[Samba] getent passwd strange behavior
Hi, I have a problem with the combo of CentOS 5.5, the latest Samba Packages from Sernet and our Active Directory. Samba Packages installed: samba3-cifsmount-3.5.8-43.el5 samba3-client-3.5.8-43.el5 samba3-3.5.8-43.el5 samba3-utils-3.5.8-43.el5 samba3-winbind-32bit-3.5.8-43.el5 samba3-winbind-3.5.8-43.el5 When I try to get all users or groups via getent command, only local users/groups are displayed. If I try to fetch information for an individual user or group by getent everything is working as expected. getent passwd cvadmin shows: cvadmin:*:5582:499:cvadmin:/home/cvadmin:/bin/sh but getent passwd only shows local users nsswitch.conf is configured, domain join was successful and my smb.conf looks like this: [global] workgroup = MYDOMAIN password server = ldap.mydomain.com realm = MYDOMAIN.COM security = ads #idmap idmap domains = BUILTIN, MYDOMAIN idmap config MYDOMAIN:default = yes idmap config MYDOMAIN:schema_mode = rfc2307 idmap config MYDOMAIN:backend = ad idmap config MYDOMAIN:range = 100-50 idmap alloc backend = tdb idmap config BUILTIN:backend = tdb idmap alloc backend = tdb idmap uid = 100-50 idmap gid = 100-50 winbind nss info = rfc2307 winbind normalize names = yes winbind use default domain = true winbind offline logon = false winbind cache time = 180 winbind enum users = yes winbind enum groups = yes winbind nested groups = Yes server string = %h auth methods = winbind allow trusted domains = No We have 2 other Samba Servers using an older Version of Samba with different configurations (old idmap schema) which both works properly. Any suggestion how we could solve the problem? Cheers, Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] getent passwd strange behavior
Hi Noé, thank you for your quick reply. cvadmin is a domain user. Interesting that you have no problems using the old schema. If I try in /etc/samba/smb.conf [global] workgroup = MYDOMAIN password server = ldap.mydomain.com realm = MYDOMAIN.COM security = ads idmap uid = 100-50 idmap gid = 100-50 idmap backend = ad winbind nss info = rfc2307 winbind normalize names = yes winbind use default domain = true winbind offline logon = false winbind cache time = 180 winbind enum users = yes winbind enum groups = yes winbind nested groups = Yes No domainuser could be resolved anymore. Same config work on our other samba servers. /var/log/samba/log.winbind-idmap shows: [2011/04/11 12:24:13.560317, 3, effective(0, 0), real(0, 0)] libsmb/namequery.c:1880(get_dc_list) get_dc_list: preferred server list: , * [2011/04/11 12:24:13.560365, 3, effective(0, 0), real(0, 0)] libsmb/namequery.c:1119(resolve_lmhosts) resolve_lmhosts: Attempting lmhosts lookup for name *0x1c [2011/04/11 12:24:13.560467, 3, effective(0, 0), real(0, 0)] libsmb/namequery_dc.c:169(rpc_dc_name) Could not look up dc's for domain * [2011/04/11 12:24:13.560487, 0, effective(0, 0), real(0, 0)] libads/ldap.c:337(ads_find_dc) ads_find_dc: no realm or workgroup! Don't know what to do [2011/04/11 12:24:13.560505, 1, effective(0, 0), real(0, 0)] winbindd/idmap_ad.c:143(ad_idmap_cached_connection_internal) ad_idmap_init: failed to connect to AD [2011/04/11 12:24:13.560518, 1, effective(0, 0), real(0, 0)] winbindd/idmap_ad.c:543(idmap_ad_sids_to_unixids) ADS uninitialized: Invalid parameter [2011/04/11 12:24:13.560564, 3, effective(0, 0), real(0, 0)] winbindd/idmap.c:684(idmap_new_mapping) default domain not writable Cheers, Daniel Von: Noé Puyal [mailto:npu...@valls.cat] Gesendet: Montag, 11. April 2011 10:41 An: Zabel, Daniel Betreff: Re: [Samba] getent passwd strange behavior Hi Daniel First of all, one question, cvadmin is a domain user or local user? If cvadmin is a local user you should raise the 100 to a number after the last UID and GID. Also, as you said, I have all my samba servers with old idmap schema working properly. Good morning El lun, 11-04-2011 a las 09:38 +0200, Zabel, Daniel escribió: idmap uid = 100-50 idmap gid = 100-50 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Hybride samba..
i'm trying to build samba in hybrid mode. (https://wiki.samba.org/index.php/Franky#How_to_run_it) but obvious i'm running in to problems... (not enough howto info) does s3 need to join the s4 part ?! also do i use the same netbios name for s3+s4 ? and wbinfo -u and -g gives an error. security= ads ?? or user ?? (or...) does some one got frankenstein up ?! or some more info on howto.. it would be so mutch nicer then 2 separate machines running s3 and s4 Cheer, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] [CTDB] how does LMASTER know where the record is stored?
Greetings list, I was looking at the wiki samba and clustering and a ctdb.pdf, admittedly both are quite old (2006 or 2007) and I don't know how things change over years, but I just have two questions about LMASTER: this is from pdf LMASTER fixed ● LMASTER is based on record key only ● LMASTER knows where the record is stored ● new records are stored on LMASTER Q1. From the output of ctdb status I can see that LMASTER is bacially configured as the node itself, then how does each node know where the record is stored? By broadcast to all nodes or any other way? And more importantly, when? Q2. If new records are stored on LMASTER, do these records need to be synced within the cluster? And when? Excuse me if this comes off sort of rude, it's just there are not enough docs of CTDB on samba site. Faithfully -David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd: Exceeding 200 client connections, no idle connection found
Dear Jeremy, I have the same issue in my customer. The samba's version is 3.0.36 and we have issues with winbindd limit max 200 conections. In pcap, we have the result: GET_DFS_REFERRALS and user anonymous is show in results. in the beginning,we thought the problem was related to viruses. Pcap: 166390 3127.645327 192.168.24.247 192.168.24.13 SMB Session Setup AndX Response 166392 3127.646862 192.168.24.2192.168.24.247 SMB Tree Connect AndX Request, Path: \\DSFW\\IPC$ 166393 3127.646884 192.168.24.247 192.168.24.2TCP microsoft-ds miva-mqs [ACK] Seq=520 Ack=2952 Win=16380 Len=0 166394 3127.647414 192.168.24.247 192.168.24.2SMB Tree Connect AndX Response 166395 3127.648124 192.168.24.2192.168.24.247 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: 166396 3127.648201 192.168.24.247 192.168.24.2SMB Trans2 Response, QUERY_PATH_INFO, Error: STATUS_NETWORK_ACCESS_DENIED I also discovered that the problem is occurring on connections that are in CLOSE_WAIT state, so it is affecting the number of 200 connections. Can you help me? -- View this message in context: http://samba.2283325.n4.nabble.com/winbindd-Exceeding-200-client-connections-no-idle-connection-found-tp2453096p3433310.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.2.5 PDC guest access lost
it seems the problem lays here: auth/auth_server.c /* if logged in as guest then reject */ if ((SVAL(cli-inbuf,smb_vwv2) 1) != 0) { DEBUG(1,(password server %s gave us guest only\n, cli-desthost)); nt_status = NT_STATUS_LOGON_FAILURE; } question is why ? another domain member (samba 3.2.5) get guest access OK through this same PDC. any help please On 04.04.2011 17:30, Alexander wrote: Hi all, I had linux samba 3.0.10 running as PDC of my domain which does only authentication for other linux samba boxes which are providing access to shares. After upgrade of PDC to Debian Lenny + samba 3.2.5 I've lost guess access to the shares which are run by samba 3.0.x boxes, while it works on samba 3.2.5 samba box. the scheme is like following : _ [samba box 3.0.10] --- (not working) (auth) / \ - / \ PDC [samba 3.5.2] client (guest access) - / \/ (auth) \_ [samba box (3.5.2] --- (working) on PDC in smb.conf regarding guest access i have : map to guest = Bad User guest account = pcguest and pcguest unix account does exist. on samba box's guest ok = yes is set . in the logs of samba box where it's working (3.0.10) , among many things , i could find : [2011/03/16 20:37:41, 1] auth/auth_server.c:check_smbserver_security(373) password server * gave us guest only which is not reported from 3.2.5 box. Any help / advice would be highly appreciated. -- best regards, Alexander -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.5.8
Hi there, we need urgent help on the following if possible pls. We are using Samba version 3.5.8 on Linux RH as a print server. I have set up a new printer in SAMBA called HP4050. Using the following command I set the driver for this printer: rpcclient -c 'setdriver HP4050 HP LaserJet 4050 Series PS' localhost -U user I was able to see the model with the following command: rpcclient -c 'getdata HP4050 Model' localhost -U user I later changed the driver via the Printer Properties GUI on my Windows client.(windows/xp) When I tried again the rpcclient getdata command, I got the following message: result was WERR_BADFILE. Many Thanks in advance, Israel Shikler -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Could my project CTDB SAMBA be working ?
Hi,I'm working on a new project and i want to know your opinion to see if it's possible to do it. Here is the global architecture : joint My company is divided in two site, and for now I have only 1 SAMBA (Samba 1) on the first site. But workers of the second site are complaining about the latency. I would like to deploy a Second SAMBA which is a mirror of the first, and when someone used a file on one of the two samba, it locks the two file on the two samba, to allow only read only. And when the file stop being used, the second samba need to be keep up to date, and read write is back ont the two file. I would like to know if it's possible to do that with CTDB Samba, to make a cluster of Samba over the Internet, or if there is a way to do that with the classic Samba. Thank you for your help. (Sorry for my bad english) Regards, Michael GUIRAO -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] mod_auth_ntlm_winbind issues
Hello, I have configured Samba 3 with Winbind and installed the mod_auth_ntlm_winbind module deployed on Ubuntu 10 which is used by a web application to enforce logging using windows domain credentials. I have verified that all these layers are properly working... ie.. wbinfo -u (good), wbinfo -a username (good), ntlm_auth -helper-protocol=squid-2.5-basic (good). Next step I enforce auth on a simple webpage to test this configuration using mod_auth_ntlm_winbind. This works fine no issues. Next step I include many script load of resources on this test page...and what I am noticing is that the browser login prompt is repeatedly pops up requiring a reauthentication. It appears to be an issue with multiple calls from the browser requesting resources from the server and not sure but...I am wondering if perhaps it has something to do with maybe the Apache connection pooling not sticky thru the NTLM auth process. I am wondering that maybe the NTLM challenges/responses etc are n ot being maintained via Apache using the same connection with the browser? I have googled and searched newsgroups/forums for days now trying to figure out how to resolve this issue. I have seen similar issues documented...where the keepalive was not set to on in the apache configuration. This is not the case in my setup. Does anyone know when using the mod_auth_ntlm_windbind module with apache... does it guarantee that the same backend connection is used for the next request on a keepalive frontend connection? I am trying to determine if the 3 step NTLM challenge process is supported here..I know this same web application worked with IIS ...but since I tried implementing NTLM with Apache on linux, I suspect that maybe apache's connection model will not support this? The problem only appears to exhibit itself with multiple simultaneous called to authenticate a resource occurs. Any help or advice would be greatly appreciated as I am really hung up at the moment with this pr oblem!! Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Pacemaker/ CTDB on Ubuntu 10.04
Does somebody have experience with using Pacemaker/CTDB on Ubuntu 10.04 server? Does it work? I'm currently trying without success.. Or can you recommend another distribution that I could try? Any advise would be appreciated :) Uwe -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Could my project CTDB SAMBA be working ?
Hi, before thinking about samba doing the job you need a reliable tunnel to both sides with a fast connection. I did this by using OPenvpn in bridge mode and a 50 MB DSL. What I know ctdb cannot be used to build a PDC or BDC. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Michael GUIRAO Gesendet: Freitag, 8. April 2011 14:16 An: samba@lists.samba.org Betreff: [Samba] Could my project CTDB SAMBA be working ? Hi,I'm working on a new project and i want to know your opinion to see if it's possible to do it. Here is the global architecture : joint My company is divided in two site, and for now I have only 1 SAMBA (Samba 1) on the first site. But workers of the second site are complaining about the latency. I would like to deploy a Second SAMBA which is a mirror of the first, and when someone used a file on one of the two samba, it locks the two file on the two samba, to allow only read only. And when the file stop being used, the second samba need to be keep up to date, and read write is back ont the two file. I would like to know if it's possible to do that with CTDB Samba, to make a cluster of Samba over the Internet, or if there is a way to do that with the classic Samba. Thank you for your help. (Sorry for my bad english) Regards, Michael GUIRAO -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Hybride samba..
I do not think this is working with the same netbios name for both. The S3 must be a memberserver(ads) of the S4(ads-domain server with bind dns) and winbind running. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Collen Blijenberg Gesendet: Montag, 11. April 2011 12:29 An: samba@lists.samba.org Betreff: [Samba] Hybride samba.. i'm trying to build samba in hybrid mode. (https://wiki.samba.org/index.php/Franky#How_to_run_it) but obvious i'm running in to problems... (not enough howto info) does s3 need to join the s4 part ?! also do i use the same netbios name for s3+s4 ? and wbinfo -u and -g gives an error. security= ads ?? or user ?? (or...) does some one got frankenstein up ?! or some more info on howto.. it would be so mutch nicer then 2 separate machines running s3 and s4 Cheer, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Hybride samba..
There is currently no netbios support in S4. I am not sure if Franky is even working right now. I would post on the samba-technical list for help with this. Jonn On 04/11/2011 07:04 AM, Daniel Müller wrote: I do not think this is working with the same netbios name for both. The S3 must be a memberserver(ads) of the S4(ads-domain server with bind dns) and winbind running. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Collen Blijenberg Gesendet: Montag, 11. April 2011 12:29 An: samba@lists.samba.org Betreff: [Samba] Hybride samba.. i'm trying to build samba in hybrid mode. (https://wiki.samba.org/index.php/Franky#How_to_run_it) but obvious i'm running in to problems... (not enough howto info) does s3 need to join the s4 part ?! also do i use the same netbios name for s3+s4 ? and wbinfo -u and -g gives an error. security= ads ?? or user ?? (or...) does some one got frankenstein up ?! or some more info on howto.. it would be so mutch nicer then 2 separate machines running s3 and s4 Cheer, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Hybride samba..
The original franky is indeed broke. but there might be an other way (see wiki link) http://lists.samba.org/archive/samba-technical/2011-February/076310.html i was just wondering if some people got it up and running. volker and metze where busy with it. and i prefer rather 1 server then 2. cheers. Collen On 11-4-2011 14:41, Taylor, Jonn wrote: There is currently no netbios support in S4. I am not sure if Franky is even working right now. I would post on the samba-technical list for help with this. Jonn On 04/11/2011 07:04 AM, Daniel Müller wrote: I do not think this is working with the same netbios name for both. The S3 must be a memberserver(ads) of the S4(ads-domain server with bind dns) and winbind running. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail:muel...@tropenklinik.de Internet:www.tropenklinik.de --- -Ursprüngliche Nachricht- Von:samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Collen Blijenberg Gesendet: Montag, 11. April 2011 12:29 An:samba@lists.samba.org Betreff: [Samba] Hybride samba.. i'm trying to build samba in hybrid mode. (https://wiki.samba.org/index.php/Franky#How_to_run_it) but obvious i'm running in to problems... (not enough howto info) does s3 need to join the s4 part ?! also do i use the same netbios name for s3+s4 ? and wbinfo -u and -g gives an error. security= ads ?? or user ?? (or...) does some one got frankenstein up ?! or some more info on howto.. it would be so mutch nicer then 2 separate machines running s3 and s4 Cheer, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba+kerberos problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/10/2011 11:58 PM, Jian Li wrote: Hi, I get some problem with samba when working on kerberos, would you give me some advise? thanks /etc/samba/smb.conf: [global] workgroup = EXAMPLE #use kerberos keydtab = yes realm =LAB.BOS.REDHAT.COM security = ads #security = user server signing = auto kerberos method = system keytab [public] path = /tmp/test read only = no writable = yes [root@hp-xw6600-01 ~]# kinit -k root [root@hp-xw6600-01 ~]# mount.cifs //intel-sugarbay-dh-01.rhts.eng.rdu.redhat.com/public /mnt -o sec=krb5,user=root,uid=root [root@hp-xw6600-01 ~]# ls /mnt ls: reading directory /mnt: Permission denied We should get some extra info about your environment: What version of Samba/mount.cifs is hp-xw6600-01 using? What is the cifs server running, Win (version) or Lin and if Lin, what version of Samba? Finally, what is the KDC, Win (version) or Lin? - -- Robert Freeman-Day https://launchpad.net/~presgas GPG Public Key: http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0xBA9DF9ED3E4C7D36 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk2i+pwACgkQup357T5MfTYzNACff3BFZw2418ckVT5ruFaZtqOx vaIAn0RbUyLm5Sru17LQoDR2am+saNF9 =FmRE -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Clustered Samba: Every 24 hours There are Currently No Logon Servers Available
Daniel, thanks for your input! so i have to set this option wins server = some.external.wins.ip on both nodes then, correct? (and the next step is then to make the win server redundant aswell) and do i also have make sure the nmbd processes will not start anymore (that is configurable in /etc/conf.d/samba on gentoo) or do these processes take care of the name registration etc. ? Erik 2011/4/8 Daniel Müller muel...@tropenklinik.de Hi, in your ctdb-cluster you use the same netbios-name for both nodes!? As far as I know wins, nmbd should not be active on both nodes. You should use an external wins. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von erik bergsma Gesendet: Freitag, 8. April 2011 12:21 An: samba@lists.samba.org Betreff: [Samba] Clustered Samba: Every 24 hours There are Currently No Logon Servers Available All, i have this very weird and annoying problem in my clustered setup: every ~24 hours the vista clients cant login, or even unlock there screens anymore. The error they receive is currently no logon services available this is very odd, because i have 2 samba 3.5.8 servers available, running and configured to handle login requests. in the mean time the people that are logged in already can use shares etc, same for mac users. So my guess its a wins/nmbd/netbios issue; not being to resolve my domain name into an ip address it is a clustered (CTDB) setup with 2 nodes, based on gentoo, samba 3.5.8, ldap and glusterfs the setup is like this: 192.168.100.81 static maintenance ip of node0 192.168.100.82 static ip of node1 192.168.100.83 floating/ctdb ip of node1 192.168.100.84 floating/ctdb ip of node0 node0 has domain master = no, preferred master = no, wins server = 192.168.100.82 node1 had domain master = auto, preferred master = yes, wins support = yes in the 192.168.100 subnet there are - some other non samba gentoo machines - a windows 2k3 server for printing, no wins support installed, smbclient reports this is the master of another domain (used to have a gentoo samba 3.0 master, but that is switched off now) - a windows 2k8 server used for pxe (is domain master of an AD domain, used only for the PXE setup, not using any recources of the other 2 domain, no wins support installed, no clients) in the 192.168.9.* to 192.168.14.* subnets there are ~60 windows vista/ windows 7 clients all statically configured to use 192.168.100.83 and 192.168.100.84 as WINS server what i do to resolve this issue is: - turn of ctdb samba on node0 - reboot node0 (because samba deadlocks, other discussion) - start ctdb samba on node0 - turn of ctdb samba on node1 - reboot node1 (because samba deadlocks, other discussion) - start ctdb samba on node1 only then the issue is resolved, and the clients can login again; just powering down node0 does not work, even in you restart nmbd on node1 and the log file says its a master browser and domain master of all the ip's associated i hate doing the reboot thing again and again, because it screws up the Glusterfs replication, and is just dirty. in the past week i had this setting: node0: domain master = auto, preferred master = auto, i then saw sometimes that node1 and node0 arguing over who is the master of one of the 4 ip, otherwise the loglevel 1 files stay pretty clean. Ive now blocked all ingoing and outgoing traffic to and from ports 137,138,139 to the 2 windows machines, just to be safe (and also i have become a little desperate :( ) the other thing that is weird that node0 starts 1 nmbd process, and node1 starts 2 of them... but this may be by design. i have a hunch that i have some rogue wins server somewhere that likes to tell that he is the domain master of my domain, does this make sense? can i debug this? or does somebody have another suggestion how to resolve this issue? thanks in advance! Erik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba over IPX
I would like to add my case for a wish of IPX support in Samba: We use a number of CNC tool machines whose host is pure DOS based. Don't be surprised that DOS is stilll running somewhere. It is fairly OK when we get to the field of HW and real-time control, unlike Windows and the like... These hosts use IPX to access LAN shares. IPX is here preferable to TCP/IP because of its lower memory consumption. Anyone knows how to make Samba work over IPX, or is there any plan for IPX support in Samba ? Thanks in advance, Maurizio Manfredini -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba over IPX
I have TCP/IP on DOS on several systems, 2 of which are CNC, slowest is a 386 with 2MB ram, and I have no issues with it. yes IP uses more ram than IPX, but it's still not significant enough to cause problems with most programs. But back to your question: IPX isn't just a network layer, it's got it's own completely different file sharing protocols and NCP server software to go with it. I'd suggest plugging linux IPX into a search engine. you can share out the same folder structure using both SMB and NCP protocols, and also NFS and AFP if you like. On Mon, Apr 11, 2011 at 1:32 PM, Maurizio Manfredini mx2...@gmail.com wrote: I would like to add my case for a wish of IPX support in Samba: We use a number of CNC tool machines whose host is pure DOS based. Don't be surprised that DOS is stilll running somewhere. It is fairly OK when we get to the field of HW and real-time control, unlike Windows and the like... These hosts use IPX to access LAN shares. IPX is here preferable to TCP/IP because of its lower memory consumption. Anyone knows how to make Samba work over IPX, or is there any plan for IPX support in Samba ? Thanks in advance, Maurizio Manfredini -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Clustered Samba: Every 24 hours There are Currently No Logon Servers Available
For your wins server you can use samba4wins. It is great. For your linux-box you have to compile it. samba4wins can replicate to another samba4wins. I use it in my samba pdc/bdc setup so both server have their own wins pus and pull partner. Samba4wins can be installed on the same server as your ctdb/samba3 For nmbd to run without problems: Look here: http://ftp.sernet.com/pub/samba4WINS/samba4wins-1.0.8-HOWTO.txt [1] Usually the following sockets are used to listen on: smbd: 0.0.0.0:139 tcp 0.0.0.0:445 tcp nmbd: 192.168.9.1:137 udp 0.0.0.0:137 udp 192.168.9.1:138 udp 0.0.0.0:138 udp In this case all incoming packets would go through the 0.0.0.0:* sockets. If you would start smbd4wins, it wouldn't be possible to listen on port 137 as nmdd already listens there with the wildcard ip. So what you need is to make nmbd not using the wildcard address, and we need a seperate unicast address for smbd4wins. This will add the 192.168.9.2 as 2nd address to the eth0 interface: ifconfig eth0:2 192.168.9.2 netmask 255.255.255 broadcast 192.168.9.255 To make nmbd not using the wildcard address, you need this: so what you need is the following in your smb.conf (for samba3!) [globals] ... netbios name = SERVER1 ... # only use the given interfaces bind interfaces only = yes # this is the unicast address interfaces = 192.168.9.1 # this is the broadcast address socket address = 192.168.9.255 # as we want to use samba4wins as wins server # set the address here wins server = 192.168.9.2 ... smbd4wins should only act as wins server and should in this case only handle unicast requests, as it's imposible to have 2 unix process listening on the same broadcast address and the same port (192.168.9.255 port 127 in this case). Also it should use a different netbios name! [globals] ... # it's important that this netbios name is different from # the one that's used for samba3! netbios name = SERVER1-WINS ... # only use the given interfaces bind interfaces only = yes # this is the unicast address interfaces = 192.168.9.2 # samba4wins is only a wins server, # and broadcasts are handled by samba3 # so disable listening on the broadcast address nbtd:disable_broadcast = yes # as we want to ourself as wins server # and don't listen on 127.0.0.1 # we need to explicit set the wins server here wins server = 192.168.9.2 ... After these changes, the use of listening sockets should be like this: smbd: 192.168.9.1:139 tcp 192.168.9.1:445 tcp nmbd: 192.168.9.1:137 udp 192.168.9.255:137 udp 192.168.9.1:138 udp 192.168.9.255:138 udp smbd4wins: 192.168.9.2:42 tcp 192.168.9.2:137 udp On Mon, 11 Apr 2011 16:52:37 +0200, erik bergsma wrote: Daniel, thanks for your input! so i have to set this option wins server = some.external.wins.ip on both nodes then, correct? (and the next step is then to make the win server redundant aswell) and do i also have make sure the nmbd processes will not start anymore (that is configurable in /etc/conf.d/samba on gentoo) or do these processes take care of the name registration etc. ? Erik 2011/4/8 Daniel Müller Hi, in your ctdb-cluster you use the same netbios-name for both nodes!? As far as I know wins, nmbd should not be active on both nodes. You should use an external wins. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de [3] Internet: www.tropenklinik.de [4] --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [5] [mailto:samba-boun...@lists.samba.org [6]] Im Auftrag von erik bergsma Gesendet: Freitag, 8. April 2011 12:21 An: samba@lists.samba.org [7] Betreff: [Samba] Clustered Samba: Every 24 hours There are Currently No Logon Servers Available All, i have this very weird and annoying problem in my clustered setup: every ~24 hours the vista clients cant login, or even unlock there screens anymore. The error they receive is currently no logon services available this is very odd, because i have 2 samba 3.5.8 servers available, running and configured to handle login requests. in the mean time the people that are logged in already can use shares etc, same for mac users. So my guess its a wins/nmbd/netbios issue; not being to resolve my domain name into an ip address it is a clustered (CTDB) setup with 2 nodes, based on gentoo, samba 3.5.8, ldap and glusterfs the setup is like this: 192.168.100.81 static maintenance ip of node0 192.168.100.82 static ip of node1 192.168.100.83 floating/ctdb ip of node1 192.168.100.84 floating/ctdb ip of node0 node0 has domain master = no, preferred master = no, wins server = 192.168.100.82 node1 had domain master = auto, preferred master = yes, wins support = yes in the 192.168.100 subnet there are - some other non samba gentoo machines - a windows 2k3 server for printing, no
[Samba] File permissions confusion
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, samba Version 3.5.4-5.3.1-2489-SUSE-SL11.3 I do not understand why the file permissions of mounted shares are different when the share is viewed locally and when viewed remotely. When I initially created a share, for instance with //sma-nas-01/photos/v cifs credentials=/home/sma-user4/.smb/.smbpw,uid=jmoe,gid=users in /etc/fstab, a long directory listing (ls -l) show ALL permissions as 775, regardless of the actual permissions as displayed locally. This was not good, showing everything as executable. I then added file_mode=0664,dir_mode=0775 to the mount options and got reasonable settings for the permissions. They, however, are not the true settings. Again samba has masked over reality. Using chmod to alter the file permissions does not work. The action is simply ignored. Is there a way to have the actual, real, local permissions shown to remote hosts? And to have the ability to change the permissions remotely? - -- James Moe moe dot james at sohnen-moe dot com 520.743.3936 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.15 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk2jYNYACgkQzTcr8Prq0ZMDbACfRIOQTy0Gt3erz+ZeGiHpjbag XeIAnA3yvV4RFVx01ZSIkXLKDOiSUV+t =J5BS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba over IPX
IPX *is* just a network layer, over which NCP/RIP/SAP/... could run On Mon, Apr 11, 2011 at 01:57:08PM -0500, Chris Weiss wrote: I have TCP/IP on DOS on several systems, 2 of which are CNC, slowest is a 386 with 2MB ram, and I have no issues with it. yes IP uses more ram than IPX, but it's still not significant enough to cause problems with most programs. But back to your question: IPX isn't just a network layer, it's got it's own completely different file sharing protocols and NCP server software to go with it. I'd suggest plugging linux IPX into a search engine. you can share out the same folder structure using both SMB and NCP protocols, and also NFS and AFP if you like. On Mon, Apr 11, 2011 at 1:32 PM, Maurizio Manfredini mx2...@gmail.com wrote: I would like to add my case for a wish of IPX support in Samba: We use a number of CNC tool machines whose host is pure DOS based. Don't be surprised that DOS is stilll running somewhere. It is fairly OK when we get to the field of HW and real-time control, unlike Windows and the like... These hosts use IPX to access LAN shares. IPX is here preferable to TCP/IP because of its lower memory consumption. Anyone knows how to make Samba work over IPX, or is there any plan for IPX support in Samba ? Thanks in advance, Maurizio Manfredini -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba over IPX
On Mon, Apr 11, 2011 at 03:03:20PM -0600, jfree wrote: IPX *is* just a network layer, over which NCP/RIP/SAP/... could run Memories from a distant past There is a NetBIOS over IPX layer that Samba does not support unfortunately, and I don't see that it ever will. Sorry, Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba authentication problem
I'm coming back to this problem after giving it a rest for a while. I find it hard to believe that no one sets up authentication with security set to share. Is that really the case? Is share security deprecated and untested or something? As no one was able to point out what I did wrong in my config before, I decided to try setting this scenario up on a completely different system which runs a different distro (same version of samba afaik). I am having the same exact problem on this other machine so it must be a config issue or samba just doesn't work this way. This time I am testing it by trying to connect to it from a windows xp and vista machine. Both machines keep re-prompting me for the userid and password of the share over and over again after I type the correct password. Why is it so impossible to have a simple username authenticate to a share? At this point to have a little security, I have to make them all guest access read only as nothing else works in this mode. I don't mean to sound a little frustrated but I would have thought samba would be a little more robust than that by now. If it just isn't meant to work this way can someone help me out a little and explain it? I have read through the docs and explanations of the different options many times and can't find a reason it shouldn't work. Thanks for any help, I don't know what else to do. On 3/24/2011 1:00 PM, Xamindar wrote: Hi, I have asked around in other forums but no one seems to know why this doesn't work. I have a backup server with samba on it and am trying to set it up to only allow write access when a user authenticates but to allow reading from anyone (guest). At this time I have guest disabled and a minimal config set up as shown below to try to narrow down the problem. I have added the user xamindar using smbpasswd on the server. I then tried to mount the backup share from another machine with the following command: mount -t cifs //chiroru/backup /mnt/temp -o username=xamindar But I keep getting the following response: mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) Can anyone tell me what I am doing wrong here? I am sure I have missed something. It is possible to authenticate per share with share level security is it not? I just can't get authentication to work no matter what I have tried on this machine. With guest enabled it will just use the guest account and that works fine. Thanks for any help, I am pulling my hair out here. ***smb.conf*** [global] server string = Backup and Multimedia server security = SHARE smb passwd file = /etc/samba/private/passdb.tdb load printers = No disable spoolss = Yes show add printer wizard = No write list = xamindar printing = bsd print command = lpr -r -P'%p' %s lpq command = lpq -P'%p' lprm command = lprm -P'%p' %j map hidden = Yes map system = Yes [backup] path = /mnt/user/backup ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e6cf92c s3-modules: Fix debug message from af45636 Fix bug 8072 - PANIC: create_file_acl_common frees handle two times. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e6cf92c574fba14132757f141d8b1242fa71be88 Author: Björn Baumbach b...@sernet.de Date: Mon Apr 11 10:27:58 2011 +0200 s3-modules: Fix debug message Print child descriptor instead of parent. Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Mon Apr 11 11:48:42 CEST 2011 on sn-devel-104 --- Summary of changes: source3/modules/vfs_acl_common.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index ea41fbb..5edcb4b 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -474,7 +474,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, if (DEBUGLEVEL = 10) { DEBUG(10,(inherit_new_acl: child acl for %s is:\n, fsp_str_dbg(fsp) )); - NDR_PRINT_DEBUG(security_descriptor, parent_desc); + NDR_PRINT_DEBUG(security_descriptor, psd); } return SMB_VFS_FSET_NT_ACL(fsp, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 42ad763 s3-modules: Fix debug message via 7f14129 release-scripts/create-tarball: also remove the toplevel configure.developer from 4356488 create-tarball: Remove toplevel Makefile and configure. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 42ad7630259829f1c40d9d0fcf5376fa007568a3 Author: Björn Baumbach b...@sernet.de Date: Mon Apr 11 10:27:58 2011 +0200 s3-modules: Fix debug message Print child descriptor instead of parent. Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Mon Apr 11 11:48:42 CEST 2011 on sn-devel-104 (cherry picked from commit e6cf92c574fba14132757f141d8b1242fa71be88) commit 7f14129570fe5c61c8eae9550e725e924cb12db4 Author: Stefan Metzmacher me...@samba.org Date: Mon Apr 11 11:54:21 2011 +0200 release-scripts/create-tarball: also remove the toplevel configure.developer metze --- Summary of changes: release-scripts/create-tarball |2 +- source3/modules/vfs_acl_common.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/release-scripts/create-tarball b/release-scripts/create-tarball index d634f2b..4eec87b 100755 --- a/release-scripts/create-tarball +++ b/release-scripts/create-tarball @@ -220,7 +220,7 @@ function main /bin/rm -f source4/ldap_server/devdocs/ldapext-ldapv3-vlv-04.txt fi -/bin/rm -f Makefile configure +/bin/rm -f Makefile configure configure.developer packaging/bin/update-pkginfo ${version} 1 diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index f8265c5..99edbda 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -474,7 +474,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, if (DEBUGLEVEL = 10) { DEBUG(10,(inherit_new_acl: child acl for %s is:\n, fsp_str_dbg(fsp) )); - NDR_PRINT_DEBUG(security_descriptor, parent_desc); + NDR_PRINT_DEBUG(security_descriptor, psd); } return SMB_VFS_FSET_NT_ACL(fsp, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0958695 s3: Fix timeout calculation in event_add_to_poll_args from e6cf92c s3-modules: Fix debug message http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 09586950225e880bbd6d9e147c884c5886c4d0a4 Author: Volker Lendecke v...@samba.org Date: Mon Apr 11 13:37:42 2011 +0200 s3: Fix timeout calculation in event_add_to_poll_args In the initial phase nmbd does not yet have timed events. This led to nmbd not correctly registering its names in make test and certainly everywhere else. Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Mon Apr 11 14:35:45 CEST 2011 on sn-devel-104 --- Summary of changes: source3/lib/events.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/events.c b/source3/lib/events.c index d19c79e..e461ebe 100644 --- a/source3/lib/events.c +++ b/source3/lib/events.c @@ -166,7 +166,7 @@ bool event_add_to_poll_args(struct tevent_context *ev, TALLOC_CTX *mem_ctx, return true; } if (ev-timer_events == NULL) { - *ptimeout = INT_MAX; + *ptimeout = MIN(*ptimeout, INT_MAX); return true; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 246657b s3: Fix timeout calculation in event_add_to_poll_args from 42ad763 s3-modules: Fix debug message http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 246657b06e518674129abc7f0c141c3e85d9cc8b Author: Volker Lendecke v...@samba.org Date: Mon Apr 11 13:37:42 2011 +0200 s3: Fix timeout calculation in event_add_to_poll_args In the initial phase nmbd does not yet have timed events. This led to nmbd not correctly registering its names in make test and certainly everywhere else. Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Mon Apr 11 14:35:45 CEST 2011 on sn-devel-104 (cherry picked from commit 09586950225e880bbd6d9e147c884c5886c4d0a4) --- Summary of changes: source3/lib/events.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/events.c b/source3/lib/events.c index d19c79e..e461ebe 100644 --- a/source3/lib/events.c +++ b/source3/lib/events.c @@ -166,7 +166,7 @@ bool event_add_to_poll_args(struct tevent_context *ev, TALLOC_CTX *mem_ctx, return true; } if (ev-timer_events == NULL) { - *ptimeout = INT_MAX; + *ptimeout = MIN(*ptimeout, INT_MAX); return true; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5cd6d93 s3: Fix Coverity ID 2472, UNINIT via d2d1d17 s3: Fix Coverity ID 2473, UNINIT from 0958695 s3: Fix timeout calculation in event_add_to_poll_args http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5cd6d93fa1f24b64b449455da40d5c83a18a8cff Author: Volker Lendecke v...@samba.org Date: Fri Apr 8 11:07:11 2011 +0200 s3: Fix Coverity ID 2472, UNINIT Signed-off-by: Günther Deschner g...@samba.org Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Mon Apr 11 17:14:35 CEST 2011 on sn-devel-104 commit d2d1d173237906f77b68b3d04add007e92fe2d34 Author: Volker Lendecke v...@samba.org Date: Fri Apr 8 11:07:11 2011 +0200 s3: Fix Coverity ID 2473, UNINIT Signed-off-by: Günther Deschner g...@samba.org --- Summary of changes: source3/passdb/pdb_ipa.c |6 ++ 1 files changed, 2 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c index f118e6e..da8e9f0 100644 --- a/source3/passdb/pdb_ipa.c +++ b/source3/passdb/pdb_ipa.c @@ -973,7 +973,6 @@ static NTSTATUS ipasam_add_posix_account_objectclass(struct ldapsam_privates *ld { int ret; LDAPMod **mods = NULL; - NTSTATUS status; smbldap_set_mod(mods, LDAP_MOD_ADD, objectclass, posixAccount); @@ -995,7 +994,7 @@ static NTSTATUS ipasam_add_posix_account_objectclass(struct ldapsam_privates *ld if (ret != LDAP_SUCCESS) { DEBUG(1, (failed to modify/add user with uid = %s (dn = %s)\n, username, dn)); - return status; + return NT_STATUS_LDAP(ret); } return NT_STATUS_OK; @@ -1064,7 +1063,6 @@ static NTSTATUS ipasam_add_ipa_objectclasses(struct ldapsam_privates *ldap_state uint32_t has_objectclass) { LDAPMod **mods = NULL; - NTSTATUS status; int ret; char *princ; @@ -1128,7 +1126,7 @@ static NTSTATUS ipasam_add_ipa_objectclasses(struct ldapsam_privates *ldap_state if (ret != LDAP_SUCCESS) { DEBUG(1, (failed to modify/add user with uid = %s (dn = %s)\n, name, dn)); - return status; + return NT_STATUS_LDAP(ret); } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 5a64930 s3: Fix Coverity ID 2472, UNINIT via 7b87f84 s3: Fix Coverity ID 2473, UNINIT from 246657b s3: Fix timeout calculation in event_add_to_poll_args http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 5a64930c2fee729e13f61ae0cef1a4f88a49e5c2 Author: Volker Lendecke v...@samba.org Date: Fri Apr 8 11:07:11 2011 +0200 s3: Fix Coverity ID 2472, UNINIT Signed-off-by: Günther Deschner g...@samba.org Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Mon Apr 11 17:14:35 CEST 2011 on sn-devel-104 (cherry picked from commit 5cd6d93fa1f24b64b449455da40d5c83a18a8cff) commit 7b87f84d8e71348811433291f8263a6c66bf87ff Author: Volker Lendecke v...@samba.org Date: Fri Apr 8 11:07:11 2011 +0200 s3: Fix Coverity ID 2473, UNINIT Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit d2d1d173237906f77b68b3d04add007e92fe2d34) --- Summary of changes: source3/passdb/pdb_ipa.c |6 ++ 1 files changed, 2 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c index f118e6e..da8e9f0 100644 --- a/source3/passdb/pdb_ipa.c +++ b/source3/passdb/pdb_ipa.c @@ -973,7 +973,6 @@ static NTSTATUS ipasam_add_posix_account_objectclass(struct ldapsam_privates *ld { int ret; LDAPMod **mods = NULL; - NTSTATUS status; smbldap_set_mod(mods, LDAP_MOD_ADD, objectclass, posixAccount); @@ -995,7 +994,7 @@ static NTSTATUS ipasam_add_posix_account_objectclass(struct ldapsam_privates *ld if (ret != LDAP_SUCCESS) { DEBUG(1, (failed to modify/add user with uid = %s (dn = %s)\n, username, dn)); - return status; + return NT_STATUS_LDAP(ret); } return NT_STATUS_OK; @@ -1064,7 +1063,6 @@ static NTSTATUS ipasam_add_ipa_objectclasses(struct ldapsam_privates *ldap_state uint32_t has_objectclass) { LDAPMod **mods = NULL; - NTSTATUS status; int ret; char *princ; @@ -1128,7 +1126,7 @@ static NTSTATUS ipasam_add_ipa_objectclasses(struct ldapsam_privates *ldap_state if (ret != LDAP_SUCCESS) { DEBUG(1, (failed to modify/add user with uid = %s (dn = %s)\n, name, dn)); - return status; + return NT_STATUS_LDAP(ret); } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 75ab0c4 s3-modules: Fix debug message (bug #8074) from 84745fe Fix bug #6762 - ctdb on gpfs error with MS Office. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 75ab0c486927f674937b3379104eb2e4c8f026e4 Author: Björn Baumbach b...@sernet.de Date: Mon Apr 11 10:27:58 2011 +0200 s3-modules: Fix debug message (bug #8074) Print child descriptor instead of parent. Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Mon Apr 11 11:48:42 CEST 2011 on sn-devel-104 (cherry picked from commit e6cf92c574fba14132757f141d8b1242fa71be88) (cherry picked from commit 42ad7630259829f1c40d9d0fcf5376fa007568a3) --- Summary of changes: source3/modules/vfs_acl_common.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index f1884f5..eee322d 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -469,7 +469,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, if (DEBUGLEVEL = 10) { DEBUG(10,(inherit_new_acl: child acl for %s is:\n, fsp_str_dbg(fsp) )); - NDR_PRINT_DEBUG(security_descriptor, parent_desc); + NDR_PRINT_DEBUG(security_descriptor, psd); } return SMB_VFS_FSET_NT_ACL(fsp, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-stable updated
The branch, v3-6-stable has been updated via 4b0054c s3: Fix Coverity ID 2472, UNINIT via 18aeb12 s3: Fix Coverity ID 2473, UNINIT via 69789d3 s3: Fix timeout calculation in event_add_to_poll_args via 271e6c7 s3-modules: Fix debug message via 48a87f4 release-scripts/create-tarball: also remove the toplevel configure.developer from 14d7379 VERSION: Adapt version string. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-stable - Log - commit 4b0054c752b7b3b50a5f550068365356b79da49d Author: Volker Lendecke v...@samba.org Date: Fri Apr 8 11:07:11 2011 +0200 s3: Fix Coverity ID 2472, UNINIT Signed-off-by: Günther Deschner g...@samba.org Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Mon Apr 11 17:14:35 CEST 2011 on sn-devel-104 (cherry picked from commit 5cd6d93fa1f24b64b449455da40d5c83a18a8cff) (cherry picked from commit 5a64930c2fee729e13f61ae0cef1a4f88a49e5c2) commit 18aeb127d88b922bfc5fc26b052baa859d8b9b41 Author: Volker Lendecke v...@samba.org Date: Fri Apr 8 11:07:11 2011 +0200 s3: Fix Coverity ID 2473, UNINIT Signed-off-by: Günther Deschner g...@samba.org (cherry picked from commit d2d1d173237906f77b68b3d04add007e92fe2d34) (cherry picked from commit 7b87f84d8e71348811433291f8263a6c66bf87ff) commit 69789d392e4db859cd6a41e98c1a55ab2b55b93d Author: Volker Lendecke v...@samba.org Date: Mon Apr 11 13:37:42 2011 +0200 s3: Fix timeout calculation in event_add_to_poll_args In the initial phase nmbd does not yet have timed events. This led to nmbd not correctly registering its names in make test and certainly everywhere else. Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Mon Apr 11 14:35:45 CEST 2011 on sn-devel-104 (cherry picked from commit 09586950225e880bbd6d9e147c884c5886c4d0a4) (cherry picked from commit 246657b06e518674129abc7f0c141c3e85d9cc8b) commit 271e6c71bbf30619790f9ce6d224e6d4114c4066 Author: Björn Baumbach b...@sernet.de Date: Mon Apr 11 10:27:58 2011 +0200 s3-modules: Fix debug message Print child descriptor instead of parent. Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Mon Apr 11 11:48:42 CEST 2011 on sn-devel-104 (cherry picked from commit e6cf92c574fba14132757f141d8b1242fa71be88) (cherry picked from commit 42ad7630259829f1c40d9d0fcf5376fa007568a3) commit 48a87f4807a3a7bdf9b97e74bb5899328848f9ab Author: Stefan Metzmacher me...@samba.org Date: Mon Apr 11 11:54:21 2011 +0200 release-scripts/create-tarball: also remove the toplevel configure.developer metze (cherry picked from commit 7f14129570fe5c61c8eae9550e725e924cb12db4) --- Summary of changes: release-scripts/create-tarball |2 +- source3/lib/events.c |2 +- source3/modules/vfs_acl_common.c |2 +- source3/passdb/pdb_ipa.c |6 ++ 4 files changed, 5 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/release-scripts/create-tarball b/release-scripts/create-tarball index d634f2b..4eec87b 100755 --- a/release-scripts/create-tarball +++ b/release-scripts/create-tarball @@ -220,7 +220,7 @@ function main /bin/rm -f source4/ldap_server/devdocs/ldapext-ldapv3-vlv-04.txt fi -/bin/rm -f Makefile configure +/bin/rm -f Makefile configure configure.developer packaging/bin/update-pkginfo ${version} 1 diff --git a/source3/lib/events.c b/source3/lib/events.c index d19c79e..e461ebe 100644 --- a/source3/lib/events.c +++ b/source3/lib/events.c @@ -166,7 +166,7 @@ bool event_add_to_poll_args(struct tevent_context *ev, TALLOC_CTX *mem_ctx, return true; } if (ev-timer_events == NULL) { - *ptimeout = INT_MAX; + *ptimeout = MIN(*ptimeout, INT_MAX); return true; } diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index f8265c5..99edbda 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -474,7 +474,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, if (DEBUGLEVEL = 10) { DEBUG(10,(inherit_new_acl: child acl for %s is:\n, fsp_str_dbg(fsp) )); - NDR_PRINT_DEBUG(security_descriptor, parent_desc); + NDR_PRINT_DEBUG(security_descriptor, psd); } return SMB_VFS_FSET_NT_ACL(fsp, diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c index f118e6e..da8e9f0 100644 --- a/source3/passdb/pdb_ipa.c +++ b/source3/passdb/pdb_ipa.c @@ -973,7 +973,6 @@ static NTSTATUS ipasam_add_posix_account_objectclass(struct ldapsam_privates *ld { int
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 84b7261 WHATSNEW: Start to add changes since 3.6.0pre1. from 5a64930 s3: Fix Coverity ID 2472, UNINIT http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 84b726154ef5cdcb00cbfbf7bc3ae607d6857765 Author: Karolin Seeger ksee...@samba.org Date: Mon Apr 11 21:56:29 2011 +0200 WHATSNEW: Start to add changes since 3.6.0pre1. To be completed... Karolin --- Summary of changes: WHATSNEW.txt | 60 +++-- 1 files changed, 57 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 1e6f998..50d9cff 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,10 +1,10 @@ = - Release Notes for Samba 3.6.0pre1 - July 28, 2010 + Release Notes for Samba 3.6.0pre2 +April 12, 2010 = -This is the first preview release of Samba 3.6. This is *not* +This is the second preview release of Samba 3.6.0. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -207,6 +207,60 @@ smb.conf changes winbind max clientsNew 200 +Commit Highlights +- + + + + +Changes since 3.6.0pre1 +--- + +o Michael Adam ob...@samba.org +* IDmapping changes. + + +o Jeremy Allison j...@samba.org +* BUG 7080: Quota only shown when logged as root. +* BUG 7996: Sgid bit lost on folder rename. +* BUG 8040: Fix smbclient segfault with Cyrillic netbios names. +* Fix crash bug on smbd shutdown when using FOPENDIR(). + + +o Günther Deschner g...@samba.org +* Fix Coverity ID 2041. +* fix potential crash bug in spoolss_PrinterEnumValues push path. + + +o David Disseldorp dd...@suse.de +* BUG 8040: Fix smbclient segfault with Cyrillic netbios names. +* Fix memory leak in print_cups.c. +* Remove duplicate cups response processing code. + + +o Björn Jacke b...@sernet.de +* BUG 8033: Add explicit configure option whether or not to enable dmapi + support. + + +o Volker Lendecke v...@samba.org +* BUG 8009: Fix getting username in 'net rap session'. +* BUG 8010: Use jenkins hash for str_checksum. +* BUG 8042: Fix file creation on OS/X. +* Fix numerous Coverity IDs. + + +o Nikolay Martynov mar.ko...@gmail.com +* BUG 8010: Fix inode generation so nautilus can count total dir size + correctly. + + +o Stefan Metzmacher me...@samba.org +* BUG 7567: Fix printing from Windows 7. +* Don't grant SEC_STD_DELETE always to the owner of a file. + + + ## Reporting bugs Development Discussion ### -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d1ded27 s3: Wrap creating the svcctl keys in a transaction via a5495e7 s3: Make reg_backend_db.h includable by itself (cherry picked from commit 6ba31d3bd29dd11b1b98859f4d8a65d9be7dac60) from 5cd6d93 s3: Fix Coverity ID 2472, UNINIT http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d1ded271b6e8f8ff7f09c4830411e389d26b1b10 Author: Volker Lendecke v...@samba.org Date: Sat Apr 9 18:15:12 2011 +0200 s3: Wrap creating the svcctl keys in a transaction This makes the startup of smbd in make test much quicker and thus more reliable (cherry picked from commit f1aa38b414e97d8687d0bebf65baa384f75301b4) Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Mon Apr 11 22:09:58 CEST 2011 on sn-devel-104 commit a5495e70cc5f7659ab94d8570195edf3bd41072b Author: Volker Lendecke v...@samba.org Date: Sat Apr 9 18:13:59 2011 +0200 s3: Make reg_backend_db.h includable by itself (cherry picked from commit 6ba31d3bd29dd11b1b98859f4d8a65d9be7dac60) --- Summary of changes: source3/registry/reg_backend_db.h |1 + source3/rpc_server/svcctl/srv_svcctl_reg.c | 28 2 files changed, 29 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/registry/reg_backend_db.h b/source3/registry/reg_backend_db.h index fbdcfb4..9d5ff90 100644 --- a/source3/registry/reg_backend_db.h +++ b/source3/registry/reg_backend_db.h @@ -21,6 +21,7 @@ #ifndef _REG_BACKEND_DB_H #define _REG_BACKEND_DB_H +#include registry.h WERROR init_registry_key(const char *add_path); WERROR init_registry_data(void); diff --git a/source3/rpc_server/svcctl/srv_svcctl_reg.c b/source3/rpc_server/svcctl/srv_svcctl_reg.c index d262ff8..eb0c2bd 100644 --- a/source3/rpc_server/svcctl/srv_svcctl_reg.c +++ b/source3/rpc_server/svcctl/srv_svcctl_reg.c @@ -30,6 +30,7 @@ #include rpc_client/cli_winreg.h #include rpc_server/svcctl/srv_svcctl_reg.h #include auth.h +#include registry/reg_backend_db.h #undef DBGC_CLASS #define DBGC_CLASS DBGC_REGISTRY @@ -575,6 +576,19 @@ bool svcctl_init_winreg(struct messaging_context *msg_ctx) goto done; } + result = regdb_open(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_open failed: %s\n, + win_errstr(result))); + goto done; + } + result = regdb_transaction_start(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_transaction_start failed: %s\n, + win_errstr(result))); + goto done; + } + status = dcerpc_winreg_int_hklm_openkey(tmp_ctx, get_session_info_system(), msg_ctx, @@ -674,6 +688,20 @@ done: dcerpc_winreg_CloseKey(h, tmp_ctx, key_hnd, result); } + if (ok) { + result = regdb_transaction_commit(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_transaction_commit failed: %s\n, + win_errstr(result))); + } + } else { + result = regdb_transaction_cancel(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_transaction_cancel failed: %s\n, + win_errstr(result))); + } + } + regdb_close(); return ok; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 4dc5823 s3: Wrap creating the svcctl keys in a transaction via 59ed52d s3: Make reg_backend_db.h includable by itself (cherry picked from commit 6ba31d3bd29dd11b1b98859f4d8a65d9be7dac60) (cherry picked from commit a5495e70cc5f7659ab94d8570195edf3bd41072b) from 84b7261 WHATSNEW: Start to add changes since 3.6.0pre1. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 4dc58230b1a411a207cb84251e8ffe6d14c9742e Author: Volker Lendecke v...@samba.org Date: Sat Apr 9 18:15:12 2011 +0200 s3: Wrap creating the svcctl keys in a transaction This makes the startup of smbd in make test much quicker and thus more reliable (cherry picked from commit f1aa38b414e97d8687d0bebf65baa384f75301b4) Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Mon Apr 11 22:09:58 CEST 2011 on sn-devel-104 (cherry picked from commit d1ded271b6e8f8ff7f09c4830411e389d26b1b10) commit 59ed52d8ab9521466e9f25118336b9e9c42d2344 Author: Volker Lendecke v...@samba.org Date: Sat Apr 9 18:13:59 2011 +0200 s3: Make reg_backend_db.h includable by itself (cherry picked from commit 6ba31d3bd29dd11b1b98859f4d8a65d9be7dac60) (cherry picked from commit a5495e70cc5f7659ab94d8570195edf3bd41072b) --- Summary of changes: source3/registry/reg_backend_db.h |1 + source3/rpc_server/svcctl/srv_svcctl_reg.c | 28 2 files changed, 29 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/registry/reg_backend_db.h b/source3/registry/reg_backend_db.h index fbdcfb4..9d5ff90 100644 --- a/source3/registry/reg_backend_db.h +++ b/source3/registry/reg_backend_db.h @@ -21,6 +21,7 @@ #ifndef _REG_BACKEND_DB_H #define _REG_BACKEND_DB_H +#include registry.h WERROR init_registry_key(const char *add_path); WERROR init_registry_data(void); diff --git a/source3/rpc_server/svcctl/srv_svcctl_reg.c b/source3/rpc_server/svcctl/srv_svcctl_reg.c index d262ff8..eb0c2bd 100644 --- a/source3/rpc_server/svcctl/srv_svcctl_reg.c +++ b/source3/rpc_server/svcctl/srv_svcctl_reg.c @@ -30,6 +30,7 @@ #include rpc_client/cli_winreg.h #include rpc_server/svcctl/srv_svcctl_reg.h #include auth.h +#include registry/reg_backend_db.h #undef DBGC_CLASS #define DBGC_CLASS DBGC_REGISTRY @@ -575,6 +576,19 @@ bool svcctl_init_winreg(struct messaging_context *msg_ctx) goto done; } + result = regdb_open(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_open failed: %s\n, + win_errstr(result))); + goto done; + } + result = regdb_transaction_start(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_transaction_start failed: %s\n, + win_errstr(result))); + goto done; + } + status = dcerpc_winreg_int_hklm_openkey(tmp_ctx, get_session_info_system(), msg_ctx, @@ -674,6 +688,20 @@ done: dcerpc_winreg_CloseKey(h, tmp_ctx, key_hnd, result); } + if (ok) { + result = regdb_transaction_commit(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_transaction_commit failed: %s\n, + win_errstr(result))); + } + } else { + result = regdb_transaction_cancel(); + if (!W_ERROR_IS_OK(result)) { + DEBUG(10, (regdb_transaction_cancel failed: %s\n, + win_errstr(result))); + } + } + regdb_close(); return ok; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e3c3b4d s3-printing: Use become_user_by_session() function. via b137156 s3-smbd: Added a become_user_by_session() function. via 27cb378 s3-smbd: Added a change_to_user_by_session() function. from d1ded27 s3: Wrap creating the svcctl keys in a transaction http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e3c3b4daa425fede17203b474fa35493afbda2a9 Author: Andreas Schneider a...@samba.org Date: Fri Apr 1 11:55:27 2011 +0200 s3-printing: Use become_user_by_session() function. We create a fake connection here and don't have an vuid. So work with the session_info directly here. Signed-off-by: Jeremy Allison j...@samba.org Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Mon Apr 11 22:56:12 CEST 2011 on sn-devel-104 commit b137156acbf7c39c86f30610065b441a3209 Author: Andreas Schneider a...@samba.org Date: Fri Apr 1 11:54:49 2011 +0200 s3-smbd: Added a become_user_by_session() function. This uses the provided session_info instead of searching the user via the vuid. This is useful to work with fake connnection you need to create if someone connects directly to a rpc service. Signed-off-by: Jeremy Allison j...@samba.org commit 27cb378283f2cf072151f1c624837741f40c298a Author: Andreas Schneider a...@samba.org Date: Tue Apr 5 13:54:31 2011 +0200 s3-smbd: Added a change_to_user_by_session() function. Signed-off-by: Jeremy Allison j...@samba.org --- Summary of changes: source3/printing/nt_printing.c |6 +- source3/smbd/proto.h |4 + source3/smbd/uid.c | 187 3 files changed, 120 insertions(+), 77 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 46cfdb3..a7539f6 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -636,7 +636,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, goto error_free_conn; } - if (!become_user(conn, get_current_vuid(conn))) { + if (!become_user_by_session(conn, p-session_info)) { DEBUG(0, (failed to become user\n)); *perr = WERR_ACCESS_DENIED; goto error_free_conn; @@ -1019,7 +1019,7 @@ WERROR move_driver_to_download_area(struct pipes_struct *p, goto err_free_conn; } - if (!become_user(conn, get_current_vuid(conn))) { + if (!become_user_by_session(conn, p-session_info)) { DEBUG(0, (failed to become user\n)); err = WERR_ACCESS_DENIED; goto err_free_conn; @@ -1948,7 +1948,7 @@ bool delete_driver_files(const struct auth_serversupplied_info *session_info, goto err_free_conn; } - if (!become_user(conn, get_current_vuid(conn))) { + if (!become_user_by_session(conn, session_info)) { DEBUG(0, (failed to become user\n)); ret = false; goto err_free_conn; diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index f4b2e5e..a0c94b4 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -1050,12 +1050,16 @@ void reply_transs2(struct smb_request *req); bool change_to_guest(void); void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid); bool change_to_user(connection_struct *conn, uint16 vuid); +bool change_to_user_by_session(connection_struct *conn, + const struct auth_serversupplied_info *session_info); bool change_to_root_user(void); bool become_authenticated_pipe_user(struct pipes_struct *p); bool unbecome_authenticated_pipe_user(void); void become_root(void); void unbecome_root(void); bool become_user(connection_struct *conn, uint16 vuid); +bool become_user_by_session(connection_struct *conn, + const struct auth_serversupplied_info *session_info); bool unbecome_user(void); uid_t get_current_uid(connection_struct *conn); gid_t get_current_gid(connection_struct *conn); diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 7938cc4..b554b36 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -231,104 +231,54 @@ void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid) stack, but modify the current_user entries. / -bool change_to_user(connection_struct *conn, uint16 vuid) +static bool change_to_user_internal(connection_struct *conn, + const struct auth_serversupplied_info *session_info, + uint16_t vuid) { - const struct auth_serversupplied_info *session_info =
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 9ac8a58 s3-printing: Use become_user_by_session() function. via 7188520 s3-smbd: Added a become_user_by_session() function. via fe0882c s3-smbd: Added a change_to_user_by_session() function. from 4dc5823 s3: Wrap creating the svcctl keys in a transaction http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 9ac8a582e51ff6949bebeec49f9f6c2627d48fc7 Author: Andreas Schneider a...@samba.org Date: Fri Apr 1 11:55:27 2011 +0200 s3-printing: Use become_user_by_session() function. We create a fake connection here and don't have an vuid. So work with the session_info directly here. Signed-off-by: Jeremy Allison j...@samba.org Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Mon Apr 11 22:56:12 CEST 2011 on sn-devel-104 (cherry picked from commit e3c3b4daa425fede17203b474fa35493afbda2a9) commit 71885207ea6453f75d383a0265c73195df048dbf Author: Andreas Schneider a...@samba.org Date: Fri Apr 1 11:54:49 2011 +0200 s3-smbd: Added a become_user_by_session() function. This uses the provided session_info instead of searching the user via the vuid. This is useful to work with fake connnection you need to create if someone connects directly to a rpc service. Signed-off-by: Jeremy Allison j...@samba.org (cherry picked from commit b137156acbf7c39c86f30610065b441a3209) commit fe0882c896030dad91d8fda85a4ed031c68ae1ed Author: Andreas Schneider a...@samba.org Date: Tue Apr 5 13:54:31 2011 +0200 s3-smbd: Added a change_to_user_by_session() function. Signed-off-by: Jeremy Allison j...@samba.org (cherry picked from commit 27cb378283f2cf072151f1c624837741f40c298a) --- Summary of changes: source3/printing/nt_printing.c |6 +- source3/smbd/proto.h |4 + source3/smbd/uid.c | 187 3 files changed, 120 insertions(+), 77 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 46cfdb3..a7539f6 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -636,7 +636,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, goto error_free_conn; } - if (!become_user(conn, get_current_vuid(conn))) { + if (!become_user_by_session(conn, p-session_info)) { DEBUG(0, (failed to become user\n)); *perr = WERR_ACCESS_DENIED; goto error_free_conn; @@ -1019,7 +1019,7 @@ WERROR move_driver_to_download_area(struct pipes_struct *p, goto err_free_conn; } - if (!become_user(conn, get_current_vuid(conn))) { + if (!become_user_by_session(conn, p-session_info)) { DEBUG(0, (failed to become user\n)); err = WERR_ACCESS_DENIED; goto err_free_conn; @@ -1948,7 +1948,7 @@ bool delete_driver_files(const struct auth_serversupplied_info *session_info, goto err_free_conn; } - if (!become_user(conn, get_current_vuid(conn))) { + if (!become_user_by_session(conn, session_info)) { DEBUG(0, (failed to become user\n)); ret = false; goto err_free_conn; diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index d688236..2f9d359 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -1051,12 +1051,16 @@ void reply_transs2(struct smb_request *req); bool change_to_guest(void); void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid); bool change_to_user(connection_struct *conn, uint16 vuid); +bool change_to_user_by_session(connection_struct *conn, + const struct auth_serversupplied_info *session_info); bool change_to_root_user(void); bool become_authenticated_pipe_user(struct pipes_struct *p); bool unbecome_authenticated_pipe_user(void); void become_root(void); void unbecome_root(void); bool become_user(connection_struct *conn, uint16 vuid); +bool become_user_by_session(connection_struct *conn, + const struct auth_serversupplied_info *session_info); bool unbecome_user(void); uid_t get_current_uid(connection_struct *conn); gid_t get_current_gid(connection_struct *conn); diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 7938cc4..b554b36 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -231,104 +231,54 @@ void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid) stack, but modify the current_user entries. / -bool change_to_user(connection_struct *conn, uint16 vuid) +static bool
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bb15aa5 s3/selftest Tear down the environment if we fail to connect from e3c3b4d s3-printing: Use become_user_by_session() function. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bb15aa58bc862fbd33b67d5570f68e4232db1a88 Author: Andrew Bartlett abart...@samba.org Date: Tue Apr 12 09:05:34 2011 +1000 s3/selftest Tear down the environment if we fail to connect This removes the exit(1) that previously didn't tear down the environment correctly, and instead just fails to set it up, allowing the rest of the script handle that with more grace. Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Tue Apr 12 01:53:37 CEST 2011 on sn-devel-104 --- Summary of changes: selftest/target/Samba3.pm | 48 +--- 1 files changed, 36 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 9a3be7d..d2082f5 100644 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -106,12 +106,16 @@ sub setup_env($$$) return $self-setup_ktest($path/ktest); } elsif ($envname eq secserver) { if (not defined($self-{vars}-{dc})) { - $self-setup_dc($path/dc); + if (not defined($self-setup_dc($path/dc))) { + return undef; + } } return $self-setup_secserver($path/secserver, $self-{vars}-{dc}); } elsif ($envname eq member) { if (not defined($self-{vars}-{dc})) { - $self-setup_dc($path/dc); + if (not defined($self-setup_dc($path/dc))) { + return undef; + } } return $self-setup_member($path/member, $self-{vars}-{dc}); } else { @@ -137,11 +141,15 @@ sub setup_dc($$) localdc2pass, $dc_options); + $vars or return undef; + $self-check_or_start($vars, ($ENV{SMBD_MAXTIME} or 2700), yes, yes, yes); - $self-wait_for_start($vars); + if (not $self-wait_for_start($vars)) { + return undef; + } $vars-{DC_SERVER} = $vars-{SERVER}; $vars-{DC_SERVER_IP} = $vars-{SERVER_IP}; @@ -170,7 +178,7 @@ sub setup_member($$$) localmember3pass, $member_options); - $ret or die(Unable to provision); + $ret or return undef; my $net = $self-binpath(net); my $cmd = ; @@ -184,7 +192,9 @@ sub setup_member($$$) ($ENV{SMBD_MAXTIME} or 2700), yes, yes, yes); - $self-wait_for_start($ret); + if (not $self-wait_for_start($ret)) { + return undef; + } $ret-{DC_SERVER} = $dcvars-{SERVER}; $ret-{DC_SERVER_IP} = $dcvars-{SERVER_IP}; @@ -212,11 +222,15 @@ sub setup_secshare($$) local4pass, $secshare_options); + $vars or return undef; + $self-check_or_start($vars, ($ENV{SMBD_MAXTIME} or 2700), yes, no, yes); - $self-wait_for_start($vars); + if (not $self-wait_for_start($vars)) { + return undef; + } $self-{vars}-{secshare} = $vars; @@ -240,13 +254,15 @@ sub setup_secserver($$$) localserver5pass, $secserver_options); - $ret or die(Unable to provision); + $ret or return undef; $self-check_or_start($ret, ($ENV{SMBD_MAXTIME} or 2700), yes, no, yes); - $self-wait_for_start($ret); + if (not $self-wait_for_start($ret)) { + return undef; + } $ret-{DC_SERVER} = $dcvars-{SERVER}; $ret-{DC_SERVER_IP} = $dcvars-{SERVER_IP}; @@ -276,7 +292,7 @@ sub setup_ktest($$$) localktest6pass, $ktest_options); - $ret or die(Unable to provision); + $ret or return undef; open(USERMAP, $prefix/lib/username.map) or die(Unable to open $prefix/lib/username.map); print USERMAP @@ -326,7 +342,9 @@ $ret-{USERNAME} = KTEST\\Administrator ($ENV{SMBD_MAXTIME} or 2700), yes, no, yes); - $self-wait_for_start($ret); +