 being my *nix login. To me, this looks very wrong (not to mention that there's no dc=). It looks wrong and the author surely has had no clue what cn means etc. nevertheless it should work. If I'm seeing this right, shouldn't the login be the uid not username? Is that what Samba is looking for? You can set ldap filter = (username=%u) in smb.conf along with a suitable value for ldap suffix. Check the users with getent passwd to test if they are visible to the system. Okay, I tried this. Here's my smb.conf: # Global parameters [global] workgroup = WIN server string = RX01 %a-%v security = user password server = a server username map = /usr/local/samba/private/smbusers log level = 100 log file = /var/log/samba/%m.log max log size = 500 wins server = a server socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ldap filter = (username=%u) ldap admin dn = cn=root ldap suffix = cn=aixsecdb,cn=aixdata ldap group suffix = ou=aixgroup ldap user suffix = ou=aixuser ldap machine suffix = cn=aixid,ou=system [Homes] comment = User Home Directories valid users = %S read only = No guest ok = Yes Still no good. I have no getent installed. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Authentication confusion - may be LDAP related
At 02:20 PM 9/27/2005, paul kölle wrote: Ric Tibbetts wrote: dn: username=u123456,ou=aixuser,cn=aixsecdb,cn=aixdata uid: 1040 username: u123456 snip with u123456 being my *nix login. To me, this looks very wrong (not to mention that there's no dc=). It looks wrong and the author surely has had no clue what cn means etc. nevertheless it should work. If I'm seeing this right, shouldn't the login be the uid not username? Is that what Samba is looking for? You can set ldap filter = (username=%u) in smb.conf along with a suitable value for ldap suffix. Check the users with getent passwd to test if they are visible to the system. This is from the error log: attempting to make a user_info for u212442 (212442) making strings for u212442's user_info struct making blobs for u212442's user_info struct made an encrypted user_info for u212442 (212442) check_ntlm_password: mapped user is: [EMAIL PROTECTED] getsampwnam (smbpasswd): search by name: u212442 check_sam_security: Couldn't find user 'u212442' in passdb. check_ntlm_password: Authentication for user [212442] - [u212442] FAILED with error NT_STATUS_NO_SUCH_USER Yet, from that same AIX box if I check my id: # id u212442 uid=1040(u212442) gid=1001(sysadmin) So the OS knows the id exists, it's just not passing that info to Samba. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Authentication confusion - may be LDAP related
At 02:20 PM 9/27/2005, paul kölle wrote: Ric Tibbetts wrote: dn: username=u123456,ou=aixuser,cn=aixsecdb,cn=aixdata uid: 1040 username: u123456 snip with u123456 being my *nix login. To me, this looks very wrong (not to mention that there's no dc=). It looks wrong and the author surely has had no clue what cn means etc. nevertheless it should work. Suprisingly enough (maybe not...) this is the default configuration from IBM for thier LDAP server. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC Configuration
Hi i need to install samba as pdc of my network, please can anybody can send me a smb.conf example? or the steps that i must follow to do that? im new in linux, i have to change from Windows 2003 to RHEL 4. thanks for the help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] When will be released samba 3.0.20a with latest patches ?
Hi all. When will be released samba 3.0.20a with latest patches from this: http://us4.samba.org/samba/patches/ There is statement: *ATTENTION* A patch release, Samba 3.0.20a, is planned for late in the week of September 19, 2005. This release will incorporate all the patches for 3.0.20 listed on this page as well as a few possible other fixes. We are all after Semptember 19 and there is no samba 3.0.20a :( P.S. I have upgrade my serwer with samba 3.0.20 but my dos apps hang with bug: BUG 3044 https://bugzilla.samba.org/bug/3044 and 3060 https://bugzilla.samba.org/bug/3060 DOS application interoperability issues So i rolled back to samba 3.0.14a :( Best regrads, Jancio Wodnik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] When will be released samba 3.0.20a with latest patches ?
On Tue, Sep 27, 2005 at 11:04:38PM +0200, Jancio Wodnik wrote: Hi all. When will be released samba 3.0.20a with latest patches from this: http://us4.samba.org/samba/patches/ There is statement: *ATTENTION* A patch release, Samba 3.0.20a, is planned for late in the week of September 19, 2005. This release will incorporate all the patches for 3.0.20 listed on this page as well as a few possible other fixes. We are all after Semptember 19 and there is no samba 3.0.20a :( We're working on it... We're trying to ensure there are no outstanding critical bugs for 3.0.20a, and I just fixed another DOS client one. You'd rather it be correct than on time I hope ? :-). P.S. I have upgrade my serwer with samba 3.0.20 but my dos apps hang with bug: BUG 3044 https://bugzilla.samba.org/bug/3044 and 3060 https://bugzilla.samba.org/bug/3060 DOS application interoperability issues Those will definately be fixed in 3.0.20a. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] When will be released samba 3.0.20a with latest patches ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeremy Allison wrote: | | We're working on it... We're trying to ensure there | are no outstanding critical bugs for 3.0.20a, and | I just fixed another DOS client one. | | You'd rather it be correct than on time I hope ? :-). I just updated the patches page to list a notice of the delay. I put down Oct 7 now as the target date. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDObYWIR7qMdg1EfYRAko7AJ9tqkOHWhRi70w3ifE1v1Tu/RveCACgqyTb J9sy8p6H502zJkr3cFaXmOs= =B1ck -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] When will be released samba 3.0.20a with latest patches ?
Jeremy Allison wrote: On Tue, Sep 27, 2005 at 11:04:38PM +0200, Jancio Wodnik wrote: Hi all. When will be released samba 3.0.20a with latest patches from this: http://us4.samba.org/samba/patches/ There is statement: *ATTENTION* A patch release, Samba 3.0.20a, is planned for late in the week of September 19, 2005. This release will incorporate all the patches for 3.0.20 listed on this page as well as a few possible other fixes. We are all after Semptember 19 and there is no samba 3.0.20a :( We're working on it... We're trying to ensure there are no outstanding critical bugs for 3.0.20a, and I just fixed another DOS client one. You'd rather it be correct than on time I hope ? :-). P.S. I have upgrade my serwer with samba 3.0.20 but my dos apps hang with bug: BUG 3044 https://bugzilla.samba.org/bug/3044 and 3060 https://bugzilla.samba.org/bug/3060 DOS application interoperability issues Those will definately be fixed in 3.0.20a. Jeremy. Ok Jeremy. I will keep my eyes on this. Jancio Wodnik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] When will be released samba 3.0.20a with latest patches ?
On Tue, Sep 27, 2005 at 11:22:52PM +0200, Jancio Wodnik wrote: Those will definately be fixed in 3.0.20a. Jeremy. Ok Jeremy. I will keep my eyes on this. If you want to make sure all your issues are fixed I suggest joining the Samba Testers list and offering help to test against regressions with DOS clients. We don't have anyone specifically testing with old clients at the moment I think, as most people care about W2K/WNT/WXP and above. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Authentication confusion - may be LDAP related
Ric Tibbetts wrote: This is from the error log: attempting to make a user_info for u212442 (212442) making strings for u212442's user_info struct making blobs for u212442's user_info struct made an encrypted user_info for u212442 (212442) check_ntlm_password: mapped user is: [EMAIL PROTECTED] getsampwnam (smbpasswd): search by name: u212442 check_sam_security: Couldn't find user 'u212442' in passdb. check_ntlm_password: Authentication for user [212442] - [u212442] FAILED with error NT_STATUS_NO_SUCH_USER If you can increase the log level for the LDAP server you can see what filter is used above and find out why the object is not found. Have you added the sambaSamAccount objectClass and attributes to the user? You can use smbldap-tools for that. Yet, from that same AIX box if I check my id: # id u212442 uid=1040(u212442) gid=1001(sysadmin) So the OS knows the id exists, it's just not passing that info to Samba. Sorry, I don't know AIX, but if all users and groups samba needs to know about are in LDAP, you can probably set ldapsam:trusted = yes in smb.conf bypassing the whole NSS story. Read the manpage of smb.conf what this parameter does. hth Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file to large
Stephan Böni wrote: Hi I cannont copying files larger than 2 GB over samba share (monted with smbmount). Do you have a solution? Stephan tray this: mount -t smbfs -o lfs,username=administrator //192.168.0.25/C$ /mnt/large_filesystem options lfs - large filesystem support old ext2 filesystem to manage files up than 2GB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Login to windows with samba running as domain master doesn't set HOMEPATH environment variable
I'm running samba as a domain master, Have implemented roaming profiles (correctly I hope). However, have discovered that if I use the client Windows 2K machine on the domain Local machine the environment variable %HOMEPATH% is set correctly to \Documents and Settings\myname however if I then login to my domain implemented by samba %HOMEPATH% is simply not defined. HOMEDRIVE and the rest seem OK, it's just HOMEPATH. Now I have searched the archives for related questions but nothing really applicable has come up therefore its going to be something wrong with my configuration (either server or client) but I really am stuck to what it could be. Thanks Derek Information - Server: OS SuSE Linux 9.1 Samba Version 3.0.13-1.1-SUSE Smb.conf - # Global parameters [global] workgroup = ELMSCLOSE map to guest = Bad User unix password sync = Yes passdb backend = smbpasswd:/etc/samba/smbpasswd passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *changed* passwd chat debug = Yes printcap cache time = 750 printcap name = cups add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ logon path = \\%L\profiles\.msprofile logon drive = Y: logon home = \\%L\%U\.9xprofile domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes admin users = root, derek printer admin = @ntadmin, root, administrator cups options = raw include = /etc/samba/dhcp.conf template homedir = /home/%D/%U [homes] path = /home/%U/ comment = Home Directories valid users = %S read only = No inherit acls = Yes browseable = No [profiles] comment = Network Profiles Service path = %H read only = No create mask = 0600 directory mask = 0700 store dos attributes = Yes [printers] comment = All Printers path = /var/tmp create mask = 0600 printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin, root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = root [public] comment = Public Shared Directory path = /home/public read only = No inherit acls = Yes Client: OS Windows 2000 Pro Have joined domain ELMSCLOSE without any problems Have created a user with profiles being copied to LINUX box without problems No other changes made -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Excel problem with samba 3.0.4 and 3.0.10
I applied the fix for my test system running SunOS 2.9 + samba 3.0.10 on a ufs file system. I've done the following: # umount /export/home # mount -o noatime /dev/dsk/c0t0d0s7 /export/home # ls -lu /export/home/TEST.xls - record access time # ls -l /export/home/TEST.xls - record modification time From PC , I accessed and opened/closed the exel file TEST.xls. modification time got updated ,not access time. So far I have tried Exel 2000 and Exel 2003. I verified that autosave was disabled but the file's timestamp still got updated. Any idea?! Thanks, Xuan Kevin W. Gagel wrote: Read up on atime here: http://www.faqs.org/docs/securing/chap6sec73.html Its what you're after. - Original Message - From: xuan van [EMAIL PROTECTED] To: samba@lists.samba.org Subject: [Samba] Excel problem with samba 3.0.4 and 3.0.10 Date: Mon, 26 Sep 2005 09:55:04 -0700 Problem Description == Open and close without saving EXCEL files causes time stamp updated Problem occurs on both samba versions 3.0.4 and 3.0.10 I am looking for a solution to this problem. I would appreciate any help. Thanks in advance Xuan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba = Kevin W. Gagel Network Administrator Information Technology Services (250) 562-2131 local 448 --- The College of New Caledonia, Visit us at http://www.cnc.bc.ca Virus scanning is done on all incoming and outgoing email. Anti-spam information for CNC can be found at http://avas.cnc.bc.ca --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Excel problem with samba 3.0.4 and 3.0.10
Yes, you're right! I upgraded samba to 3.0.20 and the problem seems to go away. Thanks, Xuan Jeremy Allison wrote: On Mon, Sep 26, 2005 at 09:55:04AM -0700, xuan van wrote: Problem Description == Open and close without saving EXCEL files causes time stamp updated Problem occurs on both samba versions 3.0.4 and 3.0.10 I am looking for a solution to this problem. I would appreciate any help. Thanks in advance This was fixed for 3.0.20 I believe... Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] FW: Need HELP in upgrading SAMBA 2.2.12 to 3.0.20
_ From: Agda Maria Galli Cartolano Sent: Tuesday, September 27, 2005 5:08 PM To: samba-technical@lists.samba.org Subject: Need HELP in upgrading SAMBA 2.2.12 to 3.0.20 Good people, I need some help... I am trying to upgrade SAMBA 2.2.12 to 3.0.20 but I am very confused and cannot find my way... The SAMBA server is a SunFire V210, Solaris 9, 64 bit server. I went to the samba web site and downloaded samba-3.0.20-1-noads-sunos5.9-sparc.pkg.gz. All the instructions I found were related to installation and not upgrade. Does it matter? Is the process the same? Will my old shares (filled up with 2.2.12 files) be compatible with 3.0.20? The instructions just tell to gunzip the file, verify the signatures and pkgadd. Sorry but I have never used wget or gpg. How can I get them? Please HEP !!! Thanks, amgc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Page Print Jobs Wont Sort
-- Forwarded message -- From: frame down under [EMAIL PROTECTED] Date: 28-Sep-2005 00:41 Subject: Re: [Samba] Multiple Page Print Jobs Wont Sort To: John Ward [EMAIL PROTECTED] Is there any indication why a local printer sorts ok, but a networked printer doesn't ? Frank On 27/09/05, John Ward [EMAIL PROTECTED] wrote: From: frame down under [EMAIL PROTECTED] Date: 2005/09/27 Tue PM 12:52:36 PDT To: samba@lists.samba.org Subject: [Samba] Multiple Page Print Jobs Wont Sort Hello List, Im running samba 3 with cups. When I change the sort order in msword when printing multiple pages the sort order is stuck to page 1,1 then page 2,2 etc. So printing 2 copies of a multiple page ducument will not result in a sort order of 1,2,3 .. per document. I'm running multiple HPjetdirect printers in a mixed windows environment, using client printer driver = yes. However, using cups drivers or raw queue'ing doesn't solve the issue. Any hints would be greatly appriciated. Frank -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba I have noticed this also, if you print to a 'local' printer then all is ok, if you print to a Windows spooled printer, good luck. John. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r10527 - in branches/SAMBA_4_0/source/script: .
Author: tridge Date: 2005-09-27 07:11:33 + (Tue, 27 Sep 2005) New Revision: 10527 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10527 Log: don't attempt self gdb attach if running under valgrind. This was causing fort to get rather unhappy Modified: branches/SAMBA_4_0/source/script/gdb_backtrace Changeset: Modified: branches/SAMBA_4_0/source/script/gdb_backtrace === --- branches/SAMBA_4_0/source/script/gdb_backtrace 2005-09-27 05:11:14 UTC (rev 10526) +++ branches/SAMBA_4_0/source/script/gdb_backtrace 2005-09-27 07:11:33 UTC (rev 10527) @@ -1,5 +1,10 @@ #!/bin/sh +if [ -n $VALGRIND -o -n $SMBD_VALGRIND ]; then +echo Not running gdb under valgrind +exit 1 +fi + # we want everything on stderr, so the program is not disturbed exec 12
svn commit: samba-docs r815 - in trunk/smbdotconf/tuning: .
Author: ab Date: 2005-09-27 08:42:49 + (Tue, 27 Sep 2005) New Revision: 815 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=815 Log: Code in Samba 3 states use sendfile = false so documentation must reflect it Modified: trunk/smbdotconf/tuning/usesendfile.xml Changeset: Modified: trunk/smbdotconf/tuning/usesendfile.xml === --- trunk/smbdotconf/tuning/usesendfile.xml 2005-09-16 19:06:50 UTC (rev 814) +++ trunk/smbdotconf/tuning/usesendfile.xml 2005-09-27 08:42:49 UTC (rev 815) @@ -13,5 +13,5 @@ /para /description -value type=defaultyes/value +value type=defaultfalse/value /samba:parameter
svn commit: samba r10528 - in branches/SAMBA_4_0/source: client gtk/common include lib lib/cmdline lib/samba3 ntvfs/cifs rpc_server/remote scripting/ejs torture torture/basic torture/rpc utils
Author: jelmer
Date: 2005-09-27 10:00:27 + (Tue, 27 Sep 2005)
New Revision: 10528
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10528
Log:
Add credentials.h back into includes.h as some compilers don't
seem to be able to handle incomplete enum types.
Modified:
branches/SAMBA_4_0/source/client/client.c
branches/SAMBA_4_0/source/gtk/common/credentials.c
branches/SAMBA_4_0/source/include/includes.h
branches/SAMBA_4_0/source/include/structs.h
branches/SAMBA_4_0/source/lib/cmdline/popt_common.c
branches/SAMBA_4_0/source/lib/credentials.c
branches/SAMBA_4_0/source/lib/samba3/secrets.c
branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c
branches/SAMBA_4_0/source/rpc_server/remote/dcesrv_remote.c
branches/SAMBA_4_0/source/scripting/ejs/smbcalls_cli.c
branches/SAMBA_4_0/source/scripting/ejs/smbcalls_creds.c
branches/SAMBA_4_0/source/torture/basic/secleak.c
branches/SAMBA_4_0/source/torture/gentest.c
branches/SAMBA_4_0/source/torture/locktest.c
branches/SAMBA_4_0/source/torture/masktest.c
branches/SAMBA_4_0/source/torture/rpc/samlogon.c
branches/SAMBA_4_0/source/torture/rpc/samsync.c
branches/SAMBA_4_0/source/torture/rpc/schannel.c
branches/SAMBA_4_0/source/utils/ntlm_auth.c
Changeset:
Modified: branches/SAMBA_4_0/source/client/client.c
===
--- branches/SAMBA_4_0/source/client/client.c 2005-09-27 07:11:33 UTC (rev
10527)
+++ branches/SAMBA_4_0/source/client/client.c 2005-09-27 10:00:27 UTC (rev
10528)
@@ -32,7 +32,6 @@
#include system/dir.h
#include system/filesys.h
#include dlinklist.h
-#include credentials.h
#include system/readline.h
#include pstring.h
Modified: branches/SAMBA_4_0/source/gtk/common/credentials.c
===
--- branches/SAMBA_4_0/source/gtk/common/credentials.c 2005-09-27 07:11:33 UTC
(rev 10527)
+++ branches/SAMBA_4_0/source/gtk/common/credentials.c 2005-09-27 10:00:27 UTC
(rev 10528)
@@ -20,7 +20,6 @@
#include includes.h
#include gtk/common/gtk-smb.h
-#include include/credentials.h
static void gtk_get_credentials(struct cli_credentials *credentials)
{
Modified: branches/SAMBA_4_0/source/include/includes.h
===
--- branches/SAMBA_4_0/source/include/includes.h2005-09-27 07:11:33 UTC
(rev 10527)
+++ branches/SAMBA_4_0/source/include/includes.h2005-09-27 10:00:27 UTC
(rev 10528)
@@ -114,6 +114,7 @@
#include ntvfs/ntvfs.h
#include cli_context.h
#include lib/com/com.h
+#include credentials.h
#define malloc_p(type) (type *)malloc(sizeof(type))
#define malloc_array_p(type, count) (type *)realloc_array(NULL, sizeof(type),
count)
Modified: branches/SAMBA_4_0/source/include/structs.h
===
--- branches/SAMBA_4_0/source/include/structs.h 2005-09-27 07:11:33 UTC (rev
10527)
+++ branches/SAMBA_4_0/source/include/structs.h 2005-09-27 10:00:27 UTC (rev
10528)
@@ -297,7 +297,3 @@
struct param_context;
struct param_section;
struct param;
-
-enum credentials_obtained;
-struct cli_credentials;
-struct ccache_container;
Modified: branches/SAMBA_4_0/source/lib/cmdline/popt_common.c
===
--- branches/SAMBA_4_0/source/lib/cmdline/popt_common.c 2005-09-27 07:11:33 UTC
(rev 10527)
+++ branches/SAMBA_4_0/source/lib/cmdline/popt_common.c 2005-09-27 10:00:27 UTC
(rev 10528)
@@ -25,7 +25,6 @@
#include system/filesys.h
#include system/passwd.h
#include lib/cmdline/popt_common.h
-#include credentials.h
/* Handle command line options:
* -d,--debuglevel
Modified: branches/SAMBA_4_0/source/lib/credentials.c
===
--- branches/SAMBA_4_0/source/lib/credentials.c 2005-09-27 07:11:33 UTC (rev
10527)
+++ branches/SAMBA_4_0/source/lib/credentials.c 2005-09-27 10:00:27 UTC (rev
10528)
@@ -27,7 +27,6 @@
#include librpc/gen_ndr/ndr_samr.h /* for struct samrPassword */
#include system/kerberos.h
#include auth/kerberos/kerberos.h
-#include include/credentials.h
/**
Modified: branches/SAMBA_4_0/source/lib/samba3/secrets.c
===
--- branches/SAMBA_4_0/source/lib/samba3/secrets.c 2005-09-27 07:11:33 UTC
(rev 10527)
+++ branches/SAMBA_4_0/source/lib/samba3/secrets.c 2005-09-27 10:00:27 UTC
(rev 10528)
@@ -30,7 +30,6 @@
#include system/filesys.h
#include librpc/gen_ndr/ndr_security.h
#include lib/tdb/include/tdbutil.h
-#include credentials.h
/**
* Unpack SID into a pointer
Modified: branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c
===
--- branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c 2005-09-27 07:11:33 UTC
(rev 10527)
+++
svn commit: samba r10529 - in branches/SAMBA_4_0/source/libcli/composite: .
Author: metze
Date: 2005-09-27 10:29:13 + (Tue, 27 Sep 2005)
New Revision: 10529
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10529
Log:
fix a crash bug in full async code the uses the composite_trigger_done() code
the event subsystem wants to free timed_events!
metze
Modified:
branches/SAMBA_4_0/source/libcli/composite/composite.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/composite/composite.c
===
--- branches/SAMBA_4_0/source/libcli/composite/composite.c 2005-09-27
10:00:27 UTC (rev 10528)
+++ branches/SAMBA_4_0/source/libcli/composite/composite.c 2005-09-27
10:29:13 UTC (rev 10529)
@@ -52,6 +52,12 @@
{
struct composite_context *c = talloc_get_type(ptr, struct
composite_context);
if (c-async.fn) {
+ /*
+* the event is a child of req,
+* and req will be free'ed by the callback fn
+* but the events code wants to free the event itself
+*/
+ talloc_steal(ev, te);
c-async.fn(c);
}
}
svn commit: samba r10530 - in branches/SAMBA_4_0/source/libcli/wrepl: .
Author: metze
Date: 2005-09-27 10:31:57 + (Tue, 27 Sep 2005)
New Revision: 10530
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10530
Log:
- fix some crash bugs when we lost the connection...
metze
Modified:
branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c
branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.h
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c
===
--- branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c 2005-09-27 10:29:13 UTC
(rev 10529)
+++ branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c 2005-09-27 10:31:57 UTC
(rev 10530)
@@ -31,6 +31,8 @@
*/
static void wrepl_socket_dead(struct wrepl_socket *wrepl_socket)
{
+ wrepl_socket-dead = True;
+
event_set_fd_flags(wrepl_socket-fde, 0);
while (wrepl_socket-send_queue) {
@@ -118,7 +120,10 @@
req-buffer.data + req-num_read,
4 - req-num_read,
nread, 0);
- if (NT_STATUS_IS_ERR(req-status)) goto failed;
+ if (NT_STATUS_IS_ERR(req-status)) {
+ wrepl_socket_dead(wrepl_socket);
+ return;
+ }
if (!NT_STATUS_IS_OK(req-status)) return;
req-num_read += nread;
@@ -140,7 +145,10 @@
req-buffer.data + req-num_read,
req-buffer.length - req-num_read,
nread, 0);
- if (NT_STATUS_IS_ERR(req-status)) goto failed;
+ if (NT_STATUS_IS_ERR(req-status)) {
+ wrepl_socket_dead(wrepl_socket);
+ return;
+ }
if (!NT_STATUS_IS_OK(req-status)) return;
req-num_read += nread;
@@ -275,6 +283,7 @@
wrepl_socket-send_queue = NULL;
wrepl_socket-recv_queue = NULL;
+ wrepl_socket-dead = False;
wrepl_socket-fde = event_add_fd(wrepl_socket-event_ctx, wrepl_socket,
socket_get_fd(wrepl_socket-sock),
@@ -368,8 +377,37 @@
return wrepl_connect_recv(req);
}
+/*
+ callback from wrepl_request_trigger()
+*/
+static void wrepl_request_trigger_handler(struct event_context *ev, struct
timed_event *te,
+ struct timeval t, void *ptr)
+{
+ struct wrepl_request *req = talloc_get_type(ptr, struct wrepl_request);
+ if (req-async.fn) {
+ /*
+* the event is a child of req,
+* and req will be free'ed by the callback fn
+* but the events code wants to free the event itself
+*/
+ talloc_steal(ev, te);
+ req-async.fn(req);
+ }
+}
/*
+ trigger an immediate event on a wrepl_request
+*/
+static void wrepl_request_trigger(struct wrepl_request *req)
+{
+ /* a zero timeout means immediate */
+ event_add_timed(req-wrepl_socket-event_ctx,
+ req, timeval_zero(),
+ wrepl_request_trigger_handler, req);
+}
+
+
+/*
send a generic wins replication request
*/
struct wrepl_request *wrepl_request_send(struct wrepl_socket *wrepl_socket,
@@ -381,12 +419,20 @@
req = talloc_zero(wrepl_socket, struct wrepl_request);
if (req == NULL) goto failed;
+ if (wrepl_socket-dead) {
+ req-wrepl_socket = wrepl_socket;
+ req-state= WREPL_REQUEST_ERROR;
+ req-status = NT_STATUS_INVALID_CONNECTION;
+ wrepl_request_trigger(req);
+ return req;
+ }
+
req-wrepl_socket = wrepl_socket;
req-state= WREPL_REQUEST_SEND;
wrap.packet = *packet;
req-status = ndr_push_struct_blob(req-buffer, req, wrap,
-
(ndr_push_flags_fn_t)ndr_push_wrepl_wrap);
+
(ndr_push_flags_fn_t)ndr_push_wrepl_wrap);
if (!NT_STATUS_IS_OK(req-status)) goto failed;
if (DEBUGLVL(10)) {
@@ -468,6 +514,7 @@
struct wrepl_packet *packet=NULL;
NTSTATUS status;
status = wrepl_request_recv(req, req-wrepl_socket, packet);
+ NT_STATUS_NOT_OK_RETURN(status);
if (packet-mess_type != WREPL_START_ASSOCIATION_REPLY) {
status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
}
@@ -527,6 +574,7 @@
int i;
status = wrepl_request_recv(req, req-wrepl_socket, packet);
+ NT_STATUS_NOT_OK_RETURN(status);
if (packet-mess_type != WREPL_REPLICATION) {
status = NT_STATUS_NETWORK_ACCESS_DENIED;
} else if (packet-message.replication.command !=
WREPL_REPL_TABLE_REPLY) {
@@ -630,6 +678,7 @@
int i;
status = wrepl_request_recv(req, req-wrepl_socket, packet);
+
svn commit: samba r10531 - in branches/SAMBA_4_0/source: heimdal_build lib/socket
Author: jelmer
Date: 2005-09-27 10:32:49 + (Tue, 27 Sep 2005)
New Revision: 10531
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10531
Log:
(hopefully) improve detection of socket-related functions in external libraries
Modified:
branches/SAMBA_4_0/source/heimdal_build/config.mk
branches/SAMBA_4_0/source/lib/socket/config.m4
branches/SAMBA_4_0/source/lib/socket/config.mk
Changeset:
Modified: branches/SAMBA_4_0/source/heimdal_build/config.mk
===
--- branches/SAMBA_4_0/source/heimdal_build/config.mk 2005-09-27 10:31:57 UTC
(rev 10530)
+++ branches/SAMBA_4_0/source/heimdal_build/config.mk 2005-09-27 10:32:49 UTC
(rev 10531)
@@ -324,7 +324,6 @@
HEIMDAL_ROKEN_ADDRINFO \
HEIMDAL_ROKEN_GAI_STRERROR \
HEIMDAL_ROKEN_INET_ATON \
- EXT_LIB_SOCKET \
EXT_LIB_XNET
NOPROTO = YES
# End SUBSYSTEM HEIMDAL_ROKEN
Modified: branches/SAMBA_4_0/source/lib/socket/config.m4
===
--- branches/SAMBA_4_0/source/lib/socket/config.m4 2005-09-27 10:31:57 UTC
(rev 10530)
+++ branches/SAMBA_4_0/source/lib/socket/config.m4 2005-09-27 10:32:49 UTC
(rev 10531)
@@ -18,32 +18,17 @@
# it.
AC_CHECK_FUNCS(connect)
if test x$ac_cv_func_connect = xno; then
-case $LIBS $SOCKET_LIBS in
-*-lnsl*) ;;
-*) AC_CHECK_LIB_EXT(nsl_s, SOCKET_LIBS, printf) ;;
-esac
-case $LIBS $SOCKET_LIBS in
-*-lnsl*) ;;
-*) AC_CHECK_LIB_EXT(nsl, SOCKET_LIBS, printf) ;;
-esac
-case $LIBS $SOCKET_LIBS in
-*-lsocket*) ;;
-*) AC_CHECK_LIB_EXT(socket, SOCKET_LIBS, connect) ;;
-esac
-case $LIBS $SOCKET_LIBS in
-*-linet*) ;;
-*) AC_CHECK_LIB_EXT(inet, SOCKET_LIBS, connect) ;;
-esac
+AC_CHECK_LIB(nsl_s, printf)
+AC_CHECK_LIB(nsl, printf)
+AC_CHECK_LIB(socket, connect)
+AC_CHECK_LIB_EXT(inet, connect)
dnl We can't just call AC_CHECK_FUNCS(connect) here, because the value
dnl has been cached.
if test x$ac_cv_lib_ext_socket_connect = xyes ||
test x$ac_cv_lib_ext_inet_connect = xyes; then
-# ac_cv_func_connect=yes
-# don't! it would cause AC_CHECK_FUNC to succeed next time configure
is run
AC_DEFINE(HAVE_CONNECT,1,[Whether the system has connect()])
fi
fi
-SMB_EXT_LIB(SOCKET,[${SOCKET_LIBS}],[${SOCKET_CFLAGS}],[${SOCKET_CPPFLAGS}],[${SOCKET_LDFLAGS}])
# check for unix domain sockets
Modified: branches/SAMBA_4_0/source/lib/socket/config.mk
===
--- branches/SAMBA_4_0/source/lib/socket/config.mk 2005-09-27 10:31:57 UTC
(rev 10530)
+++ branches/SAMBA_4_0/source/lib/socket/config.mk 2005-09-27 10:32:49 UTC
(rev 10531)
@@ -6,7 +6,6 @@
INIT_OBJ_FILES = \
lib/socket/socket_ipv4.o
NOPROTO=YES
-REQUIRED_SUBSYSTEMS = EXT_LIB_SOCKET
# End MODULE socket_ipv4
@@ -17,7 +16,6 @@
INIT_OBJ_FILES = \
lib/socket/socket_ipv6.o
NOPROTO=YES
-REQUIRED_SUBSYSTEMS = EXT_LIB_SOCKET
# End MODULE socket_ipv6
@@ -28,7 +26,6 @@
INIT_OBJ_FILES = \
lib/socket/socket_unix.o
NOPROTO=YES
-REQUIRED_SUBSYSTEMS = EXT_LIB_SOCKET
# End MODULE socket_unix
svn commit: samba r10532 - in branches/SAMBA_4_0/source/auth: .
Author: jelmer
Date: 2005-09-27 11:02:06 + (Tue, 27 Sep 2005)
New Revision: 10532
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10532
Log:
Replace next_token() with str_list_make()
Modified:
branches/SAMBA_4_0/source/auth/auth_sam.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/auth_sam.c
===
--- branches/SAMBA_4_0/source/auth/auth_sam.c 2005-09-27 10:32:49 UTC (rev
10531)
+++ branches/SAMBA_4_0/source/auth/auth_sam.c 2005-09-27 11:02:06 UTC (rev
10532)
@@ -25,7 +25,6 @@
#include system/time.h
#include auth/auth.h
#include lib/ldb/include/ldb.h
-#include pstring.h
/
Do a specific test for an smb password being correct, given a smb_password and
@@ -161,21 +160,21 @@
/* Test workstation. Workstation list is comma separated. */
if (workstation_list *workstation_list) {
BOOL invalid_ws = True;
- const char *s = workstation_list;
-
- fstring tok;
-
- while (next_token(s, tok, ,, sizeof(tok))) {
+ int i;
+ const char **workstations = str_list_make(mem_ctx,
workstation_list, ,);
+
+ for (i = 0; workstations[i]; i++) {
DEBUG(10,(sam_account_ok: checking for workstation
match '%s' and '%s'\n,
- tok, user_info-workstation_name));
+ workstations[i],
user_info-workstation_name));
- if (strequal(tok, user_info-workstation_name)) {
+ if (strequal(workstations[i],
user_info-workstation_name)) {
invalid_ws = False;
-
break;
}
}
+ talloc_free(workstations);
+
if (invalid_ws) {
return NT_STATUS_INVALID_WORKSTATION;
}
svn commit: samba r10533 - in branches/SAMBA_4_0/source/lib: .
Author: jelmer
Date: 2005-09-27 11:10:57 + (Tue, 27 Sep 2005)
New Revision: 10533
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10533
Log:
Eliminate another use of next_token()
Modified:
branches/SAMBA_4_0/source/lib/util_sock.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/util_sock.c
===
--- branches/SAMBA_4_0/source/lib/util_sock.c 2005-09-27 11:02:06 UTC (rev
10532)
+++ branches/SAMBA_4_0/source/lib/util_sock.c 2005-09-27 11:10:57 UTC (rev
10533)
@@ -21,20 +21,16 @@
#include includes.h
#include system/network.h
-#include pstring.h
-
enum SOCK_OPT_TYPES {OPT_BOOL,OPT_INT,OPT_ON};
-typedef struct smb_socket_option {
+static const struct {
const char *name;
int level;
int option;
int value;
int opttype;
-} smb_socket_option;
-
-static const smb_socket_option socket_options[] = {
+} socket_options[] = {
{SO_KEEPALIVE, SOL_SOCKET,SO_KEEPALIVE,0,
OPT_BOOL},
{SO_REUSEADDR, SOL_SOCKET,SO_REUSEADDR,0,
OPT_BOOL},
{SO_BROADCAST, SOL_SOCKET,SO_BROADCAST,0,
OPT_BOOL},
@@ -76,9 +72,11 @@
/
void set_socket_options(int fd, const char *options)
{
- fstring tok;
+ const char **options_list = str_list_make(NULL, options, \t,);
+ int j;
- while (next_token(options,tok, \t,, sizeof(tok))) {
+ for (j = 0; options_list[j]; j++) {
+ const char *tok = options_list[j];
int ret=0,i;
int value = 1;
char *p;
@@ -121,5 +119,7 @@
if (ret != 0)
DEBUG(0,(Failed to set socket option %s (Error
%s)\n,tok, strerror(errno) ));
}
+
+ talloc_free(options_list);
}
svn commit: samba r10534 - in branches/tmp/samba4-winsrepl: . source/auth source/auth/kerberos source/build/m4 source/build/smb_build source/client source/gtk/common source/heimdal_build source/includ
Author: metze
Date: 2005-09-27 11:24:03 + (Tue, 27 Sep 2005)
New Revision: 10534
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10534
Log:
[EMAIL PROTECTED] (orig r10513): jelmer | 2005-09-26 18:57:08 +0200
Reduce some use of pstring. The main reason some parts of the code still
use pstring is next_token() now.
[EMAIL PROTECTED] (orig r10514): jelmer | 2005-09-26 19:42:12 +0200
Add str_list_make_shell() and str_list_join_shell()
[EMAIL PROTECTED] (orig r10515): jelmer | 2005-09-26 20:15:24 +0200
Handle replacement of domain logons and domain master by server role
[EMAIL PROTECTED] (orig r10516): jelmer | 2005-09-26 20:16:23 +0200
Add seperator argument to str_list_{make,join}_shell()
[EMAIL PROTECTED] (orig r10517): jelmer | 2005-09-26 20:16:38 +0200
Get rid of use of next_token() in lib/samba3/
[EMAIL PROTECTED] (orig r10520): abartlet | 2005-09-27 00:27:44 +0200
The join is a nice quick RPC test.
Andrew Bartlett
[EMAIL PROTECTED] (orig r10521): jelmer | 2005-09-27 02:11:21 +0200
Also check sys/socket.h for definition of socklen_t (needed for AIX)
[EMAIL PROTECTED] (orig r10522): tridge | 2005-09-27 03:26:34 +0200
finally got the locking working on solaris10. This adds a read lock on
the transaction lock in tdb_traverse_read(). This prevents a pattern
of locks which triggers the deadlock detection code in solaris10. I
suspect solaris10 is trying to prevent lock starvation by granting
locks in the order they were requested, which makes it much easier to
produce deadlocks.
[EMAIL PROTECTED] (orig r10523): tridge | 2005-09-27 04:36:56 +0200
fixed timegm() to not depend on get_time_zone(), so it works in lib/replace/
the old timegm() replacement was also broken (it returned the wrong value)
[EMAIL PROTECTED] (orig r10524): tridge | 2005-09-27 05:09:38 +0200
SAFE_FREE() in tdb does not need the discard_const_p()
the discard_const_p() was causing problems on openbsd where intptr_t is not
defined
[EMAIL PROTECTED] (orig r10525): tridge | 2005-09-27 05:11:08 +0200
change from AC_CHECK_TYPES() to AC_CHECK_TYPE() for intptr_t, so the
type is always available, which means we need less #ifdefs
[EMAIL PROTECTED] (orig r10526): tridge | 2005-09-27 07:11:14 +0200
BASEDIR must be set or we end up installing most of the binaries into lib/
[EMAIL PROTECTED] (orig r10527): tridge | 2005-09-27 09:11:33 +0200
don't attempt self gdb attach if running under valgrind. This was
causing fort to get rather unhappy
[EMAIL PROTECTED] (orig r10528): jelmer | 2005-09-27 12:00:27 +0200
Add credentials.h back into includes.h as some compilers don't
seem to be able to handle incomplete enum types.
[EMAIL PROTECTED] (orig r10529): metze | 2005-09-27 12:29:13 +0200
fix a crash bug in full async code the uses the composite_trigger_done() code
the event subsystem wants to free timed_events!
metze
[EMAIL PROTECTED] (orig r10530): metze | 2005-09-27 12:31:57 +0200
- fix some crash bugs when we lost the connection...
metze
[EMAIL PROTECTED] (orig r10531): jelmer | 2005-09-27 12:32:49 +0200
(hopefully) improve detection of socket-related functions in external libraries
[EMAIL PROTECTED] (orig r10532): jelmer | 2005-09-27 13:02:06 +0200
Replace next_token() with str_list_make()
[EMAIL PROTECTED] (orig r10533): jelmer | 2005-09-27 13:10:57 +0200
Eliminate another use of next_token()
Added:
branches/tmp/samba4-winsrepl/source/torture/local/util_strlist.c
Modified:
branches/tmp/samba4-winsrepl/
branches/tmp/samba4-winsrepl/source/auth/auth_developer.c
branches/tmp/samba4-winsrepl/source/auth/auth_sam.c
branches/tmp/samba4-winsrepl/source/auth/kerberos/kerberos.c
branches/tmp/samba4-winsrepl/source/auth/kerberos/kerberos_verify.c
branches/tmp/samba4-winsrepl/source/build/m4/rewrite.m4
branches/tmp/samba4-winsrepl/source/build/smb_build/makefile.pm
branches/tmp/samba4-winsrepl/source/client/client.c
branches/tmp/samba4-winsrepl/source/gtk/common/credentials.c
branches/tmp/samba4-winsrepl/source/heimdal_build/config.mk
branches/tmp/samba4-winsrepl/source/include/enums.h
branches/tmp/samba4-winsrepl/source/include/includes.h
branches/tmp/samba4-winsrepl/source/include/structs.h
branches/tmp/samba4-winsrepl/source/lib/cmdline/popt_common.c
branches/tmp/samba4-winsrepl/source/lib/cmdline/popt_common.h
branches/tmp/samba4-winsrepl/source/lib/credentials.c
branches/tmp/samba4-winsrepl/source/lib/ldb/include/includes.h
branches/tmp/samba4-winsrepl/source/lib/pidfile.c
branches/tmp/samba4-winsrepl/source/lib/replace/config.m4
branches/tmp/samba4-winsrepl/source/lib/replace/replace.c
branches/tmp/samba4-winsrepl/source/lib/samba3/group.c
branches/tmp/samba4-winsrepl/source/lib/samba3/secrets.c
branches/tmp/samba4-winsrepl/source/lib/samba3/winsdb.c
branches/tmp/samba4-winsrepl/source/lib/socket/config.m4
svn commit: samba r10535 - in branches/SAMBA_4_0/source/lib: .
Author: tridge
Date: 2005-09-27 11:59:39 + (Tue, 27 Sep 2005)
New Revision: 10535
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10535
Log:
fixed the pidfile code (it didn't survive the recent pstring changes)
Modified:
branches/SAMBA_4_0/source/lib/pidfile.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/pidfile.c
===
--- branches/SAMBA_4_0/source/lib/pidfile.c 2005-09-27 11:24:03 UTC (rev
10534)
+++ branches/SAMBA_4_0/source/lib/pidfile.c 2005-09-27 11:59:39 UTC (rev
10535)
@@ -39,9 +39,9 @@
asprintf(pidFile, %s/%s.pid, lp_piddir(), name);
fd = open(pidFile, O_NONBLOCK | O_RDONLY, 0644);
- SAFE_FREE(pidFile);
if (fd == -1) {
+ SAFE_FREE(pidFile);
return 0;
}
@@ -63,11 +63,13 @@
}
close(fd);
+ SAFE_FREE(pidFile);
return (pid_t)ret;
noproc:
close(fd);
unlink(pidFile);
+ SAFE_FREE(pidFile);
return 0;
}
svn commit: samba r10536 - in branches/tmp/samba4-winsrepl: . source/lib
Author: metze
Date: 2005-09-27 12:07:01 + (Tue, 27 Sep 2005)
New Revision: 10536
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10536
Log:
[EMAIL PROTECTED] (orig r10535): tridge | 2005-09-27 13:59:39 +0200
fixed the pidfile code (it didn't survive the recent pstring changes)
Modified:
branches/tmp/samba4-winsrepl/
branches/tmp/samba4-winsrepl/source/lib/pidfile.c
Changeset:
Property changes on: branches/tmp/samba4-winsrepl
___
Name: svk:merge
- 0c0555d6-39d7-0310-84fc-f1cc0bd64818:/branches/SAMBA_4_0:10533
3a72dc49-98ff-0310-ab52-9b7ed7945d91:/local/samba4:9495
a953eb74-4aff-0310-a63c-855d20285ebb:/local/samba4:11632
+ 0c0555d6-39d7-0310-84fc-f1cc0bd64818:/branches/SAMBA_4_0:10535
3a72dc49-98ff-0310-ab52-9b7ed7945d91:/local/samba4:9495
a953eb74-4aff-0310-a63c-855d20285ebb:/local/samba4:11632
Modified: branches/tmp/samba4-winsrepl/source/lib/pidfile.c
===
--- branches/tmp/samba4-winsrepl/source/lib/pidfile.c 2005-09-27 11:59:39 UTC
(rev 10535)
+++ branches/tmp/samba4-winsrepl/source/lib/pidfile.c 2005-09-27 12:07:01 UTC
(rev 10536)
@@ -39,9 +39,9 @@
asprintf(pidFile, %s/%s.pid, lp_piddir(), name);
fd = open(pidFile, O_NONBLOCK | O_RDONLY, 0644);
- SAFE_FREE(pidFile);
if (fd == -1) {
+ SAFE_FREE(pidFile);
return 0;
}
@@ -63,11 +63,13 @@
}
close(fd);
+ SAFE_FREE(pidFile);
return (pid_t)ret;
noproc:
close(fd);
unlink(pidFile);
+ SAFE_FREE(pidFile);
return 0;
}
svn commit: samba r10537 - in branches/SAMBA_4_0/source: gtk/common lib/events libcli/composite libcli/wrepl
Author: metze
Date: 2005-09-27 12:54:08 + (Tue, 27 Sep 2005)
New Revision: 10537
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10537
Log:
- we now use a much nicer way to handle talloc_free(timed_event)
the events code replaces a destructor to one that returns allways -1
while it's calling the event handler
- we don't need the composite and winsrepl specific fixes any more
- this also fixes the problem with smbcli, dcerpc, cldap, ldap and nbt
request timeouts
metze
Modified:
branches/SAMBA_4_0/source/gtk/common/gtk_events.c
branches/SAMBA_4_0/source/lib/events/events_liboop.c
branches/SAMBA_4_0/source/lib/events/events_standard.c
branches/SAMBA_4_0/source/libcli/composite/composite.c
branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c
Changeset:
Modified: branches/SAMBA_4_0/source/gtk/common/gtk_events.c
===
--- branches/SAMBA_4_0/source/gtk/common/gtk_events.c 2005-09-27 12:07:01 UTC
(rev 10536)
+++ branches/SAMBA_4_0/source/gtk/common/gtk_events.c 2005-09-27 12:54:08 UTC
(rev 10537)
@@ -209,46 +209,44 @@
}
struct gtk_timed_event {
- BOOL running;
guint te_id;
};
-static gboolean gtk_event_timed_handler(gpointer data)
+/*
+ destroy a timed event
+*/
+static int gtk_event_timed_destructor(void *ptr)
{
- struct timed_event *te = talloc_get_type(data, struct timed_event);
+ struct timed_event *te = talloc_get_type(ptr, struct timed_event);
struct gtk_timed_event *gtk_te = talloc_get_type(te-additional_data,
struct
gtk_timed_event);
- struct timeval t = timeval_current();
- gtk_te-running = True;
- te-handler(te-event_ctx, te, t, te-private_data);
- gtk_te-running = False;
+ g_source_remove(gtk_te-te_id);
- talloc_free(te);
+ return 0;
+}
- /* return FALSE mean this event should be removed */
- return gtk_false();
+static int gtk_event_timed_deny_destructor(void *ptr)
+{
+ return -1;
}
-/*
- destroy a timed event
-*/
-static int gtk_event_timed_destructor(void *ptr)
+static gboolean gtk_event_timed_handler(gpointer data)
{
- struct timed_event *te = talloc_get_type(ptr, struct timed_event);
+ struct timed_event *te = talloc_get_type(data, struct timed_event);
struct gtk_timed_event *gtk_te = talloc_get_type(te-additional_data,
struct
gtk_timed_event);
+ struct timeval t = timeval_current();
- if (gtk_te-running) {
- /* the event is running reject the talloc_free()
- as it's done by the gtk_event_timed_handler()
-*/
- return -1;
- }
+ /* deny the handler to free the event */
+ talloc_set_destructor(te, gtk_event_timed_deny_destructor);
+ te-handler(te-event_ctx, te, t, te-private_data);
- g_source_remove(gtk_te-te_id);
+ talloc_set_destructor(te, gtk_event_timed_destructor);
+ talloc_free(te);
- return 0;
+ /* return FALSE mean this event should be removed */
+ return gtk_false();
}
/*
@@ -285,7 +283,6 @@
timeout =
((diff_tv.tv_usec+999)/1000)+(diff_tv.tv_sec*1000);
gtk_te-te_id = g_timeout_add(timeout,
gtk_event_timed_handler, te);
- gtk_te-running = False;
talloc_set_destructor(te, gtk_event_timed_destructor);
Modified: branches/SAMBA_4_0/source/lib/events/events_liboop.c
===
--- branches/SAMBA_4_0/source/lib/events/events_liboop.c2005-09-27
12:07:01 UTC (rev 10536)
+++ branches/SAMBA_4_0/source/lib/events/events_liboop.c2005-09-27
12:54:08 UTC (rev 10537)
@@ -172,12 +172,23 @@
fde-flags = flags;
}
+static int oop_event_timed_destructor(void *ptr);
+static int oop_event_timed_deny_destructor(void *ptr)
+{
+ return -1;
+}
+
static void *oop_event_timed_handler(oop_source *oop, struct timeval t, void
*ptr)
{
struct timed_event *te = ptr;
+ /* deny the handler to free the event */
+ talloc_set_destructor(te, oop_event_timed_deny_destructor);
te-handler(te-event_ctx, te, t, te-private_data);
+ talloc_set_destructor(te, oop_event_timed_destructor);
+ talloc_free(te);
+
return OOP_CONTINUE;
}
@@ -218,7 +229,7 @@
te-private_data= private_data;
te-additional_data = NULL;
- oop-cancel_time(oop, te-next_event, oop_event_timed_handler, te);
+ oop-on_time(oop, te-next_event, oop_event_timed_handler, te);
talloc_set_destructor(te, oop_event_timed_destructor);
Modified: branches/SAMBA_4_0/source/lib/events/events_standard.c
===
---
svn commit: samba r10540 - in branches/SAMBA_4_0/source/gtk/common: .
Author: metze
Date: 2005-09-27 13:04:07 + (Tue, 27 Sep 2005)
New Revision: 10540
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10540
Log:
fix compiler warning
metze
Modified:
branches/SAMBA_4_0/source/gtk/common/gtk_events.c
Changeset:
Modified: branches/SAMBA_4_0/source/gtk/common/gtk_events.c
===
--- branches/SAMBA_4_0/source/gtk/common/gtk_events.c 2005-09-27 12:59:47 UTC
(rev 10539)
+++ branches/SAMBA_4_0/source/gtk/common/gtk_events.c 2005-09-27 13:04:07 UTC
(rev 10540)
@@ -234,8 +234,6 @@
static gboolean gtk_event_timed_handler(gpointer data)
{
struct timed_event *te = talloc_get_type(data, struct timed_event);
- struct gtk_timed_event *gtk_te = talloc_get_type(te-additional_data,
-struct
gtk_timed_event);
struct timeval t = timeval_current();
/* deny the handler to free the event */
svn commit: samba r10541 - in branches/tmp/samba4-winsrepl/source/nbt_server/wins: .
Author: metze
Date: 2005-09-27 13:05:33 + (Tue, 27 Sep 2005)
New Revision: 10541
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10541
Log:
use a transaction when we allocate a new version
metze
Modified:
branches/tmp/samba4-winsrepl/source/nbt_server/wins/winsdb.c
Changeset:
Modified: branches/tmp/samba4-winsrepl/source/nbt_server/wins/winsdb.c
===
--- branches/tmp/samba4-winsrepl/source/nbt_server/wins/winsdb.c
2005-09-27 13:04:07 UTC (rev 10540)
+++ branches/tmp/samba4-winsrepl/source/nbt_server/wins/winsdb.c
2005-09-27 13:05:33 UTC (rev 10541)
@@ -33,6 +33,7 @@
*/
static uint64_t winsdb_allocate_version(struct wins_server *winssrv)
{
+ int trans;
int ret;
struct ldb_context *ldb = winssrv-wins_db;
struct ldb_dn *dn;
@@ -41,6 +42,9 @@
TALLOC_CTX *tmp_ctx = talloc_new(winssrv);
uint64_t maxVersion = 0;
+ trans = ldb_transaction_start(ldb);
+ if (trans != LDB_SUCCESS) goto failed;
+
dn = ldb_dn_explode(tmp_ctx, CN=VERSION);
if (!dn) goto failed;
@@ -72,10 +76,14 @@
if (ret != 0) ret = ldb_add(ldb, msg);
if (ret != 0) goto failed;
+ trans = ldb_transaction_commit(ldb);
+ if (trans != LDB_SUCCESS) goto failed;
+
talloc_free(tmp_ctx);
return maxVersion;
failed:
+ if (trans == LDB_SUCCESS) ldb_transaction_cancel(ldb);
talloc_free(tmp_ctx);
return 0;
}
svn commit: samba r10542 - in branches/SAMBA_4_0/source/libcli/raw: .
Author: metze
Date: 2005-09-27 13:31:17 + (Tue, 27 Sep 2005)
New Revision: 10542
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10542
Log:
if the transport is dead we need to return
tridge: I think this is correct, comments?
metze
Modified:
branches/SAMBA_4_0/source/libcli/raw/clitransport.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/raw/clitransport.c
===
--- branches/SAMBA_4_0/source/libcli/raw/clitransport.c 2005-09-27 13:05:33 UTC
(rev 10541)
+++ branches/SAMBA_4_0/source/libcli/raw/clitransport.c 2005-09-27 13:31:17 UTC
(rev 10542)
@@ -353,6 +353,7 @@
req-out.size, nwritten);
if (NT_STATUS_IS_ERR(status)) {
smbcli_transport_dead(transport);
+ return;
}
if (!NT_STATUS_IS_OK(status)) {
return;
@@ -540,6 +541,7 @@
nread);
if (NT_STATUS_IS_ERR(status)) {
smbcli_transport_dead(transport);
+ return;
}
if (!NT_STATUS_IS_OK(status)) {
return;
@@ -571,6 +573,7 @@
nread);
if (NT_STATUS_IS_ERR(status)) {
smbcli_transport_dead(transport);
+ return;
}
if (!NT_STATUS_IS_OK(status)) {
return;
svn commit: samba-web r816 - in trunk/support: .
Author: deryck Date: 2005-09-27 14:17:47 + (Tue, 27 Sep 2005) New Revision: 816 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=816 Log: Add India support provider at the request of the company. deryck Modified: trunk/support/india.html Changeset: Modified: trunk/support/india.html === --- trunk/support/india.html2005-09-18 13:08:28 UTC (rev 815) +++ trunk/support/india.html2005-09-27 14:17:47 UTC (rev 816) @@ -25,6 +25,32 @@ /small/pre +!-- Added: 27 Sept 2005 -- +hr / +presmall +Yukthi Systems is an IT consulting company providing cost-effective +solutions on Linux platform. We have core competency in providing +IT Infrastructure and Security solutions on Linux. + +We are also specialized in Linux/Windows network integration, +implementing SAMBA Domain Controllers, Single-Signon and migrating +from Windows to Linux networks. + +We also manage and support existing Linux servers. Support will be +provided over phone, email, remote and onsite. + + +Yukthi Systems Pvt. Ltd. +Fazal Manor, 3rd Floor, +# 89, Richmond Road, +Bangalore 560 025, + +Tel: +91 80 2248 3813 / 2248 3222 +URL: a href=http://www.yukthi.com/;www.yukthi.com/a +Email: a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a +/small/pre + + !-- Added: 14 July 2005 -- hr / h3Coimbatore/h3
svn commit: samba r10543 - in trunk/source: include printing
Author: jerry Date: 2005-09-27 14:25:24 + (Tue, 27 Sep 2005) New Revision: 10543 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10543 Log: fixing job deletion to call the lprm command during teh tdb traversal instead of just skipping it when we don't know the unix jobid Modified: trunk/source/include/printing.h trunk/source/printing/print_cups.c trunk/source/printing/print_generic.c trunk/source/printing/print_iprint.c trunk/source/printing/printing.c Changeset: Sorry, the patch is too large (470 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10543
svn commit: samba r10544 - in trunk/source: . param
Author: jerry Date: 2005-09-27 14:45:31 + (Tue, 27 Sep 2005) New Revision: 10544 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10544 Log: removing config_ldap so we can just copy trunk over to SAMBA_3_0 when it is time to do the merge. We can get this back later if we want Removed: trunk/source/param/config_ldap.c trunk/source/param/modconf.c Modified: trunk/source/Makefile.in trunk/source/configure.in trunk/source/param/loadparm.c Changeset: Sorry, the patch is too large (577 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10544
svn commit: samba r10545 - in branches/SAMBA_4_0/source/libcli/util: .
Author: metze
Date: 2005-09-27 16:20:17 + (Tue, 27 Sep 2005)
New Revision: 10545
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10545
Log:
map ECONNRESET to NT_STATUS_CONNECTION_RESET
metze
Modified:
branches/SAMBA_4_0/source/libcli/util/errormap.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/util/errormap.c
===
--- branches/SAMBA_4_0/source/libcli/util/errormap.c2005-09-27 14:45:31 UTC
(rev 10544)
+++ branches/SAMBA_4_0/source/libcli/util/errormap.c2005-09-27 16:20:17 UTC
(rev 10545)
@@ -1277,6 +1277,9 @@
{ ENOMEM, NT_STATUS_NO_MEMORY },
{ EPIPE,NT_STATUS_CONNECTION_DISCONNECTED },
{ ECONNREFUSED, NT_STATUS_CONNECTION_REFUSED },
+#ifdef ECONNRESET
+ { ECONNRESET, NT_STATUS_CONNECTION_RESET },
+#endif
{ EBUSY,NT_STATUS_SHARING_VIOLATION },
#ifdef ENOTSUP
{ ENOTSUP, NT_STATUS_NOT_SUPPORTED},
svn commit: samba r10546 - in trunk/source/rpc_server: .
Author: jerry
Date: 2005-09-27 16:40:32 + (Tue, 27 Sep 2005)
New Revision: 10546
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10546
Log:
remove extra reload_services() call in update_printer()
Modified:
trunk/source/rpc_server/srv_spoolss_nt.c
Changeset:
Modified: trunk/source/rpc_server/srv_spoolss_nt.c
===
--- trunk/source/rpc_server/srv_spoolss_nt.c2005-09-27 16:20:17 UTC (rev
10545)
+++ trunk/source/rpc_server/srv_spoolss_nt.c2005-09-27 16:40:32 UTC (rev
10546)
@@ -6122,17 +6122,12 @@
|| !strequal(printer-info_2-portname,
old_printer-info_2-portname)
|| !strequal(printer-info_2-location,
old_printer-info_2-location)) )
{
+ /* add_printer_hook() will call reload_services() */
+
if ( !add_printer_hook(p-pipe_user.nt_user_token, printer) ) {
result = WERR_ACCESS_DENIED;
goto done;
}
-
- /*
-* make sure we actually reload the services after
-* this as smb.conf could have a new section in it
-* shouldn't but could
-*/
- reload_services(False);
}
/*
svn commit: samba r10547 - in branches/SAMBA_4_0/source/libcli/wrepl: .
Author: metze
Date: 2005-09-27 16:53:08 + (Tue, 27 Sep 2005)
New Revision: 10547
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10547
Log:
- add wrepl_request timeout handling
- when we got an unexpected READ event, we need to do a socket_recv() to find
connection errors
and we need to mark the socket as dead (and remove the fde_event) to prevent,
endless loops on broken connections
tridge: we should look carefull at other protocol, to handle broken connections
without spinning
metze
Modified:
branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c
branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.h
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c
===
--- branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c 2005-09-27 16:40:32 UTC
(rev 10546)
+++ branches/SAMBA_4_0/source/libcli/wrepl/winsrepl.c 2005-09-27 16:53:08 UTC
(rev 10547)
@@ -29,17 +29,28 @@
/*
mark all pending requests as dead - called when a socket error happens
*/
-static void wrepl_socket_dead(struct wrepl_socket *wrepl_socket)
+static void wrepl_socket_dead(struct wrepl_socket *wrepl_socket, NTSTATUS
status)
{
wrepl_socket-dead = True;
- event_set_fd_flags(wrepl_socket-fde, 0);
+ if (wrepl_socket-fde) {
+ talloc_free(wrepl_socket-fde);
+ wrepl_socket-fde = NULL;
+ }
+ if (wrepl_socket-sock) {
+ talloc_free(wrepl_socket-sock);
+ wrepl_socket-sock = NULL;
+ }
+
+ if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) {
+ status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
+ }
while (wrepl_socket-send_queue) {
struct wrepl_request *req = wrepl_socket-send_queue;
DLIST_REMOVE(wrepl_socket-send_queue, req);
req-state = WREPL_REQUEST_ERROR;
- req-status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
+ req-status = status;
if (req-async.fn) {
req-async.fn(req);
}
@@ -48,13 +59,20 @@
struct wrepl_request *req = wrepl_socket-recv_queue;
DLIST_REMOVE(wrepl_socket-recv_queue, req);
req-state = WREPL_REQUEST_ERROR;
- req-status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
+ req-status = status;
if (req-async.fn) {
req-async.fn(req);
}
}
}
+static void wrepl_request_timeout_handler(struct event_context *ev, struct
timed_event *te,
+ struct timeval t, void *ptr)
+{
+ struct wrepl_request *req = talloc_get_type(ptr, struct wrepl_request);
+ wrepl_socket_dead(req-wrepl_socket, NT_STATUS_IO_TIMEOUT);
+}
+
/*
handle send events
*/
@@ -67,7 +85,7 @@
status = socket_send(wrepl_socket-sock, req-buffer, nsent,
0);
if (NT_STATUS_IS_ERR(status)) {
- wrepl_socket_dead(wrepl_socket);
+ wrepl_socket_dead(wrepl_socket, status);
return;
}
if (!NT_STATUS_IS_OK(status) || nsent == 0) return;
@@ -99,7 +117,16 @@
DATA_BLOB blob;
if (req == NULL) {
+ NTSTATUS status;
+
EVENT_FD_NOT_READABLE(wrepl_socket-fde);
+
+ status = socket_recv(wrepl_socket-sock, NULL, 0, nread, 0);
+ if (NT_STATUS_EQUAL(NT_STATUS_END_OF_FILE,status)) return;
+ if (NT_STATUS_IS_ERR(status)) {
+ wrepl_socket_dead(wrepl_socket, status);
+ return;
+ }
return;
}
@@ -121,7 +148,7 @@
4 - req-num_read,
nread, 0);
if (NT_STATUS_IS_ERR(req-status)) {
- wrepl_socket_dead(wrepl_socket);
+ wrepl_socket_dead(wrepl_socket, req-status);
return;
}
if (!NT_STATUS_IS_OK(req-status)) return;
@@ -146,7 +173,7 @@
req-buffer.length - req-num_read,
nread, 0);
if (NT_STATUS_IS_ERR(req-status)) {
- wrepl_socket_dead(wrepl_socket);
+ wrepl_socket_dead(wrepl_socket, req-status);
return;
}
if (!NT_STATUS_IS_OK(req-status)) return;
@@ -225,7 +252,8 @@
struct
wrepl_socket);
struct wrepl_request *req = wrepl_socket-recv_queue;
- talloc_free(fde);
+ talloc_free(wrepl_socket-fde);
+ wrepl_socket-fde = NULL;
if (req == NULL) return;
@@ -255,6 +283,15 @@
}
}
+/*
+ destroy a wrepl_socket destructor
+*/
+static int
svn commit: samba r10548 - in branches/tmp/samba4-winsrepl: . source/gtk/common source/libcli/raw source/libcli/util source/libcli/wrepl
Author: metze Date: 2005-09-27 16:54:37 + (Tue, 27 Sep 2005) New Revision: 10548 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10548 Log: [EMAIL PROTECTED] (orig r10540): metze | 2005-09-27 15:04:07 +0200 fix compiler warning metze [EMAIL PROTECTED] (orig r10542): metze | 2005-09-27 15:31:17 +0200 if the transport is dead we need to return tridge: I think this is correct, comments? metze [EMAIL PROTECTED] (orig r10545): metze | 2005-09-27 18:20:17 +0200 map ECONNRESET to NT_STATUS_CONNECTION_RESET metze [EMAIL PROTECTED] (orig r10547): metze | 2005-09-27 18:53:08 +0200 - add wrepl_request timeout handling - when we got an unexpected READ event, we need to do a socket_recv() to find connection errors and we need to mark the socket as dead (and remove the fde_event) to prevent, endless loops on broken connections tridge: we should look carefull at other protocol, to handle broken connections without spinning metze Modified: branches/tmp/samba4-winsrepl/ branches/tmp/samba4-winsrepl/source/gtk/common/gtk_events.c branches/tmp/samba4-winsrepl/source/libcli/raw/clitransport.c branches/tmp/samba4-winsrepl/source/libcli/util/errormap.c branches/tmp/samba4-winsrepl/source/libcli/wrepl/winsrepl.c branches/tmp/samba4-winsrepl/source/libcli/wrepl/winsrepl.h Changeset: Sorry, the patch is too large (289 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10548
svn commit: samba r10549 - in branches/tmp/samba4-winsrepl/source/wrepl_server: .
Author: metze Date: 2005-09-27 16:58:37 + (Tue, 27 Sep 2005) New Revision: 10549 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10549 Log: - add first start of wins pull replication - we not yet apply records to our database but we fetch them correct form our partners (we need conflict handling for this) - we also need to filter out our own records! metze Modified: branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_out_connection.c branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.c branches/tmp/samba4-winsrepl/source/wrepl_server/wrepl_server.h Changeset: Sorry, the patch is too large (914 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10549
svn commit: samba r10550 - in trunk/source/smbd: .
Author: jra
Date: 2005-09-27 17:41:56 + (Tue, 27 Sep 2005)
New Revision: 10550
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10550
Log:
We need to check if the source path is a parent directory of the destination
(ie. a rename of /foo/bar/baz - /foo/bar/baz/bibble/bobble. If so we must
refuse the rename with a sharing violation. Under UNIX the above call can
*succeed* if /foo/bar/baz is a symlink to another area in the share. We
probably need to check that the client is a Windows one before disallowing
this as a UNIX client (one with UNIX extensions) can know the source is a
symlink and make this decision intelligently. Found by an excellent bug
report from [EMAIL PROTECTED].
Jeremy.
Modified:
trunk/source/smbd/reply.c
Changeset:
Modified: trunk/source/smbd/reply.c
===
--- trunk/source/smbd/reply.c 2005-09-27 16:58:37 UTC (rev 10549)
+++ trunk/source/smbd/reply.c 2005-09-27 17:41:56 UTC (rev 10550)
@@ -4066,6 +4066,35 @@
}
/
+ We need to check if the source path is a parent directory of the destination
+ (ie. a rename of /foo/bar/baz - /foo/bar/baz/bibble/bobble. If so we must
+ refuse the rename with a sharing violation. Under UNIX the above call can
+ *succeed* if /foo/bar/baz is a symlink to another area in the share. We
+ probably need to check that the client is a Windows one before disallowing
+ this as a UNIX client (one with UNIX extensions) can know the source is a
+ symlink and make this decision intelligently. Found by an excellent bug
+ report from [EMAIL PROTECTED].
+/
+
+static BOOL rename_path_prefix_equal(const char *src, const char *dest)
+{
+ const char *psrc = src;
+ const char *pdst = dest;
+ size_t slen;
+
+ if (psrc[0] == '.' psrc[1] == '/') {
+ psrc += 2;
+ }
+ if (pdst[0] == '.' pdst[1] == '/') {
+ pdst += 2;
+ }
+ if ((slen = strlen(psrc)) strlen(pdst)) {
+ return False;
+ }
+ return ((memcmp(psrc, pdst, slen) == 0) pdst[slen] == '/');
+}
+
+/
Rename an open file - given an fsp.
/
@@ -4160,6 +4189,10 @@
return error;
}
+ if (rename_path_prefix_equal(fsp-fsp_name, newname)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
if(SMB_VFS_RENAME(conn,fsp-fsp_name, newname) == 0) {
DEBUG(3,(rename_internals_fsp: succeeded doing rename on %s -
%s\n,
fsp-fsp_name,newname));
@@ -4381,6 +4414,10 @@
return NT_STATUS_OBJECT_NAME_COLLISION;
}
+ if (rename_path_prefix_equal(directory, newname)) {
+ return NT_STATUS_SHARING_VIOLATION;
+ }
+
if(SMB_VFS_RENAME(conn,directory, newname) == 0) {
DEBUG(3,(rename_internals: succeeded doing rename on
%s - %s\n,
directory,newname));
@@ -4479,6 +4516,10 @@
continue;
}
+ if (rename_path_prefix_equal(fname, destname)) {
+ return NT_STATUS_SHARING_VIOLATION;
+ }
+
if (!SMB_VFS_RENAME(conn,fname,destname)) {
rename_open_files(conn, sbuf1.st_dev,
sbuf1.st_ino, newname);
count++;
svn commit: samba r10551 - in branches/SAMBA_3_0/source/smbd: .
Author: jra
Date: 2005-09-27 17:42:11 + (Tue, 27 Sep 2005)
New Revision: 10551
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10551
Log:
We need to check if the source path is a parent directory of the destination
(ie. a rename of /foo/bar/baz - /foo/bar/baz/bibble/bobble. If so we must
refuse the rename with a sharing violation. Under UNIX the above call can
*succeed* if /foo/bar/baz is a symlink to another area in the share. We
probably need to check that the client is a Windows one before disallowing
this as a UNIX client (one with UNIX extensions) can know the source is a
symlink and make this decision intelligently. Found by an excellent bug
report from [EMAIL PROTECTED].
Jeremy.
Modified:
branches/SAMBA_3_0/source/smbd/reply.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/reply.c
===
--- branches/SAMBA_3_0/source/smbd/reply.c 2005-09-27 17:41:56 UTC (rev
10550)
+++ branches/SAMBA_3_0/source/smbd/reply.c 2005-09-27 17:42:11 UTC (rev
10551)
@@ -4076,6 +4076,35 @@
}
/
+ We need to check if the source path is a parent directory of the destination
+ (ie. a rename of /foo/bar/baz - /foo/bar/baz/bibble/bobble. If so we must
+ refuse the rename with a sharing violation. Under UNIX the above call can
+ *succeed* if /foo/bar/baz is a symlink to another area in the share. We
+ probably need to check that the client is a Windows one before disallowing
+ this as a UNIX client (one with UNIX extensions) can know the source is a
+ symlink and make this decision intelligently. Found by an excellent bug
+ report from [EMAIL PROTECTED].
+/
+
+static BOOL rename_path_prefix_equal(const char *src, const char *dest)
+{
+ const char *psrc = src;
+ const char *pdst = dest;
+ size_t slen;
+
+ if (psrc[0] == '.' psrc[1] == '/') {
+ psrc += 2;
+ }
+ if (pdst[0] == '.' pdst[1] == '/') {
+ pdst += 2;
+ }
+ if ((slen = strlen(psrc)) strlen(pdst)) {
+ return False;
+ }
+ return ((memcmp(psrc, pdst, slen) == 0) pdst[slen] == '/');
+}
+
+/
Rename an open file - given an fsp.
/
@@ -4170,6 +4199,10 @@
return error;
}
+ if (rename_path_prefix_equal(fsp-fsp_name, newname)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
if(SMB_VFS_RENAME(conn,fsp-fsp_name, newname) == 0) {
DEBUG(3,(rename_internals_fsp: succeeded doing rename on %s -
%s\n,
fsp-fsp_name,newname));
@@ -4391,6 +4424,10 @@
return NT_STATUS_OBJECT_NAME_COLLISION;
}
+ if (rename_path_prefix_equal(directory, newname)) {
+ return NT_STATUS_SHARING_VIOLATION;
+ }
+
if(SMB_VFS_RENAME(conn,directory, newname) == 0) {
DEBUG(3,(rename_internals: succeeded doing rename on
%s - %s\n,
directory,newname));
@@ -4489,6 +4526,10 @@
continue;
}
+ if (rename_path_prefix_equal(fname, destname)) {
+ return NT_STATUS_SHARING_VIOLATION;
+ }
+
if (!SMB_VFS_RENAME(conn,fname,destname)) {
rename_open_files(conn, sbuf1.st_dev,
sbuf1.st_ino, newname);
count++;
svn commit: samba r10552 - in trunk/source/printing: .
Author: jerry
Date: 2005-09-27 17:48:52 + (Tue, 27 Sep 2005)
New Revision: 10552
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10552
Log:
fix compile breakage
Modified:
trunk/source/printing/printing.c
Changeset:
Modified: trunk/source/printing/printing.c
===
--- trunk/source/printing/printing.c2005-09-27 17:42:11 UTC (rev 10551)
+++ trunk/source/printing/printing.c2005-09-27 17:48:52 UTC (rev 10552)
@@ -752,11 +752,12 @@
if ( pjob.smbjob ) {
for (i=0;its-qcount;i++) {
+ uint32 curr_jobid;
if ( pjob.status == LPQ_DELETED )
continue;
- uint32 curr_jobid =
print_parse_jobid(ts-queue[i].fs_file);
+ curr_jobid = print_parse_jobid(ts-queue[i].fs_file);
if (jobid == curr_jobid) {
svn commit: samba r10553 - in branches/SAMBA_3_0/source/auth: .
Author: jerry Date: 2005-09-27 19:01:27 + (Tue, 27 Sep 2005) New Revision: 10553 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10553 Log: ignore .po files Modified: branches/SAMBA_3_0/source/auth/ Changeset: Property changes on: branches/SAMBA_3_0/source/auth ___ Name: svn:ignore + *.po
svn commit: samba r10554 - branches/SAMBA_3_0/source/client branches/SAMBA_3_0/source/printing trunk/source/client trunk/source/printing
Author: jerry
Date: 2005-09-27 19:18:20 + (Tue, 27 Sep 2005)
New Revision: 10554
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10554
Log:
* BUG 3057: assume x64 drivers are v3 drivers
* BUG 3087: allow smbspool to establisha geust connection
using a username with no password
Modified:
branches/SAMBA_3_0/source/client/smbspool.c
branches/SAMBA_3_0/source/printing/nt_printing.c
trunk/source/client/smbspool.c
trunk/source/printing/nt_printing.c
Changeset:
Modified: branches/SAMBA_3_0/source/client/smbspool.c
===
--- branches/SAMBA_3_0/source/client/smbspool.c 2005-09-27 19:01:27 UTC (rev
10553)
+++ branches/SAMBA_3_0/source/client/smbspool.c 2005-09-27 19:18:20 UTC (rev
10554)
@@ -457,15 +457,15 @@
get_myname(myname);
- if ( (username) ( *username ) (password) (*password) )
+ /* See if we have a username first. This is for backwards compatible
+ behavior with 3.0.14a */
+
+ if ( username *username )
{
- /*
- * User/password specified in the DEVICE_URI, use those credentials
- * to connect to the server
- */
cli = smb_complete_connection(myname, server, port, username,
password, workgroup, share, 0 );
- if (cli ) { return cli; }
+ if (cli)
+return cli;
}
/*
Modified: branches/SAMBA_3_0/source/printing/nt_printing.c
===
--- branches/SAMBA_3_0/source/printing/nt_printing.c2005-09-27 19:01:27 UTC
(rev 10553)
+++ branches/SAMBA_3_0/source/printing/nt_printing.c2005-09-27 19:18:20 UTC
(rev 10554)
@@ -1386,12 +1386,19 @@
*perr = WERR_INVALID_PARAM;
/* If architecture is Windows 95/98/ME, the version is always 0. */
- if (strcmp(architecture, WIN40) == 0) {
+ if (strcmp(architecture, SPL_ARCH_WIN40) == 0) {
DEBUG(10,(get_correct_cversion: Driver is Win9x, cversion =
0\n));
*perr = WERR_OK;
return 0;
}
+ /* If architecture is Windows x64, the version is always 3. */
+ if (strcmp(architecture, SPL_ARCH_X64) == 0) {
+ DEBUG(10,(get_correct_cversion: Driver is x64, cversion =
3\n));
+ *perr = WERR_OK;
+ return 3;
+ }
+
/*
* Connect to the print$ share under the same account as the user
connected
* to the rpc pipe. Note we must still be root to do this.
Modified: trunk/source/client/smbspool.c
===
--- trunk/source/client/smbspool.c 2005-09-27 19:01:27 UTC (rev 10553)
+++ trunk/source/client/smbspool.c 2005-09-27 19:18:20 UTC (rev 10554)
@@ -460,15 +460,15 @@
get_myname(myname);
- if ( (username) ( *username ) (password) (*password) )
+ /* See if we have a username first. This is for backwards compatible
+ behavior with 3.0.14a */
+
+ if ( username *username )
{
- /*
- * User/password specified in the DEVICE_URI, use those credentials
- * to connect to the server
- */
cli = smb_complete_connection(myname, server, port, username,
password, workgroup, share, 0 );
- if (cli ) { return cli; }
+ if (cli)
+return cli;
}
/*
Modified: trunk/source/printing/nt_printing.c
===
--- trunk/source/printing/nt_printing.c 2005-09-27 19:01:27 UTC (rev 10553)
+++ trunk/source/printing/nt_printing.c 2005-09-27 19:18:20 UTC (rev 10554)
@@ -1386,12 +1386,19 @@
*perr = WERR_INVALID_PARAM;
/* If architecture is Windows 95/98/ME, the version is always 0. */
- if (strcmp(architecture, WIN40) == 0) {
+ if (strcmp(architecture, SPL_ARCH_WIN40) == 0) {
DEBUG(10,(get_correct_cversion: Driver is Win9x, cversion =
0\n));
*perr = WERR_OK;
return 0;
}
+ /* If architecture is Windows x64, the version is always 3. */
+ if (strcmp(architecture, SPL_ARCH_X64) == 0) {
+ DEBUG(10,(get_correct_cversion: Driver is x64, cversion =
3\n));
+ *perr = WERR_OK;
+ return 3;
+ }
+
/*
* Connect to the print$ share under the same account as the user
connected
* to the rpc pipe. Note we must still be root to do this.
svn commit: samba r10555 - in branches/SAMBA_3_0/source/printing: .
Author: jerry Date: 2005-09-27 19:34:19 + (Tue, 27 Sep 2005) New Revision: 10555 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10555 Log: a few compile warnings from jason Mader Modified: branches/SAMBA_3_0/source/printing/printing.c Changeset: Modified: branches/SAMBA_3_0/source/printing/printing.c === --- branches/SAMBA_3_0/source/printing/printing.c 2005-09-27 19:18:20 UTC (rev 10554) +++ branches/SAMBA_3_0/source/printing/printing.c 2005-09-27 19:34:19 UTC (rev 10555) @@ -91,7 +91,7 @@ if (rap_jobid == 0) rap_jobid = ++next_rap_jobid; SSVAL(buf,0,rap_jobid); - data.dptr = buf; + data.dptr = (char*)buf; data.dsize = sizeof(rap_jobid); tdb_store(rap_tdb, key, data, TDB_REPLACE); tdb_store(rap_tdb, data, key, TDB_REPLACE); @@ -112,7 +112,7 @@ return False; SSVAL(buf,0,rap_jobid); - key.dptr = buf; + key.dptr = (char*)buf; key.dsize = sizeof(rap_jobid); data = tdb_fetch(rap_tdb, key); if ( data.dptr data.dsize == sizeof(struct rap_jobid_key) ) @@ -164,7 +164,7 @@ rap_jobid = SVAL(data.dptr, 0); SAFE_FREE(data.dptr); SSVAL(buf,0,rap_jobid); - data.dptr=buf; + data.dptr = (char*)buf; data.dsize = sizeof(rap_jobid); tdb_delete(rap_tdb, key); tdb_delete(rap_tdb, data);
svn commit: samba r10556 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch
Author: jerry
Date: 2005-09-27 19:39:13 + (Tue, 27 Sep 2005)
New Revision: 10556
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10556
Log:
BUG 3083: patch from Alex Deiter [EMAIL PROTECTED] to fix checking trusted
account for winbindd running on a Samba PDC
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
trunk/source/nsswitch/winbindd_cm.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2005-09-27 19:34:19 UTC
(rev 10555)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c2005-09-27 19:39:13 UTC
(rev 10556)
@@ -1175,7 +1175,10 @@
/* if we are a DC and this is a trusted domain, then we need to use our
domain name in the net_req_auth2() request */
- if ( IS_DC ) {
+ if ( IS_DC
+!strequal(domain-name, lp_workgroup())
+lp_allow_trusted_domains() )
+ {
account_name = talloc_asprintf( mem_ctx, %s$, lp_workgroup()
);
}
else {
Modified: trunk/source/nsswitch/winbindd_cm.c
===
--- trunk/source/nsswitch/winbindd_cm.c 2005-09-27 19:34:19 UTC (rev 10555)
+++ trunk/source/nsswitch/winbindd_cm.c 2005-09-27 19:39:13 UTC (rev 10556)
@@ -1294,7 +1294,10 @@
/* if we are a DC and this is a trusted domain, then we need to use our
domain name in the net_req_auth2() request */
- if ( IS_DC ) {
+ if ( IS_DC
+!strequal(domain-name, lp_workgroup())
+lp_allow_trusted_domains() )
+ {
account_name = lp_workgroup();
} else {
account_name = domain-primary ? global_myname() : domain-name;
svn commit: samba r10557 - in trunk/source/smbd: .
Author: jra
Date: 2005-09-27 20:41:04 + (Tue, 27 Sep 2005)
New Revision: 10557
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10557
Log:
Fix bug #3010 yet again. Die monster, die !
Jeremy.
Modified:
trunk/source/smbd/dir.c
Changeset:
Modified: trunk/source/smbd/dir.c
===
--- trunk/source/smbd/dir.c 2005-09-27 19:39:13 UTC (rev 10556)
+++ trunk/source/smbd/dir.c 2005-09-27 20:41:04 UTC (rev 10557)
@@ -1148,8 +1148,23 @@
void SeekDir(struct smb_Dir *dirp, long offset)
{
if (offset != dirp-offset) {
- if (offset == START_OF_DIRECTORY_OFFSET || offset ==
DOT_DOT_DIRECTORY_OFFSET) {
+ if (offset == START_OF_DIRECTORY_OFFSET) {
RewindDir(dirp, offset);
+ /*
+* Ok we should really set the file number here
+* to 1 to enable .. to be returned next. Trouble
+* is I'm worried about callers using SeekDir(dirp,0)
+* as equivalent to RewindDir(). So leave this alone
+* for now.
+*/
+ } else if (offset == DOT_DOT_DIRECTORY_OFFSET) {
+ RewindDir(dirp, offset);
+ /*
+* Set the file number to 2 - we want to get the first
+* real file entry (the one we return after ..)
+* on the next ReadDir.
+*/
+ dirp-file_number = 2;
} else if (offset == END_OF_DIRECTORY_OFFSET) {
; /* Don't seek in this case. */
} else {
svn commit: samba r10558 - in branches/SAMBA_3_0/source/smbd: .
Author: jra
Date: 2005-09-27 20:41:22 + (Tue, 27 Sep 2005)
New Revision: 10558
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10558
Log:
Fix bug #3010 yet again. Die monster, die !
Jeremy.
Modified:
branches/SAMBA_3_0/source/smbd/dir.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/dir.c
===
--- branches/SAMBA_3_0/source/smbd/dir.c2005-09-27 20:41:04 UTC (rev
10557)
+++ branches/SAMBA_3_0/source/smbd/dir.c2005-09-27 20:41:22 UTC (rev
10558)
@@ -1148,8 +1148,23 @@
void SeekDir(struct smb_Dir *dirp, long offset)
{
if (offset != dirp-offset) {
- if (offset == START_OF_DIRECTORY_OFFSET || offset ==
DOT_DOT_DIRECTORY_OFFSET) {
+ if (offset == START_OF_DIRECTORY_OFFSET) {
RewindDir(dirp, offset);
+ /*
+* Ok we should really set the file number here
+* to 1 to enable .. to be returned next. Trouble
+* is I'm worried about callers using SeekDir(dirp,0)
+* as equivalent to RewindDir(). So leave this alone
+* for now.
+*/
+ } else if (offset == DOT_DOT_DIRECTORY_OFFSET) {
+ RewindDir(dirp, offset);
+ /*
+* Set the file number to 2 - we want to get the first
+* real file entry (the one we return after ..)
+* on the next ReadDir.
+*/
+ dirp-file_number = 2;
} else if (offset == END_OF_DIRECTORY_OFFSET) {
; /* Don't seek in this case. */
} else {
svn commit: samba r10559 - in branches/SAMBA_3_0_RELEASE/source/smbd: .
Author: jerry
Date: 2005-09-27 20:44:54 + (Tue, 27 Sep 2005)
New Revision: 10559
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10559
Log:
jra's looping directory fix (BUG 3065)
Modified:
branches/SAMBA_3_0_RELEASE/source/smbd/dir.c
Changeset:
Modified: branches/SAMBA_3_0_RELEASE/source/smbd/dir.c
===
--- branches/SAMBA_3_0_RELEASE/source/smbd/dir.c2005-09-27 20:41:22 UTC
(rev 10558)
+++ branches/SAMBA_3_0_RELEASE/source/smbd/dir.c2005-09-27 20:44:54 UTC
(rev 10559)
@@ -1148,8 +1148,23 @@
void SeekDir(struct smb_Dir *dirp, long offset)
{
if (offset != dirp-offset) {
- if (offset == START_OF_DIRECTORY_OFFSET || offset ==
DOT_DOT_DIRECTORY_OFFSET) {
+ if (offset == START_OF_DIRECTORY_OFFSET) {
RewindDir(dirp, offset);
+ /*
+* Ok we should really set the file number here
+* to 1 to enable .. to be returned next. Trouble
+* is I'm worried about callers using SeekDir(dirp,0)
+* as equivalent to RewindDir(). So leave this alone
+* for now.
+*/
+ } else if (offset == DOT_DOT_DIRECTORY_OFFSET) {
+ RewindDir(dirp, offset);
+ /*
+* Set the file number to 2 - we want to get the first
+* real file entry (the one we return after ..)
+* on the next ReadDir.
+*/
+ dirp-file_number = 2;
} else if (offset == END_OF_DIRECTORY_OFFSET) {
; /* Don't seek in this case. */
} else {
svn commit: samba-web r817 - in trunk/patches: .
Author: jerry Date: 2005-09-27 21:13:04 + (Tue, 27 Sep 2005) New Revision: 817 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=817 Log: adding note about 3.0.20a delays Modified: trunk/patches/index.html Changeset: Modified: trunk/patches/index.html === --- trunk/patches/index.html2005-09-27 14:17:47 UTC (rev 816) +++ trunk/patches/index.html2005-09-27 21:13:04 UTC (rev 817) @@ -10,10 +10,13 @@ main Samba development trees for the next version of Samba 3.0.x./p -pbATTENTION/b A patch release, Samba 3.0.20a, is planned for late in the week +pbATTENTION/b Samba 3.0.20a, is planned for late in the week of September 19, 2005. This release will incorporate all the patches for 3.0.20 listed on this page as well as a few possible other fixes./p +pemUpdate/em: The Samba 3.0.20a release has been delayed slightly due to some +minor last minute bugs. We are hoping to finalize the release by October 7./p + pFollow these instructions for applying patches:/p pre$ tar zxvf samba-3.0.x.tar.gz $ cd samba-3.0.x
svn commit: samba r10560 - in trunk/source/include: .
Author: jelmer Date: 2005-09-27 23:18:55 + (Tue, 27 Sep 2005) New Revision: 10560 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10560 Log: Ignore includes.h.gch Modified: trunk/source/include/ Changeset: Property changes on: trunk/source/include ___ Name: svn:ignore - build_env.h config.h stamp-h proto.h wrepld_proto.h config.h.in version.h include.h.gch + build_env.h config.h stamp-h proto.h wrepld_proto.h config.h.in version.h includes.h.gch
Build status as of Wed Sep 28 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-09-27 00:00:16.0 + +++ /home/build/master/cache/broken_results.txt 2005-09-28 00:00:20.0 + @@ -1,17 +1,17 @@ -Build status as of Tue Sep 27 00:00:02 2005 +Build status as of Wed Sep 28 00:00:02 2005 Build counts: Tree Total Broken Panic ccache 38 5 0 distcc 38 2 0 -lorikeet-heimdal 32 17 0 +lorikeet-heimdal 33 18 0 ppp 23 0 0 rsync37 2 0 -samba3 1 0 +samba3 0 0 samba-docs 0 0 0 -samba4 38 22 1 -samba_3_039 8 0 +samba4 37 18 2 +samba_3_038 9 0 smb-build32 3 0 talloc 36 12 0 -tdb 36 3 0 +tdb 36 2 0
svn commit: samba r10561 - in branches/SAMBA_4_0/source: auth/kerberos heimdal/lib/krb5
Author: abartlet Date: 2005-09-28 01:09:10 + (Wed, 28 Sep 2005) New Revision: 10561 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10561 Log: This patch takes over KDC socket routines in Heimdal, and directs them at the Samba4 socket layer. The intention here is to ensure that other events may be processed while heimdal is waiting on the KDC. The interface is designed to be sufficiently flexible, so that the plugin may choose how to time communication with the KDC (ie multiple outstanding requests, looking for a functional KDC). I've hacked the socket layer out of cldap.c to handle this very specific case of one udp packet and reply. Likewise I also handle TCP, stolen from the winbind code. This same plugin system might also be useful for a self-contained testing mode in Heimdal, in conjunction with libkdc. I would suggest using socket-wrapper instead however. Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.c branches/SAMBA_4_0/source/heimdal/lib/krb5/context.c branches/SAMBA_4_0/source/heimdal/lib/krb5/krb5-protos.h branches/SAMBA_4_0/source/heimdal/lib/krb5/krb5.h branches/SAMBA_4_0/source/heimdal/lib/krb5/send_to_kdc.c Changeset: Sorry, the patch is too large (542 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10561
svn commit: samba r10562 - in branches/SAMBA_4_0/source/kdc: .
Author: abartlet
Date: 2005-09-28 02:22:31 + (Wed, 28 Sep 2005)
New Revision: 10562
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10562
Log:
Ensure we initalise the error table with hdb errors. This ensures we
get good text error strings.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/kdc/kdc.c
branches/SAMBA_4_0/source/kdc/kdc.h
Changeset:
Modified: branches/SAMBA_4_0/source/kdc/kdc.c
===
--- branches/SAMBA_4_0/source/kdc/kdc.c 2005-09-28 01:09:10 UTC (rev 10561)
+++ branches/SAMBA_4_0/source/kdc/kdc.c 2005-09-28 02:22:31 UTC (rev 10562)
@@ -271,6 +271,8 @@
return;
}
+ krb5_add_et_list(kdc-smb_krb5_context-krb5_context,
initialize_hdb_error_table_r);
+
kdc-config-logf = kdc-smb_krb5_context-logf;
kdc-config-db = talloc(kdc-config, struct HDB *);
if (!kdc-config-db) {
Modified: branches/SAMBA_4_0/source/kdc/kdc.h
===
--- branches/SAMBA_4_0/source/kdc/kdc.h 2005-09-28 01:09:10 UTC (rev 10561)
+++ branches/SAMBA_4_0/source/kdc/kdc.h 2005-09-28 02:22:31 UTC (rev 10562)
@@ -24,6 +24,7 @@
#include system/kerberos.h
#include auth/kerberos/kerberos.h
#include heimdal/kdc/kdc.h
+#include heimdal/lib/hdb/hdb.h
#include kdc/pac-glue.h
krb5_error_code hdb_ldb_create(TALLOC_CTX *mem_ctx,
svn commit: samba r10563 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: abartlet
Date: 2005-09-28 02:37:03 + (Wed, 28 Sep 2005)
New Revision: 10563
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10563
Log:
a null 'join' is a no-op.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/torture/rpc/testjoin.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/testjoin.c
===
--- branches/SAMBA_4_0/source/torture/rpc/testjoin.c2005-09-28 02:22:31 UTC
(rev 10562)
+++ branches/SAMBA_4_0/source/torture/rpc/testjoin.c2005-09-28 02:37:03 UTC
(rev 10563)
@@ -416,6 +416,9 @@
struct samr_DeleteUser d;
NTSTATUS status;
+ if (!join) {
+ return;
+ }
d.in.user_handle = join-user_handle;
d.out.user_handle = join-user_handle;
svn commit: samba r10564 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: abartlet
Date: 2005-09-28 02:58:53 + (Wed, 28 Sep 2005)
New Revision: 10564
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10564
Log:
Make the RPC-SCHANNEL test use the libnet_join code via torture_join_domain
Handle error cases in torture_create_testuser, where we can't connect
to the target server (we were segfaulting due to an untested error
path).
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/torture/rpc/schannel.c
branches/SAMBA_4_0/source/torture/rpc/testjoin.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/schannel.c
===
--- branches/SAMBA_4_0/source/torture/rpc/schannel.c2005-09-28 02:37:03 UTC
(rev 10563)
+++ branches/SAMBA_4_0/source/torture/rpc/schannel.c2005-09-28 02:58:53 UTC
(rev 10564)
@@ -159,8 +159,8 @@
TALLOC_CTX *test_ctx = talloc_named(mem_ctx, 0, test_schannel
context);
char *test_machine_account = talloc_asprintf(NULL, %s$,
TEST_MACHINE_NAME);
- join_ctx = torture_create_testuser(test_machine_account,
lp_workgroup(),
- acct_flags, machine_password);
+ join_ctx = torture_join_domain(TEST_MACHINE_NAME,
+ acct_flags, machine_password);
if (!join_ctx) {
printf(Failed to join domain with acct_flags=0x%x\n,
acct_flags);
talloc_free(test_ctx);
Modified: branches/SAMBA_4_0/source/torture/rpc/testjoin.c
===
--- branches/SAMBA_4_0/source/torture/rpc/testjoin.c2005-09-28 02:37:03 UTC
(rev 10563)
+++ branches/SAMBA_4_0/source/torture/rpc/testjoin.c2005-09-28 02:58:53 UTC
(rev 10564)
@@ -134,7 +134,7 @@
DCERPC_SAMR_UUID,
DCERPC_SAMR_VERSION);
if (!NT_STATUS_IS_OK(status)) {
- goto failed;
+ return NULL;
}
c.in.system_name = NULL;
@@ -148,7 +148,7 @@
errstr = dcerpc_errstr(join, join-p-last_fault_code);
}
printf(samr_Connect failed - %s\n, errstr);
- goto failed;
+ return NULL;
}
printf(Opening domain %s\n, domain);
@@ -284,6 +284,10 @@
struct libnet_context *libnet_ctx;
struct libnet_JoinDomain *libnet_r;
struct test_join *tj;
+ struct samr_SetUserInfo s;
+ union samr_UserInfo u;
+ struct lsa_String comment;
+ struct lsa_String full_name;
tj = talloc(NULL, struct test_join);
if (!tj) return NULL;
@@ -325,6 +329,30 @@
tj-dom_sid = dom_sid_string(tj, libnet_r-out.domain_sid);
*machine_password = libnet_r-out.join_password;
+ ZERO_STRUCT(u);
+ s.in.user_handle = tj-user_handle;
+ s.in.info = u;
+ s.in.level = 21;
+
+ u.info21.fields_present = SAMR_FIELD_DESCRIPTION | SAMR_FIELD_COMMENT |
SAMR_FIELD_FULL_NAME;
+ comment.string = talloc_asprintf(tj,
+Tortured by Samba4: %s,
+timestring(tj, time(NULL)));
+ u.info21.comment = comment;
+ full_name.string = talloc_asprintf(tj,
+Torture account for Samba4: %s,
+timestring(tj, time(NULL)));
+ u.info21.full_name = full_name;
+
+ u.info21.description.string = talloc_asprintf(tj,
+ Samba4 torture account
created by host %s: %s,
+ lp_netbios_name(),
timestring(tj, time(NULL)));
+
+ status = dcerpc_samr_SetUserInfo(tj-p, tj, s);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(SetUserInfo (non-critical) failed - %s\n,
nt_errstr(status));
+ }
+
DEBUG(0, (%s joined domain %s (%s).\n,
libnet_r-in.netbios_name,
libnet_r-out.domain_name,
svn commit: samba r10565 - in branches/SAMBA_4_0/source/auth/gensec: .
Author: abartlet
Date: 2005-09-28 04:50:02 + (Wed, 28 Sep 2005)
New Revision: 10565
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10565
Log:
Try to make Kerberos authentication a bit more friendly.
This disables it for 'localhost' as well as for any host our KDC does
not recognise.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c
branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c
===
--- branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c 2005-09-28
02:58:53 UTC (rev 10564)
+++ branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c 2005-09-28
04:50:02 UTC (rev 10565)
@@ -239,9 +239,13 @@
return NT_STATUS_INVALID_PARAMETER;
}
if (is_ipaddress(hostname)) {
- DEBUG(2, (Cannot do GSSAPI to an IP address));
+ DEBUG(2, (Cannot do GSSAPI to an IP address\n));
return NT_STATUS_INVALID_PARAMETER;
}
+ if (strequal(hostname, localhost)) {
+ DEBUG(2, (GSSAPI to 'localhost' does not make sense\n));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
nt_status = gensec_gssapi_start(gensec_security);
if (!NT_STATUS_IS_OK(nt_status)) {
@@ -269,7 +273,7 @@
DEBUG(2, (GSS Import name of %s failed: %s\n,
(char *)name_token.value,
gssapi_error_string(gensec_gssapi_state, maj_stat,
min_stat)));
- return NT_STATUS_UNSUCCESSFUL;
+ return NT_STATUS_INVALID_PARAMETER;
}
principal = gensec_get_target_principal(gensec_security);
@@ -306,9 +310,16 @@
NULL,
NULL);
if (maj_stat) {
- DEBUG(1, (Aquiring initiator credentails failed: %s\n,
- gssapi_error_string(gensec_gssapi_state, maj_stat,
min_stat)));
- return NT_STATUS_UNSUCCESSFUL;
+ switch (min_stat) {
+ case KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN:
+ DEBUG(3, (Server [%s] is not registered with our KDC:
%s\n,
+ hostname,
gssapi_error_string(gensec_gssapi_state, maj_stat, min_stat)));
+ return NT_STATUS_INVALID_PARAMETER; /* Make SPNEGO
ignore us, we can't go any further here */
+ default:
+ DEBUG(1, (Aquiring initiator credentails failed:
%s\n,
+ gssapi_error_string(gensec_gssapi_state,
maj_stat, min_stat)));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
}
return NT_STATUS_OK;
@@ -408,12 +419,23 @@
gss_release_buffer(min_stat2, output_token);
return NT_STATUS_MORE_PROCESSING_REQUIRED;
- } else {
- if (maj_stat == GSS_S_FAILURE
-(min_stat == KRB5KRB_AP_ERR_BADVERSION || min_stat ==
KRB5KRB_AP_ERR_MSG_TYPE)) {
+ } else if ((gensec_gssapi_state-gss_oid-length ==
gss_mech_krb5-length)
+(memcmp(gensec_gssapi_state-gss_oid-elements,
gss_mech_krb5-elements,
+ gensec_gssapi_state-gss_oid-length) == 0)) {
+ switch (min_stat) {
+ case KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN:
+ DEBUG(3, (Server is not registered with our KDC:
%s\n,
+ gssapi_error_string(gensec_gssapi_state,
maj_stat, min_stat)));
+ return NT_STATUS_INVALID_PARAMETER; /* Make SPNEGO
ignore us, we can't go any further here */
+ case KRB5KRB_AP_ERR_MSG_TYPE:
/* garbage input, possibly from the auto-mech detection
*/
return NT_STATUS_INVALID_PARAMETER;
+ default:
+ DEBUG(1, (GSS(krb5) Update failed: %s\n,
+ gssapi_error_string(out_mem_ctx, maj_stat,
min_stat)));
+ return nt_status;
}
+ } else {
DEBUG(1, (GSS Update failed: %s\n,
gssapi_error_string(out_mem_ctx, maj_stat,
min_stat)));
return nt_status;
Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
===
--- branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2005-09-28 02:58:53 UTC
(rev 10564)
+++ branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2005-09-28 04:50:02 UTC
(rev 10565)
@@ -172,7 +172,10 @@
DEBUG(2, (Cannot do krb5 to an IP address));
return NT_STATUS_INVALID_PARAMETER;
}
-
+ if (strequal(hostname, localhost)) {
+ DEBUG(2, (krb5 to 'localhost' does not make
Re: svn commit: samba r10565 - in branches/SAMBA_4_0/source/auth/gensec: .
This disables it for 'localhost' as well as for any host our KDC does not recognise. If it is disabled for localhost, then does that mean we can't test it in the build farm? Or will 'localhost.$REALM' work? Cheers, Tridge
svn commit: samba r10566 - in branches/SAMBA_4_0/source/libnet: .
Author: abartlet
Date: 2005-09-28 05:38:20 + (Wed, 28 Sep 2005)
New Revision: 10566
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=10566
Log:
Clean up error messages to provide more accurate info.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/libnet/libnet_join.c
Changeset:
Modified: branches/SAMBA_4_0/source/libnet/libnet_join.c
===
--- branches/SAMBA_4_0/source/libnet/libnet_join.c 2005-09-28 04:50:02 UTC
(rev 10565)
+++ branches/SAMBA_4_0/source/libnet/libnet_join.c 2005-09-28 05:38:20 UTC
(rev 10566)
@@ -613,9 +613,15 @@
status = libnet_RpcConnect(ctx, c, c);
if (!NT_STATUS_IS_OK(status)) {
- r-out.error_string = talloc_asprintf(mem_ctx,
- Connection to LSA pipe of PDC
of domain '%s' failed: %s,
- r-in.domain_name,
nt_errstr(status));
+ if (r-in.level == LIBNET_JOINDOMAIN_AUTOMATIC) {
+ r-out.error_string = talloc_asprintf(mem_ctx,
+ Connection to
LSA pipe of PDC of domain '%s' failed: %s,
+
r-in.domain_name, nt_errstr(status));
+ } else {
+ r-out.error_string = talloc_asprintf(mem_ctx,
+ Connection to
LSA pipe with binding '%s' failed: %s,
+ r-in.binding,
nt_errstr(status));
+ }
talloc_free(tmp_ctx);
return status;
}
@@ -835,9 +841,8 @@
r-out.error_string = talloc_asprintf(mem_ctx,
samr_LookupNames
for [%s] returns %d RIDs\n,
r-in.account_name, ln.out.rids.count);
- status = NT_STATUS_INVALID_PARAMETER;
talloc_free(tmp_ctx);
- return status;
+ return NT_STATUS_INVALID_PARAMETER;
}
/* prepare samr_OpenUser */
