Re: [Samba] Samba4: ID mapping is hard

[steve]

On 24/03/12 01:20, Andrew Bartlett wrote:

On Fri, 2012-03-23 at 23:54 +0100, steve wrote:


What is working well for us in tests is giving Domain Users a uid, gid,
setting their primaryGroupID to that of a posix-ified security group and
storing these attributes in their entry in sam.ldb. The only problem I
have with this is that adding the posixGroup objectClass to a security
group removes the ability to be able to list its members in ADUC and it
is really unfortunate that I can't test this against a windows server.
Because I don't have one.

Trial copies of Windows are available for download:

https://www.microsoft.com/en-us/server-cloud/windows-server/2008-r2-trial.aspx


This is merely an inconvenience as the
posix-ified security group behaves exactly as if it were a normal domain
group. If we want point and click we can use phpldapadmin.

So, uid gid mapping and the interoperability of domain and posix groups
like this is really simple. What we fear may happen is that when an
official s4 mapping method comes along, it will make changes to either
the schema or sam.ldb which will disallow our storing our attributes in
the directory.

Any valid schema modification that is supported in windows will continue
to be supported.  The schema as shipped is the official AD schema, and
it and the implementation of the mayContains rules associated are both
highly unlikely to change.


Are we wasting time proceding with this or does it make at least a
little sense? Our aim is simply to have a single sign on linux/windows.
As s4 does not provide an official mechanism for this at the moment we
invented this.

For Linux clients, the supported solution is using Samba3's winbindd.
Patches to modify Samba4's id mapping to internally honour the same id
mapping behaviour of the Samba3 winbindd you deploy on clients would be
welcome and appreciated.

Binding nss_ldap directly against any AD implementation has always been
a bad idea.  We built winbindd for this reason, and recommend it's use
against Samba4.
Winbind with samba4 does not work (or please tell me how to do it). If I 
replace my ldap with winbind in nsswitch.conf, mappings are no longer 
under our control. We use nss-ldapd to extract the posix attributes 
directly from the s4 ldap. It's simple, 100% reliable and fast. The 
posix attributes need no manipulation as they are stored alongside the 
windows stuff under the user dn. Our fileserver on the Linux side is 
kerberized nfs which is also rock solid. nss-pam-ldapd/nslcd (not the 
old nss-ldap) just works. Why is this a bad idea? winbind seems overly 
complicated when Linux tools are already in place to do what we need. 
I'm sure I'm missing the obvious here though. Please let us not forget 
that Linux workstations are just as important on a lan as those with 
windows. Le'ts serve them equally well.


Our concern is that this method will not work for future releases of 
Samba4. Your note about the mayContain is most welcome however.


Thanks so much for taking time to explain this for us. It really does 
help put an understandable slant on s4 from an ordinary user pov.


Steve
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] IDMAP dump and restore for second server.

[Bruce Richardson]

On Fri, Mar 23, 2012 at 10:51:47AM +, Johan Hendriks wrote:
 Thanks for the reply.
 
 probably my lack of understanding the whole thing is making it a little 
 confusing for me.
 
 Is there a way to get the same id's on a second server.

You could move to using an LDAP backend, then it'll always be consistent
between the servers.  If you set up LDAP on both controllers, you can
have replication and a solution that will scale well as you add servers.


-- 
Bruce

It is impolite to tell a man who is carrying you on his shoulders that
his head smells.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Users can't login any more

[Koenraad Lelong]

On 23-03-12 21:01, Gaiseric Vandal wrote:

Samba 3.5.3 should recent enough to work properly.

You should probably trouble shoot your Windows 98 and XP machines
separately.

Do you have any real XP machines? Were you XP machines working prior to
this problem?

Do you get the errors in the smbd log everytime you restart samba? Have
you restarted samba recently?

Does smbclient work if you specify a user name (Administrator or
another user?)

Do the accounts look ok in pdbedit -Lv ?



Hi,

Thank you for your reply.
I hope I solved my problem (I can't test for the moment, I'm at home). 
The cause was (I hope) a misconfiguration of some switches. 
Thursday-afternoon I needed to monitor a port on a switch for trafic. I 
saw a configuration I didn't see yet : Auto DoS. I believed this would 
prevent DoS attacks, so I enabled it, and on two other switches. It 
seems it's the opposite, it prevents some trafic, effectively creating a 
DoS.
I just googled, and it's a known problem of that switch type : HP 
ProCurve 1810G.


I reverted that, I'll have to see what's happening monday.

But your suggestions are noted for future troubleshooting. So, thanks again.


Regards,

Koenraad Lelong.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] windows 2008 not able to access Samba Shares

[Vijay Kumar]

Hi,

I am have SAMBA configured on Linux, Solaris  HP UX machine. All version are 
lower than 3.4.7. I am able to access SAMBA Shares from Windows XP, Windows NT 
/ 2003 Server. Recently we added Windows 7 and Windows 2008 Std Edition as 
client but I am unable to access Samba Shares from Windows 2008 system. 

After changed following registry in Windows 7 Now i am able to access Samba 
Shares.
HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel

But Problem is still with Windows 2008. I have gone through no of postings and 
made changes in security option but no luck. Any idea what how to resolve this 
issue.

Following Global Parameters are set.
   workgroup = WG01
   realm = localdomain.com
   server string = File server%v on (%L)
   netbios name = localhost
   security = SERVER
   encrypt passwords = Yes
   update encrypted = Yes
   password server = 192.168.x.x
   log level = 3
   log file = /var/log/samba/samba.log.%m.%R
   name resolve order = wins dns bcast hosts
   wins server = 192.168.x.x
   case sensitive = Yes

Thanks in advance.

Reagrds,
VK  
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Suggestions for moving a PDC function

[Simon Matthews]

I currently have a server which is both the PDC for my domain and the file
server for the network.

I need to split these functions and move the PDC function to another box,
while leaving the original server as the file server on which home
directories and roaming profiles are stored. User credentials are stored in
a tdbsam database and I am running Samba 3.5.

Does anyone have any pointers on what to move and any potential pitfalls in
the process? I have always used the same machine for both the PDC and file
server, so this is somewhat unknown territory for me. I assume that the
file server will still run samba, and I will change the domain master = 
and domain logins =  to no in both cases. Also security = should be set
to security = domain and add set up a machine account on the file server
which is then joined to the domain?

What files need to be moved to the new samba server? I see that there are
files in /var/cache/samba (it's a Gentoo system) which I assume also have
to be put into the proper place on the new server. Is there anything else I
need to look for.

Many thanks for any suggestions.

Simon
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] winbindd not providing supplementary groups with server 2003 AD

[Ivo Karabojkov]

I have Windows server 2003 AD controller and Samba 3 (3.5.11 or 3.6.3) 
member server running on FreeBSD 8.2/9.0. I don't use MS Services for 
Unix and my setup relies on Winbindd for idmapping. I can see all users 
/ groups with wbinfo -g, wbinfo -u, getent group, getent passwd. I can 
see all user's group with id username.
I had to solve more complicated tasks including ACLs and granting rights 
to AD groups. I was surprised that only primary groups for users were 
honored but supplementary not. I tested with share on filesystem without 
ACL to exclude error in ACLs - same problem. Using debuglevel 10 I saw 
that somehow appears incorrect list of supplementary groups. wbinfo -r 
username returns ONLY primary group of the user.


smbserver:/var/log/samba# id AD-DOMAIN_user13
uid=10014(AD-DOMAIN_user13) gid=10013(AD-DOMAIN_domain users) 
groups=10013(AD-DOMAIN_domain users),10022(AD-DOMAIN_accounting)

(this is correct, the user is member of these two groups only)

getent groups shows (all IDMapped groups from AD):
AD-DOMAIN_helpservicesgroup:x:10002:AD-DOMAIN_support_388
AD-DOMAIN_telnetclients:x:10003
AD-DOMAIN_wins users:x:10004
AD-DOMAIN_dhcp users:x:10005
AD-DOMAIN_dhcp administrators:x:10006
AD-DOMAIN_domain computers:x:10007
AD-DOMAIN_domain controllers:x:10008
AD-DOMAIN_schema 
admins:x:10009:AD-DOMAIN_job_acc,AD-DOMAIN_marti,AD-DOMAIN_administrator
AD-DOMAIN_enterprise 
admins:x:10010:AD-DOMAIN_job_acc,AD-DOMAIN_marti,AD-DOMAIN_administrator

AD-DOMAIN_cert publishers:x:10011
AD-DOMAIN_domain 
admins:x:10012:AD-DOMAIN_atan,AD-DOMAIN_job_acc,AD-DOMAIN_administrator
AD-DOMAIN_domain 
users:x:10013:AD-DOMAIN_marti,AD-DOMAIN_interbase,AD-DOMAIN_iii,AD-DOMAIN_plll,AD-DOMAIN_lid,AD-DOMAIN_ita

AD-DOMAIN_domain guests:x:10014
AD-DOMAIN_group policy creator 
owners:x:10015:AD-DOMAIN_job_acc,AD-DOMAIN_marti,AD-DOMAIN_administrator

AD-DOMAIN_ras and ias servers:x:10016
AD-DOMAIN_dnsadmins:x:10017
AD-DOMAIN_dnsupdateproxy:x:10018
AD-DOMAIN_management:x:10019:AD-DOMAIN_iva,AD-DOMAIN_marti
AD-DOMAIN_manufacture:x:10020:AD-DOMAIN_poli,AD-DOMAIN_kanc,AD-DOMAIN_delc,AD-DOMAIN_kol,AD-DOMAIN_pash,AD-DOMAIN_nik
AD-DOMAIN_offices:x:10021:AD-DOMAIN_nesh,AD-DOMAIN_stef,AD-DOMAIN_jon,AD-DOMAIN_dimi
AD-DOMAIN_accounting:x:10022:AD-DOMAIN_user01,AD-DOMAIN_pet,AD-DOMAIN_user13,AD-DOMAIN_georg,AD-DOMAIN_acct1
AD-DOMAIN_stock_management:x:10023:AD-DOMAIN_stef,AD-DOMAIN_pash,AD-DOMAIN_nik
AD-DOMAIN_trz:x:10024:AD-DOMAIN_ivan,AD-DOMAIN_georg
AD-DOMAIN_backup:x:10025
AD-DOMAIN_test2:x:10026

As I try to access shared folder with the following permissions:
(UIDs/GIDs)
drwxrwx---   2 10012  10022   512 Mar 23 18:14 accshart
(user and group names)
drwxrwx---   2 AD-DOMAIN_user01  AD-DOMAIN_accounting512 Mar 23 
18:14 accshart


with debuglevel 10 I see the following strange messages:

[2012/03/23 18:58:16.606992,  5] 
../libcli/security/security_token.c:63(security_token_debug)

  Security token SIDs (10):
SID[  0]: S-1-5-21-1579055750-3724707312-788426950-1136
SID[  1]: S-1-5-21-1579055750-3724707312-788426950-513
SID[  2]: S-1-1-0
SID[  3]: S-1-5-2
SID[  4]: S-1-5-11
SID[  5]: S-1-22-1-10014
SID[  6]: S-1-22-2-10013
SID[  7]: S-1-22-2-1
SID[  8]: S-1-22-2-10001
SID[  9]: S-1-22-2-10027
   Privileges (0x   0):
   Rights (0x   0):
[2012/03/23 18:58:16.607095,  5] 
auth/token_util.c:527(debug_unix_user_token)

  UNIX token of user 10014
  Primary group is 10013 and contains 4 supplementary groups
  Group[  0]: 10013
  Group[  1]: 1
  Group[  2]: 10001
  Group[  3]: 10027
[2012/03/23 18:58:16.607157,  5] smbd/uid.c:317(change_to_user_internal)
  Impersonated user: uid=(0,10014), gid=(0,10013)
[2012/03/23 18:58:16.607176,  4] smbd/vfs.c:780(vfs_ChDir)
  vfs_ChDir to /usr/accshart
[2012/03/23 18:58:16.607202,  4] smbd/vfs.c:780(vfs_ChDir)
  vfs_ChDir to /usr/accshart
[2012/03/23 18:58:16.607223,  3] smbd/service.c:190(set_current_service)
  chdir (/usr/accshart) failed, reason: Permission denied
[2012/03/23 18:58:16.607270,  3] smbd/error.c:81(error_packet_set)
  error packet at smbd/process.c(1558) cmd=50 (SMBtrans2) 
NT_STATUS_ACCESS_DENIED


As you can see only the primary group [0] is correct, supplementary 
groups [1],[2],[3] are not existing.

wbinfo -r AD-DOMAIN_user13 returns only primary GID:
10013

This is equal with both available versions of Samba via FreeBSD ports: 
3.5.11 and 3.6.3.


Here is my Samba config:

[global]
workgroup = AD-DOMAIN
realm = AD-DOMAIN.LOCAL
server string = Samba Server
interfaces = localhost, nfe0
bind interfaces only = Yes
security = ADS
map untrusted to domain = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 500
template homedir = /var/spool/vacation/AD-DOMAIN
template shell = /sbin/nologin
winbind separator = _
winbind enum users = Yes
winbind enum groups = Yes
winbind 

[Samba] Roaming profiles not being loaded

[Simon Matthews]

I tried to build a setup to model and hence learn how to configure samba
servers for the setup that I described below.

However, a user login in which the profile is defined to be on a samba
server that is not the PDC never gets a roaming profile -- instead the user
always gets a temporary profile. Looking at the Windows logs, it is
complaining about a permissions issue. However, once logged in (with the
temporary profile), that user can create and modify files in the profile
directory. I have turned logging level to 3, but I don't see anything
useful.

The PDC is running SAMBA 3.5.11, while the other server (modeling the
fileserver in the proposed network) is running SAMBA 3.5.10.

The usernames exist in the /etc/passwd files on both machines (although I
think that I should not need this if I can get winbindd working properly).
Home directories for the suers exist on both machines.

Some specifics:
1. smb.conf from the fileserver (Not the PDC, but the machine where the
profile directories are found):
[global]

workgroup = MATTHEWS
server string = Samba Server Version %v
netbios name = sambatest
 log file = /var/log/samba/log.%m
max log size = 50
log level = 3
 security = domain
passdb backend = tdbsam
password server = firewall
idmap backend = tdb
idmap uid = 9000-
idmap gid = 9000-

local master = no
load printers = yes
cups options = raw

[homes]
comment = Home Directories
browseable = no
writable = yes

[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes

[profiles]
comment = profiles
path = /export/profiles
browseable = yes
guest ok = yes

smb.conf from the PDC:
[global]
workgroup = MATTHEWS
netbios aliases = SERVER, firewall, newfirewall
server string = Samba Server %v
interfaces = 192.168.89.1, 127.0.0.1, 192.168.89.2, 192.168.89.6,
10.9.0.1
bind interfaces only = Yes
security = user
log file = /var/log/samba3/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = /etc/printcap
os level = 90
preferred master = Yes
domain master = Yes
domain logons = yes
dns proxy = No
wins server = 192.168.89.1
wins support = Yes
admin users = root, simon, @wheel
hosts allow = 192.168.0.0/255.255.0.0, 10.8.0.0/24
hosts deny = 0.0.0.0/0
passdb backend = tdbsam
logon path = \\%N\profiles\%U
logon home = \\firewall\%U\winprofile
[profiles]
comment = profiles
path = /export/profiles
read only = No
[homes]
comment = Home Directories
path = /home/%u
read only = No
[allhomes]
comment = Home Directories
path = /home
guest ok = Yes
[print$]
path = /var/lib/samba/printers
guest ok = Yes

[CD]
path = /mnt/cdrom/
guest ok = Yes
[certs]
path = /home/certs
guest ok = Yes
[pub]
path = /home/pub
read only = No
guest ok = Yes
[HP]
comment = HP Printer
path = /tmp
guest ok = Yes
printable = Yes
print command = lpr -P HP -oraw -r -l  %s
lpq command = lpq -P'HP'
lprm command = lprm -P'HP' %j
use client driver = Yes
[Laser]
path = /tmp
printable = Yes

pdb data for user that cannot get a profile:

 pdbedit -v simontest
Unix username:simontest
NT username:
Account Flags:[U  ]
User SID: S-1-5-21-812011073-3920078087-27638135-1004
Primary Group SID:S-1-5-21-812011073-3920078087-27638135-513
Full Name:
Home Directory:   \\firewall\simontest\winprofile
HomeDir Drive:
Logon Script:
Profile Path: \\sambatest\profiles\simontest
Domain:   MATTHEWS
Account desc:
Workstations:
Munged dial:
Logon time:   0
Logoff time:  Wed, 06 Feb 2036 07:06:39 PST
Kickoff time: Wed, 06 Feb 2036 07:06:39 PST
Password last set:Sat, 24 Mar 2012 15:09:20 PDT
Password can change:  Sat, 24 Mar 2012 15:09:20 PDT
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours : FF

Does anyone have any suggestions on what might be wrong? If it needs
entries from the log files, I can add these.

Simon

On Sat, Mar 24, 2012 at 12:09 PM, Simon Matthews simon.d.matth...@gmail.com
 wrote:

 I currently have a server which is both the PDC for my domain and the file
 server for the network.

 I need to split these functions and move the PDC function to another box,
 while leaving the original server as the file server on which home
 directories and roaming profiles are stored. User credentials are stored in
 a tdbsam database and I am running Samba 3.5.

 Does anyone have any pointers on what to move and any potential pitfalls
 in the process? I have always used the same machine for both the PDC and
 file server, so this is somewhat unknown territory for me. I assume that
 the file 

[SCM] Samba Shared Repository - branch master updated

[Richard Sharpe]

The branch, master has been updated
   via  1080483 Improve the Makefile. Use a standard make macro, not a 
shell command.
  from  ae9b5ad selftest.py: Add cleanup_pid.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 1080483319d4eb7a8cdee767fc41f7258e0e2537
Author: Richard Sharpe realrichardsha...@gmail.com
Date:   Fri Mar 23 21:27:41 2012 -0700

Improve the Makefile. Use a standard make macro, not a shell command.

Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Sat Mar 24 07:09:44 CET 2012 on sn-devel-104

---

Summary of changes:
 examples/VFS/Makefile.in |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/examples/VFS/Makefile.in b/examples/VFS/Makefile.in
index 55e2c04..f9b81eb 100644
--- a/examples/VFS/Makefile.in
+++ b/examples/VFS/Makefile.in
@@ -45,7 +45,7 @@ skel_transparent.@SHLIBEXT@: skel_transparent.@OBJEXT@
 
 .c.@OBJEXT@:
@echo Compiling $
-   @$(CC) $(FLAGS) -c $ -D$(basename $@)_init=samba_init_module
+   @$(CC) $(FLAGS) -c $ -D$*_init=samba_init_module
 
 
 install: default


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-5-test updated

[Karolin Seeger]

The branch, v3-5-test has been updated
   via  c352832 Fix bug 8314] - smbd crash with unknown user.
  from  4898de8 WHATSNEW: Start release notes for 3.5.14.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test


- Log -
commit c352832e2fadf1207cadef525bf21068f1d1ee1b
Author: Jeremy Allison j...@samba.org
Date:   Fri Jul 22 16:40:54 2011 -0700

Fix bug 8314] - smbd crash with unknown user.

All other auth modules code with being called with
auth_method-private_data being NULL, make the auth_server
module cope with this too.

Autobuild-User: Jeremy Allison j...@samba.org
Autobuild-Date: Sat Jul 23 02:55:01 CEST 2011 on sn-devel-104
(cherry picked from commit 1832c9591099be941ef3afe7b0381c4af61f4728)

---

Summary of changes:
 source3/auth/auth_server.c |   15 ---
 1 files changed, 12 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index 287b50b..bc38041 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -273,14 +273,23 @@ static NTSTATUS check_smbserver_security(const struct 
auth_context *auth_context
 const auth_usersupplied_info 
*user_info, 
 auth_serversupplied_info **server_info)
 {
-   struct server_security_state *state = talloc_get_type_abort(
-   my_private_data, struct server_security_state);
-   struct cli_state *cli;
+   struct server_security_state *state = NULL;
+   struct cli_state *cli = NULL;
static bool tested_password_server = False;
static bool bad_password_server = False;
NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
bool locally_made_cli = False;
 
+   DEBUG(10, (check_smbserver_security: Check auth for: [%s]\n,
+   user_info-smb_name));
+
+   if (my_private_data == NULL) {
+   DEBUG(10,(check_smbserver_security: 
+   password server is not connected\n));
+   return NT_STATUS_LOGON_FAILURE;
+   }
+
+   state = talloc_get_type_abort(my_private_data, struct 
server_security_state);
cli = state-cli;

if (cli) {


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

[Jelmer Vernooij]

The branch, master has been updated
   via  55bd279 lib/util: Allow calloc use in util.c, too.
   via  85aa077 adt_tree: Fix return types.
   via  456abea replace: Work around socket wrapper.
   via  10dd5f1 replace: Add system/network.h for ucred struct.
   via  5ba8ada s3-waf: Use samba3-util library instead of lots of tiny 
libs.
   via  6f1b735 adt_tree: Avoid WERROR.
   via  71d41a0 libreplace: Add getpeereid implementation.
   via  76bb68f util_malloc: Remove unused constant.
   via  32fd6d6 lib/util: Remove dummy wrapper for getgrgid().
   via  2a82c45 lib/util: Remove dummy wrapper for getgrnam().
   via  43f2750 lib/util: Remove dummy wrapper for getpwuid().
   via  818e072 lib/util: Remove dummy wrapper for getpwnam().
   via  3be6258 lib/util: Remove dummy wrappers for 
setpwent/getpwent/endpwent.
   via  14fdc1c lib/util: Move calloc_array and memalign_array to top-level 
libutil.
   via  c0c52ac lib/util: Remove prototype for removed sys_memalign.
   via  2d5275f lib/util: Remove trivial wrapper sys_connect() around 
connect().
   via  2c94446 cli_pipe: Avoid sys_connect.
   via  e7cd529 sock_exec: Avoid sys_connect.
   via  a9c22de util_sock: Avoid sys_connect.
   via  eb3617c ctdb_conn: Avoid sys_connect.
   via  d4c4cb0 replace: Move memalign() from lib/util/system.c to 
libreplace.
  from  1080483 Improve the Makefile. Use a standard make macro, not a 
shell command.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 55bd27935fe0bf31945d0137a1673499e7fcb1ad
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 17:16:26 2012 +0100

lib/util: Allow calloc use in util.c, too.

Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Sat Mar 24 18:50:32 CET 2012 on sn-devel-104

commit 85aa07761abbbf1212e244c8b0a835e41834ae16
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 17:11:11 2012 +0100

adt_tree: Fix return types.

commit 456abea8941dfb6dab6e69a760532426a781d9ba
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 17:05:29 2012 +0100

replace: Work around socket wrapper.

It's fine to ignore socket wrapper here, as it doesn't deal with unix 
domain sockets.

commit 10dd5f186fa31b3abfb8c65bfe3c1b31215106e3
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 16:50:37 2012 +0100

replace: Add system/network.h for ucred struct.

commit 5ba8adadd3fdeb00658cdfc071d8499e58e39e3b
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 16:42:47 2012 +0100

s3-waf: Use samba3-util library instead of lots of tiny libs.

The smaller libraries are currently all trivial in size and don't have
any dependencies other than samba-util.

Having lots of small private libraries is a pain for packaging,
and there isn't much advantage in this.

commit 6f1b735cc2972ecd3d2acb30ff834273f08628fe
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 16:41:35 2012 +0100

adt_tree: Avoid WERROR.

commit 71d41a015add73e0fb355dd9713e99febd71d46f
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 16:00:36 2012 +0100

libreplace: Add getpeereid implementation.

commit 76bb68fd2b9e09eb4c033417f0f1174f18c04797
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:44:33 2012 +0100

util_malloc: Remove unused constant.

commit 32fd6d639a5f51f1cc5fb0e81356009a2c9df359
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:26:36 2012 +0100

lib/util: Remove dummy wrapper for getgrgid().

commit 2a82c45f02b9f5683351ccfa1acdf2622938abc9
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:25:48 2012 +0100

lib/util: Remove dummy wrapper for getgrnam().

commit 43f275008f1d68c6adee461c531d73c65b6b7483
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:25:05 2012 +0100

lib/util: Remove dummy wrapper for getpwuid().

commit 818e0722e1a730cfa30d911be510641ef23dc446
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:24:15 2012 +0100

lib/util: Remove dummy wrapper for getpwnam().

commit 3be6258912939fb538d7bcb492483ae2ab52391b
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:23:02 2012 +0100

lib/util: Remove dummy wrappers for setpwent/getpwent/endpwent.

commit 14fdc1c5cd4ca0b3f88b2d407d40ba5be7218085
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:19:09 2012 +0100

lib/util: Move calloc_array and memalign_array to top-level libutil.

commit c0c52ac1a40db70d8b19cb8d73ed4759b0a4f905
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 15:00:22 2012 +0100

lib/util: Remove prototype for removed sys_memalign.

commit 2d5275fae0fd4ea73fba78242185a88845bd0666
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 14:58:09 2012 +0100

lib/util: Remove trivial wrapper sys_connect() around connect().

commit 

[SCM] Samba Shared Repository - branch master updated

[Jelmer Vernooij]

The branch, master has been updated
   via  c0288e0 lib/util: Remove obsolete sys_getpid() and sys_fork().
  from  55bd279 lib/util: Allow calloc use in util.c, too.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit c0288e0612187ecbfc4a81d071fd504ea8737b7a
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 20:17:08 2012 +0100

lib/util: Remove obsolete sys_getpid() and sys_fork().

The performance of these is minimal (these days) and they can return
invalid results when used as part of applications that do not use
sys_fork().

Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104

---

Summary of changes:
 lib/util/become_daemon.c |2 +-
 lib/util/fault.c |2 +-
 lib/util/samba_util.h|   10 
 lib/util/system.c|   31 --
 source3/auth/pass_check.c|4 +-
 source3/client/client.c  |4 +-
 source3/include/rpc_misc.h   |4 +-
 source3/lib/ctdbd_conn.c |4 +-
 source3/lib/pidfile.c|2 +-
 source3/lib/server_prefork.c |4 +-
 source3/lib/smbldap.c|4 +-
 source3/lib/smbrun.c |4 +-
 source3/lib/substitute.c |2 +-
 source3/lib/system.c |2 +-
 source3/lib/tdb_validate.c   |2 +-
 source3/lib/util.c   |8 +++---
 source3/libsmb/clientgen.c   |2 +-
 source3/libsmb/libsmb_context.c  |2 +-
 source3/modules/vfs_aio_fork.c   |2 +-
 source3/modules/vfs_notify_fam.c |2 +-
 source3/modules/vfs_preopen.c|2 +-
 source3/nmbd/asyncdns.c  |2 +-
 source3/nmbd/nmbd.c  |2 +-
 source3/nmbd/nmbd_packets.c  |2 +-
 source3/nmbd/nmbd_synclists.c|2 +-
 source3/nmbd/nmbd_winsserver.c   |4 +-
 source3/passdb/pdb_smbpasswd.c   |2 +-
 source3/passdb/secrets.c |2 +-
 source3/printing/print_cups.c|2 +-
 source3/printing/printing.c  |   20 
 source3/printing/printing_db.c   |2 +-
 source3/printing/queue_process.c |2 +-
 source3/printing/spoolssd.c  |2 +-
 source3/rpc_server/epmd.c|2 +-
 source3/rpc_server/lsasd.c   |2 +-
 source3/rpc_server/rpc_handles.c |2 +-
 source3/rpc_server/samr/srv_samr_chgpasswd.c |2 +-
 source3/rpc_server/svcctl/srv_svcctl_nt.c|2 +-
 source3/smbd/files.c |2 +-
 source3/smbd/negprot.c   |   28 +++---
 source3/smbd/oplock_irix.c   |2 +-
 source3/smbd/process.c   |   22 +-
 source3/smbd/server.c|6 ++--
 source3/smbd/service.c   |2 +-
 source3/smbd/session.c   |2 +-
 source3/smbd/utmp.c  |2 +-
 source3/winbindd/winbindd.c  |2 +-
 source3/winbindd/winbindd_cm.c   |4 +-
 source3/winbindd/winbindd_dual.c |6 ++--
 49 files changed, 95 insertions(+), 136 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c
index 4c1d29e..92a7586 100644
--- a/lib/util/become_daemon.c
+++ b/lib/util/become_daemon.c
@@ -75,7 +75,7 @@ _PUBLIC_ void close_low_fds(bool stdin_too, bool stdout_too, 
bool stderr_too)
 _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool 
log_stdout)
 {
if (do_fork) {
-   if (sys_fork()) {
+   if (fork()) {
_exit(0);
}
}
diff --git a/lib/util/fault.c b/lib/util/fault.c
index b3527bb..d0b34e5 100644
--- a/lib/util/fault.c
+++ b/lib/util/fault.c
@@ -70,7 +70,7 @@ static void fault_report(int sig)
counter++;
 
DEBUGSEP(0);
-   DEBUG(0,(INTERNAL ERROR: Signal %d in pid %d 
(%s),sig,(int)sys_getpid(),SAMBA_VERSION_STRING));
+   DEBUG(0,(INTERNAL ERROR: Signal %d in pid %d 
(%s),sig,(int)getpid(),SAMBA_VERSION_STRING));
DEBUG(0,(\nPlease read the Trouble-Shooting section of the Samba 
HOWTO\n));
DEBUGSEP(0);
 
diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h
index f989231..6096722 100644
--- a/lib/util/samba_util.h
+++ b/lib/util/samba_util.h
@@ -113,16 +113,6 @@ void 

[SCM] Samba Shared Repository - branch master updated

[Jelmer Vernooij]

The branch, master has been updated
   via  3c9b32b replace: Avoid DEBUG(), which is not available in 
libreplace.
   via  49eca29 libreplace: Add usleep implementation.
   via  c9fb336 use usleep rather than sys_usleep in various places, in 
anticipation of usleep moving to libreplace.
  from  c0288e0 lib/util: Remove obsolete sys_getpid() and sys_fork().

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 3c9b32b5eb1220b8521f768bab8dc07a40de93f5
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 21:18:55 2012 +0100

replace: Avoid DEBUG(), which is not available in libreplace.

Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Sun Mar 25 00:13:59 CET 2012 on sn-devel-104

commit 49eca290d37ad7564a3be3332ee76020ddb5a03f
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 21:17:56 2012 +0100

libreplace: Add usleep implementation.

commit c9fb33697db1bdc1967a0cca557ad323ebe4ea22
Author: Jelmer Vernooij jel...@samba.org
Date:   Sat Mar 24 20:43:07 2012 +0100

use usleep rather than sys_usleep in various places, in anticipation of 
usleep moving to libreplace.

---

Summary of changes:
 lib/replace/replace.c   |   16 -
 lib/replace/replace.h   |6 
 source3/include/proto.h |1 -
 source3/lib/system.c|   34 ---
 source3/passdb/pdb_smbpasswd.c  |2 +-
 source3/rpc_server/spoolss/srv_spoolss_nt.c |2 +-
 source3/utils/net_rpc_service.c |2 +-
 source3/utils/status_profile.c  |2 +-
 8 files changed, 25 insertions(+), 40 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 03fae90..c076ba1 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -851,7 +851,7 @@ void *rep_memalign( size_t align, size_t size )
size_t pagesize = (size_t)-1;
 #endif
if (pagesize == (size_t)-1) {
-   DEBUG(0,(memalign functionality not available on this 
platform!\n));
+   errno = ENOSYS;
return NULL;
}
if (size  pagesize) {
@@ -890,3 +890,17 @@ int rep_getpeereid(int s, uid_t *uid, gid_t *gid)
 #endif
 }
 #endif
+
+#ifndef HAVE_USLEEP
+int rep_usleep(useconds_t sec)
+{
+   struct timeval tval;
+   /*
+* Fake it with select...
+*/
+   tval.tv_sec = 0;
+   tval.tv_usec = usecs/1000;
+   select(0,NULL,NULL,NULL,tval);
+   return 0;
+}
+#endif /* HAVE_USLEEP */
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index f2b1952..776da8a 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -835,4 +835,10 @@ char *rep_getpass(const char *prompt);
 int rep_getpeereid(int s, uid_t *uid, gid_t *gid);
 #endif
 
+#ifndef HAVE_USLEEP
+#define usleep rep_usleep
+typedef long useconds_t;
+int usleep(useconds_t);
+#endif
+
 #endif /* _LIBREPLACE_REPLACE_H */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index a4fb496..779745a 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -318,7 +318,6 @@ int sys_set_nfs_quota(const char *path, const char *bdev,
 
 /* The following definitions come from lib/system.c  */
 
-int sys_usleep(long usecs);
 ssize_t sys_read(int fd, void *buf, size_t count);
 ssize_t sys_write(int fd, const void *buf, size_t count);
 ssize_t sys_writev(int fd, const struct iovec *iov, int iovcnt);
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 92e244f..238f84b 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -52,40 +52,6 @@
 
 
 /***
- A wrapper for usleep in case we don't have one.
-/
-
-int sys_usleep(long usecs)
-{
-#ifndef HAVE_USLEEP
-   struct timeval tval;
-#endif
-
-   /*
-* We need this braindamage as the glibc usleep
-* is not SPEC1170 complient... grumble... JRA.
-*/
-
-   if(usecs  0 || usecs  99) {
-   errno = EINVAL;
-   return -1;
-   }
-
-#if HAVE_USLEEP
-   usleep(usecs);
-   return 0;
-#else /* HAVE_USLEEP */
-   /*
-* Fake it with select...
-*/
-   tval.tv_sec = 0;
-   tval.tv_usec = usecs/1000;
-   select(0,NULL,NULL,NULL,tval);
-   return 0;
-#endif /* HAVE_USLEEP */
-}
-
-/***
 A read wrapper that will deal with EINTR.
 /
 
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index 4d5bed4..c1dabc4 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++