date:20210623

[SCM] Samba Shared Repository - branch master updated

2021-06-23 Thread Andreas Schneider

The branch, master has been updated
   via  0fe2ae66089 lib:ldb-samba: Use debug level defines
   via  1a2ca143218 lib:ldb-samba: Set log level for ldb tracing to 11
  from  fb665462b17 s3: VFS: Update status of SMB_VFS_RENAMEAT.

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 0fe2ae660893104090ba09556d810756fb2f207f
Author: Andreas Schneider 
Date:   Tue Jun 22 09:03:06 2021 +0200

lib:ldb-samba: Use debug level defines

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Andreas Schneider 
Autobuild-Date(master): Wed Jun 23 09:03:42 UTC 2021 on sn-devel-184

commit 1a2ca1432188e5ea239cfac37141b501dd769f99
Author: Andreas Schneider 
Date:   Tue Jun 22 09:00:09 2021 +0200

lib:ldb-samba: Set log level for ldb tracing to 11

We should not enable ldb tracing on debug level 10 which is meant for
Samba debug logs and not trace logs.

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 

---

Summary of changes:
 lib/ldb-samba/ldb_wrap.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/ldb-samba/ldb_wrap.c b/lib/ldb-samba/ldb_wrap.c
index 6c2c707284e..cfc8732cf60 100644
--- a/lib/ldb-samba/ldb_wrap.c
+++ b/lib/ldb-samba/ldb_wrap.c
@@ -55,16 +55,16 @@ static void ldb_wrap_debug(void *context, enum 
ldb_debug_level level,
int samba_level = -1;
switch (level) {
case LDB_DEBUG_FATAL:
-   samba_level = 0;
+   samba_level = DBGLVL_ERR;
break;
case LDB_DEBUG_ERROR:
-   samba_level = 1;
+   samba_level = DBGLVL_WARNING;
break;
case LDB_DEBUG_WARNING:
-   samba_level = 2;
+   samba_level = DBGLVL_NOTICE;
break;
case LDB_DEBUG_TRACE:
-   samba_level = 10;
+   samba_level = DBGLVL_DEBUG + 1;
break;
 
};


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

2021-06-23 Thread Noel Power

The branch, master has been updated
   via  1139f96cc78 s3: VFS: posixacl_xattr: Remove 
posixacl_xattr_acl_set_file(). No longer used.
   via  246a1966102 s3: VFS: posixacl_xattr: Remove 
posixacl_xattr_acl_get_file(). No longer used.
  from  0fe2ae66089 lib:ldb-samba: Use debug level defines

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 1139f96cc788baefe25068788c33e9ca6b860e64
Author: Jeremy Allison 
Date:   Tue Jun 22 10:23:22 2021 -0700

s3: VFS: posixacl_xattr: Remove posixacl_xattr_acl_set_file(). No longer 
used.

Signed-off-by: Jeremy Allison 
Reviewed-by: Noel Power 

Autobuild-User(master): Noel Power 
Autobuild-Date(master): Wed Jun 23 09:56:00 UTC 2021 on sn-devel-184

commit 246a19661026ddfbcebeba7b291a779f6bac9a55
Author: Jeremy Allison 
Date:   Tue Jun 22 10:22:16 2021 -0700

s3: VFS: posixacl_xattr: Remove posixacl_xattr_acl_get_file(). No longer 
used.

Signed-off-by: Jeremy Allison 
Reviewed-by: Noel Power 

---

Summary of changes:
 source3/modules/posixacl_xattr.c | 107 ---
 source3/modules/posixacl_xattr.h |  10 
 2 files changed, 117 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/posixacl_xattr.c b/source3/modules/posixacl_xattr.c
index ef0521eda34..365cdc79973 100644
--- a/source3/modules/posixacl_xattr.c
+++ b/source3/modules/posixacl_xattr.c
@@ -335,78 +335,6 @@ static int smb_acl_to_posixacl_xattr(SMB_ACL_T theacl, 
char *buf, size_t len)
return size;
 }
 
-SMB_ACL_T posixacl_xattr_acl_get_file(vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- SMB_ACL_TYPE_T type,
- TALLOC_CTX *mem_ctx)
-{
-   int ret;
-   int size;
-   char *buf;
-   const char *name;
-
-   if (type == SMB_ACL_TYPE_ACCESS) {
-   name = ACL_EA_ACCESS;
-   } else if (type == SMB_ACL_TYPE_DEFAULT) {
-   name = ACL_EA_DEFAULT;
-   } else {
-   errno = EINVAL;
-   return NULL;
-   }
-
-   size = ACL_EA_SIZE(20);
-   buf = alloca(size);
-   if (!buf) {
-   return NULL;
-   }
-
-   ret = SMB_VFS_GETXATTR(handle->conn, smb_fname,
-   name, buf, size);
-   if (ret < 0 && errno == ERANGE) {
-   size = SMB_VFS_GETXATTR(handle->conn, smb_fname,
-   name, NULL, 0);
-   if (size > 0) {
-   buf = alloca(size);
-   if (!buf) {
-   return NULL;
-   }
-   ret = SMB_VFS_GETXATTR(handle->conn,
-   smb_fname, name,
-   buf, size);
-   }
-   }
-
-   if (ret > 0) {
-   return posixacl_xattr_to_smb_acl(buf, ret, mem_ctx);
-   }
-   if (ret == 0 || errno == ENOATTR) {
-   mode_t mode = 0;
-   TALLOC_CTX *frame = talloc_stackframe();
-   struct smb_filename *smb_fname_tmp =
-   cp_smb_filename_nostream(frame, smb_fname);
-   if (smb_fname_tmp == NULL) {
-   errno = ENOMEM;
-   ret = -1;
-   } else {
-   ret = SMB_VFS_STAT(handle->conn, smb_fname_tmp);
-   if (ret == 0) {
-   mode = smb_fname_tmp->st.st_ex_mode;
-   }
-   }
-   TALLOC_FREE(frame);
-   if (ret == 0) {
-   if (type == SMB_ACL_TYPE_ACCESS) {
-   return mode_to_smb_acl(mode, mem_ctx);
-   }
-   if (S_ISDIR(mode)) {
-   return sys_acl_init(mem_ctx);
-   }
-   errno = EACCES;
-   }
-   }
-   return NULL;
-}
-
 SMB_ACL_T posixacl_xattr_acl_get_fd(vfs_handle_struct *handle,
files_struct *fsp,
SMB_ACL_TYPE_T type,
@@ -454,41 +382,6 @@ SMB_ACL_T posixacl_xattr_acl_get_fd(vfs_handle_struct 
*handle,
return NULL;
 }
 
-int posixacl_xattr_acl_set_file(vfs_handle_struct *handle,
-   const struct smb_filename *smb_fname,
-   SMB_ACL_TYPE_T type,
-   SMB_ACL_T theacl)
-{
-   const char *name;
-   char *buf;
-   ssize_t size;
-   int ret;
-
-   size = smb_acl_to_posixacl_xattr(theacl, NULL, 0);
-   buf = alloca(size);
-   if (!buf) {
-

[SCM] Samba Shared Repository - branch master updated

2021-06-23 Thread Andreas Schneider

The branch, master has been updated
   via  62875044ec4 WHATSNEW: Document changes of trusted domains scanning 
and enterpise principals
   via  3e0fbc79b9c docs-xml: Disable `winbind scan trusted domains` by 
default
   via  106c2b3977e docs-xml: Enable `winbind use krb5 enterprise 
principals` by default
   via  abb022b957a docs-xml: Fix description of `winbind use krb5 
enterprise principals`
  from  1139f96cc78 s3: VFS: posixacl_xattr: Remove 
posixacl_xattr_acl_set_file(). No longer used.

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 62875044ec41449967ff7a139e0c5816fa471428
Author: Andreas Schneider 
Date:   Wed Jun 23 10:13:24 2021 +0200

WHATSNEW: Document changes of trusted domains scanning and enterpise 
principals

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Andreas Schneider 
Autobuild-Date(master): Wed Jun 23 10:46:22 UTC 2021 on sn-devel-184

commit 3e0fbc79b9c53a7244a35649bb5c6615390a1453
Author: Andreas Schneider 
Date:   Fri Jun 18 10:11:06 2021 +0200

docs-xml: Disable `winbind scan trusted domains` by default

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 

commit 106c2b3977e35b2d9ad3535710fcbda80aa7fa97
Author: Andreas Schneider 
Date:   Tue Jun 15 16:14:11 2021 +0200

docs-xml: Enable `winbind use krb5 enterprise principals` by default

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 

commit abb022b957a0ac8b381059c3199a8b179502fac2
Author: Andreas Schneider 
Date:   Tue Jun 15 17:31:46 2021 +0200

docs-xml: Fix description of `winbind use krb5 enterprise principals`

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 

---

Summary of changes:
 WHATSNEW.txt| 13 +
 docs-xml/smbdotconf/winbind/winbindscantrusteddomains.xml   |  6 +++---
 .../winbind/winbindusekrb5enterpriseprincipals.xml  |  6 +++---
 lib/param/loadparm.c|  6 +-
 selftest/target/Samba3.pm   |  1 -
 source3/param/loadparm.c|  4 +++-
 6 files changed, 27 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index b36036a25d4..d8effc5ce09 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -108,6 +108,17 @@ smbd:
 winbindd:
 --log-stdout  ->--debug-stdout
 
+Scanning of trusted domains and enterpise principals
+
+
+As an artifact from the NT4 times, we still scanned the list of trusted domains
+on winbindd startup. This is wrong as we never can get a full picture in Active
+Directory. It is time to change the default value to No. Also with this change
+we always use enterprise principals for Kerberos so that the DC will be able
+to redirect ticket requests to the right DC. This is e.g needed for one way
+trusts. The options `winbind use krb5 enterprise principals` and
+`winbind scan trusted domains` will be deprecated in one of the next releases.
+
 
 REMOVED FEATURES
 
@@ -128,6 +139,8 @@ smb.conf changes
   -- ------
   client use kerberosNewdesired
   client protection  Newdefault
+  winbind use krb5 enterprise principals  Changed   Yes
+  winbind scan trusted domains   ChangedNo
 
 
 KNOWN ISSUES
diff --git a/docs-xml/smbdotconf/winbind/winbindscantrusteddomains.xml 
b/docs-xml/smbdotconf/winbind/winbindscantrusteddomains.xml
index 31afdc92b53..12e94cb93f3 100644
--- a/docs-xml/smbdotconf/winbind/winbindscantrusteddomains.xml
+++ b/docs-xml/smbdotconf/winbind/winbindscantrusteddomains.xml
@@ -6,10 +6,10 @@
 
 This option only takes effect when the  
option is set to
 domain or ads.
-If it is set to yes (the default), winbindd periodically tries to scan for 
new
+If it is set to yes, winbindd periodically tries to scan for new
 trusted domains and adds them to a global list inside of winbindd.
 The list can be extracted with wbinfo --trusted-domains 
--verbose.
-This matches the behaviour of Samba 4.7 and older.
+Setting it to yes matches the behaviour of Samba 4.7 and older.
 
 The construction of that global list is not reliable and often
 incomplete in complex trust setups. In most situations the list is
@@ -25,5 +25,5 @@
 
 
 
-yes
+no
 
diff --git a/docs-xml/smbdotconf/winbind/winbindusekrb5enterpriseprincipals.xml 
b/docs-xml/smbdotconf/winbind/winbindusekrb5enterpriseprincipals.xml
index bfc11c8636c..d30b7f36a07 100644
--- a/docs-xml/smbdotconf/winbind/winbindusekrb5enterp

[SCM] Samba Shared Repository - branch master updated

[SCM] Samba Shared Repository - branch master updated

[SCM] Samba Shared Repository - branch master updated

3 matches

Site Navigation

Mail list logo

Footer information