[Samba] Samba not seen as logon server / PDC anymore...
Dear all, since yesterday our samba PDC did loose his master status within our LAN for the domain SRG - since then windows boxes did not see the logon server anymore. nmblookup -T -M SRG is reporting some of the windows machines (one box running since more then a year...). - net rpc join -S SRG -U root (on the PDC works) - net rpc join -S 192.168.123.202 -U root (on a client works) - net rpc join --S SRG -U root (on a client works NOT - no nmbd around and srg host got resolved to the wrong one) Some monthes ago i had a similiar problem - in that case i had a bug in my interface conf in smb.config I've produced some level 10 logs (full log see urls above) - these lines seems important to me from then. --- snip --- 2012/03/19 19:12:56, 8] nmbd/nmbd_elections.c:361(check_elections) check_elections: Cannot send election packet yet as name SRG1e not yet registered on subnet 192.168.123.202 ---snap --- and: --- snip --- [2012/03/20 07:35:24, 3] nmbd/nmbd_logonnames.c:138(become_logon_server) become_logon_server: go to first stage: register SRG1c name [2012/03/20 07:35:24, 3] nmbd/nmbd_elections.c:77(check_for_master_browser_success) check_for_master_browser_success: Local master browser for workgroup SRG exists at IP 192.168.124.242 (just checking). [2012/03/20 07:35:24, 0] nmbd/nmbd_nameregister.c:73(register_name_response) register_name_response: Answer name SRG00 differs from question name SRG1c. [2012/03/20 07:35:24, 3] nmbd/nmbd_incomingrequests.c:456(process_name_query_request) process_name_query_request: Name query from 192.168.124.243 on subnet 192.168.123.202 for name SRG1d [2012/03/20 07:35:26, 0] nmbd/nmbd_logonnames.c:64(become_logon_server_fail) become_logon_server_fail: Failed to become a domain master for workgroup SRG on subnet 192.168.123.202. Couldn't register name SRG1c. [2012/03/20 07:35:26, 0] nmbd/nmbd_namelistdb.c:309(standard_fail_register) --- snap --- here my [global]: --- schnipp --- [global] name resolve order = host wins lmhosts bcast time server = Yes lprm command = lprm -P'%p' %j netbios name = SERVER lpresume command = lpc release '%p' %j logon script = %U.bat workgroup = SRG os level = 255 queueresume command = lpc start '%p' add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -g machines -s /bin/false %u max log size = 5000 log level = 10 lanman auth = yes log file = /var/log/samba/log.%m load printers = No map acl inherit = Yes username level = 15 #socket options = SO_KEEPALIVE TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 logon drive = L: guest ok = yes domain master = Yes local master = Yes idmap backend = rid:KPAK=100-1 winbind use default domain = yes passdb backend = tdbsam logon home = \\%L\%U wins support = Yes case sensitive = No dos filetime resolution = Yes netbios aliases = audioserv server string = PDC queuepause command = lpc stop '%p' preexec = /usr/local/bin/netlogon %U logon path = \\%L\profiles\%U client lanman auth = yes lppause command = lpc hold '%p' %j preferred master = Yes winbind cache time = 1 domain logons = Yes #add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -g machines -s /bin/false %m$ interfaces = 192.168.123.202/255.255.0.0 127.0.0.1/255.0.0.0 hosts allow = 192.168.123. 192.168.124. localhost bind interfaces only = yes --- schnapp --- ...nmbd seems to hear properly: ~ # netstat -atun|grep 137 udp0 0 192.168.255.255:137 0.0.0.0:* udp0 0 192.168.123.202:137 0.0.0.0:* udp0 0 0.0.0.0:137 The correct PDC should be 192.168.123.202 - the current wrong one is 192.168.124.242 For testing purposes i still tried to remove wins.dat und browse.dat as some caches to let samba create it freshly. Here is a level 10 log from nmbd: http://217.171.190.10/srg.debug.txt Output from nbmlookup -T -M SRG (Level 10) here: http://217.171.190.10/srg.nmblookup.txt It would be very nice to get any input - many thanks in advance for any hint or tip!... best regards, Niels. -- --- Niels Dettenbach Syndicat IT Internet http://www.syndicat.com --- signature.asc Description: This is a digitally signed message part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba streitet sich um Master Browser und wird kein PDC...
Dear all, since yesterday our samba PDC did loose his master status within our LAN for the domain SRG - since then windows boxes did not see the logon server anymore. nmblookup -T -M SRG is reporting some of the windows machines (one box running since more then a year...). - net rpc join -S SRG -U root (on the PDC works) - net rpc join -S 192.168.123.202 -U root (on a client works) - net rpc join --S SRG -U root (on a client works NOT - no nmbd around and srg host got resolved to the wrong one) Some monthes ago i had a similiar problem - in that case i had a bug in my interface conf in smb.config I've produced some level 10 logs (full log see urls above) - these lines seems important to me from then. --- snip --- 2012/03/19 19:12:56, 8] nmbd/nmbd_elections.c:361(check_elections) check_elections: Cannot send election packet yet as name SRG1e not yet registered on subnet 192.168.123.202 ---snap --- and: --- snip --- [2012/03/20 07:35:24, 3] nmbd/nmbd_logonnames.c:138(become_logon_server) become_logon_server: go to first stage: register SRG1c name [2012/03/20 07:35:24, 3] nmbd/nmbd_elections.c:77(check_for_master_browser_success) check_for_master_browser_success: Local master browser for workgroup SRG exists at IP 192.168.124.242 (just checking). [2012/03/20 07:35:24, 0] nmbd/nmbd_nameregister.c:73(register_name_response) register_name_response: Answer name SRG00 differs from question name SRG1c. [2012/03/20 07:35:24, 3] nmbd/nmbd_incomingrequests.c:456(process_name_query_request) process_name_query_request: Name query from 192.168.124.243 on subnet 192.168.123.202 for name SRG1d [2012/03/20 07:35:26, 0] nmbd/nmbd_logonnames.c:64(become_logon_server_fail) become_logon_server_fail: Failed to become a domain master for workgroup SRG on subnet 192.168.123.202. Couldn't register name SRG1c. [2012/03/20 07:35:26, 0] nmbd/nmbd_namelistdb.c:309(standard_fail_register) --- snap --- here my [global]: --- schnipp --- [global] name resolve order = host wins lmhosts bcast time server = Yes lprm command = lprm -P'%p' %j netbios name = SERVER lpresume command = lpc release '%p' %j logon script = %U.bat workgroup = SRG os level = 255 queueresume command = lpc start '%p' add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -g machines -s /bin/false %u max log size = 5000 log level = 10 lanman auth = yes log file = /var/log/samba/log.%m load printers = No map acl inherit = Yes username level = 15 #socket options = SO_KEEPALIVE TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 logon drive = L: guest ok = yes domain master = Yes local master = Yes idmap backend = rid:KPAK=100-1 winbind use default domain = yes passdb backend = tdbsam logon home = \\%L\%U wins support = Yes case sensitive = No dos filetime resolution = Yes netbios aliases = audioserv server string = PDC queuepause command = lpc stop '%p' preexec = /usr/local/bin/netlogon %U logon path = \\%L\profiles\%U client lanman auth = yes lppause command = lpc hold '%p' %j preferred master = Yes winbind cache time = 1 domain logons = Yes #add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -g machines -s /bin/false %m$ interfaces = 192.168.123.202/255.255.0.0 127.0.0.1/255.0.0.0 hosts allow = 192.168.123. 192.168.124. localhost bind interfaces only = yes --- schnapp --- ...nmbd seems to hear properly: ~ # netstat -atun|grep 137 udp0 0 192.168.255.255:137 0.0.0.0:* udp0 0 192.168.123.202:137 0.0.0.0:* udp0 0 0.0.0.0:137 The correct PDC should be 192.168.123.202 - the current wrong one is 192.168.124.242 For testing purposes i still tried to remove wins.dat und browse.dat as some caches to let samba create it freshly. Here is a level 10 log from nmbd: http://217.171.190.10/srg.debug.txt Output from nbmlookup -T -M SRG (Level 10) here: http://217.171.190.10/srg.nmblookup.txt It would be very nice to get any input - many thanks in advance for any hint or tip!... best regards, Niels. -- --- Niels Dettenbach Syndicat IT Internet http://www.syndicat.com --- signature.asc Description: This is a digitally signed message part. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba over nfs mount and free space problem
On 03/19/2012 10:30 PM, Alex Mestiashvili wrote: On 03/19/2012 08:35 PM, Volker Lendecke wrote: On Mon, Mar 19, 2012 at 03:55:44PM +0100, Alex Mestiashvili wrote: dfree command also didn't help. The dfree command should always help. You could fake 100GB free space always. Volker Hi, that is my dfree command ( I added simple logging ) #!/bin/sh /usr/sbin/df -k $1 | /usr/bin/tail -1 | /opt/csw/bin/gawk '{print $2 $4}' /bin/echo $1 | /usr/bin/logger -t smbd_dfree_args -p local7.notice /bin/echo `pwd` | /usr/bin/logger -t smbd_dfree_cwd -p local7.notice the output is like that : $/usr/local/bin/dfree 629145600 354102404 df output for nfs share looks like that: df -k |head-1 Filesystemkbytesused avail capacity Mounted on cd /home/mygroup/myuser df -k . nfsserver:/users/myuser 629145600 275043196 35410240444% /home/mygroup/myuser df -k for local fs: localzfs/users/myuser 1948778496 42750990 914183310 5% /home/mygroup/myuser nevertheless when I access nfs share via samba I get no free space . with local fs it is ok . The same happens in windows when one maps a network drive. I will check again tomorrow, but may be I am missing something simple and obvious ? Thank you, Alex I changed dfree script to the very simple one: #cat dfree #!/bin/sh echo 524150168 524150168 now if I access a share which is a local filesystem to the samba server I get with df -h : Size 500G Used 0B Available 500Gi so dfree works fine in that case. if I access via smb nfs mounted filesystem I get totally different result: Size 186M Used 186M Available 0B So obviously dfree doen't work in this case . What else mechanism is used to determine share size ? Thank you, Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to allow ISC dhcpd to add/update entries to bind9 with bind_dlz (samba4)
Am 17.03.2012 18:00, schrieb Andreas Oster: Hello all, I have set up a samba4 server with bind9 and the bind_dlz module. Everything is working as it should but now I need to allow the dhcp server to add entries to the forwarding zone. Has anybody implemented such a configuration ? Can this be done with the kerberos DNS dynamic update configuration. I want to achieve the following: 1) allow non-Windows machines (printers, ILO ...) to be added by dhcpd 2) allow Windows machines (joined to AD) to update their own entries 2 - already works with the configuration from samba wiki Thank you for your kind help best regards Andreas Hi all, finally I got it up and running. I am using the script by Charles Tryon http://blog.michael.kuron-germany.de/2011/02/isc-dhcpd-dynamic-dns-updates-against-secure-microsoft-dns/ best regards Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] security=ADS related question
Hi all, I am just struggling with SAMBA design and i was wondering whether anyone here can help. In my environment, there is an AD server and my SAMBA server is on an AIX box. I need to set up SAMBA so that it will use AD authentication AND few particular users found in AD (but not yet in AIX) will need to own the files within SAMBA shares. Is that possible? The thing is.. other than those 2 or 3 AD users being able to authenticate for SAMBA (and SAMBA ONLY), I really do not want it to be used for AIX authentication. So what kind of configuration do I need to try? I got a server that's checking AD for the password and it appears to be successful but currently it requires for me to create an entry in /etc/passwd file *testuser:!:500:100::/dev/null:/bin/false* (but no password given). And my smb.conf looks like below. *[global]* *workgroup = TEST* *security = ADS* *encrypt passwords = Yes* *realm = TEST.TESTDOMAIN.COM* *winbind separator = +* *log file = /opt/pware/var/log.%m* *lock directory = /opt/pware/var/locks/samba* *client schannel = no* * * *idmap config TEST:default = yes* *idmap config TEST:backend = tdb* *idmap config TEST:range = 900 50* *idmap alloc backend = tdb* *idmap alloc config:range = 900 50* Am I doing this correctly? I do not mind creating an entry in AIX but if anyone can either confirm or disagree what I am doing is correct, that will be great. I've ordered Using SAMBA - 3rd edition but if someone is using a resource that's better than that, please point me to it. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help with smbpasswd file
Is there a procedure for copying the smbpasswd from an old machine to a new machine (fresh samba build), and have the new machine recognize the old smbpasswd file? Both machines are aix 6.1 and Samba version 3.5.12. I copied all of the .tdb files but that didn't seem to work. The new machine does not seem to know what is in /usr/local/samba/private/smbpasswd. Below is my smb.conf Thanks, bash-4.2# cat smb.conf [global] workgroup = privateworkgroup netbios name = someserver server string = Some Samba Server %v security = user encrypt passwords = yes passdb backend = smbpasswd log file = /LOGS/log.smbd max log size = 20 log level = 2 delete readonly = yes invalid users = root daemon bin sys adm uucp nuucp lpd imnadm ipsec lp snapp inv scout guest account = nobody host msdfs = no max xmit = 65535 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 strict locking = no allocation roundup size = 2097152 use sendfile = true comment = Samba Share path = /export/shares writeable = yes create mask = 0775 directory mask = 0775 security mask = 0770 force security mode = 770 directory security mask = 0770 force directory security mode = 770 force create mode = 0775 force directory mode = 0775 inherit acls = yes [Tshare] #Windows no Unix yes (Execute bit) map archive = no map system = no map hidden = no [Tshares-unix] #Windows no Unix yes (Execute bit) map archive = yes map system = yes map hidden = yes -- Beau Gauthreaux -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to allow ISC dhcpd to add/update entries to bind9 with bind_dlz (samba4)
Hi Andreas, Yes, I did a lot of work trying to get that script working (along with a bunch of other people on that discussion thread). I have it mostly functional, but have largely backed away from that approach, since it runs against what appears to be the more accepted policy of letting the machines (in particular, the Windows machines) do their own secure update of the DNS records. The unfortunate part is that the Linux clients don't seem to have a way to do this by default. I have no idea how the Mac machines handle their DNS once they get a DHCP response. Servers, which mostly use static IP assignments, are a moot point, since I can just manually create the DNS records and be done with it. The issue is the fact that DNS remembers who created (owns) the DNS record, and based on that ownership, who it will allow to change it. If it is created by some dhcpd initiated transaction, then the Windows client itself is not allowed to update the record in the future. My feeling at this point is to try to follow the Windows Way for the time being (since that's the bulk of the machines on the network), and handle the few Linux clients (oddballs like myself) as special cases. We also use DHCP reservations based on the machine's MAC address, so largely it's a non-issue. (Or, at least I've got bigger fish to fry first before I go back and make sure the DHCP/DLZ behavior is tidy.) On Sun, Mar 18, 2012 at 3:38 AM, Andreas Oster aos...@novanetwork.dewrote: Am 17.03.2012 21:06, schrieb Matthieu Patou: On 03/17/2012 10:00 AM, Andreas Oster wrote: Hello all, I have set up a samba4 server with bind9 and the bind_dlz module. Everything is working as it should but now I need to allow the dhcp server to add entries to the forwarding zone. Has anybody implemented such a configuration ? Can this be done with the kerberos DNS dynamic update configuration. I had it working with flat file backend. I think that the way dhcp and bind do their DDNS is different form the way windows do it's DDNS, as far as I know dlz_plugin only support the later one so far. I want to achieve the following: 1) allow non-Windows machines (printers, ILO ...) to be added by dhcpd 2) allow Windows machines (joined to AD) to update their own entries 2 - already works with the configuration from samba wiki I put our DNS experts in direct copy maybe then can advise you better than I. Hello Mattieu, thank you for you answer. I searched the web allot, but the only useful stuff I found was a script by Michael Kuron which has been slightly modified by Charles Tryon but I have no clue how to integrate this with bind9 dlz, see: http://blog.michael.kuron-germany.de/2011/02/isc-dhcpd-dynamic-dns-updates-against-secure-microsoft-dns/ It would be great if someone could help me with the DDNS setup. best regards Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Charles Tryon _ “Risks are not to be evaluated in terms of the probability of success, but in terms of the value of the goal.” - Ralph D. Winter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help with smbpasswd file
The testparm -v will let you see which smb.conf file is being used and what the settings are. If the default settings for passwd file and private directory are not to your liking you can specify the in the smb.conf file e.g. # testparm -v | grep -i priv Load smb config files from /etc/samba/smb.conf smb passwd file = /var/lib/samba/private/smbpasswd private dir = /var/lib/samba/private On 03/20/12 14:18, Beau Gauthreaux wrote: Is there a procedure for copying the smbpasswd from an old machine to a new machine (fresh samba build), and have the new machine recognize the old smbpasswd file? Both machines are aix 6.1 and Samba version 3.5.12. I copied all of the .tdb files but that didn't seem to work. The new machine does not seem to know what is in /usr/local/samba/private/smbpasswd. Below is my smb.conf Thanks, bash-4.2# cat smb.conf [global] workgroup = privateworkgroup netbios name = someserver server string = Some Samba Server %v security = user encrypt passwords = yes passdb backend = smbpasswd log file = /LOGS/log.smbd max log size = 20 log level = 2 delete readonly = yes invalid users = root daemon bin sys adm uucp nuucp lpd imnadm ipsec lp snapp inv scout guest account = nobody host msdfs = no max xmit = 65535 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 strict locking = no allocation roundup size = 2097152 use sendfile = true comment = Samba Share path = /export/shares writeable = yes create mask = 0775 directory mask = 0775 security mask = 0770 force security mode = 770 directory security mask = 0770 force directory security mode = 770 force create mode = 0775 force directory mode = 0775 inherit acls = yes [Tshare] #Windows no Unix yes (Execute bit) map archive = no map system = no map hidden = no [Tshares-unix] #Windows no Unix yes (Execute bit) map archive = yes map system = yes map hidden = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration
Thanks for the suggestion, but no joy Below is my [global] workgroup = endace realm = ad.DOMAIN.COM server string = %h server wins server = 10.0.32.2 dns proxy = no panic action = /usr/share/samba/panic-action %d security = ADS encrypt passwords = true passdb backend = tdbsam obey pam restrictions = no unix password sync = yes password server = dcn01.ad.DOMAIN.COM passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . machine password timeout = 0 pam password change = yes map to guest = bad user force group = domain^users idmap config ALL:backend = lwicompat_v4 idmap config ALL:default = yes idmap config ALL:readonly = yes idmap backend idmap uid idmap gid hosts allow = ALL usershare allow guests = yes printcap name = /etc/printcap #Logging # log file = /var/log/samba/log.%m max log size = 1000 #syslog = 0 log level = 1 vfs:1 log file = /var/log/samba/%U.%m.log #Network socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536 # Any further advice ? Thanks On Sat, Mar 17, 2012 at 2:58 AM, Tom Noonan II thomas.noonan...@hp.com wrote: I saw this on CentOS 6 with winbind, not LikewiseOpen. The problem is that it expects configuration options to be present that are flagged as having (sane) defaults in the smb.conf man page. Once I added the following options for winbind to my smb.conf this problem went away: idmap backend idmap uid idmap gid I believe it was idmap backend, but I didn't verify that. -- Tom Noonan II ESL Technician - Randstad On Fri, 16 Mar 2012 08:37:48 + Gregory Machin g...@linuxpro.co.za wrote: Hi I'm running CentOS 6.2 with samba-3.5.10-114 , and LikewiseOpen 6.1 . How do I fix these errors ? Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: [2012/03/16 20:25:43.639871, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: [2012/03/16 20:25:43.654353, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: [2012/03/16 20:25:43.655811, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: [2012/03/16 20:25:43.674267, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: [2012/03/16 20:25:43.675524, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: [2012/03/16 20:25:43.693888, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: Upgrade of IDMAP_VERSION from -1 to 2 is not possible with incomplete configuration Mar 16 20:25:43 nzhmlfpr05 winbindd[2556]: [2012/03/16 20:25:43.695097, 0] winbindd/idmap_tdb.c:287(idmap_tdb_open_db) Thanks Greg -- Tom Noonan II ESL Technician - Randstad -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] CTDB repository - branch master updated - ctdb-1.13-17-g0ae2a46
The branch, master has been updated via 0ae2a46e37df8d84ce0c76b7a5d32d6e93af709b (commit) via e6a8306257dece02313043274789b52cef1a5647 (commit) via d0d98f7e45e5084b81335b004d50bddc80cdc219 (commit) via cf96d6380de974c1abff7a33c62a7e31ac980551 (commit) via 035c0d981bde8c0eee8b3f24ba8e2dc817e5b504 (commit) via 1c976d83b1d7dac6f0ef81306774998e4c8b56a1 (commit) via 05923a14bc8ae8e3c5cda28ff4e0fb0d473d5f7d (commit) via c37aa6f3738693653f64c2fa015ace061da38b5a (commit) via eafd7bbaaa5931546a96c8beae3cf9a39a49c925 (commit) via 7d3931298e6477d92f43652c3006b0c426cb1307 (commit) from af72f8bc05f78983f9624d81788f9d89af474b11 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 0ae2a46e37df8d84ce0c76b7a5d32d6e93af709b Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 17:43:26 2012 +1100 DOC regenerate the manpage commit e6a8306257dece02313043274789b52cef1a5647 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 17:07:13 2012 +1100 STICKY document the sticky record parameters commit d0d98f7e45e5084b81335b004d50bddc80cdc219 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 16:58:35 2012 +1100 STICKY: add prototype code to make records stick to a node to calm down if they are found to be very hot and accessed by a lot of clients. This can improve performance and stop clients from having to chase a rapidly migrating/bouncing record commit cf96d6380de974c1abff7a33c62a7e31ac980551 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 12:25:47 2012 +1100 DOC: Document the MaxLACount tunable variable commit 035c0d981bde8c0eee8b3f24ba8e2dc817e5b504 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 12:20:55 2012 +1100 LACOUNT: Add back lacount mechanism to defer migrating a fetched/read copy until after default of 20 consecutive requests from the same node This can improve performance slightly on certain workloads where smbds frequently read from the same record commit 1c976d83b1d7dac6f0ef81306774998e4c8b56a1 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 12:08:12 2012 +1100 STATISTICS: add per-db hop count statistics commit 05923a14bc8ae8e3c5cda28ff4e0fb0d473d5f7d Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 11:43:09 2012 +1100 CTDB: change how the hop count buckets are displayed in ctdb statistics commit c37aa6f3738693653f64c2fa015ace061da38b5a Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 11:38:20 2012 +1100 DOC document the FetchCollapse tunable commit eafd7bbaaa5931546a96c8beae3cf9a39a49c925 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 11:31:59 2012 +1100 FETCH COLLAPSE : Change the fetch-lock collapse to collapse ALL fetches, including fetch-locks into a single command in flight per record. Also add a tunable to enable/disable this optimization for hot records commit 7d3931298e6477d92f43652c3006b0c426cb1307 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Wed Mar 7 17:02:41 2012 +1100 add max hop count buckets to see how bad hopcounts are --- Summary of changes: client/ctdb_client.c | 52 - common/ctdb_ltdb.c|1 + doc/ctdbd.1 | 684 - doc/ctdbd.1.html | 175 +++- doc/ctdbd.1.xml | 71 + include/ctdb_client.h |6 + include/ctdb_private.h| 11 +- include/ctdb_protocol.h |8 +- server/ctdb_call.c| 282 ++- server/ctdb_control.c | 11 + server/ctdb_daemon.c | 13 +- server/ctdb_ltdb_server.c | 22 ++ server/ctdb_recover.c |3 + server/ctdb_tunables.c|7 +- tools/ctdb.c | 85 ++- 15 files changed, 1083 insertions(+), 348 deletions(-) Changeset truncated at 500 lines: diff --git a/client/ctdb_client.c b/client/ctdb_client.c index 1b41439..b01e258 100644 --- a/client/ctdb_client.c +++ b/client/ctdb_client.c @@ -71,7 +71,7 @@ struct ctdb_req_header *_ctdbd_allocate_pkt(struct ctdb_context *ctdb, */ int ctdb_call_local(struct ctdb_db_context *ctdb_db, struct ctdb_call *call, struct ctdb_ltdb_header *header, TALLOC_CTX *mem_ctx, - TDB_DATA *data, bool updatetdb) + TDB_DATA *data, bool updatetdb, uint32_t caller) { struct ctdb_call_info *c; struct ctdb_registered_call *fn; @@ -106,7 +106,15 @@ int ctdb_call_local(struct ctdb_db_context *ctdb_db, struct ctdb_call *call, } /* we need to force the record to be written out if this was a remote access */ - if (c-new_data == NULL) { + if (header-laccessor !=
[SCM] CTDB repository - branch 1.13 updated - ctdb-1.13-12-g6802b43
The branch, 1.13 has been updated via 6802b43c09cd11cc3074882e7a43fae52dc914a5 (commit) via 3fa9a3654a2a647ed326dcc17014abdcf50902ac (commit) via fea93c966d21e0b51790a92a828057b075effc56 (commit) via 6f857bfc9f6bc7bc45891439463757d61848850a (commit) via b2cc874c5850ba7c7e893eab68a864858f47ad5b (commit) via ae0d8cf3b829ae33cc0c9c9e7277c99244fe9919 (commit) via 55d3038f58b94ecf420e6e605cc0432395cd9b3b (commit) via 3732e3a7f1267fb26ab58796d8b90f001399ba85 (commit) via 57ecdcc4edad4b56d727acd06d85a1473f2453bd (commit) via 0fd0135065acb55e54f4c25bcac7c563427c8008 (commit) from 8d606e5f71072ccc60bcac54dfd9e92bb699c6e5 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.13 - Log - commit 6802b43c09cd11cc3074882e7a43fae52dc914a5 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 17:43:26 2012 +1100 DOC regenerate the manpage commit 3fa9a3654a2a647ed326dcc17014abdcf50902ac Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 17:07:13 2012 +1100 STICKY document the sticky record parameters commit fea93c966d21e0b51790a92a828057b075effc56 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 16:58:35 2012 +1100 STICKY: add prototype code to make records stick to a node to calm down if they are found to be very hot and accessed by a lot of clients. This can improve performance and stop clients from having to chase a rapidly migrating/bouncing record commit 6f857bfc9f6bc7bc45891439463757d61848850a Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 12:25:47 2012 +1100 DOC: Document the MaxLACount tunable variable commit b2cc874c5850ba7c7e893eab68a864858f47ad5b Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 12:20:55 2012 +1100 LACOUNT: Add back lacount mechanism to defer migrating a fetched/read copy until after default of 20 consecutive requests from the same node This can improve performance slightly on certain workloads where smbds frequently read from the same record commit ae0d8cf3b829ae33cc0c9c9e7277c99244fe9919 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 12:08:12 2012 +1100 STATISTICS: add per-db hop count statistics commit 55d3038f58b94ecf420e6e605cc0432395cd9b3b Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 11:43:09 2012 +1100 CTDB: change how the hop count buckets are displayed in ctdb statistics commit 3732e3a7f1267fb26ab58796d8b90f001399ba85 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 11:38:20 2012 +1100 DOC document the FetchCollapse tunable commit 57ecdcc4edad4b56d727acd06d85a1473f2453bd Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Tue Mar 20 11:31:59 2012 +1100 FETCH COLLAPSE : Change the fetch-lock collapse to collapse ALL fetches, including fetch-locks into a single command in flight per record. Also add a tunable to enable/disable this optimization for hot records commit 0fd0135065acb55e54f4c25bcac7c563427c8008 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Wed Mar 7 17:02:41 2012 +1100 add max hop count buckets to see how bad hopcounts are --- Summary of changes: client/ctdb_client.c | 52 - common/ctdb_ltdb.c|1 + doc/ctdbd.1 | 684 - doc/ctdbd.1.html | 175 +++- doc/ctdbd.1.xml | 71 + include/ctdb_client.h |6 + include/ctdb_private.h| 11 +- include/ctdb_protocol.h |8 +- server/ctdb_call.c| 282 ++- server/ctdb_control.c | 11 + server/ctdb_daemon.c | 13 +- server/ctdb_ltdb_server.c | 22 ++ server/ctdb_recover.c |3 + server/ctdb_tunables.c|7 +- tools/ctdb.c | 85 ++- 15 files changed, 1083 insertions(+), 348 deletions(-) Changeset truncated at 500 lines: diff --git a/client/ctdb_client.c b/client/ctdb_client.c index 1b41439..b01e258 100644 --- a/client/ctdb_client.c +++ b/client/ctdb_client.c @@ -71,7 +71,7 @@ struct ctdb_req_header *_ctdbd_allocate_pkt(struct ctdb_context *ctdb, */ int ctdb_call_local(struct ctdb_db_context *ctdb_db, struct ctdb_call *call, struct ctdb_ltdb_header *header, TALLOC_CTX *mem_ctx, - TDB_DATA *data, bool updatetdb) + TDB_DATA *data, bool updatetdb, uint32_t caller) { struct ctdb_call_info *c; struct ctdb_registered_call *fn; @@ -106,7 +106,15 @@ int ctdb_call_local(struct ctdb_db_context *ctdb_db, struct ctdb_call *call, } /* we need to force the record to be written out if this was a remote access */ - if (c-new_data == NULL) { + if (header-laccessor != caller)
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 83705c1 Add blog post about SMB2.2 interop event from my blog. from 4a461a3 Announce Samba 3.5.13. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 83705c149aac61b80d60944eb65ed7597b78eed8 Author: Michael Adam ob...@samba.org Date: Tue Mar 20 13:53:08 2012 +0100 Add blog post about SMB2.2 interop event from my blog. --- Summary of changes: ...-visits-microsoft-for-smb2-2-interop-event.html | 46 1 files changed, 46 insertions(+), 0 deletions(-) create mode 100644 news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.html Changeset truncated at 500 lines: diff --git a/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.html b/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.html new file mode 100644 index 000..251d917 --- /dev/null +++ b/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.html @@ -0,0 +1,46 @@ +!--#include virtual=/samba/header.html -- +titleSamba - opening windows to a wider world/title +!--#include virtual=/samba/global_menu.html -- + +h2Samba Team Visits Microsoft For SMB2.2 Interop Event/h2 + +p +span class=meta-prep meta-prep-authorPosted on/span a href=http://blog.obnox.de/samba-team-visits-microsoft-for-smb2-2-interop-event/; title=1:23 pm rel=bookmarkspan class=entry-dateMarch 13, 2012/span/a span class=meta-sepby/span span class=author vcarda class=url fn n href=http://blog.obnox.de/author/obnox/; title=View all posts by obnoxobnox/a/span +/p + +div class=entry-content + +pIn the week of February 27 to March 2, 2012, a few Samba developers accepted an invitation by Microsoft and attended an SMB2.2 testing opportunity at Microsofts Enterprise Engineering Center in Redmond. Jeremy Allison, Steve French, Volker Lendecke, Chris Hertel, Christian Ambach, Matthieu Patou and I found our way to Redmond with Stefan Metzmacher participating to some extent via IRC and mumble. For me, the event was a big success, and I am happy that I finally made up my mind to go there. This is my personal report./p +pa href=http://blog.obnox.de/wp-content/uploads/2012/03/20120227_222123.jpg;img class=size-medium wp-image-45 aligncenter title=ECC src=http://blog.obnox.de/wp-content/uploads/2012/03/20120227_222123-300x225.jpg; alt= width=300 height=225 //a/p +h3strongBackground/strong/h3 +pMicrosoft will ship a new version 2.2 of the SMB protocol with Windows 8. Along with this, a whole new scale out clustering mode is added. The target of these new features is clearly server workload instead of client workload, the two most prominent applications being Virtualization (Hyper-V) and SQL. These two applications that were originally typical applications that ran from SAN-Storage, can now run directly from SMB2.2, and they can go even further when an RDMA adapter is installed, thanks to the new RDMA support in SMB2.2 called SMB Direct. Other intersting features in SMB2.2 are multi-channel sessions and persistent file handles that can survive server failures without data loss./p +pThese new features were first presented at the a title=Storage Developer Conference href=http://www.snia.org/events/storage-developer2011; target=_blankStorage Developer Conference/a in September 2011./p +pThere are preview versions of the documents for these new features available from the a title=msdn library - open specifications href=http://msdn.microsoft.com/en-us/library/dd208104%28v=prot.10%29.aspx; target=_blankmsdn library/a, but they are not complete yet and partly still subject to change. Since February 29, the beta version of Windows 8 can be tested. While the client is freely available, the server variant is only available via MSDN subscriptions. Before this date, only a preview from September 2011 was available that did not yet support many of the announced features./p +h3The strongTest Setup/strong/h3 +pMicrosoft had established two test environments for us with a domain and Windows 8 clients equipped with some test suites. One network contained a Windows 8 cluster server installation, and in the other network was intended for us to integrate our own server implementations to run Microsoft#8217;s test suite against./p +pAfter we had trouble accessing our test network the first day, it worked nicely from the second day on and gave us the opportunity to run tests against Windows 8 beta. It was especially useful to run tests against a fully installed Windows 8 cluster./p +h3Signing/h3 +pSince the beta release, Windows 8 sports a new signing algorithm, aes-cmac, that had not been available in earlier Window 8 previews. In a joint effort with Jeremy and Metze, we were able to fix the last bugs in the code that Metze had written in the
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7639ebe librpc/wscript_build: Fix formatting. via d875327 Move NS_GUID_string and NS_GUID_from_string to dsdb-common. via 0b6dea9 libndr: Define trivial is_valid_policy_hnd as macro. via b4d35be libndr: Rename policy_handle_empty to ndr_policy_handle_empty. via f92b05b libndr: Rename policy_handle_equal to ndr_policy_handle_equal. via 95ca5fb libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix. via 6058977 librpc/wscript_build: Santizize formatting. from 0902392 s3-winbindd Only use SamLogonEx when we can get unencrypted session keys http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7639ebe1ef6535ae1ffb4c9db8810c089136f434 Author: Jelmer Vernooij jel...@samba.org Date: Tue Mar 20 13:50:18 2012 +0100 librpc/wscript_build: Fix formatting. Autobuild-User: Jelmer Vernooij jel...@samba.org Autobuild-Date: Tue Mar 20 15:26:14 CET 2012 on sn-devel-104 commit d875327b10ca0fd3d548b4e9088ffcc7ef421baf Author: Jelmer Vernooij jel...@samba.org Date: Sun Mar 18 18:46:18 2012 +0100 Move NS_GUID_string and NS_GUID_from_string to dsdb-common. commit 0b6dea9d664841d505acd75ac5449e953f60db74 Author: Jelmer Vernooij jel...@samba.org Date: Sun Mar 18 18:04:17 2012 +0100 libndr: Define trivial is_valid_policy_hnd as macro. This makes the NDR namespace a bit clearer, in preparation of ABI checking. commit b4d35bee38a4cfd0eba26956dde2c5bb23cdb1c3 Author: Jelmer Vernooij jel...@samba.org Date: Sun Mar 18 17:44:24 2012 +0100 libndr: Rename policy_handle_empty to ndr_policy_handle_empty. This makes the NDR namespace a bit clearer, in preparation of ABI checking. commit f92b05b95575d45e91dcd2885fb4e2d202deb9ae Author: Jelmer Vernooij jel...@samba.org Date: Sun Mar 18 16:54:21 2012 +0100 libndr: Rename policy_handle_equal to ndr_policy_handle_equal. This makes the NDR namespace a bit clearer, in preparation of ABI checking. commit 95ca5fbadd390fe056ee2e8f9716ee478904458e Author: Jelmer Vernooij jel...@samba.org Date: Sun Mar 18 16:46:57 2012 +0100 libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix. This makes the NDR namespace a bit clearer, in preparation of ABI checking. commit 6058977f900c513eafe20201d0b1b0d13727ba13 Author: Jelmer Vernooij jel...@samba.org Date: Sun Mar 18 02:21:24 2012 +0100 librpc/wscript_build: Santizize formatting. --- Summary of changes: librpc/ndr/libndr.h | 14 +- librpc/ndr/ndr.c | 15 +- librpc/ndr/uuid.c| 61 +-- librpc/rpc/binding.c |6 +- librpc/wscript_build | 771 +++--- source3/lib/netapi/samr.c|6 +- source3/rpc_client/cli_pipe.c|6 +- source3/rpc_server/epmapper/srv_epmapper.c |8 +- source3/rpc_server/rpc_ncacn_np.c|4 +- source3/rpc_server/srv_pipe.c|6 +- source4/dsdb/common/util.c | 52 ++ source4/dsdb/common/util.h | 10 + source4/dsdb/samdb/ldb_modules/simple_ldap_map.c |1 + source4/dsdb/samdb/ldb_modules/wscript_build |2 +- source4/libnet/libnet_domain.c |2 +- source4/libnet/prereq_domain.c |8 +- source4/librpc/rpc/dcerpc_auth.c |4 +- source4/librpc/rpc/pyrpc.c |5 +- source4/rpc_server/dcerpc_server.c | 12 +- source4/rpc_server/epmapper/rpc_epmapper.c |4 +- source4/rpc_server/handles.c |2 +- source4/torture/rpc/epmapper.c | 12 +- source4/torture/rpc/samr.c | 13 +- 23 files changed, 516 insertions(+), 508 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/libndr.h b/librpc/ndr/libndr.h index 36adae9..37a3145 100644 --- a/librpc/ndr/libndr.h +++ b/librpc/ndr/libndr.h @@ -353,9 +353,9 @@ typedef void (*ndr_print_function_t)(struct ndr_print *, const char *, int, cons #include ../libcli/util/error.h #include librpc/gen_ndr/misc.h -extern const struct ndr_syntax_id ndr_transfer_syntax; -extern const struct ndr_syntax_id ndr64_transfer_syntax; -extern const struct ndr_syntax_id null_ndr_syntax_id; +extern const struct ndr_syntax_id ndr_transfer_syntax_ndr; +extern const struct ndr_syntax_id ndr_transfer_syntax_ndr64; +extern const struct ndr_syntax_id ndr_syntax_id_null; struct ndr_interface_call_pipe { const char *name; @@ -555,9 +555,9 @@ NDR_SCALAR_PROTO(double, double) enum ndr_err_code
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 4898de8 WHATSNEW: Start release notes for 3.5.14. via 33d3329 VERSION: Bump version up to 3.5.14. via c119cd8 s3-winbindd Only use SamLogonEx when we can get unencrypted session keys from 81703ab v3-6-test: Further fix for bug 8338 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 4898de8a5e2f715c4672c75fa44408e756724627 Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 20 21:27:17 2012 +0100 WHATSNEW: Start release notes for 3.5.14. Karolin commit 33d332960fa266a08ff0ee72945101051fa4d71e Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 20 21:24:51 2012 +0100 VERSION: Bump version up to 3.5.14. Karolin commit c119cd8868fc7e2eb08b09f7092519007fd83bf6 Author: Andrew Bartlett abart...@samba.org Date: Thu Dec 15 09:57:56 2011 +1100 s3-winbindd Only use SamLogonEx when we can get unencrypted session keys This ensures that we have some check on the session keys being returned as the RC4 cipher is not checksumed. The check comes from the fact that the credentials chain is tied to the netlgon session key, and so if the credentials check passes then the netlogon session key will be correct, and so the user session key will be correctly decrypted. Andrew Bartlett Signed-off-by: Matthieu Patou m...@matws.net s3: If we can't do validation 6 or sam_logon_ex use sam_logon only --- Summary of changes: WHATSNEW.txt| 48 -- source3/VERSION |2 +- source3/winbindd/winbindd_pam.c |4 +- 3 files changed, 48 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d90d69c..391af0b 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,46 @@ == + Release Notes for Samba 3.5.14 + , 2012 + == + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.14 include: + +o + +Changes since 3.5.13: +- + + +o Jeremy Allison j...@samba.org + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + == Release Notes for Samba 3.5.13 March 12, 2012 == @@ -69,7 +111,7 @@ o Volker Lendecke v...@samba.org causing uninitialized memory read. -o Stefan Metzmacher me...@samba.org +o Stefan Metzmacher me...@samba.org * BUG 5326: Fix cli_write_and_x() against OS/2 print shares. * BUG 8562: Fix double free error (talloc). * BUG 8593: Fix a crash bug in cldap_socket_recv_dgram(). @@ -121,8 +163,8 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- + == Release Notes for Samba 3.5.12 diff --git a/source3/VERSION b/source3/VERSION index c58d08c..700054e 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=5 -SAMBA_VERSION_RELEASE=13 +SAMBA_VERSION_RELEASE=14 # Bug fix releases use a letter for the patch revision # diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 26fdc5a..b0b8e40 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1365,7 +1365,7 @@ static NTSTATUS winbindd_dual_pam_auth_samlogon(struct winbindd_domain *domain,
[SCM] Samba Shared Repository - branch v3-5-stable updated
The branch, v3-5-stable has been updated via 8f46865 WHATSNEW: Start release notes for 3.5.14. via 1359c0d VERSION: Bump version up to 3.5.14. from e2250ba WHATSNEW: Update 3.5.13 release notes. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-stable - Log - commit 8f468654753c7d99bbb14132eb619285fa99e7fc Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 20 21:27:17 2012 +0100 WHATSNEW: Start release notes for 3.5.14. Karolin (cherry picked from commit 4898de8a5e2f715c4672c75fa44408e756724627) commit 1359c0df1923200e21a861621cc7b422432fc7c0 Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 20 21:24:51 2012 +0100 VERSION: Bump version up to 3.5.14. Karolin (cherry picked from commit 33d332960fa266a08ff0ee72945101051fa4d71e) --- Summary of changes: WHATSNEW.txt| 48 +--- source3/VERSION |2 +- 2 files changed, 46 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d90d69c..391af0b 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,46 @@ == + Release Notes for Samba 3.5.14 + , 2012 + == + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.14 include: + +o + +Changes since 3.5.13: +- + + +o Jeremy Allison j...@samba.org + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + == Release Notes for Samba 3.5.13 March 12, 2012 == @@ -69,7 +111,7 @@ o Volker Lendecke v...@samba.org causing uninitialized memory read. -o Stefan Metzmacher me...@samba.org +o Stefan Metzmacher me...@samba.org * BUG 5326: Fix cli_write_and_x() against OS/2 print shares. * BUG 8562: Fix double free error (talloc). * BUG 8593: Fix a crash bug in cldap_socket_recv_dgram(). @@ -121,8 +163,8 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- + == Release Notes for Samba 3.5.12 diff --git a/source3/VERSION b/source3/VERSION index c2e6e94..d6e661b 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=5 -SAMBA_VERSION_RELEASE=13 +SAMBA_VERSION_RELEASE=14 # Bug fix releases use a letter for the patch revision # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 8852ad6 s3-winbindd Only use SamLogonEx when we can get unencrypted session keys from 2815036 Fix bug #8797 - Samba does not correctly handle DENY ACEs when privileges apply. Signed-off-by: Jeremy Allison j...@samba.org (cherry picked from commit 9aafc490db58017133bbd7a7f49264ee0d48f0ff) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 8852ad6bd77b44e9dd71de3994869f5603964ef7 Author: Andrew Bartlett abart...@samba.org Date: Thu Dec 15 10:00:36 2011 +1100 s3-winbindd Only use SamLogonEx when we can get unencrypted session keys This ensures that we have some check on the session keys being returned as the RC4 cipher is not checksumed. The check comes from the fact that the credentials chain is tied to the session key, and so if the credentials check passes then the netlogon session key will be correct, and so the user session key will be correctly decrypted. Andrew Bartlett Part of a fix for bug #8599 (WINBINDD_PAM_AUTH_CRAP returns invalid user session key). --- Summary of changes: source3/winbindd/winbindd_pam.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 9801f53..4c078df 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1233,7 +1233,7 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, domain-can_do_validation6 = false; } - if (domain-can_do_samlogon_ex) { + if (domain-can_do_samlogon_ex domain-can_do_validation6) { result = rpccli_netlogon_sam_network_logon_ex( netlogon_pipe, mem_ctx, @@ -1243,7 +1243,7 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, domainname, /* target domain */ workstation,/* workstation */ chal, - domain-can_do_validation6 ? 6 : 3, + 6, lm_response, nt_response, info3); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b114043 s4-upgradedns: Add DNS partitions in msDS-hasMasterNCs in NTDS settings via ffce812 s4-rpc: dnsserver: Fix IPv6 reverse zone handling via 8a39c5c s4-upgradedns: Allow fixing of dns provision after domain join from 7639ebe librpc/wscript_build: Fix formatting. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b114043c4641f4559e3b02a0b094153d83bb328e Author: Amitay Isaacs ami...@gmail.com Date: Wed Mar 14 19:34:54 2012 +1100 s4-upgradedns: Add DNS partitions in msDS-hasMasterNCs in NTDS settings Autobuild-User: Amitay Isaacs ami...@samba.org Autobuild-Date: Wed Mar 21 03:16:22 CET 2012 on sn-devel-104 commit ffce812c22932704618bee212f07f43907e78083 Author: Amitay Isaacs ami...@gmail.com Date: Tue Mar 13 12:05:10 2012 +1100 s4-rpc: dnsserver: Fix IPv6 reverse zone handling Thanks to Marcel Ritter marcel.rit...@rrze.fau.de for the patch. commit 8a39c5c3a1cd3868a5829da21bf87e2b370dd4cc Author: Amitay Isaacs ami...@gmail.com Date: Tue Mar 13 11:51:02 2012 +1100 s4-upgradedns: Allow fixing of dns provision after domain join This change allows samba_upgradedns script to be run even on existing dns provision (DLZ_BIND9 or SAMBA_INTERNAL) without any side effects. This allows to fix dns provision after samba-tool domain join for running BIND with DLZ plugin. --- Summary of changes: source4/rpc_server/dnsserver/dnsutils.c |7 ++ source4/scripting/bin/samba_upgradedns | 135 ++- 2 files changed, 103 insertions(+), 39 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/dnsserver/dnsutils.c b/source4/rpc_server/dnsserver/dnsutils.c index 52a8bdd..8140296 100644 --- a/source4/rpc_server/dnsserver/dnsutils.c +++ b/source4/rpc_server/dnsserver/dnsutils.c @@ -159,6 +159,7 @@ struct dnsserver_zoneinfo *dnsserver_init_zoneinfo(struct dnsserver_zone *zone, struct dnsserver_zoneinfo *zoneinfo; uint32_t fReverse; const char *revzone = in-addr.arpa; + const char *revzone6 = ip6.arpa; int len1, len2; zoneinfo = talloc_zero(zone, struct dnsserver_zoneinfo); @@ -167,11 +168,17 @@ struct dnsserver_zoneinfo *dnsserver_init_zoneinfo(struct dnsserver_zone *zone, } /* If the zone name ends with in-addr.arpa, it's reverse zone */ + /* If the zone name ends with ip6.arpa, it's reverse zone (IPv6) */ fReverse = 0; len1 = strlen(zone-name); len2 = strlen(revzone); if (len1 len2 strcasecmp(zone-name[len1-len2], revzone) == 0) { fReverse = 1; + } else { + len2 = strlen(revzone6); + if (len1 len2 strcasecmp(zone-name[len1-len2], revzone6) == 0) { + fReverse = 1; + } } zoneinfo-Version = 0x32; diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns index 3a6c0b7..1a42e0c 100755 --- a/source4/scripting/bin/samba_upgradedns +++ b/source4/scripting/bin/samba_upgradedns @@ -323,6 +323,8 @@ if __name__ == '__main__': logger.info(Adding DNS accounts) add_dns_accounts(ldbs.sam, domaindn) dnsadmins_sid = get_dnsadmins_sid(ldbs.sam, domaindn) +else: +logger.info(DNS accounts already exist) # Import dns records from zone file if os.path.exists(paths.dns): @@ -340,55 +342,110 @@ if __name__ == '__main__': logger.warn(DNS records will be automatically created) autofill = True -# Fill DNS information -logger.info(Creating DNS partitions) -create_dns_partitions(ldbs.sam, domainsid, names, domaindn, forestdn, +# Create DNS partitions if missing and fill DNS information +try: +expression = '(|(dnsRoot=DomainDnsZones.%s)(dnsRoot=ForestDnsZones.%s))' % \ + (dnsdomain, dnsdomain) +msg = ldbs.sam.search(base=names.configdn, scope=ldb.SCOPE_DEFAULT, + expression=expression, attrs=['nCName']) +ncname = msg[0]['nCName'][0] +except Exception, e: +logger.info(Creating DNS partitions) +create_dns_partitions(ldbs.sam, domainsid, names, domaindn, forestdn, dnsadmins_sid) -logger.info(Populating DNS partitions) -fill_dns_data_partitions(ldbs.sam, domainsid, site, domaindn, forestdn, +logger.info(Populating DNS partitions) +fill_dns_data_partitions(ldbs.sam, domainsid, site, domaindn, forestdn, dnsdomain, dnsforest, hostname, hostip, hostip6, domainguid, ntdsguid, dnsadmins_sid, autofill=autofill) -if not autofill: -
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2012-03-21-0427/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2012-03-21-0427/samba3.stderr http://git.samba.org/autobuild.flakey/2012-03-21-0427/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2012-03-21-0427/samba4.stderr http://git.samba.org/autobuild.flakey/2012-03-21-0427/samba4.stdout The top commit at the time of the failure was: commit b114043c4641f4559e3b02a0b094153d83bb328e Author: Amitay Isaacs ami...@gmail.com Date: Wed Mar 14 19:34:54 2012 +1100 s4-upgradedns: Add DNS partitions in msDS-hasMasterNCs in NTDS settings Autobuild-User: Amitay Isaacs ami...@samba.org Autobuild-Date: Wed Mar 21 03:16:22 CET 2012 on sn-devel-104