svn commit: samba-web r1410 - in trunk/history: .
Author: kseeger Date: 2010-03-09 01:27:55 -0700 (Tue, 09 Mar 2010) New Revision: 1410 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1410 Log: Add new security issue Karolin Modified: trunk/history/security.html Changeset: Modified: trunk/history/security.html === --- trunk/history/security.html 2010-03-08 22:00:48 UTC (rev 1409) +++ trunk/history/security.html 2010-03-09 08:27:55 UTC (rev 1410) @@ -22,6 +22,20 @@ /tr tr +td08 Mar 2010/td +tda href=/samba/ftp/patches/security/samba-3.5.0-CVE-2010-0728.patch + patch for Samba 3.5.0/a + a href=/samba/ftp/patches/security/samba-3.4.6-CVE-2010-0728.patch + patch for Samba 3.4.6/a + a href=/samba/ftp/patches/security/samba-3.3.11-CVE-2010-0728.patch + patch for Samba 3.3.11/a +tdPermission ignored/td +td3.3.11, 3.4.6, 3.5.0/td +tda href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728;CVE-2010-0728/a/td +tda href=/samba/security/CVE-2010-0728.htmlAnnouncement/a/td +/tr + +tr td01 Oct 2009/td tda href=/samba/ftp/patches/security/samba-3.4.1-CVE-2009-2948-1.patch patch 1 for Samba 3.4.1/a
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via afd8272... WHATSNEW: Start release notes for Samba 3.5.2. via 6889e16... VERSION: Raise version number up to 3.5.2. via f472949... Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. via 7611a42... WHATSNEW: Prepare release notes for Samba 3.5.1. from cb627d3... s3: Fix the build of net_afs.c with --fake-kaserver=yes, bug 7216 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit afd8272605854f2686f2b66541f2158afe2137d4 Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:36:06 2010 +0100 WHATSNEW: Start release notes for Samba 3.5.2. Karolin commit 6889e16974301ef36c0a9c6e57b2bcbd984b0d5f Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:33:30 2010 +0100 VERSION: Raise version number up to 3.5.2. Karolin commit f4729490766300ba1673f1c2c3fe2dedf460312f Author: Karolin Seeger ksee...@samba.org Date: Mon Mar 8 20:34:39 2010 +0100 Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. This reverts commit a6ae7a552f851a31262377cc0e062e40ac20. This fixes bug #7222 (All users have full rigths on all shares) (CVE-2010-0728). (cherry picked from commit 1c9494c76cc9686c61e0966f38528d3318f3176f) commit 7611a4208a1effbf2f0e04f0910162fbad26f757 Author: Karolin Seeger ksee...@samba.org Date: Mon Mar 8 20:32:49 2010 +0100 WHATSNEW: Prepare release notes for Samba 3.5.1. Karolin (cherry picked from commit cd499eaf0418fa0a3034c5ba4709278a302ea980) --- Summary of changes: WHATSNEW.txt | 93 - source3/VERSION |2 +- source3/include/smb.h |3 +- source3/lib/system.c | 65 ++ source3/smbd/server.c |8 5 files changed, 98 insertions(+), 73 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index caad89d..6602941 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,96 @@ = + Release Notes for Samba 3.5.2 + , 2010 + = + + +This is the third stable release of Samba 3.5. + +Major enhancements in Samba 3.5.2 include: + +o + +Changes since 3.5.1 +--- + + +o + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + = + Release Notes for Samba 3.5.1 + March 8, 2010 + = + + +This is a security release in order to address CVE-2010-0728. + + +o CVE-2010-0728: + In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code + was added to fix a problem with Linux asynchronous IO handling. + This code introduced a bad security flaw on Linux platforms if the + binaries were built on Linux platforms with libcap support. + The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE + capabilities, allowing all file system access to be allowed + even when permissions should have denied access. + + +Changes since 3.5.0 +--- + + +o Jeremy Allison j...@samba.org +* BUG 7222: Fix for CVE-2010-0728. + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database
[SCM] Samba Shared Repository - branch v3-5-stable updated
The branch, v3-5-stable has been updated via 647836f... WHATSNEW: Start release notes for Samba 3.5.2. via 638ac5b... VERSION: Raise version number up to 3.5.2. from 1c9494c... Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-stable - Log - commit 647836f0bd691aa3ac4e9bd33d06e6e20cc06863 Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:36:06 2010 +0100 WHATSNEW: Start release notes for Samba 3.5.2. Karolin (cherry picked from commit afd8272605854f2686f2b66541f2158afe2137d4) commit 638ac5b8536cec0113a17f42441840edacaa05da Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:33:30 2010 +0100 VERSION: Raise version number up to 3.5.2. Karolin (cherry picked from commit 6889e16974301ef36c0a9c6e57b2bcbd984b0d5f) --- Summary of changes: WHATSNEW.txt| 45 +++-- source3/VERSION |2 +- 2 files changed, 44 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 12c12d5..6602941 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,46 @@ = + Release Notes for Samba 3.5.2 + , 2010 + = + + +This is the third stable release of Samba 3.5. + +Major enhancements in Samba 3.5.2 include: + +o + +Changes since 3.5.1 +--- + + +o + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + = Release Notes for Samba 3.5.1 March 8, 2010 = @@ -45,8 +87,7 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- = diff --git a/source3/VERSION b/source3/VERSION index 35c8256..425a2c2 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=5 -SAMBA_VERSION_RELEASE=1 +SAMBA_VERSION_RELEASE=2 # Bug fix releases use a letter for the patch revision # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated
The branch, v3-4-test has been updated via cf67945... WHATSNEW: Start release notes for Samba 3.4.8. via 16f92f7... VERSION: Raise version number up to 3.4.8. via b6311ea... Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. via da0da47... WHATSNEW: Prepare release notes for Samba 3.4.7. from f94a377... mount.cifs: don't allow it to be run as setuid root program http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test - Log - commit cf679452b32de243cea61349f93e661f61ba4988 Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:42:40 2010 +0100 WHATSNEW: Start release notes for Samba 3.4.8. Karolin commit 16f92f795d8403988919f0890445acffa249e29a Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:39:40 2010 +0100 VERSION: Raise version number up to 3.4.8. Karolin commit b6311eaa51d8dc3d96164d88cec5735052ba19a2 Author: Karolin Seeger ksee...@samba.org Date: Mon Mar 8 20:53:38 2010 +0100 Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. This reverts commit c81c109a6ce83741bb5149a51ceb4ab30855e9f9. This fixes bug #7222 (All users have full rigths on all shares)(CVE-2010-0728). (cherry picked from commit 49fc62cc5d8bcb2ef246fa6505c99071b406c413) commit da0da473dd0d397236836c177c97d2f98853f1a3 Author: Karolin Seeger ksee...@samba.org Date: Mon Mar 8 20:52:56 2010 +0100 WHATSNEW: Prepare release notes for Samba 3.4.7. Karolin (cherry picked from commit bdad63514f345a10774dade1746072312ed140c1) --- Summary of changes: WHATSNEW.txt | 64 ++-- source3/VERSION |2 +- source3/include/smb.h |3 +- source3/lib/system.c | 65 +++-- source3/smbd/server.c |8 -- 5 files changed, 62 insertions(+), 80 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 28f1812..9a61578 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,23 +1,21 @@ = - Release Notes for Samba 3.4.7 -, 2010 + Release Notes for Samba 3.4.8 + , 2010 = This is the latest stable release of Samba 3.4. -Major enhancements in Samba 3.4.7 include: +Major enhancements in Samba 3.4.6 include: - o +o -## -Changes -### -Changes since 3.4.6 +Changes since 3.4.7 --- +o ## @@ -44,6 +42,56 @@ Release notes for older versions follow: = + Release Notes for Samba 3.4.7 + March 8, 2010 + = + + +This is a security release in order to address CVE-2010-0728. + + +o CVE-2010-0728: + In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code + was added to fix a problem with Linux asynchronous IO handling. + This code introduced a bad security flaw on Linux platforms if the + binaries were built on Linux platforms with libcap support. + The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE + capabilities, allowing all file system access to be allowed + even when permissions should have denied access. + + +Changes since 3.4.6 +--- + + +o Jeremy Allison j...@samba.org +* BUG 7222: Fix for CVE-2010-0728. + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.4 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +-- + + + = Release Notes for Samba 3.4.6 February 24, 2010
[SCM] Samba Shared Repository - branch v3-4-stable updated
The branch, v3-4-stable has been updated via 8a08b80... WHATSNEW: Start release notes for Samba 3.4.8. via 25b982b... VERSION: Raise version number up to 3.4.8. from 49fc62c... Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-stable - Log - commit 8a08b8009f4941e40bbf2e25517a913fb2e36b09 Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:42:40 2010 +0100 WHATSNEW: Start release notes for Samba 3.4.8. Karolin (cherry picked from commit cf679452b32de243cea61349f93e661f61ba4988) commit 25b982be4633edb7d42b72cba127eb71edc9584e Author: Karolin Seeger ksee...@samba.org Date: Tue Mar 9 10:39:40 2010 +0100 VERSION: Raise version number up to 3.4.8. Karolin (cherry picked from commit 16f92f795d8403988919f0890445acffa249e29a) --- Summary of changes: WHATSNEW.txt| 49 ++--- source3/VERSION |2 +- 2 files changed, 47 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 80589c7..9a61578 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,47 @@ = + Release Notes for Samba 3.4.8 + , 2010 + = + + +This is the latest stable release of Samba 3.4. + +Major enhancements in Samba 3.4.6 include: + +o + + +Changes since 3.4.7 +--- + + +o + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.4 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older versions follow: + + + = Release Notes for Samba 3.4.7 March 8, 2010 = @@ -17,7 +60,7 @@ o CVE-2010-0728: even when permissions should have denied access. -Changes since 3.5.0 +Changes since 3.4.6 --- @@ -45,8 +88,8 @@ database (https://bugzilla.samba.org/). == -Release notes for older versions follow: - +-- + = Release Notes for Samba 3.4.6 diff --git a/source3/VERSION b/source3/VERSION index f40ac81..c134d2c 100644 --- a/source3/VERSION +++ b/source3/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=4 -SAMBA_VERSION_RELEASE=7 +SAMBA_VERSION_RELEASE=8 # Bug fix releases use a letter for the patch revision # -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated
The branch, v3-3-test has been updated via d3831a5... Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. via 1954222... WHATSNEW: Prepare release notes for Samba 3.3.12. via 110f245... VERSION: Raise version number up to 3.3.12. from 550cc06... WHATSNEW: Update changes since 3.3.10. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit d3831a573ee2d8bddd123cf30f2262fd5935a2b4 Author: Karolin Seeger ksee...@samba.org Date: Mon Mar 8 21:08:36 2010 +0100 Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. This reverts commit 153357b9bb4d70a168c81cb9ff2da437eae823fc. This fixes bug #7222 (All users have full rigths on all shares) (CVE-2010-0728). (cherry picked from commit 007f9c90e952aeea2d8f73cff3ccd0f747a9c06e) commit 1954222e9ab5cad0eddb3b35ee528df969ff5449 Author: Karolin Seeger ksee...@samba.org Date: Mon Mar 8 21:08:01 2010 +0100 WHATSNEW: Prepare release notes for Samba 3.3.12. Karolin (cherry picked from commit cb608fef71f9da629a1858cd1d6c8b19e27e6655) commit 110f24526e37bb77a4e193ebca44d40374d51c08 Author: Karolin Seeger ksee...@samba.org Date: Mon Mar 8 21:05:40 2010 +0100 VERSION: Raise version number up to 3.3.12. Karolin (cherry picked from commit 689fd1bd11806f92e9f5acbc634e27f7b197ee23) --- Summary of changes: WHATSNEW.txt | 54 - source/VERSION |2 +- source/include/smb.h |3 +- source/lib/system.c | 65 +++-- source/smbd/server.c |8 -- 5 files changed, 58 insertions(+), 74 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 0d5d5f0..90a1960 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,54 @@ == + Release Notes for Samba 3.3.12 + March 8, 2010 + == + + +This is a security release in order to address CVE-2010-0728. + + +o CVE-2010-0728: + In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code + was added to fix a problem with Linux asynchronous IO handling. + This code introduced a bad security flaw on Linux platforms if the + binaries were built on Linux platforms with libcap support. + The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE + capabilities, allowing all file system access to be allowed + even when permissions should have denied access. + + +Changes since 3.5.0 +--- + + +o Jeremy Allison j...@samba.org +* BUG 7222: Fix for CVE-2010-0728. + + +## +Reporting bugs Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.3 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + == Release Notes for Samba 3.3.11 February 26, 2010 == @@ -79,8 +129,8 @@ database (https://bugzilla.samba.org/). == -Release notes for older releases follow: - +-- + == Release Notes for Samba 3.3.10 diff --git a/source/VERSION b/source/VERSION index 3be8505..d637568 100644 --- a/source/VERSION +++ b/source/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=3 SAMBA_VERSION_MINOR=3 -SAMBA_VERSION_RELEASE=11 +SAMBA_VERSION_RELEASE=12 # Bug fix releases use a letter for the patch revision # diff --git a/source/include/smb.h b/source/include/smb.h index 3825c63..327f212 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -1684,8
svn commit: samba-web r1411 - in trunk/history: .
Author: kseeger Date: 2010-03-09 03:01:27 -0700 (Tue, 09 Mar 2010) New Revision: 1411 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1411 Log: Fix typo Karolin Modified: trunk/history/samba-3.3.12.html trunk/history/samba-3.4.7.html Changeset: Modified: trunk/history/samba-3.3.12.html === --- trunk/history/samba-3.3.12.html 2010-03-09 08:27:55 UTC (rev 1410) +++ trunk/history/samba-3.3.12.html 2010-03-09 10:01:27 UTC (rev 1411) @@ -31,8 +31,8 @@ even when permissions should have denied access. -Changes since 3.5.0 +Changes since 3.3.11 + o Jeremy Allison lt;j...@samba.orggt; Modified: trunk/history/samba-3.4.7.html === --- trunk/history/samba-3.4.7.html 2010-03-09 08:27:55 UTC (rev 1410) +++ trunk/history/samba-3.4.7.html 2010-03-09 10:01:27 UTC (rev 1411) @@ -31,7 +31,7 @@ even when permissions should have denied access. -Changes since 3.5.0 +Changes since 3.4.6 ---
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8fd43f4... s3: Fix a typo. Thanks to Christian Ambach for pointing me at it :-) from deebbe7... A helper function to get the Infrastructure DN. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8fd43f44efcf0a5ee3ccf8ad1d2b69d1570e6ac4 Author: Volker Lendecke v...@samba.org Date: Tue Mar 9 15:36:08 2010 +0100 s3: Fix a typo. Thanks to Christian Ambach for pointing me at it :-) --- Summary of changes: source3/libsmb/nterr.c |2 +- source3/locale/pam_winbind/ar.po|2 +- source3/locale/pam_winbind/cs.po|2 +- source3/locale/pam_winbind/da.po|2 +- source3/locale/pam_winbind/de.po|2 +- source3/locale/pam_winbind/es.po|2 +- source3/locale/pam_winbind/fi.po|2 +- source3/locale/pam_winbind/fr.po|2 +- source3/locale/pam_winbind/hu.po|2 +- source3/locale/pam_winbind/it.po|2 +- source3/locale/pam_winbind/ja.po|2 +- source3/locale/pam_winbind/ko.po|2 +- source3/locale/pam_winbind/nb.po|2 +- source3/locale/pam_winbind/nl.po|2 +- source3/locale/pam_winbind/pl.po|2 +- source3/locale/pam_winbind/pt_BR.po |2 +- source3/locale/pam_winbind/ru.po|2 +- source3/locale/pam_winbind/sv.po|2 +- source3/locale/pam_winbind/zh_CN.po |2 +- source3/locale/pam_winbind/zh_TW.po |2 +- source4/libcli/util/nterr.c |2 +- 21 files changed, 21 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/nterr.c b/source3/libsmb/nterr.c index 328ba3b..6b5cfcd 100644 --- a/source3/libsmb/nterr.c +++ b/source3/libsmb/nterr.c @@ -598,7 +598,7 @@ nt_err_code_struct nt_err_desc[] = { N_(Invalid pipe state), NT_STATUS_INVALID_PIPE_STATE }, { N_(Named pipe busy),NT_STATUS_PIPE_BUSY }, { N_(Illegal function), NT_STATUS_ILLEGAL_FUNCTION }, - { N_(Named pipe dicconnected), NT_STATUS_PIPE_DISCONNECTED }, + { N_(Named pipe disconnected), NT_STATUS_PIPE_DISCONNECTED }, { N_(Named pipe closing), NT_STATUS_PIPE_CLOSING }, { N_(Remote host not listening), NT_STATUS_REMOTE_NOT_LISTENING }, { N_(Duplicate name on network), NT_STATUS_DUPLICATE_NAME }, diff --git a/source3/locale/pam_winbind/ar.po b/source3/locale/pam_winbind/ar.po index 6ed0ac1..de56bf7 100644 --- a/source3/locale/pam_winbind/ar.po +++ b/source3/locale/pam_winbind/ar.po @@ -363,7 +363,7 @@ msgid Illegal function msgstr #: ../../libsmb/nterr.c:601 -msgid Named pipe dicconnected +msgid Named pipe disconnected msgstr #: ../../libsmb/nterr.c:602 diff --git a/source3/locale/pam_winbind/cs.po b/source3/locale/pam_winbind/cs.po index 8c15431..a299c1d 100644 --- a/source3/locale/pam_winbind/cs.po +++ b/source3/locale/pam_winbind/cs.po @@ -363,7 +363,7 @@ msgid Illegal function msgstr #: ../../libsmb/nterr.c:601 -msgid Named pipe dicconnected +msgid Named pipe disconnected msgstr #: ../../libsmb/nterr.c:602 diff --git a/source3/locale/pam_winbind/da.po b/source3/locale/pam_winbind/da.po index 3d8f2b1..df2d484 100644 --- a/source3/locale/pam_winbind/da.po +++ b/source3/locale/pam_winbind/da.po @@ -365,7 +365,7 @@ msgid Illegal function msgstr #: ../../libsmb/nterr.c:601 -msgid Named pipe dicconnected +msgid Named pipe disconnected msgstr #: ../../libsmb/nterr.c:602 diff --git a/source3/locale/pam_winbind/de.po b/source3/locale/pam_winbind/de.po index f2614cb..af46ef3 100644 --- a/source3/locale/pam_winbind/de.po +++ b/source3/locale/pam_winbind/de.po @@ -368,7 +368,7 @@ msgid Illegal function msgstr #: ../../libsmb/nterr.c:601 -msgid Named pipe dicconnected +msgid Named pipe disconnected msgstr #: ../../libsmb/nterr.c:602 diff --git a/source3/locale/pam_winbind/es.po b/source3/locale/pam_winbind/es.po index 8bc904e..e0d4147 100644 --- a/source3/locale/pam_winbind/es.po +++ b/source3/locale/pam_winbind/es.po @@ -363,7 +363,7 @@ msgid Illegal function msgstr #: ../../libsmb/nterr.c:601 -msgid Named pipe dicconnected +msgid Named pipe disconnected msgstr #: ../../libsmb/nterr.c:602 diff --git a/source3/locale/pam_winbind/fi.po b/source3/locale/pam_winbind/fi.po index d11bfeb..984cadc 100644 --- a/source3/locale/pam_winbind/fi.po +++ b/source3/locale/pam_winbind/fi.po @@ -368,7 +368,7 @@ msgid Illegal function msgstr #: ../../libsmb/nterr.c:601 -msgid Named pipe dicconnected +msgid Named pipe disconnected msgstr #: ../../libsmb/nterr.c:602 diff --git a/source3/locale/pam_winbind/fr.po b/source3/locale/pam_winbind/fr.po index 4a7d847..176224d 100644 --- a/source3/locale/pam_winbind/fr.po +++ b/source3/locale/pam_winbind/fr.po @@
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f742623... Added a check for permissions to modify the RDN attribute on rename. from ec53a0c... s4:dsdb/dns: change callers of samba_runcmd() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f742623b7b8a19ff3230754562deeac7657cd8cd Author: Nadezhda Ivanova nadezhda.ivan...@postpath.com Date: Sun Mar 7 21:42:53 2010 +0200 Added a check for permissions to modify the RDN attribute on rename. Necessary because rdn module will be moved lower than acl in the stack. --- Summary of changes: source4/dsdb/samdb/ldb_modules/acl.c | 12 source4/lib/ldb/tests/python/acl.py | 32 2 files changed, 44 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index c10624d..e7665c7 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -958,6 +958,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req) TALLOC_CTX *tmp_ctx = talloc_new(req); NTSTATUS status; uint32_t access_granted; + const char *rdn_name; static const char *acl_attrs[] = { nTSecurityDescriptor, objectClass, @@ -1001,6 +1002,17 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_OPERATIONS_ERROR; }; + rdn_name = ldb_dn_get_rdn_name(req-op.rename.olddn); + if (rdn_name == NULL) { + return LDB_ERR_OPERATIONS_ERROR; + } + guid = attribute_schemaid_guid_by_lDAPDisplayName(dsdb_get_schema(ldb), + rdn_name); + if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP, + new_node, new_node)) { + return LDB_ERR_OPERATIONS_ERROR; + }; + ret = get_sd_from_ldb_message(req, acl_res-msgs[0], sd); if (ret != LDB_SUCCESS) { diff --git a/source4/lib/ldb/tests/python/acl.py b/source4/lib/ldb/tests/python/acl.py index 083c7ae..42c8c7e 100755 --- a/source4/lib/ldb/tests/python/acl.py +++ b/source4/lib/ldb/tests/python/acl.py @@ -785,6 +785,7 @@ class AclRenameTests(AclTests): self.delete_force(self.ldb_admin, CN=test_rename_user1,OU=test_rename_ou1, + self.base_dn) self.delete_force(self.ldb_admin, CN=test_rename_user2,OU=test_rename_ou1, + self.base_dn) self.delete_force(self.ldb_admin, CN=test_rename_user5,OU=test_rename_ou1, + self.base_dn) +self.delete_force(self.ldb_admin, OU=test_rename_ou3,OU=test_rename_ou1, + self.base_dn) self.delete_force(self.ldb_admin, OU=test_rename_ou1, + self.base_dn) if self.SAMBA: self.delete_force(self.ldb_admin, self.get_user_dn(self.regular_user)) @@ -939,6 +940,37 @@ class AclRenameTests(AclTests): % rename_user_dn ) self.assertNotEqual( res, [] ) +def test_rename_u8(self): +Test rename on an object with and without modify access on the RDN attribute +ou1_dn = OU=test_rename_ou1, + self.base_dn +ou2_dn = OU=test_rename_ou2, + ou1_dn +ou3_dn = OU=test_rename_ou3, + ou1_dn +# Create OU structure +self.create_ou(self.ldb_admin, ou1_dn) +self.create_ou(self.ldb_admin, ou2_dn) +sid = self.get_object_sid(self.get_user_dn(self.regular_user)) +mod = (OA;;WP;bf967a0e-0de6-11d0-a285-00aa003049e2;;%s) % str(sid) +self.dacl_add_ace(ou2_dn, mod) +mod = (OD;;WP;bf9679f0-0de6-11d0-a285-00aa003049e2;;%s) % str(sid) +self.dacl_add_ace(ou2_dn, mod) +try: +self.ldb_user.rename(ou2_dn, ou3_dn) +except LdbError, (num, _): +self.assertEquals(num, ERR_INSUFFICIENT_ACCESS_RIGHTS) +else: +# This rename operation should always throw ERR_INSUFFICIENT_ACCESS_RIGHTS +self.fail() +sid = self.get_object_sid(self.get_user_dn(self.regular_user)) +mod = (A;;WP;bf9679f0-0de6-11d0-a285-00aa003049e2;;%s) % str(sid) +self.dacl_add_ace(ou2_dn, mod) +self.ldb_user.rename(ou2_dn, ou3_dn) +res = self.ldb_admin.search( self.base_dn, expression=(distinguishedName=%s) \ +% ou2_dn ) +self.assertEqual( res, [] ) +res = self.ldb_admin.search( self.base_dn, expression=(distinguishedName=%s) \ +% ou3_dn ) +self.assertNotEqual( res, [] ) + # Important unit running information if not :// in host: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 48cdca0... s4-smbtorture: fix uninitialized variable in winreg QueryValue call. from 8fd43f4... s3: Fix a typo. Thanks to Christian Ambach for pointing me at it :-) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 48cdca0d474cc6ae6fa6be88580d5f2fbcb0dd84 Author: Günther Deschner g...@samba.org Date: Tue Mar 9 16:10:40 2010 +0100 s4-smbtorture: fix uninitialized variable in winreg QueryValue call. Guenther --- Summary of changes: source4/torture/rpc/spoolss.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index 909c372..f83d3b5 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -3353,6 +3353,7 @@ static bool test_winreg_QueryValue(struct torture_context *tctx, r.in.type = type; r.in.data_size = data_size; r.in.data_length = data_length; + r.in.data = talloc_zero_array(tctx, uint8_t, *r.in.data_size); r.out.type = type; r.out.data = talloc_zero_array(tctx, uint8_t, *r.in.data_size); r.out.data_size = data_size; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via deebbe7... A helper function to get the Infrastructure DN. from 4b8961bc.. Fixed a bug in acl tests - python error when we create user/group/ou with a descriptor. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit deebbe7cfae309baed9654e6e8354886eb3c568f Author: Nadezhda Ivanova nadezhda.ivan...@postpath.com Date: Tue Mar 9 14:56:46 2010 +0200 A helper function to get the Infrastructure DN. --- Summary of changes: source4/dsdb/common/util.c | 12 1 files changed, 12 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index f597c41..9c29509 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -1069,6 +1069,18 @@ struct ldb_dn *samdb_partitions_dn(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ return new_dn; } +struct ldb_dn *samdb_infrastructure_dn(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx) +{ + struct ldb_dn *new_dn; + + new_dn = ldb_dn_copy(mem_ctx, samdb_base_dn(sam_ctx)); + if ( ! ldb_dn_add_child_fmt(new_dn, CN=Infrastructure)) { + talloc_free(new_dn); + return NULL; + } + return new_dn; +} + struct ldb_dn *samdb_sites_dn(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx) { struct ldb_dn *new_dn; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4b8961bc.. Fixed a bug in acl tests - python error when we create user/group/ou with a descriptor. from f742623... Added a check for permissions to modify the RDN attribute on rename. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4b8961bc6f7aaf2c420d7b2bc2ef6eb07ab42429 Author: Nadezhda Ivanova nadezhda.ivan...@postpath.com Date: Tue Mar 9 13:53:41 2010 +0200 Fixed a bug in acl tests - python error when we create user/group/ou with a descriptor. --- Summary of changes: source4/lib/ldb/tests/python/acl.py | 46 +- 1 files changed, 23 insertions(+), 23 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/ldb/tests/python/acl.py b/source4/lib/ldb/tests/python/acl.py index 42c8c7e..0613689 100755 --- a/source4/lib/ldb/tests/python/acl.py +++ b/source4/lib/ldb/tests/python/acl.py @@ -120,51 +120,51 @@ member: + member_dn _ldb.modify_ldif(ldif) def create_ou(self, _ldb, ou_dn, desc=None): -ou_dict = { -dn : ou_dn, -ou : ou_dn.split(,)[0][3:], -objectClass : organizationalUnit, -url : www.bbc.co.uk, -} +ldif = +dn: + ou_dn + +ou: + ou_dn.split(,)[0][3:] + +objectClass: organizationalUnit +url: www.example.com + if desc: assert(isinstance(desc, str) or isinstance(desc, security.descriptor)) if isinstance(desc, str): ldif += nTSecurityDescriptor: %s % desc elif isinstance(desc, security.descriptor): ldif += nTSecurityDescriptor:: %s % base64.b64encode(ndr_pack(desc)) -_ldb.add(ou_dict) +_ldb.add_ldif(ldif) def create_user(self, _ldb, user_dn, desc=None): -user_dict = { -dn : user_dn, -sAMAccountName : user_dn.split(,)[0][3:], -objectClass : user, -userPassword : self.user_pass, -url : www.bbc.co.uk, -} +ldif = +dn: + user_dn + +sAMAccountName: + user_dn.split(,)[0][3:] + +objectClass: user +userPassword: + self.user_pass + +url: www.example.com + if desc: assert(isinstance(desc, str) or isinstance(desc, security.descriptor)) if isinstance(desc, str): ldif += nTSecurityDescriptor: %s % desc elif isinstance(desc, security.descriptor): ldif += nTSecurityDescriptor:: %s % base64.b64encode(ndr_pack(desc)) -_ldb.add(user_dict) +_ldb.add_ldif(ldif) def create_group(self, _ldb, group_dn, desc=None): -group_dict = { -dn : group_dn, -objectClass : group, -sAMAccountName : group_dn.split(,)[0][3:], -groupType : 4, -url : www.bbc.co.uk, -} +ldif = +dn: + group_dn + +objectClass: group +sAMAccountName: + group_dn.split(,)[0][3:] + +groupType: 4 +url: www.example.com + if desc: assert(isinstance(desc, str) or isinstance(desc, security.descriptor)) if isinstance(desc, str): ldif += nTSecurityDescriptor: %s % desc elif isinstance(desc, security.descriptor): ldif += nTSecurityDescriptor:: %s % base64.b64encode(ndr_pack(desc)) -_ldb.add(group_dict) +_ldb.add_ldif(ldif) def read_desc(self, object_dn): res = self.ldb_admin.search(object_dn, SCOPE_BASE, None, [nTSecurityDescriptor]) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ec53a0c... s4:dsdb/dns: change callers of samba_runcmd() via 6ea3393... lib/util: change samba_runcmd() to use tevent_req _send/_recv from 56b13ee... Revert Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ec53a0ca5a568627df8dac91ec2c736b0d106829 Author: Stefan Metzmacher me...@samba.org Date: Thu Feb 25 16:01:15 2010 +0100 s4:dsdb/dns: change callers of samba_runcmd() metze commit 6ea339379890fa1f99e802cac4f705b96ffcff8d Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 24 12:43:45 2010 +0100 lib/util: change samba_runcmd() to use tevent_req _send/_recv metze --- Summary of changes: lib/util/util.h | 15 +- lib/util/util_runcmd.c| 319 +++-- source4/dsdb/dns/dns_update.c | 104 +- 3 files changed, 256 insertions(+), 182 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/util.h b/lib/util/util.h index 264396e..e1160d5 100644 --- a/lib/util/util.h +++ b/lib/util/util.h @@ -890,12 +890,13 @@ bool add_gid_to_array_unique(TALLOC_CTX *mem_ctx, gid_t gid, with the return code from the command */ struct tevent_context; -struct composite_context *samba_runcmd(struct tevent_context *ev, - TALLOC_CTX *mem_ctx, - struct timeval timeout, - int stdout_log_level, - int stderr_log_level, - const char **argv0, ...); - +struct tevent_req; +struct tevent_req *samba_runcmd_send(TALLOC_CTX *mem_ctx, +struct tevent_context *ev, +struct timeval endtime, +int stdout_log_level, +int stderr_log_level, +const char * const *argv0, ...); +int samba_runcmd_recv(struct tevent_req *req, int *perrno); #endif /* _SAMBA_UTIL_H_ */ diff --git a/lib/util/util_runcmd.c b/lib/util/util_runcmd.c index dea3ff9..ef897d4 100644 --- a/lib/util/util_runcmd.c +++ b/lib/util/util_runcmd.c @@ -28,9 +28,9 @@ #include includes.h #include system/filesys.h #include lib/tevent/tevent.h -#include libcli/composite/composite.h +#include lib/util/tevent_unix.h -struct samba_runcmd { +struct samba_runcmd_state { int stdout_log_level; int stderr_log_level; struct tevent_fd *fde_stdout; @@ -42,106 +42,20 @@ struct samba_runcmd { uint16_t buf_used; }; -/* - called when a command times out - */ -static void runcmd_timeout(struct tevent_context *ev, - struct tevent_timer *te, - struct timeval current_time, - void *private_data) +static int samba_runcmd_state_destructor(struct samba_runcmd_state *state) { - struct composite_context *c = talloc_get_type_abort(private_data, struct composite_context); - struct samba_runcmd *r = talloc_get_type_abort(c-private_data, struct samba_runcmd); - kill(r-pid, SIGKILL); - waitpid(r-pid, NULL, 0); - talloc_free(r-fde_stderr); - talloc_free(r-fde_stdout); - composite_error(c, NT_STATUS_IO_TIMEOUT); -} - -/* - handle stdout/stderr from the child - */ -static void runcmd_io_handler(struct tevent_context *ev, - struct tevent_fd *fde, - uint16_t flags, - void *private_data) -{ - struct composite_context *c = talloc_get_type_abort(private_data, struct composite_context); - struct samba_runcmd *r = talloc_get_type_abort(c-private_data, struct samba_runcmd); - int level; - char *p; - int n, fd; - - if (fde == r-fde_stdout) { - level = r-stdout_log_level; - fd = r-fd_stdout; - } else { - level = r-stderr_log_level; - fd = r-fd_stderr; - } - - if (!(flags TEVENT_FD_READ)) { - return; - } - - n = read(fd, r-buf[r-buf_used], -sizeof(r-buf) - r-buf_used); - if (n 0) { - r-buf_used += n; - } else if (n == 0) { - if (fde == r-fde_stdout) { - talloc_free(fde); - r-fde_stdout = NULL; - } - if (fde == r-fde_stderr) { - talloc_free(fde); - r-fde_stderr = NULL; - } - if (r-fde_stdout == NULL - r-fde_stderr == NULL) { -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2ee3cca... s4:winbind - use unsigned variables where possible via 1310eba... s4:winbind/wb_cmd_getgroups.c - fix up warnings via 98bc10d... s4:unittest Fix unittest to reflect that wbinfo -r no longer fail via bc766a9... s4:winbind: stub implementation of WINBINDD_PAM_LOGOFF via 238ff24... s4:winbind: Fix a misplaced returned info via 42b5b38... s4:winbind Implement logic for getgroups to work via 30baf31... s4:winbind: implement calls for allowing getent groups via 74166c3... s4:torture/rpc/netlogon.c - LogonGetDomainInfo test - make it compatible against Windows Server 2008 via 9995a37... s4:netlogon RPC - LogonGetDomainInfo - make the call compatible with = Windows 2008 via 1deefca... libcli/auth/schannel_state_tdb.c - fix an obviously wrong error handling from 48cdca0... s4-smbtorture: fix uninitialized variable in winreg QueryValue call. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2ee3cca4ffd60d091ca5fe8035f90969f6b91cc4 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Tue Mar 9 17:54:12 2010 +0100 s4:winbind - use unsigned variables where possible commit 1310eba9705d6c49ec36555f546c4b99174ee695 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Tue Mar 9 17:52:10 2010 +0100 s4:winbind/wb_cmd_getgroups.c - fix up warnings Also fix some indentations. commit 98bc10d0a8284387789fafc32a1a1e54a7e31824 Author: Matthieu Patou m...@matws.net Date: Tue Mar 9 15:35:54 2010 +0300 s4:unittest Fix unittest to reflect that wbinfo -r no longer fail Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de commit bc766a9a8475344eb4556da91f68874523d1fe52 Author: Matthieu Patou m...@matws.net Date: Wed Mar 3 23:29:15 2010 +0300 s4:winbind: stub implementation of WINBINDD_PAM_LOGOFF Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de commit 238ff24341767230614a3931646df59c1cf87a52 Author: Matthieu Patou m...@matws.net Date: Wed Mar 3 23:29:32 2010 +0300 s4:winbind: Fix a misplaced returned info libwbclient expect to have in auth.exra_data the INFO3_TXT and in auth.unix_username the username Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de commit 42b5b381871dd935aeda34669a2c03a05a63f5f0 Author: Matthieu Patou m...@matws.net Date: Thu Mar 4 03:05:06 2010 +0300 s4:winbind Implement logic for getgroups to work This function is called by the system everytime we do a id user or when we do wbinfo -r Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de commit 30baf31411363ebd79a6366caf4a792850c40192 Author: Matthieu Patou m...@matws.net Date: Thu Mar 4 02:46:36 2010 +0300 s4:winbind: implement calls for allowing getent groups This is to say getgrent and setgrent, and the associated technical objects (states, build directives,...) needed. Signed-off-by: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de commit 74166c380c5ad110d93c4e7141eaa7b1d069ced8 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Wed Feb 17 09:51:41 2010 +0100 s4:torture/rpc/netlogon.c - LogonGetDomainInfo test - make it compatible against Windows Server 2008 This is a reworked version of the mentioned test which passes against Windows Server 2008. The previous version, also mainly written by me passed only against Windows Server = 2003. commit 9995a37a8cffb5e20e2b0ef5abfee602673d362d Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Fri Mar 5 11:09:57 2010 +0100 s4:netlogon RPC - LogonGetDomainInfo - make the call compatible with = Windows 2008 Add more security checks and other corrections to imitate Windows Server = 2008. commit 1deefcaee1f3de97c0377b513a6f9c3d1181e2b0 Author: Matthias Dieter Wallnöfer mwallnoe...@yahoo.de Date: Tue Mar 9 17:12:02 2010 +0100 libcli/auth/schannel_state_tdb.c - fix an obviously wrong error handling --- Summary of changes: libcli/auth/schannel_state_tdb.c |1 - nsswitch/tests/test_wbinfo.sh |3 +- source4/rpc_server/netlogon/dcerpc_netlogon.c | 85 +++--- source4/torture/rpc/netlogon.c| 118 +++-- source4/winbind/config.mk |3 + source4/winbind/wb_async_helpers.c| 20 +- source4/winbind/wb_cmd_getgrent.c | 124 ++ source4/winbind/wb_cmd_getgroups.c| 223 + source4/winbind/wb_cmd_list_trustdom.c|8 +- source4/winbind/wb_cmd_setgrent.c | 171 +++ source4/winbind/wb_cmd_userdomgroups.c|8 +- source4/winbind/wb_cmd_usersids.c | 12
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c05d13d... s4:ldb fix escape parsing via 9f53820... s3:tldap add own filter parsing from 2ee3cca... s4:winbind - use unsigned variables where possible http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c05d13d3c2c5d516c55cec133ba635f528034862 Author: Simo Sorce i...@samba.org Date: Sun Mar 7 20:20:45 2010 -0500 s4:ldb fix escape parsing sscanf can return also on short reads, in this case an invalid escape sequence like '\1k' would be accepted, returning 1 as value and swallowing the 'k'. Use an auxiliar function to validate and convert hex escapes. commit 9f53820de731ca1a7f06341958b43fcfccf82600 Author: Simo Sorce i...@samba.org Date: Sun Mar 7 20:20:02 2010 -0500 s3:tldap add own filter parsing Also add torture test to check filter parsing. --- Summary of changes: source3/lib/tldap.c| 714 ++-- source3/torture/torture.c | 14 + source4/lib/ldb/common/ldb_parse.c | 26 ++- 3 files changed, 638 insertions(+), 116 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c index fa56763..3b256c4 100644 --- a/source3/lib/tldap.c +++ b/source3/lib/tldap.c @@ -956,175 +956,654 @@ int tldap_simple_bind(struct tldap_context *ld, const char *dn, /*/ -/* - * This piece has a dependency on ldb, the ldb_parse_tree() function is used. - * In case we want to separate out tldap, we need to copy or rewrite it. +/* can't use isalpha() as only a strict set is valid for LDAP */ +#define TLDAP_IS_ALPHA(c) c) = 'a') ((c) = 'z')) || \ + (((c) = 'A') ((c) = 'Z'))) + +#define TLDAP_IS_ADH(c) (TLDAP_IS_ALPHA(c) || isdigit(c) || (c) == '-') + +#define TLDAP_FILTER_AND ASN1_CONTEXT(0) +#define TLDAP_FILTER_OR ASN1_CONTEXT(1) +#define TLDAP_FILTER_NOT ASN1_CONTEXT(2) +#define TLDAP_FILTER_EQ ASN1_CONTEXT(3) +#define TLDAP_FILTER_SUB ASN1_CONTEXT(4) +#define TLDAP_FILTER_LE ASN1_CONTEXT(5) +#define TLDAP_FILTER_GE ASN1_CONTEXT(6) +#define TLDAP_FILTER_PRES ASN1_CONTEXT_SIMPLE(7) +#define TLDAP_FILTER_APX ASN1_CONTEXT(8) +#define TLDAP_FILTER_EXT ASN1_CONTEXT(9) + +#define TLDAP_SUB_INI ASN1_CONTEXT_SIMPLE(0) +#define TLDAP_SUB_ANY ASN1_CONTEXT_SIMPLE(1) +#define TLDAP_SUB_FIN ASN1_CONTEXT_SIMPLE(2) + + +/* oid's should be numerical only in theory, + * but apparently some broken servers may have alphanum aliases instead. + * Do like openldap libraries and allow alphanum aliases for oids, but + * do not allow Tagging options in that case. */ +static bool tldap_is_attrdesc(const char *s, int len, bool no_tagopts) +{ + bool is_oid = false; + bool dot = false; + int i; + + /* first char has stricter rules */ + if (isdigit(*s)) { + is_oid = true; + } else if (!TLDAP_IS_ALPHA(*s)) { + /* bad first char */ + return false; + } + + for (i = 1; i len; i++) { + + if (is_oid) { + if (isdigit(s[i])) { + dot = false; + continue; + } + if (s[i] == '.') { + if (dot) { + /* malformed */ + return false; + } + dot = true; + continue; + } + } else { + if (TLDAP_IS_ADH(s[i])) { + continue; + } + } + + if (s[i] == ';') { + if (no_tagopts) { + /* no tagging options */ + return false; + } + if (dot) { + /* malformed */ + return false; + } + if ((i + 1) == len) { + /* malformed */ + return false; + } -#include lib/ldb/include/ldb.h -#include lib/ldb/include/ldb_errors.h + is_oid = false; + continue; + } + } -static bool ldap_push_filter(struct asn1_data *data, -struct ldb_parse_tree *tree) + if (dot) { + /* malformed */ + return false; + } + + return true; +} + +/* this function copies the value until the closing parenthesis is found. */ +static char
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 25452a2... s3: Fix a NULL pointer dereference from c05d13d... s4:ldb fix escape parsing http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 25452a2268ac7013da28125f3df22085139af12d Author: Volker Lendecke v...@samba.org Date: Tue Mar 9 11:14:14 2010 +0100 s3: Fix a NULL pointer dereference Found by Laurent Gaffie laurent.gaf...@gmail.com. Thanks! Volker --- Summary of changes: source3/smbd/process.c | 11 ++- 1 files changed, 10 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 65bb25d..9a39779 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1810,6 +1810,15 @@ void chain_reply(struct smb_request *req) */ if ((req-wct 2) || (CVAL(req-outbuf, smb_wct) 2)) { + if (req-chain_outbuf == NULL) { + req-chain_outbuf = TALLOC_REALLOC_ARRAY( + req, req-outbuf, uint8_t, + smb_len(req-outbuf) + 4); + if (req-chain_outbuf == NULL) { + smb_panic(talloc failed); + } + } + req-outbuf = NULL; goto error; } @@ -1837,7 +1846,7 @@ void chain_reply(struct smb_request *req) req-chain_outbuf = TALLOC_REALLOC_ARRAY( req, req-outbuf, uint8_t, smb_len(req-outbuf) + 4); if (req-chain_outbuf == NULL) { - goto error; + smb_panic(talloc failed); } req-outbuf = NULL; } else { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9adbba6... Allow make test to complete as root. Obviously only safe on tightly controlled developer machines. Jeremy. from 25452a2... s3: Fix a NULL pointer dereference http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9adbba6fb9404bb7f6d88cf58e7d5ce06fe73b0e Author: Jeremy Allison j...@samba.org Date: Tue Mar 9 13:14:18 2010 -0800 Allow make test to complete as root. Obviously only safe on tightly controlled developer machines. Jeremy. --- Summary of changes: source3/script/tests/selftest.sh | 16 1 files changed, 16 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/selftest.sh b/source3/script/tests/selftest.sh index 09f7dc8..9994e47 100755 --- a/source3/script/tests/selftest.sh +++ b/source3/script/tests/selftest.sh @@ -302,6 +302,7 @@ EOF ## create a test account ## +if [ $USERID != 0 ]; then cat $NSS_WRAPPER_PASSWDEOF root:x:65533:65532:root gecos:$PREFIX_ABS:/bin/false nobody:x:65534:65533:nobody gecos:$PREFIX_ABS:/bin/false @@ -314,6 +315,21 @@ nogroup:x:65534:nobody root:x:65532: $USERNAME-group:x:$GROUPID: EOF +else +## +## Running as root... +## +cat $NSS_WRAPPER_PASSWDEOF +$USERNAME:x:$USERID:$GROUPID:$USERNAME gecos:$PREFIX_ABS:/bin/false +nobody:x:65534:65533:nobody gecos:$PREFIX_ABS:/bin/false +EOF + +cat $NSS_WRAPPER_GROUPEOF +$USERNAME-group:x:$GROUPID: +nobody:x:65533: +nogroup:x:65534:nobody +EOF +fi MAKE_TEST_BINARY=bin/smbpasswd export MAKE_TEST_BINARY -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f7f67e9... Fix typo and convert spaces to tabs via 8fa81e9... Fix typo from 9adbba6... Allow make test to complete as root. Obviously only safe on tightly controlled developer machines. Jeremy. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f7f67e9e1f678e0256deeca94939bf29e6a04fa4 Author: Simo Sorce i...@samba.org Date: Tue Mar 9 16:40:55 2010 -0500 Fix typo and convert spaces to tabs commit 8fa81e99093bccf40c4ddea162896ccc020da9db Author: Simo Sorce i...@samba.org Date: Tue Mar 9 16:41:44 2010 -0500 Fix typo --- Summary of changes: source3/lib/tldap.c|4 ++-- source4/lib/ldb/common/ldb_parse.c |8 2 files changed, 6 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c index 3b256c4..c8f3af7 100644 --- a/source3/lib/tldap.c +++ b/source3/lib/tldap.c @@ -1080,8 +1080,8 @@ static int tldap_hex2char(const char *x) else if (h1 = '0') c = h1 - (int)'0'; c = c 4; if (h2 = 'a') c += h2 - (int)'a' + 10; - else if (h1 = 'A') c += h2 - (int)'A' + 10; - else if (h1 = '0') c += h2 - (int)'0'; + else if (h2 = 'A') c += h2 - (int)'A' + 10; + else if (h2 = '0') c += h2 - (int)'0'; return c; } diff --git a/source4/lib/ldb/common/ldb_parse.c b/source4/lib/ldb/common/ldb_parse.c index 6d43000..a684593 100644 --- a/source4/lib/ldb/common/ldb_parse.c +++ b/source4/lib/ldb/common/ldb_parse.c @@ -54,8 +54,8 @@ static int ldb_parse_hex2char(const char *x) else if (h1 = '0') c = h1 - (int)'0'; c = c 4; if (h2 = 'a') c += h2 - (int)'a' + 10; - else if (h1 = 'A') c += h2 - (int)'A' + 10; - else if (h1 = '0') c += h2 - (int)'0'; + else if (h2 = 'A') c += h2 - (int)'A' + 10; + else if (h2 = '0') c += h2 - (int)'0'; return c; } @@ -93,8 +93,8 @@ struct ldb_val ldb_binary_decode(void *mem_ctx, const char *str) if (str[i] == '\\') { int c; -c = ldb_parse_hex2char(str[i+1]); -if (c == -1) { + c = ldb_parse_hex2char(str[i+1]); + if (c == -1) { talloc_free(ret.data); memset(ret, 0, sizeof(ret)); return ret; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ae79d8c... s4-smbtorture: on HKLM hive test the well known CurrentVersion value. via 722daf4... s4-smbtorture: add full coverage test for winreg QueryValue calls. via 62b41e6... s4-smbtorture: rework test_winreg_QueryValue in RPC-SPOOLSS-PRINTER once again. via 6d10645... s4-smbtorture: add tests for set and delete value in RPC-WINREG. from f7f67e9... Fix typo and convert spaces to tabs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ae79d8ce02921e9a5c82433527909c7f707051e3 Author: Günther Deschner g...@samba.org Date: Wed Mar 10 00:43:57 2010 +0100 s4-smbtorture: on HKLM hive test the well known CurrentVersion value. Guenther commit 722daf43d0ef3a7951d8ee6b4aea97fd3e056719 Author: Günther Deschner g...@samba.org Date: Wed Mar 10 00:17:59 2010 +0100 s4-smbtorture: add full coverage test for winreg QueryValue calls. Guenther commit 62b41e684286ec04dfb0c03b42d0d028212084c9 Author: Günther Deschner g...@samba.org Date: Wed Mar 10 00:16:46 2010 +0100 s4-smbtorture: rework test_winreg_QueryValue in RPC-SPOOLSS-PRINTER once again. Guenther commit 6d10645bcae39f1377c1e3bfd01578519586289d Author: Günther Deschner g...@samba.org Date: Wed Mar 10 00:06:52 2010 +0100 s4-smbtorture: add tests for set and delete value in RPC-WINREG. Guenther --- Summary of changes: source4/torture/rpc/spoolss.c | 11 ++- source4/torture/rpc/winreg.c | 170 + 2 files changed, 178 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index f83d3b5..84e73c3 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -3345,17 +3345,20 @@ static bool test_winreg_QueryValue(struct torture_context *tctx, uint32_t data_size = 0; uint32_t data_length = 0; struct winreg_String valuename; + uint8_t *data = NULL; init_winreg_String(valuename, value_name); + data = talloc_zero_array(tctx, uint8_t, 0); + r.in.handle = handle; r.in.value_name = valuename; r.in.type = type; r.in.data_size = data_size; r.in.data_length = data_length; - r.in.data = talloc_zero_array(tctx, uint8_t, *r.in.data_size); + r.in.data = data; r.out.type = type; - r.out.data = talloc_zero_array(tctx, uint8_t, *r.in.data_size); + r.out.data = data; r.out.data_size = data_size; r.out.data_length = data_length; @@ -3364,7 +3367,9 @@ static bool test_winreg_QueryValue(struct torture_context *tctx, torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue(p, tctx, r), QueryValue failed); if (W_ERROR_EQUAL(r.out.result, WERR_MORE_DATA)) { *r.in.data_size = *r.out.data_size; - r.out.data = talloc_zero_array(tctx, uint8_t, *r.in.data_size); + data = talloc_zero_array(tctx, uint8_t, *r.in.data_size); + r.in.data = data; + r.out.data = data; torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue(p, tctx, r), QueryValue failed); } torture_assert_werr_ok(tctx, r.out.result, QueryValue failed); diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c index 5f1a66b..e4de39e 100644 --- a/source4/torture/rpc/winreg.c +++ b/source4/torture/rpc/winreg.c @@ -1429,6 +1429,58 @@ static bool test_QueryInfoKey(struct dcerpc_pipe *p, return true; } +static bool test_SetValue(struct dcerpc_pipe *p, + struct torture_context *tctx, + struct policy_handle *handle, + const char *value_name, + enum winreg_Type type, + uint8_t *data, + uint32_t size) +{ + struct winreg_SetValue r; + struct winreg_String name; + + torture_comment(tctx, Testing SetValue(%s)\n, value_name); + + init_winreg_String(name, value_name); + + r.in.handle = handle; + r.in.name = name; + r.in.type = type; + r.in.data = data; + r.in.size = size; + + torture_assert_ntstatus_ok(tctx, dcerpc_winreg_SetValue(p, tctx, r), + winreg_SetValue failed); + torture_assert_werr_ok(tctx, r.out.result, + winreg_SetValue failed); + + return true; +} + +static bool test_DeleteValue(struct dcerpc_pipe *p, +struct torture_context *tctx, +struct policy_handle *handle, +const char *value_name) +{ + struct winreg_DeleteValue r; + struct winreg_String value; + +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3855c94... Add tests which, when run as root, will ensure we can't write into a read-only directory, or read a owner-read-only file. from ae79d8c... s4-smbtorture: on HKLM hive test the well known CurrentVersion value. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3855c948c029490c616f4b4aa81b47e6df8c12a0 Author: Jeremy Allison j...@samba.org Date: Tue Mar 9 16:36:48 2010 -0800 Add tests which, when run as root, will ensure we can't write into a read-only directory, or read a owner-read-only file. Jeremy. --- Summary of changes: source3/script/tests/selftest.sh | 33 ++-- source3/script/tests/test_smbclient_s3.sh | 128 - source3/script/tests/tests_all.sh |4 +- 3 files changed, 154 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/selftest.sh b/source3/script/tests/selftest.sh index 9994e47..e49bca8 100755 --- a/source3/script/tests/selftest.sh +++ b/source3/script/tests/selftest.sh @@ -36,9 +36,22 @@ if [ $CUSTOM_CONF_ARG ]; then fi ## -## create the test directory +## create the test directory layout ## PREFIX=`echo $DIRECTORY | sed s+//+/+` +printf %s CREATE TEST ENVIRONMENT IN '$PREFIX'... +/bin/rm -rf $PREFIX +if [ -e $PREFIX ]; then + echo *** + echo *** Failed to delete test environment $PREFIX + echo *** Was a previous run done as root ? + echo *** + exit 1 +fi + +## +## create the test directory +## mkdir -p $PREFIX || exit $? OLD_PWD=`pwd` cd $PREFIX || exit $? @@ -145,11 +158,6 @@ if test x`smbd -b | grep NSS_WRAPPER` = x; then fi -## -## create the test directory layout -## -printf %s CREATE TEST ENVIRONMENT IN '$PREFIX'... -/bin/rm -rf $PREFIX/* mkdir -p $PRIVATEDIR $NCALRPCDIR $LIBDIR $PIDDIR $LOCKDIR $LOGDIR mkdir -p $SOCKET_WRAPPER_DIR mkdir -p $WINBINDD_SOCKET_DIR @@ -173,6 +181,16 @@ fi chmod 777 $SHRDIR ## +## Create a read-only directory. +## +RO_SHRDIR=`echo $SHRDIR | sed -e 's:/[^/]*$::'` +RO_SHRDIR=$RO_SHRDIR/root-tmp +mkdir -p $RO_SHRDIR +chmod 755 $RO_SHRDIR +touch $RO_SHRDIR/unreadable_file +chmod 600 $RO_SHRDIR/unreadable_file + +## ## Create the common config include file with the basic settings ## @@ -269,6 +287,9 @@ cat $SERVERCONFFILEEOF [tmp] path = $SHRDIR +[ro-tmp] + path = $RO_SHRDIR + guest ok = yes [hideunread] copy = tmp hide unreadable = yes diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh index ff50220..84a3999 100755 --- a/source3/script/tests/test_smbclient_s3.sh +++ b/source3/script/tests/test_smbclient_s3.sh @@ -2,9 +2,9 @@ # this runs the file serving tests that are expected to pass with samba3 -if [ $# -lt 4 ]; then +if [ $# -lt 5 ]; then cat EOF -Usage: test_smbclient_s3.sh SERVER SERVER_IP USERNAME PASSWORD +Usage: test_smbclient_s3.sh SERVER SERVER_IP USERNAME PASSWORD USERID EOF exit 1; fi @@ -13,8 +13,9 @@ SERVER=$1 SERVER_IP=$2 USERNAME=$3 PASSWORD=$4 +USERID=$5 SMBCLIENT=$VALGRIND ${SMBCLIENT:-$BINDIR/smbclient} $CONFIGURATION -shift 4 +shift 5 ADDARGS=$* test x$TEST_FUNCTIONS_SH != xINCLUDED { @@ -126,6 +127,119 @@ EOF fi } +# Test writing into a read-only directory (logon as guest) fails. +test_read_only_dir() +{ +prompt=NT_STATUS_ACCESS_DENIED making remote directory +tmpfile=/tmp/smbclient.in.$$ + +## +## We can't do this as non-root. We always have rights to +## create the directory. +## +if [ $USERID != 0 ]; then + echo skipping test_read_only_dir as non-root + true + return +fi + +## +## We can't do this with an encrypted connection. No credentials +## to set up the channel. +## +if [ $ADDARGS == -e ]; then + echo skipping test_read_only_dir with encrypted connection + true + return +fi + +cat $tmpfile EOF +mkdir a_test_dir +quit +EOF + +cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT $CONFIGURATION $@ -U% //$SERVER/ro-tmp -I $SERVER_IP $ADDARGS $tmpfile 21' +eval echo $cmd +out=`eval $cmd` +ret=$? +rm -f $tmpfile + +if [ $ret != 0 ] ; then + echo $out + echo failed writing into read-only directory with error $ret + false + return +fi + +echo $out | grep $prompt /dev/null 21 + +ret=$? +if [ $ret = 0 ] ; then + # got the correct prompt .. succeed + true +else + echo $out + echo failed writing into read-only directory - grep failed with $ret + false +fi +} + +# Test reading an owner-only file (logon as guest) fails. +test_owner_only_file() +{ +prompt=NT_STATUS_ACCESS_DENIED opening remote file +tmpfile=/tmp/smbclient.in.$$ + +## +## We can't do this as non-root. We
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 420e3b8... s4-smbtorture: disable winreg QueryValue test for today. via 0a253e6... s4-smbtorture: fix some build warnings in RPC-SPOOLSS test. from 3855c94... Add tests which, when run as root, will ensure we can't write into a read-only directory, or read a owner-read-only file. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 420e3b8553c9e721fba27dd64eb78b2c7105ce64 Author: Günther Deschner g...@samba.org Date: Wed Mar 10 02:52:13 2010 +0100 s4-smbtorture: disable winreg QueryValue test for today. wow, both s3 and s4 crash on full coverage winreg QueryValue testing. Guenther commit 0a253e6b72dbf5cfe6be1952fde72cf492680e36 Author: Günther Deschner g...@samba.org Date: Wed Mar 10 02:50:32 2010 +0100 s4-smbtorture: fix some build warnings in RPC-SPOOLSS test. Guenther --- Summary of changes: source4/torture/rpc/spoolss.c | 16 source4/torture/rpc/winreg.c |4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index 84e73c3..73787a9 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -3504,7 +3504,7 @@ static bool test_SetPrinterDataEx_matrix(struct torture_context *tctx, c = strchr(key, '\\'); if (c) { - int i; + int k; /* we have subkeys */ @@ -3514,9 +3514,9 @@ static bool test_SetPrinterDataEx_matrix(struct torture_context *tctx, return false; } - for (i=0; subkeys subkeys[i]; i++) { + for (k=0; subkeys subkeys[k]; k++) { - const char *current_key = talloc_asprintf(tctx, %s\\%s, key, subkeys[i]); + const char *current_key = talloc_asprintf(tctx, %s\\%s, key, subkeys[k]); if (!test_DeletePrinterKey(tctx, p, handle, current_key)) { return false; @@ -4278,7 +4278,7 @@ static bool test_EnumPrinters_findname(struct torture_context *tctx, for (i=0; i count; i++) { const char *current = NULL; - const char *p; + const char *q; switch (level) { case 1: @@ -4291,14 +4291,14 @@ static bool test_EnumPrinters_findname(struct torture_context *tctx, break; } - p = strrchr(current, '\\'); - if (p) { + q = strrchr(current, '\\'); + if (q) { if (!e.in.server) { torture_warning(tctx, server returns printername %s incl. servername although we did not set servername, current); } - p++; - if (strequal(p, name)) { + q++; + if (strequal(q, name)) { *found = true; break; } diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c index e4de39e..7368b2d 100644 --- a/source4/torture/rpc/winreg.c +++ b/source4/torture/rpc/winreg.c @@ -1949,7 +1949,7 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, torture_assert_ntstatus_ok(tctx, open_fn(p, tctx, r), open); - +#if 0 /* FIXME: s3 and s4 crash on QueryValue */ if (open_fn == (void *)dcerpc_winreg_OpenHKLM) { #if 0 torture_assert(tctx, test_OpenKey(p, tctx, handle, KEY_CURRENT_VERSION, newhandle), @@ -1963,7 +1963,7 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, torture_assert(tctx, test_CloseKey(p, tctx, newhandle), failed to close current version key); } - +#endif /* FIXME */ test_Cleanup(p, tctx, handle, TEST_KEY_BASE); if (!test_CreateKey(p, tctx, handle, TEST_KEY_BASE, NULL)) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 41be390... Fix the shell script in the root case. When run as root, make test now detects CAP_DAC_OVERRIDE being left on in error. from 420e3b8... s4-smbtorture: disable winreg QueryValue test for today. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 41be39013b02a6813e87af9d6579a80b3ad5227f Author: Jeremy Allison j...@samba.org Date: Tue Mar 9 20:06:19 2010 -0800 Fix the shell script in the root case. When run as root, make test now detects CAP_DAC_OVERRIDE being left on in error. Jeremy. --- Summary of changes: source3/script/tests/test_smbclient_s3.sh |8 1 files changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh index 84a3999..1ee829e 100755 --- a/source3/script/tests/test_smbclient_s3.sh +++ b/source3/script/tests/test_smbclient_s3.sh @@ -137,7 +137,7 @@ test_read_only_dir() ## We can't do this as non-root. We always have rights to ## create the directory. ## -if [ $USERID != 0 ]; then +if [ $USERID != 0 ] ; then echo skipping test_read_only_dir as non-root true return @@ -147,7 +147,7 @@ test_read_only_dir() ## We can't do this with an encrypted connection. No credentials ## to set up the channel. ## -if [ $ADDARGS == -e ]; then +if [ $ADDARGS = -e ] ; then echo skipping test_read_only_dir with encrypted connection true return @@ -194,7 +194,7 @@ test_owner_only_file() ## We can't do this as non-root. We always have rights to ## read the file. ## -if [ $USERID != 0 ]; then +if [ $USERID != 0 ] ; then echo skipping test_owner_only_file as non-root true return @@ -204,7 +204,7 @@ test_owner_only_file() ## We can't do this with an encrypted connection. No credentials ## to set up the channel. ## -if [ $ADDARGS == -e ]; then +if [ $ADDARGS = -e ] ; then echo skipping test_owner_only_file with encrypted connection true return -- Samba Shared Repository
[SCM] CTDB repository - branch master updated - ctdb-1.0.113-131-g3d82ca5
The branch, master has been updated via 3d82ca5b1b8ba2770c739493aa0cdd34bb4827d8 (commit) via e21b40db64b314a24caa2bc611cb48b93decb5aa (commit) from 51fce280d3a7e2cce8e6e268a19d3594b38b9bb6 (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit 3d82ca5b1b8ba2770c739493aa0cdd34bb4827d8 Author: Mathieu Parent math.par...@gmail.com Date: Thu Mar 4 16:06:11 2010 +0100 Fix some more bashisms commit e21b40db64b314a24caa2bc611cb48b93decb5aa Author: Mathieu Parent math.par...@gmail.com Date: Mon Mar 8 21:19:35 2010 +0100 Correct nice_service() nice takes a binary as argument and not a function or builtin command --- Summary of changes: config/events.d/11.natgw |2 +- config/events.d/13.per_ip_routing | 11 --- config/functions | 13 +++-- 3 files changed, 20 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/config/events.d/11.natgw b/config/events.d/11.natgw index 18db3de..b226b81 100644 --- a/config/events.d/11.natgw +++ b/config/events.d/11.natgw @@ -41,7 +41,7 @@ case $1 in NATGWIP=`ctdb natgwlist | head -1 | sed -e s/^[^ ]* *//` CTDB_NATGW_PUBLIC_IP_HOST=`echo $CTDB_NATGW_PUBLIC_IP | sed -e s/\/.*/\/32/` - if [ $NATGWMASTER == -1 ]; then + if [ $NATGWMASTER = -1 ]; then echo There is not NATGW master node exit 1 fi diff --git a/config/events.d/13.per_ip_routing b/config/events.d/13.per_ip_routing index b8a1e3e..e85ba66 100755 --- a/config/events.d/13.per_ip_routing +++ b/config/events.d/13.per_ip_routing @@ -75,7 +75,7 @@ lock_file() { stat -c%y $lckf return 1 } - kill -0 $pid { + /bin/kill -0 $pid { lock_debug lock file $lckf is valid for process $pid stat -c%y $lckf return 1 @@ -165,7 +165,10 @@ run_release_script_once() #echo run it: end } - echo -e #!/bin/sh\n#\n $_script + echo '#!/bin/sh' $_script + echo '#' $_script + echo $_script + chmod +x $_script return 0; @@ -230,7 +233,9 @@ generate_per_ip_routing() run_release_script_once $release_script - echo -e #!/bin/sh\n#\n $setup_script + echo '#!/bin/sh' $setup_script + echo '#' $setup_script + echo $setup_script chmod +x $setup_script return 0; diff --git a/config/functions b/config/functions index b70a352..6556b21 100644 --- a/config/functions +++ b/config/functions @@ -61,10 +61,19 @@ service() { ## # simulate /sbin/service (niced) on platforms that don't have it nice_service() { + _service_name=$1 + _op=$2 + # do nothing, when no service was specified - [ -z $1 ] return + [ -z $_service_name ] return -nice service $@ + if [ -x /sbin/service ]; then + nice /sbin/service $_service_name $_op + elif [ -x /etc/init.d/$_service_name ]; then + nice /etc/init.d/$_service_name $_op + elif [ -x /etc/rc.d/init.d/$_service_name ]; then + nice /etc/rc.d/init.d/$_service_name $_op + fi } ## -- CTDB repository
Build status as of Wed Mar 10 07:00:05 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-03-09 00:00:06.0 -0700 +++ /home/build/master/cache/broken_results.txt 2010-03-10 00:00:06.0 -0700 @@ -1,4 +1,4 @@ -Build status as of Tue Mar 9 07:00:06 2010 +Build status as of Wed Mar 10 07:00:05 2010 Build counts: Tree Total Broken Panic @@ -13,9 +13,9 @@ samba-docs 0 0 0 samba-web0 0 0 samba_3_current 32 32 2 -samba_3_master 32 32 7 -samba_3_next 29 28 4 -samba_4_0_test 34 32 1 +samba_3_master 32 32 2 +samba_3_next 29 29 4 +samba_4_0_test 34 34 2 talloc 34 11 0 tdb 32 22 0