summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* smbd: Add mem_ctx to {f,}get_nt_acl VFS callAndrew Bartlett2012-10-1125-130/+245
| | | | | | | | | | | This makes it clear which context the returned SD is allocated on, as a number of callers do not want it on talloc_tos(). As the ACL transformation allocates and then no longer needs a great deal of memory, a talloc_stackframe() call is used to contain the memory that is not returned further up the stack. Andrew Bartlett
* smbd: Add mem_ctx to sys_acl_init() and all callersAndrew Bartlett2012-10-1127-146/+219
| | | | | | | | | | This changes from allocation on NULL to allocation on the supplied memory context. Currently that supplied context is talloc_tos() at the the final consumer of the ACL. Andrew Bartlett
* build: Add vfs_media_harmony to the waf buildAndrew Bartlett2012-10-111-0/+9
|
* posixacls: Add IDL changes for vfs_acl_xattr using hash of the sys aclAndrew Bartlett2012-10-112-1/+32
| | | | | | | | This will isolate the hash of the ACL from any intermediate mapping that the POSIX -> NT mapping subsystem might need to do, and which might change if we need to correct that mapping. Andrew Bartlett
* s3-rpc_server: fix build warningDavid Disseldorp2012-10-101-0/+2
| | | | | | | enum dcerpc_transport_t is undeclared, include required headers. Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Oct 10 12:41:28 CEST 2012 on sn-devel-104
* Make sure the returned sd is on the right context, and if not it's always freed.Jeremy Allison2012-10-091-1/+3
| | | | | Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 9 23:35:50 CEST 2012 on sn-devel-104
* Move setting of psd->dacl->revision and protect against null SD's.Jeremy Allison2012-10-091-2/+4
|
* docs: Add '-V' to the list of options.Karolin Seeger2012-10-091-1/+1
| | | | | | | Karolin Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Tue Oct 9 18:53:12 CEST 2012 on sn-devel-104
* samba-tool: Some more unifications...Karolin Seeger2012-10-0915-15/+15
| | | | | | in the usage message. Karolin
* packaging: Add config for systemd-tmpfiles.Andreas Schneider2012-10-092-0/+15
| | | | | Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Oct 9 17:10:53 CEST 2012 on sn-devel-104
* samba-tool: skip chown in sysvolreset when it would fail on a GIDAndrew Bartlett2012-10-092-13/+48
| | | | | | | | | | | | | This skips the chown of the files if (for example) the domain Admins group were to own the file and not be able to because the group maps only to a GID. This essentially papers over the problem, but may be enough to get us past the Samba 4.0 release. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Oct 9 15:24:44 CEST 2012 on sn-devel-104
* s3: Pass down smb_filename to smbacl4_fill_ace4Volker Lendecke2012-10-091-6/+6
| | | | | | | A full fsp is a bit overkill here Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Oct 9 13:38:49 CEST 2012 on sn-devel-104
* s4-rpc: dnsserver: Ignore DNS zones that are not used by RPC dnsserverAmitay Isaacs2012-10-091-0/+4
| | | | | | | | | ..TrustAnchors zone is not interpreted by RPC dnsserver code. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Tue Oct 9 03:21:07 CEST 2012 on sn-devel-104
* s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ pluginAmitay Isaacs2012-10-091-0/+5
| | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com>
* s4:scripting/python: add '-V' as alias for '--version'Stefan Metzmacher2012-10-081-1/+1
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Oct 8 17:52:52 CEST 2012 on sn-devel-104
* s4:samba-tool: allow 'samba-tool --version'Stefan Metzmacher2012-10-081-0/+6
| | | | metze
* s4:samba-tool: use normal option parsing in SuperCommandStefan Metzmacher2012-10-081-10/+13
| | | | | | We use the epilog to print the subcommands. metze
* s4:samba-tool: add optional epilog to _create_parser()Stefan Metzmacher2012-10-081-2/+7
| | | | metze
* s3fs-printing: Fix RAW printing for normal users.Andreas Schneider2012-10-081-1/+1
| | | | | | | This fixes bug #8769. Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Oct 8 16:11:51 CEST 2012 on sn-devel-104
* samba-tool: Unify usage messages.Karolin Seeger2012-10-0813-60/+60
| | | | | | | Karolin Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Oct 8 14:26:52 CEST 2012 on sn-devel-104
* docs: Add man 8 samba-tool.Karolin Seeger2012-10-081-0/+613
| | | | | | | | | Addresses bug #8802 - Create missing manpages for new binaries. Please note that it's a very basic version. Please feel free to extend. Karolin
* samba-tool: Clarify usage of --help.Karolin Seeger2012-10-081-1/+1
| | | | Karolin
* docs: fix opening and ending tag mismatch: paraBjörn Baumbach2012-10-081-4/+4
| | | | in forcedirectorysecuritymode.xml.
* docs: fix opening and ending tag mismatch: paraBjörn Baumbach2012-10-081-4/+4
| | | | in directorysecuritymask.xml.
* samba-tool: Fix typo in usage.Karolin Seeger2012-10-081-1/+1
| | | | Karolin
* s4-dns: fix a warningMatthieu Patou2012-10-081-2/+1
| | | | | Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
* s4-dns: Ignore zones that shouldn't be returned currentlyMatthieu Patou2012-10-071-1/+7
| | | | | | | RootDNSServers should never be returned (Windows DNS server don't) ..TrustAnchors should never be returned as is, (Windows returns TrustAnchors) and for the moment we don't support DNSSEC so we'd better not return this zone.
* s4-join: factorize code, add infoMatthieu Patou2012-10-071-5/+9
|
* s4-join: add some documentationMatthieu Patou2012-10-071-1/+11
|
* s4-repl: make dreplsrv_partition_find_for_nc return BAD_NC onlyMatthieu Patou2012-10-071-2/+7
|
* drsuapi: Validate the input parameters for the drsuapi_UpdateRefs functionMatthieu Patou2012-10-071-0/+16
|
* drsuapi: check more carefully the validity of the NCMatthieu Patou2012-10-071-4/+11
| | | | | Check that both the GUID and DN are the GUID/DN of a NC if not return WERR_DS_DRA_BAD_NC
* drsuapi-idl: Fix the encoding of the source_dsa_dnsMatthieu Patou2012-10-071-1/+1
| | | | astring is not aligned and is not conformant
* drs-replica-info: level_not_supported is wrong when we do support (partialy ↵Matthieu Patou2012-10-071-9/+13
| | | | the level)
* lib-addns: ensure that allocated buffer are pre set to 0Matthieu Patou2012-10-071-12/+12
| | | | | | It avoid bugs when one of the buffer is supposed to contain a string that is not null terminated (ie. label->label) and that we don't force the last byte to 0.
* ldap-server: sscanf result was never used to mistyped varMatthieu Patou2012-10-071-2/+1
|
* ldap-server: remove warning for the ret not being usedMatthieu Patou2012-10-071-2/+1
|
* s4-drs: fix the logic to allow REPL_SECRET if the account has GET_ALL_CHANGESMatthieu Patou2012-10-071-0/+24
|
* s4-drs: EXOP_REPL_SECRETS can be called by RW DC as wellMatthieu Patou2012-10-071-7/+15
|
* drs-getncchanges: do not set the highestUsn to 0Matthieu Patou2012-10-071-1/+0
| | | | | | | | Paragraph 4.1.10.5 says that if err = 0 then msgOut.pNC := msgIn.pNC msgOut.usnvecFrom := msgIn.usnvecFrom so no need to set the highestUsn to 0
* kcc: return invalid parameter if the taskId is not 0Matthieu Patou2012-10-071-1/+3
|
* drs-crackname: if there is no sid do not return the domainMatthieu Patou2012-10-071-0/+2
|
* devel-crackname: Print if count > 0Matthieu Patou2012-10-071-2/+5
|
* Implement the LIST_INFO_FOR_SERVER input formatMatthieu Patou2012-10-072-1/+109
|
* getdcinfo: Check that the server object has a serverreference objects ↵Matthieu Patou2012-10-071-2/+4
| | | | | | | | pointing to a DC object The problem was found by the DRSR testsuite where server objects were created in the Site container without serverrefrence attribute triggering error in the testsuite.
* ntdb: remove unused local variable.Rusty Russell2012-10-081-2/+0
| | | | | | | | Reported-by: Matthieu Patou <mat@samba.org> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Mon Oct 8 04:43:37 CEST 2012 on sn-devel-104
* s3: Add two tests a CLEAR_IF_FIRST crashVolker Lendecke2012-10-061-0/+56
| | | | | Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sat Oct 6 17:16:39 CEST 2012 on sn-devel-104
* tdb: Make tdb robust against improper CLEAR_IF_FIRST restartVolker Lendecke2012-10-061-4/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When winbind is restarted, there is a potential crash in tdb. Following situation: We are in a cluster with ctdb. A winbind child hangs in a request to the DC. Cluster monitoring decides the node has a problem. Cluster monitoring decides to kill ctdbd. winbind child still hangs in a RPC request. winbind parent figures that ctdb is dead and immediately commits suicide. winbind parent is restarted by cluster management, overwriting gencache.tdb with CLEAR_IF_FIRST. The CLEAR_IF_FIRST logic as implemented now will not see that a child still has the tdb open, only the parent holds the ACTIVE_LOCK due to performance reasons. During the CLEAR_IF_FIRST logic is done, there is a very small window where we ftruncate(tfd, 0) the file and re-write a proper header without a lock. When during this small window the winbind child comes back, wanting to store something into gencache.tdb, that winbind child will crash with a SIGBUS. Sounds unlikely? See: [2012/09/29 07:02:31.871607, 0] lib/util.c:1183(smb_panic) PANIC (pid 1814517): internal error [2012/09/29 07:02:31.877596, 0] lib/util.c:1287(log_stack_trace) BACKTRACE: 35 stack frames: #0 winbindd(log_stack_trace+0x1a) [0x7feb7d4ca18a] #1 winbindd(smb_panic+0x2b) [0x7feb7d4ca25b] #2 winbindd(+0x1a3cc4) [0x7feb7d4bacc4] #3 /lib64/libc.so.6(+0x32900) [0x7feb7a929900] #4 /lib64/libc.so.6(memcpy+0x35) [0x7feb7a97f355] #5 /usr/lib64/libtdb.so.1(+0x6e76) [0x7feb7b0b0e76] #6 /usr/lib64/libtdb.so.1(+0x3d37) [0x7feb7b0add37] #7 /usr/lib64/libtdb.so.1(+0x863d) [0x7feb7b0b263d] #8 /usr/lib64/libtdb.so.1(+0x8700) [0x7feb7b0b2700] #9 /usr/lib64/libtdb.so.1(+0x2505) [0x7feb7b0ac505] #10 /usr/lib64/libtdb.so.1(+0x25b7) [0x7feb7b0ac5b7] #11 /usr/lib64/libtdb.so.1(tdb_fetch+0x13) [0x7feb7b0ac633] #12 winbindd(gencache_set_data_blob+0x259) [0x7feb7d4d8449] #13 winbindd(gencache_set+0x53) [0x7feb7d4d85b3] #14 winbindd(gencache_del+0x5e) [0x7feb7d4d879e] #15 winbindd(saf_delete+0x93) [0x7feb7d54b693] #16 winbindd(+0xe507e) [0x7feb7d3fc07e] #17 winbindd(+0xe85e5) [0x7feb7d3ff5e5] #18 winbindd(+0xe65be) [0x7feb7d3fd5be] #19 winbindd(+0xe7562) [0x7feb7d3fe562] #20 winbindd(init_dc_connection+0x2e) [0x7feb7d3fe5be] #21 winbindd(+0xe75d9) [0x7feb7d3fe5d9] #22 winbindd(cm_connect_netlogon+0x58) [0x7feb7d3fe658] #23 winbindd(_wbint_PingDc+0x61) [0x7feb7d410991] #24 winbindd(+0x103175) [0x7feb7d41a175] #25 winbindd(winbindd_dual_ndrcmd+0xb7) [0x7feb7d4107d7] #26 winbindd(+0xf8609) [0x7feb7d40f609] #27 winbindd(+0xf9075) [0x7feb7d410075] #28 winbindd(tevent_common_loop_immediate+0xe8) [0x7feb7d4db198] #29 winbindd(run_events_poll+0x3c) [0x7feb7d4d93fc] #30 winbindd(+0x1c2b52) [0x7feb7d4d9b52] #31 winbindd(_tevent_loop_once+0x90) [0x7feb7d4d9f60] #32 winbindd(main+0x7b3) [0x7feb7d3e7aa3] #33 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7feb7a915cdd] #34 winbindd(+0xce2a9) [0x7feb7d3e52a9] This is in a winbind child, logfiles surrounding indicate the parent was restarted. This patch takes all chain locks around the CLEAR_IF_FIRST introduced tdb_new_database.
* tdb: Make robust against shrinking tdbsRusty Russell2012-10-061-12/+20
| | | | | | | | | | | When probing for a size change (eg. just before tdb_expand, tdb_check, tdb_rescue) we call tdb_oob(tdb, tdb->map_size, 1, 1). Unfortunately this does nothing if the tdb has actually shrunk, which as Volker demonstrated, can actually happen if a "longlived" parent crashes. So move the map/update size/remap before the limit check. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* We should never just assign an st_mode to an ace->perms field, theoreticallyJeremy Allison2012-10-061-2/+2
| | | | | | | | | | | they are different so should go through a mapping function. Ensure this is so. Practically this does not matter, as for user permissions the mapping function is an identity, and the extra bits we may add are ignored anyway, but this makes the intent clear. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Oct 6 03:04:14 CEST 2012 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-26 18:49:35 +0000