Samba-3.0alpha23 available on samba.org mirrors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We've just posted another snapshot of the SAMBA_3_0 cvs tree for download. This is a non-production release provided for testing only. Note that this release **does** contain the security fixes included in the Samba 2.2.8 release. The source code can be downloaded from : http://download.samba.org/samba/ftp/alpha/ The uncompressed tarball and patch file have been signed using GnuPG. The Samba public key is available at http://download.samba.org/samba/ftp/samba-pubkey.asc Binary packages for RedHat have been released and can be found at http://download.samba.org/samba/ftp/Binary_Packages/ Others will be available as they are submitted by volunteers. A simplified version of the CVS log of updates since 3.0alpha22 can be found in the the download directory under the name ChangeLog-3.0alpha22-alpha23. The release notes follow. As always, all bugs are our responsibility. --Enjoy The Samba Team - WHATS NEW IN Samba 3.0 alpha23 30th March 2003 == This is a pre-release of Samba 3.0. This is NOT a stable release. Use at your own risk. The purpose of this alpha release is to get wider testing of the major new pieces of code in the current Samba 3.0 development tree. We have officially ceased development on the 2.2.x release of Samba and are concentrating on Samba 3.0. To reduce the time before the final Samba 3.0 release we need as many people as possible to start testing these alpha releases, and hopefully giving us some high quality feedback on what needs fixing. Note that Samba 3.0 is not feature complete yet. There is a more coding we have planned, but unless we get what we have done already more widely tested we will have a hard time doing a stable release in a reasonable time frame. Major new features: - --- - - Active Directory support. This release is able to join a ADS realm as a member server and authenticate users using LDAP/kerberos. - - Unicode support. Samba will now negotiate UNICODE on the wire and internally there is now a much better infrastructure for multi-byte and UNICODE character sets. - - New authentication system. The internal authentication system has been almost completely rewritten. Most of the changes are internal, but the new auth system is also very configurable. - - new filename mangling system. The filename mangling system has been completely rewritten. An internal database now stores mangling maps persistently. This needs lots of testing. - - new net command. A new net command has been added. It is somewhat similar to the net command in windows. Eventually we plan to replace a bunch of other utilities (such as smbpasswd) with subcommands in net, at the moment only a few things are implemented. - - Samba now negotiates NT-style status32 codes on the wire. This improves error handling a lot. - - better w2k printing support including publishing printer attributes in active directory - - new loadable RPC modules - - new dual-daemon winbindd support for better performance - - support for migrating from a Windows NT 4.0 domain - - support for establishing trust relationships with Windows NT 4.0 domain controllers Plus lots of other changes! Reporting bugs Development Discussion - --- Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. Changes in alpha23: - --- LDAP Group Mapping -- pdbedit -i -e sets all SAM_ACCOUNT elements to CHANGED to satisfy the new pdb_ldap.c handling. pdbedit -g transfers group mappings. I made this separate from the user database, as current installations have to live with a split backend. So, if you are running 3_0 alphas with LDAP as a backend and upgrade to 3.0alpha23, you must call root# pdbedit -i tdbsam -e ldapsam -g to transfer your group mapping database to LDAP. All groups must be represented as posixGroup objects in the directory and you must adapt your LDAP schema to support the sambaGroupMapping before running this command. Refer to examples/LDAP/samba.schema for details on the objectclass. Parameters -- Modified Parameters (see smb.conf(5) for details): * passdb backend Added Parameters * ldap del only sam attr * ldap delete dn ChangeLog - See cvs log for SAMBA_3_0 for complete details. There are many smaller numerous changes that would clutter the release notes. 0)
status of unixsam and guest passdb backends?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrew, I notice that the default for the passdb backend parameter has been changed in SAMBA_3_0/HEAD, but the man page has not been updated. Since it was passdb backend = unixsam that was breaking 'smbpasswd -a', I'm wondering is unixsam even useful anymore? Maybe for a clear text password server cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+h3RIIR7qMdg1EfYRAvzzAKCPwvcmkgMly1iagvC+QdLAtMedQACg8NHV zKNStAakPUCgKdwt6cXyjHo= =cSZs -END PGP SIGNATURE-
Re: status of unixsam and guest passdb backends?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 31 Mar 2003, Andrew Bartlett wrote: Unixsam was a useful hack and a bad idea. Most of what it was trying to do it couldn't really do, and will be replaced by idmap. I had wanted all rid-uid translations to go via the passdb. However, we still have to map uid-rid for 'non-existant' accounts, so the fallback code never got removed, and having unixsam just confused things (particularly when we were running winbindd too). It also broke a pile of conventions about the relationship between unix and Samba accounts, as you correctly note. Guestsam is in there to provide the only useful thing unixsam did - ensuring that the guest account really was the guest, and had the guest RID. It also helped with some Win2k behavior that assumed the presence of the guest account. Could you update smb.conf(5) to this effect? Thanks. Should unixsam support be removed altogether so people can't break their servers by listing it in the passdb backends? cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+h4eCIR7qMdg1EfYRAktRAKDf+1/gZTwnuV+PAaYCj+pnihWZNgCdE7+U XeN14E1wNJRj6Lo2Uk1KYRI= =6ky/ -END PGP SIGNATURE-
Re: Next alpha of 3.0 planned for Friday
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is just a heads up for everyone. I'm planning the 3.0alpha23 release for this Friday. If you have code that needs to be merged of commited to the SAMBA_3_0 cvs tree, please get in checked in by 8am EST on Friday of the week. I've hit a few small bugs (one in RH packaging and one in smbpasswd). As soon as I get those cleaned up, 3.0alpha23 will be on its way. Hopefully tomorrow. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+hNGSIR7qMdg1EfYRAlv+AKDWJbF5ZBK5IPE104O/ZPmD6nFwIgCfckUG 6oCiLf1R6SKsDsu4FkgS+PI= =A0L2 -END PGP SIGNATURE-
Re: Next alpha of 3.0 planned for Friday
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 27 Mar 2003, Tomoki AONO wrote: In [EMAIL PROTECTED], [EMAIL PROTECTED] wrote: This is just a heads up for everyone. I'm planning the 3.0alpha23 release for this Friday. If you have code that needs to be merged of commited to the SAMBA_3_0 cvs tree, please get in checked in by 8am EST on Friday of the week. Would someone take a look at CIDR-like notation problem by Mr. Takeda (and following mail by me) ? If this is right, example config described in securing-samba.sgml will not work as expected. (http://lists.samba.org/pipermail/samba-technical/2003-March/042993.html) Fixed. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+hG2DIR7qMdg1EfYRAv+ZAJ446QsKK2fNTJQMUaEanz0rbJoCCACeNcuH Mxs352anoxclJKqT4TwrrLI= =JAQm -END PGP SIGNATURE-
security tab on shares not showing up in SAMBA_3_0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John, I just confirmed that the security tab on a share is missing with a recent build of SAMBA_3_0. I'll look into this (unless someone has an immediate idea). cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+gzMMIR7qMdg1EfYRAqiHAJ0b5tQyuAHy3carW+vFU7GJ1I1PigCg8r0H +AKWx7bdn0uNVXVELgrm1uI= =v9zk -END PGP SIGNATURE-
Next alpha of 3.0 planned for Friday
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 FYI... This is just a heads up for everyone. I'm planning the 3.0alpha23 release for this Friday. If you have code that needs to be merged of commited to the SAMBA_3_0 cvs tree, please get in checked in by 8am EST on Friday of the week. I'm also planning on spending some time reviewing how soon we can turn the alpha releases into beta. I'll post a plan to the samba-technical list early next week. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+gmSFIR7qMdg1EfYRAj50AJ9CQSMyN6oxr9OaPp0DgLT2RqGW1QCgo2I7 jUBQ3/OVT+7un5NTh3foLlA= =9NPP -END PGP SIGNATURE-
Re: [PATCH] Better fix for devicetype?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26 Mar 2003, Andrew Bartlett wrote: I may be blind here, but the only difference in your patch that I see is some rewritten debug messages. What am I overlooking? The second half of the patch? Ah...you mean adding the server_devicetype string into the PROTOCOL_NT1 branch. Yeah. That's fine. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+gNgFIR7qMdg1EfYRAvk5AKDWvfjChW1cTuX+eBv2Dr8v8rOSRgCgqy9a SStWUJAJ0UDFsXzy5BvVGtU= =ZcsX -END PGP SIGNATURE-
Re: [PATCH] Better fix for devicetype?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26 Mar 2003, Andrew Bartlett wrote: And removing the second set of push_string()s. It looked like you had some kind of merge error - your patch added new push_string() calls, rather than modified the original push_string() lines. Ahh...yes. It was a merge error in HEAD. Thanks. You want to fix this up or should I? cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+gOAmIR7qMdg1EfYRArnpAJ9g0Ev3aZbrhyFjgYzGThlwP9WR7QCePGD9 +TZ71ovK1VywRxW0cxLntiU= =ZEsZ -END PGP SIGNATURE-
[SECURITY] Samba 2.2.8 available for download
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This release provides an important security fix outlined in the release notes that follow. This is the latest stable release of Samba and the version that all production Samba servers should be running for all current bug-fixes. The source code can be downloaded from : http://download.samba.org/samba/ftp/ in the file samba-2.2.8.tar.gz or samba-2.2.8.tar.bz2. The uncompressed tarball has been signed using the Samba Distribution Key (available in the same directory). Binary packages will be released shortly for major platforms and can be found at http://download.samba.org/samba/ftp/Binary_Packages/ As always, all bugs are our responsibility. --Sincerely The Samba Team * IMPORTANT: Security bugfix for Samba * Summary - --- The SuSE security audit team, in particular Sebastian Krahmer [EMAIL PROTECTED], has found a flaw in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445. Advice created by Andrew Tridgell, the leader of the Samba Team, on how to protect an unpatched Samba server is given at the end of this section. The SMB/CIFS protocol implemented by Samba is vulnerable to many attacks, even without specific security holes. The TCP ports 139 and the new port 445 (used by Win2k and the Samba 3.0 alpha code in particular) should never be exposed to untrusted networks. Description - --- A buffer overrun condition exists in the SMB/CIFS packet fragment re-assembly code in smbd which would allow an attacker to cause smbd to overwrite arbitrary areas of memory in its own process address space. This could allow a skilled attacker to inject binary specific exploit code into smbd. This version of Samba adds explicit overrun and overflow checks on fragment re-assembly of SMB/CIFS packets to ensure that only valid re-assembly is performed by smbd. In addition, the same checks have been added to the re-assembly functions in the client code, making it safe for use in other services. Credit - -- This security flaw was discovered and reported to the Samba Team by Sebastian Krahmer [EMAIL PROTECTED] of the SuSE Security Audit Team. The fix was prepared by Jeremy Allison and reviewed by engineers from the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers on the Linux Vendor security mailing list. The Samba Team would like to thank SuSE and Sebastian Krahmer for their excellent auditing work and for drawing attention to this flaw. Patch Availability - - As this is a security issue, patches for this flaw specific to earlier versions of Samba will be posted on the [EMAIL PROTECTED] mailing list as requested. Protecting an unpatched Samba server Samba Team, March 2003 This is a note on how to provide your Samba server some protection against the recently discovered remote security hole if you are unable to upgrade to the fixed version immediately. Even if you do upgrade you might like to think about the suggestions in this note to provide you with additional levels of protection. Using host based protection --- In many installations of Samba the greatest threat comes for outside your immediate network. By default Samba will accept connections from any host, which means that if you run an insecure version of Samba on a host that is directly connected to the Internet you can be especially vulnerable. One of the simplest fixes in this case is to use the 'hosts allow' and 'hosts deny' options in the Samba smb.conf configuration file to only allow access to your server from a specific range of hosts. An example might be: hosts allow = 127.0.0.1 192.168.2.0/24 192.168.3.0/24 hosts deny = 0.0.0.0/0 The above will only allow SMB connections from 'localhost' (your own computer) and from the two private networks 192.168.2 and 192.168.3. All other connections will be refused connections as soon as the client sends its first packet. The refusal will be marked as a 'not listening on called name' error. Using interface protection -- By default Samba will accept connections on any network interface that it finds on your system. That means if you have a ISDN line or a PPP connection to the Internet then Samba will accept connections on those links. This may not be what you want. You can change this behavior
Re: How to verify the domain secret is good or bad?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 11 Mar 2003, Chere Zhou wrote: I know there is the command wbinfo -t. But when it says that could not check secret, how do I know it's the secret is bad, or something else wrong, like winbind went crazy maybe? winbindd has to be running to check the secret. Also, sometimes I saw problems like wbinfo -t just says secret is bad, when all the daemons were running. It sure was good at some point before. Samba periodially changes the password on the server. secrets.tdb should be in sync with this. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+b27kIR7qMdg1EfYRAjFkAJ9OwmyQjfz2wiHL8/WoWPfZhd+w0wCZAYJn 03pUnG6Vd0Nv8u0abJLmm14= =Did/ -END PGP SIGNATURE-
Samba-3.0alpha22 available on samba.org mirrors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We've just posted another snapshot of the SAMBA_3_0 cvs tree for download. This is a non-production release provided for testing only. The source code can be downloaded from : http://download.samba.org/samba/ftp/alpha/ The uncompressed tarball and patch file have been signed using GnuPG. The Samba public key is available at http://download.samba.org/samba/ftp/samba-pubkey.asc Binary packages for RedHat have been released and can be found at http://download.samba.org/samba/ftp/Binary_Packages/ Others will be available as they are submitted by volunteers. A simplified version of the CVS log of updates since 3.0alpha21 can be found in the the download directory under the name ChangeLog-3.0alpha21-alpha22. The release notes follow. As always, all bugs are our responsibility. --Enjoy The Samba Team - WHATS NEW IN Samba 3.0 alpha22 4th March 2003 == This is a pre-release of Samba 3.0. This is NOT a stable release. Use at your own risk. The purpose of this alpha release is to get wider testing of the major new pieces of code in the current Samba 3.0 development tree. We have officially ceased development on the 2.2.x release of Samba and are concentrating on Samba 3.0. To reduce the time before the final Samba 3.0 release we need as many people as possible to start testing these alpha releases, and hopefully giving us some high quality feedback on what needs fixing. Note that Samba 3.0 is not feature complete yet. There is a more coding we have planned, but unless we get what we have done already more widely tested we will have a hard time doing a stable release in a reasonable time frame. Major new features: - --- - - Active Directory support. This release is able to join a ADS realm as a member server and authenticate users using LDAP/kerberos. - - Unicode support. Samba will now negotiate UNICODE on the wire and internally there is now a much better infrastructure for multi-byte and UNICODE character sets. - - New authentication system. The internal authentication system has been almost completely rewritten. Most of the changes are internal, but the new auth system is also very configurable. - - new filename mangling system. The filename mangling system has been completely rewritten. An internal database now stores mangling maps persistently. This needs lots of testing. - - new net command. A new net command has been added. It is somewhat similar to the net command in windows. Eventually we plan to replace a bunch of other utilities (such as smbpasswd) with subcommands in net, at the moment only a few things are implemented. - - Samba now negotiates NT-style status32 codes on the wire. This improves error handling a lot. - - better w2k printing support including publishing printer attributes in active directory - - new loadable RPC modules - - new dual-daemon winbindd support for better performance - - support for migrating from a Windows NT 4.0 domain - - support for establishing trust relationships with Windows NT 4.0 domain controllers Plus lots of other changes! Reporting bugs Development Discussion - --- Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. Changes in alpha22: - --- Added Parameters * client NTLMv2 auth * client lanman auth * client signing * client use spnego * max reported print jobs * msdfs proxy See cvs log for SAMBA_3_0 for complete details. There are many smaller numerous changes that would clutter the release notes. 1) remove the global_myname string and replace with wrapper function global_myname() 2) create vfs/ and pdb/ subdirectories for library installs 3) Fixup of ordered cleanup of get_dc_list() 4) Added more autoconf tests for Stratus VOS 5) Fixed nasty bug where file writes with start offsets in the range 0x8000 - 0x would fail as they were being cast from IVAL (uint32) to SMB_OFF_T (off_t or off64_t, both *signed* types). The sign extension would cause the offset to be treated as negative. 6) Add support to automatically retrieve the dns host name and domain name of an AD server 7) Add support for PRINTER_INFO_7 and publishing printer attributes in active directory 8) Fix for 64 bit issues with oplocks and allocation size 9) Remove assert(count ==1) for multi-homed PDCs when resolving DOMAIN0x1b 10) Ensure that
Re: [PATCH] draft: better string overflow checking (was: memorycorruption in SAMBA_3_0)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Mar 2003, Martin Pool wrote: I was thinking about Andrew's fstring-overflow patch from a few weeks ago: for developer builds, it touches the last byte of a string buffer to check that it's as long as it should be. This should be reasonably helpful in catching string overflows on the heap, but not so good on the stack, because the program can probably write arbitrarily far past stack variables without trapping, even under Valgrind. Writing a \0 in there will damage *something* and probably make the program crash, but it won't be very obvious. I think this might have been what Jerry saw the other day. This looks good Martin. Would be much easier to catch when we write past the end. You've got my vote. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZiIzIR7qMdg1EfYRAs/0AKDJRVt1giqVvWCdEAns40uaDD9bjACg7pxw pkOgMnGRHXrSvqwGsRh5+Ts= =MnXj -END PGP SIGNATURE-
Re: Detecting Windows OS Version through Samba
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 5 Mar 2003, Simo Sorce wrote: I cannot remember how it works out which OS is on the other side or how accurate it is. it's based on flags set during the negprot and sessetup request. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+Znr2IR7qMdg1EfYRAhtXAJ9ToIcf0haFPMhEPnaeH4SA/ON0XwCg3l/m oZ8HEXRZt1CnYT8kb66c6v8= =lryd -END PGP SIGNATURE-
Re: CVS update: samba/source/printing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 4 Mar 2003 [EMAIL PROTECTED] wrote: Date: Tue Mar 4 09:33:34 2003 Author: abartlet Update of /data/cvs/samba/source/printing In directory dp.samba.org:/tmp/cvs-serv25296/printing Modified Files: nt_printing.c Log Message: Fix another 'off by one' bug with safe_strcpy(). It is unclear if the intent was to limit the string to 31 or 32 characters (excluding the null term), so I've assumed for now that 32 is fine, as this matches current behaviour (well, current behaviour would crash, but anyway...) Jerry: Can you look at this for me? The devicename is truncated at 32 characters (including NULL). See spool_io_devmode() for details. This probably should be a memcpy of MAX size 32 instead of a string copy. You change won't break anything I don't think, but i'll fix it up so the intent of the code is a little more clear. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZKlsIR7qMdg1EfYRAm5RAKCXW+XAz91RTeL7EnSYNd5RQlqF7gCgpmkf dEHvZ+v2VNtrkPw+Y+ENgVs= =qS3b -END PGP SIGNATURE-
Re: file descriptors consumed by printing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 2 Mar 2003, Richard Sharpe wrote: On Mon, 3 Mar 2003, Tim Potter wrote: On Sun, Mar 02, 2003 at 10:10:53PM -0800, Richard Sharpe wrote: This seems like a good way to do it. Does anyone have any objections if I do so? Why do we need it? Just call lp_default_server_announce() and check if the SV_TYPE_PRINTQ_SERVER bit is set. If no print shares are exported then don't call nt_printing_backend_init(). Hmmm, Samba 2.2.x sets SV_TYPE_PRINTQ_SERVER unconditionaly. It's fixed in HEAD. Yeah, well someone forgot their janitorial duties :-) No. I asked Tim not to merge it since it was more of a change than I wanted to chance in 2.2 at the time. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZLE6IR7qMdg1EfYRApvPAKCgk72wlxQVo80Vq4PYnF6RsfSUDwCg0QbE TQRIxoOSBMzvXGHLFCQcdIE= =3a+F -END PGP SIGNATURE-
Re: Help with spoolss printing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 4 Mar 2003, Steve Langasek wrote: Have you tried the backported 2.2.7a packages available at http://people.debian.org/~peloy/samba/? Jerry, have there been more printing fixes since then that he'll need in order to get this working? I don't think so. The only post 2.2.7 printing fix was for big-endian boxes. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+ZOMzIR7qMdg1EfYRAkxqAJwMDqeKc0ryDoaJuge4BkFWnzVDoACgmZq1 3Lo/5PiNTRe32K9u9NfGS34= =9Veh -END PGP SIGNATURE-
Samba-2.2.8pre1 available on samba.org mirrors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We've just posted the second preview release of Samba 2.2.8 on samba.org. This is a non-production release provided for testing only. The final 2.2.8 will only include bug fixes for the 2.2.7a release. The source code can be downloaded from : http://download.samba.org/samba/ftp/pre/ The uncompressed tarball and patch file have been signed using GnuPG. The Samba public key is available at http://download.samba.org/samba/ftp/samba-pubkey.asc Binary packages for RedHat have been released and can be found at http://download.samba.org/samba/ftp/Binary_Packages/ Other will be available soon. The release notes follow. As always, all bugs are our responsibility. --Enjoy The Samba Team What's new in Samba 2.2.8pre2 - 28th February 2003 == This is a non-production, preview release of the upcoming Samba 2.2.8 distribution. This preview release is for testing purposes only and should not be installed in production environments. The purpose of this preview release to make numerous bugs fixes for Samba 2.2.7a available to the Samba community. Please report testing results of this release to the Samba mailing list [EMAIL PROTECTED]. Changes since 2.2.8pre1 - --- 1) smbumount lazy patch from Mandrake 2) Check for too many processes *before* the fork. 3) make sure we don't run over the end of 'name' in unix_convert() 4) set umask to 0 before creating socket directory. 5) Fix the LARGE_SMB_OFF_T problems and allow smbd to do the right thing in interactive mode when a log file dir is also specified. 6) Fix delete on close semantics to match W2K. 7) Correctly return access denied on share mode deny when we can't open the file. 8) Always use safe_strcpy not pstrcpy for malloc()'d strings 9) Fixes for HP-UX only having limited POSIX lock range 10) Added uid/gid caching code. Reduces load on winbindd. 11) Removed extra copy of server name in the printername field (it was mangling the the name to be \\server\\\server\printer 12) Fix dumb perror used without errno being set. 13) Do retries correctly if the connection to the DC has failed. 14) Correctly check for inet_addr fail. 15) Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined. 16) Fix for missing if (setting_acls) on default perms. 17) Fix to cache the sidtype 18) fix printer settings on Solaris (big-endian) print servers. ASCII - UNICODE conversion bug. 19) Small fix check correct error return. 20) Ensure space_avail is unsigned. 21) patch to check for a valid [f]chmod_acl function pointer before calling it. Fixes seg fault in audit VFS module 22) When checking is_locked() new WRITE locks conflict with existing READ locks even if the context is the same. 23) Merge off-by-one crash fixes from HEAD 24) Move off-by-one buggy malloc()/safe_strcpy() combination to strdup() instead. 25) Merge from HEAD. Use pstrcpy not safe_strcpy. 26) Fix to allow blocking lock notification to be done rapidly (no wait for smb - smb lock release). Adds new PENDING_LOCK type to lockdb (does not interfere with existing locks). 27) Doxygen cleanups for code documentation 28) limit the unix domain sockets used by winbindd by adding a last_access field to winbindd connections, and will close the oldest idle connection once the number of open connections goes over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200 currently) 29) Fix a couple of string handling errors in smbd/dir.c that would cause smbd to crash -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+X+BiIR7qMdg1EfYRAjC+AKC/BwKXyt/JcVGUfzsH2wJmhlWGbwCfdiXG jR8iAXP1vZUcuE7tbaEICpU= =e1uE -END PGP SIGNATURE-
Re: REPOST: Question about srv_spoolss_send_event_to_client()
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter, I'll take a look. I'm just reaally tied up on a few things at the moment. I think i'm the one that put that code in. Thanks. cheers, jerry On Wed, 26 Feb 2003, Peter Hurley wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Hurley Sent: Monday, February 17, 2003 3:41 PM To: [EMAIL PROTECTED] Subject: Question about srv_spoolss_send_event_to_client() In rpc_server/srv_spoolss_nt.c:srv_spoolss_send_event_to_client(): Could someone tell me why the following lines of code were added? if (Printer-printer_type == PRINTER_HANDLE_IS_PRINTSERVER) msg-flags |= PRINTER_MESSAGE_ATTRIBUTES; The problem is that sending expanded NOTIFY_INFO_DATA in the RRPCN request for a printserver causes W2k clients to ** NOT ** send RFNPCNEX requests. The upshot is that when a W2k client opens the Printers window on the print server and selects a printer, the printer status will not change during subsequent operations (say pausing and unpausing). Commenting out the lines of code above had the desired effect (i.e., fixed that problem), but I'm concerned since someone put it in to begin with. If the above is absolutely necessary, then the fix is much more complicated. Thanks, Peter Hurley [EMAIL PROTECTED] - -- -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+XkUGIR7qMdg1EfYRAr/LAKCBEYJG9KCK+3RI0IF6zM/5qZLM2gCgojmI POyxZUBjjuW0/Po3ZQ4ads4= =V23R -END PGP SIGNATURE-
Re: problem retrieving level 3 info for NT printer drivers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 26 Feb 2003, Ronan Waide wrote: Hi folks, mentioned this briefly on samba@ about a week ago, but I've actually done some tracking on it now. I'm still digging, but this is a summary of what I've found. symptoms: doing rpcclient SERVER enumdrivers level 3 fetches information for the Windows 9x drivers, then stalls trying to retrieve the NT information, before returning a timeout message. Level 1 and 2 work fine. I ran ethereal and poked at the traces some, and this is what I get: client: EnumPrinterDrivers request level 3 server: EnumPrinterDrivers reply, Insufficient Buffer client: EnumPrinterDrivers request level 3 (this time with a buffer) server: EnumPrinterDrivers reply At this point, I have the Windows 4.0 drivers. client: EnumPrinterDrivers request level 3 server: EnumPrinterDrivers reply, Insufficient Buffer client: DCERPC request server: no apparent response client: SMB WriteAndXRequest server: SMB WriteAndXResponse server: SMB WriteAndXResponse client: SMB WriteAndXRequest client: SMB WriteAndXRequest and that's about it. Error message goes hereabouts. try again with HEAD. The Samba 2-2 client rpc code cannot handle fragmented PDU's too well. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+XkWCIR7qMdg1EfYRAjODAKDAb1oCDCHF8H6zTPYHMYebhqEKCwCglUaW xnvsessw3FN0jU2LZ12CmZg= =5pEs -END PGP SIGNATURE-
Re: [Samba] limits question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 14 Feb 2003, William Jojo wrote: what do the following values in local.h do with respect to a single smbd or are they absolute limits? please explain... #define MAX_DIRECTORY_HANDLES 2048 #define MAX_OPEN_DIRECTORIES 256 #define MAX_OPEN_PIPES 2048 single smbd limits. Mostly upper boundaries on internal data structures. Also prevent DoS attacks from clients wanting to consume all the memory on the server. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+WuQeIR7qMdg1EfYRAhJyAJ9omkvFN4h5XWnSmuHPnyImHaXYLQCg5i1C IfdpNK9zKltVEr+KSirZTKY= =nH06 -END PGP SIGNATURE-
Re: LDAP machine accounts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 13 Feb 2003, Daniel T. Gynn wrote: Hi all. I have been implementing a Windows Domain using Samba and LDAP and noticed that when validating a workstation, Samba would only check the /etc/passwd file and not LDAP. I changed the pdb_ldap.c and srv_netlog_nt.c code so that if a workstation isn't in the /etc/passwd file, it will check LDAP. I am attaching the two files. Please respond to my email address with any comments, as I haven't subscribed to this mailing list. This should be done via the nss_ldap layer in 2.2. What server OS are you using? People have already commented on 3.0 so i'll leave it at that. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+TS+oIR7qMdg1EfYRAqwwAJ47x5sVnaLQZ3QtOstqWokvLjI4uQCg6u1e vNogZ6jilejs0loT7FMgsk8= =H7S2 -END PGP SIGNATURE-
Re: Machine Account Passwords are changed on the WRONG server!!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 14 Feb 2003, Brian M Hoy wrote: If you believe the MS document, then the Samba BDC should pass the machine account password change request to the PDC. That would be nice! If you are using read-only replicas for Samba BDCs then the password change should be passed onto the master LDAP server via a referral. Did you say you were using samba 2.2? This is one fix that will be in 2.2.8 (was already in HEAD/SAMBA_3_0) cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+TTAqIR7qMdg1EfYRAvPKAKDV9MejCUe/+snpESKVgpgZ3n0h+wCgxJq4 H/+DjNJdM7EY/y5YXPVHVLU= =tbMS -END PGP SIGNATURE-
Re: Pushing Samba functions into the kernel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 13 Feb 2003, Richard Sharpe wrote: On Thu, 13 Feb 2003 [EMAIL PROTECTED] wrote: Ok, my feelings on Samba in the kernel are the following. 1). We need to be able to de-multiplex incoming SMB's at the kernel level to get over the W2K Terminal Server problem. OK, I am not familiar with this problem. Can you say more please. Win2k TSE uses a single TCP session to the file server and multiplexes all of the SMB sessions over that. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+TTB4IR7qMdg1EfYRAuv8AJ0W6QB1YHZCGvGRL/7CynmLMB0tNACgi3yQ troxuc585ZsbywGxNz36N/E= =/umr -END PGP SIGNATURE-
Re: init_unistr2 length calculation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 13 Feb 2003, Shirish Kalele wrote: In init_unistr2, the string length for the UNISTR2 structure seems to be set equal to the number of bytes occupied by the string when encoded in the Unix charset (i.e. the value returned by strlen()). This is not necessarily the number of characters in the string (given UTF-8 and other variable-byte charsets). Shouldn't this actually be set to half the number of bytes occupied by the string after encoding it in UCS2? Here's a patch that does this. I think you might get into trouble here due to difference in the MS unicode marshalling flexibility. I don't understand. Could you elaborate? i guess if (length_of_bytes_in_orig_string != num_character_in_string) then we would have a problem. Had to think though this a bit. I think I misunderstood you to start with. I thought we were talking about UNISTR2 length == num_characters. My point was that sometimes this is actually == num_characters*2 (as you mentioned). Ignore me. My memory deteriates as I get older. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+TTZMIR7qMdg1EfYRAgOwAKC4fw6AgaMBIQNKO8HgfPDhYG31nACfToeG DhQ+TtLtswfK/U2Th0X5XK4= =8I/J -END PGP SIGNATURE-
Re: query about rpcclient process_cmd:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 13 Feb 2003, Martin Pool wrote:
rpcclient.c/process_cmd has
if (cmd[strlen(cmd) - 1] == '\n')
cmd[strlen(cmd) - 1] = '\0';
if (!next_token(p, buf, , sizeof(buf))) {
return NT_STATUS_OK;
}
/* strip the trainly \n if it exsists */
len = strlen(buf);
if (buf[len-1] == '\n')
buf[len-1] = '\0';
Isn't the second check for newline redundant?
Looks like it to me.
cheers, jerry
--
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key http://www.plainjoe.org/gpg_public.asc
You can never go home again, Oatman, but I guess you can shop there.
--John Cusack - Grosse Point Blank (1997)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+S+FKIR7qMdg1EfYRAsXPAKDhOCfKUsLf8MywJy94yKVZRVM94wCeKrMm
x75I2O47QsR+1YI55Rp/Gyg=
=aP2U
-END PGP SIGNATURE-
Re: init_unistr2 length calculation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 12 Feb 2003, Shirish Kalele wrote: Hi, In init_unistr2, the string length for the UNISTR2 structure seems to be set equal to the number of bytes occupied by the string when encoded in the Unix charset (i.e. the value returned by strlen()). This is not necessarily the number of characters in the string (given UTF-8 and other variable-byte charsets). Shouldn't this actually be set to half the number of bytes occupied by the string after encoding it in UCS2? Here's a patch that does this. I think you might get into trouble here due to difference in the MS unicode marshalling flexibility. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+S+DjIR7qMdg1EfYRAhBLAKDR29obVicYcRCccXJTjC1qMiFocgCfWzEj 9VrIzCyuKMQ0aanmUvty8P0= =GqyI -END PGP SIGNATURE-
Re: [Samba] Problems loading printer list using Samba 2.2.7a withCUPS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 13 Feb 2003, Kurt Pfeifle wrote: Gerald (Jerry) Carter wrote on Samba-Digest: On 11 Feb 2003, Sean Millichamp wrote: I am using Samba to successfully load the printer list directly from CUPS with one fairly significant caveat. If a printer is added to CUPS while Samba is running there is apparently nothing I can do to have it visibly appear when doing a list of the services in Samba (such as with smbclient -L). This is also a problem if Samba starts before CUPS in the boot sequence. known bug. The workaround i think is to send a HUP signal to the smbd in question. Will be fixed in 3.0. Is it possible to fix this in 2.2.8 too? Please, please consider to fix this also in the next (last?) 2.2.x release. If you are using an addprinter command in smb.conf, then yes. But the printcap cache wil wait until 3.0 (seeing it it hasn't been imlemented yet). cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+TBaVIR7qMdg1EfYRAtGhAKCFQkT3tZ+5qKN4/cbQ42XKplVCggCeNSd6 ktohfn1LUwDoASi0fDysmw8= =5oBK -END PGP SIGNATURE-
Re: background updates of print queues via a dedicated process
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 12 Feb 2003, Martin Pool wrote: I was thinking of the way smbd needs to notify waiting clients when the print queue changes. I guess the notification doesn't need to happen straight away. I think we may need to revisit how the print notify is implemented. The semanics are correct but it seems to break down under load. We need to handle that load more gracefully. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+SmALIR7qMdg1EfYRAja/AJ9f1fzPoNNxD3xvPhoYLdXB4hTMMgCg8qxt fMn6WSa0k0a/BAXrI2Ys2go= =8GlW -END PGP SIGNATURE-
Re: background updates of print queues via a dedicated process
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 12 Feb 2003, Martin Pool wrote: The Samba 3.0 roadmap mentions this as a wishlist item for 3.x. I'm interested in looking at it. Has anybody else already worked on it? JF started on it, but do to some bugs it got sidetracked after killing the build farm machines. It seemed like it would involve a separate smbd process repeatedly parsing the output of lpq and feeding it into a database, rather than this being done on-demand from a regular smbd child. I suppose when some change is noticed it will have to send a message to prod other smbds. or the child smbd can always assume that it is up to date (of course locking during an update makes sure that a smbd doesn't get a half done queue listing). It might be good for there to also be a way for the spooler to notify Samba when something has happened, so as to avoid polling. CUPS might support this. I dunno. or it could be added to lpd of course. This seems like it might help print server efficiency with many jobs or printers. Am I on the right track? Sounds good to me. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+SdxZIR7qMdg1EfYRAhMYAJ0bgS7KbaXJcxTNx3wPyq5OeMo0xgCfc736 xLx6vrFt2DFIi9C0jCUD9jc= =jb0t -END PGP SIGNATURE-
Re: winreg operations
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 10 Feb 2003, D Jemms wrote: samba implements RPC for winreg.is that mean samba creates total registry on server (like windows)? if yes,where is it kept ? if no, what operation does winreg perform ? Can anyone give me some insight view on winreg. Help on this will be appriciated, Samba creates a read-only virtual registry. A writable copy would need a full blown ACL implementation I think. COuld be a funn learning experience for someone but it wasn't important enough for me just yet to do it. See rpc_server/srv_reg*.c registry/*.c The idea is to create a skeleton registry out of a tdb and then provide a table of function pointers for linking in other tdbs. Only the nt*tdb's are hooked in right now. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+R/VqIR7qMdg1EfYRAokRAKCTWeQ+zbtr1fvCUb4JaDABo/fUQgCg7wYZ s2GO12++Ahsf+iSaBXzlWTg= =Y6E/ -END PGP SIGNATURE-
Re: Status of docs merge to 3.0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 1 Feb 2003, Andrew Bartlett wrote: I've been doing a few doc updates in HEAD, and was about to merge them to 3.0 - but I'm not quite sure what the status is, given we seem to have a slightly different syntax in HEAD (XML compliant?) So, should I just merge my text changes, or wait for the lot to be merged or? Jelmer? I think it is probably ok to wait on the docs since HEAD is truth here. The only problem will be documentation parameters that are in HEAD that have not (or will not) be merged to 3.0 (e.g. the client ntlmv2 stuff you are working on now). Jelmer might have a different idea though. I'll let him lead. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+R9TpIR7qMdg1EfYRAgoKAKCvCLq4byMA541hipdbi46RhRAEmwCg3xPY ohG2B2GJk3ypgemhR2U3YrU= =oRsb -END PGP SIGNATURE-
Re: missing config.h.in for CVS SAMBA_3_0?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 7 Feb 2003, Richard Bollinger wrote: OK... its just a pain because one of the platforms I automatically build from CVS on doesn't have the tools required to run autogen.sh, so I have to do some convoluted tricks to run autoheader and autoconf on my Linux server against my Solaris source tree. Seems as though it would be better to put config.h.in back into CVS for less priviledged folk among us. There are generated in ~ftp/unpacked/samba[*] You can grab it from there. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+R/d4IR7qMdg1EfYRAhZ6AKCyo2IPu/93cCXfu+GtNWZYp6cL7ACg7mj1 RQ+xONQlyC5UBIrJMpb/LY8= =ETEj -END PGP SIGNATURE-
Re: missing config.h.in for CVS SAMBA_3_0?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 10 Feb 2003, Richard Bollinger wrote: I still haven't heard a really good reason for the file being dropped from CVS. If we're on a crusade to delete any derivative files, why not drop configure as well? It has been. jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+R/tcIR7qMdg1EfYRAv2zAJ9obcwOUxw4MY7NpobuK61l9cO6LQCeJIdM MRmsDrMqzZ2TlEB1JBjfcqI= =jfw/ -END PGP SIGNATURE-
Re: Patch for samba 2_2 for Stratus VOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 31 Jan 2003, Paul Green wrote: Attached is a patch for the 2_2 branch of samba that makes changes similar to the ones I recently submitted to the head and 3_0 branches. I have tested it locally on VOS and it works as expected. I have also tested it on Solaris 2.8 and it looks ok there too. I ran configure and then make everything; make wins. Now, for the first time in months, I can build the stock Samba 2.2.x on VOS. OK. I'll get this checked in today. I had to make one change that will affect other platforms -- but only on the build farm. Today, the samba_2_2 build farm hook (make everything) unconditionally builds nsswitch/lib_wins.so. This screws us, because that's a shared library and we don't do shared libraries. Oddly enough, make everything on samba_3_0 does not try to unconditionally build shared libraries. You have to say make wins in 3_0 to get this file built. So that is the way I implemented it in 2_2. Sounds right. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+P+YWIR7qMdg1EfYRAmGiAKDRKqiNm0mCE6Ehou4xaG0qvU5FNQCgiM55 XJgc47tk/yaH32NPo6mKYXM= =dajH -END PGP SIGNATURE-
Re: REPOST: Meaning of tdb_free: left read failed at ...?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 1 Feb 2003, Ralf G. R. Bergs wrote: since I upgraded our fileserver running Debian 3.0/i386 with Samba 2.2.7a (a package I created myself) I'm seeing the following messages in syslog: Jan 28 14:55:50 Fileserver nmbd[22451]: [2003/01/28 14:55:50, 0] tdb/tdbutil.c:tdb_log(531) Jan 28 14:55:50 Fileserver nmbd[22451]: tdb(/var/run/samba/unexpected.tdb): tdb_oob len -2320 beyond eof at 16384 Jan 28 14:55:50 Fileserver nmbd[22451]: [2003/01/28 14:55:50, 0] tdb/tdbutil.c:tdb_log(531) Jan 28 14:55:50 Fileserver nmbd[22451]: tdb(/var/run/samba/unexpected.tdb): tdb_free: left read failed at 4294964952 (4096) Looks like the tdb went over the 4Gb line. As a quick work around, Stop nmbd; rm /var/run/samba/unexpected.tdb; and start nmbd back up. It looks like an overflow in the tdb read offset. I don't think tdb's support 64-bit file size (of the actual tdb itself) IIRC. This is by design I believe. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+Pvk7IR7qMdg1EfYRAlhZAJ9kxVGcjjrQIBlnEsWVTrdgRbfHiQCg0nKi mPGFSgQvhge1ztS8p/o/tAY= =49I4 -END PGP SIGNATURE-
Re: Move files do not change group as copying does.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 31 Jan 2003, Ola Lundqvist wrote: The problem this time is that we have set up a permission structure for files in about the same way as windows do, using groups. The problem is that in windows, the files inherit the group membership from the directory where the files (and subdirs) reside. This works fine now if the user copy the files from one place to the other. The problem is that if the files (and dirs) is moved an ordinary rename(a,b) command is used which means that the group membership is not changed. I use sgid on directorys to emulate windows behaviour but this do not help if moving files. I have looked at the code and see that there is a rename(a,b) emulation function, but that tries to emulate it truely so it gives the same problem. My suggestion is that a recursive chgrp is performed to the destination for all dirs and files that has the same group id as the source file or dir. What do you think about this? I don't think this is the path of least surprise. If I move a file, it should keep the same ownership permission. I think you might be referring to the Win2k inherit permissions check box. IMO this is not Samba's responsibility to emulate. It would be more effeciently done by the file system itself. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+P17TIR7qMdg1EfYRAk/OAKCSw3pKQulBvAap/Z7FIDC/uq0g+ACfS9Jp et1Lzmmok8FagMCdYgy3n3g= =P/yS -END PGP SIGNATURE-
Re: User with read only access can deny write.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 31 Jan 2003, Ola Lundqvist wrote: I have got a small problem. The thing is that if one use A open a file in microsoft word without having write access to the file the file become locked. From smbstatus: 19717 DENY_WRITE RDONLY NONE /home/pathtofile The problem is that all other users can not write to the file because it is locked. This is a problem here because some users need to be able to write the file while other just have read access. You could say that it is a bug in word but on the other hand it should really be possible to deny write whily you do not have write permission. This would make sense but you need to confirm that NT does was makes sense. I assume that this is a bug, i.e. no check is performed to determine if a user really can deny write to other users. Or is this a design flaw in samba? Please try to reproduce this against an NT/2k print server. I'll bet you see similar behavior. If not. then it is our bug. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+P17aIR7qMdg1EfYRAjCYAKCdsycTPqg35xccWczQ23x2dP2jygCg7ZS2 kjVOw1MwVsL0hk1Jh7JD9QU= =Z656 -END PGP SIGNATURE-
Re: 2.0.7-XP compability ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 30 Jan 2003, Ulf Bertilsson wrote: I wonder what this means ?: error packet at line 878 cmd=162 (SMBntcreateX) eclass=1 ecode=32 You could grab the #defines from incluee/doserr.h /* Error classes */ #define ERRDOS 0x01 /* Error is from the core DOS operating system set. */ /* SMB X/Open error codes for the ERRDOS error class */ #define ERRbadshare 32 /* Share mode on file conflict with open mode */ cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+P17lIR7qMdg1EfYRAjYjAJ0VHguOQN/V6mW9i+F/Tq9gwp0eQgCfW6iJ AdZdEBJrg2BOfPkZ94iZ5s0= =zECe -END PGP SIGNATURE-
Re: Will these patches make it into 2.2.8?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 31 Jan 2003 [EMAIL PROTECTED] wrote: as 2.2.8 seems to approach now, have the following patches been considered for it? They both don't add functionality, but rather improve robustness, and are platform independent: http://lists.samba.org/pipermail/samba-technical/2002-December/041413.html prevents winbindd from damaging its own idmap TDB on write failures (filesystem full), by rolling back partial changes done by the failed store of mapping. http://lists.samba.org/pipermail/samba-technical/2003-January/041897.html avoids the reconnect delay when DC pipes have died, thus avoids false negatives to be returned to clients, and to be cached. Not a 100%, however. If there is really no DC available at the time of query, it will still happen. But it's an improvement compared to having these false negatives always after a connection died. They are in my inbox queue of things to merge. I have to work on HP printing bugs as my 'day' job priority, but I have not forgotten these and will ensure they get added before 2.2.8 But probably not for 2.2.8pre1. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+OrpVIR7qMdg1EfYRAu+GAKCpW4P4Pibv8skvszyDYUBLJP8PqgCaA19Y Bypeyi93rn82wacRuxGFzzs= =EKGi -END PGP SIGNATURE-
Re: SMB and message
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 30 Jan 2003, D Jemms wrote:
I am new to samba world .Hvae many questions in mind.
can anyone tell me the description of SMB and message
?
What is the functionality of receive_message_or_smb()
Looks like you are going to have spend a good bit more time
in the code. The function is explained in the comments
in process.c.
/
Do a select on an two fd's - with timeout.
If a local udp message has been pushed onto the
queue (this can only happen during oplock break
processing) call async_processing()
If a pending smb message has been pushed onto the
queue (this can only happen during oplock break
processing) return this next.
If the first smbfd is ready then read an smb from it.
if the second (loopback UDP) fd is ready then read a message
from it and setup the buffer header to identify the length
and from address.
Returns False on timeout or error.
Else returns True.
The timeout is in milliseconds
/
static BOOL receive_message_or_smb(char *buffer, int buffer_len,
int timeout)
{
...
}
jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+OT/eIR7qMdg1EfYRAjjTAKDUIJ/zxXYYfUPk7mnf6iTYaAEK0gCeIu9q
dmAJDRQpMYH+Os1JQqNJe+w=
=+bT0
-END PGP SIGNATURE-
Re: Jobs do not clear from Print Queue.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 30 Jan 2003, Mark Fraser wrote: Is there a fix to correct a problem where when multiple print jobs are sent to a printer, the last and first jobs never clear out of the queue. In other words, if 5 jobs are sent, all jobs print, but the first and seventh (last) still appear in the queue. I have looked for timeout settings and such but have not been successful. This may be a simple question for someone out there to answer. RedHat 8.0 with Samba Version 2.2.7 This could either be (a) a bug in the print queue cache in smbd (although you have the only report of it I've seen), or (b) known bugs in Samba print change notify. Does the listing clear up on a manual refresh of the print queue window on the client (F5)? cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+OUERIR7qMdg1EfYRAnRBAJ9oo4+LAQ14Xa++Fws8dt4X/4q7KgCfYphr kmzFpQSLNORY+5PGxmnLzVY= =OKOn -END PGP SIGNATURE-
Re: opblock breaks...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 30 Jan 2003, Stefan (metze) Metzmacher wrote: metze [2003/01/30 09:15:57, 0, pid=16653] smbd/oplock.c:oplock_break(796) oplock_break: receive_smb timed out after 30 seconds. oplock_break failed for file metze/smb/HEAD-ioctl/source/include/includes.h.bak (dev = 903, inode = 38217175, file_id = 588). [2003/01/30 09:15:57, 0, pid=16653] smbd/oplock.c:oplock_break(868) oplock_break: client failure in oplock break in file metze/smb/HEAD-ioctl/source/include/includes.h.bak [2003/01/30 09:15:57, 0, pid=16653] smbd/reply.c:reply_lockingX(3861) reply_lockingX: Error : oplock break from client for fnum = 12859 and no oplock granted on this file (metze/smb/HEAD-ioctl/source/include/includes.h.bak). Looks like the client responded after the oplock break timed out. A network trace would be helpful to see what other packets are flying around. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+OUFzIR7qMdg1EfYRAtQAAJ9rjGcWB1bcJPrcrsOzyMsJJzeFsQCfROwW bvj8JZ4rTcLmvho1EvSNHng= =+TC5 -END PGP SIGNATURE-
Re: Patch to configure.in for Stratus VOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 30 Jan 2003, Green, Paul wrote: The following patch to samba*/source/configure.in adjusts some global variables and sets up the compiler options for the Stratus VOS operating system. It is parallel to similar configure.in code for other operating systems. I have tested this patch on VOS against the samba_2_2, samba_3_0, and samba head branches, and it applies correctly and cleanly against yesterday's code bases, and the builds see the benefit. This is a VOS-specific patch and will not affect any other OS. This looks ok. I'll apply after I'm done with email. Go ahead and send me to the patches for SAMBA_2_2. I'll put those in and am planning on doing a 2.2.8pre1 release tomorrow. Paul, if you don't mind, send the patches as an attachment. Makes it easier to extract and doesn't munge tabs. Thanks. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+OUCcIR7qMdg1EfYRAqsqAKCbi+P6RPYLqjNPYyQFovUH5UZviwCg04lw uGKamYvd/+wqgTpGBLMLW4Y= =x747 -END PGP SIGNATURE-
RA_WINXP ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Has anyone looked at the negprot request differences between 2k xp? Are there not enough differences to distinguish the two on the wire? or is it just that no one has had time? If no one has looked, i'll add it to my plate. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+OVzCIR7qMdg1EfYRAmVRAJ9kn8lqmeK2l07jWMIe3hBDsDrzTgCgxYUa +8GgQK0ifybu1VFUN3WSU2U= =SkBI -END PGP SIGNATURE-
Re: [Samba] sort-of fix for net rpc vampire account creation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 21 Jan 2003, Ronan Waide wrote: Continuing the saga: Groups are not migrated by the ldap_nua backend, even if I create a posixGroup entry. After a bit of prodding, I found the latter was because Samba had set up group mappings in group_mapping.tdb, which my manually-created LDAP groups didn't agree with. Removing group_mapping.tdb fixed /that/ problem - i.e. accounts have their group information properly updated - but the basic problem, that groups are not migrated - still exists. And it appears that smbgroupedit is not capable of creating a new group in the same way that smbpasswd is capable of creating a new user. I'm copying this to samba-technical, since I believe it's an implementation detail at this point. I'll work on it. Thanks. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+OCrVIR7qMdg1EfYRAsRFAJ4+kVKld1rbJvBZffdzons67QQc1wCg6nru nLlJA1nSh0wOvVGhQ7iUIY8= =SoB1 -END PGP SIGNATURE-
Re: Bug in nmbd_become_dmb.c (CVS 1.7 3.somehting) [patch]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28 Jan 2003, Simo Sorce wrote: I still think we _need_ to introduce a server role paramter, leaving the other active for tuning, but so that new admins will not get mad to have a decent configuration. server role = share|server|member|PDC|BDC|ADS or something like that. And i'm still not convinced that it adds any value. I just adds one more way to configure things (functionality we can already do) and confuses people reading older, but still valid, documentation. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+NoqnIR7qMdg1EfYRAjZVAKCSJvDI8vVAd+0FPBWNp8dQ6F4EbACdGhY7 DlsxZ0bKlD2k4zA01DsHEjQ= =Da63 -END PGP SIGNATURE-
Re: [PATCH] Change how samba (3_0) builds libsmbclient
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 26 Jan 2003 [EMAIL PROTECTED] wrote: The following patch changes the build process for samba (3_0) to build libsmbclient.so if and only if the operating system supports shared libraries. Today the build process tries to build libsmbclient.so even when the configure script has already determined that shared libraries aren't supported. In the case where libsmbclient.so is requested, either explicitly or implicitly and cannot be built, the script substitutes libsmbclient.a. As before, if libsmbclient is suppressed (--without-libsmbclient), then neither file is built. I have tested this patch on Stratus VOS (which does not support shared libraries) and on Solaris 2.8 (which does support them). Samba (3_0) configures and builds as expected on each system. I looked in vain for any mention of libsmbclient in the documentation files, so I'm not proposing any documentation changes. I think this is ok. I'm testing it locally and will apply it to HEAD/SAMBA_3_0 later today if all goes well. Thanks Paul. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+Nqm3IR7qMdg1EfYRAqL/AKDDfTD4wA/4kegYUAZuZfnU/hT69gCfZ+Bk MOFrAM0o5zq3HBCEZVX9y2A= =Fl/3 -END PGP SIGNATURE-
Re: ldap backend rejoining domain problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28 Jan 2003, Bradley W. Langhorst wrote: ah - this is what i'm suggesting - that samba automatically delete the machine account when it a machine leaves the domain. I don't know if it should be via that delete user script (but i don't think it gets called during domain unjoining). The script does work okay when run at the command line. Do you think that auto-deletion of machine accounts makes sense? I think it does because you can end up with a bunch of orphan machine accounts over time as various mahcines leave the domain and rejoin under different names. I don't think this is what the delete user script was originally intended for. I'll have to check and see how the code has changed since then to verify. Win2k/XP does issue a delete my account when you leave a domain, but this is a different case than where the delete user script used to be called. I'll check. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+No6EIR7qMdg1EfYRAt6MAKCHlSiKtIV0V0h859p668apxnjGkQCg42x7 HdpxuFpBvx6q5N7hJqSACMs= =Nsz9 -END PGP SIGNATURE-
Re: Bug in nmbd_become_dmb.c (CVS 1.7 3.somehting) [patch]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 22 Jan 2003, Damjan Zobo Cvetko wrote:
I dont know if this is the rigth list for this..
I'm using the latest samba 3.x. from CVS.. (because of the wins replication)
I have it set up as master browser, but it wont register itself (to the WINS
server running in the same nmbd) as DMB (WROKGROUP#1b..)
Why not just set
domain master = yes
domain logons = yes
?
By not setting domain logons, you've created a box that Windows clients
will believe to be a PDC but one that will not be listed in the DOMAIN#1c
list of addresses.
/* Do the domain master names. */
- if(lp_server_role() == ROLE_DOMAIN_PDC)
+ if (lp_domain_master() == True)
{
I don't think i will commit this patch unless you can further convince me.
cheers, jerry
--
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key http://www.plainjoe.org/gpg_public.asc
ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed
You can never go home again, Oatman, but I guess you can shop there.
--John Cusack - Grosse Point Blank (1997)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+NZ/kIR7qMdg1EfYRAqbGAKDtsGG8fo+025Zt8epRB32kINa8mACgi2V8
nl5zKAaKX+ImH6OjyxHZ41Q=
=LGOw
-END PGP SIGNATURE-
Re: PIPE BUSY
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 24 Jan 2003, Dave Aitel wrote: I guess I should have been more complete - I can send ONE fragment just fine, but when I send the next fragment (for a multy fragment request) I get back an SMB error that says PIPE_BUSY. (According to netmon). Does anyone know a rpcclient request that sends enough data to generate a multi-pdu request? (I'd use 3.0 but I can't get it compiled. :) Also looking for an example of Samba doing an RPC request via WriteX. Our client code couldn't do it for a long time. I thought Jim fixed this when he was working on the printer publishing stuff for 3.0. I could be remembering wring though. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+NaDgIR7qMdg1EfYRAj1NAJ4ykcxUZFLZNxiEmGM+BOO9jh85YgCguYpb BlPW/7EHweAnxkGY5/r2OCE= =cISr -END PGP SIGNATURE-
Re: Limitations of Samba-2.2.x as a domain member talking to an ADdomain controller
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 24 Jan 2003, Chere Zhou wrote: I had this similar question too. Apparently a Domain local group in the ADS does not show up on my Samba 2.2.5. Not sure what else would be. This should be fixed in Samba 3.0/HEAD. Known issue in 2.2 cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+NaCIIR7qMdg1EfYRAs4SAKCFrvpUxQ4WYg2t872kycnu4QiacwCghf9n 9S7x8GgnMKL/o/2/p3dgNn0= =NpHo -END PGP SIGNATURE-
Re: [PATCH] CUPS printer class support
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 24 Jan 2003, Michael Sweet wrote: The attached patch adds support for CUPS printer classes to SAMBA. Applied to HEAD/SAMBA_3_0 cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+Nd8/IR7qMdg1EfYRApRNAKCn0lMjMD1l0VNIUc4wDzzfyaBESACgoTYB hcdR95WoO3pnk0kcnsISDOg= =p2c4 -END PGP SIGNATURE-
Re: ldap backend rejoining domain problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 27 Jan 2003, Gerald (Jerry) Carter wrote: I have no problems joining, unjoining, and rejoining a Samab 3.0 domain (using an LDAP backend). Perhaps you could send me some logs files? I should have mentioned that this is using the latest SAMBA_3_0 cvs code. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+NeWlIR7qMdg1EfYRAufaAKCDHIEfeCyzyWbmqLYQys+2GHjlrQCfXrgl qMZAStZUuY4/uYgTYf8dqBw= =3Uu4 -END PGP SIGNATURE-
RE: Unnecessary NetBIOS domain lookups - fix to ads_init
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 14 Jan 2003, Ken Cross wrote:
Here's the actual patch to fix the problem below (same patch for
SAMBA_3_0 and HEAD):
# cvs diff -r SAMBA_3_0 -pu ads_struct.c
Index: ads_struct.c
===
RCS file: /cvsroot/samba/source/libads/ads_struct.c,v
retrieving revision 1.13.2.3
diff -p -u -r1.13.2.3 ads_struct.c
--- ads_struct.c1 Oct 2002 18:26:00 - 1.13.2.3
+++ ads_struct.c14 Jan 2003 10:23:24 -
@@ -94,10 +94,10 @@ ADS_STRUCT *ads_init(const char *realm,
/* we need to know if this is a foreign realm to know if we can
use lp_ads_server() */
- if (realm strcasecmp(lp_realm(), realm) != 0) {
+ if (realm *realm strcasecmp(lp_realm(), realm) != 0) {
ads-server.foreign = 1;
}
- if (workgroup strcasecmp(lp_workgroup(), workgroup) != 0) {
+ if (workgroup *workgroup strcasecmp(lp_workgroup(),
workgroup) != 0) {
ads-server.foreign = 1;
}
Looks good to me. I'll apply it to HEAD/SAMBA_3_0.
If those tests set ads-server.foreign to 1, then it will use NetBIOS to
try to find the domain. But there are places in the code where realm
and/or workgroup are not null, but are empty strings. In this case, I
don't think the test should succeed. I changed ads_init to the
following:
For my own edification, do you remember what places the realm/workgroup
was being set to ?
cheers, jerry
--
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key http://www.plainjoe.org/gpg_public.asc
ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed
You can never go home again, Oatman, but I guess you can shop there.
--John Cusack - Grosse Point Blank (1997)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+LDoVIR7qMdg1EfYRAuDMAJ98Tn0u3ARfC9dxXeqmdNjVH/ajGACfXH4+
TH5N6SZ08E+S3pyIFtrCcoo=
=PQ53
-END PGP SIGNATURE-
Re: Random problem with file locking
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 11 Jan 2003, Hans-Joerg Wolff wrote: Hi, every now and then I find in the logfiles the following messages from samba (v2.2.7): [2003/01/05 15:02:35, 0] tdb/tdbutil.c:tdb_log(531) tdb(/var/lock/samba/locks/locking.tdb): tdb_oob len -2320 beyond eof at 8192 [2003/01/05 15:02:35, 0] tdb/tdbutil.c:tdb_log(531) tdb(/var/lock/samba/locks/locking.tdb): tdb_free: left read failed at 4294964952 (4096) This seems not to be related to the current v2.2.7, this problem resides for quite while in the code... Looks like a LFS thing if I were to wager a guess. Have you tried 2.2.7a (since it fixed the LFS bugs in 2.2.7). cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+LDodIR7qMdg1EfYRAqErAJsGavCVkaTfbauhDGjLrDnHaa/SNwCgsMNe PWRmELEeVPx0KqGDpRmXa6Q= =bdzW -END PGP SIGNATURE-
Re: SetPrinter call failed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 9 Jan 2003, Meik Hellmund wrote: I'm trying to add printer drivers to samba using cupsaddsmb (CUPS1.1.18). This fails on samba3-alpha21 which comes with Debian/unstable. I installed the samba cvs version from today but with the same result. The problem is a rpcclient call: ~#rpcclient localhost -U root -c 'setdriver pp1 pp1' -d3 lp_load: refreshing parameters Initialising global parameters Password: Connecting to host=localhost share=IPC$ Connecting to 127.0.0.1 at port 445 Doing spnego session setup (blob length=58) got OID=1 3 6 1 4 1 311 2 2 10 got principal=NONE lsa_io_sec_qos: length c does not match size 8 SetPrinter call failed! result was NT_STATUS_UNSUCCESSFUL This is independent of whether printers/drivers named pp1 really exist, you can use arbitrary strings instead of pp1, so you should be able to reproduce this without cups or printer drivers. I can provide more debug info and try anything needed to help. Any help is greatly appreciated. I need to spend some time with CUPS. I'll try to do that some when I get back in the office next week. chers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+LDojIR7qMdg1EfYRAs3XAJ4tltvsDkRMquVFzLgozfRJRxD3UwCg8DY8 UKjSNs2TmQTq3Kn6rBOy/sg= =tQa+ -END PGP SIGNATURE-
Re: DOS mode bits missing from Folders
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 14 Jan 2003, Esh, Andrew wrote: I have a question about the following piece of code in HEAD smbd/dosmode.c, at line 139: if (S_ISDIR(sbuf-st_mode)) result = aDIR | (result aRONLY); This causes the DOS mode HSA Hidden, System, and Archive bits to be stripped off if a folder is being processed. This makes it impossible to store these bits on a Samba server. Windows allows them to be stored for folders, except for the S System bit. Why are these bits being stripped off folders? Shouldn't it be: if (S_ISDIR(sbuf-st_mode)) result |= aDIR; When I made that change, folders began to retain DOS bits like the ones stored on Windows do. The e(X)exute bits are special on folders. For example, if you remove the archive (user 'x' bit) from a directory, you will not be able to change to that directory. The DOS mode bit stuff really needs a better solution. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+LDpKIR7qMdg1EfYRAvkiAJ9cA8Gm9t9iPSBeYudtluJxJRuZ6ACfT3k7 ExM1uo7m6Eaf5RGXO6Y8wLQ= =WSgs -END PGP SIGNATURE-
Re: PAM and winbind on AIX 5.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 14 Jan 2003, Bjorn Roden wrote: I have managed to get pam_winbind.so (2.2.7a) to work on IBM AIX 5.2 but the sys_getpwnam() subroutine still need a user to be defined in the /etc/passwd file. Is it nessessary to port winbind_nss to AIX as a loadable authentication module (sort of similar to nss)? Yup. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+LDpPIR7qMdg1EfYRAhpbAJsGhXFwIrgj7QpAG0E1d6Bys/ZqdACgmXVE I4dbsmH/vJhL/e1ai81V4vE= =xpFe -END PGP SIGNATURE-
Re: Core dump of net -- fix to ldap.c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Got it.
cheers, jerry
On Sat, 18 Jan 2003, Ken Cross wrote:
# cvs diff -pu ldap.c
Index: ldap.c
===
RCS file: /cvsroot/samba/source/libads/ldap.c,v
retrieving revision 1.55.2.13
diff -p -u -r1.55.2.13 ldap.c
--- ldap.c 3 Jan 2003 08:28:02 - 1.55.2.13
+++ ldap.c 18 Jan 2003 14:44:33 -
@@ -1430,6 +1430,11 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT
if (!ADS_ERR_OK(ret)) return ret;
msg = ads_first_entry(ads, res);
+if (!msg) { /* KJC */
+ret = ADS_ERROR(LDAP_NO_RESULTS_RETURNED);
+ goto ads_set_sd_error;
+ }
+
ads_pull_sid(ads, msg, attrs[1], sid);
if (!(ctx = talloc_init(sec_io_desc))) {
ret = ADS_ERROR(LDAP_NO_MEMORY);
Ken
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+LDoMIR7qMdg1EfYRAu6cAJoDfC5DN+dImCB1LVc5RsGVtqgXiACfRv5U
enyINr76pmIRP+/qKspwenM=
=eOSS
-END PGP SIGNATURE-
Re: changes to passdb backend defaults in 3.0 alpha21
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 20 Dec 2002, Steve Langasek wrote: The following code appears in source/params/loadparm.c from 3.0alpha21: #ifdef WITH_LDAP_SAMCONFIG string_set(Globals.szLdapServer, localhost); Globals.ldap_port = 636; Globals.szPassdbBackend = str_list_make(ldapsam unixsam, NULL); #else Globals.szPassdbBackend = str_list_make(smbpasswd unixsam, NULL); #endif /* WITH_LDAP_SAMCONFIG */ Would it be possible to revert this change with respect to the 'passdb backend' default? This is a very awkward default for packagers who wish to enable LDAP support in their binaries, but still need to serve the needs of users who are not (yet) using LDAP. I just checked and this is still in SAMBA_3_0. You really don't need to get LDAP support. It's for a the 2.2 compatible parameters. The intent is to work like Samba 2.2 in the sense that with you enable LDAP support, that what you get. Or am I missing the gist of your question. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+LDooIR7qMdg1EfYRAiwZAJ9d3uIcO3EHw9SKx7RYL8b9tDcVtACg5WQF A8E+j0g/o0kdKmQHQC8pYPY= =kRjt -END PGP SIGNATURE-
Re: --with-cracklib (phase 2)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 17 Jan 2003, Pierre Belanger wrote: Too bad ;-) How about trying to send a POPUP Window on the Windows machine? I guess it's possible if the user is already logged in, but if the user is not logged in yet, i.e. I'm talking about the situation when you first boot up your computer and you're forced to change your password *NOW* before you can actually login on the network. I think the usename has already been registered at this point (USERNAME0x03) and the messenger service is already running. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+LDpEIR7qMdg1EfYRAmJcAJ9V9f9rqf/t0r17V8p/ROdoNBEm6QCfeK40 6l3Y8UtxoeryVyhqgn5nsvo= =6NGj -END PGP SIGNATURE-
Re: please report to samba-technical@samba.org
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 14 Jan 2003, Tim Potter wrote: On Mon, Jan 13, 2003 at 08:40:55AM -0500, Green, Paul wrote: [2003/01/08 08:26:20, 0] rpc_parse/parse_spoolss.c:spoolss_io_devmode(607) spoolss_io_devmode: Unknown specversion in devicemode [0x0] [2003/01/08 08:26:20, 0] rpc_parse/parse_spoolss.c:spoolss_io_devmode(608) spoolss_io_devmode: please report to [EMAIL PROTECTED]! Umm, what OS? What version of Samba? Who/what is the client (Windows version xyz?) What were the clients doing to make this happen? (if you know)... Can you make a test case? Even better would be a capture (either with tcpdump or Microsoft netmon) of this exchange. This is from rpcclient i'm fairly sure. False alarm. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+KCxYIR7qMdg1EfYRAiZ1AKDSvHqsKvHKxbTcwSDL+jBkwf9rrQCcDPqR afSvgDn/oGYLh1QdjsaT7Dc= =rVkx -END PGP SIGNATURE-
Re: How do I enable groupname map functionality?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 17 Jan 2003, Eric Boehm wrote: I can see code in Samba 2.2.7a in source/smbd/groupname.c to do groupname map functionality. I see #ifdef USING_GROUPNAME_MAP This is all removed in Samba 3.0. It has probably bit rotted since I think it was written around 2.0. I would recommend staying away form it. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+KCj5IR7qMdg1EfYRAqZeAJ9OoZc78LdvDk6ozVDkJSu5RcXjuwCgoAdq 77mkub0KJGv93WooKP2iWu0= =+wqC -END PGP SIGNATURE-
Re: CVS update: samba/source/include
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 16 Jan 2003, Andrew Bartlett wrote: If you were going to start merging NTLMSSP changes across, then you need to add ntlmssp.h, otherwise this looks like you just missed it when merging includes.h/rpc_dce.h. I was going to merge those changes when I had them stable (not changing each night :-) I'm a little more lax with header files that with *.c cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+Jc9rIR7qMdg1EfYRAtNTAJ9b/jxjuhUj42XNqiRM9zggkTMsqACghVMR 5+e9lflFejnPYplaJzBJSc8= =wwMe -END PGP SIGNATURE-
Re: CVS update: samba/source/utils
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 16 Jan 2003, Andrew Bartlett wrote: The reason I didn't merge this on previous passes (yes, I've done merging too) is that I don't agree that this should be in 'net'. There isn't any logical connection for it to be here - it should probably be an option to pdbedit, or something like that. KO. At this stage in the game, little things like this are going to be the death of me. There is no reason for HEAD and SAMBA_3_0 to differ here. If you want to move it to another tool later, that's fine. But trying to keep track of little issues like this is too much work. Plus it's too hard to coordinate when tidbits of info are stored away in the mind of one developer. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+JdNIIR7qMdg1EfYRAjpdAKC2H31A2661+e7olNM1fzX36yYpvwCdHyfP ylWk3glpJJdFyf8/c7A56m8= =AEbO -END PGP SIGNATURE-
Re: RFE: build
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 5 Jan 2003, Juergen Hasch wrote: You are right, $(LDFLAGS) is missing for libsmbclient. I think the correct patch would be to add the missing $(LDFLAGS) in Makefile.in only where it is missing: -- --- Makefile.in.orig2002-09-20 21:10:45.0 +0200 +++ Makefile.in2003-01-05 23:15:22.0 +0100 @@ -645,7 +645,7 @@ bin/libsmbclient.@SHLIBEXT@: $(LIBSMBCLIENT_PICOBJS) bin/.dummy @echo Linking libsmbclient shared library $@ -@$(SHLD) @LDSHFLAGS@ -o $@ $(LIBSMBCLIENT_PICOBJS) $(LIBS) \ +@$(SHLD) @LDSHFLAGS@ -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \ @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR) bin/libsmbclient.a: $(LIBSMBCLIENT_PICOBJS) bin/.dummy Applied. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+GcEWIR7qMdg1EfYRApWQAKC9hxF4BZEOhI45yWSKHCAcQ/SgfQCgzVxW +3qMT8JUjAa/Su3knm5rOZ8= =UvPO -END PGP SIGNATURE-
Re: [PATCH] redhat packaging script/template
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 3 Jan 2003, BIRD-nonTRW, Andrew (York Rd) wrote: Hi there Here is a quick patch to correct the behaviour when trying to build a redhat rpm in a directory other than the default. The .rpmacros file should not need to be executable and the inequality operator in Bourne shell is '!=' not '' Done. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+FaqEIR7qMdg1EfYRAlg1AKDeQd1IBq1rfeg9YXJ2+HyH6iCKzACfTbhp ESikNjaHOFhakwtVl0Q0qJc= =c0Wu -END PGP SIGNATURE-
Re: [PATCH] wildcard usage in automount map
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 3 Jan 2003, BIRD-nonTRW, Andrew (York Rd) wrote: Hi All Here is a little patch to allow usage of the wildcard entry in the (YP/NIS+) automount map. Basic operation is a follows; In a automounting environment it is common to use a map like this with a catchall wildcard entry. user1server-a:/path/to/disk1/user1 # explicit entry user2server-b:/path/to/disk2/ # slightly less work for admin - looked up key(user2) is substituted back in for ampersand * server-c:/path/to/disk3/ # any user not in the map explicitly, gets this entry again with key replacement. I have added code for both YP and NIS+ but have not had the opportunity to test NIS+ as I don't have a running NIS+ domain. You will notice the change in substitute.c. The present behavior is not correct in any share but happens to work in the [homes] one since both username and resolved sharename are the same. So currently when using %N / %p in a share called [test] the automount server is looked up in the map with key(username) but the path is looked up in the same map with key(test). Andrew, Could you please resend this to me the patch generated by diff -u ? Also, please include it as an attachment. Makes it easier to handle and review. Thanks. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+FatmIR7qMdg1EfYRAildAJ9tJW9lHgp6sb90qi0g6Pdo6XWMQgCggXFP qlmRF5IM7EDysdrnpQWLhHo= =EY/F -END PGP SIGNATURE-
Re: Time interval for log file renaming.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 3 Jan 2003, Colin Slade wrote: Hi there A quick question, as I've looked around but can't find it documented anywhere. From the man page of smb.conf re. max log size : Samba periodically checks the size and if it is exceeded it will rename the file, adding a .old extension. Is there a way to set/change this time period ? The reason I ask is that during large (3-400MB) downloads to a samba share I noticed that log files were growing up to 40 MB even although the max log size is set to 500k. IIRC, the log rotation is handled in our idle loop. SMB packets are given priority so on a busy server the period will be longer than on an idle one. See smbd/process.c or something like that. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+Fau4IR7qMdg1EfYRAhI7AJ9bQJ2Cq3bvVVTGgQoPwGgWZKysngCdELV+ DdLIfsduTWpXoY8bMk8cFRE= =V40u -END PGP SIGNATURE-
Re: daemontools patches for SAMBA 2.2.7a and HEAD
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 2 Jan 2003, Michael Handler wrote: Have people had a chance to look at these patches and consider committing them to SAMBA? They're really simple and come with documentation mods, and they'd make life easier for a lot of sysadmins. Gerald had said back on 2002-09-25 that he wanted to get these committed, but by then the patches I had generated for 2.2.4a and HEAD were no longer valid... I'm looking at them now. Just back from a two week vacation. Thanks Michael. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+Fa3oIR7qMdg1EfYRAvhKAJ9nm5s0SjdHPVXdDPilVLFAktWMdQCfZxat 5ec/r1UjUp+ZyKYzKVMwi00= =H7Bu -END PGP SIGNATURE-
Re: installdirs.sh - samba 3.0a21
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 16 Dec 2002, Nir Soffer wrote: in Samba 3.0a21 it appears as though installdirs.sh doesn't create all the directories it should From my Makefile: @$(SHELL) $(srcdir)/script/installdirs.sh $(BASEDIR) $(BINDIR) $(SBINDIR ) $(LIBDIR) $(VARDIR) $(PRIVATEDIR) From installdirs.sh for d in $BASEDIR $SBINDIR $BINDIR $LIBDIR $VARDIR $PRIVATEDIR; do What's up with PIDDIR and LOCKDIR, shouldn't they be in there as well? Fixed. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+FayAIR7qMdg1EfYRAtwaAJ4jRtOQ/xDW0igbvRnYkutlQFRbxQCg5EBE wze5ENIDMGGityU/yFKD51Y= =4P4S -END PGP SIGNATURE-
Re: [homes] share
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yep, I think I changed the order of that test - because we use use the 'snum' attached to the vuid if possible, so as to avoid expensive lookups. The correct fix would be to fix lp_add_home() not to overwrite things when it finds that the home dir share already exists. (Because all the damage is actually done there - the order that the search is done doesn't matter any more, as the share is added as session setup time). Unfortunately the fix I was about to commit seems to be the opposite of an earlier 'fix' for a related bug. I'll need to stare at this a bit more... Andrew, Changing the order of the lookup without letting everyone know is a really bad thing. This is an incompatible change with 2.2. Since you described the correct fix, please take care of this. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+FHWfIR7qMdg1EfYRAroZAKCmA1zv37Cbz5CkXVzBvEG/yAxrCgCgqoeF 0xfeqyczgN14iM8MEmT8GGs= =U5Gm -END PGP SIGNATURE-
Re: Going from 3.0 to 2.2.7
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 2 Jan 2003, Irving Carrion wrote: I'm considering going to 2.2.7 version of Samba, but currently I'm at 3.0. Is it possible to do this smoothly without having to re-join all client machines to the domain? Probably will be painful. We generally work hard to make upgrades work, but downgrades are going to be troublesome due to TDB versioning changes, format changes, etc cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+FHsZIR7qMdg1EfYRAodyAKDZA/621UCjGnQChN/TlC4wfv5vVACdFQlC mFq9lVK3tuIwsNZzujdLCjg= =SkrZ -END PGP SIGNATURE-
Re: At least some people appreciate the effort we put in
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 1 Jan 2003, Richard Sharpe wrote: So, while it is clear that there are assholes in the world, there are also those who make it all worth while. Richard, Why are you posting this to the list ? There could be any number of reasons why someone did not respond to your patch. You cannot just assume that someone is being rude. Maybe he/she was or maybe not. Who knows? And what real difference does it make? Would you do it again for someone else? Probably so? cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+FHrVIR7qMdg1EfYRAtwaAJ4sYQYzjuyeGDOck38qZCWzJLRltwCgt04W O2Evn9kvhC+W7/6Q2pNVpfQ= =dGon -END PGP SIGNATURE-
Re: Memory leak in smbd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 14 Dec 2002, Ken Cross wrote: Guys: While running NetBench against SAMBA_3_0, there appears to be a memory leak. The smbd process just keeps growing and I eventually see things like this in the log: We're trying to track down somethign similar isthe APPLIANCE_HEAD branch. Probably the same bug. Hope to finish it off this week. Can you send me some more details like the VSZ of the smbd process in question, smb.conf, action being performed by the connected client, etc... cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE9/d7vIR7qMdg1EfYRAkX1AKDHd2gSL5SWophbpHWYqDBoRNyQpgCgoRPd Ey2YeexuCFDFF/XbNN/GFAs= =aYUm -END PGP SIGNATURE-
Re: [PATCH] allow cross-compiling samba-2.2.7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dan,
Please send me the patch and I'll work on getting it in.
cheers, jerry
On Fri, 6 Dec 2002, Dan Kegel wrote:
Here's the only use of HAVE_GETTIMEOFDAY_TZ:
void GetTimeOfDay(struct timeval *tval)
{
#ifdef HAVE_GETTIMEOFDAY_TZ
gettimeofday(tval,NULL);
#else
gettimeofday(tval);
#endif
}
Thus all it's trying to do is tell whether the 2nd parameter
has to be there. You can do that without a runtime check --
unless you're trying to be sneaky and optimize away one
parameter for performance reasons.
If the group feels that there's an important performance reason
to avoid that 2nd parameter, then sure, I can submit another
patch that keeps the current skip the 2nd parameter if it
didn't crash the first time we called it with only 1 parameter behavior.
- Dan
- --
--
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key http://www.plainjoe.org/gpg_public.asc
ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed
You can never go home again, Oatman, but I guess you can shop there.
--John Cusack - Grosse Point Blank (1997)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE9+h3EIR7qMdg1EfYRAh6cAKDvfsibGbHI9oZJbqlaTdkMfEa56QCg3yua
wZWpDj/x7oM8ppKE63vbaJw=
=hD85
-END PGP SIGNATURE-
Re: Samba 3.0 on Solaris 9 using ADS?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 6 Dec 2002, Gareth Beale wrote: I need to get Samba 3.0 built and configured on Solaris 9 to authenticate against a W2K (AD) domain controller. The company is moving from mixed mode to pure W2K and AD next year. I found an article by Scott Lowe that provides some background for Redhat Linux, but I wonder if anyone has done this for Solaris 9. Given enough time, trial and error I can probably get it done, but before I invest the time I wanted to check for any existing references. Anyone got this configuration running? The Samba configuration part should be the same. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE9+h3AIR7qMdg1EfYRArkLAJ0XhW2H13nGsvGbJ6Oo+aZov/CzdgCg30xq pCUsQ/fm9LApZibZm3bc6uk= =Xjds -END PGP SIGNATURE-
Re: Problem with latest Samba 2.2.7a PGP signed files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 11 Dec 2002, David Lechnyr wrote: While convenient for web browsers, it's not exactly backwards-compatible for both GPG and the average sysadmin who's probably struggling with verifying PGP signatures for the first time. It's not Samba's fault; GPG just isn't very descriptive in it's error message, which is somewhat misleading. But then that's just me talking... ;-) Good point. I'll update the download page to make a note of it. in retrospect, it might have been better to sign the tarball. So there would be one signature for both the gzipped and bzipped copy. You would just have to decompress the archive before verifying the signature. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE9+LqQIR7qMdg1EfYRAjaYAKDm+TzTGTHEie8j41/9cWXzDR20xgCbB8fm H8vKMcIMQkvzR4FnkZSXLYM= =k16J -END PGP SIGNATURE-
[Fwd: Microsoft Security Bulletin MS02-070: Flaw in SMB SigningCould Enable Group Policy to be Modified (309376)]
In case anyone missed this... cheer, jerry Original Message -BEGIN PGP SIGNED MESSAGE- - -- Title: Flaw in SMB Signing Could Enable Group Policy to be Modified (309376) Date: 11 December 2002 Software: Windows 2000, Windows XP Impact: Modify group policy Max Risk: Moderate Bulletin: MS02-070 Microsoft encourages customers to review the Security Bulletins at: http://www.microsoft.com/technet/security/bulletin/MS02-070.asp http://www.microsoft.com/security/security_bulletins/ms02-070.asp. - -- Issue: == Server Message Block (SMB) is a protocol natively supported by all versions of Windows. Although nominally a file-sharing protocol, it is used for other purposes as well, the most important of which is disseminating group policy information from domain controllers to newly logged on systems. Beginning with Windows 2000, it is possible to improve the integrity of SMB sessions by digitally signing all packets in a session. Windows 2000 and Windows XP can be configured to always sign, never sign, or sign only if the other party requires it. A flaw in the implementation of SMB Signing in Windows 2000 and Windows XP could enable an attacker to silently downgrade the SMB Signing settings on an affected system. To do this, the attacker would need access to the session negotiation data as it was exchanged between a client and server, and would need to modify the data in a way that exploits the flaw. This would cause either or both systems to send unsigned data regardless of the signing policy the administrator had set. After having downgraded the signing setting, the attacker could continue to monitor the session and change data within it; the lack of signing would prevent the communicants from detecting the changes. Although this vulnerability could be exploited to expose any SMB session to tampering, the most serious case would involve changing group policy information as it was being disseminated from a Windows 2000 domain controller to a newly logged-on network client. By doing this, the attacker could take actions such as adding users to the local Administrators group or installing and running code of his or her choice on the system. Mitigating Factors: - A fix for this issue is already included in Windows XP Service Pack 1. - Exploiting the vulnerability would require the attacker to have significant network access already. In most cases, the attacker would need to be located on the same network segment as one of the two participants in the SMB session. - The attacker would need to exploit the vulnerability separately for each SMB session he or she wanted to interfere with. - The vulnerability would not enable the attacker to change group policy on the domain controller, only to change it as it flowed to the client. - SMB Signing is disabled by default on Windows 2000 and Windows XP because of the performance penalty it exacts. On networks where SMB Signing has not been enabled, the vulnerability would pose no additional risk - because SMB data would already be vulnerable to modification. Risk Rating: - Windows 2000: Moderate - Windows XP: Low - Windows XP Service Pack 1: None Patch Availability: === - A patch is available to fix this vulnerability. Please read the Security Bulletin at http://www.microsoft.com/technet/security/bulletin/ms02-070.asp for information on obtaining this patch. - - THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. -BEGIN PGP SIGNATURE- Version: PGP 7.1 iQEVAwUBPfeslI0ZSRQxA/UrAQEG5Af/WQf7JMmFg0tRH328X2kdNRrgmGyGO6iv XCn3lSNxZVhhJpSoIOPdb4vkc19vWHPx+UxWtesX9v7so9avlWvZYBkDJLr6587N /f5sTbKx0ZdH22AKW+zDJ7LgHeeq1VOasTXP1FKQnFWFAGUivZdkhEZjmvQfSaqK jsXWJ1IJuZGkGAv8enE7/Ka2FFDBnZHoMwRGC5kapSDLwF8AW04fkDXl0rSE24hO oII1DUFTNB+12vZvrqXG9SYuEf+uTiVmuE/9cU+X9NLH+5MAH1qdl0OnCEfpKYEG fuHvlXTKC7ZpWQGMmoUoqq6c7HeWywKrT9WYkeo2mnWZLviE+U5peA== =6oW0 -END PGP SIGNATURE-
Finding Domains in the GC (fwd)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In case someone needed this jerry - -- Forwarded message -- Date: Wed, 11 Dec 2002 21:23:59 -0500 From: Eric Nichols [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Finding Domains in the GC I answered my own question. I thought it best to share it with the group. Querying a Global Catalog for list of domain names is easy if each domain is a child domain. Get the default context and walk the tree... The problem I had is that can exist peer domains. These are not viewable through the structure or rootdse record. The solution is a fairly simple query: base= objectclass=trusteddomain attrib=cn Each object will be a domain name inside the forest. From the cn attribute it's possible to guess the context of each domain (test.root.com = dc=test,dc=root,dc=com). I hope this helps someone! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE9+LX9IR7qMdg1EfYRAlwIAJ9nUSn7o37jewuC9fZy0pMb/GJ/aACg7JJM 5/XOvDuLPFGkwtFUlZ+HE8k= =yzNs -END PGP SIGNATURE-
why is the machine trust account password....
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 stored in clear text in secrets.tdb (HEAD) when i join an NT 4.0 domain? It doesn't store the the last change time either. Unless someone yells, i'm going to fix this. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE9+Ru/IR7qMdg1EfYRAtp8AJ4xbQ6nZlEK5RNtHm7Xf6vFkvdeowCbBYYY WgyXedWwFMizM1OExjRy7CU= =wwdr -END PGP SIGNATURE-
Re: Clean up of spool files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Dec 2002, Zdenek Niederle wrote: I'm using Samba 2.2.5 and CUPS to handle printing on our network. Unfortunately, the smbprn.xx spool files are not being cleaned up and instead are quickly filling the spool directory. Is their a setting or option to ensure the files are cleaned up once sent to the printer? I am aware that using a cron job would work but this can't be the best solution. Known bug fixed in 2.2.6. Please check the archives (and better to use [EMAIL PROTECTED] for general admin questions). cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE9712sIR7qMdg1EfYRAu4AAJ4/1Cj8xQDF4bXXyliFM9BgMSsMTQCg6pfv hSfR+0YHUlMLEUFknjkSLQw= =IR2v -END PGP SIGNATURE-
Re: 3.0 requires an admin account to join samba to a domain?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 5 Dec 2002, Rafal Szczesniak wrote: Oh, it's being changed now, by me. I recently renamed the file and put another trust-related function there. I'm also going to rename the just_change_the_password() and (possibly) give it more general shape to use it with domain trusts, as well. In summary: I'm working there, right now :) ... and agree -- the names have been horrible, so far. It would be nice to settle on function names and change them as little as possible since people get used to grepping for certain strings to locate functionality. And why did I get 4 copies of this mail? I understand why I got 2, but 4? cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE972GRIR7qMdg1EfYRAr4pAJ9w6+j4D+hQUcLEgByrFZXULJUjmACghmZO Kxtb8jsKxcs54dThqC4+FvU= =37Pj -END PGP SIGNATURE-
Re: Serious Winbind packaging bug in 2.2.7 binaries
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 3 Dec 2002, Matthew Mastracci wrote: I just spent a few hours diagnosing a problem with 2.2.7 on Redhat 7.3 that turned out to be (what I believe) is a packaging bug. The symbolic link from libnss_winbind.so to libnss_winbind.so.2 is missing. This made nsswitch unable to enumerate windows users, and as such, disabled use of my samba server for everyone logging in. I should have picked up on this when getent passwd failed to show the domain users, but I ended up looking at everything else instead. I think it is probably just a problem with the RPM script. Here is the RPM dumped output: Thanks. Good catch. I've fixed this in CVS now. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE97gJ7IR7qMdg1EfYRAroVAKCbbKxuKgreAbIF9KQmbuoltgAyrwCgsVKs d1UfIUIEN6v82EtR8k9rnPM= =/Upw -END PGP SIGNATURE-
Re: Multiple IPs for PDC?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 25 Nov 2002, Ken Cross wrote: G'Day: In the get_pdc_ip routine in libsmb/namequery.c in -current, there's an assertion: SMB_ASSERT(count == 1); which bombs out if the PDC has multiple IP addresses. I have a PDC with 3 network interfaces, so it isn't too happy. Yup. YOu're right. I'm working on it now. Thanks for letting us know. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE97ko3IR7qMdg1EfYRAhZnAJ0Y3FwseLwE1/EItOKly9zZfJlkXgCfQapJ 3b/GR8KbaJrp/FWncpmoBDY= =HoIv -END PGP SIGNATURE-
3.0 requires an admin account to join samba to a domain?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Anyone? Can someone confirm or deny that there is not net equivalent of smbpasswd -j DOMAIN -R PDC in HEAD? All I see requires an admin username/pw cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE97lyGIR7qMdg1EfYRAt6jAKDttSzfttjQfeMCdOhrX8Y1QbsaEACeIM1M my3xKYHQSFjp6nlQADkdRR0= =CJGo -END PGP SIGNATURE-
Re: 3.0 requires an admin account to join samba to a domain?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Dec 2002, Jim McDonough wrote: Can someone confirm or deny that there is not net equivalent of smbpasswd -j DOMAIN -R PDC in HEAD? All I see requires an admin username/pw Just net rpc join should do it. Try net help rpc join I found it. Who came up with the function names? They're horrible! jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE97mEKIR7qMdg1EfYRAjXJAKCIpGWvUpI+r1opx11rQpvTk/T+uQCfZ+Fm S9Cb08ZEq6xkuDgxiPElxbs= =w8hO -END PGP SIGNATURE-
Re: 3.0 requires an admin account to join samba to a domain?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Dec 2002, Jim McDonough wrote: Can someone confirm or deny that there is not net equivalent of smbpasswd -j DOMAIN -R PDC in HEAD? All I see requires an admin username/pw Just net rpc join should do it. Try net help rpc join And why are there two functions for changing a machine trust account? jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE97mFEIR7qMdg1EfYRAhFuAJ46LHH+ni18cfxge6bv14ZJ6bu6AwCeKZLV ArPJT0UhFBjU+ksEA7d6gqY= =vR43 -END PGP SIGNATURE-
RE: 3.0 requires an admin account to join samba to a domain?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 4 Dec 2002, Ken Cross wrote: To Jerry's original question: it seems to fail without an admin username/pw. With the old smbpasswd, it would work if a machine account was first set up on the PDC -- now it doesn't. I found some code named rpc_join_oldstyle_internals() should do it, but I've not actually verified this. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE97mNPIR7qMdg1EfYRAnNaAJ4sW++GB7Bcsbtdh1hdUUKDLOFdAgCfbQn3 BWEL2H4NFt1mZQOrI7fc6So= =rB9g -END PGP SIGNATURE-
Re: 3.0 requires an admin account to join samba to a domain?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 5 Dec 2002, Rafal Szczesniak wrote: I found it. Who came up with the function names? They're horrible! Originally it was an attempt to follow underlying mechanism name. As 'net' gets general and therefore complicated tool, we getting farther from this intend. Perhaps synonyms could help, but only for a while. After that it would be a straight way to horrible mess. Maybe it's time to start 'net search key=...' ? ;-) I meant things like just_change_the_password() cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE97qAaIR7qMdg1EfYRAgV2AJ9DdsCdwldhBYmZJfX6Jd0i6jb5bgCgpQxl Vnr2DwMHgsMUIUgXyk+YAVM= =HmP7 -END PGP SIGNATURE-
Re: 2nd attempt: Modify location of printerdriverfiles
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 28 Nov 2002, Kätzler, Ralf wrote: I like to use a samba-server as printer-server for about 500 users with ~ 40 different printers. The client OS is NT4 or XP. The problem I encountered is that there are printerdrivers out there which use for different models dlls with the same name but the dlls are not compatible Can you give more details on how you came up with this conclusion? - great!! - ! So only the last installed printer works flawless, because the dll for the other model is overwritten during driverinstall. My This is basically a Windows design flaw which driver manufacturers have to very careful with. question: Is there a tool, which allows save tempering with the *.tdb, to change the path to the driverfiles or to change the behavior to rpc getdriverinfo? This way it would be possible to create an own driver-directory-structur and all those printerdriver related problems are gone... No. Not really, but what you would need to do is to modify the DRIVER_INFO_3 structure to reflect where you placed the files. Calling the printermanufactor is hopeless. The only answer I got is: This must be a problem with your OS... thanks for your help. :( Was this HP? If so contact me off list. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE95iMjIR7qMdg1EfYRAmkWAJ9zynR81D2ZwbabzanjNkun01J3QACfdYAA fIhCGZWa/nmZXLFTXUNvA8U= =9lxJ -END PGP SIGNATURE-
Re: Encrypted Passwords Restricting Logon Attempts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 27 Nov 2002, Jim Morris wrote: Now their corporate headquarters has identified this issue (unlimited login attempts allowed) as the primary violation on a recent security audit of the network in this branch office of the company. I think they have only given the local MIS guy a few days to achieve compliance. From a personal standpoint, 3.0 is soon enough. For the company involved, I think they may end up switching to plaintext passwords as a temporary solution. I've had a conversation with them today, and it sounds like the local guys are willing to do that for the short-term. That's funny! Switching to plain text passwords to be in compliance with a security audit :-) I'm choking on the irony of it all! cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE95iQMIR7qMdg1EfYRAgZVAJ4mckVPwZGbpTwhz5jZ8mCO4koxiACg7KcZ lyOdKNmyK3kjYpNcq9ZNr+w= =qQcu -END PGP SIGNATURE-
Re: Smb passwords 8 chars
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 28 Nov 2002, Olaf Flebbe wrote: A samba server with encrypted paawords on Solaris8 does not correctly handle passwords containing more than eight characters. A local smbclient can correctly handle this situation, but NT 4.0 and W2K cannot connect to a share protected with encrypted password 9 chars long. The newly ported LynxOS Server shows the same problem ;-) Make sure REPLACE_GETPASS is defined in config.h. I tested this on Solaris 8 prior to release and everything was working fine. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE95iRrIR7qMdg1EfYRAjVtAJ43/SJUdfNMX5RIEgjMMfiHjsnFdACdGZCn kIbA7CJxUJG89M2hzVyJ/Z0= =UE/f -END PGP SIGNATURE-
Re: add VFSLIBDIR to 3_0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 27 Nov 2002, Stefan (metze) Metzmacher wrote: I think adding VFSLIBDIR is not nice, because jelmer is working on the modules stuff in HEAD and we'll load the modules via the 'modules = ' and 'modules path =' (not yet added) parameters. and make modules should make all modules not only VFS modules. I think all modules should be in LIBDIR and 'modules path' should be LIBDIR by default. Long ago we started using /usr/lib/samba as the top libdir in RPM installs. VFS modules were placed in /usr/lib/samba/vfs. I placed the codepages/*.dat files in /usr/lib/samba. If people think that all libraries shsould go in a flat directory, below /usr/lib/samba/, that's fine with me. We just need to all be on the same page. And sometimes messageso to the maining list is not enough (if you know someone in particular needs to know a new piece of information). BTW: is there a reason why make instalmodules install the modules in VFSLIBDIR and make uninstallmodules try to remove them from LIBDIR and not from VFSLIBDIR? typo from late night working on the release. cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE95OlxIR7qMdg1EfYRAlmxAJ9QZokWu5918nvVImbDaMjZsluUGgCeNnDK R0TIP6tgvaIse6QeOTnHQLU= =RLJD -END PGP SIGNATURE-
Re: add VFSLIBDIR to 3_0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 27 Nov 2002, Stefan Metzmacher wrote:
I decided with Jelmer that the codepages/*.dat files should be installed
in ${datadir}/samba witch is ${prefix}/share/samba
Great that you decided, but no one told me about that.
And the Makefile had them going to $(LIBDIR).
cheers, jerry
--
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key http://www.plainjoe.org/gpg_public.asc
ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed
You can never go home again, Oatman, but I guess you can shop there.
--John Cusack - Grosse Point Blank (1997)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE95PEFIR7qMdg1EfYRAlX6AJ9acfThHprFAKVVsvBhg2wCPuZFrgCgk5uG
8LqP68Y4gPqlWx8qD44Grqw=
=9TdJ
-END PGP SIGNATURE-
Re: add VFSLIBDIR to 3_0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 27 Nov 2002, Stefan Metzmacher wrote:
At 10:21 27.11.2002 -0600, Gerald (Jerry) Carter wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 27 Nov 2002, Stefan Metzmacher wrote:
I decided with Jelmer that the codepages/*.dat files should be installed
in ${datadir}/samba witch is ${prefix}/share/samba
Great that you decided, but no one told me about that.
And the Makefile had them going to $(LIBDIR).
just read my last mails to samba-technical:
http://lists.samba.org/pipermail/samba-technical/2002-November/040963.html
http://lists.samba.org/pipermail/samba-technical/2002-November/040966.html
http://lists.samba.org/pipermail/samba-technical/2002-November/040967.html
http://lists.samba.org/pipermail/samba-technical/2002-November/040991.html
Rightbut then again I said i was behind on ml emails :-)
I go back and make sure I cover that thread.
cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE95PaxIR7qMdg1EfYRAr+QAJ45lLOwRF1x7tDesJrVwH/k8ICJKgCfbIl8
Px81cWzjcsH5lsQhODc0ljQ=
=9duj
-END PGP SIGNATURE-
Re: build issue w/samba head
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 26 Nov 2002, Green, Paul wrote: In the last day, someone has added a call to inet_aton to samba/source/lib/util_str.c. Stratus VOS does not have this function. Rsync happens to have a substitute implementation of this function in rsync/lib/compat.c, and (I imagine) the configure test to activate it. Can we get this added to samba head? I can take care of this, but probably not for a few days... arrgghh... fixing it now. jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 SAMS Teach Yourself Samba in 24 Hours 2ed You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE95EaqIR7qMdg1EfYRAuAbAKDTN3tX8DhcAYCn/sPj2u5ZJdWBmACeL9Ra kY+EuMAPrl440X/+tI+UOt4= =NXDw -END PGP SIGNATURE-
Re: (fwd from jerry@theashergroup.com) Suggestion: describe (or linkto) how to verify your distributions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 22 Nov 2002, Steve Langasek wrote: On Fri, Nov 22, 2002 at 02:31:21PM -0800, Martin Pool wrote: According to samba.html, the distribution key is http://us1.samba.org/samba/ftp/samba-pubkey.asc gpg: key 2F87AF6F: public key Samba Distribution Verification Key [EMAIL PROTECTED] Then perhaps this should be refreshed from the copy that's on the public keyservers, which is where I imported it from? Done. $ gpg --list-sigs 2F87AF6F pub 1024D/2F87AF6F 2002-10-15 Samba Distribution Verification Key [EMAIL PROTECTED] sig 3 2F87AF6F 2002-10-15 Samba Distribution Verification Key [EMAIL PROTECTED] sig D83511F6 2002-10-15 Gerald W. Carter [EMAIL PROTECTED] sig F8437071 2002-10-15 Christopher R. Hertel (U of Minnesota) [EMAIL PROTECTED] sig 2 1EEF5276 2002-10-15 Jelmer Vernooij (ctrlsoft) [EMAIL PROTECTED] sig A164FD0D 2002-10-17 Koyama Mituru [EMAIL PROTECTED] sig 3 0722021E 2002-10-17 Tim Potter [EMAIL PROTECTED] sig 1045AA4F 2002-10-16 Volker Lendecke [EMAIL PROTECTED] sig 3 DF1DD471 2002-10-17 Michael H. Warfield [EMAIL PROTECTED] sig 3 8408D65D 2002-11-22 Herb Lewis [EMAIL PROTECTED] sig 1A8F22BC 2002-11-22 James Willard [EMAIL PROTECTED] sig 3 F5DA6BE3 2002-11-10 Vesselin Kolev [EMAIL PROTECTED] sub 1024g/4A271F85 2002-10-15 [expires: 2004-10-14] sig 2F87AF6F 2002-10-15 Samba Distribution Verification Key [EMAIL PROTECTED] cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE94kXxIR7qMdg1EfYRAu1hAJ9MEjdEmnPp9PJDAE32qpo9iQg9kQCcCnxc g165bI87tiI6AwSsIH0EyGQ= =/mfw -END PGP SIGNATURE-
Re: Binaries for solaris disappearing from ftp site
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 20 Nov 2002, Jeff Mandel wrote: Since the recent announcement for the 2.2.7 release, I looked again for solaris binaries. For a while there were packages up to 2.2.4. After 2.2.5 came out the others vanished and 2.2.2 and 2.0.7 were left. Are you still planning to keep packages for solaris on the samba site? I'll build some tomorrow. The Solaris packages are pseudo-maintained by Shirish @ Veritas. cheers, jerry - Hewlett-Packard - http://www.hp.com SAMBA Team-- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2SAMS Teach Yourself Samba in 24 Hours 2ed I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE93BB6IR7qMdg1EfYRAilJAKDKhakoDP1CoErXeX+017gVcTNP8ACgz4hP h9JMk88cijUjds9O3yUMjhU= =pnNA -END PGP SIGNATURE-
