Re: [Samba] Active directory - Unclean shutdown
Hello, thanks for hint! I will try the release candidate. I can't change these registry keys by policy, they are regarding some security issue's. Regards, Bjoern -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Germ van Eck Gesendet: Montag, 1. Oktober 2012 21:35 An: samba@lists.samba.org Betreff: Re: [Samba] Active directory - Unclean shutdown Hello, Connecting to a share using Windows 7 should work fine. We do this a lot. Maybe you need some registry changes that are also needed for joining Windows 7 to a Samba domain. http://wiki.samba.org/index.php/Windows7#Windows_7_Registry_settings Regarding Samba 4, there is now a release candidate out, and I think it is wiser to use this over an older beta release. http://ftp.samba.org/pub/samba/rc/ Regards, Gerben Op 01-10-12 15:58, bjoern.bec...@easycash.de schreef: Hello, i try to connect samba with my active directory. I was able to join the domain successfully and my winbindd running fine. With samba 3.4.3 and samba 3.6.7 i get the following error when i try to connect to a share from a windows 7 box: [2012/10/01 15:01:14, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to / [2012/10/01 15:01:14, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/10/01 15:01:14, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2012/10/01 15:01:14, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2012/10/01 15:01:14, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2012/10/01 15:01:14, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2012/10/01 15:01:14, 3] smbd/server.c:845(exit_server_common) Server exit (failed to receive smb request) [2012/10/01 15:01:14, 3] smbd/server.c:216(remove_child_pid) smbd/server.c:216 Unclean shutdown of pid 28928 In my despair i try the same with samba 4.0.0beta8 and it works but unfortunately unstable. I be able to map the share but when i try to access the samba server getting PANIC. I suppose that i have to use samba 4 because i need smbv2? I thought that samba 3.5.* supporting smb v2 too. Is there any posibility to run this setup with samba 3.*? Regards, Bjoern -- Station to Station handtekening Gerben van Eck - Software Engineer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] [Announce] Samba 4.0.0rc2 Available for Download
Release Announcements - This is the second release candidate of Samba 4.0. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.0 will be the next version of the Samba suite and incorporates all the technology found in both the Samba4 series and the stable 3.x series. The primary additional features over Samba 3.6 are support for the Active Directory logon protocols used by Windows 2000 and above. This release contains the best of all of Samba's technology parts, both a file server (that you can reasonably expect to upgrade existing Samba 3.x releases to) and the AD domain controller work previously known as 'samba4'. If you are upgrading, or looking to develop, test or deploy Samba 4.0 releases candidates, you should backup all configuration and data. UPGRADING = Users upgrading from Samba 3.x domain controllers and wanting to use Samba 4.0 as an AD DC should use the 'samba-tool domain classicupgrade' command. See the wiki for more details: https://wiki.samba.org/index.php/Samba4/samba3upgrade/HOWTO. Users upgrading from Samba 4.0 alpha and beta releases since alpha15 should run 'samba-tool dbcheck --cross-ncs --fix' before re-starting Samba. Users upgrading from earlier alpha releases should contact the team for advice. Users upgrading an AD DC from any previous release should run 'samba-tool ntacl sysvolreset' to re-sync ACLs on the sysvol share with those matching the GPOs in LDAP and the defaults from an initial provision. This will set an underlying POSIX ACL if required (eg not using the NTVFS file server). If you used the BIND9_FLATFILE or BIND9_DLZ features, you'll have to add '-dns' to the 'server services' option, as the internal dns server (SAMBA_INTERNAL) is the default now. NEW FEATURES Samba 4.0 supports the server-side of the Active Directory logon environment used by Windows 2000 and later, so we can do full domain join and domain logon operations with these clients. Our Domain Controller (DC) implementation includes our own built-in LDAP server and Kerberos Key Distribution Center (KDC) as well as the Samba3-like logon services provided over CIFS. We correctly generate the infamous Kerberos PAC, and include it with the Kerberos tickets we issue. Samba 4.0.0rc2 ships with two distinct file servers. We now use the file server from the Samba 3.x series 'smbd' for all file serving by default. Samba 4.0 also ships with the 'NTVFS' file server. This file server is what was used in all previous releases of Samba 4.0, and is tuned to match the requirements of an AD domain controller. We continue to support this, not only to provide continuity to installations that have deployed it as part of an AD DC, but also as a running example of the NT-FSA architecture we expect to move smbd to in the longer term. For pure file server work, the binaries users would expect from that series (nmbd, winbindd, smbpasswd) continue to be available. When running an AD DC, you only need to run 'samba' (not nmbd/smbd/winbind), as the required services are co-coordinated by this master binary. As DNS is an integral part of Active Directory, we also provide two DNS solutions, a simple internal DNS server for 'out of the box' configurations and a more elaborate BIND plugin using the BIND DLZ mechanism in versions 9.8 and 9.9. During the provision, you can select which backend to use. With the internal backend, your DNS server is good to go. If you chose the BIND_DLZ backend, a configuration file will be generated for bind to make it use this plugin, as well as a file explaining how to set up bind. To provide accurate timestamps to Windows clients, we integrate with the NTP project to provide secured NTP replies. To use you need to start ntpd and configure it with the 'restrict ... ms-sntp' and ntpsigndsocket options. Finally, a new scripting interface has been added to Samba 4, allowing Python programs to interface to Samba's internals, and many tools and internal workings of the DC code is now implemented in python. ## Changes ### smb.conf changes Parameter Name Description -- --- allow dns updatesNew announce as Removed announce version Removed cldap port New client max protocol New client min protocol New client signing Changed default dcerpc endpoint servers New dgram port New display charset Removed dns forwarderNew dns update command New homedir map
[Samba] Win XP printing and 3.x
Our main print server is currently running samba 3.5.9 and serving quite a bunch of printers to WinXP, Win7, and OSX clients. When I attempted to upgrade to 3.6.8, none of the printers appear on the WinXP clients. Win7 and OSX continue to work fine. I noticed the initial 3.6.0 release notes showed that the Spoolss code was completely overhauled and refactored. Do I have to do anything special to upgrade to 3.6.x? XP clients can no longer see printers after the upgrade. Thanks. -- Matthew Daubenspeck -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Connection fails with Server/Client Signing = Mandatory
I set the debug level to 5. This log file shows the error 64, with send unencrypted passwords to 3rd party servers Enabled; (See attached file: winerr64.100212). This log file shows the error 1240, with send unencrypted passwords to 3rd party servers Disabled; (See attached file: winerr1240.100212). Got log files? It goes up to 100! Hopefully won't need it that verbose.-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Connection fails with Server/Client Signing = Mandatory
Strange, something is blocking SPNEGO. I can see it blocked in the logs... On Oct 2, 2012 11:25 AM, Bill Chockla choc...@us.ibm.com wrote: I set the debug level to 5. This log file shows the error 64, with send unencrypted passwords to 3rd party servers Enabled; *(See attached file: winerr64.100212)*. This log file shows the error 1240, with send unencrypted passwords to 3rd party servers Disabled; *(See attached file: winerr1240.100212)*. Got log files? It goes up to 100! Hopefully won't need it that verbose. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Purpose of the ea support option?
Please can someone clarify the purpose of the ea support = yes option in smb.conf? According to the man page, it's there to allow _clients_ to attempt to store OS/2 style extended attributes. As long as the underlying server filesystem supports EAs, this will work. However, I've seen a number of references to setting ea support = yes when people just want to store DOS attributes and ACLs as extended attributes. Am I right in thinking this isn't actually needed in this use case? (I've not got it set and things *seem* to be working, but want to check). Is ea support used by any clients apart from OS/2? Thanks JR -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Purpose of the ea support option?
On Tue, Oct 02, 2012 at 05:49:46PM +0100, jrmailgate-sa...@yahoo.co.uk wrote: Please can someone clarify the purpose of the ea support = yes option in smb.conf? According to the man page, it's there to allow _clients_ to attempt to store OS/2 style extended attributes. As long as the underlying server filesystem supports EAs, this will work. However, I've seen a number of references to setting ea support = yes when people just want to store DOS attributes and ACLs as extended attributes. Am I right in thinking this isn't actually needed in this use case? (I've not got it set and things *seem* to be working, but want to check). Yes you are right it isn't needed in this use case. Is ea support used by any clients apart from OS/2? I believe Windows Services for UNIX uses EA's to store symlinks and POSIX names containign invalid Windows characters like ':' when exporting NFS. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Purpose of the ea support option?
Jeremy - thanks for a quick answer and clarification! Regards JR -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] CTDB repository - branch master updated - ctdb-1.13-261-g7b75a3b
The branch, master has been updated via 7b75a3bb722dc86139b1a07a0100d08c34620b91 (commit) via b29d5bbaa7048291c4b3a39bf12e04f0436f67da (commit) via 12a0a7a208d1c8fa8991894200d1dc133f3a2d1a (commit) via 2da7730dc06153173778ab14e228960e72ff8a86 (commit) from 93c97c3ba3ff714dfa0d056a91ff45010a6e2d66 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 7b75a3bb722dc86139b1a07a0100d08c34620b91 Author: Martin Schwenke mar...@meltin.net Date: Tue Jul 17 21:25:27 2012 +1000 tools/ctdb: Remove redundant filtering loop in control_natgwlist() This used to catch trailing blank lines. However, these are caught just as effectively by the whitespace filtering in the loop below. Signed-off-by: Martin Schwenke mar...@meltin.net commit b29d5bbaa7048291c4b3a39bf12e04f0436f67da Author: Martin Schwenke mar...@meltin.net Date: Tue Jul 17 21:15:57 2012 +1000 tools/ctdb: natgwlist output is either human readable or machine readable The first line is currently human readable and the rest is machine readable. This doesn't make sense. Do one or the other... Signed-off-by: Martin Schwenke mar...@meltin.net commit 12a0a7a208d1c8fa8991894200d1dc133f3a2d1a Author: Martin Schwenke mar...@meltin.net Date: Tue Jul 17 21:09:46 2012 +1000 tools/ctdb: Factor out printing of the machine readable status header It is already in 2 places and we might use it in another. Signed-off-by: Martin Schwenke mar...@meltin.net commit 2da7730dc06153173778ab14e228960e72ff8a86 Author: Martin Schwenke mar...@meltin.net Date: Mon Jul 16 14:24:39 2012 +1000 tools/ctdb: NAT gateway code should use CTDB_NATGW_NODES ... not NATGW_NODES. Signed-off-by: Martin Schwenke mar...@meltin.net --- Summary of changes: tools/ctdb.c | 57 + 1 files changed, 37 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/tools/ctdb.c b/tools/ctdb.c index 2b54ca3..badfb6f 100644 --- a/tools/ctdb.c +++ b/tools/ctdb.c @@ -836,6 +836,12 @@ static bool is_partially_online(struct ctdb_node_and_flags *node) return ret; } +static void control_status_header_machine(void) +{ + printf(:Node:IP:Disconnected:Banned:Disabled:Unhealthy:Stopped + :Inactive:PartiallyOnline:ThisNode:\n); +} + static int control_status_1_machine(int mypnn, struct ctdb_node_and_flags *node) { printf(:%d:%s:%d:%d:%d:%d:%d:%d:%d:%c:\n, node-pnn, @@ -882,8 +888,7 @@ static int control_status(struct ctdb_context *ctdb, int argc, const char **argv } if (options.machinereadable) { - printf(:Node:IP:Disconnected:Banned:Disabled:Unhealthy:Stopped - :Inactive:PartiallyOnline:ThisNode:\n); + control_status_header_machine(); for (i=0;inodemap-num;i++) { if (nodemap-nodes[i].flags NODE_FLAGS_DELETED) { continue; @@ -949,8 +954,7 @@ static int control_nodestatus(struct ctdb_context *ctdb, int argc, const char ** } if (options.machinereadable) { - printf(:Node:IP:Disconnected:Banned:Disabled:Unhealthy:Stopped - :Inactive:PartiallyOnline:ThisNode:\n); + control_status_header_machine(); } else if (pnn_mode == CTDB_BROADCAST_ALL) { printf(Number of nodes:%d\n, (int) talloc_array_length(nodes)); } @@ -997,10 +1001,12 @@ static int control_natgwlist(struct ctdb_context *ctdb, int argc, const char **a struct natgw_node *natgw_nodes = NULL; struct natgw_node *natgw_node; struct ctdb_node_map *nodemap=NULL; + uint32_t mypnn; + const char *fmt; /* read the natgw nodes file into a linked list */ - natgw_list = getenv(NATGW_NODES); + natgw_list = getenv(CTDB_NATGW_NODES); if (natgw_list == NULL) { natgw_list = /etc/ctdb/natgw_nodes; } @@ -1009,9 +1015,6 @@ static int control_natgwlist(struct ctdb_context *ctdb, int argc, const char **a ctdb_set_error(ctdb, Failed to load natgw node list '%s'\n, natgw_list); return -1; } - while (nlines 0 strcmp(lines[nlines-1], ) == 0) { - nlines--; - } for (i=0;inlines;i++) { char *node; @@ -1062,7 +1065,14 @@ static int control_natgwlist(struct ctdb_context *ctdb, int argc, const char **a } i++; - } + } + + if (options.machinereadable) { + printf(:Node:IP:\n); + fmt = :%d:%s:\n; + } else { + fmt = %d %s\n; + } /* pick a
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 6ae1bf1 Fix service control for non-internal services. from 21a6a9e s3:selftest: run the posix_s3.smb2.oplock tests http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 6ae1bf115ec1f927baee24cf4d611090d3b1bf91 Author: Vladimir Marek vladimir.ma...@oracle.com Date: Mon Sep 17 13:50:55 2012 -0700 Fix service control for non-internal services. Signed-off-by: Jeremy Allison j...@samba.org (cherry picked from commit a4e8869f7c93f30dd7014ff83d6d2f2b5afc2d64) Signed-off-by: Andreas Schneider a...@samba.org Fix bug #9192 - svcctl list option prohibits smbd to start. --- Summary of changes: source3/rpc_server/svcctl/srv_svcctl_reg.c |4 1 files changed, 0 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/svcctl/srv_svcctl_reg.c b/source3/rpc_server/svcctl/srv_svcctl_reg.c index eb0c2bd..044beaa 100644 --- a/source3/rpc_server/svcctl/srv_svcctl_reg.c +++ b/source3/rpc_server/svcctl/srv_svcctl_reg.c @@ -392,10 +392,6 @@ static bool svcctl_add_service(TALLOC_CTX *mem_ctx, } } - if (ipath == NULL || dname == NULL || description == NULL) { - goto done; - } - /* Default to an external service if we haven't found a match */ if (builtin_svcs[i].servicename == NULL) { struct rcinit_file_information *init_info = NULL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via a0f6877 s3-smbd: Move housekeeping to the background process. from 6ae1bf1 Fix service control for non-internal services. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit a0f687794d4ea7bbbe759279ed01e377a662a9c1 Author: Andreas Schneider a...@samba.org Date: Thu Sep 27 17:20:25 2012 +0200 s3-smbd: Move housekeeping to the background process. If you add 200 printers using lpadmin. Then you wait for the printcap cache to expire. As soon as this expires we notify all deamons that they should reload the printers. This mean we need to create the default registry keys for each printer. If you do e.g. a 'smbclient -L' during that time you will get a lot of timeouts. This moves the housekeeping of the printcap cache to the background queue process and lets the background process reload the printers first. So the background process creates the default registry keys. When it is done with the task it will tell all smbd childs to reload the printers and the 200 printers appear. Signed-off-by: Andreas Schneider a...@samba.org Fix bug #9231 - NT_STATUS_IO_TIMEOUT during slow import of printers into registry. --- Summary of changes: source3/printing/printing.c | 31 +++ source3/smbd/server.c| 28 source3/smbd/server_reload.c |9 + 3 files changed, 40 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/printing.c b/source3/printing/printing.c index ba73918..a5b36c7 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -1656,6 +1656,28 @@ static void add_child_pid(pid_t pid) num_children += 1; } +static bool printer_housekeeping_fn(const struct timeval *now, + void *private_data) +{ + static time_t last_pcap_reload_time = 0; + time_t printcap_cache_time = (time_t)lp_printcap_cache_time(); + time_t t = time_mono(NULL); + + DEBUG(5, (printer housekeeping\n)); + + /* if periodic printcap rescan is enabled, see if it's time to reload */ + if ((printcap_cache_time != 0) + (t = (last_pcap_reload_time + printcap_cache_time))) { + DEBUG( 3,( Printcap cache time expired.\n)); + pcap_cache_reload(server_event_context(), + smbd_messaging_context(), + reload_pcap_change_notify); + last_pcap_reload_time = t; + } + + return true; +} + static pid_t background_lpq_updater_pid = -1; / @@ -1729,6 +1751,15 @@ void start_background_queue(struct tevent_context *ev, smb_panic(tevent_add_fd() failed for pause_pipe); } + if (!(event_add_idle(ev, NULL, +timeval_set(SMBD_HOUSEKEEPING_INTERVAL, 0), +printer_housekeeping, +printer_housekeeping_fn, +NULL))) { + DEBUG(0, (Could not add printing housekeeping event\n)); + exit(1); + } + DEBUG(5,(start_background_queue: background LPQ thread waiting for messages\n)); ret = tevent_loop_wait(ev); /* should not be reached */ diff --git a/source3/smbd/server.c b/source3/smbd/server.c index c699d3b..4b6114a 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -619,26 +619,6 @@ static bool smbd_open_one_socket(struct smbd_parent_context *parent, return true; } -static bool smbd_parent_housekeeping(const struct timeval *now, void *private_data) -{ - time_t printcap_cache_time = (time_t)lp_printcap_cache_time(); - time_t t = time_mono(NULL); - - DEBUG(5, (parent housekeeping\n)); - - /* if periodic printcap rescan is enabled, see if it's time to reload */ - if ((printcap_cache_time != 0) - (t = (last_printer_reload_time + printcap_cache_time))) { - DEBUG( 3,( Printcap cache time expired.\n)); - pcap_cache_reload(server_event_context(), - smbd_messaging_context(), - reload_pcap_change_notify); - last_printer_reload_time = t; - } - - return true; -} - / Open the socket communication. / @@ -781,14 +761,6 @@ static bool open_sockets_smbd(struct
[SCM] CTDB repository - branch master updated - ctdb-1.13-268-g6bd4fef
The branch, master has been updated via 6bd4feff7039138d435428eeded51975c44e567c (commit) via 0f0aef21a1bb2d88a8c184ef70c718e0c91acdc3 (commit) via a56ec75edd1705b0539513d396d311f0e80a3bf5 (commit) via c30ec02615183ecf9b412ad415bf1abd859aec45 (commit) via 81af67c6959fdbe0566e3f1a00e2be58dd268dc6 (commit) via a3f15d2828325bbfba5bc5c0a30429e2ce572a44 (commit) via 140fafef23050d40d66f5b5558c7efcb78f80cd2 (commit) from 7b75a3bb722dc86139b1a07a0100d08c34620b91 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 6bd4feff7039138d435428eeded51975c44e567c Author: Martin Schwenke mar...@meltin.net Date: Wed Jul 18 17:05:03 2012 +1000 tests/tool: New tests for natgwlist, getcapabilities, lvs, lvsmaster Signed-off-by: Martin Schwenke mar...@meltin.net commit 0f0aef21a1bb2d88a8c184ef70c718e0c91acdc3 Author: Martin Schwenke mar...@meltin.net Date: Wed Jul 18 17:02:38 2012 +1000 tests/tool: New function setup_natgw() to setup $CTDB_NATGW_NODES Signed-off-by: Martin Schwenke mar...@meltin.net commit a56ec75edd1705b0539513d396d311f0e80a3bf5 Author: Martin Schwenke mar...@meltin.net Date: Wed Jul 18 16:59:19 2012 +1000 tools/ctdb: Clean up control_natgw() * Factor out repeated code into new function find_natgw() * Support both machine and human readable output * Use libctdb Signed-off-by: Martin Schwenke mar...@meltin.net commit c30ec02615183ecf9b412ad415bf1abd859aec45 Author: Martin Schwenke mar...@meltin.net Date: Wed Jul 18 16:57:01 2012 +1000 tools/ctdb: Convert some commands over to libctdb control_getcapabilities(), control_lvs(), control_lvsmaster() updated to use ctdb_getcapabilities(), ctdb_getnodemap() as appropriate. Signed-off-by: Martin Schwenke mar...@meltin.net commit 81af67c6959fdbe0566e3f1a00e2be58dd268dc6 Author: Martin Schwenke mar...@meltin.net Date: Wed Jul 18 15:57:13 2012 +1000 tests: libctdb stubs initial ctdb_getcapabilities() implementation Signed-off-by: Martin Schwenke mar...@meltin.net commit a3f15d2828325bbfba5bc5c0a30429e2ce572a44 Author: Martin Schwenke mar...@meltin.net Date: Wed Jul 18 15:53:39 2012 +1000 tests: libctdb stubs must copy pointers rather than just returning them Some code (e.g. NAT gateway code) modifies the returned result so was modifying the original. Signed-off-by: Martin Schwenke mar...@meltin.net commit 140fafef23050d40d66f5b5558c7efcb78f80cd2 Author: Martin Schwenke mar...@meltin.net Date: Wed Jul 18 14:24:08 2012 +1000 libctdb: add ctdb_getcapabilities() Signed-off-by: Martin Schwenke mar...@meltin.net --- Summary of changes: include/ctdb.h | 50 ++ include/ctdb_private.h |8 - include/ctdb_protocol.h| 11 ++ libctdb/control.c | 28 +++ libctdb/sync.c | 17 ++ tests/src/libctdb_test.c | 38 - tests/tool/scripts/local.sh| 20 +++ tests/tool/stubby.getcapabilities.001.sh | 30 tests/tool/stubby.getcapabilities.002.sh | 30 tests/tool/stubby.getcapabilities.003.sh | 27 +++ tests/tool/stubby.lvs.001.sh | 27 +++ tests/tool/stubby.lvsmaster.001.sh | 28 +++ tests/tool/stubby.lvsmaster.002.sh | 28 +++ ...tubby.status.001.sh = stubby.natgwlist.001.sh} | 18 +- ...tubby.status.002.sh = stubby.natgwlist.002.sh} | 16 +- ...tubby.status.002.sh = stubby.natgwlist.003.sh} | 18 +- tests/tool/stubby.natgwlist.004.sh | 37 tests/tool/stubby.natgwlist.005.sh | 37 tools/ctdb.c | 175 +++- 19 files changed, 520 insertions(+), 123 deletions(-) create mode 100755 tests/tool/stubby.getcapabilities.001.sh create mode 100755 tests/tool/stubby.getcapabilities.002.sh create mode 100755 tests/tool/stubby.getcapabilities.003.sh create mode 100755 tests/tool/stubby.lvs.001.sh create mode 100755 tests/tool/stubby.lvsmaster.001.sh create mode 100755 tests/tool/stubby.lvsmaster.002.sh copy tests/tool/{stubby.status.001.sh = stubby.natgwlist.001.sh} (68%) copy tests/tool/{stubby.status.002.sh = stubby.natgwlist.002.sh} (71%) copy tests/tool/{stubby.status.002.sh = stubby.natgwlist.003.sh} (61%) create mode 100755 tests/tool/stubby.natgwlist.004.sh create mode 100755 tests/tool/stubby.natgwlist.005.sh Changeset truncated at 500 lines: diff --git a/include/ctdb.h b/include/ctdb.h index 93224cb..c3da068 100644 --- a/include/ctdb.h +++ b/include/ctdb.h @@ -585,6
[SCM] CTDB repository - branch master updated - ctdb-1.13-271-g043ef77
The branch, master has been updated via 043ef77086797a703aec436a26a05c56a1bcbf2b (commit) via dc2a8c638bd74b9f1dd75339cd2ae2f32ffa18a8 (commit) via b89e959904d7d1b0e5525abd7789f5101537a46a (commit) from 6bd4feff7039138d435428eeded51975c44e567c (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 043ef77086797a703aec436a26a05c56a1bcbf2b Author: Martin Schwenke mar...@meltin.net Date: Tue Aug 21 14:28:37 2012 +1000 Initscript: Kill any existing ctdbd processes if the ping succeeds Initialising a new ctdbd will destroy the Unix domain socket so existing processes will be useless anyway. Signed-off-by: Martin Schwenke mar...@meltin.net commit dc2a8c638bd74b9f1dd75339cd2ae2f32ffa18a8 Author: Martin Schwenke mar...@meltin.net Date: Mon Aug 20 15:02:24 2012 +1000 tools/ctdb: Free the event context Signed-off-by: Martin Schwenke mar...@meltin.net commit b89e959904d7d1b0e5525abd7789f5101537a46a Author: Martin Schwenke mar...@meltin.net Date: Mon Aug 20 14:30:35 2012 +1000 libctdb: Add comments to effect that some controls return result in status These controls include: CTDB_CONTROL_GET_RECMODE CTDB_CONTROL_GET_RECMASTER CTDB_CONTROL_GET_PID CTDB_CONTROL_GET_PNN CTDB_CONTROL_PING CTDB_CONTROL_GET_DB_PRIORITY In these cases the data field is empty. Signed-off-by: Martin Schwenke mar...@meltin.net --- Summary of changes: config/ctdb.init |6 ++ libctdb/control.c |3 +++ tools/ctdb.c |1 + 3 files changed, 10 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/config/ctdb.init b/config/ctdb.init index 71b187a..581844d 100755 --- a/config/ctdb.init +++ b/config/ctdb.init @@ -257,6 +257,12 @@ start() { return 0 } +# About to start new $ctdbd. The ping above has failed and any +# new $ctdbd will destroy the Unix domain socket, so any processes +# that aren't yet completely useless soon will be... so kill +# them. +pkill -9 -f $ctdbd + build_ctdb_options # make sure we drop any ips that might still be held if previous diff --git a/libctdb/control.c b/libctdb/control.c index 176c48c..8d14cc8 100644 --- a/libctdb/control.c +++ b/libctdb/control.c @@ -48,6 +48,7 @@ bool ctdb_getrecmaster_recv(struct ctdb_connection *ctdb, DEBUG(ctdb, LOG_ERR, ctdb_getrecmaster_recv: status -1); return false; } + /* Note: data is stashed in status - see ctdb_control_dispatch() */ *recmaster = reply-status; return true; } @@ -75,6 +76,7 @@ bool ctdb_getrecmode_recv(struct ctdb_connection *ctdb, DEBUG(ctdb, LOG_ERR, ctdb_getrecmode_recv: status -1); return false; } + /* Note: data is stashed in status - see ctdb_control_dispatch() */ *recmode = reply-status; return true; } @@ -102,6 +104,7 @@ bool ctdb_getpnn_recv(struct ctdb_connection *ctdb, DEBUG(ctdb, LOG_ERR, ctdb_getpnn_recv: status -1); return false; } + /* Note: data is stashed in status - see ctdb_control_dispatch() */ *pnn = reply-status; return true; } diff --git a/tools/ctdb.c b/tools/ctdb.c index 6d5dc1b..e75a922 100644 --- a/tools/ctdb.c +++ b/tools/ctdb.c @@ -6019,6 +6019,7 @@ int main(int argc, const char *argv[]) ctdb_disconnect(ctdb_connection); talloc_free(ctdb); + talloc_free(ev); (void)poptFreeContext(pc); return ret; -- CTDB repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f4b9007 s4-dns: fix a non handled memory out of memory from 9f83968 Add samba3.samba3badnameblob test to check regressions in bug #9215. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f4b9007faf901db6f703b5109df055081949c3f1 Author: Matthieu Patou m...@matws.net Date: Mon Oct 1 21:43:11 2012 -0700 s4-dns: fix a non handled memory out of memory Signed-off-by: Kai Blin k...@samba.org Autobuild-User(master): Kai Blin k...@samba.org Autobuild-Date(master): Tue Oct 2 09:43:52 CEST 2012 on sn-devel-104 --- Summary of changes: source4/dns_server/dns_server.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c index dbdc300..003dd4e 100644 --- a/source4/dns_server/dns_server.c +++ b/source4/dns_server/dns_server.c @@ -828,6 +828,7 @@ static void dns_task_init(struct task_server *task) z = talloc_zero(dns, struct dns_server_zone); if (z == NULL) { + task_server_terminate(task, dns failed to allocate memory, true); } z-name = ldb_msg_find_attr_as_string(res-msgs[i], name, NULL); -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-1.1.13 created
The annotated tag, ldb-1.1.13 has been created at 0914ff78920257478bda13acd071bc9dd7be4791 (tag) tagging ffd61e2bbf46ab8660c32b90c547beb8b77fcb9d (commit) replaces samba-4.0.0rc1 tagged by Stefan Metzmacher on Tue Oct 2 10:21:18 2012 +0200 - Log - ldb: tag release ldb-1.1.13 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJQaqP+AAoJEEeTkWETCEAlMSIH/0Ix/jE92QV1hdrHenUqq2uI eX3aoYeIWw9FEOJdg6mPUdbIaZaz3l2zh+W1Lu6W4Y9m6cvO6hirfImJBVjAVQ7y wXjNLeM28l+6mIRO8+asBpEMLHGYEM2pT/3184G4yedLxjqTfL4InSChpIWDxBMG +yHFgh9yDSxeOvMALcVPQ0JCK2mEmJ7BoV8OpV2z4qRIH6iuBAz258iep4kQ1O0E lgtLU/waL2ydAu5k6rRjyxdhFRFXODEKjOo9c9T5oOHiK54X2q53USevUsQwefNr gwoVhK3LU6++2aSCyOF27DplfhvXaC8CpRR7DKmO9kvUp1FwvKvp6IoXDmmmkmM= =ylMV -END PGP SIGNATURE- Alexander Bokovoy (4): s3: make ldapsam-related functions a smbldaphelper subsystem s3: make smbldaphelper subsystem an internal library docs-xml: convert smb.conf.5 build to waf docs-xml: fix build of winbindd- and krb5 locator-related manpages Andreas Schneider (1): docs: Fix generating idmap manpages. Andrew Bartlett (22): docs: Update docs to the modern age of Samba 4.0 docs: Remove distinction between server and domain accounts docs: remove references to security=server docs: update for modern kerberos libs build: Fix build on systems without ldap development headers docs: Remove confusing reference to smb signing and client use spnego docs: Remove references to old kerberos behaviour docs: Remove references to Subversion, replace with wiki link docs: Remove out of date links to pserver.samba.org and old tarballs docs: Remove referenece to autogen.sh and document waf build instead docs: Remove referenece to old Red Hat Linux habits on winbindd docs: Update BDC docs to recognise the AD DC and to exclusivly recommend LDAP docs: Remove reference to inetd startup, it is not recommended docs: Clarify TOSHARG-Bugs for 2012 docs: Update FastStart: remove security=share, avoid disable spoolss docs: Remove very outdated TOSHARG-Portability section docs: Remove very outdated TOSHARG-Other-Clients section docs: Remove references to sysv-style CUPS from TOSHARG-CUPS-printing docs: Remove references to mulitple passdb backends docs: Remove references to specific windows versions, instead mention Home/Professional/Server docs: Remove another reference to security=share ldb: bump version to 1.1.13 so the 4.0 release can get the isprint fix Björn Jacke (9): autoconf: fix --with(out)-sendfile-support option handling packaging: apply some solaris packaging fixes s3: fix the aix acl module s3: fix the tru64 acl module s3: fix the hpux acl module wafbuild: check for dn_expand also in libinet autoconf: check for dn_expand also in libinet quota: also log which fs type we found replace: add some includes for poll.h Christian Ambach (4): s3:auth fix a compiler warning s3:vfs_gpfs: fix build s3:libsmb fix a potential crash s3:libsmb fix a double free error Ira Cooper (1): s3: Fix the vfs_solarisacl module to compile. Jelmer Vernooij (6): samba.provision: Fix formatting, NameErrors. samba.provision.backend: Fix formatting. samba.provision.sambadns: Fix formatting. samba.provision.common: Fix formatting. samba.netcmd: Formatting fixes, break lines. s4-python: Formatting fixes, break lines. Jeremy Allison (6): Sigh :-(. Removing optimization prematurely is the root of all evil :-(. Don't call can_write_to_file() if we already have 'fsp-can_write' set. Add backup_intent bool. Add bool use_privs parameter to smbd_check_access_rights() Fix bad string in debug message (remove it). Add 'bool use_privs' to smbd_calculate_access_mask(). Karolin Seeger (1): WHATSNEW: Fix some issues in the release notes. Michael Adam (2): VERSION: Bump version up to 4.1.0pre1 s4:torture: fix error reporting in the raw.oplock-brl3 test --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via fe880b5 WHATSNEW: Remove default values. via 3cebcfc WHATSNEW: Add more changes since rc1. via a7c4372 s4-dns: fix a non handled memory out of memory via 3d3acf0 s3fs-smbd: Move housekeeping to the background process. via b74ed15 Fix service control for non-internal services. via 6d184c0 s3-winbindd: Adjust error code loop logic in rpc_trusted_domains(). via 9525921 s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx(). via 3058755 s3-winbindd: Allow DNS resolution of trusted domains if DNS name is avaliable from a92e4e5 docs-xml: fix build of winbindd- and krb5 locator-related manpages http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit fe880b5bdb7b4663460033053f3e82a1568c9f11 Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 09:23:45 2012 +0200 WHATSNEW: Remove default values. Karolin Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-0-test): Tue Oct 2 11:05:25 CEST 2012 on sn-devel-104 commit 3cebcfc0ad456cfde4023deb561f0dcc758f17d8 Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 09:20:00 2012 +0200 WHATSNEW: Add more changes since rc1. Karolin commit a7c437285f15f8a1e46a4f6d57d6b6986720ed84 Author: Matthieu Patou m...@matws.net Date: Mon Oct 1 21:43:11 2012 -0700 s4-dns: fix a non handled memory out of memory Fix bug #9233 - internal dns server has a non handled out of memory case. commit 3d3acf04da37d99aceb4759849a42a8ecae2333f Author: Andreas Schneider a...@samba.org Date: Thu Sep 27 19:01:15 2012 +0200 s3fs-smbd: Move housekeeping to the background process. If you add 200 printers using lpadmin. Then you wait for the printcap cache to expire. As soon as this expires we notify all deamons that they should reload the printers. This mean we need to create the default registry keys for each printer. If you do e.g. a 'smbclient -L' during that time you will get a lot of timeouts. This lets the housekeeping function of the printcap cache do the task of creating the default registry keys in background queue process. When it is done with the task it will tell all smbd childs to reload the printers and the 200 printers appear. (cherry picked from commit aa6a7a97803b1106d2200c889a2260f81059c450) Signed-off-by: Andreas Schneider a...@samba.org Fix bug #9231 - NT_STATUS_IO_TIMEOUT during slow import of printers into registry. commit b74ed1511753bd9b51c91a02e0cb4ea42e3ea37e Author: Vladimir Marek vladimir.ma...@oracle.com Date: Mon Sep 17 13:50:55 2012 -0700 Fix service control for non-internal services. Signed-off-by: Jeremy Allison j...@samba.org (cherry picked from commit a4e8869f7c93f30dd7014ff83d6d2f2b5afc2d64) Signed-off-by: Andreas Schneider a...@samba.org Fix bug #9192 - svcctl list option prohibits smbd to start. commit 6d184c07438328ff88b7de942b0c39ce44a20d0a Author: Günther Deschner g...@samba.org Date: Fri Sep 28 18:04:07 2012 +0200 s3-winbindd: Adjust error code loop logic in rpc_trusted_domains(). Guenther Autobuild-User(master): Günther Deschner g...@samba.org Autobuild-Date(master): Sat Sep 29 00:34:04 CEST 2012 on sn-devel-104 Fix bug #9185 - Winbind cannot resolve AD DC in a different subnet. commit 9525921d8d5a6d2e51e55171d26908fd1d6d7503 Author: Günther Deschner g...@samba.org Date: Fri Sep 28 18:03:25 2012 +0200 s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx(). Guenther commit 3058755280fa7a8d35a13cdd459be3e1db2a373a Author: Sumit Bose sb...@redhat.com Date: Tue Sep 11 13:28:35 2012 +0200 s3-winbindd: Allow DNS resolution of trusted domains if DNS name is avaliable Signed-off-by: Günther Deschner g...@samba.org --- Summary of changes: WHATSNEW.txt | 70 ++-- source3/printing/queue_process.c |9 source3/rpc_server/lsa/srv_lsa_nt.c|5 ++ source3/rpc_server/svcctl/srv_svcctl_reg.c |4 -- source3/winbindd/winbindd_cm.c | 11 - source3/winbindd/winbindd_rpc.c| 68 +++ source3/winbindd/winbindd_util.c |4 +- source4/dns_server/dns_server.c|1 + 8 files changed, 119 insertions(+), 53 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index c62676e..02232c4 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -102,29 +102,29 @@ Changes smb.conf changes - Parameter Name Description Default - --
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via d190b59 VERSION: Bump version up to 4.0.0rc3. via cc9315a VERSION: Bump version number up to 4.0.0rc2. via 7eb1f6f librelease.sh: Move the GPG data to the library section. via 85289d8 WHATSNEW: Add kernel oplocks... from fe880b5 WHATSNEW: Remove default values. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit d190b5965d21008b88d2a63c9265cb07b348efab Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 09:55:44 2012 +0200 VERSION: Bump version up to 4.0.0rc3. And enable GIT snapshots. Karolin commit cc9315ac80d598f5325ba5d713bb1cb412c4a639 Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 09:54:10 2012 +0200 VERSION: Bump version number up to 4.0.0rc2. Karolin commit 7eb1f6ff178cb04a04dcaee88f15be850d239430 Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 10:29:16 2012 +0200 librelease.sh: Move the GPG data to the library section. Don't use the Library key for the samba releases. Karolin Pair-Programmed-With: Stefan Metzmacher me...@samba.org commit 85289d89b9b607c6c661cd49803a94b6c60918ed Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 10:52:21 2012 +0200 WHATSNEW: Add kernel oplocks... to the list of changed defaults. Karolin --- Summary of changes: VERSION |4 ++-- WHATSNEW.txt |1 + script/librelease.sh | 34 -- 3 files changed, 27 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 642809e..75b8db5 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # - 3.0.0rc1 # -SAMBA_VERSION_RC_RELEASE=1 +SAMBA_VERSION_RC_RELEASE=3 # To mark SVN snapshots this should be set to 'yes'# @@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=1 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # - 3.0.0-SVN-build-199 # -SAMBA_VERSION_IS_GIT_SNAPSHOT=no +SAMBA_VERSION_IS_GIT_SNAPSHOT=yes # This is for specifying a release nickname# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 02232c4..f214087 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -118,6 +118,7 @@ smb.conf changes dns forwarder New dns update command New homedir map Changed default + kernel oplocks Changed default kernel share modes New kpasswd portNew krb5 port New diff --git a/script/librelease.sh b/script/librelease.sh index ac82762..5119ca4 100755 --- a/script/librelease.sh +++ b/script/librelease.sh @@ -1,14 +1,6 @@ #!/bin/bash # make a release of a Samba library -[ -z $GPG_USER ] { -GPG_USER='Samba Library Distribution Key samba-b...@samba.org' -} - -[ -z $GPG_KEYID ] { -GPG_KEYID='13084025' -} - if [ ! -d .git ]; then echo Run this script from the top-level directory in the echo repository @@ -67,6 +59,11 @@ release_lib() { exit 1 } +[ -z $ftpdir ] { +popd +return 0 +} + echo Push git tag $tagname git push ssh://git.samba.org/data/git/samba.git refs/tags/$tagname:refs/tags/$tagname || { exit 1 @@ -84,10 +81,27 @@ release_lib() { for lib in $*; do case $lib in talloc | tdb | tevent | ldb) + [ -z $GPG_USER ] { + GPG_USER='Samba Library Distribution Key samba-b...@samba.org' + } + + [ -z $GPG_KEYID ] { + GPG_KEYID='13084025' + } + release_lib $lib lib/$lib $lib ;; - samba4) - release_lib $lib . samba/$lib + samba) + [ -z $GPG_USER ] { + GPG_USER='6568B7EA' + } + + [ -z $GPG_KEYID ] { + GPG_KEYID='6568B7EA' + } + + # for now we don't upload + release_lib $lib . ;; *) echo Unknown library $lib -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-stable updated
The branch, v4-0-stable has been updated via cc9315a VERSION: Bump version number up to 4.0.0rc2. via 7eb1f6f librelease.sh: Move the GPG data to the library section. via 85289d8 WHATSNEW: Add kernel oplocks... via fe880b5 WHATSNEW: Remove default values. via 3cebcfc WHATSNEW: Add more changes since rc1. via a7c4372 s4-dns: fix a non handled memory out of memory via 3d3acf0 s3fs-smbd: Move housekeeping to the background process. via b74ed15 Fix service control for non-internal services. via 6d184c0 s3-winbindd: Adjust error code loop logic in rpc_trusted_domains(). via 9525921 s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx(). via 3058755 s3-winbindd: Allow DNS resolution of trusted domains if DNS name is avaliable via a92e4e5 docs-xml: fix build of winbindd- and krb5 locator-related manpages via 08cb895 docs-xml: convert smb.conf.5 build to waf via de953ff build: Fix build on systems without ldap development headers via 6f07216 s3: make smbldaphelper subsystem an internal library via aeac5ef WHATSNEW: Start release notes for Samba 4.0.0rc2. via c10debd s3-smbd: Don't segfault if user specified ports out for range. via d5f5a6a Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause invalid free. via 4d295c9 s4:dns.py: reproducer for (bug #9184) via c362ed5 lib/tsocket: fix receiving of udp packets from 0 bytes (bug #9184) via 036c23a libcli/echo: validate the message length via 350d5ec selftest: skip the samba4.smb2.compound testsuite via 010c93e s3:smbd:smb2: initialize variable in vfs_default_durable_reconnect() via d995da0 selftest: we fail samba3.smb2.compound.interim2 via 20656f8 s4:torture:smb2:compound: remove two unused macros (cherry picked from commit 6f6b1c6ac15f225978e8c2d67c1a817d9e098317) via b40a7e6 s4:torture:smb2: don't skip the compound.interim2 test for non win7/win2k8 (cherry picked from commit 8df0b023c51ed198d3054760447e1b273eada991) via c05693a s4:torture:smb2: don't skip the compound.interim1 test for non win7/win2k8 (cherry picked from commit 917e714831178b2a3d07c7f9d09711231a7ccf31) via e17df2b s3:smbd: remove struct member smbd_smb2_request.cancelled - it was only written (cherry picked from commit 88d051f7f18ff88ec5385fdc798f051659134bd3) via 829d9dc s3:smb2_lock: let smbd_smb2_create_cancel() trigger NT_STATUS_CANCELED via 493dec1 s3:smb2_lock: smbd_smb2_notify_recv() can already return NT_STATUS_CANCELED via c99507d s3:smb2_notify: make use of tevent_req_defer_callback() instead of custom tevent_immediate via a6fd1ee s3:smb2_notify: don't call tevent_req_done() from smbd_smb2_notify_cancel() via e899a51 s3:smb2_lock: let smbd_smb2_lock_cancel() trigger NT_STATUS_CANCELED via aa16e20 s3:smb2_server: avoid segfault in smbd_smb2_request_pending_queue() via 0e5ecc5 s4:torture:smb2: extend the compound.invalid1 test via c4d803b s3:smbd:smb2: simplify smbd_smb2_request_validate() and smbd_smb2_request_dispatch() via 021dd55 s3:smbd:smb2: add check for session_status for compound requests (cherry picked from commit 27d38b5c27bd96d5124c175d946718bf0836b8f4) via 9f73827 s3:smb2_server: do the req-next_status check before the signing checks via b26bf82 s3:smb2_server: reset req-last_session_id and req-last_tid after using it via f24ee3b s4:torture:smb2: fix the compound.invalid3 test to work against windows (cherry picked from commit bd8d50b451ea7f94efafbe5dc0c2c19f6bf9) via f9ef916 s4:torture:smb2: fix compound.related3 test to work against windows (cherry picked from commit 8e525a29a7c6512f61e4647ecb2e0771e2019a49) via 8b67af7 s3: Compound requests should continue processing. via ce21ae1 s3-spoolss: Fix builtin forms order to match Windows again. via 569f63f s3: For read-only shares, filter out write bits from conn-access_mask via b94c9a6 s3: Fix rejecting mkdir on read-only shares via 28f6a6d panic action is defined as GLOBAL_VAR(szPanicAction) not GLOBAL_VAR(panic_action) via 6d9841d s3:printing only do printing_subsystem_update when printing is enabled via 4ee9a57 dynconfig/config.m4: disallow --prefix=/usr and --prefix=/usr/local without --enable-fhs via 4c97f0d s3:smb2_server: fix usage of invalid memory in smb2_signing_check_pdu() via 68be257 We now pass samba3.raw.acls.generic and samba3.smb2.acls.GENERIC with the max access change. via 973281b Fix bug #9189 - SMB2 Create doesn't return correct MAX ACCESS access mask in blob. via 164cb1c packaging/RHEL-CTDB: add BUILD_GPFS=no configure.rpm and BUILD_GPFS=no makerpms.sh via 4b59959 packaging/RHEL-CTDB: try harder to set $RPMVER via cb57e4a
[SCM] Samba Shared Repository - annotated tag samba-4.0.0rc2 created
The annotated tag, samba-4.0.0rc2 has been created at 71c051824b4f04fd3a84157ce5885a589762c0e8 (tag) tagging cc9315ac80d598f5325ba5d713bb1cb412c4a639 (commit) replaces samba-4.0.0rc1 tagged by Karolin Seeger on Tue Oct 2 11:57:00 2012 +0200 - Log - samba: tag release samba-4.0.0rc2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.18 (GNU/Linux) iD8DBQBQarp2bzORW2Vot+oRAs13AJ0T2fH8a4qOkxLHA30oeGe0zdQlYwCfb+Wq 4XMaZ77M9Bp7us43wsTQK2c= =Zb0+ -END PGP SIGNATURE- Alexander Bokovoy (4): s3: make ldapsam-related functions a smbldaphelper subsystem s3: make smbldaphelper subsystem an internal library docs-xml: convert smb.conf.5 build to waf docs-xml: fix build of winbindd- and krb5 locator-related manpages Andreas Schneider (4): docs: Fix generating idmap manpages. s3-spoolss: Fix builtin forms order to match Windows again. s3-smbd: Don't segfault if user specified ports out for range. s3fs-smbd: Move housekeeping to the background process. Andrew Bartlett (1): build: Fix build on systems without ldap development headers Björn Jacke (4): s3: fix the hpux acl module s3: fix the tru64 acl module s3: fix the aix acl module quota: add supprt for gfs2 Christian Ambach (2): s3:vfs_gpfs: fix build s3:printing only do printing_subsystem_update when printing is enabled Günther Deschner (2): s3-lsa: Flesh out the returned info in _lsa_EnumTrustedDomainsEx(). s3-winbindd: Adjust error code loop logic in rpc_trusted_domains(). Ira Cooper (2): s3: Fix the vfs_solarisacl module to compile. s3: Compound requests should continue processing. Jeremy Allison (4): Sigh :-(. Removing optimization prematurely is the root of all evil :-(. Fix bug #9189 - SMB2 Create doesn't return correct MAX ACCESS access mask in blob. We now pass samba3.raw.acls.generic and samba3.smb2.acls.GENERIC with the max access change. Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause invalid free. Karolin Seeger (6): WHATSNEW: Start release notes for Samba 4.0.0rc2. WHATSNEW: Add more changes since rc1. WHATSNEW: Remove default values. WHATSNEW: Add kernel oplocks... librelease.sh: Move the GPG data to the library section. VERSION: Bump version number up to 4.0.0rc2. Matthieu Patou (2): panic action is defined as GLOBAL_VAR(szPanicAction) not GLOBAL_VAR(panic_action) s4-dns: fix a non handled memory out of memory Michael Adam (12): source3/script: fix installman.sh after the last build-manpages-nogit change s4:torture:smb2: fix compound.related3 test to work against windows (cherry picked from commit 8e525a29a7c6512f61e4647ecb2e0771e2019a49) s4:torture:smb2: fix the compound.invalid3 test to work against windows (cherry picked from commit bd8d50b451ea7f94efafbe5dc0c2c19f6bf9) s3:smbd:smb2: add check for session_status for compound requests (cherry picked from commit 27d38b5c27bd96d5124c175d946718bf0836b8f4) s3:smbd:smb2: simplify smbd_smb2_request_validate() and smbd_smb2_request_dispatch() s3:smbd: remove struct member smbd_smb2_request.cancelled - it was only written (cherry picked from commit 88d051f7f18ff88ec5385fdc798f051659134bd3) s4:torture:smb2: don't skip the compound.interim1 test for non win7/win2k8 (cherry picked from commit 917e714831178b2a3d07c7f9d09711231a7ccf31) s4:torture:smb2: don't skip the compound.interim2 test for non win7/win2k8 (cherry picked from commit 8df0b023c51ed198d3054760447e1b273eada991) s4:torture:smb2:compound: remove two unused macros (cherry picked from commit 6f6b1c6ac15f225978e8c2d67c1a817d9e098317) selftest: we fail samba3.smb2.compound.interim2 s3:smbd:smb2: initialize variable in vfs_default_durable_reconnect() selftest: skip the samba4.smb2.compound testsuite Stefan Metzmacher (23): script/autobuild.py: use some variables for rebase_remote and rebase_branch script/autobuild.py: use some variables for push_remote and push_branch script/autobuild.py: add --branch option script/autobuild.py: add log_base variable to avoid hardcoded values script/autobuild.py: add --log-base option s3:smbd: release the share mode lock before calling exit_server() (bug #9191) packaging/RHEL-CTDB: fix the build packaging/RHEL-CTDB: try harder to set $RPMVER packaging/RHEL-CTDB: add BUILD_GPFS=no configure.rpm and BUILD_GPFS=no makerpms.sh s3:smb2_server: fix usage of invalid memory in smb2_signing_check_pdu() dynconfig/config.m4: disallow --prefix=/usr and --prefix=/usr/local without --enable-fhs s3:smb2_server: reset req-last_session_id and req-last_tid after using it s3:smb2_server: do the req-next_status check before the signing checks s4:torture:smb2: extend the
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 4dcf626 Announce Samba 4.0.0rc2. from 56f0067 Announce Samba 3.5.18. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 4dcf6260fb5f6fab2d5fedad50bef3dd392db93e Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 11:04:48 2012 +0200 Announce Samba 4.0.0rc2. Karolin --- Summary of changes: generated_news/latest_10_bodies.html| 19 +-- generated_news/latest_10_headlines.html |4 ++-- generated_news/latest_2_bodies.html | 23 ++- 3 files changed, 21 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index e0215c2..37e5917 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,12 @@ + h5a name=4.0.0rc202 October 2012/a/h5 + p class=headlineSamba 4.0.0rc2 Available for Download/p + pThis is the second release candidate of the Samba 4.0 series./p + +pThe uncompressed tarballs and patch files have been signed +using GnuPG (ID 6568B7EA). The source code can be +a href=https://download.samba.org/pub/samba/rc/samba-4.0.0rc2.tar.gz;downloaded now/a. +See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt;the release notes for more info/a./p + h5a name=3.5.1824 September 2012/a/h5 p class=headlineSamba 3.5.18 Available for Download/p pThis is the latest stable release of the Samba 3.5 series./p @@ -125,13 +134,3 @@ Please see the release notes for more info: lia href=http://samba.org/samba/history/samba-3.5.14.html;release notes Samba 3.5.14/a,/li lia href=http://samba.org/samba/history/samba-3.4.16.html;release notes Samba 3.4.16/a./li /p - - h5a name=SMB2.2 Interop Event20 March 2012/a/h5 - p class=headlineReport: Microsoft SMB2.2 Interop Event/p - pA few Samba Team members recently accepted an invitation by Microsoft - and attended an SMB2.2 interop testing opportunity. - a href=http://www.samba.org/~obnox/;Michael Adam/a has - written a report about this successful event./p - - pIf you are interested in this event and Samba's progress in the SMB2 area, - please read a href=/samba/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.htmlMichael's full report/a./p diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index 6c6ad9a..899a786 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,6 @@ ul + li 02 October 2012 a href=#4.0.0rc2Samba 4.0.0rc2 Available for Download/a/li + li 24 September 2012 a href=#3.5.18Samba 3.5.18 Available for Download/a/li li 17 September 2012 a href=#3.6.8Samba 3.6.8 Available for Download/a/li @@ -16,6 +18,4 @@ li 30 April 2012 a href=#3.6.5Samba 3.6.5/a, a href=#3.5.153.5.15/a and a href=#3.4.173.4.17/a bSecurity Releases/b Available for Download./li li 10 April 2012 a href=#3.6.4Samba 3.6.4/a, a href=#3.5.143.5.14/a and a href=#3.4.163.4.16/a bSecurity Releases/b Available for Download./li - - li 20 March 2012 a href=/samba/news/developers/obnox-samba-team-visits-microsoft-for-smb2-2-interop-event.htmlReport: Microsoft SMB2.2 Interop Event/a/li /ul diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index b3aef74..abdc2c4 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,21 +1,18 @@ - h5a name=3.5.1824 September 2012/a/h5 - p class=headlineSamba 3.5.18 Available for Download/p - pThis is the latest stable release of the Samba 3.5 series./p + h5a name=4.0.0rc202 October 2012/a/h5 + p class=headlineSamba 4.0.0rc2 Available for Download/p + pThis is the second release candidate of the Samba 4.0 series./p pThe uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code can be -a href=http://samba.org/samba/ftp/stable/samba-3.5.18.tar.gz;downloaded -now/a. A a href=http://samba.org/samba/ftp/patches/patch-3.5.17-3.5.18.diffs.gz;patch against Samba 3.5.17/a is also available. See a href=http://samba.org/samba/history/samba-3.5.18.html;the release notes for more info/a./p +a href=https://download.samba.org/pub/samba/rc/samba-4.0.0rc2.tar.gz;downloaded now/a. +See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt;the release notes for more info/a./p - h5a name=3.6.817 September 2012/a/h5 - p class=headlineSamba 3.6.8 Available for Download/p - pThis is the latest stable release of the Samba 3.6 series./p + h5a name=3.5.1824 September
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dce8a8e librelease.sh: Move the GPG data to the library section. from f4b9007 s4-dns: fix a non handled memory out of memory http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dce8a8e284e544999d85aa7df3ef97c3701742b4 Author: Karolin Seeger ksee...@samba.org Date: Tue Oct 2 10:29:16 2012 +0200 librelease.sh: Move the GPG data to the library section. Don't use the Library key for the samba releases. Karolin Pair-Programmed-With: Stefan Metzmacher me...@samba.org (cherry picked from commit 7eb1f6ff178cb04a04dcaee88f15be850d239430) Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Oct 2 14:28:10 CEST 2012 on sn-devel-104 --- Summary of changes: script/librelease.sh | 34 -- 1 files changed, 24 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/script/librelease.sh b/script/librelease.sh index ac82762..5119ca4 100755 --- a/script/librelease.sh +++ b/script/librelease.sh @@ -1,14 +1,6 @@ #!/bin/bash # make a release of a Samba library -[ -z $GPG_USER ] { -GPG_USER='Samba Library Distribution Key samba-b...@samba.org' -} - -[ -z $GPG_KEYID ] { -GPG_KEYID='13084025' -} - if [ ! -d .git ]; then echo Run this script from the top-level directory in the echo repository @@ -67,6 +59,11 @@ release_lib() { exit 1 } +[ -z $ftpdir ] { +popd +return 0 +} + echo Push git tag $tagname git push ssh://git.samba.org/data/git/samba.git refs/tags/$tagname:refs/tags/$tagname || { exit 1 @@ -84,10 +81,27 @@ release_lib() { for lib in $*; do case $lib in talloc | tdb | tevent | ldb) + [ -z $GPG_USER ] { + GPG_USER='Samba Library Distribution Key samba-b...@samba.org' + } + + [ -z $GPG_KEYID ] { + GPG_KEYID='13084025' + } + release_lib $lib lib/$lib $lib ;; - samba4) - release_lib $lib . samba/$lib + samba) + [ -z $GPG_USER ] { + GPG_USER='6568B7EA' + } + + [ -z $GPG_KEYID ] { + GPG_KEYID='6568B7EA' + } + + # for now we don't upload + release_lib $lib . ;; *) echo Unknown library $lib -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4a21d2e Fix release script to build full set of documentation from dce8a8e librelease.sh: Move the GPG data to the library section. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4a21d2e7790f1c76cf0d0fcfb2f4a8ef13721532 Author: Alexander Bokovoy a...@samba.org Date: Tue Oct 2 14:53:38 2012 +0300 Fix release script to build full set of documentation build-docs script was not setting XML catalog properly. In addition, some time ago pdf versions of images were introduced as generated dependencies in our books but svg - pdf rule was not added, so building books never finished properly. Autobuild-User(master): Alexander Bokovoy a...@samba.org Autobuild-Date(master): Tue Oct 2 16:21:23 CEST 2012 on sn-devel-104 --- Summary of changes: docs-xml/Makefile |3 +++ release-scripts/build-docs |3 +-- 2 files changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/Makefile b/docs-xml/Makefile index 0b4e880..b322bed 100644 --- a/docs-xml/Makefile +++ b/docs-xml/Makefile @@ -191,6 +191,9 @@ $(PSDIR)/%.ps: %/index.xml $(PSDIR) xslt/latex.xsl %-images-latex-eps %.eps: %.png $(PNGTOPNM) $ | $(PNMTOPS) $@ +%.pdf: %.svg + $(INKSCAPE) -z -f $(abspath $) --export-pdf=$(abspath $@) + $(HTMLHELPDIR)/%: $(DOCBOOKDIR)/%.xml %-images-htmlhelp $(XSLTPROC) --stringparam htmlhelp.chm $*.chm \ --stringparam manifest.in.base.dir $@/ \ diff --git a/release-scripts/build-docs b/release-scripts/build-docs index 5da641a..e909e6e 100755 --- a/release-scripts/build-docs +++ b/release-scripts/build-docs @@ -11,6 +11,7 @@ DOCSRCDIR=`dirname $0`/../docs-xml pushd $DOCSRCDIR || exit 1 git clean -d -x -f +export XML_CATALOG_FILES=file:///etc/xml/catalog file://$(pwd)/build/catalog.xml autoconf \ ./configure --with-papersize=letter \ make smbdotconf/parameters.all.xml \ @@ -28,8 +29,6 @@ rsync -Ca --exclude=.svn archives/ ../docs/ cd ../docs || _exit Error changing dir to ${DOCSDIR}/../docs/ /bin/rm -rf test.pdf Samba4*pdf htmldocs/Samba4* htmldocs/test -mv manpages-3 manpages -mv htmldocs/manpages-3 htmldocs/manpages cd ../docs-xml || _exit Error changing dir to ${DOCSDIR}/../docs-xml/ make distclean -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 1a0c013 s4 dns: Fix return code for deleted records via 8d25b8a s4:dns_server - introduce the wildcard binding feature via ddd07ae s4: Fix a -Wunused-value warning via ba8b5e3 selftest/knownfail: samba*.smb2.oplock.stream1 doesn't work via b2c591c s4:torture/smb2: remove samba specific stuff from smb2.oplock via c420163 s3:smb2_create: don't take 'state-te' as indication for was_deferred (bug #9196) via 2248884 Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash. via ff47fcd libcli/smb: fix padding in smb2_create_blob* from d190b59 VERSION: Bump version up to 4.0.0rc3. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 1a0c013591f592339235370607685027425874a7 Author: Kai Blin k...@samba.org Date: Sun Sep 30 11:26:24 2012 +0200 s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin k...@samba.org Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-0-test): Tue Oct 2 16:46:06 CEST 2012 on sn-devel-104 commit 8d25b8ae35e2f190e42aa064ef3c60faf1a4ddf2 Author: Matthias Dieter Wallnöfer m...@samba.org Date: Sun Aug 12 18:08:20 2012 +0200 s4:dns_server - introduce the wildcard binding feature We need the wildcard binding feature otherwise we might get bound to a private interface in case of multiple interfaces and no interfaces parameter in smb.conf. Code taken from source4/ldap_server/ldap_server.c Signed-off-by: Kai Blin k...@samba.org Autobuild-User(master): Kai Blin k...@samba.org Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104 Fix bug #9183 - DNS server does not listen on localhost. commit ddd07ae4daef3bca2f6df521ffea707d41256248 Author: Volker Lendecke v...@samba.org Date: Wed Sep 26 10:07:32 2012 -0700 s4: Fix a -Wunused-value warning Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Wed Sep 26 21:52:00 CEST 2012 on sn-devel-104 (cherry picked from commit 5022b3d8c183181b922e3ccac49e5819eb453035) Fix bug #9223 - Uninitialized variable in the cldap server can give bad netlogon netsamlogon response. commit ba8b5e396add96a679fcff92f5d20df40875514a Author: Stefan Metzmacher me...@samba.org Date: Wed Sep 26 03:24:22 2012 +0200 selftest/knownfail: samba*.smb2.oplock.stream1 doesn't work metze Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Sep 26 07:57:12 CEST 2012 on sn-devel-104 (cherry picked from commit 98d117a5424d62804b7cb3d8a9ad35e703fc158a) commit b2c591c6ca66e117c350a53e4bd9028268d0076c Author: Stefan Metzmacher me...@samba.org Date: Wed Sep 26 03:08:33 2012 +0200 s4:torture/smb2: remove samba specific stuff from smb2.oplock metze (cherry picked from commit 7a14f09f9cc14cfb6234175add1841faf751d51a) commit c4201630403edc338f6a3843fd4dd069f45b1fd2 Author: Stefan Metzmacher me...@samba.org Date: Wed Sep 26 03:04:20 2012 +0200 s3:smb2_create: don't take 'state-te' as indication for was_deferred (bug #9196) We always set state-te = NULL of TALLOC_FREE(state-te), before calling smbd_smb2_request_dispatch(), so open_was_deferred_smb2() always returned false, while dispatching it again. But it's remove_deferred_open_message_smb2_internal() which should reset this state. In developer mode validate_my_share_entries() did call smb_panic() before. metze (cherry picked from commit 4604219ceba96955b3c4bf6ab31aa70c11442d61) commit 224888491f7a4ce88fd636e56d1438a8a84a48e9 Author: Jeremy Allison j...@samba.org Date: Wed Sep 26 16:58:58 2012 -0700 Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash. Ensure we correctly protect against blobs with data_offset==0 and data_length != 0. Jeremy. Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104 (cherry picked from commit 322e3d42f65dadabeccf8813fcb0e9b7d353ffb2) commit ff47fcd3c9f4c8e470601c443d214b590288f655 Author: Stefan Metzmacher me...@samba.org Date: Wed Sep 19 08:11:23 2012 +0200 libcli/smb: fix padding in smb2_create_blob* metze (cherry picked from commit aa5caf1fe92b159eae00c7b11499e9ec697cf9ae) --- Summary of changes: libcli/smb/smb2_create_blob.c | 46 ++ selftest/knownfail |2 + source3/smbd/smb2_create.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7751d03 s3-net: Fix DEBUG() location. via 0eded14 s3-net: give more control how to update/register DNS entries. via ec23d0a s3-net: pass down a flags field to DoDNSUpdate(). via 5d4247a s3-net: move out some prototypes to net_dns.h. via a2fec69 s3-net: pass down struct net_context to the dns update calls. via 06f3b1f s3-kerberos: add aes enctypes to generated krb5.conf. via eae33e9 s3-krb5: use and request AES keys in kerberos operations. from 4a21d2e Fix release script to build full set of documentation http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7751d03a1e18a94de1f54f6ba4143b52d8c53180 Author: Günther Deschner g...@samba.org Date: Mon Oct 1 16:19:28 2012 +0200 s3-net: Fix DEBUG() location. Guenther Autobuild-User(master): Günther Deschner g...@samba.org Autobuild-Date(master): Tue Oct 2 18:06:17 CEST 2012 on sn-devel-104 commit 0eded14f19806e87b2205677064d1413bcb86d38 Author: Günther Deschner g...@samba.org Date: Tue Sep 25 11:09:45 2012 +0200 s3-net: give more control how to update/register DNS entries. Guenther commit ec23d0a3b2f3969d4d113d80bd82cb1dbbcd Author: Günther Deschner g...@samba.org Date: Tue Sep 25 11:08:48 2012 +0200 s3-net: pass down a flags field to DoDNSUpdate(). Guenther commit 5d4247ae7434adae87b265a362a9fa19b4ca557c Author: Günther Deschner g...@samba.org Date: Wed Sep 19 15:35:15 2012 +0200 s3-net: move out some prototypes to net_dns.h. Guenther commit a2fec69b0958f75e31c702e25017eeae6a92be0d Author: Günther Deschner g...@samba.org Date: Wed Sep 19 15:31:57 2012 +0200 s3-net: pass down struct net_context to the dns update calls. Guenther commit 06f3b1f0b0dcf9355a8d634cdb62f1f0a8ea4dbe Author: Günther Deschner g...@samba.org Date: Mon Dec 19 10:52:58 2011 +0100 s3-kerberos: add aes enctypes to generated krb5.conf. Guenther commit eae33e96fcaa456830862325b91579faf2a96213 Author: Günther Deschner g...@samba.org Date: Thu Dec 15 18:12:41 2011 +0100 s3-krb5: use and request AES keys in kerberos operations. Guenther --- Summary of changes: lib/krb5_wrap/krb5_samba.c |6 ++ source3/libads/kerberos.c| 28 +-- source3/libads/kerberos_keytab.c |8 +++- source3/utils/net_ads.c | 44 ++ source3/utils/net_dns.c | 96 +++--- source3/utils/net_dns.h | 43 + 6 files changed, 163 insertions(+), 62 deletions(-) create mode 100644 source3/utils/net_dns.h Changeset truncated at 500 lines: diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c index 1a5a710..8037337 100644 --- a/lib/krb5_wrap/krb5_samba.c +++ b/lib/krb5_wrap/krb5_samba.c @@ -688,6 +688,12 @@ int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx, ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_CBC_CRC, +#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96 + ENCTYPE_AES128_CTS_HMAC_SHA1_96, +#endif +#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96 + ENCTYPE_AES256_CTS_HMAC_SHA1_96, +#endif ENCTYPE_NULL}; initialize_krb5_error_table(); diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 1093d12..3183e26 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -831,6 +831,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, int fd; char *realm_upper = NULL; bool result = false; + char *aes_enctypes = NULL; if (!lp_create_krb5_conf()) { return false; @@ -870,14 +871,33 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, goto done; } + aes_enctypes = talloc_strdup(fname, ); + if (aes_enctypes == NULL) { + goto done; + } + +#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96 + aes_enctypes = talloc_asprintf_append(aes_enctypes, %s, aes256-cts-hmac-sha1-96 ); + if (aes_enctypes == NULL) { + goto done; + } +#endif +#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96 + aes_enctypes = talloc_asprintf_append(aes_enctypes, %s, aes128-cts-hmac-sha1-96); + if (aes_enctypes == NULL) { + goto done; + } +#endif + file_contents = talloc_asprintf(fname, [libdefaults]\n\tdefault_realm = %s\n - \tdefault_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n - \tdefault_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a168a7c tdb: Fix a typo from 7751d03 s3-net: Fix DEBUG() location. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a168a7c791a4be1730a370d059b3a1073fbb0bdd Author: Volker Lendecke v...@samba.org Date: Tue Oct 2 12:21:20 2012 +0200 tdb: Fix a typo Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Tue Oct 2 19:52:16 CEST 2012 on sn-devel-104 --- Summary of changes: lib/tdb/common/lock.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/lock.c b/lib/tdb/common/lock.c index 88a52e9..260fab6 100644 --- a/lib/tdb/common/lock.c +++ b/lib/tdb/common/lock.c @@ -562,7 +562,7 @@ int tdb_allrecord_lock(struct tdb_context *tdb, int ltype, /* We cover two kinds of locks: * 1) Normal chain locks. Taken for almost all operations. -* 3) Individual records locks. Taken after normal or free +* 2) Individual records locks. Taken after normal or free *chain locks. * * It is (1) which cause the starvation problem, so we're only -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c251a6b When creating a new file/directory, we need to obey the create mask/directory mask parameters. via 8f0ecbb Add functions to programatically set the security mask and directory security mask parameters. via 6575d1d When setting a non-default ACL, don't forget to apply masks to SMB_ACL_USER and SMB_ACL_GROUP entries. via 5d5ddbd Only apply masks on non-default ACL entries when setting the ACL. via 82e7132 Use is_default_acl variable in canonicalise_acl(). via efb446a Reformat spacing to be even. from a168a7c tdb: Fix a typo http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c251a6b0442abc13bc8be4ff8de324c1d7706a78 Author: Jeremy Allison j...@samba.org Date: Tue Oct 2 10:25:14 2012 -0700 When creating a new file/directory, we need to obey the create mask/directory mask parameters. Currently we call FSET_NT_ACL to inherit any ACLs on create. However FSET_NT_ACL uses the security mask/directory security mask parameters instead of the create mask/directory mask parameters. Swap them temporarily when creating to ensure the correct masks are applied. Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Tue Oct 2 22:27:17 CEST 2012 on sn-devel-104 commit 8f0ecbbbeebff0174579a78827d384067cd4cbb7 Author: Jeremy Allison j...@samba.org Date: Tue Oct 2 10:22:39 2012 -0700 Add functions to programatically set the security mask and directory security mask parameters. commit 6575d1d34fee45c7a965c7c9641cc52b566a9e7f Author: Jeremy Allison j...@samba.org Date: Tue Oct 2 10:15:54 2012 -0700 When setting a non-default ACL, don't forget to apply masks to SMB_ACL_USER and SMB_ACL_GROUP entries. commit 5d5ddbd62490d3e87dd990554a2c7b7eaf2cc24e Author: Jeremy Allison j...@samba.org Date: Tue Oct 2 10:12:45 2012 -0700 Only apply masks on non-default ACL entries when setting the ACL. commit 82e7132bdf7c9d4ddead3cd5d845bfe68b93448b Author: Jeremy Allison j...@samba.org Date: Tue Oct 2 09:55:09 2012 -0700 Use is_default_acl variable in canonicalise_acl(). commit efb446a38cca448855977666499603d12e1477b4 Author: Jeremy Allison j...@samba.org Date: Tue Oct 2 09:21:17 2012 -0700 Reformat spacing to be even. --- Summary of changes: source3/include/proto.h |2 + source3/param/loadparm.c | 14 +++ source3/smbd/open.c | 15 +++ source3/smbd/posix_acls.c | 58 +++-- 4 files changed, 71 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index b3fa55a..e42c33d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1188,6 +1188,8 @@ bool lp_getwd_cache(void); int lp_srv_maxprotocol(void); int lp_srv_minprotocol(void); int lp_security(void); +int lp_set_security_mask(int snum, int new_val); +int lp_set_directory_security_mask(int snum, int new_mask); int lp__server_role(void); int lp__security(void); int lp__domain_master(void); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 61606ce..960a644 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -5476,3 +5476,17 @@ int lp_security(void) return lp_find_security(lp__server_role(), lp__security()); } + +int lp_set_security_mask(int snum, int new_val) +{ + int ret = ServicePtrs[snum]-iSecurity_mask; + ServicePtrs[snum]-iSecurity_mask = new_val; + return ret; +} + +int lp_set_directory_security_mask(int snum, int new_val) +{ + int ret = ServicePtrs[snum]-iDir_Security_mask; + ServicePtrs[snum]-iDir_Security_mask = new_val; + return ret; +} diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d4babd4..bea4d99 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3436,6 +3436,9 @@ static NTSTATUS inherit_new_acl(files_struct *fsp) bool inherit_owner = lp_inherit_owner(SNUM(fsp-conn)); bool inheritable_components = false; size_t size = 0; + int orig_security_mask = 0; + int orig_directory_security_mask = 0; + int snum = SNUM(fsp-conn); if (!parent_dirname(ctx, fsp-fsp_name-base_name, parent_name, NULL)) { return NT_STATUS_NO_MEMORY; @@ -3506,6 +3509,14 @@ static NTSTATUS inherit_new_acl(files_struct *fsp) NDR_PRINT_DEBUG(security_descriptor, psd); } + /* Temporarily replace the security masks with the create masks, + as we're actually doing a create here - we only call this + when we've created a file or directory - but there's no + way for FSET_NT_ACL to know the difference. */ + +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dfd3c31 Fix bug #9222 - smbd ignores the server signing = no setting for SMB2. from c251a6b When creating a new file/directory, we need to obey the create mask/directory mask parameters. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dfd3c31a3f9eea96854b2d22574856368e86b245 Author: Jeremy Allison j...@samba.org Date: Tue Oct 2 14:10:21 2012 -0700 Fix bug #9222 - smbd ignores the server signing = no setting for SMB2. Still sign if client request is signed, just don't negotiate it in negprot or sessionsetup. Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Wed Oct 3 00:59:42 CEST 2012 on sn-devel-104 --- Summary of changes: source3/smbd/smb2_negprot.c | 10 ++ source3/smbd/smb2_sesssetup.c |6 ++ 2 files changed, 12 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c index 6adc581..826e0d1 100644 --- a/source3/smbd/smb2_negprot.c +++ b/source3/smbd/smb2_negprot.c @@ -92,7 +92,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) DATA_BLOB security_buffer; size_t expected_dyn_size = 0; size_t c; - uint16_t security_mode; + uint16_t security_mode = 0; uint16_t dialect_count; uint16_t in_security_mode; uint32_t in_capabilities; @@ -244,9 +244,11 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) return smbd_smb2_request_error(req, NT_STATUS_INTERNAL_ERROR); } - security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED; - if (lp_server_signing() == SMB_SIGNING_REQUIRED) { - security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; + if (lp_server_signing() != SMB_SIGNING_OFF) { + security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED; + if (lp_server_signing() == SMB_SIGNING_REQUIRED) { + security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; + } } capabilities = 0; diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 2599d2a..8bdfd49 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -185,6 +185,12 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, struct smbXsrv_session *x = session; struct smbXsrv_connection *conn = session-connection; + if ((lp_server_signing() == SMB_SIGNING_OFF) + (in_security_mode SMB2_NEGOTIATE_SIGNING_REQUIRED)) { + DEBUG(0,(SMB2 signing required and we have disabled it.\n)); + return NT_STATUS_ACCESS_DENIED; + } + if ((in_security_mode SMB2_NEGOTIATE_SIGNING_REQUIRED) || lp_server_signing() == SMB_SIGNING_REQUIRED) { x-global-signing_required = true; -- Samba Shared Repository