[Samba] Dreamweaver access errors with Samba 3.0.23d
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear list Our environment uses Samba to store user directories. I recently upgraded Samba from 3.0.14a to 3.0.23d. After this, we discovered that Dreamweaver MX had trouble writing to an existing file; a file could be created and saved, but saving again after changes produced a Permission denied error. There was a similar problem mentioned on the list a few years ago. The suggested solution was to force dos handling of the file modification dates, and explicit permissions, as follows: dos filetimes = yes dos filetime resolution = yes dos filemode = yes fake directory create times = yes create mask = 0112 force directory mode = 0775 inherit permissions = Yes But this didn't fix the problem either. I have tried version 3.0.22, and this *works*. I can't see anything in the changelog that would cause this, aside from o New handling of unmapped users and groups. Has anyone encountered this? And found a fix? log.smbd follows. Regards Austin [2007/01/23 14:41:27, 1] smbd/service.c:make_connection_snum(950) 144.82.106.24 (144.82.106.24) connect to service zcaa001 initially as user zcaa001 (uid=83489, gid=3710) (pid 12782) [2007/01/23 14:41:42, 0] lib/util_sec.c:assert_uid(101) Failed to set uid privileges to (-1,83489) now set to (0,0) [2007/01/23 14:41:42, 0] lib/util.c:smb_panic(1599) PANIC (pid 12782): failed to set uid [2007/01/23 14:41:42, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 24 stack frames: #0 /usr/local/samba/sbin/smbd(log_stack_trace+0x1a) [0x82436aa] #1 /usr/local/samba/sbin/smbd(smb_panic+0x66) [0x824352f] #2 /usr/local/samba/sbin/smbd [0x8249389] #3 /usr/local/samba/sbin/smbd(set_effective_uid+0x26) [0x82494e0] #4 /usr/local/samba/sbin/smbd [0x80e53eb] #5 /usr/local/samba/sbin/smbd [0x80e54a0] #6 /usr/local/samba/sbin/smbd(pop_sec_ctx+0x13f) [0x80e5d2d] #7 /usr/local/samba/sbin/smbd(unbecome_root+0xb) [0x80db843] #8 /usr/local/samba/sbin/smbd [0x82055db] #9 /usr/local/samba/sbin/smbd(pdb_uid_to_rid+0x25) [0x8204f7c] #10 /usr/local/samba/sbin/smbd(uid_to_sid+0x10a) [0x820a7d5] #11 /usr/local/samba/sbin/smbd [0x80ebee8] #12 /usr/local/samba/sbin/smbd(get_nt_acl+0x386) [0x80f0c88] #13 /usr/local/samba/sbin/smbd(vfswrap_fget_nt_acl+0x17) [0x80e98e7] #14 /usr/local/samba/sbin/smbd [0x80b273b] #15 /usr/local/samba/sbin/smbd [0x80b4b36] #16 /usr/local/samba/sbin/smbd(reply_nttrans+0x85f) [0x80b54e4] #17 /usr/local/samba/sbin/smbd [0x80f716e] #18 /usr/local/samba/sbin/smbd [0x80f7215] #19 /usr/local/samba/sbin/smbd [0x80f757a] #20 /usr/local/samba/sbin/smbd(smbd_process+0x163) [0x80f84b4] #21 /usr/local/samba/sbin/smbd(main+0x940) [0x82e2f47] #22 /lib/libc.so.6(__libc_start_main+0xa4) [0x40163bb4] #23 /usr/local/samba/sbin/smbd(yp_get_default_domain+0xc9) [0x8082291] [2007/01/23 14:41:42, 0] lib/fault.c:dump_core(173) dumping core in /usr/local/samba-3.0.23d/var/cores/smbd [2007/01/23 14:41:42, 1] smbd/service.c:make_connection_snum(950) 144.82.106.24 (144.82.106.24) connect to service zcaa001 initially as user zcaa001 (uid=83489, gid=3710) (pid 12783) [2007/01/23 14:46:20, 1] smbd/service.c:close_cnum(1150) 144.82.106.24 (144.82.106.24) closed connection to service zcaa001 - -- Austin Chamberlain tel: 020 7679 5146 Systems Administrator int: 25146 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFtzQIYpCClUStt04RAmdJAKC3o+eu0YvZOfA8jDD3iJrZlTNXIgCfTv3T D2fObk6PibUyeoSkEoIi3Sg= =nb61 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba from outside
hello, i have installed samba on my network and i can access it by \\192.168.1.2 but i want to acces from internet, wich port i have to open in the router? just typing my internet public IP. thanks for all and sorry about my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba from outside
139 and 445, both udp and tcp. And port 901 (tcp) for swat. -- Ismail On 1/24/07, Josu Lazkano Lete [EMAIL PROTECTED] wrote: hello, i have installed samba on my network and i can access it by \\192.168.1.2 but i want to acces from internet, wich port i have to open in the router? just typing my internet public IP. thanks for all and sorry about my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Login and logout scripts
Mauricio, If you are just using a samba server as the PDC with no MS Windows domain controller then yes you can have login scripts. You can also use group membership comparisons within the login script using a windows tool called ifmember.exe. Both the vbs/bat files and ifmember.exe go /etc/netlogon. To do the group comparison you have do a net groupmap command to map the unix group with an nt group. I have done this on a Mac Tiger and Panther server. If you want more info mail me directly. I am going on holiday tomorrow so I may not get back straight away. Regards Paul -Original Message- From: Mauricio Szabo [mailto:[EMAIL PROTECTED] Sent: Tuesday 23 January 2007 12:43 To: samba@lists.samba.org Subject: [Samba] Login and logout scripts Is there a way to run a script on my samba PDC machine when a user logs in and logs out? Thanks in advance. -- Air conditioners and Computers are the same - they both crash when you open Windows. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Login and logout scripts
If you are just using a samba server as the PDC with no MS Windows domain controller then yes you can have login scripts. You can also use group membership comparisons within the login script using a windows tool called ifmember.exe. Both the vbs/bat files and ifmember.exe go /etc/netlogon. Correction: it is ISMEMBER.EXE, not ifmember.exe. You can also use something called OSVER.EXE to determine the Windows OS version, if you want to run different commands for different OS versions. I had to do things a little differently to get this to work right on my windows 2000 domain. I had to copy the ISMEMBER.EXE files to the local computer, running them directly from the script did not work. So I added a test to the batch file to look for the existence of the files (ISMEMBER.EXE and OSVER.EXE), which copies them to the local computer if they are not there. I didn't try changing it when I converted, so Pauls suggestion might work just fine. This also allowed me to put the files in a different location (not the NETLOGON share): begin snippet if exist C:\WINDOWS\system32\ISMEMBER.EXE goto map-home if exist y: net use y: /del net use y: \\myserver\installers /persistent:no copy y:\free\ISMEMBER.EXE c:\WINDOWS\system32\ copy y:\free\OSVER.EXE c:\WINDOWS\system32\ :map-home if exist y: net use y: /del whatever you want for the rest of the commands here end snippet hth... -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba from outside
Dear Jous, for security reasons this might not be the best idea. I wouldn't open a Windows share to the internet if not necessary. However you might tunnel your traffic e.g. with putty from the Windows clients to the server and then connect to the Samba-server internally. Hope that helps, Joachim Ismail M. Settenda wrote: 139 and 445, both udp and tcp. And port 901 (tcp) for swat. -- Ismail On 1/24/07, Josu Lazkano Lete [EMAIL PROTECTED] wrote: hello, i have installed samba on my network and i can access it by \\192.168.1.2 but i want to acces from internet, wich port i have to open in the router? just typing my internet public IP. thanks for all and sorry about my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] INTERNAL ERROR: Signal 11
Hi, I am using Samba-2.2.12. I am getting the following error when I try to create a share from the SWAT. === INTERNAL ERROR: Signal 11 in pid 192 (2.2.12) Please read the file BUGS.txt in the distribution === PANIC: internal error Can anyone help me in this regard as why I am facing this segmentation fault. If I manually write the smb.conf file then it is fine. But I want this SWAT thing to work. One more thing is after this error occurs my manually written shares in the smb.conf gets deleted leaving the globals one. Regards, Mohan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba from outside
would WINscp be a good secure choice to access samba from the internet? On 1/24/07, Joachim Kieferle [EMAIL PROTECTED] wrote: Dear Jous, for security reasons this might not be the best idea. I wouldn't open a Windows share to the internet if not necessary. However you might tunnel your traffic e.g. with putty from the Windows clients to the server and then connect to the Samba-server internally. Hope that helps, Joachim Ismail M. Settenda wrote: 139 and 445, both udp and tcp. And port 901 (tcp) for swat. -- Ismail On 1/24/07, Josu Lazkano Lete [EMAIL PROTECTED] wrote: hello, i have installed samba on my network and i can access it by \\192.168.1.2 but i want to acces from internet, wich port i have to open in the router? just typing my internet public IP. thanks for all and sorry about my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Unless you try to do something beyond what you have already mastered, you will never grow. Ronald E. Osborn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba from outside
Joachim Kieferle escreveu: Dear Jous, for security reasons this might not be the best idea. I wouldn't open a Windows share to the internet if not necessary. However you might tunnel your traffic e.g. with putty from the Windows clients to the server and then connect to the Samba-server internally. Hope that helps, Joachim Ismail M. Settenda wrote: 139 and 445, both udp and tcp. And port 901 (tcp) for swat. -- Ismail On 1/24/07, Josu Lazkano Lete [EMAIL PROTECTED] wrote: hello, i have installed samba on my network and i can access it by \\192.168.1.2 but i want to acces from internet, wich port i have to open in the router? just typing my internet public IP. thanks for all and sorry about my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Openvpn do the job. It's simple to install and configure and is secure enough to avoid an intrusion. Vinicius -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] login problem with domain users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/23/2007 04:10 AM, mahesh pawar escreveu: Hi all, I am using samba 3.0.23d on my linux machine. This machine is connected in a domain where all other users are using domain username and password to login. but with this username and password they are unable to login in samba. my smb.conf file is like following, [global] workgroup = BSIL server string = Samba testing encrypt passwords = yes os level = 20 security = ads netbios name = MDT506 [data] path = /export guest ok = yes writeable = yes browseable = yes guest only = yes I want everyone(domain user , guest accounts and others without password also) to access this share. If you use 'guest only', then only guest connection are permitted. Remove the 'guest only' and keep the 'guest ok' or 'public = yes'. can anyone help me in this regard. Regards, Mahesh Pawar. Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFt2/3Cj65ZxU4gPQRAj+zAJ0Wrpj/YngyImujvIM2Y/jYZalnKQCdGHpL KD7xRtmpytn3LuJtnTT+cp0= =HS8w -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba 3.0.23 memberserver problems
Hello, Im having trouble with my samba network. I installed a samba server 3.0.23 as PDC and everything is running very well. My Windows XP clients were able to join the domain and everything works quite good. Now I tried to rejoin the domain with a Terastation from Buffalo. It is an network storage using a Linux operating system and samba 2.2.4 for filesharing. That samba is configured as Domain Memberserver using winbind for username resolution. I had installed samba 3.0.9 as PDC on my network before and there the Terastation was running very well, but with version 3.0.23 it makes trouble. When I try the command wbinfo -t on the PDC! I get an error message: NT_STATUS_INVALID_HANDLE. On the Terastation I get checking trust succeeded or something like that. When I try to lookup usernames with wbinfo u I get errors on both machines: Error looking up usernames. Direct name resolution on the PDC works: wbinfo n username is successful. I dont know whats going wrong there. I read something in the Release Notes for samba version 3.0.21 I think but I dont understand it. Does anybody know that problem or do you know what I made wrong. I hope for help. Sorry for my English. Greetings Stephan Storm -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba from outside
and can i change that ports in linux? for example, port 123 and 124 is it necesary the 901 port? thanks a lots - Original Message - From: Giovanni Cambria [EMAIL PROTECTED] To: Josu Lazkano Lete [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Wednesday, January 24, 2007 4:14 PM Subject: Re: [Samba] samba from outside Yes, but don't forget to setup correct rules to map the public IP to the specific internal private IP N(x) - Original Message - From: Ismail M. Settenda [EMAIL PROTECTED] To: Josu Lazkano Lete [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Wednesday, January 24, 2007 1:02 PM Subject: Re: [Samba] samba from outside 139 and 445, both udp and tcp. And port 901 (tcp) for swat. -- Ismail On 1/24/07, Josu Lazkano Lete [EMAIL PROTECTED] wrote: hello, i have installed samba on my network and i can access it by \\192.168.1.2 but i want to acces from internet, wich port i have to open in the router? just typing my internet public IP. thanks for all and sorry about my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Nessun virus nel messaggio in arrivo. Controllato da AVG. Versione: 7.5.441 / Database dei virus: 268.17.8/649 - Data di rilascio: 23/01/07 20.40 -- Nessun virus nel messaggio in uscita. Controllato da AVG. Versione: 7.5.441 / Database dei virus: 268.17.8/649 - Data di rilascio: 23/01/07 20.40 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mode 0x1b4 errors in logs, unable to save Word documents
Hi Adam A possible solution is to use max disk size, but to be honest it is long shoot. max disk size This global option specifies an illusory limit, in megabytes, for each share that Samba is offering. It only affects how much disk space Samba reports the share as having and does not prevent more disk space from actually being available for use. You would typically set this option to prevent clients with older operating systems—or running buggy applications—from being confused by large disk spaces. For example, some older Windows applications become confused when they encounter a share larger than 1 gigabyte. To work around this problem, max disk size can be set as follows: [global] max disk size = 1000 It seems that there is some problem related to acl, what kind of filesystem do you use? Is your samba version compiled with acl support? You might have to take a look at smb.conf about acl. e.g. try to disable acl for the a directory and see what happens Best Regards Rune Tønnesen Adam Nielsen skrev: Hi all, Our users have started to complain that some of the time they're unable to save Word documents to our Samba drive - Word tells them the disk is full. I had a look at the logs, and there are a lot of weird Function not implemented errors. These have been there for a while, but the Operation not permitted ones seem new. Nothing on the server has changed. What's this mode 0x1b4? This is with Samba 3.0.21rc2 - does anyone know if these issues have been changed in a newer release? I wonder whether it's possible to silently fail here to stop Word from giving a disk full error message. Any ideas? Many thanks, Adam. Jan 22 16:54:53 aquila smbd_audit[12156]: open Human Ethics/Document Generation/Source.doc (fd 36) Jan 22 16:54:53 aquila smbd_audit[12156]: open Human Ethics/Document Generation/~WRD2200.tmp (fd 37) Jan 22 16:54:53 aquila smbd_audit[12156]: close fd 37 Jan 22 16:54:53 aquila smbd_audit[12156]: open Human Ethics/Document Generation/~WRD2200.tmp (fd 37) for writing Jan 22 16:54:53 aquila smbd_audit[12156]: chmod_acl Human Ethics/Document Generation/~WRD2200.tmp mode 0x1b4 failed: Function not implemented Jan 22 16:54:53 aquila smbd_audit[12156]: chmod Human Ethics/Document Generation/~WRD2200.tmp mode 0x1b4 failed: Operation not permitted -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: access users homes share
yes, thats what ive tried. but if user2 creates a file in user1 home directory, user2 gets all permission and user1 cant modified or delete the file because of the force user option. [homes] comment = user share browseable = no writeable = yes write list = %U create mask = 0600 directory mask = 0700 force user = %U force group = Administrators oplocks = true best regards - Original Message From: Jay Flory [EMAIL PROTECTED] To: Sascha [EMAIL PROTECTED] Sent: Wednesday, January 24, 2007 3:56:51 PM Subject: Re: access users homes share Sascha Have you considered using defaults in your ACL list for the directories. For example the following two commands will ensure that user1 and user2 will have complete rights to all files created in the directory: setfacl -d -m u:user2:rwx directoryname setfacl -d -m u:user1:rwx directoryname You may wish to use the recursive (-r) option with the above if you wish the subdirectories to have the same defaults. And lastly you may need to add the following for the mask: setfacl -d -m m::rwx directoryname Thanks Jay - Original Message - From: Sascha [EMAIL PROTECTED] Newsgroups: gmane.network.samba.general Sent: Tuesday, January 23, 2007 5:28 AM Subject: Re: access users homes share now theres another problem: when i access a share and create a file the user will be forced to %U and not to the user who owns the homes share. when i set force user =%S then everyone can connect to the share. is there a chance that when i give user1 the rights to connect to user2 homes share (via setfacl) and user1 creates a file that this file will be chown to user2. i dont want to create a special share or groups because when i do it that way i would have 50 extra shares in my smb.conf. thanks for your help again and best regards - Original Message From: Sascha [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, January 23, 2007 12:39:20 PM Subject: Re: [Samba] access users homes share thanks for your help. i just did a setfacl on the users home directory and i could access it. really nice :) thanks again for the help best regards - Original Message From: Maurício Szabo [EMAIL PROTECTED] To: Sascha [EMAIL PROTECTED] Sent: Tuesday, January 23, 2007 12:27:32 PM Subject: Re: [Samba] access users homes share You can add user1 to a group that user2 is currently in, and set permissions of the user2 home share to be group-readable. For example, user2 is a member of the group foo, so you can add user1 to foo group, add user2's home share to foo group, and finally do a chmod g+wxr to user2's home folder. On 1/23/07, Sascha [EMAIL PROTECTED] wrote: hey list, we are currently migrating our users from novell to samba. now we have one problem: in novell we could give e.g. user1 access to users2 home share so he could modify, delete or add files on this share. in samba we defined a global homes share that is mapped on logon. so how can we give user1 the needed rights? here is the definition of the homes share in smb.conf: [homes] comment = user share browseable = no writeable = yes write list = %U create mask = 0600 directory mask = 0700 force user = %U force group = Administrators oplocks = true do we need to add a special share and group? thanks for help and best regards Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. http://autos.yahoo.com/new_cars.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Air conditioners and Computers are the same - they both crash when you open Windows. 8:00? 8:25? 8:40? Find a flick in no time with the Yahoo! Search movie showtime shortcut. http://tools.search.yahoo.com/shortcuts/#news -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Looking for earth-friendly autos? Browse Top Cars by Green Rating at Yahoo! Autos' Green Center. http://autos.yahoo.com/green_center/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 8:00? 8:25? 8:40? Find a flick in no time with the Yahoo! Search movie showtime shortcut. http://tools.search.yahoo.com/shortcuts/#news -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba from outside
Yes, but don't forget to setup correct rules to map the public IP to the specific internal private IP N(x) - Original Message - From: Ismail M. Settenda [EMAIL PROTECTED] To: Josu Lazkano Lete [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Wednesday, January 24, 2007 1:02 PM Subject: Re: [Samba] samba from outside 139 and 445, both udp and tcp. And port 901 (tcp) for swat. -- Ismail On 1/24/07, Josu Lazkano Lete [EMAIL PROTECTED] wrote: hello, i have installed samba on my network and i can access it by \\192.168.1.2 but i want to acces from internet, wich port i have to open in the router? just typing my internet public IP. thanks for all and sorry about my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Nessun virus nel messaggio in arrivo. Controllato da AVG. Versione: 7.5.441 / Database dei virus: 268.17.8/649 - Data di rilascio: 23/01/07 20.40 -- Nessun virus nel messaggio in uscita. Controllato da AVG. Versione: 7.5.441 / Database dei virus: 268.17.8/649 - Data di rilascio: 23/01/07 20.40 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba v3.0.23a BROKE my network
I run Samba as a PDC for a small network. I used to use smbpassword and went through the pain of changing up to tdbsam. I have just upgraded from v3.0.14a to v3.0.23a. The immediate effect was that nobody could use their domain log in any more. I was upset. My users wished me to understand their frustration. It was not my fault. I became cross. The dog got my dinner (it's an ill wind...). When I, finally, discovered that what was needed was some new configuration (explicit groupmap for the 'Domain ' groups) I was no longer upset or cross. I was LIVID. I make the following observations: * if a change is made that invalidates existing configurations the documentation SHOULD SAY THAT, and it SHOULD SAY WHAT CHANGES ARE REQUIRED. * better yet, since these are required settings THE NEW SOFTWARE SHOULD CHECK FOR THEM and GENERATE A SPECIFIC ERROR MESSAGE. * since these settings are fundamental, why not put at least default settings in smb.conf ? testparm could check for them ? * getting a Samba installation to work is an exercise in the dark arts. This is partly because Windows networking is arcane and badly documented -- so it is effectively impossible to discover how things are supposed to work, what the components really are and how they fit together... There is a ton of documentation (the HOWTO runs to 950 pages). Well done guys. Nevertheless, because the concepts are obscure, there's a lot of text that is impenetrable. * I see a reference to 'net sam' commands in the archived mailing list [YES, I have read (some of) the archive before posting !] 'net help' gives some idea of what these commands are, but the man page is silent on the subject. IMNSHO as a one time software developer, the failure here is not just in the documentation (no amount of documentation is ever quite enough) but particularly in the software. The software should not silently accept an obviously deficient configuration, particularly if it leads to some obscure failures later. I wonder if I have been alone in tripping over this ? I failed to find anything which obviously fitted the symptoms, which made me feel I was looking for something obscure or that some bit rot had eaten the foundations of my installation. Thanks for a very useful package (despite occasional infuriation, due in no small part, I am sure, to Windows Networking's broken architecture). But, PLEASE work on the basis that most users are stumbling around in the dark. Setting this kind of trap is hardly sporting ! After the upgrade what happened to me, blow by blow, was: It looked as though the machine trust accounts were broken. (Windows login whimpered about the Domain Controller not playing nicely.) I ran testparm. No problems. I turned up the logging. It still looked as though the machine trust accounts were broken (some secrets or other could not be found). Plus, when I ran pdbedit to see what was going on, it started whining about not being able to look up various SID or RID things. I ran tbdbackup -v passdb.tbd -- no problems. And secrets.tbd, ditto. I deleted and recreated a machine account (pdbedit -x $; pdbedit -a -m $) and moved that machine out and back into the domain. It still looked as though the machine trust accounts were broken. I ran through Chapter 38, THE SAMBA CHECKLIST of the HOWTO. No problems found. I read the FAQ. Nothing relevant. I read the release notes. I found (under 3.0.23): User and Group changes == The user and group internal management routines have been rewritten to prevent overlaps of assigned Relative Identifiers (RIDs). In the past the has been a potential problem when either manually mapping Unix groups with the 'net groupmap' command or when migrating a Windows domain to a Samba domain using 'net rpc vampire'. ... I've never felt the need to manually map any groups... and I've never migrated a Windows domain... So, this doesn't seem to apply to me, I guess ? Unmapped users are now assigned a SID in the S-1-22-1 domain and unmapped groups are assigned a SID in the S-1-22-2 domain. Previously they were assign a RID within the SAM on the Samba server. For a DC this would have been under the authority of the domain SID where as on a member server or standalone host, this would have been under the authority of the local SAM (hint: net getlocalsid). ... unmapped user ? I searched the 950 pages of HOWTO, without discovering what a mapped user was, or how to map a user. This could be referring to the contents of smb.username.map file, which would make most users unmapped ? An unmapped group seemed less mysterious, at least I could see a command to set up group mappings. Now I'm just puzzled, but with a sinking feeling that something I don't understand is biting me in the backside...
Re: [Samba] Workstaion trust account
Andrew Bartlett skrev: On Tue, 2007-01-23 at 17:50 +, Cardon Denis wrote: Hi sermodi, I'm having a problem adding a W2K workstaion to the domain samba+ldap. I can add it by logging with the local administartor then add to domain, but I would like to do it without doing it manually on every workstation. Have hundrads of workstations, I tried to add them by using smbldap scripts and I get an entry for the workstation but it still don't work. Is it even possible to only add a trust account on the PDC or do I have to do it from the windows client? adding a workstation throught the windows join a domain gui does some configuration change on the host computer. Modifying is not enough, in any case you'll have to do a few thing on the windows box. However there a few command line tools available from MS for joining a domain, so you can write a small script to add the boxes. There is an RPC to do this (wkssvc_NetrJoinDomain2), but we never spent enough time to figure out the crypto. The 524 byte password buffer looks like one of the existing uses of this kind of buffer (like SAMR), but that didn't apparently work. Andrew Bartlett Thanks for the reply. About the client modification, on an existing (by existing I mean a workstaion that have been trusted previously on another PDC, a NT4) the client has already a password configured to the domain, the domain name is the same and a net vampire have been done on the NT4. So what is the different between the challenge made to NT4 and the one made to to the new samba PDC? About the scripts that could be used, any tips on how to write one? I know how to write .bat files my question is what commands should be used. The last question can I just turn of the trust checking? Thanks! /Sermodi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.23a BROKE my network
On Wed, Jan 24, 2007 at 03:59:30PM +, Chris Hall wrote: * if a change is made that invalidates existing configurations the documentation SHOULD SAY THAT, and it SHOULD SAY WHAT CHANGES ARE REQUIRED. I know this will not relieve you frustration, but Jerry has put a big paragraph in the file WHATSNEW.txt under the heading User and Group changes == We have it made very explicit that there are big changes coming with this release. Do you have any recommendation how we should this get across to our users more effectively? Volker pgpgcxzf4S1O9.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Login and logout scripts
Maybe use preexec? It's a share thing, but you should be able to script something . . . Maurício Szabo wrote: But what I want to do is a login / logout script that runs *on the samba server*, so when a user logs in, I could make a backup of his home share before he logs... On 1/24/07, *Toby Bluhm* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Charles Marcus wrote: If you are just using a samba server as the PDC with no MS Windows domain controller then yes you can have login scripts. You can also use group membership comparisons within the login script using a windows tool called ifmember.exe. Both the vbs/bat files and ifmember.exe go /etc/netlogon. Correction: it is ISMEMBER.EXE, not ifmember.exe. ismember.exe osver.exe are third party tools. ifmember.exe is part of MS Resource Kit. -- -Toby -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Am I going about this all the wrong way?
Sorry for the title, but couldnt think how to word it. Basically we have a piece of software that all departments in our company uses, placed on the samba server but runs from windows. Because different departments use other items on the server which will differ depending on who needs them this is what i have done: [AccountsFolder] |---[SymbolicLink1] - Linked to folder1/softwarefolder [folder1] - Contains the software for all |---[Softwarefolder] [SalesFolder] |---[SymbolicLink2] - Linked to folder1/softwarefolder The Folder1 is owned by domain admins AccountsFolder owned by Accounts and Salesfolder owned by Sales. [smb.conf] [Accounts] browseable = no inherit permissions = Yes delete readonly = Yes writeable = yes valid users = @Accounts path = /var/samba/Accounts force group = Accounts [Sales] browseable = no inherit permissions = Yes delete readonly = Yes writeable = yes valid users = @Sales path = /var/samba/Sales force group = Sales However, when i check the connections using webmin, there are users in accounts who have connections open from sales and visa versa. This I was hoping someone could enlighten me on. I cannot figure out how they can gain access to a share that they have no permissions to open. When I browse from their machines to try and open the other shares its as you would expect [Access Denied] So basically im wondering if i am going about this all the wrong way, and maybe someone could hint at a better way. Thanks Dave ___ Systems Administrator Praybourne Limited Tel: +44 (0) 870 2420004 Fax: +44 (0) 1527 68780 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP Account Manager 1.2.0 released
LDAP Account Manager (LAM) 1.2.0 - January 24th, 2007 = LAM is a web frontend for managing accounts stored in an LDAP directory. Announcement: - This release includes minor enhancements of the Samba 3 module. The LAM Pro version now supports groupOf(Unique)Names accounts. Features: - * management of Unix user and group accounts (posixAccount/posixGroup) * management of Samba 2.x/3 user and host accounts (sambaAccount/sambaSamAccount) * management of Kolab 2 accounts (kolabInetorgPerson) * profiles for account creation * account creation via file upload * automatic creation/deletion of home directories * setting quotas * PDF output for all accounts * editor for organizational units (OU) * schema browser * tree view * multiple configuration files * multi-language support (Catalan, Chinese, Dutch, English, French, German, Hungarian, Italian, Japanese, Russian, Spanish) * support for LDAP+SSL Availability: - This software is available under the GNU General Public License V2.0. You can get the newest version at http://lam.sf.net. It may take some time until you can download the files from all mirrors. File formats: DEB, RPM, tar.gz There is also a FreeBSD port. Debian users may use the packages in unstable. Demo installation: -- You can try our demo installation online. http://lam.sf.net/live-demo/index.htm Support: If you find a bug please file a bug report. For questions or implementing new features please use the forum and feature request tracker at our Sourceforge homepage http://www.sf.net/projects/lam. Authors Copyright: Copyright (C) 2003 - 2007: Michael Duergner [EMAIL PROTECTED] Roland Gruber [EMAIL PROTECTED] Tilo Lutz [EMAIL PROTECTED] LAM is published under the GNU General Public License. The comlete list of licenses can be found in the copyright file. signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.23a BROKE my network
No offense, but making any software update or change to a production system without first testing it in a test environment is an administrative issue, not a software issue. It isn't terribly difficult to configure a test environment that would allow you to see if everything works as expected. Chris Hall wrote: On Wed, 24 Jan 2007 you wrote On Wed, Jan 24, 2007 at 03:59:30PM +, Chris Hall wrote: * if a change is made that invalidates existing configurations the documentation SHOULD SAY THAT, and it SHOULD SAY WHAT CHANGES ARE REQUIRED. I know this will not relieve you frustration, but Jerry has put a big paragraph in the file WHATSNEW.txt under the heading User and Group changes == We have it made very explicit that there are big changes coming with this release. Do you have any recommendation how we should this get across to our users more effectively? OK... Although I put the documentation issue first, I think it is more important that the software check for this kind of configuration issue, and report it clearly. In short, I think this is more a software than a documentation issue. However, the documentation did not lead me very quickly to the solution :-( First, I just did a yum update which updated samba and that broke the network. So, by the time I read the release notes the horse had already bolted and I was left wondering why the stable door was off its hinges. Second, I was upgrading from .14 to .23a, so I had to wade through a fair amount of release notes. Third, I could find nothing that seemed related to the symptom I had, namely that users could not log in ! Now, I agree that there's a big warning in the release notes under the heading User and Group Changes, as you say. And yes, in the end this lead me to the section in the HOWTO that says it is necessary to set up groupmap entries for Domain Admins, Domain User and Domain Guests. (But not Domain Computers ?) I can, through a glass darkly, see that explicitly mapping ntgroups/SIDs to unix groups should be useful. Why things worked fine without such mapping before is perhaps more of a puzzle than why it is required now. But this is not really the point. I don't suppose I'm the only samba user who has never needed to worry about the groupmap mechanism, and for whom it has remained a perfect mystery. I had a configuration that worked pre .23 but now suddenly did not work. What I needed to know was that with .23 it is ESSENTIAL that groupmap settings are made for a small number of groups. Even better, it would have been good to know that without those groupmap settings, users would not be able to log on. I have read and reread the release notes. (http://www.samba.org/samba/history/samba-3.0.23.html) Even now I know the answer, I still do not see anything there that tells me: From v3.0.23 onwards it is essential to map a small number of nt groups to the equivalent unix groups on the samba server. If these mappings are not made you will find that users will not be able to log on and machine trust accounts will be unusable. The nt groups that must be mapped are: Domain Admins, Domain Users and Domain Guests. To set up the mapping you need to: net groupmap add ntgroup=Domain Admins rid=512 unixgroup=? type=d net groupmap add ntgroup=Domain Users rid=513 unixgroup=? type=d net groupmap add ntgroup=Domain Guests rid=514 unixgroup=? type=d where '?' is the unix group to map to in each case. 'net groupmap list' will show the current groupmap. The groupmap is stored once it has been set up. For more about group mapping see the HOWTO, Chapter 12, GROUP MAPPING: MS WINDOWS AND UNIX. I don't know if other bad things happen if this groupmap is not set up, so this is not guaranteed to be complete. So, I would say: 1. the software should check that the configuration is complete, and make sensible noises if it is not. The trap I fell into has no business being there in the first place. Developers need to avoid constructing pitfalls, or at the very least put up some form of safety barrier. 2. Having to take special steps to document a pitfall is a sure sign there's something wrong with the software ! 3. The documentation needs to be direct and from the users', not the developers', perspective. I'm sure there are lots of interesting things to say about how the software now deals with groups, and how that solves various problems -- and this will make sense to people who have some idea what it is about, particularly the wizards who develop these things. In general users are not interested in how the software has been improved. Users are only interested in what a given change means to them, which can be broken into (a) description of problem, (b) resolution of problem. - the description needs to be complete enough for users who have
[Samba] Question about Samba 2.2.7 and AD 2003
We have some legacy servers that are running AIX 5.2 and participating in a NT4 Domain. We are migrating from NT4 Domains toward AD 2003. We have successfully upgraded the NT4 Domain Controller to AD 2003 but it is running in Mixed Mode. Now we are at a point where we want to put DC into Native Mode but this is really a one way process and can't be undone. I'm reading that the transition from Mixed to Native mode affects how DCs talk to each other, not how a client talks or authenticates. This would leave me to believe that since our 2.2.7 samba server is currently authenticating successfully that it would continue to do so. Has anyone else done something similar or see any concerns that I should be aware of? Thanks, Macnlos -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Workstaion trust account
On Wed, 2007-01-24 at 17:09 +0100, sermodi wrote: Andrew Bartlett skrev: On Tue, 2007-01-23 at 17:50 +, Cardon Denis wrote: Hi sermodi, I'm having a problem adding a W2K workstaion to the domain samba+ldap. I can add it by logging with the local administartor then add to domain, but I would like to do it without doing it manually on every workstation. Have hundrads of workstations, I tried to add them by using smbldap scripts and I get an entry for the workstation but it still don't work. Is it even possible to only add a trust account on the PDC or do I have to do it from the windows client? adding a workstation throught the windows join a domain gui does some configuration change on the host computer. Modifying is not enough, in any case you'll have to do a few thing on the windows box. However there a few command line tools available from MS for joining a domain, so you can write a small script to add the boxes. There is an RPC to do this (wkssvc_NetrJoinDomain2), but we never spent enough time to figure out the crypto. The 524 byte password buffer looks like one of the existing uses of this kind of buffer (like SAMR), but that didn't apparently work. Andrew Bartlett Thanks for the reply. About the client modification, on an existing (by existing I mean a workstaion that have been trusted previously on another PDC, a NT4) the client has already a password configured to the domain, the domain name is the same and a net vampire have been done on the NT4. So what is the different between the challenge made to NT4 and the one made to to the new samba PDC? The whole purpose of the vampire process is that you should not have to rejoin machines. If you are forced to rejoin a machine when vampiring NT4, then it's a bug. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] tree connect failled: ERRDOS - ERRnoaccess (Access denied.)
i have recently switched to ldap backend for passwords smbldap-useradd,smbldap-passwd works without error messages... but when i try to connect from linux it gives me the following error X:tree connect failled: ERRDOS - ERRnoaccess (Access denied.) X can be remplaced with diffferent numbers such as 10270 11202 11318 11750 ...evry time the number of the errors change i don't know why i have only tryed it with username that are valid unix usernames (i don't know if smbldap create the unix usernames for me) and the samba and unix password are the same -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.23a BROKE my network
On Wed, 24 Jan 2007 you wrote No offense, None taken. but making any software update or change to a production system without first testing it in a test environment is an administrative issue, not a software issue. That could have reduced my users' blood pressure... ...but doesn't change my opinion that software should be written to avoid obscure failure caused by obvious misconfiguration -- particularly in the case of an upgrade which turns a previously working configuration into a broken one ! It isn't terribly difficult to configure a test environment that would allow you to see if everything works as expected. Sure. But I'm not trying to run a nuclear power station here. Chris Chris Hall wrote: On Wed, 24 Jan 2007 you wrote On Wed, Jan 24, 2007 at 03:59:30PM +, Chris Hall wrote: * if a change is made that invalidates existing configurations the documentation SHOULD SAY THAT, and it SHOULD SAY WHAT CHANGES ARE REQUIRED. I know this will not relieve you frustration, but Jerry has put a big paragraph in the file WHATSNEW.txt under the heading User and Group changes == We have it made very explicit that there are big changes coming with this release. Do you have any recommendation how we should this get across to our users more effectively? OK... Although I put the documentation issue first, I think it is more important that the software check for this kind of configuration issue, and report it clearly. In short, I think this is more a software than a documentation issue. However, the documentation did not lead me very quickly to the solution :-( First, I just did a yum update which updated samba and that broke the network. So, by the time I read the release notes the horse had already bolted and I was left wondering why the stable door was off its hinges. Second, I was upgrading from .14 to .23a, so I had to wade through a fair amount of release notes. Third, I could find nothing that seemed related to the symptom I had, namely that users could not log in ! Now, I agree that there's a big warning in the release notes under the heading User and Group Changes, as you say. And yes, in the end this lead me to the section in the HOWTO that says it is necessary to set up groupmap entries for Domain Admins, Domain User and Domain Guests. (But not Domain Computers ?) I can, through a glass darkly, see that explicitly mapping ntgroups/SIDs to unix groups should be useful. Why things worked fine without such mapping before is perhaps more of a puzzle than why it is required now. But this is not really the point. I don't suppose I'm the only samba user who has never needed to worry about the groupmap mechanism, and for whom it has remained a perfect mystery. I had a configuration that worked pre .23 but now suddenly did not work. What I needed to know was that with .23 it is ESSENTIAL that groupmap settings are made for a small number of groups. Even better, it would have been good to know that without those groupmap settings, users would not be able to log on. I have read and reread the release notes. (http://www.samba.org/samba/history/samba-3.0.23.html) Even now I know the answer, I still do not see anything there that tells me: From v3.0.23 onwards it is essential to map a small number of nt groups to the equivalent unix groups on the samba server. If these mappings are not made you will find that users will not be able to log on and machine trust accounts will be unusable. The nt groups that must be mapped are: Domain Admins, Domain Users and Domain Guests. To set up the mapping you need to: net groupmap add ntgroup=Domain Admins rid=512 unixgroup=? type=d net groupmap add ntgroup=Domain Users rid=513 unixgroup=? type=d net groupmap add ntgroup=Domain Guests rid=514 unixgroup=? type=d where '?' is the unix group to map to in each case. 'net groupmap list' will show the current groupmap. The groupmap is stored once it has been set up. For more about group mapping see the HOWTO, Chapter 12, GROUP MAPPING: MS WINDOWS AND UNIX. I don't know if other bad things happen if this groupmap is not set up, so this is not guaranteed to be complete. So, I would say: 1. the software should check that the configuration is complete, and make sensible noises if it is not. The trap I fell into has no business being there in the first place. Developers need to avoid constructing pitfalls, or at the very least put up some form of safety barrier. 2. Having to take special steps to document a pitfall is a sure sign there's something wrong with the software ! 3. The documentation needs to be direct and from the users', not the developers', perspective. I'm sure there are lots of interesting things to say about how the software now deals with groups, and how that solves various problems -- and this will make sense to people who have some idea
Re: [Samba] Samba v3.0.23a BROKE my network
Not that I don't understand your frustration. I do. I guess it boils down to whether I would prefer the developers concentrate on fixing bugs and improving functionality or for them to expend energy on helping prevent me from doing something bad that goes against best practices. I overwhelmingly prefer the former. If someone out there has the wherewithal to write some kind of upgrade checker that has the functionality you desire, I hope they come forward and do so. Otherwise, I'm content for the developers to keep doing what they are doing and focus on getting Samba 4 ready for prime time. But that's just me and I can't speak for anyone else. Chris Hall wrote: On Wed, 24 Jan 2007 you wrote No offense, None taken. but making any software update or change to a production system without first testing it in a test environment is an administrative issue, not a software issue. That could have reduced my users' blood pressure... ...but doesn't change my opinion that software should be written to avoid obscure failure caused by obvious misconfiguration -- particularly in the case of an upgrade which turns a previously working configuration into a broken one ! It isn't terribly difficult to configure a test environment that would allow you to see if everything works as expected. Sure. But I'm not trying to run a nuclear power station here. Chris Chris Hall wrote: On Wed, 24 Jan 2007 you wrote On Wed, Jan 24, 2007 at 03:59:30PM +, Chris Hall wrote: * if a change is made that invalidates existing configurations the documentation SHOULD SAY THAT, and it SHOULD SAY WHAT CHANGES ARE REQUIRED. I know this will not relieve you frustration, but Jerry has put a big paragraph in the file WHATSNEW.txt under the heading User and Group changes == We have it made very explicit that there are big changes coming with this release. Do you have any recommendation how we should this get across to our users more effectively? OK... Although I put the documentation issue first, I think it is more important that the software check for this kind of configuration issue, and report it clearly. In short, I think this is more a software than a documentation issue. However, the documentation did not lead me very quickly to the solution :-( First, I just did a yum update which updated samba and that broke the network. So, by the time I read the release notes the horse had already bolted and I was left wondering why the stable door was off its hinges. Second, I was upgrading from .14 to .23a, so I had to wade through a fair amount of release notes. Third, I could find nothing that seemed related to the symptom I had, namely that users could not log in ! Now, I agree that there's a big warning in the release notes under the heading User and Group Changes, as you say. And yes, in the end this lead me to the section in the HOWTO that says it is necessary to set up groupmap entries for Domain Admins, Domain User and Domain Guests. (But not Domain Computers ?) I can, through a glass darkly, see that explicitly mapping ntgroups/SIDs to unix groups should be useful. Why things worked fine without such mapping before is perhaps more of a puzzle than why it is required now. But this is not really the point. I don't suppose I'm the only samba user who has never needed to worry about the groupmap mechanism, and for whom it has remained a perfect mystery. I had a configuration that worked pre .23 but now suddenly did not work. What I needed to know was that with .23 it is ESSENTIAL that groupmap settings are made for a small number of groups. Even better, it would have been good to know that without those groupmap settings, users would not be able to log on. I have read and reread the release notes. (http://www.samba.org/samba/history/samba-3.0.23.html) Even now I know the answer, I still do not see anything there that tells me: From v3.0.23 onwards it is essential to map a small number of nt groups to the equivalent unix groups on the samba server. If these mappings are not made you will find that users will not be able to log on and machine trust accounts will be unusable. The nt groups that must be mapped are: Domain Admins, Domain Users and Domain Guests. To set up the mapping you need to: net groupmap add ntgroup=Domain Admins rid=512 unixgroup=? type=d net groupmap add ntgroup=Domain Users rid=513 unixgroup=? type=d net groupmap add ntgroup=Domain Guests rid=514 unixgroup=? type=d where '?' is the unix group to map to in each case. 'net groupmap list' will show the current groupmap. The groupmap is stored once it has been set up. For more about group mapping see the HOWTO, Chapter 12, GROUP MAPPING: MS WINDOWS AND UNIX. I don't know if other bad things happen if this groupmap is not set up, so this is not guaranteed to be complete. So, I would say: 1. the software should check that the
Fwd: [Samba] Samba members in NT4.0 to AD upgrade
--- Leon Stringer [EMAIL PROTECTED] wrote: From: Leon Stringer [EMAIL PROTECTED] I've got an NT4.0 domain that I'm planning to upgrade to Active Directory. I've got a couple of Samba member servers in the domain, various versions above 3.0. So I have two questions: 1. Are there any gotchas with this scenario or will the Samba clients just keep working as NT4-esque clients. 2. Is it possible to upgrade a Samba member server to be an Active Directory client whilst retaining the user entries for file shares etc. (i.e. so the SIDs still match). I'm sure these issues have been discussed before but I can't find out any specifics (i.e. it will work/won't work/it will work but...). If there's an M to RTF or other link I'd be grateful for any info... ___ New Yahoo! Mail is the ultimate force in competitive emailing. Find out more at the Yahoo! Mail Championships. Plus: play games and win prizes. http://uk.rd.yahoo.com/evt=44106/*http://mail.yahoo.net/uk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Login and logout scripts
You can also use group membership comparisons within the login script using a windows tool called ifmember.exe. Both the vbs/bat files and ifmember.exe go /etc/netlogo Correction: it is ISMEMBER.EXE, not ifmember.exe. ismember.exe osver.exe are third party tools. ifmember.exe is part of MS Resource Kit. Wups... thanks for the correction. I remember now, for some reason ifmember did not work for me, so I found and used ismember (and osver) which did. Can't remember what the problem was though... -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind set to only serve certain addresses?
After a bad week of internet worms, I want to setup my clients so they can't see eachother at all. Clients talk to servers. Full stop. Now part of this is easy. If I use the correct option in my dhcpd.conf file I tell the clients to use WINS mode 2 (use a server) give them a server address, and it puts a stop to all that broadcasting. What I would like to do next is to keep clients records from being visible to other clients. Part of this is to turn off File and printer sharing on the clients. What else do I need to do? (Or is this one of those cans of worms that breaks too many thing.s) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind set to only serve certain addresses?
At 04:48 PM 1/24/2007, Sherwood Botsford wrote: After a bad week of internet worms, I want to setup my clients so they can't see eachother at all. Clients talk to servers. Full stop. Now part of this is easy. If I use the correct option in my dhcpd.conf file I tell the clients to use WINS mode 2 (use a server) give them a server address, and it puts a stop to all that broadcasting. What I would like to do next is to keep clients records from being visible to other clients. Part of this is to turn off File and printer sharing on the clients. What else do I need to do? (Or is this one of those cans of worms that breaks too many thing.s) If you set your server up to serve logon scripts (per user) and also serve system policies to the win clients you can have the logon script map chosen shares as mapped drives per user at logon and can also use the policy file to have the chosen client machines to not display My Network Places that should do it. I have that set up here and it seems to accomplish what you are after. Cary Robinson IT Manager Top Solutions Inc. Office: 512-864-2750 Fax:512-864-2751 Cell:512-844-5551 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mode 0x1b4 errors in logs, unable to save Word documents
Hi Rune, Thanks for your reply! I don't think it's a disk space problem, I suspect that's just an inaccurate error message but I will try your suggestion to see if it makes a difference. It seems that there is some problem related to acl, what kind of filesystem do you use? I have done some more testing and in at least one case yes, you are correct. I have mounted a remote SMB system and re-exported it from our local server. I had accidentally enabled ACL support for that share, but the underlying filesystem (i.e. the remote SMB server) doesn't support ACLs. On this filesystem the setfacl program gives me the same error as appears in the Samba logs. I have disabled ACL support for this share so hopefully that will fix the problem. It doesn't however explain another share, which sits on top of a local reiserfs filesystem with ACL support (and I use setfacl for permissions here.) The log messages confuse me though: chmod_acl filename mode 0x1b4 failed: Function not implemented chmod filename mode 0x1b4 failed: Operation not permitted If 'mode 0x1b4' is referring to filesystem permissions then 0x1b4 is mode 664 - I can understand why 'function not implemented' would happen on a filesystem that didn't support ACLs, but 'operation not permitted' on a local filesystem? Is your samba version compiled with acl support? Yes - I made this mistake long ago and it's definitely compiled with ACL support now! You might have to take a look at smb.conf about acl. e.g. try to disable acl for the a directory and see what happens I do use ACLs for permissions though on the local share - disabling them would presumably break those permissions? Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Am I going about this all the wrong way?
I cannot figure out how they can gain access to a share that they have no permissions to open. I don't know whether this answers your question, but AFAIK connecting to a share doesn't require any credentials - you only need to log in before accessing the *data* in that share. I say this because under Windows if you connect to a machine and/or share that you don't have access to, running net view will sometimes show that the connection is still there (which is a pain if you used the wrong username, because you have to remove that dud connection before Windows will let you try again with a different username.) If nobody can access the files in the share then I wouldn't worry about it. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Port Problem
Only shared areas work, printers won't connect (Says something about either the printer name is wrong or it has lost its connection to the server - nothing in server logs that I can see). That is a bit odd - are you sure all ports are making it from one PC to the other? Nothing is being dropped somewhere along the way? Can you access the print$ share, where the printer drivers are stored? If nothing else, maybe you could try running Ethereal and compare what happens with the internal vs external connections. The problem therefore is that although I can see the printers from the client on the internal samba server I cannot actually connect to them via Add Printer in Windows XP. The way I normally do it is run \\server and double-click on the printer - does that also fail? From the internal network everything from the windows machine works which leads me to believe that the Samba Configuration is fine Assuming there are no issues with 'hosts allow' or other access restrictions. I am using CUPS on the samba server to print ( do I need the CUPS port also accessible through the firewall? ) No, the Samba server connects to CUPS - as long as the client PC can connect to the Samba server on the ports you've listed all should be fine. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP Timeout
Hi all I have a running samba 3.0.21c with OpenLDAP 2.3 configured as PDC, and also one BDC with same version of samba and openldap. It was working fine far the past few months. There are about 400 users on the domain and 600 groups. There 2 file servers [Domain Member server]( linux system RHEL 4.0 update3 with samba version 3.0.21c joined to the domain) which provides shares. All the users get access to shares using logon script. But recently all my users are unable to access to shares as when the logon script runs , it waits for lot of time and gives semaphore errors. The shares are not mapped at all. what our guess it that recently we increased idletimeout value in slapd.conf i am not sure because of this we are experiencing this problem before idletimeout value in slapd.conf was 50 , we changed it to 70 but again changing back to the old value did not solve the problem , rather it created a lot of problems like more and more users are experiencing the problem My query is this Is idletimeout value necessary in slapd.conf ? is ldap timeout value necessary in smb.conf ? should the value ldap timeout in smb.conf and idletimeout in slapd.confbe same. I have 3 Domain member servers , should all the servers smb.conf should have the same ldap timeout value. Please suggest me Below is PDC smb.conf ### [global] workgroup = msdpl.com netbios name = medhapdc passdb backend = ldapsam:ldap://msdpl.com server string = Domain Controller hosts allow = 192.168.128. 192.168.129. 192.168.130. 127. security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth0,lo printing = cups disable spoolss = Yes printcap name = cups max print jobs = 100 enable privileges = yes log level = 2 password level = 8 username level = 8 bind interfaces only = yes local master = Yes os level = 65 domain master = yes preferred master = yes remote browse sync = 192.168.130.3 null passwords = no hide unreadable = yes hide dot files = yes domain logons = yes logon script = %u.bat logon path = logon drive = X: logon home = wins support = yes name resolve order = wins lmhosts host bcast dns proxy = no time server = yes log file = /var/log/samba/%m.log max log size = 50 nt acl support = yes ldap passwd sync = yes add user script = /usr/local/sbin/smbldap-useradd -m %u delete user script = /usr/local/sbin/smbldap-userdel %u add machine script = /usr/local/sbin/smbldap-useradd -w %m add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' ldap delete dn = Yes ldap ssl = no ldap suffix = dc=msdpl,dc=com ldap admin dn = cn=manager,dc=msdpl,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap timeout = 50 idmap backend = ldap:ldap://msdpl.com idmap uid = 1-2 idmap gid = 1-2 check password script = /usr/local/bin/crackcheck -s map acl inherit = yes winbind use default domain = yes template shell = /bin/false ##[Share Definations]### [homes] comment = Home Directories valid users = %S, root browseable = no read only = no nt acl support = Yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /netlogon/scripts guest ok = yes browseable = yes write list = root, kr1233 #Profiles Share [profiles] comment = Profiles Share path = /profiles/%U read only = No browseable = yes writeable = yes veto files = /lost+found/.Trash-root/*.sh/*.scr/.recycle/desktop.ini # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba create mask = 0600 guest ok = Yes printable = yes use client driver = Yes browseable = no ### my Domain member server configuration smb.conf ### [global] unix charset = LOCALE workgroup = msdpl.com netbios name = prjsrv01 server string = Project Server 1 printcap name = /etc/printcap load printers = yes cups options = raw log level = 2 log file = /usr/local/samba-3c2/var/%U.%m.log syslog = 0 max log size = 1000 smb ports = 139 security = domain socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 #ldapsam:trusted
Re: [Samba] LDAP Timeout
Maybe if you post ldap logs?? Duno if it is OT. Did you try rebuilding index? LDAP could be corrupted. LD Le mercredi 24 janvier 2007 23:04, mallapadi niranjan a écrit : Hi all I have a running samba 3.0.21c with OpenLDAP 2.3 configured as PDC, and also one BDC with same version of samba and openldap. It was working fine far the past few months. There are about 400 users on the domain and 600 groups. There 2 file servers [Domain Member server]( linux system RHEL 4.0 update3 with samba version 3.0.21c joined to the domain) which provides shares. All the users get access to shares using logon script. But recently all my users are unable to access to shares as when the logon script runs , it waits for lot of time and gives semaphore errors. The shares are not mapped at all. what our guess it that recently we increased idletimeout value in slapd.conf i am not sure because of this we are experiencing this problem before idletimeout value in slapd.conf was 50 , we changed it to 70 but again changing back to the old value did not solve the problem , rather it created a lot of problems like more and more users are experiencing the problem My query is this Is idletimeout value necessary in slapd.conf ? is ldap timeout value necessary in smb.conf ? should the value ldap timeout in smb.conf and idletimeout in slapd.confbe same. I have 3 Domain member servers , should all the servers smb.conf should have the same ldap timeout value. Please suggest me Below is PDC smb.conf ### [global] workgroup = msdpl.com netbios name = medhapdc passdb backend = ldapsam:ldap://msdpl.com server string = Domain Controller hosts allow = 192.168.128. 192.168.129. 192.168.130. 127. security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth0,lo printing = cups disable spoolss = Yes printcap name = cups max print jobs = 100 enable privileges = yes log level = 2 password level = 8 username level = 8 bind interfaces only = yes local master = Yes os level = 65 domain master = yes preferred master = yes remote browse sync = 192.168.130.3 null passwords = no hide unreadable = yes hide dot files = yes domain logons = yes logon script = %u.bat logon path = logon drive = X: logon home = wins support = yes name resolve order = wins lmhosts host bcast dns proxy = no time server = yes log file = /var/log/samba/%m.log max log size = 50 nt acl support = yes ldap passwd sync = yes add user script = /usr/local/sbin/smbldap-useradd -m %u delete user script = /usr/local/sbin/smbldap-userdel %u add machine script = /usr/local/sbin/smbldap-useradd -w %m add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' ldap delete dn = Yes ldap ssl = no ldap suffix = dc=msdpl,dc=com ldap admin dn = cn=manager,dc=msdpl,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap timeout = 50 idmap backend = ldap:ldap://msdpl.com idmap uid = 1-2 idmap gid = 1-2 check password script = /usr/local/bin/crackcheck -s map acl inherit = yes winbind use default domain = yes template shell = /bin/false ##[Share Definations]### [homes] comment = Home Directories valid users = %S, root browseable = no read only = no nt acl support = Yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /netlogon/scripts guest ok = yes browseable = yes write list = root, kr1233 #Profiles Share [profiles] comment = Profiles Share path = /profiles/%U read only = No browseable = yes writeable = yes veto files = /lost+found/.Trash-root/*.sh/*.scr/.recycle/desktop.ini # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba create mask = 0600 guest ok = Yes printable = yes use client driver = Yes browseable = no ### my Domain member server configuration smb.conf ###
svn commit: samba r20996 - in branches/SAMBA_3_0/source/include: .
Author: abartlet Date: 2007-01-24 08:55:00 + (Wed, 24 Jan 2007) New Revision: 20996 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20996 Log: Build fix from Kai Blin Modified: branches/SAMBA_3_0/source/include/includes.h Changeset: Modified: branches/SAMBA_3_0/source/include/includes.h === --- branches/SAMBA_3_0/source/include/includes.h2007-01-24 06:30:58 UTC (rev 20995) +++ branches/SAMBA_3_0/source/include/includes.h2007-01-24 08:55:00 UTC (rev 20996) @@ -778,7 +778,8 @@ #ifdef HAVE_LDAP #include ads_protos.h #else -typedef LDAPMessage void; +struct _LDAPMessage; +typedef struct _LDAPMessage *LDAPMessage; #endif /* We need this after proto.h to reference GetTimeOfDay(). */
svn commit: samba r20997 - in branches/SAMBA_4_0/source/script/tests: .
Author: abartlet Date: 2007-01-24 09:43:49 + (Wed, 24 Jan 2007) New Revision: 20997 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20997 Log: Add in more certificate and key blobs, to enable PKINIT. To automaticly test this, we need to decide if we should ship kinit (and possibly and hxtool). Andrew Bartlett Modified: branches/SAMBA_4_0/source/script/tests/mktestsetup.sh Changeset: Modified: branches/SAMBA_4_0/source/script/tests/mktestsetup.sh === --- branches/SAMBA_4_0/source/script/tests/mktestsetup.sh 2007-01-24 08:55:00 UTC (rev 20996) +++ branches/SAMBA_4_0/source/script/tests/mktestsetup.sh 2007-01-24 09:43:49 UTC (rev 20997) @@ -61,7 +61,13 @@ DHFILE=$TLSDIR/dhparms.pem CAFILE=$TLSDIR/ca.pem CERTFILE=$TLSDIR/cert.pem +REQKDC=$TLSDIR/req-kdc.der +KDCCERTFILE=$TLSDIR/kdc.pem KEYFILE=$TLSDIR/key.pem +ADMINKEYFILE=$TLSDIR/adminkey.pem +REQADMIN=$TLSDIR/req-admin.der +ADMINKEYFILE=$TLSDIR/adminkey.pem +ADMINCERTFILE=$TLSDIR/admincert.pem WINBINDD_SOCKET_DIR=$PREFIX_ABS/winbind_socket CONFIGURATION=--configfile=$CONFFILE LDAPDIR=$PREFIX_ABS/ldap @@ -238,11 +244,21 @@ admin_server = 127.0.0.1:88 default_domain = samba.example.com } + +[appdefaults] + pkinit_anchors = FILE:$CAFILE + +[kdc] + enable-pkinit = true + pkinit_identity = FILE:$KDCCERTFILE,$KEYFILE + pkinit_anchors = FILE:$CAFILE + [domain_realm] .samba.example.com = SAMBA.EXAMPLE.COM EOF export KRB5_CONFIG +#This is specified here to avoid draining entropy on every run cat $DHFILEEOF -BEGIN DH PARAMETERS- MGYCYQC/eWD2xkb7uELmqLi+ygPMKyVcpHUo2yCluwnbPutEueuxrG/Cys8j8wLO @@ -252,25 +268,71 @@ EOF +#Likewise, we pregenerate the key material. This allows the +#other certificates to be pre-generated +cat $KEYFILEEOF +-BEGIN RSA PRIVATE KEY- +MIICXQIBAAKBgQDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpc +ol3+S9/6I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H +6H+pPqVIRLOmrWImai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQAB +AoGAAqDLzFRR/BF1kpsiUfL4WFvTarCe9duhwj7ORc6fs785qAXuwUYAJ0Uvzmy6 +HqoGv3t3RfmeHDmjcpPHsbOKnsOQn2MgmthidQlPBMWtQMff5zdoYNUFiPS0XQBq +szNW4PRjaA9KkLQVTwnzdXGkBSkn/nGxkaVu7OR3vJOBoo0CQQDO4upypesnbe6p +9/xqfZ2uim8IwV1fLlFClV7WlCaER8tsQF4lEi0XSzRdXGUD/dilpY88Nb+xok/X +8Z8OvgAXAkEA+pcLsx1gN7kxnARxv54jdzQjC31uesJgMKQXjJ0h75aUZwTNHmZQ +vPxi6u62YiObrN5oivkixwFNncT9MxTxVQJBAMaWUm2SjlLe10UX4Zdm1MEB6OsC +kVoX37CGKO7YbtBzCfTzJGt5Mwc1DSLA2cYnGJqIfSFShptALlwedot0HikCQAJu +jNKEKnbf+TdGY8Q0SKvTebOW2Aeg80YFkaTvsXCdyXrmdQcifw4WdO9KucJiDhSz +Y9hVapz7ykEJtFtWjLECQQDIlfc63I5ZpXfg4/nN4IJXUW6AmPVOYIA5215itgki +cSlMYli1H9MEXH0pQMGv5Qyd0OYIx2DDg96mZ+aFvqSG +-END RSA PRIVATE KEY- + +EOF + +cat $ADMINKEYFILEEOF +-BEGIN RSA PRIVATE KEY- +MIICXQIBAAKBgQD0+OL7TQBj0RejbIH1+g5GeRaWaM9xF43uE5y7jUHEsi5owhZF +5iIoHZeeL6cpDF5y1BZRs0JlA1VqMry1jjKlzFYVEMMFxB6esnXhl0Jpip1JkUMM +XLOP1m/0dqayuHBWozj9f/cdyCJr0wJIX1Z8Pr+EjYRGPn/MF0xdl3JRlwIDAQAB +AoGAP8mjCP628Ebc2eACQzOWjgEvwYCPK4qPmYOf1zJkArzG2t5XAGJ5WGrENRuB +cm3XFh1lpmaADl982UdW3gul4gXUy6w4XjKK4vVfhyHj0kZ/LgaXUK9BAGhroJ2L +osIOUsaC6jdx9EwSRctwdlF3wWJ8NK0g28AkvIk+FlolW4ECQQD7w5ouCDnf58CN +u4nARx4xv5XJXekBvOomkCQAmuOsdOb6b9wn3mm2E3au9fueITjb3soMR31AF6O4 +eAY126rXAkEA+RgHzybzZEP8jCuznMqoN2fq/Vrs6+W3M8/G9mzGEMgLLpaf2Jiz +I9tLZ0+OFk9tkRaoCHPfUOCrVWJZ7Y53QQJBAMhoA6rw0WDyUcyApD5yXg6rusf4 +ASpo/tqDkqUIpoL464Qe1tjFqtBM3gSXuhs9xsz+o0bzATirmJ+WqxrkKTECQHt2 +OLCpKqwAspU7N+w32kaUADoRLisCEdrhWklbwpQgwsIVsCaoEOpt0CLloJRYTANE +yoZeAErTALjyZYZEPcECQQDlUi0N8DFxQ/lOwWyR3Hailft+mPqoPCa8QHlQZnlG ++cfgNl57YHMTZFwgUVFRdJNpjH/WdZ5QxDcIVli0q+Ko +-END RSA PRIVATE KEY- + +EOF + +#generated with +#hxtool issue-certificate --self-signed --issue-ca --ca-private-key=FILE:$KEYFILE \ +# --subject=CN=CA,$BASEDN --certificate=FILE:$CAFILE + cat $CAFILEEOF -BEGIN CERTIFICATE- -MIICYTCCAcygAwIBAgIE5M7SRDALBgkqhkiG9w0BAQUwZTEdMBsGA1UEChMUU2Ft -YmEgQWRtaW5pc3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1 -dG9nZW5lcmF0ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMB4XDTA2MDgw -NDA0MzY1MloXDTA4MDcwNDA0MzY1MlowZTEdMBsGA1UEChMUU2FtYmEgQWRtaW5p -c3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1dG9nZW5lcmF0 -ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMIGcMAsGCSqGSIb3DQEBAQOB -jAAwgYgCgYC3WJ7DNQAVnqiJxhf6Tq4pqNyUIlioDFNnkJZ6ycElhblyDb3vaagO -9c+saw3cl/4KGWBZK46HtimRApE6ZriV7yHSB4afVjhnHZvlQVccAuTKJatBpIeb -kenOX0boUVXrWWj6VVnseab+5nA+uPZQQHinRLEVhUn72I14YdKJOQIDAQABoyUw -IzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGCSqGSIb3DQEB -BQOBgQA5IVkBXU2S4i3dSSM9KmdKJinok1IOGNLZYQSyzduuie9vTmGXCQiQppWb -oSjZaf/Zn8La8THvm4QfmwruPkTEL956BRyN9hHYwHWZsebJr7DvSrF1Zugd0jFs -DZZFfDUSinYEqApdYzMka/GYTSk1Fa31G5TVD56mIdxmVAdC+A== +MIIChTCCAe6gAwIBAgIUFZoF6jt0R+hQBdF7cWPy0tT3fGwwCwYJKoZIhvcNAQEFMFIxEzAR +BgoJkiaJk/IsZAEZDANjb20xFzAVBgoJkiaJk/IsZAEZDAdleGFtcGxlMRUwEwYKCZImiZPy
svn commit: samba r20998 - in branches: SAMBA_3_0/source/passdb SAMBA_3_0_24/source/passdb
Author: vlendec
Date: 2007-01-24 11:26:22 + (Wed, 24 Jan 2007)
New Revision: 20998
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20998
Log:
Fix debug message
Modified:
branches/SAMBA_3_0/source/passdb/pdb_smbpasswd.c
branches/SAMBA_3_0_24/source/passdb/pdb_smbpasswd.c
Changeset:
Modified: branches/SAMBA_3_0/source/passdb/pdb_smbpasswd.c
===
--- branches/SAMBA_3_0/source/passdb/pdb_smbpasswd.c2007-01-24 09:43:49 UTC
(rev 20997)
+++ branches/SAMBA_3_0/source/passdb/pdb_smbpasswd.c2007-01-24 11:26:22 UTC
(rev 20998)
@@ -1129,7 +1129,8 @@
size_t new_entry_length;
if (strequal(name, pwd-smb_name)) {
- DEBUG(10, (add_smbfilepwd_entry: found entry with name
%s - deleting it.\n, name));
+ DEBUG(10, (del_smbfilepwd_entry: found entry with
+ name %s - deleting it.\n, name));
continue;
}
Modified: branches/SAMBA_3_0_24/source/passdb/pdb_smbpasswd.c
===
--- branches/SAMBA_3_0_24/source/passdb/pdb_smbpasswd.c 2007-01-24 09:43:49 UTC
(rev 20997)
+++ branches/SAMBA_3_0_24/source/passdb/pdb_smbpasswd.c 2007-01-24 11:26:22 UTC
(rev 20998)
@@ -1129,7 +1129,8 @@
size_t new_entry_length;
if (strequal(name, pwd-smb_name)) {
- DEBUG(10, (add_smbfilepwd_entry: found entry with name
%s - deleting it.\n, name));
+ DEBUG(10, (del_smbfilepwd_entry: found entry with
+ name %s - deleting it.\n, name));
continue;
}
Rev 11291: Merge upstream in file:///home/jelmer/bzr.samba/4.0-perlselftest/
revno: 11291 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: svn-v2:[EMAIL PROTECTED] committer: Jelmer Vernooij [EMAIL PROTECTED] branch nick: 4.0-perlselftest timestamp: Wed 2007-01-24 13:05:47 +0100 message: Merge upstream added: source/dsdb/repl/drepl_service.c svn-v2:[EMAIL PROTECTED] source/dsdb/repl/drepl_service.h svn-v2:[EMAIL PROTECTED] source/dsdb/schema/schema_constructed.c svn-v2:[EMAIL PROTECTED] source/heimdal/kdc/config.csvn-v2:[EMAIL PROTECTED] source/torture/local/tdr.c svn-v2:[EMAIL PROTECTED] modified: .bzrignore svn-v2:[EMAIL PROTECTED] source/auth/kerberos/krb5_init_context.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/brlock_ctdb.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/common/ctdb.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/common/ctdb_call.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/common/ctdb_ltdb.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/common/ctdb_util.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/ctdb_cluster.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/tcp/tcp_connect.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/tcp/tcp_init.c svn-v2:[EMAIL PROTECTED] source/cluster/ctdb/tcp/tcp_io.c svn-v2:[EMAIL PROTECTED] source/dsdb/config.mk svn-v2:[EMAIL PROTECTED] source/dsdb/samdb/ldb_modules/repl_meta_data.c svn-v2:[EMAIL PROTECTED] source/heimdal/kdc/default_config.c svn-v2:[EMAIL PROTECTED] source/heimdal/kdc/kdc_locl.h svn-v2:[EMAIL PROTECTED] source/kdc/kdc.c svn-v2:[EMAIL PROTECTED] source/lib/events/events_aio.c svn-v2:[EMAIL PROTECTED] source/lib/events/events_signal.c svn-v2:[EMAIL PROTECTED] source/lib/ldb/ldb_tdb/ldb_cache.c svn-v2:[EMAIL PROTECTED] source/lib/replace/replace.h svn-v2:[EMAIL PROTECTED] source/libcli/raw/rawacl.c svn-v2:[EMAIL PROTECTED] source/libnet/libnet_join.csvn-v2:[EMAIL PROTECTED] source/librpc/idl/notify.idl svn-v2:[EMAIL PROTECTED] source/librpc/ndr/ndr.csvn-v2:[EMAIL PROTECTED] source/ntvfs/common/notify.c svn-v2:[EMAIL PROTECTED] source/param/loadparm.csvn-v2:[EMAIL PROTECTED] source/param/util.csvn-v2:[EMAIL PROTECTED] source/pidl/tests/Util.pm svn-v2:[EMAIL PROTECTED] source/pidl/tests/ndr_align.pl svn-v2:[EMAIL PROTECTED] source/pidl/tests/ndr_refptr.pl svn-v2:[EMAIL PROTECTED] source/pidl/tests/ndr_tagtype.pl svn-v2:[EMAIL PROTECTED] source/script/tests/mktestsetup.sh svn-v2:[EMAIL PROTECTED] source/script/tests/test_local.sh svn-v2:[EMAIL PROTECTED] source/script/tests/tests_all.sh svn-v2:[EMAIL PROTECTED] source/torture/config.mk svn-v2:[EMAIL PROTECTED] source/torture/local/config.mk svn-v2:[EMAIL PROTECTED] source/torture/local/event.c svn-v2:[EMAIL PROTECTED] source/torture/local/local.c svn-v2:[EMAIL PROTECTED] revno: 11286.1.5.1.24 merged: svn-v2:[EMAIL PROTECTED] parent: svn-v2:[EMAIL PROTECTED] committer: abartlet timestamp: Wed 2007-01-24 09:43:49 + message: Add in more certificate and key blobs, to enable PKINIT. To automaticly test this, we need to decide if we should ship kinit (and possibly and hxtool). Andrew Bartlett revno: 11286.1.5.1.23 merged: svn-v2:[EMAIL PROTECTED] parent: svn-v2:[EMAIL PROTECTED] committer: tridge timestamp: Wed 2007-01-24 04:34:19 + message: use relative includes for ctdb headers. This works with both standalone and built-in ctdb revno: 11286.1.5.1.22 merged: svn-v2:[EMAIL PROTECTED] parent: svn-v2:[EMAIL PROTECTED] committer: tridge timestamp: Wed 2007-01-24 04:30:44 + message: check for errors from event_loop_once() revno: 11286.1.5.1.21 merged: svn-v2:[EMAIL PROTECTED] parent: svn-v2:[EMAIL PROTECTED] committer: tridge timestamp: Wed 2007-01-24 04:28:17 + message: don't mark epoll as set until after the io_submit() succeeds this is part of the solution to LOCAL-EVENT on fort revno: 11286.1.5.1.20 merged: svn-v2:[EMAIL PROTECTED] parent: svn-v2:[EMAIL PROTECTED] committer: abartlet timestamp: Wed 2007-01-24 02:48:40 + message: Call out to Heimdal's krb5.conf processing to configure many aspects of KDC behaviour. This should allow PKINIT to be turned on and managed with reasonable sanity. This also means that the krb5.conf in the same directory as the smb.conf will always have priority in Samba4, which I think will be
svn commit: samba r20999 - in branches/SAMBA_4_0/testprogs/ejs: .
Author: metze
Date: 2007-01-24 12:23:42 + (Wed, 24 Jan 2007)
New Revision: 20999
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=20999
Log:
- update the list of attributes for classSchema and atttributeSchema objects
- use ${SCHEMADN} instead of CN=Schema,CN=Configuration,${BASEDN}
- do not include autogenerated values: instanceType, cn and name in the ldif
output
- take care of the systemOnly attribute and a resulting NO-USER-MODIFICATION
metze
Modified:
branches/SAMBA_4_0/testprogs/ejs/minschema.js
Changeset:
Modified: branches/SAMBA_4_0/testprogs/ejs/minschema.js
===
--- branches/SAMBA_4_0/testprogs/ejs/minschema.js 2007-01-24 11:26:22 UTC
(rev 20998)
+++ branches/SAMBA_4_0/testprogs/ejs/minschema.js 2007-01-24 12:23:42 UTC
(rev 20999)
@@ -40,23 +40,70 @@
objectclasses_expanded = new Object();
/* the attributes we need for objectclasses */
-class_attrs = new Array(objectClass,
- auxiliaryClass, systemAuxiliaryClass,
- possSuperiors, systemPossSuperiors,
- lDAPDisplayName, governsID,
- rDNAttID, mustContain, systemMustContain,
- mayContain, systemMayContain,
- objectClassCategory, subClassOf,
- defaultObjectCategory, defaultHidingValue,
- systemFlags, systemOnly,
defaultSecurityDescriptor,
- objectCategory, possibleInferiors,
displaySpecification,
- schemaIDGUID);
+class_attrs = new Array(objectClass,
+ subClassOf,
+ governsID,
+ possSuperiors,
+ mayContain,
+ mustContain,
+ auxiliaryClass,
+ rDNAttID,
+ showInAdvancedViewOnly,
+ adminDisplayName,
+ adminDescription,
+ objectClassCategory,
+ lDAPDisplayName,
+ schemaIDGUID,
+ systemOnly,
+ systemPossSuperiors,
+ systemMayContain,
+ systemMustContain,
+ systemAuxiliaryClass,
+ defaultSecurityDescriptor,
+ systemFlags,
+ defaultHidingValue,
+ objectCategory,
+ defaultObjectCategory,
-attrib_attrs = new Array(objectClass, lDAPDisplayName,
-isSingleValued, linkID, systemFlags,
systemOnly,
-schemaIDGUID, adminDisplayName, attributeID,
-attributeSyntax, oMSyntax, oMObjectClass);
+ /* this attributes are not used by w2k3 */
+ schemaFlagsEx,
+ msDs-IntId,
+ msDs-Schema-Extensions,
+ classDisplayName,
+ isDefunct);
+
+attrib_attrs = new Array(objectClass,
+attributeID,
+attributeSyntax,
+isSingleValued,
+rangeLower,
+rangeUpper,
+mAPIID,
+linkID,
+showInAdvancedViewOnly,
+adminDisplayName,
+oMObjectClass,
+adminDescription,
+oMSyntax,
+searchFlags,
+extendedCharsAllowed,
+lDAPDisplayName,
+schemaIDGUID,
+attributeSecurityGUID,
+systemOnly,
+systemFlags,
+isMemberOfPartialAttributeSet,
+objectCategory,
+
+/* this attributes are not used by w2k3 */
+schemaFlagsEx,
+msDs-IntId,
+msDs-Schema-Extensions,
+classDisplayName,
+isEphemeral,
+isDefunct);
+
/*
notes:
@@ -144,14 +191,14 @@
/*
- fix a string DN to use ${BASEDN}
+ fix a string DN to use ${SCHEMADN}
*/
function fix_dn(dn) {
- var s = strstr(dn, rootDse.defaultNamingContext);
+ var s = strstr(dn, rootDse.schemaNamingContext);
if (s == NULL) {
return dn;
}
- return substr(dn, 0, strlen(dn) - strlen(s)) + ${BASEDN};
+ return substr(dn, 0, strlen(dn) - strlen(s)) + ${SCHEMADN};
}
/*
@@ -159,9 +206,7 @@
*/
function write_ldif_one(o, attrs) {
var i;
- printf(dn: CN=%s,CN=Schema,CN=Configuration,${BASEDN}\n, o.cn);
-
svn commit: samba r21000 - in branches/SAMBA_4_0/testprogs/ejs: .
Author: metze
Date: 2007-01-24 12:46:26 + (Wed, 24 Jan 2007)
New Revision: 21000
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21000
Log:
add some options to control what ldif is dumped
default is dump everything
metze
Modified:
branches/SAMBA_4_0/testprogs/ejs/minschema.js
Changeset:
Modified: branches/SAMBA_4_0/testprogs/ejs/minschema.js
===
--- branches/SAMBA_4_0/testprogs/ejs/minschema.js 2007-01-24 12:23:42 UTC
(rev 20999)
+++ branches/SAMBA_4_0/testprogs/ejs/minschema.js 2007-01-24 12:46:26 UTC
(rev 21000)
@@ -12,13 +12,42 @@
POPT_AUTOHELP,
POPT_COMMON_SAMBA,
POPT_COMMON_CREDENTIALS,
-verbose);
+verbose,
+classes,
+attributes,
+subschema,
+subschema-auto);
if (options == undefined) {
println(Failed to parse options);
return -1;
}
verbose = options[verbose];
+dump_all = yes;
+dump_classes = options[classes];
+dump_attributes = options[attributes];
+dump_subschema = options[subschema];
+dump_subschema_auto = options[subschema-auto];
+if (dump_classes != undefined) {
+ dump_all = undefined;
+}
+if (dump_attributes != undefined) {
+ dump_all = undefined;
+}
+if (dump_subschema != undefined) {
+ dump_all = undefined;
+}
+if (dump_subschema_auto != undefined) {
+ dump_all = undefined;
+ dump_subschema = yes;
+}
+if (dump_all != undefined) {
+ dump_classes = yes;
+ dump_attributes = yes;
+ dump_subschema = yes;
+ dump_subschema_auto = yes;
+}
+
if (options.ARGV.length != 2) {
println(Usage: minschema.js URL classfile);
return -1;
@@ -678,6 +707,10 @@
objectClass: subSchema
objectCategory: CN=SubSchema,${SCHEMADN}
);
+ if (dump_subschema_auto == undefined) {
+ return;
+ }
+
for (i in objectclasses) {
write_aggregate_objectclass(objectclasses[i]);
}
@@ -776,11 +809,16 @@
/*
dump an ldif form of the attributes and objectclasses
*/
-write_ldif(attributes, attrib_attrs);
-write_ldif(objectclasses, class_attrs);
+if (dump_attributes != undefined) {
+ write_ldif(attributes, attrib_attrs);
+}
+if (dump_classes != undefined) {
+ write_ldif(objectclasses, class_attrs);
+}
+if (dump_subschema != undefined) {
+ write_aggregate();
+}
-write_aggregate();
-
if (verbose == undefined) {
exit(0);
}
Rev 11161: Merge support for deleting keys and setting values by Wilco in file:///home/jelmer/bzr.samba/4.0-regwrite/
revno: 11161 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Jelmer Vernooij [EMAIL PROTECTED] branch nick: 4.0-regwrite timestamp: Wed 2007-01-24 14:19:46 +0100 message: Merge support for deleting keys and setting values by Wilco modified: source/lib/registry/reg_backend_regf.c svn-v2:[EMAIL PROTECTED] revno: 11153.1.12 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Wilco Baan Hofman [EMAIL PROTECTED] branch nick: 4.0-regwrite timestamp: Sun 2007-01-21 21:17:38 +0100 message: Checkin *UNTESTED* set security descriptor code. Theoretically, it should work, but at the moment I have no way of testing this. revno: 11153.1.11 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Wilco Baan Hofman [EMAIL PROTECTED] branch nick: 4.0-regwrite timestamp: Sun 2007-01-21 17:24:47 +0100 message: Implement regf_del_value Revert offsets - unsigned integers, because value offset in vk may be shared with REG_DWORD Change error handling for regf_sl_del_entry and regf_sl_add_entry. Implement li/lh blocks for regf_sl_add_entry Fixed issue when last key was deleted an empty block was allocated. revno: 11153.1.10 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: svn-v2:[EMAIL PROTECTED] committer: Wilco Baan Hofman [EMAIL PROTECTED] branch nick: 4.0-regwrite timestamp: Thu 2007-01-18 02:34:41 +0100 message: Merge from upstream. revno: 11153.1.9 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Wilco Baan Hofman [EMAIL PROTECTED] branch nick: 4.0-regwrite timestamp: Thu 2007-01-18 02:30:22 +0100 message: Add FIXME line regarding deleting last key. revno: 11153.1.8 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Wilco Baan Hofman [EMAIL PROTECTED] branch nick: 4.0-regwrite timestamp: Thu 2007-01-18 02:26:02 +0100 message: Implement regf_set_value. Clarify return error when deleting non-empty key. revno: 11153.1.7 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Wilco Baan Hofman [EMAIL PROTECTED] branch nick: 4.0-regwrite timestamp: Wed 2007-01-17 17:06:25 +0100 message: Create regf_del_key support Fix allocation routines to work with block splits for deletion Diff too large for email (1005, the limit is 1000).
svn commit: samba r21001 - in branches/SAMBA_3_0/source: include nsswitch
Author: jerry
Date: 2007-01-24 14:39:46 + (Wed, 24 Jan 2007)
New Revision: 21001
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21001
Log:
* Use a simple '#define LDAPMessage void' to fix the build
problems in the nss_info interface when HAVE_LDAP is undefined.
* Revert previous ifdef HAVE_ADS brakets
* Remove an unused init function wrapper.
Modified:
branches/SAMBA_3_0/source/include/includes.h
branches/SAMBA_3_0/source/include/nss_info.h
branches/SAMBA_3_0/source/nsswitch/nss_info.c
branches/SAMBA_3_0/source/nsswitch/nss_info_template.c
branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c
Changeset:
Modified: branches/SAMBA_3_0/source/include/includes.h
===
--- branches/SAMBA_3_0/source/include/includes.h2007-01-24 12:46:26 UTC
(rev 21000)
+++ branches/SAMBA_3_0/source/include/includes.h2007-01-24 14:39:46 UTC
(rev 21001)
@@ -777,9 +777,6 @@
#ifdef HAVE_LDAP
#include ads_protos.h
-#else
-struct _LDAPMessage;
-typedef struct _LDAPMessage *LDAPMessage;
#endif
/* We need this after proto.h to reference GetTimeOfDay(). */
Modified: branches/SAMBA_3_0/source/include/nss_info.h
===
--- branches/SAMBA_3_0/source/include/nss_info.h2007-01-24 12:46:26 UTC
(rev 21000)
+++ branches/SAMBA_3_0/source/include/nss_info.h2007-01-24 14:39:46 UTC
(rev 21001)
@@ -20,11 +20,15 @@
Boston, MA 02111-1307, USA.
*/
-#ifdef WITH_ADS
-
#ifndef _IDMAP_NSS_H
#define _IDMAP_NSS_H
+#ifndef HAVE_LDAP
+# ifndef LDAPMessage
+#define LDAPMessage void
+# endif
+#endif
+
/* The interface version specifier */
#define SMB_NSS_INFO_INTERFACE_VERSION 1
@@ -84,9 +88,5 @@
NTSTATUS nss_close( const char *parameters );
-NTSTATUS idmap_nss_init_domain( const char *domain );
-
-
#endif /* _IDMAP_NSS_H_ */
-#endif /* WITH_ADS */
Modified: branches/SAMBA_3_0/source/nsswitch/nss_info.c
===
--- branches/SAMBA_3_0/source/nsswitch/nss_info.c 2007-01-24 12:46:26 UTC
(rev 21000)
+++ branches/SAMBA_3_0/source/nsswitch/nss_info.c 2007-01-24 14:39:46 UTC
(rev 21001)
@@ -20,8 +20,6 @@
Boston, MA 02111-1307, USA.
*/
-#ifdef WITH_ADS
-
#include includes.h
#include nss_info.h
@@ -266,27 +264,3 @@
return NT_STATUS_OK;
}
-/
- Invoke the init function for a given domain's backend
- ***/
-
- NTSTATUS idmap_nss_init_domain( const char *domain )
-{
- struct nss_domain_entry *p;
-
- DEBUG(10,(idmap_nss_init_domain: Searching for %s's init()
function\n,
- domain));
-
- for ( p=nss_domain_list; p; p=p-next ) {
- if ( strequal( p-domain, domain ) ) {
- DEBUG(10,(idmap_nss_init_domain: Calling init function
for %s\n,
- domain));
- return p-backend-methods-init( p );
- }
- }
-
- return NT_STATUS_NO_SUCH_DOMAIN;
-}
-
-#endif /* WITH_ADS */
-
Modified: branches/SAMBA_3_0/source/nsswitch/nss_info_template.c
===
--- branches/SAMBA_3_0/source/nsswitch/nss_info_template.c 2007-01-24
12:46:26 UTC (rev 21000)
+++ branches/SAMBA_3_0/source/nsswitch/nss_info_template.c 2007-01-24
14:39:46 UTC (rev 21001)
@@ -20,8 +20,6 @@
Boston, MA 02111-1307, USA.
*/
-#ifdef WITH_ADS
-
#include includes.h
#include nss_info.h
@@ -73,9 +71,9 @@
***/
static struct nss_info_methods nss_template_methods = {
- nss_template_init,
- nss_template_get_info,
- nss_template_close
+ .init = nss_template_init,
+ .get_nss_info = nss_template_get_info,
+ .close_fn = nss_template_close
};
NTSTATUS nss_info_template_init( void )
@@ -85,4 +83,3 @@
nss_template_methods);
}
-#endif /* WITH_ADS */
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c 2007-01-24 12:46:26 UTC
(rev 21000)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_ads.c 2007-01-24 14:39:46 UTC
(rev 21001)
@@ -125,10 +125,6 @@
return NULL;
}
- /* initialize the nss backend for this domain */
-
- idmap_nss_init_domain( domain-name );
-
/* set the flag that says we don't own the memory even
though we do so that ads_destroy() won't destroy the
structure we pass back by reference */
svn commit: samba r21002 - in branches/SAMBA_3_0/source: include smbd
Author: herb
Date: 2007-01-24 14:53:03 + (Wed, 24 Jan 2007)
New Revision: 21002
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21002
Log:
Get rid of unused macros - merge change from 3_0_24
Modified:
branches/SAMBA_3_0/source/include/smbprofile.h
branches/SAMBA_3_0/source/smbd/nttrans.c
branches/SAMBA_3_0/source/smbd/trans2.c
Changeset:
Modified: branches/SAMBA_3_0/source/include/smbprofile.h
===
--- branches/SAMBA_3_0/source/include/smbprofile.h 2007-01-24 14:39:46 UTC
(rev 21001)
+++ branches/SAMBA_3_0/source/include/smbprofile.h 2007-01-24 14:53:03 UTC
(rev 21002)
@@ -757,10 +757,6 @@
extern struct profile_header *profile_h;
extern struct profile_stats *profile_p;
-extern struct timeval profile_starttime;
-extern struct timeval profile_endtime;
-extern struct timeval profile_starttime_nested;
-extern struct timeval profile_endtime_nested;
extern BOOL do_profile_flag;
extern BOOL do_profile_times;
@@ -846,8 +842,6 @@
profile_timestamp() - __profstamp_##x); \
}
-#define START_PROFILE_NESTED(x) START_PROFILE(x)
-#define END_PROFILE_NESTED(x) END_PROFILE(x)
#else /* WITH_PROFILE */
@@ -856,10 +850,8 @@
#define DO_PROFILE_DEC_INC(x,y)
#define DO_PROFILE_ADD(x,n)
#define START_PROFILE(x)
-#define START_PROFILE_NESTED(x)
#define START_PROFILE_BYTES(x,n)
#define END_PROFILE(x)
-#define END_PROFILE_NESTED(x)
#endif /* WITH_PROFILE */
Modified: branches/SAMBA_3_0/source/smbd/nttrans.c
===
--- branches/SAMBA_3_0/source/smbd/nttrans.c2007-01-24 14:39:46 UTC (rev
21001)
+++ branches/SAMBA_3_0/source/smbd/nttrans.c2007-01-24 14:53:03 UTC (rev
21002)
@@ -2744,44 +2744,44 @@
switch(state-call) {
case NT_TRANSACT_CREATE:
{
- START_PROFILE_NESTED(NT_transact_create);
+ START_PROFILE(NT_transact_create);
outsize = call_nt_transact_create(conn, inbuf, outbuf,
size, bufsize,
state-setup,
state-setup_count,
state-param,
state-total_param,
state-data,
state-total_data,
state-max_data_return);
- END_PROFILE_NESTED(NT_transact_create);
+ END_PROFILE(NT_transact_create);
break;
}
case NT_TRANSACT_IOCTL:
{
- START_PROFILE_NESTED(NT_transact_ioctl);
+ START_PROFILE(NT_transact_ioctl);
outsize = call_nt_transact_ioctl(conn, inbuf, outbuf,
size, bufsize,
state-setup,
state-setup_count,
state-param,
state-total_param,
state-data,
state-total_data, state-max_data_return);
- END_PROFILE_NESTED(NT_transact_ioctl);
+ END_PROFILE(NT_transact_ioctl);
break;
}
case NT_TRANSACT_SET_SECURITY_DESC:
{
- START_PROFILE_NESTED(NT_transact_set_security_desc);
+ START_PROFILE(NT_transact_set_security_desc);
outsize = call_nt_transact_set_security_desc(conn,
inbuf, outbuf,
size, bufsize,
state-setup,
state-setup_count,
state-param,
state-total_param,
state-data,
state-total_data, state-max_data_return);
- END_PROFILE_NESTED(NT_transact_set_security_desc);
+ END_PROFILE(NT_transact_set_security_desc);
break;
}
case NT_TRANSACT_NOTIFY_CHANGE:
{
- START_PROFILE_NESTED(NT_transact_notify_change);
+ START_PROFILE(NT_transact_notify_change);
outsize = call_nt_transact_notify_change(
conn, inbuf, outbuf, size, bufsize,
state-setup, state-setup_count,
@@ -2789,56 +2789,56 @@
state-data, state-total_data,
state-max_data_return,
state-max_param_return);
-
svn commit: samba r21003 - in branches: SAMBA_3_0/source/libads SAMBA_3_0_24/source/libads
Author: gd
Date: 2007-01-24 14:59:01 + (Wed, 24 Jan 2007)
New Revision: 21003
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21003
Log:
Display LDAP base in debug statement.
Guenther
Modified:
branches/SAMBA_3_0/source/libads/ldap_utils.c
branches/SAMBA_3_0_24/source/libads/ldap_utils.c
Changeset:
Modified: branches/SAMBA_3_0/source/libads/ldap_utils.c
===
--- branches/SAMBA_3_0/source/libads/ldap_utils.c 2007-01-24 14:53:03 UTC
(rev 21002)
+++ branches/SAMBA_3_0/source/libads/ldap_utils.c 2007-01-24 14:59:01 UTC
(rev 21003)
@@ -60,8 +60,8 @@
status = ads_do_search_all_args(ads, bp, scope, expr, attrs,
args, res);
}
if (ADS_ERR_OK(status)) {
- DEBUG(5,(Search for %s gave %d replies\n,
-expr, ads_count_replies(ads, *res)));
+ DEBUG(5,(Search for %s in %s gave %d replies\n,
+ expr, bp, ads_count_replies(ads, *res)));
SAFE_FREE(bp);
return status;
}
Modified: branches/SAMBA_3_0_24/source/libads/ldap_utils.c
===
--- branches/SAMBA_3_0_24/source/libads/ldap_utils.c2007-01-24 14:53:03 UTC
(rev 21002)
+++ branches/SAMBA_3_0_24/source/libads/ldap_utils.c2007-01-24 14:59:01 UTC
(rev 21003)
@@ -60,8 +60,8 @@
status = ads_do_search_all_args(ads, bp, scope, expr, attrs,
args, res);
}
if (ADS_ERR_OK(status)) {
- DEBUG(5,(Search for %s gave %d replies\n,
-expr, ads_count_replies(ads, *res)));
+ DEBUG(5,(Search for %s in %s gave %d replies\n,
+expr, bp, ads_count_replies(ads, *res)));
SAFE_FREE(bp);
return status;
}
svn commit: samba r21004 - in branches: SAMBA_3_0/source/modules SAMBA_3_0_24/source/modules
Author: jmcd
Date: 2007-01-24 15:29:58 + (Wed, 24 Jan 2007)
New Revision: 21004
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21004
Log:
Patch from Mathias Dietz [EMAIL PROTECTED] to fix multi-node
sharemodes in gpfs.
Modified:
branches/SAMBA_3_0/source/modules/gpfs.c
branches/SAMBA_3_0_24/source/modules/gpfs.c
Changeset:
Modified: branches/SAMBA_3_0/source/modules/gpfs.c
===
--- branches/SAMBA_3_0/source/modules/gpfs.c2007-01-24 14:59:01 UTC (rev
21003)
+++ branches/SAMBA_3_0/source/modules/gpfs.c2007-01-24 15:29:58 UTC (rev
21004)
@@ -57,7 +57,7 @@
DEBUG(10, (special case am=no_access:%x\n,access_mask));
}
else {
- deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
+ deny |= (share_access FILE_SHARE_WRITE) ?
0 : GPFS_DENY_WRITE;
deny |= (share_access (FILE_SHARE_READ)) ?
0 : GPFS_DENY_READ;
Modified: branches/SAMBA_3_0_24/source/modules/gpfs.c
===
--- branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-24 14:59:01 UTC (rev
21003)
+++ branches/SAMBA_3_0_24/source/modules/gpfs.c 2007-01-24 15:29:58 UTC (rev
21004)
@@ -57,7 +57,7 @@
DEBUG(10, (special case am=no_access:%x\n,access_mask));
}
else {
- deny |= (share_access (FILE_SHARE_WRITE|FILE_SHARE_DELETE)) ?
+ deny |= (share_access FILE_SHARE_WRITE) ?
0 : GPFS_DENY_WRITE;
deny |= (share_access (FILE_SHARE_READ)) ?
0 : GPFS_DENY_READ;
Rev 11292: Add documentation, initial support for the buildfarm in file:///home/jelmer/bzr.samba/4.0-perlselftest/
revno: 11292
revision-id: [EMAIL PROTECTED]
parent: [EMAIL PROTECTED]
committer: Jelmer Vernooij [EMAIL PROTECTED]
branch nick: 4.0-perlselftest
timestamp: Wed 2007-01-24 17:00:07 +0100
message:
Add documentation, initial support for the buildfarm
modified:
source/script/tests/selftest.pl svn-v2:[EMAIL PROTECTED]
=== modified file 'source/script/tests/selftest.pl'
--- a/source/script/tests/selftest.pl 2007-01-22 23:49:29 +
+++ b/source/script/tests/selftest.pl 2007-01-24 16:00:07 +
@@ -2,6 +2,82 @@
# Bootstrap Samba and run a number of tests against it.
# Copyright (C) 2005-2007 Jelmer Vernooij [EMAIL PROTECTED]
# Published under the GNU GPL, v3 or later.
+
+=pod
+
+=head1 NAME
+
+selftest - Samba test runner
+
+=head1 SYNOPSIS
+
+selftest --help
+
+selftest [--target=samba4|samba3|win] [--socket-wrapper] [--quick] [--one]
PREFIX
+
+=head1 DESCRIPTION
+
+A simple test runner.
+
+=head1 OPTIONS
+
+=over 4
+
+=item I--help
+
+Show list of available options.
+
+=item I--target samba4|samba3|win
+
+Specify test target against which to run. Default is 'samba4'.
+
+=item I--quick
+
+Run only a limited number of tests. Intended to run in about 30 seconds on
+moderately recent systems.
+
+=item I--socket-wrapper
+
+Use socket wrapper library for communication with server. Only works
+when the server is running locally.
+
+Will prevent TCP and UDP ports being opened on the local host but
+(transparently) redirects these calls to use unix domain sockets.
+
+=item I--one
+
+Abort as soon as one test fails.
+
+=back
+
+=head1 ENVIRONMENT
+
+=over 4
+
+=item ISMBD_VALGRIND
+
+=item ITORTURE_MAXTIME
+
+=item IVALGRIND
+
+=item ITEST_LDAP
+
+=item ITLS_ENABLED
+
+=item Isrcdir
+
+=back
+
+=head1 LICENSE
+
+selftest is licensed under the GNU General Public License
Lhttp://www.gnu.org/licenses/gpl.html.
+
+=head1 AUTHOR
+
+Jelmer Vernooij
+
+=cut
+
use strict;
use warnings;
@@ -11,6 +87,12 @@
use POSIX;
use Cwd;
+my $opt_help = 0;
+my $opt_target = samba4;
+my $opt_quick = 0;
+my $opt_socket_wrapper = 0;
+my $opt_one = 0;
+
sub slapd_start($$) {
my ($conf, $uri) = @_;
my $oldpath = $ENV{PATH};
@@ -91,12 +173,58 @@
exit $failed;
}
+my $totalfailed = 0;
+my $start = time();
+
+sub run_test_buildfarm()
+{
+ my ($name, $cmd, $i, $total) = @_;
+ print --==--==--==--==--==--==--==--==--==--==--\n;
+ print Running test $name (level 0 stdout)\n;
+ print --==--==--==--==--==--==--==--==--==--==--\n;
+ system(date);
+ print Testing $name;
+
+ system($cmd);
+
+# print SMBD is down! Skipping: $cmd\n;
+# print ==\n;
+# print TEST SKIPPED: $name (reason SMBD is down)\n;
+# print ==\n;
+#
+ print ALL OK: $cmd\n;
+ print ==\n;
+ print TEST PASSED: $name\n;
+ print ==\n;
+
+ my $ret = 0;
+ if ($ret != 0) {
+ $totalfailed++;
+ }
+}
+
+sub run_test_plain()
+{
+ my ($name, $cmd, $i, $total) = @_;
+ my $err = ;
+ if ($totalfailed 0) { $err = , $totalfailed errors; }
+ printf [$i/$total in . (time() - $start).s$err] $name\n;
+ open(RESULT, $cmd 2/dev/null|);
+ while (RESULT) { }
+ close(RESULT);
+ my $ret = 0;
+ if ($ret != 0) {
+ $totalfailed++;
+ exit(1) if ($opt_one);
+ }
+}
+
sub ShowHelp()
{
print Samba test runner
Copyright (C) Jelmer Vernooij [EMAIL PROTECTED]
-Usage: $Script PREFIX
+Usage: $Script [OPTIONS] PREFIX
Generic options:
--help this help page
@@ -108,11 +236,6 @@
exit(0);
}
-my $opt_help = 0;
-my $opt_target = samba4;
-my $opt_quick = 0;
-my $opt_socket_wrapper = 0;
-my $opt_one = 0;
my $result = GetOptions (
'help|h|?' = \$opt_help,
@@ -160,6 +283,8 @@
my $testsdir = $srcdir/script/tests;
my $tls_enabled = not $opt_quick;
+my $from_build_farm = (defined($ENV{RUN_FROM_BUILD_FARM}) and
+ ($ENV{RUN_FROM_BUILD_FARM} eq yes));
$ENV{TLS_ENABLED} = ($tls_enabled?yes:no);
$ENV{LD_LDB_MODULE_PATH} = $old_pwd/bin/modules/ldb;
@@ -236,18 +361,17 @@
$ENV{SOCKET_WRAPPER_DEFAULT_IFACE} = 6;
$ENV{TORTURE_INTERFACES} =
'127.0.0.6/8,127.0.0.7/8,127.0.0.8/8,127.0.0.9/8,127.0.0.10/8,127.0.0.11/8';
-my @torture_options = (--option=interfaces=$ENV{TORTURE_INTERFACES}
$ENV{CONFIGURATION});
+my @torture_options = ();
+push (@torture_options, --option=interfaces=$ENV{TORTURE_INTERFACES});
+push (@torture_options, $ENV{CONFIGURATION});
# ensure any one smbtorture call doesn't run too long
push (@torture_options, --maximum-runtime=$torture_maxtime);
push (@torture_options, --target=$opt_target);
-push (@torture_options,
svn commit: samba r21005 - in branches: SAMBA_3_0/source/lib SAMBA_3_0_24/source/lib
Author: vlendec
Date: 2007-01-24 16:15:29 + (Wed, 24 Jan 2007)
New Revision: 21005
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21005
Log:
Add a debug message for EAGAIN error of setresuid.
Volker
Modified:
branches/SAMBA_3_0/source/lib/util_sec.c
branches/SAMBA_3_0_24/source/lib/util_sec.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/util_sec.c
===
--- branches/SAMBA_3_0/source/lib/util_sec.c2007-01-24 15:29:58 UTC (rev
21004)
+++ branches/SAMBA_3_0/source/lib/util_sec.c2007-01-24 16:15:29 UTC (rev
21005)
@@ -198,7 +198,13 @@
{
#if USE_SETRESUID
/* Set the effective as well as the real uid. */
- setresuid(uid,uid,-1);
+ if (setresuid(uid,uid,-1) == -1) {
+ if (errno == EAGAIN) {
+ DEBUG(0, (setresuid failed with EAGAIN. uid(%d)
+ might be over its NPROC limit\n,
+ (int)uid));
+ }
+ }
#endif
#if USE_SETREUID
Modified: branches/SAMBA_3_0_24/source/lib/util_sec.c
===
--- branches/SAMBA_3_0_24/source/lib/util_sec.c 2007-01-24 15:29:58 UTC (rev
21004)
+++ branches/SAMBA_3_0_24/source/lib/util_sec.c 2007-01-24 16:15:29 UTC (rev
21005)
@@ -198,7 +198,13 @@
{
#if USE_SETRESUID
/* Set the effective as well as the real uid. */
- setresuid(uid,uid,-1);
+ if (setresuid(uid,uid,-1) == -1) {
+ if (errno == EAGAIN) {
+ DEBUG(0, (setresuid failed with EAGAIN. uid(%d)
+ might be over its NPROC limit\n,
+ (int)uid));
+ }
+ }
#endif
#if USE_SETREUID
svn commit: samba r21006 - in branches/SAMBA_3_0_24/source: .
Author: herb Date: 2007-01-24 19:51:09 + (Wed, 24 Jan 2007) New Revision: 21006 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21006 Log: move $(SOCKET_WRAPPER_OBJ) to OBJ definition instead of link line like all other uses Modified: branches/SAMBA_3_0_24/source/Makefile.in Changeset: Modified: branches/SAMBA_3_0_24/source/Makefile.in === --- branches/SAMBA_3_0_24/source/Makefile.in2007-01-24 16:15:29 UTC (rev 21005) +++ branches/SAMBA_3_0_24/source/Makefile.in2007-01-24 19:51:09 UTC (rev 21006) @@ -824,11 +824,13 @@ iniparser/src/strlib.o TDBBACKUP_OBJ = tdb/tools/tdbbackup.o tdb/common/tdbback.o $(LIBREPLACE_OBJ) \ - $(TDBBASE_OBJ) + $(TDBBASE_OBJ) $(SOCKET_WRAPPER_OBJ) -TDBTOOL_OBJ = tdb/tools/tdbtool.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) +TDBTOOL_OBJ = tdb/tools/tdbtool.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) \ + $(SOCKET_WRAPPER_OBJ) -TDBDUMP_OBJ = tdb/tools/tdbdump.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) +TDBDUMP_OBJ = tdb/tools/tdbdump.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) \ + $(SOCKET_WRAPPER_OBJ) NTLM_AUTH_OBJ1 = utils/ntlm_auth.o utils/ntlm_auth_diagnostics.o @@ -1541,15 +1543,15 @@ bin/[EMAIL PROTECTED]@: $(TDBBACKUP_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) $(SOCKET_WRAPPER_OBJ) + @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) bin/[EMAIL PROTECTED]@: $(TDBTOOL_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBTOOL_OBJ) $(SOCKET_WRAPPER_OBJ) + @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBTOOL_OBJ) bin/[EMAIL PROTECTED]@: $(TDBDUMP_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) $(SOCKET_WRAPPER_OBJ) + @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) bin/[EMAIL PROTECTED]@: bin/[EMAIL PROTECTED]@ torture/t_strcmp.o $(CC) $(FLAGS) -o $@ $(DYNEXP) $(LIBS) torture/t_strcmp.o -L ./bin -lbigballofmud
svn commit: samba r21007 - in branches/SAMBA_3_0/source: .
Author: herb Date: 2007-01-24 19:53:58 + (Wed, 24 Jan 2007) New Revision: 21007 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21007 Log: move $(SOCKET_WRAPPER_OBJ) to OBJ definition instead of link line like all other uses - merge from 3_0_24 Modified: branches/SAMBA_3_0/source/Makefile.in Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in === --- branches/SAMBA_3_0/source/Makefile.in 2007-01-24 19:51:09 UTC (rev 21006) +++ branches/SAMBA_3_0/source/Makefile.in 2007-01-24 19:53:58 UTC (rev 21007) @@ -843,11 +843,13 @@ iniparser/src/strlib.o TDBBACKUP_OBJ = tdb/tools/tdbbackup.o tdb/common/tdbback.o $(LIBREPLACE_OBJ) \ - $(TDBBASE_OBJ) + $(TDBBASE_OBJ) $(SOCKET_WRAPPER_OBJ) -TDBTOOL_OBJ = tdb/tools/tdbtool.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) +TDBTOOL_OBJ = tdb/tools/tdbtool.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) \ + $(SOCKET_WRAPPER_OBJ) -TDBDUMP_OBJ = tdb/tools/tdbdump.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) +TDBDUMP_OBJ = tdb/tools/tdbdump.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) \ + $(SOCKET_WRAPPER_OBJ) NTLM_AUTH_OBJ1 = utils/ntlm_auth.o utils/ntlm_auth_diagnostics.o @@ -1579,15 +1581,15 @@ bin/[EMAIL PROTECTED]@: $(TDBBACKUP_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) $(SOCKET_WRAPPER_OBJ) + @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) bin/[EMAIL PROTECTED]@: $(TDBTOOL_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBTOOL_OBJ) $(SOCKET_WRAPPER_OBJ) + @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBTOOL_OBJ) bin/[EMAIL PROTECTED]@: $(TDBDUMP_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) $(SOCKET_WRAPPER_OBJ) + @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) bin/[EMAIL PROTECTED]@: bin/[EMAIL PROTECTED]@ torture/t_strcmp.o $(CC) $(FLAGS) -o $@ $(DYNEXP) $(LIBS) torture/t_strcmp.o -L ./bin -lbigballofmud
svn commit: samba r21008 - in branches/SAMBA_4_0/webapps/install: .
Author: abartlet
Date: 2007-01-24 22:56:17 + (Wed, 24 Jan 2007)
New Revision: 21008
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21008
Log:
We added a new argument to the provision() function, but I forgot to
update SWAT.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/webapps/install/provision.esp
branches/SAMBA_4_0/webapps/install/vampire.esp
Changeset:
Modified: branches/SAMBA_4_0/webapps/install/provision.esp
===
--- branches/SAMBA_4_0/webapps/install/provision.esp2007-01-24 19:53:58 UTC
(rev 21007)
+++ branches/SAMBA_4_0/webapps/install/provision.esp2007-01-24 22:56:17 UTC
(rev 21008)
@@ -61,7 +61,7 @@
} else {
var paths = provision_default_paths(subobj);
if (!provision(subobj, writefln, false, paths,
- session.authinfo.session_info,
session.authinfo.credentials)) {
+ session.authinfo.session_info,
session.authinfo.credentials, false)) {
writefln(Provision failed!);
} else if (!provision_dns(subobj, writefln, paths,
session.authinfo.session_info,
session.authinfo.credentials)) {
Modified: branches/SAMBA_4_0/webapps/install/vampire.esp
===
--- branches/SAMBA_4_0/webapps/install/vampire.esp 2007-01-24 19:53:58 UTC
(rev 21007)
+++ branches/SAMBA_4_0/webapps/install/vampire.esp 2007-01-24 22:56:17 UTC
(rev 21008)
@@ -76,7 +76,7 @@
/* Setup a basic database structure, but don't setup any users
*/
if (!provision(subobj, writefln, true, paths,
- session_info, credentials)) {
+ session_info, credentials, false)) {
writefln(Provision failed!);
/* Join domain */
Build status as of Thu Jan 25 00:00:02 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-01-24 00:00:12.0 + +++ /home/build/master/cache/broken_results.txt 2007-01-25 00:00:57.0 + @@ -1,4 +1,4 @@ -Build status as of Wed Jan 24 00:00:02 2007 +Build status as of Thu Jan 25 00:00:02 2007 Build counts: Tree Total Broken Panic @@ -9,13 +9,13 @@ distcc 3 0 0 ldb 34 3 0 libreplace 32 3 0 -lorikeet-heimdal 31 17 0 +lorikeet-heimdal 31 18 0 ppp 18 0 0 -rsync36 10 0 +rsync36 9 0 samba0 0 0 samba-docs 0 0 0 -samba4 34 17 2 -samba_3_036 11 0 +samba4 34 17 0 +samba_3_036 9 0 smb-build32 31 0 talloc 36 0 0 tdb 34 3 0
svn commit: samba r21009 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jerry
Date: 2007-01-25 00:47:27 + (Thu, 25 Jan 2007)
New Revision: 21009
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21009
Log:
Patch from Danilo Almeida @ Centeris (via me).
Patch details:
Support most options in pam_winbind.conf; support comma-separated names in
require-membership-of. Details below:
1) Provides support for almost all config options in pam_winbind.conf
(all except for use_first_pass, use_authtok, and unknown_ok).
- That allows us to work well when invoked via call_modules from
pam_unix2.conf as well as allowing use of spaces in names used
w/require_membership_of.
2) Support for comma-separated list of names or SID strings in
require_membership_of/require-membership-of.
- Increased require_membership_of field in winbind request from fstring
(256) to pstring (1024).
- In PAM side, parse out multiple names or SID strings and convert
all of them to SID strings.
- In Winbind side, support membership check against multiple SID strings.
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h
branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-24 22:56:17 UTC
(rev 21008)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-25 00:47:27 UTC
(rev 21009)
@@ -91,21 +91,18 @@
va_end(args);
}
-static int _pam_parse(const pam_handle_t *pamh, int flags, int argc, const
char **argv, dictionary **d)
+static int _pam_parse(const pam_handle_t *pamh, int flags, int argc, const
char **argv, dictionary **result_d)
{
int ctrl = 0;
const char *config_file = NULL;
int i;
const char **v;
+ dictionary *d = NULL;
if (flags PAM_SILENT) {
ctrl |= WINBIND_SILENT;
}
- if (d == NULL) {
- goto config_from_pam;
- }
-
for (i=argc,v=argv; i-- 0; ++v) {
if (!strncasecmp(*v, config, strlen(config))) {
ctrl |= WINBIND_CONFIG_FILE;
@@ -118,36 +115,40 @@
config_file = PAM_WINBIND_CONFIG_FILE;
}
- *d = iniparser_load(config_file);
- if (*d == NULL) {
+ d = iniparser_load(config_file);
+ if (d == NULL) {
goto config_from_pam;
}
- if (iniparser_getboolean(*d, global:debug, False)) {
+ if (iniparser_getboolean(d, global:debug, False)) {
ctrl |= WINBIND_DEBUG_ARG;
}
- if (iniparser_getboolean(*d, global:cached_login, False)) {
+ if (iniparser_getboolean(d, global:cached_login, False)) {
ctrl |= WINBIND_CACHED_LOGIN;
}
- if (iniparser_getboolean(*d, global:krb5_auth, False)) {
+ if (iniparser_getboolean(d, global:krb5_auth, False)) {
ctrl |= WINBIND_KRB5_AUTH;
}
- if (iniparser_getboolean(*d, global:silent, False)) {
+ if (iniparser_getboolean(d, global:silent, False)) {
ctrl |= WINBIND_SILENT;
}
- if (iniparser_getstr(*d, global:krb5_ccache_type) != NULL) {
+ if (iniparser_getstr(d, global:krb5_ccache_type) != NULL) {
ctrl |= WINBIND_KRB5_CCACHE_TYPE;
}
- if ((iniparser_getstr(*d, global:require-membership-of) != NULL) ||
- (iniparser_getstr(*d, global:require_membership_of) != NULL)) {
+ if ((iniparser_getstr(d, global:require-membership-of) != NULL) ||
+ (iniparser_getstr(d, global:require_membership_of) != NULL)) {
ctrl |= WINBIND_REQUIRED_MEMBERSHIP;
}
+ if (iniparser_getboolean(d, global:try_first_pass, False)) {
+ ctrl |= WINBIND_TRY_FIRST_PASS_ARG;
+ }
+
config_from_pam:
/* step through arguments */
for (i=argc,v=argv; i-- 0; ++v) {
@@ -179,6 +180,15 @@
}
}
+
+ if (result_d) {
+ *result_d = d;
+ } else {
+ if (d) {
+ iniparser_freedict(d);
+ }
+ }
+
return ctrl;
};
@@ -447,6 +457,147 @@
/* no warning sent */
}
+#define IS_SID_STRING(name) (strncmp(S-, name, 2) == 0)
+
+int safe_append_string(char *dest,
+ const char *src,
+ int dest_buffer_size)
+/**
+ * Append a string, making sure not to overflow and to always return a
NULL-terminated
+ * string.
+ *
+ * @param dest Destination string buffer (must already be NULL-terminated).
+ * @param src Source string buffer.
+ * @param dest_buffer_size Size of dest buffer in bytes.
+ *
+ * @return 0 if dest buffer is not big enough (no bytes copied), non-zero on
success.
+ */
+{
+ int dest_length = strlen(dest);
+ int
svn commit: samba r21010 - in branches/SAMBA_3_0/source/utils: .
Author: jerry Date: 2007-01-25 00:50:36 + (Thu, 25 Jan 2007) New Revision: 21010 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21010 Log: fix the pstring change in ntlm_auth for require-membership-of in ntlm_auth Modified: branches/SAMBA_3_0/source/utils/ntlm_auth.c Changeset: Modified: branches/SAMBA_3_0/source/utils/ntlm_auth.c === --- branches/SAMBA_3_0/source/utils/ntlm_auth.c 2007-01-25 00:47:27 UTC (rev 21009) +++ branches/SAMBA_3_0/source/utils/ntlm_auth.c 2007-01-25 00:50:36 UTC (rev 21010) @@ -272,7 +272,7 @@ fstrcpy(request.data.auth.user, user); fstrcpy(request.data.auth.pass, pass); if (require_membership_of_sid) - fstrcpy(request.data.auth.require_membership_of_sid, require_membership_of_sid); + pstrcpy(request.data.auth.require_membership_of_sid, require_membership_of_sid); result = winbindd_request_response(WINBINDD_PAM_AUTH, request, response);
svn commit: samba r21012 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jerry
Date: 2007-01-25 01:56:34 + (Thu, 25 Jan 2007)
New Revision: 21012
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21012
Log:
Patch from Danilo Almeida @ Centeris (via me):
Details: Improve PAM logging
- The improved logging is far tracking down PAM-related bugs
- PAM_SILENT was being mis-used to suppress syslog output instead of
suppressing user output. This lets PAM_SILENT still log to syslog.
- Allow logging of item data state via debug_state config file option.
- Logging tracks the pam handle used.
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
branches/SAMBA_3_0/source/nsswitch/pam_winbind.h
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-25 01:18:31 UTC
(rev 21011)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-25 01:56:34 UTC
(rev 21012)
@@ -12,6 +12,18 @@
#include pam_winbind.h
+#define _PAM_LOG_FUNCTION_ENTER(function, pamh, ctrl, flags) \
+ do { \
+ _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] ENTER:
function (flags: 0x%04x), (uint32) pamh, flags); \
+ _pam_log_state(pamh, ctrl); \
+ } while (0)
+
+#define _PAM_LOG_FUNCTION_LEAVE(function, pamh, ctrl, retval) \
+ do { \
+ _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x] LEAVE:
function returning %d, (uint32) pamh, retval); \
+ _pam_log_state(pamh, ctrl); \
+ } while (0)
+
/* data tokens */
#define MAX_PASSWD_TRIES 3
@@ -61,11 +73,16 @@
}
#endif /* HAVE_PAM_VSYSLOG */
+static inline int _pam_log_is_silent(int ctrl)
+{
+ return (ctrl WINBIND_SILENT) ? 1 : 0;
+}
+
static void _pam_log(const pam_handle_t *pamh, int ctrl, int err, const char
*format, ...)
{
va_list args;
- if (ctrl WINBIND_SILENT) {
+ if (_pam_log_is_silent(ctrl)) {
return;
}
@@ -74,15 +91,37 @@
va_end(args);
}
-static void _pam_log_debug(const pam_handle_t *pamh, int ctrl, int err, const
char *format, ...)
+static inline int _pam_log_is_debug_enabled(int ctrl)
{
- va_list args;
+ if (ctrl == -1) {
+ return 0;
+ }
- if (ctrl WINBIND_SILENT) {
- return;
+ if (_pam_log_is_silent(ctrl)) {
+ return 0;
}
if (!(ctrl WINBIND_DEBUG_ARG)) {
+ return 0;
+ }
+
+ return 1;
+}
+
+static inline int _pam_log_is_debug_state_enabled(int ctrl)
+{
+ if (!(ctrl WINBIND_DEBUG_STATE)) {
+ return 0;
+ }
+
+ return _pam_log_is_debug_enabled(ctrl);
+}
+
+static void _pam_log_debug(const pam_handle_t *pamh, int ctrl, int err, const
char *format, ...)
+{
+ va_list args;
+
+ if (!_pam_log_is_debug_enabled(ctrl)) {
return;
}
@@ -91,6 +130,74 @@
va_end(args);
}
+static void _pam_log_state_datum(const pam_handle_t *pamh, int ctrl, int
item_type, const char *key, int is_string)
+{
+ const void *data = NULL;
+ if (item_type != 0) {
+ pam_get_item(pamh, item_type, data);
+ } else {
+ pam_get_data(pamh, key, data);
+ }
+ if (data != NULL) {
+ const char *type = (item_type != 0) ? ITEM : DATA;
+ if (is_string != 0) {
+ _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x]
STATE: %s(%s) = \%s\ (0x%08x), (uint32) pamh, type, key, (const char *)
data, (uint32) data);
+ } else {
+ _pam_log_debug(pamh, ctrl, LOG_DEBUG, [pamh: 0x%08x]
STATE: %s(%s) = 0x%08x, (uint32) pamh, type, key, (uint32) data);
+ }
+ }
+}
+
+#define _PAM_LOG_STATE_DATA_POINTER(pamh, ctrl, module_data_name) \
+ _pam_log_state_datum(pamh, ctrl, 0, module_data_name, 0)
+
+#define _PAM_LOG_STATE_DATA_STRING(pamh, ctrl, module_data_name) \
+ _pam_log_state_datum(pamh, ctrl, 0, module_data_name, 1)
+
+#define _PAM_LOG_STATE_ITEM_POINTER(pamh, ctrl, item_type) \
+ _pam_log_state_datum(pamh, ctrl, item_type, #item_type, 0)
+
+#define _PAM_LOG_STATE_ITEM_STRING(pamh, ctrl, item_type) \
+ _pam_log_state_datum(pamh, ctrl, item_type, #item_type, 1)
+
+#ifdef DEBUG_PASSWORD
+#define _LOG_PASSWORD_AS_STRING 1
+#else
+#define _LOG_PASSWORD_AS_STRING 0
+#endif
+
+#define _PAM_LOG_STATE_ITEM_PASSWORD(pamh, ctrl, item_type) \
+ _pam_log_state_datum(pamh, ctrl, item_type, #item_type,
_LOG_PASSWORD_AS_STRING)
+
+static void _pam_log_state(const pam_handle_t *pamh, int ctrl)
+{
+ if (!_pam_log_is_debug_state_enabled(ctrl)) {
+ return;
+ }
+
+ _PAM_LOG_STATE_ITEM_STRING(pamh, ctrl, PAM_SERVICE);
+ _PAM_LOG_STATE_ITEM_STRING(pamh, ctrl, PAM_USER);
+ _PAM_LOG_STATE_ITEM_STRING(pamh, ctrl, PAM_TTY);
+
Re: svn commit: samba r21012 - in branches/SAMBA_3_0/source/nsswitch: .
On Thu, Jan 25, 2007 at 01:56:36AM +, [EMAIL PROTECTED] wrote: Author: jerry Date: 2007-01-25 01:56:34 + (Thu, 25 Jan 2007) New Revision: 21012 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21012 Log: Patch from Danilo Almeida @ Centeris (via me): Details: Improve PAM logging - The improved logging is far tracking down PAM-related bugs - PAM_SILENT was being mis-used to suppress syslog output instead of suppressing user output. This lets PAM_SILENT still log to syslog. - Allow logging of item data state via debug_state config file option. - Logging tracks the pam handle used. I don't think all our platforms support inline (and it's not a C construct). I remember shouting at James Peach for doing the same thing :-). Jeremy.
svn commit: samba r21013 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jerry
Date: 2007-01-25 02:24:56 + (Thu, 25 Jan 2007)
New Revision: 21013
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21013
Log:
* Remove inline keyword
* Remove anpther check for PAM_SILENT that prevents logging to syslog
* Add missing check for TRY_FIRST_PASS when using authtok (missed
from previous merge)
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-25 01:56:34 UTC
(rev 21012)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-25 02:24:56 UTC
(rev 21013)
@@ -73,7 +73,7 @@
}
#endif /* HAVE_PAM_VSYSLOG */
-static inline int _pam_log_is_silent(int ctrl)
+static int _pam_log_is_silent(int ctrl)
{
return (ctrl WINBIND_SILENT) ? 1 : 0;
}
@@ -91,7 +91,7 @@
va_end(args);
}
-static inline int _pam_log_is_debug_enabled(int ctrl)
+static int _pam_log_is_debug_enabled(int ctrl)
{
if (ctrl == -1) {
return 0;
@@ -108,7 +108,7 @@
return 1;
}
-static inline int _pam_log_is_debug_state_enabled(int ctrl)
+static int _pam_log_is_debug_state_enabled(int ctrl)
{
if (!(ctrl WINBIND_DEBUG_STATE)) {
return 0;
@@ -1406,7 +1406,7 @@
_PAM_LOG_FUNCTION_ENTER(pam_sm_setcred, pamh, ctrl, flags);
- switch (flags ~PAM_SILENT) {
+ switch (flag) {
case PAM_DELETE_CRED:
ret = pam_sm_close_session(pamh, flags, argc, argv);
@@ -1794,7 +1794,7 @@
goto out;
}
- lctrl = ctrl;
+ lctrl = ctrl ~WINBIND_TRY_FIRST_PASS_ARG;
if (on(WINBIND_USE_AUTHTOK_ARG, lctrl)) {
lctrl |= WINBIND_USE_FIRST_PASS_ARG;
svn commit: samba r21014 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jerry
Date: 2007-01-25 02:28:00 + (Thu, 25 Jan 2007)
New Revision: 21014
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21014
Log:
move some functionss to winbindd_group.c and make static
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_group.c
branches/SAMBA_3_0/source/nsswitch/winbindd_passdb.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_group.c
===
--- branches/SAMBA_3_0/source/nsswitch/winbindd_group.c 2007-01-25 02:24:56 UTC
(rev 21013)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_group.c 2007-01-25 02:28:00 UTC
(rev 21014)
@@ -31,10 +31,151 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
-/***
- Empty static struct for negative caching.
-/
+static void add_member(const char *domain, const char *user,
+ char **pp_members, size_t *p_num_members)
+{
+ fstring name;
+ fill_domain_username(name, domain, user, True);
+ safe_strcat(name, ,, sizeof(name)-1);
+ string_append(pp_members, name);
+ *p_num_members += 1;
+}
+
+/**
+ Add member users resulting from sid. Expand if it is a domain group.
+**/
+
+static void add_expanded_sid(const DOM_SID *sid, char **pp_members, size_t
*p_num_members)
+{
+ DOM_SID dom_sid;
+ uint32 rid;
+ struct winbindd_domain *domain;
+ size_t i;
+
+ char *domain_name = NULL;
+ char *name = NULL;
+ enum lsa_SidType type;
+
+ uint32 num_names;
+ DOM_SID *sid_mem;
+ char **names;
+ uint32 *types;
+
+ NTSTATUS result;
+
+ TALLOC_CTX *mem_ctx = talloc_init(add_expanded_sid);
+
+ if (mem_ctx == NULL) {
+ DEBUG(1, (talloc_init failed\n));
+ return;
+ }
+
+ sid_copy(dom_sid, sid);
+ sid_split_rid(dom_sid, rid);
+
+ domain = find_lookup_domain_from_sid(sid);
+
+ if (domain == NULL) {
+ DEBUG(3, (Could not find domain for sid %s\n,
+ sid_string_static(sid)));
+ goto done;
+ }
+
+ result = domain-methods-sid_to_name(domain, mem_ctx, sid,
+ domain_name, name, type);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(3, (sid_to_name failed for sid %s\n,
+ sid_string_static(sid)));
+ goto done;
+ }
+
+ DEBUG(10, (Found name %s, type %d\n, name, type));
+
+ if (type == SID_NAME_USER) {
+ add_member(domain_name, name, pp_members, p_num_members);
+ goto done;
+ }
+
+ if (type != SID_NAME_DOM_GRP) {
+ DEBUG(10, (Alias member %s neither user nor group, ignore\n,
+ name));
+ goto done;
+ }
+
+ /* Expand the domain group, this must be done via the target domain */
+
+ domain = find_domain_from_sid(sid);
+
+ if (domain == NULL) {
+ DEBUG(3, (Could not find domain from SID %s\n,
+ sid_string_static(sid)));
+ goto done;
+ }
+
+ result = domain-methods-lookup_groupmem(domain, mem_ctx,
+ sid, num_names,
+ sid_mem, names,
+ types);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(10, (Could not lookup group members for %s: %s\n,
+ name, nt_errstr(result)));
+ goto done;
+ }
+
+ for (i=0; inum_names; i++) {
+ DEBUG(10, (Adding group member SID %s\n,
+ sid_string_static(sid_mem[i])));
+
+ if (types[i] != SID_NAME_USER) {
+ DEBUG(1, (Hmmm. Member %s of group %s is no user.
+ Ignoring.\n, names[i], name));
+ continue;
+ }
+
+ add_member(domain-name, names[i], pp_members, p_num_members);
+ }
+
+ done:
+ talloc_destroy(mem_ctx);
+ return;
+}
+
+static BOOL fill_passdb_alias_grmem(struct winbindd_domain *domain,
+DOM_SID *group_sid,
+size_t *num_gr_mem, char **gr_mem, size_t
*gr_mem_len)
+{
+ DOM_SID *members;
+ size_t i, num_members;
+
+ *num_gr_mem = 0;
+ *gr_mem = NULL;
+ *gr_mem_len = 0;
+
+ if (!NT_STATUS_IS_OK(pdb_enum_aliasmem(group_sid, members,
+ num_members)))
+ return True;
+
+ for (i=0; inum_members; i++) {
+
svn commit: samba r21015 - in branches/SAMBA_3_0/source/nsswitch: .
Author: jerry
Date: 2007-01-25 02:36:20 + (Thu, 25 Jan 2007)
New Revision: 21015
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=21015
Log:
fix typo that breaks the build
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-25 02:28:00 UTC
(rev 21014)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c2007-01-25 02:36:20 UTC
(rev 21015)
@@ -1406,7 +1406,7 @@
_PAM_LOG_FUNCTION_ENTER(pam_sm_setcred, pamh, ctrl, flags);
- switch (flag) {
+ switch (flags) {
case PAM_DELETE_CRED:
ret = pam_sm_close_session(pamh, flags, argc, argv);
Rev 47: added copies of libs so can be built standalone in http://samba.org/~tridge/ctdb
Rev 49: use ctdb_call_info, so struct ctdb_call can be used for top level call in http://samba.org/~tridge/ctdb
revno: 49
revision-id: [EMAIL PROTECTED]
parent: [EMAIL PROTECTED]
committer: Andrew Tridgell [EMAIL PROTECTED]
branch nick: tridge
timestamp: Thu 2007-01-25 15:19:16 +1100
message:
use ctdb_call_info, so struct ctdb_call can be used for top level call
modified:
common/ctdb_call.c ctdb_call.c-20061128065342-to93h6eejj5kon81-1
ctdb_bench.c ctdb_bench.c-20061219052637-2liagoglohxb6p7s-1
ctdb_test.cctdb_test.c-20061117234101-o3qt14umlg9en8z0-16
include/ctdb.h ctdb.h-20061117234101-o3qt14umlg9en8z0-11
=== modified file 'common/ctdb_call.c'
--- a/common/ctdb_call.c2007-01-23 00:38:45 +
+++ b/common/ctdb_call.c2007-01-25 04:19:16 +
@@ -49,10 +49,10 @@
int call_id, TDB_DATA *call_data, TDB_DATA
*reply_data,
uint32_t caller)
{
- struct ctdb_call *c;
+ struct ctdb_call_info *c;
struct ctdb_registered_call *fn;
- c = talloc(ctdb, struct ctdb_call);
+ c = talloc(ctdb, struct ctdb_call_info);
CTDB_NO_MEMORY(ctdb, c);
c-key = key;
=== modified file 'ctdb_bench.c'
--- a/ctdb_bench.c 2006-12-19 05:27:03 +
+++ b/ctdb_bench.c 2007-01-25 04:19:16 +
@@ -50,7 +50,7 @@
/*
ctdb call function to increment an integer
*/
-static int incr_func(struct ctdb_call *call)
+static int incr_func(struct ctdb_call_info *call)
{
if (call-record_data.dsize == 0) {
call-new_data = talloc(call, TDB_DATA);
@@ -70,7 +70,7 @@
/*
ctdb call function to fetch a record
*/
-static int fetch_func(struct ctdb_call *call)
+static int fetch_func(struct ctdb_call_info *call)
{
call-reply_data = call-record_data;
return 0;
=== modified file 'ctdb_test.c'
--- a/ctdb_test.c 2006-12-01 04:45:24 +
+++ b/ctdb_test.c 2007-01-25 04:19:16 +
@@ -33,7 +33,7 @@
/*
add an integer into a record in sorted order
*/
-static int sort_func(struct ctdb_call *call)
+static int sort_func(struct ctdb_call_info *call)
{
if (call-call_data == NULL ||
call-call_data-dsize != sizeof(int)) {
@@ -64,7 +64,7 @@
/*
ctdb call function to fetch a record
*/
-static int fetch_func(struct ctdb_call *call)
+static int fetch_func(struct ctdb_call_info *call)
{
call-reply_data = call-record_data;
return 0;
=== modified file 'include/ctdb.h'
--- a/include/ctdb.h2007-01-23 00:38:45 +
+++ b/include/ctdb.h2007-01-25 04:19:16 +
@@ -24,7 +24,7 @@
/*
structure passed to a ctdb call function
*/
-struct ctdb_call {
+struct ctdb_call_info {
TDB_DATA key; /* record key */
TDB_DATA record_data; /* current data in the record */
TDB_DATA *new_data;/* optionally updated record data */
@@ -85,7 +85,7 @@
const char *ctdb_errstr(struct ctdb_context *);
/* a ctdb call function */
-typedef int (*ctdb_fn_t)(struct ctdb_call *);
+typedef int (*ctdb_fn_t)(struct ctdb_call_info *);
/*
setup a ctdb call function
Rev 48: merge db wrap code from samba4 in http://samba.org/~tridge/ctdb
revno: 48
revision-id: [EMAIL PROTECTED]
parent: [EMAIL PROTECTED]
committer: Andrew Tridgell [EMAIL PROTECTED]
branch nick: tridge
timestamp: Thu 2007-01-25 15:11:36 +1100
message:
merge db wrap code from samba4
added:
lib/util/db_wrap.c db_wrap.c-20070125041102-mfc39bu6uof09lw6-1
lib/util/db_wrap.h db_wrap.h-20070125041102-mfc39bu6uof09lw6-2
=== added file 'lib/util/db_wrap.c'
--- a/lib/util/db_wrap.c1970-01-01 00:00:00 +
+++ b/lib/util/db_wrap.c2007-01-25 04:11:36 +
@@ -0,0 +1,83 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ database wrap functions
+
+ Copyright (C) Andrew Tridgell 2004
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+/*
+ the stupidity of the unix fcntl locking design forces us to never
+ allow a database file to be opened twice in the same process. These
+ wrappers provide convenient access to a tdb or ldb, taking advantage
+ of talloc destructors to ensure that only a single open is done
+*/
+
+#include includes.h
+#include lib/util/dlinklist.h
+#include lib/events/events.h
+#include lib/tdb/include/tdb.h
+#include db_wrap.h
+
+static struct tdb_wrap *tdb_list;
+
+
+
+/* destroy the last connection to a tdb */
+static int tdb_wrap_destructor(struct tdb_wrap *w)
+{
+ tdb_close(w-tdb);
+ DLIST_REMOVE(tdb_list, w);
+ return 0;
+}
+
+/*
+ wrapped connection to a tdb database
+ to close just talloc_free() the tdb_wrap pointer
+ */
+struct tdb_wrap *tdb_wrap_open(TALLOC_CTX *mem_ctx,
+ const char *name, int hash_size, int tdb_flags,
+ int open_flags, mode_t mode)
+{
+ struct tdb_wrap *w;
+
+ for (w=tdb_list;w;w=w-next) {
+ if (strcmp(name, w-name) == 0) {
+ return talloc_reference(mem_ctx, w);
+ }
+ }
+
+ w = talloc(mem_ctx, struct tdb_wrap);
+ if (w == NULL) {
+ return NULL;
+ }
+
+ w-name = talloc_strdup(w, name);
+
+ w-tdb = tdb_open(name, hash_size, tdb_flags,
+ open_flags, mode);
+ if (w-tdb == NULL) {
+ talloc_free(w);
+ return NULL;
+ }
+
+ talloc_set_destructor(w, tdb_wrap_destructor);
+
+ DLIST_ADD(tdb_list, w);
+
+ return w;
+}
=== added file 'lib/util/db_wrap.h'
--- a/lib/util/db_wrap.h1970-01-01 00:00:00 +
+++ b/lib/util/db_wrap.h2007-01-25 04:11:36 +
@@ -0,0 +1,33 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ database wrap headers
+
+ Copyright (C) Andrew Tridgell 2004
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+
+struct tdb_wrap {
+ struct tdb_context *tdb;
+
+ const char *name;
+ struct tdb_wrap *next, *prev;
+};
+
+struct tdb_wrap *tdb_wrap_open(TALLOC_CTX *mem_ctx,
+ const char *name, int hash_size, int tdb_flags,
+ int open_flags, mode_t mode);
svn commit: linux-cifs-client r93 - in branches: linux-2.6-cifs-git-devel/fs/cifs linux-2.6-mainline/fs/cifs
Author: sfrench Date: 2007-01-25 05:04:14 + (Thu, 25 Jan 2007) New Revision: 93 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=linux-cifs-clientrev=93 Log: merge cifs 1.47 from mainline from cifs to svn Modified: branches/linux-2.6-cifs-git-devel/fs/cifs/CHANGES branches/linux-2.6-cifs-git-devel/fs/cifs/README branches/linux-2.6-cifs-git-devel/fs/cifs/cifs_debug.c branches/linux-2.6-cifs-git-devel/fs/cifs/cifsencrypt.c branches/linux-2.6-cifs-git-devel/fs/cifs/cifsfs.c branches/linux-2.6-cifs-git-devel/fs/cifs/cifsfs.h branches/linux-2.6-cifs-git-devel/fs/cifs/cifspdu.h branches/linux-2.6-cifs-git-devel/fs/cifs/cifsproto.h branches/linux-2.6-cifs-git-devel/fs/cifs/cifssmb.c branches/linux-2.6-cifs-git-devel/fs/cifs/connect.c branches/linux-2.6-cifs-git-devel/fs/cifs/fcntl.c branches/linux-2.6-cifs-git-devel/fs/cifs/file.c branches/linux-2.6-cifs-git-devel/fs/cifs/inode.c branches/linux-2.6-cifs-git-devel/fs/cifs/ioctl.c branches/linux-2.6-cifs-git-devel/fs/cifs/link.c branches/linux-2.6-cifs-git-devel/fs/cifs/misc.c branches/linux-2.6-cifs-git-devel/fs/cifs/netmisc.c branches/linux-2.6-cifs-git-devel/fs/cifs/readdir.c branches/linux-2.6-cifs-git-devel/fs/cifs/sess.c branches/linux-2.6-cifs-git-devel/fs/cifs/transport.c branches/linux-2.6-mainline/fs/cifs/CHANGES branches/linux-2.6-mainline/fs/cifs/README branches/linux-2.6-mainline/fs/cifs/cifs_debug.c branches/linux-2.6-mainline/fs/cifs/cifsencrypt.c branches/linux-2.6-mainline/fs/cifs/cifsfs.c branches/linux-2.6-mainline/fs/cifs/cifsfs.h branches/linux-2.6-mainline/fs/cifs/cifsglob.h branches/linux-2.6-mainline/fs/cifs/cifspdu.h branches/linux-2.6-mainline/fs/cifs/cifsproto.h branches/linux-2.6-mainline/fs/cifs/cifssmb.c branches/linux-2.6-mainline/fs/cifs/connect.c branches/linux-2.6-mainline/fs/cifs/fcntl.c branches/linux-2.6-mainline/fs/cifs/file.c branches/linux-2.6-mainline/fs/cifs/inode.c branches/linux-2.6-mainline/fs/cifs/ioctl.c branches/linux-2.6-mainline/fs/cifs/link.c branches/linux-2.6-mainline/fs/cifs/misc.c branches/linux-2.6-mainline/fs/cifs/netmisc.c branches/linux-2.6-mainline/fs/cifs/readdir.c branches/linux-2.6-mainline/fs/cifs/transport.c Changeset: Sorry, the patch is too large (3813 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=linux-cifs-clientrev=93
Rev 50: simplified ctdb_call() interface, and made it easier to expand with more parameters later in http://samba.org/~tridge/ctdb
revno: 50 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Thu 2007-01-25 16:13:17 +1100 message: simplified ctdb_call() interface, and made it easier to expand with more parameters later modified: common/ctdb_call.c ctdb_call.c-20061128065342-to93h6eejj5kon81-1 ctdb_bench.c ctdb_bench.c-20061219052637-2liagoglohxb6p7s-1 ctdb_test.cctdb_test.c-20061117234101-o3qt14umlg9en8z0-16 include/ctdb.h ctdb.h-20061117234101-o3qt14umlg9en8z0-11 Diff too large for email (456, the limit is 200).
