[Samba] HomeDir with machinenname
Hello. I have a Folder /shares/Public/ which is shared. The Account general should have a separate HomeDir below /shares/Public/general depending on the machine name. So I set the attribute homeDirectory in LDAP to /shares/Public/general/%m (i also tried %M). But when I log on at PC01, the HomeDir is not mounted, because %m/%M was not resolved to the machinename: /shares/Public/general/10.1.0.17' does not exist or permission denied when connecting to [general] Error was No such file or directory I use %m for the logfile name too, where it is mapped to the machine name (not the IP). Any idea what could went wrong and how else I can get the needed setup? Currently we use 3.0.22 and can't upgrade because of different problems with trusted domains in our setup. Regards Marc Muehlfeld -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Inherited ACLs can not be removed
Hi, I have more information about the problem: a) It does not have to do anything with inheritance b) adding ACLs works c) removing ACLs does not work (with a 'real' Windows client) I did the following test: - access rights: drwxrws--- 2 crunchy Share Admins 1024 2008-05-23 21:45 /shares/finanzen/ - add r-x rights for Domain Users with a Windows XP Client (logged in as crunchy) - works - remove access rights for Domain Users - does not work I repeated the test with smbcacls: - smbcacls -U crunchy -a ACL:Domain\ Users:ALLOWED/2/READ //qamaster/finanzen / - smbcacls -U crunchy //qamaster/finanzen / Password: REVISION:1 OWNER:UNIVENTION+crunchy GROUP:UNIVENTION+Share Admins ACL:UNIVENTION+crunchy:ALLOWED/0/FULL ACL:UNIVENTION+Domain Users:ALLOWED/0/READ ACL:UNIVENTION+Share Admins:ALLOWED/0/FULL ACL:+Everyone:ALLOWED/0/FULL - smbcacls -U crunchy -D ACL:Domain\ Users:ALLOWED/0/READ //qamaster/finanzen / Password: - smbcacls -U crunchy //qamaster/finanzen / Password: REVISION:1 OWNER:UNIVENTION+crunchy GROUP:UNIVENTION+Share Admins ACL:UNIVENTION+crunchy:ALLOWED/0/FULL ACL:UNIVENTION+Share Admins:ALLOWED/0/FULL ACL:+Everyone:ALLOWED/0/FULL With smbcacls it works, but not with the Windows XP Client. BTW I'm using samba version 3.0.26a any idea? regards Andreas -- Andreas Büsching [EMAIL PROTECTED] fon: +49 421 22 232- 0 EntwicklungLinux for Your Business Univention GmbHhttp://www.univention.de/ fax: +49 421 22 232-99 signature.asc Description: This is a digitally signed message part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Samba Instances: Is it possible to share *.tdb files?
Hi again, in the official Howto Collection at § Binary Format is mentioned that many different samba processes read and write on the same *.tdb files at the same time: http://de5.samba.org/samba/docs/man/Samba-HOWTO-Collection/CUPS-printing.html#id424705 So if there are different instances of samba on one machine, do they really need *.tdb files on their own? Or can they share one common set of files? Regards Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.30 and 3.2.0rc2 packages for all (SUSE) Linux products
RPM package installation sources of Samba 3.0.30 (STABLE) for SUSE Linux projects are available at ftp.suse.com/pub/projects/samba/STABLE/ At ftp.suse.com/pub/projects/samba/TESTING/ you find the same for the upcoming 3.2.0 release. This is currently a release candidate (rc) 2 and is not intended for production environments. Supported SUSE Linux based products are at the moment SUSE Linux 10.1, 10.2, 10.3, 11.0, SLES 9, SUSE Linux Enterprise (SLE) Desktop and Server 10, and factory (i.e. the currently developed product). For some architectures - like ia64, ppc, s390(x) - you find a limited releases subset. The same STABLE and TESTING package installation sources are also available at http://download.Samba.org/samba/ftp/Binary_Packages/SuSE/ Please use a mirror close to your site. A list of Samba.org mirrors is available at http://Samba.org/ There choose a mirror at the right top of the page. There are also a bunch of SUSE mirrors. A list of mirror sites is available at http://en.opensuse.org/Mirrors_Released_Version To support easier collaboration Samba packages are also provided by the openSUSE Build Service (OBS). Cf. http://en.opensuse.org/Build_Service/ and http://download.opensuse.org/repositories/network:/samba:/STABLE/ or http://download.opensuse.org/repositories/network:/samba:/TESTING/ The OBS supports an easy approach to create binary packages for CentOS, Fedora, Mandriva, RedHat Enterprise (RHEL), SUSE Linux Enterprise (SLE), and openSUSE. Access is possible by https://build.openSUSE.org/ or a subversion like sommand line tool named OpenSUSE build service command-line (osc). Bindings to perl are available too. See http://en.opensuse.org/Build_Service/CLI If you encounter any problem with these packages please don't blame the Samba Team. Instead file a bug to https://bugzilla.Samba.org/, pick product Samba 3.x, then select 'component' Packaging and set 'assign to' to samba-maintainers at suse dot de. Or use http://bugzilla.Novell.com/ with the same assignee instead. For general information about Samba as part of SUSE Linux based products see http://en.openSUSE.org/Samba For reporting bugs and how to collect advanced debugging information see http://en.openSUSE.org/Bugs/Samba Our customers, our products, our responsibility. Have a lot of fun... Lars - for the Novell Samba Team -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany pgp7eMBKYrLiD.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba auth against imap?
I had a VP in our company ask today if it was possible to use the same id's and passwords as our mail server. Now if it was LDA based, no problem. But I was just curious if there was some sort of authentication method to authenticate samba shares against an IMAP server? I have seen a few other pieces of software use imap authentication. I have security concerns over this method, but just wanted to see if it was even possible. I have been google searching, but no real answers yet. Thanks in advance,. dnk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to map an AD group to an existing unix group/gid
I have a unix group that owns some files on a share, and I'd like to set up a group mapping so that an Active directory group (with an exising mapping in winbind from earlier use) gets access to these files via a mapping. I've been fooling around with net groupmap add, and haven't been able to get this set up. The group Domain Users has an existing mapping to gid 10004, which winbind allocated at some point in the past I have a group testgroup, with gid=134 I've tried the following: net groupmap add sid=S-...-513 unixgroup=testgroup ntgroup=DOMAIN+Domain Users which gives the following for a net groupmap list: DOMAIN+Domain Users (S-...-513) - testgroup and net groupmap add sid=S-...-513 unixgroup=134 which gives this when I do a net groupmap list: 134 (S-...-513) - DOMAIN+domain users For both of these, when I view the properties of a file owned by testgroup, the group owner shows up as Domain Users, with both read and write permissions. For both of these, wbinfo shows the following: wbinfo --group-info=DOMAIN+domain users DOMAIN+domain users:x:134 So far, so good, right? However, for both of these, when I try to access a file owned by testgroup, I'm denied access. If I create a file in a directory when logged in as a domain user, it gets created with gid 10004, that's fine. nscd is disabled, nsswitch.conf contains group: files winbind, OS is Solaris 10 update 4, samba is 3.0.25a, as shipped with S10u4. Any ideas on this? Thanks, ~Eric -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Configuring a samba server with two NICs
Hi all, I am trying hard to configure samba, but I can not achieve my goals. Other than standard man pages, I have seen also many posts/documents samba with multiple nics, but I couldn' find any relevant to me. So, please, let me explain my settings and what I am looking to set up. First of all, my desktop runs ubuntu 8.04 with samba 3.0.28a On the pc I have 2 nics, eth0 and eth1. eth1 has address 10.80.2.121 eth0 has address 192.168.23.1 The network on eth1 is a company network, with many windows/unix pcs on it and a wins server at the address 192.167.219.2. The network on eth0 is a small private network, in the sense that I attach to it only my laptop with a crossed cable and I use the desktop to share network and services with the laptop. The laptop is an eeepc900 with its Xandros default distribution and samba 3.0.24-6, with the default smb.conf (I include at the end of the message the result of cat smb.conf | egrep -v ^(#|;| *$) on the eeepc) I want to share a directory (/media/matematica/libri) and I want that it is possible to have (free but readonly) access to it only from a bunch of trusted pcs: the one attached at eth0 (192.168.23.) and two on the eth1 (10.80.2.196 10.80.2.72), plus myself (10.80.2.121) Finally, at least on the eth1 network, I want to be part of the workgroup DOCENTI. Summing this up, I wrote the following smb.conf on my desktop: [global] wins server = 192.167.219.2 domain master = no local master = no workgroup = DOCENTI server string = Stumbo hosts deny = ALL hosts allow = 192.168.23. 10.80.2.121 10.80.2.196 10.80.2.72 127.0.0.1 security = share [libri] guest ok = yes path = /media/matematica/libri read only = yes It works partially, in the sense that all is ok on eth1: I am part of the workgroup DOCENTI, the trusted pcs can access the shared dir, whereas all others can't (I would also like to be invisible to the others, but I don't think this is possible...) On the other hand, from the laptop side I can't see my desktop: what should I do in order to see the shared dir also from the laptop? Thanks a lot for your help Fabio -- cat smb.conf | egrep -v ^(#|;| *$) [global] include = /etc/opt/xandros/xandrosncs/run/samba_wins workgroup = WORKGROUP server string = %h server (Asus Eee PC) dns proxy = no name resolve order = lmhosts host wins bcast log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = share encrypt passwords = true passdb backend = tdbsam ldap delete dn = yes obey pam restrictions = yes invalid users = root map to guest = Bad User passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . client use spnego = no load printers = no printing = cups printcap name = cups socket options = TCP_NODELAY dos filetimes = yes display charset = UTF8 unix charset = UTF8 unix extensions = no --- the included file in smb.conf contains wins server = 192.167.219.2 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Switching form NT PDC to AD
I set up a test machine running Red Hat 5.2 and samba version 3.0.28. We have a unix server sharing out a file system. The windows users accessed the file system via Samba and as they all had unix accounts they were just mapped to their UNIX id. As long as we had groups with the same name, the groups were mapped as well. Since going to AD, we would like to do the same thing, but it appears that the groups aren't mapping. When I first set it up I had the nsswitch.conf file configured with files compat winbind. This seemed to be working fine, but the mapping was going to a new id when we wanted them to get their unix id, so I swithced the nsswitch.conf file to just files and compat. Things seemed to be working until I tried to access a directory owened by someone else and it wouldn't let me in even though we were in the same group. It seems like group mapping isn't taking place. I tested it from the linux side and everything worked as expected. If you need any additional information let me know. We are on a private network so I have to retype anything you wish to see. Thanks for your help. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba on FreeBSD 7.0
Hello ALL, does any body know the options to enable when installing samba from ports collection? cd /usr/ports/net/samba3 make config shows a list of options such as LDAP or ADS support. can anybody help? Thanks in advance! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Configuring a samba server with two NICs
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fabio Sent: Friday, June 13, 2008 3:22 AM To: samba@lists.samba.org Subject: [Samba] Configuring a samba server with two NICs FWIW, there was just a discussion on the Dell Server list trying to use a crossover between two recent Dell servers. It DIDN'T work. A normal network cable did. Seems that some modern cards a suppose to auto-configure, but in this case it didn't work with a crossover. http://article.gmane.org/gmane.linux.hardware.dell.poweredge/32995 Can you at least PING it? Dennis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba4, multi-domain Forest and Unix ID mapping
Charlie wrote: When you say forest are you referring to a user authentication database implementing multiple linked lists that do not share a common root? First, thank you for responding. I must also say I have been out of Windows land for some time. I last really messed with Windows Networking around NT 4.0. By Forest, I mean: At the top of the structure is the Forest - the collection of every object, its attributes, and rules (attribute syntax) in the AD. The forest holds one or more transitive, trust-linked Trees. A tree holds one or more Domains and domain trees, again linked in a transitive trust hierarchy. Domains are identified by their DNS name structure, the namespace. (http://en.wikipedia.org/wiki/Active_Directory#Forests.2C_trees.2C_and_domains) So, I am looking for something like: family1.example.com (uids=1000.1999, for example) family2.example.com (uids=2000.2999) family3.example.com (uids=3000.3999) family4.example.com (uids=4000.4999) family5.example.com (uids=5000.5999) family6.example.com (uids=6000.6999) Where each is a separate domain that trusts the other, and is within one forest/tree. Also, they must use something like idmap_ldap (or the equivalent) in Samba4 and that mapping must be valid and usable so that people in each domain can log in on boxes in the other domains as Linux and Windows users and share files and printers without uid collisions or other such problems. The only exception is root (uid=0) as each family may or may not want root to be shared. Again, I am using the family example as it fits even the business cases. I am hoping that Linux users can login doing something like windows ([EMAIL PROTECTED] or domain\user). Samba 3 4 do indeed incorporate idmapping which works pretty much as you describe. The command syntax has grown a lot recently and has not yet been fully documented, but I'd say it's quite powerful. If you can get your interdomain trusts set up right I think you can do what you want, but it's probably going to be dependent on how well you can control access to your directory backend. Well, I once read that, at least at one point, idmap didn't work in this setup. I was wondering if it has changed (as I can no longer find the reference). Also, yes, these will all be Samba based domains (Active Directory style). All clients will likely be Vista Business or Ultimate. You haven't specified what directory backend you are running... Microsoft AD? Novell eDirectory? OpenLDAP? Sun? IBM? Fedora DS? There are lots... --Charlie Well, Samba 4 so, if it has an internal (I think that has been abandoned, but not certain) then that, OpenLDAP or Fedora DS will be the backend. I am leaning toward Fedora DS, but I am not certain and will accept suggestions. I hope this corrects and clarifies my question enough that I can get an accurate response. This is a forward looking query and I am only interested in Samba 4 as it must be Active Directory and Windows server free. Thank you, Trever Adams On Wed, Jun 11, 2008 at 3:33 AM, Trever L. Adams [EMAIL PROTECTED] wrote: Good day, I wasn't sure whether this should go to the user list or the samba-technical list. I chose here based on the descriptions of the list. Forgive me if my understanding of the naming is inaccurate. It is my understanding that Samba3 (and I believe 4, as well) has a very powerful SID-UID mapping mechanism which will auto create the UID in a range. This is what I mean by Unix ID mapping. I have read that this as of yet won't work in a forest, even if the organization is only one organization. I am hoping this isn't true. I am beginning to look at Samba4 for future implementations within organizations I do work for. However, it appears I will need multiple domain in one forest functionality. Is this implemented or at least planned? If it is implemented/planned is it possible to do the automatic Unix ID mapping per above? If it is all one domain, is it possible to do this if all the domain controllers/active directory machines are Samba 4? Basically, can each domain have its own UID mapping setup and they will work in the forest IF, and ONLY IF, the UID mapping doesn't overlap? The exact mechanism my questions may bring into mind may be bad. Here is the situation, explained in the context of an extended family network: Each family has its own domain (Windows and DNS), policies, etc. Each has its own file servers, mail domains (DNS), etc. Each may share file and printers with other families. This needs to work in Windows and Linux. However, here is the killer, root access to Linux machines is not shared across domains. Nor should Windows system/net/domain admin abilities. However, guests from other families (within the extended family) need to be able to view the shared files as well as login (without administrative privileges) on computers in the other domains (think visiting family). To do this, auto SID-UID maps are a must. Domains within the
Re: [Samba] Configuring a samba server with two NICs
FWIW, there was just a discussion on the Dell Server list trying to use a crossover between two recent Dell servers. It DIDN'T work. A normal network cable did. Seems that some modern cards a suppose to auto-configure, but in this case it didn't work with a crossover. All gigabit devices auto crossover so no crossover is necessary if both sides are gigabit. I am not sure this is the problem though. It looks like ipv4 forwarding needs to be turned on on the machine that has 2 nics. However I may be wrong as I was a little confused with the discussion of the two networks and their purpose. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Configuring a samba server with two NICs
FWIW, there was just a discussion on the Dell Server list trying to use a crossover between two recent Dell servers. It DIDN'T work. A normal network cable did. Seems that some modern cards a suppose to auto-configure, but in this case it didn't work with a crossover. All gigabit devices auto crossover so no crossover is necessary if both sides are gigabit. I am not sure this is the problem though. It looks like ipv4 forwarding needs to be turned on on the machine that has 2 nics. None of the 2 nics is a gigabit... :-(( However I may be wrong as I was a little confused with the discussion of the two networks and their purpose. Maybe I didn't explain well myself, sorry. My principal aim is simply to share the same directory over the two networs: everything else is unessential. They can also be invisible to each other. What I got with my config is that my shared dir is accessible on eth1 (where I just allow 3 IPs), but it is not on eth0 (my laptop). Thanks Fabi Thanks Fabio -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Configuring a samba server with two NICs
FWIW, there was just a discussion on the Dell Server list trying to use a crossover between two recent Dell servers. It DIDN'T work. A normal network cable did. Seems that some modern cards a suppose to auto-configure, but in this case it didn't work with a crossover. http://article.gmane.org/gmane.linux.hardware.dell.poweredge/32995 Can you at least PING it? Dennis Sorry, I forgot to answer this. If I configure samba to listen only on eth0 (my laptop connected via a crossover cable), then I can access the shared dir. If that matters, I also configured ip masquerading so that from the laptop I can access the internet via the desktop. Fabio -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Configuring a samba server with two NICs
On Fri, Jun 13, 2008 at 4:59 PM, Fabio [EMAIL PROTECTED] wrote: FWIW, there was just a discussion on the Dell Server list trying to use a crossover between two recent Dell servers. It DIDN'T work. A normal network cable did. Seems that some modern cards a suppose to auto-configure, but in this case it didn't work with a crossover. http://article.gmane.org/gmane.linux.hardware.dell.poweredge/32995 Can you at least PING it? Dennis Sorry, I forgot to answer this. If I configure samba to listen only on eth0 (my laptop connected via a crossover cable), then I can access the shared dir. If that matters, I also configured ip masquerading so that from the laptop I can access the internet via the desktop. Are you trying to access samba on the laptop using the ipaddress of the samba server? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba on FreeBSD 7.0
On Friday 13 June 2008 20:40, white list wrote: Hello ALL, does any body know the options to enable when installing samba from ports collection? It depends what you intend to do with samba. A good start could be the first part of samba 3 by example http://us1.samba.org/samba/docs/man/Samba-Guide/ExNetworks.html 6 implementations are described so that you can choose the closest to your needs; after that the options become clearer. If it is just for testing samba without a particular goal in mind yet, I guess you probably can enable everything. The other way round would be compiling with no options and when you're stuck with something you can't do, recompile with the correct option(s). You chould check LDAPif you want to store users and machines in LDAP ADS if you want your samba server joined to a windows AD domain CUPSif you want a print server WINBIND if windows will store users who will ues your samba server ACL_SUPPORT if you want windows-type ACLs etc... HTH Thierry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2567-g1a22e97
The branch, v3-2-test has been updated via 1a22e975dd1255f3557c1cd873d877aa35822afc (commit) via 5b68be96996a710988b1fd1c176cd5dff0f2c6af (commit) from 8800afafedccd43e425463045c05934d381e178d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 1a22e975dd1255f3557c1cd873d877aa35822afc Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 12:20:01 2008 +0200 net: Fix bug #5542 (samsync contains empty passwords). Guenther commit 5b68be96996a710988b1fd1c176cd5dff0f2c6af Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 11:57:09 2008 +0200 samsync: add samsync_fix_delta_array() This code is vastly based on samba4 code. Guenther --- Summary of changes: source/Makefile.in |1 + source/libnet/libnet_samsync.c | 188 source/utils/net.h |1 + source/utils/net_ads.c |2 - source/utils/net_rpc_samsync.c | 27 ++ 5 files changed, 217 insertions(+), 2 deletions(-) create mode 100644 source/libnet/libnet_samsync.c Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index cb72b94..04ff7cc 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -869,6 +869,7 @@ SMBCONFTORT_OBJ = $(SMBCONFTORT_OBJ0) \ $(POPT_LIB_OBJ) LIBNET_OBJ = libnet/libnet_join.o \ +libnet/libnet_samsync.o \ librpc/gen_ndr/ndr_libnet_join.o NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_help.o \ diff --git a/source/libnet/libnet_samsync.c b/source/libnet/libnet_samsync.c new file mode 100644 index 000..e45a845 --- /dev/null +++ b/source/libnet/libnet_samsync.c @@ -0,0 +1,188 @@ +/* + Unix SMB/CIFS implementation. + + Extract the user/system database from a remote SamSync server + + Copyright (C) Andrew Bartlett [EMAIL PROTECTED] 2004-2005 + Copyright (C) Guenther Deschner [EMAIL PROTECTED] 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see http://www.gnu.org/licenses/. +*/ + + +#include includes.h + +/** + * Decrypt and extract the user's passwords. + * + * The writes decrypted (no longer 'RID encrypted' or arcfour encrypted) + * passwords back into the structure + */ + +static NTSTATUS fix_user(TALLOC_CTX *mem_ctx, +DATA_BLOB *session_key, +bool rid_crypt, +enum netr_SamDatabaseID database_id, +struct netr_DELTA_ENUM *delta) +{ + + uint32_t rid = delta-delta_id_union.rid; + struct netr_DELTA_USER *user = delta-delta_union.user; + struct samr_Password lm_hash; + struct samr_Password nt_hash; + const char *username = user-account_name.string; + + if (rid_crypt) { + if (user-lm_password_present) { + sam_pwd_hash(rid, user-lmpassword.hash, lm_hash.hash, 0); + user-lmpassword = lm_hash; + } + + if (user-nt_password_present) { + sam_pwd_hash(rid, user-ntpassword.hash, nt_hash.hash, 0); + user-ntpassword = nt_hash; + } + } + + if (user-user_private_info.SensitiveData) { + DATA_BLOB data; + struct netr_USER_KEYS keys; + enum ndr_err_code ndr_err; + data.data = user-user_private_info.SensitiveData; + data.length = user-user_private_info.DataLength; + SamOEMhashBlob(data.data, data.length, session_key); + user-user_private_info.SensitiveData = data.data; + user-user_private_info.DataLength = data.length; + + ndr_err = ndr_pull_struct_blob(data, mem_ctx, keys, + (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + dump_data(10, data.data, data.length); + return ndr_map_error2ntstatus(ndr_err); + } + + if (keys.keys.keys2.lmpassword.length == 16) { + if (rid_crypt) { + sam_pwd_hash(rid, +
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-2826-g6c1904f
The branch, v3-3-test has been updated via 6c1904f8be1b4e08b09b64052c1aba24e7a4fb3d (commit) via ad8392cf7c817ee29a03bc6f515bf1cc18a29eda (commit) via 2c53d87de4ecc5ac9c43bc7488a03bceecf35140 (commit) from 7f52998f5461ed7d976faa2254464336dcf73c02 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 6c1904f8be1b4e08b09b64052c1aba24e7a4fb3d Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 12:30:36 2008 +0200 samsync: add prototype for samsync_fix_delta_array(). Guenther commit ad8392cf7c817ee29a03bc6f515bf1cc18a29eda Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 12:20:01 2008 +0200 net: Fix bug #5542 (samsync contains empty passwords). Guenther (cherry picked from commit 1a22e975dd1255f3557c1cd873d877aa35822afc) commit 2c53d87de4ecc5ac9c43bc7488a03bceecf35140 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 11:57:09 2008 +0200 samsync: add samsync_fix_delta_array() This code is vastly based on samba4 code. Guenther (cherry picked from commit 5b68be96996a710988b1fd1c176cd5dff0f2c6af) --- Summary of changes: source/Makefile.in |1 + source/libnet/libnet_proto.h |8 ++ source/libnet/libnet_samsync.c | 188 source/utils/net.h |1 + source/utils/net_ads.c |2 - source/utils/net_rpc_samsync.c | 27 ++ 6 files changed, 225 insertions(+), 2 deletions(-) create mode 100644 source/libnet/libnet_samsync.c Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index 917b0bf..3eb1142 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -892,6 +892,7 @@ SMBCONFTORT_OBJ = $(SMBCONFTORT_OBJ0) \ $(POPT_LIB_OBJ) LIBNET_OBJ = libnet/libnet_join.o \ +libnet/libnet_samsync.o \ librpc/gen_ndr/ndr_libnet_join.o NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_help.o \ diff --git a/source/libnet/libnet_proto.h b/source/libnet/libnet_proto.h index 662ab7d..52382e9 100644 --- a/source/libnet/libnet_proto.h +++ b/source/libnet/libnet_proto.h @@ -43,4 +43,12 @@ WERROR libnet_Unjoin(TALLOC_CTX *mem_ctx, _PUBLIC_ void ndr_print_libnet_JoinCtx(struct ndr_print *ndr, const char *name, int flags, const struct libnet_JoinCtx *r); _PUBLIC_ void ndr_print_libnet_UnjoinCtx(struct ndr_print *ndr, const char *name, int flags, const struct libnet_UnjoinCtx *r); +/* The following definitions come from libnet/libnet_samsync.c */ + +NTSTATUS samsync_fix_delta_array(TALLOC_CTX *mem_ctx, +DATA_BLOB *session_key, +bool rid_crypt, +enum netr_SamDatabaseID database_id, +struct netr_DELTA_ENUM_ARRAY *r); + #endif /* _LIBNET_PROTO_H_ */ diff --git a/source/libnet/libnet_samsync.c b/source/libnet/libnet_samsync.c new file mode 100644 index 000..e45a845 --- /dev/null +++ b/source/libnet/libnet_samsync.c @@ -0,0 +1,188 @@ +/* + Unix SMB/CIFS implementation. + + Extract the user/system database from a remote SamSync server + + Copyright (C) Andrew Bartlett [EMAIL PROTECTED] 2004-2005 + Copyright (C) Guenther Deschner [EMAIL PROTECTED] 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see http://www.gnu.org/licenses/. +*/ + + +#include includes.h + +/** + * Decrypt and extract the user's passwords. + * + * The writes decrypted (no longer 'RID encrypted' or arcfour encrypted) + * passwords back into the structure + */ + +static NTSTATUS fix_user(TALLOC_CTX *mem_ctx, +DATA_BLOB *session_key, +bool rid_crypt, +enum netr_SamDatabaseID database_id, +struct netr_DELTA_ENUM *delta) +{ + + uint32_t rid = delta-delta_id_union.rid; + struct netr_DELTA_USER *user = delta-delta_union.user; + struct samr_Password lm_hash; + struct samr_Password nt_hash; + const char *username = user-account_name.string; + + if (rid_crypt) { + if (user-lm_password_present) { + sam_pwd_hash(rid, user-lmpassword.hash, lm_hash.hash,
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0rc2-15-gf2042c9
The branch, v3-2-stable has been updated via f2042c94b8ab7fbbdaf7f7ca954a0b3e1b11b964 (commit) via eae0effad439c1e3735e11261aee26d0a43c96ea (commit) from 8a5144dfb59f670494a2bd34cf2cafc9c816715e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit f2042c94b8ab7fbbdaf7f7ca954a0b3e1b11b964 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 12:20:01 2008 +0200 net: Fix bug #5542 (samsync contains empty passwords). Guenther (cherry picked from commit 1a22e975dd1255f3557c1cd873d877aa35822afc) commit eae0effad439c1e3735e11261aee26d0a43c96ea Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 11:57:09 2008 +0200 samsync: add samsync_fix_delta_array() This code is vastly based on samba4 code. Guenther (cherry picked from commit 5b68be96996a710988b1fd1c176cd5dff0f2c6af) --- Summary of changes: source/Makefile.in |1 + source/libnet/libnet_samsync.c | 188 source/utils/net.h |1 + source/utils/net_ads.c |2 - source/utils/net_rpc_samsync.c | 27 ++ 5 files changed, 217 insertions(+), 2 deletions(-) create mode 100644 source/libnet/libnet_samsync.c Changeset truncated at 500 lines: diff --git a/source/Makefile.in b/source/Makefile.in index cb72b94..04ff7cc 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -869,6 +869,7 @@ SMBCONFTORT_OBJ = $(SMBCONFTORT_OBJ0) \ $(POPT_LIB_OBJ) LIBNET_OBJ = libnet/libnet_join.o \ +libnet/libnet_samsync.o \ librpc/gen_ndr/ndr_libnet_join.o NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_help.o \ diff --git a/source/libnet/libnet_samsync.c b/source/libnet/libnet_samsync.c new file mode 100644 index 000..e45a845 --- /dev/null +++ b/source/libnet/libnet_samsync.c @@ -0,0 +1,188 @@ +/* + Unix SMB/CIFS implementation. + + Extract the user/system database from a remote SamSync server + + Copyright (C) Andrew Bartlett [EMAIL PROTECTED] 2004-2005 + Copyright (C) Guenther Deschner [EMAIL PROTECTED] 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see http://www.gnu.org/licenses/. +*/ + + +#include includes.h + +/** + * Decrypt and extract the user's passwords. + * + * The writes decrypted (no longer 'RID encrypted' or arcfour encrypted) + * passwords back into the structure + */ + +static NTSTATUS fix_user(TALLOC_CTX *mem_ctx, +DATA_BLOB *session_key, +bool rid_crypt, +enum netr_SamDatabaseID database_id, +struct netr_DELTA_ENUM *delta) +{ + + uint32_t rid = delta-delta_id_union.rid; + struct netr_DELTA_USER *user = delta-delta_union.user; + struct samr_Password lm_hash; + struct samr_Password nt_hash; + const char *username = user-account_name.string; + + if (rid_crypt) { + if (user-lm_password_present) { + sam_pwd_hash(rid, user-lmpassword.hash, lm_hash.hash, 0); + user-lmpassword = lm_hash; + } + + if (user-nt_password_present) { + sam_pwd_hash(rid, user-ntpassword.hash, nt_hash.hash, 0); + user-ntpassword = nt_hash; + } + } + + if (user-user_private_info.SensitiveData) { + DATA_BLOB data; + struct netr_USER_KEYS keys; + enum ndr_err_code ndr_err; + data.data = user-user_private_info.SensitiveData; + data.length = user-user_private_info.DataLength; + SamOEMhashBlob(data.data, data.length, session_key); + user-user_private_info.SensitiveData = data.data; + user-user_private_info.DataLength = data.length; + + ndr_err = ndr_pull_struct_blob(data, mem_ctx, keys, + (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + dump_data(10, data.data, data.length); + return ndr_map_error2ntstatus(ndr_err); + } + + if (keys.keys.keys2.lmpassword.length == 16) { +
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2568-g999533c
The branch, v3-2-test has been updated via 999533c0ccced59141d8baff5bc248d63e2a966f (commit) from 1a22e975dd1255f3557c1cd873d877aa35822afc (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 999533c0ccced59141d8baff5bc248d63e2a966f Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Jun 13 15:30:08 2008 +0200 Fix a crash in _winreg_QueryValue Coverity ID 474, value_length and type are both unique, not ref pointers and can thus be NULL. Karolin, please merge this to -stable. Thanks, Volker --- Summary of changes: source/rpc_server/srv_winreg_nt.c |4 1 files changed, 4 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_server/srv_winreg_nt.c b/source/rpc_server/srv_winreg_nt.c index 7b74871..84bcf0b 100644 --- a/source/rpc_server/srv_winreg_nt.c +++ b/source/rpc_server/srv_winreg_nt.c @@ -230,6 +230,10 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r) if ( !regkey ) return WERR_BADFID; + if ((r-out.value_length == NULL) || (r-out.type == NULL)) { + return WERR_INVALID_PARAM; + } + *r-out.value_length = *r-out.type = REG_NONE; DEBUG(7,(_reg_info: policy key name = [%s]\n, regkey-key-name)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-2827-g7e07ec6
The branch, v3-3-test has been updated via 7e07ec68f15908a998f83d615a1b4d1349935a54 (commit) from 6c1904f8be1b4e08b09b64052c1aba24e7a4fb3d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 7e07ec68f15908a998f83d615a1b4d1349935a54 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Jun 13 15:30:08 2008 +0200 Fix a crash in _winreg_QueryValue Coverity ID 474, value_length and type are both unique, not ref pointers and can thus be NULL. Karolin, please merge this to -stable. Thanks, Volker (cherry picked from commit 999533c0ccced59141d8baff5bc248d63e2a966f) --- Summary of changes: source/rpc_server/srv_winreg_nt.c |4 1 files changed, 4 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_server/srv_winreg_nt.c b/source/rpc_server/srv_winreg_nt.c index 7b74871..84bcf0b 100644 --- a/source/rpc_server/srv_winreg_nt.c +++ b/source/rpc_server/srv_winreg_nt.c @@ -230,6 +230,10 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r) if ( !regkey ) return WERR_BADFID; + if ((r-out.value_length == NULL) || (r-out.type == NULL)) { + return WERR_INVALID_PARAM; + } + *r-out.value_length = *r-out.type = REG_NONE; DEBUG(7,(_reg_info: policy key name = [%s]\n, regkey-key-name)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0rc2-16-g9b52e70
The branch, v3-2-stable has been updated via 9b52e702d96a552f68e1af451ccdaf052b8c49a1 (commit) from f2042c94b8ab7fbbdaf7f7ca954a0b3e1b11b964 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit 9b52e702d96a552f68e1af451ccdaf052b8c49a1 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Jun 13 15:30:08 2008 +0200 Fix a crash in _winreg_QueryValue Coverity ID 474, value_length and type are both unique, not ref pointers and can thus be NULL. Karolin, please merge this to -stable. Thanks, Volker (cherry picked from commit 999533c0ccced59141d8baff5bc248d63e2a966f) --- Summary of changes: source/rpc_server/srv_winreg_nt.c |4 1 files changed, 4 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_server/srv_winreg_nt.c b/source/rpc_server/srv_winreg_nt.c index 7b74871..84bcf0b 100644 --- a/source/rpc_server/srv_winreg_nt.c +++ b/source/rpc_server/srv_winreg_nt.c @@ -230,6 +230,10 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r) if ( !regkey ) return WERR_BADFID; + if ((r-out.value_length == NULL) || (r-out.type == NULL)) { + return WERR_INVALID_PARAM; + } + *r-out.value_length = *r-out.type = REG_NONE; DEBUG(7,(_reg_info: policy key name = [%s]\n, regkey-key-name)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2569-g496d44d
The branch, v3-2-test has been updated via 496d44d2f21661c85bf07e8eb7cae6298fefd900 (commit) from 999533c0ccced59141d8baff5bc248d63e2a966f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 496d44d2f21661c85bf07e8eb7cae6298fefd900 Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Jun 13 16:05:31 2008 +0200 Fix a handle leak for error returns in ldb_try_load_dso Coverity ID 464 --- Summary of changes: source/lib/ldb/common/ldb_modules.c |8 +++- 1 files changed, 7 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/lib/ldb/common/ldb_modules.c b/source/lib/ldb/common/ldb_modules.c index 68c4535..d898f3d 100644 --- a/source/lib/ldb/common/ldb_modules.c +++ b/source/lib/ldb/common/ldb_modules.c @@ -206,6 +206,7 @@ int ldb_try_load_dso(struct ldb_context *ldb, const char *name) void *handle; int (*init_fn) (void); char *modulesdir; + int ret; #ifdef HAVE_DLOPEN if (getenv(LD_LDB_MODULE_PATH) != NULL) { @@ -234,12 +235,17 @@ int ldb_try_load_dso(struct ldb_context *ldb, const char *name) if (init_fn == NULL) { ldb_debug(ldb, LDB_DEBUG_ERROR, no symbol `init_module' found in %s: %s\n, path, dlerror()); + dlclose(handle); return -1; } talloc_free(path); - return init_fn(); + ret = init_fn(); + if (ret == -1) { + dlclose(handle); + } + return ret; #else ldb_debug(ldb, LDB_DEBUG_TRACE, no dlopen() - not trying to load %s module\n, name); return -1; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-29-38-g1ad5cd9
The branch, v3-0-test has been updated via 1ad5cd93e69d8b82a71690d16df7e5cb2078bb65 (commit) from 3fa483a54d68fcebb204f532eaff01e1dff19f76 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test - Log - commit 1ad5cd93e69d8b82a71690d16df7e5cb2078bb65 Author: Jeremy Allison [EMAIL PROTECTED] Date: Fri Jun 13 09:43:34 2008 -0700 We should use set_domain_offline(domain) function instead of just set staus to offline. Otherwise, domain will never goes online again. From Bo Yang [EMAIL PROTECTED] Jeremy. --- Summary of changes: source/nsswitch/winbindd_pam.c |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/nsswitch/winbindd_pam.c b/source/nsswitch/winbindd_pam.c index e5e55e6..42540a6 100644 --- a/source/nsswitch/winbindd_pam.c +++ b/source/nsswitch/winbindd_pam.c @@ -1379,7 +1379,11 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain, NT_STATUS_EQUAL(result, NT_STATUS_IO_TIMEOUT) || NT_STATUS_EQUAL(result, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) { DEBUG(10,(winbindd_dual_pam_auth_kerberos setting domain to offline\n)); - domain-online = False; + /* Use set_domain_offline() instead of +* just set status offline, otherwise, +* domain will never goes online again +* --- BoYang */ + set_domain_offline(domain); } /* there are quite some NT_STATUS errors where there is no -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2570-g7c22fc6
The branch, v3-2-test has been updated via 7c22fc6ebaa1a83213cbb7c08bea108264f89486 (commit) from 496d44d2f21661c85bf07e8eb7cae6298fefd900 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 7c22fc6ebaa1a83213cbb7c08bea108264f89486 Author: Karolin Seeger [EMAIL PROTECTED] Date: Fri Jun 13 21:31:34 2008 +0200 net: Fix several typos in comments. -argc - argv (where argv is meant) -destoyed - destroyed -compleation - completion -aquired - acquired -Unify spelling of some words like rpc-server - RPC server. -Add missing punctuation marks. Karolin --- Summary of changes: source/utils/net_rpc.c | 744 1 files changed, 372 insertions(+), 372 deletions(-) Changeset truncated at 500 lines: diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c index a271f55..9ff3baf 100644 --- a/source/utils/net_rpc.c +++ b/source/utils/net_rpc.c @@ -99,10 +99,10 @@ NTSTATUS net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx, * @param pipe_name the pipe to connect to (usually a PIPE_ constant) * @param conn_flag a NET_FLAG_ combination. Passed to * net_make_ipc_connection. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * @return A shell status integer (0 for success) + * @param argc Standard main() style argc. + * @param argv Standard main() style argv. Initial components are already + * stripped. + * @return A shell status integer (0 for success). */ int run_rpc_command(struct cli_state *cli_arg, @@ -202,14 +202,14 @@ int run_rpc_command(struct cli_state *cli_arg, * Force a change of the trust acccount password. * * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. + * argc, argv which are passed through. * - * @param domain_sid The domain sid aquired from the remote server + * @param domain_sid The domain sid acquired from the remote server * @param cli A cli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on compleation of the function. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped + * @param mem_ctx Talloc context, destroyed on completion of the function. + * @param argc Standard main() style argc. + * @param argv Standard main() style argv. Initial components are already + * stripped. * * @return Normal NTSTATUS return. **/ @@ -229,11 +229,11 @@ static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid, /** * Force a change of the trust acccount password. * - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped + * @param argc Standard main() style argc. + * @param argv Standard main() style argv. Initial components are already + * stripped. * - * @return A shell status integer (0 for success) + * @return A shell status integer (0 for success). **/ int net_rpc_changetrustpw(int argc, const char **argv) @@ -251,14 +251,14 @@ int net_rpc_changetrustpw(int argc, const char **argv) * The password should be created with 'server manager' or equiv first. * * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. + * argc, argv which are passed through. * - * @param domain_sid The domain sid aquired from the remote server + * @param domain_sid The domain sid acquired from the remote server. * @param cli A cli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on compleation of the function. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped + * @param mem_ctx Talloc context, destroyed on completion of the function. + * @param argc Standard main() style argc. + * @param argv Standard main() style argv. Initial components are already + * stripped. * * @return Normal NTSTATUS return. **/ @@ -327,9 +327,9 @@ static NTSTATUS rpc_oldjoin_internals(const DOM_SID *domain_sid, /** * Join a domain, the old way. * - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped + * @param argc Standard main() style argc. + * @param argv Standard main() style argv. Initial components are already + * stripped. * * @return A shell status integer (0 for success) **/ @@ -345,11 +345,11 @@ static int net_rpc_perform_oldjoin(int argc,
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha4-68-g0e8f946
The branch, v4-0-test has been updated via 0e8f946ed02a6d2d9469f9ccab5f3342b2b80725 (commit) via 74a0a9bb54b2583dde7a5fbadd4d10858de12ee7 (commit) from cd4eddd31354f4ae45e8747da1a7034716c3 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 0e8f946ed02a6d2d9469f9ccab5f3342b2b80725 Author: Jim McDonough [EMAIL PROTECTED] Date: Thu Jun 12 07:06:07 2008 -0400 Missed these on the last commit commit 74a0a9bb54b2583dde7a5fbadd4d10858de12ee7 Author: Jim McDonough [EMAIL PROTECTED] Date: Thu Jun 12 07:02:14 2008 -0400 Initial automated wintest. Added a blackbox test which looks for $WINTEST_CONF_DIR, gets configuration vars from *.conf in that dir, disables smbwrapper, and runs RAW-OPEN torture test. Scripts are coming to startup/shutdown vm's. --- Summary of changes: source/selftest/samba4_tests.sh |1 + testprogs/blackbox/test_wintest.sh | 45 +++ testprogs/blackbox/wintest/wintest.conf |7 + 3 files changed, 53 insertions(+), 0 deletions(-) create mode 100755 testprogs/blackbox/test_wintest.sh create mode 100644 testprogs/blackbox/wintest/wintest.conf Changeset truncated at 500 lines: diff --git a/source/selftest/samba4_tests.sh b/source/selftest/samba4_tests.sh index 1d550cb..e9fbede 100755 --- a/source/selftest/samba4_tests.sh +++ b/source/selftest/samba4_tests.sh @@ -279,6 +279,7 @@ plantest blackbox.masktest dc $bbdir/test_masktest.sh \$SERVER \$USERNAME plantest blackbox.gentest dc $bbdir/test_gentest.sh \$SERVER \$USERNAME \$PASSWORD \$DOMAIN $PREFIX plantest blackbox.wbinfo dc $bbdir/test_wbinfo.sh \$DOMAIN \$USERNAME \$PASSWORD dc plantest blackbox.wbinfo member $bbdir/test_wbinfo.sh \$DOMAIN \$DC_USERNAME \$DC_PASSWORD member +plantest blackbox.wintest none $bbdir/test_wintest.sh $TORTURE_OPTIONS # Tests using the Simple NTVFS backend diff --git a/testprogs/blackbox/test_wintest.sh b/testprogs/blackbox/test_wintest.sh new file mode 100755 index 000..8bbe4f2 --- /dev/null +++ b/testprogs/blackbox/test_wintest.sh @@ -0,0 +1,45 @@ +#!/bin/sh +# Blackbox tests for testing against windows machines +# Copyright (C) 2008 Jim McDonough + + +testwithconf() { +# define test variables, startup/shutdown scripts +. $1 +shift 1 + +if [ -n $WINTEST_STARTUP ]; then +. $WINTEST_STARTUP; +fi + +testit smbtorture $smbtorture //$SERVER/$SHARE RAW-OPEN -W $DOMAIN -U$USERNAME%$PASSWORD $@ || failed=`expr $failed + 1` + +if [ -n $WINTEST_SHUTDOWN ]; then +. $WINTEST_SHUTDOWN; +fi +} + + +# main +# skip without WINTEST_CONF_DIR +if [ -z $WINTEST_CONF_DIR ]; then +exit 0; +fi + +SOCKET_WRAPPER_DIR= +export -n SOCKET_WRAPPER_DIR + +failed=0 + +$basedir=`pwd` + +samba4bindir=`dirname $0`/../../source/bin +smbtorture=$samba4bindir/smbtorture + +. `dirname $0`/subunit.sh + +for wintest_conf in $WINTEST_CONF_DIR/*.conf; do +testwithconf $wintest_conf $@; +done + +exit $failed diff --git a/testprogs/blackbox/wintest/wintest.conf b/testprogs/blackbox/wintest/wintest.conf new file mode 100644 index 000..d140366 --- /dev/null +++ b/testprogs/blackbox/wintest/wintest.conf @@ -0,0 +1,7 @@ +#export WINTEST_STARTUP=/tmp/startup client +#export WINTEST_SHUTDOWN=/tmp/shutdown client +export DOMAIN=client +export USERNAME=administrator +export PASSWORD=samba +export SERVER=192.168.213.161 +export SHARE=c\$ \ No newline at end of file -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-2838-gcf382a8
The branch, v3-3-test has been updated via cf382a87602a63368587ffa2c95b774f2f97c21b (commit) via 94d45b1bb97ac2b6025d429389993ac43044f5b8 (commit) via bcc6d3a0ebdcb904b5a2a4de63d9ed7415e9bb33 (commit) via 63ca4414b62657983c27d2930483aa56f9c78ccf (commit) via bbfe5bcaf5ec5d06ffd110ab362ea3f228867603 (commit) via 9557504d70fe57098914da131b39212faf4f0a7d (commit) via ae179e4f3faccbf2c9f19b6f070f5daf87cdfc50 (commit) via e9b79f34d5afe10ee8d9b1e2dd19c8aafa533579 (commit) via 0707d32042b23d615b57b2f955775472b766770e (commit) via b5a0e2d18f8d5c98326fefbda5972c02f898ed82 (commit) from f30bc6503de6c712101e04fe26c004eeffcd300e (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit cf382a87602a63368587ffa2c95b774f2f97c21b Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 22:33:46 2008 +0200 net_vampire: rename process_database to samsync_process_database. Guenther commit 94d45b1bb97ac2b6025d429389993ac43044f5b8 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 21:57:32 2008 +0200 net_vampire: fix ldif_init_context(). Guenther commit bcc6d3a0ebdcb904b5a2a4de63d9ed7415e9bb33 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 21:46:59 2008 +0200 net_vampire: split out rpc_vampire_ldif(). Guenther commit 63ca4414b62657983c27d2930483aa56f9c78ccf Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 21:25:53 2008 +0200 net_vampire: add samsync_init_context(). Guenther commit bbfe5bcaf5ec5d06ffd110ab362ea3f228867603 Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Jun 13 21:11:55 2008 +0200 net_vampire: add samsync_debug_str(). Guenther commit 9557504d70fe57098914da131b39212faf4f0a7d Author: Günther Deschner [EMAIL PROTECTED] Date: Thu Jun 12 12:35:46 2008 +0200 net_vampire: restructure internal code more. Guenther commit ae179e4f3faccbf2c9f19b6f070f5daf87cdfc50 Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jun 11 02:29:58 2008 +0200 net_vampire: start using talloc for the ldif vampire code. Guenther commit e9b79f34d5afe10ee8d9b1e2dd19c8aafa533579 Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jun 11 01:46:58 2008 +0200 net_vampire: join dump and process function into one callback. Guenther commit 0707d32042b23d615b57b2f955775472b766770e Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jun 11 01:29:36 2008 +0200 net_vampire: let fetch_database and fetch_database_to_ldif use sid pointers. Guenther commit b5a0e2d18f8d5c98326fefbda5972c02f898ed82 Author: Günther Deschner [EMAIL PROTECTED] Date: Wed Jun 11 01:23:43 2008 +0200 net_vampire: let dump_database() return NTSTATUS. Guenther --- Summary of changes: source/utils/net.h | 42 ++- source/utils/net_proto.h |9 + source/utils/net_rpc.c | 34 +- source/utils/net_rpc_samsync.c | 1197 +++- 4 files changed, 773 insertions(+), 509 deletions(-) Changeset truncated at 500 lines: diff --git a/source/utils/net.h b/source/utils/net.h index 65c8d75..627ac0a 100644 --- a/source/utils/net.h +++ b/source/utils/net.h @@ -148,13 +148,43 @@ enum netdom_domain_t { ND_TYPE_NT4, ND_TYPE_AD }; /* Structure for mapping accounts to groups */ /* Array element is the group rid */ typedef struct _groupmap { - uint32 rid; - uint32 gidNumber; - fstring sambaSID; - fstring group_dn; + uint32_t rid; + uint32_t gidNumber; + const char *sambaSID; + const char *group_dn; } GROUPMAP; typedef struct _accountmap { - uint32 rid; - fstring cn; + uint32_t rid; + const char *cn; } ACCOUNTMAP; + +enum net_samsync_mode { + NET_SAMSYNC_MODE_FETCH_PASSDB = 0, + NET_SAMSYNC_MODE_FETCH_LDIF = 1, + NET_SAMSYNC_MODE_DUMP = 2 +}; + +struct samsync_ldif_context { + GROUPMAP *groupmap; + ACCOUNTMAP *accountmap; + bool initialized; + const char *add_template; + const char *mod_template; + char *add_name; + char *mod_name; + FILE *add_file; + FILE *mod_file; + FILE *ldif_file; + const char *suffix; + int num_alloced; +}; + +struct samsync_context { + enum net_samsync_mode mode; + const struct dom_sid *domain_sid; + const char *domain_sid_str; + const char *ldif_filename; + + struct samsync_ldif_context *ldif; +}; diff --git a/source/utils/net_proto.h b/source/utils/net_proto.h index fe3b864..a370d3d 100644 --- a/source/utils/net_proto.h +++ b/source/utils/net_proto.h @@ -359,6 +359,15 @@ NTSTATUS rpc_vampire_internals(struct net_context *c,
Build status as of Sat Jun 14 00:00:03 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-06-13 00:00:28.0 + +++ /home/build/master/cache/broken_results.txt 2008-06-14 00:00:44.0 + @@ -1,4 +1,4 @@ -Build status as of Fri Jun 13 00:00:02 2008 +Build status as of Sat Jun 14 00:00:03 2008 Build counts: Tree Total Broken Panic @@ -6,7 +6,7 @@ ccache 34 8 0 ctdb 0 0 0 distcc 1 0 0 -ldb 33 13 0 +ldb 34 13 0 libreplace 33 11 0 lorikeet-heimdal 29 24 0 pidl 20 14 0 @@ -15,7 +15,7 @@ samba-docs 0 0 0 samba-gtk4 4 0 samba_3_2_test 34 22 0 -samba_4_0_test 32 26 0 +samba_4_0_test 32 27 0 smb-build32 4 0 talloc 34 7 0 tdb 34 13 0