Re: [Samba] [3.0.28,1/smb.conf] Can't hide dot files
hi Gilles, once upon a time I had a similar problem I set up Samba 3.0.28,1 on a FreeBSD 6.3 host. I'd like users _not_ to see the hidden dot files in directories, but hide dot files doesn't work, no matter whether I put it in [global] or [homes]: AFAIK Samba transfers dot files with a hidden attribute. If your users can see these hidden files or not depends, depends on the setup of the Windows client. If something like show hidden files and directories is enabled on the client's file browser, the client will display the hidden files ... I can't find the link to the documentation, but you can test this within a minute. kind regards, Reinhard Sojka -- Reinhard Sojka [EMAIL PROTECTED] Parlamentsdirektion A1.5 - EDV / System- Networkadmin A-1017 Wien - Parlament Tel. +43 1 40110 2824 Fax +43 1 40110 2848 http://www.parlament.gv.at -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbstatus und srvmgr.exe give different informations
Hello, I read the samba3 howto and now I tried svrmgr.exe. With smbstatus I get only two users connected to this test server. According to svrmgr there are far more with a very high value in the time field. Does the svrmgr show connection that where previously open but are no more connected ? Thanks Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Command 'net rpc ...' yields nothing
Guys, I've been using samba PDC with LDAP backend for about 2 years now, and they're working just fine. All this time, each time I join a new computer (PC with win XP Pro, Me, win98), I use the root account and its samba password. The problem is, I can use the root to login into the domain too, which something I don't like. If i used the parameter invalid users = root via smb.conf, then I cannot join any PC into the domain. I roamed into samba official How-to ( http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetCommand.html#id2599196) and found something interesting in the Administering User Rights and Privileges part, the net rpc command. My goal was to create a new user, other then the root, with a privillege restricted to merely joining PC's into the domain (SeMachineAccountPrivilege). But when I tried one of the command there, e.g. the 'net rpc rights list -U root%rootPassword', nothing came up. Is this normal? Then how to do it right? FYI, I'm using samba-3.0.20b-3.3 with openldap2-2.2.27-6, and openSuSe 10.0. Thank you for your help. Regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] tdb_fetch_uint32 failed and create_builtin_administrators failed
Hello, I've build the latest samba version(3.0.28a) as shown below on my NSLU2 running debian etch. ./autogen.sh ./configure --with-logfilebase=/usr/local/samba/log make make install That worked without any error messages and I start samba as shown below: /usr/local/samba/sbin/smbd -D /usr/local/samba/sbin/winbindd -B /usr/local/samba/sbin/nmbd -D So far it seems to work but I found some error messages in the logs: /usr/local/samba/log/log.smbd: [2008/04/19 12:21:48, 0] smbd/server.c:main(944) smbd version 3.0.28a started. Copyright Andrew Tridgell and the Samba Team 1992-2008 [2008/04/19 12:21:51, 1] lib/account_pol.c:account_policy_get(286) account_policy_get: tdb_fetch_uint32 failed for field 1 (min password length), returning 0 [2008/04/19 12:21:51, 1] lib/account_pol.c:account_policy_get(286) account_policy_get: tdb_fetch_uint32 failed for field 2 (password history), returning 0 ... And after the first connection from a client: /usr/local/samba/log/log.client [2008/04/19 12:22:32, 0] auth/auth_util.c:create_builtin_administrators(792) create_builtin_administrators: Failed to create Administrators [2008/04/19 12:22:32, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users ... Should I be unhappy about this and how can I solve that? Some details about my system: uname -a Linux hagrid 2.6.16 #1 PREEMPT Mon May 22 14:42:12 CEST 2006 armv5tel GNU/Linux more /etc/issue Debian GNU/Linux 4.0 \n \l dpkg -l | grep krb5 ii krb5-config 1.16 ii krb5-user1.4.4-7etch4 ii libkrb5-dev 1.4.4-7etch4 ii libkrb53 1.4.4-7etch4 And finally my smb.conf: [global] workgroup = FISI passdb backend = tdbsam log file = /usr/local/samba/log/log.%m [homes] comment = Home Directories read only = No create mask = 0700 directory mask = 0700 browseable = No Thank you in advance and best regards, Hartmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and Vista profile probs
Well i must say, it looks like the removal of the profile list works. ! but the mentioning of the nt4 policy's not working with vista was a big bummer... isn't there an otherway to make policy's work with vista ?? like adding the SYSVOL share orso ?? or using the policy editor of xp/vista in combination with samba. Thx, Collen ps for the maillist admin: i get a lot of duplicate mail's from the samba list. Jean-Jacques Moulis wrote: CB Hi all, I've got some problems with vista sp1 + samba 3.0.28a CB vista will not save the profiles nor load them. ! CB I'm all familiar with the .V2 thing. CB vista however does create the profilename.V2 directory, but does not CB populate it with the data CB Xp machines work like a charm however. CB profiles path's are: \\server\profiles\testuser CB so the problem with the .V2 part is not share related, coz they are a CB dir in a share. CB we do get logged in with a temp profile. so authentication works (little CB slow do...) CB do i need to alter the vista policy's or something ?? CB if i browse manually to the profile share, i will be able to create dirs CB and files define those keys on clients: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] WaitForNetwork=dword: CompatibleRUPSecurity=dword:0001 If you remove %USERPROFILE% (C:\users\john) for an user this user will be subsequently logged in with a temporary profile unless HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\SID of user is also removed. Unfortunatly Vista doesn't obey Netlogon\NTConfig.pol. you have to apply policies with other methods. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] Samba and Vista profile probs
On Mon, 21 Apr 2008 11:23:57 +0200 Collen Blijenberg [EMAIL PROTECTED] wrote: CB Well i must say, it looks like the removal CB of the profile list works. ! CB but the mentioning of the nt4 policy's not working with vista CB was a big bummer... CB isn't there an otherway to make policy's work with vista ?? CB like adding the SYSVOL share orso ?? CB or using the policy editor of xp/vista in combination with samba. CB Thx, Collen One solution is to use Wpkg for this. Have a look at: http://wpkg.org/Adding_Registry_Settings Wpkg works well with Vista (if run as SYSTEM) even with UAC enabled. Wpkg intalls and maintains software on clients computers and is IMHO an indispensable companion to a samba domain server. Regards! -- Jean-Jacques Moulis Tel: (013) 281684 ISYFax: (013) 139282 Linköping UniversityE-mail: [EMAIL PROTECTED] 581 83 Linköping -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3: bad read performance
On Fri, Apr 18, 2008 at 11:21:46PM +0400, Dmitry V Shurupov wrote: Could you define more exactly the latest code, please? We've installed Samba 3.2pre2 on our server and got no (better) result while testing with Windows client. Did you mean pre2 release or current git version of Samba 3.2 branch? No, newer code won't change the result for Windows, but I thought you were complaining about Linux client performance. And the same for CIFSFS: if you're not about CIFSFS 1.52 included in latest stable Linux kernel (2.6.25)--where can we find this code? Steve's latest code can do the 16mb streaming reads/writes with Samba 3.2. I'm CC:ing Steve so he can give you exact version numbers. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Default ACL problem in new file
Hello I have a problem with Samba+ACL and create new file permision. I have in smb.conf: create mask = 664 and I have a default ACL of: default:user::rwx default:group::r-x default:group:smbadmins:rwx default:group:pregrado:rwx default:group:docentes:rwx default:mask::rwx default:other::r-x and I did [EMAIL PROTECTED]:/SO$ touch touch.txt and ACL of new file create good: [EMAIL PROTECTED]:/SO$ getfacl touch.txt # file: touch.txt # owner: owner # group: iusers user::rw- group::r-x #effective:r-- group:smbadmins:rwx #effective:rw- group:pregrado:rwx #effective:rw- group:docentes:rwx #effective:rw- mask::rw- other::r-- Otherwise if I connect to the samba server (Ubuntu Client and nautilus) and create new file (samba.txt), new ACL is not expect: # file: samba.txt # owner: owner # group: iusers user::rw- group::r-- group:smbadmins:rwx group:pregrado:rwx group:docentes:rwx mask::rwx other::r-- Here, the execute bit is set on in the aditional groups. Why? How can I solve it? Sorry my English Regards Carlos A. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to make 'winbind nss info = sfu' work in v = 3.0.26a
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jonathan Detert wrote: It seems strange that log.winbindd-idmap says it successfully loaded nss backend 'sfu': Because the nss_info sfu and rfc2307 modules are built in the idmap ad.so module and therefore initialized at the same time. So if the idmap plugin is loaded first you are fine. But often in the parent winbindd process you will see it attempt to load the nss_info module first which seems to be failing. So, is that something that can be controlled via config? Or, are you saying it's just noise in the log file that works itself out ok in the end? No. It's real. Each winbindd process is responsible for loading the nss info plugin and calling the init function. The parent seems to be failing (my guess is due to a packaging error leaving out the nss_info directory). cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDIWoIR7qMdg1EfYRAnJFAKDsb4cmm/OqWXRiEYa87G31a0sFqACgjBni u6pCfvAJ485hyzPXmCp4xpA= =FC1u -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd in hybrid mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Weiser, Johann wrote: There is this really fancy sentence in the smb.conf man page: It is possible to use smbd in a hybrid mode where it is offers both user and share level security under different NetBIOS aliases. There are a number of question here in this mailing list around this sentence and the answers are usually to use map to guest parameter. However this parameter does not work e.g. with SECURITY = server. Therefore I would be really interested in a solution as described with this sentence above with different NetBIOS aliases. Does such a solution really exist, or should this sentence be removed from the man page? Configuring Samba virtual servers using netbios aliases or interface IP specific configurations has been around for a really long time. I'd be really surprised if map to guest doesn't work with security = server but then again, I think security = server is a really horrid idea anyways. cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDIexIR7qMdg1EfYRAr0JAKCgP13J169Irj3s/vyLKaXpj+6PlACfWK6R rs2f8/7RLQRe69N6dcQd0Rs= =xOlZ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] I need something about the source explain.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ÕÅÔÃ wrote: Hello, I am a student. Now I need to know EXACTLY about How Samba Works. I have the source on samba-3.0.28a, but it's too many for me to read and understand 'cause I was a freshman. Is there a book/paper about the samba implementation or explain for source? Not so much. But you should pick one piece. For example, lib/talloc/talloc.c and read that code to understand the memory management. Then ask specific questions on the samba-technical mailing list which is more geared for developers. cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDIcBIR7qMdg1EfYRApmMAJ9fO30urZXuTj7nPf8TRbTWFcYvDQCfVRW8 jHd4oJ55q3e+6agqA9vclmA= =GGod -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbstatus und srvmgr.exe give different informations
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andreas Moroder wrote: Hello, I read the samba3 howto and now I tried svrmgr.exe. With smbstatus I get only two users connected to this test server. According to svrmgr there are far more with a very high value in the time field. Does the svrmgr show connection that where previously open but are no more connected ? Can you send me a screenshot and smbstatus output to illustrate the problem? Thanks. cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDJA+IR7qMdg1EfYRAruCAKCPRoSXsDckDIExrm8XS1tSugSzOACgxNSI 07hjsKDMwjuMXl2cBojTg3U= =8F9e -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba send SPNEGO if Extended Security is ON
I've checked the samba code (sessetup) and found out that samba always send spnego packet when Extended Security capability is ON. (This can't be turned off/on ie. use spnego = false) Does it mean I can never connect to smb server that doesn't support spnego if Extended Security is supported by server? Is my understanding correct? Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Default ACL problem in new file
On Mon, Apr 21, 2008 at 07:53:28AM -0400, Carlos Gomez Gomez Brizulela wrote: Hello I have a problem with Samba+ACL and create new file permision. I have in smb.conf: create mask = 664 and I have a default ACL of: default:user::rwx default:group::r-x default:group:smbadmins:rwx default:group:pregrado:rwx default:group:docentes:rwx default:mask::rwx default:other::r-x and I did [EMAIL PROTECTED]:/SO$ touch touch.txt and ACL of new file create good: [EMAIL PROTECTED]:/SO$ getfacl touch.txt # file: touch.txt # owner: owner # group: iusers user::rw- group::r-x #effective:r-- group:smbadmins:rwx #effective:rw- group:pregrado:rwx #effective:rw- group:docentes:rwx #effective:rw- mask::rw- other::r-- Otherwise if I connect to the samba server (Ubuntu Client and nautilus) and create new file (samba.txt), new ACL is not expect: # file: samba.txt # owner: owner # group: iusers user::rw- group::r-- group:smbadmins:rwx group:pregrado:rwx group:docentes:rwx mask::rwx other::r-- Here, the execute bit is set on in the aditional groups. Why? How can I solve it? Can you post your full smb.conf please ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba pdc and xp host
Hello , I had a superb samba PDC server which functioned perfectly and its hosts xp until the day my disk crashs. I made backups. I reinstalled a debian and used my old /etc. Indeed, when I loggue a XP station, I recover well my profiles on the host but I can't access in the majority of the programs of station XP. My menu to start is in two parts, the part of left which are the most used software are absent like if I haven't enough rights. I realized that if I switch in the user rights the group mydomain\none in the administrators group, all functions normally. But not in the group of the normal users, nor with simple users. Some ideas because I cannot of course leave the xp stations in admin mode. Thank you. Fred. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba send SPNEGO if Extended Security is ON
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jewelyn Catingub wrote: I've checked the samba code (sessetup) and found out that samba always send spnego packet when Extended Security capability is ON. (This can't be turned off/on ie. use spnego = false) Does it mean I can never connect to smb server that doesn't support spnego if Extended Security is supported by server? Is my understanding correct? The extended security bit == spnego support. See section 4.1.1 in the SNIA CIFS tech reference. cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDKIrIR7qMdg1EfYRAsTNAKCT1HGkR463ksmWGmvRYE31AJq0KgCfapcM GbAuxzGltsPLa5qIOhdiwqc= =0lTR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] valid users = +group doesn't work
Hi Jerry, Please see below. The supplementary groups are determined by mapping the Windows group to a gid. I'm having to remember what we already convered so apoligies fotr asking again. Are you running winbindd? or just manually mapping groups to SIDs ? Seems to be the former. Winbind is running, yes. I see. But it appears to me (correct me if I'm wrong) that if a local Unix group is mapped with net sam mapunixgroup, then it becomes a local nested group and Samba could use it in valid users - but apparently it doesn't, which confuses me. No. The nested group functionality is only served by Winbind. I guess my question now boils down to the following: when I access a share as domain user DOMAIN\lz, is there a way to apply valid users check based on the Unix group membership of the Unix user lz. From what you are saying I am getting the impression that the asnwer is no; is this really so? Thanks, Leonid cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDKAIIR7qMdg1EfYRAk+fAJ4zn2iWrkmyVMcfXv9O09rRGWAzPgCcDkA8 E1O1kHw1lM1LDcE2xRcJfWY= =ch5e -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] valid users = +group doesn't work
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Leonid Zeitlin wrote: DOMAIN\lz has a different SID and token than the local user lz. Therefore the search for the local group SID of webdev will not be found in the domain user's (DOMAIN\lz) token. You can view the user's complete list of SIDs in the NT token in a level 10 smbd debug log. I see. I observe an interesting picture here. If I specify valid users = +DOMAIN\windows_group, then I am able to access the share, and in this case I see the following in the log: [2008/04/17 13:39:56, 5] auth/auth_util.c:debug_nt_user_token(454) NT user token of user S-1-5-21-800801294-1190493330-1361462980-1010 contains 19 SIDs SID[ 0]: S-1-5-21-800801294-1190493330-1361462980-1010 (... 18 more SIDs follow ... ) SE_PRIV 0x0 0x0 0x0 0x0 [2008/04/17 13:39:56, 5] auth/auth_util.c:debug_unix_user_token(474) UNIX token of user 500 Primary group is 500 and contains 0 supplementary groups [2008/04/17 13:39:56, 5] smbd/uid.c:change_to_user(273) change_to_user uid=(500,500) gid=(0,500) The list of SIDs actually includes the SID to which the local group webdev was mapped with net sam mapunixgroup! The only thing that is somewhat strange here is contains 0 supplementary groups, since my user actually has a number of supplementary groups, however, so far so good. Now, if I specify valid users = +webdev, I cannot access the share and when I try the log has something quite different: The supplementary groups are determined by mapping the Windows group to a gid. I'm having to remember what we already convered so apoligies fotr asking again. Are you running winbindd? or just manually mapping groups to SIDs ? Seems to be the former. If so, I think I remember we made a change that group mapping really only honored groups in the local SAM domain of the machine which would explain why mapping to the domain group didn't work. But I'm a little fuzzy on when (or if we really made that change). I guess I am getting confused here. Are local nested groups from winbindd the Unix local groups? If yes, this is what I need, but I'm failing to grasp how to make them work. No. See the winbind nested groups option for more details on local nested groups. These are the equivalent of Windows NT 4.0 local machine groups. I see. But it appears to me (correct me if I'm wrong) that if a local Unix group is mapped with net sam mapunixgroup, then it becomes a local nested group and Samba could use it in valid users - but apparently it doesn't, which confuses me. No. The nested group functionality is only served by Winbind. BTW, I didn't mention this before, maybe it is relevant: I am using NIS on the Samba machine. So, local user lz and group webdev are not inlocal passwd and group files, but come from NIS. I don't expect it to make a difference, but mentioning this just in case. No difference. Local in this discussion is in relation to who is authoriative for the account: e.g. either Samba (local machine) or the Domain controller. cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDKAIIR7qMdg1EfYRAk+fAJ4zn2iWrkmyVMcfXv9O09rRGWAzPgCcDkA8 E1O1kHw1lM1LDcE2xRcJfWY= =ch5e -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can't kill smbd process
TCP_NODELAY is still usefull and has a noticeable improvement in responsiveness. SO_RCVBUF=8192 and SO_SNDBUF=8192 are outdated and actually make things worse if running with a 2.6 kernel (they do help if running on a 2.4 kernel). But I too, am sure changing these will not fix your problem (but probably will improve network performance). How are you killing the open files? With kill -9? I kill locked, open files by finding the pid with lsof and then close it with sudo kill -9 pidnumber. I've never had kill -9 fail me and I imagine you would have to have serious kernel problems if kill -9 failed to kill a pid.3 James -Original Message From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ryan Novosielski Sent: Friday, April 18, 2008 3:55 PM To: samba@lists.samba.org Subject: Re: [Samba] Can't kill smbd process I've seen written here many times that the TCP options are old/no longer needed. Not that I expect that removing them will fix anything. Seems to me you have an awful lot things defined specifically there. I don't know how those relate to the defaults. Or is that testparm -v output? - -- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFICQqrmb+gadEcsb4RAmjxAKCQudeurwtv7YWf20mPvr/5pTVUqACfbF+z bTXN5/lgADDY5qywZKJEzp0= =IXls -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't kill smbd process
On 4/21/2008, James A. Dinkel ([EMAIL PROTECTED]) wrote: TCP_NODELAY is still usefull and has a noticeable improvement in responsiveness. this is contrary to what the Samba devs have repeatedly said in the past. I hope someone will chime in here and set the record straight... -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows shortcuts and permissions
I have lots of LNK files in a Samba share, which users have been creating for some time. Now we have set different permissions to folders and some of the shortcuts don't work because of that. I have read that mount --bind can be used to give access to a forbidden folder to someone, but this can only be done by root and in the command-line. Is there a way to accomplish this with a graphical tool or something like that? _ La vida de los famosos al desnudo en MSN Entretenimiento http://entretenimiento.es.msn.com/-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can't kill smbd process
I meant to specify: it has a noticeable improvement ON MY SYSTEM. This is from a personal, subjective view and I don't know that I've verified this from any other documentation. I just want to point this out because it COULD have been all in my head. I don't think overall transfer speed changed, but directory listings and opening up small files seemed to be faster. James P.S. Sorry for the formatting, but I'm posting this from Outlook which is not very mailing-list-friendly. -Original Message- From: Charles Marcus [mailto:[EMAIL PROTECTED] Sent: Monday, April 21, 2008 11:22 AM To: James A. Dinkel Cc: samba@lists.samba.org Subject: Re: [Samba] Can't kill smbd process On 4/21/2008, James A. Dinkel ([EMAIL PROTECTED]) wrote: TCP_NODELAY is still usefull and has a noticeable improvement in responsiveness. this is contrary to what the Samba devs have repeatedly said in the past. I hope someone will chime in here and set the record straight... -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't kill smbd process
On Mon, Apr 21, 2008 at 12:21:59PM -0400, Charles Marcus wrote: On 4/21/2008, James A. Dinkel ([EMAIL PROTECTED]) wrote: TCP_NODELAY is still usefull and has a noticeable improvement in responsiveness. this is contrary to what the Samba devs have repeatedly said in the past. I hope someone will chime in here and set the record straight... That's easy -- TCP_NODELAY is default :-) Volker pgpVGb2noIuNt.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't kill smbd process
On 4/21/2008 3:51 PM, Volker Lendecke wrote: On Mon, Apr 21, 2008 at 12:21:59PM -0400, Charles Marcus wrote: On 4/21/2008, James A. Dinkel ([EMAIL PROTECTED]) wrote: TCP_NODELAY is still usefull and has a noticeable improvement in responsiveness. this is contrary to what the Samba devs have repeatedly said in the past. I hope someone will chime in here and set the record straight... That's easy -- TCP_NODELAY is default :-) Well that explains it... :) thanks... -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with [homes] share for users with unix logins
Thanks for the suggestions. I wanted unix users (exclusively sysadmins and developers) to still get their normal unix login directories. On the other hand, since this is a file server, any connection via samba, should connect people to their samba file directories. It looks like your suggestion is ldapsam:trusted = yes in smb.conf. Here's a good explanation from the Samba docs: By default, Samba as a Domain Controller with an LDAP backend needs to use the Unix-style NSS subsystem to access user and group information. Due to the way Unix stores user information in /etc/passwd and /etc/group this inevitably leads to inefficiencies. One important question a user needs to know is the list of groups he is member of. The plain UNIX model involves a complete enumeration of the file /etc/group and its NSS counterparts in LDAP. UNIX has optimized functions to enumerate group membership. Sadly, other functions that are used to deal with user and group attributes lack such optimization. To make Samba scale well in large environments, the ldapsam:trusted = yes option assumes that the complete user and group database that is relevant to Samba is stored in LDAP with the standard posixAccount/posixGroup attributes. It further assumes that the Samba auxiliary object classes are stored together with the POSIX data in the same LDAP object. If these assumptions are met, ldapsam:trusted = yes can be activated and Samba can bypass the NSS system to query user group memberships. Optimized LDAP queries can greatly speed up domain logon and administration tasks. Depending on the size of the LDAP database a factor of 100 or more for common queries is easily achieved. Wes Gémes Géza wrote: From my memory: Unless you use ldapsam trusted = yes parameter samba does an nss lookup to find out the details of the user, so you either 1. remove local users 2. synchronize them to ldap 3. configure /etc/nsswitch.conf to look in ldap first then in files 4. tell samba to trust the ldap database for nss information with the parameter mentioned above. Regards Geza I have the [homes] section set up in my smb.conf so that \\server.name\user connects to the user's home directory. Since I am using OpenLDAP as a backend via smbldap-tools, for most users the home directory comes from the homeDirectory variable in OpenLDAP. However, when I have a user who also has a login on the samba machine, that is, an entry in /etc/passwd, Samba seems to ignore the value of homeDirectory and use the entry in /etc/passwd instead. Here is the section from smb.conf [homes] comment = %u's Personal Share Directory browseable = no valid users = %S @admin write list = %S @admin create mask = 0600 directory mask = 0700 I even tried adding the line path = /data/home/%S to the [homes] section, but it seems to be ignored. Any suggestions how I can make Samba prefer the value in HomeDirectory over /etc/passwd? Wes -- Wes Modes Server Administrator Programmer Analyst McHenry Library Computing Network Services Information and Technology Services 459-5208 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Replication
We don't need 100mbit access, but the current implementation is too slow. Despite having fairly large pipes. Windows Clients have a ton of latency especially when working with remote files in Office. Due to the way windows/office are written the entire system freezes when a write or read operation is taking place. Because of our workflow it is unlikely that collisions will happen (a person in office A editing the same file at the same time as a person in office B), so Unison may work. I wonder what the overhead would be cronning it that often. Unison seems to be a good fit here though. The remote offices both have high download speeds, but cap out at T1 upload speeds. So saving files is the big issue here. Files can be easily up to 15Mb routinely, though most will be around 1Mb. It is hard to find a microsoft office file under 100k now a days. DFS in samba seems like a good approach, but doesn't it depend on a clustered file system for replication? Am I missing something here? On Apr 18, 2008, at 1:37 PM, Adam Williams wrote: what do you mean by local speed access? you mean they need 100mbit/ gigabit speed to their files? are they streaming DVD rips? if both offices just need the same file share, look at DFS in samba. rsync is one way mirroring, have you looked at Unison (two way file syncing) and croning it to run every minute? http://www.cis.upenn.edu/~bcpierce/unison/ what sort of speed are the remote offices to each other? t1's or dsl/cable? you could just have one office also shared to the samba share on office two. but if its anything more then files over 100K in size they'll notice a little latency. Steve Francia wrote: Hello, I have the following situation: I have two offices, which both require local speed access to their file shares. Currently there is a single windows server that provides network shares to both offices, the remote one through a vpn. I have used Samba since the early days, and am quite familiar with it's capabilities and limitations, however I have never tried to perform replication with it. My current plan, which certainly has some limitations is to take 2 samba servers, put one in each office. Rsync the two every half an hour. This will provide redundancy and solve the major problem at hand, but will introduce new problems. 30 minutes is too long, and users may work on the same file simultaneously resulting in a conflict and changes lost. Has anyone approached this problem before? What replication options work well with the current stable build of samba? Is there any way to replicate when a file is locked, so the user will get the warning that the file is locked? Any feedback would be helpful, even if it is a link. Thanks in advance, Steve Francia -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows shortcuts and permissions
Toni Casueps wrote: I have lots of LNK files in a Samba share, which users have been creating for some time. Now we have set different permissions to folders and some of the shortcuts don't work because of that. I have read that mount --bind can be used to give access to a forbidden folder to someone, but this can only be done by root and in the command-line. Is there a way to accomplish this with a graphical tool or something like that? mount --bind can be used to mount a directory to another location. I guess it might be possible to use it to work around your security problems, but it is rather hackish. If someone needs access to a directory, but can't get it because they don't have access to the parent then either they should have access to the parent, or the subdirectory is in the wrong place. In the long run you would be far better of reorganising things so that each directory is in the right place and people have the correct permissions rather than creating binds all over the place to work around a poor file system layout. -- Michael Heydon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba server, works fine for several days, then load increases indefinately till server unavailable
Our Samba server running on CentOS 5.1 (upgraded from 5.0) with Samba 3.0.25b-1.el5_1.4 has been in place for about a year and a half. We had no issues till about 2 months ago. This may have coincided with the upgrade of CentOS 5.0 to 5.1 (which would have brought a new Samba version with it). Anyway, the server will be fine and snappy for a week or so, then out of the blue, nobody can connect. Top shows a few smbd processes maxing out the cpu and the load (which is usually 1.0) gradually climbs up to 10, 20, and onward. If I stop smb and winbind with the init scripts, then the load goes through the roof. I've waited to see if it will clear itself up, but the load skyrockets up over 1000 so I kill all the smb processes with sudo kill -9 `pgrep smbd` and then the load stops climbing and after about 5 or 10 minutes will be back down to under 1.0. At that point I can restart smb and winbind and everything is ok again. I don't see anything unusual with the logs. Can anyone help? James -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] OT: Vista NTConfig.POL
This isn't technically a samba question, but I figure there will be other samba users out there in the same boat. I have just setup the first Vista box on our samba domain and I am having some trouble with policies (they don't get applied). I have had a look around and there is alot of talk about the adm-admx change, etc but I haven't seen anyone say that anything needs to change in NTConfig.POL. Infact, there has been relatively little mention of NTConfig at all. Does Vista still support NT4 style policies? If not, what have others done to work around this? I guess I could push out .reg files through login scripts but I believe that might trigger UAC, any other suggestions? -- *Michael Heydon - IT Administratorr * [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Convert ssha password to sambaNTpassword?
Is it possible to take a SSHA password from an ldif and create a proper sambaNTpassword from it? Here's the scenario: the ldap servers in our organization do not have the samba schema installed and the likelihood of that happening is slim. I still want to provide clients with as close to a single sign on solution as possible and I can get an ldif of the accounts I need. However, the password field is SSHA and I will still need to generate sambaLMpassword and sambaNTpasswd fields (along with the rest, but that part is a wrapper script around smbldap-utils away.) There is a remote possibility of getting these hashes generated by an Identity Management Server, which would make the problem go away. The IDM solution is remote, as the admin for it is already overworked, so parsing an ldif seems to be the best solution at the moment. Any suggestions would be appreciated. -- Matt Richardson IT Consultant College of Arts and Letters CSU San Bernardino work: (909)537-7598 fax: (909)537-5926 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Replication
Steve Francia schrieb: DFS in samba seems like a good approach, but doesn't it depend on a clustered file system for replication? Am I missing something here? DFS lets your users see the shares of different servers as directories within a single share. So you could make a share on either side of your connected networks and within these shares you could add a link to the other network's share. For your users this would look like a normal directory within the local share. This is not really a distributed filesystem, I guess. If you need a real distributed filesystem, you could have a look a something like http://www.openafs.org/ . byes, Uwe -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0pre2-743-g8e1fbbc
The branch, v3-2-stable has been updated via 8e1fbbcee67d122b8b35b4da4c167da0db049f85 (commit) via ee4a34a8bec84308d6a764a884d6c4cf646a3e25 (commit) via 594f977c8c4d74cfc8889d492ebbcc55b4fce976 (commit) via bec4b4fbe56b7937c56d834cf30856c7ea10252d (commit) via 36babbbe164513ccb0c4678de4b7810cd61af47f (commit) via 5fc54f1be39339ae9b4ad41579ea125f7d5a8743 (commit) via 260c642da383cec3a9a2349b37ef4d95d022b5fc (commit) via 322ee90ea2596e51caca7daeaad14284b29be39c (commit) via 825ee29fd332fd8932829b86818f3a908df9db4d (commit) via b12907b8059b2c2e063fada7ebbe1a7e17cb4897 (commit) via 3112492283be19940a65c0d1a55b227b8c45cf22 (commit) via 606ca61d6576c266fd3f35ef867f4114beb82553 (commit) via a6a71f11e9061211266ad87fba2b03ce7f52260e (commit) via 9547b4f8cf7dbe5b46a97572cbfd59d02d6f0777 (commit) via f6ae698ce291dcb58923634ff7b10300e80c065e (commit) via f9caba82f6105d3d62cba89772b956627ec0672e (commit) via c46c6a842b907e3ea3a91fd7bbb7833fbb836f39 (commit) via c4095418c0f140f114bb1549e0a179ab4dffd789 (commit) via d98fd23e3db923ce078b4fda6382ce4f6aa771c7 (commit) via a570ab0b8955987e5f2e9bc5b7b301c83398ad40 (commit) via 2677d7d8a9888bc9425fe7f2aa3aabc6606378d0 (commit) via e81d4001d8d41fe37b524644ef2daba09cbcb9d3 (commit) via a52700719e33164929de1308522b5b55bfa33aa8 (commit) via a4b73dfc6745958be1715c488ee759e6fcd9d105 (commit) from 42d606bb90b73b561c4570e3b9ebece0abb9633c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit 8e1fbbcee67d122b8b35b4da4c167da0db049f85 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Sat Apr 19 02:45:10 2008 +0200 WHATNEW.txt: add my latest changes metze (cherry picked from commit 6ae8544ace0dd9ac67d36abbaa26cf311db880ad) commit ee4a34a8bec84308d6a764a884d6c4cf646a3e25 Author: Gerald W. Carter [EMAIL PROTECTED] Date: Thu Apr 17 18:09:08 2008 +0200 Remove unused variable from wbcCheckTrustCredentials(). (cherry picked from commit fea52dc46048ff869299267f7596b93a8c5c8b3d) commit 594f977c8c4d74cfc8889d492ebbcc55b4fce976 Author: Gerald W. Carter [EMAIL PROTECTED] Date: Thu Apr 17 17:49:53 2008 +0200 Follow error code name convention in libwbclient. s/WBC_INVALID_RESPONSE/WBC_ERR_INVALID_RESPONSE/ (cherry picked from commit d91ce012b0afb30cd22b373412d17de27c55ca86) commit bec4b4fbe56b7937c56d834cf30856c7ea10252d Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Thu Apr 17 00:17:06 2008 +0200 wbinfo: use wbcCheckTrustCredentials() metze (cherry picked from commit 2cbe5a006a6df79c38f4aaa68d498cd6d5a34dba) commit 36babbbe164513ccb0c4678de4b7810cd61af47f Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Wed Apr 16 23:35:12 2008 +0200 libwbclient: add wbcCheckTrustCredentials() This only accepts NULL as domain for now, because winbindd doesn't support checking trust passwords as a domain controller. metze (cherry picked from commit c084ccd70f42ce29ce24565969a9f440dde254e1) commit 5fc54f1be39339ae9b4ad41579ea125f7d5a8743 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Apr 14 09:35:15 2008 +0200 wbinfo: use wbcResolveWinsByName() and wbcResolveWinsByIP() metze (cherry picked from commit a4f628d6c9e2a5761c048e268a29e1f5daae4180) commit 260c642da383cec3a9a2349b37ef4d95d022b5fc Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Apr 14 09:31:46 2008 +0200 libwbclient: add wbcResolveWinsByName() and wbcResolveWinsByIP() metze (cherry picked from commit 57ba71140fbf6b4a5a917fa3248fa76536be883b) commit 322ee90ea2596e51caca7daeaad14284b29be39c Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Apr 15 10:57:16 2008 +0200 winbindd: create the messaging conntext earlier metze (cherry picked from commit 2e1b9130635235efdbf49d0b92a43b342114246c) commit 825ee29fd332fd8932829b86818f3a908df9db4d Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Apr 15 01:02:42 2008 +0200 winbindd: call reinit_after_fork() in the child processes metze (cherry picked from commit 8e9fdef792e612e41e7714a2fd4513892248) commit b12907b8059b2c2e063fada7ebbe1a7e17cb4897 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Apr 15 10:50:27 2008 +0200 nmbd: create the messaging conntext earlier metze (cherry picked from commit 056ff094ad2c59992cfdb8b29696c08dab4113d7) commit 3112492283be19940a65c0d1a55b227b8c45cf22 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Tue Apr 15 10:38:21 2008 +0200 nmbd: call reinit_after_fork() in all needed cases metze (cherry picked from commit f68829ff14c457bfa98cb2ef9e8ec2e1a0b1d64d) commit 606ca61d6576c266fd3f35ef867f4114beb82553 Author: Stefan Metzmacher [EMAIL
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1033-g2c3ffc1
The branch, v3-2-test has been updated via 2c3ffc1c53550c8e6feeca8fc0270ef9ac1ec70a (commit) via 8246ffc66e6425809cfb8ca48bb31710dcddbd26 (commit) from 14294535512a7f191c5008e622b6708e417854ae (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 2c3ffc1c53550c8e6feeca8fc0270ef9ac1ec70a Merge: 8246ffc66e6425809cfb8ca48bb31710dcddbd26 14294535512a7f191c5008e622b6708e417854ae Author: Alexander Bokovoy [EMAIL PROTECTED] Date: Mon Apr 21 11:38:20 2008 +0400 Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test commit 8246ffc66e6425809cfb8ca48bb31710dcddbd26 Author: Alexander Bokovoy [EMAIL PROTECTED] Date: Mon Apr 21 11:37:25 2008 +0400 Ignore Emacs' semantic.cache --- Summary of changes: .gitignore |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/.gitignore b/.gitignore index e210315..d924a3f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ *.o *.po *~ +semantic.cache source/TAGS source/client/client_proto.h source/libnet/libnet_proto.h -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1035-g2d6a1c5
The branch, v3-2-test has been updated via 2d6a1c5da64195784b0b102edb268356a24d84b5 (commit) via f27a20f25c9b2038621a6394821bbedbf17daa73 (commit) from 2c3ffc1c53550c8e6feeca8fc0270ef9ac1ec70a (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 2d6a1c5da64195784b0b102edb268356a24d84b5 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 10:55:23 2008 +0200 winbind: Use libnbt for NTLOGON SAMLOGON mailslot request and reply. Guenther commit f27a20f25c9b2038621a6394821bbedbf17daa73 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 10:25:28 2008 +0200 samlogoncache: Use data_blob_const in netsamlogon_cache_get. Guenther --- Summary of changes: source/Makefile.in | 18 ++-- source/libsmb/clidgram.c | 207 source/libsmb/samlogon_cache.c |3 +- source/winbindd/winbindd_cm.c |4 +- 4 files changed, 119 insertions(+), 113 deletions(-) Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index 09af6fc..27b562c 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -285,15 +285,13 @@ LIBNDR_GEN_OBJ = librpc/gen_ndr/ndr_wkssvc.o \ librpc/gen_ndr/ndr_winreg.o \ librpc/gen_ndr/ndr_initshutdown.o \ librpc/gen_ndr/ndr_srvsvc.o \ -librpc/gen_ndr/ndr_svcctl.o \ librpc/gen_ndr/ndr_eventlog.o \ librpc/gen_ndr/ndr_netlogon.o \ librpc/gen_ndr/ndr_samr.o \ librpc/gen_ndr/ndr_dssetup.o \ librpc/gen_ndr/ndr_notify.o \ librpc/gen_ndr/ndr_xattr.o \ -librpc/gen_ndr/ndr_ntsvcs.o \ -librpc/gen_ndr/ndr_nbt.o +librpc/gen_ndr/ndr_ntsvcs.o RPC_PARSE_OBJ0 = rpc_parse/parse_prs.o rpc_parse/parse_misc.o @@ -403,9 +401,12 @@ LIBADS_SERVER_OBJ = libads/kerberos_verify.o libads/authdata.o \ SECRETS_OBJ = passdb/secrets.o passdb/machine_sid.o +LIBNBT_OBJ = libcli/nbt/nbtname.o \ +librpc/gen_ndr/ndr_nbt.o \ +librpc/gen_ndr/ndr_svcctl.o + LIBNMB_OBJ = libsmb/unexpected.o libsmb/namecache.o libsmb/nmblib.o \ -libsmb/namequery.o libsmb/conncache.o libads/dns.o \ -libcli/nbt/nbtname.o +libsmb/namequery.o libsmb/conncache.o libads/dns.o NTERR_OBJ = libsmb/nterr.o DOSERR_OBJ = libsmb/doserr.o @@ -438,6 +439,7 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \ libsmb/smb_seal.o libsmb/async_smb.o \ $(LIBSAMBA_OBJ) \ $(LIBNMB_OBJ) \ +$(LIBNBT_OBJ) RPC_CLIENT_OBJ1 = rpc_client/cli_netlogon.o @@ -972,9 +974,9 @@ REPLACETORT_OBJ = lib/replace/test/testsuite.o \ $(LIBREPLACE_OBJ) NDRDUMP_OBJ = librpc/tools/ndrdump.o \ - $(PARAM_OBJ) $(LIBNDR_GEN_OBJ) \ - $(LIBSAMBA_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \ - libcli/nbt/nbtname.o + $(PARAM_OBJ) $(LIBNDR_GEN_OBJ) \ + $(LIBSAMBA_OBJ) $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) \ + librpc/gen_ndr/ndr_svcctl.o DEBUG2HTML_OBJ = utils/debug2html.o utils/debugparse.o diff --git a/source/libsmb/clidgram.c b/source/libsmb/clidgram.c index baee95b..fed5fc0 100644 --- a/source/libsmb/clidgram.c +++ b/source/libsmb/clidgram.c @@ -120,9 +120,10 @@ bool cli_send_mailslot(struct messaging_context *msg_ctx, (uint8 *)p, sizeof(p))); } -static void mailslot_name(struct in_addr dc_ip, fstring name) +static const char *mailslot_name(TALLOC_CTX *mem_ctx, struct in_addr dc_ip) { - fstr_sprintf(name, \\MAILSLOT\\NET\\GETDC%X, dc_ip.s_addr); + return talloc_asprintf(mem_ctx, %s%X, + NBT_MAILSLOT_GETDC, dc_ip.s_addr); } bool send_getdc_request(struct messaging_context *msg_ctx, @@ -130,100 +131,91 @@ bool send_getdc_request(struct messaging_context *msg_ctx, const char *domain_name, const DOM_SID *sid) { - char outbuf[1024]; struct in_addr dc_ip; - char *p; - fstring my_acct_name; - fstring my_mailslot; - size_t sid_size; + const char *my_acct_name = NULL; + const char *my_mailslot = NULL; + struct nbt_ntlogon_packet packet; + struct nbt_ntlogon_sam_logon *s; + enum ndr_err_code ndr_err; + DATA_BLOB blob; + struct dom_sid my_sid; + TALLOC_CTX *mem_ctx = talloc_tos(); + + ZERO_STRUCT(packet); + ZERO_STRUCT(my_sid); if (dc_ss-ss_family != AF_INET) { return false; } - dc_ip = ((struct sockaddr_in *)dc_ss)-sin_addr;
Re: [SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1002-gb90062e
On Sat, Apr 19, 2008 at 04:54:10PM -0500, Volker Lendecke wrote: The branch, v3-2-test has been updated via b90062e33cbde7de4961414fd35a3a588760d002 (commit) from 06c5076f8ef23ac36d234ed417b80a58ab8dd7b4 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit b90062e33cbde7de4961414fd35a3a588760d002 Author: Volker Lendecke [EMAIL PROTECTED] Date: Sat Apr 19 23:50:58 2008 +0200 Set the right domain\user in cli_rpc_pipe_open_ntlmssp_internal This probably does not matter in current code, but without this it's not possible to do the bind as a different user than the underlying smb user. Jeremy, please check! +1 looks perfectly correct - thanks for finding this. Jeremy.
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0pre2-744-gd5d3ba3
The branch, v3-2-stable has been updated via d5d3ba38e238de4523effec1249a871ff6c2a5b6 (commit) from 8e1fbbcee67d122b8b35b4da4c167da0db049f85 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit d5d3ba38e238de4523effec1249a871ff6c2a5b6 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Apr 14 12:53:11 2008 +0200 Fix the build of db_open_trans with CLUSTER_SUPPORT enabled Metze, you might want to check this. (cherry picked from commit 3b4a402bc5c349581d43a1233bcf8150) --- Summary of changes: source/lib/dbwrap.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/dbwrap.c b/source/lib/dbwrap.c index d688b83..7fe1631 100644 --- a/source/lib/dbwrap.c +++ b/source/lib/dbwrap.c @@ -131,6 +131,7 @@ struct db_context *db_open_trans(TALLOC_CTX *mem_ctx, } /* allow ctdb for individual databases to be disabled */ if (lp_parm_bool(-1, ctdb, partname, true)) { + struct db_context *result = NULL; result = db_open_ctdb(mem_ctx, partname, hash_size, tdb_flags, open_flags, mode); if (result == NULL) { @@ -139,6 +140,7 @@ struct db_context *db_open_trans(TALLOC_CTX *mem_ctx, smb_panic(failed to attach to a ctdb database); } + return result; } } #endif -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0pre2-765-g21b5659
The branch, v3-2-stable has been updated via 21b5659cf8b541dc81cf7141e58e7a481a148b96 (commit) via 5505e24f64d45166923e5f85e900d6fffe8199c0 (commit) via 433c5fcb1bbde8e4d7cb8620087b6ea109dd111e (commit) via 766e8dc1f5984fa9fb8a863dd683fb0ef9747609 (commit) via eac6515d615877cd2cfed7f13dfd813f67e42157 (commit) via ba0c8db0f337dccd63a630a831ea78a2f284dfe3 (commit) via 7856edd1b52ebccb9ad6f9993860e8b4d7dd115b (commit) via 07d938db72a3ea43b7666284d6b83a7d1c8a6b13 (commit) via 94d30b470e63666e57979c904195f39ff57e103b (commit) via 5c76dfc4fc04eabf2988b45613b519dbbdf6fb00 (commit) via e43e5e1c645d927e34af5c170b9583e736ca4e1d (commit) via aa7c38aaf25724c4fad2be7a4634b106cb49a8a5 (commit) via aa76d020ca28e693048df72de0186055b3b595d5 (commit) via 32608d79e78eb899069ce4196e70b9f8613a531c (commit) via 832f54ead4b46b3574e6972651e0e3af07f962c7 (commit) via bad9e77dacbcae46f35183d1f49800b8ed2d610d (commit) via 1db5396807c0b569e5ef38aa134b89064cb46ea6 (commit) via 4437be90eaa4c105e212f313d1179c462e109f4a (commit) via adfc30240e8e928535b2198677ba68b46ef5f768 (commit) via 4fd3044bba8e62fa9c57a92c49064b216d339f3c (commit) via cd04debd9a089335bb0f36f9283edc4c85b401ce (commit) from d5d3ba38e238de4523effec1249a871ff6c2a5b6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit 21b5659cf8b541dc81cf7141e58e7a481a148b96 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Apr 21 00:17:49 2008 +0200 loadparm: rename bNoIncludes to bAllowIncludeRegistry (inverting logic) This is what that variable controls now... Michael (cherry picked from commit bba04a8fba6fd5cf62578733cfdabea590e8ff51) commit 5505e24f64d45166923e5f85e900d6fffe8199c0 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Apr 21 00:06:45 2008 +0200 loadparm: make lo_load_initial() only skip registry include. This is only to be able to set everything properly for registry before reading registry includes. This fixes make test as non-root user in a directory, where root-daemons have already created a messaging.tdb in the compiled in lockdir... Michael (cherry picked from commit 1bb28bc1d8e83d174cd171e9d96f22ac524187c3) commit 433c5fcb1bbde8e4d7cb8620087b6ea109dd111e Author: Michael Adam [EMAIL PROTECTED] Date: Thu Apr 17 15:22:41 2008 +0200 build: add missing dependency for libtdb.so to pam_smbpass Thanks to Andreas Schneider for noticing. Michael (cherry picked from commit db708d4004adcd4a75c28d630dbd43b03e40f205) commit 766e8dc1f5984fa9fb8a863dd683fb0ef9747609 Author: Michael Adam [EMAIL PROTECTED] Date: Wed Apr 16 22:42:49 2008 +0200 libsmbconf: fix segfault in listing share names / config. Discovered by Günther while giving a talk. - Sorry Günther! Michael (cherry picked from commit 518f4d4e6662138a2e71acc2296acedefc7c739a) commit eac6515d615877cd2cfed7f13dfd813f67e42157 Author: Michael Adam [EMAIL PROTECTED] Date: Tue Apr 15 17:39:01 2008 +0200 libmsbconf: add handling of NULL share parameters to registry backend. Michael (cherry picked from commit 6c1181fda2f040d9555917b10a65bc0dfc1f0593) commit ba0c8db0f337dccd63a630a831ea78a2f284dfe3 Author: Michael Adam [EMAIL PROTECTED] Date: Tue Apr 15 17:37:39 2008 +0200 libsmbconf: don't complain with WERR_ALREADY_EXISTS for NULL share in smbconf_create_share(). These are values stored inside the base key for registry. This is not getting deleted. Michael (cherry picked from commit aa167de8252bb615bd21fb3fd9468383b8357d32) commit 7856edd1b52ebccb9ad6f9993860e8b4d7dd115b Author: Michael Adam [EMAIL PROTECTED] Date: Tue Apr 15 17:36:44 2008 +0200 net conf: adapt output of NULL share params in net conf list. don't list NULL share name and don't indent these parameters Michael (cherry picked from commit 0212b38913945ce3c8b14734804d81f1cd315621) commit 07d938db72a3ea43b7666284d6b83a7d1c8a6b13 Author: Michael Adam [EMAIL PROTECTED] Date: Tue Apr 15 17:36:11 2008 +0200 net conf: simplify logic in test output of net conf import. Michael (cherry picked from commit 367c8b133b2f3e73155f20f689602909eef9827b) commit 94d30b470e63666e57979c904195f39ff57e103b Author: Michael Adam [EMAIL PROTECTED] Date: Tue Apr 15 16:06:57 2008 +0200 libsmbconf: make sure to always list the NULL section first in text backend. Michael (cherry picked from commit b50fdf321dc8056caa2b057cbd7f83792dfbcd4d) commit 5c76dfc4fc04eabf2988b45613b519dbbdf6fb00 Author: Michael Adam [EMAIL PROTECTED] Date: Tue Apr 15 14:38:36 2008 +0200 net conf: fix output of out-of-share parameters in test mode import Michael (cherry
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-28a-35-gd30efed
The branch, v3-0-test has been updated via d30efedfffd41a493c522642a8c95f4a5aafacab (commit) from 33bbefd492e9b0b873e47c032657db0c8e812c39 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit d30efedfffd41a493c522642a8c95f4a5aafacab Author: Björn Jacke [EMAIL PROTECTED] Date: Mon Apr 21 12:44:13 2008 +0200 fix alignment bug hitting Solaris with reset in zero vc activated --- Summary of changes: source/smbd/sesssetup.c | 13 - 1 files changed, 8 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source/smbd/sesssetup.c b/source/smbd/sesssetup.c index 378d8aa..0257cfa 100644 --- a/source/smbd/sesssetup.c +++ b/source/smbd/sesssetup.c @@ -1184,22 +1184,25 @@ static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf, static int shutdown_other_smbds(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void *p) { - struct sessionid *sessionid = (struct sessionid *)dbuf.dptr; + struct sessionid sessionid; const char *ip = (const char *)p; - if (!process_exists(pid_to_procid(sessionid-pid))) { + SMB_ASSERT(dbuf.dsize == sizeof(sessionid)); + memcpy(sessionid, dbuf.dptr, sizeof(sessionid)); + + if (!process_exists(pid_to_procid(sessionid.pid))) { return 0; } - if (sessionid-pid == sys_getpid()) { + if (sessionid.pid == sys_getpid()) { return 0; } - if (strcmp(ip, sessionid-ip_addr) != 0) { + if (strcmp(ip, sessionid.ip_addr) != 0) { return 0; } - message_send_pid(pid_to_procid(sessionid-pid), MSG_SHUTDOWN, + message_send_pid(pid_to_procid(sessionid.pid), MSG_SHUTDOWN, NULL, 0, True); return 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0pre2-766-ga76356a
The branch, v3-2-stable has been updated via a76356a717fd7b340ff93f8e7a43aff0827ed25d (commit) from 21b5659cf8b541dc81cf7141e58e7a481a148b96 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit a76356a717fd7b340ff93f8e7a43aff0827ed25d Author: Bo Yang [EMAIL PROTECTED] Date: Mon Apr 7 09:51:42 2008 -0400 Only cache password policy results that worked, otherwise we cannot login until the cache expires even if a connection to a DC has been restored. (cherry picked from commit 8671f9767d7d93a86712741303d6046937c3aae8) --- Summary of changes: source/winbindd/winbindd_cache.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/winbindd/winbindd_cache.c b/source/winbindd/winbindd_cache.c index f653172..ddb0ab3 100644 --- a/source/winbindd/winbindd_cache.c +++ b/source/winbindd/winbindd_cache.c @@ -2232,7 +2232,9 @@ do_query: /* and save it */ refresh_sequence_number(domain, false); - wcache_save_password_policy(domain, status, policy); + if (NT_STATUS_IS_OK(status)) { + wcache_save_password_policy(domain, status, policy); + } return status; } -- Samba Shared Repository
[SCM] CTDB repository - branch master updated - eff3f326f8ce6070c9f3c430cd14d1b71a8db220
The branch, master has been updated via eff3f326f8ce6070c9f3c430cd14d1b71a8db220 (commit) from 3fad7d67f2c66ac3a65cfd821fd6db6342f4a3f0 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit eff3f326f8ce6070c9f3c430cd14d1b71a8db220 Author: Ronnie Sahlberg [EMAIL PROTECTED] Date: Tue Apr 22 00:56:27 2008 +1000 when a node disgrees with us re who is recmaster make it mark that node as a lcuprit so it eventually gets banned --- Summary of changes: server/ctdb_recoverd.c |8 ++-- 1 files changed, 6 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/server/ctdb_recoverd.c b/server/ctdb_recoverd.c index 0d1ef02..1ffae72 100644 --- a/server/ctdb_recoverd.c +++ b/server/ctdb_recoverd.c @@ -1914,6 +1914,7 @@ static enum monitor_result verify_recmode(struct ctdb_context *ctdb, struct ctdb struct verify_recmaster_data { + struct ctdb_recoverd *rec; uint32_t count; uint32_t pnn; enum monitor_result status; @@ -1942,6 +1943,7 @@ static void verify_recmaster_callback(struct ctdb_client_control_state *state) */ if (state-status != rmdata-pnn) { DEBUG(DEBUG_ERR,(Node %d does not agree we are the recmaster. Need a new recmaster election\n, state-c-hdr.destnode)); + ctdb_set_culprit(rmdata-rec, state-c-hdr.destnode); rmdata-status = MONITOR_ELECTION_NEEDED; } @@ -1950,8 +1952,9 @@ static void verify_recmaster_callback(struct ctdb_client_control_state *state) /* verify that all nodes agree that we are the recmaster */ -static enum monitor_result verify_recmaster(struct ctdb_context *ctdb, struct ctdb_node_map *nodemap, uint32_t pnn) +static enum monitor_result verify_recmaster(struct ctdb_recoverd *rec, struct ctdb_node_map *nodemap, uint32_t pnn) { + struct ctdb_context *ctdb = rec-ctdb; struct verify_recmaster_data *rmdata; TALLOC_CTX *mem_ctx = talloc_new(ctdb); struct ctdb_client_control_state *state; @@ -1960,6 +1963,7 @@ static enum monitor_result verify_recmaster(struct ctdb_context *ctdb, struct ct rmdata = talloc(mem_ctx, struct verify_recmaster_data); CTDB_NO_MEMORY_FATAL(ctdb, rmdata); + rmdata-rec= rec; rmdata-count = 0; rmdata-pnn= pnn; rmdata-status = MONITOR_OK; @@ -2453,7 +2457,7 @@ again: /* verify that all active nodes agree that we are the recmaster */ - switch (verify_recmaster(ctdb, nodemap, pnn)) { + switch (verify_recmaster(rec, nodemap, pnn)) { case MONITOR_RECOVERY_NEEDED: /* can not happen */ goto again; -- CTDB repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1036-g8723235
The branch, v3-2-test has been updated via 87232351b5e66728f8d602259961909e8c1dfcb6 (commit) from 2d6a1c5da64195784b0b102edb268356a24d84b5 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 87232351b5e66728f8d602259961909e8c1dfcb6 Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Apr 21 17:48:31 2008 +0200 Add in a nice big comment explaining why SamLogonEx matters. Andrew Bartlett --- Summary of changes: source/winbindd/winbindd_pam.c | 21 + 1 files changed, 21 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/winbindd/winbindd_pam.c b/source/winbindd/winbindd_pam.c index bc27f3d..2de10a9 100644 --- a/source/winbindd/winbindd_pam.c +++ b/source/winbindd/winbindd_pam.c @@ -1307,6 +1307,27 @@ NTSTATUS winbindd_dual_pam_auth_samlogon(struct winbindd_domain *domain, goto done; } + /* It is really important to try SamLogonEx here, +* because in a clustered environment, we want to use +* one machine account from multiple physical +* computers. +* +* With a normal SamLogon call, we must keep the +* credentials chain updated and intact between all +* users of the machine account (which would imply +* cross-node communication for every NTLM logon). +* +* (The credentials chain is not per NETLOGON pipe +* connection, but globally on the server/client pair +* by machine name). +* +* When using SamLogonEx, the credentials are not +* supplied, but the session key is implied by the +* wrapping SamLogon context. +* +* -- abartlet 21 April 2008 +*/ + logon_fn = contact_domain-can_do_samlogon_ex ? rpccli_netlogon_sam_network_logon_ex : rpccli_netlogon_sam_network_logon; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha3-264-g8fa23fa
The branch, v4-0-test has been updated via 8fa23fac516dbf4c8245c1d009e81f02a6341775 (commit) from 13a0941d3432dc7dae552048265ad1e762b781d4 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 8fa23fac516dbf4c8245c1d009e81f02a6341775 Author: Jelmer Vernooij [EMAIL PROTECTED] Date: Mon Apr 21 17:59:08 2008 +0200 Load default smb.conf file if none was specified explicitly. --- Summary of changes: source/param/param.i|9 +++ source/param/param.py |6 +- source/param/param_wrap.c | 76 --- source/pidl/lib/Parse/Pidl/Samba4/Python.pm |8 +-- 4 files changed, 70 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source/param/param.i b/source/param/param.i index 77d781d..2f62cb2 100644 --- a/source/param/param.i +++ b/source/param/param.i @@ -307,6 +307,15 @@ struct loadparm_context *lp_from_py_object(PyObject *py_obj) return lp_ctx; } +if (py_obj == Py_None) { +lp_ctx = loadparm_init(NULL); +if (!lp_load_default(lp_ctx)) { +talloc_free(lp_ctx); +return NULL; +} +return lp_ctx; +} + if (SWIG_ConvertPtr(py_obj, (void *)lp_ctx, SWIGTYPE_p_loadparm_context, 0 | 0 ) 0) return NULL; return lp_ctx; diff --git a/source/param/param.py b/source/param/param.py index 025acc6..0419c75 100644 --- a/source/param/param.py +++ b/source/param/param.py @@ -1,5 +1,5 @@ # This file was automatically generated by SWIG (http://www.swig.org). -# Version 1.3.33 +# Version 1.3.35 # # Don't modify this file, modify the SWIG interface instead. @@ -79,7 +79,7 @@ LoadParm_swigregister(LoadParm) class loadparm_service(object): thisown = _swig_property(lambda x: x.this.own(), lambda x, v: x.this.own(v), doc='The membership flag') -def __init__(self): raise AttributeError, No constructor defined +def __init__(self, *args, **kwargs): raise AttributeError, No constructor defined __repr__ = _swig_repr loadparm_service.volume_label = new_instancemethod(_param.loadparm_service_volume_label,None,loadparm_service) loadparm_service.printername = new_instancemethod(_param.loadparm_service_printername,None,loadparm_service) @@ -137,7 +137,7 @@ ParamFile_swigregister(ParamFile) class param_opt(object): thisown = _swig_property(lambda x: x.this.own(), lambda x, v: x.this.own(v), doc='The membership flag') -def __init__(self): raise AttributeError, No constructor defined +def __init__(self, *args, **kwargs): raise AttributeError, No constructor defined __repr__ = _swig_repr key = _swig_property(_param.param_opt_key_get) value = _swig_property(_param.param_opt_value_get) diff --git a/source/param/param_wrap.c b/source/param/param_wrap.c index e74f902..d07be04 100644 --- a/source/param/param_wrap.c +++ b/source/param/param_wrap.c @@ -1,6 +1,6 @@ /* * This file was automatically generated by SWIG (http://www.swig.org). - * Version 1.3.33 + * Version 1.3.35 * * This file is not intended to be easily readable and contains a number of * coding conventions designed to improve portability and efficiency. Do not make @@ -126,7 +126,7 @@ /* This should only be incremented when either the layout of swig_type_info changes, or for whatever reason, the runtime changes incompatibly */ -#define SWIG_RUNTIME_VERSION 3 +#define SWIG_RUNTIME_VERSION 4 /* define SWIG_TYPE_TABLE_NAME as SWIG_TYPE_TABLE */ #ifdef SWIG_TYPE_TABLE @@ -161,6 +161,7 @@ /* Flags for pointer conversions */ #define SWIG_POINTER_DISOWN0x1 +#define SWIG_CAST_NEW_MEMORY 0x2 /* Flags for new pointer objects */ #define SWIG_POINTER_OWN 0x1 @@ -301,10 +302,10 @@ SWIGINTERNINLINE int SWIG_CheckState(int r) { extern C { #endif -typedef void *(*swig_converter_func)(void *); +typedef void *(*swig_converter_func)(void *, int *); typedef struct swig_type_info *(*swig_dycast_func)(void **); -/* Structure to store inforomation on one type */ +/* Structure to store information on one type */ typedef struct swig_type_info { const char *name;/* mangled name of this type */ const char *str; /* human readable name of this type */ @@ -431,8 +432,8 @@ SWIG_TypeCheckStruct(swig_type_info *from, swig_type_info *into) { Cast a pointer up an inheritance hierarchy */ SWIGRUNTIMEINLINE void * -SWIG_TypeCast(swig_cast_info *ty, void *ptr) { - return ((!ty) || (!ty-converter)) ? ptr : (*ty-converter)(ptr); +SWIG_TypeCast(swig_cast_info *ty, void *ptr, int *newmemory) { + return ((!ty) || (!ty-converter)) ? ptr : (*ty-converter)(ptr,
[SCM] SAMBA-CTDB repository - branch v3-2-ctdb updated - 010f9ab44cf3bfd9985f9cbee2d195fa45ef635c
The branch, v3-2-ctdb has been updated via 010f9ab44cf3bfd9985f9cbee2d195fa45ef635c (commit) from 0f287cd500173ba8676e30d9c839c4368a6545e9 (commit) http://gitweb.samba.org/?p=tridge/samba-ctdb.git;a=shortlog;h=v3-2-ctdb - Log - commit 010f9ab44cf3bfd9985f9cbee2d195fa45ef635c Author: Bo Yang [EMAIL PROTECTED] Date: Mon Apr 7 09:51:42 2008 -0400 Only cache password policy results that worked, otherwise we cannot login until the cache expires even if a connection to a DC has been restored. (cherry picked from commit 8671f9767d7d93a86712741303d6046937c3aae8) --- Summary of changes: source/winbindd/winbindd_cache.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/winbindd/winbindd_cache.c b/source/winbindd/winbindd_cache.c index f653172..ddb0ab3 100644 --- a/source/winbindd/winbindd_cache.c +++ b/source/winbindd/winbindd_cache.c @@ -2232,7 +2232,9 @@ do_query: /* and save it */ refresh_sequence_number(domain, false); - wcache_save_password_policy(domain, status, policy); + if (NT_STATUS_IS_OK(status)) { + wcache_save_password_policy(domain, status, policy); + } return status; } -- SAMBA-CTDB repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1042-ga51cb3c
The branch, v3-2-test has been updated via a51cb3c1a9549d74c1e5cf05bc43b955af1a25b7 (commit) via 831a09ae25e98eacc0b0be5390d3ac3aa671a8a5 (commit) via 4244be792eeb69e883a1ece013b62fe6941086f2 (commit) via b294b2055a422e1af59e3b6843b84750b6786d99 (commit) via 8eff35bc4acc13807c895af43b52db79ee195cb5 (commit) via 8c12c5cea01d9b801fe80c2a87b8139c488a62a5 (commit) from 87232351b5e66728f8d602259961909e8c1dfcb6 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit a51cb3c1a9549d74c1e5cf05bc43b955af1a25b7 Author: James Peach [EMAIL PROTECTED] Date: Mon Apr 21 11:19:22 2008 -0700 smbspool: Fix the smbspool build. commit 831a09ae25e98eacc0b0be5390d3ac3aa671a8a5 Author: James Peach [EMAIL PROTECTED] Date: Mon Apr 21 10:57:09 2008 -0700 smbspool: minor formatting cleanups. commit 4244be792eeb69e883a1ece013b62fe6941086f2 Author: James Peach [EMAIL PROTECTED] Date: Mon Apr 21 10:10:29 2008 -0700 smbspool: Run indent to approximate conding standards. commit b294b2055a422e1af59e3b6843b84750b6786d99 Author: James Peach [EMAIL PROTECTED] Date: Mon Apr 21 09:29:07 2008 -0700 smbspool: add my copyright. commit 8eff35bc4acc13807c895af43b52db79ee195cb5 Author: Mike Sweet [EMAIL PROTECTED] Date: Mon Apr 21 09:19:51 2008 -0700 smbspool: Fix CUPS authentication protocol support. There were a couple of places where we weren't checking for authentication correctly. This chance fixes those places and properly supports Kerberos where available. commit 8c12c5cea01d9b801fe80c2a87b8139c488a62a5 Author: Mike Sweet [EMAIL PROTECTED] Date: Mon Apr 21 09:16:01 2008 -0700 smbspool: fix Kerberos support for CUPS 1.3. To summarize the changes, the patches remove the old (probably non- working) Kerberos support code which is unnecessary with CUPS 1.3 and adds some checks on the NT status we get back to see whether the connection error is related to authentication. If so, we send the ATTR: message to tell CUPS we need a username and password and return exit code 2 so cupsd will do the right thing. AUTH_USERNAME, AUTH_PASSWORD, and KRB5CCNAME are set and supported by CUPS 1.3. The new exit code is supported by CUPS 1.2.x and 1.3, and it treated as a general failure in CUPS 1.1. The ATTR: message is only supported by CUPS 1.3, while CUPS 1.2 will assume the username,password value we are setting. The current code only uses the AUTH_* env vars if they are set. If not, we fall back to the previous behavior. I really can't tell whether the Kerberos code that was in there would work at all. It did not work for Mac OS X which is why I dropped it. --- Summary of changes: source/client/smbspool.c | 1104 +++--- 1 files changed, 545 insertions(+), 559 deletions(-) Changeset truncated at 500 lines: diff --git a/source/client/smbspool.c b/source/client/smbspool.c index e827df4..ed5fc69 100644 --- a/source/client/smbspool.c +++ b/source/client/smbspool.c @@ -1,33 +1,47 @@ -/* +/* Unix SMB/CIFS implementation. SMB backend for the Common UNIX Printing System (CUPS) - Copyright 1999 by Easy Software Products - Copyright Andrew Tridgell 1994-1998 - Copyright Andrew Bartlett 2002 - Copyright Rodrigo Fernandez-Vizarra 2005 - + + Copyright (C) Easy Software Products1999 + Copyright (C) Andrew Tridgell 1994-1998 + Copyright (C) Andrew Bartlett 2002 + Copyright (C) Rodrigo Fernandez-Vizarra 2005 + Copyright (C) James Peach 2008 + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/. */ #include includes.h -#define TICKET_CC_DIR/tmp -#define CC_PREFIXkrb5cc_ /* prefix of the ticket cache */ -#define CC_MAX_FILE_LEN 24 -#define CC_MAX_FILE_PATH_LEN (sizeof(TICKET_CC_DIR)-1)+ CC_MAX_FILE_LEN+2 -#define OVERWRITE1 -#define KRB5CCNAME KRB5CCNAME +/* + * Starting with CUPS 1.3, Kerberos support is provided by cupsd including + * the forwarding of user credentials via the authenticated session between + *
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1052-g8a5fadf
The branch, v3-2-test has been updated via 8a5fadf6a183e4e4ccc77283b3ddba0748c6abfb (commit) via 5e0ccaf0c02a2d2d87ed8a2999c09ae1ccfc48e8 (commit) via d38c5f4a69f67f29cc057e4aa0ad14f5112f6844 (commit) via 538eefe22ad69540b9f73ffaa613d6be045de199 (commit) via 4cee7b1bd5cd97c414b73d6f39238958480cdcf3 (commit) via 751f3064a508341c0ebae45e8de9f5311d915d70 (commit) via f9d68ca363f7e98bfb21a06283e4f02000d6d79c (commit) via f0917e8990ee6ada993c2c9808179eb0f8cfd662 (commit) via 1724000a95f3814a5ce4eaf5807dbf20e7e2e4f0 (commit) via 675bf42cfff89b05f21d77ca74eba20c4a24d44c (commit) from a51cb3c1a9549d74c1e5cf05bc43b955af1a25b7 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 8a5fadf6a183e4e4ccc77283b3ddba0748c6abfb Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 20:14:32 2008 +0200 net: Add libnetapi context to net's impressive list of globals. Guenther commit 5e0ccaf0c02a2d2d87ed8a2999c09ae1ccfc48e8 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 20:03:17 2008 +0200 IDL: rerun make idl. Guenther commit d38c5f4a69f67f29cc057e4aa0ad14f5112f6844 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 20:02:46 2008 +0200 IDL: now that we have nbt.idl, re-add it to the includes again. Guenther commit 538eefe22ad69540b9f73ffaa613d6be045de199 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 19:59:27 2008 +0200 cldap: avoid duplicate definitions so remove ads_cldap.h. Guenther commit 4cee7b1bd5cd97c414b73d6f39238958480cdcf3 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 19:47:13 2008 +0200 cldap: add talloc context to ads_cldap_netlogon(). Guenther commit 751f3064a508341c0ebae45e8de9f5311d915d70 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 19:26:32 2008 +0200 libads: Use libnbt for CLDAP reply parsing. Guenther commit f9d68ca363f7e98bfb21a06283e4f02000d6d79c Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 19:29:24 2008 +0200 IDL: re-run make idl. Guenther commit f0917e8990ee6ada993c2c9808179eb0f8cfd662 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 19:28:13 2008 +0200 IDL: make nbt_cldap_netlogon_5 public. Guenther commit 1724000a95f3814a5ce4eaf5807dbf20e7e2e4f0 Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 19:27:45 2008 +0200 IDL: Add NTLOGON_RESPONSE_FROM_PDC2 to nbt_logon_request. Guenther commit 675bf42cfff89b05f21d77ca74eba20c4a24d44c Author: Günther Deschner [EMAIL PROTECTED] Date: Mon Apr 21 17:51:36 2008 +0200 winbind: pass down existing talloc context. Guenther --- Summary of changes: source/include/ads_cldap.h | 60 -- source/include/includes.h|1 - source/libads/cldap.c| 112 ++ source/libads/ldap.c | 61 +++ source/librpc/gen_ndr/nbt.h |8 ++- source/librpc/gen_ndr/ndr_nbt.c | 15 +++-- source/librpc/gen_ndr/ndr_nbt.h |2 + source/librpc/gen_ndr/ndr_netlogon.c |1 + source/librpc/gen_ndr/netlogon.h | 19 +++--- source/librpc/idl/nbt.idl|7 +- source/librpc/idl/netlogon.idl | 20 +++--- source/libsmb/clidgram.c |8 +- source/libsmb/dsgetdcname.c | 52 source/libsmb/namequery_dc.c |2 +- source/nmbd/nmbd_processlogon.c |4 +- source/utils/net.c |7 +-- source/utils/net.h |1 + source/utils/net_ads.c | 49 +++ source/utils/net_rpc.c | 11 ++-- source/winbindd/winbindd_cm.c| 13 ++-- 20 files changed, 164 insertions(+), 289 deletions(-) delete mode 100644 source/include/ads_cldap.h Changeset truncated at 500 lines: diff --git a/source/include/ads_cldap.h b/source/include/ads_cldap.h deleted file mode 100644 index 692fc1b..000 --- a/source/include/ads_cldap.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - Samba Unix/Linux SMB client library - net ads cldap functions - Copyright (C) 2001 Andrew Tridgell ([EMAIL PROTECTED]) - Copyright (C) 2003 Jim McDonough ([EMAIL PROTECTED]) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1053-g3d8c2a4
The branch, v3-2-test has been updated via 3d8c2a47e677a4c4aacf4abf148b1bd8163c3351 (commit) from 8a5fadf6a183e4e4ccc77283b3ddba0748c6abfb (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 3d8c2a47e677a4c4aacf4abf148b1bd8163c3351 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Apr 21 08:01:51 2008 +0200 Remove the pwd struct from rpc_pipe_client The only user of this was decrypt_trustdom_secret, and this only needs the NT hash anyway. --- Summary of changes: source/include/client.h |1 - source/libsmb/smbencrypt.c| 10 +++--- source/rpc_client/cli_pipe.c | 14 -- source/rpcclient/cmd_lsarpc.c | 35 +++ source/utils/net_rpc.c|9 +++-- 5 files changed, 49 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/source/include/client.h b/source/include/client.h index 5cfc9a6..9cbfa51 100644 --- a/source/include/client.h +++ b/source/include/client.h @@ -73,7 +73,6 @@ struct rpc_pipe_client { char *domain; char *user_name; - struct pwd_info pwd; uint16 max_xmit_frag; uint16 max_recv_frag; diff --git a/source/libsmb/smbencrypt.c b/source/libsmb/smbencrypt.c index e7198b8..11f8780 100644 --- a/source/libsmb/smbencrypt.c +++ b/source/libsmb/smbencrypt.c @@ -630,27 +630,23 @@ void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *sessi } /* Decrypts password-blob with session-key - * @param pass password for session-key + * @param nt_hash NT hash for the session key * @param data_in DATA_BLOB encrypted password * * Returns cleartext password in CH_UNIX * Caller must free the returned string */ -char *decrypt_trustdom_secret(const char *pass, DATA_BLOB *data_in) +char *decrypt_trustdom_secret(uint8_t nt_hash[16], DATA_BLOB *data_in) { DATA_BLOB data_out, sess_key; - uchar nt_hash[16]; uint32_t length; uint32_t version; fstring cleartextpwd; - if (!data_in || !pass) + if (!data_in || !nt_hash) return NULL; - /* generate md4 password-hash derived from the NT UNICODE password */ - E_md4hash(pass, nt_hash); - /* hashed twice with md4 */ mdfour(nt_hash, nt_hash, 16); diff --git a/source/rpc_client/cli_pipe.c b/source/rpc_client/cli_pipe.c index d4ce454..828307c 100644 --- a/source/rpc_client/cli_pipe.c +++ b/source/rpc_client/cli_pipe.c @@ -2139,6 +2139,18 @@ bool rpccli_is_pipe_idx(struct rpc_pipe_client *cli, int pipe_idx) return (cli-abstract_syntax == pipe_names[pipe_idx].abstr_syntax); } +bool rpccli_get_pwd_hash(struct rpc_pipe_client *cli, uint8_t nt_hash[16]) +{ + if (!((cli-auth.auth_type == PIPE_AUTH_TYPE_NTLMSSP) + || (cli-auth.auth_type == PIPE_AUTH_TYPE_SPNEGO_NTLMSSP))) { + E_md4hash(cli-cli-pwd.password, nt_hash); + return true; + } + + memcpy(nt_hash, cli-auth.a_u.ntlmssp_state-nt_hash, 16); + return true; +} + struct cli_state *rpc_pipe_np_smb_conn(struct rpc_pipe_client *p) { return p-cli; @@ -2337,8 +2349,6 @@ static struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_internal(struct cli_sta goto err; } - pwd_set_cleartext(result-pwd, password); - *perr = ntlmssp_client_start(ntlmssp_state); if (!NT_STATUS_IS_OK(*perr)) { goto err; diff --git a/source/rpcclient/cmd_lsarpc.c b/source/rpcclient/cmd_lsarpc.c index 88e4954..0419c87 100644 --- a/source/rpcclient/cmd_lsarpc.c +++ b/source/rpcclient/cmd_lsarpc.c @@ -948,7 +948,8 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli, return result; } -static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p, const char *password) +static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p, +uint8_t nt_hash[16]) { char *pwd, *pwd_old; @@ -958,8 +959,8 @@ static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p, cons memcpy(data.data, p-password-data, p-password-length); memcpy(data_old.data, p-old_password-data, p-old_password-length); - pwd = decrypt_trustdom_secret(password, data); - pwd_old = decrypt_trustdom_secret(password, data_old); + pwd = decrypt_trustdom_secret(nt_hash, data); + pwd_old = decrypt_trustdom_secret(nt_hash, data_old); d_printf(Password:\t%s\n, pwd); d_printf(Old Password:\t%s\n, pwd_old); @@ -974,11 +975,11 @@ static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p, cons static void display_trust_dom_info(TALLOC_CTX *mem_ctx,
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1055-gec86deb
The branch, v3-2-test has been updated via ec86deb349850c634b49cd5a536e9281a4a6e7d8 (commit) via bb72d0b71e2a85d50e7bd893670c3eec69717580 (commit) from 3d8c2a47e677a4c4aacf4abf148b1bd8163c3351 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit ec86deb349850c634b49cd5a536e9281a4a6e7d8 Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 22 00:05:05 2008 +0200 dsgetdcname: Fix discover_dc_dns(). Guenther commit bb72d0b71e2a85d50e7bd893670c3eec69717580 Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 22 00:04:25 2008 +0200 dsgetdcname: add very basic flat name support. Guenther --- Summary of changes: source/libsmb/dsgetdcname.c | 181 --- 1 files changed, 170 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/dsgetdcname.c b/source/libsmb/dsgetdcname.c index 7834632..5af65c5 100644 --- a/source/libsmb/dsgetdcname.c +++ b/source/libsmb/dsgetdcname.c @@ -391,15 +391,60 @@ static NTSTATUS discover_dc_netbios(TALLOC_CTX *mem_ctx, const char *domain_name, uint32_t flags, struct ip_service_name **returned_dclist, - int *return_count) + int *returned_count) { + NTSTATUS status; + enum nbt_name_type name_type = NBT_NAME_LOGON; + struct ip_service *iplist; + int i; + struct ip_service_name *dclist = NULL; + int count; + + *returned_dclist = NULL; + *returned_count = 0; + if (lp_disable_netbios()) { return NT_STATUS_NOT_SUPPORTED; } - /* FIXME: code here */ + if (flags DS_PDC_REQUIRED) { + name_type = NBT_NAME_PDC; + } - return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND; + status = internal_resolve_name(domain_name, name_type, NULL, + iplist, count, + lmhosts wins bcast); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10,(discover_dc_netbios: failed to find DC\n)); + return status; + } + + dclist = TALLOC_ZERO_ARRAY(mem_ctx, struct ip_service_name, count); + if (!dclist) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0; icount; i++) { + + char addr[INET6_ADDRSTRLEN]; + struct ip_service_name *r = dclist[i]; + + print_sockaddr(addr, sizeof(addr), + iplist[i].ss); + + r-ss = iplist[i].ss; + r-port = iplist[i].port; + r-hostname = talloc_strdup(mem_ctx, addr); + if (!r-hostname) { + return NT_STATUS_NO_MEMORY; + } + + } + + *returned_dclist = dclist; + *returned_count = count; + + return NT_STATUS_OK; } / @@ -479,8 +524,8 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx, struct ip_service_name *r = dclist[count]; - r-port = dcs[i].port; - r-hostname = dcs[i].hostname; + r-port = dcs[count].port; + r-hostname = dcs[count].hostname; if (!(flags DS_IP_REQUIRED)) { count++; @@ -688,16 +733,130 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx, / / +static struct event_context *ev_context(void) +{ + static struct event_context *ctx; + + if (!ctx !(ctx = event_context_init(NULL))) { + smb_panic(Could not init event context); + } + return ctx; +} + +/ +/ + +static struct messaging_context *msg_context(TALLOC_CTX *mem_ctx) +{ + static struct messaging_context *ctx; + + if (!ctx !(ctx = messaging_init(mem_ctx, server_id_self(), + ev_context( { + smb_panic(Could not init messaging context); + } + return ctx; +} + +/ +/ + static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx, const char *domain_name, uint32_t flags, - struct ip_service_name **dclist, +
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1056-g09a0001
The branch, v3-2-test has been updated via 09a0001063d5bdd9bdc7abfbf1467beb062de049 (commit) from ec86deb349850c634b49cd5a536e9281a4a6e7d8 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 09a0001063d5bdd9bdc7abfbf1467beb062de049 Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 22 00:06:57 2008 +0200 build: fix the build. Guenther --- Summary of changes: source/libsmb/namequery.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libsmb/namequery.c b/source/libsmb/namequery.c index 893c926..c987890 100644 --- a/source/libsmb/namequery.c +++ b/source/libsmb/namequery.c @@ -1423,8 +1423,8 @@ static NTSTATUS resolve_ads(const char *name, resolve_hosts() when looking up DC's via SRV RR entries in DNS **/ -static NTSTATUS internal_resolve_name(const char *name, - int name_type, +NTSTATUS internal_resolve_name(const char *name, + int name_type, const char *sitename, struct ip_service **return_iplist, int *return_count, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha3-265-gca7e4d9
The branch, v4-0-test has been updated via ca7e4d9166a7cb10495cf3ecd9c4e72103fbec30 (commit) from 8fa23fac516dbf4c8245c1d009e81f02a6341775 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit ca7e4d9166a7cb10495cf3ecd9c4e72103fbec30 Author: James Peach [EMAIL PROTECTED] Date: Mon Apr 21 15:09:43 2008 -0700 smbtorture: Add RAW-BENCH-LOOKUP micro-benchmark. This test samples the lookup rate for a non-existant filename in a directory, while varying the number of files in the directory. The lookup rate should continue to approximate the lookup rate for the empty directory case. --- Summary of changes: source/torture/config.mk|1 + source/torture/raw/lookuprate.c | 319 +++ source/torture/raw/raw.c|2 + 3 files changed, 322 insertions(+), 0 deletions(-) create mode 100644 source/torture/raw/lookuprate.c Changeset truncated at 500 lines: diff --git a/source/torture/config.mk b/source/torture/config.mk index 2f3fa38..1565797 100644 --- a/source/torture/config.mk +++ b/source/torture/config.mk @@ -86,6 +86,7 @@ TORTURE_RAW_OBJ_FILES = $(addprefix torture/raw/, \ lock.o \ pingpong.o \ lockbench.o \ + lookuprate.o \ openbench.o \ rename.o \ eas.o \ diff --git a/source/torture/raw/lookuprate.c b/source/torture/raw/lookuprate.c new file mode 100644 index 000..4b505dc --- /dev/null +++ b/source/torture/raw/lookuprate.c @@ -0,0 +1,319 @@ +/* + File lookup rate test. + + Copyright (C) James Peach 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see http://www.gnu.org/licenses/. +*/ + +#include includes.h +#include param/param.h +#include system/filesys.h +#include torture/torture.h +#include torture/basic/proto.h +#include libcli/libcli.h +#include lib/cmdline/popt_common.h +#include auth/credentials/credentials.h + +#define BASEDIR \\lookuprate +#define MISSINGNAME BASEDIR \\foo + +#define FUZZ_PERCENT 10 + +#define usec_to_sec(s) ((s) / 100) +#define sec_to_usec(s) ((s) * 100) + +struct rate_record +{ +unsigned dirent_count; +unsigned querypath_persec; +unsigned findfirst_persec; +}; + +static struct rate_record records[] = +{ +{ 0, 0, 0 }, /* Base (optimal) lookup rate. */ +{ 100, 0, 0}, +{ 1000, 0, 0}, +{ 1, 0, 0}, +{ 10, 0, 0} +}; + +typedef NTSTATUS lookup_function(struct smbcli_tree *tree, const char * path); + +/* Test whether rhs is within fuzz% of lhs. */ +static bool fuzzily_equal(unsigned lhs, unsigned rhs, int percent) +{ + double fuzz = (double)lhs * (double)percent/100.0; + + if (((double)rhs = ((double)lhs - fuzz)) + ((double)rhs = ((double)lhs + fuzz))) { + return true; + } + + return false; + +} + +static NTSTATUS fill_directory(struct smbcli_tree *tree, + const char * path, unsigned count) +{ + NTSTATUSstatus; + char*fname = NULL; + unsignedi; + unsignedcurrent; + + struct timeval start; + struct timeval now; + + status = smbcli_mkdir(tree, path); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + printf(filling directory %s with %u files... , path, count); + fflush(stdout); + + current = random(); + start = timeval_current(); + + for (i = 0; i count; ++i) { + int fnum; + + ++current; + fname = talloc_asprintf(NULL, %s\\fill%u, + path, current); + + fnum = smbcli_open(tree, fname, O_RDONLY|O_CREAT, + OPENX_MODE_DENY_NONE); + if (fnum 0) { + talloc_free(fname); + return smbcli_nt_error(tree); + } + + smbcli_close(tree, fnum); + talloc_free(fname); + } + + if (count) { + double rate; + now = timeval_current(); + rate = (double)count / usec_to_sec((double)usec_time_diff(now, start)); + printf(%u/sec\n,
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-1057-g0cf16e6
The branch, v3-2-test has been updated via 0cf16e6b47f5978bdcb84ac8a29ef13ff2b5cca8 (commit) from 09a0001063d5bdd9bdc7abfbf1467beb062de049 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 0cf16e6b47f5978bdcb84ac8a29ef13ff2b5cca8 Author: Günther Deschner [EMAIL PROTECTED] Date: Tue Apr 22 01:54:49 2008 +0200 libnetjoin: identify type of domain early. This finally enables joining AD using workgroup or realm name. Guenther --- Summary of changes: source/libnet/libnet_join.c | 32 1 files changed, 16 insertions(+), 16 deletions(-) Changeset truncated at 500 lines: diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c index d22fbc2..7e348e2 100644 --- a/source/libnet/libnet_join.c +++ b/source/libnet/libnet_join.c @@ -142,8 +142,8 @@ static ADS_STATUS libnet_join_connect_ads(TALLOC_CTX *mem_ctx, { ADS_STATUS status; - status = libnet_connect_ads(r-in.domain_name, - r-in.domain_name, + status = libnet_connect_ads(r-out.dns_domain_name, + r-out.netbios_domain_name, r-in.dc_name, r-in.admin_account, r-in.admin_password, @@ -1641,8 +1641,21 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, W_ERROR_HAVE_NO_MEMORY(r-in.dc_name); } + status = libnet_join_lookup_dc_rpc(mem_ctx, r, cli); + if (!NT_STATUS_IS_OK(status)) { + libnet_join_set_error_string(mem_ctx, r, + failed to lookup DC info for domain '%s' over rpc: %s, + r-in.domain_name, get_friendly_nt_error_msg(status)); + return ntstatus_to_werror(status); + } + + werr = libnet_join_check_config(mem_ctx, r); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + #ifdef WITH_ADS - if (r-in.account_ou) { + if (r-out.domain_is_ad r-in.account_ou) { ads_status = libnet_join_connect_ads(mem_ctx, r); if (!ADS_ERR_OK(ads_status)) { @@ -1662,19 +1675,6 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, } #endif /* WITH_ADS */ - status = libnet_join_lookup_dc_rpc(mem_ctx, r, cli); - if (!NT_STATUS_IS_OK(status)) { - libnet_join_set_error_string(mem_ctx, r, - failed to lookup DC info for domain '%s' over rpc: %s, - r-in.domain_name, get_friendly_nt_error_msg(status)); - return ntstatus_to_werror(status); - } - - werr = libnet_join_check_config(mem_ctx, r); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - status = libnet_join_joindomain_rpc(mem_ctx, r, cli); if (!NT_STATUS_IS_OK(status)) { libnet_join_set_error_string(mem_ctx, r, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha3-268-gb7c96e0
The branch, v4-0-test has been updated via b7c96e0cc270bd3b1c9bd117a22df3f657b6acd5 (commit) via c16d1d430a0f1e3643c1e769b10e9d88b4719d17 (commit) via 3045d391626fba169aa26be52174883e18d323e9 (commit) from ca7e4d9166a7cb10495cf3ecd9c4e72103fbec30 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit b7c96e0cc270bd3b1c9bd117a22df3f657b6acd5 Author: Simo Sorce [EMAIL PROTECTED] Date: Mon Apr 21 19:53:29 2008 -0400 Make sure we have an event context available commit c16d1d430a0f1e3643c1e769b10e9d88b4719d17 Author: Simo Sorce [EMAIL PROTECTED] Date: Mon Apr 21 19:53:15 2008 -0400 Fix build commit 3045d391626fba169aa26be52174883e18d323e9 Author: Simo Sorce [EMAIL PROTECTED] Date: Mon Apr 21 17:58:23 2008 -0400 Remove more event_context_init() uses from function calls within deep down the code. Make sure we pass around the event_context where we need it instead. All test but a few python ones fail. Jelmer promised to fix them. --- Summary of changes: source/auth/gensec/gensec.c| 22 +++-- source/client/cifsdd.c | 17 +++ source/client/cifsdd.h |2 + source/client/cifsddio.c | 12 +-- source/client/client.c | 46 +--- source/dsdb/samdb/samdb.c |7 source/lib/events/events.c |2 + source/lib/ldb/ldb_ildap/ldb_ildap.c | 16 - source/lib/ldb_wrap.c |2 +- source/lib/messaging/messaging.c |8 ++-- source/lib/socket/testsuite.c |2 +- source/libcli/cldap/cldap.c|6 +--- source/libcli/cliconnect.c |5 ++- source/libcli/composite/composite.c|6 +++- source/libcli/dgram/dgramsocket.c |6 +--- source/libcli/ldap/ldap_bind.c |5 ++- source/libcli/ldap/ldap_client.c | 12 ++- source/libcli/nbt/nbtsocket.c |6 +--- source/libcli/raw/clisocket.c | 22 -- source/libcli/resolve/host.c |1 - source/libcli/resolve/nbtlist.c|3 +- source/libcli/resolve/resolve.c| 13 ++- source/libcli/smb_composite/connect.c |8 ++--- source/libcli/smb_composite/fetchfile.c|2 - source/libcli/smb_composite/fsinfo.c |2 - source/libcli/wrepl/winsrepl.c |6 +--- source/libnet/libnet_site.c|8 ++-- source/librpc/rpc/dcerpc.c | 15 ++--- source/librpc/rpc/dcerpc_connect.c | 15 - source/rpc_server/spoolss/dcesrv_spoolss.c |3 +- source/torture/auth/ntlmssp.c |6 ++- source/torture/basic/base.c|3 +- source/torture/gentest.c | 33 source/torture/ldap/cldap.c|8 - source/torture/ldap/cldapbench.c |4 ++- source/torture/ldap/common.c |2 +- source/torture/libnet/libnet_domain.c |4 +- source/torture/locktest.c | 26 ++- source/torture/locktest2.c | 26 +++- source/torture/masktest.c |9 - source/torture/nbt/browse.c|2 +- source/torture/nbt/dgram.c |6 ++-- source/torture/nbt/nbt.c |2 +- source/torture/nbt/query.c |2 +- source/torture/nbt/register.c |4 +- source/torture/nbt/wins.c |2 +- source/torture/nbt/winsbench.c |2 +- source/torture/nbt/winsreplication.c | 18 +- source/torture/raw/composite.c |4 +- source/torture/raw/lookuprate.c|1 + source/torture/rpc/dssync.c| 10 +++--- source/torture/rpc/join.c |4 +- source/torture/rpc/rpc.c |8 ++-- source/torture/rpc/samba3rpc.c | 12 source/torture/rpc/samlogon.c |2 +- source/torture/rpc/samsync.c |4 +- source/torture/rpc/schannel.c | 10 +++--- source/torture/rpc/session_key.c |6 +++- source/torture/unix/unix_info2.c |4 +- source/torture/unix/whoami.c |2 +- source/utils/nmblookup.c | 14 ++-- source/utils/ntlm_auth.c | 10 +++--- 62 files changed, 283 insertions(+), 247 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/gensec/gensec.c b/source/auth/gensec/gensec.c index 59ad157..c82b719 100644 --- a/source/auth/gensec/gensec.c +++ b/source/auth/gensec/gensec.c
Build status as of Tue Apr 22 00:00:02 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-04-21 00:00:55.0 + +++ /home/build/master/cache/broken_results.txt 2008-04-22 00:01:27.0 + @@ -1,22 +1,22 @@ -Build status as of Mon Apr 21 00:00:02 2008 +Build status as of Tue Apr 22 00:00:02 2008 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 29 9 0 +ccache 27 7 0 ctdb 0 0 0 distcc 1 0 0 -ldb 29 13 0 -libreplace 28 10 0 -lorikeet-heimdal 23 18 0 -pidl 15 13 0 +ldb 27 11 0 +libreplace 26 10 0 +lorikeet-heimdal 22 17 0 +pidl 14 11 0 ppp 8 0 0 -rsync29 12 0 +rsync27 10 0 samba-docs 0 0 0 samba-gtk4 4 0 -samba_3_2_test 29 19 0 -samba_4_0_test 27 21 1 -smb-build27 3 0 -talloc 29 8 0 -tdb 29 13 0 +samba_3_2_test 27 16 0 +samba_4_0_test 25 23 1 +smb-build25 3 0 +talloc 27 7 0 +tdb 27 12 0