[Samba] samba always expanding nested groups
Volker was working with someone back in Feb on this issue and sent a patch to him but was wondering if that worked and if there was an official fix in the works. What is happening is even after setting winbind expand groups = 0 the 13 groups currently assigned to my user are expanding into 220 groups. This also breaks smbd by causing a panic and throwing the sys_set_groups error. Running on AIX 6.1 TL 6 SP 5. I have tried this on 3.5.8 and 3.6.0. Also AIX has made maximum number of groups per user a system parameter tunable between 128 and 2048 in AIX 7.1. If samba could find a way to accommodate this new parameter it would be great. Thanks, Josh Josh Peacock UNIX Administrator --- Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged and confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Win 7 Pro
On 2011-10-03 9:26, Marcel de Reuver wrote: 2011/10/2 sa...@printflow.eu mailto:sa...@printflow.eu On 2011-09-30 15:01, sa...@printflow.eu mailto:sa...@printflow.eu wrote: Hello, I use Samba 3.5.11 from debian. I'm trying to add new Win7Pro to domain, but I still get error: The specified domain either does not exist or could not be contacted. I tried http://wiki.samba.org/index.php/Windows7. Can you help me? Anything to test ? Windows7 needs two tweaks to work with Samba 3: Regedit: HKLM\System\CCS\Services\LanmanWorkstation\Parameters Add: DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Control Panel - Administrative Tools - Local Security Policy: Security Settings Local Policies Security Options Network security: LAN Manager authentication level Send LM NTLM - use NTLMv2 session security if negotiated Google on Windows7 and Samba for the details Both done, (as I wrote I tried http://wiki.samba.org/index.php/Windows7, where registry changing is mentioned, I also found LM NTLM settings on web as well as disable 'require 128 bit encryption'. After all this I wrote this email. Is there anything else I may try ? BR, Marcel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Win 7 Pro
Is there anything else I may try ? Make sure you have your WINS settings in your windows 7 client so that the client can find the PDC. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Fwd: Win 7 Pro
Perhaps the global section of your smb.conf has some clues. Are you able to share it with us? Is there anything pertinent in the logs of your PDC? Dale On 10/03/2011 12:32 PM, sa...@printflow.eu wrote: On 2011-10-03 9:26, Marcel de Reuver wrote: 2011/10/2 sa...@printflow.eu mailto:sa...@printflow.eu On 2011-09-30 15:01, sa...@printflow.eu mailto:sa...@printflow.eu wrote: Hello, I use Samba 3.5.11 from debian. I'm trying to add new Win7Pro to domain, but I still get error: The specified domain either does not exist or could not be contacted. I tried http://wiki.samba.org/index.php/Windows7. Can you help me? Anything to test ? Windows7 needs two tweaks to work with Samba 3: Regedit: HKLM\System\CCS\Services\LanmanWorkstation\Parameters Add: DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Control Panel - Administrative Tools - Local Security Policy: Security Settings Local Policies Security Options Network security: LAN Manager authentication level Send LM NTLM - use NTLMv2 session security if negotiated Google on Windows7 and Samba for the details Both done, (as I wrote I tried http://wiki.samba.org/index.php/Windows7, where registry changing is mentioned, I also found LM NTLM settings on web as well as disable 'require 128 bit encryption'. After all this I wrote this email. Is there anything else I may try ? BR, Marcel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Win 7 Pro
On Mon, Oct 3, 2011 at 1:46 PM, sa...@printflow.eu wrote: On 2011-10-03 19:40, John Drescher wrote: Is there anything else I may try ? Make sure you have your WINS settings in your windows 7 client so that the client can find the PDC. Any hint in this ? In ipconfig I see only WINS proxy disabled. I usually set the PDC as a WINS server and add that to the windows client. Or make sure your DNS servers have the PDC records so the windows client can find the PDC. http://www.linuxquestions.org/questions/linux-networking-3/does-samba-pdc-need-dns-544436/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: Win 7 Pro
On 2011-10-03 19:45, Dale Schroeder wrote: Perhaps the global section of your smb.conf has some clues. Are you able to share it with us? Is there anything pertinent in the logs of your PDC? What log level and what file you are interested in ? Here we are with config: [global] client lanman auth = yes client ntlmv2 auth = yes lanman auth = yes ntlm auth = yes msdfs root = yes ## Browsing/Identification ### workgroup = printflow netbios name = pfserver server string = PFServer wins support = yes wins server = 192.168.10.1 dns proxy = no ; name resolve order = lmhosts host wins bcast Networking Debugging/Accounting log file = /var/log/samba/log.%m log level = 1 max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d ### Authentication ### encrypt passwords = true ... some LDAP config ... enable privileges =yes obey pam restrictions = yes ldap password sync = yes unix password sync = yes ## Domains ### domain logons = yes logon path = \\%L\profiles\%U logon drive = H: logon home = \\%N\%U logon script = netlogon.cmd ## Printing ## load printers = yes printing = cups printcap name = cups Misc socket options = TCP_NODELAY domain master = yes #=== Share Definitions === ... Dale On 2011-09-30 15:01, sa...@printflow.eu mailto:sa...@printflow.eu wrote: Hello, I use Samba 3.5.11 from debian. I'm trying to add new Win7Pro to domain, but I still get error: The specified domain either does not exist or could not be contacted. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Fwd: Re: Fwd: Win 7 Pro
On 2011-10-03 19:51, John Drescher wrote: On Mon, Oct 3, 2011 at 1:46 PM,sa...@printflow.euwrote: On 2011-10-03 19:40, John Drescher wrote: Is there anything else I may try ? Make sure you have your WINS settings in your windows 7 client so that the client can find the PDC. Any hint in this ? In ipconfig I see only WINS proxy disabled. I usually set the PDC as a WINS server and add that to the windows client. Or make sure your DNS servers have the PDC records so the windows client can find the PDC. Is there any command to verify this ? e.g. nslookup for dns. I have DNS not updated with WINS, DNS is running on other machine. I can nslookup for server name but not domain. I think this is logical.. If I would like to WINS where to go ? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd: PANIC (pid xxxxx): internal error -- ? causes?
On Sun, Oct 02, 2011 at 04:33:12PM -0700, Linda Walsh wrote: I have a bunch of these in my log... Was wondering if anyone had seen them before and what the cause might be? Thanks... Oct 1 03:25:15 Ishtar smbd[23925]: [2011/10/01 03:25:15, 0] lib/util.c:1468(smb_panic) Oct 1 03:25:15 Ishtar smbd[23925]: PANIC (pid 23925): internal error Oct 1 03:25:15 Ishtar smbd[23925]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:25:15 Ishtar smbd[23926]: [2011/10/01 03:25:15, 0] lib/util.c:1468(smb_panic) Oct 1 03:25:15 Ishtar smbd[23926]: PANIC (pid 23926): internal error Oct 1 03:25:15 Ishtar smbd[23926]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:29:49 Ishtar smbd[23927]: [2011/10/01 03:29:49, 0] lib/util.c:1468(smb_panic) Oct 1 03:29:49 Ishtar smbd[23927]: PANIC (pid 23927): internal error Oct 1 03:29:49 Ishtar smbd[23927]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:29:49 Ishtar smbd[24021]: [2011/10/01 03:29:49, 0] lib/util.c:1468(smb_panic) Oct 1 03:29:49 Ishtar smbd[24021]: PANIC (pid 24021): internal error Oct 1 03:29:49 Ishtar smbd[24021]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:31:14 Ishtar smbd[24022]: [2011/10/01 03:31:14, 0] lib/util.c:1468(smb_panic) Oct 1 03:31:14 Ishtar smbd[24022]: PANIC (pid 24022): internal error Oct 1 03:31:14 Ishtar smbd[24022]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:31:14 Ishtar smbd[24164]: [2011/10/01 03:31:14, 0] lib/util.c:1468(smb_panic) Oct 1 03:31:14 Ishtar smbd[24164]: PANIC (pid 24164): internal error Oct 1 03:31:14 Ishtar smbd[24164]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:31:17 Ishtar smbd[24165]: [2011/10/01 03:31:17, 0] lib/util.c:1468(smb_panic) Oct 1 03:31:17 Ishtar smbd[24165]: PANIC (pid 24165): internal error Oct 1 03:31:17 Ishtar smbd[24165]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Add the line: panic action = /bin/sleep 999 to the [global] section of your smb.conf. Restart Samba. When it panics again you'll be left with a sleep process whose parent is the crashed smbd. Attach to this with gdb and get (and post) a backtrace. That'll help us track this down and fix it (if it isn't already fixed). Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 and sysvol share
Alright, here is update Felix. From a default install, at least on the server I set up, sysvol is Authenticated Users(read/execute), Domain Admins(all), System(all). It and all children. As you dive deeper into folder structure there are some more added like Enterprise Admins and so forth(will full privileges). I believe Owner is also one as you get further down and it has no privileges set. Chris Today I downloaded samba4 alpha 17 tar again. I made a new virtual machine and I installed ntp 4.2.6, Bind9 9.8.0 and Samba4 alpha 17 on Debian Lenny. To see the content of sysvol from a Windows client I had to authenticate using a user of my new domain, but again when I checked the Security Tab in sysvol I saw that Everyone has special permissions, meaning Full Access. Does it have something to do with the filesystem support mentioned in the HowTo??? Thanks in advance. Felix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ADS authentication stopped working
Running Samba mostly on Redhat 5 with version 3.5.4-0.83 Also failed on Debian 3.5.6 and Solaris with a 3.5 version. Logging details here are from Redhat case. We have a similar problem on all Unix/Linux systems using ADS as the backend authentication for samba shares on Unix/Linux. It was working before today and we didn't change anything. Today, any time we try smbclient or a Windows drive map to connect, and the user is not in /etc/passwd, it fails. Yet if they are in /etc/passwd, it succeeds. net ads testjoin returns OK. If I take the user not in /etc/passwd and use either: wbinfo -a username%password or kinit usern...@ad.mydomain.ca it works. Winbind and samba services have been restarted. SSH login using AD auth works fine. We have reduced to minimal /etc/pam.d/samba: authrequired pam_env.so authsufficientpam_winbind.so use_first_pass debug authrequired pam_deny.so account required pam_permit.so Login attempt: $ smbclient -U username //www/test Enter username's password: session setup failed: NT_STATUS_LOGON_FAILURE Log level 10: [2011/10/03 15:22:03.546880, 6] param/loadparm.c:7133(lp_file_list_changed) lp_file_list_changed() file /etc/samba/smb.conf - /etc/samba/smb.conf last mod_time: Mon Oct 3 15:21:45 2011 [2011/10/03 15:22:03.546943, 5] auth/auth_util.c:211(make_user_info_map) Mapping user [MYDOMAIN]\[username] from workstation [LABRADOR] [2011/10/03 15:22:03.547328, 5] auth/auth_util.c:122(make_user_info) attempting to make a user_info for username (username) [2011/10/03 15:22:03.547351, 5] auth/auth_util.c:132(make_user_info) making strings for username's user_info struct [2011/10/03 15:22:03.547370, 5] auth/auth_util.c:164(make_user_info) making blobs for username's user_info struct [2011/10/03 15:22:03.547390, 10] auth/auth_util.c:182(make_user_info) made an encrypted user_info for username (username) [2011/10/03 15:22:03.547411, 3] auth/auth.c:216(check_ntlm_password) check_ntlm_password: Checking password for unmapped user [MYDOMAIN]\[username]@[LABRADOR] with the new password interface [2011/10/03 15:22:03.547434, 3] auth/auth.c:219(check_ntlm_password) check_ntlm_password: mapped user is: [MYDOMAIN]\[username]@[LABRADOR] [2011/10/03 15:22:03.547453, 10] auth/auth.c:228(check_ntlm_password) check_ntlm_password: auth_context challenge created by NTLMSSP callback (NTLM2) [2011/10/03 15:22:03.547473, 10] auth/auth.c:230(check_ntlm_password) challenge is: [2011/10/03 15:22:03.547488, 5] ../lib/util/util.c:278(_dump_data) [] 89 E2 DB 1A E5 3D A7 6C.=.l [2011/10/03 15:22:03.547529, 10] auth/auth.c:256(check_ntlm_password) check_ntlm_password: guest had nothing to say [2011/10/03 15:22:03.547560, 8] lib/util.c:1869(is_myname) is_myname(MYDOMAIN) returns 0 [2011/10/03 15:22:03.547580, 6] auth/auth_sam.c:556(check_samstrict_security) check_samstrict_security: MYDOMAIN is not one of my local names (ROLE_DOMAIN_MEMBER) [2011/10/03 15:22:03.547603, 10] auth/auth.c:256(check_ntlm_password) check_ntlm_password: sam had nothing to say [2011/10/03 15:22:03.547624, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2011/10/03 15:22:03.547646, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2011/10/03 15:22:03.547665, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2011/10/03 15:22:03.547685, 5] auth/token_util.c:525(debug_nt_user_token) NT user token: (NULL) [2011/10/03 15:22:03.547702, 5] auth/token_util.c:551(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2011/10/03 15:22:03.551090, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/10/03 15:22:03.551129, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user MYDOMAIN\username [2011/10/03 15:22:03.551148, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is acadia\username [2011/10/03 15:22:03.551276, 5] lib/username.c:85(Get_Pwnam_internals) Trying _Get_Pwnam(), username as given is MYDOMAIN\username [2011/10/03 15:22:03.551388, 5] lib/username.c:95(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is MYDOMAIN\MPOWER [2011/10/03 15:22:03.551491, 5] lib/username.c:104(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in acadia\username [2011/10/03 15:22:03.551526, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [MYDOMAIN\username]! [2011/10/03 15:22:03.551546, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user username [2011/10/03 15:22:03.551564, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is username [2011/10/03 15:22:03.551666, 5] lib/username.c:95(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is MPOWER [2011/10/03 15:22:03.551779,
Re: [Samba] ADS authentication stopped working
On Mon, Oct 3, 2011 at 4:27 PM, francis picabia fpica...@gmail.com wrote: Running Samba mostly on Redhat 5 with version 3.5.4-0.83 Also failed on Debian 3.5.6 and Solaris with a 3.5 version. Logging details here are from Redhat case. We have a similar problem on all Unix/Linux systems using ADS as the backend authentication for samba shares on Unix/Linux. It was working before today and we didn't change anything. Today, any time we try smbclient or a Windows drive map to connect, and the user is not in /etc/passwd, it fails. Yet if they are in /etc/passwd, it succeeds. net ads testjoin returns OK. If I take the user not in /etc/passwd and use either: wbinfo -a username%password or kinit usern...@ad.mydomain.ca it works. Winbind and samba services have been restarted. SSH login using AD auth works fine. We have reduced to minimal /etc/pam.d/samba: auth required pam_env.so auth sufficient pam_winbind.so use_first_pass debug auth required pam_deny.so account required pam_permit.so Login attempt: $ smbclient -U username //www/test Enter username's password: session setup failed: NT_STATUS_LOGON_FAILURE Log level 10: [2011/10/03 15:22:03.546880, 6] param/loadparm.c:7133(lp_file_list_changed) lp_file_list_changed() file /etc/samba/smb.conf - /etc/samba/smb.conf last mod_time: Mon Oct 3 15:21:45 2011 [2011/10/03 15:22:03.546943, 5] auth/auth_util.c:211(make_user_info_map) Mapping user [MYDOMAIN]\[username] from workstation [LABRADOR] [2011/10/03 15:22:03.547328, 5] auth/auth_util.c:122(make_user_info) attempting to make a user_info for username (username) [2011/10/03 15:22:03.547351, 5] auth/auth_util.c:132(make_user_info) making strings for username's user_info struct [2011/10/03 15:22:03.547370, 5] auth/auth_util.c:164(make_user_info) making blobs for username's user_info struct [2011/10/03 15:22:03.547390, 10] auth/auth_util.c:182(make_user_info) made an encrypted user_info for username (username) [2011/10/03 15:22:03.547411, 3] auth/auth.c:216(check_ntlm_password) check_ntlm_password: Checking password for unmapped user [MYDOMAIN]\[username]@[LABRADOR] with the new password interface [2011/10/03 15:22:03.547434, 3] auth/auth.c:219(check_ntlm_password) check_ntlm_password: mapped user is: [MYDOMAIN]\[username]@[LABRADOR] [2011/10/03 15:22:03.547453, 10] auth/auth.c:228(check_ntlm_password) check_ntlm_password: auth_context challenge created by NTLMSSP callback (NTLM2) [2011/10/03 15:22:03.547473, 10] auth/auth.c:230(check_ntlm_password) challenge is: [2011/10/03 15:22:03.547488, 5] ../lib/util/util.c:278(_dump_data) [] 89 E2 DB 1A E5 3D A7 6C .=.l [2011/10/03 15:22:03.547529, 10] auth/auth.c:256(check_ntlm_password) check_ntlm_password: guest had nothing to say [2011/10/03 15:22:03.547560, 8] lib/util.c:1869(is_myname) is_myname(MYDOMAIN) returns 0 [2011/10/03 15:22:03.547580, 6] auth/auth_sam.c:556(check_samstrict_security) check_samstrict_security: MYDOMAIN is not one of my local names (ROLE_DOMAIN_MEMBER) [2011/10/03 15:22:03.547603, 10] auth/auth.c:256(check_ntlm_password) check_ntlm_password: sam had nothing to say [2011/10/03 15:22:03.547624, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2011/10/03 15:22:03.547646, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2011/10/03 15:22:03.547665, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2011/10/03 15:22:03.547685, 5] auth/token_util.c:525(debug_nt_user_token) NT user token: (NULL) [2011/10/03 15:22:03.547702, 5] auth/token_util.c:551(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2011/10/03 15:22:03.551090, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/10/03 15:22:03.551129, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user MYDOMAIN\username [2011/10/03 15:22:03.551148, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is acadia\username [2011/10/03 15:22:03.551276, 5] lib/username.c:85(Get_Pwnam_internals) Trying _Get_Pwnam(), username as given is MYDOMAIN\username [2011/10/03 15:22:03.551388, 5] lib/username.c:95(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is MYDOMAIN\MPOWER [2011/10/03 15:22:03.551491, 5] lib/username.c:104(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in acadia\username [2011/10/03 15:22:03.551526, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [MYDOMAIN\username]! [2011/10/03 15:22:03.551546, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user username [2011/10/03 15:22:03.551564, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is username [2011/10/03
Re: [Samba] Fwd: Win 7 Pro
On Mon, 2011-10-03 at 13:51 -0400, John Drescher wrote: On Mon, Oct 3, 2011 at 1:46 PM, sa...@printflow.eu wrote: On 2011-10-03 19:40, John Drescher wrote: Is there anything else I may try ? Make sure you have your WINS settings in your windows 7 client so that the client can find the PDC. Any hint in this ? In ipconfig I see only WINS proxy disabled. I usually set the PDC as a WINS server and add that to the windows client. Or make sure your DNS servers have the PDC records so the windows client can find the PDC. http://www.linuxquestions.org/questions/linux-networking-3/does-samba-pdc-need-dns-544436/ I'm sorry, but almost every suggestion in that forum post is wrong. If you are joining Windows 7 to Samba (3.x) domain controllers, follow our official instructions: http://wiki.samba.org/index.php/Windows7 Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Want ADS, don't want to use winbind in /etc/nsswitch.conf
I'll ask a new question. I use ADS with winbind for authentication of samba shares on Linux. If I want to have users in smb.conf which are not in /etc/passwd, can I do this without the entry of: passwd winbind in /etc/nsswitch.conf ? I'd rather not have this in nsswitch.conf as it messes up the way the passwd command works for Linux users. Is there another way other than removing the winbind reference in nsswitch.conf each time I want to assign a local password? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] strict locking and kernel oplocks in the smb.conf
Does disabling strict locking cause a problem if one user is writing to the file from the local host and another user is writing to NFS via the samba share at the same time? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Jeremy Allison Sent: Saturday, October 01, 2011 6:57 PM To: Volker Lendecke Cc: 'samba@lists.samba.org'; Jeremy Allison Subject: Re: [Samba] strict locking and kernel oplocks in the smb.conf On Sat, Oct 01, 2011 at 08:29:03AM +0200, Volker Lendecke wrote: On Fri, Sep 30, 2011 at 04:44:17PM -0700, Jeremy Allison wrote: On Fri, Sep 30, 2011 at 04:39:18PM -0700, Philip Ong wrote: No other process is accessing it. So any idea why it would work fine without strict locking = no in previous kernels below 2.6.36.3? When strict locking = yes we make fcntl() locking query calls to make sure we're safe against existing POSIX locks. The NFS locking code is probably just broken. I think you're talking about posix locking = yes/no. Well yeah, but strict locking will map onto posix locks underneath if posix locking = yes, which it is by default. So I still think it's the underlying POSIX locking on NFS that's probably broken and causing this :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba --- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] strict locking and kernel oplocks in the smb.conf
On Mon, Oct 03, 2011 at 04:38:32PM -0700, Philip Ong wrote: Does disabling strict locking cause a problem if one user is writing to the file from the local host and another user is writing to NFS via the samba share at the same time? That will mess up any coherence in the file, over NFS or CIFS unless the applications are written to respect each others locks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Want ADS, don't want to use winbind in /etc/nsswitch.conf
On Mon, Oct 3, 2011 at 8:34 PM, francis picabia fpica...@gmail.com wrote: I'll ask a new question. I use ADS with winbind for authentication of samba shares on Linux. If I want to have users in smb.conf which are not in /etc/passwd, can I do this without the entry of: passwd winbind in /etc/nsswitch.conf ? I'd rather not have this in nsswitch.conf as it messes up the way the passwd command works for Linux users. Is there another way other than removing the winbind reference in nsswitch.conf each time I want to assign a local password? OK, found the solution. Removed smb/winbind references from /etc/pam.d/passwd -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd: PANIC (pid xxxxx): internal error -- ? causes?
Jeremy Allison wrote: On Sun, Oct 02, 2011 at 04:33:12PM -0700, Linda Walsh wrote: I have a bunch of these in my log... Was wondering if anyone had seen them before and what the cause might be? Thanks... Oct 1 03:31:14 Ishtar smbd[24022]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:31:14 Ishtar smbd[24164]: [2011/10/01 03:31:14, 0] lib/util.c:1468(smb_panic) Oct 1 03:31:14 Ishtar smbd[24164]: PANIC (pid 24164): internal error Oct 1 03:31:14 Ishtar smbd[24164]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:31:17 Ishtar smbd[24165]: [2011/10/01 03:31:17, 0] lib/util.c:1468(smb_panic) Oct 1 03:31:17 Ishtar smbd[24165]: PANIC (pid 24165): internal error Oct 1 03:31:17 Ishtar smbd[24165]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Add the line: panic action = /bin/sleep 999 -- Is it possible to do something like a kill -SIGABRT $$ or $PPID and have it gen a core? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba, Win 2K3, domain trust and NT_STATUS_NO_LOGON_SERVERS
I've configured a domain trust between Samba 3.5.6 and Windows 2003 Server Enterprise Edition SP2. It's a one way trust, Windows is the trusted and Samba the trusting. I want to give access to my resources in the Samba domain to the users in the Windows domain. The configuration of the trust was fine (I think). The validation on the window server says that it' s ok and the Windows domain appears in net rpc trustdom list. My problem is that in the domain members (Samba file server, Squid+NTLM_auth and a NetApp storage) of the Samba domain I can't login with users from the Windows domain. I configured a simple file server to debug the problem and when I try to list the shares I get: # smbclient -L //DOMAINMEMBER -U DOMAINW2K\\pepetest%XX session setup failed: NT_STATUS_NO_LOGON_SERVERS There isn't communication problems between the PDCs and the domain member. If I list the domain with wbinfo -m, I see both domains. With debug enabled, I don't see anything special: NTLM CRAP authentication for user [DOMAINW2K]\[pepetest] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 9) smb.conf of the file server: [global] workgroup = DOMAINSAMBA security = DOMAIN printcap name = cups disable spoolss = Yes show add printer wizard = No idmap uid = 15000-2 idmap gid = 15000-2 winbind use default domain = Yes wins server = 10.10.48.67 #this is the Samba PDC log level = 5 [public] comment = Data path = /home/public read only = No nmblookup -R -U 10.10.48.67 WINDOWSPDC #returns the address of the Windows PDC Regards, Diego -- Diego Woitasen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba 4 quicktest error with alpha 17
I am new to samba and linux, I have try to install samba on fedora 14 based on ( http://wiki.samba.org/index.php/Samba4/HOWTO) It gives following errors with *make quicktest *command, How could I resolve these errors? = Failed tests = == samba4.smb.signing disabled on with -k no --signing=off domain-creds(s3member) == command: /tmp/samba-master/samba-4.0. 0alpha17/bin/smbtorture --configfile=$SMB_CONF_PATH --maximum-runtime=$SELFTEST_MAXTIME --target=samba4 --basedir=$SELFTEST_TMPDIR --option=torture:progress=no --format=subunit --option=torture:quick=yes $LISTOPT //$NETBIOSNAME/tmp -k no --signing=off -U$DC_USERNAME%$DC_PASSWORD base.xcopy $LOADLIST 21 | /tmp/samba-master/samba-4.0.0alpha17/selftest/filter-subunit $LISTOPT --fail-on-empty --prefix=samba4.smb.signing disabled on with -k no --signing=off domain-creds. expanded command: /tmp/samba-master/samba-4.0.0alpha17/bin/smbtorture --configfile=/tmp/samba-master/samba-4.0.0alpha17/st/client/client.conf --maximum-runtime=1200 --target=samba4 --basedir=/tmp/samba-master/samba-4.0.0alpha17/st/tmp --option=torture:progress=no --format=subunit --option=torture:quick=yes $LISTOPT //LOCALADMEMBER29/tmp -k no --signing=off -UAdministrator%locDCpass1 base.xcopy $LOADLIST 21 | /tmp/samba-master/samba-4.0.0alpha17/selftest/filter-subunit $LISTOPT --fail-on-empty --prefix=samba4.smb.signing disabled on with -k no --signing=off domain-creds. ERROR: Testsuite[samba4.smb.signing disabled on with -k no --signing=off domain-creds(s3member)] REASON: Exit code was 1 == samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off domain-creds(s3member) == envlog: NMBD LOG of: LOCALADMEMBER29 * Samba name server LOCALADMEMBER29 is now a local master browser for workgroup SAMBADOMAIN on subnet 127.0.0.29 * command: /tmp/samba-master/samba-4.0.0alpha17/bin/smbtorture --configfile=$SMB_CONF_PATH --maximum-runtime=$SELFTEST_MAXTIME --target=samba4 --basedir=$SELFTEST_TMPDIR --option=torture:progress=no --format=subunit --option=torture:quick=yes $LISTOPT //$NETBIOSNAME/tmp -k no --option=usespnego=no --signing=off -U$DC_USERNAME%$DC_PASSWORD base.xcopy $LOADLIST 21 | /tmp/samba-master/samba-4.0.0alpha17/selftest/filter-subunit $LISTOPT --fail-on-empty --prefix=samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off domain-creds. expanded command: /tmp/samba-master/samba-4.0.0alpha17/bin/smbtorture --configfile=/tmp/samba-master/samba-4.0.0alpha17/st/client/client.conf --maximum-runtime=1200 --target=samba4 --basedir=/tmp/samba-master/samba-4.0.0alpha17/st/tmp --option=torture:progress=no --format=subunit --option=torture:quick=yes $LISTOPT //LOCALADMEMBER29/tmp -k no --option=usespnego=no --signing=off -UAdministrator%locDCpass1 base.xcopy $LOADLIST 21 | /tmp/samba-master/samba-4.0.0alpha17/selftest/filter-subunit $LISTOPT --fail-on-empty --prefix=samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off domain-creds. ERROR: Testsuite[samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off domain-creds(s3member)] REASON: Exit code was 1 == samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off(plugin_s4_dc) == command: /tmp/samba-master/samba-4.0.0alpha17/bin/smbtorture --configfile=$SMB_CONF_PATH --maximum-runtime=$SELFTEST_MAXTIME --target=samba4 --basedir=$SELFTEST_TMPDIR --option=torture:progress=no --format=subunit --option=torture:quick=yes $LISTOPT //$NETBIOSNAME/tmp -k no --option=usespnego=no --signing=off -U$USERNAME%$PASSWORD base.xcopy $LOADLIST 21 | /tmp/samba-master/samba-4.0.0alpha17/selftest/filter-subunit $LISTOPT --fail-on-empty --prefix=samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off. expanded command: /tmp/samba-master/samba-4.0.0alpha17/bin/smbtorture --configfile=/tmp/samba-master/samba-4.0.0alpha17/st/client/client.conf --maximum-runtime=1200 --target=samba4 --basedir=/tmp/samba-master/samba-4.0.0alpha17/st/tmp --option=torture:progress=no --format=subunit --option=torture:quick=yes $LISTOPT //PLUGINDC/tmp -k no --option=usespnego=no --signing=off -UAdministrator%locDCpass1 base.xcopy $LOADLIST 21 | /tmp/samba-master/samba-4.0.0alpha17/selftest/filter-subunit $LISTOPT --fail-on-empty --prefix=samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off. ERROR: Testsuite[samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off(plugin_s4_dc)] REASON: Exit code was 1 == samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off administrator(plugin_s4_dc) == command: /tmp/samba-master/samba-4.0.0alpha17/bin/smbtorture --configfile=$SMB_CONF_PATH --maximum-runtime=$SELFTEST_MAXTIME --target=samba4 --basedir=$SELFTEST_TMPDIR --option=torture:progress=no --format=subunit --option=torture:quick=yes $LISTOPT //$NETBIOSNAME/tmp -k no --option=usespnego=no --signing=off -U$DC_USERNAME%$DC_PASSWORD base.xcopy $LOADLIST 21 |
Re: [Samba] smbd: PANIC (pid xxxxx): internal error -- ? causes?
On Mon, Oct 03, 2011 at 05:15:30PM -0700, Linda W wrote: Jeremy Allison wrote: On Sun, Oct 02, 2011 at 04:33:12PM -0700, Linda Walsh wrote: I have a bunch of these in my log... Was wondering if anyone had seen them before and what the cause might be? Thanks... Oct 1 03:31:14 Ishtar smbd[24022]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:31:14 Ishtar smbd[24164]: [2011/10/01 03:31:14, 0] lib/util.c:1468(smb_panic) Oct 1 03:31:14 Ishtar smbd[24164]: PANIC (pid 24164): internal error Oct 1 03:31:14 Ishtar smbd[24164]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Oct 1 03:31:17 Ishtar smbd[24165]: [2011/10/01 03:31:17, 0] lib/util.c:1468(smb_panic) Oct 1 03:31:17 Ishtar smbd[24165]: PANIC (pid 24165): internal error Oct 1 03:31:17 Ishtar smbd[24165]:#1 /usr/sbin/smbd(smb_panic+0x55) [0x7f7120093134] Add the line: panic action = /bin/sleep 999 -- Is it possible to do something like a kill -SIGABRT $$ or $PPID and have it gen a core? Well you don't want to kill -SIGABRT until it's already crashed, which you don't know until it's already failed. Adding the panic action is definitely the way to go, as the gdb bt on a live (albeit waiting) process captures the entire callstack showing where (and often why) you got the panic. As I'm probably going to be the one looking at the backtrace, this is the way I like to work :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] rndc: connect failed:
How could I solve following error when i configure samba 4 it gives rndc: connect failed: 127.0.0.1#953: connection refused rndc: connect failed: 127.0.0.1#953: connection refused -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2011-10-03-1249/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2011-10-03-1249/samba3.stderr http://git.samba.org/autobuild.flakey/2011-10-03-1249/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2011-10-03-1249/samba4.stderr http://git.samba.org/autobuild.flakey/2011-10-03-1249/samba4.stdout The top commit at the time of the failure was: commit 1dbcb61c79a0c06fdcfa36bb9304fb0fb66d7ff8 Author: Kai Blin k...@samba.org Date: Thu Sep 29 19:34:08 2011 -0700 dns: Move the dns_srv_record to the correct place in the idl file Autobuild-User: Kai Blin k...@samba.org Autobuild-Date: Sun Oct 2 13:35:49 CEST 2011 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d6c949b testtools: Import new upstream snapshot. from 1dbcb61 dns: Move the dns_srv_record to the correct place in the idl file http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d6c949b0748014587a05d2af1c2b4770d16d68a9 Author: Jelmer Vernooij jel...@samba.org Date: Mon Oct 3 12:20:19 2011 +0200 testtools: Import new upstream snapshot. Autobuild-User: Jelmer Vernooij jel...@samba.org Autobuild-Date: Mon Oct 3 13:54:06 CEST 2011 on sn-devel-104 --- Summary of changes: lib/testtools/NEWS | 32 - lib/testtools/doc/for-test-authors.rst | 12 ++- lib/testtools/scripts/all-pythons |9 +- lib/testtools/testtools/__init__.py|2 +- lib/testtools/testtools/compat.py | 95 +++- lib/testtools/testtools/matchers.py| 76 -- lib/testtools/testtools/testcase.py| 11 +- lib/testtools/testtools/tests/test_compat.py | 127 +++ lib/testtools/testtools/tests/test_matchers.py | 201 +++- lib/testtools/testtools/tests/test_testcase.py | 65 - 10 files changed, 597 insertions(+), 33 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/testtools/NEWS b/lib/testtools/NEWS index 6588b8d..5896b84 100644 --- a/lib/testtools/NEWS +++ b/lib/testtools/NEWS @@ -6,6 +6,22 @@ Changes and improvements to testtools_, grouped by release. NEXT + +0.9.12 +~~ + +This is a very big release. We've made huge improvements on three fronts: + 1. Test failures are way nicer and easier to read + 2. Matchers and ``assertThat`` are much more convenient to use + 3. Correct handling of extended unicode characters + +We've trimmed off the fat from the stack trace you get when tests fail, we've +cut out the bits of error messages that just didn't help, we've made it easier +to annotate mismatch failures, to compare complex objects and to match raised +exceptions. + +Testing code was never this fun. + Changes --- @@ -14,6 +30,12 @@ Changes now deprecated. Please stop using it. (Jonathan Lange, #813460) +* ``assertThat`` raises ``MismatchError`` instead of + ``TestCase.failureException``. ``MismatchError`` is a subclass of + ``AssertionError``, so in most cases this change will not matter. However, + if ``self.failureException`` has been set to a non-default value, then + mismatches will become test errors rather than test failures. + * ``gather_details`` takes two dicts, rather than two detailed objects. (Jonathan Lange, #801027) @@ -30,12 +52,16 @@ Improvements * All public matchers are now in ``testtools.matchers.__all__``. (Jonathan Lange, #784859) -* assertThat output is much less verbose, displaying only what the mismatch +* ``assertThat`` can actually display mismatches and matchers that contain + extended unicode characters. (Jonathan Lange, Martin [gz], #804127) + +* ``assertThat`` output is much less verbose, displaying only what the mismatch tells us to display. Old-style verbose output can be had by passing ``verbose=True`` to assertThat. (Jonathan Lange, #675323, #593190) -* assertThat accepts a message which will be used to annotate the matcher. This - can be given as a third parameter or as a keyword parameter. (Robert Collins) +* ``assertThat`` accepts a message which will be used to annotate the matcher. + This can be given as a third parameter or as a keyword parameter. + (Robert Collins) * Automated the Launchpad part of the release process. (Jonathan Lange, #623486) diff --git a/lib/testtools/doc/for-test-authors.rst b/lib/testtools/doc/for-test-authors.rst index eec98b1..04c4be6 100644 --- a/lib/testtools/doc/for-test-authors.rst +++ b/lib/testtools/doc/for-test-authors.rst @@ -717,7 +717,7 @@ generates. Here's an example mismatch:: self.remainder = remainder def describe(self): - return %s is not divisible by %s, %s remains % ( + return %r is not divisible by %r, %r remains % ( self.number, self.divider, self.remainder) def get_details(self): @@ -738,11 +738,19 @@ in the Matcher itself like this:: remainder = actual % self.divider if remainder != 0: return Mismatch( - %s is not divisible by %s, %s remains % ( + %r is not divisible by %r, %r remains % ( actual, self.divider, remainder)) else: return None +When writing a ``describe`` method or constructing a ``Mismatch`` object the +code should ensure it only emits printable unicode. As this output must be +combined with other text and forwarded for presentation, letting through +non-ascii bytes of ambiguous encoding or control characters could throw
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via e6b33a5 s3-docs: Fix typos. from 3d2c591 s3:smb2_server: SMB2_OP_CANCEL requests don't have to be signed http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit e6b33a5a3f83272d7e6dea66b1f15db4b19d3170 Author: Karolin Seeger ksee...@samba.org Date: Mon Jun 6 19:58:22 2011 +0200 s3-docs: Fix typos. Thanks to Samba-JP oota rib...@samba.gr.jp for reporting! Karolin Autobuild-User: Karolin Seeger ksee...@samba.org Autobuild-Date: Fri Sep 30 23:12:35 CEST 2011 on sn-devel-104 (cherry picked from commit 5c569a97ab477a324a96aae7f58770ccbe2572de) --- Summary of changes: .../Samba3-HOWTO/TOSHARG-AdvancedNetworkAdmin.xml |2 +- docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml|2 +- docs-xml/Samba3-HOWTO/TOSHARG-Unicode.xml |2 +- 3 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-AdvancedNetworkAdmin.xml b/docs-xml/Samba3-HOWTO/TOSHARG-AdvancedNetworkAdmin.xml index 2ecfa4b..a6c1af0 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-AdvancedNetworkAdmin.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-AdvancedNetworkAdmin.xml @@ -265,7 +265,7 @@ is the best tool in your network environment. para indextermprimaryLAN/primary/indexterm indextermprimarythin client/primary/indexterm - ThinLinc an be used both in the LAN environment to implement a Thin Client strategy for an organization, and as + ThinLinc can be used both in the LAN environment to implement a Thin Client strategy for an organization, and as secure remote access solution for people working from remote locations, even over smallband connections. ThinLinc is free to use for a single concurrent user. /para diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml b/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml index 7058112..bb05de4 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml @@ -3716,7 +3716,7 @@ Just put it in a frame and bolt it to the wall with the heading MY FIRST RPCCLI para indextermprimaryadddriver/primary/indexterm The setdriver command will fail if in Samba's mind the queue is not -already there. A successful installation displys the promising message that the: +already there. A successful installation displays the promising message that the: screen Printer Driver ABC successfully installed. /screen diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-Unicode.xml b/docs-xml/Samba3-HOWTO/TOSHARG-Unicode.xml index d431899..440498f 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-Unicode.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-Unicode.xml @@ -366,7 +366,7 @@ Setting up Japanese charsets is quite difficult. This is mainly because: In addition, although it is not directly concerned with Samba, since there is a delicate difference between the iconv() function, which is generally used on UNIX, and the functions used on other platforms, - such as Windows and Java, so far is concerens the conversion between + such as Windows and Java, so far is concerns the conversion between Shift_JIS and Unicode UTF-8 must be done with care and recognition of the limitations involved in the process. /para -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 149875f Fix bug #8493 - DFS breaks zip file extracting unless follow symlinks = no set from e6b33a5 s3-docs: Fix typos. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 149875f887287dbbf016d2252962b023b0bae967 Author: Jeremy Allison j...@samba.org Date: Fri Sep 30 13:35:59 2011 -0700 Fix bug #8493 - DFS breaks zip file extracting unless follow symlinks = no set If a client sends a mangled name as part of a DFS path, use the post-mangled name for the pathname walk, not the mangled name. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Sat Oct 1 00:45:59 CEST 2011 on sn-devel-104 --- Summary of changes: source3/smbd/msdfs.c | 13 ++--- 1 files changed, 2 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c index 3bdedb8..f0f5d06 100644 --- a/source3/smbd/msdfs.c +++ b/source3/smbd/msdfs.c @@ -575,15 +575,10 @@ static NTSTATUS dfs_path_lookup(TALLOC_CTX *ctx, conn-connectpath, pdp-reqpath)); /* -* Note the unix path conversion here we're doing we can +* Note the unix path conversion here we're doing we * throw away. We're looking for a symlink for a dfs * resolution, if we don't find it we'll do another * unix_convert later in the codepath. -* If we needed to remember what we'd resolved in -* dp-reqpath (as the original code did) we'd -* copy (localhost, dp-reqpath) on any code -* path below that returns True - but I don't -* think this is needed. JRA. */ status = unix_convert(ctx, conn, pdp-reqpath, smb_fname, @@ -594,11 +589,7 @@ static NTSTATUS dfs_path_lookup(TALLOC_CTX *ctx, NT_STATUS_OBJECT_PATH_NOT_FOUND)) { return status; } - - /* Create an smb_fname to use below. */ - status = create_synthetic_smb_fname(ctx, pdp-reqpath, NULL, - NULL, smb_fname); - if (!NT_STATUS_IS_OK(status)) { + if (smb_fname == NULL || smb_fname-base_name == NULL) { return status; } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 1ed1b19 Fix bug #8493 - DFS breaks zip file extracting unless follow symlinks = no set from 4c06073 s3-docs: Remove experimental label on VFS ACL modules http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 1ed1b19b2eeda3217d03d66d4220abd871b03cb4 Author: Jeremy Allison j...@samba.org Date: Fri Sep 30 13:35:59 2011 -0700 Fix bug #8493 - DFS breaks zip file extracting unless follow symlinks = no set If a client sends a mangled name as part of a DFS path, use the post-mangled name for the pathname walk, not the mangled name. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Sat Oct 1 00:45:59 CEST 2011 on sn-devel-104 (cherry picked from commit 149875f887287dbbf016d2252962b023b0bae967) --- Summary of changes: source3/smbd/msdfs.c | 13 ++--- 1 files changed, 2 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c index 6a2f756..0480b58 100644 --- a/source3/smbd/msdfs.c +++ b/source3/smbd/msdfs.c @@ -525,15 +525,10 @@ static NTSTATUS dfs_path_lookup(TALLOC_CTX *ctx, conn-connectpath, pdp-reqpath)); /* -* Note the unix path conversion here we're doing we can +* Note the unix path conversion here we're doing we * throw away. We're looking for a symlink for a dfs * resolution, if we don't find it we'll do another * unix_convert later in the codepath. -* If we needed to remember what we'd resolved in -* dp-reqpath (as the original code did) we'd -* copy (localhost, dp-reqpath) on any code -* path below that returns True - but I don't -* think this is needed. JRA. */ status = unix_convert(ctx, conn, pdp-reqpath, smb_fname, @@ -544,11 +539,7 @@ static NTSTATUS dfs_path_lookup(TALLOC_CTX *ctx, NT_STATUS_OBJECT_PATH_NOT_FOUND)) { return status; } - - /* Create an smb_fname to use below. */ - status = create_synthetic_smb_fname(ctx, pdp-reqpath, NULL, - NULL, smb_fname); - if (!NT_STATUS_IS_OK(status)) { + if (smb_fname == NULL || smb_fname-base_name == NULL) { return status; } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6b5d8e0 s4-subdomain: create trust record with forest root DC via 8905344 s4-dsdb: fixed re-join of subdomain via 28a6881 s4-lsa: fixed set of trust password with old password via e9758ef s4-dns: add all forest DCs to named.conf.update via 7244e25 s4-ldap: added DSDB_CONTROL_NO_GLOBAL_CATALOG to ldap encoding list via 0ef8dca s4-kdc: fixed handling of previous vs current trust password via 71f3a25 s4-auth: rework map_user_info() to use cracknames via 0c944d0 s4-sam: don't look in GC NCs for user accounts via aee896a s4-kdc: don't look at global catalog NCs in the kdc via 5717da3 s4-kdc: treat a kvno of 255 as unspecified via 6356f4c s4-kcc: if we are a GC, auto-add partial replicas via 278e44c s4-dsdb: simplify samdb_is_gc() via f469369 s4-dsdb: add the DSDB_CONTROL_PARTIAL_REPLICA when needed via 6b69ecd heimdal: handle referrals for 3 part DRSUAPI SPNs via b930b1e s4-repl: try harder to find the right SPN in replication server via 60cbc98 s4-dsdb: added new control DSDB_MODIFY_PARTIAL_REPLICA via fb937af s4-join: enable cleanup on failed join via efb3f45 s4-drs: added DSDB_REPL_FLAG_ADD_NCNAME to DsAddEntry call via 1870fc4 s4-dsdb: added DSDB_REPL_FLAG_ADD_NCNAME flag via 50d6a76 s4-dsdb: fixed formatting of a debug message via d12309d s4-partition: allow creation of uninstantiated partitions via f52d8ca s4-dsdb: allow uninstantiated NC heads via faf8581 s4-repl: support creation of new NCs via DsAddEntry via df3cc35 s4-repl: fixed formatting of some debug messages via 004f8c6 drsuapi: added ncName attid in enum via 7d18241 dns: added example python script for dnsserver protocol via 57e30bc0 dns: build python bindings for dnsserver RPC protocol via ff482bc dns: filled in dnsserver.idl via 2fbdaab samba-tool: cope with GC compares in ldapcmp via aed0d2e samba-tool: added --full-sync and --sync-all options to samba-tool drs replicate via 5d4f474 s4-dbchecker: fixed handling of DSDB DNs in dbcheck via ac581b3 s4-dsdb: update callers to dsdb_convert_object_ex() via 761fd4a s4-repl: update instanceType in partial_replica replication via f37e81b s4-repl: add FULL_SYNC and PARTIAL_REPLICA flags via bdc9319 s4-dsdb: implement DSDB_REPL_FLAG_PRIORITISE_INCOMING via f45147b s4-dsdb: disallow changes based on instanceType via d3fa496 s4-dsdb: added DSDB_REPL_FLAG* to replication via 0d2d6c9 s4-ldap-server: disallow all modifies on global catalog port via 1df1003 s4-ldb: enable display of partialAttributeSet with --show-binary from d6c949b testtools: Import new upstream snapshot. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6b5d8e02f78ed2039ea25edeb372d5b86089e3df Author: Andrew Tridgell tri...@samba.org Date: Sat Oct 1 10:58:52 2011 +1000 s4-subdomain: create trust record with forest root DC when we create a sub-subdomain we need to use the forest naming master to setup the partition changes for the new subdomain. We also need to setup the trust with the forest root, as that allows us to create the needed _msdcs DNS entries in the forest Autobuild-User: Andrew Tridgell tri...@samba.org Autobuild-Date: Tue Oct 4 07:40:59 CEST 2011 on sn-devel-104 commit 8905344bad2a22c6271340f04093c7bd0e10f348 Author: Andrew Tridgell tri...@samba.org Date: Sat Oct 1 10:57:14 2011 +1000 s4-dsdb: fixed re-join of subdomain if we repeat the join of a subdomain then we try to re-create the NC for the subdomain during a DsAddEntry(). This allows that re-creation to succeed if the NC already exists commit 28a6881d4f4aac814cb01ca87e113caf4b1c8026 Author: Andrew Tridgell tri...@samba.org Date: Fri Sep 30 09:03:39 2011 +1000 s4-lsa: fixed set of trust password with old password the calculation of add_incoming and add_outgoing was not correct when a trust was already in place Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit e9758ef94de98dd253a79547d2109bcd714f8517 Author: Andrew Tridgell tri...@samba.org Date: Fri Sep 30 07:43:54 2011 +1000 s4-dns: add all forest DCs to named.conf.update this allows all DCs to update DNS entries commit 7244e254cc28fc3f4273731a53a21ab81c330baa Author: Andrew Tridgell tri...@samba.org Date: Fri Sep 30 07:08:15 2011 +1000 s4-ldap: added DSDB_CONTROL_NO_GLOBAL_CATALOG to ldap encoding list also remove all the duplicated comments Pair-Programmed-With: Andrew Bartlett abart...@samba.org commit 0ef8dca9fb69154f50807d0a56aeb24614d73399 Author: Andrew Tridgell tri...@samba.org Date: Fri Sep 30 06:47:08 2011 +1000