RE: [Samba] PDC migration: printing trouble.
I had this problem also. I was using the Point en Print Setup for upload the printer drivers. i also tried deleting the registry keys in windows, but my solution was. i reuploaded ( overwrited ) my printer drivers, set de settings per printer again, and my problem was solved. No slow printer properties screens, or slow selecting the printer. Louis -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Remy Zandwijk Verzonden: vrijdag 4 april 2008 20:43 Aan: John Drescher CC: samba@lists.samba.org Onderwerp: Re: [Samba] PDC migration: printing trouble. John Drescher wrote: we've been moving an old Samba 2.2.x PDC install to a Samba 3.0.28 PDC install. We copied the ntdrivers.tdb and ntprinters.tdb from to old to the new server. After the migration, everything was just fine, except printing seemed to be somewhat slower. As more and more user logged on, the machine got really sluggish and printing took quite long. We figured out we've got bitten by: Is there a lot of network activity and a long delay between clicking the print button on windows? Hi John. Yes, there is. -Remy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: How to create a write-only share?
On Fri, Apr 4, 2008 at 6:55 PM, Ash Gosh [EMAIL PROTECTED] wrote: Hi! I need to create a share that will be readoble by root only (by owner) and writeable for all. We replacing a dead Windows NT 4.0 server and there was a permission type called Add and our users uses this type of permission often. They creates a shares where other users can add files but can not read or even list it. I saw a thread here called How to make Add permission for folder in system withntacl support?http://archives.free.net.ph/message/20071031.173732.50cc2cef.en.html but there was no solution published. I beleive that there is a solution, I hope so. Hello, It's me again, sorry for bothering. Does this problem has a solution? I need to replace a dead Win NT 4 server qickly so please let's start a discussion. Maby I'll need to select an filesystem other than ext3 or even the server OS, to Solaris with ZFS for example? Please help Thanks in advance, Ash. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How to create a write-only share?
Ash Gosh wrote: On Fri, Apr 4, 2008 at 6:55 PM, Ash Gosh [EMAIL PROTECTED] wrote: Hi! I need to create a share that will be readoble by root only (by owner) and writeable for all. We replacing a dead Windows NT 4.0 server and there was a permission type called Add and our users uses this type of permission often. They creates a shares where other users can add files but can not read or even list it. I saw a thread here called How to make Add permission for folder in system withntacl support?http://archives.free.net.ph/message/20071031.173732.50cc2cef.en.html but there was no solution published. I beleive that there is a solution, I hope so. Hello, It's me again, sorry for bothering. Does this problem has a solution? I need to replace a dead Win NT 4 server qickly so please let's start a discussion. Maby I'll need to select an filesystem other than ext3 or even the server OS, to Solaris with ZFS for example? Please help Thanks in advance, Ash. I think I did this once a couple of years ago using NT style policy and the firewall policy object. IIRC, I did it all at the file system level; each computers' SYSTEM service was allowed to write to a text file that it couldn't read. The files was owned as root:someGroup with 720 perms. This file was in a directory called 'logs' owned root:someGroup with 710 perms. The directory that 'logs' was contained within was owned by root:someGroup with 710 perms and was exported as a hidden share (I think I used the '$' hidden share trick), which 'someGroup' was allowed to write to. That's off the top of my head, and it may not be correct, but if you can mock it up with VMWare and a liveCD, that will at least get the ball rolling, I hope. I'm fairly sure it worked as advertised, but it never made it to production, so I didn't document it or anything. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL strange behaviour
El Fri, 04 Apr 2008 21:04:21 +0200 Carlos Lorenzo Matés [EMAIL PROTECTED] ha escrit: Hi Toni. El Viernes, 4 de Abril de 2008, toni escribió: hi john, El Fri, 04 Apr 2008 09:12:38 -0400 John Drescher [EMAIL PROTECTED] ha escrit: On Fri, Apr 4, 2008 at 7:39 AM, toni [EMAIL PROTECTED] wrote: hi, i'm experiencing a strange behaviour when setting ACL from Windows XP clients (server is BDC with LDAP) after migrating service from SLES 9.3 to SLES 10.1: i can't set ACL to a folder to give access to individual users without allowing the group of the creator. step by step, i tried to remove group permissions (which worked fine) but, when i add permissions to other users, group permissions become effective for the group in the directory (but no in its subfolders) the correct behaviour is that i can allow access to several users without access for the group, and this was working after the migration. it could be a different ACL behaviour between SLES 9 (Samba 3.0.20b-3.17-1297-SUSE) and SLES 10 (Samba 3.0.28-0.2-1625-SUSE-CODE10)? We had the same problems, finally we have downgrade our samba to 3.0.24 wich is SLES 10 + SP1 base version. verified, it works with 3.0.24! (SLES 10 + SP1, with codename: Samba 3.0.24-2.36-1616-SUSE-CODE10) do you know if this issue were reported to samba, i cannot find any ACL related bug in samba's bugtracker. if not i will fill a bug report. thanks for all, toni I had tested with 3.0.25 and 3.0.28 and had problems, also with domain trust with an NT domain Greetings -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
Le Wed, Apr 02, 2008 at 06:36:43PM +0200, Hector Blanco a ecrit: The thing is that the machine is properly created, but the Samba parts doesn't appear. Is like if smbldap-adduser worked only partially :S smbldap-useradd should not add any samba attributes. Samba itself will do the job when joigning the domain with a priviledge account. For that, you can have a look at http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/#htoc67 -- Jérôme Tournier GPG key ID (pgp.mit.edu): 75FE0A51 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How to create a write-only share?
Ash Gosh wrote: I need to create a share that will be readoble by root only (by owner) and writeable for all. Real easy. We did it to create a quarantine share for Windows AV agents to move viruses to. The share is world-writable - but not readable by anyone You simply create a share and set the following smb.conf settings [sharename] path = /dir read only = No create mask = 0333 directory mask = 0333 guest ok = Yes Then if the actual directory is 1777, then anyone can write to it. Of course you can always fiddle with those perms to suit... -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How to create a write-only share?
On Mon, Apr 7, 2008 at 11:21 AM, Scott Lovenberg [EMAIL PROTECTED] wrote: I think I did this once a couple of years ago using NT style policy and the firewall policy object. IIRC, I did it all at the file system level; each computers' SYSTEM service was allowed to write to a text file that it couldn't read. The files was owned as root:someGroup with 720 perms. This file was in a directory called 'logs' owned root:someGroup with 710 perms. The directory that 'logs' was contained within was owned by root:someGroup with 710 perms and was exported as a hidden share (I think I used the '$' hidden share trick), which 'someGroup' was allowed to write to. That's off the top of my head, and it may not be correct, but if you can mock it up with VMWare and a liveCD, that will at least get the ball rolling, I hope. I'm fairly sure it worked as advertised, but it never made it to production, so I didn't document it or anything. Hello again, I did not understood corrctly: did you made all with fs permissions, what about and what is NT style policy and the firewall policy object? Does this helps me to allow anyone to copy / paste a file into the shares where they have no access? Thanks, Ash. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: How to create a write-only share?
Thanks for the answer but in this case anyone can look into the folder and see the file list. Sometimes even a filenames could be the secret. So this is not helps us. Set hide unreadable = yes on the share. Alex -- Alex Harrington - Network Manager, Longhill High School t: 01273 304086 | e: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How to create a write-only share?
Ash Gosh wrote: On Mon, Apr 7, 2008 at 11:21 AM, Scott Lovenberg [EMAIL PROTECTED] wrote: I think I did this once a couple of years ago using NT style policy and the firewall policy object. IIRC, I did it all at the file system level; each computers' SYSTEM service was allowed to write to a text file that it couldn't read. The files was owned as root:someGroup with 720 perms. This file was in a directory called 'logs' owned root:someGroup with 710 perms. The directory that 'logs' was contained within was owned by root:someGroup with 710 perms and was exported as a hidden share (I think I used the '$' hidden share trick), which 'someGroup' was allowed to write to. That's off the top of my head, and it may not be correct, but if you can mock it up with VMWare and a liveCD, that will at least get the ball rolling, I hope. I'm fairly sure it worked as advertised, but it never made it to production, so I didn't document it or anything. Hello again, I did not understood corrctly: did you made all with fs permissions, what about and what is NT style policy and the firewall policy object? Does this helps me to allow anyone to copy / paste a file into the shares where they have no access? Thanks, Ash. Yeah, disregard the part about NT policy, it was background info that I thought might help you to understand what I was trying to accomplish; it's not important to the topic at hand. Let me change the permissions a bit so as to be more accurate (the second folder was not needed, I think I might have had something else in mind): directory| owner | group | perms topFolder root someGroup7730 That should work, and it'll make every file owned by root, who will be the only one who can delete it. Just make sure no one figures out how to put a shell script in this folder and execute it! ;) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] how to know if kernel supports oplocks
Hi, I've read that i should put kernel support = no in smb.conf if my kernel doesn't support oplocks. But i can't find how to know if my kernel support it. I'm running a fedora core 4. If i compile the kernel manually, which option should i enable ?(i can't find a oplocks option) Eric -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How to create a write-only share?
On Mon, Apr 7, 2008 at 12:29 PM, Jason Haar [EMAIL PROTECTED] wrote: Real easy. We did it to create a quarantine share for Windows AV agents to move viruses to. The share is world-writable - but not readable by anyone You simply create a share and set the following smb.conf settings [sharename] path = /dir read only = No create mask = 0333 directory mask = 0333 guest ok = Yes Then if the actual directory is 1777, then anyone can write to it. Of course you can always fiddle with those perms to suit... Hello Jason, Thanks for the answer but in this case anyone can look into the folder and see the file list. Sometimes even a filenames could be the secret. So this is not helps us. Thanks, Ash. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba3.0.22 - net setlocalsid with no effect
Hi Doug, *, I was calling sernet support.. ;o)) Doug VanLeuven schrieb: [..] I used a VM machine, FC5, samba-3.0.23c-1.fc5 because it's the scratch machine I have. Here's what I did to reset the SID of the new PDC (hoping that's what you want to do) #On the PDC, smbd, nmbd, winbind stopped. I've no winbindd running.. [EMAIL PROTECTED] ~]# testparm -sv 21|less .. Server role: ROLE_DOMAIN_PDC .. [EMAIL PROTECTED] ~]# service smb start Starting SMB services: [ OK ] Starting NMB services: [ OK ] # List current unwanted SID [EMAIL PROTECTED] ~]# net getlocalsid SID for domain VMPDC is: S-1-5-21-893123068-2258791905-4052818733 ^^ .. doesn't hit the nail. machine would say the correct thing.. [EMAIL PROTECTED] samba]# net rpc info Password: Domain Name: VMWKGP ^^ This one is the domain.. Domain SID: S-1-5-21-893123068-2258791905-4052818733 Sequence number: 1207290693 Num users: 1 Num domain groups: 0 Num local groups: 0 #Change PDC SID to something else [EMAIL PROTECTED] samba]# net setlocalsid S-1-5-21-9-2258791905-4052818733 did work .. [EMAIL PROTECTED] samba]# net setdomainsid S-1-5-21-9-2258791905-4052818733 didn't work - command not recogized .. I succeeded manipulating the domain SID with following steps: On my ubuntu dapper box: #stop sambaservice: /etc/inid.d/samba stop /etc/init.d/samba stop * Stopping Samba daemons... [ OK ] mv /var/lib/samba/secrets.tdb /var/lib/samba/secrets.tdb.bak net setlocalsid SID_WANTED #new secrets.tdb is created net getdomainsid SID for domain PDC_MACHINE is: SID_WANTED SID for domain DOMAIN is: SID_WANTED Heureka!! And even better: moving secrets.tdb.bak to secrets.tdb showed the old values. Thus I can do some testing before really changing things. :o)) Ah not to forget: /etc/init.d/samba start * Starting Samba daemons [ OK ] [..] First step is done - now I have to go there at late hour, change things and do tests. Thanks for your help - I'll report more :o)) -- Friedrich beste Grüße/best regards von der/from the Sonnenalb - Germany -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain Member Server /home/user creation - help needed
For almost 10 years our school has been using samba as a PDC to provide a network drive for each of our students,. Now I need to install a domain member server (DMS) to share the load. I am running samba 3.0.28 on Fedora 7 using the tdbsam backend on the PDC. I have successfully brought up a samba DMS using winbind and the idmap_rid backend. I want to have all new students use the DMS for their roaming profiles and for their network drive. Upon first logon of a new user, a directory is automatically created for the user in the profile share on the DMS. However, I dont know how to cause the home directory to be created on the DMS for the network drive. On XP Pro, the user home share shows up on the DMS, but is not accessible because the directory does not exist. If at this point, I copy the roaming profile directory for the user (which is empty) to the home directory, then the home directory is now present with the proper ownership and the home drive is now usable by the user. e.g. on the DMS, with userid mark cp a /var/samba/profiles/mark /home The [homes] share on the DMS is [homes] Path = /home/%U comment = Home Directories browseable = no writable = yes available = yes public = no So my question is how can I get the home directory for a user created with the proper ownership the first time the user signs in? Is there any kind of script that can be invoked on the DMS? Is there any way winbind can create the home directory when it creates the UID/GID for the user? Mark Orenstein East Granby, CT School System -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Member Server /home/user creation - help needed
On Mon, 2008-04-07 at 11:00 -0400, [EMAIL PROTECTED] wrote: For almost 10 years our school has been using samba as a PDC to provide a network drive for each of our students,. Now I need to install a domain member server (DMS) to share the load. I am running samba 3.0.28 on Fedora 7 using the tdbsam backend on the PDC. I have successfully brought up a samba DMS using winbind and the idmap_rid backend. I want to have all new students use the DMS for their roaming profiles and for their network drive. Upon first logon of a new user, a directory is automatically created for the user in the profile share on the DMS. However, I don’t know how to cause the home directory to be created on the DMS for the network drive. On XP Pro, the user home share shows up on the DMS, but is not accessible because the directory does not exist. If at this point, I copy the roaming profile directory for the user (which is empty) to the home directory, then the home directory is now present with the proper ownership and the home drive is now usable by the user. e.g. on the DMS, with userid “mark” cp –a /var/samba/profiles/mark /home The [homes] share on the DMS is [homes] Path = /home/%U comment = Home Directories browseable = no writable = yes available = yes public = no So my question is how can I get the home directory for a user created with the proper ownership the first time the user signs in? Is there any kind of script that can be invoked on the DMS? Is there any way winbind can create the home directory when it creates the UID/GID for the user? use pam_mkhomedir for that purpose: ftp://ftp.eu.kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-pam_mkhomedir.html -- Udo Rader bestsolution.at EDV Systemhaus GmbH http://www.bestsolution.at signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain Member Server /home/user creation - help needed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: For almost 10 years our school has been using samba as a PDC to provide a network drive for each of our students,. Now I need to install a domain member server (DMS) to share the load. I am running samba 3.0.28 on Fedora 7 using the tdbsam backend on the PDC. I have successfully brought up a samba DMS using winbind and the idmap_rid backend. I want to have all new students use the DMS for their roaming profiles and for their network drive. Upon first logon of a new user, a directory is automatically created for the user in the profile share on the DMS. However, I don?t know how to cause the home directory to be created on the DMS for the network drive. On XP Pro, the user home share shows up on the DMS, but is not accessible because the directory does not exist. If at this point, I copy the roaming profile directory for the user (which is empty) to the home directory, then the home directory is now present with the proper ownership and the home drive is now usable by the user. e.g. on the DMS, with userid ?mark? cp ?a /var/samba/profiles/mark /home The [homes] share on the DMS is [homes] Path = /home/%U comment = Home Directories browseable = no writable = yes available = yes public = no So my question is how can I get the home directory for a user created with the proper ownership the first time the user signs in? Is there any kind of script that can be invoked on the DMS? Is there any way winbind can create the home directory when it creates the UID/GID for the user? Yes, read the docs on this one -- I've seen it in there. What you may be missing is that generally whatever calls adduser/useradd/whatever your system calls it can be told what to use as a skel directory (a standard one is /etc/skel, but you can have more than one and use a flag to point it to the right one). HTH. - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH+k1Imb+gadEcsb4RAjUlAKCgvduEr1jp6FiF6pB4AyTy83NkKgCgiDaL kKz1v0p2gO3eF1CIKK2hkjk= =pcSp -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.24 handling LDAP responses incorrectly
Volker Lendecke wrote: On Fri, Apr 04, 2008 at 04:47:56PM -0400, John Drescher wrote: I think the bug/problem is that this message is being displayed instead of Password could not be changed for user tester: Constraint violation and does not pass required number of strength checks (1 of 3). Current 3.2 has the attached code. Might help for you. Volker Adding: #if defined(LDAP_CONSTRAINT_VIOLATION) if (rc == LDAP_CONSTRAINT_VIOLATION) return NT_STATUS_PASSWORD_RESTRICTION; #endif ...to pdb_ldap.c didn't seem to change the behavior at all. I suspect it's because LDAP_CONSTRAINT_VIOLATION isn't defined anywhere in my 3.0.24 source, though I could certainly be wrong. I'm grabbing the latest source from git to see where that's defined, but if anybody wants to head me off at the pass with the information, it's certainly welcome. Thanks, Ryan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Questions about Active Directory Password Cache overlay
Thanks to Buchan Milne, I'm looking into the Active Directory Password Cache overlay for OpenLDAP, which seems to offer more or less what I'm trying to do. Is anyone here experienced with it? Is this the right place to ask or is there an openLDAP overlays list? I understand this description of ADPC: Active Directory Password Cache === Active Directory does not provide any means to read user credentials on any public API. It is possible, to install additional libraries as password sniffer to catch and forward cleartext passwords on changes. In case you cannot or simply dont want to install such libraries, the Active Directory Password Cache overlay is your option. The Active Directory Password Cache overlay allows to mirror user account credentials without any modification on the AD server. It only takes one occasional simple bind authentication against the OpenLDAP server. If the credential has not been mirrored yet, the overlay uses the krbPrincipalName and the password provided by the user to perform a Kerberos init against the Active Directory. A successful Kerberos init guarantees a correct password for this principal, and therefor the bind finally succeeds. Within this overlay operation, the password gets encrypted with the default OpenLDAP hash alorithm and stored as userPassword attribute. There is an option to update the sambaNTPassword also (using code borrowed from Howard Chu's smbk5pwd overlay). All following simple bind authentications will first try these cached credentials, making the OpenLDAP server independent from AD. In case the user changes its password on the Active Directory server, the old password stays valid in OpenLDAP until the user first presents the new password for an simple bind. Within this bind operation, the overlay performs another Kerberos init and updates the cached credentials in OpenLDAP. It is clear to me that after a password change, that a failure to authenticate initiates a new auth attempt against the KDC, and if it succeeds, ADPC caches the passwd as a hash in OpenLDAP. But if Samba fails to authenticate against the hash stored in sambaNTPassword, is a new authentication attempt made against the KDC? And if it does, where does it get the passwd to hash (since Samba never gets the passwd in NTLM authentication)? Practically speaking, it seems that the password that the overlay hashes has to come from a source other than Samba. A web app? How have people used it in the past? W. -- Wes Modes Server Administrator Programmer Analyst McHenry Library Computing Network Services Information and Technology Services 459-5208 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.24 handling LDAP responses incorrectly
On Mon, Apr 07, 2008 at 02:03:32PM -0400, Ryan Steele wrote: #if defined(LDAP_CONSTRAINT_VIOLATION) if (rc == LDAP_CONSTRAINT_VIOLATION) return NT_STATUS_PASSWORD_RESTRICTION; #endif ...to pdb_ldap.c didn't seem to change the behavior at all. I suspect it's because LDAP_CONSTRAINT_VIOLATION isn't defined anywhere in my 3.0.24 source, though I could certainly be wrong. I'm grabbing the latest source from git to see where that's defined, but if anybody wants to head me off at the pass with the information, it's certainly welcome. If your LDAP libs don't have that define, you might try to use the value from OpenLDAP: #define LDAP_CONSTRAINT_VIOLATION 0x13 Volker pgpNsUosNVbTR.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
I finally solved it with the LAM tool that John Drescher said (http://lam.sourceforge.net/) but I don't feel very comfortable with that... I'd like to know why that tool works and the others don't :S Over all why the command line tools didn't do what I was expecting... I also tried to do what said in Jerome's link but it didn't work :( I'll keep trying, anyway... the tutorial http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/ seems really good) With the Lam tool I created the host account for the enano machine, and that was enough... 2008/4/7, Jerome Tournier [EMAIL PROTECTED]: Le Wed, Apr 02, 2008 at 06:36:43PM +0200, Hector Blanco a ecrit: The thing is that the machine is properly created, but the Samba parts doesn't appear. Is like if smbldap-adduser worked only partially :S smbldap-useradd should not add any samba attributes. Samba itself will do the job when joigning the domain with a priviledge account. For that, you can have a look at http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/#htoc67 -- Jérôme Tournier GPG key ID (pgp.mit.edu): 75FE0A51 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.24 handling LDAP responses incorrectly
Volker Lendecke wrote: On Mon, Apr 07, 2008 at 02:03:32PM -0400, Ryan Steele wrote: #if defined(LDAP_CONSTRAINT_VIOLATION) if (rc == LDAP_CONSTRAINT_VIOLATION) return NT_STATUS_PASSWORD_RESTRICTION; #endif ...to pdb_ldap.c didn't seem to change the behavior at all. I suspect it's because LDAP_CONSTRAINT_VIOLATION isn't defined anywhere in my 3.0.24 source, though I could certainly be wrong. I'm grabbing the latest source from git to see where that's defined, but if anybody wants to head me off at the pass with the information, it's certainly welcome. If your LDAP libs don't have that define, you might try to use the value from OpenLDAP: #define LDAP_CONSTRAINT_VIOLATION 0x13 Volker It's not defined in my Samba source, but I guess that was the wrong place to look. On my system, /usr/include/ldap.h does in fact have that defined. However, Samba still returns NT_STATUS_UNSUCCESSFUL, and Windows still reports that the password couldn't be changed because the domain was unavailable... have I zigged where I should've zagged, or is Samba not setting rc properly when it gets the response from LDAP? Thanks, Ryan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.24 handling LDAP responses incorrectly
On Mon, Apr 07, 2008 at 03:19:00PM -0400, Ryan Steele wrote: It's not defined in my Samba source, but I guess that was the wrong place to look. On my system, /usr/include/ldap.h does in fact have that defined. However, Samba still returns NT_STATUS_UNSUCCESSFUL, and Windows still reports that the password couldn't be changed because the domain was unavailable... have I zigged where I should've zagged, or is Samba not setting rc properly when it gets the response from LDAP? Please check that your LDAP server indeed does return 0x13 over the 389 connection. You might also add a DEBUG statement right above the #if defined(LDAP_CONSTRAINT_VIOLATION) to check what smbd sees. That's at least what I would do. Volker pgpjjJRceeDKq.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL strange behaviour
El Lunes, 7 de Abril de 2008, toni escribió: El Fri, 04 Apr 2008 21:04:21 +0200 Carlos Lorenzo Matés [EMAIL PROTECTED] ha escrit: Hi Toni. El Viernes, 4 de Abril de 2008, toni escribió: hi john, El Fri, 04 Apr 2008 09:12:38 -0400 John Drescher [EMAIL PROTECTED] ha escrit: On Fri, Apr 4, 2008 at 7:39 AM, toni [EMAIL PROTECTED] wrote: hi, i'm experiencing a strange behaviour when setting ACL from Windows XP clients (server is BDC with LDAP) after migrating service from SLES 9.3 to SLES 10.1: i can't set ACL to a folder to give access to individual users without allowing the group of the creator. step by step, i tried to remove group permissions (which worked fine) but, when i add permissions to other users, group permissions become effective for the group in the directory (but no in its subfolders) the correct behaviour is that i can allow access to several users without access for the group, and this was working after the migration. it could be a different ACL behaviour between SLES 9 (Samba 3.0.20b-3.17-1297-SUSE) and SLES 10 (Samba 3.0.28-0.2-1625-SUSE-CODE10)? We had the same problems, finally we have downgrade our samba to 3.0.24 wich is SLES 10 + SP1 base version. verified, it works with 3.0.24! (SLES 10 + SP1, with codename: Samba 3.0.24-2.36-1616-SUSE-CODE10) do you know if this issue were reported to samba, i cannot find any ACL related bug in samba's bugtracker. if not i will fill a bug report. No, but i opened some bug reports with novell (i had a premium service for support), and they have not been able to solve this, i think that novell is involved in the samba development, but i dont' know if they had reported this problem to the samba devs. if you open the bug, please put the link here and i will add the information i sent to novell regarding this bug. also i think you sould report this to novell if you have a SLES Thanks -- Un saludo. Carlos Lorenzo Matés. clmates AT mundo-r.com signature.asc Description: This is a digitally signed message part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ZFS shadow copy patches
On Fri, 4 Apr 2008, Ed Plese wrote: Despite having only few minor changes to make to the patches, various circumstances delayed the process and I never got back to it to get it finished up and resubmitted for inclusion. I finished this up tonight and sent it off to the developer that had previously reviewed the patches. Cool, thanks much. There's a new shadow_copy2 module in Samba 3.2 that has much of the functionality of the enhancements I'd been working on for the existing shadow copy module. I didn't see any mention of that in the release notes, perhaps it hasn't been added to the documentation yet. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | [EMAIL PROTECTED] California State Polytechnic University | Pomona CA 91768 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Redhat 3 upgrade
I am currently running Red Hat v 3 samba rpm's. samba-common-3.0.9-1.3E.14.3 samba-3.0.9-1.3E.14.3 samba-client-3.0.9-1.3E.14.3 I would like to run the current release version to see if I can clean up some of the problems I am having. File locking and not releasing are the most troubling. I am looking for advice for executing this upgrade without breaking too much, such as, configuration files being in different place from the as distributed vs the Red Hat distributed versions. This is a PDC with an LDAP back end and mostly just works. Any advise would be helpful Alan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to know if kernel supports oplocks
Eric PEYREMORTE wrote: Hi, I've read that i should put kernel support = no in smb.conf if my kernel doesn't support oplocks. I don't know where you read that, but: 1. There is no kernel support option 2. Assuming you mean kernel oplocks, the man page specifically says You should never need to touch this parameter. But i can't find how to know if my kernel support it. According to the man page, IRIX and linux 2.4 (and presumably greater) support it. I'm running a fedora core 4. If i compile the kernel manually, which option should i enable ?(i can't find a oplocks option) It sounds like it relies on a generic change notification system rather than something that is specificly designed for oplocks, probably Inotify or maybe just dnotify. From the kernel's menuconfig help on inotify: If unsure, say Y. If you are compiling your own kernel you should only remove things that you *know* you wont need. Stick with the recommended or existing settings everywhere else and you don't have anything to worry about. Eric *Michael Heydon - IT Administrator * [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Redhat 3 upgrade
Alan Bunch wrote: I am currently running Red Hat v 3 samba rpm's. samba-common-3.0.9-1.3E.14.3 samba-3.0.9-1.3E.14.3 samba-client-3.0.9-1.3E.14.3 I would like to run the current release version to see if I can clean up some of the problems I am having. File locking and not releasing are the most troubling. I am looking for advice for executing this upgrade without breaking too much, such as, configuration files being in different place from the as distributed vs the Red Hat distributed versions. This is a PDC with an LDAP back end and mostly just works. Any advise would be helpful Alan Do you have either an extra box or the resources to clone your current machine to a VM? I've found this ability worth its weight in gold since you never know what's going to break until you put all the parts together. RHEL 3 to current Samba is quite a step... even if you went RHEL 3 to RHEL 5, you're jumping forward about 3 years. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-665-gd3c31aa
The branch, v3-2-test has been updated via d3c31aa36c451f0a19496cd33c0b055b466e6b09 (commit) via 494b32197f0872b115f0cd1a35421d00a89360a6 (commit) from 31375c02631cb3f37a8bbd4ea17d3ef69c4d07bf (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit d3c31aa36c451f0a19496cd33c0b055b466e6b09 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Apr 7 10:19:25 2008 +0200 Fix bug 5375 Thanks to Moskvin for testing commit 494b32197f0872b115f0cd1a35421d00a89360a6 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Apr 7 10:18:36 2008 +0200 Fix a misleading debug message --- Summary of changes: source/lib/util_str.c |7 --- source/libsmb/cliconnect.c |5 +++-- 2 files changed, 7 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/util_str.c b/source/lib/util_str.c index cb8a100..6310e24 100644 --- a/source/lib/util_str.c +++ b/source/lib/util_str.c @@ -1972,25 +1972,26 @@ int str_list_count( const char **list ) } /** - version of standard_sub_basic() for string lists; uses alloc_sub_basic() + version of standard_sub_basic() for string lists; uses talloc_sub_basic() for the work */ bool str_list_sub_basic( char **list, const char *smb_name, const char *domain_name ) { + TALLOC_CTX *ctx = list; char *s, *tmpstr; while ( *list ) { s = *list; - tmpstr = alloc_sub_basic(smb_name, domain_name, s); + tmpstr = talloc_sub_basic(ctx, smb_name, domain_name, s); if ( !tmpstr ) { DEBUG(0,(str_list_sub_basic: alloc_sub_basic() return NULL!\n)); return false; } - SAFE_FREE(*list); + TALLOC_FREE(*list); *list = tmpstr; list++; diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c index 4573f39..b76814e 100644 --- a/source/libsmb/cliconnect.c +++ b/source/libsmb/cliconnect.c @@ -1093,8 +1093,9 @@ bool cli_send_tconX(struct cli_state *cli, if ((cli-sec_mode NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) *pass passlen != 24) { if (!lp_client_lanman_auth()) { - DEBUG(1, (Server requested LANMAN password (share-level security) but 'client use lanman auth' - is disabled\n)); + DEBUG(1, (Server requested LANMAN password + (share-level security) but + 'client lanman auth' is disabled\n)); return False; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0pre2-436-gb493a13
The branch, v3-2-stable has been updated via b493a13c16b7f1c3211f3bb277759683c3f9363d (commit) via bb8142cfe45c87393d4af65afad4c204d1a4adfd (commit) from a548e730771b1a9c1b320e2a1739c05dbafc54a2 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit b493a13c16b7f1c3211f3bb277759683c3f9363d Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Apr 7 10:19:25 2008 +0200 Fix bug 5375 Thanks to Moskvin for testing (cherry picked from commit d3c31aa36c451f0a19496cd33c0b055b466e6b09) commit bb8142cfe45c87393d4af65afad4c204d1a4adfd Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Apr 7 10:18:36 2008 +0200 Fix a misleading debug message (cherry picked from commit 494b32197f0872b115f0cd1a35421d00a89360a6) --- Summary of changes: source/lib/util_str.c |7 --- source/libsmb/cliconnect.c |5 +++-- 2 files changed, 7 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/util_str.c b/source/lib/util_str.c index cb8a100..6310e24 100644 --- a/source/lib/util_str.c +++ b/source/lib/util_str.c @@ -1972,25 +1972,26 @@ int str_list_count( const char **list ) } /** - version of standard_sub_basic() for string lists; uses alloc_sub_basic() + version of standard_sub_basic() for string lists; uses talloc_sub_basic() for the work */ bool str_list_sub_basic( char **list, const char *smb_name, const char *domain_name ) { + TALLOC_CTX *ctx = list; char *s, *tmpstr; while ( *list ) { s = *list; - tmpstr = alloc_sub_basic(smb_name, domain_name, s); + tmpstr = talloc_sub_basic(ctx, smb_name, domain_name, s); if ( !tmpstr ) { DEBUG(0,(str_list_sub_basic: alloc_sub_basic() return NULL!\n)); return false; } - SAFE_FREE(*list); + TALLOC_FREE(*list); *list = tmpstr; list++; diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c index 912b841..30d6ace 100644 --- a/source/libsmb/cliconnect.c +++ b/source/libsmb/cliconnect.c @@ -1087,8 +1087,9 @@ bool cli_send_tconX(struct cli_state *cli, if ((cli-sec_mode NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) *pass passlen != 24) { if (!lp_client_lanman_auth()) { - DEBUG(1, (Server requested LANMAN password (share-level security) but 'client use lanman auth' - is disabled\n)); + DEBUG(1, (Server requested LANMAN password + (share-level security) but + 'client lanman auth' is disabled\n)); return False; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-667-g8b2d9ee
The branch, v3-2-test has been updated via 8b2d9ee8c54ed84f83fdecf04e656dd66b622abb (commit) from 42bc4ff7fd6bfc92bde015ae8f3a9fb62d443cd5 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 8b2d9ee8c54ed84f83fdecf04e656dd66b622abb Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Apr 7 12:19:25 2008 +0200 Fix an uninitialized variable --- Summary of changes: source/nsswitch/wbinfo.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/nsswitch/wbinfo.c b/source/nsswitch/wbinfo.c index 80a7290..ba358bd 100644 --- a/source/nsswitch/wbinfo.c +++ b/source/nsswitch/wbinfo.c @@ -811,7 +811,7 @@ static bool wbinfo_lookuprids(const char *domain, const char *arg) uint32 *rids = NULL; const char *p; char *ridstr; - TALLOC_CTX *mem_ctx; + TALLOC_CTX *mem_ctx = NULL; bool ret = false; if ((domain == NULL) || (strequal(domain, .)) || (domain[0] == '\0')) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-673-gdf8c100
The branch, v3-2-test has been updated via df8c100c2b53575a0d425a2daf52e2d59904746a (commit) via 404a865a34c3a7c67131b3f99e92c11b2abe3e39 (commit) via 4130b873291d39e363184fe4e38dc1f24ebe5056 (commit) via 5df34634317633820993c9ef924d694a8fe1c4fe (commit) via 2eab212ea2e1bfd8fa716c2c89b2c042f7ba12ea (commit) via 6aaa2ce0eeb46f6735ec984a2e7aadde7a7f456d (commit) from 8b2d9ee8c54ed84f83fdecf04e656dd66b622abb (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit df8c100c2b53575a0d425a2daf52e2d59904746a Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Apr 7 09:27:22 2008 +0200 smbd: make it possible to change the write time delay for testing metze commit 404a865a34c3a7c67131b3f99e92c11b2abe3e39 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Apr 7 09:21:19 2008 +0200 smbd: make it possible to disable get_file_infos() on searches metze commit 4130b873291d39e363184fe4e38dc1f24ebe5056 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Apr 1 11:40:23 2008 +0200 locking: combine get_delete_on_close_flag() and get_write_time() into get_file_infos() This means we need to fetch the record only once. metze commit 5df34634317633820993c9ef924d694a8fe1c4fe Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Mar 12 18:26:43 2008 +0100 selftest: samba3 passes BASE-DELAYWRITE metze commit 2eab212ea2e1bfd8fa716c2c89b2c042f7ba12ea Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Mar 12 15:39:38 2008 +0100 smbd: implement the strange write time update logic We now never call file_ntimes() directly, every update is done via smb_set_file_time(). This let samba3 pass the BASE-DELAYWRITE test. The write time is only updated 2 seconds after the first write() on any open handle to the current time (not the time of the first write). Each handle which had write requests updates the write time to the current time on close(). If the write time is set explicit via setfileinfo or setpathinfo the write time is visible directly and a following close on the same handle doesn't update the write time. metze commit 6aaa2ce0eeb46f6735ec984a2e7aadde7a7f456d Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Mar 12 15:32:47 2008 +0100 locking: store the write time in the locking.tdb This is needed to implement the strange write time update logic later. We need to store 2 time timestamps to distinguish between the time the file system had before the first client opened the file and a forced timestamp update. metze --- Summary of changes: source/include/local.h |3 + source/include/smb.h | 14 - source/locking/locking.c | 111 -- source/script/tests/test_posix_s3.sh |2 +- source/smbd/close.c | 84 +++-- source/smbd/dir.c| 14 - source/smbd/dosmode.c| 42 + source/smbd/fileio.c | 66 +--- source/smbd/filename.c | 18 -- source/smbd/files.c | 29 + source/smbd/nttrans.c|2 +- source/smbd/open.c | 15 +++-- source/smbd/oplock.c |9 ++- source/smbd/reply.c | 77 source/smbd/trans2.c | 100 +- 15 files changed, 409 insertions(+), 177 deletions(-) Changeset truncated at 500 lines: diff --git a/source/include/local.h b/source/include/local.h index 6d32f4f..c125ded 100644 --- a/source/include/local.h +++ b/source/include/local.h @@ -233,6 +233,9 @@ /* Number of microseconds to wait before a sharing violation. */ #define SHARING_VIOLATION_USEC_WAIT 95 +/* Number of microseconds to wait before a updating the write time (2 secs). */ +#define WRITE_TIME_UPDATE_USEC_DELAY 200 + #define MAX_LDAP_REPLICATION_SLEEP_TIME 5000 /* In milliseconds. */ /* tdb hash size for the open database. */ diff --git a/source/include/smb.h b/source/include/smb.h index 4d18dc5..d52d849 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -485,9 +485,13 @@ typedef struct files_struct { struct timeval open_time; uint32 access_mask; /* NTCreateX access bits (FILE_READ_DATA etc.) */ uint32 share_access;/* NTCreateX share constants (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE). */ - bool pending_modtime_owner; - struct timespec pending_modtime; - struct timespec last_write_time; + + bool update_write_time_triggered; + struct
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-666-g42bc4ff
The branch, v3-2-test has been updated via 42bc4ff7fd6bfc92bde015ae8f3a9fb62d443cd5 (commit) from d3c31aa36c451f0a19496cd33c0b055b466e6b09 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 42bc4ff7fd6bfc92bde015ae8f3a9fb62d443cd5 Author: Björn Jacke [EMAIL PROTECTED] Date: Mon Apr 7 11:22:14 2008 +0200 increase log level for this failed setsockopt call. EINVAL is a normal error on Solaris when we do this on an already resetted connection. --- Summary of changes: source/lib/util_sock.c |5 - 1 files changed, 4 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c index 30a3b83..f252377 100644 --- a/source/lib/util_sock.c +++ b/source/lib/util_sock.c @@ -837,7 +837,10 @@ void set_socket_options(int fd, const char *options) } if (ret != 0) { - DEBUG(0,(Failed to set socket option %s (Error %s)\n, + /* be aware that some systems like Solaris return +* EINVAL to a setsockopt() call when the client +* sent a RST previously - no need to worry */ + DEBUG(2,(Failed to set socket option %s (Error %s)\n, tok, strerror(errno) )); } } -- Samba Shared Repository
svn commit: samba-docs r1261 - in trunk/xslt: .
Author: ab Date: 2008-04-07 11:08:19 + (Mon, 07 Apr 2008) New Revision: 1261 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1261 Log: Forgot to add these macros to a samba-docs repository Modified: trunk/xslt/man.xsl Changeset: Modified: trunk/xslt/man.xsl === --- trunk/xslt/man.xsl 2008-04-07 05:43:55 UTC (rev 1260) +++ trunk/xslt/man.xsl 2008-04-07 11:08:19 UTC (rev 1261) @@ -115,5 +115,32 @@ xsl:apply-templates/ /xsl:template + !-- == -- + !-- These macros are from Docbook manpages XSLT development tree -- + !-- help to maintain manpage generation clean when difference between -- + !-- roff processors is important to note. -- + xsl:template name=roff-if-else-start +xsl:param name=conditionn/xsl:param +xsl:text.ie /xsl:text +xsl:value-of select=$condition/ +xsl:text \{\#10;/xsl:text + /xsl:template + + xsl:template name=roff-if-start +xsl:param name=conditionn/xsl:param +xsl:text.if /xsl:text +xsl:value-of select=$condition/ +xsl:text \{\#10;/xsl:text + /xsl:template + + xsl:template name=roff-else +xsl:text.\}#10;/xsl:text +xsl:text.el \{\#10;/xsl:text + /xsl:template + + xsl:template name=roff-if-end +xsl:text.\}#10;/xsl:text + /xsl:template + /xsl:stylesheet
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-28a-21-g588d576
The branch, v3-0-test has been updated via 588d57653b08e305f1741b72f1bb0257e58e482c (commit) from a11835a3c01aaa6e0a59a78ff7862a8a3910705d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit 588d57653b08e305f1741b72f1bb0257e58e482c Author: Bo Yang [EMAIL PROTECTED] Date: Mon Apr 7 09:21:42 2008 -0400 Only cache password policy results that worked, otherwise we cannot login until the cache expires even if a connection to a DC has been restored. --- Summary of changes: source/nsswitch/winbindd_cache.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/nsswitch/winbindd_cache.c b/source/nsswitch/winbindd_cache.c index 42f5565..71e0688 100644 --- a/source/nsswitch/winbindd_cache.c +++ b/source/nsswitch/winbindd_cache.c @@ -2122,7 +2122,9 @@ do_query: /* and save it */ refresh_sequence_number(domain, False); - wcache_save_password_policy(domain, status, policy); + if (NT_STATUS_IS_OK(status)) { + wcache_save_password_policy(domain, status, policy); + } return status; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-674-g8671f97
The branch, v3-2-test has been updated via 8671f9767d7d93a86712741303d6046937c3aae8 (commit) from df8c100c2b53575a0d425a2daf52e2d59904746a (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 8671f9767d7d93a86712741303d6046937c3aae8 Author: Bo Yang [EMAIL PROTECTED] Date: Mon Apr 7 09:51:42 2008 -0400 Only cache password policy results that worked, otherwise we cannot login until the cache expires even if a connection to a DC has been restored. --- Summary of changes: source/winbindd/winbindd_cache.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/winbindd/winbindd_cache.c b/source/winbindd/winbindd_cache.c index 0f8bd49..e4b0a53 100644 --- a/source/winbindd/winbindd_cache.c +++ b/source/winbindd/winbindd_cache.c @@ -2232,7 +2232,9 @@ do_query: /* and save it */ refresh_sequence_number(domain, false); - wcache_save_password_policy(domain, status, policy); + if (NT_STATUS_IS_OK(status)) { + wcache_save_password_policy(domain, status, policy); + } return status; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-28a-22-g6e658db
The branch, v3-0-test has been updated via 6e658dbb2cbd1cf0df68057a32c2ed766c3794f3 (commit) from 588d57653b08e305f1741b72f1bb0257e58e482c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit 6e658dbb2cbd1cf0df68057a32c2ed766c3794f3 Author: Karolin Seeger [EMAIL PROTECTED] Date: Mon Apr 7 15:48:58 2008 +0200 Fix comment. Karolin --- Summary of changes: source/rpc_parse/parse_samr.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c index d452c1f..c9a6ee3 100644 --- a/source/rpc_parse/parse_samr.c +++ b/source/rpc_parse/parse_samr.c @@ -5603,7 +5603,7 @@ static BOOL sam_io_user_info17(const char *desc, SAM_USER_INFO_17 * usr, } /* - init_sam_user_infoa + init_sam_user_info24 */ void init_sam_user_info24(SAM_USER_INFO_24 * usr, char newpass[516], -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-675-gc1b60cd
The branch, v3-2-test has been updated via c1b60cdecff2a53f0a75a432a1ad7730eb734908 (commit) from 8671f9767d7d93a86712741303d6046937c3aae8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit c1b60cdecff2a53f0a75a432a1ad7730eb734908 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Apr 7 16:38:14 2008 +0200 winbindd: fix break out early condition in fill_grent_mem(). if (!new_glist) would always be skipped, if (new_glist == NULL) is what must have been meant... Michael --- Summary of changes: source/winbindd/winbindd_group.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/winbindd/winbindd_group.c b/source/winbindd/winbindd_group.c index 5dbd8c5..d5d3acc 100644 --- a/source/winbindd/winbindd_group.c +++ b/source/winbindd/winbindd_group.c @@ -567,7 +567,7 @@ static bool fill_grent_mem(struct winbindd_domain *domain, /* If we have no more groups to expand, break out early */ - if ( !new_glist ) + if (new_glist == NULL) break; /* One more round */ -- Samba Shared Repository
svn commit: samba-docs r1262 - in trunk/smbdotconf/printing: .
Author: kseeger Date: 2008-04-07 15:10:14 + (Mon, 07 Apr 2008) New Revision: 1262 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1262 Log: Correct description of cups options. Patch from Bj?\195?\182rn Jacke [EMAIL PROTECTED]. Modified: trunk/smbdotconf/printing/cupsoptions.xml Changeset: Modified: trunk/smbdotconf/printing/cupsoptions.xml === --- trunk/smbdotconf/printing/cupsoptions.xml 2008-04-07 11:08:19 UTC (rev 1261) +++ trunk/smbdotconf/printing/cupsoptions.xml 2008-04-07 15:10:14 UTC (rev 1262) @@ -15,6 +15,9 @@ in the CUPS Software Users' Manual). You can also pass any printer specific option (as listed in lpoptions -d printername -l) valid for the target queue. + Multiple parameters should be space-delimited name/value pairs according to + the PAPI text option ABNF specification. Collection values + (name={a=... b=... c=...}) are stored with the curley brackets intact. /para para @@ -28,5 +31,5 @@ /description value type=default/value -value type=exampleraw,media=a4,job-sheets=secret,secret/value +value type=exampleraw media=a4/value /samba:parameter
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0pre2-438-g1ad74f1
The branch, v3-2-stable has been updated via 1ad74f1906fa4e78c95ea3f7ac9de7a34539f83d (commit) via f82da34e92790ea90adac7f488083da5e4b4238c (commit) from b493a13c16b7f1c3211f3bb277759683c3f9363d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit 1ad74f1906fa4e78c95ea3f7ac9de7a34539f83d Author: Jeremy Allison [EMAIL PROTECTED] Date: Fri Apr 4 11:14:09 2008 -0700 Fix bug #5372. With a large CUPS installation with a remote server, contacting the server when searching for a name for the location and comment fields can take so much time the client times out. When searching for a name we don't use these fields anyway, so add a function get_a_printer_search() which doesn't contact the CUPS server. Jeremy. (cherry picked from commit 92d9f20852d5384e92a93dd0b051034718840ca8) commit f82da34e92790ea90adac7f488083da5e4b4238c Author: Jeremy Allison [EMAIL PROTECTED] Date: Fri Apr 4 15:28:14 2008 -0700 When using plaintext ucs2 passwords clistr_push calls ucs2_align, which causes the space taken by the unicode password to be one byte too long (as we're on an odd byte boundary here). Reduce the count by 1 to cope with this. Fixes smbclient against NetApp servers which can't cope. Fix from [EMAIL PROTECTED] in bug #3840. Jeremy. (cherry picked from commit 1e7e7d86a1ae1cd2c3cc3de9f36b7326ad249b82) --- Summary of changes: source/libsmb/cliconnect.c | 12 ++-- source/printing/nt_printing.c | 49 +++ source/rpc_server/srv_spoolss_nt.c |8 +- 3 files changed, 54 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c index 30d6ace..3953a49 100644 --- a/source/libsmb/cliconnect.c +++ b/source/libsmb/cliconnect.c @@ -247,9 +247,16 @@ static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli, p += clistr_push(cli, p, pass, -1, STR_TERMINATE); /* password */ SSVAL(cli-outbuf,smb_vwv7,PTR_DIFF(p, smb_buf(cli-outbuf))); } - else { + else { + /* For ucs2 passwords clistr_push calls ucs2_align, which causes +* the space taken by the unicode password to be one byte too +* long (as we're on an odd byte boundary here). Reduce the +* count by 1 to cope with this. Fixes smbclient against NetApp +* servers which can't cope. Fix from +* [EMAIL PROTECTED] in bug #3840. +*/ p += clistr_push(cli, p, pass, -1, STR_UNICODE|STR_TERMINATE); /* unicode password */ - SSVAL(cli-outbuf,smb_vwv8,PTR_DIFF(p, smb_buf(cli-outbuf))); + SSVAL(cli-outbuf,smb_vwv8,PTR_DIFF(p, smb_buf(cli-outbuf))-1); } p += clistr_push(cli, p, user, -1, STR_TERMINATE); /* username */ @@ -1033,7 +1040,6 @@ NTSTATUS cli_session_setup(struct cli_state *cli, } return NT_STATUS_OK; - } / diff --git a/source/printing/nt_printing.c b/source/printing/nt_printing.c index 68b0359..7b03a32 100644 --- a/source/printing/nt_printing.c +++ b/source/printing/nt_printing.c @@ -3973,7 +3973,11 @@ static void map_to_os2_driver(fstring drivername) / Get a default printer info 2 struct. / -static WERROR get_a_printer_2_default(NT_PRINTER_INFO_LEVEL_2 *info, const char *servername, const char* sharename) + +static WERROR get_a_printer_2_default(NT_PRINTER_INFO_LEVEL_2 *info, + const char *servername, + const char* sharename, + bool get_loc_com) { int snum = lp_servicenumber(sharename); @@ -4000,7 +4004,7 @@ static WERROR get_a_printer_2_default(NT_PRINTER_INFO_LEVEL_2 *info, const char fstrcpy(info-datatype, RAW); #ifdef HAVE_CUPS - if ( (enum printing_types)lp_printing(snum) == PRINT_CUPS ) { + if (get_loc_com (enum printing_types)lp_printing(snum) == PRINT_CUPS ) { /* Pull the location and comment strings from cups if we don't already have one */ if ( !strlen(info-location) || !strlen(info-comment) ) @@ -4049,7 +4053,11 @@ fail: / / -static WERROR get_a_printer_2(NT_PRINTER_INFO_LEVEL_2 *info, const char *servername, const char *sharename) +
svn commit: samba-docs r1263 - in trunk/smbdotconf/security: .
Author: kseeger Date: 2008-04-07 15:36:23 + (Mon, 07 Apr 2008) New Revision: 1263 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=1263 Log: Correct usage of multiple LDAP servers as passdb backend. Patch from Bj?\195?\182rn Jacke [EMAIL PROTECTED] Modified: trunk/smbdotconf/security/passdbbackend.xml Changeset: Modified: trunk/smbdotconf/security/passdbbackend.xml === --- trunk/smbdotconf/security/passdbbackend.xml 2008-04-07 15:10:14 UTC (rev 1262) +++ trunk/smbdotconf/security/passdbbackend.xml 2008-04-07 15:36:23 UTC (rev 1263) @@ -37,9 +37,9 @@ specifying parameter moreinfo=noneldaps:///parameter in the URL argument. /para -paraMultiple servers may also be specified in double-quotes, if your -LDAP libraries supports the LDAP URL notation. -(OpenLDAP does). +paraMultiple servers may also be specified in double-quotes. + Whether multiple servers are supported or not and the exact + syntax depends on the LDAP library you use. /para /listitem @@ -50,9 +50,13 @@ programlisting passdb backend = tdbsam:/etc/samba/private/passdb.tdb -or +or multi server LDAP URL with OpenLDAP library: passdb backend = ldapsam:ldap://ldap-1.example.com ldap://ldap-2.example.com; + +or multi server LDAP URL with Netscape based LDAP library: + +passdb backend = ldapsam:ldap://ldap-1.example.com ldap-2.example.com /programlisting /description
[SCM] Samba GTK+ frontends branch, master, updated. 4b46ae89aa51cbf6bc9023d9cb185276824950f6
This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project Samba GTK+ frontends. The branch, master has been updated via 4b46ae89aa51cbf6bc9023d9cb185276824950f6 (commit) from bb16484a143fbd2476b5d9e162077e211db99c56 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - commit 4b46ae89aa51cbf6bc9023d9cb185276824950f6 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Mon Apr 7 22:43:54 2008 +0200 Add some docstrings. --- Summary of changes: gtkldb.py | 42 -- 1 files changed, 32 insertions(+), 10 deletions(-) hooks/post-receive -- Samba GTK+ frontends
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-676-g04cd914
The branch, v3-2-test has been updated via 04cd914a1f12691d27ddc67887a757cd813848a7 (commit) from c1b60cdecff2a53f0a75a432a1ad7730eb734908 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 04cd914a1f12691d27ddc67887a757cd813848a7 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Apr 7 23:36:29 2008 +0200 dbwrap: fix more tdb_chainunlock failed messages TALLOC_FREE(rec) before transaction_cancel also in dbwrap_trans_delete(). Michael --- Summary of changes: source/lib/dbwrap_util.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/dbwrap_util.c b/source/lib/dbwrap_util.c index eea7ca7..07e5082 100644 --- a/source/lib/dbwrap_util.c +++ b/source/lib/dbwrap_util.c @@ -205,7 +205,7 @@ NTSTATUS dbwrap_trans_store(struct db_context *db, TDB_DATA key, TDB_DATA dbuf, NTSTATUS dbwrap_trans_delete(struct db_context *db, TDB_DATA key) { int res; - struct db_record *rec; + struct db_record *rec = NULL; NTSTATUS status; res = db-transaction_start(db); @@ -239,6 +239,8 @@ NTSTATUS dbwrap_trans_delete(struct db_context *db, TDB_DATA key) return NT_STATUS_OK; cancel: + TALLOC_FREE(rec); + if (db-transaction_cancel(db) != 0) { smb_panic(Cancelling transaction failed); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-679-g3ed2c65
The branch, v3-2-test has been updated via 3ed2c65bde0c2e5ad10cf777dae8a2d3e626a42c (commit) via 59a2bcf30fef14ecc826271862b645dd3a61cb48 (commit) via fd168e7b5065ba15b1cf56522b6810b8e6fdd7d5 (commit) from 04cd914a1f12691d27ddc67887a757cd813848a7 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 3ed2c65bde0c2e5ad10cf777dae8a2d3e626a42c Author: James Peach [EMAIL PROTECTED] Date: Mon Apr 7 15:28:10 2008 -0700 Remove unused variable. commit 59a2bcf30fef14ecc826271862b645dd3a61cb48 Author: Bill Ricker [EMAIL PROTECTED] Date: Mon Apr 7 15:02:56 2008 -0700 Fix Kerberos interop with Mac OS X 10.5 clients. Ignore optional req_flags. Use the Kerberos mechanism OID negotiated with the client rather than hardcoding OID_KERBEROS5_OLD. commit fd168e7b5065ba15b1cf56522b6810b8e6fdd7d5 Author: James Peach [EMAIL PROTECTED] Date: Mon Apr 7 15:00:41 2008 -0700 Use bool for BOOL and true/false for True/False. We need lowercase bool to get the declarations picked up by the prototype parser. --- Summary of changes: source/libsmb/asn1.c | 139 source/libsmb/clispnego.c | 12 source/smbd/seal.c|8 ++- source/smbd/sesssetup.c | 49 +--- 4 files changed, 121 insertions(+), 87 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/asn1.c b/source/libsmb/asn1.c index 99c5b0b..bdbe49b 100644 --- a/source/libsmb/asn1.c +++ b/source/libsmb/asn1.c @@ -36,19 +36,19 @@ void asn1_free(ASN1_DATA *data) /* write to the ASN1 buffer, advancing the buffer pointer */ bool asn1_write(ASN1_DATA *data, const void *p, int len) { - if (data-has_error) return False; + if (data-has_error) return false; if (data-length data-ofs+len) { data-data = SMB_REALLOC_ARRAY(data-data, unsigned char, data-ofs+len); if (!data-data) { - data-has_error = True; - return False; + data-has_error = true; + return false; } data-length = data-ofs+len; } memcpy(data-data + data-ofs, p, len); data-ofs += len; - return True; + return true; } /* useful fn for writing a uint8 */ @@ -65,8 +65,8 @@ bool asn1_push_tag(ASN1_DATA *data, uint8 tag) asn1_write_uint8(data, tag); nesting = SMB_MALLOC_P(struct nesting); if (!nesting) { - data-has_error = True; - return False; + data-has_error = true; + return false; } nesting-start = data-ofs; @@ -82,14 +82,14 @@ bool asn1_pop_tag(ASN1_DATA *data) size_t len; if (data-has_error) { - return False; + return false; } nesting = data-nesting; if (!nesting) { - data-has_error = True; - return False; + data-has_error = true; + return false; } len = data-ofs - (nesting-start+1); /* yes, this is ugly. We don't know in advance how many bytes the length @@ -97,23 +97,23 @@ bool asn1_pop_tag(ASN1_DATA *data) need to correct our mistake */ if (len 0x) { data-data[nesting-start] = 0x83; - if (!asn1_write_uint8(data, 0)) return False; - if (!asn1_write_uint8(data, 0)) return False; - if (!asn1_write_uint8(data, 0)) return False; + if (!asn1_write_uint8(data, 0)) return false; + if (!asn1_write_uint8(data, 0)) return false; + if (!asn1_write_uint8(data, 0)) return false; memmove(data-data+nesting-start+4, data-data+nesting-start+1, len); data-data[nesting-start+1] = (len16) 0xFF; data-data[nesting-start+2] = (len8) 0xFF; data-data[nesting-start+3] = len0xff; } else if (len 255) { data-data[nesting-start] = 0x82; - if (!asn1_write_uint8(data, 0)) return False; - if (!asn1_write_uint8(data, 0)) return False; + if (!asn1_write_uint8(data, 0)) return false; + if (!asn1_write_uint8(data, 0)) return false; memmove(data-data+nesting-start+3, data-data+nesting-start+1, len); data-data[nesting-start+1] = len8; data-data[nesting-start+2] = len0xff; } else if (len 127) { data-data[nesting-start] = 0x81; - if (!asn1_write_uint8(data, 0)) return False; + if (!asn1_write_uint8(data, 0)) return false;
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha3-55-g5144137
The branch, v4-0-test has been updated via 51441376d37de01f7f4bd795947fc2c46c38e3f1 (commit) via bb59f3084ff8ff99e5bd72abfaadcbb68110f9fa (commit) via 61f331e9748bf5b3a1120ef19f93790facf9f64c (commit) via aad07f482544107dbeb4c3c468ce7dd78c151849 (commit) via f214206a36d8822e485f6f076c9f3f0bfc1e1df4 (commit) via 07f52ca51c008a6b80fed5b03935e1c3241d08d5 (commit) via 57c7b4e896116f06b39e0040ad386c561d76bd3d (commit) from da8b8364b06a79a10d4ebdc0e451463b3105730e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 51441376d37de01f7f4bd795947fc2c46c38e3f1 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 02:08:31 2008 +0200 Add signature of connect function to docstrings. commit bb59f3084ff8ff99e5bd72abfaadcbb68110f9fa Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 01:42:27 2008 +0200 use builtin getset stuff rather than custom getattr/setattr implementation. commit 61f331e9748bf5b3a1120ef19f93790facf9f64c Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 01:23:19 2008 +0200 Add function signature to docstrings in python. commit aad07f482544107dbeb4c3c468ce7dd78c151849 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 00:59:27 2008 +0200 Register types rather than constructors, display structs as classes. commit f214206a36d8822e485f6f076c9f3f0bfc1e1df4 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 00:13:09 2008 +0200 Set tp_flags for Python types. commit 07f52ca51c008a6b80fed5b03935e1c3241d08d5 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 00:10:24 2008 +0200 Set docstrings from helpstring attribute where possible. commit 57c7b4e896116f06b39e0040ad386c561d76bd3d Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Mon Apr 7 23:21:38 2008 +0200 Add simple docstring for Python modules. --- Summary of changes: source/pidl/lib/Parse/Pidl/Samba4/Python.pm | 273 ++- 1 files changed, 184 insertions(+), 89 deletions(-) Changeset truncated at 500 lines: diff --git a/source/pidl/lib/Parse/Pidl/Samba4/Python.pm b/source/pidl/lib/Parse/Pidl/Samba4/Python.pm index 2475925..40c0cd5 100644 --- a/source/pidl/lib/Parse/Pidl/Samba4/Python.pm +++ b/source/pidl/lib/Parse/Pidl/Samba4/Python.pm @@ -21,7 +21,7 @@ $VERSION = '0.01'; sub new($) { my ($class) = @_; my $self = { res = , res_hdr = , tabs = , constants = {}, -module_methods = []}; +module_methods = [], module_objects = [], module_types = []}; bless($self, $class); } @@ -163,46 +163,35 @@ sub FromPythonToUnionFunction($) $self-pidl(return ret;); } -sub PythonStruct() +sub PythonStruct($$) { - my ($self, $name, $cname, $d) = @_; + my ($self, $modulename, $prettyname, $name, $cname, $d) = @_; my $env = GenerateStructEnv($d, object); $self-pidl(); - $self-pidl(static PyObject *py_$name\_getattr(PyObject *obj, char *name)); - $self-pidl({); - $self-indent; + my $getsetters = NULL; + if ($#{$d-{ELEMENTS}} -1) { - $self-pidl($cname *object = py_talloc_get_ptr(obj);); foreach my $e (@{$d-{ELEMENTS}}) { - $self-pidl(if (!strcmp(name, \$e-{NAME}\)) {); my $varname = object-$e-{NAME}; + $self-pidl(static PyObject *py_$name\_get_$e-{NAME}(PyObject *obj, void *closure)); + $self-pidl({); $self-indent; + $self-pidl($cname *object = py_talloc_get_ptr(obj);); $self-pidl(PyObject *py_$e-{NAME};); $self-ConvertObjectToPython(py_talloc_get_mem_ctx(obj), $env, $e, $varname, py_$e-{NAME}); $self-pidl(return py_$e-{NAME};); $self-deindent; $self-pidl(}); - } - } - $self-pidl(PyErr_SetString(PyExc_AttributeError, \no such attribute\);); - $self-pidl(return NULL;); - $self-deindent; - $self-pidl(}); - $self-pidl(); + $self-pidl(); - $self-pidl(static int py_$name\_setattr(PyObject *py_obj, char *name, PyObject *value)); - $self-pidl({); - $self-indent; - if ($#{$d-{ELEMENTS}} -1) { - $self-pidl($cname *object = py_talloc_get_ptr(py_obj);); - my $mem_ctx = py_talloc_get_mem_ctx(py_obj); - foreach my $e (@{$d-{ELEMENTS}}) { - $self-pidl(if (!strcmp(name, \$e-{NAME}\)) {); - my $varname = object-$e-{NAME}; + $self-pidl(static int py_$name\_set_$e-{NAME}(PyObject *py_obj, PyObject *value,
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-680-g5cb480a
The branch, v3-2-test has been updated via 5cb480a664938d93d6cd059c78da9bc78eb58dcb (commit) from 3ed2c65bde0c2e5ad10cf777dae8a2d3e626a42c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 5cb480a664938d93d6cd059c78da9bc78eb58dcb Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 8 02:14:44 2008 +0200 Whatsnew --- Summary of changes: WHATSNEW.txt |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 1b07798..1a59112 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -226,6 +226,8 @@ o Guenther Deschner [EMAIL PROTECTED] * Fix build targets for bin/net. * Fix _dssetup_DsRoleGetPrimaryDomainInformation(). * Fix the build of cifs.spnego. +* Migration of the SRVSVC client and server DCE/RPC code to IDL + based structures and autogenerated code o Volker Lendecke [EMAIL PROTECTED] -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-684-ga4e3bc2
The branch, v3-2-test has been updated via a4e3bc2bade8bf74696e1c6ced74da563ff2df7b (commit) via 78da087b3a04f25bd0ea3195debf5c46731bac74 (commit) via c098714ac4bac8a7e27be761979a96190b77de1f (commit) via 5231a135068a64aedbe2643a9168f2a14c40b139 (commit) from 5cb480a664938d93d6cd059c78da9bc78eb58dcb (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit a4e3bc2bade8bf74696e1c6ced74da563ff2df7b Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 8 02:42:50 2008 +0200 Restructure inner workings of libnetapi a bit. Guenther commit 78da087b3a04f25bd0ea3195debf5c46731bac74 Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 8 02:26:21 2008 +0200 Add libnetapi generated files. Guenther commit c098714ac4bac8a7e27be761979a96190b77de1f Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 8 02:25:31 2008 +0200 Build libnetapi.idl. Guenther commit 5231a135068a64aedbe2643a9168f2a14c40b139 Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 8 02:25:00 2008 +0200 Add libnetapi.idl. Guenther --- Summary of changes: source/Makefile.in |4 +- .../examples/getjoinableous/getjoinableous.c |1 + source/lib/netapi/getdc.c | 142 +- source/lib/netapi/joindomain.c | 478 +--- source/lib/netapi/libnetapi.c | 393 source/lib/netapi/libnetapi.h | 67 +++ source/lib/netapi/netapi.h | 80 ++-- source/lib/netapi/serverinfo.c | 181 ++-- source/librpc/gen_ndr/libnetapi.h | 140 ++ source/librpc/gen_ndr/ndr_libnetapi.c | 377 +++ source/librpc/gen_ndr/ndr_libnetapi.h | 53 +++ source/librpc/idl/libnetapi.idl| 71 +++ 12 files changed, 1306 insertions(+), 681 deletions(-) create mode 100644 source/lib/netapi/libnetapi.c create mode 100644 source/lib/netapi/libnetapi.h create mode 100644 source/librpc/gen_ndr/libnetapi.h create mode 100644 source/librpc/gen_ndr/ndr_libnetapi.c create mode 100644 source/librpc/gen_ndr/ndr_libnetapi.h create mode 100644 source/librpc/idl/libnetapi.idl Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index 6846d80..cc45acd 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -814,6 +814,8 @@ CLIENT_OBJ = $(CLIENT_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \ $(DISPLAY_SEC_OBJ) LIBNETAPI_OBJ1 = lib/netapi/netapi.o \ +librpc/gen_ndr/ndr_libnetapi.o \ +lib/netapi/libnetapi.o \ lib/netapi/joindomain.o \ lib/netapi/serverinfo.o \ lib/netapi/getdc.o @@ -1163,7 +1165,7 @@ modules: SHOWFLAGS $(MODULES) IDL_FILES = lsa.idl dfs.idl echo.idl winreg.idl initshutdown.idl \ srvsvc.idl svcctl.idl eventlog.idl wkssvc.idl netlogon.idl notify.idl \ epmapper.idl messaging.idl xattr.idl misc.idl samr.idl security.idl \ - dssetup.idl krb5pac.idl ntsvcs.idl + dssetup.idl krb5pac.idl ntsvcs.idl libnetapi.idl idl: @IDL_FILES=$(IDL_FILES) CPP=$(CPP) PERL=$(PERL) \ diff --git a/source/lib/netapi/examples/getjoinableous/getjoinableous.c b/source/lib/netapi/examples/getjoinableous/getjoinableous.c index 5a3366c..be95198 100644 --- a/source/lib/netapi/examples/getjoinableous/getjoinableous.c +++ b/source/lib/netapi/examples/getjoinableous/getjoinableous.c @@ -19,6 +19,7 @@ #include string.h #include stdio.h +#include inttypes.h #include netapi.h diff --git a/source/lib/netapi/getdc.c b/source/lib/netapi/getdc.c index 2626eb0..f6a666d 100644 --- a/source/lib/netapi/getdc.c +++ b/source/lib/netapi/getdc.c @@ -19,16 +19,16 @@ #include includes.h +#include librpc/gen_ndr/libnetapi.h #include lib/netapi/netapi.h +#include lib/netapi/libnetapi.h #include libnet/libnet.h / / -static WERROR NetGetDCNameLocal(struct libnetapi_ctx *ctx, - const char *server_name, - const char *domain_name, - uint8_t **buffer) +WERROR NetGetDCName_l(struct libnetapi_ctx *ctx, + struct NetGetDCName *r) { return WERR_NOT_SUPPORTED; } @@ -36,17 +36,15 @@ static WERROR NetGetDCNameLocal(struct libnetapi_ctx *ctx, / / -static WERROR NetGetDCNameRemote(struct libnetapi_ctx *ctx, -
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha3-62-gb6b7171f
The branch, v4-0-test has been updated via b6b7171f70114bd27ca8db09964c65cacb9cea92 (commit) via ba3f0312f0dda47fb16ed9b8eee3750b209e0dad (commit) via 068c2f858a0c7e325cb8a1f2ca36e32b31fe1f77 (commit) via b7b46ddd412bd106655c2a7b96a322d9f6ac3019 (commit) via 685aab0c99c87386fee64c07d8b68c75652713c6 (commit) via a3e22bbcea27580c31d44dfaae04c9eef83389d4 (commit) via 4319971ccb42618a3298a5f26f63fa4c9b255849 (commit) from 51441376d37de01f7f4bd795947fc2c46c38e3f1 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit b6b7171f70114bd27ca8db09964c65cacb9cea92 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 03:29:12 2008 +0200 Add trivial test for unixinfo interface. commit ba3f0312f0dda47fb16ed9b8eee3750b209e0dad Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 03:23:53 2008 +0200 Add python bindings for drsuapi. commit 068c2f858a0c7e325cb8a1f2ca36e32b31fe1f77 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 03:18:43 2008 +0200 Add python bindings for unixinfo. commit b7b46ddd412bd106655c2a7b96a322d9f6ac3019 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 03:15:55 2008 +0200 Add [todo] for functions that are obviously incomplete. commit 685aab0c99c87386fee64c07d8b68c75652713c6 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 02:58:18 2008 +0200 Raise NotImplementedError from functions that don't have complete IDL. commit a3e22bbcea27580c31d44dfaae04c9eef83389d4 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 02:57:59 2008 +0200 Support [todo] attribute on functions. commit 4319971ccb42618a3298a5f26f63fa4c9b255849 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Tue Apr 8 02:48:54 2008 +0200 Add Python bindings for DFS. --- Summary of changes: source/librpc/config.mk| 12 ++ source/librpc/idl/audiosrv.idl | 30 +++--- source/librpc/idl/browser.idl | 24 ++-- source/librpc/idl/dfs.idl | 14 +- source/librpc/idl/drsuapi.idl | 26 ++-- source/librpc/idl/dsbackup.idl | 34 +++--- source/librpc/idl/dssetup.idl | 20 ++-- source/librpc/idl/efs.idl | 14 +- source/librpc/idl/epmapper.idl |2 +- source/librpc/idl/eventlog.idl | 36 +++--- source/librpc/idl/frsapi.idl | 12 +- source/librpc/idl/frsrpc.idl | 20 ++-- source/librpc/idl/lsa.idl | 66 +- source/librpc/idl/msgsvc.idl | 10 +- source/librpc/idl/netlogon.idl | 14 +- source/librpc/idl/ntsvcs.idl | 130 ++-- source/librpc/idl/spoolss.idl | 102 source/librpc/idl/srvsvc.idl | 24 ++-- source/librpc/idl/svcctl.idl | 14 +- source/librpc/idl/w32time.idl |6 +- source/librpc/idl/winreg.idl |8 +- source/pidl/lib/Parse/Pidl/NDR.pm |1 + source/pidl/lib/Parse/Pidl/Samba4/Python.pm| 43 +-- source/scripting/python/modules.c |3 + source/scripting/python/pyrpc.h|2 +- .../python/samba/tests/dcerpc/{sam.py = unix.py} | 11 +- source/selftest/samba4_tests.sh|1 + 27 files changed, 356 insertions(+), 323 deletions(-) copy source/scripting/python/samba/tests/dcerpc/{sam.py = unix.py} (77%) Changeset truncated at 500 lines: diff --git a/source/librpc/config.mk b/source/librpc/config.mk index e53e512..b6f3fda 100644 --- a/source/librpc/config.mk +++ b/source/librpc/config.mk @@ -654,5 +654,17 @@ PRIVATE_DEPENDENCIES = RPC_NDR_LSA OBJ_FILES = gen_ndr/py_wkssvc.o PRIVATE_DEPENDENCIES = RPC_NDR_WKSSVC +[PYTHON::python_dfs] +OBJ_FILES = gen_ndr/py_dfs.o +PRIVATE_DEPENDENCIES = RPC_NDR_DFS + +[PYTHON::python_unixinfo] +OBJ_FILES = gen_ndr/py_unixinfo.o +PRIVATE_DEPENDENCIES = RPC_NDR_UNIXINFO + +[PYTHON::python_drsuapi] +OBJ_FILES = gen_ndr/py_drsuapi.o +PRIVATE_DEPENDENCIES = RPC_NDR_DRSUAPI + [PYTHON::python_dcerpc_security] OBJ_FILES = gen_ndr/py_security.o diff --git a/source/librpc/idl/audiosrv.idl b/source/librpc/idl/audiosrv.idl index 9b9399f..1b05986 100644 --- a/source/librpc/idl/audiosrv.idl +++ b/source/librpc/idl/audiosrv.idl @@ -5,19 +5,19 @@ helpstring(Audio Server) ] interface audiosrv { - void audiosrv_CreatezoneFactoriesList(); - void audiosrv_CreateGfxFactoriesList(); - void audiosrv_CreateGfxList(); - void audiosrv_RemoveGfx(); - void
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-685-g0985289
The branch, v3-2-test has been updated via 09852899cadc48abe2f2651ecbceaf881198e648 (commit) from a4e3bc2bade8bf74696e1c6ced74da563ff2df7b (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 09852899cadc48abe2f2651ecbceaf881198e648 Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Apr 7 21:11:16 2008 -0700 Rewrite the wrap checks to deal with gcc 4.x optimisations. Karolin, please pull once Volker has reviewed. Thanks. Jeremy. --- Summary of changes: source/smbd/ipc.c | 78 +-- source/smbd/nttrans.c | 89 - source/smbd/trans2.c | 76 + 3 files changed, 142 insertions(+), 101 deletions(-) Changeset truncated at 500 lines: diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c index 68a13d6..6961a5c 100644 --- a/source/smbd/ipc.c +++ b/source/smbd/ipc.c @@ -498,7 +498,8 @@ void reply_trans(struct smb_request *req) unsigned int pscnt; struct trans_state *state; NTSTATUS result; - int size; + unsigned int size; + unsigned int av_size; START_PROFILE(SMBtrans); @@ -509,6 +510,7 @@ void reply_trans(struct smb_request *req) } size = smb_len(req-inbuf) + 4; + av_size = smb_len(req-inbuf); dsoff = SVAL(req-inbuf, smb_dsoff); dscnt = SVAL(req-inbuf, smb_dscnt); psoff = SVAL(req-inbuf, smb_psoff); @@ -567,12 +569,17 @@ void reply_trans(struct smb_request *req) } /* null-terminate the slack space */ memset(state-data[state-total_data], 0, 100); - if ((dsoff+dscnt dsoff) || (dsoff+dscnt dscnt)) + + if (dscnt state-total_data || + dsoff+dscnt dsoff) { goto bad_param; - if ((smb_base(req-inbuf)+dsoff+dscnt - (char *)req-inbuf + size) || - (smb_base(req-inbuf)+dsoff+dscnt smb_base(req-inbuf))) + } + + if (dsoff av_size || + dscnt av_size || + dsoff+dscnt av_size) { goto bad_param; + } memcpy(state-data,smb_base(req-inbuf)+dsoff,dscnt); } @@ -592,12 +599,17 @@ void reply_trans(struct smb_request *req) } /* null-terminate the slack space */ memset(state-param[state-total_param], 0, 100); - if ((psoff+pscnt psoff) || (psoff+pscnt pscnt)) + + if (pscnt state-total_param || + psoff+pscnt psoff) { goto bad_param; - if ((smb_base(req-inbuf)+psoff+pscnt - (char *)req-inbuf + size) || - (smb_base(req-inbuf)+psoff+pscnt smb_base(req-inbuf))) + } + + if (psoff av_size || + pscnt av_size || + psoff+pscnt av_size) { goto bad_param; + } memcpy(state-param,smb_base(req-inbuf)+psoff,pscnt); } @@ -675,7 +687,7 @@ void reply_transs(struct smb_request *req) connection_struct *conn = req-conn; unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp; struct trans_state *state; - int size; + unsigned int av_size; START_PROFILE(SMBtranss); @@ -708,7 +720,7 @@ void reply_transs(struct smb_request *req) if (SVAL(req-inbuf, smb_vwv1) state-total_data) state-total_data = SVAL(req-inbuf,smb_vwv1); - size = smb_len(req-inbuf) + 4; + av_size = smb_len(req-inbuf); pcnt = SVAL(req-inbuf, smb_spscnt); poff = SVAL(req-inbuf, smb_spsoff); @@ -726,38 +738,38 @@ void reply_transs(struct smb_request *req) goto bad_param; if (pcnt) { - if (pdisp+pcnt state-total_param) - goto bad_param; - if ((pdisp+pcnt pdisp) || (pdisp+pcnt pcnt)) - goto bad_param; - if (pdisp state-total_param) + if (pdisp state-total_param || + pcnt state-total_param || + pdisp+pcnt state-total_param || + pdisp+pcnt pdisp) { goto bad_param; - if ((smb_base(req-inbuf) + poff + pcnt - (char *)req-inbuf + size) || - (smb_base(req-inbuf) + poff + pcnt - smb_base(req-inbuf))) - goto bad_param; - if (state-param + pdisp state-param) +
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-28a-23-g1261d7f
The branch, v3-0-test has been updated via 1261d7f713fedb312dfcfdd58c7d5b45e8185ba7 (commit) from 6e658dbb2cbd1cf0df68057a32c2ed766c3794f3 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit 1261d7f713fedb312dfcfdd58c7d5b45e8185ba7 Author: Jeremy Allison [EMAIL PROTECTED] Date: Mon Apr 7 21:11:21 2008 -0700 Rewrite the wrap checks to deal with gcc 4.x optimisations. Jeremy. --- Summary of changes: source/smbd/ipc.c | 68 ++- source/smbd/nttrans.c | 70 ++-- source/smbd/trans2.c | 68 ++- 3 files changed, 130 insertions(+), 76 deletions(-) Changeset truncated at 500 lines: diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c index 6e5ff9f..f7b7c31 100644 --- a/source/smbd/ipc.c +++ b/source/smbd/ipc.c @@ -434,6 +434,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, unsigned int dscnt = SVAL(inbuf, smb_dscnt); unsigned int psoff = SVAL(inbuf, smb_psoff); unsigned int pscnt = SVAL(inbuf, smb_pscnt); + unsigned int av_size = size-4; struct trans_state *state; NTSTATUS result; @@ -489,11 +490,17 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, } /* null-terminate the slack space */ memset(state-data[state-total_data], 0, 100); - if ((dsoff+dscnt dsoff) || (dsoff+dscnt dscnt)) + + if (dscnt state-total_data || + dsoff+dscnt dsoff) { goto bad_param; - if ((smb_base(inbuf)+dsoff+dscnt inbuf + size) || - (smb_base(inbuf)+dsoff+dscnt smb_base(inbuf))) + } + + if (dsoff av_size || + dscnt av_size || + dsoff+dscnt av_size) { goto bad_param; + } memcpy(state-data,smb_base(inbuf)+dsoff,dscnt); } @@ -512,11 +519,17 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, } /* null-terminate the slack space */ memset(state-param[state-total_param], 0, 100); - if ((psoff+pscnt psoff) || (psoff+pscnt pscnt)) + + if (pscnt state-total_param || + psoff+pscnt psoff) { goto bad_param; - if ((smb_base(inbuf)+psoff+pscnt inbuf + size) || - (smb_base(inbuf)+psoff+pscnt smb_base(inbuf))) + } + + if (psoff av_size || + pscnt av_size || + psoff+pscnt av_size) { goto bad_param; + } memcpy(state-param,smb_base(inbuf)+psoff,pscnt); } @@ -600,6 +613,7 @@ int reply_transs(connection_struct *conn, char *inbuf,char *outbuf, { int outsize = 0; unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp; + unsigned int av_size = size-4; struct trans_state *state; NTSTATUS result; @@ -643,34 +657,38 @@ int reply_transs(connection_struct *conn, char *inbuf,char *outbuf, goto bad_param; if (pcnt) { - if (pdisp+pcnt state-total_param) - goto bad_param; - if ((pdisp+pcnt pdisp) || (pdisp+pcnt pcnt)) - goto bad_param; - if (pdisp state-total_param) - goto bad_param; - if ((smb_base(inbuf) + poff + pcnt inbuf + size) || - (smb_base(inbuf) + poff + pcnt smb_base(inbuf))) + if (pdisp state-total_param || + pcnt state-total_param || + pdisp+pcnt state-total_param || + pdisp+pcnt pdisp) { goto bad_param; - if (state-param + pdisp state-param) + } + + if (poff av_size || + pcnt av_size || + poff+pcnt av_size || + poff+pcnt poff) { goto bad_param; + } memcpy(state-param+pdisp,smb_base(inbuf)+poff, pcnt); } if (dcnt) { - if (ddisp+dcnt state-total_data) - goto bad_param; - if ((ddisp+dcnt ddisp) || (ddisp+dcnt dcnt)) - goto bad_param; - if (ddisp state-total_data) - goto bad_param; - if