Re[2]: [Samba] Vista, 35 second login delay, domain only.
On Thu, 6 Mar 2008 20:10:43 +0100 odi [EMAIL PROTECTED] wrote: o Hello, o maybe you are not alone with that behaviour, seems to be same with o Solaris10/Samba3.0.25c and Vista domain client. Currently I've no solution o for this problem, o regards o Am Donnerstag, 6. März 2008 17:05:07 schrieb [EMAIL PROTECTED]: o Hello, o o I've spent time trying to find an answer to this one, but no luck. o The main problem is that when any user logs into Vista with a domain o account, there will be ~35 second delay where the system just sits at o the welcome screen with the spinning circle. (after typing their o password) o o This happens on Vista sp1, and earlier. Also on Samba 3.0.24, 3.0.28 and o 3.2. I'm pretty sure the DNS is okay, as everything else seems fine. Even o XP machines login normally. o Regardless of profiles being roaming or local, the delay is still there. o tcpdump shows no activity during this delay. o I've tried removing all traces of ipv6, from both the server and the o client. All firewalls are off on both server and client. o I'm pretty sure its Vista thats doing something, but just have no clue o where to look. o Local accounts login within a few seconds, and the domain logins are o almost bareable at about 35 seconds, but really quite annoying. :( o o I'm curious to know if anyone else experiences this or not? o o Thanks! o Mike We experience the same problem with Vista clients and samba 3.0.28 on Solaris 10 I havn't looked into it as I concentrate on Vista packages installation for the time being but yes it's irritating. Logout with roaming profile is also slower than for XP. NTconfig.pol isn't used. -- Jean-Jacques Moulis Tel: (013) 281684 ISYFax: (013) 139282 Linköping UniversityE-mail: [EMAIL PROTECTED] 581 83 Linköping -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and Active Directory
Hi All- Is there a way to authenticate samba shares using Active Directory? I don't want to add the Linux server to AD, I just want to be able to use Active Directory for the authentication of the Samba shares. Is there a good how-to? Thanks, MS -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Active Directory
Is there a way to authenticate samba shares using Active Directory? I don't want to add the Linux server to AD, I just want to be able to use Active Directory for the authentication of the Samba shares. Is there a good how-to? Yes, and yes. See the documentation. http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/ http://us3.samba.org/samba/docs/man/Samba-Guide/ -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Active Directory
On Monday 10 March 2008 08:03:04 am Mary Steiner wrote: Hi All- Is there a way to authenticate samba shares using Active Directory? I don't want to add the Linux server to AD, I just want to be able to use Active Directory for the authentication of the Samba shares. Is there a good how-to? Thanks, MS Mary, Could perhaps give us an example in practive (from the user's perspective) how this would work? Please start at the very beginning: A user logs onto ... and then does the following to access shares on the Samba server ... What documents have you referred to understand the issues at heart of the question you are asking? - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Active Directory
Hi All, I am facing one problem the SMB service is failed. The following is smbd log as below [EMAIL PROTECTED] samba]# tail -f smbd.log [2008/03/08 23:43:13, 0] smbd/server.c:main(760) smbd version 3.0.10-1.4E.12.2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2008/03/08 23:43:13, 1] auth/auth_util.c:make_server_info_sam(822) User Guest in passdb, but getpwnam() fails! [2008/03/08 23:44:11, 0] smbd/server.c:main(760) smbd version 3.0.10-1.4E.12.2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2008/03/08 23:44:11, 1] auth/auth_util.c:make_server_info_sam(822) User Guest in passdb, but getpwnam() fails! [EMAIL PROTECTED] samba]# tail -f smbd.log [2008/03/08 23:43:13, 0] smbd/server.c:main(760) smbd version 3.0.10-1.4E.12.2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2008/03/08 23:43:13, 1] auth/auth_util.c:make_server_info_sam(822) User Guest in passdb, but getpwnam() fails! [2008/03/08 23:44:11, 0] smbd/server.c:main(760) smbd version 3.0.10-1.4E.12.2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2008/03/08 23:44:11, 1] auth/auth_util.c:make_server_info_sam(822) User Guest in passdb, but getpwnam() fails! Sachin Ghormade System Operation Lead Specialist OZONE-1 Pune [EMAIL PROTECTED] 9766321056 Mary Steiner [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 03/10/2008 06:33 PM To samba@lists.samba.org cc Subject [Samba] Samba and Active Directory Hi All- Is there a way to authenticate samba shares using Active Directory? I don't want to add the Linux server to AD, I just want to be able to use Active Directory for the authentication of the Samba shares. Is there a good how-to? Thanks, MS -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SWAT Won't Start - Alarm Clock
Hey everyone, If anyone could help me with this problem, I'd greatly appreciate it. Whenever I try to start swat (from the command-line by invoking /usr/sbin/swat), it sits there for a very long time as if it's running, but any attempt to use telnet to the port or point my browser at it results in nothing, as if swat were just not running. Firewalling is no issue, I've disabled it. Swat ultimately dies after a few minutes giving no output to the console other than Alarm clock. What does this error message mean? I've tried running swat with -d 10 and strace /usr/sbin/swat -o myfile hoping that the output will mean more to someone else than it does to me. I've seen other people with this problem googling around, but no solution, and I can't seem to figure it out on my own. Thanks in advance for the help, bit /usr/sbin/swat -d 10 output: [2008/03/07 19:18:12, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2008/03/07 19:18:12, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2008/03/07 19:18:12, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2008/03/07 19:18:12, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2008/03/07 19:18:12, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2008/03/07 19:18:12, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.1 bcast=10.255.255.255 nmask=255.0.0.0 [2008/03/07 19:18:12, 2] lib/interface.c:add_interface(81) added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 [2008/03/07 19:18:12, 3] printing/pcap.c:pcap_cache_reload(117) reloading printcap cache [2008/03/07 19:18:12, 5] printing/print_cups.c:cups_cache_reload(71) reloading cups printcap cache [2008/03/07 19:18:12, 10] printing/print_cups.c:cups_server(51) cups server left to default localhost [2008/03/07 19:18:12, 3] printing/pcap.c:pcap_cache_reload(223) reload status: ok [2008/03/07 19:18:12, 7] param/loadparm.c:lp_servicenumber(4343) lp_servicenumber: couldn't find mybox [2008/03/07 19:18:12, 8] param/loadparm.c:add_a_service(2446) add_a_service: Creating snum = 6 for mybox [2008/03/07 19:18:12, 10] param/loadparm.c:hash_a_service(2493) hash_a_service: hashing index 6 for service name mybox [2008/03/07 19:18:12, 3] param/loadparm.c:lp_add_printer(2618) adding printer service mybox [2008/03/07 19:18:12, 3] lib/access.c:check_access(313) check_access: no hostnames in host allow/deny list. [2008/03/07 19:18:12, 0] lib/util_sock.c:get_peer_addr(1225) getpeername failed. Error was Socket operation on non-socket [2008/03/07 19:18:12, 0] lib/access.c:check_access(328) [2008/03/07 19:18:12, 0] lib/util_sock.c:get_peer_addr(1225) getpeername failed. Error was Socket operation on non-socket Denied connection from (0.0.0.0) strace /usr/sbin/swat -o myfile output: munmap(0xb738c000, 4096)= 0 open(/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/share/locale/en_US/LC_MESSAGES/libc.mo, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo, O_RDONLY) = -1 ENOENT (No such file or directory) open(/usr/share/locale/en/LC_MESSAGES/libc.mo, O_RDONLY) = -1 ENOENT (No such file or directory) time([1204938394]) = 1204938394 getpid()= 31787 rt_sigaction(SIGPIPE, {0x411140, [], SA_RESTORER, 0x35fec8}, {SIG_IGN}, 8) = 0 send(4, 27Mar 7 20:06:34 swat[31787]:..., 96, 0) = 96 rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0 geteuid32() = 0 write(3, getpeername failed. Error was ..., 63) = 63 time(NULL) = 1204938394 time([1204938394]) = 1204938394 getpid()= 31787 rt_sigaction(SIGPIPE, {0x411140, [], SA_RESTORER, 0x35fec8}, {SIG_IGN}, 8) = 0 send(4, 27Mar 7 20:06:34 swat[31787]:..., 89, 0) = 89 rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0 geteuid32() = 0 write(3, [2008/03/07 20:06:34, 0] lib/acc..., 56) = 56 getpeername(1, 0xbfff9e10, [16])= -1 ENOTSOCK (Socket operation on non-socket) time(NULL) = 1204938394 time([1204938394]) = 1204938394 getpid()= 31787 rt_sigaction(SIGPIPE, {0x411140, [], SA_RESTORER, 0x35fec8}, {SIG_IGN}, 8) = 0 send(4, 27Mar 7 20:06:34 swat[31787]:..., 94, 0) = 94 rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0 geteuid32() = 0 write(3, [2008/03/07 20:06:34, 0] lib/uti..., 61) = 61 time([1204938394]) = 1204938394 getpid()=
Re: [Samba] Samba and Active Directory
Hi John, Basically this is what I would like to happen: I have a Windows 2003 Active Directory server and a Fedora Linux server. I have set up Samba on the Fedora server. I would like for users to be able to map a Samba share using their login and password from Active Directory. I have read a lot of posts regarding kerberos, pam and samba, but most of them involved creating new users on active directory and installing Unix services on the windows server. I would like to not have to make any changes to the active directory server, just changes to the linux server. Any ideas? Thanks, MS On Mon, Mar 10, 2008 at 9:13 AM, Mary Steiner [EMAIL PROTECTED] wrote: Hi John, Basically this is what I would like to happen: I have a Windows 2003 Active Directory server and a Fedora Linux server. I have set up Samba on the Fedora server. I would like for users to be able to map a Samba share using their login and password from Active Directory. I have read a lot of posts regarding kerberos, pam and samba, but most of them involved creating new users on active directory and installing Unix services on the windows server. I would like to not have to make any changes to the active directory server, just changes to the linux server. Any ideas? Thanks, MS On Mon, Mar 10, 2008 at 8:20 AM, John H Terpstra [EMAIL PROTECTED] wrote: On Monday 10 March 2008 08:03:04 am Mary Steiner wrote: Hi All- Is there a way to authenticate samba shares using Active Directory? I don't want to add the Linux server to AD, I just want to be able to use Active Directory for the authentication of the Samba shares. Is there a good how-to? Thanks, MS Mary, Could perhaps give us an example in practive (from the user's perspective) how this would work? Please start at the very beginning: A user logs onto ... and then does the following to access shares on the Samba server ... What documents have you referred to understand the issues at heart of the question you are asking? - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems running samba in vmware
I've switched to a PCI based network card which seems to have helped. Have to wait and see but so far seems much better than the on-board stuff even though its from the same manufacturer (Realtek). Adam Zimmer President Arius Software Corporation (519) 885-9045 x122 Douglas VanLeuven wrote: Adam Zimmer wrote: At the moment I have enabled timeSync with vmware tools. In the general area of time keeping on the host, I added the following settings which avoided errors about the RTC missing interrupts: host.usefastclock=false host.cpukHz=240 host.useTSC=true ptsc.useTSC=true I have two other machines similarly configured (with the exception of running other linux applications not samba). Ntpdate seems to be installed as it is part of the ubuntu-server default config. However, my other machines seem to run it ok. If anything they fall behind a bit and the vmware sync keeps them up-to-date. Ian McDonald wrote: How are your time sync options set for the VM? Is it keeping time ok? (note,AFAIR, you're not supposed to run NTP within a VM.). True. I refer to this document from vmware. http://www.vmware.com/pdf/vmware_timekeeping.pdf Generally, ntp vmware timesync fight each other. The usual method is to turn off the ntp service, figure out how to minimize interrupts, allow the clock to run a little slow and allow vmware timesync to bump up the time when it gets about 1 minute slow. There's another thread that mentions issues with on-board nics and drivers. Over the years, I've bumped into that myself. To the extent I try and use host-only and route whenever possible. That's worked better for me in generic usage. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Get logged on username (several sessions on the same machine)
I repost my question because I've noticed it on several Samba servers and I'm sure it is certainly a known problem. My configuration : Samba 3.0.24 Ubuntu Feisty Any help will be highly appreciated. Kurt Kurthermal wrote : Hello, I'm writting an application that will be running on a Samba PDC. It has to get login (%username%) currently logged on some windows NT domain clients. I began to use 'net status sessions' but sometimes it returns more than one user currently logged on the same windows client. What's happening ? Is there a solution to avoid this ? Are there other methods to get login ? Thanks, K. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Get logged on username (several sessions on the same machine)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What do you want it for? You can get that at login time by causing a script to write out the value of %U. Do you want a right now snapshot? Kurthermal wrote: I repost my question because I've noticed it on several Samba servers and I'm sure it is certainly a known problem. My configuration : Samba 3.0.24 Ubuntu Feisty Any help will be highly appreciated. Kurt Kurthermal wrote : Hello, I'm writting an application that will be running on a Samba PDC. It has to get login (%username%) currently logged on some windows NT domain clients. I began to use 'net status sessions' but sometimes it returns more than one user currently logged on the same windows client. What's happening ? Is there a solution to avoid this ? Are there other methods to get login ? Thanks, K. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH1XVmmb+gadEcsb4RApxbAJsE1VaZ+VUcgp2sQqyNx1YrL8NHXwCfYRbs PwDz2WcQu6EeAfD5QJPQvzg= =MZpJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Get logged on username (several sessions on the same machine)
Yes, I want to get currently logged on users at any time. Ryan Novosielski a écrit : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What do you want it for? You can get that at login time by causing a script to write out the value of %U. Do you want a right now snapshot? Kurthermal wrote: I repost my question because I've noticed it on several Samba servers and I'm sure it is certainly a known problem. My configuration : Samba 3.0.24 Ubuntu Feisty Any help will be highly appreciated. Kurt Kurthermal wrote : Hello, I'm writting an application that will be running on a Samba PDC. It has to get login (%username%) currently logged on some windows NT domain clients. I began to use 'net status sessions' but sometimes it returns more than one user currently logged on the same windows client. What's happening ? Is there a solution to avoid this ? Are there other methods to get login ? Thanks, K. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH1XVmmb+gadEcsb4RApxbAJsE1VaZ+VUcgp2sQqyNx1YrL8NHXwCfYRbs PwDz2WcQu6EeAfD5QJPQvzg= =MZpJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba password change web interface
Does anyone know of a good web interface or script that would allow Samba users to change their own passwords? Thanks, MS -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems running samba in vmware
On Thu, Mar 6, 2008 at 10:13 PM, Adam Zimmer [EMAIL PROTECTED] wrote: I have used samba for nearly 9 years with no problems and we have about 20 users. In the past we have had a dedicated samba server. We have recently virtualized this server to a quad core Q6600 using vmware virtual server 1.0.4 on a 64 bit host running ubuntu 7.10. bad idea. Vmware server is not meant for production servers. Don't try to save a buck and buy a copy of esx. It will save you all this trouble and time is money. If you really want to go along the free road, get yourself xen, linux runs perfectly with the opensource 'free as in free beer' xensource. Vmware server is a great testing tool, not a production one. -- Groeten, J.Asenjo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba password change web interface
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SWAT provides this. Mary Steiner wrote: Does anyone know of a good web interface or script that would allow Samba users to change their own passwords? Thanks, MS - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH1Yysmb+gadEcsb4RAojWAJ0QakxOHVPUshWkHOJomg8MNNaOCACg1lFD 5aDTB3V9Ngx6f6po0uQrbGs= =J53H -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems running samba in vmware
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Natxo Asenjo wrote: On Thu, Mar 6, 2008 at 10:13 PM, Adam Zimmer [EMAIL PROTECTED] wrote: I have used samba for nearly 9 years with no problems and we have about 20 users. In the past we have had a dedicated samba server. We have recently virtualized this server to a quad core Q6600 using vmware virtual server 1.0.4 on a 64 bit host running ubuntu 7.10. bad idea. Vmware server is not meant for production servers. Don't try to save a buck and buy a copy of esx. It will save you all this trouble and time is money. If you really want to go along the free road, get yourself xen, linux runs perfectly with the opensource 'free as in free beer' xensource. Vmware server is a great testing tool, not a production one. Why is that? - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH1Y5Wmb+gadEcsb4RAh7iAJsEkM7zmX/hSZmv+a6JZyVUFUNASQCg4cvl FQhSxHNYt5Pl3RBzhNj3h8Y= =kRYx -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems running samba in vmware
Ryan Novosielski wrote: Natxo Asenjo wrote: On Thu, Mar 6, 2008 at 10:13 PM, Adam Zimmer [EMAIL PROTECTED] wrote: I have used samba for nearly 9 years with no problems and we have about 20 users. In the past we have had a dedicated samba server. We have recently virtualized this server to a quad core Q6600 using vmware virtual server 1.0.4 on a 64 bit host running ubuntu 7.10. bad idea. Vmware server is not meant for production servers. Don't try to save a buck and buy a copy of esx. It will save you all this trouble and time is money. If you really want to go along the free road, get yourself xen, linux runs perfectly with the opensource 'free as in free beer' xensource. Vmware server is a great testing tool, not a production one. Why is that? ESX is the OS. Vmware server runs under an OS. All kinds of ramifications to this from allocating specific ethernet cards to specific virtual machines instead of bridging to better cpu and memory management. But this is getting pretty off topic for samba. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Share permissions
Hello all, I have a SAMBA share called share_a and it is working fine (below is a snapshot of it): [share_a] path = /shares/share_a browseable = no valid users = @group_a @group_b @group_c write list = @group_a @group_b read list = @group_c create mode = 777 directory mode = 777 Inside this share there's a lot of sub-folders. The problem is: How can I give to one of these folders permission to a restrict group, like group_d that others (group_a-c) won't be able to browse/read/write? SAMBA version is: 3.0.20 and it installed as default Slackware 10.2.0 setup. Thanks and sorry by the english, João Ferreira -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Share permissions
On Mon, Mar 10, 2008 at 4:44 PM, João Amâncio Ferreira [EMAIL PROTECTED] wrote: Hello all, I have a SAMBA share called share_a and it is working fine (below is a snapshot of it): [share_a] path = /shares/share_a browseable = no valid users = @group_a @group_b @group_c write list = @group_a @group_b read list = @group_c create mode = 777 directory mode = 777 Inside this share there's a lot of sub-folders. The problem is: How can I give to one of these folders permission to a restrict group, like group_d that others (group_a-c) won't be able to browse/read/write? I would instead of using a lot of these valid users read lists and write lists parameters, set the permissions on the files and folders ( to limit user access) on the host unix filesystem. John John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NT_STATUS_BAD_NETWORK_NAME
I am trying to run Samba 3.0.24-11.fc6 on Fedora Core 6. I've run across two problems that are keeping me from being successful. 1. IPTables. Even when I configure it through Webmin to not run at startup, it does anyway. I consider this a minor problem, at least for now, although I wouldn't mind some input on how to configure it to allow Samba. 2. Access to shares. We are running an NT4 network. I have joined the Samba server to the domain and can see it in the browse list on my XP machine. I can also see the shares. However, when I double-click on the shares, I am prompted for a password which fails. I have been through Samba Security and Troubleshooting guide from Linux Home Networking and numerous other documents with no positive results. This is the test that fails: [EMAIL PROTECTED] www]# smbclient //Custer/Intranet -U ccarpenter Password: Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] tree connect failed: NT_STATUS_BAD_NETWORK_NAME This test works (Colnago being the PDC): [EMAIL PROTECTED] www]# smbclient -L Custer Password: Anonymous login successful Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] Sharename Type Comment - --- IntranetDisk IPC$IPC IPC Service (Intranet) Anonymous login successful Domain=[HCCMHMRC] OS=[Unix] Server=[Samba 3.0.24-11.fc6] Server Comment ---- COLNAGO CUSTER Intranet WorkgroupMaster ---- HCCMHMRC COLNAGO My username on the NT4 network is exactly the same as on the Samba server; however, I have no password on the Samba server. I use this setup on several other servers with no problem, which is part of the irony of the situation. I have another server running FC6 and the same version of Samba and it works perfectly. The only difference that I can tell is that I got Samba working straight off the FC6 installation disks before doing any updates whereas this time I did all the updates first. I have checked for the existence of a 'msdfs'; none could be found. I do not have SELinux installed: [EMAIL PROTECTED] www]# rpm -q selinux package selinux is not installed Testparm shows the following: [EMAIL PROTECTED] www]# testparm -s Load smb config files from /etc/samba/smb.conf Processing section [Intranet] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER [global] workgroup = HCCMHMRC server string = Intranet security = DOMAIN password server = Colnago log level = 3 log file = /var/log/samba/%m.log max log size = 50 preferred master = No dns proxy = No wins server = 192.168.0.7 default service = Intranet [Intranet] path = /var/www/html read only = No create mask = 0774 directory mask = 0775 guest ok = Yes The actual smb.conf looks like this: #=== Global Settings == [global] protocol = NT1 log file = /var/log/samba/%m.log dns proxy = no ; load printers = yes netbios name = Custer ; cups options = raw server string = Intranet password server = Colnago default = Intranet wins server = 192.168.0.7 workgroup = hccmhmrc os level = 20 debug level = 3 encrypt passwords = yes security = domain preferred master = no max log size = 50 ; winbind enable local accounts = no [Intranet] writeable = yes create mode = 774 path = /var/www/html directory mode = 775 guest ok = Yes I am not using winbindd or ldap. Any help with this would be appreciated. It's really annoying when my boss sticks his head in the door every 20 minutes and says Well? Carl Carpenter IT Manager Hill Country Community MHMR Center (830)258-5414 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Share permissions
João Amâncio Ferreira wrote: Hello all, I have a SAMBA share called share_a and it is working fine (below is a snapshot of it): [share_a] path = /shares/share_a browseable = no valid users = @group_a @group_b @group_c write list = @group_a @group_b read list = @group_c create mode = 777 directory mode = 777 Inside this share there's a lot of sub-folders. The problem is: How can I give to one of these folders permission to a restrict group, like group_d that others (group_a-c) won't be able to browse/read/write? SAMBA version is: 3.0.20 and it installed as default Slackware 10.2.0 setup. Thanks and sorry by the english, João Ferreira Change to something like this [share_a] path = /shares/share_a browseable = no valid users = @group_a @group_b @group_c write list = @group_a @group_b read list = @group_c create mode = 770 directory mode = 770 -Aubrey -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems running samba in vmware
On Thu, Mar 6, 2008 at 10:13 PM, Adam Zimmer [EMAIL PROTECTED] wrote: I have used samba for nearly 9 years with no problems and we have about 20 users. In the past we have had a dedicated samba server. We have recently virtualized this server to a quad core Q6600 using vmware virtual server 1.0.4 on a 64 bit host running ubuntu 7.10. bad idea. Vmware server is not meant for production servers. Don't try to save a buck and buy a copy of esx. It will save you all this trouble and time is money. If you really want to go along the free road, get yourself xen, linux runs perfectly with the opensource 'free as in free beer' xensource. Vmware server is a great testing tool, not a production one. Why is that? This isn't a forum for the pros cons of virtualization techniques; but I can tell you that it works fine for us. We run Samba on a half dozen VMs hosted in vmware-server. It works fine, Samba doesn't care. And vmware-server on a well tested and proven platform (OS hardware) has been 100% stable. We've tested multiple failures in various ways, most brutally: boot, VMs start automatically, yank power cord, boot, VMs start recover, yank power cord, etc... and it always comes back just fine. No lost data, no crashes. Very impressive. We are buying the real VMware (which BTW, is just based on RedHat anyway) but just for the VMFS feature [we can more efficiently use our SAN] and not because of any stability issues. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinXP/x64 - MFC CFile objects leak parent directory handles
On 3/7/08, Volker Lendecke [EMAIL PROTECTED] wrote: On Fri, Mar 07, 2008 at 05:02:00PM +0100, Dragan Krnic wrote: Volker, can you please look at it and see if you can suggest a fix? Can you try the attached patch? This fixes it for me. Thank you, Volker. I'll try it out (takes some time to get all the bits and compile). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Get logged on username (several sessions on the same machine)
Maybe there is a way to tell samba to close previous session when a different login is used from the same computer ? Kurthermal wrote : Yes, I want to get currently logged on users at any time. Ryan Novosielski wrote : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What do you want it for? You can get that at login time by causing a script to write out the value of %U. Do you want a right now snapshot? Kurthermal wrote: I repost my question because I've noticed it on several Samba servers and I'm sure it is certainly a known problem. My configuration : Samba 3.0.24 Ubuntu Feisty Any help will be highly appreciated. Kurt Kurthermal wrote : Hello, I'm writting an application that will be running on a Samba PDC. It has to get login (%username%) currently logged on some windows NT domain clients. I began to use 'net status sessions' but sometimes it returns more than one user currently logged on the same windows client. What's happening ? Is there a solution to avoid this ? Are there other methods to get login ? Thanks, K. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinXP/x64 - MFC CFile objects leak parent directory handles
On 3/10/08, Dragan Krnic [EMAIL PROTECTED] wrote: On 3/7/08, Volker Lendecke [EMAIL PROTECTED] wrote: On Fri, Mar 07, 2008 at 05:02:00PM +0100, Dragan Krnic wrote: Volker, can you please look at it and see if you can suggest a fix? Can you try the attached patch? This fixes it for me. Thank you, Volker. I'll try it out (takes some time to get all the bits and compile). It didn't take so much time and it works. Thank you, Volker. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinXP/x64 - MFC CFile objects leak parent directory handles
On Mon, Mar 10, 2008 at 11:33:17PM +0100, Dragan Krnic wrote: On 3/10/08, Dragan Krnic [EMAIL PROTECTED] wrote: On 3/7/08, Volker Lendecke [EMAIL PROTECTED] wrote: On Fri, Mar 07, 2008 at 05:02:00PM +0100, Dragan Krnic wrote: Volker, can you please look at it and see if you can suggest a fix? Can you try the attached patch? This fixes it for me. Thank you, Volker. I'll try it out (takes some time to get all the bits and compile). It didn't take so much time and it works. Now you should report the bug to MS :-) You will very likely see the same behaviour when you run against OS/2 or Win95 as a server :-) Volker pgpnB0xwbTK20.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with ADS idmap backend
I'm running Samba 3.0.28a on a CentOS 3.9 box as a member of an AD domain whose PDC is a W2k3 server (Standard x64 R2 SP2). Using wbinfo -u and wbinfo -g I can see domain users and groups from the CentOS box, but getent (passwd|group) fails to display them. The nsswitch is setup correctly, as far as I can tell. When I tail -f the samba log file during a getent query, I see that winbindd is having problems mapping the sid to the uid or gid (sid2uid returned an error). Furthermore, wbinfo -n can find the SID for a user or group, but it can't preform the inverse mapping. In the following example, 'deisner' and 'unixusers' are a domain user and group, respectively. From the CentOS box (with intentional SID obfuscation): $ wbinfo -u |grep deisner deisner $ wbinfo -n deisner S-1-5-21-**6 User (1) $ wbinfo -S S-1-5-21-**6 Could not convert sid S-1-5-21-**6 to uid $ wbinfo -g |grep unixusers unixusers $ wbinfo -n unixusers S-1-5-21-**8 Domain Group (2) $ wbinfo -Y S-1-5-21-**8 Could not convert sid S-1-5-21-**8 to gid In the log file, I see this: [2008/03/10 18:37:58, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2300) Retrieving response for pid 6274 [2008/03/10 18:37:58, 5] nsswitch/winbindd_async.c:winbindd_sid2gid_recv(527) sid2gid returned an error [2008/03/10 18:37:58, 5] nsswitch/winbindd_sid.c:sid2gid_recv(254) Could not convert sid S-1-5-21-*8 I'm using the SFU schema. In AD I have uids and gids assigned to the user and group, in the Unix Attributes tab, with values in the range I've specified for the idmap range. Here is my smb.conf: [global] workgroup = THEDOMAIN server string = Centos Samba Server hosts allow = xxx.y. xxx.y. 127. # obfuscated printcap name = CUPS load printers = yes cups options = raw log file = /usr/local/samba/var/log.smbd security = ads encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no unix charset = LOCALE netbios name = LDAP realm = THEDOMAIN.FOO.ORG use kerberos keytab = Yes idmap domains = THEDOMAIN idmap config THEDOMAIN:backend = ad idmap config THEDOMAIN:default = yes idmap config THEDOMAIN:schema_mode = sfu idmap config THEDOMAIN:range= 1 - 3 log level = 1 syslog = 0 winbind use default domain = yes winbind nested groups = yes winbind enum users = yes winbind enum groups = yes template homedir = /home/windows/%D/%U template shell = /bin/bash allow trusted domains = no [homes] comment = Home Directories browseable = no writable = yes read only = No valid users = %D\%U [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [voltest] admin users = THEDOMAIN\administrator comment = Volume Test path = /home/voltest public = no writable = yes store dos attributes = yes nt acl support = yes map acl inherit = yes Running Wireshark on the W2k3 server, I can see the CentOS box making the LsarLookupSids request and getting a response (though the content is encrypted so I can't see the details). Can anybody see anything obviously wrong? Does anybody have this working? Thanks! -David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba server joining domain and browsing group shares
Alex thanks a lot. The problem was solved. The configuration information you provided me was very precise and correct. The problem was with SuSE and the YAST2 SAMBA GUI. What we did basically was re-install SuSE 10.3, edit /etc/samba/smb.conf manually using the parameter you provided, We then commented out the parameters SuSE puts on the file by default. Manually modify the /etc/krb5.conf file again following your instructions and sample files and bingo everything works just fine. Thanks a lot, over the weekend we converted the 1st production server with this setup and we are converting 2 more win2k servers to samba servers. We are only keeping the PDC(It only contains the Active directory information, nothing else). The following is for SuSE user with 10.3 x-64, shares names defined in /etc/samba/smb.conf should be in lower case. It will not work when using upper case characters. Another thing when creating groups on the windows PDC make sure that the groups are global not local otherwise linux function getent will not see them. Well that does it for us. Cheers Alex and thanks again ;-) Regards Victor -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with ADS idmap backend
David Eisner wrote: I'm running Samba 3.0.28a on a CentOS 3.9 box as a member of an AD domain whose PDC is a W2k3 server (Standard x64 R2 SP2). Using wbinfo -u and wbinfo -g I can see domain users and groups from the CentOS box, but getent (passwd|group) fails to display them. The nsswitch is setup correctly, as far as I can tell. When I tail -f the samba log file during a getent query, I see that winbindd is having problems mapping the sid to the uid or gid (sid2uid returned an error). Furthermore, wbinfo -n can find the SID for a user or group, but it can't preform the inverse mapping. In the following example, 'deisner' and 'unixusers' are a domain user and group, respectively. From the CentOS box (with intentional SID obfuscation): $ wbinfo -u |grep deisner deisner $ wbinfo -n deisner S-1-5-21-**6 User (1) $ wbinfo -S S-1-5-21-**6 Could not convert sid S-1-5-21-**6 to uid $ wbinfo -g |grep unixusers unixusers $ wbinfo -n unixusers S-1-5-21-**8 Domain Group (2) $ wbinfo -Y S-1-5-21-**8 Could not convert sid S-1-5-21-**8 to gid In the log file, I see this: [2008/03/10 18:37:58, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2300) Retrieving response for pid 6274 [2008/03/10 18:37:58, 5] nsswitch/winbindd_async.c:winbindd_sid2gid_recv(527) sid2gid returned an error [2008/03/10 18:37:58, 5] nsswitch/winbindd_sid.c:sid2gid_recv(254) Could not convert sid S-1-5-21-*8 I'm using the SFU schema. In AD I have uids and gids assigned to the user and group, in the Unix Attributes tab, with values in the range I've specified for the idmap range. Here is my smb.conf: [global] workgroup = THEDOMAIN server string = Centos Samba Server hosts allow = xxx.y. xxx.y. 127. # obfuscated printcap name = CUPS load printers = yes cups options = raw log file = /usr/local/samba/var/log.smbd security = ads encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no unix charset = LOCALE netbios name = LDAP realm = THEDOMAIN.FOO.ORG use kerberos keytab = Yes idmap domains = THEDOMAIN idmap config THEDOMAIN:backend = ad idmap config THEDOMAIN:default = yes idmap config THEDOMAIN:schema_mode = sfu idmap config THEDOMAIN:range= 1 - 3 log level = 1 syslog = 0 winbind use default domain = yes winbind nested groups = yes winbind enum users = yes winbind enum groups = yes template homedir = /home/windows/%D/%U template shell = /bin/bash allow trusted domains = no Try adding to global section: winbind nss info = sfu Right now you're defaulting to template. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SWAT Won't Start - Alarm Clock
On Mon March 10 2008 10:07, Bit wrote: Hey everyone, If anyone could help me with this problem, I'd greatly appreciate it. Whenever I try to start swat (from the command-line by invoking /usr/sbin/swat), it sits there for a very long time as if it's running, but any attempt to use telnet to the port or point my browser at it results in nothing, as if swat were just not running. Firewalling is no issue, I've disabled it. Swat ultimately dies after a few minutes giving no output to the console other than Alarm clock. What does this error message mean? I've tried running swat with -d 10 and strace /usr/sbin/swat -o myfile hoping that the output will mean more to someone else than it does to me. I've seen other people with this problem googling around, but no solution, and I can't seem to figure it out on my own. Thanks in advance for the help, bit snip Have you tried using your browser with http://localhost:901/ -- PV We have met the enemy and he is us; Pogo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net file close
Howdy, Please forgive me if this is a stupid question, but I have searched the lists and can not find an answer for something that should be pretty simple. I am loooking to perform a net file close on a samba shared file that is open from a windows machine. I can not get it to work in on my mac, or from a bsd based clustered file system. The closest I can get to it is performing an smbstatus to find the process id, and kill -15 {pid} to release the file. which works fine but if a user has several files open, the kill -15 {pid} closes the connection (or releases the locks) for all of the users files it appears. What is interesting is say: user1 leaves open file1.xls and file2.doc user2 needs file1.xls but _NOT_ file2.doc kill -15 {user1pid} user2 takes control of file1.xls and saves it. User1 is then given a chance to overwrite user2's changes to file1.xls, or rename. But user1's control and ability to save file2.doc has been lost with the kill -15 {user1pid}. In windows, you just go and release the file from the little gui mouse thinger for windows shares (I get confused when I have to use a mouse and gui thinger.) Is there a gui mouse thinger (or command) to only release a file instead of an entire user for a samba shared file? Thanks for your help! Dan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SWAT Won't Start - Alarm Clock
Bit wrote: Hey everyone, If anyone could help me with this problem, I'd greatly appreciate it. Whenever I try to start swat (from the command-line by invoking /usr/sbin/swat), it sits there for a very long time as if it's running, but any attempt to use telnet to the port or point my browser at it results in nothing, as if swat were just not running. Firewalling is no issue, I've disabled it. Swat ultimately dies after a few minutes giving no output to the console other than Alarm clock. What does this error message mean? I've tried running swat with -d 10 and strace /usr/sbin/swat -o myfile hoping that the output will mean more to someone else than it does to me. I've seen other people with this problem googling around, but no solution, and I can't seem to figure it out on my own. Thanks in advance for the help, bit snip It's been a while since I last used swat so this may have changed, but back in the day swat didn't handle its own network stuff. Have you tried adding swat to your *inetd config (assuming you have one). If you don't have any form of inetd running, maybe it would be possible to hack something together using netcat (obviously not a good idea for a production environment)? *Michael Heydon - IT Administrator * [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with ADS idmap backend
On Mon, Mar 10, 2008 at 7:54 PM, Douglas VanLeuven [EMAIL PROTECTED] wrote: Try adding to global section: winbind nss info = sfu Right now you're defaulting to template. Doug, Thanks for the tip. Unfortunately, after making the change and restarting winbindd, the problem persists. Are there any .tdb files I need to delete? -David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-28-148-gd85c5b4
The branch, v3-0-test has been updated via d85c5b4d40a41d22b31d635023edbb31e719c97c (commit) via 12ce54fcb6d881e426e937b059f0d329a2a01772 (commit) from 4861aef29f84a051b4592b1616e40f010b612420 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit d85c5b4d40a41d22b31d635023edbb31e719c97c Author: Michael Adam [EMAIL PROTECTED] Date: Mon Mar 10 11:40:27 2008 +0100 Fix build for pam_smbpass - one caller of _log_err(). Michael commit 12ce54fcb6d881e426e937b059f0d329a2a01772 Author: Alexander Bokovoy [EMAIL PROTECTED] Date: Wed Jan 16 12:28:52 2008 +0300 Fix build for pam_smbpass Signed-off-by: Alexander Bokovoy [EMAIL PROTECTED] (cherry picked from commit dc568fd52ae8ffaaaef2015c5a207ed9a58a9a7f) --- Summary of changes: source/pam_smbpass/pam_smb_acct.c |2 +- source/pam_smbpass/pam_smb_auth.c |2 +- source/pam_smbpass/pam_smb_passwd.c |2 +- 3 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source/pam_smbpass/pam_smb_acct.c b/source/pam_smbpass/pam_smb_acct.c index b5dbd9c..d1f3a42 100644 --- a/source/pam_smbpass/pam_smb_acct.c +++ b/source/pam_smbpass/pam_smb_acct.c @@ -71,7 +71,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, } if (geteuid() != 0) { - _log_err(pamh, LOG_DEBUG, Cannot access samba password database, not running as root.); + _log_err( LOG_DEBUG, Cannot access samba password database, not running as root.); return PAM_AUTHINFO_UNAVAIL; } diff --git a/source/pam_smbpass/pam_smb_auth.c b/source/pam_smbpass/pam_smb_auth.c index 2b0735f..31c476b 100644 --- a/source/pam_smbpass/pam_smb_auth.c +++ b/source/pam_smbpass/pam_smb_auth.c @@ -102,7 +102,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, } if (geteuid() != 0) { - _log_err(pamh, LOG_DEBUG, Cannot access samba password database, not running as root.); + _log_err(LOG_DEBUG, Cannot access samba password database, not running as root.); retval = PAM_AUTHINFO_UNAVAIL; AUTH_RETURN; } diff --git a/source/pam_smbpass/pam_smb_passwd.c b/source/pam_smbpass/pam_smb_passwd.c index 62c056b..1936611 100644 --- a/source/pam_smbpass/pam_smb_passwd.c +++ b/source/pam_smbpass/pam_smb_passwd.c @@ -126,7 +126,7 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags, } if (geteuid() != 0) { - _log_err(pamh, LOG_DEBUG, Cannot access samba password database, not running as root.); + _log_err( LOG_DEBUG, Cannot access samba password database, not running as root.); return PAM_AUTHINFO_UNAVAIL; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-182-g3ac4f93
The branch, v3-2-test has been updated via 3ac4f935c074af768d0b83514f86d010c387817a (commit) via 8725dbccf7a1d3d9d1205678fcd3ca3c6350 (commit) via 27065382d9b692b5885265c9d60ffb7ec7748c38 (commit) from 2ce76ce2bccefb4a072bed039a4837ae334dea55 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 3ac4f935c074af768d0b83514f86d010c387817a Author: Volker Lendecke [EMAIL PROTECTED] Date: Sun Mar 9 11:26:50 2008 +0100 Make use of talloc_asprintf_strupper_m in secrets.c commit 8725dbccf7a1d3d9d1205678fcd3ca3c6350 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sun Mar 9 11:21:08 2008 +0100 Avoid some pointless checks secrets_init() makes sure that the tdb is initialized commit 27065382d9b692b5885265c9d60ffb7ec7748c38 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sun Mar 9 11:17:48 2008 +0100 Use talloc_tos() in secrets_init --- Summary of changes: source/passdb/secrets.c | 87 ++- 1 files changed, 26 insertions(+), 61 deletions(-) Changeset truncated at 500 lines: diff --git a/source/passdb/secrets.c b/source/passdb/secrets.c index 6c5375e..2ef8f43 100644 --- a/source/passdb/secrets.c +++ b/source/passdb/secrets.c @@ -51,22 +51,15 @@ static void get_rand_seed(int *new_seed) /* open up the secrets database */ bool secrets_init(void) { - TALLOC_CTX *ctx; char *fname = NULL; unsigned char dummy; if (tdb) return True; - ctx = talloc_init(secrets_init); - if (!ctx) { - return false; - } - fname = talloc_asprintf(ctx, - %s/secrets.tdb, - lp_private_dir()); - if (!fname) { - TALLOC_FREE(ctx); + fname = talloc_asprintf(talloc_tos(), %s/secrets.tdb, + lp_private_dir()); + if (fname == NULL) { return false; } @@ -74,11 +67,11 @@ bool secrets_init(void) if (!tdb) { DEBUG(0,(Failed to open %s\n, fname)); - TALLOC_FREE(ctx); + TALLOC_FREE(fname); return False; } - TALLOC_FREE(ctx); + TALLOC_FREE(fname); /** * Set a reseed function for the crypto random generator @@ -118,10 +111,6 @@ void *secrets_fetch(const char *key, size_t *size) return NULL; } - if (!tdb) { - return NULL; - } - dbuf = tdb_fetch(tdb, string_tdb_data(key)); if (size) { *size = dbuf.dsize; @@ -138,10 +127,6 @@ bool secrets_store(const char *key, const void *data, size_t size) return false; } - if (!tdb) { - return false; - } - return tdb_trans_store(tdb, string_tdb_data(key), make_tdb_data((const uint8 *)data, size), TDB_REPLACE) == 0; @@ -156,10 +141,6 @@ bool secrets_delete(const char *key) return false; } - if (!tdb) { - return false; - } - return tdb_trans_delete(tdb, string_tdb_data(key)) == 0; } @@ -174,12 +155,9 @@ static const char *domain_sid_keystr(const char *domain) { char *keystr; - keystr = talloc_asprintf(talloc_tos(), %s/%s, -SECRETS_DOMAIN_SID, domain); + keystr = talloc_asprintf_strupper_m(talloc_tos(), %s/%s, + SECRETS_DOMAIN_SID, domain); SMB_ASSERT(keystr != NULL); - - strupper_m(keystr); - return keystr; } @@ -269,12 +247,10 @@ static const char *machine_sec_channel_type_keystr(const char *domain) { char *keystr; - keystr = talloc_asprintf(talloc_tos(), %s/%s, -SECRETS_MACHINE_SEC_CHANNEL_TYPE, domain); + keystr = talloc_asprintf_strupper_m(talloc_tos(), %s/%s, + SECRETS_MACHINE_SEC_CHANNEL_TYPE, + domain); SMB_ASSERT(keystr != NULL); - - strupper_m(keystr); - return keystr; } @@ -289,12 +265,10 @@ static const char *machine_last_change_time_keystr(const char *domain) { char *keystr; - keystr = talloc_asprintf(talloc_tos(), %s/%s, -SECRETS_MACHINE_LAST_CHANGE_TIME, domain); + keystr = talloc_asprintf_strupper_m(talloc_tos(), %s/%s, + SECRETS_MACHINE_LAST_CHANGE_TIME, + domain); SMB_ASSERT(keystr != NULL); - - strupper_m(keystr); - return keystr; } @@ -310,12 +284,9 @@ static const char *machine_password_keystr(const
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-183-g6686d97
The branch, v3-2-test has been updated via 6686d97617cc0a630ea1ab1c30f741943f151db6 (commit) from 3ac4f935c074af768d0b83514f86d010c387817a (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 6686d97617cc0a630ea1ab1c30f741943f151db6 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 14:25:45 2008 +0100 Use rpccli_srvsvc_NetShareAdd in net. Guenther --- Summary of changes: source/utils/net_rpc.c | 56 ++- 1 files changed, 45 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c index 15450cf..78d43e4 100644 --- a/source/utils/net_rpc.c +++ b/source/utils/net_rpc.c @@ -3255,12 +3255,16 @@ static NTSTATUS rpc_share_add_internals(const DOM_SID *domain_sid, const char **argv) { WERROR result; + NTSTATUS status; char *sharename; char *path; uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */ uint32 num_users=0, perms=0; char *password=NULL; /* don't allow a share password */ uint32 level = 2; + union srvsvc_NetShareInfo info; + struct srvsvc_NetShareInfo2 info2; + uint32_t parm_error = 0; if ((sharename = talloc_strdup(mem_ctx, argv[0])) == NULL) { return NT_STATUS_NO_MEMORY; @@ -3271,11 +3275,24 @@ static NTSTATUS rpc_share_add_internals(const DOM_SID *domain_sid, return NT_STATUS_UNSUCCESSFUL; *path++ = '\0'; - result = rpccli_srvsvc_net_share_add(pipe_hnd, mem_ctx, sharename, type, - opt_comment, perms, opt_maxusers, - num_users, path, password, - level, NULL); - return werror_to_ntstatus(result); + info2.name = sharename; + info2.type = type; + info2.comment = opt_comment; + info2.permissions = perms; + info2.max_users = opt_maxusers; + info2.current_users = num_users; + info2.path = path; + info2.password = password; + + info.info2 = info2; + + status = rpccli_srvsvc_NetShareAdd(pipe_hnd, mem_ctx, + pipe_hnd-cli-desthost, + level, + info, + parm_error, + result); + return status; } static int rpc_share_add(int argc, const char **argv) @@ -5050,6 +5067,10 @@ static NTSTATUS rpc_sh_share_add(TALLOC_CTX *mem_ctx, int argc, const char **argv) { WERROR result; + NTSTATUS status; + uint32_t parm_err = 0; + union srvsvc_NetShareInfo info; + struct srvsvc_NetShareInfo2 info2; if ((argc 2) || (argc 3)) { d_fprintf(stderr, usage: %s share path [comment]\n, @@ -5057,12 +5078,25 @@ static NTSTATUS rpc_sh_share_add(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_PARAMETER; } - result = rpccli_srvsvc_net_share_add( - pipe_hnd, mem_ctx, argv[0], STYPE_DISKTREE, - (argc == 3) ? argv[2] : , - 0, 0, 0, argv[1], NULL, 2, NULL); - - return werror_to_ntstatus(result); + info2.name = argv[0]; + info2.type = STYPE_DISKTREE; + info2.comment = (argc == 3) ? argv[2] : ; + info2.permissions = 0; + info2.max_users = 0; + info2.current_users = 0; + info2.path = argv[1]; + info2.password = NULL; + + info.info2 = info2; + + status = rpccli_srvsvc_NetShareAdd(pipe_hnd, mem_ctx, + pipe_hnd-cli-desthost, + 2, + info, + parm_err, + result); + + return status; } static NTSTATUS rpc_sh_share_delete(TALLOC_CTX *mem_ctx, -- Samba Shared Repository
Re: [SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-165-gc240181
On Sat, Mar 08, 2008 at 04:49:43PM -0600, Volker Lendecke wrote: The branch, v3-2-test has been updated via c2401811aa3d02a9e27969687b9ea035407000c3 (commit) from 776e21075b31db605e45f91b6ccefd11412d7773 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit c2401811aa3d02a9e27969687b9ea035407000c3 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sat Mar 8 23:48:12 2008 +0100 Fix Coverity ID 551 Correctly return if we can't create the temporary krb5.conf Jeremy, please check! Looks good to me. Thanks. Jeremy.
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-185-ge13b932
The branch, v3-2-test has been updated via e13b9325d251777cd9030f34fa98e22766c0bcfe (commit) from 3b21ee37388627c47177f79c16f003da06e8fdd9 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit e13b9325d251777cd9030f34fa98e22766c0bcfe Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 16:26:56 2008 +0100 Remove unused marshalling for SRV_NET_SHARE_{ENUM,ADD,SETINFO,GETINFO} Guenther --- Summary of changes: source/include/rpc_srvsvc.h| 350 -- source/rpc_client/cli_srvsvc.c | 374 -- source/rpc_parse/parse_srv.c | 1493 3 files changed, 0 insertions(+), 2217 deletions(-) Changeset truncated at 500 lines: diff --git a/source/include/rpc_srvsvc.h b/source/include/rpc_srvsvc.h index 60ad23e..a8e145a 100644 --- a/source/include/rpc_srvsvc.h +++ b/source/include/rpc_srvsvc.h @@ -261,356 +261,6 @@ typedef struct r_net_conn_enum_info } SRV_R_NET_CONN_ENUM; -/* SH_INFO_0 */ -typedef struct ptr_share_info0 -{ - uint32 ptr_netname; /* pointer to net name. */ -} SH_INFO_0; - -/* SH_INFO_0_STR (level 0 share info strings) */ -typedef struct str_share_info0 -{ -SH_INFO_0 *ptrs; - - UNISTR2 uni_netname; /* unicode string of net name */ - -} SH_INFO_0_STR; - -/* SRV_SHARE_INFO_0 */ -typedef struct share_info_0_info -{ - SH_INFO_0 info_0; - SH_INFO_0_STR info_0_str; - -} SRV_SHARE_INFO_0; - -/* SH_INFO_1 (pointers to level 1 share info strings) */ -typedef struct ptr_share_info1 -{ - uint32 ptr_netname; /* pointer to net name. */ - uint32 type; /* ipc, print, disk ... */ - uint32 ptr_remark; /* pointer to comment. */ - -} SH_INFO_1; - -/* SH_INFO_1_STR (level 1 share info strings) */ -typedef struct str_share_info1 -{ -SH_INFO_1 *ptrs; - - UNISTR2 uni_netname; /* unicode string of net name */ - UNISTR2 uni_remark; /* unicode string of comment */ - -} SH_INFO_1_STR; - -/* SRV_SHARE_INFO_1 */ -typedef struct share_info_1_info -{ - SH_INFO_1 info_1; - SH_INFO_1_STR info_1_str; - -} SRV_SHARE_INFO_1; - -/* SH_INFO_2 (pointers to level 2 share info strings) */ -typedef struct ptr_share_info2 -{ - uint32 ptr_netname; /* pointer to net name. */ - uint32 type; /* ipc, print, disk ... */ - uint32 ptr_remark; /* pointer to comment. */ - uint32 perms; /* permissions */ - uint32 max_uses; /* maximum uses */ - uint32 num_uses; /* current uses */ - uint32 ptr_path; /* pointer to path name */ - uint32 ptr_passwd; /* pointer to password */ - -} SH_INFO_2; - -/* SH_INFO_2_STR (level 2 share info strings) */ -typedef struct str_share_info2 -{ - SH_INFO_2 *ptrs; - - UNISTR2 uni_netname; /* unicode string of net name (e.g NETLOGON) */ - UNISTR2 uni_remark; /* unicode string of comment (e.g Logon server share) */ - UNISTR2 uni_path;/* unicode string of local path (e.g c:\winnt\system32\repl\import\scripts) */ - UNISTR2 uni_passwd; /* unicode string of password - presumably for share level security (e.g NULL) */ - -} SH_INFO_2_STR; - -/* SRV_SHARE_INFO_2 */ -typedef struct share_info_2_info -{ - SH_INFO_2 info_2; - SH_INFO_2_STR info_2_str; - -} SRV_SHARE_INFO_2; - -typedef struct ptr_share_info501 -{ - uint32 ptr_netname; /* pointer to net name */ - uint32 type; /* ipc, print, disk */ - uint32 ptr_remark; /* pointer to comment */ - uint32 csc_policy; /* client-side offline caching policy 4 */ -} SH_INFO_501; - -typedef struct str_share_info501 -{ - UNISTR2 uni_netname; /* unicode string of net name */ - UNISTR2 uni_remark; /* unicode string of comment */ -} SH_INFO_501_STR; - -/* SRV_SHARE_INFO_501 */ -typedef struct share_info_501_info -{ - SH_INFO_501 info_501; - SH_INFO_501_STR info_501_str; -} SRV_SHARE_INFO_501; - -/* SH_INFO_502 (pointers to level 502 share info strings) */ -typedef struct ptr_share_info502 -{ - uint32 ptr_netname; /* pointer to net name. */ - uint32 type; /* ipc, print, disk ... */ - uint32 ptr_remark; /* pointer to comment. */ - uint32 perms; /* permissions */ - uint32 max_uses; /* maximum uses */ - uint32 num_uses; /* current uses */ - uint32 ptr_path; /* pointer to path name */ - uint32 ptr_passwd; /* pointer to password */ -uint32 reserved;/* this holds the space taken by the sd in the rpc packet */ -uint32 reserved_offset; /* required for _post operation when marshalling */ - uint32 sd_size;/* size of security descriptor */ - uint32 ptr_sd; /* pointer to security descriptor */ - -} SH_INFO_502; - -/* SH_INFO_502_STR (level 502 share info strings) */ -typedef struct str_share_info502 -{ -
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-184-g3b21ee3
The branch, v3-2-test has been updated via 3b21ee37388627c47177f79c16f003da06e8fdd9 (commit) from 6686d97617cc0a630ea1ab1c30f741943f151db6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 3b21ee37388627c47177f79c16f003da06e8fdd9 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 16:19:25 2008 +0100 Convert net to use rpccli_srvsvc_NetShare* interfaces everywhere. Guenther --- Summary of changes: source/utils/net_rpc.c | 301 +++- 1 files changed, 119 insertions(+), 182 deletions(-) Changeset truncated at 500 lines: diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c index 78d43e4..09759c4 100644 --- a/source/utils/net_rpc.c +++ b/source/utils/net_rpc.c @@ -3364,165 +3364,104 @@ static int rpc_share_delete(int argc, const char **argv) * * @param info1 pointer to SRV_SHARE_INFO_1 to format **/ - -static void display_share_info_1(SRV_SHARE_INFO_1 *info1) -{ - fstring netname = , remark = ; - - rpcstr_pull_unistr2_fstring(netname, info1-info_1_str.uni_netname); - rpcstr_pull_unistr2_fstring(remark, info1-info_1_str.uni_remark); +static void display_share_info_1(struct srvsvc_NetShareInfo1 *r) +{ if (opt_long_list_entries) { d_printf(%-12s %-8.8s %-50s\n, -netname, share_type[info1-info_1.type ~(STYPE_TEMPORARY|STYPE_HIDDEN)], remark); +r-name, +share_type[r-type ~(STYPE_TEMPORARY|STYPE_HIDDEN)], +r-comment); } else { - d_printf(%s\n, netname); + d_printf(%s\n, r-name); } - } static WERROR get_share_info(struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, - uint32 level, - int argc, - const char **argv, - SRV_SHARE_INFO_CTR *ctr) +TALLOC_CTX *mem_ctx, +uint32 level, +int argc, +const char **argv, +struct srvsvc_NetShareInfoCtr *info_ctr) { WERROR result; - SRV_SHARE_INFO info; + NTSTATUS status; + union srvsvc_NetShareInfo info; /* no specific share requested, enumerate all */ if (argc == 0) { - ENUM_HND hnd; - uint32 preferred_len = 0x; + uint32_t preferred_len = 0x; + uint32_t total_entries = 0; + uint32_t resume_handle = 0; - init_enum_hnd(hnd, 0); + info_ctr-level = level; - return rpccli_srvsvc_net_share_enum(pipe_hnd, mem_ctx, level, ctr, -preferred_len, hnd); + status = rpccli_srvsvc_NetShareEnumAll(pipe_hnd, mem_ctx, + pipe_hnd-cli-desthost, + info_ctr, + preferred_len, + total_entries, + resume_handle, + result); + return result; } /* request just one share */ - result = rpccli_srvsvc_net_share_get_info(pipe_hnd, mem_ctx, argv[0], level, info); + status = rpccli_srvsvc_NetShareGetInfo(pipe_hnd, mem_ctx, + pipe_hnd-cli-desthost, + argv[0], + level, + info, + result); - if (!W_ERROR_IS_OK(result)) + if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(result)) { goto done; + } /* construct ctr */ - ZERO_STRUCTP(ctr); + ZERO_STRUCTP(info_ctr); - ctr-info_level = ctr-switch_value = level; - ctr-ptr_share_info = ctr-ptr_entries = 1; - ctr-num_entries = ctr-num_entries2 = 1; + info_ctr-level = level; switch (level) { case 1: { - char *s; - SRV_SHARE_INFO_1 *info1; - - ctr-share.info1 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_1, 1); - if (ctr-share.info1 == NULL) { - result = WERR_NOMEM; - goto done; - } - info1 = ctr-share.info1; - -
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-190-ge4b5213
The branch, v3-2-test has been updated via e4b52133d6109ae6cc0378285e2d46f7077812f1 (commit) via 348af272f7c0dc0cb316cc06780339dd13eafd0f (commit) via fd878d7923618904cd54b88aa31d59a7bca5a9f9 (commit) via 01c73aa9676137349590a9f0a6281b6efe8343a7 (commit) via 3bb9ec441ae9702007a5442c52bb9476f928810f (commit) from e13b9325d251777cd9030f34fa98e22766c0bcfe (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit e4b52133d6109ae6cc0378285e2d46f7077812f1 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 17:14:11 2008 +0100 Remove rpccli_srvsvc_net_file_enum() and cli_srvsvc.c with it. Guenther commit 348af272f7c0dc0cb316cc06780339dd13eafd0f Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 17:08:55 2008 +0100 Use rpccli_srvsvc_NetFileEnum in net and rpcclient. Guenther commit fd878d7923618904cd54b88aa31d59a7bca5a9f9 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 17:07:37 2008 +0100 Re-run make idl. Guenther commit 01c73aa9676137349590a9f0a6281b6efe8343a7 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 17:07:05 2008 +0100 Fix IDL for srvsvc_NetFileEnum. Guenther commit 3bb9ec441ae9702007a5442c52bb9476f928810f Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 16:50:27 2008 +0100 Remove unused marshalling for SRV_NET_SESS_DEL. Guenther --- Summary of changes: source/Makefile.in |2 +- source/include/rpc_srvsvc.h| 21 -- source/librpc/gen_ndr/cli_srvsvc.c |9 +-- source/librpc/gen_ndr/cli_srvsvc.h |3 +- source/librpc/gen_ndr/ndr_srvsvc.c | 119 ++-- source/librpc/gen_ndr/ndr_srvsvc.h |1 + source/librpc/gen_ndr/srv_srvsvc.c |3 +- source/librpc/gen_ndr/srvsvc.h | 11 ++- source/librpc/idl/srvsvc.idl |8 ++- source/rpc_client/cli_srvsvc.c | 112 - source/rpc_parse/parse_srv.c | 73 -- source/rpcclient/cmd_srvsvc.c | 30 ++--- source/utils/net_rpc.c | 46 -- 13 files changed, 127 insertions(+), 311 deletions(-) delete mode 100644 source/rpc_client/cli_srvsvc.c Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index 376d24c..4fa44aa 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -422,7 +422,7 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \ libsmb/smb_seal.o $(DOSERR_OBJ) libsmb/async_smb.o \ $(RPC_PARSE_OBJ1) $(LIBSAMBA_OBJ) $(LIBNMB_OBJ) -RPC_CLIENT_OBJ1 = rpc_client/cli_netlogon.o rpc_client/cli_srvsvc.o +RPC_CLIENT_OBJ1 = rpc_client/cli_netlogon.o LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \ $(RPC_CLIENT_OBJ1) rpc_client/cli_reg.o $(RPC_CLIENT_OBJ) \ diff --git a/source/include/rpc_srvsvc.h b/source/include/rpc_srvsvc.h index a8e145a..bc246f2 100644 --- a/source/include/rpc_srvsvc.h +++ b/source/include/rpc_srvsvc.h @@ -137,27 +137,6 @@ typedef struct { /***/ -/* SRV_Q_NET_SESS_DEL */ -typedef struct q_net_sess_del -{ - uint32 ptr_srv_name; /* pointer (to server name?) */ - UNISTR2 uni_srv_name;/* server name */ - - uint32 ptr_cli_name; /* pointer (to qualifier name) */ - UNISTR2 uni_cli_name;/* qualifier name \\qualifier */ - - uint32 ptr_user_name; /* pointer (to user name */ - UNISTR2 uni_user_name;/* user name */ - -} SRV_Q_NET_SESS_DEL; - -/* SRV_R_NET_SESS_DEL */ -typedef struct r_net_sess_del -{ - WERROR status; /* return status */ - -} SRV_R_NET_SESS_DEL; - /* CONN_INFO_0 (pointers to level 0 connection info strings) */ typedef struct ptr_conn_info0 { diff --git a/source/librpc/gen_ndr/cli_srvsvc.c b/source/librpc/gen_ndr/cli_srvsvc.c index 18bec1f..386b25c 100644 --- a/source/librpc/gen_ndr/cli_srvsvc.c +++ b/source/librpc/gen_ndr/cli_srvsvc.c @@ -491,8 +491,7 @@ NTSTATUS rpccli_srvsvc_NetFileEnum(struct rpc_pipe_client *cli, const char *server_unc, const char *path, const char *user, - uint32_t *level, - union srvsvc_NetFileCtr *ctr, + struct srvsvc_NetFileInfoCtr *info_ctr, uint32_t max_buffer, uint32_t *totalentries, uint32_t *resume_handle, @@ -505,8 +504,7 @@ NTSTATUS rpccli_srvsvc_NetFileEnum(struct rpc_pipe_client *cli, r.in.server_unc = server_unc;
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-196-gf12259d
The branch, v3-2-test has been updated via f12259d9c4c34b99f5b655cab4b210159cb0e188 (commit) via ab70e781b2d4cc7f8a7f6cf95825f8412d9be2ca (commit) via 10ab0681e60e3b91958639a2b0ad359440076c4a (commit) via 91aab823fc6ec4c38e3461aae57bec0c6a567150 (commit) via 869a17f1a9ba45d30211c230673c6f4482876b29 (commit) via 728723dea39b2e978bfc4162ef99e883f3647a4b (commit) from e4b52133d6109ae6cc0378285e2d46f7077812f1 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit f12259d9c4c34b99f5b655cab4b210159cb0e188 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Mar 10 17:16:01 2008 +0100 loadparm: fix init_globals() to re-init all options event when called 2nd time. Up to the globals had only been fully reset when init_globals() was called for the first time. But a full restart is needed for use with config backend = registry. (And should be with config file = ..., but in this case the restart is outsourced to the daemons.) This left some options (like e.g. realm) set to values that were set in smb.conf before the occurence of config backend = registry. Now this misbehaviour is fixed with this change. Michael commit ab70e781b2d4cc7f8a7f6cf95825f8412d9be2ca Author: Michael Adam [EMAIL PROTECTED] Date: Mon Mar 10 14:39:19 2008 +0100 loadparm: replace typedef struct {} global/service by struct global/struct service. Michael commit 10ab0681e60e3b91958639a2b0ad359440076c4a Author: Michael Adam [EMAIL PROTECTED] Date: Mon Mar 10 14:23:02 2008 +0100 loadparm: fix whitespaces in global and service parameter structs. Michael commit 91aab823fc6ec4c38e3461aae57bec0c6a567150 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Mar 10 14:10:58 2008 +0100 loadparm: fix spacing in parm_table (training spaces and empty lines). Michael commit 869a17f1a9ba45d30211c230673c6f4482876b29 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Mar 10 14:03:41 2008 +0100 loadparm: Reformat the parm table to use named initializers. This makes each entry in the parm table much more comprehensible at first glance (to me). On the other hand, roughly 9 lines are used instead of one for each entry which makes the overall list less clearly laid out, one might argue. But we have 400+ lines of parameter descriptions anyways... Michael commit 728723dea39b2e978bfc4162ef99e883f3647a4b Author: Michael Adam [EMAIL PROTECTED] Date: Mon Mar 10 12:32:56 2008 +0100 Reformat: Remove indentation of part of pam_smbpass/support.c by one tab. The first 120 lines of this source file were indented by one tab. Sorry, but I could not stand this.. Michael --- Summary of changes: source/pam_smbpass/support.c | 204 ++-- source/param/loadparm.c | 4124 -- 2 files changed, 3714 insertions(+), 614 deletions(-) Changeset truncated at 500 lines: diff --git a/source/pam_smbpass/support.c b/source/pam_smbpass/support.c index bc9481d..bb54ef6 100644 --- a/source/pam_smbpass/support.c +++ b/source/pam_smbpass/support.c @@ -1,125 +1,125 @@ - /* Unix NT password database implementation, version 0.6. -* -* This program is free software; you can redistribute it and/or modify it under -* the terms of the GNU General Public License as published by the Free -* Software Foundation; either version 3 of the License, or (at your option) -* any later version. -* -* This program is distributed in the hope that it will be useful, but WITHOUT -* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -* more details. -* -* You should have received a copy of the GNU General Public License along with -* this program; if not, see http://www.gnu.org/licenses/. -*/ +/* Unix NT password database implementation, version 0.6. + * + * This program is free software; you can redistribute it and/or modify it under + * the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, see http://www.gnu.org/licenses/. + */ - #include includes.h - #include general.h +#include includes.h
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-200-g627688c
The branch, v3-2-test has been updated via 627688c7bac4d3afcc846164c2fefebdbbc10d68 (commit) via 0bc389272f7ca3cfbd8f5eeeba116f68eadd4c9f (commit) via 03a3b8b0ed504d392b7503dfe988c22c4943ace6 (commit) via 3ef4d6b524d26f2c345321d5a8c9f7526e322ccd (commit) from f12259d9c4c34b99f5b655cab4b210159cb0e188 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 627688c7bac4d3afcc846164c2fefebdbbc10d68 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 18:34:50 2008 +0100 Add netconnenum to rpcclient. Guenther commit 0bc389272f7ca3cfbd8f5eeeba116f68eadd4c9f Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 17:35:34 2008 +0100 Re-run make idl. Guenther commit 03a3b8b0ed504d392b7503dfe988c22c4943ace6 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 17:35:07 2008 +0100 Fix IDL for srvsvc_NetConnEnum. Guenther commit 3ef4d6b524d26f2c345321d5a8c9f7526e322ccd Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Mar 10 17:30:22 2008 +0100 Add netdiskenum to rpcclient. Guenther --- Summary of changes: source/librpc/gen_ndr/cli_srvsvc.c |9 +-- source/librpc/gen_ndr/cli_srvsvc.h |3 +- source/librpc/gen_ndr/ndr_srvsvc.c | 119 ++-- source/librpc/gen_ndr/ndr_srvsvc.h |1 + source/librpc/gen_ndr/srv_srvsvc.c |3 +- source/librpc/gen_ndr/srvsvc.h | 11 ++- source/librpc/idl/srvsvc.idl |8 ++- source/rpcclient/cmd_srvsvc.c | 109 + 8 files changed, 187 insertions(+), 76 deletions(-) Changeset truncated at 500 lines: diff --git a/source/librpc/gen_ndr/cli_srvsvc.c b/source/librpc/gen_ndr/cli_srvsvc.c index 386b25c..0854fb8 100644 --- a/source/librpc/gen_ndr/cli_srvsvc.c +++ b/source/librpc/gen_ndr/cli_srvsvc.c @@ -429,8 +429,7 @@ NTSTATUS rpccli_srvsvc_NetConnEnum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *server_unc, const char *path, - uint32_t *level, - union srvsvc_NetConnCtr *ctr, + struct srvsvc_NetConnInfoCtr *info_ctr, uint32_t max_buffer, uint32_t *totalentries, uint32_t *resume_handle, @@ -442,8 +441,7 @@ NTSTATUS rpccli_srvsvc_NetConnEnum(struct rpc_pipe_client *cli, /* In parameters */ r.in.server_unc = server_unc; r.in.path = path; - r.in.level = level; - r.in.ctr = ctr; + r.in.info_ctr = info_ctr; r.in.max_buffer = max_buffer; r.in.resume_handle = resume_handle; @@ -471,8 +469,7 @@ NTSTATUS rpccli_srvsvc_NetConnEnum(struct rpc_pipe_client *cli, } /* Return variables */ - *level = *r.out.level; - *ctr = *r.out.ctr; + *info_ctr = *r.out.info_ctr; *totalentries = *r.out.totalentries; if (resume_handle r.out.resume_handle) { *resume_handle = *r.out.resume_handle; diff --git a/source/librpc/gen_ndr/cli_srvsvc.h b/source/librpc/gen_ndr/cli_srvsvc.h index 9b5da3b..d481858 100644 --- a/source/librpc/gen_ndr/cli_srvsvc.h +++ b/source/librpc/gen_ndr/cli_srvsvc.h @@ -64,8 +64,7 @@ NTSTATUS rpccli_srvsvc_NetConnEnum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *server_unc, const char *path, - uint32_t *level, - union srvsvc_NetConnCtr *ctr, + struct srvsvc_NetConnInfoCtr *info_ctr, uint32_t max_buffer, uint32_t *totalentries, uint32_t *resume_handle, diff --git a/source/librpc/gen_ndr/ndr_srvsvc.c b/source/librpc/gen_ndr/ndr_srvsvc.c index 5645e36..fbf84ab 100644 --- a/source/librpc/gen_ndr/ndr_srvsvc.c +++ b/source/librpc/gen_ndr/ndr_srvsvc.c @@ -1664,6 +1664,44 @@ _PUBLIC_ void ndr_print_srvsvc_NetConnCtr(struct ndr_print *ndr, const char *nam } } +static enum ndr_err_code ndr_push_srvsvc_NetConnInfoCtr(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetConnInfoCtr *r) +{ + if (ndr_flags NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r-level)); + NDR_CHECK(ndr_push_set_switch_value(ndr, r-ctr, r-level)); + NDR_CHECK(ndr_push_srvsvc_NetConnCtr(ndr, NDR_SCALARS, r-ctr)); + } + if (ndr_flags
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-205-gf94a63c
The branch, v3-2-test has been updated via f94a63cd8f94490780ad9331da229c0bcb2ca5d6 (commit) via 1307f0130c47b8d740d2b7afe7a5d8d1a655e2a2 (commit) via e66e502bee65fe44944d325ebeeaa3bf56169eb8 (commit) via 0a55e018dd68af06d84332d54148bbfb0b510b22 (commit) via 4ee21a98bc3d1c41a6d8868e98118c58372b2d1a (commit) from 627688c7bac4d3afcc846164c2fefebdbbc10d68 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Mar 10 21:08:29 2008 +0100 Use a separate tdb for mutexes Another preparation to convert secrets.c to dbwrap: The dbwrap API does not provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC mutex is needed per-node anyway, so it is perfectly fine to use a local mutex only. commit 1307f0130c47b8d740d2b7afe7a5d8d1a655e2a2 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Mar 10 15:48:04 2008 +0100 Convert secrets_lock_trust_account_password to talloc This is preparing the conversion of secrets.c to ctdb commit e66e502bee65fe44944d325ebeeaa3bf56169eb8 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Mar 10 13:27:27 2008 +0100 Add dbwrap_trans_store and dbwrap_trans_delete commit 0a55e018dd68af06d84332d54148bbfb0b510b22 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Mar 10 10:17:05 2008 +0100 Add transactions to the dbwrap API Only filled in for tdb so far, for rbt it's pointless, and ctdb itself needs to be extended commit 4ee21a98bc3d1c41a6d8868e98118c58372b2d1a Author: Volker Lendecke [EMAIL PROTECTED] Date: Sun Mar 9 11:15:10 2008 +0100 add dbwrap_change_int32_atomic --- Summary of changes: source/auth/auth_domain.c | 16 +++--- source/auth/auth_server.c | 16 +++--- source/include/dbwrap.h |3 + source/include/smb.h|1 + source/lib/dbwrap_ctdb.c| 10 source/lib/dbwrap_rbt.c | 11 source/lib/dbwrap_tdb.c | 24 + source/lib/dbwrap_util.c| 107 +++ source/lib/server_mutex.c | 57 ++-- source/libads/kerberos_verify.c | 15 ++--- source/passdb/secrets.c | 63 +-- source/smbd/process.c | 11 +++-- source/winbindd/winbindd_cm.c | 17 ++ 13 files changed, 257 insertions(+), 94 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/auth_domain.c b/source/auth/auth_domain.c index df51966..2647408 100644 --- a/source/auth/auth_domain.c +++ b/source/auth/auth_domain.c @@ -24,6 +24,7 @@ #define DBGC_CLASS DBGC_AUTH extern bool global_machine_password_needs_changing; +static struct named_mutex *mutex; /** * Connect to a remote server for (inter)domain security authenticaion. @@ -67,7 +68,8 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, * ACCESS_DENIED errors if 2 auths are done from the same machine. JRA. */ - if (!grab_server_mutex(dc_name)) { + mutex = grab_named_mutex(NULL, dc_name, 10); + if (mutex == NULL) { return NT_STATUS_NO_LOGON_SERVERS; } @@ -87,7 +89,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, *cli = NULL; } - release_server_mutex(); + TALLOC_FREE(mutex); return result; } @@ -118,7 +120,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, machine %s. Error was : %s.\n, dc_name, nt_errstr(result))); cli_shutdown(*cli); *cli = NULL; - release_server_mutex(); + TALLOC_FREE(mutex); return result; } @@ -137,7 +139,7 @@ machine %s. Error was : %s.\n, dc_name, nt_errstr(result))); domain)); cli_shutdown(*cli); *cli = NULL; - release_server_mutex(); + TALLOC_FREE(mutex); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -153,7 +155,7 @@ machine %s. Error was : %s.\n, dc_name, nt_errstr(result))); if (!NT_STATUS_IS_OK(result)) { cli_shutdown(*cli); *cli = NULL; - release_server_mutex(); + TALLOC_FREE(mutex); return result; } } @@ -163,7 +165,7 @@ machine %s. Error was : %s.\n, dc_name, nt_errstr(result))); machine %s. Error was : %s.\n, dc_name, cli_errstr(*cli))); cli_shutdown(*cli);
Build status as of Tue Mar 11 00:00:02 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-03-10 00:00:21.0 + +++ /home/build/master/cache/broken_results.txt 2008-03-11 00:00:41.0 + @@ -1,4 +1,4 @@ -Build status as of Mon Mar 10 00:00:01 2008 +Build status as of Tue Mar 11 00:00:02 2008 Build counts: Tree Total Broken Panic @@ -14,9 +14,9 @@ rsync29 13 0 samba-docs 0 0 0 samba-gtk3 3 0 -samba_3_2_test 28 13 0 +samba_3_2_test 28 14 0 samba_4_0_test 26 24 0 smb-build27 3 0 talloc 29 7 0 -tdb 28 14 0 +tdb 29 14 0
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha2-1250-gb4da374
The branch, v4-0-test has been updated via b4da374a998caac18c288a0a6e3fcd2c50cbffa7 (commit) via edb7af0685983543c321e3d8b90f6ae07af2e4e3 (commit) via 1b15f374a89b99f3c43d9c2ce06dde9c67383e66 (commit) from 0641a43cd6fd081cac0275f5bde2ad70fa6a71bb (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit b4da374a998caac18c288a0a6e3fcd2c50cbffa7 Author: Andrew Bartlett [EMAIL PROTECTED] Date: Tue Mar 11 14:41:10 2008 +1100 Fix provision script to work without smb.conf location specified. Andrew Bartlett commit edb7af0685983543c321e3d8b90f6ae07af2e4e3 Author: Andrew Bartlett [EMAIL PROTECTED] Date: Tue Mar 11 14:21:53 2008 +1100 Extend testsuite to cover specifying a domain SID. Andrew Bartlett commit 1b15f374a89b99f3c43d9c2ce06dde9c67383e66 Author: Andrew Bartlett [EMAIL PROTECTED] Date: Tue Mar 11 14:20:42 2008 +1100 Make error handling in ldb more consistant. This change ensures we give an immidiate error if the DN won't parse. Also clean up strcmp use to be more standard. Andrew Bartlett --- Summary of changes: source/lib/ldb/ldb.i |5 - source/scripting/python/samba/provision.py |5 +++-- source/setup/provision |3 ++- source/setup/tests/blackbox_provision.sh |2 +- 4 files changed, 10 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/ldb/ldb.i b/source/lib/ldb/ldb.i index 0d9679d..bd41e1e 100644 --- a/source/lib/ldb/ldb.i +++ b/source/lib/ldb/ldb.i @@ -258,6 +258,9 @@ int ldb_dn_from_pyobject(TALLOC_CTX *mem_ctx, PyObject *object, struct ldb_dn *odn; if (ldb_ctx != NULL PyString_Check(object)) { *dn = ldb_dn_new(mem_ctx, ldb_ctx, PyString_AsString(object)); + if (!*dn) { + return SWIG_ERROR; + } return 0; } ret = SWIG_ConvertPtr(object, (void **)odn, SWIGTYPE_p_ldb_dn, @@ -566,7 +569,7 @@ PyObject *PyExc_LdbError; $1-elements = talloc_zero_array($1, struct ldb_message_element, PyDict_Size($input)); msg_pos = dict_pos = 0; while (PyDict_Next($input, dict_pos, key, value)) { -if (!strcmp(PyString_AsString(key), dn)) { +if (strcmp(PyString_AsString(key), dn) == 0) { /* using argp0 (magic SWIG value) here is a hack */ if (ldb_dn_from_pyobject($1, value, argp1, $1-dn) != 0) { SWIG_exception(SWIG_TypeError, unable to import dn object); diff --git a/source/scripting/python/samba/provision.py b/source/scripting/python/samba/provision.py index ebca1f8..24870c2 100644 --- a/source/scripting/python/samba/provision.py +++ b/source/scripting/python/samba/provision.py @@ -51,7 +51,6 @@ class InvalidNetbiosName(Exception): class ProvisionPaths: def __init__(self): -self.smbconf = None self.shareconf = None self.hklm = None self.hkcu = None @@ -217,7 +216,6 @@ def provision_paths_from_lp(lp, dnsdomain): paths.dns = os.path.join(paths.private_dir, dnsdomain + .zone) paths.winsdb = os.path.join(paths.private_dir, wins.ldb) paths.s4_ldapi_path = os.path.join(paths.private_dir, ldapi) -paths.smbconf = os.path.join(paths.private_dir, smb.conf) paths.phpldapadminconfig = os.path.join(paths.private_dir, phpldapadmin-config.php) paths.hklm = hklm.ldb @@ -759,6 +757,9 @@ def provision(setup_dir, message, session_info, if domainsid is None: domainsid = security.random_sid() +else: +domainsid = security.Sid(domainsid) + if policyguid is None: policyguid = uuid.random() if adminpass is None: diff --git a/source/setup/provision b/source/setup/provision index 629bfa1..b0363d8 100755 --- a/source/setup/provision +++ b/source/setup/provision @@ -27,6 +27,7 @@ import optparse import os, sys import samba +import param from auth import system_session import samba.getopt as options @@ -110,7 +111,7 @@ if opts.realm is None or opts.domain is None: parser.print_usage() sys.exit(1) -smbconf = sambaopts.get_loadparm_path() +smbconf = sambaopts.get_loadparm().configfile() if opts.aci is not None: print set ACI: %s % opts.aci diff --git a/source/setup/tests/blackbox_provision.sh b/source/setup/tests/blackbox_provision.sh index 83c045e..75d4fcf 100755 --- a/source/setup/tests/blackbox_provision.sh +++ b/source/setup/tests/blackbox_provision.sh @@ -28,7 +28,7 @@ testit() { } testit simple-default $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-default -testit simple-dc $PYTHON ./setup/provision $CONFIGURATION --server-role=dc --domain=FOO