RE: [Samba] idmap syntax transition from 3.0.20 to 3.0.25 ?
Oops, I guess I didn't try hard enough, sorry ! Just what I needed, thanks ! I looked in the old man location /usr/local/samba/man, but yes, found it in /usr/local/samba/share/man. Thanks Jerry, for your endless patience ! Cheers, Hans. -Original Message- From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED] Sent: 10. juli 2007 17:29 To: Hans B. Randgaard Cc: samba@lists.samba.org Subject: Re: [Samba] idmap syntax transition from 3.0.20 to 3.0.25 ? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hans B. Randgaard wrote: Dear Samba people, I am going to upgrade a Samba domain member server, which is a member of an AD domain. Its Windows user-ids and group-ids are stored on 2 Open-LDAP servers. I have look in the mailinglists and in the docs, but have not found any good examples of how to change the old syntax into the new(in 3.0.25). Is there a place where I can find some examples ? Have you tried `man idmap_ldap` ? cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGk6WmIR7qMdg1EfYRAhZYAKCWLb5cj424Y95W4fqGHbaHNmL2JwCcC7Ut cwGGUOgn11Wb3xFsqAU3ICg= =LclJ -END PGP SIGNATURE- ** This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this e-mail in error please notify the system manager at [EMAIL PROTECTED] ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net rpc join: Percent sign in password
Hello, How can I pass a password that contains the percent sign to the net rpc join command? I use the format: Net rpc join -U user%password Does escaping work? If so, how? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind + samba limits with large AD?
Michael Adam schrieb: Assuming you have a web proxy, you can try rsync with setting the environment variable RSYNC_PROXY to $proxy_ip:$proxy_port (like export RSYNC_PROXY=192.168.0.1:3128 in bash). Proxy only allows port 80 and 443, 873 is blocked. http://svnanon.samba.org/samba/docs/man/Samba-HOWTO-Collection/compiling.html#id442180 I can't reach http://svnweb.samba.org/. That should probably be websvn instead of svnweb, but this is for inspecting single files and diffs, not for downloading the sources anyway. Ok, I thought there is a way to use svn+http to get the files. Is there another way to get the 3_2 release by svn/http? If you can't get it with rsync through http, I could put a tarball for download somewhere tomorrow. Just let me know. I was able to get it at home and put it on a cd :) The reason why lookup_groupmem gets used in ls -l at all is that the getgrgid library call is used to resolve the gids into names, and this call returns not only the name but the whole group structure, including the list of members. So to confirm my assumptions above, you could compare the runtime of ls -l to that of ls -ln: The latter should be much faster! Thanks for your reply, I'll try to get the source and compile it. This might take some time. BTW: wbinfo also wasn't working right and winbindd was not responding after issuing that command. By that command you mean ls -ln? And 'wbinfo -g' or 'wbinfo -u'. I couldnt't get the user and group and winbindd died after that command. Well, let's see what improvement the new version brings. BTW: The enhancements were made specifically for environments with hundreds of thousands of users and groups (and large groups!) in ad. Sounds promising! Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind + samba limits with large AD?
On Mi, Jul 11, 2007 at 10:45:00 +0200, Ralf Gross wrote: Ok, I thought there is a way to use svn+http to get the files. Yes, svn supports svn co http://...; But the server has to support that transport too. I think this is not supported on svnanon.samba.org currently, have to check. I was able to get it at home and put it on a cd :) Great! Michael Adam schrieb: By that command you mean ls -ln? And 'wbinfo -g' or 'wbinfo -u'. I couldnt't get the user and group and winbindd died after that command. wbinfo -u/-g get the list of users/groups even if winbind enum users/groups is set to no in the config (it uses other means than the getpwent/getgrent system functions). If your number of users and groups is very large, wbinfo will currently time out, but winbindd will continue to complete the request. Well, let's see what improvement the new version brings. BTW: The enhancements were made specifically for environments with hundreds of thousands of users and groups (and large groups!) in ad. Sounds promising! I am interested to hear how the new version performs in your setup! Michael -- Michael Adam [EMAIL PROTECTED] SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.SerNet.DE, mailto: Info @ SerNet.DE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc join: Percent sign in password
On Mi, Jul 11, 2007 at 11:23:16 +0300, Eyal Ben David wrote: How can I pass a password that contains the percent sign to the net rpc join command? I use the format: Net rpc join -U user%password Does escaping work? If so, how? No escaping needed. The first % sign is the separator. The following is taken verbatim as password. Cheers, Michael -- Michael Adam [EMAIL PROTECTED] SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.SerNet.DE, mailto: Info @ SerNet.DE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [computers] Re: [Samba] XP Home and Samba problem
I Tried XP restarts, and tried removing hosts allow/deny, and I still have the same problem, enforced guest login. I am starting to wonder if this might be somehow related to the fact that I changed the XP's name, except that it shouldn't be a problem as I see the new XP name and shares correctly from Linux. I Will try to add a new user to XP and add that to samba, login with the new user and see if it works then. Gary Dale pisze: You should also try removing your global hosts allow and hosts deny lines. If they aren't done properly, they can cause you to be unable to connect. Gary Dale wrote: Is your borzo password on Unix the same as your borzo password on Windows? And have you tried rebooting your Windows box between attempts to connect? SG wrote: After a couple of minutes of inactivity I tried to access the samba share again and I got the error message I wrote about previously: * Error Message: /x/ is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permission * . The share is accessible locally and so is the XP share from Linux. Gary Dale pisze: You said, I believe, that you are running XP/Home. Are you logged on as borzo (and not Borzo, BORZO or some other variant)? Also, take it back to just including the path, restart samba, and let us know the exact error message Windows gives you. SG wrote: From [global] I have removed valid users At first in [MyFiles] I left only the path, which didn't work at all ( I was presented with an error on XP ), here's what I'm left with: [MyFiles] path = /home/samba/ force user = borzo force group = borzo create mask = 0644 directory mask = 755 but this didn't change the situation, I am still presented by the grayedout login prompt, and by the way the share is accessible through samba locally, aswell as the XP shares. The share's permissions are set to 0777, user and group are set to borzo and borzo is added and enabled with smbpasswd. thanks so far, SG Gary Dale pisze: simo wrote: On Tue, 2007-07-10 at 18:02 +0200, SG wrote: Here's my smb.conf [global] workgroup = GINVEST netbios name = LINACER interfaces = ath0, eth0 bind interfaces only = Yes null passwords = Yes passdb backend = tdbsam username map = /etc/samba/smbusers log level = 3 log file = /var/log/samba/log.%m announce version = 5.0 name resolve order = host wins bcast socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = CUPS os level = 32 wins support = Yes invalid users = root valid users = borzo --^^ you really _don't_ want to put this in the global section, or the only user allowed is borzo everywhere, and guest connections will always be denied. [..] Simo. Yes, but that probably isn't his problem as he also has borzo as the only valid user for his MyFiles share. My concern is that he has so much other unnecessary entries in his share definition. My advice to him would be to clear out all the unnecessary stuff until he can get a working share. Start with just the path and see if that works. If it doesn't then your problem lies elsewhere. What are the Unix directory permissions for the share? Try setting them to allow everyone read-write-execute access. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Response too big for UDP, retry with TCP
Hi again, You could either use an administrative account which is not a member of so many groups (causing the packet too big error), or use a more recent version of samba. In any version = 3.0.22 the tcp fallback is not implemented during the kpasswd request. The krb5.conf kdc line is not taken into account at this place. I upgraded Samba to 3.0.25a and tried again with the user, who has administrator privileges but is not in so many groups. I get a bit different message, but it is still a no go: [EMAIL PROTECTED]:~# net ads join -U domainadmin%idsrmap978 [2007/07/11 11:36:34, 0] libads/kerberos.c:ads_kinit_password(227) kerberos_kinit_password [EMAIL PROTECTED] failed: Response too big for UDP, retry with TCP Failed to join domain: NT_STATUS_PROTOCOL_UNREACHABLE Any ideas? Thanks, Nejc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Is the term 'home dir' and 'roaming profiles' different?
Hello, I've just been exploring Samba again after some time, and this time I'm setting a Samba PDC with LDAP. Thanks for great tutorial from Samba website, I think I got it working fine :) However, I've been browsing the list too, and am a bit confused with the term: 'homedir' and 'roaming profiles'. Is it different? If I'm not mistaken, homedir is for Win9X only? When my XP client logon to the Samba PDC, it automatically mount drive X: and then when he logoffs, his Xp profile will be copied to /var/lib/samba/profiles/username However, the /var/lib/samba/profiles/username directory is not created automatically, I have to create it by hand. Now, in the list archive a lot of people were asking how to make the creation of homedir to be automatic, do their questions and solutions apply to the creation of 'roaming profile dir' too? Thank you very much. PS. This is my smb.conf: [global] workgroup = pluto.com netbios name = ubuntu os level = 33 preferred master = yes enable privileges = yes server string = %h server (Samba, Ubuntu) wins support = yes dns proxy = no name resolve order = wins bcast hosts log file = /var/log/samba/log.%m log level = 3 max log size = 1000 syslog only = no syslog = 3 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true ldap passwd sync = yes passdb backend = ldapsam:ldap://ubuntu.pluto.com/ ldap admin dn =uid=ubuntu,cn=admins,cn=ubuntu ldap suffix = dc=pluto,dc=com ldap group suffix = ou=groups ldap user suffix = ou=people ldap machine suffix = ou=machines obey pam restrictions = no passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUnix\spassword:* %n\n *Retype\snew\sUnix\spassword:* %n\n *password\supdated\ssuccessfully* domain logons = yes logon path = \\ubuntu.pluto.com\profiles\%U logon home = \\ubuntu.pluto.com\profiles\%U logon drive = X: logon script = scripts\logon.bat add user script = /usr/sbin/adduser --quiet --disabled-password --gecos %u add machine script = /usr/sbin/adduser --shell /bin/false --disabled-password --no-create-home --quiet --gecos machine account --force-badname %u Machine -s /sbin/nologin -M %m$ socket options = TCP_NODELAY domain master = yes local master = yes show add printer wizard = yes printing = cups printer admin = root [homes] comment = Home directories browseable = no read only = no valid users = %S [netlogon] comment = Network logon service path = /var/lib/samba/netlogon guest ok = yes locking = no [profiles] comment = User profiles path = /var/lib/samba/profiles read only = no profile acls = yes [profdata] comment = Profile data share path = /var/lib/samba/profdata read only = no profile acls = yes [printers] comment = All printers browseable = no path = /var/spool/samba printable = yes guest ok = yes writable = no [print$] comment = Printer drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [music] comment = kumpulan music path = /opt/music read only = no -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 1:46pm up 5:38, 2.6.18.2-34-default GNU/Linux Let's use OpenOffice. http://www.openoffice.org pgpGIeHVxVtHQ.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] cannot autenticate user in AD
I have configured samba like member of AD, if i type in console 'wbinfo -u' y get all user of my AD, if type in console 'wbinfo -g' y get all groups too. It's correct but if i type 'getent passwd' or 'getent group' don't get any user or group of my AD... why??? * in nsswitch.conf appears: passws: files winbind group: files winbind shadow: files winbind i execute ldconfig for apply all changes of nsswitch.conf i have libnss_winbind.so and libnss_winbind.so.2 in /lib * smbd version is 3.0.25b and i compile this with arguments: --with-winbind --with-krb5=/usr/lib --with-ads * smb.conf: workgroup = DOMAIN realm = DOMAIN.INT netbios name = samba1 preferred master = no client schannel = no security = ADS password server = * idmap uid = 1-25 idmap gid = 1-25 winbind uid = 1-25 winbind gid = 1-25 winbind separator = + winbind enum users = yes winbind enum groups = yes * klist Default principal: [EMAIL PROTECTED] Valid starting ExpiresService principal 07/11/07 12:26:17 07/11/07 22:26:18 krbtgt/[EMAIL PROTECTED] renew until 07/12/07 12:26:17 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [computers] Re: [Samba] XP Home and Samba problem
Problem resolved!, I created a XP user test123 with a null password, logged in and everything worked fine then I logged back to borzo and everything went back to normal. I must say this is the weirdest case i ever had and i stll don't understand what happened. Anyway, thanks for all the help :) SG SG pisze: I Tried XP restarts, and tried removing hosts allow/deny, and I still have the same problem, enforced guest login. I am starting to wonder if this might be somehow related to the fact that I changed the XP's name, except that it shouldn't be a problem as I see the new XP name and shares correctly from Linux. I Will try to add a new user to XP and add that to samba, login with the new user and see if it works then. Gary Dale pisze: You should also try removing your global hosts allow and hosts deny lines. If they aren't done properly, they can cause you to be unable to connect. Gary Dale wrote: Is your borzo password on Unix the same as your borzo password on Windows? And have you tried rebooting your Windows box between attempts to connect? SG wrote: After a couple of minutes of inactivity I tried to access the samba share again and I got the error message I wrote about previously: * Error Message: /x/ is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permission * . The share is accessible locally and so is the XP share from Linux. Gary Dale pisze: You said, I believe, that you are running XP/Home. Are you logged on as borzo (and not Borzo, BORZO or some other variant)? Also, take it back to just including the path, restart samba, and let us know the exact error message Windows gives you. SG wrote: From [global] I have removed valid users At first in [MyFiles] I left only the path, which didn't work at all ( I was presented with an error on XP ), here's what I'm left with: [MyFiles] path = /home/samba/ force user = borzo force group = borzo create mask = 0644 directory mask = 755 but this didn't change the situation, I am still presented by the grayedout login prompt, and by the way the share is accessible through samba locally, aswell as the XP shares. The share's permissions are set to 0777, user and group are set to borzo and borzo is added and enabled with smbpasswd. thanks so far, SG Gary Dale pisze: simo wrote: On Tue, 2007-07-10 at 18:02 +0200, SG wrote: Here's my smb.conf [global] workgroup = GINVEST netbios name = LINACER interfaces = ath0, eth0 bind interfaces only = Yes null passwords = Yes passdb backend = tdbsam username map = /etc/samba/smbusers log level = 3 log file = /var/log/samba/log.%m announce version = 5.0 name resolve order = host wins bcast socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = CUPS os level = 32 wins support = Yes invalid users = root valid users = borzo --^^ you really _don't_ want to put this in the global section, or the only user allowed is borzo everywhere, and guest connections will always be denied. [..] Simo. Yes, but that probably isn't his problem as he also has borzo as the only valid user for his MyFiles share. My concern is that he has so much other unnecessary entries in his share definition. My advice to him would be to clear out all the unnecessary stuff until he can get a working share. Start with just the path and see if that works. If it doesn't then your problem lies elsewhere. What are the Unix directory permissions for the share? Try setting them to allow everyone read-write-execute access. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Response too big for UDP, retry with TCP
What does kinit say, if you have the e.g. kdc = tcp/192.168.1.1 line in your krb.conf? I'm using the same (0.6.3) heimdal version that does not have a tcp fallback. But could not get kinit to using UDP with this line in the krb5.conf. ~ Martin Nejc Škoberne schrieb: Hi again, You could either use an administrative account which is not a member of so many groups (causing the packet too big error), or use a more recent version of samba. In any version = 3.0.22 the tcp fallback is not implemented during the kpasswd request. The krb5.conf kdc line is not taken into account at this place. I upgraded Samba to 3.0.25a and tried again with the user, who has administrator privileges but is not in so many groups. I get a bit different message, but it is still a no go: [EMAIL PROTECTED]:~# net ads join -U domainadmin%idsrmap978 [2007/07/11 11:36:34, 0] libads/kerberos.c:ads_kinit_password(227) kerberos_kinit_password [EMAIL PROTECTED] failed: Response too big for UDP, retry with TCP Failed to join domain: NT_STATUS_PROTOCOL_UNREACHABLE Any ideas? Thanks, Nejc -- Martin Zielinski [EMAIL PROTECTED] Software Development SEH Computertechnik GmbH www.seh.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbpasswd problem on Solaris-10
I have compiled both samba-3.0.25a and samba-3.0.25b and with both I have problems setting user password longer than 8 chars with smbpasswd. I get no errors, but if I try to set a password with more than 8 chars the password will only be generated using the first 8 chars. This is on Solaris-10 update 3 on amd64 and I have compiled samba using Sun Studio 11 compiler suite and no other options to configure than --prefix=/some/path. Solaris-10 comes with samba 3.0.21b preinstalled and if I use smbpasswd from that installation there is no problems and the smaba-3.0.25(a/b) version works alright with 8 chars passwd once it is set. This looks like some 32/64 bit bug or similar. -- Mvh Ole Benner Netic A/S -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind failure
On Tuesday 10 July 2007 6:03 pm, Michael Bann wrote: After copying over the lock files and the secrets.tdb file, I get a new error. (I attempted to reinstall Samba and did not copy those files over before.) I removed the computer name... [2007/07/10 16:51:31, 0] smbd/server.c:main(986) standard input is not a socket, assuming -D option [2007/07/10 16:51:31, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache(2221) initialize_winbindd_cache: clearing cache and re-creating with version number 1 [2007/07/10 16:51:32, 0] libads/kerberos.c:ads_kinit_password(227) kerberos_kinit_password COMPUTER[EMAIL PROTECTED] failed: Preauthentication failed [2007/07/10 16:51:32, 0] printing/nt_printing.c:nt_printing_init(650) nt_printing_init: error checking published printers: WERR_ACCESS_DENIED [2007/07/10 16:51:32, 0] libsmb/cliconnect.c:cli_session_setup_spnego(853) Kinit failed: Preauthentication failed [2007/07/10 16:51:32, 1] nsswitch/winbindd_util.c:trustdom_recv(237) Could not receive trustdoms Any ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba This is probably of no use to you, but, who knows. I had the same thing happen on one of my CentOS 3 boxes; same errors. I generally like to roll my own RPMs from source RPMs, and use the source RPM from sernet. As the machine in question is VERY old (Dell PW 6100/200 - test machine that otherwise works very well), I couldn't do this without the machine hanging. So, I DL'd the full sernet RPMs. I believe I tried both the RedHat and CentOS RPMs and ... I got the exact same messages as you. After struggling to figure out what the problem was, the light bulb finally lit. I copied over RPMs I had created on another CentOS 3 box and ,,, all errors vanished, and I was able to connect the box to my AD network. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LDAP: Trouble adding Win XP machines to the domain
On 7/11/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Yes, but I had to install nss which I thought was not neccesary. After that samba got perfectly integrated (the getent group and getent passwd showed the samba users in the ldap apart from the system users). The packages are libnss-ldap for debian/ubuntu and nss_ldap for gentoo. After that, the users could join the domain perfectly and the samba attributes were added by samba itself (as it should be). If you need any further information or config files just let me know. Hope it helps. Thanks for the info. I will have to try to track this down when I get time as I know this is not my problem as I have been using nss_ldap under gentoo for 3 years and both getent commands work correctly. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Response too big for UDP, retry with TCP
Hey Martin, What does kinit say, if you have the e.g. kdc = tcp/192.168.1.1 line in your krb.conf? [EMAIL PROTECTED]:~# kinit [EMAIL PROTECTED] [EMAIL PROTECTED]'s Password: kinit: krb5_get_init_creds: Response too big for UDP, retry with TCP krb5.conf: [libdefaults] default_realm = INFRAX.LOCAL [realms] INFRAX.LOCAL = { kdc = tcp/192.168.1.1 } [domain_realms] .infrax.local = INFRAX.LOCAL Any more ideas? Thanks for your help, Nejc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] modification time inconsistency
On 6/21/07, Jeremy Allison [EMAIL PROTECTED] wrote: On Thu, Jun 21, 2007 at 03:50:51PM -0500, Carlos Knowlton wrote: Hello, I have a client with a windows utility that relies on touching (changing the mod time) on zero-length files in a folder for the purpose of judging when that folder was last accessed. This works fine for him on mapped windows servers, and from the local disk, but from a Samba (v3.0.22) volume, the mod time doesn't change unless there was an actual data change within the file. (ie, clicking save in notepad doesn't change the mod time unless he enters some data first.). I know this seems pretty trivial, but it seems to make all the difference for some backup and SCADA software packages. Any ideas what I could do to fix this? Can you test against 3.0.25a (or soon b) to see if this is currently a problem please ? Thanks, Jeremy. Sorry for the delay in getting back to you on this. I have checked the latest Samba version, and the same behavior I saw in 3.0.22 also exists in 3.0.25b. Any ideas what might be happening, or how to fix this? Thanks, Carlos -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind + samba limits with large AD?
Michael Adam schrieb: I was able to get it at home and put it on a cd :) Great! In the meantime I compiled 3.2, but I've some problems with the machine account. I joined the domain with the ubuntu package some weeks ago (my desktop) and installed samba 3.2 to /opt. I tried to copy the old samba tdb files from /var/lib/samba to /opt/... but it seems that something went wong (it was just a quick trial and error attempt). I have to look into that in the next days. Michael Adam schrieb: By that command you mean ls -ln? And 'wbinfo -g' or 'wbinfo -u'. I couldnt't get the user and group and winbindd died after that command. wbinfo -u/-g get the list of users/groups even if winbind enum users/groups is set to no in the config (it uses other means than the getpwent/getgrent system functions). If your number of users and groups is very large, wbinfo will currently time out, but winbindd will continue to complete the request. Ok. Well, let's see what improvement the new version brings. BTW: The enhancements were made specifically for environments with hundreds of thousands of users and groups (and large groups!) in ad. Sounds promising! I am interested to hear how the new version performs in your setup! This might take some more days but I'll give feedback! Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Profile in use
I am migrating our office from a Windows 2003 Active Directory domain to a Samba domain with an LDAP backend. All users in the domain had local profiles only, so I went to each of their machines and migrated the profiles to the new domain. Everything seemed to work fine with the new domain except that occasionally (not all the time) when a user has logged out of their machine and goes to log back in, they get an error that their profile is in use and that they will be logged in with a temporary profile. The only way to stop this error is to reboot the machine, at which point they can log in successfully and their profile is working again. I never had this problem under Active Directory but I don't see how Samba could be causing the problem since we're still using local profiles. Does anyone have any thoughts about what could be causing this? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profile in use
I never had this problem under Active Directory but I don't see how Samba could be causing the problem since we're still using local profiles. Does anyone have any thoughts about what could be causing this? I am not sure. What version of samba are you using? Do you have profile acls = yes in your smb.conf? Could you post that if it is not too large? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] modification time inconsistency
On Thursday 21 June 2007, Carlos Knowlton wrote: I have a client with a windows utility that relies on touching (changing the mod time) on zero-length files in a folder for the purpose of judging when that folder was last accessed. This works fine for him on mapped windows servers, and from the local disk, but from a Samba (v3.0.22) volume, the mod time doesn't change unless there was an actual data change within the file. (ie, clicking save in notepad doesn't change the mod time unless he enters some data first.). Tried this out of curiosity and find the same results. It only happens with a zero length file, if the file has any data in it then the timestamp does change by doing a save in notepad (no data change necessary). With a zero length file it doesn't change when the file is on a Samba share. However with a cifs mounted Samba share a touch filename does update the timestamp even for zero length files. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind + samba limits with large AD?
Ralf Gross schrieb: I am interested to hear how the new version performs in your setup! This might take some more days but I'll give feedback! Ok, I was able to rejoin the domain. On host wu7e003: /opt/samba32# bin/wbinfo -t checking the trust secret via RPC calls succeeded /opt/samba32# bin/wbinfo -i ralfgro ralfgro:*:2000:2000::/home/ads/EMEA/ralfgro:/bin/bash But I can't connect to the host: smbclient //wu7e0003/ralfgro -U ralfgro -W emea Password: session setup failed: NT_STATUS_LOGON_FAILURE log.winbind: [2007/07/11 18:06:02, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(521) [ 6340]: request interface version [2007/07/11 18:06:02, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(554) [ 6340]: request location of privileged pipe [2007/07/11 18:06:02, 3] nsswitch/winbindd_misc.c:winbindd_domain_info(415) [ 6340]: domain_info [EMEA] [2007/07/11 18:06:02, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(1727) [ 6340]: pam auth crap domain: [EMEA] user: ralfgro [2007/07/11 18:06:02, 0] nsswitch/winbindd.c:request_len_recv(555) request_len_recv: Invalid request size received: 1848 [2007/07/11 18:06:02, 0] nsswitch/winbindd.c:request_len_recv(555) request_len_recv: Invalid request size received: 1848 [2007/07/11 18:06:02, 0] nsswitch/winbindd.c:request_len_recv(555) request_len_recv: Invalid request size received: 1848 [2007/07/11 18:06:02, 0] nsswitch/winbindd.c:request_len_recv(555) request_len_recv: Invalid request size received: 1848 [2007/07/11 18:06:02, 0] nsswitch/winbindd.c:request_len_recv(555) request_len_recv: Invalid request size received: 1848 [2007/07/11 18:06:02, 3] nsswitch/winbindd_misc.c:winbindd_ping(500) [ 6340]: ping log.wb-EMEA [2007/07/11 18:06:02, 3] nsswitch/winbindd_pam.c:winbindd_dual_pam_auth_crap(1793) [ 6248]: pam auth crap domain: EMEA user: ralfgro log.smbd [2007/07/11 18:06:02, 2] auth/auth.c:check_ntlm_password(318) check_ntlm_password: Authentication for user [ralfgro] - [ralfgro] FAILED with error NT_STATUS_NO_SUCH_USER Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] can template homedir build paths based on user groups culled from getent groups?
Hi all, I am in the process of moving our schools student file server to Samba from Win2k3 and I want to replicate the setup we currently have which puts students home directories under their graduation year like this: \students\2008\username Under AD students are in OU's based on grad year. We're using winbind (with idmap_rid tdb) to pull users and groups from AD, 'getent groups' will give me the groups which each student belongs to so I am hoping Samba can use that info to dynamically (i.e on the fly) create homedir that have paths based on group membership. In the past (on other projects) we've used the global setting template homedir = in conjunction with the pam_mkhome dir tool to do something similar but it doesn't look like that template homedir = can get information about groups. How would folks suggest I go about this? Thanks for your advice! John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd problem on Solaris-10
What can you see in console if you type this 'smbpasswd -D 10 anyUser' ??? Ole Benner escribió: I have compiled both samba-3.0.25a and samba-3.0.25b and with both I have problems setting user password longer than 8 chars with smbpasswd. I get no errors, but if I try to set a password with more than 8 chars the password will only be generated using the first 8 chars. This is on Solaris-10 update 3 on amd64 and I have compiled samba using Sun Studio 11 compiler suite and no other options to configure than --prefix=/some/path. Solaris-10 comes with samba 3.0.21b preinstalled and if I use smbpasswd from that installation there is no problems and the smaba-3.0.25(a/b) version works alright with 8 chars passwd once it is set. This looks like some 32/64 bit bug or similar. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and the partitions...
Hi everyone, I am Daniel from Brazil, today i started as a membership of this list. I hope learn a lot about samba with you guys...and girls. :-) My first doubt. Actually is kind of off topic, but i will try. I will setup HP server. This HP will run Linux with firewall, squid and the major component will be the SAMBA ! The HP has a 160 GB HD. I will use samba as PDC with more or less 20 PCs in the network. My doubt is. Which is the best partition scheme for this ? (I know that this kind of question is a sh***...but any tip is welcome) My directory scheme in the Linux that: == / /bin /etc /home/ / / ..users /srv/ /sales/ /docs /misc... /stock/ /docs.. / misc... /adm/ /managers /etc / = My three main directories are SALES, STOCK and ADM . Will be a lot of dates there. I put them at root, but i think is not a good idea, i think that they can go to another partition. I am worry about the /var and /home directories. Ok...it's enough :-) Thank you for your time. Bests, Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind + samba limits with large AD?
On Wed, Jul 11, 2007 at 06:16:12PM +0200, Ralf Gross wrote: [2007/07/11 18:06:02, 0] nsswitch/winbindd.c:request_len_recv(555) request_len_recv: Invalid request size received: 1848 Update /lib/libnss_winbind.so with the version you just compiled and reboot. Volker pgp1LGHcYlhv9.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and the partitions...
My directory scheme in the Linux that: == / /bin /etc /home/ / / ..users /srv/ /sales/ /docs /misc... /stock/ /docs.. / misc... /adm/ /managers /etc / = I would make the following partitions / /boot /home and /srv Sizing them will be very dependent on your system. Possibly you may want to install lvm (and use either reiserfs or ext3 as they have the ability to grow or shrink) and use that in the future to aide in resizing the filesystems if your guess is wrong.. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind failure
In case anyone was following along, I've solved the problem. I'm not sure what technically did it, but I upgraded Samba from 3.0.25a to 3.0.25b. Also, I used the net command that came with the package (bin/net) which I apparently wasn't using before (doing a which net command). After that I did a kdestroy, kinit, net ads join and all worked again! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and the partitions...
My understanding of the conventional wisdom is that the firewall machine should ONLY run your firewall, and related security tools. Having samba on that machine seems to me to highly risky. If you fire wall is breached in any way, you have pretty much presented your intruder with everything he wants to know about your system. just my $.02 Cdn. Daniel Zilli wrote: Hi everyone, I am Daniel from Brazil, today i started as a membership of this list. I hope learn a lot about samba with you guys...and girls. :-) My first doubt. Actually is kind of off topic, but i will try. I will setup HP server. This HP will run Linux with firewall, squid and the major component will be the SAMBA ! The HP has a 160 GB HD. I will use samba as PDC with more or less 20 PCs in the network. My doubt is. Which is the best partition scheme for this ? (I know that this kind of question is a sh***...but any tip is welcome) My directory scheme in the Linux that: == / /bin /etc /home/ / / ..users /srv/ /sales/ /docs /misc... /stock/ /docs.. / misc... /adm/ /managers /etc / = My three main directories are SALES, STOCK and ADM . Will be a lot of dates there. I put them at root, but i think is not a good idea, i think that they can go to another partition. I am worry about the /var and /home directories. Ok...it's enough :-) Thank you for your time. Bests, Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Profile in use
On 2007-07-11 08:32:56 -0700, John Drescher [EMAIL PROTECTED] said: I am not sure. What version of samba are you using? Do you have profile acls = yes in your smb.conf? Could you post that if it is not too large? I do not have profile acls = yes set. According to the smb.conf man page, that setting is for when the profiles are stored on a samba share. My profiles are local to the workstations. Here is my smb.conf file: [global] workgroup = foo netbios name = foodc1 server string = %h server (Samba, Ubuntu) wins support = yes dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = yes passdb backend = ldapsam:ldap://localhost/ obey pam restrictions = yes ldap admin dn = uid=Administrator,ou=People,dc=foo,dc=com ldap suffix = dc=foo, dc=com ldap group suffix = ou=Group ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=People ldap passwd sync = Yes passwd program = /usr/sbin/smbldap-passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n unix password sync = no domain logons = yes logon path = logon drive = logon home = logon script = logon.cmd add user script = /usr/sbin/smbldap-useradd -m %u ldap delete dn = Yes delete user script = /usr/sbin/smbldap-userdel %u add machine script = /usr/sbin/smbldap-useradd -w %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u enable privileges = yes load printers = yes printing = cups printcap name = cups printer admin = @lpadmin socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain master = yes [homes] comment = Home Directories browseable = no valid users = %S writable = yes create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = yes writable = no share modes = no [printers] comment = All Printers browseable = no path = /tmp printable = yes public = no writable = no create mode = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no write list = administrator, @ntadmin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] modification time inconsistency
On Wed, Jul 11, 2007 at 09:45:11AM -0500, Carlos Knowlton wrote: On 6/21/07, Jeremy Allison [EMAIL PROTECTED] wrote: On Thu, Jun 21, 2007 at 03:50:51PM -0500, Carlos Knowlton wrote: Hello, I have a client with a windows utility that relies on touching (changing the mod time) on zero-length files in a folder for the purpose of judging when that folder was last accessed. This works fine for him on mapped windows servers, and from the local disk, but from a Samba (v3.0.22) volume, the mod time doesn't change unless there was an actual data change within the file. (ie, clicking save in notepad doesn't change the mod time unless he enters some data first.). I know this seems pretty trivial, but it seems to make all the difference for some backup and SCADA software packages. Any ideas what I could do to fix this? Can you test against 3.0.25a (or soon b) to see if this is currently a problem please ? Thanks, Jeremy. Sorry for the delay in getting back to you on this. I have checked the latest Samba version, and the same behavior I saw in 3.0.22 also exists in 3.0.25b. Any ideas what might be happening, or how to fix this? Can you log a bug in bugzilla please so I can track it ? Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba PDC, v3.0.25b, tdbsam: winbindd seems to be broken...
Help... I'm running Samba v3.0.25b, recently upgraded from v3.0.23a. I use tdbsam, winbindd etc. Winbind appears to be broken. When I do: * getent passwd none of the DOMAIN\ users are listed * getent group the BUILTIN\administrators and BUILTIN\users groups are listed, but none of the DOMAIN\ groups * wbinfo -u gives an enigmatic Error looking up domain users * wbinfo -g gives just the BUILTIN\administrators and BUILTIN\users groups I have wound up the logging, but have not been able to see anything obviously related to the above... ...where do I start looking, please ?? Thanks, Chris -- Chris Hall @ Home +44 (0)7970 277 383 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] replace w2k server dc by samba
Is posible replace a w2k by samba server, and cloning sid to no rejoined all pc to de domain?? by , sorry my english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba PDC, v3.0.25b, tdbsam: should Server have its own SID etc ?
Help... I'm running Samba v3.0.25b, recently upgraded. I use tdbsam, winbindd etc. The Samba machine is a PDC. If the machine is FRED and the domain is HOME, should I set up a machine account for FRED and join that to the HOME domain ? Should the machine FRED have its own domain SID ? Or... is are the machine FRED and the domain HOME one and the same ? Thanks, Chris -- Chris Hall @ Home +44 (0)7970 277 383 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind + samba limits with large AD?
Volker Lendecke schrieb: On Wed, Jul 11, 2007 at 06:16:12PM +0200, Ralf Gross wrote: [2007/07/11 18:06:02, 0] nsswitch/winbindd.c:request_len_recv(555) request_len_recv: Invalid request size received: 1848 Update /lib/libnss_winbind.so with the version you just compiled and reboot. I changed the path to libnss_winbind.so in all relevant files in /etc/pam.d/, but I will try your suggestion tomrorrow and reboot. Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] modification time inconsistency
On 7/11/07, Jeremy Allison [EMAIL PROTECTED] wrote: On Wed, Jul 11, 2007 at 09:45:11AM -0500, Carlos Knowlton wrote: On 6/21/07, Jeremy Allison [EMAIL PROTECTED] wrote: On Thu, Jun 21, 2007 at 03:50:51PM -0500, Carlos Knowlton wrote: Hello, I have a client with a windows utility that relies on touching (changing the mod time) on zero-length files in a folder for the purpose of judging when that folder was last accessed. This works fine for him on mapped windows servers, and from the local disk, but from a Samba (v3.0.22) volume, the mod time doesn't change unless there was an actual data change within the file. (ie, clicking save in notepad doesn't change the mod time unless he enters some data first.). I know this seems pretty trivial, but it seems to make all the difference for some backup and SCADA software packages. Any ideas what I could do to fix this? Can you test against 3.0.25a (or soon b) to see if this is currently a problem please ? Thanks, Jeremy. Sorry for the delay in getting back to you on this. I have checked the latest Samba version, and the same behavior I saw in 3.0.22 also exists in 3.0.25b. Any ideas what might be happening, or how to fix this? Can you log a bug in bugzilla please so I can track it ? Thanks, Jeremy. Okay, I've reported this issue in Bugzilla under ID 4779https://bugzilla.samba.org/show_bug.cgi?id=4779 Thanks! -Carlos -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC, v3.0.25b, tdbsam: winbindd seems to be broken...
I had the same issue going to 3.0.25a but I do not remember the solution. I do remember though I had to make changes in my smb.conf file. John On 7/11/07, Chris Hall [EMAIL PROTECTED] wrote: Help... I'm running Samba v3.0.25b, recently upgraded from v3.0.23a. I use tdbsam, winbindd etc. Winbind appears to be broken. When I do: * getent passwd none of the DOMAIN\ users are listed * getent group the BUILTIN\administrators and BUILTIN\users groups are listed, but none of the DOMAIN\ groups * wbinfo -u gives an enigmatic Error looking up domain users * wbinfo -g gives just the BUILTIN\administrators and BUILTIN\users groups I have wound up the logging, but have not been able to see anything obviously related to the above... ...where do I start looking, please ?? Thanks, Chris -- Chris Hall @ Home +44 (0)7970 277 383 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- John M. Drescher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] can smb.conf help create users homedirs by group?
Hi all, I am in the process of moving our schools student file server to Samba from Win2k3 and I want to replicate the setup we currently have which puts students home directories under their graduation year like this: \students\2008\username Under AD students are in OU's based on grad year. We're using winbind (with idmap_rid tdb) to pull users and groups from AD, 'getent groups' will give me the groups which each student belongs to so I am hoping Samba can use that info to dynamically (i.e on the fly) create homedir that have paths based on group membership. In the past (on other projects) we've used the global setting template homedir = in conjunction with the pam_mkhome dir tool to do something similar but it doesn't look like that template homedir = can get information about groups. How would folks suggest I go about this? Thanks for your advice! John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and the partitions...
Thanks guys and William, you are right ! Bests, Daniel 2007/7/11, William Colls [EMAIL PROTECTED]: My understanding of the conventional wisdom is that the firewall machine should ONLY run your firewall, and related security tools. Having samba on that machine seems to me to highly risky. If you fire wall is breached in any way, you have pretty much presented your intruder with everything he wants to know about your system. just my $.02 Cdn. Daniel Zilli wrote: Hi everyone, I am Daniel from Brazil, today i started as a membership of this list. I hope learn a lot about samba with you guys...and girls. :-) My first doubt. Actually is kind of off topic, but i will try. I will setup HP server. This HP will run Linux with firewall, squid and the major component will be the SAMBA ! The HP has a 160 GB HD. I will use samba as PDC with more or less 20 PCs in the network. My doubt is. Which is the best partition scheme for this ? (I know that this kind of question is a sh***...but any tip is welcome) My directory scheme in the Linux that: == / /bin /etc /home/ / / ..users /srv/ /sales/ /docs /misc... /stock/ /docs.. / misc... /adm/ /managers /etc / = My three main directories are SALES, STOCK and ADM . Will be a lot of dates there. I put them at root, but i think is not a good idea, i think that they can go to another partition. I am worry about the /var and /home directories. Ok...it's enough :-) Thank you for your time. Bests, Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Error = invalid buffer length
Hallo, ich habe das gleiche Problem. Gibt es dafür eine Lösung? OS: OpenVMS 7.3-2 Sorry, this time WITH a subject line!!! Hi there, since I've switched to 2.2.8 I do get the following message in a log file: 2003/09/25 12:25:54, 0] DISK$SWAP:[JYC.SAMBA.SAMBA-2_2_8-SRC.SOURCE.LIB]UTIL_SOCK.C;3:(475) write_data: write failure. Error = invalid buffer length Can anyone point in the direction how to solve this? TIA, Mark de bruin Mit freundlichen Grüßen / Best Regards Thomas Sieversen Defence and Security Systems - IMS22 Information Management Services European Aeronautic Defense and Space Company - EADS 81663 Munich / Germany * +49-(0)89.607-20596 * +49-(0)89.607-20664 * [EMAIL PROTECTED] EADS Deutschland GmbH Registered Office: Ottobrunn District Court of Munich HRB 107 648 Chairman of the Supervisory Board: Dr. Thomas Enders Managing Directors: Dr. Stefan Zoller (chairman), Michael Hecht This E-mail and any attachment(s) to it are for the addressee's use only. It is strictly confidential and may contain legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you are not the intended addressee, then please delete it from your system and notify the sender immediateley. You are hereby notified that any use, disclosure, copying or any action taken in reliance on it is strictly prohibited and may be unlawful. - Thank you. PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
svn commit: samba r23823 - in branches: SAMBA_3_2/source/smbd SAMBA_3_2_0/source/smbd
Author: vlendec Date: 2007-07-11 06:18:32 + (Wed, 11 Jul 2007) New Revision: 23823 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23823 Log: Memory leak fix from Atsushi Nakabayashi [EMAIL PROTECTED] Thanks! Volker Modified: branches/SAMBA_3_2/source/smbd/ipc.c branches/SAMBA_3_2_0/source/smbd/ipc.c Changeset: Modified: branches/SAMBA_3_2/source/smbd/ipc.c === --- branches/SAMBA_3_2/source/smbd/ipc.c2007-07-10 23:00:04 UTC (rev 23822) +++ branches/SAMBA_3_2/source/smbd/ipc.c2007-07-11 06:18:32 UTC (rev 23823) @@ -603,6 +603,8 @@ DEBUG(0,(reply_trans: setup malloc fail for %u bytes !\n, (unsigned int) (state-setup_count * sizeof(uint16; + SAFE_FREE(state-data); + SAFE_FREE(state-param); TALLOC_FREE(state); END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem)); Modified: branches/SAMBA_3_2_0/source/smbd/ipc.c === --- branches/SAMBA_3_2_0/source/smbd/ipc.c 2007-07-10 23:00:04 UTC (rev 23822) +++ branches/SAMBA_3_2_0/source/smbd/ipc.c 2007-07-11 06:18:32 UTC (rev 23823) @@ -530,6 +530,8 @@ DEBUG(0,(reply_trans: setup malloc fail for %u bytes !\n, (unsigned int) (state-setup_count * sizeof(uint16; + SAFE_FREE(state-data); + SAFE_FREE(state-param); TALLOC_FREE(state); END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem));
svn commit: samba r23824 - in branches: SAMBA_3_2/source/client SAMBA_3_2_0/source/client
Author: gd Date: 2007-07-11 08:31:03 + (Wed, 11 Jul 2007) New Revision: 23824 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23824 Log: Add ls alias for lazy typers like me. Guenther Modified: branches/SAMBA_3_2/source/client/client.c branches/SAMBA_3_2_0/source/client/client.c Changeset: Modified: branches/SAMBA_3_2/source/client/client.c === --- branches/SAMBA_3_2/source/client/client.c 2007-07-11 06:18:32 UTC (rev 23823) +++ branches/SAMBA_3_2/source/client/client.c 2007-07-11 08:31:03 UTC (rev 23824) @@ -3265,6 +3265,7 @@ {lock,cmd_lock,lock fnum [r|w] hex-start hex-len : set a POSIX lock,{COMPL_REMOTE,COMPL_REMOTE}}, {lowercase,cmd_lowercase,toggle lowercasing of filenames for get,{COMPL_NONE,COMPL_NONE}}, {ls,cmd_dir,mask list the contents of the current directory,{COMPL_REMOTE,COMPL_NONE}}, + {l,cmd_dir,mask list the contents of the current directory,{COMPL_REMOTE,COMPL_NONE}}, {mask,cmd_select,mask mask all filenames against this,{COMPL_REMOTE,COMPL_NONE}}, {md,cmd_mkdir,directory make a directory,{COMPL_NONE,COMPL_NONE}}, {mget,cmd_mget,mask get all the matching files,{COMPL_REMOTE,COMPL_NONE}}, Modified: branches/SAMBA_3_2_0/source/client/client.c === --- branches/SAMBA_3_2_0/source/client/client.c 2007-07-11 06:18:32 UTC (rev 23823) +++ branches/SAMBA_3_2_0/source/client/client.c 2007-07-11 08:31:03 UTC (rev 23824) @@ -3217,6 +3217,7 @@ {lock,cmd_lock,lock fnum [r|w] hex-start hex-len : set a POSIX lock,{COMPL_REMOTE,COMPL_REMOTE}}, {lowercase,cmd_lowercase,toggle lowercasing of filenames for get,{COMPL_NONE,COMPL_NONE}}, {ls,cmd_dir,mask list the contents of the current directory,{COMPL_REMOTE,COMPL_NONE}}, + {l,cmd_dir,mask list the contents of the current directory,{COMPL_REMOTE,COMPL_NONE}}, {mask,cmd_select,mask mask all filenames against this,{COMPL_REMOTE,COMPL_NONE}}, {md,cmd_mkdir,directory make a directory,{COMPL_NONE,COMPL_NONE}}, {mget,cmd_mget,mask get all the matching files,{COMPL_REMOTE,COMPL_NONE}},
svn commit: samba r23825 - in branches: SAMBA_3_2/source/client SAMBA_3_2_0/source/client
Author: gd Date: 2007-07-11 08:43:08 + (Wed, 11 Jul 2007) New Revision: 23825 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23825 Log: Add .. command as an alias to cd ... Guenther Modified: branches/SAMBA_3_2/source/client/client.c branches/SAMBA_3_2_0/source/client/client.c Changeset: Modified: branches/SAMBA_3_2/source/client/client.c === --- branches/SAMBA_3_2/source/client/client.c 2007-07-11 08:31:03 UTC (rev 23824) +++ branches/SAMBA_3_2/source/client/client.c 2007-07-11 08:43:08 UTC (rev 23825) @@ -343,6 +343,19 @@ return rc; } +/ + Change directory. +/ + +static int cmd_cd_oneup(void) +{ + pstring buf; + + pstrcpy(buf, ..); + return do_cd(buf); +} + + /*** Decide if a file should be operated on. / @@ -3308,7 +3321,8 @@ {logon,cmd_logon,establish new logon,{COMPL_NONE,COMPL_NONE}}, {listconnect,cmd_list_connect,list open connections,{COMPL_NONE,COMPL_NONE}}, {showconnect,cmd_show_connect,display the current active connection,{COMPL_NONE,COMPL_NONE}}, - + {..,cmd_cd_oneup,change the remote directory (up one level),{COMPL_REMOTE,COMPL_NONE}}, + /* Yes, this must be here, see crh's comment above. */ {!,NULL,run a shell command on the local system,{COMPL_NONE,COMPL_NONE}}, {NULL,NULL,NULL,{COMPL_NONE,COMPL_NONE}} Modified: branches/SAMBA_3_2_0/source/client/client.c === --- branches/SAMBA_3_2_0/source/client/client.c 2007-07-11 08:31:03 UTC (rev 23824) +++ branches/SAMBA_3_2_0/source/client/client.c 2007-07-11 08:43:08 UTC (rev 23825) @@ -343,6 +343,19 @@ return rc; } +/ + Change directory. +/ + +static int cmd_cd_oneup(void) +{ + pstring buf; + + pstrcpy(buf, ..); + return do_cd(buf); +} + + /*** Decide if a file should be operated on. / @@ -3259,7 +3272,8 @@ {logon,cmd_logon,establish new logon,{COMPL_NONE,COMPL_NONE}}, {listconnect,cmd_list_connect,list open connections,{COMPL_NONE,COMPL_NONE}}, {showconnect,cmd_show_connect,display the current active connection,{COMPL_NONE,COMPL_NONE}}, - + {..,cmd_cd_oneup,change the remote directory (up one level),{COMPL_REMOTE,COMPL_NONE}}, + /* Yes, this must be here, see crh's comment above. */ {!,NULL,run a shell command on the local system,{COMPL_NONE,COMPL_NONE}}, {NULL,NULL,NULL,{COMPL_NONE,COMPL_NONE}}
svn commit: samba r23826 - in branches: SAMBA_3_2/source/include SAMBA_3_2/source/libads SAMBA_3_2/source/libgpo SAMBA_3_2_0/source/include SAMBA_3_2_0/source/libads SAMBA_3_2_0/source/libgpo
Author: gd Date: 2007-07-11 09:39:08 + (Wed, 11 Jul 2007) New Revision: 23826 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23826 Log: Fix gpo security filtering by matching the security descriptor ace's for the extended apply group policy right. Guenther Modified: branches/SAMBA_3_2/source/include/ads.h branches/SAMBA_3_2/source/include/rpc_secdes.h branches/SAMBA_3_2/source/libads/disp_sec.c branches/SAMBA_3_2/source/libgpo/gpo_sec.c branches/SAMBA_3_2_0/source/include/ads.h branches/SAMBA_3_2_0/source/include/rpc_secdes.h branches/SAMBA_3_2_0/source/libads/disp_sec.c branches/SAMBA_3_2_0/source/libgpo/gpo_sec.c Changeset: Modified: branches/SAMBA_3_2/source/include/ads.h === --- branches/SAMBA_3_2/source/include/ads.h 2007-07-11 08:43:08 UTC (rev 23825) +++ branches/SAMBA_3_2/source/include/ads.h 2007-07-11 09:39:08 UTC (rev 23826) @@ -341,4 +341,7 @@ int val; int critical; } ads_control; + +#define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY edacfd8f-ffb3-11d1-b41d-00a0c968f939 + #endif /* _INCLUDE_ADS_H_ */ Modified: branches/SAMBA_3_2/source/include/rpc_secdes.h === --- branches/SAMBA_3_2/source/include/rpc_secdes.h 2007-07-11 08:43:08 UTC (rev 23825) +++ branches/SAMBA_3_2/source/include/rpc_secdes.h 2007-07-11 09:39:08 UTC (rev 23826) @@ -37,7 +37,6 @@ #define SEC_RIGHTS_EXTENDED0x100 /* change/reset password, receive/send as*/ #defineSEC_RIGHTS_CHANGE_PASSWDSEC_RIGHTS_EXTENDED #defineSEC_RIGHTS_RESET_PASSWD SEC_RIGHTS_EXTENDED -#define SEC_RIGHTS_APPLY_GROUP_POLICY SEC_RIGHTS_EXTENDED #define SEC_RIGHTS_FULL_CTRL 0xf01ff #define SEC_ACE_OBJECT_PRESENT 0x0001 /* thanks for Jim McDonough [EMAIL PROTECTED] */ Modified: branches/SAMBA_3_2/source/libads/disp_sec.c === --- branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 08:43:08 UTC (rev 23825) +++ branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 09:39:08 UTC (rev 23826) @@ -46,8 +46,6 @@ {SEC_RIGHTS_CHANGE_PASSWD, [Change Password]}, {SEC_RIGHTS_RESET_PASSWD, [Reset Password]}, - {SEC_RIGHTS_APPLY_GROUP_POLICY, [Apply Group Policy]}, - {0, 0} }; Modified: branches/SAMBA_3_2/source/libgpo/gpo_sec.c === --- branches/SAMBA_3_2/source/libgpo/gpo_sec.c 2007-07-11 08:43:08 UTC (rev 23825) +++ branches/SAMBA_3_2/source/libgpo/gpo_sec.c 2007-07-11 09:39:08 UTC (rev 23826) @@ -19,33 +19,60 @@ #include includes.h - /* When modifiying security filtering with gpmc.msc (on w2k3) the -* following ACE is created in the DACL: +/ +/ ACE (type: 0x05, flags: 0x02, size: 0x38, mask: 0x100, object flags: 0x1) -access SID: $SID -access type: ALLOWED OBJECT -Permissions: - [Apply Group Policy] (0x0100) +static BOOL gpo_sd_check_agp_object_guid(const struct security_ace_object *object) +{ + struct GUID ext_right_apg_guid; + NTSTATUS status; ACE (type: 0x00, flags: 0x02, size: 0x24, mask: 0x20014) -access SID: $SID -access type: ALLOWED -Permissions: - [List Contents] (0x0004) - [Read All Properties] (0x0010) - [Read Permissions] (0x0002) + if (!object) { + return False; + } -* by default all Authenticated Users (S-1-5-11) have an ALLOW -* OBJECT ace with SEC_RIGHTS_APPLY_GROUP_POLICY mask */ + status = GUID_from_string(ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY, + ext_right_apg_guid); + if (!NT_STATUS_IS_OK(status)) { + return False; + } + switch (object-flags) { + case SEC_ACE_OBJECT_PRESENT: + if (GUID_equal(object-type.type, + ext_right_apg_guid)) { + return True; + } + case SEC_ACE_OBJECT_INHERITED_PRESENT: + if (GUID_equal(object-inherited_type.inherited_type, + ext_right_apg_guid)) { + return True; + } + default: + break; + } + return False; +} + / / +static BOOL gpo_sd_check_agp_object(const SEC_ACE *ace) +{ + if (sec_ace_object(ace-type)) { + return
svn commit: samba r23827 - in branches: SAMBA_3_2/examples/misc SAMBA_3_2_0/examples/misc
Author: gd Date: 2007-07-11 09:49:10 + (Wed, 11 Jul 2007) New Revision: 23827 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23827 Log: Fix schema dump. Guenther Modified: branches/SAMBA_3_2/examples/misc/adssearch.pl branches/SAMBA_3_2_0/examples/misc/adssearch.pl Changeset: Modified: branches/SAMBA_3_2/examples/misc/adssearch.pl === --- branches/SAMBA_3_2/examples/misc/adssearch.pl 2007-07-11 09:39:08 UTC (rev 23826) +++ branches/SAMBA_3_2/examples/misc/adssearch.pl 2007-07-11 09:49:10 UTC (rev 23827) @@ -837,7 +837,8 @@ my $server = shift || ; $dse = shift || get_dse($server,$async_ldap_hd) || return -1; - return $dse-get_value('defaultNamingContext'); + return $dse-get_value($opt_dump_schema ? 'schemaNamingContext': + 'defaultNamingContext'); } sub get_realm_from_rootdse { @@ -1499,7 +1500,7 @@ critical = 'true', value = ); - if (defined($opt_paging)) { + if (defined($opt_paging) || $opt_dump_schema) { push(@ctrls, $ctl_paged); push(@ctrls_s, LDAP_PAGED_RESULT_OID_STRING ); } @@ -1787,9 +1788,9 @@ if ($opt_dump_schema) { print Dumping Schema:\n; - my $ads_schema = $async_ldap_hd-schema; - $ads_schema-dump; - exit 0; +# my $ads_schema = $async_ldap_hd-schema; +# $ads_schema-dump; +# exit 0; } while (1) { Modified: branches/SAMBA_3_2_0/examples/misc/adssearch.pl === --- branches/SAMBA_3_2_0/examples/misc/adssearch.pl 2007-07-11 09:39:08 UTC (rev 23826) +++ branches/SAMBA_3_2_0/examples/misc/adssearch.pl 2007-07-11 09:49:10 UTC (rev 23827) @@ -837,7 +837,8 @@ my $server = shift || ; $dse = shift || get_dse($server,$async_ldap_hd) || return -1; - return $dse-get_value('defaultNamingContext'); + return $dse-get_value($opt_dump_schema ? 'schemaNamingContext': + 'defaultNamingContext'); } sub get_realm_from_rootdse { @@ -1499,7 +1500,7 @@ critical = 'true', value = ); - if (defined($opt_paging)) { + if (defined($opt_paging) || $opt_dump_schema) { push(@ctrls, $ctl_paged); push(@ctrls_s, LDAP_PAGED_RESULT_OID_STRING ); } @@ -1787,9 +1788,9 @@ if ($opt_dump_schema) { print Dumping Schema:\n; - my $ads_schema = $async_ldap_hd-schema; - $ads_schema-dump; - exit 0; +# my $ads_schema = $async_ldap_hd-schema; +# $ads_schema-dump; +# exit 0; } while (1) {
svn commit: samba r23828 - in branches: SAMBA_3_2/source/lib SAMBA_3_2_0/source/lib
Author: obnox Date: 2007-07-11 10:08:17 + (Wed, 11 Jul 2007) New Revision: 23828 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23828 Log: Add entry and exit debug statments to tdb_validate at a lower debug level. Michael Modified: branches/SAMBA_3_2/source/lib/util_tdb.c branches/SAMBA_3_2_0/source/lib/util_tdb.c Changeset: Modified: branches/SAMBA_3_2/source/lib/util_tdb.c === --- branches/SAMBA_3_2/source/lib/util_tdb.c2007-07-11 09:49:10 UTC (rev 23827) +++ branches/SAMBA_3_2/source/lib/util_tdb.c2007-07-11 10:08:17 UTC (rev 23828) @@ -1051,6 +1051,8 @@ int wait_pid = 0; int ret = -1; + DEBUG(5, (tdb_validate called for tdb '%s'\n, tdb_path)); + /* fork and let the child do the validation. * benefit: no need to twist signal handlers and panic functions. * just let the child panic. we catch the signal. */ @@ -1112,5 +1114,8 @@ ret = WSTOPSIG(child_status); } + DEBUG(5, (tdb_validate returning code '%d' for tdb '%s'\n, ret, + tdb_path)); + return ret; } Modified: branches/SAMBA_3_2_0/source/lib/util_tdb.c === --- branches/SAMBA_3_2_0/source/lib/util_tdb.c 2007-07-11 09:49:10 UTC (rev 23827) +++ branches/SAMBA_3_2_0/source/lib/util_tdb.c 2007-07-11 10:08:17 UTC (rev 23828) @@ -1051,6 +1051,8 @@ int wait_pid = 0; int ret = -1; + DEBUG(5, (tdb_validate called for tdb '%s'\n, tdb_path)); + /* fork and let the child do the validation. * benefit: no need to twist signal handlers and panic functions. * just let the child panic. we catch the signal. */ @@ -1112,5 +1114,8 @@ ret = WSTOPSIG(child_status); } + DEBUG(5, (tdb_validate returning code '%d' for tdb '%s'\n, ret, + tdb_path)); + return ret; }
svn commit: samba r23829 - in branches: SAMBA_3_2/source/lib SAMBA_3_2/source/libads SAMBA_3_2_0/source/lib SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 10:26:02 + (Wed, 11 Jul 2007) New Revision: 23829 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23829 Log: Add ads_get_attrname_by_guid(). Guenther Modified: branches/SAMBA_3_2/source/lib/util_uuid.c branches/SAMBA_3_2/source/libads/ldap_schema.c branches/SAMBA_3_2_0/source/lib/util_uuid.c branches/SAMBA_3_2_0/source/libads/ldap_schema.c Changeset: Modified: branches/SAMBA_3_2/source/lib/util_uuid.c === --- branches/SAMBA_3_2/source/lib/util_uuid.c 2007-07-11 10:08:17 UTC (rev 23828) +++ branches/SAMBA_3_2/source/lib/util_uuid.c 2007-07-11 10:26:02 UTC (rev 23829) @@ -133,3 +133,19 @@ out: return ret; } + +/* + Return the binary string representation of a GUID. + Caller must free. +*/ + +char *guid_binstring(const struct GUID *guid) +{ + UUID_FLAT guid_flat; + + smb_uuid_pack(*guid, guid_flat); + + return binary_string_rfc2254((char *)guid_flat.info, UUID_FLAT_SIZE); +} + + Modified: branches/SAMBA_3_2/source/libads/ldap_schema.c === --- branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 10:08:17 UTC (rev 23828) +++ branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 10:26:02 UTC (rev 23829) @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. ads (active directory) utility library - Copyright (C) Guenther Deschner 2005-2006 + Copyright (C) Guenther Deschner 2005-2007 Copyright (C) Gerald (Jerry) Carter 2006 This program is free software; you can redistribute it and/or modify @@ -106,6 +106,56 @@ return status; } +const char *ads_get_attrname_by_guid(ADS_STRUCT *ads, +const char *schema_path, +TALLOC_CTX *mem_ctx, +const char *schema_guid) +{ + ADS_STATUS rc; + LDAPMessage *res = NULL; + char *expr = NULL; + const char *attrs[] = { lDAPDisplayName, NULL }; + const char *result = NULL; + struct GUID guid; + char *guid_bin = NULL; + + if (!ads || !mem_ctx || !schema_guid) { + goto done; + } + + if (!NT_STATUS_IS_OK(GUID_from_string(schema_guid, guid))) { + goto done; + } + + guid_bin = guid_binstring(guid); + if (!guid_bin) { + goto done; + } + + expr = talloc_asprintf(mem_ctx, (schemaIDGUID=%s), guid_bin); + if (!expr) { + goto done; + } + + rc = ads_do_search_retry(ads, schema_path, LDAP_SCOPE_SUBTREE, +expr, attrs, res); + if (!ADS_ERR_OK(rc)) { + goto done; + } + + if (ads_count_replies(ads, res) != 1) { + goto done; + } + + result = ads_pull_string(ads, mem_ctx, res, lDAPDisplayName); + + done: + SAFE_FREE(guid_bin); + ads_msgfree(ads, res); + return result; + +} + const char *ads_get_attrname_by_oid(ADS_STRUCT *ads, const char *schema_path, TALLOC_CTX *mem_ctx, const char * OID) { ADS_STATUS rc; @@ -147,7 +197,6 @@ ads_msgfree(ads, res); return NULL; } - /* */ Modified: branches/SAMBA_3_2_0/source/lib/util_uuid.c === --- branches/SAMBA_3_2_0/source/lib/util_uuid.c 2007-07-11 10:08:17 UTC (rev 23828) +++ branches/SAMBA_3_2_0/source/lib/util_uuid.c 2007-07-11 10:26:02 UTC (rev 23829) @@ -133,3 +133,19 @@ out: return ret; } + +/* + Return the binary string representation of a GUID. + Caller must free. +*/ + +char *guid_binstring(const struct GUID *guid) +{ + UUID_FLAT guid_flat; + + smb_uuid_pack(*guid, guid_flat); + + return binary_string_rfc2254((char *)guid_flat.info, UUID_FLAT_SIZE); +} + + Modified: branches/SAMBA_3_2_0/source/libads/ldap_schema.c === --- branches/SAMBA_3_2_0/source/libads/ldap_schema.c2007-07-11 10:08:17 UTC (rev 23828) +++ branches/SAMBA_3_2_0/source/libads/ldap_schema.c2007-07-11 10:26:02 UTC (rev 23829) @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. ads (active directory) utility library - Copyright (C) Guenther Deschner 2005-2006 + Copyright (C) Guenther Deschner 2005-2007 Copyright (C) Gerald (Jerry) Carter 2006 This program is free software; you can redistribute it and/or modify @@
svn commit: samba r23830 - in branches/SAMBA_3_0_25/source/modules: .
Author: ab Date: 2007-07-11 12:04:27 + (Wed, 11 Jul 2007) New Revision: 23830 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23830 Log: Fix vfs_readahead: transparent modules should always pass through Modified: branches/SAMBA_3_0_25/source/modules/vfs_readahead.c Changeset: Modified: branches/SAMBA_3_0_25/source/modules/vfs_readahead.c === --- branches/SAMBA_3_0_25/source/modules/vfs_readahead.c2007-07-11 10:26:02 UTC (rev 23829) +++ branches/SAMBA_3_0_25/source/modules/vfs_readahead.c2007-07-11 12:04:27 UTC (rev 23830) @@ -160,7 +160,7 @@ handle-data = (void *)rhd; handle-free_data = free_readahead_data; - return 0; + return SMB_VFS_NEXT_CONNECT(handle, service, user); } /***
svn commit: samba r23831 - in branches/SAMBA_3_2/source/modules: .
Author: ab Date: 2007-07-11 12:04:55 + (Wed, 11 Jul 2007) New Revision: 23831 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23831 Log: Fix vfs_readahead: transparent modules should always pass through Modified: branches/SAMBA_3_2/source/modules/vfs_readahead.c Changeset: Modified: branches/SAMBA_3_2/source/modules/vfs_readahead.c === --- branches/SAMBA_3_2/source/modules/vfs_readahead.c 2007-07-11 12:04:27 UTC (rev 23830) +++ branches/SAMBA_3_2/source/modules/vfs_readahead.c 2007-07-11 12:04:55 UTC (rev 23831) @@ -159,7 +159,7 @@ handle-data = (void *)rhd; handle-free_data = free_readahead_data; - return 0; + return SMB_VFS_NEXT_CONNECT(handle, service, user); } /***
svn commit: samba r23832 - in branches/SAMBA_3_2_0/source/modules: .
Author: ab Date: 2007-07-11 12:05:14 + (Wed, 11 Jul 2007) New Revision: 23832 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23832 Log: Fix vfs_readahead: transparent modules should always pass through Modified: branches/SAMBA_3_2_0/source/modules/vfs_readahead.c Changeset: Modified: branches/SAMBA_3_2_0/source/modules/vfs_readahead.c === --- branches/SAMBA_3_2_0/source/modules/vfs_readahead.c 2007-07-11 12:04:55 UTC (rev 23831) +++ branches/SAMBA_3_2_0/source/modules/vfs_readahead.c 2007-07-11 12:05:14 UTC (rev 23832) @@ -159,7 +159,7 @@ handle-data = (void *)rhd; handle-free_data = free_readahead_data; - return 0; + return SMB_VFS_NEXT_CONNECT(handle, service, user); } /***
svn commit: samba r23833 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 13:17:42 + (Wed, 11 Jul 2007) New Revision: 23833 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23833 Log: Document ads_find_samaccount(). Guenther Modified: branches/SAMBA_3_2/source/libads/ldap.c branches/SAMBA_3_2_0/source/libads/ldap.c Changeset: Modified: branches/SAMBA_3_2/source/libads/ldap.c === --- branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 12:05:14 UTC (rev 23832) +++ branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 13:17:42 UTC (rev 23833) @@ -3271,6 +3271,15 @@ return ADS_ERROR_LDAP(LDAP_SUCCESS); } +/** + * Find a sAMAccoutName in LDAP + * @param ads connection to ads server + * @param mem_ctx TALLOC_CTX for allocating sid array + * @param samaccountname to search + * @param uac_ret uint32 pointer userAccountControl attribute value + * @param dn_ret pointer to dn + * @return status of token query + **/ ADS_STATUS ads_find_samaccount(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, const char *samaccountname, Modified: branches/SAMBA_3_2_0/source/libads/ldap.c === --- branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-11 12:05:14 UTC (rev 23832) +++ branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-11 13:17:42 UTC (rev 23833) @@ -3271,6 +3271,15 @@ return ADS_ERROR_LDAP(LDAP_SUCCESS); } +/** + * Find a sAMAccoutName in LDAP + * @param ads connection to ads server + * @param mem_ctx TALLOC_CTX for allocating sid array + * @param samaccountname to search + * @param uac_ret uint32 pointer userAccountControl attribute value + * @param dn_ret pointer to dn + * @return status of token query + **/ ADS_STATUS ads_find_samaccount(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, const char *samaccountname,
svn commit: samba r23834 - in branches: SAMBA_3_2/source/include SAMBA_3_2/source/libads SAMBA_3_2/source/utils SAMBA_3_2_0/source/include SAMBA_3_2_0/source/libads SAMBA_3_2_0/source/utils
Author: gd Date: 2007-07-11 13:21:32 + (Wed, 11 Jul 2007) New Revision: 23834 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23834 Log: Allow to pass an ADS_STRUCT pointer down to the dump function callback in libads. Guenther Modified: branches/SAMBA_3_2/source/include/ads_protos.h branches/SAMBA_3_2/source/libads/ldap.c branches/SAMBA_3_2/source/utils/net_ads.c branches/SAMBA_3_2_0/source/include/ads_protos.h branches/SAMBA_3_2_0/source/libads/ldap.c branches/SAMBA_3_2_0/source/utils/net_ads.c Changeset: Modified: branches/SAMBA_3_2/source/include/ads_protos.h === --- branches/SAMBA_3_2/source/include/ads_protos.h 2007-07-11 13:17:42 UTC (rev 23833) +++ branches/SAMBA_3_2/source/include/ads_protos.h 2007-07-11 13:21:32 UTC (rev 23834) @@ -93,7 +93,7 @@ LDAPMessage *ads_first_entry(ADS_STRUCT *ads, LDAPMessage *res); LDAPMessage *ads_next_entry(ADS_STRUCT *ads, LDAPMessage *res); void ads_process_results(ADS_STRUCT *ads, LDAPMessage *res, -BOOL(*fn)(char *, void **, void *), +BOOL(*fn)(ADS_STRUCT *,char *, void **, void *), void *data_area); void ads_dump(ADS_STRUCT *ads, LDAPMessage *res); Modified: branches/SAMBA_3_2/source/libads/ldap.c === --- branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 13:17:42 UTC (rev 23833) +++ branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 13:21:32 UTC (rev 23834) @@ -839,7 +839,7 @@ **/ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, int scope, const char *expr, const char **attrs, - BOOL(*fn)(char *, void **, void *), + BOOL(*fn)(ADS_STRUCT *, char *, void **, void *), void *data_area) { struct berval *cookie = NULL; @@ -1777,7 +1777,7 @@ /* dump a binary result from ldap */ -static void dump_binary(const char *field, struct berval **values) +static void dump_binary(ADS_STRUCT *ads, const char *field, struct berval **values) { int i, j; for (i=0; values[i]; i++) { @@ -1789,7 +1789,7 @@ } } -static void dump_guid(const char *field, struct berval **values) +static void dump_guid(ADS_STRUCT *ads, const char *field, struct berval **values) { int i; UUID_FLAT guid; @@ -1803,7 +1803,7 @@ /* dump a sid result from ldap */ -static void dump_sid(const char *field, struct berval **values) +static void dump_sid(ADS_STRUCT *ads, const char *field, struct berval **values) { int i; for (i=0; values[i]; i++) { @@ -1816,7 +1816,7 @@ /* dump ntSecurityDescriptor */ -static void dump_sd(const char *filed, struct berval **values) +static void dump_sd(ADS_STRUCT *ads, const char *filed, struct berval **values) { prs_struct ps; @@ -1859,12 +1859,12 @@ used for debugging */ -static BOOL ads_dump_field(char *field, void **values, void *data_area) +static BOOL ads_dump_field(ADS_STRUCT *ads, char *field, void **values, void *data_area) { const struct { const char *name; BOOL string; - void (*handler)(const char *, struct berval **); + void (*handler)(ADS_STRUCT *, const char *, struct berval **); } handlers[] = { {objectGUID, False, dump_guid}, {netbootGUID, False, dump_guid}, @@ -1888,7 +1888,7 @@ if (StrCaseCmp(handlers[i].name, field) == 0) { if (!values) /* first time, indicate string or not */ return handlers[i].string; - handlers[i].handler(field, (struct berval **) values); + handlers[i].handler(ads, field, (struct berval **) values); break; } } @@ -1924,7 +1924,7 @@ * @param data_area user-defined area to pass to function **/ void ads_process_results(ADS_STRUCT *ads, LDAPMessage *res, - BOOL(*fn)(char *, void **, void *), + BOOL(*fn)(ADS_STRUCT *, char *, void **, void *), void *data_area) { LDAPMessage *msg; @@ -1949,19 +1949,19 @@ BOOL string; pull_utf8_talloc(ctx, field, utf8_field); - string = fn(field, NULL, data_area); + string = fn(ads, field, NULL, data_area); if (string) { utf8_vals = ldap_get_values(ads-ld, (LDAPMessage *)msg, field); str_vals = ads_pull_strvals(ctx, (const char **)
svn commit: samba r23835 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 13:23:56 + (Wed, 11 Jul 2007) New Revision: 23835 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23835 Log: Pass down a struct GUID to ads_get_attrname_by_guid() directly. Guenther Modified: branches/SAMBA_3_2/source/libads/ldap_schema.c branches/SAMBA_3_2_0/source/libads/ldap_schema.c Changeset: Modified: branches/SAMBA_3_2/source/libads/ldap_schema.c === --- branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 13:21:32 UTC (rev 23834) +++ branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 13:23:56 UTC (rev 23835) @@ -109,25 +109,20 @@ const char *ads_get_attrname_by_guid(ADS_STRUCT *ads, const char *schema_path, TALLOC_CTX *mem_ctx, -const char *schema_guid) +const struct GUID *schema_guid) { ADS_STATUS rc; LDAPMessage *res = NULL; char *expr = NULL; const char *attrs[] = { lDAPDisplayName, NULL }; const char *result = NULL; - struct GUID guid; char *guid_bin = NULL; if (!ads || !mem_ctx || !schema_guid) { goto done; } - if (!NT_STATUS_IS_OK(GUID_from_string(schema_guid, guid))) { - goto done; - } - - guid_bin = guid_binstring(guid); + guid_bin = guid_binstring(schema_guid); if (!guid_bin) { goto done; } Modified: branches/SAMBA_3_2_0/source/libads/ldap_schema.c === --- branches/SAMBA_3_2_0/source/libads/ldap_schema.c2007-07-11 13:21:32 UTC (rev 23834) +++ branches/SAMBA_3_2_0/source/libads/ldap_schema.c2007-07-11 13:23:56 UTC (rev 23835) @@ -109,25 +109,20 @@ const char *ads_get_attrname_by_guid(ADS_STRUCT *ads, const char *schema_path, TALLOC_CTX *mem_ctx, -const char *schema_guid) +const struct GUID *schema_guid) { ADS_STATUS rc; LDAPMessage *res = NULL; char *expr = NULL; const char *attrs[] = { lDAPDisplayName, NULL }; const char *result = NULL; - struct GUID guid; char *guid_bin = NULL; if (!ads || !mem_ctx || !schema_guid) { goto done; } - if (!NT_STATUS_IS_OK(GUID_from_string(schema_guid, guid))) { - goto done; - } - - guid_bin = guid_binstring(guid); + guid_bin = guid_binstring(schema_guid); if (!guid_bin) { goto done; }
svn commit: samba r23836 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 13:26:04 + (Wed, 11 Jul 2007) New Revision: 23836 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23836 Log: Add ads_config_path() and ads_get_extended_right_name_by_guid(). Guenther Modified: branches/SAMBA_3_2/source/libads/ldap.c branches/SAMBA_3_2_0/source/libads/ldap.c Changeset: Modified: branches/SAMBA_3_2/source/libads/ldap.c === --- branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 13:23:56 UTC (rev 23835) +++ branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 13:26:04 UTC (rev 23836) @@ -3340,4 +3340,97 @@ return status; } + +/** + * find our configuration path + * @param ads connection to ads server + * @param mem_ctx Pointer to talloc context + * @param config_path Pointer to the config path + * @return status of search + **/ +ADS_STATUS ads_config_path(ADS_STRUCT *ads, + TALLOC_CTX *mem_ctx, + char **config_path) +{ + ADS_STATUS status; + LDAPMessage *res = NULL; + const char *config_context = NULL; + const char *attrs[] = { configurationNamingContext, NULL }; + + status = ads_do_search(ads, , LDAP_SCOPE_BASE, + (objectclass=*), attrs, res); + if (!ADS_ERR_OK(status)) { + return status; + } + + config_context = ads_pull_string(ads, mem_ctx, res, +configurationNamingContext); + ads_msgfree(ads, res); + if (!config_context) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + if (config_path) { + *config_path = talloc_strdup(mem_ctx, config_context); + if (!*config_path) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + } + + return ADS_ERROR(LDAP_SUCCESS); +} + +/** + * find the displayName of an extended right + * @param ads connection to ads server + * @param config_path The config path + * @param mem_ctx Pointer to talloc context + * @param GUID struct of the rightsGUID + * @return status of search + **/ +const char *ads_get_extended_right_name_by_guid(ADS_STRUCT *ads, + const char *config_path, + TALLOC_CTX *mem_ctx, + const struct GUID *rights_guid) +{ + ADS_STATUS rc; + LDAPMessage *res = NULL; + char *expr = NULL; + const char *attrs[] = { displayName, NULL }; + const char *result = NULL; + const char *path; + + if (!ads || !mem_ctx || !rights_guid) { + goto done; + } + + expr = talloc_asprintf(mem_ctx, (rightsGuid=%s), + smb_uuid_string_static(*rights_guid)); + if (!expr) { + goto done; + } + + path = talloc_asprintf(mem_ctx, cn=Extended-Rights,%s, config_path); + if (!path) { + goto done; + } + + rc = ads_do_search_retry(ads, path, LDAP_SCOPE_SUBTREE, +expr, attrs, res); + if (!ADS_ERR_OK(rc)) { + goto done; + } + + if (ads_count_replies(ads, res) != 1) { + goto done; + } + + result = ads_pull_string(ads, mem_ctx, res, displayName); + + done: + ads_msgfree(ads, res); + return result; + +} + #endif Modified: branches/SAMBA_3_2_0/source/libads/ldap.c === --- branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-11 13:23:56 UTC (rev 23835) +++ branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-11 13:26:04 UTC (rev 23836) @@ -3340,4 +3340,97 @@ return status; } + +/** + * find our configuration path + * @param ads connection to ads server + * @param mem_ctx Pointer to talloc context + * @param config_path Pointer to the config path + * @return status of search + **/ +ADS_STATUS ads_config_path(ADS_STRUCT *ads, + TALLOC_CTX *mem_ctx, + char **config_path) +{ + ADS_STATUS status; + LDAPMessage *res = NULL; + const char *config_context = NULL; + const char *attrs[] = { configurationNamingContext, NULL }; + + status = ads_do_search(ads, , LDAP_SCOPE_BASE, + (objectclass=*), attrs, res); + if (!ADS_ERR_OK(status)) { + return status; + } + + config_context = ads_pull_string(ads, mem_ctx, res, +configurationNamingContext); + ads_msgfree(ads, res); + if (!config_context) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + if (config_path) { + *config_path = talloc_strdup(mem_ctx, config_context); + if (!*config_path) { +
svn commit: samba r23837 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 13:30:38 + (Wed, 11 Jul 2007) New Revision: 23837 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23837 Log: Pass ADS_STRUCT and TALLOC_CTX down to ads_disp_sd. Guenther Modified: branches/SAMBA_3_2/source/libads/disp_sec.c branches/SAMBA_3_2/source/libads/ldap.c branches/SAMBA_3_2_0/source/libads/disp_sec.c branches/SAMBA_3_2_0/source/libads/ldap.c Changeset: Modified: branches/SAMBA_3_2/source/libads/disp_sec.c === --- branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 13:26:04 UTC (rev 23836) +++ branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 13:30:38 UTC (rev 23837) @@ -80,7 +80,7 @@ puts(); } -static void ads_disp_sec_ace_object(struct security_ace_object *object) +static void ads_disp_sec_ace_object(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace_object *object) { if (object-flags SEC_ACE_OBJECT_PRESENT) { printf(Object type: SEC_ACE_OBJECT_PRESENT\n); @@ -95,7 +95,7 @@ } /* display ACE */ -static void ads_disp_ace(SEC_ACE *sec_ace) +static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_ACE *sec_ace) { const char *access_type = UNKNOWN; @@ -132,7 +132,7 @@ sid_string_static(sec_ace-trustee), access_type); if (sec_ace_object(sec_ace-type)) { - ads_disp_sec_ace_object(sec_ace-object.object); + ads_disp_sec_ace_object(ads, mem_ctx, sec_ace-object.object); } ads_disp_perms(sec_ace-access_mask); @@ -153,7 +153,7 @@ } /* display SD */ -void ads_disp_sd(SEC_DESC *sd) +void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd) { int i; @@ -165,11 +165,11 @@ ads_disp_acl(sd-sacl, system); for (i = 0; i sd-sacl-num_aces; i ++) - ads_disp_ace(sd-sacl-aces[i]); + ads_disp_ace(ads, mem_ctx, sd-sacl-aces[i]); ads_disp_acl(sd-dacl, user); for (i = 0; i sd-dacl-num_aces; i ++) - ads_disp_ace(sd-dacl-aces[i]); + ads_disp_ace(ads, mem_ctx, sd-dacl-aces[i]); printf(-- End Of Security Descriptor\n); } Modified: branches/SAMBA_3_2/source/libads/ldap.c === --- branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 13:26:04 UTC (rev 23836) +++ branches/SAMBA_3_2/source/libads/ldap.c 2007-07-11 13:30:38 UTC (rev 23837) @@ -1837,7 +1837,9 @@ talloc_destroy(ctx); return; } - if (psd) ads_disp_sd(psd); + if (psd) { + ads_disp_sd(ads, ctx, psd); + } prs_mem_free(ps); talloc_destroy(ctx); Modified: branches/SAMBA_3_2_0/source/libads/disp_sec.c === --- branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 13:26:04 UTC (rev 23836) +++ branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 13:30:38 UTC (rev 23837) @@ -80,7 +80,7 @@ puts(); } -static void ads_disp_sec_ace_object(struct security_ace_object *object) +static void ads_disp_sec_ace_object(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace_object *object) { if (object-flags SEC_ACE_OBJECT_PRESENT) { printf(Object type: SEC_ACE_OBJECT_PRESENT\n); @@ -95,7 +95,7 @@ } /* display ACE */ -static void ads_disp_ace(SEC_ACE *sec_ace) +static void ads_disp_ace(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_ACE *sec_ace) { const char *access_type = UNKNOWN; @@ -132,7 +132,7 @@ sid_string_static(sec_ace-trustee), access_type); if (sec_ace_object(sec_ace-type)) { - ads_disp_sec_ace_object(sec_ace-object.object); + ads_disp_sec_ace_object(ads, mem_ctx, sec_ace-object.object); } ads_disp_perms(sec_ace-access_mask); @@ -153,7 +153,7 @@ } /* display SD */ -void ads_disp_sd(SEC_DESC *sd) +void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd) { int i; @@ -165,11 +165,11 @@ ads_disp_acl(sd-sacl, system); for (i = 0; i sd-sacl-num_aces; i ++) - ads_disp_ace(sd-sacl-aces[i]); + ads_disp_ace(ads, mem_ctx, sd-sacl-aces[i]); ads_disp_acl(sd-dacl, user); for (i = 0; i sd-dacl-num_aces; i ++) - ads_disp_ace(sd-dacl-aces[i]); + ads_disp_ace(ads, mem_ctx, sd-dacl-aces[i]); printf(-- End Of Security Descriptor\n); } Modified: branches/SAMBA_3_2_0/source/libads/ldap.c === --- branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-11 13:26:04 UTC (rev 23836) +++ branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-11 13:30:38 UTC (rev 23837) @@ -1837,7 +1837,9 @@
svn commit: samba r23838 - in branches: SAMBA_3_2/source/include SAMBA_3_2/source/libads SAMBA_3_2_0/source/include SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 13:32:57 + (Wed, 11 Jul 2007) New Revision: 23838 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23838 Log: Allow to store schema and config path in ADS_STRUCT config. Guenther Modified: branches/SAMBA_3_2/source/include/ads.h branches/SAMBA_3_2/source/libads/ads_struct.c branches/SAMBA_3_2_0/source/include/ads.h branches/SAMBA_3_2_0/source/libads/ads_struct.c Changeset: Modified: branches/SAMBA_3_2/source/include/ads.h === --- branches/SAMBA_3_2/source/include/ads.h 2007-07-11 13:30:38 UTC (rev 23837) +++ branches/SAMBA_3_2/source/include/ads.h 2007-07-11 13:32:57 UTC (rev 23838) @@ -58,6 +58,8 @@ char *client_site_name; time_t current_time; int tried_closest_dc; + char *schema_path; + char *config_path; } config; } ADS_STRUCT; Modified: branches/SAMBA_3_2/source/libads/ads_struct.c === --- branches/SAMBA_3_2/source/libads/ads_struct.c 2007-07-11 13:30:38 UTC (rev 23837) +++ branches/SAMBA_3_2/source/libads/ads_struct.c 2007-07-11 13:32:57 UTC (rev 23838) @@ -159,6 +159,8 @@ SAFE_FREE((*ads)-config.ldap_server_name); SAFE_FREE((*ads)-config.server_site_name); SAFE_FREE((*ads)-config.client_site_name); + SAFE_FREE((*ads)-config.schema_path); + SAFE_FREE((*ads)-config.config_path); ZERO_STRUCTP(*ads); Modified: branches/SAMBA_3_2_0/source/include/ads.h === --- branches/SAMBA_3_2_0/source/include/ads.h 2007-07-11 13:30:38 UTC (rev 23837) +++ branches/SAMBA_3_2_0/source/include/ads.h 2007-07-11 13:32:57 UTC (rev 23838) @@ -58,6 +58,8 @@ char *client_site_name; time_t current_time; int tried_closest_dc; + char *schema_path; + char *config_path; } config; } ADS_STRUCT; Modified: branches/SAMBA_3_2_0/source/libads/ads_struct.c === --- branches/SAMBA_3_2_0/source/libads/ads_struct.c 2007-07-11 13:30:38 UTC (rev 23837) +++ branches/SAMBA_3_2_0/source/libads/ads_struct.c 2007-07-11 13:32:57 UTC (rev 23838) @@ -159,6 +159,8 @@ SAFE_FREE((*ads)-config.ldap_server_name); SAFE_FREE((*ads)-config.server_site_name); SAFE_FREE((*ads)-config.client_site_name); + SAFE_FREE((*ads)-config.schema_path); + SAFE_FREE((*ads)-config.config_path); ZERO_STRUCTP(*ads);
svn commit: samba r23839 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 13:41:04 + (Wed, 11 Jul 2007) New Revision: 23839 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23839 Log: Try to get the attribute name from schema GUIDs or the display name from extended rights GUID from ad while dumping the security descriptors's aces. This would perform much better with a guid cache, but for the rare cases where it is used net ads search cn=mymachine ntSecurityDescriptor -U user%pass it should be ok for now. Guenther Modified: branches/SAMBA_3_2/source/libads/disp_sec.c branches/SAMBA_3_2/source/libads/ldap_schema.c branches/SAMBA_3_2_0/source/libads/disp_sec.c branches/SAMBA_3_2_0/source/libads/ldap_schema.c Changeset: Modified: branches/SAMBA_3_2/source/libads/disp_sec.c === --- branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 13:32:57 UTC (rev 23838) +++ branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 13:41:04 UTC (rev 23839) @@ -80,17 +80,45 @@ puts(); } -static void ads_disp_sec_ace_object(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_ace_object *object) +static const char *ads_interprete_guid_from_object(ADS_STRUCT *ads, + TALLOC_CTX *mem_ctx, + const struct GUID *guid) { + const char *ret = NULL; + + ret = ads_get_attrname_by_guid(ads, ads-config.schema_path, + mem_ctx, guid); + if (ret) { + return talloc_asprintf(mem_ctx, LDAP attribute: \%s\, ret); + } + + ret = ads_get_extended_right_name_by_guid(ads, ads-config.config_path, + mem_ctx, guid); + + if (ret) { + return talloc_asprintf(mem_ctx, Extended right: \%s\, ret); + } + + return ret; +} + +static void ads_disp_sec_ace_object(ADS_STRUCT *ads, + TALLOC_CTX *mem_ctx, + struct security_ace_object *object) +{ if (object-flags SEC_ACE_OBJECT_PRESENT) { printf(Object type: SEC_ACE_OBJECT_PRESENT\n); - printf(Object GUID: %s\n, smb_uuid_string_static( - object-type.type)); + printf(Object GUID: %s (%s)\n, smb_uuid_string_static( + object-type.type), + ads_interprete_guid_from_object(ads, mem_ctx, + object-type.type)); } if (object-flags SEC_ACE_OBJECT_INHERITED_PRESENT) { printf(Object type: SEC_ACE_OBJECT_INHERITED_PRESENT\n); - printf(Object GUID: %s\n, smb_uuid_string_static( - object-inherited_type.inherited_type)); + printf(Object GUID: %s (%s)\n, smb_uuid_string_static( + object-inherited_type.inherited_type), + ads_interprete_guid_from_object(ads, mem_ctx, + object-inherited_type.inherited_type)); } } @@ -156,7 +184,20 @@ void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, SEC_DESC *sd) { int i; - + char *tmp_path = NULL; + + if (!ads-config.schema_path) { + if (ADS_ERR_OK(ads_schema_path(ads, mem_ctx, tmp_path))) { + ads-config.schema_path = SMB_STRDUP(tmp_path); + } + } + + if (!ads-config.config_path) { + if (ADS_ERR_OK(ads_config_path(ads, mem_ctx, tmp_path))) { + ads-config.config_path = SMB_STRDUP(tmp_path); + } + } + printf(-- Security Descriptor (revision: %d, type: 0x%02x)\n, sd-revision, sd-type); Modified: branches/SAMBA_3_2/source/libads/ldap_schema.c === --- branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 13:32:57 UTC (rev 23838) +++ branches/SAMBA_3_2/source/libads/ldap_schema.c 2007-07-11 13:41:04 UTC (rev 23839) @@ -195,7 +195,7 @@ /* */ -static ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path) +ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path) { ADS_STATUS status; LDAPMessage *res; Modified: branches/SAMBA_3_2_0/source/libads/disp_sec.c === --- branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 13:32:57 UTC (rev 23838) +++ branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 13:41:04 UTC (rev 23839) @@ -80,17 +80,45 @@ puts(); } -static void
svn commit: samba r23840 - in branches: SAMBA_3_2/source SAMBA_3_2_0/source
Author: gd Date: 2007-07-11 14:35:48 + (Wed, 11 Jul 2007) New Revision: 23840 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23840 Log: Fix the build. Guenther Modified: branches/SAMBA_3_2/source/Makefile.in branches/SAMBA_3_2_0/source/Makefile.in Changeset: Modified: branches/SAMBA_3_2/source/Makefile.in === --- branches/SAMBA_3_2/source/Makefile.in 2007-07-11 13:41:04 UTC (rev 23839) +++ branches/SAMBA_3_2/source/Makefile.in 2007-07-11 14:35:48 UTC (rev 23840) @@ -321,10 +321,9 @@ libads/krb5_setpw.o libads/ldap_user.o \ libads/ads_struct.o libads/kerberos_keytab.o \ libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \ -libads/authdata.o libads/cldap.o +libads/authdata.o libads/cldap.o libads/ldap_schema.o -LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o \ - libads/ldap_schema.o +LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o SECRETS_OBJ = passdb/secrets.o passdb/machine_sid.o Modified: branches/SAMBA_3_2_0/source/Makefile.in === --- branches/SAMBA_3_2_0/source/Makefile.in 2007-07-11 13:41:04 UTC (rev 23839) +++ branches/SAMBA_3_2_0/source/Makefile.in 2007-07-11 14:35:48 UTC (rev 23840) @@ -313,10 +313,9 @@ libads/krb5_setpw.o libads/ldap_user.o \ libads/ads_struct.o libads/kerberos_keytab.o \ libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \ -libads/authdata.o libads/cldap.o +libads/authdata.o libads/cldap.o libads/ldap_schema.o -LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o \ - libads/ldap_schema.o +LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o SECRETS_OBJ = passdb/secrets.o passdb/machine_sid.o
svn commit: samba r23841 - in branches: SAMBA_3_2/source/lib SAMBA_3_2_0/source/lib
Author: gd Date: 2007-07-11 15:23:51 + (Wed, 11 Jul 2007) New Revision: 23841 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23841 Log: Show all acl types when displaying a security descriptor. Guenther Modified: branches/SAMBA_3_2/source/lib/display_sec.c branches/SAMBA_3_2_0/source/lib/display_sec.c Changeset: Modified: branches/SAMBA_3_2/source/lib/display_sec.c === --- branches/SAMBA_3_2/source/lib/display_sec.c 2007-07-11 14:35:48 UTC (rev 23840) +++ branches/SAMBA_3_2/source/lib/display_sec.c 2007-07-11 15:23:51 UTC (rev 23841) @@ -135,13 +135,20 @@ fstrcat(typestr, SEC_DESC_DACL_TRUSTED ); if (type SEC_DESC_SERVER_SECURITY)/* 0x0080 */ fstrcat(typestr, SEC_DESC_SERVER_SECURITY ); - if (type 0x0100) fstrcat(typestr, 0x0100 ); - if (type 0x0200) fstrcat(typestr, 0x0200 ); - if (type 0x0400) fstrcat(typestr, 0x0400 ); - if (type 0x0800) fstrcat(typestr, 0x0800 ); - if (type 0x1000) fstrcat(typestr, 0x1000 ); - if (type 0x2000) fstrcat(typestr, 0x2000 ); - if (type 0x4000) fstrcat(typestr, 0x4000 ); + if (type SEC_DESC_DACL_AUTO_INHERIT_REQ) /* 0x0100 */ + fstrcat(typestr, SEC_DESC_DACL_AUTO_INHERIT_REQ ); + if (type SEC_DESC_SACL_AUTO_INHERIT_REQ) /* 0x0200 */ + fstrcat(typestr, SEC_DESC_SACL_AUTO_INHERIT_REQ ); + if (type SEC_DESC_DACL_AUTO_INHERITED) /* 0x0400 */ + fstrcat(typestr, SEC_DESC_DACL_AUTO_INHERITED ); + if (type SEC_DESC_SACL_AUTO_INHERITED) /* 0x0800 */ + fstrcat(typestr, SEC_DESC_SACL_AUTO_INHERITED ); + if (type SEC_DESC_DACL_PROTECTED) /* 0x1000 */ + fstrcat(typestr, SEC_DESC_DACL_PROTECTED ); + if (type SEC_DESC_SACL_PROTECTED) /* 0x2000 */ + fstrcat(typestr, SEC_DESC_SACL_PROTECTED ); + if (type SEC_DESC_RM_CONTROL_VALID) /* 0x4000 */ + fstrcat(typestr, SEC_DESC_RM_CONTROL_VALID ); if (type SEC_DESC_SELF_RELATIVE) /* 0x8000 */ fstrcat(typestr, SEC_DESC_SELF_RELATIVE ); Modified: branches/SAMBA_3_2_0/source/lib/display_sec.c === --- branches/SAMBA_3_2_0/source/lib/display_sec.c 2007-07-11 14:35:48 UTC (rev 23840) +++ branches/SAMBA_3_2_0/source/lib/display_sec.c 2007-07-11 15:23:51 UTC (rev 23841) @@ -135,13 +135,20 @@ fstrcat(typestr, SEC_DESC_DACL_TRUSTED ); if (type SEC_DESC_SERVER_SECURITY)/* 0x0080 */ fstrcat(typestr, SEC_DESC_SERVER_SECURITY ); - if (type 0x0100) fstrcat(typestr, 0x0100 ); - if (type 0x0200) fstrcat(typestr, 0x0200 ); - if (type 0x0400) fstrcat(typestr, 0x0400 ); - if (type 0x0800) fstrcat(typestr, 0x0800 ); - if (type 0x1000) fstrcat(typestr, 0x1000 ); - if (type 0x2000) fstrcat(typestr, 0x2000 ); - if (type 0x4000) fstrcat(typestr, 0x4000 ); + if (type SEC_DESC_DACL_AUTO_INHERIT_REQ) /* 0x0100 */ + fstrcat(typestr, SEC_DESC_DACL_AUTO_INHERIT_REQ ); + if (type SEC_DESC_SACL_AUTO_INHERIT_REQ) /* 0x0200 */ + fstrcat(typestr, SEC_DESC_SACL_AUTO_INHERIT_REQ ); + if (type SEC_DESC_DACL_AUTO_INHERITED) /* 0x0400 */ + fstrcat(typestr, SEC_DESC_DACL_AUTO_INHERITED ); + if (type SEC_DESC_SACL_AUTO_INHERITED) /* 0x0800 */ + fstrcat(typestr, SEC_DESC_SACL_AUTO_INHERITED ); + if (type SEC_DESC_DACL_PROTECTED) /* 0x1000 */ + fstrcat(typestr, SEC_DESC_DACL_PROTECTED ); + if (type SEC_DESC_SACL_PROTECTED) /* 0x2000 */ + fstrcat(typestr, SEC_DESC_SACL_PROTECTED ); + if (type SEC_DESC_RM_CONTROL_VALID) /* 0x4000 */ + fstrcat(typestr, SEC_DESC_RM_CONTROL_VALID ); if (type SEC_DESC_SELF_RELATIVE) /* 0x8000 */ fstrcat(typestr, SEC_DESC_SELF_RELATIVE );
svn commit: samba r23842 - in branches: SAMBA_3_2/source/libads SAMBA_3_2_0/source/libads
Author: gd Date: 2007-07-11 15:46:01 + (Wed, 11 Jul 2007) New Revision: 23842 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23842 Log: Attempt to fix the build with LDAP. Guenther Modified: branches/SAMBA_3_2/source/libads/disp_sec.c branches/SAMBA_3_2_0/source/libads/disp_sec.c Changeset: Modified: branches/SAMBA_3_2/source/libads/disp_sec.c === --- branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 15:23:51 UTC (rev 23841) +++ branches/SAMBA_3_2/source/libads/disp_sec.c 2007-07-11 15:46:01 UTC (rev 23842) @@ -19,6 +19,8 @@ #include includes.h +#ifdef HAVE_LDAP + static struct perm_mask_str { uint32 mask; const char *str; @@ -215,4 +217,4 @@ printf(-- End Of Security Descriptor\n); } - +#endif Modified: branches/SAMBA_3_2_0/source/libads/disp_sec.c === --- branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 15:23:51 UTC (rev 23841) +++ branches/SAMBA_3_2_0/source/libads/disp_sec.c 2007-07-11 15:46:01 UTC (rev 23842) @@ -19,6 +19,8 @@ #include includes.h +#ifdef HAVE_LDAP + static struct perm_mask_str { uint32 mask; const char *str; @@ -215,4 +217,4 @@ printf(-- End Of Security Descriptor\n); } - +#endif
svn commit: samba r23843 - in branches: SAMBA_3_0_25/source/smbd SAMBA_3_2/source/smbd SAMBA_3_2_0/source/smbd
Author: jra Date: 2007-07-11 21:01:06 + (Wed, 11 Jul 2007) New Revision: 23843 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23843 Log: Fix bug #4777, reported by Bill Marshall [EMAIL PROTECTED]. Doing a DFS traverse through a deep link could fail (not using explorer). Jeremy. Modified: branches/SAMBA_3_0_25/source/smbd/msdfs.c branches/SAMBA_3_2/source/smbd/msdfs.c branches/SAMBA_3_2_0/source/smbd/msdfs.c Changeset: Modified: branches/SAMBA_3_0_25/source/smbd/msdfs.c === --- branches/SAMBA_3_0_25/source/smbd/msdfs.c 2007-07-11 15:46:01 UTC (rev 23842) +++ branches/SAMBA_3_0_25/source/smbd/msdfs.c 2007-07-11 21:01:06 UTC (rev 23843) @@ -388,7 +388,8 @@ pstrcpy(localpath, pdp-reqpath); status = unix_convert(conn, localpath, search_flag, NULL, sbuf); - if (!NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_IS_OK(status) !NT_STATUS_EQUAL(status, + NT_STATUS_OBJECT_PATH_NOT_FOUND)) { return status; } Modified: branches/SAMBA_3_2/source/smbd/msdfs.c === --- branches/SAMBA_3_2/source/smbd/msdfs.c 2007-07-11 15:46:01 UTC (rev 23842) +++ branches/SAMBA_3_2/source/smbd/msdfs.c 2007-07-11 21:01:06 UTC (rev 23843) @@ -389,7 +389,8 @@ pstrcpy(localpath, pdp-reqpath); status = unix_convert(conn, localpath, search_flag, NULL, sbuf); - if (!NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_IS_OK(status) !NT_STATUS_EQUAL(status, + NT_STATUS_OBJECT_PATH_NOT_FOUND)) { return status; } Modified: branches/SAMBA_3_2_0/source/smbd/msdfs.c === --- branches/SAMBA_3_2_0/source/smbd/msdfs.c2007-07-11 15:46:01 UTC (rev 23842) +++ branches/SAMBA_3_2_0/source/smbd/msdfs.c2007-07-11 21:01:06 UTC (rev 23843) @@ -389,7 +389,8 @@ pstrcpy(localpath, pdp-reqpath); status = unix_convert(conn, localpath, search_flag, NULL, sbuf); - if (!NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_IS_OK(status) !NT_STATUS_EQUAL(status, + NT_STATUS_OBJECT_PATH_NOT_FOUND)) { return status; }
svn commit: samba r23844 - in branches: SAMBA_3_2/source/smbd SAMBA_3_2_0/source/smbd
Author: jra Date: 2007-07-11 22:39:11 + (Wed, 11 Jul 2007) New Revision: 23844 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23844 Log: Add patch series from Volker (after review and consultation). 0001-Save-a-strdup-in-stat_cache_add.patch 0002-Use-ISDOT-and-ISDOTDOT.patch 0003-Move-fname_equal-around.patch 0004-unix_convert-pstring-dirpath-char.patch 0005-Ignore-.o-files.patch 0006-Get-rid-of-pstrings-inside-unix_convert.patch 0007-revert-pstring-unix_convert.patch 0008-Make-name-an-allocated-pstring-inside-unix_convert.patch 0009-Pass-explicit-pstring-to-mangle_check_cache.patch 0010-Don-t-overwrite-orig_path-unnecessarily.patch 0011-Defer-allocating-name.patch 0012-Make-sure-dirpath-is-always-correctly-allocated.patch 0013-Remove-one-pstring-dependency-in-unix_convert.patch 0014-Remove-more-name-pstring-dependencies.patch 0015-Hide-the-nasty-API-of-mangle_check_cache-in-mangle_c.patch 0016-name-does-not-need-to-be-pstring-size-anymore.patch 0017-Make-use-of-ISDOT-and-ISDOTDOT.patch 0018-Remove-pstring-from-stat_cache_lookup.patch 0019-Add-my-copyright.patch To remove pstrings from statcache and unix_convert. Jeremy. Modified: branches/SAMBA_3_2/source/smbd/filename.c branches/SAMBA_3_2/source/smbd/mangle.c branches/SAMBA_3_2/source/smbd/statcache.c branches/SAMBA_3_2_0/source/smbd/filename.c branches/SAMBA_3_2_0/source/smbd/mangle.c branches/SAMBA_3_2_0/source/smbd/statcache.c Changeset: Sorry, the patch is too large (1707 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23844
svn commit: samba r23845 - in branches: SAMBA_3_0_25/source/libsmb SAMBA_3_2/source/lib SAMBA_3_2_0/source/lib
Author: jra Date: 2007-07-11 23:40:14 + (Wed, 11 Jul 2007) New Revision: 23845 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23845 Log: Second part of the fix for #4777. Looks like on AIX opendir returns an errno of ELOOP for a symlink of msdfs:server\path\to\link. Cope with this by mapping to a known error NT_STATUS_OBJECT_PATH_NOT_FOUND that we know dfs_path_lookup should ignore. Jeremy. Modified: branches/SAMBA_3_0_25/source/libsmb/errormap.c branches/SAMBA_3_2/source/lib/errmap_unix.c branches/SAMBA_3_2_0/source/lib/errmap_unix.c Changeset: Modified: branches/SAMBA_3_0_25/source/libsmb/errormap.c === --- branches/SAMBA_3_0_25/source/libsmb/errormap.c 2007-07-11 22:39:11 UTC (rev 23844) +++ branches/SAMBA_3_0_25/source/libsmb/errormap.c 2007-07-11 23:40:14 UTC (rev 23845) @@ -1521,6 +1521,9 @@ { ENOMEM, ERRDOS, ERRnomem, NT_STATUS_NO_MEMORY }, { EISDIR, ERRDOS, ERRnoaccess, NT_STATUS_FILE_IS_A_DIRECTORY}, { EMLINK, ERRDOS, ERRgeneral, NT_STATUS_TOO_MANY_LINKS }, +#ifdef ELOOP + { ELOOP, ERRDOS, ERRbadpath, NT_STATUS_OBJECT_PATH_NOT_FOUND }, +#endif #ifdef EDQUOT { EDQUOT, ERRHRD, ERRdiskfull, NT_STATUS_DISK_FULL }, /* Windows apps need this, not NT_STATUS_QUOTA_EXCEEDED */ #endif Modified: branches/SAMBA_3_2/source/lib/errmap_unix.c === --- branches/SAMBA_3_2/source/lib/errmap_unix.c 2007-07-11 22:39:11 UTC (rev 23844) +++ branches/SAMBA_3_2/source/lib/errmap_unix.c 2007-07-11 23:40:14 UTC (rev 23845) @@ -40,6 +40,9 @@ { EISDIR, ERRDOS, ERRnoaccess, NT_STATUS_FILE_IS_A_DIRECTORY}, { EMLINK, ERRDOS, ERRgeneral, NT_STATUS_TOO_MANY_LINKS }, { EINTR, ERRHRD, ERRgeneral, NT_STATUS_RETRY }, +#ifdef ELOOP + { ELOOP, ERRDOS, ERRbadpath, NT_STATUS_OBJECT_PATH_NOT_FOUND }, +#endif #ifdef EDQUOT { EDQUOT, ERRHRD, ERRdiskfull, NT_STATUS_DISK_FULL }, /* Windows apps need this, not NT_STATUS_QUOTA_EXCEEDED */ #endif Modified: branches/SAMBA_3_2_0/source/lib/errmap_unix.c === --- branches/SAMBA_3_2_0/source/lib/errmap_unix.c 2007-07-11 22:39:11 UTC (rev 23844) +++ branches/SAMBA_3_2_0/source/lib/errmap_unix.c 2007-07-11 23:40:14 UTC (rev 23845) @@ -40,6 +40,9 @@ { EISDIR, ERRDOS, ERRnoaccess, NT_STATUS_FILE_IS_A_DIRECTORY}, { EMLINK, ERRDOS, ERRgeneral, NT_STATUS_TOO_MANY_LINKS }, { EINTR, ERRHRD, ERRgeneral, NT_STATUS_RETRY }, +#ifdef ELOOP + { ELOOP, ERRDOS, ERRbadpath, NT_STATUS_OBJECT_PATH_NOT_FOUND }, +#endif #ifdef EDQUOT { EDQUOT, ERRHRD, ERRdiskfull, NT_STATUS_DISK_FULL }, /* Windows apps need this, not NT_STATUS_QUOTA_EXCEEDED */ #endif
svn commit: samba r23846 - in branches: SAMBA_3_0_25/source/smbd SAMBA_3_2/source/smbd SAMBA_3_2_0/source/smbd
Author: jra Date: 2007-07-11 23:54:01 + (Wed, 11 Jul 2007) New Revision: 23846 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23846 Log: Belt-and-braces on the msdfs bug. Ensure ELOOP maps correctly. Jeremy. Modified: branches/SAMBA_3_0_25/source/smbd/filename.c branches/SAMBA_3_2/source/smbd/filename.c branches/SAMBA_3_2_0/source/smbd/filename.c Changeset: Modified: branches/SAMBA_3_0_25/source/smbd/filename.c === --- branches/SAMBA_3_0_25/source/smbd/filename.c2007-07-11 23:40:14 UTC (rev 23845) +++ branches/SAMBA_3_0_25/source/smbd/filename.c2007-07-11 23:54:01 UTC (rev 23846) @@ -392,20 +392,25 @@ * these two errors. */ - /* ENOENT and ENOTDIR both map to NT_STATUS_OBJECT_PATH_NOT_FOUND - in the filename walk. */ + /* ENOENT, ENOTDIR and ELOOP all map to +* NT_STATUS_OBJECT_PATH_NOT_FOUND +* in the filename walk. */ - if (errno == ENOENT || errno == ENOTDIR) { + if (errno == ENOENT || + errno == ENOTDIR || + errno == ELOOP) { return NT_STATUS_OBJECT_PATH_NOT_FOUND; } return map_nt_error_from_unix(errno); } - + /* ENOENT is the only valid error here. */ if (errno != ENOENT) { - /* ENOENT and ENOTDIR both map to NT_STATUS_OBJECT_PATH_NOT_FOUND - in the filename walk. */ - if (errno == ENOTDIR) { + /* ENOTDIR and ELOOP both map to +* NT_STATUS_OBJECT_PATH_NOT_FOUND +* in the filename walk. */ + if (errno == ENOTDIR || + errno == ELOOP) { return NT_STATUS_OBJECT_PATH_NOT_FOUND; } return map_nt_error_from_unix(errno); Modified: branches/SAMBA_3_2/source/smbd/filename.c === --- branches/SAMBA_3_2/source/smbd/filename.c 2007-07-11 23:40:14 UTC (rev 23845) +++ branches/SAMBA_3_2/source/smbd/filename.c 2007-07-11 23:54:01 UTC (rev 23846) @@ -396,10 +396,15 @@ * these two errors. */ - /* ENOENT and ENOTDIR both map to NT_STATUS_OBJECT_PATH_NOT_FOUND - in the filename walk. */ + /* +* ENOENT, ENOTDIR and ELOOP all map +* to NT_STATUS_OBJECT_PATH_NOT_FOUND +* in the filename walk. +*/ - if (errno == ENOENT || errno == ENOTDIR) { + if (errno == ENOENT || + errno == ENOTDIR || + errno == ELOOP) { result = NT_STATUS_OBJECT_PATH_NOT_FOUND; } else { @@ -410,9 +415,13 @@ /* ENOENT is the only valid error here. */ if (errno != ENOENT) { - /* ENOENT and ENOTDIR both map to NT_STATUS_OBJECT_PATH_NOT_FOUND - in the filename walk. */ - if (errno == ENOTDIR) { + /* +* ENOTDIR and ELOOP both map to +* NT_STATUS_OBJECT_PATH_NOT_FOUND +* in the filename walk. +*/ + if (errno == ENOTDIR || + errno == ELOOP) { result
Build status as of Thu Jul 12 00:00:02 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-07-11 00:01:29.0 + +++ /home/build/master/cache/broken_results.txt 2007-07-12 00:00:57.0 + @@ -1,24 +1,24 @@ -Build status as of Wed Jul 11 00:00:02 2007 +Build status as of Thu Jul 12 00:00:02 2007 Build counts: Tree Total Broken Panic SOC 0 0 0 build_farm 0 0 0 -ccache 34 7 0 +ccache 35 8 0 ctdb 0 0 0 distcc 2 0 0 -ldb 33 2 0 -libreplace 32 9 0 -lorikeet-heimdal 30 13 0 -pidl 18 4 0 +ldb 33 3 0 +libreplace 33 10 0 +lorikeet-heimdal 31 14 0 +pidl 19 4 0 ppp 15 10 0 python 0 0 0 -rsync34 13 0 +rsync35 14 0 samba-docs 0 0 0 samba-gtk4 4 0 -samba4 32 20 6 -samba_3_232 17 0 -smb-build31 31 0 -talloc 34 0 0 -tdb 33 0 0 +samba4 33 21 5 +samba_3_233 19 0 +smb-build32 32 0 +talloc 35 1 0 +tdb 34 2 0
svn commit: samba r23847 - in branches: SAMBA_3_2/source/lib SAMBA_3_2_0/source/lib
Author: jra Date: 2007-07-12 00:42:09 + (Thu, 12 Jul 2007) New Revision: 23847 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23847 Log: As Dr. Volker says, A pstring a day. Jeremy. Modified: branches/SAMBA_3_2/source/lib/util.c branches/SAMBA_3_2_0/source/lib/util.c Changeset: Modified: branches/SAMBA_3_2/source/lib/util.c === --- branches/SAMBA_3_2/source/lib/util.c2007-07-11 23:54:01 UTC (rev 23846) +++ branches/SAMBA_3_2/source/lib/util.c2007-07-12 00:42:09 UTC (rev 23847) @@ -1856,8 +1856,7 @@ BOOL is_in_path(const char *name, name_compare_entry *namelist, BOOL case_sensitive) { - pstring last_component; - char *p; + const char *last_component; /* if we have no list it's obviously not in the path */ if((namelist == NULL ) || ((namelist != NULL) (namelist[0].name == NULL))) { @@ -1867,8 +1866,12 @@ DEBUG(8, (is_in_path: %s\n, name)); /* Get the last component of the unix name. */ - p = strrchr_m(name, '/'); - pstrcpy(last_component, p ? ++p : name); + last_component = strrchr_m(name, '/'); + if (!last_component) { + last_component = name; + } else { + last_component++; /* Go past '/' */ + } for(; namelist-name != NULL; namelist++) { if(namelist-is_wild) { @@ -1885,7 +1888,6 @@ } } DEBUG(8,(is_in_path: match not found\n)); - return False; } @@ -2774,7 +2776,7 @@ of the .. name. ***/ -BOOL mask_match(const char *string, char *pattern, BOOL is_case_sensitive) +BOOL mask_match(const char *string, const char *pattern, BOOL is_case_sensitive) { if (strcmp(string,..) == 0) string = .; @@ -2790,7 +2792,7 @@ pattern translation. ***/ -BOOL mask_match_search(const char *string, char *pattern, BOOL is_case_sensitive) +BOOL mask_match_search(const char *string, const char *pattern, BOOL is_case_sensitive) { if (strcmp(string,..) == 0) string = .; Modified: branches/SAMBA_3_2_0/source/lib/util.c === --- branches/SAMBA_3_2_0/source/lib/util.c 2007-07-11 23:54:01 UTC (rev 23846) +++ branches/SAMBA_3_2_0/source/lib/util.c 2007-07-12 00:42:09 UTC (rev 23847) @@ -1835,8 +1835,7 @@ BOOL is_in_path(const char *name, name_compare_entry *namelist, BOOL case_sensitive) { - pstring last_component; - char *p; + const char *last_component; /* if we have no list it's obviously not in the path */ if((namelist == NULL ) || ((namelist != NULL) (namelist[0].name == NULL))) { @@ -1846,8 +1845,12 @@ DEBUG(8, (is_in_path: %s\n, name)); /* Get the last component of the unix name. */ - p = strrchr_m(name, '/'); - pstrcpy(last_component, p ? ++p : name); + last_component = strrchr_m(name, '/'); + if (!last_component) { + last_component = name; + } else { + last_component++; /* Go past '/' */ + } for(; namelist-name != NULL; namelist++) { if(namelist-is_wild) { @@ -1864,7 +1867,6 @@ } } DEBUG(8,(is_in_path: match not found\n)); - return False; } @@ -2754,7 +2756,7 @@ of the .. name. ***/ -BOOL mask_match(const char *string, char *pattern, BOOL is_case_sensitive) +BOOL mask_match(const char *string, const char *pattern, BOOL is_case_sensitive) { if (strcmp(string,..) == 0) string = .; @@ -2770,7 +2772,7 @@ pattern translation. ***/ -BOOL mask_match_search(const char *string, char *pattern, BOOL is_case_sensitive) +BOOL mask_match_search(const char *string, const char *pattern, BOOL is_case_sensitive) { if (strcmp(string,..) == 0) string = .;
svn commit: samba r23848 - in branches/SAMBA_4_0/source: param scripting/ejs
Author: abartlet Date: 2007-07-12 04:56:33 + (Thu, 12 Jul 2007) New Revision: 23848 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=23848 Log: Thanks to derrell for pointing out that I had not finished my patch to split out the auth methods. This caused all SWAT logins to fail, except when using local system authentication. Andrew Bartlett Modified: branches/SAMBA_4_0/source/param/loadparm.c branches/SAMBA_4_0/source/scripting/ejs/smbcalls_auth.c Changeset: Modified: branches/SAMBA_4_0/source/param/loadparm.c === --- branches/SAMBA_4_0/source/param/loadparm.c 2007-07-12 00:42:09 UTC (rev 23847) +++ branches/SAMBA_4_0/source/param/loadparm.c 2007-07-12 04:56:33 UTC (rev 23848) @@ -147,7 +147,6 @@ int cli_maxprotocol; int cli_minprotocol; int security; - char **AuthMethods; int paranoid_server_security; int max_wins_ttl; int min_wins_ttl; @@ -915,7 +914,6 @@ _PUBLIC_ FN_GLOBAL_INTEGER(lp_cli_maxprotocol, Globals.cli_maxprotocol) _PUBLIC_ FN_GLOBAL_INTEGER(lp_cli_minprotocol, Globals.cli_minprotocol) _PUBLIC_ FN_GLOBAL_INTEGER(lp_security, Globals.security) -_PUBLIC_ FN_GLOBAL_LIST(lp_auth_methods, Globals.AuthMethods) _PUBLIC_ FN_GLOBAL_BOOL(lp_paranoid_server_security, Globals.paranoid_server_security) _PUBLIC_ FN_GLOBAL_INTEGER(lp_announce_as, Globals.announce_as) _PUBLIC_ FN_GLOBAL_LIST(lp_js_include, Globals.jsInclude) Modified: branches/SAMBA_4_0/source/scripting/ejs/smbcalls_auth.c === --- branches/SAMBA_4_0/source/scripting/ejs/smbcalls_auth.c 2007-07-12 00:42:09 UTC (rev 23847) +++ branches/SAMBA_4_0/source/scripting/ejs/smbcalls_auth.c 2007-07-12 04:56:33 UTC (rev 23848) @@ -55,7 +55,11 @@ msg = messaging_client_init(tmp_ctx, ev); } - nt_status = auth_context_create_methods(tmp_ctx, auth_types, ev, msg, auth_context); + if (auth_types) { + nt_status = auth_context_create_methods(tmp_ctx, auth_types, ev, msg, auth_context); + } else { + nt_status = auth_context_create(tmp_ctx, ev, msg, auth_context); + } if (!NT_STATUS_IS_OK(nt_status)) { mprSetPropertyValue(auth, result, mprCreateBoolVar(False)); mprSetPropertyValue(auth, report, mprString(Auth System Failure)); @@ -173,7 +177,7 @@ if (domain (strcmp(SYSTEM USER, domain) == 0)) { ejs_doauth(eid, tmp_ctx, auth, username, password, domain, workstation, remote_host, auth_types_unix); } else { - ejs_doauth(eid, tmp_ctx, auth, username, password, domain, workstation, remote_host, lp_auth_methods()); + ejs_doauth(eid, tmp_ctx, auth, username, password, domain, workstation, remote_host, NULL); } mpr_Return(eid, auth);