Re: [Samba] Active directory - Unclean shutdown

2012-10-02 Thread Bjoern.Becker 
Hello,

thanks for hint! I will try the release candidate.
I can't change these registry keys by policy, they are regarding some security 
issue's.

Regards,
Bjoern

-Ursprüngliche Nachricht-
Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im 
Auftrag von Germ van Eck
Gesendet: Montag, 1. Oktober 2012 21:35
An: samba@lists.samba.org
Betreff: Re: [Samba] Active directory - Unclean shutdown

Hello,

Connecting to a share using Windows 7 should work fine. We do this a lot. Maybe 
you need some registry changes that are also needed for joining Windows 7 to a 
Samba domain. 
http://wiki.samba.org/index.php/Windows7#Windows_7_Registry_settings

Regarding Samba 4, there is now a release candidate out, and I think it is 
wiser to use this over an older beta release. 
http://ftp.samba.org/pub/samba/rc/

Regards,
Gerben
Op 01-10-12 15:58, bjoern.bec...@easycash.de schreef:
 Hello,

 i try to connect samba with my active directory. I was able to join the 
 domain successfully and my winbindd running fine.

 With samba 3.4.3 and samba 3.6.7 i get the following error when i try to 
 connect to a share from a windows 7 box:

 [2012/10/01 15:01:14,  4] smbd/vfs.c:753(vfs_ChDir)
vfs_ChDir to /
 [2012/10/01 15:01:14,  3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
 [2012/10/01 15:01:14,  5] auth/token_util.c:522(debug_nt_user_token)
NT user token: (NULL)
 [2012/10/01 15:01:14,  5] auth/token_util.c:548(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
 [2012/10/01 15:01:14,  5] smbd/uid.c:368(change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
 [2012/10/01 15:01:14,  3] smbd/connection.c:31(yield_connection)
Yielding connection to
 [2012/10/01 15:01:14,  3] smbd/server.c:845(exit_server_common)
Server exit (failed to receive smb request)
 [2012/10/01 15:01:14,  3] smbd/server.c:216(remove_child_pid)
smbd/server.c:216 Unclean shutdown of pid 28928

 In my despair i try the same with samba 4.0.0beta8 and it works but 
 unfortunately unstable. I be able to map the share but when i try to access 
 the samba server getting PANIC. I suppose that i have to use samba 4 because 
 i need smbv2? I thought that samba 3.5.* supporting smb v2 too.

 Is there any posibility to run this setup with samba 3.*?

 Regards,
 Bjoern


--
Station to Station handtekening
Gerben van Eck - Software Engineer

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] [Announce] Samba 4.0.0rc2 Available for Download

2012-10-02 Thread Karolin Seeger 
Release Announcements
-

This is the second release candidate of Samba 4.0.  This is *not*
intended for production environments and is designed for testing
purposes only.  Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.

Samba 4.0 will be the next version of the Samba suite and incorporates
all the technology found in both the Samba4 series and the
stable 3.x series. The primary additional features over Samba 3.6 are
support for the Active Directory logon protocols used by Windows 2000
and above.

This release contains the best of all of Samba's
technology parts, both a file server (that you can reasonably expect
to upgrade existing Samba 3.x releases to) and the AD domain
controller work previously known as 'samba4'.

If you are upgrading, or looking to develop, test or deploy Samba 4.0
releases candidates, you should backup all configuration and data.


UPGRADING
=

Users upgrading from Samba 3.x domain controllers and wanting to use
Samba 4.0 as an AD DC should use the 'samba-tool domain
classicupgrade' command.  See the wiki for more details:
https://wiki.samba.org/index.php/Samba4/samba3upgrade/HOWTO.

Users upgrading from Samba 4.0 alpha and beta releases since alpha15
should run 'samba-tool dbcheck --cross-ncs --fix' before re-starting
Samba.  Users upgrading from earlier alpha releases should contact the
team for advice.

Users upgrading an AD DC from any previous release should run
'samba-tool ntacl sysvolreset' to re-sync ACLs on the sysvol share
with those matching the GPOs in LDAP and the defaults from an initial
provision.  This will set an underlying POSIX ACL if required (eg not
using the NTVFS file server).

If you used the BIND9_FLATFILE or BIND9_DLZ features,
you'll have to add '-dns' to the 'server services' option,
as the internal dns server (SAMBA_INTERNAL) is the default now.


NEW FEATURES


Samba 4.0 supports the server-side of the Active Directory logon
environment used by Windows 2000 and later, so we can do full domain
join and domain logon operations with these clients.

Our Domain Controller (DC) implementation includes our own built-in
LDAP server and Kerberos Key Distribution Center (KDC) as well as the
Samba3-like logon services provided over CIFS.  We correctly generate
the infamous Kerberos PAC, and include it with the Kerberos tickets we
issue.

Samba 4.0.0rc2 ships with two distinct file servers.  We now use the
file server from the Samba 3.x series 'smbd' for all file serving by
default.

Samba 4.0 also ships with the 'NTVFS' file server.  This file server
is what was used in all previous releases of Samba 4.0, and is
tuned to match the requirements of an AD domain controller.  We
continue to support this, not only to provide continuity to
installations that have deployed it as part of an AD DC, but also as a
running example of the NT-FSA architecture we expect to move smbd to in
the longer term.

For pure file server work, the binaries users would expect from that
series (nmbd, winbindd, smbpasswd) continue to be available.  When
running an AD DC, you only need to run 'samba' (not
nmbd/smbd/winbind), as the required services are co-coordinated by this
master binary.

As DNS is an integral part of Active Directory, we also provide two DNS
solutions, a simple internal DNS server for 'out of the box' configurations
and a more elaborate BIND plugin using the BIND DLZ mechanism in versions
9.8 and 9.9. During the provision, you can select which backend to use.
With the internal backend, your DNS server is good to go.
If you chose the BIND_DLZ backend, a configuration file will be generated
for bind to make it use this plugin, as well as a file explaining how to
set up bind.

To provide accurate timestamps to Windows clients, we integrate with
the NTP project to provide secured NTP replies.  To use you need to
start ntpd and configure it with the 'restrict ... ms-sntp' and
ntpsigndsocket options.

Finally, a new scripting interface has been added to Samba 4, allowing
Python programs to interface to Samba's internals, and many tools and
internal workings of the DC code is now implemented in python.


##
Changes
###

smb.conf changes


   Parameter Name   Description
   --   ---

   allow dns updatesNew
   announce as  Removed
   announce version Removed
   cldap port   New
   client max protocol  New
   client min protocol  New
   client signing   Changed default
   dcerpc endpoint servers  New
   dgram port   New
   display charset  Removed
   dns forwarderNew
   dns update command   New
   homedir map

[Samba] Win XP printing and 3.x

2012-10-02 Thread Matthew Daubenspeck 
Our main print server is currently running samba 3.5.9 and serving quite
a bunch of printers to WinXP, Win7, and OSX clients. When I attempted to
upgrade to 3.6.8, none of the printers appear on the WinXP clients. Win7
and OSX continue to work fine. I noticed the initial 3.6.0 release notes
showed that the Spoolss code was completely overhauled and refactored.

Do I have to do anything special to upgrade to 3.6.x? XP clients can no
longer see printers after the upgrade.

Thanks.
-- 
  Matthew Daubenspeck

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Connection fails with Server/Client Signing = Mandatory

2012-10-02 Thread Bill Chockla 


I set the debug level to 5.

This log file shows the error 64, with send unencrypted  passwords to 3rd
party servers Enabled; (See attached file: winerr64.100212).

This log file shows the error 1240, with send unencrypted  passwords to
3rd party servers Disabled; (See attached file: winerr1240.100212).


Got log files? It goes up to 100!  Hopefully won't need it that verbose.-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Connection fails with Server/Client Signing = Mandatory

2012-10-02 Thread hceute...@gmail.com 
Strange, something is blocking SPNEGO.  I can see it blocked in the logs...
On Oct 2, 2012 11:25 AM, Bill Chockla choc...@us.ibm.com wrote:

 I set the debug level to 5.

 This log file shows the error 64, with send unencrypted  passwords to 3rd
 party servers Enabled; *(See attached file: winerr64.100212)*.

 This log file shows the error 1240, with send unencrypted  passwords to
 3rd party servers Disabled; *(See attached file: winerr1240.100212)*.


 Got log files? It goes up to 100!  Hopefully won't need it that verbose.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Purpose of the ea support option?

2012-10-02 Thread jrmailgate-sa...@yahoo.co.uk 


Please can someone clarify the purpose of the ea support = yes option in 
smb.conf?

According to the man page, it's there to allow _clients_ to attempt to store 
OS/2 style extended attributes. As long as the underlying server filesystem 
supports EAs, this will work.

However, I've seen a number of references to setting ea support = yes when 
people just want to store DOS attributes and ACLs as extended attributes. 


Am I right in thinking this isn't actually needed in this use case? (I've not 
got it set and things *seem* to be working, but want to check).

Is ea support used by any clients apart from OS/2?

Thanks

JR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Purpose of the ea support option?

2012-10-02 Thread Jeremy Allison 
On Tue, Oct 02, 2012 at 05:49:46PM +0100, jrmailgate-sa...@yahoo.co.uk wrote:
 
 
 Please can someone clarify the purpose of the ea support = yes option in 
 smb.conf?
 
 According to the man page, it's there to allow _clients_ to attempt to store 
 OS/2 style extended attributes. As long as the underlying server filesystem 
 supports EAs, this will work.
 
 However, I've seen a number of references to setting ea support = yes when 
 people just want to store DOS attributes and ACLs as extended attributes. 
 
 
 Am I right in thinking this isn't actually needed in this use case? (I've not 
 got it set and things *seem* to be working, but want to check).

Yes you are right it isn't needed in this use case.

 Is ea support used by any clients apart from OS/2?

I believe Windows Services for UNIX uses EA's to store
symlinks and POSIX names containign invalid Windows
characters like ':' when exporting NFS.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Purpose of the ea support option?

2012-10-02 Thread jrmailgate-sa...@yahoo.co.uk 


Jeremy - thanks for a quick answer and clarification!

Regards

JR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[SCM] CTDB repository - branch master updated - ctdb-1.13-261-g7b75a3b

2012-10-02 Thread Amitay Isaacs 
The branch, master has been updated
   via  7b75a3bb722dc86139b1a07a0100d08c34620b91 (commit)
   via  b29d5bbaa7048291c4b3a39bf12e04f0436f67da (commit)
   via  12a0a7a208d1c8fa8991894200d1dc133f3a2d1a (commit)
   via  2da7730dc06153173778ab14e228960e72ff8a86 (commit)
  from  93c97c3ba3ff714dfa0d056a91ff45010a6e2d66 (commit)

http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master


- Log -
commit 7b75a3bb722dc86139b1a07a0100d08c34620b91
Author: Martin Schwenke mar...@meltin.net
Date:   Tue Jul 17 21:25:27 2012 +1000

tools/ctdb: Remove redundant filtering loop in control_natgwlist()

This used to catch trailing blank lines.  However, these are caught
just as effectively by the whitespace filtering in the loop below.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit b29d5bbaa7048291c4b3a39bf12e04f0436f67da
Author: Martin Schwenke mar...@meltin.net
Date:   Tue Jul 17 21:15:57 2012 +1000

tools/ctdb: natgwlist output is either human readable or machine readable

The first line is currently human readable and the rest is machine
readable.  This doesn't make sense.  Do one or the other...

Signed-off-by: Martin Schwenke mar...@meltin.net

commit 12a0a7a208d1c8fa8991894200d1dc133f3a2d1a
Author: Martin Schwenke mar...@meltin.net
Date:   Tue Jul 17 21:09:46 2012 +1000

tools/ctdb: Factor out printing of the machine readable status header

It is already in 2 places and we might use it in another.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit 2da7730dc06153173778ab14e228960e72ff8a86
Author: Martin Schwenke mar...@meltin.net
Date:   Mon Jul 16 14:24:39 2012 +1000

tools/ctdb: NAT gateway code should use CTDB_NATGW_NODES

... not NATGW_NODES.

Signed-off-by: Martin Schwenke mar...@meltin.net

---

Summary of changes:
 tools/ctdb.c |   57 +
 1 files changed, 37 insertions(+), 20 deletions(-)


Changeset truncated at 500 lines:

diff --git a/tools/ctdb.c b/tools/ctdb.c
index 2b54ca3..badfb6f 100644
--- a/tools/ctdb.c
+++ b/tools/ctdb.c
@@ -836,6 +836,12 @@ static bool is_partially_online(struct ctdb_node_and_flags 
*node)
return ret;
 }
 
+static void control_status_header_machine(void)
+{
+   printf(:Node:IP:Disconnected:Banned:Disabled:Unhealthy:Stopped
+  :Inactive:PartiallyOnline:ThisNode:\n);
+}
+
 static int control_status_1_machine(int mypnn, struct ctdb_node_and_flags 
*node)
 {
printf(:%d:%s:%d:%d:%d:%d:%d:%d:%d:%c:\n, node-pnn,
@@ -882,8 +888,7 @@ static int control_status(struct ctdb_context *ctdb, int 
argc, const char **argv
}
 
if (options.machinereadable) {
-   printf(:Node:IP:Disconnected:Banned:Disabled:Unhealthy:Stopped
-  :Inactive:PartiallyOnline:ThisNode:\n);
+   control_status_header_machine();
for (i=0;inodemap-num;i++) {
if (nodemap-nodes[i].flags  NODE_FLAGS_DELETED) {
continue;
@@ -949,8 +954,7 @@ static int control_nodestatus(struct ctdb_context *ctdb, 
int argc, const char **
}
 
if (options.machinereadable) {
-   printf(:Node:IP:Disconnected:Banned:Disabled:Unhealthy:Stopped
-  :Inactive:PartiallyOnline:ThisNode:\n);
+   control_status_header_machine();
} else if (pnn_mode == CTDB_BROADCAST_ALL) {
printf(Number of nodes:%d\n, (int) 
talloc_array_length(nodes));
}
@@ -997,10 +1001,12 @@ static int control_natgwlist(struct ctdb_context *ctdb, 
int argc, const char **a
struct natgw_node *natgw_nodes = NULL;
struct natgw_node *natgw_node;
struct ctdb_node_map *nodemap=NULL;
+   uint32_t mypnn;
+   const char *fmt;
 
 
/* read the natgw nodes file into a linked list */
-   natgw_list = getenv(NATGW_NODES);
+   natgw_list = getenv(CTDB_NATGW_NODES);
if (natgw_list == NULL) {
natgw_list = /etc/ctdb/natgw_nodes;
}
@@ -1009,9 +1015,6 @@ static int control_natgwlist(struct ctdb_context *ctdb, 
int argc, const char **a
ctdb_set_error(ctdb, Failed to load natgw node list '%s'\n, 
natgw_list);
return -1;
}
-   while (nlines  0  strcmp(lines[nlines-1], ) == 0) {
-   nlines--;
-   }
for (i=0;inlines;i++) {
char *node;
 
@@ -1062,7 +1065,14 @@ static int control_natgwlist(struct ctdb_context *ctdb, 
int argc, const char **a
}
 
i++;
-   }   
+   }
+
+   if (options.machinereadable) {
+   printf(:Node:IP:\n);
+   fmt = :%d:%s:\n;
+   } else {
+   fmt = %d %s\n;
+   }
 
/* pick a

[SCM] Samba Shared Repository - branch v3-6-test updated

2012-10-02 Thread Karolin Seeger 
The branch, v3-6-test has been updated
   via  6ae1bf1 Fix service control for non-internal services.
  from  21a6a9e s3:selftest: run the posix_s3.smb2.oplock tests

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -
commit 6ae1bf115ec1f927baee24cf4d611090d3b1bf91
Author: Vladimir Marek vladimir.ma...@oracle.com
Date:   Mon Sep 17 13:50:55 2012 -0700

Fix service control for non-internal services.

Signed-off-by: Jeremy Allison j...@samba.org

(cherry picked from commit a4e8869f7c93f30dd7014ff83d6d2f2b5afc2d64)
Signed-off-by: Andreas Schneider a...@samba.org

Fix bug #9192 - svcctl list option prohibits smbd to start.

---

Summary of changes:
 source3/rpc_server/svcctl/srv_svcctl_reg.c |4 
 1 files changed, 0 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/svcctl/srv_svcctl_reg.c 
b/source3/rpc_server/svcctl/srv_svcctl_reg.c
index eb0c2bd..044beaa 100644
--- a/source3/rpc_server/svcctl/srv_svcctl_reg.c
+++ b/source3/rpc_server/svcctl/srv_svcctl_reg.c
@@ -392,10 +392,6 @@ static bool svcctl_add_service(TALLOC_CTX *mem_ctx,
}
}
 
-   if (ipath == NULL || dname == NULL || description == NULL) {
-   goto done;
-   }
-
/* Default to an external service if we haven't found a match */
if (builtin_svcs[i].servicename == NULL) {
struct rcinit_file_information *init_info = NULL;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-6-test updated

2012-10-02 Thread Karolin Seeger 
The branch, v3-6-test has been updated
   via  a0f6877 s3-smbd: Move housekeeping to the background process.
  from  6ae1bf1 Fix service control for non-internal services.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -
commit a0f687794d4ea7bbbe759279ed01e377a662a9c1
Author: Andreas Schneider a...@samba.org
Date:   Thu Sep 27 17:20:25 2012 +0200

s3-smbd: Move housekeeping to the background process.

If you add 200 printers using lpadmin. Then you wait for the printcap
cache to expire. As soon as this expires we notify all deamons that they
should reload the printers. This mean we need to create the default
registry keys for each printer. If you do e.g. a 'smbclient -L' during
that time you will get a lot of timeouts.

This moves the housekeeping of the printcap cache to the background
queue process and lets the background process reload the printers first.
So the background process creates the default registry keys. When it is
done with the task it will tell all smbd childs to reload the printers
and the 200 printers appear.

Signed-off-by: Andreas Schneider a...@samba.org

Fix bug #9231 - NT_STATUS_IO_TIMEOUT during slow import of printers into
registry.

---

Summary of changes:
 source3/printing/printing.c  |   31 +++
 source3/smbd/server.c|   28 
 source3/smbd/server_reload.c |9 +
 3 files changed, 40 insertions(+), 28 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index ba73918..a5b36c7 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -1656,6 +1656,28 @@ static void add_child_pid(pid_t pid)
 num_children += 1;
 }
 
+static bool printer_housekeeping_fn(const struct timeval *now,
+   void *private_data)
+{
+   static time_t last_pcap_reload_time = 0;
+   time_t printcap_cache_time = (time_t)lp_printcap_cache_time();
+   time_t t = time_mono(NULL);
+
+   DEBUG(5, (printer housekeeping\n));
+
+   /* if periodic printcap rescan is enabled, see if it's time to reload */
+   if ((printcap_cache_time != 0)
+ (t = (last_pcap_reload_time + printcap_cache_time))) {
+   DEBUG( 3,( Printcap cache time expired.\n));
+   pcap_cache_reload(server_event_context(),
+ smbd_messaging_context(),
+ reload_pcap_change_notify);
+   last_pcap_reload_time = t;
+   }
+
+   return true;
+}
+
 static pid_t background_lpq_updater_pid = -1;
 
 /
@@ -1729,6 +1751,15 @@ void start_background_queue(struct tevent_context *ev,
smb_panic(tevent_add_fd() failed for pause_pipe);
}
 
+   if (!(event_add_idle(ev, NULL,
+timeval_set(SMBD_HOUSEKEEPING_INTERVAL, 0),
+printer_housekeeping,
+printer_housekeeping_fn,
+NULL))) {
+   DEBUG(0, (Could not add printing housekeeping 
event\n));
+   exit(1);
+   }
+
DEBUG(5,(start_background_queue: background LPQ thread waiting 
for messages\n));
ret = tevent_loop_wait(ev);
/* should not be reached */
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index c699d3b..4b6114a 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -619,26 +619,6 @@ static bool smbd_open_one_socket(struct 
smbd_parent_context *parent,
return true;
 }
 
-static bool smbd_parent_housekeeping(const struct timeval *now, void 
*private_data)
-{
-   time_t printcap_cache_time = (time_t)lp_printcap_cache_time();
-   time_t t = time_mono(NULL);
-
-   DEBUG(5, (parent housekeeping\n));
-
-   /* if periodic printcap rescan is enabled, see if it's time to reload */
-   if ((printcap_cache_time != 0)
- (t = (last_printer_reload_time + printcap_cache_time))) {
-   DEBUG( 3,( Printcap cache time expired.\n));
-   pcap_cache_reload(server_event_context(),
- smbd_messaging_context(),
- reload_pcap_change_notify);
-   last_printer_reload_time = t;
-   }
-
-   return true;
-}
-
 /
  Open the socket communication.
 /
@@ -781,14 +761,6 @@ static bool open_sockets_smbd(struct

[SCM] CTDB repository - branch master updated - ctdb-1.13-268-g6bd4fef

2012-10-02 Thread Amitay Isaacs 
The branch, master has been updated
   via  6bd4feff7039138d435428eeded51975c44e567c (commit)
   via  0f0aef21a1bb2d88a8c184ef70c718e0c91acdc3 (commit)
   via  a56ec75edd1705b0539513d396d311f0e80a3bf5 (commit)
   via  c30ec02615183ecf9b412ad415bf1abd859aec45 (commit)
   via  81af67c6959fdbe0566e3f1a00e2be58dd268dc6 (commit)
   via  a3f15d2828325bbfba5bc5c0a30429e2ce572a44 (commit)
   via  140fafef23050d40d66f5b5558c7efcb78f80cd2 (commit)
  from  7b75a3bb722dc86139b1a07a0100d08c34620b91 (commit)

http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master


- Log -
commit 6bd4feff7039138d435428eeded51975c44e567c
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 18 17:05:03 2012 +1000

tests/tool: New tests for natgwlist, getcapabilities, lvs, lvsmaster

Signed-off-by: Martin Schwenke mar...@meltin.net

commit 0f0aef21a1bb2d88a8c184ef70c718e0c91acdc3
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 18 17:02:38 2012 +1000

tests/tool: New function setup_natgw() to setup $CTDB_NATGW_NODES

Signed-off-by: Martin Schwenke mar...@meltin.net

commit a56ec75edd1705b0539513d396d311f0e80a3bf5
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 18 16:59:19 2012 +1000

tools/ctdb: Clean up control_natgw()

* Factor out repeated code into new function find_natgw()
* Support both machine and human readable output
* Use libctdb

Signed-off-by: Martin Schwenke mar...@meltin.net

commit c30ec02615183ecf9b412ad415bf1abd859aec45
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 18 16:57:01 2012 +1000

tools/ctdb: Convert some commands over to libctdb

control_getcapabilities(), control_lvs(), control_lvsmaster() updated
to use ctdb_getcapabilities(), ctdb_getnodemap() as appropriate.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit 81af67c6959fdbe0566e3f1a00e2be58dd268dc6
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 18 15:57:13 2012 +1000

tests: libctdb stubs initial ctdb_getcapabilities() implementation

Signed-off-by: Martin Schwenke mar...@meltin.net

commit a3f15d2828325bbfba5bc5c0a30429e2ce572a44
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 18 15:53:39 2012 +1000

tests: libctdb stubs must copy pointers rather than just returning them

Some code (e.g. NAT gateway code) modifies the returned result so was
modifying the original.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit 140fafef23050d40d66f5b5558c7efcb78f80cd2
Author: Martin Schwenke mar...@meltin.net
Date:   Wed Jul 18 14:24:08 2012 +1000

libctdb: add ctdb_getcapabilities()

Signed-off-by: Martin Schwenke mar...@meltin.net

---

Summary of changes:
 include/ctdb.h |   50 ++
 include/ctdb_private.h |8 -
 include/ctdb_protocol.h|   11 ++
 libctdb/control.c  |   28 +++
 libctdb/sync.c |   17 ++
 tests/src/libctdb_test.c   |   38 -
 tests/tool/scripts/local.sh|   20 +++
 tests/tool/stubby.getcapabilities.001.sh   |   30 
 tests/tool/stubby.getcapabilities.002.sh   |   30 
 tests/tool/stubby.getcapabilities.003.sh   |   27 +++
 tests/tool/stubby.lvs.001.sh   |   27 +++
 tests/tool/stubby.lvsmaster.001.sh |   28 +++
 tests/tool/stubby.lvsmaster.002.sh |   28 +++
 ...tubby.status.001.sh = stubby.natgwlist.001.sh} |   18 +-
 ...tubby.status.002.sh = stubby.natgwlist.002.sh} |   16 +-
 ...tubby.status.002.sh = stubby.natgwlist.003.sh} |   18 +-
 tests/tool/stubby.natgwlist.004.sh |   37 
 tests/tool/stubby.natgwlist.005.sh |   37 
 tools/ctdb.c   |  175 +++-
 19 files changed, 520 insertions(+), 123 deletions(-)
 create mode 100755 tests/tool/stubby.getcapabilities.001.sh
 create mode 100755 tests/tool/stubby.getcapabilities.002.sh
 create mode 100755 tests/tool/stubby.getcapabilities.003.sh
 create mode 100755 tests/tool/stubby.lvs.001.sh
 create mode 100755 tests/tool/stubby.lvsmaster.001.sh
 create mode 100755 tests/tool/stubby.lvsmaster.002.sh
 copy tests/tool/{stubby.status.001.sh = stubby.natgwlist.001.sh} (68%)
 copy tests/tool/{stubby.status.002.sh = stubby.natgwlist.002.sh} (71%)
 copy tests/tool/{stubby.status.002.sh = stubby.natgwlist.003.sh} (61%)
 create mode 100755 tests/tool/stubby.natgwlist.004.sh
 create mode 100755 tests/tool/stubby.natgwlist.005.sh


Changeset truncated at 500 lines:

diff --git a/include/ctdb.h b/include/ctdb.h
index 93224cb..c3da068 100644
--- a/include/ctdb.h
+++ b/include/ctdb.h
@@ -585,6

[SCM] CTDB repository - branch master updated - ctdb-1.13-271-g043ef77

2012-10-02 Thread Amitay Isaacs 
The branch, master has been updated
   via  043ef77086797a703aec436a26a05c56a1bcbf2b (commit)
   via  dc2a8c638bd74b9f1dd75339cd2ae2f32ffa18a8 (commit)
   via  b89e959904d7d1b0e5525abd7789f5101537a46a (commit)
  from  6bd4feff7039138d435428eeded51975c44e567c (commit)

http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master


- Log -
commit 043ef77086797a703aec436a26a05c56a1bcbf2b
Author: Martin Schwenke mar...@meltin.net
Date:   Tue Aug 21 14:28:37 2012 +1000

Initscript: Kill any existing ctdbd processes if the ping succeeds

Initialising a new ctdbd will destroy the Unix domain socket so
existing processes will be useless anyway.

Signed-off-by: Martin Schwenke mar...@meltin.net

commit dc2a8c638bd74b9f1dd75339cd2ae2f32ffa18a8
Author: Martin Schwenke mar...@meltin.net
Date:   Mon Aug 20 15:02:24 2012 +1000

tools/ctdb: Free the event context

Signed-off-by: Martin Schwenke mar...@meltin.net

commit b89e959904d7d1b0e5525abd7789f5101537a46a
Author: Martin Schwenke mar...@meltin.net
Date:   Mon Aug 20 14:30:35 2012 +1000

libctdb: Add comments to effect that some controls return result in status

These controls include:

  CTDB_CONTROL_GET_RECMODE
  CTDB_CONTROL_GET_RECMASTER
  CTDB_CONTROL_GET_PID
  CTDB_CONTROL_GET_PNN
  CTDB_CONTROL_PING
  CTDB_CONTROL_GET_DB_PRIORITY

In these cases the data field is empty.

Signed-off-by: Martin Schwenke mar...@meltin.net

---

Summary of changes:
 config/ctdb.init  |6 ++
 libctdb/control.c |3 +++
 tools/ctdb.c  |1 +
 3 files changed, 10 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/config/ctdb.init b/config/ctdb.init
index 71b187a..581844d 100755
--- a/config/ctdb.init
+++ b/config/ctdb.init
@@ -257,6 +257,12 @@ start() {
return 0
 }
 
+# About to start new $ctdbd.  The ping above has failed and any
+# new $ctdbd will destroy the Unix domain socket, so any processes
+# that aren't yet completely useless soon will be...  so kill
+# them.
+pkill -9 -f $ctdbd
+
 build_ctdb_options
 
 # make sure we drop any ips that might still be held if previous
diff --git a/libctdb/control.c b/libctdb/control.c
index 176c48c..8d14cc8 100644
--- a/libctdb/control.c
+++ b/libctdb/control.c
@@ -48,6 +48,7 @@ bool ctdb_getrecmaster_recv(struct ctdb_connection *ctdb,
DEBUG(ctdb, LOG_ERR, ctdb_getrecmaster_recv: status -1);
return false;
}
+   /* Note: data is stashed in status - see ctdb_control_dispatch() */
*recmaster = reply-status;
return true;
 }
@@ -75,6 +76,7 @@ bool ctdb_getrecmode_recv(struct ctdb_connection *ctdb,
DEBUG(ctdb, LOG_ERR, ctdb_getrecmode_recv: status -1);
return false;
}
+   /* Note: data is stashed in status - see ctdb_control_dispatch() */
*recmode = reply-status;
return true;
 }
@@ -102,6 +104,7 @@ bool ctdb_getpnn_recv(struct ctdb_connection *ctdb,
DEBUG(ctdb, LOG_ERR, ctdb_getpnn_recv: status -1);
return false;
}
+   /* Note: data is stashed in status - see ctdb_control_dispatch() */
*pnn = reply-status;
return true;
 }
diff --git a/tools/ctdb.c b/tools/ctdb.c
index 6d5dc1b..e75a922 100644
--- a/tools/ctdb.c
+++ b/tools/ctdb.c
@@ -6019,6 +6019,7 @@ int main(int argc, const char *argv[])
 
ctdb_disconnect(ctdb_connection);
talloc_free(ctdb);
+   talloc_free(ev);
(void)poptFreeContext(pc);
 
return ret;


-- 
CTDB repository

[SCM] Samba Shared Repository - branch master updated

2012-10-02 Thread Kai Blin 
The branch, master has been updated
   via  f4b9007 s4-dns: fix a non handled memory out of memory
  from  9f83968 Add samba3.samba3badnameblob test to check regressions in 
bug #9215.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit f4b9007faf901db6f703b5109df055081949c3f1
Author: Matthieu Patou m...@matws.net
Date:   Mon Oct 1 21:43:11 2012 -0700

s4-dns: fix a non handled memory out of memory

Signed-off-by: Kai Blin k...@samba.org

Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Tue Oct  2 09:43:52 CEST 2012 on sn-devel-104

---

Summary of changes:
 source4/dns_server/dns_server.c |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index dbdc300..003dd4e 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -828,6 +828,7 @@ static void dns_task_init(struct task_server *task)
 
z = talloc_zero(dns, struct dns_server_zone);
if (z == NULL) {
+   task_server_terminate(task, dns failed to allocate 
memory, true);
}
 
z-name = ldb_msg_find_attr_as_string(res-msgs[i], name, 
NULL);


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - annotated tag ldb-1.1.13 created

2012-10-02 Thread Stefan Metzmacher 
The annotated tag, ldb-1.1.13 has been created
at  0914ff78920257478bda13acd071bc9dd7be4791 (tag)
   tagging  ffd61e2bbf46ab8660c32b90c547beb8b77fcb9d (commit)
  replaces  samba-4.0.0rc1
 tagged by  Stefan Metzmacher
on  Tue Oct 2 10:21:18 2012 +0200

- Log -
ldb: tag release ldb-1.1.13
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAABAgAGBQJQaqP+AAoJEEeTkWETCEAlMSIH/0Ix/jE92QV1hdrHenUqq2uI
eX3aoYeIWw9FEOJdg6mPUdbIaZaz3l2zh+W1Lu6W4Y9m6cvO6hirfImJBVjAVQ7y
wXjNLeM28l+6mIRO8+asBpEMLHGYEM2pT/3184G4yedLxjqTfL4InSChpIWDxBMG
+yHFgh9yDSxeOvMALcVPQ0JCK2mEmJ7BoV8OpV2z4qRIH6iuBAz258iep4kQ1O0E
lgtLU/waL2ydAu5k6rRjyxdhFRFXODEKjOo9c9T5oOHiK54X2q53USevUsQwefNr
gwoVhK3LU6++2aSCyOF27DplfhvXaC8CpRR7DKmO9kvUp1FwvKvp6IoXDmmmkmM=
=ylMV
-END PGP SIGNATURE-

Alexander Bokovoy (4):
  s3: make ldapsam-related functions a smbldaphelper subsystem
  s3: make smbldaphelper subsystem an internal library
  docs-xml: convert smb.conf.5 build to waf
  docs-xml: fix build of winbindd- and krb5 locator-related manpages

Andreas Schneider (1):
  docs: Fix generating idmap manpages.

Andrew Bartlett (22):
  docs: Update docs to the modern age of Samba 4.0
  docs: Remove distinction between server and domain accounts
  docs: remove references to security=server
  docs: update for modern kerberos libs
  build: Fix build on systems without ldap development headers
  docs: Remove confusing reference to smb signing and client use spnego
  docs: Remove references to old kerberos behaviour
  docs: Remove references to Subversion, replace with wiki link
  docs: Remove out of date links to pserver.samba.org and old tarballs
  docs: Remove referenece to autogen.sh and document waf build instead
  docs: Remove referenece to old Red Hat Linux habits on winbindd
  docs: Update BDC docs to recognise the AD DC and to exclusivly recommend 
LDAP
  docs: Remove reference to inetd startup, it is not recommended
  docs: Clarify TOSHARG-Bugs for 2012
  docs: Update FastStart: remove security=share, avoid disable spoolss
  docs: Remove very outdated TOSHARG-Portability section
  docs: Remove very outdated TOSHARG-Other-Clients section
  docs: Remove references to sysv-style CUPS from TOSHARG-CUPS-printing
  docs: Remove references to mulitple passdb backends
  docs: Remove references to specific windows versions, instead mention 
Home/Professional/Server
  docs: Remove another reference to security=share
  ldb: bump version to 1.1.13 so the 4.0 release can get the isprint fix

Björn Jacke (9):
  autoconf: fix --with(out)-sendfile-support option handling
  packaging: apply some solaris packaging fixes
  s3: fix the aix acl module
  s3: fix the tru64 acl module
  s3: fix the hpux acl module
  wafbuild: check for dn_expand also in libinet
  autoconf: check for dn_expand also in libinet
  quota: also log which fs type we found
  replace: add some includes for poll.h

Christian Ambach (4):
  s3:auth fix a compiler warning
  s3:vfs_gpfs: fix build
  s3:libsmb fix a potential crash
  s3:libsmb fix a double free error

Ira Cooper (1):
  s3: Fix the vfs_solarisacl module to compile.

Jelmer Vernooij (6):
  samba.provision: Fix formatting, NameErrors.
  samba.provision.backend: Fix formatting.
  samba.provision.sambadns: Fix formatting.
  samba.provision.common: Fix formatting.
  samba.netcmd: Formatting fixes, break lines.
  s4-python: Formatting fixes, break lines.

Jeremy Allison (6):
  Sigh :-(. Removing optimization prematurely is the root of all evil :-(.
  Don't call can_write_to_file() if we already have 'fsp-can_write' set.
  Add backup_intent bool.
  Add bool use_privs parameter to smbd_check_access_rights()
  Fix bad string in debug message (remove it).
  Add 'bool use_privs' to smbd_calculate_access_mask().

Karolin Seeger (1):
  WHATSNEW: Fix some issues in the release notes.

Michael Adam (2):
  VERSION: Bump version up to 4.1.0pre1
  s4:torture: fix error reporting in the raw.oplock-brl3 test

---


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-0-test updated

2012-10-02 Thread Karolin Seeger 
The branch, v4-0-test has been updated
   via  fe880b5 WHATSNEW: Remove default values.
   via  3cebcfc WHATSNEW: Add more changes since rc1.
   via  a7c4372 s4-dns: fix a non handled memory out of memory
   via  3d3acf0 s3fs-smbd: Move housekeeping to the background process.
   via  b74ed15 Fix service control for non-internal services.
   via  6d184c0 s3-winbindd: Adjust error code loop logic in 
rpc_trusted_domains().
   via  9525921 s3-lsa: Flesh out the returned info in 
_lsa_EnumTrustedDomainsEx().
   via  3058755 s3-winbindd: Allow DNS resolution of trusted domains if DNS 
name is avaliable
  from  a92e4e5 docs-xml: fix build of winbindd- and krb5 locator-related 
manpages

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit fe880b5bdb7b4663460033053f3e82a1568c9f11
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 09:23:45 2012 +0200

WHATSNEW: Remove default values.

Karolin

Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org
Autobuild-Date(v4-0-test): Tue Oct  2 11:05:25 CEST 2012 on sn-devel-104

commit 3cebcfc0ad456cfde4023deb561f0dcc758f17d8
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 09:20:00 2012 +0200

WHATSNEW: Add more changes since rc1.

Karolin

commit a7c437285f15f8a1e46a4f6d57d6b6986720ed84
Author: Matthieu Patou m...@matws.net
Date:   Mon Oct 1 21:43:11 2012 -0700

s4-dns: fix a non handled memory out of memory

Fix bug #9233 - internal dns server has a non handled out of memory case.

commit 3d3acf04da37d99aceb4759849a42a8ecae2333f
Author: Andreas Schneider a...@samba.org
Date:   Thu Sep 27 19:01:15 2012 +0200

s3fs-smbd: Move housekeeping to the background process.

If you add 200 printers using lpadmin. Then you wait for the printcap
cache to expire. As soon as this expires we notify all deamons that they
should reload the printers. This mean we need to create the default
registry keys for each printer. If you do e.g. a 'smbclient -L' during
that time you will get a lot of timeouts.

This lets the housekeeping function of the printcap cache do the task of
creating the default registry keys in background queue process. When it is 
done
with the task it will tell all smbd childs to reload the printers and the 
200
printers appear.

(cherry picked from commit aa6a7a97803b1106d2200c889a2260f81059c450)

Signed-off-by: Andreas Schneider a...@samba.org

Fix bug #9231 - NT_STATUS_IO_TIMEOUT during slow import of printers into
registry.

commit b74ed1511753bd9b51c91a02e0cb4ea42e3ea37e
Author: Vladimir Marek vladimir.ma...@oracle.com
Date:   Mon Sep 17 13:50:55 2012 -0700

Fix service control for non-internal services.

Signed-off-by: Jeremy Allison j...@samba.org

(cherry picked from commit a4e8869f7c93f30dd7014ff83d6d2f2b5afc2d64)
Signed-off-by: Andreas Schneider a...@samba.org

Fix bug #9192 - svcctl list option prohibits smbd to start.

commit 6d184c07438328ff88b7de942b0c39ce44a20d0a
Author: Günther Deschner g...@samba.org
Date:   Fri Sep 28 18:04:07 2012 +0200

s3-winbindd: Adjust error code loop logic in rpc_trusted_domains().

Guenther

Autobuild-User(master): Günther Deschner g...@samba.org
Autobuild-Date(master): Sat Sep 29 00:34:04 CEST 2012 on sn-devel-104

Fix bug #9185 - Winbind cannot resolve AD DC in a different subnet.

commit 9525921d8d5a6d2e51e55171d26908fd1d6d7503
Author: Günther Deschner g...@samba.org
Date:   Fri Sep 28 18:03:25 2012 +0200

s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx().

Guenther

commit 3058755280fa7a8d35a13cdd459be3e1db2a373a
Author: Sumit Bose sb...@redhat.com
Date:   Tue Sep 11 13:28:35 2012 +0200

s3-winbindd: Allow DNS resolution of trusted domains if DNS name is 
avaliable

Signed-off-by: Günther Deschner g...@samba.org

---

Summary of changes:
 WHATSNEW.txt   |   70 ++--
 source3/printing/queue_process.c   |9 
 source3/rpc_server/lsa/srv_lsa_nt.c|5 ++
 source3/rpc_server/svcctl/srv_svcctl_reg.c |4 --
 source3/winbindd/winbindd_cm.c |   11 -
 source3/winbindd/winbindd_rpc.c|   68 +++
 source3/winbindd/winbindd_util.c   |4 +-
 source4/dns_server/dns_server.c|1 +
 8 files changed, 119 insertions(+), 53 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index c62676e..02232c4 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -102,29 +102,29 @@ Changes
 smb.conf changes
 
 
-   Parameter Name  Description Default
-   --

[SCM] Samba Shared Repository - branch v4-0-test updated

2012-10-02 Thread Karolin Seeger 
The branch, v4-0-test has been updated
   via  d190b59 VERSION: Bump version up to 4.0.0rc3.
   via  cc9315a VERSION: Bump version number up to 4.0.0rc2.
   via  7eb1f6f librelease.sh: Move the GPG data to the library section.
   via  85289d8 WHATSNEW: Add kernel oplocks...
  from  fe880b5 WHATSNEW: Remove default values.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit d190b5965d21008b88d2a63c9265cb07b348efab
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 09:55:44 2012 +0200

VERSION: Bump version up to 4.0.0rc3.

And enable GIT snapshots.

Karolin

commit cc9315ac80d598f5325ba5d713bb1cb412c4a639
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 09:54:10 2012 +0200

VERSION: Bump version number up to 4.0.0rc2.

Karolin

commit 7eb1f6ff178cb04a04dcaee88f15be850d239430
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 10:29:16 2012 +0200

librelease.sh: Move the GPG data to the library section.

Don't use the Library key for the samba releases.

Karolin

Pair-Programmed-With: Stefan Metzmacher me...@samba.org

commit 85289d89b9b607c6c661cd49803a94b6c60918ed
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 10:52:21 2012 +0200

WHATSNEW: Add kernel oplocks...

to the list of changed defaults.

Karolin

---

Summary of changes:
 VERSION  |4 ++--
 WHATSNEW.txt |1 +
 script/librelease.sh |   34 --
 3 files changed, 27 insertions(+), 12 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 642809e..75b8db5 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  -  3.0.0rc1  #
 
-SAMBA_VERSION_RC_RELEASE=1
+SAMBA_VERSION_RC_RELEASE=3
 
 
 # To mark SVN snapshots this should be set to 'yes'#
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=1
 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes   #
 #  -  3.0.0-SVN-build-199   #
 
-SAMBA_VERSION_IS_GIT_SNAPSHOT=no
+SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
 
 
 # This is for specifying a release nickname#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 02232c4..f214087 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -118,6 +118,7 @@ smb.conf changes
dns forwarder   New
dns update command  New
homedir map Changed default
+   kernel oplocks  Changed default
kernel share modes  New
kpasswd portNew
krb5 port   New
diff --git a/script/librelease.sh b/script/librelease.sh
index ac82762..5119ca4 100755
--- a/script/librelease.sh
+++ b/script/librelease.sh
@@ -1,14 +1,6 @@
 #!/bin/bash
 # make a release of a Samba library
 
-[ -z $GPG_USER ]  {
-GPG_USER='Samba Library Distribution Key samba-b...@samba.org'
-}
-
-[ -z $GPG_KEYID ]  {
-GPG_KEYID='13084025'
-}
-
 if [ ! -d .git ]; then
echo Run this script from the top-level directory in the
echo repository
@@ -67,6 +59,11 @@ release_lib() {
exit 1
 }
 
+[ -z $ftpdir ]  {
+popd
+return 0
+}
+
 echo Push git tag $tagname
 git push ssh://git.samba.org/data/git/samba.git 
refs/tags/$tagname:refs/tags/$tagname || {
exit 1
@@ -84,10 +81,27 @@ release_lib() {
 for lib in $*; do
 case $lib in
talloc | tdb | tevent | ldb)
+   [ -z $GPG_USER ]  {
+   GPG_USER='Samba Library Distribution Key samba-b...@samba.org'
+   }
+
+   [ -z $GPG_KEYID ]  {
+   GPG_KEYID='13084025'
+   }
+
release_lib $lib lib/$lib $lib
;;
-   samba4)
-   release_lib $lib . samba/$lib
+   samba)
+   [ -z $GPG_USER ]  {
+   GPG_USER='6568B7EA'
+   }
+
+   [ -z $GPG_KEYID ]  {
+   GPG_KEYID='6568B7EA'
+   }
+
+   # for now we don't upload
+   release_lib $lib . 
;;
*)
echo Unknown library $lib


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-0-stable updated

2012-10-02 Thread Karolin Seeger 
The branch, v4-0-stable has been updated
   via  cc9315a VERSION: Bump version number up to 4.0.0rc2.
   via  7eb1f6f librelease.sh: Move the GPG data to the library section.
   via  85289d8 WHATSNEW: Add kernel oplocks...
   via  fe880b5 WHATSNEW: Remove default values.
   via  3cebcfc WHATSNEW: Add more changes since rc1.
   via  a7c4372 s4-dns: fix a non handled memory out of memory
   via  3d3acf0 s3fs-smbd: Move housekeeping to the background process.
   via  b74ed15 Fix service control for non-internal services.
   via  6d184c0 s3-winbindd: Adjust error code loop logic in 
rpc_trusted_domains().
   via  9525921 s3-lsa: Flesh out the returned info in 
_lsa_EnumTrustedDomainsEx().
   via  3058755 s3-winbindd: Allow DNS resolution of trusted domains if DNS 
name is avaliable
   via  a92e4e5 docs-xml: fix build of winbindd- and krb5 locator-related 
manpages
   via  08cb895 docs-xml: convert smb.conf.5 build to waf
   via  de953ff build: Fix build on systems without ldap development headers
   via  6f07216 s3: make smbldaphelper subsystem an internal library
   via  aeac5ef WHATSNEW: Start release notes for Samba 4.0.0rc2.
   via  c10debd s3-smbd: Don't segfault if user specified ports out for 
range.
   via  d5f5a6a Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause 
invalid free.
   via  4d295c9 s4:dns.py: reproducer for (bug #9184)
   via  c362ed5 lib/tsocket: fix receiving of udp packets from 0 bytes (bug 
#9184)
   via  036c23a libcli/echo: validate the message length
   via  350d5ec selftest: skip the samba4.smb2.compound testsuite
   via  010c93e s3:smbd:smb2: initialize variable in 
vfs_default_durable_reconnect()
   via  d995da0 selftest: we fail samba3.smb2.compound.interim2
   via  20656f8 s4:torture:smb2:compound: remove two unused macros (cherry 
picked from commit 6f6b1c6ac15f225978e8c2d67c1a817d9e098317)
   via  b40a7e6 s4:torture:smb2: don't skip the compound.interim2 test for 
non win7/win2k8 (cherry picked from commit 
8df0b023c51ed198d3054760447e1b273eada991)
   via  c05693a s4:torture:smb2: don't skip the compound.interim1 test for 
non win7/win2k8 (cherry picked from commit 
917e714831178b2a3d07c7f9d09711231a7ccf31)
   via  e17df2b s3:smbd: remove struct member smbd_smb2_request.cancelled - 
it was only written (cherry picked from commit 
88d051f7f18ff88ec5385fdc798f051659134bd3)
   via  829d9dc s3:smb2_lock: let smbd_smb2_create_cancel() trigger 
NT_STATUS_CANCELED
   via  493dec1 s3:smb2_lock: smbd_smb2_notify_recv() can already return 
NT_STATUS_CANCELED
   via  c99507d s3:smb2_notify: make use of tevent_req_defer_callback() 
instead of custom tevent_immediate
   via  a6fd1ee s3:smb2_notify: don't call tevent_req_done() from 
smbd_smb2_notify_cancel()
   via  e899a51 s3:smb2_lock: let smbd_smb2_lock_cancel() trigger 
NT_STATUS_CANCELED
   via  aa16e20 s3:smb2_server: avoid segfault in 
smbd_smb2_request_pending_queue()
   via  0e5ecc5 s4:torture:smb2: extend the compound.invalid1 test
   via  c4d803b s3:smbd:smb2: simplify smbd_smb2_request_validate() and 
smbd_smb2_request_dispatch()
   via  021dd55 s3:smbd:smb2: add check for session_status for compound 
requests (cherry picked from commit 27d38b5c27bd96d5124c175d946718bf0836b8f4)
   via  9f73827 s3:smb2_server: do the req-next_status check before the 
signing checks
   via  b26bf82 s3:smb2_server: reset req-last_session_id and 
req-last_tid after using it
   via  f24ee3b s4:torture:smb2: fix the compound.invalid3 test to work 
against windows (cherry picked from commit 
bd8d50b451ea7f94efafbe5dc0c2c19f6bf9)
   via  f9ef916 s4:torture:smb2: fix compound.related3 test to work against 
windows (cherry picked from commit 8e525a29a7c6512f61e4647ecb2e0771e2019a49)
   via  8b67af7 s3: Compound requests should continue processing.
   via  ce21ae1 s3-spoolss: Fix builtin forms order to match Windows again.
   via  569f63f s3: For read-only shares, filter out write bits from 
conn-access_mask
   via  b94c9a6 s3: Fix rejecting mkdir on read-only shares
   via  28f6a6d panic action is defined as GLOBAL_VAR(szPanicAction) not 
GLOBAL_VAR(panic_action)
   via  6d9841d s3:printing only do printing_subsystem_update when printing 
is enabled
   via  4ee9a57 dynconfig/config.m4: disallow --prefix=/usr and 
--prefix=/usr/local without --enable-fhs
   via  4c97f0d s3:smb2_server: fix usage of invalid memory in 
smb2_signing_check_pdu()
   via  68be257 We now pass samba3.raw.acls.generic and 
samba3.smb2.acls.GENERIC with the max access change.
   via  973281b Fix bug #9189 - SMB2 Create doesn't return correct MAX 
ACCESS access mask in blob.
   via  164cb1c packaging/RHEL-CTDB: add BUILD_GPFS=no configure.rpm and 
BUILD_GPFS=no makerpms.sh
   via  4b59959 packaging/RHEL-CTDB: try harder to set $RPMVER
   via  cb57e4a

[SCM] Samba Shared Repository - annotated tag samba-4.0.0rc2 created

2012-10-02 Thread Karolin Seeger 
The annotated tag, samba-4.0.0rc2 has been created
at  71c051824b4f04fd3a84157ce5885a589762c0e8 (tag)
   tagging  cc9315ac80d598f5325ba5d713bb1cb412c4a639 (commit)
  replaces  samba-4.0.0rc1
 tagged by  Karolin Seeger
on  Tue Oct 2 11:57:00 2012 +0200

- Log -
samba: tag release samba-4.0.0rc2
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.18 (GNU/Linux)

iD8DBQBQarp2bzORW2Vot+oRAs13AJ0T2fH8a4qOkxLHA30oeGe0zdQlYwCfb+Wq
4XMaZ77M9Bp7us43wsTQK2c=
=Zb0+
-END PGP SIGNATURE-

Alexander Bokovoy (4):
  s3: make ldapsam-related functions a smbldaphelper subsystem
  s3: make smbldaphelper subsystem an internal library
  docs-xml: convert smb.conf.5 build to waf
  docs-xml: fix build of winbindd- and krb5 locator-related manpages

Andreas Schneider (4):
  docs: Fix generating idmap manpages.
  s3-spoolss: Fix builtin forms order to match Windows again.
  s3-smbd: Don't segfault if user specified ports out for range.
  s3fs-smbd: Move housekeeping to the background process.

Andrew Bartlett (1):
  build: Fix build on systems without ldap development headers

Björn Jacke (4):
  s3: fix the hpux acl module
  s3: fix the tru64 acl module
  s3: fix the aix acl module
  quota: add supprt for gfs2

Christian Ambach (2):
  s3:vfs_gpfs: fix build
  s3:printing only do printing_subsystem_update when printing is enabled

Günther Deschner (2):
  s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx().
  s3-winbindd: Adjust error code loop logic in rpc_trusted_domains().

Ira Cooper (2):
  s3: Fix the vfs_solarisacl module to compile.
  s3: Compound requests should continue processing.

Jeremy Allison (4):
  Sigh :-(. Removing optimization prematurely is the root of all evil :-(.
  Fix bug #9189 - SMB2 Create doesn't return correct MAX ACCESS access mask 
in blob.
  We now pass samba3.raw.acls.generic and samba3.smb2.acls.GENERIC with 
the max access change.
  Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause invalid free.

Karolin Seeger (6):
  WHATSNEW: Start release notes for Samba 4.0.0rc2.
  WHATSNEW: Add more changes since rc1.
  WHATSNEW: Remove default values.
  WHATSNEW: Add kernel oplocks...
  librelease.sh: Move the GPG data to the library section.
  VERSION: Bump version number up to 4.0.0rc2.

Matthieu Patou (2):
  panic action is defined as GLOBAL_VAR(szPanicAction) not 
GLOBAL_VAR(panic_action)
  s4-dns: fix a non handled memory out of memory

Michael Adam (12):
  source3/script: fix installman.sh after the last build-manpages-nogit 
change
  s4:torture:smb2: fix compound.related3 test to work against windows 
(cherry picked from commit 8e525a29a7c6512f61e4647ecb2e0771e2019a49)
  s4:torture:smb2: fix the compound.invalid3 test to work against windows 
(cherry picked from commit bd8d50b451ea7f94efafbe5dc0c2c19f6bf9)
  s3:smbd:smb2: add check for session_status for compound requests (cherry 
picked from commit 27d38b5c27bd96d5124c175d946718bf0836b8f4)
  s3:smbd:smb2: simplify smbd_smb2_request_validate() and 
smbd_smb2_request_dispatch()
  s3:smbd: remove struct member smbd_smb2_request.cancelled - it was only 
written (cherry picked from commit 88d051f7f18ff88ec5385fdc798f051659134bd3)
  s4:torture:smb2: don't skip the compound.interim1 test for non 
win7/win2k8 (cherry picked from commit 917e714831178b2a3d07c7f9d09711231a7ccf31)
  s4:torture:smb2: don't skip the compound.interim2 test for non 
win7/win2k8 (cherry picked from commit 8df0b023c51ed198d3054760447e1b273eada991)
  s4:torture:smb2:compound: remove two unused macros (cherry picked from 
commit 6f6b1c6ac15f225978e8c2d67c1a817d9e098317)
  selftest: we fail samba3.smb2.compound.interim2
  s3:smbd:smb2: initialize variable in vfs_default_durable_reconnect()
  selftest: skip the samba4.smb2.compound testsuite

Stefan Metzmacher (23):
  script/autobuild.py: use some variables for rebase_remote and 
rebase_branch
  script/autobuild.py: use some variables for push_remote and push_branch
  script/autobuild.py: add --branch option
  script/autobuild.py: add log_base variable to avoid hardcoded values
  script/autobuild.py: add --log-base option
  s3:smbd: release the share mode lock before calling exit_server() (bug 
#9191)
  packaging/RHEL-CTDB: fix the build
  packaging/RHEL-CTDB: try harder to set $RPMVER
  packaging/RHEL-CTDB: add BUILD_GPFS=no configure.rpm and BUILD_GPFS=no 
makerpms.sh
  s3:smb2_server: fix usage of invalid memory in smb2_signing_check_pdu()
  dynconfig/config.m4: disallow --prefix=/usr and --prefix=/usr/local 
without --enable-fhs
  s3:smb2_server: reset req-last_session_id and req-last_tid after using 
it
  s3:smb2_server: do the req-next_status check before the signing checks
  s4:torture:smb2: extend the

[SCM] Samba Website Repository - branch master updated

2012-10-02 Thread Karolin Seeger 
The branch, master has been updated
   via  4dcf626 Announce Samba 4.0.0rc2.
  from  56f0067 Announce Samba 3.5.18.

http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -
commit 4dcf6260fb5f6fab2d5fedad50bef3dd392db93e
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 11:04:48 2012 +0200

Announce Samba 4.0.0rc2.

Karolin

---

Summary of changes:
 generated_news/latest_10_bodies.html|   19 +--
 generated_news/latest_10_headlines.html |4 ++--
 generated_news/latest_2_bodies.html |   23 ++-
 3 files changed, 21 insertions(+), 25 deletions(-)


Changeset truncated at 500 lines:

diff --git a/generated_news/latest_10_bodies.html 
b/generated_news/latest_10_bodies.html
index e0215c2..37e5917 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -1,3 +1,12 @@
+   h5a name=4.0.0rc202 October 2012/a/h5
+   p class=headlineSamba 4.0.0rc2 Available for Download/p
+   pThis is the second release candidate of the Samba 4.0 series./p
+
+pThe uncompressed tarballs and patch files have been signed
+using GnuPG (ID 6568B7EA).  The source code can be
+a 
href=https://download.samba.org/pub/samba/rc/samba-4.0.0rc2.tar.gz;downloaded 
now/a.
+See a 
href=https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt;the 
release notes for more info/a./p
+
h5a name=3.5.1824 September 2012/a/h5
p class=headlineSamba 3.5.18 Available for Download/p
pThis is the latest stable release of the Samba 3.5 series./p
@@ -125,13 +134,3 @@ Please see the release notes for more info:
 lia href=http://samba.org/samba/history/samba-3.5.14.html;release notes 
Samba 3.5.14/a,/li
 lia href=http://samba.org/samba/history/samba-3.4.16.html;release notes 
Samba 3.4.16/a./li
 /p
-
-   h5a name=SMB2.2 Interop Event20 March 2012/a/h5
-   p class=headlineReport: Microsoft SMB2.2 Interop Event/p
-   pA few Samba Team members recently accepted an invitation by Microsoft
-   and attended an SMB2.2 interop testing opportunity.
-   a href=http://www.samba.org/~obnox/;Michael Adam/a has
-   written a report about this successful event./p
-
-   pIf you are interested in this event and Samba's progress in the SMB2 
area,
-   please read a 
href=/samba/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.htmlMichael's
 full report/a./p
diff --git a/generated_news/latest_10_headlines.html 
b/generated_news/latest_10_headlines.html
index 6c6ad9a..899a786 100644
--- a/generated_news/latest_10_headlines.html
+++ b/generated_news/latest_10_headlines.html
@@ -1,4 +1,6 @@
 ul
+   li 02 October 2012 a href=#4.0.0rc2Samba 4.0.0rc2 Available for 
Download/a/li
+
li 24 September 2012 a href=#3.5.18Samba 3.5.18 Available for 
Download/a/li
 
li 17 September 2012 a href=#3.6.8Samba 3.6.8 Available for 
Download/a/li
@@ -16,6 +18,4 @@
li 30 April 2012 a href=#3.6.5Samba 3.6.5/a, a 
href=#3.5.153.5.15/a and a href=#3.4.173.4.17/a bSecurity 
Releases/b Available for Download./li
 
li 10 April 2012 a href=#3.6.4Samba 3.6.4/a, a 
href=#3.5.143.5.14/a and a href=#3.4.163.4.16/a bSecurity 
Releases/b Available for Download./li
-
-   li 20 March 2012 a 
href=/samba/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.htmlReport:
 Microsoft SMB2.2 Interop Event/a/li
 /ul
diff --git a/generated_news/latest_2_bodies.html 
b/generated_news/latest_2_bodies.html
index b3aef74..abdc2c4 100644
--- a/generated_news/latest_2_bodies.html
+++ b/generated_news/latest_2_bodies.html
@@ -1,21 +1,18 @@
-   h5a name=3.5.1824 September 2012/a/h5
-   p class=headlineSamba 3.5.18 Available for Download/p
-   pThis is the latest stable release of the Samba 3.5 series./p
+   h5a name=4.0.0rc202 October 2012/a/h5
+   p class=headlineSamba 4.0.0rc2 Available for Download/p
+   pThis is the second release candidate of the Samba 4.0 series./p
 
 pThe uncompressed tarballs and patch files have been signed
 using GnuPG (ID 6568B7EA).  The source code can be
-a href=http://samba.org/samba/ftp/stable/samba-3.5.18.tar.gz;downloaded
-now/a. A a 
href=http://samba.org/samba/ftp/patches/patch-3.5.17-3.5.18.diffs.gz;patch 
against Samba 3.5.17/a is also available. See a 
href=http://samba.org/samba/history/samba-3.5.18.html;the release notes for 
more info/a./p
+a 
href=https://download.samba.org/pub/samba/rc/samba-4.0.0rc2.tar.gz;downloaded 
now/a.
+See a 
href=https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt;the 
release notes for more info/a./p
 
 
-   h5a name=3.6.817 September 2012/a/h5
-   p class=headlineSamba 3.6.8 Available for Download/p
-   pThis is the latest stable release of the Samba 3.6 series./p
+   h5a name=3.5.1824 September

[SCM] Samba Shared Repository - branch master updated

2012-10-02 Thread Stefan Metzmacher 
The branch, master has been updated
   via  dce8a8e librelease.sh: Move the GPG data to the library section.
  from  f4b9007 s4-dns: fix a non handled memory out of memory

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit dce8a8e284e544999d85aa7df3ef97c3701742b4
Author: Karolin Seeger ksee...@samba.org
Date:   Tue Oct 2 10:29:16 2012 +0200

librelease.sh: Move the GPG data to the library section.

Don't use the Library key for the samba releases.

Karolin

Pair-Programmed-With: Stefan Metzmacher me...@samba.org
(cherry picked from commit 7eb1f6ff178cb04a04dcaee88f15be850d239430)

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Oct  2 14:28:10 CEST 2012 on sn-devel-104

---

Summary of changes:
 script/librelease.sh |   34 --
 1 files changed, 24 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/script/librelease.sh b/script/librelease.sh
index ac82762..5119ca4 100755
--- a/script/librelease.sh
+++ b/script/librelease.sh
@@ -1,14 +1,6 @@
 #!/bin/bash
 # make a release of a Samba library
 
-[ -z $GPG_USER ]  {
-GPG_USER='Samba Library Distribution Key samba-b...@samba.org'
-}
-
-[ -z $GPG_KEYID ]  {
-GPG_KEYID='13084025'
-}
-
 if [ ! -d .git ]; then
echo Run this script from the top-level directory in the
echo repository
@@ -67,6 +59,11 @@ release_lib() {
exit 1
 }
 
+[ -z $ftpdir ]  {
+popd
+return 0
+}
+
 echo Push git tag $tagname
 git push ssh://git.samba.org/data/git/samba.git 
refs/tags/$tagname:refs/tags/$tagname || {
exit 1
@@ -84,10 +81,27 @@ release_lib() {
 for lib in $*; do
 case $lib in
talloc | tdb | tevent | ldb)
+   [ -z $GPG_USER ]  {
+   GPG_USER='Samba Library Distribution Key samba-b...@samba.org'
+   }
+
+   [ -z $GPG_KEYID ]  {
+   GPG_KEYID='13084025'
+   }
+
release_lib $lib lib/$lib $lib
;;
-   samba4)
-   release_lib $lib . samba/$lib
+   samba)
+   [ -z $GPG_USER ]  {
+   GPG_USER='6568B7EA'
+   }
+
+   [ -z $GPG_KEYID ]  {
+   GPG_KEYID='6568B7EA'
+   }
+
+   # for now we don't upload
+   release_lib $lib . 
;;
*)
echo Unknown library $lib


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

2012-10-02 Thread Alexander Bokovoy 
The branch, master has been updated
   via  4a21d2e Fix release script to build full set of documentation
  from  dce8a8e librelease.sh: Move the GPG data to the library section.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 4a21d2e7790f1c76cf0d0fcfb2f4a8ef13721532
Author: Alexander Bokovoy a...@samba.org
Date:   Tue Oct 2 14:53:38 2012 +0300

Fix release script to build full set of documentation

build-docs script was not setting XML catalog properly.

In addition, some time ago pdf versions of images were introduced as
generated dependencies in our books but svg - pdf rule was not added,
so building books never finished properly.

Autobuild-User(master): Alexander Bokovoy a...@samba.org
Autobuild-Date(master): Tue Oct  2 16:21:23 CEST 2012 on sn-devel-104

---

Summary of changes:
 docs-xml/Makefile  |3 +++
 release-scripts/build-docs |3 +--
 2 files changed, 4 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/Makefile b/docs-xml/Makefile
index 0b4e880..b322bed 100644
--- a/docs-xml/Makefile
+++ b/docs-xml/Makefile
@@ -191,6 +191,9 @@ $(PSDIR)/%.ps: %/index.xml $(PSDIR) xslt/latex.xsl 
%-images-latex-eps
 %.eps: %.png
$(PNGTOPNM) $ | $(PNMTOPS)  $@
 
+%.pdf: %.svg
+   $(INKSCAPE) -z -f $(abspath $) --export-pdf=$(abspath $@)
+
 $(HTMLHELPDIR)/%: $(DOCBOOKDIR)/%.xml %-images-htmlhelp
$(XSLTPROC) --stringparam htmlhelp.chm $*.chm \
--stringparam manifest.in.base.dir $@/ \
diff --git a/release-scripts/build-docs b/release-scripts/build-docs
index 5da641a..e909e6e 100755
--- a/release-scripts/build-docs
+++ b/release-scripts/build-docs
@@ -11,6 +11,7 @@ DOCSRCDIR=`dirname $0`/../docs-xml
 pushd $DOCSRCDIR || exit 1
 
 git clean -d -x -f
+export XML_CATALOG_FILES=file:///etc/xml/catalog 
file://$(pwd)/build/catalog.xml
 autoconf  \
./configure --with-papersize=letter  \
make smbdotconf/parameters.all.xml  \
@@ -28,8 +29,6 @@ rsync -Ca --exclude=.svn archives/ ../docs/
 cd ../docs || _exit Error changing dir to ${DOCSDIR}/../docs/
 
 /bin/rm -rf test.pdf Samba4*pdf htmldocs/Samba4* htmldocs/test
-mv manpages-3 manpages
-mv htmldocs/manpages-3 htmldocs/manpages
 
 cd ../docs-xml || _exit Error changing dir to ${DOCSDIR}/../docs-xml/
 make distclean


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-0-test updated

2012-10-02 Thread Karolin Seeger 
The branch, v4-0-test has been updated
   via  1a0c013 s4 dns: Fix return code for deleted records
   via  8d25b8a s4:dns_server - introduce the wildcard binding feature
   via  ddd07ae s4: Fix a -Wunused-value warning
   via  ba8b5e3 selftest/knownfail: samba*.smb2.oplock.stream1 doesn't work
   via  b2c591c s4:torture/smb2: remove samba specific stuff from 
smb2.oplock
   via  c420163 s3:smb2_create: don't take 'state-te' as indication for 
was_deferred (bug #9196)
   via  2248884 Fix bug #9209 - Parse of invalid SMB2 create blob can cause 
smbd crash.
   via  ff47fcd libcli/smb: fix padding in smb2_create_blob*
  from  d190b59 VERSION: Bump version up to 4.0.0rc3.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -
commit 1a0c013591f592339235370607685027425874a7
Author: Kai Blin k...@samba.org
Date:   Sun Sep 30 11:26:24 2012 +0200

s4 dns: Fix return code for deleted records

This fixes bug #9225. We already had a test for this scenario, but the test 
wasn't
correct. This patch fixes the test, and also fixes the bug.

Signed-off-by: Kai Blin k...@samba.org

Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org
Autobuild-Date(v4-0-test): Tue Oct  2 16:46:06 CEST 2012 on sn-devel-104

commit 8d25b8ae35e2f190e42aa064ef3c60faf1a4ddf2
Author: Matthias Dieter Wallnöfer m...@samba.org
Date:   Sun Aug 12 18:08:20 2012 +0200

s4:dns_server - introduce the wildcard binding feature

We need the wildcard binding feature otherwise we might get bound to a
private interface in case of multiple interfaces and no interfaces
parameter in smb.conf.

Code taken from source4/ldap_server/ldap_server.c

Signed-off-by: Kai Blin k...@samba.org

Autobuild-User(master): Kai Blin k...@samba.org
Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104

Fix bug #9183 - DNS server does not listen on localhost.

commit ddd07ae4daef3bca2f6df521ffea707d41256248
Author: Volker Lendecke v...@samba.org
Date:   Wed Sep 26 10:07:32 2012 -0700

s4: Fix a -Wunused-value warning

Autobuild-User(master): Volker Lendecke v...@samba.org
Autobuild-Date(master): Wed Sep 26 21:52:00 CEST 2012 on sn-devel-104
(cherry picked from commit 5022b3d8c183181b922e3ccac49e5819eb453035)

Fix bug #9223 - Uninitialized variable in the cldap server can give bad 
netlogon
netsamlogon response.

commit ba8b5e396add96a679fcff92f5d20df40875514a
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Sep 26 03:24:22 2012 +0200

selftest/knownfail: samba*.smb2.oplock.stream1 doesn't work

metze

Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Sep 26 07:57:12 CEST 2012 on sn-devel-104
(cherry picked from commit 98d117a5424d62804b7cb3d8a9ad35e703fc158a)

commit b2c591c6ca66e117c350a53e4bd9028268d0076c
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Sep 26 03:08:33 2012 +0200

s4:torture/smb2: remove samba specific stuff from smb2.oplock

metze
(cherry picked from commit 7a14f09f9cc14cfb6234175add1841faf751d51a)

commit c4201630403edc338f6a3843fd4dd069f45b1fd2
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Sep 26 03:04:20 2012 +0200

s3:smb2_create: don't take 'state-te' as indication for was_deferred 
(bug #9196)

We always set state-te = NULL of TALLOC_FREE(state-te),
before calling smbd_smb2_request_dispatch(), so
open_was_deferred_smb2() always returned false, while dispatching
it again.

But it's remove_deferred_open_message_smb2_internal() which
should reset this state.

In developer mode validate_my_share_entries() did call smb_panic()
before.

metze
(cherry picked from commit 4604219ceba96955b3c4bf6ab31aa70c11442d61)

commit 224888491f7a4ce88fd636e56d1438a8a84a48e9
Author: Jeremy Allison j...@samba.org
Date:   Wed Sep 26 16:58:58 2012 -0700

Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash.

Ensure we correctly protect against blobs with data_offset==0
and data_length != 0.

Jeremy.

Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104
(cherry picked from commit 322e3d42f65dadabeccf8813fcb0e9b7d353ffb2)

commit ff47fcd3c9f4c8e470601c443d214b590288f655
Author: Stefan Metzmacher me...@samba.org
Date:   Wed Sep 19 08:11:23 2012 +0200

libcli/smb: fix padding in smb2_create_blob*

metze
(cherry picked from commit aa5caf1fe92b159eae00c7b11499e9ec697cf9ae)

---

Summary of changes:
 libcli/smb/smb2_create_blob.c   |   46 ++
 selftest/knownfail  |2 +
 source3/smbd/smb2_create.c

[SCM] Samba Shared Repository - branch master updated

2012-10-02 Thread Günther Deschner 
The branch, master has been updated
   via  7751d03 s3-net: Fix DEBUG() location.
   via  0eded14 s3-net: give more control how to update/register DNS 
entries.
   via  ec23d0a s3-net: pass down a flags field to DoDNSUpdate().
   via  5d4247a s3-net: move out some prototypes to net_dns.h.
   via  a2fec69 s3-net: pass down struct net_context to the dns update 
calls.
   via  06f3b1f s3-kerberos: add aes enctypes to generated krb5.conf.
   via  eae33e9 s3-krb5: use and request AES keys in kerberos operations.
  from  4a21d2e Fix release script to build full set of documentation

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 7751d03a1e18a94de1f54f6ba4143b52d8c53180
Author: Günther Deschner g...@samba.org
Date:   Mon Oct 1 16:19:28 2012 +0200

s3-net: Fix DEBUG() location.

Guenther

Autobuild-User(master): Günther Deschner g...@samba.org
Autobuild-Date(master): Tue Oct  2 18:06:17 CEST 2012 on sn-devel-104

commit 0eded14f19806e87b2205677064d1413bcb86d38
Author: Günther Deschner g...@samba.org
Date:   Tue Sep 25 11:09:45 2012 +0200

s3-net: give more control how to update/register DNS entries.

Guenther

commit ec23d0a3b2f3969d4d113d80bd82cb1dbbcd
Author: Günther Deschner g...@samba.org
Date:   Tue Sep 25 11:08:48 2012 +0200

s3-net: pass down a flags field to DoDNSUpdate().

Guenther

commit 5d4247ae7434adae87b265a362a9fa19b4ca557c
Author: Günther Deschner g...@samba.org
Date:   Wed Sep 19 15:35:15 2012 +0200

s3-net: move out some prototypes to net_dns.h.

Guenther

commit a2fec69b0958f75e31c702e25017eeae6a92be0d
Author: Günther Deschner g...@samba.org
Date:   Wed Sep 19 15:31:57 2012 +0200

s3-net: pass down struct net_context to the dns update calls.

Guenther

commit 06f3b1f0b0dcf9355a8d634cdb62f1f0a8ea4dbe
Author: Günther Deschner g...@samba.org
Date:   Mon Dec 19 10:52:58 2011 +0100

s3-kerberos: add aes enctypes to generated krb5.conf.

Guenther

commit eae33e96fcaa456830862325b91579faf2a96213
Author: Günther Deschner g...@samba.org
Date:   Thu Dec 15 18:12:41 2011 +0100

s3-krb5: use and request AES keys in kerberos operations.

Guenther

---

Summary of changes:
 lib/krb5_wrap/krb5_samba.c   |6 ++
 source3/libads/kerberos.c|   28 +--
 source3/libads/kerberos_keytab.c |8 +++-
 source3/utils/net_ads.c  |   44 ++
 source3/utils/net_dns.c  |   96 +++---
 source3/utils/net_dns.h  |   43 +
 6 files changed, 163 insertions(+), 62 deletions(-)
 create mode 100644 source3/utils/net_dns.h


Changeset truncated at 500 lines:

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 1a5a710..8037337 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -688,6 +688,12 @@ int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx,
ENCTYPE_ARCFOUR_HMAC,
ENCTYPE_DES_CBC_MD5,
ENCTYPE_DES_CBC_CRC,
+#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96
+   ENCTYPE_AES128_CTS_HMAC_SHA1_96,
+#endif
+#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96
+   ENCTYPE_AES256_CTS_HMAC_SHA1_96,
+#endif
ENCTYPE_NULL};
 
initialize_krb5_error_table();
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 1093d12..3183e26 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -831,6 +831,7 @@ bool create_local_private_krb5_conf_for_domain(const char 
*realm,
int fd;
char *realm_upper = NULL;
bool result = false;
+   char *aes_enctypes = NULL;
 
if (!lp_create_krb5_conf()) {
return false;
@@ -870,14 +871,33 @@ bool create_local_private_krb5_conf_for_domain(const char 
*realm,
goto done;
}
 
+   aes_enctypes = talloc_strdup(fname, );
+   if (aes_enctypes == NULL) {
+   goto done;
+   }
+
+#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96
+   aes_enctypes = talloc_asprintf_append(aes_enctypes, %s, 
aes256-cts-hmac-sha1-96 );
+   if (aes_enctypes == NULL) {
+   goto done;
+   }
+#endif
+#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96
+   aes_enctypes = talloc_asprintf_append(aes_enctypes, %s, 
aes128-cts-hmac-sha1-96);
+   if (aes_enctypes == NULL) {
+   goto done;
+   }
+#endif
+
file_contents = talloc_asprintf(fname,
[libdefaults]\n\tdefault_realm = %s\n
-   \tdefault_tgs_enctypes = RC4-HMAC 
DES-CBC-CRC DES-CBC-MD5\n
-   \tdefault_tkt_enctypes = RC4-HMAC 
DES-CBC-CRC DES-CBC-MD5\n
-

[SCM] Samba Shared Repository - branch master updated

2012-10-02 Thread Volker Lendecke 
The branch, master has been updated
   via  a168a7c tdb: Fix a typo
  from  7751d03 s3-net: Fix DEBUG() location.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit a168a7c791a4be1730a370d059b3a1073fbb0bdd
Author: Volker Lendecke v...@samba.org
Date:   Tue Oct 2 12:21:20 2012 +0200

tdb: Fix a typo

Autobuild-User(master): Volker Lendecke v...@samba.org
Autobuild-Date(master): Tue Oct  2 19:52:16 CEST 2012 on sn-devel-104

---

Summary of changes:
 lib/tdb/common/lock.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/tdb/common/lock.c b/lib/tdb/common/lock.c
index 88a52e9..260fab6 100644
--- a/lib/tdb/common/lock.c
+++ b/lib/tdb/common/lock.c
@@ -562,7 +562,7 @@ int tdb_allrecord_lock(struct tdb_context *tdb, int ltype,
 
/* We cover two kinds of locks:
 * 1) Normal chain locks.  Taken for almost all operations.
-* 3) Individual records locks.  Taken after normal or free
+* 2) Individual records locks.  Taken after normal or free
 *chain locks.
 *
 * It is (1) which cause the starvation problem, so we're only


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

2012-10-02 Thread Jeremy Allison 
The branch, master has been updated
   via  c251a6b When creating a new file/directory, we need to obey the 
create mask/directory mask parameters.
   via  8f0ecbb Add functions to programatically set the security mask and 
directory security mask parameters.
   via  6575d1d When setting a non-default ACL, don't forget to apply masks 
to SMB_ACL_USER and SMB_ACL_GROUP entries.
   via  5d5ddbd Only apply masks on non-default ACL entries when setting 
the ACL.
   via  82e7132 Use is_default_acl variable in canonicalise_acl().
   via  efb446a Reformat spacing to be even.
  from  a168a7c tdb: Fix a typo

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit c251a6b0442abc13bc8be4ff8de324c1d7706a78
Author: Jeremy Allison j...@samba.org
Date:   Tue Oct 2 10:25:14 2012 -0700

When creating a new file/directory, we need to obey the create 
mask/directory mask parameters.

Currently we call FSET_NT_ACL to inherit any ACLs on create. However
FSET_NT_ACL uses the security mask/directory security mask parameters
instead of the create mask/directory mask parameters.

Swap them temporarily when creating to ensure the correct masks
are applied.

Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Tue Oct  2 22:27:17 CEST 2012 on sn-devel-104

commit 8f0ecbbbeebff0174579a78827d384067cd4cbb7
Author: Jeremy Allison j...@samba.org
Date:   Tue Oct 2 10:22:39 2012 -0700

Add functions to programatically set the security mask and directory 
security mask parameters.

commit 6575d1d34fee45c7a965c7c9641cc52b566a9e7f
Author: Jeremy Allison j...@samba.org
Date:   Tue Oct 2 10:15:54 2012 -0700

When setting a non-default ACL, don't forget to apply masks to SMB_ACL_USER 
and SMB_ACL_GROUP entries.

commit 5d5ddbd62490d3e87dd990554a2c7b7eaf2cc24e
Author: Jeremy Allison j...@samba.org
Date:   Tue Oct 2 10:12:45 2012 -0700

Only apply masks on non-default ACL entries when setting the ACL.

commit 82e7132bdf7c9d4ddead3cd5d845bfe68b93448b
Author: Jeremy Allison j...@samba.org
Date:   Tue Oct 2 09:55:09 2012 -0700

Use is_default_acl variable in canonicalise_acl().

commit efb446a38cca448855977666499603d12e1477b4
Author: Jeremy Allison j...@samba.org
Date:   Tue Oct 2 09:21:17 2012 -0700

Reformat spacing to be even.

---

Summary of changes:
 source3/include/proto.h   |2 +
 source3/param/loadparm.c  |   14 +++
 source3/smbd/open.c   |   15 +++
 source3/smbd/posix_acls.c |   58 +++--
 4 files changed, 71 insertions(+), 18 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/proto.h b/source3/include/proto.h
index b3fa55a..e42c33d 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1188,6 +1188,8 @@ bool lp_getwd_cache(void);
 int lp_srv_maxprotocol(void);
 int lp_srv_minprotocol(void);
 int lp_security(void);
+int lp_set_security_mask(int snum, int new_val);
+int lp_set_directory_security_mask(int snum, int new_mask);
 int lp__server_role(void);
 int lp__security(void);
 int lp__domain_master(void);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 61606ce..960a644 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -5476,3 +5476,17 @@ int lp_security(void)
return lp_find_security(lp__server_role(),
lp__security());
 }
+
+int lp_set_security_mask(int snum, int new_val)
+{
+   int ret = ServicePtrs[snum]-iSecurity_mask;
+   ServicePtrs[snum]-iSecurity_mask = new_val;
+   return ret;
+}
+
+int lp_set_directory_security_mask(int snum, int new_val)
+{
+   int ret = ServicePtrs[snum]-iDir_Security_mask;
+   ServicePtrs[snum]-iDir_Security_mask = new_val;
+   return ret;
+}
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index d4babd4..bea4d99 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3436,6 +3436,9 @@ static NTSTATUS inherit_new_acl(files_struct *fsp)
bool inherit_owner = lp_inherit_owner(SNUM(fsp-conn));
bool inheritable_components = false;
size_t size = 0;
+   int orig_security_mask = 0;
+   int orig_directory_security_mask = 0;
+   int snum = SNUM(fsp-conn);
 
if (!parent_dirname(ctx, fsp-fsp_name-base_name, parent_name, NULL)) 
{
return NT_STATUS_NO_MEMORY;
@@ -3506,6 +3509,14 @@ static NTSTATUS inherit_new_acl(files_struct *fsp)
NDR_PRINT_DEBUG(security_descriptor, psd);
}
 
+   /* Temporarily replace the security masks with the create masks,
+  as we're actually doing a create here - we only call this
+  when we've created a file or directory - but there's no
+  way for FSET_NT_ACL to know the difference. */
+
+

[SCM] Samba Shared Repository - branch master updated

2012-10-02 Thread Jeremy Allison 
The branch, master has been updated
   via  dfd3c31 Fix bug #9222 - smbd ignores the server signing = no 
setting for SMB2.
  from  c251a6b When creating a new file/directory, we need to obey the 
create mask/directory mask parameters.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit dfd3c31a3f9eea96854b2d22574856368e86b245
Author: Jeremy Allison j...@samba.org
Date:   Tue Oct 2 14:10:21 2012 -0700

Fix bug #9222 - smbd ignores the server signing = no setting for SMB2.

Still sign if client request is signed, just don't negotiate it in
negprot or sessionsetup.

Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Wed Oct  3 00:59:42 CEST 2012 on sn-devel-104

---

Summary of changes:
 source3/smbd/smb2_negprot.c   |   10 ++
 source3/smbd/smb2_sesssetup.c |6 ++
 2 files changed, 12 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 6adc581..826e0d1 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -92,7 +92,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct 
smbd_smb2_request *req)
DATA_BLOB security_buffer;
size_t expected_dyn_size = 0;
size_t c;
-   uint16_t security_mode;
+   uint16_t security_mode = 0;
uint16_t dialect_count;
uint16_t in_security_mode;
uint32_t in_capabilities;
@@ -244,9 +244,11 @@ NTSTATUS smbd_smb2_request_process_negprot(struct 
smbd_smb2_request *req)
return smbd_smb2_request_error(req, NT_STATUS_INTERNAL_ERROR);
}
 
-   security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
-   if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
-   security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
+   if (lp_server_signing() != SMB_SIGNING_OFF) {
+   security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
+   if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
+   security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
+   }
}
 
capabilities = 0;
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 2599d2a..8bdfd49 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -185,6 +185,12 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct 
smbXsrv_session *session,
struct smbXsrv_session *x = session;
struct smbXsrv_connection *conn = session-connection;
 
+   if ((lp_server_signing() == SMB_SIGNING_OFF) 
+   (in_security_mode  SMB2_NEGOTIATE_SIGNING_REQUIRED)) {
+   DEBUG(0,(SMB2 signing required and we have disabled it.\n));
+   return NT_STATUS_ACCESS_DENIED;
+   }
+
if ((in_security_mode  SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
lp_server_signing() == SMB_SIGNING_REQUIRED) {
x-global-signing_required = true;


-- 
Samba Shared Repository