[Samba] Which ports for samba?
Hi, I want to tighten security on my samba server, so I set up iptables rules, which consider ports 137,138,139,445 tcp/udp. Is that enought for input traffic to pass so that clients have full funtionality with the server? Regards, Torsten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Mounting XP box - ERRnoaccess
Greetings, list. I've had this problem since last reinstall of XP. When I try to mount XP share on my linux, I get this error message: # mount -t smbfs -o username=me //aoi/backup /mnt/tmp/ Password:my pass here 24321: session setup failed: ERRDOS - ERRnoaccess (Access denied.) SMB connection failed I've checked that the shared folder in XP has full control access for me and for everyone. I also tried anynomous login: # mount -t smbfs //aoi/backup /mnt/tmp/ Password:plain enter here Anonymous login successful 24325: tree connect failed: ERRDOS - ERRnoaccess (Access denied.) SMB connection failed I also tried by removing my password. Same result as trying anonymously. The thing which gives me ticks is that I get ERRnoaccess after anonymous login successful. First I doubted this was XP problem since reinstall broke it. I checked Windows error log which said that computer browser had timeouted when I tried to mount. After looking for solution for this, I found out that this happens if I have stopped windows firewall service. After enabling the service and rebooting windows comp I tried again. The problem persisted although the error didn't appear anymore in the windows log. I've tried mounting linux's local smb shares and they work just fine. Samba 3.0.23c, Windows XP SP2. Here is testparm output (If it matters something. I only know smbmount checks this): [global] unix charset = iso8859-15 display charset = iso8859-15 workgroup = MYGROUP (Same with windows box) server string = Shiro log file = /var/log/samba.log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No dns proxy = No hosts allow = 10.0.0., 127. /var/log/samba.log.smbmount does not say anything about this. Thank you for the help (and apologies for all the relevant information I forgot to include) -Sami __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] 3.0.23c: cannot access LDAP when not root
Hi, Try this patch, it work fine on my server -- (https://bugzilla.samba.org/attachment.cgi?id=2135action=view) Should apply cleanly to 3.0.23c. It's my bug report : https://bugzilla.samba.org/show_bug.cgi?id=4097 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 19/10/2006 19:25:08 : Hi Everybody, I have set up a Samba 3.0.23c PDC with LDAP and ACLs on Suse 10.0. Things seem to work fine, but log.smbd gets filled with many smbldap_open: cannot access LDAP when not root messages whenever I move around on the mounted user share using Windows XP Explorer from a client computer. More precisely, whenever I move the cursor to a new subfolder in explorer, I get a new bunch of the above messages in log.smbd, the quantity apparently depending on the number of ACL entries for the folder. Any idea what could be wrong? Let me know if you need more information, smb.conf and extended logs. TIA, Peter Rindfuss Wissenschaftszentrum Berlin fuer Sozialforschung (Social Science Research Center Berlin, Germany) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba3.023c host can't join 2003AD on Freebsd6.1 AMD64
Hi I installed Samba 3.0.23c on the freebsd 6.1 via ports, I have configure krb5.conf and nsswitch.conf, when I execute “kinit [EMAIL PROTECTED] system response “kinit: NOTICE: ticket renewable lifetime is 10 hours” But when I execute “net ads join –U [EMAIL PROTECTED] system response “[2006/10/20 09:21:41, 0] utils/net_ads.c:ads_startup(281) ads_connect: Response too big for UDP, retry with TCP” why I got this message? My host can’t join AD 2003. Who can help me ? Best Regards, Alan Zhou This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] changing default profile folders
Hi, I am trying to make my winXP clients to access files directly on the server (to improve speed, because some profiles are up to 5Gb); I have followed the instructions at: http://isg.ee.ethz.ch/tools/realmen/det/skel.en.html to link desktop, program configuration, etc to the server. First problem was I had to set the user as administrator in order to be able to modify the registry; after this I changed everything in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders to head %LOGONSERVER%\%USERNAME%\Windows\.. and after shutting down the server I moved in the server all the Profile files to Windows directory; I restarted the session and it worked ok; all remote files accessed fast and with no problem; but when I removed administrator privileges from the user, it pointed again to the profile/local directory so no files where loaded. What do I need to do to make my changes in the winXP clients permament with no need of admin privileges? thanks a lot. -- Lluís Forns Tècnic Informàtic - Àrea de Comunicació (MEGSJC) Tlf: 93-5902700 C/e: [EMAIL PROTECTED] http://www.escoltesiguies.cat -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba domain member server
Hello, I would like someone to confirm my understanding of winbind use in a samba domain member server . First, I think (correct me if I am wrong) that winbind create dynamically association between unix id and windows sid. The domain we use is a samba, openldap domain and the samba server domain use for the moment ldap authentification and resolution. The problem is that I have declared local idmap on the samba member server. So, I think a collision between ldap id and unix id may appear unless I dismiss ldap resolution. (You confirm it?) Otherwise, is that possible to declare an idmap refering to ldap samba accounts (unix and linux) in the ldap. Thanks for help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba with multiple locations
Hello, I'm looking for a way to make global authentication with samba (both Unix Windows). The issue that I'm having with is adding machine into the domain from the remote locations. I'm using slave ldap on all remote locations and set smbldap-tools point to slave local server remote master ldap server. Sometime it's working, sometime it's not. Most of the times, I just try to add the machine a second time and it joins to the domain OK from the remote locations. Is there anyone know what is the best solution to use samba with multiple locations/branches? Please give me your advices and I'm really appreciated. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba3.023c host can't join 2003AD on Freebsd6.1 AMD64
On Fri, Oct 20, 2006 at 03:56:06PM +0800, Zhou,Alan wrote: Hi ??I installed Samba 3.0.23c on the freebsd 6.1 via ports, I have configure krb5.conf and nsswitch.conf, when I execute ???kinit [EMAIL PROTECTED] system response ???kinit: NOTICE: ticket renewable lifetime is 10 hours??? ??But when I execute ???net ads join ???U [EMAIL PROTECTED] system response ?? ???[2006/10/20 09:21:41, 0] utils/net_ads.c:ads_startup(281) ads_connect: Response too big for UDP, retry with TCP??? The kdc reply is too big to fit in one UDP packet. This happans if the authorization data in that reply is too big. This may be the case, if administrator belongs to a large number of groups (32). If that is the case, you could try to join with another userid, one that belongs to a smaller number of groups. - Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC: client has profile.pds trouble
Hello list. I just installed and configured my first Samba-3 PDC and I succeeded immediately with the join operation with a Win2k SP4 client. As I afterwards rebooted and tried to logon with the domain user, both root and regular user, I got an error messagge telling me that it was unable to create \\servername\root\profile.pds. In fact, my /home/profiles directory remains empty (no user directories are created at all). Permissions are chmod 1757... I will really appreciate help on this issue. BTW: I'm not wanting Roaming Profiles, I will try them after I can logon to the PDC with local client profiles at first. Many thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC: client has profile.pds trouble
On 20 Oct 2006, at 22:04, Boniforti Flavio wrote: Hello list. Hello I will really appreciate help on this issue. BTW: I'm not wanting Roaming Profiles, I will try them after I can logon to the PDC with local client profiles at first. Samba and windows xp has them switched on by default. IIRC you need to set a blank config directive for profiles so as not to use them: logon path = Try that to switch them off. or you could could create the profile path anyway.. Bye, Veronica -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC: client has profile.pds trouble
2006/10/20, Veronica Hill [EMAIL PROTECTED]: Samba and windows xp has them switched on by default. IIRC you need to set a blank config directive for profiles so as not to use them: logon path = Try that to switch them off. or you could could create the profile path anyway.. I didn't know that WinXP has them switched on by default, if the PDC is Samba. Nonetheless, I'm using Win2k, which doesn't behave any better. Actually I have following in my config: logon home = logon path = As you suggested to blank the logon path, I did it, removing the double-quotes. The result is still the same, no way to log on and no profile is getting created. Could you please post me your output of ls -la of one of your profile directory tree? And, could you tell me whether profile.pds is a directory or a file? I manually created /home/profiles/root and in there I created the directory profile.pds - nothing changed, even as I created an empty file named profile.pds instead of a directory. Thanks, again! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] user can't logon to specific computer: creds_server_check failed
A few computers -- two or three -- are very spotty about letting people log on. It seems -- and this could be off-base -- that they'll let anyone log on once, but will require a reboot before you can log on again. Sometimes, logging on works fine, though. There really appears to be little rhyme or reason to what happens. In the Samba logs, I'm getting: [2006/10/20 08:08:14, 0] lib/util_sock.c:get_peer_addr(1225) getpeername failed. Error was Transport endpoint is not connected [2006/10/20 08:08:14, 0] lib/util_sock.c:write_data(557) write_data: write failure in writing to client 10.8.1.182. Error Connection reset by peer [2006/10/20 08:08:14, 0] lib/util_sock.c:send_smb(765) Error writing 4 bytes to client. -1. (Connection reset by peer) [2006/10/20 08:08:14, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(424) _net_auth2: creds_server_check failed. Rejecting auth request from client LSCHROEDER-PC machine account LSCHROEDER-PC$ [2006/10/20 08:08:14, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(424) _net_auth2: creds_server_check failed. Rejecting auth request from client LSCHROEDER-PC machine account LSCHROEDER-PC$ A few days ago, I shut down Samba and removed the samba/var/locks directory, which was recommended by a post I saw somewhere in my Googling; this fixed it for a day or two, but the problem has resurfaced. We've also tried removing the machine from the domain and deleting the machine account, and then adding the machine back in, but that also doesn't work. I'm running v3.0.21c. Any ideas? Thanks! Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Roaming Profile Folders Pulled Over Read-Only
Hello, I'm using Samba 3.0.14a-3 on Debian 3.1 (Sarge). It's functioning as a domain controller for a lot of WinXP SP2 machines. As such, it serves up roaming profiles for most of our staff. I've noticed that all of the folders in the root of the profile are pulled over as read-only. The UNIX permissions for a user's profile on the server is 700, and I'm not sure why WinXP is interpreting this as read-only. Everywhere I read, as long as a user as write permission on the server, it's not read-only. I've tried maping the system, archive, and hidden bits in the configuration and changing the permissions to 600, but no luck there. The only real issue that this has been causing is problems with IE cookies. The read-only bit is keeping IE from using the Cookies folder properly, causing problems with logging in with some websites. It's mostly interfering with our company website and its functionality. Any ideas? -- Justin Churchey Network Engineer Mount de Sales Academy 851 Orange Street Macon, GA 31201 (478) 751-3240 ext. 179 jchurchey -at- mountdesales -dot- net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which ports for samba?
You'll need only 139/TCP, 445/TCP, 137/UDP and 138/UDP. The smb ports could be changed using the smb ports param in your smb.conf. I think if you set smb ports to 445 the only port needs be opened in your firewall will be the 445/TCP. On 10/19/06, Torsten Geile [EMAIL PROTECTED] wrote: Hi, I want to tighten security on my samba server, so I set up iptables rules, which consider ports 137,138,139,445 tcp/udp. Is that enought for input traffic to pass so that clients have full funtionality with the server? Regards, Torsten -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- *** Cleber P. de Souza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.14 to 3.0.23c Invalid SID
On Thu, Oct 19, 2006 at 11:51:57AM -0500, Larry McElderry wrote: Trying to upgrade from 3.0.14a to 3.0.23c. So far, things seem to be working, but the following entries appear in the smbd error log. The test machine is a domain client (server is still 3.0.14). The sids listed are exactly as they appear in the ldap tables. What makes them invalid? Anyone know. They have to agree with what 'net getlocalsid' says. You might have to do a 'net setlocalsid s-1-5-21-147175...'. Volker pgpB5McgHkQFo.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mounting XP box - ERRnoaccess
Checked this. My user has full permissions by being in the administrator group. Tried also to add the user separately and grant full permissions. Did not change the situation. (Please notice that I changed email account) -Sami --- sato x [EMAIL PROTECTED] wrote: what about the security of the folder you're trying to share? you have to set both the permission for sharing folder and the security of the folder in WinXP Pro. I've checked that the shared folder in XP has full control access for me and for everyone. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] could not read attribute 'msSFU30UidNumber'
Hi, I'm using samba 3.0.23c, and having a bit of trouble getting it to play nice with my active directory. I'm using Windows Small Business Server 2003 with the SFU 3.5 NIS server/schema extensions installed. I have samba configured to use ad as the idmap backend, and sfu for nss info. When running getent passwd, only a few active directory users show up, and I get lots of errors like this in my winbind log: [2006/10/20 15:33:49, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309) ad_idmap_get_id_from_sid: ads_pull_uint32: could not read attribute 'msSFU30UidNumber' [2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(85) error getting user id for sid S-1-5-21-1020778807-1917943211-1564386419-1158 [2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_getpwent(711) could not lookup domain user TestUser wbinfo -u prints out all my users wbinfo -g prints out all my groups getent group prints out all my groups and their unix IDs getent -r username seems to get the correct user group unix ids for all the users, even the ones that don't see to be able to have their SID converted to a UID. Anyone have any ideas? The most relevant section of my smb.conf is encrypt passwords = yes idmap uid = 1-2 idmap gid = 1-2 idmap backend = ad winbind enum users = yes winbind enum groups = yes winbind nss info = sfu winbind use default domain = yes winbind separator = # Let me know what other information I can provide if I've left something relevant out. Thanks, Josh -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] x permission interpretation under Windows
Hi How does Windows interpret the 'x' attribute for the file's 'other' attribute field? If I give a *file* a 0775 permission Windows XP clients cannot see the file. Not even the group members. If I change this permission to 0774 the file becomes visible to everyone. (smbclient sees the file either way). This file in under a directory which has 2775 as permission and inherit permissions = yes. Samba is 3.0.20b Does the 'x' attribute of a file behave backwards as for directories under Windows point of view?? Or better yet, what am I doing wrong? Regards -- Ethy H. Brito /\ InterNexo Ltda. \ / CAMPANHA DA FITA ASCII - CONTRA MAIL HTML +55 (12) 3797-6860 X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL S.J.Campos - Brasil / \ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] CIDR prefix with a non-multiple of 8
First off, I apologize for reporting a problem with a historical
version of Samba, but this is what we use in our production environment
due to some integration issues with the 3.0 series.
I've been experiencing a problem with Samba 2.2.x when trying to use a
CIDR notation for hosts allow/deny when that CIDR prefix is not one of (
/8, /16, /24, or /32). When I included a network such as
192.168.64.0/18, addresses that are clearly in that range (such as
192.168.72.3) are blocked as if they were not present in the allow list
at all. There is also no deny list defined.
I have originally experienced this with Samba 2.2.7a on RedHat
Enterprise Linux 4 update 3 running a 2.6.14.7 kernel. I have tried
upgrading to the latest release in the samba 2.2 series, 2.2.12 which
also exhibits this problem.
Running controlled experiments with different forms of the CIDR networks
shows that as long as you use a CIDR network which has a prefix that is
a multiple of 8, the connections from that network will be allowed
correctly. However, if that prefix is a number in between those
multiples of 8, it will be denied unless it happens to be within the
first classful network of the summarized network. For example, the
summarized network 72.224.0.0/13, will allow connections from 72.224.x.x
but not 72.225.x.x, etc..
Digging into the source code, I found the problem to be in the way the
netmask value is calculated. When the network in question has a multiple
of 8 prefix, each octet of its netmask value, is either 0 or 255
decimal. On the other hand, the other prefixes yield netmask octet
values between 0 and 255. In this latter case, the bit ordering within
each octet is significant.
The method that is used to calculate the netmask is as follows:
mask = (uint32)((ALLONES atoi(slash + 1)) ^ ALLONES);
On a little endian machine the bytes are stored in least significant
byte first, but the most significant bits are stored from the left. With
this in mind, the above bit shifting operation does not yield the
correct netmask value on Intel machines (for prefixes that are not a
multiple of 8).
In order to correct the netmask value, the bits within a byte need to be
reversed.
To correct this problem, I have written a function to reverse the bits
and added a call to it immediately after the initial mask calculation.
Is anyone aware of this problem and if so has it been corrected in the
3.0 series?
Below is a patch to lib/access.c to correct the behavior: (I realize
this doesn't address skipping the conversion on big endian arches but I
am unaware of how to check that within the samba code base.)
--- access.c.orig 2006-10-19 18:44:42.0 -0400
+++ access.c2006-10-20 17:30:16.0 -0400
@@ -17,6 +17,32 @@
#define ALLONES ((uint32)0x)
+/* revbits8 - reverse the bits within a byte */
+static short revbits8(short a)
+{
+ short b = 0;
+
+printf(revbits8: reversing %d\n, a);
+b = ( ((a 0x80) 7) + (((a 0x40) 6) 1) +
+ (((a 0x20) 5) 2) + (((a 0x10) 4) 3) +
+ (((a 0x08) 3) 4) + (((a 0x04) 2) 5) +
+ (((a 0x02) 1) 6) + ((a 0x01) 7) );
+printf(revbit8: returning %d\n, b);
+return ( ((a 0x80) 7) + (((a 0x40) 6) 1) +
+ (((a 0x20) 5) 2) + (((a 0x10) 4) 3) +
+ (((a 0x08) 3) 4) + (((a 0x04) 2) 5) +
+ (((a 0x02) 1) 6) + ((a 0x01) 7) );
+}
+
+/* revbits - reverse the bits in each byte of a uint32 */
+unsigned long revbits(unsigned long a)
+{
+return ( ((revbits8((a 0xFF) 0)) 0) +
+ ((revbits8((a 0xFF00) 8)) 8) +
+ ((revbits8((a 0xFF) 16)) 16) +
+ ((revbits8((a 0xFF00) 24)) 24) );
+}
+
/* masked_match - match address against netnumber/netmask */
static int masked_match(char *tok, char *slash, char *s)
{
@@ -34,6 +60,8 @@
mask = interpret_addr(slash + 1);
} else {
mask = (uint32)((ALLONES atoi(slash + 1)) ^ ALLONES);
+ /* Fixup the netmask by reversing the bits in each byte
*/
+ mask = revbits(mask);
}
if (net == INADDR_NONE || mask == INADDR_NONE) {
==
Eric Crossman
Assistant Systems Administrator, School of Science
Siena College
515 Loudon Road
Loudonville, NY 12211
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] CIDR prefix with a non-multiple of 8
Is anyone aware of this problem and if so has it been corrected in the 3.0 series? My interfaces option has a /23 and works with 3.0.14a and 3.0.23c, so I would guess it has been fixed. James ZuelowCBJ MIS (907)586-0236 Network Specialist...Registered Linux User No. 186591 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] The share name is a valid user?
Hi. So I'm now on the next section of my samba by example book. For the life of me I just couldn't get it to work. That is until I looked into what the %S and %U variables actually meant. In the book it says to put something like the following in your smb.conf: [files] comment = Work area files path = /data/%U valid users = %S read only = No However, from what I understand, %S gets translated to the name of the share, which in this case would be files. But of course files isn't a valid user name on my system. So once I changed things to the following, things started to work: [files] comment = Work area files path = /data/%U valid users = %U read only = No So am I on the right track here? Is this book in error in telling you to put a %S as opposed to a %U? And if so, I'd also like to point out that the online book (which differs a bit from the hard copy I own) contains a similar error in chapter 2, in the netlogon section of the smb.conf file. Unless of course the netlogon section is special somehow, which I suspect it might be. I still haven't looked into that as of yet. At any rate, I welcome any comments. Thanks, Glen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Usrmgr cannot add groups with ldap backend
I get the following errors when I try to remove group from a user with usrmgr smb_create_group: Running the command `/usr/local/sbin/smbldap-groupadd -p 'test'' gave 111 [2006/10/20 19:53:29, 0] groupdb/mapping.c:smb_delete_user_group(1087) smb_delete_user_group: Running the command `/usr/local/sbin/smbldap-groupmod -x hmiller' 'hsstaff'' gave 2 I am running redhat es3 with samba 3.0.22 with ldap backend. Any ideas? Here is the Global part of my smb.conf Thanks in advance! -Glenn [global] interfaces = eth* netbios name = Server workgroup = Domain server string = security = user os level = 64 domain master = yes local master = yes preferred master = yes time server = yes ldappasswd sync =yes passdb backend = ldapsam:ldap://server.somewhere.com ldap admin dn = cn=samba,ou=DSA,dc=somewhere,dc=com #ldap admin dn = cn=Manager,dc=somewhere,dc=com ldap suffix = dc=somewhere,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users ldap ssl = no unix extensions = yes encrypt passwords = yes domain logons = yes logon script = logon.bat logon drive = H: logon home = \\%L\%U logon path = socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 wins support = no wins server = 10.100.0.10 #veto files = /*.eml/*.nws/ lanman auth = yes add user script = /usr/local/sbin/smbldap-useradd -m '%u' delete user script = /usr/local/sbin/smbldap-userdel '%u' ldap delete dn = yes add group script = /usr/local/sbin/smbldap-groupadd -p '%g' delete group script = /usr/local/sbin/smbldap-groupdel '%g' add machine script = /usr/local/sbin/smbldap-useradd -w '%u' add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u' '%g' set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' dos charset = 850 unix charset = ISO8859-1 oplocks = yes load printers = yes ;default devmode = yes printing = cups force printername = yes idmap uid = 15000-2 idmap gid = 15000-2 winbind separator = - winbind use default domain = No enable privileges = yes eventlog list = Application System Security SyslogLinux log level = 1 admin users =@Domain Admins ;map acl inherit = Yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r19422 - in branches/SAMBA_3_0/source/utils: .
Author: jra
Date: 2006-10-20 07:44:09 + (Fri, 20 Oct 2006)
New Revision: 19422
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19422
Log:
Doh ! Put the krb5 [EMAIL PROTECTED] code in the right place.
Jeremy.
Modified:
branches/SAMBA_3_0/source/utils/net.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net.c
===
--- branches/SAMBA_3_0/source/utils/net.c 2006-10-19 22:48:03 UTC (rev
19421)
+++ branches/SAMBA_3_0/source/utils/net.c 2006-10-20 07:44:09 UTC (rev
19422)
@@ -160,6 +160,7 @@
/
connect to \\server\service
/
+
NTSTATUS connect_to_service(struct cli_state **c, struct in_addr *server_ip,
const char *server_name,
const char *service_name,
@@ -173,13 +174,13 @@
opt_password = SMB_STRDUP(pass);
}
}
-
+
nt_status = cli_full_connection(c, NULL, server_name,
server_ip, opt_port,
service_name, service_type,
opt_user_name, opt_workgroup,
opt_password, 0, Undefined, NULL);
-
+
if (NT_STATUS_IS_OK(nt_status)) {
return nt_status;
} else {
@@ -236,20 +237,53 @@
}
/
+ Return malloced [EMAIL PROTECTED] for krb5 login.
+/
+
+static char *get_user_and_realm(const char *username)
+{
+ char *user_and_realm = NULL;
+
+ if (strchr_m(username, '@')) {
+ user_and_realm = SMB_STRDUP(username);
+ } else {
+ if (asprintf(user_and_realm, [EMAIL PROTECTED], username,
lp_realm()) == -1) {
+ user_and_realm = NULL;
+ }
+ }
+ return user_and_realm;
+}
+
+/
connect to \\server\ipc$ using KRB5
/
NTSTATUS connect_to_ipc_krb5(struct cli_state **c,
struct in_addr *server_ip, const char *server_name)
{
NTSTATUS nt_status;
+ char *user_and_realm = NULL;
+ if (!opt_password !opt_machine_pass) {
+ char *pass = getpass(Password:);
+ if (pass) {
+ opt_password = SMB_STRDUP(pass);
+ }
+ }
+
+ user_and_realm = get_user_and_realm(opt_user_name);
+ if (!user_and_realm) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
nt_status = cli_full_connection(c, NULL, server_name,
server_ip, opt_port,
IPC$, IPC,
- opt_user_name, opt_workgroup,
+ user_and_realm, opt_workgroup,
opt_password,
CLI_FULL_CONNECTION_USE_KERBEROS,
Undefined, NULL);
+ SAFE_FREE(user_and_realm);
+
if (NT_STATUS_IS_OK(nt_status)) {
return nt_status;
} else {
svn commit: samba r19423 - in branches/SAMBA_4_0/source/lib/tdb: common include
Author: tridge
Date: 2006-10-20 08:06:14 + (Fri, 20 Oct 2006)
New Revision: 19423
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19423
Log:
merge some tdb changes from SAMBA_3_0 to SAMBA_4_0
this is in preparation of a merge in the other direction
Modified:
branches/SAMBA_4_0/source/lib/tdb/common/io.c
branches/SAMBA_4_0/source/lib/tdb/common/open.c
branches/SAMBA_4_0/source/lib/tdb/common/tdb.c
branches/SAMBA_4_0/source/lib/tdb/common/transaction.c
branches/SAMBA_4_0/source/lib/tdb/include/tdb.h
Changeset:
Modified: branches/SAMBA_4_0/source/lib/tdb/common/io.c
===
--- branches/SAMBA_4_0/source/lib/tdb/common/io.c 2006-10-20 07:44:09 UTC
(rev 19422)
+++ branches/SAMBA_4_0/source/lib/tdb/common/io.c 2006-10-20 08:06:14 UTC
(rev 19423)
@@ -102,7 +102,7 @@
/* Endian conversion: we only ever deal with 4 byte quantities */
void *tdb_convert(void *buf, u32 size)
{
- u32 i, *p = buf;
+ u32 i, *p = (u32 *)buf;
for (i = 0; i size / 4; i++)
p[i] = TDB_BYTEREV(p[i]);
return buf;
@@ -282,7 +282,8 @@
tdb-map_size += size;
if (tdb-flags TDB_INTERNAL) {
- char *new_map_ptr = realloc(tdb-map_ptr, tdb-map_size);
+ char *new_map_ptr = (char *)realloc(tdb-map_ptr,
+ tdb-map_size);
if (!new_map_ptr) {
tdb-map_size -= size;
goto fail;
Modified: branches/SAMBA_4_0/source/lib/tdb/common/open.c
===
--- branches/SAMBA_4_0/source/lib/tdb/common/open.c 2006-10-20 07:44:09 UTC
(rev 19422)
+++ branches/SAMBA_4_0/source/lib/tdb/common/open.c 2006-10-20 08:06:14 UTC
(rev 19423)
@@ -54,7 +54,7 @@
/* We make it up in memory, then write it out if not internal */
size = sizeof(struct tdb_header) + (hash_size+1)*sizeof(tdb_off_t);
- if (!(newdb = calloc(size, 1)))
+ if (!(newdb = (struct tdb_header *)calloc(size, 1)))
return TDB_ERRCODE(TDB_ERR_OOM, -1);
/* Fill in the header */
@@ -140,7 +140,7 @@
unsigned char *vp;
u32 vertest;
- if (!(tdb = calloc(1, sizeof *tdb))) {
+ if (!(tdb = (struct tdb_context *)calloc(1, sizeof *tdb))) {
/* Can't log this */
errno = ENOMEM;
goto fail;
@@ -263,7 +263,8 @@
tdb-map_size = st.st_size;
tdb-device = st.st_dev;
tdb-inode = st.st_ino;
- tdb-locked = calloc(tdb-header.hash_size+1, sizeof(tdb-locked[0]));
+ tdb-locked = (struct tdb_lock_type *)calloc(tdb-header.hash_size+1,
+sizeof(tdb-locked[0]));
if (!tdb-locked) {
TDB_LOG((tdb, TDB_DEBUG_ERROR, tdb_open_ex:
failed to allocate lock structure for %s\n,
Modified: branches/SAMBA_4_0/source/lib/tdb/common/tdb.c
===
--- branches/SAMBA_4_0/source/lib/tdb/common/tdb.c 2006-10-20 07:44:09 UTC
(rev 19422)
+++ branches/SAMBA_4_0/source/lib/tdb/common/tdb.c 2006-10-20 08:06:14 UTC
(rev 19423)
@@ -423,3 +423,8 @@
tdb_ofs_read(tdb, TDB_SEQNUM_OFS, seqnum);
return seqnum;
}
+
+int tdb_hash_size(struct tdb_context *tdb)
+{
+ return tdb-header.hash_size;
+}
Modified: branches/SAMBA_4_0/source/lib/tdb/common/transaction.c
===
--- branches/SAMBA_4_0/source/lib/tdb/common/transaction.c 2006-10-20
07:44:09 UTC (rev 19422)
+++ branches/SAMBA_4_0/source/lib/tdb/common/transaction.c 2006-10-20
08:06:14 UTC (rev 19423)
@@ -258,7 +258,8 @@
off tdb-transaction-old_map_size)) {
unsigned char *data = best_el-data;
el = best_el;
- el-data = realloc(el-data, el-length + len);
+ el-data = (unsigned char *)realloc(el-data,
+ el-length + len);
if (el-data == NULL) {
tdb-ecode = TDB_ERR_OOM;
tdb-transaction-transaction_error = 1;
@@ -275,7 +276,7 @@
}
/* add a new entry at the end of the list */
- el = malloc(sizeof(*el));
+ el = (struct tdb_transaction_el *)malloc(sizeof(*el));
if (el == NULL) {
tdb-ecode = TDB_ERR_OOM;
tdb-transaction-transaction_error = 1;
@@ -285,7 +286,7 @@
el-prev = tdb-transaction-elements_last;
el-offset = off;
el-length = len;
- el-data = malloc(len);
+ el-data = (unsigned char *)malloc(len);
if (el-data == NULL) {
free(el);
tdb-ecode = TDB_ERR_OOM;
@@ -411,7 +412,8 @@
svn commit: samba r19424 - in branches/SAMBA_3_0/source/utils: .
Author: jra
Date: 2006-10-20 08:14:38 + (Fri, 20 Oct 2006)
New Revision: 19424
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19424
Log:
Protect against username == NULL
Jeremy.
Modified:
branches/SAMBA_3_0/source/utils/net.c
Changeset:
Modified: branches/SAMBA_3_0/source/utils/net.c
===
--- branches/SAMBA_3_0/source/utils/net.c 2006-10-20 08:06:14 UTC (rev
19423)
+++ branches/SAMBA_3_0/source/utils/net.c 2006-10-20 08:14:38 UTC (rev
19424)
@@ -244,6 +244,9 @@
{
char *user_and_realm = NULL;
+ if (!username) {
+ return NULL;
+ }
if (strchr_m(username, '@')) {
user_and_realm = SMB_STRDUP(username);
} else {
@@ -257,6 +260,7 @@
/
connect to \\server\ipc$ using KRB5
/
+
NTSTATUS connect_to_ipc_krb5(struct cli_state **c,
struct in_addr *server_ip, const char *server_name)
{
svn commit: samba r19425 - in branches/SAMBA_4_0/source/lib/tdb: common include
Author: tridge
Date: 2006-10-20 09:48:18 + (Fri, 20 Oct 2006)
New Revision: 19425
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19425
Log:
two more tdb functions from samba3
Modified:
branches/SAMBA_4_0/source/lib/tdb/common/tdb.c
branches/SAMBA_4_0/source/lib/tdb/include/tdb.h
Changeset:
Modified: branches/SAMBA_4_0/source/lib/tdb/common/tdb.c
===
--- branches/SAMBA_4_0/source/lib/tdb/common/tdb.c 2006-10-20 08:14:38 UTC
(rev 19424)
+++ branches/SAMBA_4_0/source/lib/tdb/common/tdb.c 2006-10-20 09:48:18 UTC
(rev 19425)
@@ -428,3 +428,14 @@
{
return tdb-header.hash_size;
}
+
+size_t tdb_map_size(struct tdb_context *tdb)
+{
+ return tdb-map_size;
+}
+
+int tdb_get_flags(struct tdb_context *tdb)
+{
+ return tdb-flags;
+}
+
Modified: branches/SAMBA_4_0/source/lib/tdb/include/tdb.h
===
--- branches/SAMBA_4_0/source/lib/tdb/include/tdb.h 2006-10-20 08:14:38 UTC
(rev 19424)
+++ branches/SAMBA_4_0/source/lib/tdb/include/tdb.h 2006-10-20 09:48:18 UTC
(rev 19425)
@@ -124,6 +124,8 @@
int tdb_transaction_recover(struct tdb_context *tdb);
int tdb_get_seqnum(struct tdb_context *tdb);
int tdb_hash_size(struct tdb_context *tdb);
+size_t tdb_map_size(struct tdb_context *tdb);
+int tdb_get_flags(struct tdb_context *tdb);
/* Low level locking functions: use with care */
int tdb_chainlock(struct tdb_context *tdb, TDB_DATA key);
svn commit: samba r19426 - in branches/SAMBA_3_0/source/tdb: . common include tools
Author: tridge Date: 2006-10-20 09:55:47 + (Fri, 20 Oct 2006) New Revision: 19426 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19426 Log: merge nearly all the differences between Samba3 tdb and Samba4 tdb. This includes: - the new tdb_lockall and tdb_lockall_read code, which will be needed for the ldb speedups - the tdb logging changes. This is an intermediate step to keep the differences between the two branches small. The plan is still to move to a tdb_init()/tdb_set_logging_function()/tdb_attach() style of open which will make things much cleaner. - the updated test suites and standalone tdb build code - use libreplace headers There are still some small differences I haven't merged. I'll discuss those on the list. Modified: branches/SAMBA_3_0/source/tdb/Makefile.in branches/SAMBA_3_0/source/tdb/aclocal.m4 branches/SAMBA_3_0/source/tdb/autogen.sh branches/SAMBA_3_0/source/tdb/common/freelist.c branches/SAMBA_3_0/source/tdb/common/io.c branches/SAMBA_3_0/source/tdb/common/lock.c branches/SAMBA_3_0/source/tdb/common/open.c branches/SAMBA_3_0/source/tdb/common/tdb.c branches/SAMBA_3_0/source/tdb/common/tdb_private.h branches/SAMBA_3_0/source/tdb/common/tdbutil.c branches/SAMBA_3_0/source/tdb/common/transaction.c branches/SAMBA_3_0/source/tdb/common/traverse.c branches/SAMBA_3_0/source/tdb/config.mk branches/SAMBA_3_0/source/tdb/include/tdb.h branches/SAMBA_3_0/source/tdb/include/tdbutil.h branches/SAMBA_3_0/source/tdb/tools/tdbtest.c branches/SAMBA_3_0/source/tdb/tools/tdbtorture.c Changeset: Sorry, the patch is too large (2291 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19426
Re: svn commit: samba r19406 - in branches/SAMBA_4_0/swat/apps: resource/css samba/utils script
Derrell, ldbbrowse: done! great! I wanted to try this out, but hit a snag. On every access I get: Async(5) exception: Transport error 404: Not found This is with firefox 1.5.07 on debian unstable. Shall I just start poking around with gdb or is this a well known type of problem? Cheers, Tridge
svn commit: lorikeet r608 - in trunk/heimdal: . doc/standardisation lib/asn1 lib/com_err lib/des lib/editline lib/gssapi lib/gssapi/gssapi lib/gssapi/krb5 lib/hx509 lib/kafs lib/krb5 lib/roken lib/sl
Author: abartlet Date: 2006-10-20 12:39:03 + (Fri, 20 Oct 2006) New Revision: 608 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=608 Log: Merge up to Heimdal CVS 2006-10-20 Andrew Bartlett Added: trunk/heimdal/doc/standardisation/draft-zhu-ws-kerb-00.txt Modified: trunk/heimdal/ChangeLog trunk/heimdal/lib/asn1/ChangeLog trunk/heimdal/lib/asn1/Makefile.am trunk/heimdal/lib/asn1/der_get.c trunk/heimdal/lib/com_err/ChangeLog trunk/heimdal/lib/com_err/Makefile.am trunk/heimdal/lib/des/ChangeLog trunk/heimdal/lib/des/Makefile.am trunk/heimdal/lib/des/dh-imath.c trunk/heimdal/lib/des/dh.c trunk/heimdal/lib/des/engine.c trunk/heimdal/lib/editline/ChangeLog trunk/heimdal/lib/editline/Makefile.am trunk/heimdal/lib/gssapi/ChangeLog trunk/heimdal/lib/gssapi/Makefile.am trunk/heimdal/lib/gssapi/gssapi/gssapi.h trunk/heimdal/lib/gssapi/krb5/external.c trunk/heimdal/lib/gssapi/test_context.c trunk/heimdal/lib/hx509/ChangeLog trunk/heimdal/lib/hx509/Makefile.am trunk/heimdal/lib/hx509/test_crypto.in trunk/heimdal/lib/kafs/ChangeLog trunk/heimdal/lib/kafs/Makefile.am trunk/heimdal/lib/krb5/Makefile.am trunk/heimdal/lib/krb5/krb5.h trunk/heimdal/lib/roken/roken.h.in trunk/heimdal/lib/sl/ChangeLog trunk/heimdal/lib/sl/Makefile.am trunk/heimdal/lib/sl/sl.c trunk/heimdal/lib/vers/ChangeLog trunk/heimdal/lib/vers/Makefile.am trunk/heimdal/tests/ChangeLog trunk/heimdal/tools/Makefile.am Changeset: Sorry, the patch is too large (1644 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=608
Re: svn commit: samba r19406 - in branches/SAMBA_4_0/swat/apps: resource/css samba/utils script
[EMAIL PROTECTED] writes: Derrell, ldbbrowse: done! great! I wanted to try this out, but hit a snag. On every access I get: Async(5) exception: Transport error 404: Not found This is with firefox 1.5.07 on debian unstable. Shall I just start poking around with gdb or is this a well known type of problem? Andrew pointed this out to me. I just haven't had a chance to fix it. I believe the problems are that (1) I've screwed up the installswat installation script, when trying to instal the /services directory. It should install at the same level as swat (not in it) and the actual directory /services should exist; and (2) I need a sane default for the new jsonrpc base global parameter for smb.conf. Since I had jsonrpc base pointing into my source tree, I didn't catch this prior to check-in. Sorry about that. If you want to test right away, try adding this to your smb.conf file (assuming that you're testing on the same system that smbd is running on): [global] jsonrpc base = path_to_your_source_tree/services You could probably also rsync --exclude .svn path_to_your_source_tree/services dest where dest is the same level as swat in the installation tree. I don't know what extra cruft might get installed using this method, but it should be ok at least for testing. Cheers, Derrell
svn commit: samba r19427 - in branches/SAMBA_4_0/source/scripting/libjs: .
Author: metze
Date: 2006-10-20 15:20:48 + (Fri, 20 Oct 2006)
New Revision: 19427
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19427
Log:
print out the currect name
metze
Modified:
branches/SAMBA_4_0/source/scripting/libjs/provision.js
Changeset:
Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js
===
--- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2006-10-20
09:55:47 UTC (rev 19426)
+++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2006-10-20
15:20:48 UTC (rev 19427)
@@ -475,7 +475,7 @@
/* only install a new shares config db if there is none */
st = sys.stat(paths.shareconf);
if (st == undefined) {
- message(Setting up sconf.ldb\n);
+ message(Setting up share.ldb\n);
setup_ldb(share.ldif, info, paths.shareconf);
}
message(Setting up secrets.ldb\n);
svn commit: lorikeet r610 - in trunk/heimdal/appl/telnet/telnet: .
Author: lha Date: 2006-10-20 16:15:43 + (Fri, 20 Oct 2006) New Revision: 610 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=610 Log: merge from heimdal cvs - include roken.h to avoid ioctl(socket_wrapper) in solaris headers Modified: trunk/heimdal/appl/telnet/telnet/telnet_locl.h Changeset: Modified: trunk/heimdal/appl/telnet/telnet/telnet_locl.h === --- trunk/heimdal/appl/telnet/telnet/telnet_locl.h 2006-10-20 15:22:28 UTC (rev 609) +++ trunk/heimdal/appl/telnet/telnet/telnet_locl.h 2006-10-20 16:15:43 UTC (rev 610) @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: telnet_locl.h,v 1.22 2005/05/19 11:22:53 lha Exp $ */ +/* $Id: telnet_locl.h,v 1.23 2006/10/20 16:12:47 lha Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -157,10 +157,6 @@ #include socks.h #endif -#include err.h -#include roken.h -/* krb.h? */ - #ifdefined(AUTHENTICATION) || defined(ENCRYPTION) #include libtelnet/auth.h #include libtelnet/encrypt.h @@ -178,5 +174,8 @@ #include defines.h #include types.h +#include err.h +#include roken.h + /* prototypes */
svn commit: lorikeet r612 - in trunk/heimdal/lib/hdb: .
Author: lha Date: 2006-10-20 21:02:15 + (Fri, 20 Oct 2006) New Revision: 612 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=612 Log: Minimize diff to Heimdal. Modified: trunk/heimdal/lib/hdb/hdb.c Changeset: Modified: trunk/heimdal/lib/hdb/hdb.c === --- trunk/heimdal/lib/hdb/hdb.c 2006-10-20 17:36:26 UTC (rev 611) +++ trunk/heimdal/lib/hdb/hdb.c 2006-10-20 21:02:15 UTC (rev 612) @@ -401,6 +401,6 @@ h = find_dynamic_method (context, filename, residual); #endif if (h == NULL) - krb5_errx(context, 1, No database support! (hdb_create(%s)), filename); + krb5_errx(context, 1, No database support for %s, filename); return (*h-create)(context, db, residual); }
svn commit: lorikeet r613 - in trunk/heimdal/lib/gssapi/krb5: .
Author: lha Date: 2006-10-20 21:22:42 + (Fri, 20 Oct 2006) New Revision: 613 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=613 Log: Arcfour defines moved to arcfour.c, minimize diff to Heimdal. Modified: trunk/heimdal/lib/gssapi/krb5/gsskrb5_locl.h Changeset: Modified: trunk/heimdal/lib/gssapi/krb5/gsskrb5_locl.h === --- trunk/heimdal/lib/gssapi/krb5/gsskrb5_locl.h2006-10-20 21:02:15 UTC (rev 612) +++ trunk/heimdal/lib/gssapi/krb5/gsskrb5_locl.h2006-10-20 21:22:42 UTC (rev 613) @@ -47,10 +47,6 @@ #include cfx.h -#define GSS_ARCFOUR_WRAP_TOKEN_SIZE 32 -#define GSS_ARCFOUR_WRAP_TOKEN_OFFSET 13 - - /* * */
svn commit: lorikeet r614 - in trunk/heimdal/lib/auth/pam: .
Author: lha Date: 2006-10-20 21:24:47 + (Fri, 20 Oct 2006) New Revision: 614 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=614 Log: Minimize diff to Heimdal. Modified: trunk/heimdal/lib/auth/pam/Makefile.am Changeset: Modified: trunk/heimdal/lib/auth/pam/Makefile.am === --- trunk/heimdal/lib/auth/pam/Makefile.am 2006-10-20 21:22:42 UTC (rev 613) +++ trunk/heimdal/lib/auth/pam/Makefile.am 2006-10-20 21:24:47 UTC (rev 614) @@ -46,11 +46,11 @@ pam_krb4.so: $(OBJS) @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ - $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + echo $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ - $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + echo $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ else \ echo missing libraries; exit 1; \ fi @@ -62,6 +62,7 @@ # XXX inline COMPILE since automake wont add it .c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ + $(LIBTOOL) --mode=compile --tag=CC $(CC) \ + $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ -c `test -f '$' || echo '$(srcdir)/'`$
svn commit: lorikeet r615 - in trunk/heimdal/lib/gssapi/gssapi: .
Author: lha Date: 2006-10-20 21:46:14 + (Fri, 20 Oct 2006) New Revision: 615 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=615 Log: add GSS_KRB5_GET_AUTHTIME_X Modified: trunk/heimdal/lib/gssapi/gssapi/gssapi_krb5.h Changeset: Modified: trunk/heimdal/lib/gssapi/gssapi/gssapi_krb5.h === --- trunk/heimdal/lib/gssapi/gssapi/gssapi_krb5.h 2006-10-20 21:24:47 UTC (rev 614) +++ trunk/heimdal/lib/gssapi/gssapi/gssapi_krb5.h 2006-10-20 21:46:14 UTC (rev 615) @@ -72,6 +72,7 @@ extern gss_OID GSS_KRB5_GET_SUBKEY_X; extern gss_OID GSS_KRB5_GET_INITIATOR_SUBKEY_X; extern gss_OID GSS_KRB5_GET_ACCEPTOR_SUBKEY_X; +extern gss_OID GSS_KRB5_GET_AUTHTIME_X; /* Extensions creds */ extern gss_OID GSS_KRB5_IMPORT_CRED_X;
svn commit: samba r19428 - in branches/SAMBA_4_0/source: lib/gencache lib/messaging lib/samba3 lib/tdb lib/tdb/common lib/tdb/include lib/util ntvfs/common passdb torture/basic
Author: tridge Date: 2006-10-20 23:32:23 + (Fri, 20 Oct 2006) New Revision: 19428 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19428 Log: moved tdbutil.c from lib/tdb/common/ to lib/util/util_tdb.c tdbutil.c is Samba specific, so should not be part of the generic tdb library Added: branches/SAMBA_4_0/source/lib/util/util_tdb.c Removed: branches/SAMBA_4_0/source/lib/tdb/common/tdbutil.c branches/SAMBA_4_0/source/lib/tdb/include/tdbutil.h Modified: branches/SAMBA_4_0/source/lib/gencache/gencache.c branches/SAMBA_4_0/source/lib/messaging/config.mk branches/SAMBA_4_0/source/lib/messaging/messaging.c branches/SAMBA_4_0/source/lib/samba3/group.c branches/SAMBA_4_0/source/lib/samba3/idmap.c branches/SAMBA_4_0/source/lib/samba3/policy.c branches/SAMBA_4_0/source/lib/samba3/registry.c branches/SAMBA_4_0/source/lib/samba3/secrets.c branches/SAMBA_4_0/source/lib/samba3/share_info.c branches/SAMBA_4_0/source/lib/samba3/tdbsam.c branches/SAMBA_4_0/source/lib/tdb/config.mk branches/SAMBA_4_0/source/lib/util/config.mk branches/SAMBA_4_0/source/ntvfs/common/notify.c branches/SAMBA_4_0/source/passdb/config.mk branches/SAMBA_4_0/source/passdb/secrets.c branches/SAMBA_4_0/source/torture/basic/mangle_test.c Changeset: Sorry, the patch is too large (1403 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19428
svn commit: samba r19429 - in branches/SAMBA_3_0/source: . include lib tdb/common tdb/include
Author: tridge Date: 2006-10-20 23:46:59 + (Fri, 20 Oct 2006) New Revision: 19429 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19429 Log: moved tdb/common/tdbutil.c into lib/util_tdb.c see discussion on samba-technical Added: branches/SAMBA_3_0/source/include/util_tdb.h branches/SAMBA_3_0/source/lib/util_tdb.c Removed: branches/SAMBA_3_0/source/tdb/common/tdbutil.c branches/SAMBA_3_0/source/tdb/include/tdbutil.h Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/include/includes.h Changeset: Sorry, the patch is too large (925 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19429
Re: svn commit: lorikeet r583 - in trunk/heimdal/lib/hdb: .
+ret = (*db-hdb_fetch)(context, db, principal, + HDB_F_DECRYPT|| is that really correct using '||'? No, that correct, its wrong :) Love
svn commit: lorikeet r617 - in trunk/heimdal/appl/telnet/telnetd: .
Author: lha Date: 2006-10-21 00:11:48 + (Sat, 21 Oct 2006) New Revision: 617 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=617 Log: move streamspty headers to avoid socket_wrapper problems on solaris 8, from heimdal current Modified: trunk/heimdal/appl/telnet/telnetd/sys_term.c trunk/heimdal/appl/telnet/telnetd/telnetd.c trunk/heimdal/appl/telnet/telnetd/telnetd.h Changeset: Modified: trunk/heimdal/appl/telnet/telnetd/sys_term.c === --- trunk/heimdal/appl/telnet/telnetd/sys_term.c2006-10-20 21:47:46 UTC (rev 616) +++ trunk/heimdal/appl/telnet/telnetd/sys_term.c2006-10-21 00:11:48 UTC (rev 617) @@ -33,7 +33,7 @@ #include telnetd.h -RCSID($Id: sys_term.c,v 1.114 2005/11/03 16:40:05 joda Exp $); +RCSID($Id: sys_term.c,v 1.115 2006/10/21 00:09:25 lha Exp $); #if defined(_CRAY) || (defined(__hpux) !defined(HAVE_UTMPX_H)) # define PARENT_DOES_UTMP @@ -90,29 +90,6 @@ #include tmpdir.h #endif /* CRAY */ -#ifdef STREAMSPTY - -#ifdef HAVE_SAC_H -#include sac.h -#endif - -#ifdef HAVE_SYS_STROPTS_H -#include sys/stropts.h -#endif - -#endif /* STREAMSPTY */ - -#undef NOERROR - -#ifdef HAVE_SYS_STREAM_H -#ifdef HAVE_SYS_UIO_H -#include sys/uio.h -#endif -#ifdef __hpux -#undef SE -#endif -#include sys/stream.h -#endif #if !(defined(__sgi) || defined(__linux) || defined(_AIX)) defined(HAVE_SYS_TTY) #include sys/tty.h #endif Modified: trunk/heimdal/appl/telnet/telnetd/telnetd.c === --- trunk/heimdal/appl/telnet/telnetd/telnetd.c 2006-10-20 21:47:46 UTC (rev 616) +++ trunk/heimdal/appl/telnet/telnetd/telnetd.c 2006-10-21 00:11:48 UTC (rev 617) @@ -33,7 +33,7 @@ #include telnetd.h -RCSID($Id: telnetd.c,v 1.79 2006/09/19 08:26:21 lha Exp $); +RCSID($Id: telnetd.c,v 1.80 2006/10/21 00:09:10 lha Exp $); #ifdef _SC_CRAY_SECURE_SYS #include sys/sysv.h @@ -63,18 +63,8 @@ intrequire_encryption = 0; #endif -#undef NOERROR +#ifdef STREAMPTY -#ifdef STREAMSPTY -# include stropts.h -# include termios.h -#ifdef HAVE_SYS_UIO_H -#include sys/uio.h -#endif /* HAVE_SYS_UIO_H */ -#ifdef HAVE_SYS_STREAM_H -#include sys/stream.h -#endif - #ifdef _AIX #include sys/termio.h #endif Modified: trunk/heimdal/appl/telnet/telnetd/telnetd.h === --- trunk/heimdal/appl/telnet/telnetd/telnetd.h 2006-10-20 21:47:46 UTC (rev 616) +++ trunk/heimdal/appl/telnet/telnetd/telnetd.h 2006-10-21 00:11:48 UTC (rev 617) @@ -122,6 +122,27 @@ #include pty.h #endif +#ifdef STREAMSPTY +#ifdef HAVE_SAC_H +#include sac.h +#endif +#ifdef HAVE_SYS_STROPTS_H +#include sys/stropts.h +#endif + +# include stropts.h + +#ifdef HAVE_SYS_UIO_H +#include sys/uio.h +#endif +#ifdef HAVE_SYS_STREAM_H +#include sys/stream.h +#endif + +#endif /* STREAMSPTY */ + +#undef NOERROR + #include defs.h #ifndef _POSIX_VDISABLE
svn commit: samba r19431 - in branches/SAMBA_3_0/source/lib/talloc: .
Author: tridge Date: 2006-10-21 00:23:27 + (Sat, 21 Oct 2006) New Revision: 19431 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19431 Log: merge recent talloc performance improvements from Samba4 Modified: branches/SAMBA_3_0/source/lib/talloc/config.mk branches/SAMBA_3_0/source/lib/talloc/talloc.c branches/SAMBA_3_0/source/lib/talloc/testsuite.c Changeset: Sorry, the patch is too large (2175 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19431
svn commit: samba r19432 - in branches/SAMBA_4_0/source/script/tests: .
Author: brad
Date: 2006-10-21 03:18:09 + (Sat, 21 Oct 2006)
New Revision: 19432
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=19432
Log:
This way of reverting snapshots is much better than the way I was doing them
before.
Modified:
branches/SAMBA_4_0/source/script/tests/test_win.sh
Changeset:
Modified: branches/SAMBA_4_0/source/script/tests/test_win.sh
===
--- branches/SAMBA_4_0/source/script/tests/test_win.sh 2006-10-21 00:23:27 UTC
(rev 19431)
+++ branches/SAMBA_4_0/source/script/tests/test_win.sh 2006-10-21 03:18:09 UTC
(rev 19432)
@@ -42,7 +42,7 @@
restore_snapshot()
{
echo -e $1
- perl -I$WINTEST_DIR $WINTEST_DIR/vm_load_snapshot.pl
+ vmrun revertToSnapshot $VM_CFG_PATH
echo Snapshot restored.
}
