FW: [Samba] Can't browse shares after shutdown domain controller.
From: Latrell Wang 王獻綱 Sent: Tuesday, August 07, 2007 12:34 PM To: 'John Drescher' Subject: RE: [Samba] Can't browse shares after shutdown domain controller. I use security = ads because win2000 is an ad domain. Does it make difference? Thanks, Latrell. From: John Drescher [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 07, 2007 12:11 PM To: Latrell Wang 王獻綱 Cc: samba@lists.samba.org Subject: Re: [Samba] Can't browse shares after shutdown domain controller. On 8/6/07, Latrell Wang 王獻綱 [EMAIL PROTECTED] wrote: Hi all: I joined my samba server to a win2000 domain controller. I found something interesting, if I shutdown the domain controller, I can't connect to my samba server through windows CIFS (\\IP file:///\\IP ). However, using smbclient can still browsing shares without a problem. Is it a normal situation?? Do you have security = domain in your samba.conf? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Request for explanation on NFS re-export issue
On Mon, Aug 06, 2007 at 03:03:09PM -0700, Ray Van Dolson wrote: In any case, setting strict locking = no on my Samba server makes things work, so this at least is getting me by. posix locking = no is more appropriate here. But however: DONT re-export nfs-imported shares with Samba. Install Samba on the NFS server. Volker pgpqTmozZBpld.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Request for explanation on NFS re-export issue
But however: DONT re-export nfs-imported shares with Samba. Install Samba on the NFS server. Just wondering as I have seen this advice a few times in the past. Would it be possible to use msdfs to make it look to the users that the files are still on one server as I have been exporting NFS links like that for many years and my users would be very upset if they had to go to 1/2 dozen servers instead of the one they have been using for years? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] windbind or ldap ?
Hello, I'd like to know if in a full samba environment is it better to use winbind or ldap to resolve id's ? users will connect from windows clients, linux clients with samba or also with ssh and nfs maybe. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] Probs to make Samba-3.0.25b
Hello List, is there really nobody out there who could give me a tip to solve the issue? Thanks a lot. Mit freundlichen Grüßen Michael Kaiser Business Unit IT-Services Network Solutions InfraServ GmbH Co. Gendorf KG Industriepark Werk GENDORF -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] org [mailto:[EMAIL PROTECTED] s.samba.org] Im Auftrag von [EMAIL PROTECTED] Gesendet: Freitag, 3. August 2007 08:16 An: samba@lists.samba.org Betreff: [Samba] Probs to make Samba-3.0.25b Hello List, I`m up to Install Samba 3.0.25b on a SuSE 8.1 Server. Samba 3.0.14a is already successfully installed and should be updated. By make the bins i get following error: --cut--- gilbi:/usr/src/tpe/samba-3.0.25b/source # make Using FLAGS = -O -D_SAMBA_BUILD_=3 -I/usr/src/tpe/samba-3.0.25b/source/iniparser/src -Iinclude -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include -I./libaddns -I./librpc -DHAVE_CONFIG_H -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -I/usr/src/tpe/samba-3.0.25b/source/lib -D_SAMBA_BUILD_=3 PICFLAG= -fPIC LIBS = -lcrypt -lcap -lresolv -lresolv -lnsl -ldl LDFLAGS= DYNEXP = -Wl,--export-dynamic LDSHFLAGS = -shared -Wl,-Bsymbolic -Wl,--allow-shlib-undefined SHLIBEXT = so SONAMEFLAG = -Wl,-soname= Generating smbd/build_options.c Building include/proto.h creating /usr/src/tpe/samba-3.0.25b/source/include/proto.h Building include/build_env.h creating /usr/src/tpe/samba-3.0.25b/source/nsswitch/winbindd_proto.h creating /usr/src/tpe/samba-3.0.25b/source/web/swat_proto.h creating /usr/src/tpe/samba-3.0.25b/source/client/client_proto.h creating /usr/src/tpe/samba-3.0.25b/source/utils/net_proto.h creating /usr/src/tpe/samba-3.0.25b/source/utils/ntlm_auth_proto.h Compiling dynconfig.c In file included from lib/replace/system/filesys.h:33, from include/includes.h:104, from /usr/src/tpe/samba-3.0.25b/source/dynconfig.c:21: /usr/include/sys/mount.h:36: parse error before numeric constant /usr/include/sys/mount.h:52: parse error before numeric constant The following command failed: gcc -O -D_SAMBA_BUILD_=3 -I/usr/src/tpe/samba-3.0.25b/source/iniparser/src -Iinclude -I./include -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include -I./libaddns -I./librpc -DHAVE_CONFIG_H -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -I/usr/src/tpe/samba-3.0.25b/source/lib -D_SAMBA_BUILD_=3 -DCONFIGFILE=/usr/local/samba/lib/smb.conf -DSBINDIR=/usr/local/samba/sbin -DBINDIR=/usr/local/samba/bin -DLMHOSTSFILE=/usr/local/samba/lib/lmhosts -DSWATDIR=/usr/local/samba/swat -DLOCKDIR=/usr/local/samba/var/locks -DPIDDIR=/usr/local/samba/var/locks -DLIBDIR=/usr/local/samba/lib -DLOGFILEBASE=/usr/local/samba/var -DSHLIBEXT=so -DCONFIGDIR=/usr/local/samba/lib -DSMB_PASSWD_FILE=/usr/local/samba/private/smbpasswd -DPRIVATE_DIR=/usr/local/samba/private -fPIC -c /usr/src/tpe/samba-3.0.25b/source/dynconfig.c -o dynconfig.o make: *** [dynconfig.o] Error 1 --cut--- Do you know about this issue? Thanks a lot! Mit freundlichen Grüßen Michael Kaiser Business Unit IT-Services Network Solutions InfraServ GmbH Co. Gendorf KG Industriepark Werk GENDORF -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] windbind or ldap ?
On 8/7/07, Frederic Descamps [EMAIL PROTECTED] wrote: Hello, I'd like to know if in a full samba environment is it better to use winbind or ldap to resolve id's ? users will connect from windows clients, linux clients with samba or also with ssh and nfs maybe. This depends if you are using active directory. If so I believe you have to use winbind otherwise you may use just ldap, just winbind or both. In a non active directory environment we use only ldap for years. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Wireless + samba domain.
hi there, for implementing samba domain, whit wireless suport, what are the possible solutions? the frist i think of is cached logins !! are there any others ? thanks Duarte Lázaro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Request for explanation on NFS re-export issue
On Tue, Aug 07, 2007 at 04:56:10AM -0400, John Drescher wrote: But however: DONT re-export nfs-imported shares with Samba. Install Samba on the NFS server. Just wondering as I have seen this advice a few times in the past. Would it be possible to use msdfs to make it look to the users that the files are still on one server as I have been exporting NFS links like that for many years and my users would be very upset if they had to go to 1/2 dozen servers instead of the one they have been using for years? Sure, but to switch from non-dfs to dfs be aware that you have to boot all clients. It may also be possible that you're right now sitting on a version that has the msdfs options set to yes. Check your testparm output. Volker pgpU9M1q3kwNa.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NTLM proxy auth against a Samba 3 server
Hi, Is it possible to configure NTLM HTTP proxy authentication using the winbind/squid ntlm_auth helper, to authenticate users against a Samba 3 server? I already have the NTLM auth working against a Windows 2003 Active Directory, but I also have a completely separate Samba 3 server that I would also like to configure NTLM proxy authentication against. Please advise, as I can't find anything on the web about this. Regards, Dan... -- Dan Searle Adelix Ltd [EMAIL PROTECTED] web: www.adelix.com tel: 0845 230 9590 / fax: 0845 230 9591 / support: 0845 230 9592 snail: The Old Post Office, Bristol Rd, Hambrook, Bristol BS16 1RY. UK. Adelix Ltd is a registered company in England Wales No. 4232156 VAT registration number 779 4232 91 Adelix Ltd is BS EN ISO 9001:2000 Certified (No. GB 12763) Any views expressed in this email communication are those of the individual sender, except where the sender specifically states them to be the views of a member of Adelix Ltd. Adelix Ltd. does not represent, warrant or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors or interference. Scanned for viruses, spam and offensive content by CensorNet MailSafe Professional Web E-mail Filtering from www.censornet.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NTLM proxy auth against a Samba 3 server
Quoting Dan Searle [EMAIL PROTECTED]: Do you mean this? http://adldap.sourceforge.net/mod_auth_ntlm_winbind.php Hi, Is it possible to configure NTLM HTTP proxy authentication using the winbind/squid ntlm_auth helper, to authenticate users against a Samba 3 server? I already have the NTLM auth working against a Windows 2003 Active Directory, but I also have a completely separate Samba 3 server that I would also like to configure NTLM proxy authentication against. Please advise, as I can't find anything on the web about this. Regards, Dan... -- Dan Searle Adelix Ltd [EMAIL PROTECTED] web: www.adelix.com tel: 0845 230 9590 / fax: 0845 230 9591 / support: 0845 230 9592 snail: The Old Post Office, Bristol Rd, Hambrook, Bristol BS16 1RY. UK. Adelix Ltd is a registered company in England Wales No. 4232156 VAT registration number 779 4232 91 Adelix Ltd is BS EN ISO 9001:2000 Certified (No. GB 12763) Any views expressed in this email communication are those of the individual sender, except where the sender specifically states them to be the views of a member of Adelix Ltd. Adelix Ltd. does not represent, warrant or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors or interference. Scanned for viruses, spam and offensive content by CensorNet MailSafe Professional Web E-mail Filtering from www.censornet.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NTLM proxy auth against a Samba 3 server
Hi, No, I have the ntlm_auth daemon working fine, authenticating squid proxy users against a Windows 2003 Active Directory server, however I want to replicate this functionality replacing the Windows 2003 server with a Samba 3 server. I.e. is it possible for a Samba 3 server to be the authentication server for the winbindd/ntlm_auth tools? Regards, Dan... Tuesday, August 7, 2007, 11:26:11 AM, you wrote: Quoting Dan Searle [EMAIL PROTECTED]: Do you mean this? http://adldap.sourceforge.net/mod_auth_ntlm_winbind.php Hi, Is it possible to configure NTLM HTTP proxy authentication using the winbind/squid ntlm_auth helper, to authenticate users against a Samba 3 server? I already have the NTLM auth working against a Windows 2003 Active Directory, but I also have a completely separate Samba 3 server that I would also like to configure NTLM proxy authentication against. Please advise, as I can't find anything on the web about this. Regards, Dan... -- Dan Searle Adelix Ltd [EMAIL PROTECTED] web: www.adelix.com tel: 0845 230 9590 / fax: 0845 230 9591 / support: 0845 230 9592 snail: The Old Post Office, Bristol Rd, Hambrook, Bristol BS16 1RY. UK. Adelix Ltd is a registered company in England Wales No. 4232156 VAT registration number 779 4232 91 Adelix Ltd is BS EN ISO 9001:2000 Certified (No. GB 12763) Any views expressed in this email communication are those of the individual sender, except where the sender specifically states them to be the views of a member of Adelix Ltd. Adelix Ltd. does not represent, warrant or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors or interference. Scanned for viruses, spam and offensive content by CensorNet MailSafe Professional Web E-mail Filtering from www.censornet.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer) -- Dan Searle Adelix Ltd [EMAIL PROTECTED] web: www.adelix.com tel: 0845 230 9590 / fax: 0845 230 9591 / support: 0845 230 9592 snail: The Old Post Office, Bristol Rd, Hambrook, Bristol BS16 1RY. UK. Adelix Ltd is a registered company in England Wales No. 4232156 VAT registration number 779 4232 91 Adelix Ltd is BS EN ISO 9001:2000 Certified (No. GB 12763) Any views expressed in this email communication are those of the individual sender, except where the sender specifically states them to be the views of a member of Adelix Ltd. Adelix Ltd. does not represent, warrant or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors or interference. Scanned for viruses, spam and offensive content by CensorNet MailSafe Professional Web E-mail Filtering from www.censornet.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP
Hi samba experts ! When using LDAP as the PW backend, is it possible to bypass the schema and object class stuff and just get the PW out of it? I'm aware that this can only work with plain-text passwords from the client side but I neither have a Windows domain (and I don't want to have one ;) nor do I want to maintain local samba users. A NetApp Filer can do it just the way I want ... TIA fw -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Request for explanation on NFS re-export issue
Sure, but to switch from non-dfs to dfs be aware that you have to boot all clients. It may also be possible that you're right now sitting on a version that has the msdfs options set to yes. Check your testparm output. Thanks, I know I have it set to no. Are there any serious drawbacks of using dfs? All the clients are XP. I have used it years ago when all our servers were windows 2000 machines but now these are all gone and have been replaced by linux machines. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: AW: [Samba] Probs to make Samba-3.0.25b
Hello Herr Kaiser, I really don't know, which part of the configuration or auto-header generator is responsible - but I would assume, that linux/fs.h is somehow included before sys/mount.h. Perhaps it's a simple workaround to delete one of these include options (maybe comment out HAVE_SYS_MOUNT_H in config.h). Hope, that helps, Martin [EMAIL PROTECTED] schrieb: Hello List, is there really nobody out there who could give me a tip to solve the issue? Thanks a lot. [...] By make the bins i get following error: [...] Compiling dynconfig.c In file included from lib/replace/system/filesys.h:33, from include/includes.h:104, from /usr/src/tpe/samba-3.0.25b/source/dynconfig.c:21: /usr/include/sys/mount.h:36: parse error before numeric constant /usr/include/sys/mount.h:52: parse error before numeric constant The following command failed: [...] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Slow opening files on Samba Version 3.0.22
Hello, We are running Samba Version 3.0.22-13.30-1290-SUSE-SLES10 on an iSeries LPAR with 512 memory and .10 of the processor and a GB NIC. I have successfully joined this server to our Windows 2000 active directory. I have copied over some data and setup some test shares and mapped the share on my pc.I can browse the files in the share with no problem but when I open any type of file on this server it takes 5-10 seconds to open a file. The files I am opening are really small files (around 16k). Closing the file take a little longer than expected. Does anyone have any ideas? Thanks in advance! Will Holmes Programmer Analyst Fremont Insurance Company Ph: 231-924-0302 Ext. 145 E-Mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] FW: Slow opening files on Samba Version 3.0.22 (UPDATED)
Hello, We are running Samba Version 3.0.22-13.30-1290-SUSE-SLES10 on an iSeries LPAR with 512 memory and .10 of the processor and a GB NIC. I have successfully joined this server to our Windows 2000 active directory. I have copied over some data and setup some test shares and mapped the share on my pc.I can browse the files in the share with no problem but when I open any type of file on this server it takes 5-10 seconds to open a file. The files I am opening are really small files (around 16k). Closing the file take a little longer than expected. I noticed that when I opened the file on the server the smbd process takes 80% of the CPU until the file is opened. Does anyone have any ideas? Thanks in advance! Will Holmes Programmer Analyst Fremont Insurance Company Ph: 231-924-0302 Ext. 145 E-Mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] FW: Slow opening files on Samba Version 3.0.22 (UPDATED)
On Tue, Aug 07, 2007 at 08:42:35AM -0400, Will Holmes wrote: I noticed that when I opened the file on the server the smbd process takes 80% of the CPU until the file is opened. What is smbd doing at this point? strace -p pid might shed some light on that. Volker pgpx4WuXBVDh3.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] FW: Slow opening files on Samba Version 3.0.22 (UPDATED)
Other people (me included) have seen that. Now that I've moved us to 3.0.24 (Ubuntu 7.04 Feisty Server), I'm not seeing that kind of behavior. I can't be completely sure if it was the upgrade or some changes to my smb.conf required by the upgrade that did it. Do you have a test environment to try out your configuration on 3.0.24 or higher? Will Holmes wrote: Hello, We are running Samba Version 3.0.22-13.30-1290-SUSE-SLES10 on an iSeries LPAR with 512 memory and .10 of the processor and a GB NIC. I have successfully joined this server to our Windows 2000 active directory. I have copied over some data and setup some test shares and mapped the share on my pc.I can browse the files in the share with no problem but when I open any type of file on this server it takes 5-10 seconds to open a file. The files I am opening are really small files (around 16k). Closing the file take a little longer than expected. I noticed that when I opened the file on the server the smbd process takes 80% of the CPU until the file is opened. Does anyone have any ideas? Thanks in advance! Will Holmes Programmer Analyst Fremont Insurance Company Ph: 231-924-0302 Ext. 145 E-Mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows Logoff Deletes Files
I am having the same problem as documented in this post http://lists.samba.org/archive/samba/2004-October/094121.html. I have not been able to find any answers myself. If a file is not modified before the second user logoff, the subsequent logon will show that the files located in the user profile are deleted. If I turn on Do not propagate profile changes to the server, this does not happen, but users are unable to update their profiles such as MS Office toolbars. Does anyone have a fix for this problem? -- Thanks, Matthew Crites -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Newbie Setup.
Hi all, Thanks for all the help sent to me on my previous email. I have a working setup (apparently) using this configuration file: # Samba config file created using SWAT # from 192.168.1.101 (192.168.1.101) # Date: 2007/07/21 16:09:38 [global] workgroup = OFFICE server string = Home UNIX log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 99 [homes] read only = no guest ok = no browseable = no And a regular /usr/local/etc/samba/smbpassword file. Again, All I am looking for is the ability to have my users map thier unix folder on my servers to thier Windows Explorer as another drive, again, that appears to be working. A few last questions if anyone has time for them: 1. Are there any show stopper security risks I need to address with this type of setup? 2. How does Samba allow authenticating from the Samba file when it seems there is no (apparent) mapping to the master.passwd file? 3. For this simple setup, should I be adding any more Samba directives to the samba.conf file? I can't believe it was that simple to setup...should it have been, or am I missing something that created a big security hole? TIA, -Grant P.S. I AM reading all the howtos and Faqs and things! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NTLM-Auth fails agains Win200SP5
Hello List, i have a Problem with NTLM-Auth (squid with ntlm_auth) against Win2000SP5. After updating Win2000SP4 to Win200SP5 no authentification via ntlm is possible: Linux Version: SuSE Linux 8.1 (i386) 2.4.19-4GB Samba Version: samba-3.0.14a Squid Version: squid-2.5.STABLE14 If i try to auth. via console there is no Problem (see below 4,5,6). I attached some tests and the regarding output: Domain where i want to authenticate: DOMAIN6 cut-- 1) gilbi:~ # wbinfo -t checking the trust secret via RPC calls succeeded 2) gilbi:~ # wbinfo --sequence GILBI : 1 BUILTIN : 1 DOMAIN1 : 45 DOMAIN2: DISCONNECTED DOMAIN3: 743 DOMAIN4: 1 DOMAIN5: DISCONNECTED DOMAIN6 : DISCONNECTED 3) gilbi:~ # wbinfo -m GILBI BUILTIN DOMAIN1 DOMAIN2 DOMAIN3 DOMAIN4 DOMAIN5 # COMMENT: no DOMAIN6 - no trust? 4) gilbi:~ # wbinfo -a DOMAIN6\\user%password plaintext password authentication succeeded challenge/response password authentication succeeded 5) gilbi:~ # /usr/local/samba/bin/ntlm_auth --username=user --domain=DOMAIN6 --password=password NT_STATUS_OK: Success (0x0) 6) gilbi:~ # /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic DOMAIN6\user password OK cut-- How can I test the /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp option via command line? What does wbinfo --sequence exactly lists? At the Win2000 Logs i couldn`t see anything. here my smb.conf cut_- [global] workgroup = DOMAIN6 server string = Proxyauthmodule hosts allow = 10. 127. log file = /var/log/messages security = domain password server = DOMAINCONTROLER-DNS encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote browse sync = 10.255.255.255 dns proxy = no domain master = no local master = no preferred master = no os level = 0 winbind uid = 1-2 winbind gid = 1-2 winbind use default domain = yes cut_- PS: The Update (to win200SP5) also includes the actual LDAP-Patch (KB926122 - http://www.microsoft.com/germany/technet/sicherheit/bulletins/ms07-039.mspx). Could this cause a Problem with winbindd? No, or? Mit freundlichen Grüßen Michael Kaiser Business Unit IT-Services Network Solutions InfraServ GmbH Co. Gendorf KG Industriepark Werk GENDORF -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] user profile
Hello all, does anybody know if profile type value in user account available somehow when smbpasswd backend is used? for example to use it to override global setting many thanks in advance -- Best regards Alexander Harlampov IT specialist Melexis Kotelnykova 4 03115 Kiev, Ukraine Tel.: +380-44-459-6853(710) Fax: +380-44-459-6853 E-mail: [EMAIL PROTECTED] Web: http://www.melexis.com _ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] FW: Slow opening files on Samba Version 3.0.22 (UPDATED)
Aaron, I am fairly new to Linux. Is updating samba a difficult process? Thanks in advance!! Will -Original Message- From: Aaron Kincer [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 07, 2007 8:59 AM To: Will Holmes Cc: samba@lists.samba.org Subject: Re: [Samba] FW: Slow opening files on Samba Version 3.0.22 (UPDATED) Other people (me included) have seen that. Now that I've moved us to 3.0.24 (Ubuntu 7.04 Feisty Server), I'm not seeing that kind of behavior. I can't be completely sure if it was the upgrade or some changes to my smb.conf required by the upgrade that did it. Do you have a test environment to try out your configuration on 3.0.24 or higher? Will Holmes wrote: Hello, We are running Samba Version 3.0.22-13.30-1290-SUSE-SLES10 on an iSeries LPAR with 512 memory and .10 of the processor and a GB NIC. I have successfully joined this server to our Windows 2000 active directory. I have copied over some data and setup some test shares and mapped the share on my pc.I can browse the files in the share with no problem but when I open any type of file on this server it takes 5-10 seconds to open a file. The files I am opening are really small files (around 16k). Closing the file take a little longer than expected. I noticed that when I opened the file on the server the smbd process takes 80% of the CPU until the file is opened. Does anyone have any ideas? Thanks in advance! Will Holmes Programmer Analyst Fremont Insurance Company Ph: 231-924-0302 Ext. 145 E-Mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Wireless + samba domain.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Duarte Lázaro wrote, On 07-08-2007 05:56: hi there, for implementing samba domain, whit wireless suport, what are the possible solutions? the frist i think of is cached logins !! are there any others ? What do you mean when you say with wireless support? As long as your client is in your network and properly configured to access you domain/workgroup, it doesn't really matter if their network is wireless, Ethernet, Fast Ethernet, Gigabit Ethernet, Frame Relay, Dial Up, across the ocean... If you are thinking about Road Warriors, people that are connected in your network but have to move on and use the notebook or wi-fi client outside your network (and with no network access), then you can create a local account for them or use cached logins. Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuHxECj65ZxU4gPQRCJTtAJwJ+RVKwHzgUcSozm2EQca1XlEBLwCgrLuI Hn7nWUC7FfcmSlmijXb+Q6s= =6XE+ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Newbie Setup.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Grant Peel wrote, On 07-08-2007 10:42: I have a working setup (apparently) using this configuration file: # Samba config file created using SWAT # from 192.168.1.101 (192.168.1.101) # Date: 2007/07/21 16:09:38 [global] workgroup = OFFICE server string = Home UNIX log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 99 [homes] read only = no guest ok = no browseable = no And a regular /usr/local/etc/samba/smbpassword file. Again, All I am looking for is the ability to have my users map thier unix folder on my servers to thier Windows Explorer as another drive, again, that appears to be working. A few last questions if anyone has time for them: 1. Are there any show stopper security risks I need to address with this type of setup? Maybe, do you have your other parameters like 'security', 'invalid users', probably the result of 'testparm' and 'testparm -v' would make the trick. ;) The default configuration of samba (from official samba source) is pretty sane, but security is a process not a product, so you may have more higher standards of security than others. 2. How does Samba allow authenticating from the Samba file when it seems there is no (apparent) mapping to the master.passwd file? 'testparm' probably can answer that. ;) 3. For this simple setup, should I be adding any more Samba directives to the samba.conf file? Long time ago, and 'old school' sysadmin said to me that you should never trust the defaults, always explicit add in the config file what you want, and if the default change you will be safe. testparm can show you the values as they are now, you can them make the result of testparm your new smb.conf, but there is no big point on doing that if you trust the default values. The Official Samba HOWTO has tips about security all over the chapters, restrict the bind interfaces, the IPs networks, the users, for example, some people use 'valid users = %S' in their [homes]. I can't believe it was that simple to setup...should it have been, or am I missing something that created a big security hole? Samba is simple, it just requires some patience, care and attention. ;) And so far, I didn't see any big security hole, but again, your security is as strong as the weakest link in the chain. The type of your passwords, the measures to ensure they are safe and with right permissions, and other small options can make the difference. P.S. I AM reading all the howtos and Faqs and things! That's good. ;) Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuH8rCj65ZxU4gPQRCLyWAKCGdrUWKPG3pZ6SRuL2yuGRX4r7BgCeNFzR FLb6WaEjLXq5XWhPoSn2+qE= =Zpkt -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] FW: Slow opening files on Samba Version 3.0.22 (UPDATED)
Will Holmes wrote: Aaron, I am fairly new to Linux. Is updating samba a difficult process? Thanks in advance!! Hi, since you are on SLES10, I recommend you to either download and manually upgrade the packages from http://ftp.suse.com/pub/projects/samba/3.0/sles10/ with rpm -Fvh *.rpm. Or you add the link above to your installation sources via rug or yast. Franz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] windbind or ldap ?
Hi, We run a very similar environment to you, where users can login from Windows/Linux with mainly Linux Servers with both NFS/CIFS shares. Although we tried to use winbind we had huge problems with UID/GID inconsistencies between client machines in Linux which plagued us with the inherent permissions problems when they returned back into windows! Eventually we did go ahead with a full LDAP setup, using LDAP as the backend for Samba along with LDAP directly for Linux auth. Overall - all permissions problems have gone and it works beautifully! Unfortunately - and there is only 1 unfortunate thing - and that is the grained control on users. For us this wasn't too big a deal as all our users are the same. What we now do is apply gpedits on the windows boxes to limit roaming profiles as we use folder redirection. To apply this we created a template user with the all of the registry entries created to generate the NTUSER.DAT which we then apply as a Default User from the netlogon share and this just about does it for us! Regards, Martin . Martin Collins Systems Specialist Escape Studios +44 (0) 20 7348 1920 www.escapestudios.com -Original Message- From: Frederic Descamps [mailto:[EMAIL PROTECTED] Sent: 07 August 2007 10:01 To: samba@lists.samba.org Subject: [Samba] windbind or ldap ? Hello, I'd like to know if in a full samba environment is it better to use winbind or ldap to resolve id's ? users will connect from windows clients, linux clients with samba or also with ssh and nfs maybe. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NTLM proxy auth against a Samba 3 server
No, I have the ntlm_auth daemon working fine, authenticating squid proxy users against a Windows 2003 Active Directory server, however I want to replicate this functionality replacing the Windows 2003 server with a Samba 3 server. I.e. is it possible for a Samba 3 server to be the authentication server for the winbindd/ntlm_auth tools? Yes. -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NTLM proxy auth against a Samba 3 server
Hi, Erm, ok, so can you point me in the right direction? If I already have a working NTLM authentication system with squid, ntlm_auth, winbindd running against a windows 2003 server, what do I need to change to make it authenticate against a samba 3 server? I would have tried this myself but I can find no docs anywhere that explain how to do it. Dan... Tuesday, August 7, 2007, 4:24:21 PM, you wrote: No, I have the ntlm_auth daemon working fine, authenticating squid proxy users against a Windows 2003 Active Directory server, however I want to replicate this functionality replacing the Windows 2003 server with a Samba 3 server. I.e. is it possible for a Samba 3 server to be the authentication server for the winbindd/ntlm_auth tools? Yes. -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- Dan Searle Adelix Ltd [EMAIL PROTECTED] web: www.adelix.com tel: 0845 230 9590 / fax: 0845 230 9591 / support: 0845 230 9592 snail: The Old Post Office, Bristol Rd, Hambrook, Bristol BS16 1RY. UK. Adelix Ltd is a registered company in England Wales No. 4232156 VAT registration number 779 4232 91 Adelix Ltd is BS EN ISO 9001:2000 Certified (No. GB 12763) Any views expressed in this email communication are those of the individual sender, except where the sender specifically states them to be the views of a member of Adelix Ltd. Adelix Ltd. does not represent, warrant or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors or interference. Scanned for viruses, spam and offensive content by CensorNet MailSafe Professional Web E-mail Filtering from www.censornet.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Issue when migrating samba domain server to new hardware and samba version
I’m setting up our new server that will handle file storage. The new system is redhat running samba 3.0.23c. We currently have this same service running on DEC server running version 3.0.20 without any issues. Here is the smb.conf for both… [global] passdb backend = ldapsam:ldap://x ldap suffix = dc=temple,dc=edu name resolve order = wins bcast hosts ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap admin dn = x ldap ssl = start tls workgroup = ACSLABS wins server = server string = TUfiles security = domain #log file = /var/log/samba.log log level = 5 Now I think something is messed up with the primary group sids… Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to find an passdb backend to match ldapsam:ldap:/// (ldapsam) Found pdb backend ldapsam smbldap_search_domain_info: Searching for:[( (objectClass=sambaDomain)(sambaDomainName=MYBACKPACK-BE))] smbldap_search_ext: base = [dc=temple,dc=edu], filter = [( (objectClass=sambaDomain)(sambaDomainName=MYBACKPACK-BE))], scope = [2] The connection to the LDAP server was closed smbldap_open_connection: connection opened ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesfully connected pdb backend ldapsam:ldap://x/ has a valid init Netbios name list:- my_netbios_names[0]=MYBACKPACK-BE Attempting to find an passdb backend to match ldapsam:ldap://xx/ (ldapsam) Found pdb backend ldapsam smbldap_search_domain_info: Searching for:[( (objectClass=sambaDomain)(sambaDomainName=MYBACKPACK-BE))] smbldap_search_ext: base = [dc=temple,dc=edu], filter = [( (objectClass=sambaDomain)(sambaDomainName=MYBACKPACK-BE))], scope = [2] The connection to the LDAP server was closed smbldap_open_connection: connection opened ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesfully connected pdb backend ldapsam:ldap://xxx/ has a valid init smbldap_search_ext: base = [dc=temple,dc=edu], filter = [( (uid=nobody)(objectclass=sambaSamAccount))], scope = [2] init_sam_from_ldap: Entry found for user: nobody Home server: mybackpack-be Home server: mybackpack-be Opening cache file at /var/cache/samba/login_cache.tdb Unix username:nobody NT username: nobody Account Flags:[U ] User SID: S-1-5-21-1671181371-3057104424- 2529773789-501 smbldap_search_ext: base = [dc=temple,dc=edu], filter = [( (objectClass=sambaGroupMapping)(gidNumber=99))], scope = [2] ldapsam_getgroup: Did not find group Primary Group SID:S-1-5-21-424765346-3208026686- 854402210-513 Full Name:Nobody Home Directory: \\mybackpack-be\nobody HomeDir Drive: Logon Script: Profile Path: \\mybackpack-be\nobody\profile Domain: MYBACKPACK-BE Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 22:14:07 EST Kickoff time: Mon, 18 Jan 2038 22:14:07 EST Password last set:Wed, 01 Aug 2007 14:39:16 EDT Password can change: Wed, 01 Aug 2007 14:39:16 EDT Password must change: Mon, 18 Jan 2038 22:14:07 EST Last bad password : 0 Bad password count : 0 Logon hours : FF This os what I see in the logs during startup.. only a snippet [2007/08/06 12:25:03, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2007/08/06 12:25:03, 5] auth/auth_util.c:debug_nt_user_token (448) NT user token: (NULL) [2007/08/06 12:25:03, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2007/08/06 12:25:03, 5] lib/smbldap.c:smbldap_search_ext (1179) smbldap_search_ext: base = [dc=temple,dc=edu], filter = [((sambaSID=S-1-5-21-424765346-3208026686-854402210-513) (objectclass=sambaSamAccount))], scope = [2] [2007/08/06 12:25:03, 4] passdb/pdb_ldap.c:ldapsam_getsampwsid(1491) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21- 424765346-3208026686-854402210-513] count=0 [2007/08/06 12:25:03, 5] lib/smbldap.c:smbldap_search_ext (1179) smbldap_search_ext: base = [dc=temple,dc=edu], filter = [((objectClass=sambaGroupMapping)(sambaSID=S-1-5-21- 424765346-3208026686-854402210-513))], scope = [2] [2007/08/06 12:25:03, 4]
[Samba] XP PC hangs when copying file
Hello - I'm trying to copy a file from one samba share to the next. So I would have 2 open shares on my XP PC. I'm dragging the file/or directory onto the second share. At the second I dropped the file the XP PC freezes and after a long time of waiting the file gets copied on the second share and the PC is usable again. If I copy the same file from the share to my PC and then from my PC to the second share it works just fine. Also doing the same, using a dos-cmd shell works just fine. I'm at a loss here. [2007/08/07 11:49:09, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2007/08/07 11:49:09, 0] lib/util_sock.c:write_socket_data(430) write_socket_data: write failure. Error = Connection reset by peer [2007/08/07 11:49:09, 0] lib/util_sock.c:write_socket(455) write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset by peer the samba logfile for my PC shows the above. Any idea? Thank YOU RHEL 4/Samba 3.0.10 -- Ralf Wiegand Albany, NY US -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Limitations on the size of a samba share
I have currently a samba share what is 54GB in size with many, 100's for subdirectories within. Should I have any additional entries in the smb.conf file. [global] workgroup = BIG server string = Linux Samba Server printcap name = /etc/printcap load printers = yes cups options = raw security = ADS realm = somedomaine.org log file = /var/log/samba/%m.log max log size = 50 interfaces = eth0 lo bind interfaces only = yes local master = no wins server = xxx.yyy.zzz.aaa dns proxy = yes -- Ralf Wiegand Albany, NY US -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Limitations on the size of a samba share
On 8/7/07, Ralf Wiegand [EMAIL PROTECTED] wrote: I have currently a samba share what is 54GB in size with many, 100's for subdirectories within. Should I have any additional entries in the smb.conf file. I have a samba share with 3TB of data and millions of files and directories and there is nothing special about the samba.conf for thsi case. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] New installation does not show on network
Ever since installing Fedora 7, samba stopped showing the machine on the network. I can connect to it by entering the machine name (\\lazarus), but it will not show itself from a Windows machine. I tried a command suggested to test if it was listening and this is what I got; $ smbclient -L localhost -U% Domain=[LAZARUS] OS=[Unix] Server=[Samba 3.0.25b-2.fc7] Sharename Type Comment - --- docsDisk IPC$IPC IPC Service (Samba Server Version 3.0.25b-2.fc7) Domain=[LAZARUS] OS=[Unix] Server=[Samba 3.0.25b-2.fc7] Server Comment ---- WorkgroupMaster ---- Notice there is nothing shown under 'Server', 'Comment', 'Workgroup', or 'Master'. Does this suggest anything? In this case, the smb.conf was directly from samba-guide.pdf. # Global Parameters [global] workgroup = MIDEARTH security = SHARE [Plans] path = /plans read only = Yes guest ok = Yes Regards, Durwin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New installation does not show on network
On 8/7/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Ever since installing Fedora 7, samba stopped showing the machine on the network. I can connect to it by entering the machine name (\\lazarus), but it will not show itself from a Windows machine. I tried a command suggested to test if it was listening and this is what I got; $ smbclient -L localhost -U% Domain=[LAZARUS] OS=[Unix] Server=[Samba 3.0.25b-2.fc7] Sharename Type Comment - --- docsDisk IPC$IPC IPC Service (Samba Server Version 3.0.25b-2.fc7) Domain=[LAZARUS] OS=[Unix] Server=[Samba 3.0.25b-2.fc7] Server Comment ---- WorkgroupMaster ---- Notice there is nothing shown under 'Server', 'Comment', 'Workgroup', or 'Master'. Does this suggest anything? In this case, the smb.conf was directly from samba-guide.pdf. # Global Parameters [global] workgroup = MIDEARTH security = SHARE [Plans] path = /plans read only = Yes guest ok = Yes Is nmbd running? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] New installation does not show on network
Thank you, that was it. I had always noticed in earlier versions of Fedora (samba) that nmbd was restarted every time smb was. So I had forgotten about it. I also did not know what it was for and till now, never looked at the man pages on it. Durwin John Drescher [EMAIL PROTECTED] wrote on 08/07/2007 02:19:46 PM: On 8/7/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Ever since installing Fedora 7, samba stopped showing the machine on the network. I can connect to it by entering the machine name (\\lazarus), but it will not show itself from a Windows machine. I tried a command suggested to test if it was listening and this is what I got; $ smbclient -L localhost -U% Domain=[LAZARUS] OS=[Unix] Server=[Samba 3.0.25b-2.fc7 ] Sharename Type Comment - --- docsDisk IPC$IPC IPC Service (Samba Server Version 3.0.25b-2.fc7) Domain=[LAZARUS] OS=[Unix] Server=[Samba 3.0.25b-2.fc7] Server Comment ---- WorkgroupMaster ---- Notice there is nothing shown under 'Server', 'Comment', 'Workgroup', or 'Master'. Does this suggest anything? In this case, the smb.conf was directly from samba-guide.pdf. # Global Parameters [global] workgroup = MIDEARTH security = SHARE [Plans] path = /plans read only = Yes guest ok = Yes Is nmbd running? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NTLM proxy auth against a Samba 3 server
On Tue, 2007-08-07 at 16:41 +0100, Dan Searle wrote: Hi, Erm, ok, so can you point me in the right direction? If I already have a working NTLM authentication system with squid, ntlm_auth, winbindd running against a windows 2003 server, what do I need to change to make it authenticate against a samba 3 server? I would have tried this myself but I can find no docs anywhere that explain how to do it. There isn't much to explain - you join the Samba3 domain just like you join AD. Just follow the instructions for setting up a Samba3 domain member, and you should be fine. Watch out that this can put a *very* heavy load on your Samba DC. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r24263 - in branches/SAMBA_4_0: source/dsdb/samdb/ldb_modules testprogs/ejs
Author: abartlet Date: 2007-08-07 09:01:08 + (Tue, 07 Aug 2007) New Revision: 24263 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24263 Log: Fix bug 4846 (unable to copy users in MMC Active Directory Users and Computers). We now generate a security descriptor for each object, when it is created. This seems to keep MMC happy. The next step is to honour it. Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectclass.c branches/SAMBA_4_0/testprogs/ejs/ldap.js Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectclass.c === --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectclass.c 2007-08-07 05:58:47 UTC (rev 24262) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/objectclass.c 2007-08-07 09:01:08 UTC (rev 24263) @@ -35,6 +35,11 @@ #include ldb/include/ldb_private.h #include dsdb/samdb/samdb.h #include lib/util/dlinklist.h +#include librpc/ndr/libndr.h +#include librpc/gen_ndr/ndr_security.h +#include libcli/security/security.h +#include auth/auth.h + struct oc_context { enum oc_step {OC_DO_REQ, OC_SEARCH_SELF, OC_DO_MOD} step; @@ -196,6 +201,39 @@ return LDB_SUCCESS; } +DATA_BLOB *get_sd(struct ldb_module *module, TALLOC_CTX *mem_ctx, + const struct dsdb_class *objectclass) +{ + NTSTATUS status; + DATA_BLOB *linear_sd; + struct auth_session_info *session_info + = ldb_get_opaque(module-ldb, sessionInfo); + struct security_descriptor *sd = sddl_decode(mem_ctx, + objectclass-defaultSecurityDescriptor, + samdb_domain_sid(module-ldb)); + if (!session_info || !session_info-security_token) { + return NULL; + } + + sd-owner_sid = session_info-security_token-user_sid; + sd-group_sid = session_info-security_token-group_sid; + + linear_sd = talloc(mem_ctx, DATA_BLOB); + if (!linear_sd) { + return NULL; + } + + status = ndr_push_struct_blob(linear_sd, mem_ctx, sd, + (ndr_push_flags_fn_t)ndr_push_security_descriptor); + + if (!NT_STATUS_IS_OK(status)) { + return NULL; + } + + return linear_sd; + +} + static int objectclass_add(struct ldb_module *module, struct ldb_request *req) { struct ldb_message_element *objectclass_element; @@ -266,12 +304,18 @@ talloc_free(mem_ctx); return ret; } - /* Last one */ - if (schema !current-next !ldb_msg_find_element(msg, objectCategory)) { + /* Last one is the critical one */ + if (schema !current-next) { const struct dsdb_class *objectclass = dsdb_class_by_lDAPDisplayName(schema, current-objectclass); if (objectclass) { - ldb_msg_add_string(msg, objectCategory, objectclass-defaultObjectCategory); + if (!ldb_msg_find_element(msg, objectCategory)) { + ldb_msg_add_string(msg, objectCategory, objectclass-defaultObjectCategory); + } + if (!ldb_msg_find_element(msg, ntSecurityDescriptor)) { + DATA_BLOB *sd = get_sd(module, mem_ctx, objectclass); + ldb_msg_add_steal_value(msg, ntSecurityDescriptor, sd); + } } } } Modified: branches/SAMBA_4_0/testprogs/ejs/ldap.js === --- branches/SAMBA_4_0/testprogs/ejs/ldap.js2007-08-07 05:58:47 UTC (rev 24262) +++ branches/SAMBA_4_0/testprogs/ejs/ldap.js2007-08-07 09:01:08 UTC (rev 24263) @@ -258,7 +258,7 @@ assert(res.msgs[0].objectCategory == cn=Person,cn=Schema,cn=Configuration, + base_dn); assert(res.msgs[0].sAMAccountType == 805306368); // assert(res[0].userAccountControl == 546); - + println(Testing ldb.search for ((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration, + base_dn + ))); var res2 = ldb.search(((cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration, + base_dn + ))); if (res2.error != 0 || res2.msgs.length != 1) { @@ -439,8 +439,9 @@ // assert(res.msgs[0].userAccountControl == 4098); +var attrs = new Array(cn, name, objectClass, objectGUID, whenCreated, ntSecurityDescriptor); println(Testing ldb.search for ((cn=ldaptestUSer2)(objectClass=user))); - var res =
Rev 605: fixed typo in http://samba.org/~tridge/3_0-ctdb
revno: 605 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: s3-ctdb-tridge timestamp: Tue 2007-08-07 13:10:27 +1000 message: fixed typo modified: source/nsswitch/idmap_tdb2.c idmap_tdb2.c-20070531053925-e5x7av5etjs83rk0-1 === modified file 'source/nsswitch/idmap_tdb2.c' --- a/source/nsswitch/idmap_tdb2.c 2007-06-18 23:30:03 + +++ b/source/nsswitch/idmap_tdb2.c 2007-08-07 03:10:27 + @@ -890,7 +890,7 @@ goto done; } if (tdb2_store_bystring(kidstr, string_term_tdb_data(ksidstr), TDB_INSERT) == -1) { - DEBUG(0, (Error stroing ID - SID\n)); + DEBUG(0, (Error storing ID - SID\n)); /* try to remove the previous stored SID - ID map */ tdb2_delete(string_term_tdb_data(ksidstr)); tdb2_chainunlock_bystring(ksidstr);
Rev 587: merge from ronnie in http://samba.org/~tridge/ctdb
revno: 587 revision-id: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Andrew Tridgell [EMAIL PROTECTED] branch nick: tridge timestamp: Tue 2007-08-07 13:40:13 +1000 message: merge from ronnie renamed: scsi = utils/scsi_io scsi-20070702055133-iclxpxa82pdb3ue6-1 modified: Makefile.inmakefile.in-20061117234101-o3qt14umlg9en8z0-1 common/cmdline.c cmdline.c-20070416041216-w1zvz91bkdsgjckw-1 config/statd-callout statdcallout-20070531010857-6sdlz455vusye5y5-1 lib/util/debug.c debug.c-20070417155854-2i3crb0irl716qft-1 packaging/RPM/ctdb.specctdb.spec-20070527204758-biuh7znabuwan3zn-3 tools/ctdb.c ctdb_control.c-20070426122705-9ehj1l5lu2gn9kuj-1 web/nfs.html nfs.html-20070608234340-a8i1dxro7a7i6jz6-1 revno: 432.1.178 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Tue 2007-08-07 12:51:25 +1000 message: change error output in ctdb and in ctdb_cmdline_client to print to stderr instead of stdout revno: 432.1.177 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Tue 2007-08-07 12:10:05 +1000 message: add a ctdb command to print the default public ip of a host. revno: 432.1.176 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Tue 2007-08-07 10:47:30 +1000 message: merge from tridge revno: 432.1.175 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Tue 2007-08-07 09:03:51 +1000 message: move scsi/scsi_io.c to utils/scsi/scsi_io.c revno: 432.1.174 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Tue 2007-08-07 07:40:33 +1000 message: we dont use sm-notify any more remove it from the webpage revno: 432.1.173 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Sat 2007-08-04 11:23:04 +1000 message: do not restart lockd/statd when we takeover an ip address this is overkill since 1, we now kill the tcpconnections for lockd in 60.nfs 2, rpc.statd on linux sends out the notifications using the wrong interface anyway which breaks a lot of clients including linux ! use our own smnotify tool instead of sm-notify revno: 432.1.172 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Sat 2007-08-04 10:16:37 +1000 message: update the specfile to install smnotify revno: 432.1.171 merged: [EMAIL PROTECTED] parent: [EMAIL PROTECTED] committer: Ronnie Sahlberg [EMAIL PROTECTED] branch nick: ctdb timestamp: Sat 2007-08-04 10:15:07 +1000 message: install smnotify in $(bindir) Diff too large for email (522, the limit is 200).
svn commit: samba r24264 - in branches/4.0-regwrite/source: . lib/registry lib/registry/tests
Author: jelmer Date: 2007-08-07 11:08:49 + (Tue, 07 Aug 2007) New Revision: 24264 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24264 Log: Fix QueryInfoKey calls. Modified: branches/4.0-regwrite/source/lib/registry/local.c branches/4.0-regwrite/source/lib/registry/tests/registry.c branches/4.0-regwrite/source/samba4-skip Changeset: Modified: branches/4.0-regwrite/source/lib/registry/local.c === --- branches/4.0-regwrite/source/lib/registry/local.c 2007-08-07 09:01:08 UTC (rev 24263) +++ branches/4.0-regwrite/source/lib/registry/local.c 2007-08-07 11:08:49 UTC (rev 24264) @@ -236,6 +236,20 @@ return hive_key_flush(local-hive_key); } +static WERROR local_get_key_info (TALLOC_CTX *mem_ctx, + const struct registry_key *key, + const char **classname, + uint32_t *num_subkeys, + uint32_t *num_values, + NTTIME *last_change_time) +{ + const struct local_key *local = (const struct local_key *)key; + + return hive_key_get_info(mem_ctx, local-hive_key, +classname, num_subkeys, num_values, +last_change_time); +} + const static struct registry_operations local_ops = { .name = local, .open_key = local_open_key, @@ -248,6 +262,7 @@ .delete_key = local_delete_key, .delete_value = local_delete_value, .flush_key = local_flush_key, + .get_key_info = local_get_key_info, }; WERROR reg_open_local(TALLOC_CTX *mem_ctx, struct registry_context **ctx, Modified: branches/4.0-regwrite/source/lib/registry/tests/registry.c === --- branches/4.0-regwrite/source/lib/registry/tests/registry.c 2007-08-07 09:01:08 UTC (rev 24263) +++ branches/4.0-regwrite/source/lib/registry/tests/registry.c 2007-08-07 11:08:49 UTC (rev 24264) @@ -132,6 +132,32 @@ return true; } +static bool test_query_key(struct torture_context *tctx, const void *_data) +{ + const struct registry_context *rctx = _data; + struct registry_key *root, *subkey; + WERROR error; + NTTIME last_changed_time; + uint32_t num_subkeys, num_values; + const char *classname; + + if (!create_test_key(tctx, rctx, Munchen, root, subkey)) + return false; + + error = reg_key_get_info(tctx, subkey, +classname, +num_subkeys, +num_values, +last_changed_time); + + torture_assert_werr_ok(tctx, error, get info key); + torture_assert(tctx, classname == NULL, classname); + torture_assert_int_equal(tctx, num_subkeys, 0, num subkeys); + torture_assert_int_equal(tctx, num_values, 0, num subkeys); + + return true; +} + /** * Test that the subkeys of a key can be enumerated, that * the returned parameters for get_subkey_by_index are optional and @@ -341,6 +367,7 @@ torture_tcase_add_simple_test(tcase, del_key, test_del_key); torture_tcase_add_simple_test(tcase, del_value, test_del_value); torture_tcase_add_simple_test(tcase, flush_key, test_flush_key); + torture_tcase_add_simple_test(tcase, query_key, test_query_key); } struct torture_suite *torture_registry_registry(TALLOC_CTX *mem_ctx) Modified: branches/4.0-regwrite/source/samba4-skip === --- branches/4.0-regwrite/source/samba4-skip2007-08-07 09:01:08 UTC (rev 24263) +++ branches/4.0-regwrite/source/samba4-skip2007-08-07 11:08:49 UTC (rev 24264) @@ -46,5 +46,4 @@ RPC-DSSYNC RPC-EPMAPPER RPC-INITSHUTDOWN -RPC-WINREG RPC-SAMSYNC
svn commit: samba r24265 - in branches: SAMBA_3_2/source/lib SAMBA_3_2_0/source/lib
Author: vlendec Date: 2007-08-07 11:21:48 + (Tue, 07 Aug 2007) New Revision: 24265 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24265 Log: Add the tdb_hashsize:tdbname parameter This makes it possible to set the default hashsize for any tdb. I would like to remove the open files database hash size in favor of this one. I'll check that removal in with the next commit, please complain/revert if it's not ok. Volker Modified: branches/SAMBA_3_2/source/lib/util_tdb.c branches/SAMBA_3_2_0/source/lib/util_tdb.c Changeset: Modified: branches/SAMBA_3_2/source/lib/util_tdb.c === --- branches/SAMBA_3_2/source/lib/util_tdb.c2007-08-07 11:08:49 UTC (rev 24264) +++ branches/SAMBA_3_2/source/lib/util_tdb.c2007-08-07 11:21:48 UTC (rev 24265) @@ -696,6 +696,17 @@ log_ctx.log_fn = tdb_log; log_ctx.log_private = NULL; + if (hash_size == 0) { + const char *base = strrchr_m(name, '/'); + if (base != NULL) { + base += 1; + } + else { + base = name; + } + hash_size = lp_parm_int(-1, tdb_hashsize, base, 0); + } + tdb = tdb_open_ex(name, hash_size, tdb_flags, open_flags, mode, log_ctx, NULL); if (!tdb) @@ -929,6 +940,17 @@ return NULL; } + if (hash_size == 0) { + const char *base = strrchr_m(name, '/'); + if (base != NULL) { + base += 1; + } + else { + base = name; + } + hash_size = lp_parm_int(-1, tdb_hashsize, base, 0); + } + w-tdb = tdb_open_ex(name, hash_size, tdb_flags, open_flags, mode, log_ctx, NULL); if (w-tdb == NULL) { Modified: branches/SAMBA_3_2_0/source/lib/util_tdb.c === --- branches/SAMBA_3_2_0/source/lib/util_tdb.c 2007-08-07 11:08:49 UTC (rev 24264) +++ branches/SAMBA_3_2_0/source/lib/util_tdb.c 2007-08-07 11:21:48 UTC (rev 24265) @@ -696,6 +696,17 @@ log_ctx.log_fn = tdb_log; log_ctx.log_private = NULL; + if (hash_size == 0) { + const char *base = strrchr_m(name, '/'); + if (base != NULL) { + base += 1; + } + else { + base = name; + } + hash_size = lp_parm_int(-1, tdb_hashsize, base, 0); + } + tdb = tdb_open_ex(name, hash_size, tdb_flags, open_flags, mode, log_ctx, NULL); if (!tdb) @@ -929,6 +940,17 @@ return NULL; } + if (hash_size == 0) { + const char *base = strrchr_m(name, '/'); + if (base != NULL) { + base += 1; + } + else { + base = name; + } + hash_size = lp_parm_int(-1, tdb_hashsize, base, 0); + } + w-tdb = tdb_open_ex(name, hash_size, tdb_flags, open_flags, mode, log_ctx, NULL); if (w-tdb == NULL) {
svn commit: samba r24266 - in branches: SAMBA_3_2/source/locking SAMBA_3_2/source/param SAMBA_3_2_0/source/locking SAMBA_3_2_0/source/param
Author: vlendec Date: 2007-08-07 11:28:04 + (Tue, 07 Aug 2007) New Revision: 24266 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24266 Log: Remove the open files database hash size parameter This has been superseded by the tdb_hashsize:tdbname parameter Modified: branches/SAMBA_3_2/source/locking/brlock.c branches/SAMBA_3_2/source/locking/locking.c branches/SAMBA_3_2/source/param/loadparm.c branches/SAMBA_3_2_0/source/locking/brlock.c branches/SAMBA_3_2_0/source/locking/locking.c branches/SAMBA_3_2_0/source/param/loadparm.c Changeset: Modified: branches/SAMBA_3_2/source/locking/brlock.c === --- branches/SAMBA_3_2/source/locking/brlock.c 2007-08-07 11:21:48 UTC (rev 24265) +++ branches/SAMBA_3_2/source/locking/brlock.c 2007-08-07 11:28:04 UTC (rev 24266) @@ -263,8 +263,7 @@ if (brlock_db) { return; } - brlock_db = db_open(NULL, lock_path(brlock.tdb), - lp_open_files_db_hash_size(), + brlock_db = db_open(NULL, lock_path(brlock.tdb), 0, TDB_DEFAULT |TDB_VOLATILE |(read_only?0x0:TDB_CLEAR_IF_FIRST), Modified: branches/SAMBA_3_2/source/locking/locking.c === --- branches/SAMBA_3_2/source/locking/locking.c 2007-08-07 11:21:48 UTC (rev 24265) +++ branches/SAMBA_3_2/source/locking/locking.c 2007-08-07 11:28:04 UTC (rev 24266) @@ -394,8 +394,7 @@ if (lock_db) return True; - lock_db = db_open(NULL, lock_path(locking.tdb), - lp_open_files_db_hash_size(), + lock_db = db_open(NULL, lock_path(locking.tdb), 0, TDB_DEFAULT |TDB_VOLATILE |(read_only?0x0:TDB_CLEAR_IF_FIRST), Modified: branches/SAMBA_3_2/source/param/loadparm.c === --- branches/SAMBA_3_2/source/param/loadparm.c 2007-08-07 11:21:48 UTC (rev 24265) +++ branches/SAMBA_3_2/source/param/loadparm.c 2007-08-07 11:28:04 UTC (rev 24266) @@ -1042,7 +1042,6 @@ {max disk size, P_INTEGER, P_GLOBAL, Globals.maxdisksize, NULL, NULL, FLAG_ADVANCED}, {max open files, P_INTEGER, P_GLOBAL, Globals.max_open_files, NULL, NULL, FLAG_ADVANCED}, {min print space, P_INTEGER, P_LOCAL, sDefault.iMinPrintSpace, NULL, NULL, FLAG_ADVANCED | FLAG_PRINT}, - {open files database hash size, P_INTEGER, P_GLOBAL, Globals.open_files_db_hash_size, NULL, NULL, FLAG_ADVANCED}, {socket options, P_GSTRING, P_GLOBAL, user_socket_options, NULL, NULL, FLAG_ADVANCED}, {strict allocate, P_BOOL, P_LOCAL, sDefault.bStrictAllocate, NULL, NULL, FLAG_ADVANCED | FLAG_SHARE}, Modified: branches/SAMBA_3_2_0/source/locking/brlock.c === --- branches/SAMBA_3_2_0/source/locking/brlock.c2007-08-07 11:21:48 UTC (rev 24265) +++ branches/SAMBA_3_2_0/source/locking/brlock.c2007-08-07 11:28:04 UTC (rev 24266) @@ -263,8 +263,7 @@ if (brlock_db) { return; } - brlock_db = db_open(NULL, lock_path(brlock.tdb), - lp_open_files_db_hash_size(), + brlock_db = db_open(NULL, lock_path(brlock.tdb), 0, TDB_DEFAULT |TDB_VOLATILE |(read_only?0x0:TDB_CLEAR_IF_FIRST), Modified: branches/SAMBA_3_2_0/source/locking/locking.c === --- branches/SAMBA_3_2_0/source/locking/locking.c 2007-08-07 11:21:48 UTC (rev 24265) +++ branches/SAMBA_3_2_0/source/locking/locking.c 2007-08-07 11:28:04 UTC (rev 24266) @@ -394,8 +394,7 @@ if (lock_db) return True; - lock_db = db_open(NULL, lock_path(locking.tdb), - lp_open_files_db_hash_size(), + lock_db = db_open(NULL, lock_path(locking.tdb), 0, TDB_DEFAULT |TDB_VOLATILE |(read_only?0x0:TDB_CLEAR_IF_FIRST), Modified: branches/SAMBA_3_2_0/source/param/loadparm.c === --- branches/SAMBA_3_2_0/source/param/loadparm.c2007-08-07 11:21:48 UTC (rev 24265) +++ branches/SAMBA_3_2_0/source/param/loadparm.c2007-08-07 11:28:04 UTC (rev 24266) @@ -1045,7 +1045,6 @@ {max disk size, P_INTEGER, P_GLOBAL, Globals.maxdisksize, NULL, NULL, FLAG_ADVANCED}, {max open files, P_INTEGER, P_GLOBAL, Globals.max_open_files, NULL, NULL, FLAG_ADVANCED}, {min print space, P_INTEGER, P_LOCAL, sDefault.iMinPrintSpace, NULL, NULL, FLAG_ADVANCED | FLAG_PRINT}, - {open files
svn commit: samba r24267 - in branches: SAMBA_3_2/source/lib SAMBA_3_2_0/source/lib
Author: vlendec Date: 2007-08-07 11:50:03 + (Tue, 07 Aug 2007) New Revision: 24267 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24267 Log: Fix the build farm I had only tested with net getlocalsid. posix_locking_init() calls this with a NULL name... Modified: branches/SAMBA_3_2/source/lib/util_tdb.c branches/SAMBA_3_2_0/source/lib/util_tdb.c Changeset: Modified: branches/SAMBA_3_2/source/lib/util_tdb.c === --- branches/SAMBA_3_2/source/lib/util_tdb.c2007-08-07 11:28:04 UTC (rev 24266) +++ branches/SAMBA_3_2/source/lib/util_tdb.c2007-08-07 11:50:03 UTC (rev 24267) @@ -696,7 +696,7 @@ log_ctx.log_fn = tdb_log; log_ctx.log_private = NULL; - if (hash_size == 0) { + if ((hash_size == 0) (name != NULL)) { const char *base = strrchr_m(name, '/'); if (base != NULL) { base += 1; @@ -940,7 +940,7 @@ return NULL; } - if (hash_size == 0) { + if ((hash_size == 0) (name != NULL)) { const char *base = strrchr_m(name, '/'); if (base != NULL) { base += 1; Modified: branches/SAMBA_3_2_0/source/lib/util_tdb.c === --- branches/SAMBA_3_2_0/source/lib/util_tdb.c 2007-08-07 11:28:04 UTC (rev 24266) +++ branches/SAMBA_3_2_0/source/lib/util_tdb.c 2007-08-07 11:50:03 UTC (rev 24267) @@ -696,7 +696,7 @@ log_ctx.log_fn = tdb_log; log_ctx.log_private = NULL; - if (hash_size == 0) { + if ((hash_size == 0) (name != NULL)) { const char *base = strrchr_m(name, '/'); if (base != NULL) { base += 1; @@ -940,7 +940,7 @@ return NULL; } - if (hash_size == 0) { + if ((hash_size == 0) (name != NULL)) { const char *base = strrchr_m(name, '/'); if (base != NULL) { base += 1;
svn commit: samba r24268 - in branches: SAMBA_3_2/source/smbd SAMBA_3_2_0/source/smbd
Author: vlendec Date: 2007-08-07 13:10:21 + (Tue, 07 Aug 2007) New Revision: 24268 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24268 Log: Fix two crashes for spoolss strlcpy does not like a NULL source. Fix a use-after-free. Modified: branches/SAMBA_3_2/source/smbd/connection.c branches/SAMBA_3_2_0/source/smbd/connection.c Changeset: Modified: branches/SAMBA_3_2/source/smbd/connection.c === --- branches/SAMBA_3_2/source/smbd/connection.c 2007-08-07 11:50:03 UTC (rev 24267) +++ branches/SAMBA_3_2/source/smbd/connection.c 2007-08-07 13:10:21 UTC (rev 24268) @@ -206,7 +206,7 @@ doreg ? adding : removing, (unsigned int)msg_flags )); - if (!(rec = connections_fetch_entry(NULL, NULL, NULL))) { + if (!(rec = connections_fetch_entry(NULL, NULL, ))) { DEBUG(0, (connections_fetch_entry failed\n)); return False; } @@ -225,17 +225,18 @@ status = rec-store(rec, rec-value, TDB_REPLACE); - TALLOC_FREE(rec); - if (!NT_STATUS_IS_OK(status)) { DEBUG(0,(register_message_flags: tdb_store failed: %s.\n, nt_errstr(status))); + TALLOC_FREE(rec); return False; } DEBUG(10,(register_message_flags: new flags 0x%x\n, (unsigned int)pcrec-bcast_msg_flags )); + TALLOC_FREE(rec); + return True; } Modified: branches/SAMBA_3_2_0/source/smbd/connection.c === --- branches/SAMBA_3_2_0/source/smbd/connection.c 2007-08-07 11:50:03 UTC (rev 24267) +++ branches/SAMBA_3_2_0/source/smbd/connection.c 2007-08-07 13:10:21 UTC (rev 24268) @@ -179,7 +179,7 @@ doreg ? adding : removing, (unsigned int)msg_flags )); - if (!(rec = connections_fetch_entry(NULL, NULL, NULL))) { + if (!(rec = connections_fetch_entry(NULL, NULL, ))) { DEBUG(0, (connections_fetch_entry failed\n)); return False; } @@ -198,17 +198,18 @@ status = rec-store(rec, rec-value, TDB_REPLACE); - TALLOC_FREE(rec); - if (!NT_STATUS_IS_OK(status)) { DEBUG(0,(register_message_flags: tdb_store failed: %s.\n, nt_errstr(status))); + TALLOC_FREE(rec); return False; } DEBUG(10,(register_message_flags: new flags 0x%x\n, (unsigned int)pcrec-bcast_msg_flags )); + TALLOC_FREE(rec); + return True; }
svn commit: samba r24269 - in branches/SAMBA_3_2/source/smbd: .
Author: vlendec Date: 2007-08-07 13:12:46 + (Tue, 07 Aug 2007) New Revision: 24269 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24269 Log: Check wct in reply_write_and_X Modified: branches/SAMBA_3_2/source/smbd/reply.c Changeset: Modified: branches/SAMBA_3_2/source/smbd/reply.c === --- branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:10:21 UTC (rev 24268) +++ branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:12:46 UTC (rev 24269) @@ -3273,18 +3273,31 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2)); - SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); - size_t numtowrite = SVAL(inbuf,smb_vwv10); - BOOL write_through = BITSETW(inbuf+smb_vwv7,0); - ssize_t nwritten = -1; - unsigned int smb_doff = SVAL(inbuf,smb_vwv11); - unsigned int smblen = smb_len(inbuf); + files_struct *fsp; + SMB_OFF_T startpos; + size_t numtowrite; + BOOL write_through; + ssize_t nwritten; + unsigned int smb_doff; + unsigned int smblen; char *data; - BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) (smblen 0x)); + BOOL large_writeX; NTSTATUS status; + START_PROFILE(SMBwriteX); + if ((CVAL(inbuf, smb_wct) != 12) (CVAL(inbuf, smb_wct) != 14)) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } + + fsp = file_fsp(SVAL(inbuf,smb_vwv2)); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); + numtowrite = SVAL(inbuf,smb_vwv10); + write_through = BITSETW(inbuf+smb_vwv7,0); + smb_doff = SVAL(inbuf,smb_vwv11); + smblen = smb_len(inbuf); + large_writeX = ((CVAL(inbuf,smb_wct) == 14) (smblen 0x)); + /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { END_PROFILE(SMBwriteX);
svn commit: samba r24270 - in branches/SAMBA_3_2/source/smbd: .
Author: vlendec Date: 2007-08-07 13:14:49 + (Tue, 07 Aug 2007) New Revision: 24270 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24270 Log: Fix some END_PROFILE(SMBwriteX) Modified: branches/SAMBA_3_2/source/smbd/reply.c Changeset: Modified: branches/SAMBA_3_2/source/smbd/reply.c === --- branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:12:46 UTC (rev 24269) +++ branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:14:49 UTC (rev 24270) @@ -3287,6 +3287,7 @@ START_PROFILE(SMBwriteX); if ((CVAL(inbuf, smb_wct) != 12) (CVAL(inbuf, smb_wct) != 14)) { + END_PROFILE(SMBwriteX); return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } @@ -3306,6 +3307,7 @@ CHECK_FSP(fsp,conn); if (!CHECK_WRITE(fsp)) { + END_PROFILE(SMBwriteX); return(ERROR_DOS(ERRDOS,ERRbadaccess)); } @@ -3388,9 +3390,9 @@ status = sync_file(conn, fsp, write_through); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBwriteX); DEBUG(5,(reply_write_and_X: sync_file for %s returned %s\n, fsp-fsp_name, nt_errstr(status) )); + END_PROFILE(SMBwriteX); return ERROR_NT(status); }
svn commit: samba r24271 - in branches/SAMBA_3_2/source/smbd: .
Author: vlendec Date: 2007-08-07 13:43:02 + (Tue, 07 Aug 2007) New Revision: 24271 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24271 Log: Push reply_prep_legacy into reply_write_and_X Modified: branches/SAMBA_3_2/source/smbd/process.c branches/SAMBA_3_2/source/smbd/reply.c Changeset: Modified: branches/SAMBA_3_2/source/smbd/process.c === --- branches/SAMBA_3_2/source/smbd/process.c2007-08-07 13:14:49 UTC (rev 24270) +++ branches/SAMBA_3_2/source/smbd/process.c2007-08-07 13:43:02 UTC (rev 24271) @@ -735,7 +735,7 @@ /* 0x2c */ { SMBwriteclose,reply_writeclose,NULL,AS_USER}, /* 0x2d */ { SMBopenX,NULL,reply_open_and_X,AS_USER | CAN_IPC }, /* 0x2e */ { SMBreadX,reply_read_and_X,NULL,AS_USER | CAN_IPC }, -/* 0x2f */ { SMBwriteX,reply_write_and_X,NULL,AS_USER | CAN_IPC }, +/* 0x2f */ { SMBwriteX,NULL,reply_write_and_X,AS_USER | CAN_IPC }, /* 0x30 */ { NULL, NULL, NULL, 0 }, /* 0x31 */ { NULL, NULL, NULL, 0 }, /* 0x32 */ { SMBtrans2, NULL,reply_trans2, AS_USER | CAN_IPC }, Modified: branches/SAMBA_3_2/source/smbd/reply.c === --- branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:14:49 UTC (rev 24270) +++ branches/SAMBA_3_2/source/smbd/reply.c 2007-08-07 13:43:02 UTC (rev 24271) @@ -3271,7 +3271,7 @@ Reply to a write and X. / -int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +void reply_write_and_X(connection_struct *conn, struct smb_request *req) { files_struct *fsp; SMB_OFF_T startpos; @@ -3284,11 +3284,21 @@ BOOL large_writeX; NTSTATUS status; + char *inbuf, *outbuf; + int length, bufsize; + START_PROFILE(SMBwriteX); + if (!reply_prep_legacy(req, inbuf, outbuf, length, bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBwriteX); + return; + } + if ((CVAL(inbuf, smb_wct) != 12) (CVAL(inbuf, smb_wct) != 14)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBwriteX); - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + return; } fsp = file_fsp(SVAL(inbuf,smb_vwv2)); @@ -3301,17 +3311,25 @@ /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { + reply_post_legacy( + req, + reply_pipe_write_and_X(inbuf,outbuf,length,bufsize)); END_PROFILE(SMBwriteX); - return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize); + return; } - CHECK_FSP(fsp,conn); + if (!check_fsp(conn, req, fsp, current_user)) { + END_PROFILE(SMBwriteX); + return; + } + if (!CHECK_WRITE(fsp)) { + reply_doserror(req, ERRDOS, ERRbadaccess); END_PROFILE(SMBwriteX); - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + return; } - set_message(inbuf,outbuf,6,0,True); + set_message(inbuf, outbuf, 6, 0, True); /* Deal with possible LARGE_WRITEX */ if (large_writeX) { @@ -3319,8 +3337,9 @@ } if(smb_doff smblen || (smb_doff + numtowrite smblen)) { + reply_doserror(req, ERRDOS, ERRbadmem); END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRbadmem); + return; } data = smb_base(inbuf) + smb_doff; @@ -3339,18 +3358,23 @@ */ if(IVAL(inbuf,smb_vwv12) != 0) { - DEBUG(0,(reply_write_and_X - large offset (%x 32) used and we don't support \ -64 bit offsets.\n, (unsigned int)IVAL(inbuf,smb_vwv12) )); + DEBUG(0,(reply_write_and_X - large offset (%x 32) +used and we don't support 64 bit offsets.\n, +(unsigned int)IVAL(inbuf,smb_vwv12) )); + reply_doserror(req, ERRDOS, ERRbadaccess); END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRbadaccess); + return; } #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid), + (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos, WRITE_LOCK)) { + reply_doserror(req, ERRDOS, ERRlock); END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRlock); + return; } /* X/Open SMB protocol
svn commit: samba r24272 - in branches/SAMBA_3_2/source/smbd: .
Author: metze Date: 2007-08-07 14:06:27 + (Tue, 07 Aug 2007) New Revision: 24272 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24272 Log: try to fix the build on irix... metze Modified: branches/SAMBA_3_2/source/smbd/oplock_irix.c Changeset: Modified: branches/SAMBA_3_2/source/smbd/oplock_irix.c === --- branches/SAMBA_3_2/source/smbd/oplock_irix.c2007-08-07 13:43:02 UTC (rev 24271) +++ branches/SAMBA_3_2/source/smbd/oplock_irix.c2007-08-07 14:06:27 UTC (rev 24272) @@ -96,6 +96,7 @@ extern int smb_read_error; oplock_stat_t os; char dummy; + struct file_id fileid; files_struct *fsp; /* Ensure we only get one call per select fd set. */ @@ -137,11 +138,14 @@ /* * We only have device and inode info here - we have to guess that this * is the first fsp open with this dev,ino pair. +* +* NOTE: this doesn't work if any VFS modules overloads +* the file_id_create() hook! */ - if ((fsp = file_find_di_first( -file_id_create((SMB_DEV_T)os.os_dev, - (SMB_INO_T)os.os_ino))) == NULL) { + fileid = file_id_create_dev((SMB_DEV_T)os.os_dev, + (SMB_INO_T)os.os_ino); + if ((fsp = file_find_di_first(fileid)) == NULL) { DEBUG(0,(irix_oplock_receive_message: unable to find open file with dev = %x, inode = %.0f\n, (unsigned int)os.os_dev, (double)os.os_ino ));
Build status as of Wed Aug 8 00:00:01 2007
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2007-08-07 00:01:52.0 + +++ /home/build/master/cache/broken_results.txt 2007-08-08 00:01:39.0 + @@ -1,4 +1,4 @@ -Build status as of Tue Aug 7 00:00:02 2007 +Build status as of Wed Aug 8 00:00:01 2007 Build counts: Tree Total Broken Panic @@ -7,7 +7,7 @@ ccache 31 8 0 ctdb 0 0 0 distcc 2 0 0 -ldb 30 4 0 +ldb 31 4 0 libreplace 30 10 0 lorikeet-heimdal 27 12 0 pidl 18 4 0 @@ -17,7 +17,7 @@ samba-docs 0 0 0 samba-gtk2 2 0 samba4 29 25 3 -samba_3_233 23 0 +samba_3_233 20 0 smb-build29 29 0 talloc 32 1 0 tdb 31 3 0
svn commit: samba r24273 - in branches/SAMBA_4_0/source/lib/util: .
Author: abartlet Date: 2007-08-08 02:41:12 + (Wed, 08 Aug 2007) New Revision: 24273 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24273 Log: Fix bug #4817 by [EMAIL PROTECTED]. (Unable to add a computer from MMC Active Directory Users and Computers). Windows sets a 14 UCS2 char buffer as the password in this case. We need to allow random buffers to be accepted as complex passwords, even if they don't have ASCII upper or lower case characters. (If half the bytes are 127, then it's likely a random buffer). Also make the test match the documented windows behaviour of '3 of the 4 classes: upper, lower, digit, special'. Andrew Bartlett Modified: branches/SAMBA_4_0/source/lib/util/genrand.c Changeset: Modified: branches/SAMBA_4_0/source/lib/util/genrand.c === --- branches/SAMBA_4_0/source/lib/util/genrand.c2007-08-07 14:06:27 UTC (rev 24272) +++ branches/SAMBA_4_0/source/lib/util/genrand.c2007-08-08 02:41:12 UTC (rev 24273) @@ -265,19 +265,24 @@ **/ _PUBLIC_ BOOL check_password_quality(const char *s) { - int has_digit=0, has_capital=0, has_lower=0; + int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0; while (*s) { if (isdigit((unsigned char)*s)) { - has_digit++; + has_digit |= 1; } else if (isupper((unsigned char)*s)) { - has_capital++; + has_capital |= 1; } else if (islower((unsigned char)*s)) { - has_lower++; + has_lower |= 1; + } else if (isascii((unsigned char)*s)) { + has_special |= 1; + } else { + has_high++; } s++; } - return has_digit has_lower has_capital; + return ((has_digit + has_lower + has_capital + has_special) = 3 + || (has_high strlen(s)/2)); } /**
svn commit: samba r24274 - in branches/SAMBA_4_0/source/cluster/ctdb: . client common include packaging/RPM
Author: tridge Date: 2007-08-08 03:18:51 + (Wed, 08 Aug 2007) New Revision: 24274 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24274 Log: - merge from ctdb bzr tree - use ctdb_attach() instead of ctdb_db_handle() - make ctdb_attach() return an existing db handle if it exists Modified: branches/SAMBA_4_0/source/cluster/ctdb/client/ctdb_client.c branches/SAMBA_4_0/source/cluster/ctdb/common/cmdline.c branches/SAMBA_4_0/source/cluster/ctdb/common/ctdb_util.c branches/SAMBA_4_0/source/cluster/ctdb/configure.ac branches/SAMBA_4_0/source/cluster/ctdb/include/ctdb.h branches/SAMBA_4_0/source/cluster/ctdb/include/ctdb_private.h branches/SAMBA_4_0/source/cluster/ctdb/opendb_ctdb.c branches/SAMBA_4_0/source/cluster/ctdb/packaging/RPM/ctdb.spec Changeset: Modified: branches/SAMBA_4_0/source/cluster/ctdb/client/ctdb_client.c === --- branches/SAMBA_4_0/source/cluster/ctdb/client/ctdb_client.c 2007-08-08 02:41:12 UTC (rev 24273) +++ branches/SAMBA_4_0/source/cluster/ctdb/client/ctdb_client.c 2007-08-08 03:18:51 UTC (rev 24274) @@ -1432,6 +1432,11 @@ int ret; int32_t res; + ctdb_db = ctdb_db_handle(ctdb, name); + if (ctdb_db) { + return ctdb_db; + } + ctdb_db = talloc_zero(ctdb, struct ctdb_db_context); CTDB_NO_MEMORY_NULL(ctdb, ctdb_db); @@ -2095,6 +2100,59 @@ /* + kill a tcp connection + */ +int ctdb_ctrl_killtcp(struct ctdb_context *ctdb, + struct timeval timeout, + uint32_t destnode, + struct ctdb_control_killtcp *killtcp) +{ + TDB_DATA data; + int32_t res; + int ret; + + data.dsize = sizeof(struct ctdb_control_killtcp); + data.dptr = (unsigned char *)killtcp; + + ret = ctdb_control(ctdb, destnode, 0, CTDB_CONTROL_KILL_TCP, 0, data, NULL, + NULL, res, timeout, NULL); + if (ret != 0 || res != 0) { + DEBUG(0,(__location__ ctdb_control for killtcp failed\n)); + return -1; + } + + return 0; +} + +/* + get a list of all tcp tickles that a node knows about for a particular vnn + */ +int ctdb_ctrl_get_tcp_tickles(struct ctdb_context *ctdb, + struct timeval timeout, uint32_t destnode, + TALLOC_CTX *mem_ctx, uint32_t vnn, + struct ctdb_control_tcp_tickle_list **list) +{ + int ret; + TDB_DATA data, outdata; + int32_t status; + + data.dptr = (uint8_t*)vnn; + data.dsize = sizeof(vnn); + + ret = ctdb_control(ctdb, destnode, 0, + CTDB_CONTROL_GET_TCP_TICKLE_LIST, 0, data, + mem_ctx, outdata, status, NULL, NULL); + if (ret != 0) { + DEBUG(0,(__location__ ctdb_control for get tcp tickles failed\n)); + return -1; + } + + *list = (struct ctdb_control_tcp_tickle_list *)outdata.dptr; + + return status; +} + +/* initialise the ctdb daemon for client applications NOTE: In current code the daemon does not fork. This is for testing purposes only @@ -2109,6 +2167,8 @@ ctdb-idr = idr_init(ctdb); CTDB_NO_MEMORY_NULL(ctdb, ctdb-idr); + ctdb_set_socketname(ctdb, CTDB_PATH); + return ctdb; } Modified: branches/SAMBA_4_0/source/cluster/ctdb/common/cmdline.c === --- branches/SAMBA_4_0/source/cluster/ctdb/common/cmdline.c 2007-08-08 02:41:12 UTC (rev 24273) +++ branches/SAMBA_4_0/source/cluster/ctdb/common/cmdline.c 2007-08-08 03:18:51 UTC (rev 24274) @@ -102,20 +102,20 @@ /* initialise ctdb */ ctdb = ctdb_init(ev); if (ctdb == NULL) { - printf(Failed to init ctdb\n); + fprintf(stderr, Failed to init ctdb\n); exit(1); } /* tell ctdb the socket address */ ret = ctdb_set_socketname(ctdb, ctdb_cmdline.socketname); if (ret == -1) { - printf(ctdb_set_socketname failed - %s\n, ctdb_errstr(ctdb)); + fprintf(stderr, ctdb_set_socketname failed - %s\n, ctdb_errstr(ctdb)); exit(1); } ret = ctdb_socket_connect(ctdb); if (ret != 0) { - DEBUG(0,(__location__ Failed to connect to daemon\n)); + fprintf(stderr, __location__ Failed to connect to daemon\n); talloc_free(ctdb); return NULL; } Modified: branches/SAMBA_4_0/source/cluster/ctdb/common/ctdb_util.c === --- branches/SAMBA_4_0/source/cluster/ctdb/common/ctdb_util.c 2007-08-08 02:41:12 UTC (rev 24273) +++ branches/SAMBA_4_0/source/cluster/ctdb/common/ctdb_util.c 2007-08-08 03:18:51 UTC (rev
svn commit: samba r24275 - in branches/SAMBA_4_0/source/cluster/ctdb: .
Author: tridge Date: 2007-08-08 03:19:38 + (Wed, 08 Aug 2007) New Revision: 24275 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24275 Log: - setup the connection to the ctdb daemon - disable the brlock ctdb backend for now Modified: branches/SAMBA_4_0/source/cluster/ctdb/ctdb_cluster.c Changeset: Modified: branches/SAMBA_4_0/source/cluster/ctdb/ctdb_cluster.c === --- branches/SAMBA_4_0/source/cluster/ctdb/ctdb_cluster.c 2007-08-08 03:18:51 UTC (rev 24274) +++ branches/SAMBA_4_0/source/cluster/ctdb/ctdb_cluster.c 2007-08-08 03:19:38 UTC (rev 24275) @@ -42,6 +42,7 @@ struct cluster_state { struct ctdb_context *ctdb; struct cluster_messaging_list *list; + uint32_t vnn; }; @@ -197,6 +198,7 @@ void cluster_ctdb_init(struct event_context *ev, const char *model) { struct cluster_state *state; + int ret; if (!lp_parm_bool(-1, ctdb, enable, False)) { return; @@ -208,17 +210,32 @@ state-ctdb = ctdb_init(ev); if (state-ctdb == NULL) goto failed; + ret = ctdb_socket_connect(state-ctdb); + if (ret == -1) { + DEBUG(0,(__location__ Failed to connect to ctdb socket\n)); + goto failed; + } + + /* get our vnn */ + state-vnn = ctdb_ctrl_getvnn(state-ctdb, timeval_zero(), CTDB_CURRENT_NODE); + if (state-vnn == (uint32_t)-1) { + DEBUG(0,(__location__ Failed to get ctdb vnn\n)); + goto failed; + } + state-list = NULL; cluster_ctdb_ops.private = state; cluster_set_ops(cluster_ctdb_ops); +#if 0 /* nasty hack for now ... */ { void brl_ctdb_init_ops(void); brl_ctdb_init_ops(); } +#endif return;
svn commit: samba r24276 - in branches/SAMBA_4_0/source/smbd: .
Author: tridge Date: 2007-08-08 03:20:37 + (Wed, 08 Aug 2007) New Revision: 24276 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=24276 Log: don't mark a stream readable until after the messaging setup is complete. This is needed because messaging setup with ctdb involve events, and we don't want a SMB packet to be processed on this stream until after the stream structure is fully setup Modified: branches/SAMBA_4_0/source/smbd/service_stream.c Changeset: Modified: branches/SAMBA_4_0/source/smbd/service_stream.c === --- branches/SAMBA_4_0/source/smbd/service_stream.c 2007-08-08 03:19:38 UTC (rev 24275) +++ branches/SAMBA_4_0/source/smbd/service_stream.c 2007-08-08 03:20:37 UTC (rev 24276) @@ -172,8 +172,7 @@ srv_conn-ops = stream_socket-ops; srv_conn-event.ctx = ev; srv_conn-event.fde = event_add_fd(ev, srv_conn, socket_get_fd(sock), - EVENT_FD_READ, - stream_io_handler_fde, srv_conn); + 0, stream_io_handler_fde, srv_conn); if (!socket_check_access(sock, smbd, lp_hostsallow(-1), lp_hostsdeny(-1))) { stream_terminate_connection(srv_conn, denied by access rules); @@ -202,6 +201,9 @@ talloc_free(c); talloc_free(s); + /* we're now ready to start receiving events on this stream */ + EVENT_FD_READABLE(srv_conn-event.fde); + /* call the server specific accept code */ stream_socket-ops-accept_connection(srv_conn); }
svn commit: lorikeet r779 - in trunk/heimdal: . doc kdc lib/gssapi/mech lib/hdb lib/kadm5 lib/krb5 tests tests/kdc tools
Author: lha Date: 2007-08-08 04:57:56 + (Wed, 08 Aug 2007) New Revision: 779 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=779 Log: Merged with Heimdal svn revision 21835 Added: trunk/heimdal/lib/kadm5/ipropd_common.c trunk/heimdal/tests/kdc/check-iprop.in trunk/heimdal/tests/kdc/iprop-acl Removed: trunk/heimdal/lib/krb5/test_renew.c trunk/heimdal/tests/kdc/check-keys.in trunk/heimdal/tests/kdc/krb5.conf.keys.in Modified: trunk/heimdal/ChangeLog trunk/heimdal/Makefile.am trunk/heimdal/NEWS trunk/heimdal/configure.in trunk/heimdal/doc/heimdal.texi trunk/heimdal/doc/hx509.texi trunk/heimdal/kdc/kaserver.c trunk/heimdal/lib/gssapi/mech/gss_mech_switch.c trunk/heimdal/lib/hdb/dbinfo.c trunk/heimdal/lib/hdb/keys.c trunk/heimdal/lib/kadm5/ChangeLog trunk/heimdal/lib/kadm5/Makefile.am trunk/heimdal/lib/kadm5/context_s.c trunk/heimdal/lib/kadm5/get_s.c trunk/heimdal/lib/kadm5/init_c.c trunk/heimdal/lib/kadm5/iprop-log.8 trunk/heimdal/lib/kadm5/iprop.h trunk/heimdal/lib/kadm5/ipropd_master.c trunk/heimdal/lib/kadm5/ipropd_slave.c trunk/heimdal/lib/kadm5/log.c trunk/heimdal/lib/kadm5/marshall.c trunk/heimdal/lib/kadm5/rename_s.c trunk/heimdal/lib/krb5/Makefile.am trunk/heimdal/lib/krb5/get_cred.c trunk/heimdal/lib/krb5/init_creds.c trunk/heimdal/lib/krb5/pkinit.c trunk/heimdal/lib/krb5/plugin.c trunk/heimdal/lib/krb5/rd_priv.c trunk/heimdal/lib/krb5/read_message.c trunk/heimdal/tests/ChangeLog trunk/heimdal/tests/kdc/Makefile.am trunk/heimdal/tests/kdc/check-kdc.in trunk/heimdal/tests/kdc/krb5.conf.in trunk/heimdal/tools/heimdal-build.sh Changeset: Sorry, the patch is too large (2315 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=779