[Samba] kerberos - permissions - showacls fails
hi i have a file, owned by heinz_sgv an the permissons are set to 700. # ls -l x.txt -rwx-- 1 heinz_sgv domusers 15 2010-02-11 07:38 x.txt with smbclient i can access to the file, i have full rights and i can see the ACLs # smbclient //localhost/samba -U heinz_sgv%x -c showacls ;ls tmp/x.txt Domain=[GVCC.NET] OS=[Unix] Server=[Samba 3.5.0rc2] FILENAME:x.txt MODE:A SIZE:15 MTIME:Thu Feb 11 07:38:19 2010 revision: 1 type: 0x9004: SEC_DESC_DACL_PRESENT SEC_DESC_DACL_PROTECTED SEC_DESC_SELF_RELATIVE DACL ACLNum ACEs:3revision:2 --- ACE type: ACCESS ALLOWED (0) flags: 0x00 Specific bits: 0x1ff Permissions: 0x1e01ff: SYNCHRONIZE_ACCESS WRITE_OWNER_ACCESS WRITE_DAC_ACCESS READ_CONTROL_ACCESS SID: S-1-5-21-3234543381-3221305018-1482225196-1002 ACE type: ACCESS ALLOWED (0) flags: 0x00 Specific bits: 0x0 Permissions: 0x0: SID: S-1-5-21-3234543381-3221305018-1482225196-513 ACE type: ACCESS ALLOWED (0) flags: 0x00 Specific bits: 0x0 Permissions: 0x0: SID: S-1-1-0 Owner SID:S-1-5-21-3234543381-3221305018-1482225196-1002 Group SID:S-1-5-21-3234543381-3221305018-1482225196-513 If i connect to samba using kerberos, i can not get the permissions of the file. (principal: heinz_...@gvcc.net) smbclient //probe24.bahnhof.gvcc.net/samba -k -c showacls ;dir tmp/x.txt -d 0 Domain=[GVCC.NET] OS=[Unix] Server=[Samba 3.5.0rc2] FILENAME:x.txt MODE:A SIZE:15 MTIME:Thu Feb 11 07:38:19 2010 display_finfo() Failed to open \tmp\x.txt: NT_STATUS_ACCESS_DENIED if i change the permissions to 770 then i can see the permissions of the file also with kerberos: # chmod 770 x.txt # ls -l x.txt -rwxrwx--- 1 heinz_sgv domusers 15 2010-02-11 07:38 x.txt # smbclient //probe24.bahnhof.gvcc.net/samba -k -c showacls ;dir tmp/x.txt Domain=[GVCC.NET] OS=[Unix] Server=[Samba 3.5.0rc2] FILENAME:x.txt MODE:AS SIZE:15 MTIME:Thu Feb 11 07:38:19 2010 revision: 1 type: 0x9004: SEC_DESC_DACL_PRESENT SEC_DESC_DACL_PROTECTED SEC_DESC_SELF_RELATIVE DACL ACLNum ACEs:3revision:2 --- ACE type: ACCESS ALLOWED (0) flags: 0x00 Specific bits: 0x1ff Permissions: 0x1e01ff: SYNCHRONIZE_ACCESS WRITE_OWNER_ACCESS WRITE_DAC_ACCESS READ_CONTROL_ACCESS SID: S-1-5-21-3234543381-3221305018-1482225196-1002 ACE type: ACCESS ALLOWED (0) flags: 0x00 Specific bits: 0x1ff Permissions: 0x1e01ff: SYNCHRONIZE_ACCESS WRITE_OWNER_ACCESS WRITE_DAC_ACCESS READ_CONTROL_ACCESS SID: S-1-5-21-3234543381-3221305018-1482225196-513 ACE type: ACCESS ALLOWED (0) flags: 0x00 Specific bits: 0x0 Permissions: 0x0: SID: S-1-1-0 Owner SID:S-1-5-21-3234543381-3221305018-1482225196-1002 Group SID:S-1-5-21-3234543381-3221305018-1482225196-513 Thank you, heinz my smb.conf: [global] workgroup = GVCC.NET # Kerberos realm = GVCC.NET password server = probe24.bahnhof.gvcc.net kerberos method = system keytab client use spnego = yes use spnego = yes # pdc settings domain logons = yes domain master = yes local master = yes preferred master = yes os level = 65 log level = 3 ### ldapsam:editposix passdb backend = ldapsam:ldap://localhost/ ldapsam:trusted = yes ldapsam:editposix = yes ldap admin dn = cn=admin,dc=gvcc,dc=net ldap user suffix = ou=users ldap group suffix = ou=groups ldap idmap suffix = ou=idmap ldap machine suffix = ou=computers ldap passwd sync = Yes ldap suffix = dc=gvcc,dc=net ldap ssl = no idmap backend = ldap:ldap://localhost/ idmap uid = 100-199 idmap gid = 100-199 idmap alloc backend = ldap idmap alloc config : ldap_url = ldap://localhost/ idmap alloc config : ldap_base_dn = ou=idmap,dc=gvcc,dc=net idmap alloc config : ldap_user_dn = cn=admin,dc=gvcc,dc=net logon path = logon home = \\%N\%U logon drive = k: guest ok = No read only = No case sensitive = no default case = lower preserve case = yes short preserve case = yes create mode = 0660 force create mode = directory mask = 0770 force directory mode = 2000 unix charset = utf8 display charset = utf8 [samba] path=/samba readonly=no guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ads_sasl_spnego_krb5_bind failed: Program lacks support for encryption type [SEC=UNCLASSIFIED]
Hi all, According to this bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977 This particular error is actually a bug in the samba code. Does anyone know if there are patches that fix this ? Adding allow_weak_crypto = true to /etc/krb5.conf does not solve this for me :( Has anyone got a working solution for this ? -Alex IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914. If you have received this email in error, you are requested to contact the sender and delete the email. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] some clients cannot login
I have a problem that's happening randomly in my network. Starting a couple of weeks ago, some clients (All of my clients are running Windows XP)on my network cannot login to their sessions and windows brings out an error saying that the domain controller is not available or is blocked. I don't understand why this is happening, seeing that other clients can perfectly log in their computers in domain sessions. In the same server I have a dns(bind9) with a dynamic zone that is automatically updated by the dhcp. Does anyone have any experience on this? Can anyone help me solve this? this is the output of testparm: Processing section [homes] Processing section [netlogon] Processing section [Profiles] Processing section [printers] Processing section [print$] Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions [global] workgroup = OC.QUIMEFA.CU netbios name = PDC interfaces = 127.0.0.0/8, eth2 bind interfaces only = Yes passdb backend = ldapsam:ldap://localhost passwd program = /usr/sbin/smbldap-passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 server signing = auto socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = cups add user script = /usr/sbin/smbldap-useradd -m '%u' delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w '%u' logon path = logon home = domain logons = Yes os level = 35 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=admin,dc=oc,dc=quimefa,dc=cu ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = yes ldap suffix = dc=oc,dc=quimefa,dc=cu ldap ssl = no ldap user suffix = ou=Users panic action = /usr/share/samba/panic-action %d [homes] comment = Home Directories valid users = %S read only = No browseable = No [netlogon] comment = Network Logon Service path = /home/samba/netlogon admin users = root write list = @Domain Admins create mask = 0755 guest ok = Yes browseable = No [Profiles] comment = Roaming Profile Share path = /home/samba/profiles read only = No profile acls = Yes browseable = No [printers] comment = All Printers path = /var/spool/samba admin users = root write list = root read only = No create mask = 0600 guest ok = Yes printable = Yes use client driver = Yes browseable = No [print$] comment = Printer Drivers Share path = /var/lib/samba/printers admin users = root write list = root create mask = 0664 directory mask = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WinVista consider soft limit as hard limit
Hi, We are using samba-3.0.28a on linux-2-6-18 with which WinVista, as CIFS client, see the soft limit as hard limit and doesn't allow data transfer. Is there a fix already available for this? If not, could you pls gimme some pointers to fix this issue? Thanks, Senthil M Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] intermittent authentication: check_ntlm_password: Authentication for user [someuser] - [someuser] FAILED with error NT_STATUS_ACCESS_DENIED
OS: Ubuntu 8.04.3 LTS Kernel: 2.6.24-23-server x86_64 Samba: 3.0.28a-1ubuntu4.9 We are having intermittent authentication issues with some windows clients connecting to our samba server. Sometimes it works fine, sometimes it fails miserably and continually. I'm not sure how to reproduce the issue everytime but it does happen every single day. Looking for some help. testparm -v: [global] dos charset = CP850 unix charset = UTF-8 display charset = LOCALE workgroup = SOMEDOMAIN realm = SOMEDOMAIN.COM netbios name = SAMBASERVER netbios aliases = SMB netbios scope = server string = FileServer interfaces = eth0 bind interfaces only = No security = ADS auth methods = encrypt passwords = Yes update encrypted = No client schannel = Auto server schannel = Auto allow trusted domains = Yes map to guest = Never null passwords = No obey pam restrictions = Yes password server = DC1, DC2, * smb passwd file = /etc/samba/smbpasswd private dir = /etc/samba passdb backend = smbpasswd algorithmic rid base = 1000 root directory = guest account = nobody enable privileges = Yes pam password change = No passwd program = passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No passwd chat timeout = 2 check password script = username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = 1 lanman auth = Yes ntlm auth = Yes client NTLMv2 auth = No client lanman auth = Yes client plaintext auth = Yes preload modules = use kerberos keytab = No log level = 0 syslog = 1 syslog only = No log file = /var/log/samba/%m.log max log size = 5000 debug timestamp = Yes debug prefix timestamp = No debug hires timestamp = No debug pid = No debug uid = No enable core files = Yes smb ports = 445 139 large readwrite = Yes max protocol = NT1 min protocol = CORE read bmpx = No read raw = Yes write raw = Yes disable netbios = No reset on zero vc = No acl compatibility = auto defer sharing violations = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts wins host bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = No use spnego = Yes client signing = auto server signing = No client use spnego = Yes enable asu support = No svcctl list = deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 30 max smbd processes = 0 paranoid server security = Yes max disk size = 0 max open files = 1 open files database hash size = 10007 socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 use mmap = Yes hostname lookups = No name cache timeout = 660 load printers = Yes printcap cache time = 750 printcap name = cups cups server = iprint server = disable spoolss = No addport command = enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = mangling method = hash2 mangle prefix = 1 max stat cache size = 1024 stat cache = Yes machine password timeout = 604800 add user script = rename user script = delete user script = add group script = delete group script = add user to group script = delete user from group script = set primary group script = add machine script = shutdown script = abort shutdown script = username map script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = No os level = 20 lm announce = Auto lm interval = 60 preferred master = No local master = No domain master = No browse list = Yes enhanced browsing = Yes dns proxy = Yes wins proxy = No wins server = a.b.c.d wins support = No wins hook = kernel oplocks = Yes lock spin time = 200 oplock break wait time = 0 ldap admin dn = ldap delete dn = No ldap group suffix = ldap idmap suffix = ldap machine suffix = ldap passwd sync = no ldap replication sleep = 1000 ldap suffix = ldap ssl = no ldap timeout = 15 ldap page size = 1024 ldap user suffix = ldap debug level = 0 ldap debug threshold = 10 add share command = change share command = delete share command = eventlog list = config file = preload = lock directory = pid directory = /var/run/samba utmp directory = wtmp directory = utmp = No default service = message command = get quota command = set quota command = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = auto.home afs username map = afs token lifetime = 604800 log nt token command = time offset =
Re: [Samba] Fixed! [netlogon] section being ignored
Gaiseric Vandal wrote: Does it work if you specify a *.bat or *.cmd file?I haven't seen *.vbs files used as a logon script before. Once you logon to the PC, are you able to view the netlogon share and logon scripts? Are you trying to have a different logon script for each user? Variables in the script should still allow you to map each user's home directory appropriately. Alternately you could specify the logon script parameter for each user's account. To get Samba working right, I ended up downloading the 3.4 source and installing that. This isn't the first time I've had to do this on Ubuntu server versions. -- Mark Leisher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] issue with mapping BUILTIN on ADS member server
Hello list, Quick summary of the issue (repeated below after the details): Running 'wbinfo --user-info=markc' on either smb ads member server will return identical info. Running 'wbinfo --group-info=BUILTIN\\Users' returns different information on each server. I'd like to make mappings for BUILTIN consistent in case I ever use them. Background and details: I have a production environment with 2 ADS member servers that I'm planning to re-work, and I've found an oversight with how my setup maps items from BUILTIN. I hadn't been using anything from there so it isn't a big deal at the moment, but I'm trying to fix it and/or decide how to simplify my whole idmap setup. Here is some background info, let me know if you need something else: -Native-mode AD, all DCs on 2003R2 SP2 x64. -Two Ubuntu Server x64 8.04.03 LTS AD member servers running Samba 3.0.28a. (samba_3.0.28a-1ubuntu4.10_i386.deb). -I have a few directives that may be considered odd (map to guest, force create/dir) for my type of setup. This is because I'm still getting rid of some XP Home workstations that need guest shares. This was the only way I could get them to play nice (IIRC this was due to ADS mode rejecting the credentials before it realized it was a request for a guest share). Here is my current config: [global] server string = Dallas File Server workgroup = DOMAINNAME realm = DOMAINNAME.COM security = ADS password server = * #password server = dal-dc1.domainname.com #password server = dal-dc1.domainname.com, den-dc1.domainname.com # client schannel = Yes # server schannel = Yes username map = /etc/samba/smbusers obey pam restrictions = Yes enable privileges = Yes map to guest = Bad User # restrict anonymous = 2 allow trusted domains = No # lanman auth = No # ntlm auth = No # client NTLMv2 auth = Yes log level = 4 syslog = 0 # min protocol = NT1 # client signing = Yes # server signing = Yes load printers = No preferred master = No local master = No domain master = No dns proxy = No ldap ssl = no host msdfs = No idmap domains = DOMAINNAME idmap alloc backend = ldap template shell = /bin/false winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind refresh tickets = Yes idmap alloc config:range = 10 - 50 idmap alloc config:ldap_url = ldap://dal-dc1.domainname.com ldap://den-dc1.domainname.com idmap alloc config:ldap_user_dn = cn=idmapmgr,cn=users,dc=domainname,dc=com idmap config DOMAINNAME:range = 10 - 50 idmap config DOMAINNAME:ldap_url = ldap://dal-dc1.domainname.com ldap://den-dc1.domainname.com idmap config DOMAINNAME:ldap_user_dn = cn=idmapmgr,cn=users,dc=domainname,dc=com idmap config DOMAINNAME:ldap_base_dn = ou=idmap,dc=sambaidmap,dc=domainname,dc=com idmap config DOMAINNAME:backend = ldap idmap config DOMAINNAME:default = yes hosts allow = (redacted) map acl inherit = No hide special files = Yes map archive = No map readonly = No map system = No map hidden = No force create mode = 707 force directory mode = 707 ea support = No store dos attributes = No wide links = No follow symlinks = No dos filemode = No add share command=/etc/samba/command_cust.pl delete share command=/etc/samba/command_cust.pl change share command=/etc/samba/command_cust.pl The actual issue/question (as stated above): Running 'wbinfo --user-info=markc' on either smb ads member server will return identical info. Running 'wbinfo --group-info=BUILTIN\\Users' returns different information on each server. I'd like to make mappings for BUILTIN consistent in case I ever use them. I guess it is falling back to tdb since I can grep for relevant info and the tdb for group mapping matches. I've labbed my setup by setting up a third smb server in the same config, and a blank ad partition for mapping...so I can change things for testing there (and I have been). My browser has no fewer than 20 tabs up with various man pages, pdfs, and list posts on idmap but it isn't quite coming together for me on this one aspect that deals with BUILTIN. tia for any assistance you can provide. Thank you, Mark Casey -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2cf97c4... s4-dns: don't leave behind a tmp file via 1e1b081... s4-selftest: don't run rndc reload in selftest via 89b6a80... s4-dns: added a dns update task via 6bfb216... s4-provision: cope with umask in creating private/dns via ae95d61... util: added file_compare() utility function via d6fb64c... libreplace: added replacements for dprintf() and vdprintf() via c986bfb... s4-provision: pre-create a named.conf.update file via 5a72eca... s4-provision: move zone file to dns subdirectory from 5a2ff4d... s4:provision Be more polite to long-suffering Samba testers. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2cf97c403f73946693bb147daa6a618af6fdb526 Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 20:49:29 2010 +1100 s4-dns: don't leave behind a tmp file If the dns update file doesn't need updating we need to delete the tmp file commit 1e1b081189a7dafa0717e3e3deb4a46e079b146e Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 20:48:47 2010 +1100 s4-selftest: don't run rndc reload in selftest We don't want rndc calls on the build farm commit 89b6a80e7261422011e92d8ef1bc7ef2f2fd06af Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 20:21:15 2010 +1100 s4-dns: added a dns update task This task watches for changes in the list of DCs, and creates a bind9 formatted file that grants update permission to all DCs, plus to the administration, and machines update for their own names. Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit 6bfb216293e7416e1164766d6f96c769d76fca8d Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 20:20:11 2010 +1100 s4-provision: cope with umask in creating private/dns commit ae95d611b6e0754f130707f23fa6ae0997c40b66 Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 20:19:40 2010 +1100 util: added file_compare() utility function file_compare() returns true if two files are the same. It is meant for small files. Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit d6fb64c51244529388b1f79ba8220ff608e1e4de Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 20:18:50 2010 +1100 libreplace: added replacements for dprintf() and vdprintf() these are very useful for writing files with formatted writes Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit c986bfb22ec6ee1bda8a7c4053770831f582cbb3 Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 15:25:13 2010 +1100 s4-provision: pre-create a named.conf.update file The named.conf.update file will be filled in at runtime by Samba to contain the list of bind9 grant rules for granting DNS dynamic update permissions on the domain. commit 5a72eca574f2cb330a0d62936ca901b8ebee4194 Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 13:17:09 2010 +1100 s4-provision: move zone file to dns subdirectory This allows the permissions to be correctly set for bind to write to a journal file. It also sets the right group ownership and permissions on the files that bind needs to access. Pair-Programmed-With: Andrew Bartlett abart...@samba.org --- Summary of changes: lib/replace/libreplace.m4 |2 +- lib/replace/replace.c | 31 lib/util/util.h |5 + lib/util/util_file.c| 22 +++ selftest/target/Samba4.pm |4 +- source4/dsdb/config.mk | 13 ++ source4/dsdb/dns/dns_update.c | 224 +++ source4/param/loadparm.c|2 +- source4/scripting/python/samba/provision.py | 70 +++-- source4/setup/named.conf| 43 +- source4/setup/named.conf.update |4 + source4/smbd/server.c |1 + 12 files changed, 369 insertions(+), 52 deletions(-) create mode 100644 source4/dsdb/dns/dns_update.c create mode 100644 source4/setup/named.conf.update Changeset truncated at 500 lines: diff --git a/lib/replace/libreplace.m4 b/lib/replace/libreplace.m4 index 1353c1f..7a26deb 100644 --- a/lib/replace/libreplace.m4 +++ b/lib/replace/libreplace.m4 @@ -108,7 +108,7 @@ AC_CHECK_HEADERS(unix.h) AC_CHECK_FUNCS(seteuid setresuid setegid setresgid chroot bzero strerror) AC_CHECK_FUNCS(vsyslog setlinebuf mktime ftruncate chsize rename) AC_CHECK_FUNCS(waitpid wait4 strlcpy strlcat initgroups memmove strdup) -AC_CHECK_FUNCS(pread pwrite strndup strcasestr strtok_r mkdtemp dup2) +AC_CHECK_FUNCS(pread pwrite strndup strcasestr strtok_r mkdtemp dup2 dprintf vdprintf)
[SCM] Samba Shared Repository - branch v3-4-test updated
The branch, v3-4-test has been updated via 8ac6085... Fix bug #7122 - Reading a large browselist fails (server returns invalid values in subsequent SMBtrans replies) via 026f058... Fix off-by-one error in working out the limit of the NetServerEnum comment. via 8142883... s3:smbd: use StrCaseCmp() instead of strcasecmp via 4e419df... s3:smbd: Fix really ugly bool vs. int bug!!! via 86eae5b... s3:libsmb: fix NetServerEnum3 rap calls. via f37f187... s3:smbd: implement api_RNetServerEnum3 via 2614ed6... util: added binsearch.h for binary array searches via f8f6bef... s3:smbd: add/improve some DEBUG messages in api_RNetServerEnum2() via 0b6d850... s3:smbd: rename api_RNetServerEnum = api_RNetServerEnum2 from 832fed7... Missed one check on the memcpy for bug #7063. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 8ac6085a2c7382e544888e632ff62c30f7e7a884 Author: Jeremy Allison j...@samba.org Date: Tue Feb 9 15:14:38 2010 -0800 Fix bug #7122 - Reading a large browselist fails (server returns invalid values in subsequent SMBtrans replies) There are two problems: 1). The server is off-by-one in the end of buffer space test. 2). The server returns 0 in the totaldata (smb_vwv1) and totalparams (smb_vwv0) fields in the second and subsequent SMBtrans replies. This patch fixes both. Jeremy. (cherry picked from commit 8ddc977c1421a47bedba8d5494f7ae67692b772a) Signed-off-by: Stefan Metzmacher me...@samba.org commit 026f05839b6dbdeb5be3953930a28f7650c1e1da Author: Jeremy Allison j...@samba.org Date: Tue Feb 9 12:17:08 2010 -0800 Fix off-by-one error in working out the limit of the NetServerEnum comment. Jeremy. (cherry picked from commit 9ad6f432f3f5844b4b419e7cbaf3c3e70b052d29) Signed-off-by: Stefan Metzmacher me...@samba.org commit 8142883b40819b5cb92ea671bb6c89bff68d3680 Author: Stefan Metzmacher me...@samba.org Date: Tue Feb 9 18:58:36 2010 +0100 s3:smbd: use StrCaseCmp() instead of strcasecmp metze (cherry picked from commit bc8242a08e1bb9489cc8171b1ec02bd2518b1857) commit 4e419df9154c329b3376ab00d6bb55093fbfe71a Author: Stefan Metzmacher me...@samba.org Date: Tue Feb 9 18:54:41 2010 +0100 s3:smbd: Fix really ugly bool vs. int bug!!! A comparison function for qsort needs to return an 'int'! Otherwise you'll get random results depending on the compiler and the architecture... metze (cherry picked from commit 1686a5e7e7eb1b411b003cbbde5c0d28741c6d02) commit 86eae5b4862735309313e1800be44dab2641b393 Author: Stefan Metzmacher me...@samba.org Date: Mon Feb 8 18:38:03 2010 +0100 s3:libsmb: fix NetServerEnum3 rap calls. metze (cherry picked from commit 9b5198dd443a00fdad4faa1f9cdabedd81012d93) commit f37f187070934e1046ce05d298d92ede7e6f7030 Author: Stefan Metzmacher me...@samba.org Date: Mon Feb 8 19:07:45 2010 +0100 s3:smbd: implement api_RNetServerEnum3 This is needed to support large browse lists. metze (cherry picked from commit 30eec0656c926d3d85a438dc28f17649b53318f8) commit 2614ed62c8ca281d95151913ed591a86409e0566 Author: Andrew Tridgell tri...@samba.org Date: Thu Dec 10 14:35:24 2009 +1100 util: added binsearch.h for binary array searches This was moved from the schema_query code. It will now be used in more than one place, so best to make it a library macro. I think there are quite a few places that could benefit from this. (cherry picked from commit 71943e8858943718affb6a3c0ded2127f07057f0) Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 448b8f35d7a7cff73d35304673302178f593c9d0) Signed-off-by: Stefan Metzmacher me...@samba.org commit f8f6beff57fd58b69648633f5b1c15289015f96b Author: Stefan Metzmacher me...@samba.org Date: Mon Feb 8 18:45:18 2010 +0100 s3:smbd: add/improve some DEBUG messages in api_RNetServerEnum2() metze (cherry picked from commit 495ac4616654c9e62e14031b7439aff21e42ec91) commit 0b6d850a553c0a558d579ab5e46f49794a015e34 Author: Stefan Metzmacher me...@samba.org Date: Fri Feb 5 16:55:15 2010 +0100 s3:smbd: rename api_RNetServerEnum = api_RNetServerEnum2 metze (cherry picked from commit dc58672c6588a1715698721153b35ed2d594bc67) --- Summary of changes: lib/util/binsearch.h| 68 ++ source3/libsmb/clirap.c | 26 - source3/smbd/ipc.c |3 + source3/smbd/lanman.c | 234 -- 4 files changed, 314 insertions(+), 17 deletions(-) create mode 100644 lib/util/binsearch.h Changeset truncated at 500 lines: diff --git a/lib/util/binsearch.h b/lib/util/binsearch.h new file
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a4d0563... provision: Use short name for assignee of ACE (BA, SA, CO, ...) via bcba41c... python-s4: use secrets.ldb instead of sam.ldb for reading domain SID via d1c2923... provision: Fix an error with eadb when using not default install dir and running as a non root user from 2cf97c4... s4-dns: don't leave behind a tmp file http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a4d056339235d436dfdbf82e14975151ee1bc7c3 Author: Matthieu Patou m...@matws.net Date: Wed Jan 27 02:03:15 2010 +0300 provision: Use short name for assignee of ACE (BA, SA, CO, ...) Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible) of sysvol files (GPO objects and netlogon folders). This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the from_sddl function. Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de commit bcba41c351bc78d739fb174338d8c71148053b5d Author: Matthieu Patou m...@matws.net Date: Wed Jan 27 01:32:29 2010 +0300 python-s4: use secrets.ldb instead of sam.ldb for reading domain SID This allow to be able to run net acl set xxx yyy on DC, but also on domain member. Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de commit d1c29231511376f4379909401f723b1ea9c538ea Author: Matthieu Patou m...@matws.net Date: Mon Feb 8 15:36:07 2010 +0300 provision: Fix an error with eadb when using not default install dir and running as a non root user Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de --- Summary of changes: source4/scripting/python/samba/netcmd/ntacl.py |4 ++-- source4/scripting/python/samba/provision.py| 20 +++- 2 files changed, 13 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/scripting/python/samba/netcmd/ntacl.py b/source4/scripting/python/samba/netcmd/ntacl.py index a96593e..8c0803f 100644 --- a/source4/scripting/python/samba/netcmd/ntacl.py +++ b/source4/scripting/python/samba/netcmd/ntacl.py @@ -61,7 +61,7 @@ class cmd_acl_set(Command): credopts=None, sambaopts=None, versionopts=None): lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) - path = os.path.join(lp.get(private dir), lp.get(sam database) or samdb.ldb) + path = os.path.join(lp.get(private dir), lp.get(secrets database) or secrets.ldb) creds = credopts.get_credentials(lp) creds.set_kerberos_state(DONT_USE_KERBEROS) try: @@ -71,7 +71,7 @@ class cmd_acl_set(Command): sys.exit(1) attrs = [objectSid] print lp.get(realm) - res = ldb.search(expression=(objectClass=*),base=DC=%s%lp.get(realm).lower().replace(.,,DC=), scope=SCOPE_BASE, attrs=attrs) + res = ldb.search(expression=(objectClass=*),base=flatname=%s,cn=Primary Domains%lp.get(workgroup), scope=SCOPE_BASE, attrs=attrs) if len(res) !=0: domainsid = ndr_unpack( security.dom_sid,res[0][objectSid][0]) setntacl(lp,file,acl,str(domainsid),xattr_backend,eadb_file) diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 86f1d9c..f52766b 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -465,7 +465,11 @@ def make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole, if os.path.exists(smbconf): default_lp.load(smbconf) if eadb: -posixeadb_line = posix:eadb = + os.path.abspath(os.path.join(os.path.join(targetdir, private),eadb.tdb)) +if targetdir is not None: +privdir = os.path.join(targetdir, private) +else: +privdir = default_lp.get(private dir) +posixeadb_line = posix:eadb = + os.path.abspath(os.path.join(privdir,eadb.tdb)) else: posixeadb_line = @@ -1061,8 +1065,8 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, FILL_FULL = FULL FILL_NT4SYNC = NT4SYNC FILL_DRS = DRS -SYSVOL_ACL = O:${DOMAINSID}-500G:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;S-1-5-32-549)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU) -POLICIES_ACL = O:${DOMAINSID}-500G:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;S-1-5-32-549)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001301bf;;;${DOMAINSID}-520) +SYSVOL_ACL =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f78a534... s4-net-drs: fix some coding style issues via 976201d... s4/net_drs: 'net drs kcc' command implementation via fedc115... s4/net_drs: 'net drs bind' command implementation via 61246da... s4/net_drs: 'net drs' utility initial creation via 0a05af9... s4/idl: regenerating drsuapi.idl via 7dde20a... s4/idl: Naming reserved flags for DRSUAPI_SUPPORTED_EXTENSION_ field from a4d0563... provision: Use short name for assignee of ACE (BA, SA, CO, ...) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f78a534dd20d0afa0a63abf693add4286c0e3f37 Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 21:28:48 2010 +1100 s4-net-drs: fix some coding style issues We should use the system/*.h headers for system includes. We also try to avoid C++ comments. Signed-off-by: Andrew Tridgell tri...@samba.org commit 976201d24a7c0734ef99c72e476a6caab97e21de Author: Kamen Mazdrashki kamen.mazdras...@postpath.com Date: Sat Feb 6 03:13:33 2010 +0200 s4/net_drs: 'net drs kcc' command implementation Signed-off-by: Andrew Tridgell tri...@samba.org commit fedc1152b5cead39cb0ce085c2a1f66ceed0b726 Author: Kamen Mazdrashki kamen.mazdras...@postpath.com Date: Fri Feb 5 22:36:36 2010 +0200 s4/net_drs: 'net drs bind' command implementation Signed-off-by: Andrew Tridgell tri...@samba.org commit 61246da63cb280b6b3e277583b84c2dfacb6be68 Author: Kamen Mazdrashki kamen.mazdras...@postpath.com Date: Fri Feb 5 22:36:10 2010 +0200 s4/net_drs: 'net drs' utility initial creation Signed-off-by: Andrew Tridgell tri...@samba.org commit 0a05af92778666e869dfd41d20b24b46d069e3ec Author: Kamen Mazdrashki kamen.mazdras...@postpath.com Date: Fri Feb 5 22:37:54 2010 +0200 s4/idl: regenerating drsuapi.idl Signed-off-by: Andrew Tridgell tri...@samba.org commit 7dde20ae4545df8cebb692ec5ee22ec973239d0c Author: Kamen Mazdrashki kamen.mazdras...@postpath.com Date: Fri Feb 5 22:37:27 2010 +0200 s4/idl: Naming reserved flags for DRSUAPI_SUPPORTED_EXTENSION_ field Signed-off-by: Andrew Tridgell tri...@samba.org --- Summary of changes: .gitignore |1 + librpc/gen_ndr/drsuapi.h |4 +- librpc/gen_ndr/ndr_drsuapi.c |4 +- librpc/idl/drsuapi.idl |4 +- source4/utils/net/config.mk | 24 +++- source4/utils/net/drs/net_drs.c | 300 ++ source4/utils/net/drs/net_drs.h | 56 +++ source4/utils/net/drs/net_drs_bind.c | 136 +++ source4/utils/net/drs/net_drs_kcc.c | 171 +++ source4/utils/net/net.c |2 + 10 files changed, 695 insertions(+), 7 deletions(-) create mode 100644 source4/utils/net/drs/net_drs.c create mode 100644 source4/utils/net/drs/net_drs.h create mode 100644 source4/utils/net/drs/net_drs_bind.c create mode 100644 source4/utils/net/drs/net_drs_kcc.c Changeset truncated at 500 lines: diff --git a/.gitignore b/.gitignore index 4ffeb20..4ed80ae 100644 --- a/.gitignore +++ b/.gitignore @@ -309,6 +309,7 @@ source4/torture.tdb source4/torture/unix/proto.h source4/torture/winbind/proto.h source4/utils/net/net_proto.h +source4/utils/net/drs/net_drs_proto.h source4/version.h source4/web_server/proto.h source4/winbind/idmap_proto.h diff --git a/librpc/gen_ndr/drsuapi.h b/librpc/gen_ndr/drsuapi.h index 4717753..6e37a94 100644 --- a/librpc/gen_ndr/drsuapi.h +++ b/librpc/gen_ndr/drsuapi.h @@ -88,8 +88,8 @@ #define DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT ( 0x0800 ) #define DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS ( 0x1000 ) #define DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10 ( 0x2000 ) -#define DRSUAPI_SUPPORTED_EXTENSION_4000 ( 0x4000 ) -#define DRSUAPI_SUPPORTED_EXTENSION_8000 ( 0x8000 ) +#define DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART2 ( 0x4000 ) +#define DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART3 ( 0x8000 ) /* bitmap drsuapi_SupportedExtensionsExt */ #define DRSUAPI_SUPPORTED_EXTENSION_ADAM ( 0x0001 ) diff --git a/librpc/gen_ndr/ndr_drsuapi.c b/librpc/gen_ndr/ndr_drsuapi.c index 9cf2f80..38e7206 100644 --- a/librpc/gen_ndr/ndr_drsuapi.c +++ b/librpc/gen_ndr/ndr_drsuapi.c @@ -116,8 +116,8 @@ _PUBLIC_ void ndr_print_drsuapi_SupportedExtensions(struct ndr_print *ndr, const ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT, DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS, DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10,
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 2311601... s3: change ldap filter to what really was intended (cherry picked from commit 9b75650f1a963e36a6dd697b5ad2725a8c7c9250) from 085bd69... WHATSNEW: Update changes since 3.5.0rc2. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 23116018779938f931394a022893f2a46654a697 Author: Björn Jacke b...@sernet.de Date: Wed Feb 10 13:48:11 2010 +0100 s3: change ldap filter to what really was intended (cherry picked from commit 9b75650f1a963e36a6dd697b5ad2725a8c7c9250) Signed-off-by: Stefan Metzmacher me...@samba.org Part of a fix for bug #7116. --- Summary of changes: source3/passdb/pdb_ldap.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index ad60228..ab041fe 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -3833,7 +3833,7 @@ static NTSTATUS ldapsam_alias_memberships(struct pdb_methods *methods, } filter = talloc_asprintf(mem_ctx, -((|(objectclass=%s)(sambaGroupType=%d))(|, +((objectclass=%s)(sambaGroupType=%d)(|, LDAP_OBJ_GROUPMAP, type); for (i=0; inum_members; i++) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated
The branch, v3-4-test has been updated via 5b5df3d... s3:passdb: only use gid_to_sid() result if the result is a group of our local sam via 0b2dd73... s3:pdb_ldap: don't search for the users primary group, if we already know it via 8f1c7c1... s3:pdb_ldap: optimize ldapsam_alias_memberships() and cache ldap searches. via a2ff5f0... s3:pdb_ldap: try to build the full unix_pw structure with ldapsam:trusted support via 5d97d57... s3:passdb: speed up pdb_get_group_sid() via 66b472f... s3: Make pdb_copy_sam_account also copy the group sid via 4790877... s3: shortcut gid_to_sid when ldapsam:trusted = yes via c48405e... s3:is_trusted_domain: shortcut if domain name == global_sam_name via 85d8565... s3:is_trusted_domain: shortcut if domain name is NULL or empty via 91e40df... s3: shortcut uid_to_sid when ldapsam:trusted = yes via 05f23a8... s3:smbd: also fill the memcache with sid-id mappings in ldapsam_sid_to_id() via c7220ff... s3:smbd: make idmap cache persistent for ldapsam:trusted. via cc529f4... Fix large paged search via 4e66860... =?utf-8?q?=D1=953:ldap:=20search=20for=20account=20policies=20in=20objectclass=20sambaDomain,=20not=20* via 0b7d7e7... s3:ldap: don't search when no values where found (cherry picked from commit 70063522065ab3e5a21fb11db0097b808aa11100) from 8ac6085... Fix bug #7122 - Reading a large browselist fails (server returns invalid values in subsequent SMBtrans replies) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit 5b5df3d1223d15d4fde9a2a2db83c60aaa266ca4 Author: Stefan Metzmacher me...@samba.org Date: Tue Feb 9 12:57:01 2010 +0100 s3:passdb: only use gid_to_sid() result if the result is a group of our local sam Otherwise retry with pdb_gid_to_sid(). metze (cherry picked from commit 4dc2be2264926fe415e4e40e212f94793c9831d1) Last seven patches address bug #7116 (pdb_ldap performance fixes). (cherry picked from commit 8946a47fcebe57f459c59ee2cb163e15901ff996) Signed-off-by: Stefan Metzmacher me...@samba.org commit 0b2dd730a52ae9dbd622c50fb70492398f6503d9 Author: Stefan Metzmacher me...@samba.org Date: Fri Feb 5 16:20:21 2010 +0100 s3:pdb_ldap: don't search for the users primary group, if we already know it metze (cherry picked from commit 6753fb1cf6a834b12b2a9dce3b1a9555390c17be) (cherry picked from commit da7cb9feacc7cb84499c73ef463d187a7b2754e8) Signed-off-by: Stefan Metzmacher me...@samba.org commit 8f1c7c117b3bca058024daa34f777efa5ece88f8 Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 3 11:32:41 2010 +0100 s3:pdb_ldap: optimize ldapsam_alias_memberships() and cache ldap searches. ldapsam_alias_memberships() does the same LDAP search twice, triggered via add_aliases() from create_local_nt_token(). This happens when no domain aliases are used. metze (cherry picked from commit 49ace81e19de231825216cbf07c7422687131bb6) (cherry picked from commit cb31c1df92b195b3fb80b6e21bfba83b8cd867fd) Signed-off-by: Stefan Metzmacher me...@samba.org commit a2ff5f0dd08c40fdbea8cb11e1b18d996a4d8c39 Author: Stefan Metzmacher me...@samba.org Date: Thu Feb 4 17:19:57 2010 +0100 s3:pdb_ldap: try to build the full unix_pw structure with ldapsam:trusted support And also store the gid_to_sid mappings in the idmap_cache. metze (cherry picked from commit 25038fa85ff69962ca0975f31802218a897aa1ec) (cherry picked from commit 66a48d2226d245c373b744c7edea60b3daa57f0f) Signed-off-by: Stefan Metzmacher me...@samba.org commit 5d97d5703dcf62f2c610316b2ba47483652368b3 Author: Stefan Metzmacher me...@samba.org Date: Thu Feb 4 17:16:59 2010 +0100 s3:passdb: speed up pdb_get_group_sid() Use the cached version gid_to_sid() instead of pdb_gid_to_sid(). And also avoid the expensive lookup_sid() call for wellkown domain groups. metze (cherry picked from commit e10d0869567436902c8b8cfb50f8c64148d554cb) (cherry picked from commit b0c8ff971934ef8aa21abece8693807e0a2ca722) Signed-off-by: Stefan Metzmacher me...@samba.org commit 66b472fdd6e0abe4db04b0666d56ec700a0e Author: Volker Lendecke v...@samba.org Date: Sun Jan 31 15:18:51 2010 +0100 s3: Make pdb_copy_sam_account also copy the group sid Signed-off-by: Stefan Metzmacher me...@samba.org (cherry picked from commit b99046fed1bf4a908ed856afb17c3c934c6d305d) (cherry picked from commit a1862c23346959cd0aa77653bf488e0686d14376) Signed-off-by: Stefan Metzmacher me...@samba.org commit 479087716f50e8a1961163750b1d651dcd23dfc2 Author: Stefan Metzmacher me...@samba.org Date: Sat Jan 30 22:28:19 2010 +0100 s3: shortcut gid_to_sid when ldapsam:trusted = yes The
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7bd7194... s4-drs: Add DRSUAPI_DRS_NONGC_RO_REP bit to DRS_OPTIONS from f78a534... s4-net-drs: fix some coding style issues http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7bd7194c2b319d260ef1d98f138b9dfcf59db8a7 Author: Fernando J V da Silva fernandojvsi...@yahoo.com.br Date: Fri Feb 5 16:33:03 2010 -0200 s4-drs: Add DRSUAPI_DRS_NONGC_RO_REP bit to DRS_OPTIONS Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de --- Summary of changes: librpc/idl/drsuapi.idl |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl index dd621c1..00aa7bb 100644 --- a/librpc/idl/drsuapi.idl +++ b/librpc/idl/drsuapi.idl @@ -34,6 +34,7 @@ interface drsuapi DRSUAPI_DRS_GET_ANC = 0x0800, DRSUAPI_DRS_GET_NC_SIZE = 0x1000, DRSUAPI_DRS_LOCAL_ONLY= 0x1000, + DRSUAPI_DRS_NONGC_RO_REP = 0x2000, DRSUAPI_DRS_SYNC_BYNAME = 0x4000, DRSUAPI_DRS_REF_OK= 0x4000, DRSUAPI_DRS_FULL_SYNC_NOW = 0x8000, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 5456e5e... s3:docs-xml: document nmbd bind explicit broadcast via 431a78a... s3:nmbd: change nmbd:bind explicit broadcast into nmbd bind explicit broadcast via fe629db... s3:nmbd: also listen explicit on the subnet broadcast addresses from 2311601... s3: change ldap filter to what really was intended (cherry picked from commit 9b75650f1a963e36a6dd697b5ad2725a8c7c9250) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 5456e5e460041256cfa886eb8bab380c59c25b19 Author: Stefan Metzmacher me...@samba.org Date: Mon Feb 8 12:59:13 2010 +0100 s3:docs-xml: document nmbd bind explicit broadcast metze (cherry picked from commit 9887751f6fa6f7e4fd5c79c637e0576405000c01) The last 3 fixes address bug #7118 (nmbd problems with socket address). commit 431a78a2f823b415d9fb2b207448e33e6ba12138 Author: Stefan Metzmacher me...@samba.org Date: Mon Feb 8 12:51:29 2010 +0100 s3:nmbd: change nmbd:bind explicit broadcast into nmbd bind explicit broadcast metze (cherry picked from commit 0140bc389d56511c3255720856bdb64803ba8930) commit fe629dbf1aab33f6e75c14b916684c9adeca017f Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 28 11:04:05 2010 +0100 s3:nmbd: also listen explicit on the subnet broadcast addresses And send replies always via the unicast address of the subnet. This behavior is off by default (as before) and can be enabled with nmbd:bind explicit broadcast = yes. metze (cherry picked from commit 30a1bc365071befd07e68e24ca4fa3843159ab13) --- Summary of changes: .../smbdotconf/misc/nmbdbindexplicitbroadcast.xml | 16 ++ source3/include/nameserv.h |5 +- source3/include/proto.h|1 + source3/libsmb/namequery.c |6 +- source3/libsmb/nmblib.c|9 +- source3/nmbd/nmbd.c|5 +- source3/nmbd/nmbd_packets.c| 189 +--- source3/nmbd/nmbd_subnetdb.c | 123 - source3/param/loadparm.c | 11 ++ 9 files changed, 250 insertions(+), 115 deletions(-) create mode 100644 docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml b/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml new file mode 100644 index 000..f328594 --- /dev/null +++ b/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml @@ -0,0 +1,16 @@ +samba:parameter name=nmbd bind explicit broadcast +context=G +advanced=1 developer=1 +type=boolean +xmlns:samba=http://www.samba.org/samba/DTD/samba-doc; +description + para + This option allows you to setup citerefentryrefentrytitlenmbd/refentrytitle + manvolnum8/manvolnum/citerefentry to explicit bind to the + broadcast address of the local subnets. This is only useful in + combination with the smbconfoption name=socket address/ option. + /para +/description + +value type=defaultno/value +/samba:parameter diff --git a/source3/include/nameserv.h b/source3/include/nameserv.h index 496d87e..53ffd6f 100644 --- a/source3/include/nameserv.h +++ b/source3/include/nameserv.h @@ -434,7 +434,9 @@ struct subnet_record { struct in_addr mask_ip; struct in_addr myip; int nmb_sock; /* socket to listen for unicast 137. */ + int nmb_bcast; /* socket to listen for broadcast 137. */ int dgram_sock; /* socket to listen for unicast 138. */ + int dgram_bcast;/* socket to listen for broadcast 138. */ }; /* A resource record. */ @@ -530,7 +532,8 @@ struct packet_struct bool locked; struct in_addr ip; int port; - int fd; + int recv_fd; + int send_fd; time_t timestamp; enum packet_type packet_type; union { diff --git a/source3/include/proto.h b/source3/include/proto.h index 37e6eb9..6d16dc2 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3947,6 +3947,7 @@ const char *lp_logon_drive(void); const char *lp_logon_home(void); char *lp_remote_announce(void); char *lp_remote_browse_sync(void); +bool lp_nmbd_bind_explicit_broadcast(void); const char **lp_wins_server_list(void); const char **lp_interfaces(void); const char *lp_socket_address(void); diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 930f0a5..858330d 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -289,7 +289,8 @@ NODE_STATUS_STRUCT *node_status_query(int fd,
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 6fe7ee1... More of the fix for bug #7118 - nmbd problems with socket address. via 05123ef... Make nmbd bind explicit broadcast on by default. from 5456e5e... s3:docs-xml: document nmbd bind explicit broadcast http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 6fe7ee1d216fcf722b3efa23fd80782ce0dd0e9f Author: Jeremy Allison j...@samba.org Date: Wed Feb 10 12:32:05 2010 -0800 More of the fix for bug #7118 - nmbd problems with socket address. Add a simple processed packet queue cache to stop nmbd responding to packets received on the broadcast and non-broadcast socket (which it has opened when nmbd bind explicit broadcast = yes). This is a very simple packet queue - it only keeps the packets processed during a single call to listen_for_packets() (i.e. one select call). This means that if the delivery notification for a packet received on both broadcast and non-broadcast addresses is done in two different select calls, the packet will still be processed twice. This is a very rare occurrance and we can just live with it when it does as the protocol is stateless. If this is ever flagged as a repeatable problem then we can add a longer lived cache, using timeout processing to clear etc. etc. But without storing all packets processed we can never be *sure* we've eliminated the race condition so I'm going to go with this simple solution until someone proves a more complex one is needed :-). Jeremy. commit 05123ef78c903de2a12b95fb30632f03ac919a4d Author: Jeremy Allison j...@samba.org Date: Mon Feb 8 14:35:02 2010 -0800 Make nmbd bind explicit broadcast on by default. Fix a comment typo. Jeremy. --- Summary of changes: .../smbdotconf/misc/nmbdbindexplicitbroadcast.xml | 11 ++- source3/nmbd/nmbd_packets.c| 91 +++- source3/param/loadparm.c |5 + 3 files changed, 101 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml b/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml index f328594..3a44a69 100644 --- a/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml +++ b/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml @@ -5,12 +5,13 @@ xmlns:samba=http://www.samba.org/samba/DTD/samba-doc; description para - This option allows you to setup citerefentryrefentrytitlenmbd/refentrytitle - manvolnum8/manvolnum/citerefentry to explicit bind to the - broadcast address of the local subnets. This is only useful in - combination with the smbconfoption name=socket address/ option. + This option causes citerefentryrefentrytitlenmbd/refentrytitle + manvolnum8/manvolnum/citerefentry to explicitly bind to the + broadcast address of the local subnets. This is needed to make nmbd + work correctly in combination with the smbconfoption name=socket address/ option. + You should not need to unset this option. /para /description -value type=defaultno/value +value type=defaultyes/value /samba:parameter diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c index 013ebf6..a753b28 100644 --- a/source3/nmbd/nmbd_packets.c +++ b/source3/nmbd/nmbd_packets.c @@ -1765,6 +1765,83 @@ only use %d.\n, count, FD_SETSIZE)); } / + List of packets we're processing this select. +***/ + +struct processed_packet { + struct processed_packet *next; + struct processed_packet *prev; + enum packet_type packet_type; + struct in_addr ip; + int packet_id; +}; + +/ + Have we seen this before ? +***/ + +static bool is_processed_packet(struct processed_packet *processed_packet_list, + struct packet_struct *packet) +{ + struct processed_packet *p = NULL; + + for (p = processed_packet_list; p; p = p-next) { + if (ip_equal_v4(p-ip, packet-ip) p-packet_type == packet-packet_type) { + if ((p-packet_type == NMB_PACKET) + (p-packet_id == + packet-packet.nmb.header.name_trn_id)) { + return true; + } else if ((p-packet_type == DGRAM_PACKET) + (p-packet_id == +
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via df5db3d... WHATSNEW: Mention new nmbd bind explicit broadcast parameter. from 6fe7ee1... More of the fix for bug #7118 - nmbd problems with socket address. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit df5db3d3f02d40d08891faa83717d306ebcd1331 Author: Karolin Seeger ksee...@samba.org Date: Thu Feb 11 13:25:12 2010 +0100 WHATSNEW: Mention new nmbd bind explicit broadcast parameter. Karolin --- Summary of changes: WHATSNEW.txt |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 7560bc5..aee5f7a 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -94,6 +94,7 @@ smb.conf changes debug hires timestamp Changed Default yes ldap deref New auto ldap follow referral New auto + nmbd bind explicit broadcast New no wide links Changed Default no -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5e1dd19... testprogs: one more error code for spoolss test. via 4f8a4cb... testprogs: print secdesc-Control in spoolss test. via 490e1f8... testprogs: use ConvertSidToStringSid in order to print sids in spoolss test. from 7bd7194... s4-drs: Add DRSUAPI_DRS_NONGC_RO_REP bit to DRS_OPTIONS http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5e1dd19221a412d88540422004b18d190e9caa28 Author: Günther Deschner g...@samba.org Date: Thu Feb 11 01:24:12 2010 +0100 testprogs: one more error code for spoolss test. Guenther commit 4f8a4cb81b073e3339744cfec334d8fce34cb03f Author: Günther Deschner g...@samba.org Date: Thu Feb 11 00:06:20 2010 +0100 testprogs: print secdesc-Control in spoolss test. Guenther commit 490e1f84fede5585c6c611a5720b9f2362a9214f Author: Günther Deschner g...@samba.org Date: Thu Feb 11 00:04:53 2010 +0100 testprogs: use ConvertSidToStringSid in order to print sids in spoolss test. Guenther --- Summary of changes: testprogs/win32/spoolss/error.c|2 ++ testprogs/win32/spoolss/printlib.c | 31 +-- 2 files changed, 19 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/testprogs/win32/spoolss/error.c b/testprogs/win32/spoolss/error.c index 241e1e5..0ff775b 100644 --- a/testprogs/win32/spoolss/error.c +++ b/testprogs/win32/spoolss/error.c @@ -117,6 +117,8 @@ const char *errstr(DWORD error) return RPC_S_SERVER_UNAVAILABLE; case RPC_S_INVALID_NET_ADDR: return RPC_S_INVALID_NET_ADDR; + case RPC_S_CALL_FAILED: + return RPC_S_CALL_FAILED; default: break; } diff --git a/testprogs/win32/spoolss/printlib.c b/testprogs/win32/spoolss/printlib.c index ff18517..b9198d4 100644 --- a/testprogs/win32/spoolss/printlib.c +++ b/testprogs/win32/spoolss/printlib.c @@ -22,6 +22,7 @@ #include windows.h #include stdio.h #include assert.h +#include sddl.h void print_devmode(DEVMODE *pDevModeIn) { @@ -125,24 +126,27 @@ void print_acl(const char* str, ACL *acl) return; } -void print_sid(const char* str, SID *sid) +void PrintLastError(); + +void print_sid(LPSTR str, PSID sid) { - DWORD i = 0; + LPSTR sid_string; printf(%s\n, str); - printf(0x%x\n, sid); - if (sid == NULL) + + if (sid == NULL) { + printf((null sid)\n); + return; + } + + if (!ConvertSidToStringSid(sid, sid_string)) { + PrintLastError(); return; - printf(\t\tRevision\t\t0x%x\n, sid-Revision); - printf(\t\tSubAuthorityCount\t0x%x\n, sid-SubAuthorityCount); - printf(\t\tSubAuthority\n\t); - while (i sid-SubAuthorityCount) { - printf(\t0x%x, sid-SubAuthority[i]); - if (i%4 == 3) - printf(\n\t); - i++; } + printf(%s\n, sid_string); + LocalFree(sid_string); + return; } @@ -155,6 +159,7 @@ void print_secdesc(SECURITY_DESCRIPTOR *secdesc) printf(\tRevision\t= 0x%x\n, secdesc-Revision); printf(\tSbz1\t\t= 0x%x\n, secdesc-Sbz1); + printf(\tControl\t\t= 0x%x\n, secdesc-Control); #if 0 print_sid(\tOwner\t\t= , secdesc-Owner); print_sid(\tGroup\t\t= ,secdesc-Group); @@ -583,11 +588,9 @@ void print_printer_info_2(PPRINTER_INFO_2 info) printf(\tDevice Mode Information\n); printf(\t---\n); print_devmode(info-pDevMode); -#if 0 printf(\tSecurity Descriptor Information\n); printf(\t---\n); print_secdesc(info-pSecurityDescriptor); -#endif return; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 25001bb... s3-spoolss: implement spoolss_EnumJobs level 3. from 5e1dd19... testprogs: one more error code for spoolss test. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 25001bbd1b0b32073073dab7cf5b78a2b902163f Author: Günther Deschner g...@samba.org Date: Thu Feb 11 00:44:06 2010 +0100 s3-spoolss: implement spoolss_EnumJobs level 3. Level 3 has been added with NT 4.0 and Windows 7 (at least 64bit version) makes use of it in order to display queued jobs. Windows 7 will *not* fall back to level 2 if we just return WERR_UNKNOWN_LEVEL, instead there will be no printjobs displayed at all. Guenther --- Summary of changes: source3/rpc_server/srv_spoolss_nt.c | 76 +++ 1 files changed, 76 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 7a4c9c9..882193a 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -6111,6 +6111,27 @@ static WERROR fill_job_info2(TALLOC_CTX *mem_ctx, } / +fill_job_info3 +/ + +static WERROR fill_job_info3(TALLOC_CTX *mem_ctx, +struct spoolss_JobInfo3 *r, +const print_queue_struct *queue, +const print_queue_struct *next_queue, +int position, int snum, +const NT_PRINTER_INFO_LEVEL *ntprinter) +{ + r-job_id = queue-job; + r-next_job_id = 0; + if (next_queue) { + r-next_job_id = next_queue-job; + } + r-reserved = 0; + + return WERR_OK; +} + +/ Enumjobs at level 1. / @@ -6208,6 +6229,57 @@ static WERROR enumjobs_level2(TALLOC_CTX *mem_ctx, return WERR_OK; } +/ + Enumjobs at level 3. +/ + +static WERROR enumjobs_level3(TALLOC_CTX *mem_ctx, + const print_queue_struct *queue, + uint32_t num_queues, int snum, + const NT_PRINTER_INFO_LEVEL *ntprinter, + union spoolss_JobInfo **info_p, + uint32_t *count) +{ + union spoolss_JobInfo *info; + int i; + WERROR result = WERR_OK; + + info = TALLOC_ARRAY(mem_ctx, union spoolss_JobInfo, num_queues); + W_ERROR_HAVE_NO_MEMORY(info); + + *count = num_queues; + + for (i=0; i*count; i++) { + const print_queue_struct *next_queue = NULL; + + if (i+1 *count) { + next_queue = queue[i+1]; + } + + result = fill_job_info3(info, + info[i].info3, + queue[i], + next_queue, + i, + snum, + ntprinter); + if (!W_ERROR_IS_OK(result)) { + goto out; + } + } + + out: + if (!W_ERROR_IS_OK(result)) { + TALLOC_FREE(info); + *count = 0; + return result; + } + + *info_p = info; + + return WERR_OK; +} + / _spoolss_EnumJobs / @@ -6264,6 +6336,10 @@ WERROR _spoolss_EnumJobs(pipes_struct *p, result = enumjobs_level2(p-mem_ctx, queue, count, snum, ntprinter, r-out.info, r-out.count); break; + case 3: + result = enumjobs_level3(p-mem_ctx, queue, count, snum, +ntprinter, r-out.info, r-out.count); + break; default: result = WERR_UNKNOWN_LEVEL; break; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a16e974... spoolss: allow to set server architecture via parametric option. from 25001bb... s3-spoolss: implement spoolss_EnumJobs level 3. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a16e97459342a838a77cd9f17df5347b0632219c Author: Günther Deschner g...@samba.org Date: Thu Feb 11 13:07:38 2010 +0100 spoolss: allow to set server architecture via parametric option. This allows to set spoolss:architecture = 'Windows x64' for debugging purpose. Guenther --- Summary of changes: source3/rpc_server/srv_spoolss_nt.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 882193a..5f431c6 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2270,8 +2270,8 @@ static WERROR getprinterdata_printer_server(TALLOC_CTX *mem_ctx, if (!StrCaseCmp(value, Architecture)) { *type = REG_SZ; - - data-string = talloc_strdup(mem_ctx, Windows NT x86); + data-string = talloc_strdup(mem_ctx, + lp_parm_const_string(GLOBAL_SECTION_SNUM, spoolss, architecture, SPOOLSS_ARCHITECTURE_NT_X86)); W_ERROR_HAVE_NO_MEMORY(data-string); return WERR_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2a0b16c... s3: re-run make samba3-idl. from a16e974... spoolss: allow to set server architecture via parametric option. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2a0b16c430ca40c762d81832bb1cd2bddc709465 Author: Günther Deschner g...@samba.org Date: Thu Feb 11 13:32:44 2010 +0100 s3: re-run make samba3-idl. Guenther --- Summary of changes: librpc/gen_ndr/drsuapi.h |1 + librpc/gen_ndr/ndr_drsuapi.c |1 + 2 files changed, 2 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/gen_ndr/drsuapi.h b/librpc/gen_ndr/drsuapi.h index 6e37a94..87a55cb 100644 --- a/librpc/gen_ndr/drsuapi.h +++ b/librpc/gen_ndr/drsuapi.h @@ -33,6 +33,7 @@ #define DRSUAPI_DRS_GET_ANC ( 0x0800 ) #define DRSUAPI_DRS_GET_NC_SIZE ( 0x1000 ) #define DRSUAPI_DRS_LOCAL_ONLY ( 0x1000 ) +#define DRSUAPI_DRS_NONGC_RO_REP ( 0x2000 ) #define DRSUAPI_DRS_SYNC_BYNAME ( 0x4000 ) #define DRSUAPI_DRS_REF_OK ( 0x4000 ) #define DRSUAPI_DRS_FULL_SYNC_NOW ( 0x8000 ) diff --git a/librpc/gen_ndr/ndr_drsuapi.c b/librpc/gen_ndr/ndr_drsuapi.c index 38e7206..74ccab7 100644 --- a/librpc/gen_ndr/ndr_drsuapi.c +++ b/librpc/gen_ndr/ndr_drsuapi.c @@ -42,6 +42,7 @@ _PUBLIC_ void ndr_print_drsuapi_DrsOptions(struct ndr_print *ndr, const char *na ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_DRS_GET_ANC, DRSUAPI_DRS_GET_ANC, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_DRS_GET_NC_SIZE, DRSUAPI_DRS_GET_NC_SIZE, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_DRS_LOCAL_ONLY, DRSUAPI_DRS_LOCAL_ONLY, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_DRS_NONGC_RO_REP, DRSUAPI_DRS_NONGC_RO_REP, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_DRS_SYNC_BYNAME, DRSUAPI_DRS_SYNC_BYNAME, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_DRS_REF_OK, DRSUAPI_DRS_REF_OK, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), DRSUAPI_DRS_FULL_SYNC_NOW, DRSUAPI_DRS_FULL_SYNC_NOW, r); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 45defdb... s4-provision: import the R2 functional level via 960fab4... s4-build: avoid finding python symlinks via 4aaa7fe... s4-provision: fixed --function-level option to provision via 802f6b7... s4-script: make enablerecyclebin use system_session via 9ba0d10... s4-pyldb: null terminate string ldb message elements from python via 76a2e93... libds: added recyclebin feature GUID from 2a0b16c... s3: re-run make samba3-idl. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 45defdb90c93ed9876cacb8e3b77ce024bd02590 Author: Andrew Tridgell tri...@samba.org Date: Fri Feb 12 00:33:13 2010 +1100 s4-provision: import the R2 functional level this makes it easier to modify the script to set us at R2 level in provision. We should make this a parameter. commit 960fab4bba9b52aacba46de5895afaf908f002df Author: Andrew Tridgell tri...@samba.org Date: Fri Feb 12 00:11:11 2010 +1100 s4-build: avoid finding python symlinks emacs creates symlinks to .py files while you are editing them. This could cause build failures. commit 4aaa7fe43b207abab886b6ba3e1895a42162480c Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 23:39:56 2010 +1100 s4-provision: fixed --function-level option to provision we need the DS_DOMAIN_* levels imported commit 802f6b71dd0c43c44ecf91ec042e7f4a08a12dec Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 23:38:23 2010 +1100 s4-script: make enablerecyclebin use system_session This allows it to work against our local ldb commit 9ba0d105ccd5599987c17e2474ecfe8ac3547f1b Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 23:37:44 2010 +1100 s4-pyldb: null terminate string ldb message elements from python We need to eventually get rid of ldb_msg_find_attr_as_string() (or add a mem_ctx to it), but meanwhile we have too many places that break if we don't add a nul to the end of ldb msg strings from python. commit 76a2e936a02ba99a474dd20822ed170787b55a45 Author: Andrew Tridgell tri...@samba.org Date: Thu Feb 11 23:35:31 2010 +1100 libds: added recyclebin feature GUID --- Summary of changes: libds/common/flags.h|3 +++ source4/lib/ldb/pyldb.c |8 source4/scripting/bin/enablerecyclebin |3 ++- source4/scripting/python/config.mk |2 +- source4/scripting/python/samba/provision.py |2 +- source4/setup/provision |1 + 6 files changed, 12 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/libds/common/flags.h b/libds/common/flags.h index 40e40c3..aa88487 100644 --- a/libds/common/flags.h +++ b/libds/common/flags.h @@ -203,3 +203,6 @@ #define DS_GUID_PROGRAM_DATA_CONTAINER 09460C08AE1E4A4EA0F64AEE7DAA1E5A #define DS_GUID_SYSTEMS_CONTAINER AB1D30F3768811D1ADED00C04FD8D5CD #define DS_GUID_USERS_CONTAINER A9D1CA15768811D1ADED00C04FD8D5CD + +/* wellknown GUIDs for optional directory features */ +#define DS_GUID_FEATURE_RECYCLE_BIN 766ddcd8-acd0-445e-f3b9-a7f9b6744f2a diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c index a19768d..2853732 100644 --- a/source4/lib/ldb/pyldb.c +++ b/source4/lib/ldb/pyldb.c @@ -1617,7 +1617,7 @@ struct ldb_message_element *PyObject_AsMessageElement(TALLOC_CTX *mem_ctx, me-values = talloc_array(me, struct ldb_val, me-num_values); me-values[0].length = PyString_Size(set_obj); me-values[0].data = talloc_memdup(me, - (uint8_t *)PyString_AsString(set_obj), me-values[0].length); + (uint8_t *)PyString_AsString(set_obj), me-values[0].length+1); } else if (PySequence_Check(set_obj)) { int i; me-num_values = PySequence_Size(set_obj); @@ -1627,7 +1627,7 @@ struct ldb_message_element *PyObject_AsMessageElement(TALLOC_CTX *mem_ctx, me-values[i].length = PyString_Size(obj); me-values[i].data = talloc_memdup(me, - (uint8_t *)PyString_AsString(obj), me-values[i].length); + (uint8_t *)PyString_AsString(obj), me-values[i].length+1); } } else { talloc_free(me); @@ -1772,7 +1772,7 @@ static PyObject *py_ldb_msg_element_new(PyTypeObject *type, PyObject *args, PyOb el-values = talloc_array(el, struct ldb_val, 1); el-values[0].length = PyString_Size(py_elements); el-values[0].data = talloc_memdup(el, - (uint8_t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 14c4c2c... ldb_match - Ignore :dn part of extended matches for now from 45defdb... s4-provision: import the R2 functional level http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 14c4c2c735d6b263d167bf5255fcf60de2c91110 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Thu Feb 11 15:42:48 2010 +0100 ldb_match - Ignore :dn part of extended matches for now It's not fully clear what this :dn part means for us. What we know is that older AD implementations (Windows Server 2000, 2003) need it to have extended matches working in the expected way. To be able to interoperate with s3's winbind and other tools I and gd decided to transform this into a warning until we know what to do. This should fix bug #6511. --- Summary of changes: source4/lib/ldb/common/ldb_match.c |7 +-- 1 files changed, 5 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/common/ldb_match.c b/source4/lib/ldb/common/ldb_match.c index f639eff..4bd121a 100644 --- a/source4/lib/ldb/common/ldb_match.c +++ b/source4/lib/ldb/common/ldb_match.c @@ -316,8 +316,11 @@ static int ldb_match_extended(struct ldb_context *ldb, struct ldb_message_element *el; if (tree-u.extended.dnAttributes) { - ldb_debug(ldb, LDB_DEBUG_ERROR, ldb: dnAttributes extended match not supported yet); - return -1; + /* FIXME: We really need to find out what this :dn part in +* an extended match means and how to handle it. For now print +* only a warning to have s3 winbind and other tools working +* against us. - Matthias */ + ldb_debug(ldb, LDB_DEBUG_WARNING, ldb: dnAttributes extended match not supported yet); } if (tree-u.extended.rule_id == NULL) { ldb_debug(ldb, LDB_DEBUG_ERROR, ldb: no-rule extended matches not supported yet); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cd18695... Suplementary patch for bug #7104 - wide links and unix extensions are incompatible. from 14c4c2c... ldb_match - Ignore :dn part of extended matches for now http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cd18695fc2e4d09ab75e9eab2f0c43dcc15adf0b Author: Jeremy Allison j...@samba.org Date: Thu Feb 11 10:19:33 2010 -0800 Suplementary patch for bug #7104 - wide links and unix extensions are incompatible. Bug reported by Ralf Zimmermann r.zimmerm...@siegnetz.de. Reproduced by jra. If the target directory of a share doesn't exist, but is designed to be created by a root preexec script call, then the widelinks check is done too early - thus preventing the user from connecting to the share. Fix is to re-arrange the order of checks in make_connection_snum() to always do the following order of operations: (1). Turn off wide links if unix extensions = yes. (2). Call any root preexec scripts. (3). Canonicalize the share path to remove any symlinks (ie. end up with the realpath in the connection_struct). Jeremy. --- Summary of changes: source3/smbd/service.c | 55 --- 1 files changed, 28 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 8039d16..9d3da83 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -850,25 +850,6 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, return NULL; } - /* -* If widelinks are disallowed we need to canonicalise the connect -* path here to ensure we don't have any symlinks in the -* connectpath. We will be checking all paths on this connection are -* below this directory. We must do this after the VFS init as we -* depend on the realpath() pointer in the vfs table. JRA. -*/ - if (!lp_widelinks(snum)) { - if (!canonicalize_connect_path(conn)) { - DEBUG(0, (canonicalize_connect_path failed - for service %s, path %s\n, - lp_servicename(snum), - conn-connectpath)); - conn_free(conn); - *pstatus = NT_STATUS_BAD_NETWORK_NAME; - return NULL; - } - } - if ((!conn-printer) (!conn-ipc)) { conn-notify_ctx = notify_init(conn, server_id_self(), smbd_messaging_context(), @@ -877,6 +858,14 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, } /* ROOT Activities: */ + if (lp_unix_extensions() lp_widelinks(snum)) { + DEBUG(0,(Share '%s' has wide links and unix extensions enabled. + These parameters are incompatible. + Disabling wide links for this share.\n, + lp_servicename(snum) )); + lp_do_parameter(snum, wide links, False); + } + /* * Enforce the max connections parameter. */ @@ -927,6 +916,26 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, } } + /* +* If widelinks are disallowed we need to canonicalise the connect +* path here to ensure we don't have any symlinks in the +* connectpath. We will be checking all paths on this connection are +* below this directory. We must do this after the VFS init as we +* depend on the realpath() pointer in the vfs table. JRA. +*/ + if (!lp_widelinks(snum)) { + if (!canonicalize_connect_path(conn)) { + DEBUG(0, (canonicalize_connect_path failed + for service %s, path %s\n, + lp_servicename(snum), + conn-connectpath)); + yield_connection(conn, lp_servicename(snum)); + conn_free(conn); + *pstatus = NT_STATUS_BAD_NETWORK_NAME; + return NULL; + } + } + /* USER Activites: */ if (!change_to_user(conn, conn-vuid)) { /* No point continuing if they fail the basic checks */ @@ -1039,14 +1048,6 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, } #endif - if (lp_unix_extensions() lp_widelinks(snum)) { - DEBUG(0,(Share '%s' has wide links and unix extensions enabled. - These parameters are incompatible. -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 94865e4db. Fine changes to previous fix for bug #7104 - wide links and unix extensions are incompatible. from cd18695... Suplementary patch for bug #7104 - wide links and unix extensions are incompatible. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 94865e4dbd3d721c9855aada8c55e02be8b3881e Author: Jeremy Allison j...@samba.org Date: Thu Feb 11 11:00:45 2010 -0800 Fine changes to previous fix for bug #7104 - wide links and unix extensions are incompatible. Make sure we match the previous allow widelinks behavior, in that non-root preexec scripts can create share directories for a share definition. Jeremy --- Summary of changes: source3/smbd/service.c | 38 ++ 1 files changed, 18 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 9d3da83..1e8c15b 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -916,26 +916,6 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, } } - /* -* If widelinks are disallowed we need to canonicalise the connect -* path here to ensure we don't have any symlinks in the -* connectpath. We will be checking all paths on this connection are -* below this directory. We must do this after the VFS init as we -* depend on the realpath() pointer in the vfs table. JRA. -*/ - if (!lp_widelinks(snum)) { - if (!canonicalize_connect_path(conn)) { - DEBUG(0, (canonicalize_connect_path failed - for service %s, path %s\n, - lp_servicename(snum), - conn-connectpath)); - yield_connection(conn, lp_servicename(snum)); - conn_free(conn); - *pstatus = NT_STATUS_BAD_NETWORK_NAME; - return NULL; - } - } - /* USER Activites: */ if (!change_to_user(conn, conn-vuid)) { /* No point continuing if they fail the basic checks */ @@ -972,6 +952,24 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, } } + /* +* If widelinks are disallowed we need to canonicalise the connect +* path here to ensure we don't have any symlinks in the +* connectpath. We will be checking all paths on this connection are +* below this directory. We must do this after the VFS init as we +* depend on the realpath() pointer in the vfs table. JRA. +*/ + if (!lp_widelinks(snum)) { + if (!canonicalize_connect_path(conn)) { + DEBUG(0, (canonicalize_connect_path failed + for service %s, path %s\n, + lp_servicename(snum), + conn-connectpath)); + *pstatus = NT_STATUS_BAD_NETWORK_NAME; + goto err_root_exit; + } + } + #ifdef WITH_FAKE_KASERVER if (lp_afs_share(snum)) { afs_login(conn); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5d92d96... Introduce lp_safe_widelinks() from 94865e4db. Fine changes to previous fix for bug #7104 - wide links and unix extensions are incompatible. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5d92d969dda450cc3564dd2265d2b042d832c542 Author: Simo Sorce i...@samba.org Date: Thu Feb 11 16:12:29 2010 -0500 Introduce lp_safe_widelinks() This way we avoid any chance that a configuration reload may turn back on wide links when unix extensions are enabled. --- Summary of changes: source3/include/proto.h |1 + source3/param/loadparm.c | 16 source3/smbd/filename.c |2 +- source3/smbd/service.c |8 +--- source3/smbd/vfs.c |2 +- 5 files changed, 24 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 95519e3..3549ea6 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4393,6 +4393,7 @@ void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val); int lp_min_receive_file_size(void); char* lp_perfcount_module(void); void lp_set_passdb_backend(const char *backend); +bool lp_safe_widelinks(int snum); /* The following definitions come from param/util.c */ diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 8308e99..4b6fa83 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -9891,3 +9891,19 @@ void lp_set_passdb_backend(const char *backend) { string_set(Globals.szPassdbBackend, backend); } + +/*** + Safe wide links checks. + This helper function always verify the validity of wide links, + even after a configuration file reload. +/ + +bool lp_safe_widelinks(int snum) +{ + /* wide links is always incompatible with unix extensions */ + if (lp_unix_extensions()) { + return false; + } + + return lp_widelinks(snum); +} diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index ab79dfd..73a3c36 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -854,7 +854,7 @@ NTSTATUS check_name(connection_struct *conn, const char *name) } } - if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) { + if (!lp_safe_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) { NTSTATUS status = check_reduced_name(conn,name); if (!NT_STATUS_IS_OK(status)) { DEBUG(5,(check_name: name %s failed with %s\n,name, diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 1e8c15b..4efa63e 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -858,12 +858,14 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, } /* ROOT Activities: */ + /* explicitly check with lp_widelinks() instead of using +* lp_safe_widelinks() here so that we can correctly warn +* in the logs. */ if (lp_unix_extensions() lp_widelinks(snum)) { DEBUG(0,(Share '%s' has wide links and unix extensions enabled. These parameters are incompatible. - Disabling wide links for this share.\n, + Wide links will be disabled for this share.\n, lp_servicename(snum) )); - lp_do_parameter(snum, wide links, False); } /* @@ -959,7 +961,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, * below this directory. We must do this after the VFS init as we * depend on the realpath() pointer in the vfs table. JRA. */ - if (!lp_widelinks(snum)) { + if (!lp_safe_widelinks(snum)) { if (!canonicalize_connect_path(conn)) { DEBUG(0, (canonicalize_connect_path failed for service %s, path %s\n, diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index 94bdb1f..b575800 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -928,7 +928,7 @@ NTSTATUS check_reduced_name(connection_struct *conn, const char *fname) } /* Check for widelinks allowed. */ - if (!lp_widelinks(SNUM(conn))) { + if (!lp_safe_widelinks(SNUM(conn))) { const char *conn_rootdir; conn_rootdir = SMB_VFS_CONNECTPATH(conn, fname); -- Samba Shared Repository
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-34-g16f265e
The branch, 1.0.112 has been updated via 16f265e4f2d3a6154dd77215e853a45379aeff80 (commit) via 443c4518a0036de257fbe08fb57fc65ffae49bc6 (commit) from b0cf567a88deee913ff03f721898af54c2877261 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - --- Summary of changes: packaging/RPM/ctdb.spec.in |7 ++- server/eventscript.c |4 ++-- 2 files changed, 8 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/packaging/RPM/ctdb.spec.in b/packaging/RPM/ctdb.spec.in index c14d4cc..b83303b 100644 --- a/packaging/RPM/ctdb.spec.in +++ b/packaging/RPM/ctdb.spec.in @@ -5,7 +5,7 @@ Vendor: Samba Team Packager: Samba Team sa...@samba.org Name: ctdb Version: 1.0.112 -Release: 6 +Release: 7 Epoch: 0 License: GNU GPL version 3 Group: System Environment/Daemons @@ -123,6 +123,11 @@ rm -rf $RPM_BUILD_ROOT %{_docdir}/ctdb/tests/bin/ctdb_transaction %changelog +* Thu Feb 11 2010 : Version 1.0.112-7 + - Add logging of process if we detect we have started to swap from + the 00.ctdb eventscript. + - Reduce the log level of various messages to stop them spamming the log file + - Add a variable to disable checking if kNFSd has hung/died or not * Tue Feb 9 2010 : Version 1.0.112-6 - Reduce the log level for debug messages related to tracking filedescriptors being created. diff --git a/server/eventscript.c b/server/eventscript.c index 9ce9cee..e0908e1 100644 --- a/server/eventscript.c +++ b/server/eventscript.c @@ -145,7 +145,7 @@ static bool check_executable(const char *dir, const char *name) } if (!(st.st_mode S_IXUSR)) { - DEBUG(DEBUG_INFO,(Event script %s is not executable. Ignoring this event script\n, full)); + DEBUG(DEBUG_DEBUG,(Event script %s is not executable. Ignoring this event script\n, full)); errno = ENOEXEC; talloc_free(full); return false; @@ -365,7 +365,7 @@ static int child_run_script(struct ctdb_context *ctdb, CTDB_NO_MEMORY(ctdb, cmdstr); child_state.script_running = cmdstr; - DEBUG(DEBUG_INFO,(Executing event script %s\n,cmdstr)); + DEBUG(DEBUG_DEBUG,(Executing event script %s\n,cmdstr)); if (current-status) { ret = current-status; -- CTDB repository
[SCM] CTDB repository - branch seqnum-test created - ctdb-1.0.111-36-g8198e27
The branch, seqnum-test has been created at 8198e27e5d8dd1f5a927d75aff9ef122d7a5ac15 (commit) - Log - commit 8198e27e5d8dd1f5a927d75aff9ef122d7a5ac15 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 09:15:39 2010 +1100 When storing records in a tdb that has automatic seqnum updates also check if the actual data for the record has changed or not. If it has not changed at all, except for possibly the header, this is likely just a dmaster migration operation in which case we want to write the record to the tdb but we do not want the tdb sequence number to be increased. commit 4e683873e0617b4c8f69ededeebd850d2f44694a Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 09:12:30 2010 +1100 Add a new flag/enum to _tdb_store() to allow writing a record without increasing the seqnum We need this for CTDBD since CTDBD stores a 24 byte private header as part of the actual data. Everytime a record is migrated between nodes, this header is increased, even if the actual data past the header has not changed. This allows ctdbd to migrate records between nodes and thus modifying the header without at the same time increasing the tdb sequence number. --- -- CTDB repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 02a5078... Final part of jumbo patch for bug #7104 - wide links and unix extensions are incompatible. from 5d92d96... Introduce lp_safe_widelinks() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 02a5078f1fe6285e4a0b6ad95a3aea1c5bb3e8cf Author: Jeremy Allison j...@samba.org Date: Thu Feb 11 14:45:53 2010 -0800 Final part of jumbo patch for bug #7104 - wide links and unix extensions are incompatible. Volker pointed out that the preexec scripts get passed the conn-connectpath as a parameter, so call canonicalize_connect_path() both *before* and after the preexec scripts. Ignore errors on the call before the preexec scripts, as the path may not exist until created by the preexec scripts. Jeremy. --- Summary of changes: source3/smbd/service.c | 12 1 files changed, 12 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 4efa63e..45df7c1 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -893,6 +893,18 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, return NULL; } + /* +* Fix compatibility issue pointed out by Volker. +* We pass the conn-connectpath to the preexec +* scripts as a parameter, so attempt to canonicalize +* it here before calling the preexec scripts. +* We ignore errors here, as it is possible that +* the conn-connectpath doesn't exist yet and +* the preexec scripts will create them. +*/ + + (void)canonicalize_connect_path(conn); + /* Preexecs are done here as they might make the dir we are to ChDir * to below */ /* execute any root preexec = line */ -- Samba Shared Repository
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-36-g8198e27
The branch, 1.0.112 has been updated via 8198e27e5d8dd1f5a927d75aff9ef122d7a5ac15 (commit) via 4e683873e0617b4c8f69ededeebd850d2f44694a (commit) from 16f265e4f2d3a6154dd77215e853a45379aeff80 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit 8198e27e5d8dd1f5a927d75aff9ef122d7a5ac15 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 09:15:39 2010 +1100 When storing records in a tdb that has automatic seqnum updates also check if the actual data for the record has changed or not. If it has not changed at all, except for possibly the header, this is likely just a dmaster migration operation in which case we want to write the record to the tdb but we do not want the tdb sequence number to be increased. commit 4e683873e0617b4c8f69ededeebd850d2f44694a Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 09:12:30 2010 +1100 Add a new flag/enum to _tdb_store() to allow writing a record without increasing the seqnum We need this for CTDBD since CTDBD stores a 24 byte private header as part of the actual data. Everytime a record is migrated between nodes, this header is increased, even if the actual data past the header has not changed. This allows ctdbd to migrate records between nodes and thus modifying the header without at the same time increasing the tdb sequence number. --- Summary of changes: common/ctdb_ltdb.c| 18 +- lib/tdb/common/tdb.c |4 +++- lib/tdb/include/tdb.h |1 + 3 files changed, 21 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/common/ctdb_ltdb.c b/common/ctdb_ltdb.c index 12fcf52..d3d1fbc 100644 --- a/common/ctdb_ltdb.c +++ b/common/ctdb_ltdb.c @@ -128,6 +128,7 @@ int ctdb_ltdb_store(struct ctdb_db_context *ctdb_db, TDB_DATA key, struct ctdb_context *ctdb = ctdb_db-ctdb; TDB_DATA rec; int ret; + int flag; if (ctdb-flags CTDB_FLAG_TORTURE) { struct ctdb_ltdb_header *h2; @@ -147,7 +148,22 @@ int ctdb_ltdb_store(struct ctdb_db_context *ctdb_db, TDB_DATA key, memcpy(rec.dptr, header, sizeof(*header)); memcpy(rec.dptr + sizeof(*header), data.dptr, data.dsize); - ret = tdb_store(ctdb_db-ltdb-tdb, key, rec, TDB_REPLACE); + flag = TDB_REPLACE; + /* Databases with seqnum updates enabled only get their seqnum + changes when/if we modify the data */ + if (ctdb_db-seqnum_update != NULL) { + TDB_DATA old; + old = tdb_fetch(ctdb_db-ltdb-tdb, key); + + if ( (old.dsize == rec.dsize) +!memcmp(old.dptr+sizeof(struct ctdb_ltdb_header), + rec.dptr+sizeof(struct ctdb_ltdb_header), + rec.dsize-sizeof(struct ctdb_ltdb_header)) ) { + flag = TDB_REPLACE_NOSEQNUM; + } + if (old.dptr) free(old.dptr); + } + ret = tdb_store(ctdb_db-ltdb-tdb, key, rec, flag); if (ret != 0) { DEBUG(DEBUG_ERR, (__location__ Failed to store dynamic data\n)); } diff --git a/lib/tdb/common/tdb.c b/lib/tdb/common/tdb.c index d2688de..9287bc0 100644 --- a/lib/tdb/common/tdb.c +++ b/lib/tdb/common/tdb.c @@ -584,7 +584,9 @@ static int _tdb_store(struct tdb_context *tdb, TDB_DATA key, ret = 0; fail: if (ret == 0) { - tdb_increment_seqnum(tdb); + if (flag != TDB_REPLACE_NOSEQNUM) { + tdb_increment_seqnum(tdb); + } } SAFE_FREE(p); diff --git a/lib/tdb/include/tdb.h b/lib/tdb/include/tdb.h index db9ce4a..13cd6b6 100644 --- a/lib/tdb/include/tdb.h +++ b/lib/tdb/include/tdb.h @@ -36,6 +36,7 @@ extern C { #define TDB_REPLACE 1 /* Unused */ #define TDB_INSERT 2 /* Don't overwrite an existing entry */ #define TDB_MODIFY 3 /* Don't create an existing entry*/ +#define TDB_REPLACE_NOSEQNUM 4 /* Replace but dont bump the seqnum */ /* flags for tdb_open() */ #define TDB_DEFAULT 0 /* just a readability place holder */ -- CTDB repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4ff7f6e... s3 test: Make the netbios name test pass again via ea055e8... s4: Switch to S3-style id mapping data types. via 86d70ae... s4 idmap: Make the sid_to_xid and xid_to_sid calls static. via 5d84805... libwbclient: Test wbcLookupName async functions via cf96837... libwbclient: Implement wbcLookupName_send/recv via 145f2c7... libwbclient: Implement wbcAuthenticateUserEx_send/recv via 749fb03... libwbclient: Implement wbcLookupSid_send/recv via 5788672... libwbclient: Implement wbcGidToSid_send/recv via ada6e26... libwbclient: Implement wbcSidToGid_send/recv via 446b4aa... libwbclient: Implement wbcUidToSid_send/recv via 4ff1906... libwbclient: Implement wbcSidToUid_send/recv via 33bbe1c... libwbclient: Add wbcInterfaceDetails_send/recv via 861ef36... libwbclient: Add wbcDomainInfo_send/recv calls via 99c0f56... libwbclient: Add wbcDomainName_send/recv call via 7cb070f... libwbclient: Add wbcNetbiosName_send/recv calls via fd6b145... libwbclient: Add async wbcInfo_send()/wbcInfo_recv() calls via a089522... libwbclient: add wbcInterfaceVersion send/recv calls via 1ca7274... libwbclient: torture-test wbcPing async functions. via 3204113... libwbclient: Add async wbcPing_send/_recv via f9d041c... libwbclient: Zero out context on initialization from 02a5078... Final part of jumbo patch for bug #7104 - wide links and unix extensions are incompatible. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4ff7f6ed3634f9a45b1ebdc965152bbada72b49d Author: Kai Blin k...@samba.org Date: Tue Feb 2 15:18:01 2010 +0100 s3 test: Make the netbios name test pass again commit ea055e8c7905ec5d229fd5b50ca9ec8f60073b53 Author: Kai Blin k...@samba.org Date: Thu Apr 23 16:37:11 2009 +0200 s4: Switch to S3-style id mapping data types. commit 86d70ae94425c34fcb7cc7791a6e54b1a47f21cc Author: Kai Blin k...@samba.org Date: Wed Apr 22 18:10:12 2009 +0200 s4 idmap: Make the sid_to_xid and xid_to_sid calls static. Looking at the winbind interface, we should only be using the bulk conversion calls. commit 5d848053a7f62519beed6b5ac7fb0076ae8fa9e3 Author: Kai Blin k...@samba.org Date: Fri Jan 29 12:09:18 2010 +0100 libwbclient: Test wbcLookupName async functions commit cf968371ef207719424d2eb58dbddcf0d0c7952d Author: Kai Blin k...@samba.org Date: Thu May 28 00:57:32 2009 +0200 libwbclient: Implement wbcLookupName_send/recv commit 145f2c751b5de2864a472363cb478596c5040ee4 Author: Kai Blin k...@samba.org Date: Thu May 28 00:55:57 2009 +0200 libwbclient: Implement wbcAuthenticateUserEx_send/recv commit 749fb039719e60d82c496a2e1587bfa32d0360b8 Author: Kai Blin k...@samba.org Date: Fri Apr 24 16:24:56 2009 +0200 libwbclient: Implement wbcLookupSid_send/recv commit 57886720bb1a0e93d8903a0fa677f3820fa3cb07 Author: Kai Blin k...@samba.org Date: Thu Apr 2 09:45:39 2009 +0200 libwbclient: Implement wbcGidToSid_send/recv commit ada6e26d5e6bacaacbe9cdebdabe41c383e5f8c8 Author: Kai Blin k...@samba.org Date: Thu Apr 2 09:22:43 2009 +0200 libwbclient: Implement wbcSidToGid_send/recv commit 446b4aa17c03993a0fa0c77bd7e8bdec938be991 Author: Kai Blin k...@samba.org Date: Thu Apr 2 09:57:40 2009 +0200 libwbclient: Implement wbcUidToSid_send/recv commit 4ff1906357659a040aa90bcd51dd1974ec405001 Author: Kai Blin k...@samba.org Date: Tue Mar 31 23:10:48 2009 +0200 libwbclient: Implement wbcSidToUid_send/recv commit 33bbe1cafda93d493509f5dabfdb0ed7bbe69a71 Author: Kai Blin k...@samba.org Date: Sun Feb 15 11:01:44 2009 +0100 libwbclient: Add wbcInterfaceDetails_send/recv commit 861ef367c839d44b185ae3dd9191e849a5e33027 Author: Kai Blin k...@samba.org Date: Sat Feb 14 10:06:05 2009 +0100 libwbclient: Add wbcDomainInfo_send/recv calls commit 99c0f569f9a62b63e1d26418a777302b03c3fc7f Author: Kai Blin k...@samba.org Date: Fri Feb 13 22:51:52 2009 +0100 libwbclient: Add wbcDomainName_send/recv call commit 7cb070f2b346ed486ee24926965290890f72786f Author: Kai Blin k...@samba.org Date: Fri Feb 13 22:37:56 2009 +0100 libwbclient: Add wbcNetbiosName_send/recv calls commit fd6b1457935e3d6e156a85cce27aae43b3475723 Author: Kai Blin k...@samba.org Date: Wed Mar 25 10:08:10 2009 +0100 libwbclient: Add async wbcInfo_send()/wbcInfo_recv() calls commit a0895222be4e0227f26a625474c89fdf5aa9875c Author: Kai Blin k...@samba.org Date: Thu Feb 12 00:11:45 2009 +0100 libwbclient: add wbcInterfaceVersion send/recv calls commit 1ca727420a0d2f3d0f4a14b06c1a8d1ea6c40339 Author: Kai Blin k...@samba.org Date: Fri Jan 29 11:22:14 2010 +0100 libwbclient: torture-test wbcPing async functions. commit 3204113efe0eccbb502914699cb5a4ddcf4efdfa Author: Kai Blin
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a6f402a... Remove lp_safe_widelinks() - convert to just lp_widelinks. Suggestion from Volker. from 4ff7f6e... s3 test: Make the netbios name test pass again http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a6f402ad87ff0ae14d57d97278d67d0ceaaa1d82 Author: Jeremy Allison j...@samba.org Date: Thu Feb 11 15:16:23 2010 -0800 Remove lp_safe_widelinks() - convert to just lp_widelinks. Suggestion from Volker. Create widelinks_warning(int snum) to cover the message needed in make_connection. Jeremy. --- Summary of changes: source3/include/proto.h |2 +- source3/param/loadparm.c | 21 ++--- source3/smbd/filename.c |2 +- source3/smbd/service.c |9 + source3/smbd/vfs.c |2 +- 5 files changed, 26 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 3549ea6..c10a885 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4393,7 +4393,7 @@ void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val); int lp_min_receive_file_size(void); char* lp_perfcount_module(void); void lp_set_passdb_backend(const char *backend); -bool lp_safe_widelinks(int snum); +void widelinks_warning(int snum); /* The following definitions come from param/util.c */ diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 4b6fa83..579f847 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -5676,7 +5676,6 @@ FN_LOCAL_BOOL(lp_oplocks, bOpLocks) FN_LOCAL_BOOL(lp_level2_oplocks, bLevel2OpLocks) FN_LOCAL_BOOL(lp_onlyuser, bOnlyUser) FN_LOCAL_PARM_BOOL(lp_manglednames, bMangledNames) -FN_LOCAL_BOOL(lp_widelinks, bWidelinks) FN_LOCAL_BOOL(lp_symlinks, bSymlinks) FN_LOCAL_BOOL(lp_syncalways, bSyncAlways) FN_LOCAL_BOOL(lp_strict_allocate, bStrictAllocate) @@ -9898,12 +9897,28 @@ void lp_set_passdb_backend(const char *backend) even after a configuration file reload. / -bool lp_safe_widelinks(int snum) +static bool lp_widelinks_internal(int snum) +{ + return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]-bWidelinks : + sDefault.bWidelinks); +} + +void widelinks_warning(int snum) +{ + if (lp_unix_extensions() lp_widelinks_internal(snum)) { + DEBUG(0,(Share '%s' has wide links and unix extensions enabled. + These parameters are incompatible. + Wide links will be disabled for this share.\n, + lp_servicename(snum) )); + } +} + +bool lp_widelinks(int snum) { /* wide links is always incompatible with unix extensions */ if (lp_unix_extensions()) { return false; } - return lp_widelinks(snum); + return lp_widelinks_internal(snum); } diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 73a3c36..ab79dfd 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -854,7 +854,7 @@ NTSTATUS check_name(connection_struct *conn, const char *name) } } - if (!lp_safe_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) { + if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) { NTSTATUS status = check_reduced_name(conn,name); if (!NT_STATUS_IS_OK(status)) { DEBUG(5,(check_name: name %s failed with %s\n,name, diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 45df7c1..7dddff5 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -857,10 +857,11 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, conn); } -/* ROOT Activities: */ - /* explicitly check with lp_widelinks() instead of using -* lp_safe_widelinks() here so that we can correctly warn +/* ROOT Activities: */ + /* explicitly check widelinks here so that we can correctly warn * in the logs. */ + widelinks_warning(snum); + if (lp_unix_extensions() lp_widelinks(snum)) { DEBUG(0,(Share '%s' has wide links and unix extensions enabled. These parameters are incompatible. @@ -973,7 +974,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, * below this directory. We must do this after the VFS init as we * depend on the realpath() pointer in the vfs table. JRA. */ - if (!lp_safe_widelinks(snum)) { + if (!lp_widelinks(snum)) { if (!canonicalize_connect_path(conn)) { DEBUG(0, (canonicalize_connect_path
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9fc76f8... Remove the code replaced by widelinks warning. from a6f402a... Remove lp_safe_widelinks() - convert to just lp_widelinks. Suggestion from Volker. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9fc76f86fa2c60b81ec8afee515bb823a5cd616f Author: Jeremy Allison j...@samba.org Date: Thu Feb 11 15:59:41 2010 -0800 Remove the code replaced by widelinks warning. Jeremy. --- Summary of changes: source3/smbd/service.c |7 --- 1 files changed, 0 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 7dddff5..d8ba4fe 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -862,13 +862,6 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, * in the logs. */ widelinks_warning(snum); - if (lp_unix_extensions() lp_widelinks(snum)) { - DEBUG(0,(Share '%s' has wide links and unix extensions enabled. - These parameters are incompatible. - Wide links will be disabled for this share.\n, - lp_servicename(snum) )); - } - /* * Enforce the max connections parameter. */ -- Samba Shared Repository
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-39-g9fa818a
The branch, 1.0.112 has been updated via 9fa818afe0ccc1117a972a603b223f67c87eb00b (commit) via fb10a98f31303a4620d022d53d282fd9de4ca555 (commit) via d5c477c92252062d1c27f393ffb93471c00d75b6 (commit) from 8198e27e5d8dd1f5a927d75aff9ef122d7a5ac15 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit 9fa818afe0ccc1117a972a603b223f67c87eb00b Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 12:17:48 2010 +1100 Change ctdb to use the TDB_NOSEQNUM flag instead of the old/removed TDB_REPLACE_NOSEQNUM enum commit fb10a98f31303a4620d022d53d282fd9de4ca555 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 12:17:12 2010 +1100 Increase the package version for tdb to reflect the changes/additions to the API commit d5c477c92252062d1c27f393ffb93471c00d75b6 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 12:05:57 2010 +1100 Suggestion from Tridge. Change the flags argument in tdb_store() to take the low 4 bits as an enum describing the opeation and let the higher order bits be flags that modify the behaviour. Rename the no-seqnum-update to be a flag called TDB_NOSEQNUM Strip all the flags off the flags enum before using it in _tdb_store() --- Summary of changes: common/ctdb_ltdb.c|2 +- lib/tdb/common/tdb.c | 13 - lib/tdb/configure.ac |2 +- lib/tdb/include/tdb.h |6 -- 4 files changed, 14 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/common/ctdb_ltdb.c b/common/ctdb_ltdb.c index d3d1fbc..038c191 100644 --- a/common/ctdb_ltdb.c +++ b/common/ctdb_ltdb.c @@ -159,7 +159,7 @@ int ctdb_ltdb_store(struct ctdb_db_context *ctdb_db, TDB_DATA key, !memcmp(old.dptr+sizeof(struct ctdb_ltdb_header), rec.dptr+sizeof(struct ctdb_ltdb_header), rec.dsize-sizeof(struct ctdb_ltdb_header)) ) { - flag = TDB_REPLACE_NOSEQNUM; + flag |= TDB_NOSEQNUM; } if (old.dptr) free(old.dptr); } diff --git a/lib/tdb/common/tdb.c b/lib/tdb/common/tdb.c index 9287bc0..694c52e 100644 --- a/lib/tdb/common/tdb.c +++ b/lib/tdb/common/tdb.c @@ -466,15 +466,18 @@ static tdb_off_t tdb_find_dead(struct tdb_context *tdb, uint32_t hash, } static int _tdb_store(struct tdb_context *tdb, TDB_DATA key, - TDB_DATA dbuf, int flag, uint32_t hash) + TDB_DATA dbuf, int flags, uint32_t hash) { struct tdb_record rec; tdb_off_t rec_ptr; char *p = NULL; int ret = -1; + int op; + + op = flagsTDB_STORE_ENUM_MASK; /* check for it existing, on insert. */ - if (flag == TDB_INSERT) { + if (op == TDB_INSERT) { if (tdb_exists_hash(tdb, key, hash)) { tdb-ecode = TDB_ERR_EXISTS; goto fail; @@ -485,7 +488,7 @@ static int _tdb_store(struct tdb_context *tdb, TDB_DATA key, goto done; } if (tdb-ecode == TDB_ERR_NOEXIST - flag == TDB_MODIFY) { + op == TDB_MODIFY) { /* if the record doesn't exist and we are in TDB_MODIFY mode then we should fail the store */ goto fail; @@ -497,7 +500,7 @@ static int _tdb_store(struct tdb_context *tdb, TDB_DATA key, /* delete any existing record - if it doesn't exist we don't care. Doing this first reduces fragmentation, and avoids coalescing with `allocated' block before it's updated. */ - if (flag != TDB_INSERT) + if (op != TDB_INSERT) tdb_delete_hash(tdb, key, hash); /* Copy key+value *before* allocating free space in case malloc @@ -584,7 +587,7 @@ static int _tdb_store(struct tdb_context *tdb, TDB_DATA key, ret = 0; fail: if (ret == 0) { - if (flag != TDB_REPLACE_NOSEQNUM) { + if (!(flags TDB_NOSEQNUM)) { tdb_increment_seqnum(tdb); } } diff --git a/lib/tdb/configure.ac b/lib/tdb/configure.ac index 779f596..ef9a472 100644 --- a/lib/tdb/configure.ac +++ b/lib/tdb/configure.ac @@ -2,7 +2,7 @@ AC_PREREQ(2.50) AC_DEFUN([SMB_MODULE_DEFAULT], [echo -n ]) AC_DEFUN([SMB_LIBRARY_ENABLE], [echo -n ]) AC_DEFUN([SMB_ENABLE], [echo -n ]) -AC_INIT(tdb, 1.2.0) +AC_INIT(tdb, 1.2.1) AC_CONFIG_SRCDIR([common/tdb.c]) AC_CONFIG_HEADER(include/config.h) AC_LIBREPLACE_ALL_CHECKS diff --git a/lib/tdb/include/tdb.h b/lib/tdb/include/tdb.h index 13cd6b6..7e72f89 100644 --- a/lib/tdb/include/tdb.h +++ b/lib/tdb/include/tdb.h @@ -32,11 +32,13 @@
[SCM] CTDB repository - branch 1.0.112 updated - ctdb-1.0.111-40-g883f8be
The branch, 1.0.112 has been updated via 883f8befc27a9d66c9dc707edaf92edd69790c25 (commit) from 9fa818afe0ccc1117a972a603b223f67c87eb00b (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=1.0.112 - Log - commit 883f8befc27a9d66c9dc707edaf92edd69790c25 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Fri Feb 12 13:19:57 2010 +1100 try to restart rpc-rquotad if it is not running bz60317 --- Summary of changes: config/events.d/60.nfs | 10 ++ 1 files changed, 10 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/config/events.d/60.nfs b/config/events.d/60.nfs index 1eca005..2115d46 100755 --- a/config/events.d/60.nfs +++ b/config/events.d/60.nfs @@ -103,6 +103,16 @@ case $1 in rpc.mountd $RPCMOUNTDOPTS exit 1 } + # rquotad needs special handling since it is sometimes not started + # correctly on RHEL5 + # this is not a critical service so we dont flag the node as unhealthy + rpcinfo -u localhost 100011 1 /dev/null || { + echo ERROR: RQUOTAD is not running. Trying to restart it. + RPCRQUOTADOPTS= + [ -n $RQUOTAD_PORT ] RPCRQUOTADOPTS=$RPCRQUOTADOPTS -p $RQUOTAD_PORT + killall -q -9 rpc.rquotad + rpc.rquotad $RPCRQUOTADOPTS + } ;; *) -- CTDB repository
Build status as of Fri Feb 12 07:00:06 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-02-11 00:00:06.0 -0700 +++ /home/build/master/cache/broken_results.txt 2010-02-12 00:00:30.0 -0700 @@ -1,4 +1,4 @@ -Build status as of Thu Feb 11 07:00:05 2010 +Build status as of Fri Feb 12 07:00:06 2010 Build counts: Tree Total Broken Panic @@ -13,8 +13,8 @@ samba-docs 0 0 0 samba-web0 0 0 samba_3_current 33 32 1 -samba_3_master 33 31 5 -samba_3_next 29 29 4 +samba_3_master 33 32 5 +samba_3_next 29 28 4 samba_4_0_test 35 33 0 talloc 35 11 0 tdb 33 21 0