SOLUTION - Re: [Samba] Cannot delete files from samba share
In Samba, I can create a file in his directory (which tells me the acl's are working) and I can edit it and save it as well. However, I cannot rename it or delete it. Okay, I think I've finally got a solution to this - and it's not a bug in Samba ;-) The problem (for me at least) was that even though it *looks* like ACLs are being enabled, if you look closely at 'configure', they're not: ./configure --with-acl-support checking whether to support ACLs... checking for getxattr in -lattr... yes checking for acl_get_file in -lacl... no checking for ACL support... no That last line indicates that Samba isn't actually using ACLs. Perhaps the kernel is partially implementing the ACLs, which is why sometimes it seems to work. The problem was that 'libacl' doesn't seem to install itself properly, and my distro shipped with the incomplete install. In order to fix it I had to make a new symlink to the library: $ cd /lib $ ln -s libacl.so.1.1.0 libacl.so $ ldconfig Which fixed the -lacl problem with configure (now that it could find libacl), and then I had to install the missing acl header. $ cd acl-2.2.34 $ mkdir /usr/include/acl $ cp include/acl.h /usr/include/acl/ $ cp include/acl.h /usr/include/sys/ I downloaded the acl-2.2.34 package from here: ftp://oss.sgi.com/projects/xfs/cmd_tars (or follow the links from http://acl.bestbits.at/ - libacl is distributed alongside XFS, so you'll need to go via the XFS site.) This made the acl.h file available and configure could find it: checking whether to support ACLs... checking for getxattr in -lattr... yes checking for acl_get_file in -lacl... yes checking for ACL support... yes Using posix ACLs And at last the permissions seemed to behave more like I expected them to. I still couldn't delete the file I was trying to delete, but now I can no longer edit it or create new files in the directory, so be careful of the increased restrictions once your ACLs are fully enforced! If this works for you, please post back to the list as I'm keen to know if it helps anyone. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum samba file transfer speed on gigabit...
[EMAIL PROTECTED] wrote: What am I missing here? Is the overhead for Samba really that significant, or is there some setting I can change, or am I overlooking something else? What Version of Samba is running? Is it a kind of Locking Problem? Have you tried to use this settings in smb.conf (in the Share Section): oplocks = No level2 oplocks = No OR veto oplock files = /*.dbf/ In the Book Samba 3 by Examble is the following Tipp for WinNT/W2k/SP: Set HKLM\CurrentControlSet\Services\LanmanServer\Parameters EnableOplocks=dword: and HKLM\CurrentControlSet\Services\LanmanWorkstation\Parameters UseOpportunisticLocking=dword: What speed have a Filetransfer with ftp? Have you testet your Diskthrouput with bonnie (or such Tools)? What speed did you have with a Windows Server? Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] RE: Domain trusts regression (I hope) 3.0.21c - 3.0.23pre1, rc1
-Original Message- I'll look into it. Please file a report at https://bugzilla.samba.org Thanks -- https://bugzilla.samba.org/show_bug.cgi?id=3823 Bob G _ This email (including any attachments to it) is confidential, legally privileged, subject to copyright and is sent for the personal attention of the intended recipient only. If you have received this email in error, please advise us immediately and delete it. You are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Although we have taken reasonable precautions to ensure no viruses are present in this email, we cannot accept responsibility for any loss or damage arising from the viruses in this email or attachments. We exclude any liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided in this email or its attachments, unless that information is subsequently confirmed in writing. If this email contains an offer, that should be considered as an invitation to treat. _ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbmount and win2003 sp1
Hi All: I encountered a problem with smbmount and win2003 sp1. Before I upgrade sp1, everything works fine. But after sp1, smbmount can't work. The command and error message are as follows: smbmount //localhost/share1 /tmp/mountest -o username=domainu1,password=password ERRDOS - ERRnoaccess (Access Denied.) SMB connection failed I also checked the release note about the issue, and found a fix on 3.0.14a about: Compatibility issues between Winbind and Windows 2003 SP1 domain controllers (*2k3sp1*). Does it fix my bug? My version is 3.0.21c. Why did I have the problem? Thanks, Latrell -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount and win2003 sp1
On Mon, Jun 05, 2006 at 07:54:51PM +0800, Latrell wrote: I encountered a problem with smbmount and win2003 sp1. It is very likely that smbfs does not do some of the advanced authentication options that W2k3 SP1 now requires. Please test the cifs filesystem, smbfs is unsupported for a while now. Volker pgpW3rckWMYEi.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] HW configuration
Hi all, i need to install a samba server . we need to make a server for sharring file , don't need no autetication. we have a 100 connection/min no more than 10 block/min the volume of storage is smaller - don't over 1 G hi availability = all time 100% we can't shutdown the server.. how i can find the best HW configuration for this type server. any way , what kind of linux version is better for this, any tip? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba + ldap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Staff, I am with a problem in the hour to make the connection with the samba and ldap, in the hour to carry through the sharing, the same says that the password of the users died, already changes the password of user and exactly thus the problem persists. - -- Márcio Luciano Donada Departamento de T.I. - Aurora Alimentos Cooperativa Central Oeste Catarinense - Chapecó(SC) mdonada at auroraalimentos dot com dot br -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEhC5PyJq2hZEymxcRAi/kAKDE+EKtG+36kmh/dGUcUPgZaUVqrgCfRR4c PJWInyKboKSDoZ9sVKBMauM= =idzR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba + ldap
Márcio Luciano Donada napisał(a): -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Staff, I am with a problem in the hour to make the connection with the samba and ldap, in the hour to carry through the sharing, the same says that the password of the users died, already changes the password of user and exactly thus the problem persists. Look for SambaAcctFlags in LDAP - it should be something like this for working account [U ]. Probably you have something like [DU ] - which means that you account exists but it is blocked. Regards, Marcin - -- Márcio Luciano Donada Departamento de T.I. - Aurora Alimentos Cooperativa Central Oeste Catarinense - Chapecó(SC) mdonada at auroraalimentos dot com dot br -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEhC5PyJq2hZEymxcRAi/kAKDE+EKtG+36kmh/dGUcUPgZaUVqrgCfRR4c PJWInyKboKSDoZ9sVKBMauM= =idzR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Robert Gehr is NOT in the house
Ich werde ab 05.06.2006 nicht im Büro sein. Ich kehre zurück am 30.06.2006. Ich werde Ihre Nachricht nach meiner Rückkehr beantworten. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba not working correctly after upgrade
Hello I just upgraded from Fedora Core 2 (Samba 3.0.10) to Debian Sarge (Samba 3.0.14). The Samba server is being used as a PDC with Roaming Profiles for about 25-30 Windows XP clients. Before the upgrade everything worked perfectly but afterwards I've had some minor issues and been able to sort them out. However I have two remaining problems and I've spent quite a bit of time on them without finding a solution. I suspect that these two problems relate to one another but I'm not sure. The first problem is that I tried adding a computer to the domain (rejoining), that worked just fine, but when I log on it seems that Windows doesn't read the users registry from the profile. So any settings like background, keyboard layouts, various things from the Start menu, etc are not set. Windows does not complain about being unable to read the users profile off the server. The second problem is such that a user that has not been logged onto a Windows XP machine before can't log on. If people log on to their own machines (where their profile is available locally), that works just fine. But a user which has not logged on before gets a message that the username / password is not recognized. I have checked and made sure that the users have the applicable permissions on their profiles. I am using the same /etc/samba/* files for samba as it was on the older setup, except I have added profile acls to the [profiles] share/section. The server is using smbpasswd and I will be switching over to ldap shortly, but I have to work out a few issues concerning that before I can make the switch. The smb.conf looks like this: [global] workgroup = JORDMIL server string = Samba Server password server = jordmil username map = /etc/samba/smbusers log level = 3 log file = /var/log/samba/%m.log max log size = 50 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap logon script = %U.bat logon path = \\%L\Profiles\%U logon drive = G: logon home = \\jordmil\%U domain logons = Yes os level = 255 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 hosts allow = 192.168.1. [homes] comment = %u's Home Directory invalid users = root, admin, bin, sys, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, nobody, ftp, rpm, vcsa, nscd, sshd, rpc, rpcuser, nfsnobody, pcap, mailnull, smmsp, apache, squid, webalizer, dbus, xfs, named, ntp, gdm read only = No browseable = No [netlogon] comment = Network Logon Service path = /home/netlogon browseable = No share modes = No [Profiles] path = /home/profiles read only = No create mask = 0600 directory mask = 0700 profile acls = Yes browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes print command = lpr -P %p -o raw %s -r browseable = No [homedirs] comment = Hjemmedrev for JORDMIL brugere path = /home/homelinks read only = No [backup] comment = Daglig backup path = /mnt/backup [intra] comment = Faelles filer path = /home/intra read only = No force create mode = 0775 force directory mode = 06775 If you can give me any hints or suggestions that would be of great help. best regards, Guðmundur Bjarni Ólafsson -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 64-bit RHEL4 BDC doesn't allow workstation logons
I'm trying to set up Samba on RHEL4 as a BDC for subnet 10.6.0.0/16. The PDC is located at another site and on another network. Its IP address is 10.2.0.2. There are other BDCs on subnets 10.1.0.0/16, 10.3.0.0/16, and 10.4.0.0/16 that all function fine. This is the only one on RHEL and this is the only one on a 64 bit box. We are using ldapsam for the passdb. The important config lines are: [global] workgroup = AEI netbios name = APPDEVEL-BIS passdb backend = ldapsam:ldap://ldap.server.name local master = yes preferred master = no domain master = no os level = 33 domain logons = yes wins server = 10.2.0.2 I have used smbpasswd -w secret, as well as net rpc join with a successful domain join. Whenever someone logs in on a computer joined to the domain on this subnet (and all the computers in this domain were already joined to the domain AEI before this BDC was put into place) they get the: Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. [...] Modifying the config file to say domain logons = no passes the logon to another DC and then the logon works. Logs at log level 5 say such scary things as: [token.log, a workstation trying to log in] [2006/06/05 12:13:07, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2006/06/05 12:13:07, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2006/06/05 12:13:07, 5] auth/auth_util.c:is_trusted_domain(1491) is_trusted_domain: Checking for domain trust with [AEI] [2006/06/05 12:13:07, 5] passdb/secrets.c:secrets_fetch_trusted_domain_password( 334) secrets_fetch failed! [2006/06/05 12:13:07, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2006/06/05 12:13:07, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain AEI found. [2006/06/05 12:13:07, 5] auth/auth_util.c:make_user_info(133) attempting to make a user_info for () [2006/06/05 12:13:07, 5] auth/auth_util.c:make_user_info(143) making strings for 's user_info struct [2006/06/05 12:13:07, 5] auth/auth_util.c:make_user_info(185) making blobs for 's user_info struct [2006/06/05 12:13:07, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2006/06/05 12:13:07, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] At which point it looks like it tries guest access by mapping null user to nobody, which isn't allowed, and fails. I'm convinced that the machine actually doesn't believe that it's a domain member. For instance, in Printers and Faxes, it says the privileged user is APPDEVEL-BIS\Administrators, not AEI\Administrators. etc. That would seem to make some sense with its behavior, but I don't know how else to convince it it's a domain member other than what I've already done with net rpc join, which has been successful for me in the past. But what's also bizarre is that after one gets logged in, you can browse APPDEVEL-BIS's shares fine without having to log in, and with seemingly the correct access levels. Is there a 64-bit issue going on here? Or maybe a library version issue? Right now I'm using samba 3.0.10 which comes with RHEL4, but I have experienced the same problems with 3.0.22 built from source and I'm staying on 3.0.10 right now because I'm querying Red Hat support with this same question -- though they seem just as stumped as I am so far. Can someone please give me some pointers where I can look next? -- Scott Moorhouse : [EMAIL PROTECTED] Systems Architect : Applied Engineering, Inc. Red Hat Certified Engineer: Bismarck, ND -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [PATCH] Pet peave then-than
This patch fixes all the incorrect uses of then that I could
find on the whole SAMBA_4_0 branch.
i.e. it is relative to
svn://svnanon.samba.org/samba/branches/SAMBA_4_0 at revision
16046.
Index: source/auth/ntlmssp/ntlmssp_sign.c
===
--- source/auth/ntlmssp/ntlmssp_sign.c (revision 16046)
+++ source/auth/ntlmssp/ntlmssp_sign.c (working copy)
@@ -32,7 +32,7 @@
#define SRV_SEAL session key to server-to-client sealing key magic constant
/**
- * Some notes on then NTLM2 code:
+ * Some notes on the NTLM2 code:
*
* NTLM2 is a AEAD system. This means that the data encrypted is not
* all the data that is signed. In DCE-RPC case, the headers of the
Index: source/lib/popt/popthelp.c
===
--- source/lib/popt/popthelp.c (revision 16046)
+++ source/lib/popt/popthelp.c (working copy)
@@ -678,7 +678,7 @@
/[EMAIL PROTECTED] fileSystem @*/
/[EMAIL PROTECTED] *str, *fp, fileSystem @*/
{
-char * s = alloca(300);/* larger then the ascii set */
+char * s = alloca(300);/* larger than the ascii set */
s[0] = '\0';
/[EMAIL PROTECTED]@*/ /* FIX: W2DO? */
Index: source/lib/ldb/common/ldb_dn.c
===
--- source/lib/ldb/common/ldb_dn.c (revision 16046)
+++ source/lib/ldb/common/ldb_dn.c (working copy)
@@ -665,7 +665,7 @@
/* copy specified number of elements of a dn into a new one
element are copied from top level up to the unique rdn
- num_el may be greater then dn-comp_num (see ldb_dn_make_child)
+ num_el may be greater than dn-comp_num (see ldb_dn_make_child)
*/
struct ldb_dn *ldb_dn_copy_partial(void *mem_ctx, const struct ldb_dn *dn, int
num_el)
{
Index: source/lib/ldb/modules/ldb_map.h
===
--- source/lib/ldb/modules/ldb_map.h(revision 16046)
+++ source/lib/ldb/modules/ldb_map.h(working copy)
@@ -34,9 +34,9 @@
* that any upper layers will use.
*
* All local attributes will have to have a definition. Not all remote
- * attributes need a definition as LDB is a lot less stricter then LDAP
+ * attributes need a definition as LDB is a lot less strict than LDAP
* (in other words, sending unknown attributes to an LDAP server hurts us,
- * returning too much attributes in ldb_search() doesn't)
+ * while returning too many attributes in ldb_search() doesn't)
*/
struct ldb_map_context;
Index: source/lib/registry/reg_backend_nt4.c
===
--- source/lib/registry/reg_backend_nt4.c (revision 16046)
+++ source/lib/registry/reg_backend_nt4.c (working copy)
@@ -463,7 +463,7 @@
}
if ((*ret)-data.length vk-data_length) {
- DEBUG(1, (Read data less then indicated data length!\n));
+ DEBUG(1, (Read data less than indicated data length!\n));
}
return WERR_OK;
Index: source/lib/registry/registry.h
===
--- source/lib/registry/registry.h (revision 16046)
+++ source/lib/registry/registry.h (working copy)
@@ -103,11 +103,11 @@
WERROR (*num_values) (const struct registry_key *, uint32_t *count);
WERROR (*get_subkey_by_index) (TALLOC_CTX *, const struct registry_key
*, int idx, struct registry_key **);
- /* Can not contain more then one level */
+ /* Can not contain more than one level */
WERROR (*get_subkey_by_name) (TALLOC_CTX *, const struct registry_key
*, const char *name, struct registry_key **);
WERROR (*get_value_by_index) (TALLOC_CTX *, const struct registry_key
*, int idx, struct registry_value **);
- /* Can not contain more then one level */
+ /* Can not contain more than one level */
WERROR (*get_value_by_name) (TALLOC_CTX *, const struct registry_key *,
const char *name, struct registry_value **);
/* Security control */
Index: source/lib/registry/TODO
===
--- source/lib/registry/TODO(revision 16046)
+++ source/lib/registry/TODO(working copy)
@@ -29,6 +29,6 @@
- support for adding/deleting keys
- support for security descriptors
-- pass parsed paths around rather then strings (i.e. just a list of strings)
+- pass parsed paths around rather than strings (i.e. just a list of strings)
- integrate various registry tools ?
- finish new patchfile code
Index: source/lib/registry/man/regtree.1.xml
===
--- source/lib/registry/man/regtree.1.xml (revision 16046)
+++ source/lib/registry/man/regtree.1.xml (working copy)
@@ -30,7 +30,7 @@
paraThe regtree utility prints out all the contents of a
Windows registry
[Samba] Samba/LDAP User add problem...
I think I've got everything setup, and when i try to add a user to samba, I get the following error. --- smbldap-useradd -a -m -c Greg Sloop gregs Error: SID not set for unix group 513 check if your unix group is mapped to an NT group --- When I view the Domain Users group in the LDAP tree, the GID of 513 is set. I'm sure this is something dumb on my comprehension part, but I just don't see it. Perhaps someone can enlighten me. Details: - FC5, Samba 3.0.22 LDAP, 2.3.19 smbldap-tools, 0.9.2 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Conflicting Signal 6 and 11 messages..
Hello All, I'm trying to figure out where the problem is, but I'm not having much luck as I seem to get conflicting information from the various logs on my FreeBSD 6.1 system. I'm getting this in the /var/log/samba/log.smbd: [2006/06/05 12:31:43, 0] smbd/oplock.c:release_level_2_oplocks_on_change(771) release_level_2_oplocks_on_change: failed to lock share mode entry for file data/SERVMST2.DBF. [2006/06/05 12:31:43, 0] lib/fault.c:fault_report(36) === [2006/06/05 12:31:43, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 46467 (3.0.22) Please read the Trouble-Shooting section of the Samba3-HOWTO [2006/06/05 12:31:43, 0] lib/fault.c:fault_report(39) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2006/06/05 12:31:43, 0] lib/fault.c:fault_report(40) === [2006/06/05 12:31:43, 0] lib/util.c:smb_panic2(1554) PANIC: internal error and likewise.. [2006/06/05 13:15:44, 0] smbd/oplock.c:release_level_2_oplocks_on_change(771) release_level_2_oplocks_on_change: failed to lock share mode entry for file data/address.dbf. [2006/06/05 13:15:44, 0] lib/fault.c:fault_report(36) === [2006/06/05 13:15:44, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 69817 (3.0.22) Please read the Trouble-Shooting section of the Samba3-HOWTO [2006/06/05 13:15:44, 0] lib/fault.c:fault_report(39) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2006/06/05 13:15:44, 0] lib/fault.c:fault_report(40) === [2006/06/05 13:15:44, 0] lib/util.c:smb_panic2(1554) PANIC: internal error (Notice how it says Signal 11).. well /var/log/messages says it's signal 6.. Jun 2 13:39:00 winky kernel: pid 23182 (smbd), uid 1003: exited on signal 6 Jun 2 17:09:48 winky kernel: pid 90426 (smbd), uid 1003: exited on signal 6 Jun 5 08:55:15 winky kernel: pid 58151 (smbd), uid 1003: exited on signal 6 Jun 5 11:34:31 winky kernel: pid 49267 (smbd), uid 1003: exited on signal 6 Jun 5 11:48:25 winky kernel: pid 22875 (smbd), uid 1003: exited on signal 6 Jun 5 12:31:43 winky kernel: pid 46467 (smbd), uid 1003: exited on signal 6 Jun 5 13:15:44 winky kernel: pid 69817 (smbd), uid 1003: exited on signal 6 uid 1003 is the user that 'everyone' uses to log onto the share with. FreeBSD 6.1-RELEASE #0: Thu May 18 16:38:58 EDT 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC mptable_probe: MP Config Table has bad signature: \M-C\M-h\M^S\M-X Timecounter i8254 frequency 1193182 Hz quality 0 CPU: AMD Athlon(tm) XP 1800+ (1533.99-MHz 686-class CPU) this for starters.. (not sure if it's relative or not) pkg_info | grep samba samba-3.0.22,1 A free SMB and CIFS client and server for UNIX (built from ports) [/var/db/ports/samba3]# 58 cat options # This file is auto-generated by 'make config'. # No user-servicable parts inside! # Options for samba-3.0.22,1 _OPTIONS_READ=samba-3.0.22,1 WITHOUT_LDAP=true WITHOUT_ADS=true WITHOUT_CUPS=true WITH_WINBIND=true WITHOUT_ACL_SUPPORT=true WITHOUT_AIO_SUPPORT=true WITHOUT_SYSLOG=true WITHOUT_QUOTAS=true WITH_UTMP=true WITHOUT_MSDFS=true WITHOUT_SAM_XML=true WITHOUT_SAM_MYSQL=true WITHOUT_SAM_PGSQL=true WITHOUT_SAM_OLD_LDAP=true WITHOUT_SMBSH=true WITHOUT_PAM_SMBPASS=true WITHOUT_EXP_MODULES=true WITHOUT_POPT=true samba was build w/o optimizations as suggested. --- egrep -v # /etc/make.conf SUP_UPDATE= yes SUP=/usr/local/bin/cvsup SUPFLAGS= -g -L 2 SUPHOST=cvsup14.freebsd.org SUPFILE=/root/standard-supfile PORTSSUPFILE= /usr/share/examples/cvsup/ports-supfile KERNCONF=GENERIC WITH_PERL=NO ENABLE_SUIDPERL=YES WITHOUT_X11=YES PERL_VER=5.8.7 PERL_VERSION=5.8.7 WITHOUT_CUPS=yes - Can someone suggest something that I could use to determine what is going on? I've already ran memtest86 and ended up switching the memory.. and I've ordered ecc ram from crucial (it's on it's way.. ) The memory in the box is 'new' and I have no problem building things on this server. the only other strange thing about it is that it has a 3ware raid card and cage. twe0: 3ware Storage Controller. Driver version 1.50.01.002 port 0xd000-0xd00f mem 0xeb00-0xeb7f irq 10 at device 8.0 on pci0 twe0: [GIANT-LOCKED] twe0: 4 ports, Firmware FE8S 1.05.00.068, BIOS BE7X 1.08.00.048 smb.conf is quite simple.. [global] workgroup = ROOTER netbios name = SERVER server string = [Samba %v] interfaces = 192.168.1.164/255.255.255.0, 127.0.0.1 bind interfaces only = Yes announce version = 6.0 name resolve order = bcast wins host lmhosts time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 max log size = 2 log level = 2 logon
RE: [Samba] [PATCH] Pet peave then-than
It's spelled peeve, not peave. Sorry, couldn't resist. :-) -Jonathan Johnson Sutinen Consulting, Inc. www.sutinen.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Wood Sent: Monday, June 05, 2006 9:40 AM To: samba@lists.samba.org Subject: [Samba] [PATCH] Pet peave then-than -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SOLUTION: Slow file transfers from Samba server
Here was the solution to my slow file-transfer problem from Scott. I coincidentally did have a HP Procurve 4000m (what are the chances), ended up swapping out the switch and presto. I can't believe I didn't try it before. Thanks again Scott. Here are some links I researched previous to this though that may help you. https://www.redhat.com/archives/fedora-list/2004-August/msg03799.html http://www.dd.iij4u.or.jp/~okuyamak/Documents/tuning.english.html Also if you google slow samba there are a plethora of discussions on it: http://www.google.com/search?hl=enq=slow+sambabtnG=Google+Search Good luck. Bret I had a similar problem in the past and the problem was I locked the NIC and I think the switch (HP Procurve 4000M I think) at 100Mb/full. Seemed like a good idea at the time. Changing the ifconfig to auto-config and the hub as well resolved the issue. This is a known documented issue with the link negotiation architecture from what I remember. There was a HP whitepaper on it. Scott... Scott Burns NETCON Technologies Inc. Voice: +1.519.652.0401 Fax: +1.519.652.9275 E-Mail: [EMAIL PROTECTED] Web: www.netcontech.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum samba file transfer speed on gigabit...
a single one of these SAS drives is supposed to sustain 90+ MB/s, and I have four of them raided together. You should be able to do a crude test by creating a large file (dd if=/dev/random of=test.dat bs=1048576 count=100 will create a 100MB test file) and then timing how long it takes to read the file back (time dd if=test.dat of=/dev/null) That'll tell you if your hard drives are configured properly and reading at full speed. Use a larger file for a more accurate test. The NICs are testing out at nearly 1Gb/s. Is there REALLY that much overhead for Samba? I wouldn't think there'd be a huge overhead, but in my own experience it's certainly noticeable (as compared to say FTP.) Don't forget that if the PC on the other end isn't capable of receiving the data at full speed, then it doesn't matter how fast the server is. You can test this by sharing the test file you created above, making it suitably large to give you time to properly test, and then copy it onto one of the other PCs via Samba. This should theoretically max out the network connection, but if your other PC sits at close to 100% CPU usage, then the bottleneck is out there, not on the server. If you map a network drive and do it from a command prompt, you should be able to do something like copy test.dat nul which under DOS at least would read in the file but not write it to disk (note only one L in 'nul') Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Conflicting Signal 6 and 11 messages..
On Mon, Jun 05, 2006 at 01:51:22PM -0400, B. Cook wrote: Hello All, I'm trying to figure out where the problem is, but I'm not having much luck as I seem to get conflicting information from the various logs on my FreeBSD 6.1 system. I'm getting this in the /var/log/samba/log.smbd: [2006/06/05 12:31:43, 0] smbd/oplock.c:release_level_2_oplocks_on_change(771) release_level_2_oplocks_on_change: failed to lock share mode entry for file data/SERVMST2.DBF. [2006/06/05 12:31:43, 0] lib/fault.c:fault_report(36) === [2006/06/05 12:31:43, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 46467 (3.0.22) Please read the Trouble-Shooting section of the Samba3-HOWTO [2006/06/05 12:31:43, 0] lib/fault.c:fault_report(39) Can you reproduce this at will ? If so, can you try a couple of things. Firstly, try 3.0.23RC1 to see if it's already fixed. Secondly - add the option : panic action = /bin/sleep to the [global] section of your smb.conf and then catch the crashed process (waiting for the sleep to finish) with gdb and get a full backtrace (type bt). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can anyone help?
try use guest account = nobody on your share guest ok = YES guest only = YES anyone who has access to this share and create a folder/document, the ownership on the new file/folder defaults to nobody:nobody provided nobody has the right permission on the share folder. On 6/1/06, Rachel Brien [EMAIL PROTECTED] wrote: Quick question pleaseA user logs into windowsXP and tries to create a folder/document and the ownership on the new file/folder defaults to nobody:nobody. I have the user set up in samba on the IRIX machine. All other users have no problem. Anyone have any suggestions? Thanks Rachel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r16044 - in branches/SAMBA_4_0/source/torture: . rpc
Author: vlendec Date: 2006-06-05 10:00:41 + (Mon, 05 Jun 2006) New Revision: 16044 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16044 Log: Create a samba3 specific file in torture/rpc. The tests in there survive against W2k3, but they are designed to walk existing Samba3 code paths. It might be possible that I add something like that to other subdirs like raw/. RPC-BINDSAMBA3 excercises the bind variants that samba3 supports right now. RPC-NETLOGSAMBA3 does a samba3 style join, does some schannel-protected netlogon operations and leaves again. Samba3 right now does not survive this, I'm about to fix it soon. I'll also post a *VERY* dirty hack (fake users in sys_getpwnam()) to be able to run this in the build farm. Volker Added: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c Modified: branches/SAMBA_4_0/source/torture/config.mk branches/SAMBA_4_0/source/torture/rpc/bind.c branches/SAMBA_4_0/source/torture/rpc/rpc.c Changeset: Sorry, the patch is too large (1160 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16044
svn commit: samba r16045 - in branches/SAMBA_4_0/source/torture/rpc: .
Author: vlendec
Date: 2006-06-05 12:00:28 + (Mon, 05 Jun 2006)
New Revision: 16045
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16045
Log:
RPC-SAMBA3SESSIONKEY tests the different variants of joins (anon/auth smb,
anon/auth bind).
Jeremy, this is the little test I promised to you that shows the places where
we need the SystemLibraryDTC key.
Volker
Modified:
branches/SAMBA_4_0/source/torture/rpc/rpc.c
branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/rpc.c
===
--- branches/SAMBA_4_0/source/torture/rpc/rpc.c 2006-06-05 10:00:41 UTC (rev
16044)
+++ branches/SAMBA_4_0/source/torture/rpc/rpc.c 2006-06-05 12:00:28 UTC (rev
16045)
@@ -125,6 +125,7 @@
register_torture_op(RPC-AUTHCONTEXT, torture_bind_authcontext, 0);
register_torture_op(RPC-BINDSAMBA3, torture_bind_samba3, 0);
register_torture_op(RPC-NETLOGSAMBA3, torture_netlogon_samba3, 0);
+ register_torture_op(RPC-SAMBA3SESSIONKEY, torture_samba3_sessionkey,
0);
register_torture_op(RPC-DRSUAPI, torture_rpc_drsuapi, 0);
register_torture_op(RPC-CRACKNAMES, torture_rpc_drsuapi_cracknames,
0);
register_torture_op(RPC-ROT, torture_rpc_rot, 0);
Modified: branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c
===
--- branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2006-06-05 10:00:41 UTC
(rev 16044)
+++ branches/SAMBA_4_0/source/torture/rpc/samba3rpc.c 2006-06-05 12:00:28 UTC
(rev 16045)
@@ -307,6 +307,8 @@
static NTSTATUS get_usr_handle(struct smbcli_state *cli,
TALLOC_CTX *mem_ctx,
struct cli_credentials *admin_creds,
+ uint8_t auth_type,
+ uint8_t auth_level,
const char *wks_name,
char **domain,
struct dcerpc_pipe **result_pipe,
@@ -343,12 +345,23 @@
goto fail;
}
- status = dcerpc_bind_auth(samr_pipe, dcerpc_table_samr,
- admin_creds, DCERPC_AUTH_TYPE_NTLMSSP,
- DCERPC_AUTH_LEVEL_INTEGRITY, NULL);
- if (!NT_STATUS_IS_OK(status)) {
- d_printf(dcerpc_bind_auth failed: %s\n, nt_errstr(status));
- goto fail;
+ if (admin_creds != NULL) {
+ status = dcerpc_bind_auth(samr_pipe, dcerpc_table_samr,
+ admin_creds, auth_type, auth_level,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(dcerpc_bind_auth failed: %s\n,
+nt_errstr(status));
+ goto fail;
+ }
+ } else {
+ /* We must have an authenticated SMB connection */
+ status = dcerpc_bind_auth_none(samr_pipe, dcerpc_table_samr);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(dcerpc_bind_auth_none failed: %s\n,
+nt_errstr(status));
+ goto fail;
+ }
}
conn.in.system_name = talloc_asprintf(
@@ -479,6 +492,8 @@
}
status = get_usr_handle(cli, mem_ctx, admin_creds,
+ DCERPC_AUTH_TYPE_NTLMSSP,
+ DCERPC_AUTH_LEVEL_PRIVACY,
cli_credentials_get_workstation(wks_creds),
dom_name, samr_pipe, wks_handle);
@@ -577,8 +592,6 @@
goto done;
}
- d_printf(Got the netlogon pipe\n);
-
status = dcerpc_bind_auth_none(net_pipe, dcerpc_table_netlogon);
if (!NT_STATUS_IS_OK(status)) {
d_printf(dcerpc_bind_auth_none failed: %s\n,
@@ -858,12 +871,14 @@
struct policy_handle *wks_handle;
BOOL ret = False;
- if ((mem_ctx = talloc_init(join3)) == NULL) {
+ if ((mem_ctx = talloc_init(leave)) == NULL) {
d_printf(talloc_init failed\n);
return False;
}
status = get_usr_handle(cli, mem_ctx, admin_creds,
+ DCERPC_AUTH_TYPE_NTLMSSP,
+ DCERPC_AUTH_LEVEL_INTEGRITY,
cli_credentials_get_workstation(wks_creds),
dom_name, samr_pipe, wks_handle);
@@ -947,7 +962,7 @@
cli_credentials_set_secure_channel_type(wks_creds, SEC_CHAN_WKSTA);
cli_credentials_set_username(wks_creds, wks_name, CRED_SPECIFIED);
cli_credentials_set_workstation(wks_creds, wks_name, CRED_SPECIFIED);
- cli_credentials_set_password(wks_creds, blub, CRED_SPECIFIED);
+
svn commit: samba r16046 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: vlendec
Date: 2006-06-05 13:00:24 + (Mon, 05 Jun 2006)
New Revision: 16046
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16046
Log:
Hmmm. I don't fully understand popt, but this is necessary for smbclient to
show a prompt again :-)
James, could you check that this is ok? I think this was part of your Revision
15848.
Thanks,
Volker
Modified:
branches/SAMBA_3_0/source/lib/popt_common.c
trunk/source/lib/popt_common.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/popt_common.c
===
--- branches/SAMBA_3_0/source/lib/popt_common.c 2006-06-05 12:00:28 UTC (rev
16045)
+++ branches/SAMBA_3_0/source/lib/popt_common.c 2006-06-05 13:00:24 UTC (rev
16046)
@@ -56,7 +56,6 @@
pstr_sprintf(logfile, %s/log.%s, arg, pname);
lp_set_logfile(logfile);
- override_logfile = True;
}
static void popt_common_callback(poptContext con,
@@ -104,6 +103,7 @@
case 'l':
if (arg) {
set_logfile(con, arg);
+ override_logfile = True;
pstr_sprintf(dyn_LOGFILEBASE, %s, arg);
}
break;
Modified: trunk/source/lib/popt_common.c
===
--- trunk/source/lib/popt_common.c 2006-06-05 12:00:28 UTC (rev 16045)
+++ trunk/source/lib/popt_common.c 2006-06-05 13:00:24 UTC (rev 16046)
@@ -56,7 +56,6 @@
pstr_sprintf(logfile, %s/log.%s, arg, pname);
lp_set_logfile(logfile);
- override_logfile = True;
}
static void popt_common_callback(poptContext con,
@@ -104,6 +103,7 @@
case 'l':
if (arg) {
set_logfile(con, arg);
+ override_logfile = True;
pstr_sprintf(dyn_LOGFILEBASE, %s, arg);
}
break;
svn commit: samba r16047 - branches/SAMBA_3_0/source/lib trunk/source/lib
Author: jmcd
Date: 2006-06-05 16:59:10 + (Mon, 05 Jun 2006)
New Revision: 16047
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16047
Log:
Remove unnecessary line, as this value is set in either branch of the
'if' below. Spotted by Aleksey Fedoseev.
Modified:
branches/SAMBA_3_0/source/lib/time.c
trunk/source/lib/time.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/time.c
===
--- branches/SAMBA_3_0/source/lib/time.c2006-06-05 13:00:24 UTC (rev
16046)
+++ branches/SAMBA_3_0/source/lib/time.c2006-06-05 16:59:10 UTC (rev
16047)
@@ -153,7 +153,6 @@
GetTimeOfDay(time_now_hires);
ret_time-tv_sec = time_now_hires.tv_sec - start_time_hires.tv_sec;
- ret_time-tv_usec = time_now_hires.tv_usec - start_time_hires.tv_usec;
if (time_now_hires.tv_usec start_time_hires.tv_usec) {
ret_time-tv_sec -= 1;
ret_time-tv_usec = 100 + (time_now_hires.tv_usec -
start_time_hires.tv_usec);
Modified: trunk/source/lib/time.c
===
--- trunk/source/lib/time.c 2006-06-05 13:00:24 UTC (rev 16046)
+++ trunk/source/lib/time.c 2006-06-05 16:59:10 UTC (rev 16047)
@@ -153,7 +153,6 @@
GetTimeOfDay(time_now_hires);
ret_time-tv_sec = time_now_hires.tv_sec - start_time_hires.tv_sec;
- ret_time-tv_usec = time_now_hires.tv_usec - start_time_hires.tv_usec;
if (time_now_hires.tv_usec start_time_hires.tv_usec) {
ret_time-tv_sec -= 1;
ret_time-tv_usec = 100 + (time_now_hires.tv_usec -
start_time_hires.tv_usec);
svn commit: samba r16048 - in trunk/source/rpc_server: .
Author: vlendec
Date: 2006-06-05 20:09:24 + (Mon, 05 Jun 2006)
New Revision: 16048
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16048
Log:
We had no way to return NT_STATUS_OK from the netlogon serverpwset, although
we successfully set the machine password...
One thing the samba3 join test found.
Volker
Modified:
trunk/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: trunk/source/rpc_server/srv_netlog_nt.c
===
--- trunk/source/rpc_server/srv_netlog_nt.c 2006-06-05 16:59:10 UTC (rev
16047)
+++ trunk/source/rpc_server/srv_netlog_nt.c 2006-06-05 20:09:24 UTC (rev
16048)
@@ -510,7 +510,6 @@
NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET
*r_u)
{
- NTSTATUS status = NT_STATUS_ACCESS_DENIED;
fstring remote_machine;
struct samu *sampass=NULL;
BOOL ret = False;
@@ -632,7 +631,7 @@
}
/* set up the LSA Server Password Set response */
- init_net_r_srv_pwset(r_u, cred_out, status);
+ init_net_r_srv_pwset(r_u, cred_out, r_u-status);
TALLOC_FREE(sampass);
return r_u-status;
svn commit: samba r16049 - in trunk/source: . passdb
Author: vlendec
Date: 2006-06-05 20:19:22 + (Mon, 05 Jun 2006)
New Revision: 16049
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16049
Log:
Get real NTSTATUS out of smbpasswd_add_sam_account
Modified:
trunk/source/Makefile.in
trunk/source/passdb/pdb_smbpasswd.c
Changeset:
Modified: trunk/source/Makefile.in
===
--- trunk/source/Makefile.in2006-06-05 20:09:24 UTC (rev 16048)
+++ trunk/source/Makefile.in2006-06-05 20:19:22 UTC (rev 16049)
@@ -509,7 +509,7 @@
PDBEDIT_OBJ = utils/pdbedit.o utils/passwd_util.o $(PARAM_OBJ) $(PASSDB_OBJ) \
$(LIBSAMBA_OBJ) $(LIB_NONSMBD_OBJ) $(GROUPDB_OBJ) \
$(SECRETS_OBJ) $(POPT_LIB_OBJ) $(SMBLDAP_OBJ) libsmb/asn1.o \
- $(RPC_PARSE_OBJ1) $(DOSERR_OBJ)
+ $(RPC_PARSE_OBJ1) $(DOSERR_OBJ) libsmb/errormap.o
SMBGET_OBJ = utils/smbget.o $(POPT_LIB_OBJ) $(LIBSMBCLIENT_OBJ)
@@ -781,7 +781,8 @@
libsmb/asn1.o libsmb/spnego.o libsmb/clikrb5.o
libads/kerberos.o \
libads/kerberos_verify.o $(SECRETS_OBJ) $(SERVER_MUTEX_OBJ) \
libads/authdata.o $(RPC_PARSE_OBJ1) $(PASSDB_OBJ)
$(GROUPDB_OBJ) \
- $(SMBLDAP_OBJ) $(DOSERR_OBJ) rpc_parse/parse_net.o $(LIBNMB_OBJ)
+ $(SMBLDAP_OBJ) $(DOSERR_OBJ) rpc_parse/parse_net.o
$(LIBNMB_OBJ) \
+ libsmb/errormap.o
##
# now the rules...
Modified: trunk/source/passdb/pdb_smbpasswd.c
===
--- trunk/source/passdb/pdb_smbpasswd.c 2006-06-05 20:09:24 UTC (rev 16048)
+++ trunk/source/passdb/pdb_smbpasswd.c 2006-06-05 20:19:22 UTC (rev 16049)
@@ -584,7 +584,8 @@
Routine to add an entry to the smbpasswd file.
*/
-static BOOL add_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state,
struct smb_passwd *newpwd)
+static NTSTATUS add_smbfilepwd_entry(struct smbpasswd_privates
*smbpasswd_state,
+struct smb_passwd *newpwd)
{
const char *pfile = smbpasswd_state-smbpasswd_file;
struct smb_passwd *pwd = NULL;
@@ -605,7 +606,7 @@
if (fp == NULL) {
DEBUG(0, (add_smbfilepwd_entry: unable to open file.\n));
- return False;
+ return map_nt_error_from_unix(errno);
}
/*
@@ -616,7 +617,7 @@
if (strequal(newpwd-smb_name, pwd-smb_name)) {
DEBUG(0, (add_smbfilepwd_entry: entry with name %s
already exists\n, pwd-smb_name));
endsmbfilepwent(fp,
smbpasswd_state-pw_file_lock_depth);
- return False;
+ return NT_STATUS_USER_EXISTS;
}
}
@@ -630,17 +631,18 @@
fd = fileno(fp);
if((offpos = sys_lseek(fd, 0, SEEK_END)) == -1) {
+ NTSTATUS result = map_nt_error_from_unix(errno);
DEBUG(0, (add_smbfilepwd_entry(sys_lseek): Failed to add entry
for user %s to file %s. \
Error was %s\n, newpwd-smb_name, pfile, strerror(errno)));
endsmbfilepwent(fp, smbpasswd_state-pw_file_lock_depth);
- return False;
+ return result;
}
if((new_entry = format_new_smbpasswd_entry(newpwd)) == NULL) {
DEBUG(0, (add_smbfilepwd_entry(malloc): Failed to add entry
for user %s to file %s. \
Error was %s\n, newpwd-smb_name, pfile, strerror(errno)));
endsmbfilepwent(fp, smbpasswd_state-pw_file_lock_depth);
- return False;
+ return NT_STATUS_NO_MEMORY;
}
new_entry_length = strlen(new_entry);
@@ -651,6 +653,7 @@
#endif
if ((wr_len = write(fd, new_entry, new_entry_length)) !=
new_entry_length) {
+ NTSTATUS result = map_nt_error_from_unix(errno);
DEBUG(0, (add_smbfilepwd_entry(write): %d Failed to add entry
for user %s to file %s. \
Error was %s\n, wr_len, newpwd-smb_name, pfile, strerror(errno)));
@@ -663,12 +666,12 @@
endsmbfilepwent(fp, smbpasswd_state-pw_file_lock_depth);
free(new_entry);
- return False;
+ return result;
}
free(new_entry);
endsmbfilepwent(fp, smbpasswd_state-pw_file_lock_depth);
- return True;
+ return NT_STATUS_OK;
}
/
@@ -1423,11 +1426,7 @@
}
/* add the entry */
- if(!add_smbfilepwd_entry(smbpasswd_state, smb_pw)) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- return NT_STATUS_OK;
+ return add_smbfilepwd_entry(smbpasswd_state, smb_pw);
}
static NTSTATUS smbpasswd_update_sam_account(struct pdb_methods
svn commit: samba r16050 - in trunk/source/rpc_server: .
Author: vlendec
Date: 2006-06-05 20:38:21 + (Mon, 05 Jun 2006)
New Revision: 16050
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16050
Log:
Set the session key SystemLibraryDTC on ntlmssp binds. We only do INTEGRITY
and PRIVACY, so no other cases to take care of so far...
Andrew B., if you have time, could you take a look? This makes us survive the
RPC-SAMBA3SESSIONKEY test.
Volker
Modified:
trunk/source/rpc_server/srv_pipe.c
Changeset:
Modified: trunk/source/rpc_server/srv_pipe.c
===
--- trunk/source/rpc_server/srv_pipe.c 2006-06-05 20:19:22 UTC (rev 16049)
+++ trunk/source/rpc_server/srv_pipe.c 2006-06-05 20:38:21 UTC (rev 16050)
@@ -46,6 +46,11 @@
auth-a_u.auth_ntlmssp_state = NULL;
}
+static DATA_BLOB generic_session_key(void)
+{
+ return data_blob(SystemLibraryDTC, 16);
+}
+
/***
Generate the next PDU to be returned from the data in p-rdata.
Handle NTLMSSP.
@@ -657,11 +662,13 @@
p-pipe_user.ut.gid = a-server_info-gid;
/*
-* Copy the session key from the ntlmssp state.
+* We're an authenticated bind over smbd, so the session key needs to
+* be set to SystemLibraryDTC. Weird, but this is what Windows
+* does. See the RPC-SAMBA3SESSIONKEY.
*/
data_blob_free(p-session_key);
- p-session_key = data_blob(a-ntlmssp_state-session_key.data,
a-ntlmssp_state-session_key.length);
+ p-session_key = generic_session_key();
if (!p-session_key.data) {
return False;
}
@@ -1340,8 +1347,21 @@
* JRA. Should we also copy the schannel session key into the pipe
session key p-session_key
* here ? We do that for NTLMSSP, but the session key is already set up
from the vuser
* struct of the person who opened the pipe. I need to test this
further. JRA.
+*
+* VL. As we are mapping this to guest set the generic key
+* SystemLibraryDTC key here. It's a bit difficult to test against
+* W2k3, as it does not allow schannel binds against SAMR and LSA
+* anymore.
*/
+ data_blob_free(p-session_key);
+ p-session_key = generic_session_key();
+ if (p-session_key.data == NULL) {
+ DEBUG(0, (pipe_schannel_auth_bind: Could not alloc session
+ key\n));
+ return False;
+ }
+
init_rpc_hdr_auth(auth_info, RPC_SCHANNEL_AUTH_TYPE,
pauth_info-auth_level, RPC_HDR_AUTH_LEN, 1);
if(!smb_io_rpc_hdr_auth(, auth_info, pout_auth, 0)) {
DEBUG(0,(pipe_schannel_auth_bind: marshalling of RPC_HDR_AUTH
failed.\n));
@@ -1625,6 +1645,8 @@
/* We must set the pipe auth_level here also. */
p-auth.auth_level = PIPE_AUTH_LEVEL_NONE;
p-pipe_bound = True;
+ /* The session key was initialized from the SMB
+* session in make_internal_rpc_pipe_p */
break;
default:
svn commit: samba r16051 - in branches/SAMBA_4_0/source: . lib/util ntvfs/posix utils
Author: abartlet
Date: 2006-06-05 21:48:29 + (Mon, 05 Jun 2006)
New Revision: 16051
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16051
Log:
Move the XATTR compatability code into a new file, so I can use it for
the getntacl utility.
Andrew Bartlett
Added:
branches/SAMBA_4_0/source/lib/util/wrap_xattr.c
branches/SAMBA_4_0/source/lib/util/wrap_xattr.h
Modified:
branches/SAMBA_4_0/source/configure.ac
branches/SAMBA_4_0/source/lib/util/config.mk
branches/SAMBA_4_0/source/ntvfs/posix/config.m4
branches/SAMBA_4_0/source/ntvfs/posix/config.mk
branches/SAMBA_4_0/source/ntvfs/posix/xattr_system.c
branches/SAMBA_4_0/source/utils/config.mk
branches/SAMBA_4_0/source/utils/getntacl.c
Changeset:
Modified: branches/SAMBA_4_0/source/configure.ac
===
--- branches/SAMBA_4_0/source/configure.ac 2006-06-05 20:38:21 UTC (rev
16050)
+++ branches/SAMBA_4_0/source/configure.ac 2006-06-05 21:48:29 UTC (rev
16051)
@@ -22,6 +22,7 @@
sinclude(lib/util/signal.m4)
sinclude(lib/util/util.m4)
sinclude(lib/util/fsusage.m4)
+sinclude(lib/util/xattr.m4)
sinclude(lib/util/capability.m4)
sinclude(lib/util/time.m4)
sinclude(lib/popt/config.m4)
Modified: branches/SAMBA_4_0/source/lib/util/config.mk
===
--- branches/SAMBA_4_0/source/lib/util/config.mk2006-06-05 20:38:21 UTC
(rev 16050)
+++ branches/SAMBA_4_0/source/lib/util/config.mk2006-06-05 21:48:29 UTC
(rev 16051)
@@ -39,3 +39,14 @@
[SUBSYSTEM::UNIX_PRIVS]
PRIVATE_PROTO_HEADER = unix_privs.h
OBJ_FILES = unix_privs.o
+
+
+# Start SUBSYSTEM WRAP_XATTR
+[SUBSYSTEM::WRAP_XATTR]
+PUBLIC_PROTO_HEADER = wrap_xattr.h
+OBJ_FILES = \
+ wrap_xattr.o
+PUBLIC_DEPENDENCIES = XATTR
+#
+# End SUBSYSTEM WRAP_XATTR
+
Added: branches/SAMBA_4_0/source/lib/util/wrap_xattr.c
===
--- branches/SAMBA_4_0/source/lib/util/wrap_xattr.c 2006-06-05 20:38:21 UTC
(rev 16050)
+++ branches/SAMBA_4_0/source/lib/util/wrap_xattr.c 2006-06-05 21:48:29 UTC
(rev 16051)
@@ -0,0 +1,121 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ POSIX NTVFS backend - xattr support using filesystem xattrs
+
+ Copyright (C) Andrew Tridgell 2004
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include includes.h
+#include system/filesys.h
+#include wrap_xattr.h
+
+#if defined(HAVE_XATTR_SUPPORT) defined(XATTR_ADDITIONAL_OPTIONS)
+static ssize_t _wrap_darwin_fgetxattr(int fd, const char *name, void *value,
size_t size)
+{
+ return fgetxattr(fd, name, value, size, 0, 0);
+}
+static ssize_t _wrap_darwin_getxattr(const char *path, const char *name, void
*value, size_t size)
+{
+ return getxattr(path, name, value, size, 0, 0);
+}
+static int _wrap_darwin_fsetxattr(int fd, const char *name, void *value,
size_t size, int flags)
+{
+ return fsetxattr(fd, name, value, size, 0, flags);
+}
+static int _wrap_darwin_setxattr(const char *path, const char *name, void
*value, size_t size, int flags)
+{
+ return setxattr(path, name, value, size, 0, flags);
+}
+static int _wrap_darwin_fremovexattr(int fd, const char *name)
+{
+ return fremovexattr(fd, name, 0);
+}
+static int _wrap_darwin_removexattr(const char *path, const char *name)
+{
+ return removexattr(path, name, 0);
+}
+#define fgetxattr _wrap_darwin_fgetxattr
+#define getxattr _wrap_darwin_getxattr
+#define fsetxattr _wrap_darwin_fsetxattr
+#define setxattr _wrap_darwin_setxattr
+#define fremovexattr _wrap_darwin_fremovexattr
+#define removexattr_wrap_darwin_removexattr
+#elif !defined(HAVE_XATTR_SUPPORT)
+static ssize_t _none_fgetxattr(int fd, const char *name, void *value, size_t
size)
+{
+ errno = ENOSYS;
+ return -1;
+}
+static ssize_t _none_getxattr(const char *path, const char *name, void *value,
size_t size)
+{
+ errno = ENOSYS;
+ return -1;
+}
+static int _none_fsetxattr(int fd, const char *name, void *value, size_t size,
int flags)
+{
+ errno = ENOSYS;
+ return -1;
+}
+static int _none_setxattr(const char *path,
svn commit: samba r16052 - in branches/SAMBA_4_0/source/lib/util: .
Author: abartlet
Date: 2006-06-05 21:51:10 + (Mon, 05 Jun 2006)
New Revision: 16052
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16052
Log:
Add .m4 file for XATTR detection (from ntvfs/posix/config.m4)
Andrew Bartlett
Added:
branches/SAMBA_4_0/source/lib/util/xattr.m4
Changeset:
Added: branches/SAMBA_4_0/source/lib/util/xattr.m4
===
--- branches/SAMBA_4_0/source/lib/util/xattr.m4 2006-06-05 21:48:29 UTC (rev
16051)
+++ branches/SAMBA_4_0/source/lib/util/xattr.m4 2006-06-05 21:51:10 UTC (rev
16052)
@@ -0,0 +1,32 @@
+dnl
+dnl use flistxattr as the key function for having
+dnl sufficient xattr support for posix xattr backend
+AC_CHECK_HEADERS(sys/attributes.h attr/xattr.h sys/xattr.h)
+AC_SEARCH_LIBS_EXT(flistxattr, [attr], XATTR_LIBS)
+AC_CHECK_FUNC_EXT(flistxattr, $XATTR_LIBS)
+SMB_EXT_LIB(XATTR,[${XATTR_LIBS}],[${XATTR_CFLAGS}],[${XATTR_CPPFLAGS}],[${XATTR_LDFLAGS}])
+if test x$ac_cv_func_ext_flistxattr = xyes; then
+ AC_CACHE_CHECK([whether xattr interface takes additional options],
smb_attr_cv_xattr_add_opt,
+ [old_LIBS=$LIBS
+LIBS=$LIBS $XATTRLIBS
+AC_TRY_COMPILE([
+ #include sys/types.h
+ #if HAVE_ATTR_XATTR_H
+ #include attr/xattr.h
+ #elif HAVE_SYS_XATTR_H
+ #include sys/xattr.h
+ #endif
+ #ifndef NULL
+ #define NULL ((void *)0)
+ #endif
+ ],[
+ getxattr(NULL, NULL, NULL, 0, 0, 0);
+ ],smb_attr_cv_xattr_add_opt=yes,smb_attr_cv_xattr_add_opt=no)
+ LIBS=$old_LIBS])
+ if test x$smb_attr_cv_xattr_add_opt = xyes; then
+ AC_DEFINE(XATTR_ADDITIONAL_OPTIONS, 1, [xattr functions have
additional options])
+ fi
+ AC_DEFINE(HAVE_XATTR_SUPPORT,1,[Whether we have xattr support])
+ SMB_ENABLE(XATTR,YES)
+fi
+
svn commit: samba r16053 - in branches/SAMBA_4_0/source/lib/ldb/modules: .
Author: abartlet
Date: 2006-06-05 23:22:22 + (Mon, 05 Jun 2006)
New Revision: 16053
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16053
Log:
Allow entries without an objectClass. We need this to permit the
cn=rootDSE entry.
(it was also crashing, as 'ac' wasn't initialised at this point)
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/lib/ldb/modules/objectclass.c
Changeset:
Modified: branches/SAMBA_4_0/source/lib/ldb/modules/objectclass.c
===
--- branches/SAMBA_4_0/source/lib/ldb/modules/objectclass.c 2006-06-05
21:51:10 UTC (rev 16052)
+++ branches/SAMBA_4_0/source/lib/ldb/modules/objectclass.c 2006-06-05
23:22:22 UTC (rev 16053)
@@ -96,12 +96,10 @@
objectClassAttr = ldb_msg_find_element(req-op.add.message,
objectClass);
- /* If no part of this touches the objectClass, then we don't
-* need to make any changes. */
- /* If the only operation is the deletion of the objectClass then go on
*/
+ /* If no part of this add has an objectClass, then we don't
+* need to make any changes. cn=rootdse doesn't have an objectClass */
if (!objectClassAttr) {
- ldb_set_errstring(module-ldb, talloc_asprintf(ac, Object
class violation: no objectClass present));
- return LDB_ERR_OBJECT_CLASS_VIOLATION;
+ return ldb_next_request(module, req);
}
h = oc_init_handle(req, module);
Build status as of Tue Jun 6 00:00:02 2006
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2006-06-05 00:00:32.0 + +++ /home/build/master/cache/broken_results.txt 2006-06-06 00:00:47.0 + @@ -1,18 +1,18 @@ -Build status as of Mon Jun 5 00:00:01 2006 +Build status as of Tue Jun 6 00:00:02 2006 Build counts: Tree Total Broken Panic SOC 0 0 0 -ccache 40 6 0 -distcc 39 5 0 -lorikeet-heimdal 35 28 0 -ppp 20 0 0 -rsync39 2 0 +ccache 41 5 0 +distcc 40 5 0 +lorikeet-heimdal 34 27 0 +ppp 19 0 0 +rsync40 2 0 samba5 1 0 samba-docs 0 0 0 -samba4 44 28 4 -samba_3_042 15 0 -smb-build31 0 0 -talloc 35 17 0 -tdb 35 4 0 +samba4 45 31 3 +samba_3_043 16 0 +smb-build32 0 0 +talloc 36 18 0 +tdb 37 4 0
Re: svn commit: samba r16046 - branches/SAMBA_3_0/source/lib trunk/source/lib
On Mon, 2006-06-05 at 13:00 +, [EMAIL PROTECTED] wrote: Author: vlendec Date: 2006-06-05 13:00:24 + (Mon, 05 Jun 2006) New Revision: 16046 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16046 Log: Hmmm. I don't fully understand popt, but this is necessary for smbclient to show a prompt again :-) James, could you check that this is ok? I think this was part of your Revision 15848. Ok, I think I see what happened. When I moved the setting of override_logfile into set_logfile(), I didn't notice that set_logfile is always called as a popt pre-op. This means that override_logfile was, if fact, always true. Now, in smbclient, if override_logfile was true, this makes it call setup_logging(), telling it to enter non-interactive mode. This closes the global XFILE * dbf and forces it to NULL. Just prior to this, however, we have forced dbf to x_stderr. It turns out that dbf is being used in the readline replacement. If you run smbclient on a system that used the readline replacement, the smbclient prompt actually goes to stderr, whereas other output goes to stdout!! So, without readline, we are now emitting prompts to stderr, which we have just closed, so no prompts for you! I think the fix here is ok, but it would be good to have a cleanup of this because it seems very fragile :) -- James Peach | [EMAIL PROTECTED]
svn commit: samba r16054 - in branches/SAMBA_3_0/source/rpc_server: .
Author: jra
Date: 2006-06-06 00:34:26 + (Tue, 06 Jun 2006)
New Revision: 16054
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16054
Log:
Janitor for Volker ? Volker - some reason you didn't
fix this in 3.0 ?
Jeremy.
We had no way to return NT_STATUS_OK from the netlogon serverpwset,
although
we successfully set the machine password...
One thing the samba3 join test found.
Volker
Modified:
branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
===
--- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2006-06-05
23:22:22 UTC (rev 16053)
+++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c2006-06-06
00:34:26 UTC (rev 16054)
@@ -510,7 +510,6 @@
NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET
*r_u)
{
- NTSTATUS status = NT_STATUS_ACCESS_DENIED;
fstring remote_machine;
struct samu *sampass=NULL;
BOOL ret = False;
@@ -632,7 +631,7 @@
}
/* set up the LSA Server Password Set response */
- init_net_r_srv_pwset(r_u, cred_out, status);
+ init_net_r_srv_pwset(r_u, cred_out, r_u-status);
TALLOC_FREE(sampass);
return r_u-status;
svn commit: samba r16055 - in trunk/source: include smbd
Author: jpeach
Date: 2006-06-06 03:19:15 + (Tue, 06 Jun 2006)
New Revision: 16055
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16055
Log:
Provide an API for modules to add their own private info to
files_struct.
This patch is a candidate for the SAMBA_3_0 branch post-3.0.23.
Modified:
trunk/source/include/smb.h
trunk/source/include/vfs.h
trunk/source/smbd/vfs.c
Changeset:
Modified: trunk/source/include/smb.h
===
--- trunk/source/include/smb.h 2006-06-06 00:34:26 UTC (rev 16054)
+++ trunk/source/include/smb.h 2006-06-06 03:19:15 UTC (rev 16055)
@@ -408,6 +408,14 @@
struct idle_event;
struct share_mode_entry;
+struct vfs_fsp_data {
+struct vfs_fsp_data *next;
+struct vfs_handle_struct *owner;
+/* NOTE: This structure contains two pointers so that we can guarantee
+ * that the end of the structure is always both 4-byte and 8-byte aligned.
+ */
+};
+
typedef struct files_struct {
struct files_struct *next, *prev;
int fnum;
@@ -446,6 +454,8 @@
BOOL aio_write_behind;
BOOL lockdb_clean;
char *fsp_name;
+
+ struct vfs_fsp_data *vfs_extension;
FAKE_FILE_HANDLE *fake_file_handle;
} files_struct;
Modified: trunk/source/include/vfs.h
===
--- trunk/source/include/vfs.h 2006-06-06 00:34:26 UTC (rev 16054)
+++ trunk/source/include/vfs.h 2006-06-06 03:19:15 UTC (rev 16055)
@@ -531,7 +531,15 @@
/* NB flags can come from FILE_SYSTEM_DEVICE_INFO call */
} vfs_statvfs_struct;
+#define VFS_ADD_FSP_EXTENSION(handle, fsp, type) \
+vfs_add_fsp_extension_notype(handle, (fsp), sizeof(type))
+#define VFS_FETCH_FSP_EXTENSION(handle, fsp) \
+vfs_fetch_fsp_extension(handle, (fsp))
+
+#define VFS_REMOVE_FSP_EXTENSION(handle, fsp) \
+vfs_remove_fsp_extension((handle), (fsp))
+
#define SMB_VFS_HANDLE_GET_DATA(handle, datap, type, ret) { \
if (!(handle)||((datap=(type *)(handle)-data)==NULL)) { \
DEBUG(0,(%s() failed to get
vfs_handle-data!\n,FUNCTION_MACRO)); \
Modified: trunk/source/smbd/vfs.c
===
--- trunk/source/smbd/vfs.c 2006-06-06 00:34:26 UTC (rev 16054)
+++ trunk/source/smbd/vfs.c 2006-06-06 03:19:15 UTC (rev 16055)
@@ -4,6 +4,7 @@
VFS initialisation and support functions
Copyright (C) Tim Potter 1999
Copyright (C) Alexander Bokovoy 2002
+ Copyright (C) James Peach 2006
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -188,6 +189,71 @@
}
/*
+ Allow VFS modules to extend files_struct with VFS-specific state.
+ This will be ok for small numbers of extensions, but might need to
+ be refactored if it becomes more widely used.
+**/
+
+#define EXT_DATA_AREA(e) ((uint8 *)(e) + sizeof(struct vfs_fsp_data))
+
+void *vfs_add_fsp_extension_notype(vfs_handle_struct *handle, files_struct
*fsp, size_t ext_size)
+{
+ struct vfs_fsp_data *ext;
+ void * ext_data;
+
+ /* Prevent VFS modules adding multiple extensions. */
+ if ((ext_data = vfs_fetch_fsp_extension(handle, fsp))) {
+ return ext_data;
+ }
+
+ ext = TALLOC_ZERO(handle-conn-mem_ctx,
+ sizeof(struct vfs_fsp_data) + ext_size);
+ if (ext == NULL) {
+ return NULL;
+ }
+
+ ext-owner = handle;
+ ext-next = fsp-vfs_extension;
+ fsp-vfs_extension = ext;
+ return EXT_DATA_AREA(ext);
+}
+
+void vfs_remove_fsp_extension(vfs_handle_struct *handle, files_struct *fsp)
+{
+ struct vfs_fsp_data *curr;
+ struct vfs_fsp_data *prev;
+
+ for (curr = fsp-vfs_extension, prev = NULL;
+curr;
+prev = curr, curr = curr-next) {
+ if (curr-owner == handle) {
+ if (prev) {
+ prev-next = curr-next;
+ } else {
+ fsp-vfs_extension = curr-next;
+ }
+ TALLOC_FREE(curr);
+ return;
+ }
+ }
+}
+
+void *vfs_fetch_fsp_extension(vfs_handle_struct *handle, files_struct *fsp)
+{
+ struct vfs_fsp_data *head;
+
+ for (head = fsp-vfs_extension; head; head = head-next) {
+ if (head-owner == handle) {
+ return EXT_DATA_AREA(head);
+ }
+ }
+
+ return NULL;
+}
+
+#undef EXT_DATA_AREA
+
+/*
Generic VFS init.
**/
svn commit: samba r16056 - in branches/SAMBA_4_0/source: auth/gensec heimdal/lib/hdb kdc
Author: abartlet
Date: 2006-06-06 04:50:14 + (Tue, 06 Jun 2006)
New Revision: 16056
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=16056
Log:
Fix errors found by trying to use our kpasswd server and the Apple client.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
branches/SAMBA_4_0/source/heimdal/lib/hdb/keytab.c
branches/SAMBA_4_0/source/kdc/hdb-ldb.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
===
--- branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2006-06-06 03:19:15 UTC
(rev 16055)
+++ branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2006-06-06 04:50:14 UTC
(rev 16056)
@@ -151,7 +151,7 @@
}
}
- peer_addr = gensec_get_my_addr(gensec_security);
+ peer_addr = gensec_get_peer_addr(gensec_security);
if (peer_addr peer_addr-sockaddr) {
ret =
krb5_sockaddr2address(gensec_krb5_state-smb_krb5_context-krb5_context,
peer_addr-sockaddr,
peer_krb5_addr);
Modified: branches/SAMBA_4_0/source/heimdal/lib/hdb/keytab.c
===
--- branches/SAMBA_4_0/source/heimdal/lib/hdb/keytab.c 2006-06-06 03:19:15 UTC
(rev 16055)
+++ branches/SAMBA_4_0/source/heimdal/lib/hdb/keytab.c 2006-06-06 04:50:14 UTC
(rev 16056)
@@ -218,7 +218,7 @@
(*db-hdb_destroy)(context, db);
return ret;
}
-ret = (*db-hdb_fetch)(context, db, principal, HDB_F_DECRYPT, ent);
+ret = (*db-hdb_fetch)(context, db, principal,
HDB_F_DECRYPT|HDB_F_GET_CLIENT|HDB_F_GET_SERVER, ent);
/* Shutdown the hdb on error */
Modified: branches/SAMBA_4_0/source/kdc/hdb-ldb.c
===
--- branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2006-06-06 03:19:15 UTC (rev
16055)
+++ branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2006-06-06 04:50:14 UTC (rev
16056)
@@ -611,13 +611,10 @@
msg, realm_ref_msg);
free(principal_string);
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER)) {
- talloc_free(mem_ctx);
return HDB_ERR_NOENTRY;
} else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_MEMORY)) {
- talloc_free(mem_ctx);
return ENOMEM;
} else if (!NT_STATUS_IS_OK(nt_status)) {
- talloc_free(mem_ctx);
return EINVAL;
}
@@ -788,7 +785,7 @@
unsigned flags,
hdb_entry_ex *entry_ex)
{
- krb5_error_code ret;
+ krb5_error_code ret = HDB_ERR_NOENTRY;
TALLOC_CTX *mem_ctx = talloc_named(db, 0, LDB_fetch context);
svn commit: lorikeet r555 - in trunk/heimdal/lib/hdb: .
Author: abartlet Date: 2006-06-06 04:52:31 + (Tue, 06 Jun 2006) New Revision: 555 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=555 Log: Merge fix for missing hdb flags from Samba4. Andrew Bartlett Modified: trunk/heimdal/lib/hdb/keytab.c Changeset: Modified: trunk/heimdal/lib/hdb/keytab.c === --- trunk/heimdal/lib/hdb/keytab.c 2006-06-02 15:15:03 UTC (rev 554) +++ trunk/heimdal/lib/hdb/keytab.c 2006-06-06 04:52:31 UTC (rev 555) @@ -218,7 +218,7 @@ (*db-hdb_destroy)(context, db); return ret; } -ret = (*db-hdb_fetch)(context, db, principal, HDB_F_DECRYPT, ent); +ret = (*db-hdb_fetch)(context, db, principal, HDB_F_DECRYPT|HDB_F_GET_CLIENT|HDB_F_GET_SERVER, ent); /* Shutdown the hdb on error */
