summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:provision Rework provision-backend into provisionAndrew Bartlett2009-08-179-811/+608
| | | | | | | | | | | | | | | This removes a *lot* of duplicated code and the cause of much administrator frustration. We now handle starting and stopping the slapd (at least for the provision), and ensure that there is only one 'right' way to configure the OpenLDAP and Fedora DS backend We now run OpenLDAP in 'cn=config' mode for online configuration. To test what was the provision-backend code, a new --ldap-dryrun-mode option has been added to provision. It quits the provision just before it would start the LDAP binaries Andrew Bartlett
* s4:provision Move helper functions back to provisionAndrew Bartlett2009-08-171-21/+0
| | | | (These will be added back in a future commit)
* s4:setup Don't manually set @ATTRIBUTES any moreAndrew Bartlett2009-08-171-32/+0
| | | | | | | | We now set these as part of the schema load, and we now load the schema before the provision loads the DB, so setting them here is pointless Andrew Bartlett
* s4:python Push some helper functions from SamDB into samba.LdbAndrew Bartlett2009-08-172-64/+57
| | | | | | | | | | | | | | | This makes it possible to do a bit more of the provision with Samba helpers, but without some of the otherwise useful things (such as loading in the global schema) that SamDB does. Rewrite provision_erase to use a recursive search, rather than a looping subtree search. This is much more efficient, particularly now we have one-level indexes enabled. Delete the @INDEX and similar records *after* deleting all other visible records, this hopefully also assists performance. Andrew Bartlett
* s4:schema Allow a schema load on an unconnected databaseAndrew Bartlett2009-08-172-6/+7
| | | | | | | This helps ensure we don't load the schema too often in the provision (allowing a reference in of the schema before the modules load). Andrew Bartlett
* s4:provision Remove the ACI element from the provision templatesAndrew Bartlett2009-08-174-17/+14
| | | | | | | We need to find a better way to apply this (used in the Fedora DS LDAP backend), not by trying to tunnel this down the module stack. Andrew Bartlett
* s4:schema Provide a way to reference a loaded schema between ldbsAndrew Bartlett2009-08-173-16/+56
| | | | | | | | This allows us to load the schema against one ldb context, but apply it to another. This will be useful in the provision script, as we need the schema before we start the LDAP server backend. Adnrew Bartlett
* s3:winbind: The get[gr|pw]end functions need access to the client stateVolker Lendecke2009-08-1618-3/+36
|
* s3:winbind: Convert WINBINDD_GETGRNAM to the new APIVolker Lendecke2009-08-165-253/+199
|
* s3:winbind: Convert WINBINDD_GETGRGID to the new APIVolker Lendecke2009-08-165-52/+143
|
* s3:winbind: Add winbindd_print_groupmemVolker Lendecke2009-08-162-0/+75
| | | | | This converts a talloc_dict retrieved from wb_group_members to the string that the pipe protocol expects
* s3:winbind: Make fill_grent publically availableVolker Lendecke2009-08-162-3/+4
|
* s3:winbind: Add const to normalize_name_mapVolker Lendecke2009-08-162-4/+4
|
* s3:winbind: Add async wb_getgrsidVolker Lendecke2009-08-163-0/+160
|
* s3:winbind: Add async wb_group_membersVolker Lendecke2009-08-1612-2/+1091
|
* s3:winbind: Make wcache_lookup_groupmem available publicallyVolker Lendecke2009-08-162-24/+60
|
* s3: Add talloc_dict.[ch]Volker Lendecke2009-08-165-0/+258
|
* s3:winbind: Fix a potential segfault in libwbclientVolker Lendecke2009-08-161-1/+1
|
* s3:winbind: Convert winbindd_show_sequence to the new APIVolker Lendecke2009-08-165-112/+178
|
* s3:winbind: Add async wb_seqnumsVolker Lendecke2009-08-163-0/+139
| | | | | This is something that would have been very difficult with the old style of async requests: Send the request to all children simultaneously.
* s3:winbind: Add async wb_seqnumVolker Lendecke2009-08-1612-2/+447
|
* s3:winbind: WINBIND_USERINFO -> wbint_userinfoVolker Lendecke2009-08-1612-87/+49
|
* s3:winbind: Simplify _wbint_[GU]id2SidVolker Lendecke2009-08-161-16/+4
|
* tevent: add some more doxygen comments for tevent_req functionsStefan Metzmacher2009-08-151-0/+38
| | | | metze
* s3:Makefile: build ../libcli/smb/smb2_create_blob.o as part of smbdStefan Metzmacher2009-08-151-0/+1
| | | | metze
* libcli/smb: add smb2_create_blob_find()Stefan Metzmacher2009-08-152-0/+23
| | | | metze
* Use defined names rather than numeric constants to make codeJeremy Allison2009-08-141-2/+2
| | | | | clearer. Jeremy.
* gpfs.so: map the file_inherit and dir_inherit flags away for filesMichael Adam2009-08-141-1/+15
| | | | | | | | | | | GPFS sets inherits dir_inhert and file_inherit flags to files, too, which confuses windows, and seems to be wrong anyways. So when mapping a nfs4 acl to a windows acl, we map these flags away for files. Michael
* cifs.upcall: fix IPv6 addrs sent to upcall to have colon delimitersJeff Layton2009-08-141-4/+29
| | | | | | | Current kernels don't send IPv6 addresses with the colon delimiters, add a routine to add them when they're not present. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* cifs.upcall: use ip address passed by kernel to get server's hostnameJeff Layton2009-08-141-12/+56
| | | | | | | | Instead of using the hostname given by the upcall to get the server's principal, take the IP address given in the upcall and reverse resolve it to a hostname. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* cifs.upcall: clean up flag handlingJeff Layton2009-08-141-10/+10
| | | | | | | | | | Add a new stack var to hold the flags returned by the decoder routine so that we don't need to worry so much about preserving "rc". With this, we can drop privs before trying to find the location of the credcache. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* cifs.upcall: try getting a "cifs/" principal and fall back to "host/"Jeff Layton2009-08-142-14/+18
| | | | | | | | | | | | | cifs.upcall takes a "-c" flag that tells the upcall to get a principal in the form of "cifs/hostname.example.com@REALM" instead of "host/hostname.example.com@REALM". This has turned out to be a source of great confusion for users. Instead of requiring this flag, have the upcall try to get a "cifs/" principal first. If that fails, fall back to getting a "host/" principal. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* cifs.upcall: declare a structure for holding decoded argsJeff Layton2009-08-141-30/+33
| | | | | | | | The argument list for the decoder is becoming rather long. Declare an args structure and use that for holding the args. This also simplifies pointer handling a bit. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* cifs.upcall: formatting cleanupJeff Layton2009-08-141-47/+37
| | | | | | Clean up some unneeded curly braces, and fix some indentation. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* cifs.upcall: clean up logging and add debug messagesJeff Layton2009-08-141-32/+47
| | | | | | | | | | | | Change the log levels to be more appropriate to the messages being logged. Error messages should be LOG_ERR and not LOG_WARNING, for instance. Add some LOG_DEBUG messages that we can use to diagnose problems with krb5 upcalls. With these, someone can set up syslog to log daemon.debug and should be able to get more info when things aren't working. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* s3:smbd: allow SMB2 Cancel to have the async flag setStefan Metzmacher2009-08-141-6/+8
| | | | metze
* s3:smbd: fix parsing of the SMB2 bodyStefan Metzmacher2009-08-141-5/+7
| | | | | | Maybe there's no dynamic part on the wire. metze
* s4:samdb python bindings - we don't need the attributes hereMatthias Dieter Wallnöfer2009-08-141-2/+1
|
* s4:ldb - Free the asynchronous resultMatthias Dieter Wallnöfer2009-08-141-0/+2
|
* s4: Correct the parameter logic of the "setpassword" scriptMatthias Dieter Wallnöfer2009-08-141-7/+4
| | | | | Either the username or the filter are allowed. If both are given the filter is going to be used due to a higher precedence.
* s4: Better way to call "dom_sid_to_rid" from ldap.pyMatthias Dieter Wallnöfer2009-08-142-4/+12
|
* s4: Remove obsolete "samdb_password_quality_ok" function (it's just a ↵Matthias Dieter Wallnöfer2009-08-141-10/+1
| | | | one-line wrapper)
* s4: cracknames.c: Change the handling of the NT_STATUS_NO_MEMORY status resultsMatthias Dieter Wallnöfer2009-08-141-4/+6
| | | | | With the previous check I got random failures when trying to connect to the LDAP server.
* s4:ldap_server Correct removal of talloc_steal()Andrew Bartlett2009-08-141-1/+0
| | | | | | | | This corrects commit 7a82aed71b74af8bc2a8a4381541adbb22452d20. The steal did not set ent->attributes, so it was incorrect to assign to ent->attributes. Andrew Bartlett
* fixed TESTS= in make test to allow multiple testsAndrew Tridgell2009-08-141-2/+16
| | | | | | Now you can do: make test TESTS="test1 test2" and it will run those two tests, each matching tests using a case insensitive substring match
* s4:ldap_server Remove another talloc_steal (with references)Andrew Bartlett2009-08-141-1/+1
| | | | | | | | This talloc_steal also conflicts with the ldb_map code, and like the previous commit, is rudundent given the talloc_steal of the whole msg above. Andrew Bartlett
* s4:ldap_server Don't talloc_steal (with references) in ldap_backendAndrew Bartlett2009-08-141-1/+1
| | | | | | | | There may or may not be a need to take a reference to the 'name' in the ldb_map code, but given we seal the whole msg just above here, it makes no senst to steal the name, but not the values. Andrew Bartlett
* Fix EVERY SINGLE build on the buildfarm that doesn't haveJeremy Allison2009-08-122-0/+5
| | | | | | bindtextdomain or textdomain. C'mon, this is what configure.in is *FOR*. Jeremy.
* Move build over to storing DOS attributes in EA's.Jeremy Allison2009-08-121-2/+4
| | | | | | | Turn off "map to" directives. I've now fixed the issues with the build tests running this way. I think this is how most people run these days - please raise this on the list (or revert) if you disagree.
* When mapping EA's into a TDB, don't remove the EAJeremy Allison2009-08-121-0/+9
| | | | | | until the last link to the file is gone (fixes the build farm RAW-RENAME test with xattr's in tdb's). Jeremy.
generated by cgit (git 2.34.1) at 2025-09-26 16:18:15 +0000