summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* s3:param: make init_locals() static.Michael Adam2012-11-162-2/+1
| | | | | | | | | | it is only used in loadparm.c Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Nov 16 03:33:34 CET 2012 on sn-devel-104
* s3-param: Handle setting default AD DC per-share settings in init_locals()Andrew Bartlett2012-11-161-19/+37
| | | | | | | | | | | | | | | | | | | This function is helpfully called between when we finish processing the globals and when we start processing the individual shares. This means that the "vfs objects" and other per-share settings we specify here become the defaults for (eg) [netlogon] and [sysvol] but the admin can override these on a per-share basis or (as we must in make test) for the whole server. This broke setting and fetching of group policy objects from Windows clients, since this setting was moved from fileserver.conf in 8518dd6406c0132dfd8c44e084c2b39792974f2c, and wasn't found in 'make test' because we have to override the vfs objects to insert the xattr_tdb and fake_acl modules. Andrew Bartlett Reviewed-by: Michael Adam <obnox@samba.org>
* Another fix needed for bug #9236 - ACL masks incorrectly applied when ↵Jeremy Allison2012-11-151-7/+10
| | | | | | | | | | | | | | | | | | setting ACLs. Not caught by make test as it's an extreme edge case for strange incoming ACLs. I only found this as I'm making raw.acls and smb2.acls pass against 3.6.x and 4.0.0 with acl_xattr mapped onto a POSIX backend. An incoming inheritable ACE entry containing only one permission, WRITE_DATA maps into a POSIX owner perm of "-w-", which violates the principle that the owner of a file/directory can always read. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Nov 15 19:52:52 CET 2012 on sn-devel-104
* smbd_open_one_socket does not use the messaging_context variable so why pass ↵Richard Sharpe2012-11-141-3/+0
| | | | | | | | | it in? Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Nov 14 02:19:46 CET 2012 on sn-devel-104
* A small error message fix in source3/smbd/server.cRichard Sharpe2012-11-141-1/+1
| | | | | | | Removes some incorrect info from an error message (probably from its old place when it was copied). Reviewed by: Jeremy Allison <jra@samba.org>
* smbd: Remove NT4 compatability handling in posix -> NT ACL conversionAndrew Bartlett2012-11-133-109/+1
| | | | | | | | | | | | | | | | | NT4 is long dead, and we should not change which ACL we return based on what we think the client is. The reason we should not do this, is that if we are using vfs_acl_xattr then the hash will break if we do. Additionally, it would require that the python VFS interface set the global remote_arch to fake up being a modern client. This instead seems cleaner and removes untested code (the tests are updated to then handle the results of the modern codepath). The supporting 'acl compatability' parameter is also removed. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
* Change get_nt_acl_no_snum() to return an NTSTATUS, not a struct ↵Andrew Bartlett2012-11-134-46/+34
| | | | | | | | | | | security_descriptor *. Internally change the implementation to use SMB_VFS_GET_NT_ACL() instead of SMB_VFS_FGET_NT_ACL() with a faked-up file struct. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
* smbd: Correctly set fsp->is_directory before dealing with ACLsAndrew Bartlett2012-11-131-1/+24
| | | | | | | Change set_nt_acl_no_snum() to correctly set up the fsp. This does a stat on a real fsp in set_nt_acl_no_snum. Reviewed by: Jeremy Allison <jra@samba.org>
* Ensure we Correctly set fsp->is_directory before dealing with ACLs.Andrew Bartlett2012-11-131-1/+1
| | | | Reviewed by: Jeremy Allison <jra@samba.org>
* s3:winbind: BUG 9386: Failover if netlogon pipe is not available.Andreas Schneider2012-11-121-13/+39
| | | | | | | | | | | | | Samba continues to query a broken DC while the DC did not finish to rebuild Sysvol (after a Windows crash, for example). It causes end users to received strange codes while trying to authenticate, even if there is a secondary DC available. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Nov 12 18:57:18 CET 2012 on sn-devel-104
* Use work around for 'winbind use default domain' only if it is setSumit Bose2012-11-121-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | Currently in smb_getpwnam() the NetBIOS domain name and the winbind separator character is always added to the user name returned by Get_Pwnam_alloc() if it does not contain the winbind separator character. As comments in the code indicates this is done as a work around if 'winbind use default domain' is set to yes in the samba configuration. This make sense if the option is set because otherwise the domain information is lost from the user name. But it causes errors if other services than winbind are used for user lookup, e.g. sssd. sssd can handle different kind of fully qualified user names as input, e.g. user@domain.name or DOM\user, but returns a canonical name, by default user@domain.name. While it would be possible to get around this issue with a special configuration either on the sssd or samba side I think the cleaner solution is to use the work around only if 'winbind use default domain' is set to yes which is what this patch does. Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Nov 12 15:54:15 CET 2012 on sn-devel-104
* pysmbd: Add SMB_ACL_EXECUTE to the mask set by make_simple_acl()Andrew Bartlett2012-11-121-1/+1
| | | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:smbd: Fix typo in got_duplicate_group checkArvid Requate2012-11-101-1/+1
| | | | | | | Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Nov 10 20:25:48 CET 2012 on sn-devel-104
* build: add DMAPI configure option and checksChristian Ambach2012-11-092-1/+65
| | | | | | | | | | | | | the waf build was missing the --with-dmapi option and configure checks that are necessary to build the source3 parts that need DMAPI (e.g. vfs_tsmsm) Bug: https://bugzilla.samba.org/show_bug.cgi?id=9178 Signed-off-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Fri Nov 9 20:57:31 CET 2012 on sn-devel-104
* Revert "s3-winbindd: make sure we obey the -n switch also for samlogon cache ↵David Disseldorp2012-11-094-13/+3
| | | | | | | | | | | | | | | | | | | | | | | | access." This reverts commit ae6a779bf9f816680e724ede37324b7f5355996b. Bug 9125 analysis from Volker: The problem is that there are no network calls possible at all that would do what the samlogon cache does for us. There is just no way to retrieve the group membership in a complex trusted environment. If you have just a single domain with Samba as domain controller it might be possible, but even within a single domain it is not possible to correctly retrieve all group memberships using LDAP calls due to ACLs on directory objects. The call to get that is called NetSamLogon on the NETLOGON pipe. But this call requires user credentials and might trigger updating counts on the server. So to correctly implement wbinfo -r after a user has logged in, you have two alternatives: Save the info3 struct or the PAC in the netsamlogon cache. If you insist on doing network calls, you need to cache the user credentials somewhere to re-do the NetSamLogon call every time the wbinfo -r is requested. Reviewed-by: Andreas Schneider <asn@samba.org>
* s3fs-client: Burn commandline password of client utils.Andreas Schneider2012-11-086-0/+10
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Nov 8 21:24:21 CET 2012 on sn-devel-104
* s3fs-popt: Add function to burn the commandline password.Andreas Schneider2012-11-082-0/+48
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed by: Jeremy Allison <jra@samba.org>
* Remove two unused variablesVolker Lendecke2012-11-071-1/+0
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Wed Nov 7 17:18:06 CET 2012 on sn-devel-104
* s3:smbd: pass the current time to make_connection[_smb1]()Stefan Metzmacher2012-11-053-6/+9
| | | | | | | | | | Otherwise smbstatus reports the wrong time for tree connects. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Mon Nov 5 20:43:23 CET 2012 on sn-devel-104
* s3:utils fix a whitespace errorChristian Ambach2012-11-051-1/+1
|
* s3:vfs_default: optimize vfswrap_asys_finished() and read as much as we canStefan Metzmacher2012-11-051-16/+33
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Nov 5 19:01:13 CET 2012 on sn-devel-104
* libads: Always free the talloc_stackframe() on error pathAndrew Bartlett2012-11-051-0/+1
| | | | | | | Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Nov 5 03:33:32 CET 2012 on sn-devel-104
* vfs_acl_common: In add_directory_inheritable_components allocate on psd as ↵Andrew Bartlett2012-11-021-4/+16
| | | | | | | | | | | | | | | | parent When we add a new DACL to the security descriptor, we need to use the SD as the memory context, so we can talloc_move() it as a tree to a new parent. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Nov 2 22:16:14 CET 2012 on sn-devel-104
* smb2_server: Fix typo in comment.Karolin Seeger2012-11-021-1/+1
| | | | | | | Karolin Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Nov 2 15:40:22 CET 2012 on sn-devel-104
* build(waf): Fail "configure --with-cluster-support" if ctdb support is not ↵Björn Baumbach2012-11-021-6/+10
| | | | | | | | | available. Currently, configure only warns if cluster support is not found. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-torture:test_ctdbconn: fix the build against older ctdb versionsBjörn Baumbach2012-11-021-0/+6
| | | | | | | by checking if we have the ctdb_protocol.h and including ctdb_private.h otherwise. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:ctdb library: fix the build against older ctdb versionsBjörn Baumbach2012-11-021-0/+5
| | | | | | | by checking if we have the ctdb_protocol.h and including ctdb_private.h otherwise. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Michael Adam <obnox@samba.org>
* build(waf): check if we have ctdb_protocol.h in the cluster checksBjörn Baumbach2012-11-021-0/+22
| | | | | Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Michael Adam <obnox@samba.org>
* build(autoconf): check if we have ctdb_protocol.h in the cluster checksBjörn Baumbach2012-11-021-1/+1
| | | | | Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Michael Adam <obnox@samba.org>
* build(autoconf): fix check for ctdb_private.hBjörn Baumbach2012-11-021-1/+1
| | | | | Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Michael Adam <obnox@samba.org>
* build(waf): fix the cluster(ctdb) build without system talloc installedMichael Adam2012-11-021-0/+3
| | | | | | | | | This is analogous to the earlier patch for tdb. It temporarily adds the talloc include path to the includes search list for the ctdb-header configure checks. Signed-off-by: Michael Adam <obnox@samba.org> Tested-by: Björn Baumbach <bb@sernet.de>
* build(waf): fix a tab indentation to spacesMichael Adam2012-11-021-1/+1
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* s3:smbd:smb2: fix a comment typo in the crediting code.Michael Adam2012-11-021-1/+1
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Nov 2 10:09:36 CET 2012 on sn-devel-104
* s3:winbindd: use PROTOCOL_LATEST instead of PROTOCOL_SMB2_02 (bug #9175)Stefan Metzmacher2012-11-011-1/+1
| | | | | | | | | | We should use the latest supported dialect. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewd-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Nov 1 18:11:27 CET 2012 on sn-devel-104
* s3:winbindd: disconnection after getting NETWORK_SESSION_EXPIRED (bug #9175)Stefan Metzmacher2012-11-011-0/+11
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:winbindd:cache: fix offline logons with cached credentials (bug #9321)Michael Adam2012-11-011-0/+7
| | | | | | | | | | | | | The removal of consumption of the time field from the centry as "removal of unused variable" in 21528da9cd12a4f5c3792a482a5d18fe946a6f7a had the side effect of changing the offset for reading the following nt password hash, so the read password hash was wrong. This patch re-installs the consumption of the time, thereby fixing the bug without changing the disk format of the cache. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-param: Move the options needed for running smbd in the AD DC to loadparmAndrew Bartlett2012-11-011-0/+17
| | | | | | | | | | | | | | | | | | This avoids the whole fileserver.conf thing, and simply handles everything in C. The main challenge is that if s3fs is enabled in a member server configuration (unlikely) then these options will not be set, and it overrides any other attempt to set these as globals. (The previous approach essentially just changed defaults, because the include = of smb.conf was after the values were set in fileserver.conf). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Nov 1 11:47:22 CET 2012 on sn-devel-104
* Add regression test for bug #9329 - Directory listing with SeBackup can ↵Jeremy Allison2012-10-312-8/+64
| | | | | | | | | | | | crash smbd. Ensure we exercise the SeBackup code path on directory listings. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Wed Oct 31 03:21:38 CET 2012 on sn-devel-104
* s3fs-utils: Free the popt context in smbcacls and smbquotas.Andreas Schneider2012-10-302-0/+4
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 30 20:22:46 CET 2012 on sn-devel-104
* s3fs-net: Use talloc for memory allocation.Andreas Schneider2012-10-301-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed by: Jeremy Allison <jra@samba.org>
* s3:smb2_read: fix SMBD_SMB2_NUM_IOV_PER_REQ check for sendfile() support ↵Stefan Metzmacher2012-10-301-1/+1
| | | | | | | | | | | | (bug #9341) Reported-by: Sebastien LAVEZE <sebastien.laveze@mindspeed.com> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Tested-by: Sebastien LAVEZE <sebastien.laveze@mindspeed.com> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Oct 30 16:49:26 CET 2012 on sn-devel-104
* s3: Use file_id_string in file_id_string_tosVolker Lendecke2012-10-301-6/+1
| | | | | | | Reviewed by Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 30 00:05:34 CET 2012 on sn-devel-104
* s3: Fix some nonempty line endingsVolker Lendecke2012-10-291-5/+5
| | | | Reviewed by Jeremy Allison <jra@samba.org>
* s3:smbd:durable: remove a TODO comment about write time updatesMichael Adam2012-10-291-2/+0
| | | | | | | | | | This has been done. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Mon Oct 29 20:12:18 CET 2012 on sn-devel-104
* BUG 9326: Fix net ads join message for the dns domain.Andreas Schneider2012-10-291-1/+1
| | | | | | | | | | | | | We don't get a realm back from the server which is useable as a realm on Unix. On Unix they are case sensitive and on Windows they aren't. This confuses uses and if we write realm they try to use it as it came back in lowercase. Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Mon Oct 29 18:26:19 CET 2012 on sn-devel-104
* Fix bug #9329 - Directory listing with SeBackup can crash smbd.Jeremy Allison2012-10-293-1/+37
| | | | | | | | | | | | | | | | | | When we do a become_root()/unbecome_root() pair to temporarily raise privilege, this NULLs out the NT token. If we're within a become_root()/unbecome_root() pair then return the previous token on the stack as our NT token. This is what we should be using to check against NT ACLs in the file server. This copes with security context changing when removing a file on close under the context of another user (when 2 users have a file open, one sets delete on close and then the other user has to actually do the delete). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Oct 29 16:26:20 CET 2012 on sn-devel-104
* source3.selftest: Move last variables to selftesthelpers.Jelmer Vernooij2012-10-271-10/+4
| | | | | Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Sat Oct 27 19:08:42 CEST 2012 on sn-devel-104
* source3.selftest: Move more variables to be in common.Jelmer Vernooij2012-10-271-6/+1
|
* source3.selftests.tests: Use common plansmbtorture4testsuite() function.Jelmer Vernooij2012-10-271-56/+50
|
* source3.selftest.tests: Add suffix for smbclient3/ntlm_auth3.Jelmer Vernooij2012-10-271-23/+23
|
generated by cgit (git 2.34.1) at 2024-11-08 01:20:12 +0000