Re: [Samba] [Announce] Samba 3.5.0rc2 Available for Download
Quoting Dale Schroeder (d...@briannassaladdressing.com): Any chance that there will be included in this release, a fix for the libkrb5-3 1.8 problem with winbind? Or will that fix have to come from the libkrb5-3 maintainers? Sam Hartman answered to this by reassigning the relevant bug to the kerberos packages which he maintains. So, the fix will come from there and (personal advice) you can trust Sam on doing The Right Thing. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem with file ownerships on domain member server
Hi I'm possibly missing something obvious, but I'm struggling with ownership permissions on a Samba server. I have a Solaris 10 server running Samba 3.0.33. The server has been joined to the Active Directory domain (CSS). Every user has both a Unix login (served by NIS) and a Windows Domain login account. I can connect to the Samba share and create files without any problems. The Samba install is successfully mapping domain user jsmith to the Unix user jsmith. However, when I check the ownership of the file from within Windows, I see that the file is owned by jsmith (Unix User\jsmith) and not jsmith (CSS\jsmith). Is it possible to configure Samba so that files are created with the DOMAIN\username instead of Unix User\username? This is my smb.conf file: [global] workgroup = CSS realm = CSS.AD.EXAMPLE.COM server string = Solaris Samba Server security = ADS password server = mancssdc01, mancssdc02, mancssdc03 log file = /var/samba/log/log.%m max log size = 50 load printers = No preferred master = No dns proxy = No ldap ssl = no winbind use default domain = Yes [Users] comment = User documents path = /fileserver/Users/%u read only = No guest ok = No preserve case = Yes oplocks = yes [Profiles] comment = Roaming Profiles path = /fileserver/Profiles/%u read only = No guest ok = No preserve case = Yes oplocks = yes create mask = 0600 directory mask = 0700 Thanks for any help. JR -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbind AD authentication problem
It seems I have the same problem that was discussed briefly earlier on this list in a mail from Kris Kaido. I didn't see any solution, so I'm wondering if it's considered a bug that needs to be fixed or simply a configuration error. To be more specifc; I have joined a Win2008R2 Forest/Domain AD with my server running RHEL5.4 - samba-3.0.33-3.14.el5 without problems. I can view users and groups in the domain with wbinfo -u / wbinfo -g Getent passwd also works fine, aswell as 'su - domainuser' But I cannot authenticate users with password, ie login. wbinfo -K domainuser%password works fine. wbinfo -a domainuser%password fails on both plaintext and challenge/response password. See below for output. Ex; # wbinfo -K domainuser%password plaintext kerberos password authentication for [domainuser%password] succeeded (requesting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 # wbinfo -a domainuser%password plaintext password authentication failed error code was NT code 0x0721 (0x721) error messsage was: NT code 0x0721 Could not authenticate user domainuser%password with plaintext password challenge/response password authentication failed error code was NT_STATUS_PIPE_DISCONNECTED (0xc0b0) error messsage was: Named pipe dicconnected Could not authenticate user domainuser with challenge/response -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] AD Computer Account Becoming Disabled on Re-Join
Dear All, Environment is: - Squid proxy on linux - Samba (have tried 3.2.8 and 3.4.3) as a domain client (ADS) - Heimdal Kerberos - Active Directory on multiple local Windows Server 2003 domain controllers (single domain) Squid is joining the AD domain with ADS via Samba in order to authenticate users with NTLM etc and perform LDAP queries. As part of the Squid configuration, on startup the system performs a net ads join to join the domain and on restart of the squid services it leaves the domain then re-joins. Somewhere in the region of 2 out of 3 times that this leave/re-join process occurs the computer account in AD becomes disabled and the box is unable to complete the join. In most cases going through the leave/re-join resolves this issue and the account becomes re-enabled. This is somewhat frustrating, as the usual things that can go wrong (bind account credentials/logon names, DNS forward/reverse resolution, server hostname, clock skew, AD permissions, etc) all seem to be fine - and indeed some of the time the joins occur without a problem. Investigating what happens when the account becomes disabled doesn't yield anything interesting to me: smb.conf [global] workgroup = DOMAIN netbios name = SQUID-1 realm = DOMAIN.LOCAL security = ads password server = DC2.DOMAIN.LOCAL winbind separator = / winbind enum users = yes winbind enum groups = yes krb5.conf [libdefaults] default_realm = DOMAIN.LOCAL clockskew = 300 [realms] DOMAIN.LOCAL = { admin_server = tcp/DC2.domain.local:749 kdc = tcp/DC2.domain.local:88 admin_server = tcp/DC5.domain.local:749 kdc = tcp/DC5.domain.local:88 default_domain = domain.local } [domain_realm] .domain.local = DOMAIN.LOCAL domain.local = DOMAIN.LOCAL AD Event Logs: Event Type:Error Event Source:NETLOGON Event Category:None Event ID:5723 Computer:DC5 Description: The session setup from computer 'SQUID-1' failed because the security database does not contain a trust account 'SQUID-1$' referenced by the specified computer. Data: : 8b 01 00 c0 ?..À Event Type:Error Event Source:NETLOGON Event Category:None Event ID:5805 Computer:DC5 Description: The session setup from the computer SQUID-1 failed to authenticate. The following error occurred: Access is denied. Data: : 22 00 00 c0 ..À Winbind Logs: [Object becomes disabled: ] libsmb/cliconnect.c:996(cli_session_setup_spnego) Kinit failed: Preauthentication failed [Object becomes re-enabled: ] winbindd/winbindd.c:190(winbindd_sig_term_handler) Got sig[15] terminate (is_parent=0) [Object becomes disabled: ] winbindd/winbindd.c:190(winbindd_sig_term_handler) Got sig[15] terminate (is_parent=0) libsmb/cliconnect.c:996(cli_session_setup_spnego) Kinit failed: Clients credentials have been revoked I do have a number of packet traces of these exchanges, but briefly does anyone know what the best things to look for are? I can see the KRB5KDC_ERR_CLIENT_REVOKED NT Status: STATUS_ACCOUNT_DISABLED that seems to go along with what winbind reports. Is there any significance in this being a multi-DC environment in that I can see the kerberos exchange occuring with one DC and the SMB exchange (Session Setup, Tree Connect, etc) with a different DC? There are fundamental gaps in my understanding of the end-to-end process involved here, however I would appreciate if anyone can see anything glaringly wrong, has seen this before, or can give me any more avenues of investigation. Many thanks in advance, Rob. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Slow Domain/Workgroup Browsing
Hello, what could be wrong, when Domain/Workgroup Browsing needs ~30 Seconds? When i click on a Samba PDC, or a Domain Member Server it appears in one Second, without any waiting time. If i take the IP, or Name of the Server it will also take only one Second and i can browse the shares. Just Browsing in an Workgroup/Domain needs long. The automatic search for network printers, and shares is deactivated. There are no links in the Network Place to shares. So Browsing Network Neighbourhood is slow... We have many Computers in an NT4 Domain, but one doesn't appears in the Workgroup/Domain View from the Explorer. This Computer is Member in the Domain and has an Domain Account. A Login works also without Problem. Its just a little bit Strange. nmblookup shows the Client on Broadcast and from the WINS. Kind Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] tdb file corruption
Hello all, We are using samba/winbind for authenticating users using Active Directory (2k8) as our backend. We are using the rid idmap backend. Everything is working perfectly, except on a few boxes I have noticed that users we could look up before, return just the id (not the name),or user not found. Stopping samba/winbind, removing the idmap_cache.tdb file then starting samba/winbind has fixed this problem every time. It has not happened multiple times on the same box, but has happened a few times on different servers. We are running RHEL 5.3/5.4 using their version of samba, 3.0.33-3.15.el5_4.1 (which is the latest RHEL provides) . From the documentation I notice that it does say that the tdb files can get corrupted, however I was wondering if the newer versions of samba suffer from less tdb file corruption, or if there is something I can do to either prevent/lessen the chances of the tdb file getting corrupted. Also, is there a specific event that happens that causes it to get corrupted, or are there a vast variety of reasons? Thank you. smb.conf: netbios name = redacted workgroup = redacted security = ads realm = redacted use kerberos keytab = true idmap backend = rid idmap uid = 4000-1 idmap gid = 4000-1 winbind enum users = yes winbind enum groups = yes auth methods = winbind template shell = /bin/bash template homedir = /afs/redacted/home/%U winbind normalize names = yes winbind use default domain = yes allow trusted domains = no winbind cache time = 3600 -- Andrew Tranquada Sent from Blacksburg, VA, United States -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] single stream performance issue, Win2K, WinXP, Samba 3.2.5-4lenny7 (Debian Lenny)
Stan Hoeppner put forth on 1/27/2010 4:37 PM: Stan Hoeppner put forth on 1/25/2010 5:30 PM: Volker Lendecke put forth on 1/25/2010 1:28 AM: The dual-stream one is kindof limited help. The interesting piece is how Win-Win does its thing faster, so we need to see that one. I've been busting my but trying to get you something meaningful. This dump is less than optimal for two reasons, but it's the best I can get you thus far. 1. Running tshark on Win2K creates a huge network performance hit and thus b/w numbers for small file (250MB) transfers don't come close to accurately describing the real world. With tshark running the b/w is less than half of normal with small files. 2. Because of this I had to do a huge file copy to allow time for the client to level off at peak performance, which is still ~500KB/s lower than normal due to tshark overhead. Anyway, the file is over 400MB. It'll take quite a while to grab off my server. http://www.hardwarefreak.com/smb-winwin-single-stream Hope you are able to glean something meaningful from it. Were you able to grab this trace file yet Volker? If so, have you found anything interesting yet when comparing it to the previous Samba-Win2K trace file? Any clues yet as to why the win-win throughput is almost 3MB/s better than Samba-Win? If you haven't dug into it yet, as a reminder, this last trace capture was done with tshark on windows. The previous trace file was captured on the Linux machine with tcpdump. Some additional data points to add to this performance issue. Using smbclient 3.2.5 on the samba server box, with no tweak options, I ran get/put tests to each of the Windows workstations. The results are interesting to say the least. The get performance maxes the fast ethernet link at ~11MB/s. If you recall, the workstations max out their upload to smbd at ~8MB/s, with the same for download. If smbclient on the smbd box can pull from a workstation at 11MB/s, using the same TCP/IP stack and SO settings smbd should be able to absorb an upload at 11MB/s because it's the same path. But it doesn't, it caps the workstation uploads (and downloads) at ~8MB/s, no matter what options I try. Windows XP Home machine: smb: \ get src.exe getting file \src.exe of size 121983488 as src.exe (11276.5 kb/s) (average 11276.5 kb/s) smb: \ put src.exe putting file src.exe as \src.exe (6149.3 kb/s) (average 6149.3 kb/s) Windows 2000 Pro machine: smb: \ get src.exe getting file \src.exe of size 121983488 as src.exe (11195.9 kb/s) (average 11195.9 kb/s) smb: \ put src.exe putting file src.exe as \src.exe (6362.5 kb/s) (average 6362.5 kb/s) -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/winbind with Active Directory auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kris and Johan, Both of you have not appended your smb.conf files. Maybe doing that would help as well. - From what I am seeing, the pam stack Kris gave was authenticating via winbind which would use either plaintext, lanman, ntlm or ntlmv2 and not configured to authenticate using kerberos. The plaintext password authentication is pretty insecure and this is what I suspect your setup is attempting to use. Win 2008 has that disabled by default as well as (afaik) lanman and ntlm. If you plan on using winbind to authenticate, you will likely need to add the following directive in the [global] section of your smb.conf file: client ntlmv2 auth = yes You may then need to restart winbindd and smbd (hell, you could restart the whole machine if you felt like it). Tell us if this works out for you. Volker Lendecke wrote: On Tue, Jan 19, 2010 at 08:23:45AM +0400, Alexander R. Fahrutdinov wrote: В сообщении от Понедельник 18 января 2010 19:33:00 автор Kris Kaido написал: Hi List, I'm installing a Samba server with the intended purpose of serving files to Windows users with seamless authentication on the smb server. For that, I've been reading and following every single google search result regarding the subject, but it seems I'm stuck at some point where other people are not blocked ... To summarize, I have these commands OK: # kinit admin_u...@domain.example.com # klist (ticket ok) # net join ads -S server -U admin_user # wbinfo -u and -g (both showing DOMAIN\...) # wbinfo -t (succeeded) Try to use Kerberos auth (wbinfo -K login%pass). It's possible, Windows PDC does not support NT-style auth via pipe. Also, try 'nt pipe support = no' option in smb.conf file. ??? nt pipe support = no is extremely unlikely to ever help these days. Volker -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAktoNyMACgkQup357T5MfTZZQACfddZOp6HuFaC7yQ4ccQY3s/Gx DqQAn3/1pdGzOj+LnnNEFNiabeMff/Qq =F63l -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Dual booted clients with different name drop each other out of domain
Tested this morning with static IPs set on /etc/network/interfaces: it works. I have seen that XP clients have domain configured as school.net when they fail to log in the user, it is enough to erase the .net so user can login again. Ubuntu clients get access denied and we need to do net ads join again to get users login again. I think this is about windows dhcp server having school as domain name, even if doc made on purpose for this server states it should be school.net (see original post). May be the dhcp service gives school.net to XP clients? ¿What do you think? There are now some 10 machines, some with static IPs and some with DHCP, they will be under observation for about two weeks. Thank you all for your answers! Ciao, Roman Kevin Keane(e)k dio: The problem with dual-booting is that you end up with two DNS records pointing to the same IP address. Active Directory regularly tries to contact the clients one by one (it does that for any number of administrative purposes). If the machine is turned off and isn't responding at all - no problem. But if the machine is booted into Linux while AD tries to reach the Windows machine on the same IP, you get an error (I believe it is Kerberos Error 4). Another issue is that one of the two DNS records wouldn't have a matching reverse DNS record (PTR record), since there can only be one PTR record per IP address. All this happens when dual-booting different Windows versions, as well. In my experience, though, it's not really deadly - in fact, the user usually doesn't even know this is happening. What, specifically, do you mean by drop each other out of the domain? In my very small network, the easiest solution was to use a static IP for one of the two OS. -Original Message- From: samba-boun...@lists.samba.org [mailto:samba- boun...@lists.samba.org] On Behalf Of Roman Muñoz Sent: Sunday, January 31, 2010 5:41 AM To: samba@lists.samba.org Subject: Re: [Samba] Dual booted clients with different name drop each other out of domain Thanks for your answers. Probably it would be not very difficult to change the MAC address. This has the advantage that could work even if IT staff doesn't want to do any change in their dhcpd configuration. On the other hand, it seems that reconfiguring dhcpd would be a nicer solution that could perhaps be accepted by IT staff. However the pointer given seems to be about linux dhcpd, not about windows dhcpd. After some googling I got the windows doc about vendor classes, but I wonder by just changing host's name is not enough. Could you guys give any pointer to dual boot problem between windows OSes? Thanks again, Roman Rob Townley(e)k dio: changing the MAC is not recommended. Same problem with dual booted win2k/winxp/winvista machines as well. Not just a Linux issue. Do u have control / influence over dhcpd? if so, Linux clients and MSFT clients can be detected by their dhcp vendor id and then given a different hostname and ip address even though the MAC IS THE SAME. drbl.sf.net has a good example of using dhcp vendor id when assigning an ip configuration. look at /etc/dhcp/dhcpd.conf report back and let us know. On 1/30/10, Roman Muñoz ta...@infonegocio.com wrote: Hi, I'm setting some Ubuntu Karmic clients on a school net. PDC is windows 2k3 r2. I realized that DHCP server sends only school, not school.net as domain name. I have been told that AD configuration was migrated as is from an older windows release. I used a supersede line on client's dhcp.conf to get a correct domain name. I'm not authorized to do any configuration change on PDC but could see the event log, etc. Client machines are dual booted: XP client and Ubuntu client on the same machine get different unique names. Ubuntu clients are configured following the guides available on the Net, and are working quite well: domain users can logon and shares are mounted. But XP and Ubuntu keep dropping each other out of domain. Any ideas? TIA Roman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] assigning users permissions
We have several samba servers connected to the Active Directory enterprise. Permits us to manage them acl, but now it has been decided that permissions are assigned by users. That makes samba by default, and the user owns the folder. As you do better? Any ideas? -- ## # Esteban Torres Rodríguez # # Área de Soporte Técnico# # Subdirección de Sistemas Informáticos # # Empresa Pública Desarrollo Agrario y Pesquero # # email: etor...@dap.es # ## -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] assigning users permissions
We have several samba servers connected to the Active Directory enterprise. Permits us to manage them acl, but now it has been decided that permissions are assigned by users. That makes samba by default, and the user owns the folder. As you do better? Any ideas? Not sure what your question is. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba/winbind with Active Directory auth
Hello Robert, Kris. I have tried with client ntlmv2 auth = yes but I'm still getting the problem. This is output from the messages log; Feb 2 16:32:26 udcsp03 winbindd[1]: [2010/02/02 16:32:26, 0] rpc_client/cli_pipe.c:cli_pipe_verify_schannel(354) Feb 2 16:32:26 udcsp03 winbindd[1]: cli_pipe_verify_schannel: auth_len 56. Above Startup Feb 2 16:32:26 udcsp03 winbindd[20007]: [2010/02/02 16:32:26, 0] nsswitch/idmap.c:smb_register_idmap(146) Feb 2 16:32:26 udcsp03 winbindd[20007]: Idmap module rid already registered! Feb 2 16:32:26 udcsp03 winbindd[20007]: [2010/02/02 16:32:26, 0] lib/module.c:do_smb_load_module(69) Feb 2 16:32:26 udcsp03 winbindd[20007]: Module '/usr/lib64/samba/idmap/rid.so' initialization failed: NT_STATUS_OBJECT_NAME_COLLISION The above is from when I do wbinfo -g or wbinfo -u Feb 2 16:33:07 udcsp03 winbindd[1]: [2010/02/02 16:33:07, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) Feb 2 16:33:07 udcsp03 winbindd[1]: rpc_api_pipe: Remote machine INFRADC06.sweinfra.se pipe \NETLOGON fnum 0x8008returned critical error. Error was NT_STATUS_PIPE_DISCONNECTED And above the main problem, wbinfo -a domainuser%password I'm attaching my smb.conf. /JB -Original Message- From: Robert Freeman-Day [mailto:pres...@gmail.com] Sent: den 2 februari 2010 15:31 To: Kris Kaido Cc: Bergstrom Johan; samba@lists.samba.org Subject: Re: [Samba] Samba/winbind with Active Directory auth -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kris and Johan, Both of you have not appended your smb.conf files. Maybe doing that would help as well. - From what I am seeing, the pam stack Kris gave was authenticating via winbind which would use either plaintext, lanman, ntlm or ntlmv2 and not configured to authenticate using kerberos. The plaintext password authentication is pretty insecure and this is what I suspect your setup is attempting to use. Win 2008 has that disabled by default as well as (afaik) lanman and ntlm. If you plan on using winbind to authenticate, you will likely need to add the following directive in the [global] section of your smb.conf file: client ntlmv2 auth = yes You may then need to restart winbindd and smbd (hell, you could restart the whole machine if you felt like it). Tell us if this works out for you. Volker Lendecke wrote: On Tue, Jan 19, 2010 at 08:23:45AM +0400, Alexander R. Fahrutdinov wrote: В сообщении от Понедельник 18 января 2010 19:33:00 автор Kris Kaido написал: Hi List, I'm installing a Samba server with the intended purpose of serving files to Windows users with seamless authentication on the smb server. For that, I've been reading and following every single google search result regarding the subject, but it seems I'm stuck at some point where other people are not blocked ... To summarize, I have these commands OK: # kinit admin_u...@domain.example.com # klist (ticket ok) # net join ads -S server -U admin_user # wbinfo -u and -g (both showing DOMAIN\...) # wbinfo -t (succeeded) Try to use Kerberos auth (wbinfo -K login%pass). It's possible, Windows PDC does not support NT-style auth via pipe. Also, try 'nt pipe support = no' option in smb.conf file. ??? nt pipe support = no is extremely unlikely to ever help these days. Volker -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAktoNyMACgkQup357T5MfTZZQACfddZOp6HuFaC7yQ4ccQY3s/Gx DqQAn3/1pdGzOj+LnnNEFNiabeMff/Qq =F63l -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Domain login delays w2k8 R2
Hello! We have a w2k8 R2 64-bit machine in a Samba 3.4.4 controlled domain. When logging in as a domain user there is a ~30 sec delay waiting for the User Profile Service. This has nothing to do with the size of the user profile. Looking at the network traffic I can see 2 gaps, the first about 11 sek and the second about 19 sek with no packets sent except one TCP ACK (from the client) in each gap. Between the gaps there is only a few packets sent. According to WireShark it's a Tree Disconnect Request with response and a Logoff AndX Request with response. Any idea what may be causing this? -- Åke Holmlund Phone: 090 - 786 57 16 Umeå University Fax: 090 - 786 65 50 Dept of Informatics Email: h...@informatik.umu.se 901 87 Umeå SWEDEN -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Domain login delays w2k8 R2
On Tue, Feb 02, 2010 at 07:03:11PM +0100, Åke Holmlund wrote: Hello! We have a w2k8 R2 64-bit machine in a Samba 3.4.4 controlled domain. When logging in as a domain user there is a ~30 sec delay waiting for the User Profile Service. This has nothing to do with the size of the user profile. Looking at the network traffic I can see 2 gaps, the first about 11 sek and the second about 19 sek with no packets sent except one TCP ACK (from the client) in each gap. Between the gaps there is only a few packets sent. According to WireShark it's a Tree Disconnect Request with response and a Logoff AndX Request with response. Any idea what may be causing this? Gaps like that are almost always DNS lookups of some kind :-). Are you looking for those, or just CIFS traffic ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] (no subject)
Sirs: I have a Ubuntu 6.06 samba 3.0.22 file server running on linux. I am attempting to update the file server to ubuntu 8.10, samba 3.2.3. I have been attempting this, intermittently, for some time which is why 8.10. I have 10 MSDOS (mostly 6.22) workstations as a part of the network. The ones that have to run, control production machinery on the plant floor. Updating the operating system on those machines is effectivly impossible. There are some of them that run software that I control, most of them use vendor supplied software to control the older machines. They are using lanman 2.2 as the client software. (I have many xp workstations, they work fine with both systems. I can map drives, read and save and run the same dos exe files that the dos stations are failing on. Print stuff...) On the old server, the dos stations can log in and use network resources. Thus far, I have failed to make them work on the new server. The relevant parts of the smb.conf files for the servers are -- The 3.0.22 server. This one is the production server and the dos stations work. # Samba config file created using SWAT # from 10.23.0.118 (10.23.0.118) # Date: 2010/01/29 09:46:06 [global] workgroup = ATRIUM-DW server string = Samba passwd program = /usr/bin/passwd %u unix password sync = Yes change notify timeout = 30 deadtime = 30 printcap name = CUPS disable spoolss = Yes show add printer wizard = No ldap ssl = no case sensitive = No [bestbilt] comment = Mapped as U: path = /atrium/bestbilt valid users = @users force group = users read only = No create mask = 0664 force create mode = 0664 directory mask = 0775 force directory mode = 0775 oplocks = No level2 oplocks = No strict locking = No *** The 3.2.3 server # Samba config file created using SWAT # from UNKNOWN () # Date: 2010/02/02 13:20:51 [global] workgroup = ATRIUM-DW guest account = bbijimhur lanman auth = Yes ldap ssl = no [bestbilt] comment = working production data path = /atrium/bestbilt username = bbijimhur valid users = @users force group = users read only = No guest ok = Yes [dosbbilt] comment = win94 for dos workstations path = /atrium/bestbilt read only = No guest ok = Yes This smb.conf file is the best one I have been able to create for the dos stations. With it, I can log in and map the drive. net use u: \\bbi-sam-2-srv\bestbilt I can do directory listings and change directory to u:\win94 When I attempt to run a dos program (tracking.exe) I get the following u:\win94\ Tracking NET805: NETWORK DEVICE NO LONGER EXISTS READING DRIVE U Abort, Retry, Fail? f Access denied. I have much the same error if I put the executable on the local drive and attempt to use shared .dbf data files from the server. I can connect to the old server with the same box. It takes a few minutes to change all the config files for lanman, but it works. On the old server, I can login, map the drives and run executables and use the dbf data files. It seems to me as if there is some configuration flag where the default has from 3.0 to 3.2 that I can't find. I did a detailed view of both config files from swat and ran a dif on them. I was unable to identify a place that could be changed that would allow the dos machines to utilize the samba file server. I am willing to use either different client software on the dos stations, or update the samba setup to a different version. I like ubuntu, but am not wedded to it. However, the dos stations must stay, even if I must maintain a server with 3.0 on it to keep them running. Any ideas? I am more that willing to RTFM, but have exausted my ideas of which FM and which part of it to read. Hints in this matter would be welcome. Hints on which config option in smb.conf would be even more welcome. Thanks in advance, Jim Hurlburt Atrium Windows and Doors Northwest. Yakima, WA USA -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] OS X Clients Can't Create Sub-Directories
I'm running samba on a local linux server, with a bunch of shares. Over the last several years, this has worked perfectly in our heterogenous network of OS X and Windows. All my windows clients still work perfectly - my users can mount the samba shares and create, rename, move etc files and folders. However, recently (starting yesterday) my OS X clients are unable to rename any sub directories on any of my shares. So, if I have a structure like this: Share Root FooFolder Bar Folder My OS X users are able to create and rename directories in the share root, but are unable to rename folders they create in sub directories. So, if my OS X user navigates to FooFolder and tries to create a new folder there, a new folder is created called untitled folder, but I'm unable to rename it. Every time I do, the finder says You don't have permission to rename the item untitled folder. But, again, I can create and rename folders in the root of the share without issue. Here are the relevant bits from my smb.conf (Neighborhood is the name of the share): [global] log file = /var/log/samba/log.%m load printers = no guest account = nobody passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . socket options = TCP_NODELAY obey pam restrictions = yes encrypt passwords = true passwd program = /usr/bin/passwd %u passdb backend = tdbsam dns proxy = no delete readonly = yes server string = %h server invalid users = root workgroup = lappygroup security = share syslog = 0 panic action = /usr/share/samba/panic-action %d max log size = 1000 unix extensions = no [Neighborhood] comment = Who are the people in your neighborhood... path = /mnt/brick/Neighborhood public = yes writable = yes create mask = 0777 directory mask = 0777 force user = nobody force group = nogroup And here are the permissions on the root of the share: r...@jake:/mnt/brick# ls -la | grep Neighborhood drwxrwxrwx 46 nobody nogroup 2360 2010-02-02 15:31 Neighborhood And the Advertising directory where I want to create a sub directory. r...@jake:/mnt/brick/Neighborhood# ls -la | grep Advertising drwxrwxrwx 4 nobody nogroup 144 2010-02-02 15:49 Advertising And the resulting untitled folder that is created by the OS X client. r...@jake:/mnt/brick/Neighborhood/Advertising# ls -la total 11 drwxrwxrwx 4 nobody nogroup 144 2010-02-02 15:49 . drwxrwxrwx 46 nobody nogroup 2360 2010-02-02 15:31 .. -rwxrwxrwx 1 nobody nogroup 6148 2009-05-04 10:03 .DS_Store drwxrwxrwx 3 nobody nogroup 1064 2008-12-17 15:38 Lead Tracking drwxrwxrwx 2 nobody nogroup 48 2010-02-02 15:49 untitled folder What should I be checking? Thanks! -- Kimball -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] You do not have permission to change password issue with XP clients
Greetings all I'm running Samba 3.0 on an Ubuntu box as a PDC and I'm having trouble changing passwords with XP clients - here's my smb.conf http://pastebin.com/m1bb6d4a6 I've played with a variety of passwd chat settings but no joy. I am trying to use pam_cracklib.so - here's my /etc/pam.d/common-password file: http://pastebin.com/m1a1d5f89 I've tried the suggestions in this thread, but no luck: http://www.mail-archive.com/samba@lists.samba.org/msg104476.html Any hints? I'd be very grateful for any suggestions anyone has the time to offer! -- Brett Charbeneau, GSEC Gold, GCIH Gold Network Administrator Williamsburg Regional Library 7770 Croaker Road Williamsburg, VA 23188-7064 (757)259-4044 www.wrl.org (757)259-4079 (fax)br...@wrl.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] OS X Clients Can't Create Sub-Directories
Kimball Larsen wrote: I'm running samba on a local linux server, with a bunch of shares. Over the last several years, this has worked perfectly in our heterogenous network of OS X and Windows. All my windows clients still work perfectly - my users can mount the samba shares and create, rename, move etc files and folders. However, recently (starting yesterday) my OS X clients are unable to rename any sub directories on any of my shares. So, if I have a structure like this: Share Root FooFolder Bar Folder My OS X users are able to create and rename directories in the share root, but are unable to rename folders they create in sub directories. So, if my OS X user navigates to FooFolder and tries to create a new folder there, a new folder is created called untitled folder, but I'm unable to rename it. Every time I do, the finder says You don't have permission to rename the item untitled folder. But, again, I can create and rename folders in the root of the share without issue. Here are the relevant bits from my smb.conf (Neighborhood is the name of the share): [global] log file = /var/log/samba/log.%m load printers = no guest account = nobody passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . socket options = TCP_NODELAY obey pam restrictions = yes encrypt passwords = true passwd program = /usr/bin/passwd %u passdb backend = tdbsam dns proxy = no delete readonly = yes server string = %h server invalid users = root workgroup = lappygroup security = share syslog = 0 panic action = /usr/share/samba/panic-action %d max log size = 1000 unix extensions = no [Neighborhood] comment = Who are the people in your neighborhood... path = /mnt/brick/Neighborhood public = yes writable = yes create mask = 0777 directory mask = 0777 force user = nobody force group = nogroup And here are the permissions on the root of the share: r...@jake:/mnt/brick# ls -la | grep Neighborhood drwxrwxrwx 46 nobody nogroup 2360 2010-02-02 15:31 Neighborhood And the Advertising directory where I want to create a sub directory. r...@jake:/mnt/brick/Neighborhood# ls -la | grep Advertising drwxrwxrwx 4 nobody nogroup 144 2010-02-02 15:49 Advertising And the resulting untitled folder that is created by the OS X client. r...@jake:/mnt/brick/Neighborhood/Advertising# ls -la total 11 drwxrwxrwx 4 nobody nogroup 144 2010-02-02 15:49 . drwxrwxrwx 46 nobody nogroup 2360 2010-02-02 15:31 .. -rwxrwxrwx 1 nobody nogroup 6148 2009-05-04 10:03 .DS_Store drwxrwxrwx 3 nobody nogroup 1064 2008-12-17 15:38 Lead Tracking drwxrwxrwx 2 nobody nogroup 48 2010-02-02 15:49 untitled folder What should I be checking? Thanks! -- Kimball Hello Kimball, What version of Samba Server are you running? What version of OS X are you running? There have been huge changes in the use (and setting) of extended attributes with Snow Leopard. These can cause all sorts of issues that were not there before. Have your Mac clients just updated to Snow Leopard? I see that there is a .DS_Store file in the directory. The permissions on those files can prevent User B from accessing a share that User A accessed (or at least the directories in that share that were accessed by User A). In a shared environment accessed by multiple OS X servers, it's usually best to disable the creation of .DS_Store files on network volumes, as the wrong permissions on these files can prevent users from doing things they expect to be able to do. There are many postings on the net about how to disable the creation of the .DS_Store files, for example: http://www.macosxhints.com/article.php?story=20051130083652119 Regards, Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] (no subject) - DOS apps are failing on recent samba version
Am Dienstag 02 Februar 2010 23:56:06 schrieb James Hurlburt: Sirs: I have a Ubuntu 6.06 samba 3.0.22 file server running on linux. I am attempting to update the file server to ubuntu 8.10, samba 3.2.3. I have been attempting this, intermittently, for some time which is why 8.10. I have 10 MSDOS (mostly 6.22) workstations as a part of the network. The ones that have to run, control production machinery on the plant floor. Updating the operating system on those machines is effectivly impossible. There are some of them that run software that I control, most of them use vendor supplied software to control the older machines. They are using lanman 2.2 as the client software. (I have many xp workstations, they work fine with both systems. I can map drives, read and save and run the same dos exe files that the dos stations are failing on. Print stuff...) On the old server, the dos stations can log in and use network resources. Thus far, I have failed to make them work on the new server. The relevant parts of the smb.conf files for the servers are -- The 3.0.22 server. This one is the production server and the dos stations work. # Samba config file created using SWAT # from 10.23.0.118 (10.23.0.118) # Date: 2010/01/29 09:46:06 [global] workgroup = ATRIUM-DW server string = Samba passwd program = /usr/bin/passwd %u unix password sync = Yes change notify timeout = 30 deadtime = 30 printcap name = CUPS disable spoolss = Yes show add printer wizard = No ldap ssl = no case sensitive = No [bestbilt] comment = Mapped as U: path = /atrium/bestbilt valid users = @users force group = users read only = No create mask = 0664 force create mode = 0664 directory mask = 0775 force directory mode = 0775 oplocks = No level2 oplocks = No strict locking = No *** The 3.2.3 server # Samba config file created using SWAT # from UNKNOWN () # Date: 2010/02/02 13:20:51 [global] workgroup = ATRIUM-DW guest account = bbijimhur lanman auth = Yes ldap ssl = no [bestbilt] comment = working production data path = /atrium/bestbilt username = bbijimhur valid users = @users force group = users read only = No guest ok = Yes [dosbbilt] comment = win94 for dos workstations path = /atrium/bestbilt read only = No guest ok = Yes This smb.conf file is the best one I have been able to create for the dos stations. With it, I can log in and map the drive. net use u: \\bbi-sam-2-srv\bestbilt I can do directory listings and change directory to u:\win94 When I attempt to run a dos program (tracking.exe) I get the following u:\win94\ Tracking NET805: NETWORK DEVICE NO LONGER EXISTS READING DRIVE U Abort, Retry, Fail? f Access denied. I have much the same error if I put the executable on the local drive and attempt to use shared .dbf data files from the server. I can connect to the old server with the same box. It takes a few minutes to change all the config files for lanman, but it works. On the old server, I can login, map the drives and run executables and use the dbf data files. It seems to me as if there is some configuration flag where the default has from 3.0 to 3.2 that I can't find. I did a detailed view of both config files from swat and ran a dif on them. I was unable to identify a place that could be changed that would allow the dos machines to utilize the samba file server. I am willing to use either different client software on the dos stations, or update the samba setup to a different version. I like ubuntu, but am not wedded to it. However, the dos stations must stay, even if I must maintain a server with 3.0 on it to keep them running. Any ideas? I am more that willing to RTFM, but have exausted my ideas of which FM and which part of it to read. Hints in this matter would be welcome. Hints on which config option in smb.conf would be even more welcome. Thanks in advance, Jim Hurlburt Atrium Windows and Doors Northwest. Yakima, WA USA 1.) On your new server add the following to the [global] section of smb.conf: log level = 10 This will raise the debug level of samba - the log file(s) are usually written to /var/log/samba/log.smbd (this might be different in your distro) 2.) Take a network sniff on your new server, details are here: http://wiki.samba.org/index.php/Capture_Packets Now do the failing DOS commands again. The 1.) samba debug log might already be sufficient to track down the problem. Better would be both - the samba debug 10 log and a corresponding network sniff. To track that problem, please open a bug report at https://bugzilla.samba.org/
[Samba] winbind error?
Hello! i have some trouble with my samba setup (v3.4.5 or 3.3.10). the server is not responding (or very slow) for some minutes in log.winbindd-idmap i get: [2010/02/03 04:14:27, 1] lib/util_tdb.c:521(tdb_wrap_log) tdb(/home/samba-server/samba/3.4.5/var/locks/mutex.tdb): tdb_lock failed on list 43 ltype=1 (Interrupted system call) [2010/02/03 04:14:27, 0] lib/util_tdb.c:69(tdb_chainlock_with_timeout_internal) tdb_chainlock_with_timeout_internal: alarm (40) timed out for key DOMAINSERVER in tdb /home/samba-server/samba/3.4.5/var/locks/mutex.tdb [2010/02/03 04:14:27, 1] lib/server_mutex.c:71(grab_named_mutex) Could not get the lock for DOMAINSERVER [2010/02/03 04:14:27, 0] winbindd/winbindd_cm.c:782(cm_prepare_connection) cm_prepare_connection: mutex grab failed for DOMAINSERVER [2010/02/03 04:14:55, 0] libsmb/namequery.c:75(saf_store) saf_store: refusing to store 0 length domain or servername! [2010/02/03 04:14:55, 1] rpc_client/cli_pipe.c:949(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host DOMAINSERVER! in log.winbindd i get: -- [2010/02/03 04:14:45, 1] lib/util_tdb.c:521(tdb_wrap_log) tdb(/home/samba-server/samba/3.4.5/var/locks/mutex.tdb): tdb_lock failed on list 43 ltype=1 (Interrupted system call) [2010/02/03 04:14:45, 0] lib/util_tdb.c:69(tdb_chainlock_with_timeout_internal) tdb_chainlock_with_timeout_internal: alarm (40) timed out for key DOMAINSERVER in tdb /home/samba-server/samba/3.4.5/var/locks/mutex.tdb [2010/02/03 04:14:45, 1] lib/server_mutex.c:71(grab_named_mutex) Could not get the lock for DOMAINSERVER [2010/02/03 04:14:45, 0] winbindd/winbindd_cm.c:782(cm_prepare_connection) cm_prepare_connection: mutex grab failed for DOMAINSERVER [2010/02/03 04:15:17, 0] libsmb/namequery.c:75(saf_store) saf_store: refusing to store 0 length domain or servername! [2010/02/03 04:19:18, 1] rpc_client/cli_pipe.c:949(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host DOMAINSERVER! [2010/02/03 04:24:18, 0] winbindd/winbindd_dual.c:186(async_request_timeout_handler) async_request_timeout_handler: child pid 5454 is not responding. Closing connection to it. in log.wb-TESTDOM i get: -- [2010/02/03 04:18:40, 1] lib/util_tdb.c:521(tdb_wrap_log) tdb(/home/samba-server/samba/3.4.5/var/locks/mutex.tdb): tdb_lock failed on list 43 ltype=1 (Interrupted system call) [2010/02/03 04:18:40, 0] lib/util_tdb.c:69(tdb_chainlock_with_timeout_internal) tdb_chainlock_with_timeout_internal: alarm (40) timed out for key DOMAINSERVER in tdb /home/samba-server/samba/3.4.5/var/locks/mutex.tdb [2010/02/03 04:18:40, 1] lib/server_mutex.c:71(grab_named_mutex) Could not get the lock for DOMAINSERVER [2010/02/03 04:18:40, 0] winbindd/winbindd_cm.c:782(cm_prepare_connection) cm_prepare_connection: mutex grab failed for DOMAINSERVER [2010/02/03 04:19:18, 0] libsmb/namequery.c:75(saf_store) saf_store: refusing to store 0 length domain or servername! [2010/02/03 04:24:18, 1] rpc_client/cli_pipe.c:949(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host DOMAINSERVER! [2010/02/03 04:24:18, 0] winbindd/winbindd.c:190(winbindd_sig_term_handler) Got sig[15] terminate (is_parent=0) nmb and smb are running fine, no errors. what are these 'tdb_lock failed' errors? why do i get 'saf_store: refusing to store 0 length domain or servername!' here is my smb.conf: [global] netbios name = Domainserver server string = File Server workgroup = TESTDOM realm = TESTDOM bind interfaces only = yes interfaces = lo eth0 smb ports = 137 138 139 445 security = user encrypt passwords = true passdb backend = tdbsam guest ok = no invalid users = bin deamon sys man postfix mail ftp hosts allow = 127.0.0.1 172.16.1.0/24 hosts deny = 0.0.0.0/0 obey pam restrictions = yes unix password sync = no client ntlmv2 auth = yes local master = yes preferred master = yes os level = 65 domain master = yes domain logons = yes logon path = \\%L\profiles\%U logon drive = z: logon script = login.bat profile acls = yes acl compatibility = auto acl check permissions = True hide files = /?esktop.ini/ntuser.ini/NTUSER.*/?humbs.db/ wins support = yes name resolve order = wins bcast hosts dns proxy = yes log file = /home/samba-server/samba/current/var/log.%m log level = 2 max log size = 1000 syslog = 0 strict locking = yes socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 winbind separator = \\ winbind cache time = 3600 idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes winbind use default domain =
Re: [Samba] (no subject)
James Hurlburt put forth on 2/2/2010 4:56 PM: NET805: NETWORK DEVICE NO LONGER EXISTS READING DRIVE U Abort, Retry, Fail? Hi James, You didn't happen to put the new Samba server on a different IP subnet or VLAN than the old server did you? You didn't show the IP's and subnet masks of each machine. IIRC, NETBIOS can have problems crossing some routers and VLANs, possibly other network boundaries. If you aren't already, the first thing I'd do is get the new server on an IP address consecutive to the old server and make sure they're jacked into the same switch. This should eliminate any possible network topology issues causing problems. Is the new server a virtual machine? Make sure the hypervisor is allowing NETBIOS traffic to flow from the physical NIC to/from the VM. Actually, I should say, make sure it isn't disallowing such traffic. This is unlikely, but it's best to check. Running in a VM can often cause goofy hard to solve problems because of things not working at low levels the way we expect them to. Lastly, disable any iptables rules on the new server or other firewall scripting software, and disable SELinux if it is enabled. Look at netstat -an on both servers when connecting with the clients, and make sure all the same ports are being used. That's about all I can think of at this point. As Gunter mentioned, a network trace couldn't hurt. I'd probably try a few of the less time consuming recommendations above before resorting to the trace. -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Capitalisation Bug In Samba
I'm running CIFS 1.1 eco 6 on IA64 VMS 8.3-1H1. If I create a directory and then attempt to change the case of one of the letters, nothing happens. I have to add a letter, then remove it modifying the case at the same time. Could this be added as a bug for the next release? Cheers, Rob. *** Any opinions expressed in email are those of the individual and not necessarily those of the company. This email and any files transmitted with it are confidential and solely for the use of the intended recipient or entity to whom they are addressed. It may contain material protected by attorney-client privilege. If you are not the intended recipient, or a person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. Random House Group + 44 (0) 20 7840 8400 http://www.randomhouse.co.uk http://www.booksattransworld.co.uk http://www.kidsatrandomhouse.co.uk Generic email address - enquir...@randomhouse.co.uk Name Registered Office: THE RANDOM HOUSE GROUP LIMITED 20 VAUXHALL BRIDGE ROAD LONDON SW1V 2SA Random House Group Ltd is registered in the United Kingdom with company No. 00954009, VAT number 102838980 *** PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 27920f4... s3:configure: check complete set of EA functions only when we found at least one from d8071e7... Change uint_t to unsigned int in source4 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 27920f4f90424fa6055d9611713b2df481bc73c2 Author: Björn Jacke b...@sernet.de Date: Tue Feb 2 18:27:49 2010 +0100 s3:configure: check complete set of EA functions only when we found at least one this saves us some time in configure --- Summary of changes: source3/configure.in | 46 ++ 1 files changed, 18 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index f64110b..f3c6ba5 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1398,7 +1398,7 @@ AC_LIBTESTFUNC(sec, getprpwnam) AC_CHECK_FUNCS(strsignal) -# Check if we have libattr +# Check for EA implementations case $host_os in *osf*) AC_SEARCH_LIBS(getproplist, [proplist]) @@ -1406,24 +1406,27 @@ case $host_os in AC_CHECK_FUNCS(delproplist fdelproplist add_proplist_entry get_proplist_entry) AC_CHECK_FUNCS(sizeof_proplist_entry) ;; - *) - AC_SEARCH_LIBS(getxattr, [attr]) - AC_CHECK_FUNCS(getxattr lgetxattr fgetxattr listxattr llistxattr) - AC_CHECK_FUNCS(getea fgetea lgetea listea flistea llistea) - AC_CHECK_FUNCS(removeea fremoveea lremoveea setea fsetea lsetea) - AC_CHECK_FUNCS(flistxattr removexattr lremovexattr fremovexattr) - AC_CHECK_FUNCS(setxattr lsetxattr fsetxattr) - AC_CHECK_FUNCS(attr_get attr_list attr_set attr_remove) - AC_CHECK_FUNCS(attr_getf attr_listf attr_setf attr_removef) + *freebsd4* | *dragonfly* ) + AC_DEFINE(BROKEN_EXTATTR, 1, [Does extattr API work]) ;; -esac - - -# Check if attropen() is present if this is Solaris -case $host_os in *solaris*) AC_CHECK_FUNCS(attropen) ;; + *) + AC_SEARCH_LIBS(getxattr, [attr]) + AC_CHECK_FUNCS(getxattr,[ + AC_CHECK_FUNCS(lgetxattr fgetxattr listxattr llistxattr flistxattr removexattr lremovexattr fremovexattr setxattr lsetxattr fsetxattr) + ]) + AC_CHECK_FUNCS(getea,[ + AC_CHECK_FUNCS(fgetea lgetea listea flistea llistea removeea fremoveea lremoveea setea fsetea lsetea) + ]) + AC_CHECK_FUNCS(attr_get,[ + AC_CHECK_FUNCS(attr_list attr_set attr_remove attr_getf attr_listf attr_setf attr_removef) + ]) + AC_CHECK_FUNCS(extattr_delete_file,[ + AC_CHECK_FUNCS(extattr_delete_fd extattr_delete_link extattr_get_fd extattr_get_file extattr_get_link extattr_list_fd extattr_list_file extattr_list_link extattr_set_fd extattr_set_file extattr_set_link) + ]) + ;; esac @@ -1450,19 +1453,6 @@ if test x$ac_cv_func_getxattr = xyes ; then fi fi -# Check if we have extattr -case $host_os in - *freebsd4* | *dragonfly* ) -AC_DEFINE(BROKEN_EXTATTR, 1, [Does extattr API work]) -;; - *) -AC_CHECK_FUNCS(extattr_delete_fd extattr_delete_file extattr_delete_link) -AC_CHECK_FUNCS(extattr_get_fd extattr_get_file extattr_get_link) -AC_CHECK_FUNCS(extattr_list_fd extattr_list_file extattr_list_link) -AC_CHECK_FUNCS(extattr_set_fd extattr_set_file extattr_set_link) -;; -esac - AC_DISABLE_STATIC AC_ENABLE_SHARED -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 110a6f2... Fix bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps. from 27920f4... s3:configure: check complete set of EA functions only when we found at least one http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 110a6f29f0d130753419d5fc5c7b238ab30822ec Author: Jeremy Allison j...@samba.org Date: Tue Feb 2 16:32:51 2010 -0800 Fix bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps. Reported and found by Martin Hochreiter linux...@wavenet.at. Ensure we copy the right amount of registry data into the outgoing buffer. Jeremy. --- Summary of changes: source3/rpc_server/srv_spoolss_nt.c | 11 +-- 1 files changed, 9 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index b1513dd..e2e523d 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -7634,8 +7634,15 @@ WERROR _spoolss_EnumPrinterData(pipes_struct *p, /* data - counted in bytes */ - if (r-out.data regval_size(val)) { - memcpy(r-out.data, regval_data_p(val), regval_size(val)); + /* +* See the section Dynamically Typed Query Parameters +* in MS-RPRN. +*/ + + if (r-out.data regval_data_p(val) + regval_size(val) r-in.data_offered) { + memcpy(r-out.data, regval_data_p(val), + MIN(regval_size(val),r-in.data_offered)); } *r-out.data_needed = regval_size(val); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de24209... Fix bug 7081 - vfs_expand_msdfs doesn't work correctly (with fix identified) from 110a6f2... Fix bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de24209f0a745ada4220a1751c4ed88ae6eea575 Author: Jeremy Allison j...@samba.org Date: Tue Feb 2 16:43:41 2010 -0800 Fix bug 7081 - vfs_expand_msdfs doesn't work correctly (with fix identified) Fix inspired by idea from Eric Horst er...@cac.washington.edu. Jeremy. --- Summary of changes: source3/modules/vfs_expand_msdfs.c | 19 --- 1 files changed, 16 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_expand_msdfs.c b/source3/modules/vfs_expand_msdfs.c index 9edd0f6..177ebdb 100644 --- a/source3/modules/vfs_expand_msdfs.c +++ b/source3/modules/vfs_expand_msdfs.c @@ -173,11 +173,17 @@ static int expand_msdfs_readlink(struct vfs_handle_struct *handle, TALLOC_CTX *ctx = talloc_tos(); int result; char *target = TALLOC_ARRAY(ctx, char, PATH_MAX+1); + size_t len; if (!target) { errno = ENOMEM; return -1; } + if (bufsiz == 0) { + errno = EINVAL; + return -1; + } + result = SMB_VFS_NEXT_READLINK(handle, path, target, PATH_MAX); @@ -186,7 +192,7 @@ static int expand_msdfs_readlink(struct vfs_handle_struct *handle, target[result] = '\0'; - if ((strncmp(target, msdfs:, strlen(msdfs:)) == 0) + if ((strncmp(target, msdfs:, 6) == 0) (strchr_m(target, '@') != NULL)) { target = expand_msdfs_target(ctx, handle-conn, target); if (!target) { @@ -195,8 +201,15 @@ static int expand_msdfs_readlink(struct vfs_handle_struct *handle, } } - safe_strcpy(buf, target, bufsiz-1); - return strlen(buf); + len = MIN(bufsiz, strlen(target)); + if (len) { + memcpy(buf, target, len); + } else { + errno = ENOENT; + return -1; + } + TALLOC_FREE(target); + return len; } static struct vfs_fn_pointers vfs_expand_msdfs_fns = { -- Samba Shared Repository
Build status as of Wed Feb 3 07:00:04 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-02-02 00:00:30.0 -0700 +++ /home/build/master/cache/broken_results.txt 2010-02-03 00:00:05.0 -0700 @@ -1,21 +1,21 @@ -Build status as of Tue Feb 2 07:00:03 2010 +Build status as of Wed Feb 3 07:00:04 2010 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 1 0 0 +ccache 0 0 0 ldb 20 20 0 -libreplace 1 0 0 +libreplace 19 8 0 lorikeet 0 0 0 -pidl 0 0 0 +pidl 14 14 0 ppp 0 0 0 -rsync0 0 0 +rsync1 0 0 samba-docs 0 0 0 samba-web0 0 0 samba_3_current 0 0 0 samba_3_master 17 16 1 samba_3_next 0 0 0 samba_4_0_test 20 20 1 -talloc 1 0 0 +talloc 19 3 0 tdb 18 8 0