Re: [Samba] winbind stop working
We have similar problem to with samba file server, serving about 800 users. After server restart samba/winbind works as intended. After some time (it may be couple of weeks, or it may be 1 day) server does not authenticate new connections. Old connections work. For example: I don't turn off my computer, and next day I can access samba shares, reade/create/delete files and directories as usual. Users who just started computers and try to access shares are rejected with unknown user/password. After winbind restart (don't need to restart samba) everything works as intended again for day or sometimes for couple of weeks. Server configuration: security=ADS realm=our.domain.com client schanel=no wins support=no domain logons=no domain master=auto password server=dc.our.domain.com server string=failai local master=yes idmap uid=1-2 idmap gid=1-2 winbind enum users=yes winbind enum groups=yes encrypt password=true keepalive=600 socket options=TCP_NODELAY dns proxy=no log level=1 large readwrite=yes When users can't connect I see in log file: [2012/05/10] 00:59:59.024569, 1] smbd/service.c:678(make_connection_snum) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED [2012/05/10] 00:59:59.025649, 1] smbd/service.c:678(make_connection_snum) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED ... What's interesting, some users (I would gues 1 from 10) can connect even at this time, as I see log: [2012/05/10] 07:48:07.777869, 1] smbd/service.c:678(make_connection_snum) ___10.23.15.20 (:::10.23.14.20) connect to service apps initially as user CENTRAS\nijovizb (uid=10717, guid=10004) (pid 6861) ... Than after winbind all users can connect -- View this message in context: http://samba.2283325.n4.nabble.com/winbind-stop-working-tp4597615p4622980.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind stop working
On 05/10/2012 11:21 AM, sigunas wrote: We have similar problem to with samba file server, serving about 800 users. After server restart samba/winbind works as intended. After some time (it may be couple of weeks, or it may be 1 day) server does not authenticate new connections. Old connections work. For example: I don't turn off my computer, and next day I can access samba shares, reade/create/delete files and directories as usual. Users who just started computers and try to access shares are rejected with unknown user/password. After winbind restart (don't need to restart samba) everything works as intended again for day or sometimes for couple of weeks. Server configuration: security=ADS realm=our.domain.com client schanel=no wins support=no domain logons=no domain master=auto password server=dc.our.domain.com server string=failai local master=yes idmap uid=1-2 idmap gid=1-2 winbind enum users=yes winbind enum groups=yes encrypt password=true keepalive=600 socket options=TCP_NODELAY dns proxy=no log level=1 large readwrite=yes From my experience reducing idmap cache time seems to solve the problem. I also experienced problems with idmap uid and idmap gid to such values (1-2); try lo raise over 65536 (10-20). I made some tests on another server acting as a file server with validation on AD (no user and group mappings) in which winbind is usually off. Starting winbind and playing with parameters brought samba to deny the service after about 1 day; after stopping winbind and restarting nmbd smbd it works good ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mixed profiles - how to?
Hi. I have roaming profiles enabled in my Samba domain. But it's a nightmare for some users (who never uses a different machine and has a lot of data in the profile). To the others users it's simply the best. Is that possible to disable the roaming profile feature to a single user (or group)? How can I do that? Can you write an example? Thanks! []s Alexander .Brazil - Rio de Janeiro This should do it http://softpixel.com/~cwright/programming/samba/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] AD and SAMBA
Any suggestions on this ? Rgds -Original Message- From: Babu, Biju - biju_b...@cargill.com Sent: Wednesday, May 09, 2012 6:32 PM To: samba@lists.samba.org Subject: AD and SAMBA Hello all, I am trying to understand how SAMBA finds nearest Domain Controller when configured to use Active Directory for AuthN. There are some great articles and wikis about how to configure SAMBA against AD, but couldn't find much on what I was looking for. For example 1. Does Samba have built in dc locator functionality like windows clients ? 2. What is the default authN it uses, NTLM or Kerb ? 3. I understand from an article (http://timstechnoblog.blogspot.com/search/label/Linux) that Winbind when configured to use * for domain controller will invoke Dc locator mechanism, but couldn't completely understand the relation b/w Samba and Winbind - is it SAMBA always uses winbind for AD communication and authentication ? Root of all these questions are, SAMBA AD config I saw is configured to use a single password server, which is a single point of failure. I am trying to figure out how to avoid that. Feel free to correct me if I asked stupid questions, my knowledge with SAMBA and other components are very limited. Much appreciate your help. Rgds Biju -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] 3.6.5, Windows 2008 R2, not_defined_in_RFC4178@please_ignore
Hi list, Attempting to join a domain with Samba 3.6.5 (ADS mode). When running net join, The DC's for the site are properly retrieved, but then I get this : Doing spnego session setup (blob length=136) got OID=1.3.6.1.4.1.311.2.2.30 [..] got principal=not_defined_in_RFC4178@please_ignore [..] SPNEGO login failed: Logon failure failed session setup with NT_STATUS_LOGON_FAILURE Searching for not_defined_in_RFC4178 I find bugs that seem to have been fixed already. Any hint on how to diagnose what might be wrong with my setup. I have tried with older versions of Samba and I get the same result. I guess the problem comes from our new 2008 R2 DC servers. (we had 2003 previously) Best, Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] transfer users after samba upgrade to new server
Thank you Dale. Actually I did this by importing smbpasswd with pdbedit -i smbpasswd:smbpasswd And it works in the sense that my users can map a drive with their same credentials. But I have something else to consider. The old server was a domain master and so I have some win XP machines that login to it and there is a netlogin.bat etc. Given that all of the user password and machine passwords are now imported I wonder if that will continue to work when I switch over. If anyone has any insight on this I would appreciate it. I will be performing a test switch over on Monday at noon Guelph,ON,Canada time. Bill On 05/07/2012 02:35 PM, Dale Schroeder wrote: On 05/06/2012 10:14 AM, Bill Szkotnicki wrote: Hi, I want to transfer all of my users from an older version of samba to a new one here. The old version is 3.0.28 and the file with user passwords is /etc/samba/smbpasswd and the new version is 3.6.5 and there does not seem to be that file anymore. I think the user info is now in /var/lib/samba/private/passdb.tdb /var/lib/samba/private/secrets.tdb My question is how to transport my users to my new system? i.e. How to convert /etc/samba/smbpasswd -- /var/lib/samba/private/passdb.tdb Any suggestions would be greatly appreciated. Bill Bill, The smbpasswd backend is still available; it's just no longer the default. You must explicitly state passdb backend = smbpasswd in smb.conf. To convert, copy the smbpasswd file from the old machine to the new one, then follow the example in the Samba HowTo under Account Import/Export found at http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#pdbeditthing Good luck. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] requesting help setting share permissions
Hi, I have a share I'm trying to lock down to a specific group and I'm not hold my mouth right. I want this share available to a single group. I want this share to have directory permissions 0770 when a directory is created and file permissions 0660. I want the users accessing this share to never be able to change these permissions. When a file or directory is created, I want the group to be the controlling group and nothing else. I currently have: [sales] comment = Sales files path = /opt/group/sales valid users = @GRP\sales force group = sales read only = No create mask = 0660 force create mode = 0660 security mask = 0660 directory mask = 0770 force directory mode = 0770 directory security mask = 0770 msdfs root = Yes What am I doing wrong? I'm testing by copying a file in windows over to this share, then checking the resulting permissions in unix. Mike Fedora Core 5 Samba 3.3.3 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] requesting help setting share permissions
On 05/10/2012 11:21 AM, Mike Eggleston wrote: Hi, I have a share I'm trying to lock down to a specific group and I'm not hold my mouth right. I want this share available to a single group. I want this share to have directory permissions 0770 when a directory is created and file permissions 0660. I want the users accessing this share to never be able to change these permissions. When a file or directory is created, I want the group to be the controlling group and nothing else. I currently have: [sales] comment = Sales files path = /opt/group/sales valid users = @GRP\sales force group = sales read only = No create mask = 0660 force create mode = 0660 security mask = 0660 directory mask = 0770 force directory mode = 0770 directory security mask = 0770 msdfs root = Yes What am I doing wrong? I'm testing by copying a file in windows over to this share, then checking the resulting permissions in unix. Mike Fedora Core 5 Samba 3.3.3 Mike, You never mentioned what your results were or how they were wrong, so I'm making a few assumptions. chown your_user : your_group /opt/group/sales chmod 2770 /opt/group/sales In your share, modify 1st two and add the 3rd directive: directory mask = 2770 force directory mode = 2770 nt acl support = No # makes the Security tab inaccessible in Windows. This is my best guess of what you want. See if this works for you. If not, please clarify. Good luck. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] requesting help setting share permissions
On Thu, 10 May 2012, Dale Schroeder might have said: On 05/10/2012 11:21 AM, Mike Eggleston wrote: Hi, I have a share I'm trying to lock down to a specific group and I'm not hold my mouth right. I want this share available to a single group. I want this share to have directory permissions 0770 when a directory is created and file permissions 0660. I want the users accessing this share to never be able to change these permissions. When a file or directory is created, I want the group to be the controlling group and nothing else. I currently have: [sales] comment = Sales files path = /opt/group/sales valid users = @GRP\sales force group = sales read only = No create mask = 0660 force create mode = 0660 security mask = 0660 directory mask = 0770 force directory mode = 0770 directory security mask = 0770 msdfs root = Yes What am I doing wrong? I'm testing by copying a file in windows over to this share, then checking the resulting permissions in unix. Mike Fedora Core 5 Samba 3.3.3 Mike, You never mentioned what your results were or how they were wrong, so I'm making a few assumptions. chown your_user : your_group /opt/group/sales chmod 2770 /opt/group/sales In your share, modify 1st two and add the 3rd directive: directory mask = 2770 force directory mode = 2770 nt acl support = No # makes the Security tab inaccessible in Windows. This is my best guess of what you want. See if this works for you. If not, please clarify. Good luck. Dale Dale, Duh! When a file is placed in the share above the permissions come out 0666 and the group is not set to sales. I want the permissions to be 0660 and the group to be sales. That would be a good start. I'll try your suggestion. Thanks. Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] requesting help setting share permissions
This: chgrp GRP\sales /opt/group/sales chmod 0770 /opt/group/sales if you already have a bunch of directories and files use find with xargs to properly set the permissions With this: [sales] comment = Sales files path = /opt/group/sales valid users = @GRP\sales force group = GRP\sales create mask = 0660 directory mask = 0770 nt acl support = No inherit permissions = No Works fine in Samba 3.6.5, don't know about possible behavior changes with that old 3.3.3. Or you can use SGID as Dale suggested instead of force group. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] requesting help setting share permissions
On Thu, 10 May 2012, Chris Smith might have said: This: chgrp GRP\sales /opt/group/sales chmod 0770 /opt/group/sales if you already have a bunch of directories and files use find with xargs to properly set the permissions With this: [sales] comment = Sales files path = /opt/group/sales valid users = @GRP\sales force group = GRP\sales create mask = 0660 directory mask = 0770 nt acl support = No inherit permissions = No Works fine in Samba 3.6.5, don't know about possible behavior changes with that old 3.3.3. Or you can use SGID as Dale suggested instead of force group. Chris Chris and Dale, Following Dales suggestion I have set sgid for all directiories in the /opt/group/sales directory and below. Now when a file is placed by windows into this sales share the file has the right group permissions. The file is still appearing as 0666 rather than 0660. What should I try next? Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] NT_STATUS_ACCESS_DENIED on previously created files
On Ubuntu, I have upgraded to the latest LTS version, which upgraded my Samba to 3.6.3 and now getting NT_STATUS_ACCESS_DENIED when trying to remove files and folders. This server MEDIA is setup as a member server to a FreeBSD PDC called MAIL using LDAP for authentication. All been working great for a long time, now from the PDC, I try mail# smbclient -U robert //media/robert WARNING: The enable privileges option is deprecated WARNING: The idmap backend option is deprecated WARNING: The idmap uid option is deprecated WARNING: The idmap gid option is deprecated WARNING: The idmap backend option is deprecated Enter robert's password: Domain=[WEBTENT] OS=[Unix] Server=[Samba 3.6.3] smb: \ mkdir test smb: \ rmdir test NT_STATUS_ACCESS_DENIED removing remote directory file \test I know I have some work to do to get rid of the warnings, but I can login to MAIL (PDC) and other Win workstations, create and remove files with no issue. It is only when logging into this member server locally or from a remote workstation. Getting this sort of thing in the logs... [2012/05/10 14:24:33.711345, 10] smbd/posix_acls.c:3412(posix_get_nt_acl) posix_get_nt_acl: called for file test [2012/05/10 14:24:33.711404, 10] smbd/posix_acls.c:2537(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2012/05/10 14:24:33.711447, 10] smbd/posix_acls.c:2550(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2012/05/10 14:24:33.711496, 10] smbd/posix_acls.c:2550(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-22-2-512 gid 512 (Domain Admins) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2012/05/10 14:24:33.713525, 10] smbd/posix_acls.c:2550(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-684728786-369066487-751336906-33290 uid 16145 (robert) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2012/05/10 14:24:33.715245, 10] smbd/posix_acls.c:848(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-684728786-369066487-751336906-33290 uid 16145 (robert) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-22-2-512 gid 512 (Domain Admins) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2012/05/10 14:24:33.718539, 10] smbd/posix_acls.c:1124(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2012/05/10 14:24:33.718585, 10] smbd/posix_acls.c:1124(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2012/05/10 14:24:33.718627, 10] smbd/posix_acls.c:1124(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2012/05/10 14:24:33.718676, 10] smbd/file_access.c:76(can_access_file_acl) can_access_file_acl for file test access_mask 0x1, access_granted 0x1 access DENIED I've googled stuff like this... https://bugzilla.samba.org/show_bug.cgi?id=7521 I even tried upgrading my PDC to the latest available, 3.6.5, but nothing seems to help. Has anyone had this issue? Thanks, Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] requesting help setting share permissions
On 05/10/2012 1:32 PM, Mike Eggleston wrote: On Thu, 10 May 2012, Chris Smith might have said: This: chgrp GRP\sales /opt/group/sales chmod 0770 /opt/group/sales if you already have a bunch of directories and files use find with xargs to properly set the permissions With this: [sales] comment = Sales files path = /opt/group/sales valid users = @GRP\sales force group = GRP\sales create mask = 0660 directory mask = 0770 nt acl support = No inherit permissions = No Works fine in Samba 3.6.5, don't know about possible behavior changes with that old 3.3.3. Or you can use SGID as Dale suggested instead of force group. Chris Chris and Dale, Following Dales suggestion I have set sgid for all directiories in the /opt/group/sales directory and below. Now when a file is placed by windows into this sales share the file has the right group permissions. The file is still appearing as 0666 rather than 0660. What should I try next? Mike Mike, I'm not sure what could be overriding your force create mode parameter. :-\ Comparing my working share to yours, I have not used the force group, or the msdfs root parameters. You might try disabling one or both to see if that corrects the problem. I did notice that the documentation says the Windows systems have to be rebooted to work properly after a Samba msdfs root change, if that applies. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] s3 connect to s4 ads woes, need guidance..
On Wed, 2012-05-09 at 09:37 -0400, Aaron E. wrote: The problem came right back after I posted that it was fixed after being compiled... I've been doing much more troubleshooting trial and error with options in smb.conf.. Here is a debug of the machine.. Machine Details Samba4 Domain,, Samba3 Print server, Windows 2008 R2 [2012/05/09 09:18:56, 0] libads/kerberos_verify.c:72(ads_dedicated_keytab_verify_ticket) krb5_rd_req failed (Wrong principal in request) [2012/05/09 09:18:56, 3] libads/kerberos_verify.c:568(ads_verify_ticket) ads_verify_ticket: krb5_rd_req with auth failed (Wrong principal in request) My suggestion is to remove any non-default setting for 'kerberos method' and rejoin. My guess is that you are connecting under a different name to that stored in the system-wide /etc/krb5.keytab. Our default method copes with this. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] AD and SAMBA
On Wed, 2012-05-09 at 18:31 +0530, biju_b...@cargill.com wrote: Hello all, I am trying to understand how SAMBA finds nearest Domain Controller when configured to use Active Directory for AuthN. There are some great articles and wikis about how to configure SAMBA against AD, but couldn't find much on what I was looking for. For example 1. Does Samba have built in dc locator functionality like windows clients ? 2. What is the default authN it uses, NTLM or Kerb ? This is up to the client to choose, we support both. 3. I understand from an article (http://timstechnoblog.blogspot.com/search/label/Linux) that Winbind when configured to use * for domain controller will invoke Dc locator mechanism, but couldn't completely understand the relation b/w Samba and Winbind - is it SAMBA always uses winbind for AD communication and authentication ? Yes. You should always start winbindd, and it will be the sole channel for communication with Active Directory. Root of all these questions are, SAMBA AD config I saw is configured to use a single password server, which is a single point of failure. I am trying to figure out how to avoid that. Simply omit 'password server' from your smb.conf. By default we find the most appropriate DC to contact, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2012-05-10-0809/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2012-05-10-0809/samba3.stderr http://git.samba.org/autobuild.flakey/2012-05-10-0809/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2012-05-10-0809/samba4.stderr http://git.samba.org/autobuild.flakey/2012-05-10-0809/samba4.stdout The top commit at the time of the failure was: commit 6132cf2a5cd77c79546a2d6cc3fbf3c93f54183b Author: Alejandro Escanero Blanco aescan...@gmail.com Date: Wed May 9 11:35:51 2012 +0200 s3:auth/server_info: the primary rid should be in the groups rid array (bug #8798) Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Wed May 9 19:36:01 CEST 2012 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 37609ba build: Avoid printing the ABI signature normalisation during the default build via be5bf2c When listing group members allow fallback to cn attribute when samAccountName is not available via d74c5a3 build:ignore solaris _GLOBAL_OFFSET_TABLE_ in duplicate symbol checker from 6132cf2 s3:auth/server_info: the primary rid should be in the groups rid array (bug #8798) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 37609ba6b89394648cb8d4555b9f6f8c2dd88ef7 Author: Andrew Bartlett abart...@samba.org Date: Thu May 10 15:07:32 2012 +1000 build: Avoid printing the ABI signature normalisation during the default build This appears to have been accidentily left in acd63fdb86769ff4328ccb6a4096181e65e4d30f Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Thu May 10 09:00:20 CEST 2012 on sn-devel-104 commit be5bf2c991ce5ec2c5b2c19832430e26150d7d84 Author: Lukasz Zalewski lu...@eecs.qmul.ac.uk Date: Wed May 9 14:24:01 2012 +0100 When listing group members allow fallback to cn attribute when samAccountName is not available commit d74c5a3dc4ff81eadf220b4554401e786e93dab5 Author: Andrew Bartlett abart...@samba.org Date: Mon Apr 23 11:37:39 2012 +1000 build:ignore solaris _GLOBAL_OFFSET_TABLE_ in duplicate symbol checker --- Summary of changes: buildtools/wafsamba/samba_abi.py |2 +- buildtools/wafsamba/symbols.py |2 ++ source4/scripting/python/samba/netcmd/group.py |7 +-- 3 files changed, 8 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_abi.py b/buildtools/wafsamba/samba_abi.py index 76c2d8b..c51e08c 100644 --- a/buildtools/wafsamba/samba_abi.py +++ b/buildtools/wafsamba/samba_abi.py @@ -57,7 +57,7 @@ def parse_sigs(sigs, abi_match): break if not matched: continue -print %s - %s % (sa[1], normalise_signature(sa[1])) +Logs.debug(%s - %s % (sa[1], normalise_signature(sa[1]))) ret[sa[0]] = normalise_signature(sa[1]) return ret diff --git a/buildtools/wafsamba/symbols.py b/buildtools/wafsamba/symbols.py index 8775735..c4b5599 100644 --- a/buildtools/wafsamba/symbols.py +++ b/buildtools/wafsamba/symbols.py @@ -592,6 +592,8 @@ def symbols_dupcheck_binary(bld, binname, fail_on_error): symmap = {} for libpath in symlist: for sym in symlist[libpath]['PUBLIC']: +if sym == '_GLOBAL_OFFSET_TABLE_': +continue if not sym in symmap: symmap[sym] = set() symmap[sym].add(libpath) diff --git a/source4/scripting/python/samba/netcmd/group.py b/source4/scripting/python/samba/netcmd/group.py index 265170d..0f4a744 100644 --- a/source4/scripting/python/samba/netcmd/group.py +++ b/source4/scripting/python/samba/netcmd/group.py @@ -346,13 +346,16 @@ samba-tool group listmembers \Domain Users\ -H ldap://samba.samdom.example.com search_filter = (|(primaryGroupID=%s)(memberOf=%s)) % (rid, group_dn) res = samdb.search(samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, expression=(search_filter), - attrs=[samAccountName]) + attrs=[samAccountName, cn]) if (len(res) == 0): return for msg in res: -self.outf.write(%s\n % msg.get(samAccountName, idx=0)) +member_name = msg.get(samAccountName, idx=0) +if member_name is None: +member_name = msg.get(cn, idx=0) +self.outf.write(%s\n % member_name) except Exception, e: raise CommandError('Failed to list members of %s group ' % groupname, e) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 00c901a s3-pam_winbind: Fix the build. from e295905 Fix pam_winbind build against newer iniparser library. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 00c901a5be83bfe4c70eccbe7fa2a35d3d2a368d Author: Jeremy Allison j...@samba.org Date: Thu May 10 09:53:57 2012 +0200 s3-pam_winbind: Fix the build. Jeremy Part of a fix for bug #8915 (Samba fails to build with iniparser-3.0.0 and iniparser-3.1.0). --- Summary of changes: nsswitch/pam_winbind.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c index 1ab2cbf..11599da 100644 --- a/nsswitch/pam_winbind.c +++ b/nsswitch/pam_winbind.c @@ -437,13 +437,13 @@ static int _pam_parse(const pam_handle_t *pamh, ctrl |= WINBIND_SILENT; } - if (iniparser_getstring(d, CONST_DISCARD(char *, global:krb5_ccache_type)) != NULL) { + if (iniparser_getstring(d, CONST_DISCARD(char *, global:krb5_ccache_type), NULL) != NULL) { ctrl |= WINBIND_KRB5_CCACHE_TYPE; } - if ((iniparser_getstring(d, CONST_DISCARD(char *, global:require-membership-of)) + if ((iniparser_getstring(d, CONST_DISCARD(char *, global:require-membership-of), NULL) != NULL) || - (iniparser_getstring(d, CONST_DISCARD(char *, global:require_membership_of)) + (iniparser_getstring(d, CONST_DISCARD(char *, global:require_membership_of), NULL) != NULL)) { ctrl |= WINBIND_REQUIRED_MEMBERSHIP; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via 19fc7d6 s3-pam_winbind: Fix the build. from 76dcbb8 Fix pam_winbind build against newer iniparser library. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit 19fc7d6733a61417477dcc4b53a24a0c1bc40187 Author: Jeremy Allison j...@samba.org Date: Thu May 10 09:53:57 2012 +0200 s3-pam_winbind: Fix the build. Jeremy Part of a fix for bug #8915 (Samba fails to build with iniparser-3.0.0 and iniparser-3.1.0). (cherry picked from commit 00c901a5be83bfe4c70eccbe7fa2a35d3d2a368d) --- Summary of changes: nsswitch/pam_winbind.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c index a344186..caae589 100644 --- a/nsswitch/pam_winbind.c +++ b/nsswitch/pam_winbind.c @@ -437,13 +437,13 @@ static int _pam_parse(const pam_handle_t *pamh, ctrl |= WINBIND_SILENT; } - if (iniparser_getstring(d, CONST_DISCARD(char *, global:krb5_ccache_type)) != NULL) { + if (iniparser_getstring(d, CONST_DISCARD(char *, global:krb5_ccache_type), NULL) != NULL) { ctrl |= WINBIND_KRB5_CCACHE_TYPE; } - if ((iniparser_getstring(d, CONST_DISCARD(char *, global:require-membership-of)) + if ((iniparser_getstring(d, CONST_DISCARD(char *, global:require-membership-of), NULL) != NULL) || - (iniparser_getstring(d, CONST_DISCARD(char *, global:require_membership_of)) + (iniparser_getstring(d, CONST_DISCARD(char *, global:require_membership_of), NULL) != NULL)) { ctrl |= WINBIND_REQUIRED_MEMBERSHIP; } -- Samba Shared Repository
[SCM] CTDB repository - branch master updated - ctdb-1.13-155-ge3dc5bd
The branch, master has been updated via e3dc5bd3f1ef1f0ed08f57a5b5bafcac936e9ed0 (commit) from f73a4b1495830bcdd094a93732a89dd53b3c2f78 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit e3dc5bd3f1ef1f0ed08f57a5b5bafcac936e9ed0 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu May 10 17:40:22 2012 +1000 We dont need to serialize the probe which address this node is if we have given an explicit --node-ip on the commandline --- Summary of changes: tcp/tcp_connect.c | 47 +++ 1 files changed, 27 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/tcp/tcp_connect.c b/tcp/tcp_connect.c index 0e1318f..2814201 100644 --- a/tcp/tcp_connect.c +++ b/tcp/tcp_connect.c @@ -281,26 +281,29 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb) int sock_size; struct tevent_fd *fde; - /* in order to ensure that we don't get two nodes with the - same adddress, we must make the bind() and listen() calls - atomic. The SO_REUSEADDR setsockopt only prevents double - binds if the first socket is in LISTEN state */ - lock_fd = open(lock_path, O_RDWR|O_CREAT, 0666); - if (lock_fd == -1) { - DEBUG(DEBUG_CRIT,(Unable to open %s\n, lock_path)); - return -1; - } + /* We only need to serialize this if we dont yet know the node ip */ + if (!ctdb-node_ip) { + /* in order to ensure that we don't get two nodes with the + same adddress, we must make the bind() and listen() calls + atomic. The SO_REUSEADDR setsockopt only prevents double + binds if the first socket is in LISTEN state */ + lock_fd = open(lock_path, O_RDWR|O_CREAT, 0666); + if (lock_fd == -1) { + DEBUG(DEBUG_CRIT,(Unable to open %s\n, lock_path)); + return -1; + } - lock.l_type = F_WRLCK; - lock.l_whence = SEEK_SET; - lock.l_start = 0; - lock.l_len = 1; - lock.l_pid = 0; + lock.l_type = F_WRLCK; + lock.l_whence = SEEK_SET; + lock.l_start = 0; + lock.l_len = 1; + lock.l_pid = 0; - if (fcntl(lock_fd, F_SETLKW, lock) != 0) { - DEBUG(DEBUG_CRIT,(Unable to lock %s\n, lock_path)); - close(lock_fd); - return -1; + if (fcntl(lock_fd, F_SETLKW, lock) != 0) { + DEBUG(DEBUG_CRIT,(Unable to lock %s\n, lock_path)); + close(lock_fd); + return -1; + } } for (i=0; i ctdb-num_nodes; i++) { @@ -399,11 +402,15 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb) ctdb_listen_event, ctdb); tevent_fd_set_auto_close(fde); - close(lock_fd); + if (!ctdb-node_ip) { + close(lock_fd); + } return 0; failed: - close(lock_fd); + if (!ctdb-node_ip) { + close(lock_fd); + } close(ctcp-listen_fd); ctcp-listen_fd = -1; return -1; -- CTDB repository
[SCM] CTDB repository - branch 1.13 updated - ctdb-1.42-2-g176f6aa
The branch, 1.13 has been updated via 176f6aae0f5ec276ecc35f4bbe633d37af6bc035 (commit) from b550f4644ea81b7010d401e46cf803b13f16e3c1 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.13 - Log - commit 176f6aae0f5ec276ecc35f4bbe633d37af6bc035 Author: Ronnie Sahlberg ronniesahlb...@gmail.com Date: Thu May 10 17:40:22 2012 +1000 We dont need to serialize the probe which address this node is if we have given an explicit --node-ip on the commandline --- Summary of changes: tcp/tcp_connect.c | 47 +++ 1 files changed, 27 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/tcp/tcp_connect.c b/tcp/tcp_connect.c index 0e1318f..2814201 100644 --- a/tcp/tcp_connect.c +++ b/tcp/tcp_connect.c @@ -281,26 +281,29 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb) int sock_size; struct tevent_fd *fde; - /* in order to ensure that we don't get two nodes with the - same adddress, we must make the bind() and listen() calls - atomic. The SO_REUSEADDR setsockopt only prevents double - binds if the first socket is in LISTEN state */ - lock_fd = open(lock_path, O_RDWR|O_CREAT, 0666); - if (lock_fd == -1) { - DEBUG(DEBUG_CRIT,(Unable to open %s\n, lock_path)); - return -1; - } + /* We only need to serialize this if we dont yet know the node ip */ + if (!ctdb-node_ip) { + /* in order to ensure that we don't get two nodes with the + same adddress, we must make the bind() and listen() calls + atomic. The SO_REUSEADDR setsockopt only prevents double + binds if the first socket is in LISTEN state */ + lock_fd = open(lock_path, O_RDWR|O_CREAT, 0666); + if (lock_fd == -1) { + DEBUG(DEBUG_CRIT,(Unable to open %s\n, lock_path)); + return -1; + } - lock.l_type = F_WRLCK; - lock.l_whence = SEEK_SET; - lock.l_start = 0; - lock.l_len = 1; - lock.l_pid = 0; + lock.l_type = F_WRLCK; + lock.l_whence = SEEK_SET; + lock.l_start = 0; + lock.l_len = 1; + lock.l_pid = 0; - if (fcntl(lock_fd, F_SETLKW, lock) != 0) { - DEBUG(DEBUG_CRIT,(Unable to lock %s\n, lock_path)); - close(lock_fd); - return -1; + if (fcntl(lock_fd, F_SETLKW, lock) != 0) { + DEBUG(DEBUG_CRIT,(Unable to lock %s\n, lock_path)); + close(lock_fd); + return -1; + } } for (i=0; i ctdb-num_nodes; i++) { @@ -399,11 +402,15 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb) ctdb_listen_event, ctdb); tevent_fd_set_auto_close(fde); - close(lock_fd); + if (!ctdb-node_ip) { + close(lock_fd); + } return 0; failed: - close(lock_fd); + if (!ctdb-node_ip) { + close(lock_fd); + } close(ctcp-listen_fd); ctcp-listen_fd = -1; return -1; -- CTDB repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via da5c342 Fix bug 8920, null dereference from 00c901a s3-pam_winbind: Fix the build. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit da5c342b6d3d3c05a8ab42bb40eb2e77d7b40ec2 Author: Steve Langasek steve.langa...@ubuntu.com Date: Wed May 9 07:56:00 2012 +0200 Fix bug 8920, null dereference Description: Avoid null dereference in initialize_password_db() When initialize_password_db() is called with reload=True, it's assumed that the free_private_data member of pdb_methods is non-null. This is not necessarily the case, as the tdb backend has no private data and therefore no free function. Check to see if we have private data that needs freed before calling. Author: Steve Langasek steve.langa...@ubuntu.com Bug-Ubuntu: https://bugs.launchpad.net/bugs/829221 --- Summary of changes: source3/passdb/pdb_interface.c |4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 36d5aaa..3c11016 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -184,7 +184,9 @@ static struct pdb_methods *pdb_get_methods_reload( bool reload ) static struct pdb_methods *pdb = NULL; if ( pdb reload ) { - pdb-free_private_data( (pdb-private_data) ); + if (pdb-free_private_data != NULL) { + pdb-free_private_data( (pdb-private_data) ); + } if ( !NT_STATUS_IS_OK( make_pdb_method_name( pdb, lp_passdb_backend() ) ) ) { char *msg = NULL; if (asprintf(msg, pdb_get_methods_reload: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 31db7d2 Fix bug 8920, null dereference via 815eb53 s3: Fix Coverity ID 242714 Uninitialized scalar variable via 9b0b60c s3: Fix Coverity ID 242715 Uninitialized scalar variable via 6d5bbb9 s3: Fix Coverity ID 242716 Uninitialized scalar variable via bd4701d s3: Fix Coverity ID 242717 Uninitialized scalar variable via 2a03d9e s3: Fix Coverity ID 242718 Uninitialized scalar variable via 74ca9cc s3: Fix Coverity ID 242719 Uninitialized scalar variable via b2ea585 s3: Fix Coverity ID 242720 Uninitialized scalar variable via a4b7a1e s3: Fix Coverity ID 242721 Uninitialized scalar variable via 1e3b5ec s3: Fix Coverity ID 242722 Uninitialized scalar variable via ba6fa9e s3: Fix Coverity ID 242723 Uninitialized scalar variable via 4487f26 s3: Fix Coverity ID 241961 Uninitialized scalar variable via 446791c s3: Fix Coverity ID 242724 Uninitialized scalar variable via aa220c4 s3: Fix Coverity ID 242725 Uninitialized scalar variable via dead216 s3: Fix Coverity ID 242726 Uninitialized scalar variable via 4e05717 s3: Fix Coverity ID 242754 Dereference null return value via d716a9b s3: Fix Coverity ID 242184 Dereference after null check via 05e5973 s3: Fix Coverity ID 242691 Dereference before null check via 8c2f826 s3: Fix Coverity ID 242692 Dereference before null check via 318cf16 s3: Fix Coverity ID 242693 Dereference before null check via c0471d1 s3: Fix Coverity ID 242694 Dereference before null check via 39577f1 s3: Fix Coverity ID 242695 Dereference before null check via 600c4c9 s3: Fix Coverity ID 242696 Dereference before null check via 995ea20 s3: Fix Coverity ID 242697 Dereference before null check via 3a8c4ab s3: Fix Coverity ID 242698 Dereference before null check via 7527152 s3: Fix Coverity ID 242699 Dereference before null check via f9f4d70 s3: Fix Coverity ID 242700 Dereference before null check via a7b23ce s3: Fix Coverity ID 242701 Dereference before null check via e0bc376 s3: Fix Coverity ID 242702 Dereference before null check via 11085bd s3: Fix Coverity ID 242703 Dereference before null check via 6c34e1a s3: Fix Coverity ID 242704 Dereference before null check via 37b7095 s3: Fix Coverity ID 242705 Dereference before null check via 67e3067 s3: Fix Coverity ID 242706 Dereference before null check from 37609ba build: Avoid printing the ABI signature normalisation during the default build http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 31db7d298577f18d70b0a8241a92dc8a1dc782bd Author: Steve Langasek steve.langa...@ubuntu.com Date: Wed May 9 07:56:00 2012 +0200 Fix bug 8920, null dereference Description: Avoid null dereference in initialize_password_db() When initialize_password_db() is called with reload=True, it's assumed that the free_private_data member of pdb_methods is non-null. This is not necessarily the case, as the tdb backend has no private data and therefore no free function. Check to see if we have private data that needs freed before calling. Author: Steve Langasek steve.langa...@ubuntu.com Bug-Ubuntu: https://bugs.launchpad.net/bugs/829221 Autobuild-User: Volker Lendecke v...@samba.org Autobuild-Date: Thu May 10 11:07:27 CEST 2012 on sn-devel-104 commit 815eb53b3397495b4b6eeade267442bafb12aa82 Author: Volker Lendecke v...@samba.org Date: Wed May 9 10:56:54 2012 +0200 s3: Fix Coverity ID 242714 Uninitialized scalar variable In an error path we are closing domain_handle without opening it commit 9b0b60c67ed0f819b3616b99d35300e678e18b80 Author: Volker Lendecke v...@samba.org Date: Wed May 9 10:56:54 2012 +0200 s3: Fix Coverity ID 242715 Uninitialized scalar variable In an error path we are closing hive_hnd without opening it commit 6d5bbb9a4bd3d1fb045f4e0873196a9b1d93ae2a Author: Volker Lendecke v...@samba.org Date: Wed May 9 10:56:54 2012 +0200 s3: Fix Coverity ID 242716 Uninitialized scalar variable In an error path we are closing key_hnd without opening it commit bd4701d2869c8f5271c72fe4271c2ba4772acfad Author: Volker Lendecke v...@samba.org Date: Wed May 9 10:56:54 2012 +0200 s3: Fix Coverity ID 242717 Uninitialized scalar variable In an error path we are closing domain_pol without opening it commit 2a03d9e42c71bc164936d3e46e1240494ca33bd5 Author: Volker Lendecke v...@samba.org Date: Wed May 9 10:56:54 2012 +0200 s3: Fix Coverity ID 242718 Uninitialized scalar variable In an error path we are closing user_pol without opening it commit 74ca9cc957cfd0f9a6c33b6c9cb8d7822ff7e7ff Author: Volker Lendecke v...@samba.org Date: Wed May 9 10:56:54
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 6eae984 s3:auth/server_info: the primary rid should be in the groups rid array (bug #8798) via 32cf92f s3:registry: return error when Key does not exist in regdb_fetch_values_internal() (cherry picked from commit 8a723ddfc1645e52830fb5f47a34f032f9c38931) via 2b29bfc s3:registry: replace call to reg_openkey() in reg_createkey() by accesscheck. (cherry picked from commit c1cc15c33be8926ffef173b514d0fb260292d9a3) via 404c9ce s3:registry: remove a superfluous fill_subkey_cache() in reg_createkey() via 98c9642 s3:registry: use fill_subkey_cache to check exsistence in regkey_open_onelevel(). via 0150336 s3:registry: let fill_subkey_cache return WERR_BADFILE when the subkey list could not be loaded via 086c1e9 s3:registry: convert reg_openkey() to use talloc instead of SMB_STRDUP etc (cherry picked from commit 42dd99d85ca04c10691f78d6340c6b702ade974b) via 7a36a22 s3:registry untangle an assignment from the check in regkey_open_onelevel() (cherry picked from commit 12b7b4f0a7d8607dc206c32a3822d5678c14d43b) via e4fc313 s3:registry: untangle assignment from check in regkey_open_onelevel() (cherry picked from commit 52d3c5c14898b5f2514d1512289370eb6f6fd369) via 521c7ea s3:registry: fix seqnum race in regdb_fetch_keys_internal via 2517f43 s3:registry avoid pruning the sequencenumber while flushing the regsubkey_ctr via 11413a9 s3:registry: fix seqnum race in fetch_values_internal via 96f08f6 s3:registry: update the seqnum in the subkey cache at the end of regval_store_keys via f4d800d s3:registry:db: update the value container seqnum after storing/deleting to prevent next read from going to disk if possible via 8980168 s3:registry: wrap reg_deletekey() into a transaction via 14d9621 s3:registry: wrap reg_createkey() in a transaction via 95ba1aa s3:registry: untangle assignments from checks in reg_createkey() (cherry picked from commit 4ac9625fe42ded0717aafdf6eec4c1b2217c3c68) via d67b181 s3:registry: wrap reg_deletevalue() in a transaction via 866faf7 s3:registry: untangle assignment from check in reg_deletevalue() (cherry picked from commit 585746338bda22ff8337d41c8cc50533c5facf56) via e2d0876 s3:registry: fix race in reg_setvalue that could lead to data corruption via a5025e2 s3:registry: untangle assignment from check and add a debugmessage in reg_setvalue() (cherry picked from commit a81d399456eb86ffb60bed8704cd8c7864b742db) via 488b946 s3:registry: don't leak the old contents when updating the value cache (cherry picked from commit 0bf44361caace3a4974dafa305033fb926d0f6d6) via b6aaf6b s3:registry: fix debug message in regdb_store_values_internal() (cherry picked from commit c46403f74116708f2f8b1d531f5881bb9d7f2a84) via bdbfde8 s3:registry: improve log message in regdb_unpack_values() (cherry picked from commit ae441d97cdbe8e35cd342ba979bacc3757c06cb7) via 6413d23 s3:registry: fix a debug message typo (cherry picked from commit 9f82e1175f28bdc1c09e7bd795699b29049a77e3) via 18d3d3f s3:registry: add a new function regval_ctr_value_byname() via b712448 s3:registry: rename regval_ctr_key_exists() to regval_ctr_value_exists() (cherry picked from commit 60cdf3c8b5bbda9434f0d8a05fc581ab41b42d5c) via 4cfbe63 s4:torture:rpc:spoolss: also initialize driverName before checking it in test_PrinterData_DsSpooler() (cherry picked from commit 46428f96a4089925355b4eeebebb8d7f27e2ec0b) via b356e42 s3:registry:reg_api: fix reg_queryvalue to not fail when values are modified while it runs (cherry picked from commit 5d26120b5ab180212d570dd256e8989e0c80224d) via f2ab037 s3:registry: implement values_need_update and subkeys_need_update in the smbconf backend from da5c342 Fix bug 8920, null dereference http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 6eae984cfc3ceb0661f7993c9274e048c6eda6e0 Author: Alejandro Escanero Blanco aescan...@gmail.com Date: Wed May 9 11:35:51 2012 +0200 s3:auth/server_info: the primary rid should be in the groups rid array (bug #8798) Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Wed May 9 19:36:01 CEST 2012 on sn-devel-104 (cherry picked from commit 6132cf2a5cd77c79546a2d6cc3fbf3c93f54183b) commit 32cf92f2388c0fc26e24c3174fab43089bffba03 Author: Michael Adam ob...@samba.org Date: Fri May 4 18:01:00 2012 +0200 s3:registry: return error when Key does not exist in regdb_fetch_values_internal() (cherry picked from commit 8a723ddfc1645e52830fb5f47a34f032f9c38931) commit 2b29bfcf593aa8a80e1e4cab1d344f5a70036c6e Author: Michael Adam ob...@samba.org Date: Mon Apr 23 16:44:15 2012 +0200
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 8a55370 s3-printing: Add new printers to registry. from 6eae984 s3:auth/server_info: the primary rid should be in the groups rid array (bug #8798) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 8a553705d9045dbbc3ab71189f2496fe97e1a802 Author: Björn Baumbach b...@sernet.de Date: Fri Oct 28 05:43:05 2011 +0200 s3-printing: Add new printers to registry. This fixes bug #8554, #8612 and #8748. Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andreas Schneider a...@samba.org --- Summary of changes: source3/include/nt_printing.h |4 +++ source3/printing/nt_printing.c | 19 +++- source3/smbd/server_reload.c | 43 +-- 3 files changed, 53 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/nt_printing.h b/source3/include/nt_printing.h index 4f85159..16c4658 100644 --- a/source3/include/nt_printing.h +++ b/source3/include/nt_printing.h @@ -176,5 +176,9 @@ void nt_printer_remove(TALLOC_CTX *mem_ctx, const struct auth_serversupplied_info *server_info, struct messaging_context *msg_ctx, const char *printer); +void nt_printer_add(TALLOC_CTX *mem_ctx, + const struct auth_serversupplied_info *server_info, + struct messaging_context *msg_ctx, + const char *printer); #endif /* NT_PRINTING_H_ */ diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index b0d4e81..05c53ec 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1863,7 +1863,22 @@ void nt_printer_remove(TALLOC_CTX *mem_ctx, result = winreg_delete_printer_key_internal(mem_ctx, session_info, msg_ctx, printer, ); if (!W_ERROR_IS_OK(result)) { - DEBUG(0, (nt_printer_remove: failed to remove rpinter %s, - printer)); + DEBUG(0, (nt_printer_remove: failed to remove printer %s: + %s\n, printer, win_errstr(result))); + } +} + +void nt_printer_add(TALLOC_CTX *mem_ctx, + const struct auth_serversupplied_info *session_info, + struct messaging_context *msg_ctx, + const char *printer) +{ + WERROR result; + + result = winreg_create_printer_internal(mem_ctx, session_info, msg_ctx, + printer); + if (!W_ERROR_IS_OK(result)) { + DEBUG(0, (nt_printer_add: failed to add printer %s: %s\n, + printer, win_errstr(result))); } } diff --git a/source3/smbd/server_reload.c b/source3/smbd/server_reload.c index 82b0cb0..6e0ab39 100644 --- a/source3/smbd/server_reload.c +++ b/source3/smbd/server_reload.c @@ -38,14 +38,18 @@ void reload_printers(struct tevent_context *ev, { struct auth_serversupplied_info *session_info = NULL; struct spoolss_PrinterInfo2 *pinfo2 = NULL; + int n_services; + int pnum; int snum; - int n_services = lp_numservices(); - int pnum = lp_servicenumber(PRINTERS_NAME); const char *pname; + const char *sname; NTSTATUS status; - bool skip = false; - SMB_ASSERT(pcap_cache_loaded()); + load_printers(ev, msg_ctx); + + n_services = lp_numservices(); + pnum = lp_servicenumber(PRINTERS_NAME); + DEBUG(10, (reloading printer services from pcap cache\n)); status = make_session_info_system(talloc_tos(), session_info); @@ -54,18 +58,29 @@ void reload_printers(struct tevent_context *ev, Could not create system session_info\n)); /* can't remove stale printers before we * are fully initilized */ - skip = true; + return; } - /* remove stale printers */ - for (snum = 0; skip == false snum n_services; snum++) { - /* avoid removing PRINTERS_NAME or non-autoloaded printers */ - if (snum == pnum || !(lp_snum_ok(snum) lp_print_ok(snum) - lp_autoloaded(snum))) + /* +* Add default config for printers added to smb.conf file and remove +* stale printers +*/ + for (snum = 0; snum n_services; snum++) { + /* avoid removing PRINTERS_NAME */ + if (snum == pnum) { + continue; + } + + /* skip no-printer services */ + if (!(lp_snum_ok(snum) lp_print_ok(snum))) { continue; + } +