summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2006-06-29 15:58:28 +0000
committerGerald Carter <jerry@samba.org>2006-06-29 15:58:28 +0000
commit151b71f51df8f7ec76c88a4f5cecdaf4593a6e1e (patch)
tree123bae36bbeee095e4d7978b90832d94798c942a
parentc01cc085bfae23a916b2282f3a1d41008af1f87c (diff)
downloadsamba-151b71f51df8f7ec76c88a4f5cecdaf4593a6e1e.tar.gz
samba-151b71f51df8f7ec76c88a4f5cecdaf4593a6e1e.tar.xz
samba-151b71f51df8f7ec76c88a4f5cecdaf4593a6e1e.zip
r16675: Set version to 3.0.23
Update release notes for final release.
Diffstat
-rw-r--r--WHATSNEW.txt948
-rw-r--r--source/VERSION2
2 files changed, 395 insertions, 555 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index c2dbee4e85a..1edd9b8e946 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,532 +1,33 @@
- =================================
- Release Notes for Samba 3.0.23rc3
- Jun 23, 2006
- =================================
-
-This is the third release candidate of the 3.0.23 code base
-and is provided for community testing purposes. If all goes
-well, we hope that this will become the production 3.0.23
-release. Your testing and feedback is greatly appreciated.
+ ==============================
+ Release Notes for Samba 3.0.23
+ Jun XX, 2006
+ ==============================
We would like to thank the developers of Klocwork for their
-analysis of the Samba source tree. This release candidate
-includes fixes for over 170 defects reported by the Klocwork
-code analyzer.
-
-Common issues addressed in 3.0.23rc3 include:
-
- o Warnings from the Klocwork code analyzer.
- o Various portability bugs on AIX, Solaris, and True64.
- o Authorization problems when managing services.
- o Problems joining Windows clients to a Samba/LDAP domain.
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.23rc2
------------------------
-
-commits
--------
-
-o Jeremy Allison <jra@samba.org>
- * Fixes for various Klocwork defect reports.
- * Cleanup pdb_get_XXX() methods and ensure that a failure
- to allocate memory for a samu user structure is reported
- as a failure to the calling function.
- * Fix memleak in printing gencache contents.
- * Fix warnings reported by gcc4 -O6 on 64-bit systems
- * Fix naming conflicts with 'net usershare' structures and
- Solaris header files.
- * Fix memleaks on error paths from the ASN.1 parsing code.
- * Add uid to share_mode_entry structure so we can report who
- opened the file.
-
-
-o Gerald (Jerry) Carter <jerry@samba.org>
- * Fix 'make install' problem when building outside source/.
- * Fix 'net ads join' when the workgroup is set incorrectly in
- smb.conf.
- * Re-add code to include the BUILTIN\Administrators SID when
- winbindd is not running, but the user's token includes the
- Domain Admin SID. Fixes access problem for managing Services.
-
-
-o Guenther Deschner <gd@samba.org>
- * Fix memleaks in winbindd ads searches.
- * Fix timestamp bug in pam_winbindd which forced users to change
- passwords prematurely.
- * Small debug message cleanups.
- * Small fixes for 'net ads password'.
- * Add TCP fallback for our implementation of the CHANGEPW
- kpasswd calls.
- * BUG 3843: Allow to set passwords directly when creating users
- via "net rpc user add"
- * Add "rpc shell" to the usage text for the net command.
- * Winbindd user aliases lookup fixes for large domains.
- * Fix memleak in the CLDAP processing code.
- * Enable AD features in winbindd's PAM support only when
- communicating with an AD domain controller.
-
-
-o Bjoern Jacke <samba@j3e.de>.
- * Fix DMAPI compile failures on AIX and True64.
- * Fix AIX PIC suffix (use .o instead of .po).
-
-
-o Volker Lendecke <vl@samba.org>
- * Fixes for various Klocwork defect reports.
- * Fixes for various Coverity defect reports.
- * BUG 3848: Fix WinXP join error in a Samba domain using ldapsam.
-
-
-
-o Derrell Lipman <derrell@samba.org>
- [libsmbclient]
- * BUG 3814: Only set the DFS capability flag in client requests
- if the share is a DFS root.
-
-
-o Jason Mader <jason@ncac.gwu.edu>
- * Compiler warning fixes.
-
-
-o James Peach <jpeach@sgi.com>
- * Ensure smbclient always prompts on standard output when in
- interactive mode.
- * BUG 3801, 3805: Fix MIPSPro compiler warnings on IRIX.
-
-
-o Andreas Schwab
- * Correct syntax error in aclocal.m4.
-
-
-Release Notes for older release follow:
-
- --------------------------------------------------
- =================================
- Release Notes for Samba 3.0.23rc2
- Jun 9, 2006
- =================================
-
-Thanks very much to those people who spent time testing the RC1
-release and reported their findings. We would like to especially
-thank Thomas Bork <tombork@web.de> for his numerous reports.
-We believe that RC2 is in much better shape in a large part due
-to his efforts.
-
-We would also like to thank the developers of Klocwork for their
-analysis of the Samba source tree. This release candidate includes
-multiple fixes based on reports from the Klocwork code analyzer.
-
-Common issues addressed in 3.0.23rc2 include:
-
- o Winbindd & Samba PDC integration issues.
- o Join problems from Windows clients in a Samba domain.
- o Winbind & AD trust failures.
-
-
-Group Mapping Changes
-=====================
-
-The default mapping entries for groups such as "Domain Admins"
-are no longer created when using an smbpasswd file or a tdbsam passdb
-backend. This means that it is necessary to use 'net groupmap add'
-rather than 'net groupmap modify' to set these entries. This change
-has no effect on winbindd's IDmap functionality for domain groups.
-
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.23rc1
------------------------
-
-commits
--------
-
-o Jeremy Allison <jra@samba.org>
- * Ensure we use sys_write in password chats so we're not
- interrupted.
- * Ensure all new rid allocation goes through the same pdb_ldap
- interface.
- * BUG 3308: Stop us returning duplicate mid replies on path
- based set-EOF trans2 calls.
- * Pass RAW-OPLOCK with kernel oplocks off.
- * Fix bug in OS/2 Warp - it doesn't set the ff_last offset
- correctly when doing info level 1 directory scans.
- * Add Samba4 replacement for timegm() to work on Solaris.
- * Remove extra add-byte in the trans2 UNIX_BASIC infolevel.
-
-
-o Alexander Bokovoy <ab@samba.org>
- * Fix absolute symlinks in the installbin.sh script.
-
-
-o Gerald (Jerry) Carter <jerry@samba.org>
- * Only call the printer publishing calls if 'security = ads'.
-
-
-o Guenther Deschner <gd@samba.org>
- * Set our internal domains to "online" by default in winbindd.
- * BUG 3800: Fill the password_policy method in winbindd for
- winbindd_passdb.
- * Fix memory leak when LDAP POSIX attribute queries fail.
- * Honor the krb5 principal name change (of the new ads join code)
- in the kerberized winbind pam_auth.
- * Correctly handle the case when there is no configuration file
- for pam_winbind.
- * Adding "own-domain" switch to wbinfo which is handy from time
- to time.
- * BUG 3823: Fix in-forest domain trust enumeration in winbindd.
- * Fix winbindd group enumeration for groups with no members.
- * Correct "net ads changetrustpw" to use the sAMAccountName.
- * Fix winbindd in ADS domains by removing code using the
- UPN and rely upon the sAMAccountName.
- * Fix a eDir related memory leak.
- * Don't try to add the sn attribute twice to an LDAP
- inetOrgPerson + samSamAccount entry.
- * Fix winbind function table typo.
-
-
-o Aleksey Fedoseev <fedoseev@ru.ibm.com>
- * Fix parameter type for 'acl compatibility'.
-
-
-o Paul Green <paulg@samba.org>
- * Properly rebuild time limit on systems with executable extensions.
-
-
-o Björn Jacke <samba@j3e.de>
- * Fall back to less-preferred clocks until we find one that we
- can use if clock_gmtime() is not available at run-time.
-
-
-o Volker Lendecke <vl@samba.org>
- * Fix more potential seg-faults when something on our way to a
- DC connection fails.
- * Never fall back to using the IP address for a DC's name in RPC
- connections.
- * Implement recycle:subdir_mode.
- * Activate RPC-AUTHCONTEXT in "make test".
- * Portability fixes for 'make test'.
- * Correctly set the group RID in init_sam_from_buffer.
- * Fix missing prompt in smbclient.
- * Return correct error code upon success from _net_srv_pwset().
- * Fix Windows XP joins to a Samba domain.
- * Fix 'valid users = +unixgroup' which was failing with smbpasswd
- when mapped to a non-algorithmic rid.
- * Fix regression which upper-cased machine names passed to the
- 'add machine script'.
- * Correct parsing error in parse_net.c for user's with no group
- membership.
- * Fix off by one error in client SPNEGO code and other klocwork
- bug fixes.
-
-
-o Jason Mader <jason@ncac.gwu.edu>
- * Compiler warning fixes.
-
-
-o John E. Malmberg <wb8tyw@qsl.net>
- * Make smbldap obey config tests.
+analysis of the Samba source tree. This release includes
+fixes for over 200 defects reported by the Klocwork code
+analyzer.
+Thanks very much to those people who spent time testing the
+release candidates and reported their findings. We would
+like to especially thank Thomas Bork <tombork@web.de> for
+his numerous reports. We believe that the final is in much
+better shape in a large part due to his efforts.
-o Jim McDonough <jmcd@us.ibm.com>
- * Fixes for 'make test' on AIX.
-
-
-o Stefan Metzmacher <metze@samba.org>
- * Add more tests to 'make test'.
- * Try to make timelimit.c more portable.
-
-
-o James Peach <jpeach@sgi.com>
- * Introduce command line options to set the remainder of the
- parameters in dynconfig.c.
- * Avoid pulling in -lpthreads caused by -lrt.
- * Fix build failures on IRIX 6.4 due to DMAPI support.
- * Isolate the slow CLOCK_REALTIME message in the profiling code.
+New features in 3.0.23 include:
-o Aruna Prabakar <aruna.prabakar@hp.com>
- * Show -W option in smbpasswd usage text.
-
-
-o Simo Sorce <idra@samba.org>
- * Pam modules install fix.
- * Allow "net changesecretpw" to accept a password via stdin.
-
-
-o Shlomi Yaakobovich <Shlomi@exanet.com>
- * Fix for machine password time_t overflow.
-
-
-
-Release Notes for older release follow:
-
- --------------------------------------------------
- =================================
- Release Notes for Samba 3.0.23rc1
- May 24, 2006
- =================================
-
-New features in 3.0.23rc1 include:
-
+ o Improved 'make test'
+ o New offline mode in winbindd.
+ o New Kerberos support for pam_winbind.so.
+ o New handling of unmapped users and groups.
+ o New non-root share management tools.
+ o Improved support for local and BUILTIN groups.
o Winbind IDMAP integration with RFC2307 schema objects
supported by Windows 2003 R2.
o Rewritten 'net ads join' to mimic Windows XP without
requiring administrative rights to join a domain.
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.23pre1
-------------------------
-
-smb.conf changes
-----------------
-
- Parameter Name Description Default
- -------------- ----------- -------
- change notify timeout Changed Scope
- enable core files New Yes
- hosts equiv Removed
- passdb expand explicit Changed default No
- usershare allow guests New No
- wins partners Removed
-
-commits
--------
-o Jeremy Allison <jra@samba.org>
- * BUG 3592: Ignore a file in the tar output from smbclient if the
- read failed (e.g. due to ACCESS_DENIED). (Based on ideas from
- Justin Best <justinb@pdxmission.org>).
- * BUG 3668: Workaround issues in Windows server code with LARGE_READX.
- * Push/Pull kerberos principal and realm names to/from UTF-8.
- * Fix incorrect boolean in assert to make POSIX lock tests
- pass with CIFSFS.
- * Don't ever set O_SYNC on open unless "strict sync = yes".
- * Remove dead printing code.
- * Allow configurable guest access to Samba's usershare functionality.
- * BUG 3587: Make byte-range locking tdb self-cleaning.
- * Ensure every exit error path in the session setup code calls
- nt_status_squash().
- * Use portable wrapper functions instead of seteuid directly in
- winbindd.
- * Make "change notify timeout" a per-share parameter.
- * Fix regression in SAMBA_4_0's smbtorture DENY tests.
- * Fix valgrind-spotted issue in BASE-DELETE test.
- * Fix early termination condition in winbindd when trying to
- connect to a remote DC.
- * Instruct winbindd to ignore fd_set when select() returns -1.
- * BUG 3779: Make nmbd udp sockets non-blocking to prevent problem
- with select returning true but no data being available.
- * Backport talloc_steal() fixes from SAMBA_4_0 (original fixes by
- Andrew Tridgell).
-
-
-o Timur Bakeyev <timur@com.bat.ru>
- * BUG 2961: Fix compile warnings for pam_smbpass.
- * BUG 2746, 3763: Fix compile warnings in pam_winbind.
-
-
-o Andrew Bartlett <abartlet@samba.org>
- * Work around abort() in the OpenLDAP client libs caused by a NULL
- msg pointer.
-
-
-o Gerald (Jerry) Carter <jerry@samba.org>
- * Normalize printing keys when deleting.
- * Only store LANMAN passwords on a change if 'lanman auth = yes'.
- * Look at the NT password (not lanman one) when determining if 'smbpasswd
- -e' should probably for a password.
- * Default eventlog tdbs to mode 0660 to allow easier access by
- BUILTIN\Administrators.
- * Remove extra call to create_user on member servers without winbindd.
- * Replace the use of OpenLDAP's ldap_domain2hostlist() for locating
- AD DC's with out own DNS SRV queries.
- * Fix compile error on HP-UX reported by Ryan Novosielski.
- * Rewrite 'net ads join' to share common code with 'net rpc join'
- and behave more like a Windows XP client.
- * Remove --with-ldapsam option from configure (only used for
- backwards compatibility for 2.2 smb.conf files).
- * Remove 'wins partners' and 'hosts equiv' smb.conf parameters.
- * Remove rhosts authentication module.
- * Reimplement 'net ads leave' to disable the machine account in the
- domain rather than removing it.
-
-
-o Guenther Deschner <gd@samba.org>
- [pam_winbind]
- * Attempt to send the correct warning from pam_winbind when a password
- change was attempted too early.
- * Don't use cached credentials when changing passwords.
- * Correctly disallow unauthorized access when logging on with the
- kerberized pam_winbind and workstation restrictions are in effect.
- * Save useless round trips in pam_winbind's auth calls.
- * Make the existence of the /etc/security/pam_winbind.conf file
- non-critical and fallback to only parse the argv options in that
- case.
-
-
- [winbindd]
- * Add winbind debug class to the main winbindd process.
- * Be consistent between rpc and ads winbind backend: let the
- ads backend query the samlogon cache first as well.
- * Ignore BUILTIN groups when searching AD for group memberships.
- * Fix KRB5KDC_ERR_POLICY -> NTSTATUS mapping.
- * Cleanup credential caches from winbind's linked list.
- * Fix 'winbindd -n' for new persistent caches.
- * Fix searching by SID in winbindd.
- * Add "smbcontrol winbind onlinestatus" for debugging purpose.
- * Prefer to use the indexed objectCategory attribute (instead of
- objectClass which is not indexed on AD) in LDAP queries.
- * Free LDAP result in ads_get_attrname_by_oid().
- * Prevent unnecessary storing of password in a WINBINDD_CCACHE_ENTRY.
- * Prevent passwords of winbindd's list of credential caches from
- being swapped to disk using mlock().
- * BUG 3345: Expand the "winbind nss info" to also take "rfc2307" to
- support the plain posix attributes LDAP schema from win2k3-r2
- (based on patches from Howard Wilkinson and Bob Gautier).
- * Add more robust code for fallback when lookup_usergroups() fails.
-
- [misc]
- * Fix 'net rpc join' for winbindd running on a Samba DC.
- * Add help text for new 'net rpc audit' utility.
- * Add net ads search SID.
- * samrQueryDomainInfo level 5 should return the domain name, not our
- netbios name when we are a DC.
- * Add some more client rpc for the querydominfo calls (from samba4 idl).
- * Process all the supported info levels in the samr_query_domain_info2
- call.
- * Wrap the samr_query_domain_info2() call around
- samr_query_domain_info().
- * Fix segv in smbctool.
- * Honour the time_offset also when verifying kerberos tickets.
- * Prevent unnecessary longstanding LDAP connection to eDirectory.
- * Fix segv in smbspool.
- * BUG 1914: Allow to store 24 password history entries in ldapsam.
-
-
-o Aleksey Fedoseev <fedoseev@ru.ibm.com>
- * Fixes for msgtest torture tool.
-
-
-o Paul Green <paulg@samba.org>
- * Fix build on platforms that do not support shared libs.
- * Remove dead code in the auth_script module.
-
-
-o Deryck Hodge <deryck@samba.org>
- * Fix import of python modules broken by the rpc_client rewrite
- for 3.0.21.
- * BUG 3702: Fix segv in SWAT.
- * Fix 'make installswat'.
-
-
-o William Jojo <jojowil@hvcc.edu>
- * Fixes for the winbind NSS library on AIX.
-
-
-o Leonid Kabanov <lkabanov@mail.ru>
- * BUG 3711: Shell portability fixes for 'make test'.
-
-
-o Volker Lendecke <vl@samba.org>
- * Memory leak fixes in 'net sam'.
- * BUG 3720: Fix uninitialized error return variable.
- * Default "passdb expand explicit" to no.
- * BUG 3741: Re-enable algorithmic SID mapping in one critical place.
- * Fix user NT token creation when utilizing a username map.
- * More coverity fixes.
- * Fix a VUID bug in 'security = share'.
- * Correctly fill in the gid for local users.
- * Fix some warnings on True64.
- * Add special close handling for fake files.
- * BUG 3788: Fix nss_winbind's getgrouplist() call on AIX.
- * BUG 3435: Fix 'msdfs root = yes' in [homes].
- * Instruct winbindd to find a trusted DC on its own when running on
- a Samba DC.
- * Fix segv in child winbindd processes caused by a failed tconX
- to the DC.
-
-
-o Jim McDonough <jmcd@us.ibm.com>
- * Ensure we do a wildcard search for SID's starting with the global SAM
- sid, not an exact search (from John Janosik).
- * Adapt smbclient fix to smbtree to enable long share names.
-
-
-o Stefan Metzmacher <metze@samba.org>
- * Fix linking of smbmount tools with --enable-socket-wrapper.
- * Pass 'target:samba3=yes' to samba4's smbtorture when running
- samba3's make test.
- * Miscellaneous fixes for 'make test'.
-
-
-o Lars Müller <lmuelle@samba.org>
- * Fix lock calls in the python tdb bindings.
-
-
-o James Peach <jpeach@sgi.com>
- * Correct comparison logic so that libunwind can be correctly detected.
- * Implement a "stacktrace" smbcontrol option using libunwind's remote
- stack tracing support (ia64 only).
- * Use dynamic buffers in the IRIX nsswitch module to prevent truncation
- of long group lists.
- * New autoconf macro to test for sysconf variables.
- * Change profiling data macros to use stack variables rather than
- globals. This catches mismatched start/end calls and removes
- the need for special nested profiling calls.
- * Rewrite AC_LIBTESTFUNC so that it works like the callers
- of it expect.
- * Use clock_gettime for profiling timstamps if it is available. Use
- the fastest clock available on uniprocessors.
- * Preserve errno in fcntl lock wrappers.
- * Initialize our saved uid and gid so that we can tell when we
- created the profiling shmem segment and don't bogusly refuse to
- look at it.
- * Add a new option "enable core files" which can be used to disable
- automatic core file dumping.
- * Update our internal copy of popt to that distributed with the RPM
- 4.2 source code.
-
-
-o Tim Potter <tpot@samba.org>
- * Build janitorial duties.
- * BUG 3725: Put references to $PICFLAGS in quotes.
-
-
-o Simo Sorce <idra@samba.org>
- * Implement 'net setdomainsid' command.
-
-
-o Ronan Waide <waider@waider.ie>
- * Add 'wbinfo -i' functionality to exercise winbindd's getpwnam()
- functionality.
-
- --------------------------------------------------
- ==================================
- Release Notes for Samba 3.0.23pre1
- Apr 22, 2006
- ==================================
-
-New features introduced in 3.0.23pre1 include:
-
- o New offline mode in winbindd.
- o New kerberos support for pam_winbind.so.
- o New handling of unmapped users and groups.
- o New non-root share management tools.
- o Improved support for local and BUILTIN groups.
-
-
User and Group changes
======================
@@ -574,6 +75,16 @@ mapping entry for the group 'developers' to point at the
S-1-5-21-647511796-4126122067-3123570092-2565 SID.
+Group Mapping Changes
+=====================
+
+The default mapping entries for groups such as "Domain Admins"
+are no longer created when using an smbpasswd file or a tdbsam passdb
+backend. This means that it is necessary to use 'net groupmap add'
+rather than 'net groupmap modify' to set these entries. This change
+has no effect on winbindd's IDmap functionality for domain groups.
+
+
LDAP Changes
============
@@ -589,9 +100,6 @@ There has been no change to actual data storage schema.
Changes
#######
-Changes since 3.0.21/22
------------------------
-
smb.conf changes
----------------
@@ -599,16 +107,21 @@ smb.conf changes
-------------- ----------- -------
acl group control Deprecated No
add port command New ""
+ change notify timeout Changed Scope
dmapi support New No
dos filemode Modified No
enable asu support Changed default No
+ enable core files New Yes
enable privileges Changed default Yes
enable rid algorithm Removed
fam change notify New Yes
+ hosts equiv Removed
host msdfs Changed default Yes
msdfs root Changed default Yes
open files database hash size New 10007
+ passdb expand explicit Changed default No
strict locking Changed default auto
+ usershare allow guests New No
usershare max shares New 0
usershare owner only New Yes
usershare path New ${lockdir}
@@ -621,11 +134,95 @@ smb.conf changes
winbind offline logon New No
winbind refresh tickets New No
winbind max idle children Removed
+ wins partners Removed
+
+Changes since 3.0.23rc3
+-----------------------
commits
-------
o Jeremy Allison <jra@samba.org>
+ * BUG 3858: Ensure that all files are removed by a wildcard
+ delete when 'hide unreadable = yes'.
+ * Fix various issues raised by the Klocwork code analyzer.
+ * Fix nmbd WINS serving bug causing duplicate IPs in the *<1b>
+ query reply ("enhanced browsing = yes").
+
+
+o Nicholas Brealey <nick@brealey.org>
+ * Compile fix for pam_winbind.
+
+
+o Gerald (Jerry) Carter <jerry@samba.org>
+ * Use system provided killproc() in RedHat init scripts for
+ more robust shutdown.
+
+
+o Guenther Deschner <gd@samba.org>
+ * Fix different extended_dn handling in adssearch.pl
+ (Thanks to Frederic Brin at Novell).
+
+
+o Volker Lendecke <vl@samba.org>
+ * Fix a memleak in the server registry code for enumeration
+ shares.
+
+
+o Jason Mader <jason@ncac.gwu.edu>
+ * Compiler warning fixes.
+
+
+Changes since 3.0.22
+--------------------
+o Jeremy Allison <jra@samba.org>
+ * Fixes for various Klocwork defect reports.
+ * Cleanup pdb_get_XXX() methods and ensure that a failure
+ to allocate memory for a samu user structure is reported
+ as a failure to the calling function.
+ * Fix memleak in printing gencache contents.
+ * Fix warnings reported by gcc4 -O6 on 64-bit systems
+ * Fix naming conflicts with 'net usershare' structures and
+ Solaris header files.
+ * Fix memleaks on error paths from the ASN.1 parsing code.
+ * Add uid to share_mode_entry structure so we can report who
+ opened the file.
+ * Ensure we use sys_write in password chats so we're not
+ interrupted.
+ * Ensure all new rid allocation goes through the same pdb_ldap
+ interface.
+ * BUG 3308: Stop us returning duplicate mid replies on path
+ based set-EOF trans2 calls.
+ * Pass RAW-OPLOCK with kernel oplocks off.
+ * Fix bug in OS/2 Warp - it doesn't set the ff_last offset
+ correctly when doing info level 1 directory scans.
+ * Add Samba4 replacement for timegm() to work on Solaris.
+ * Remove extra add-byte in the trans2 UNIX_BASIC infolevel.
+ * BUG 3592: Ignore a file in the tar output from smbclient if the
+ read failed (e.g. due to ACCESS_DENIED). (Based on ideas from
+ Justin Best <justinb@pdxmission.org>).
+ * BUG 3668: Workaround issues in Windows server code with LARGE_READX.
+ * Push/Pull Kerberos principal and realm names to/from UTF-8.
+ * Fix incorrect boolean in assert to make POSIX lock tests
+ pass with CIFSFS.
+ * Don't ever set O_SYNC on open unless "strict sync = yes".
+ * Remove dead printing code.
+ * Allow configurable guest access to Samba's usershare functionality.
+ * BUG 3587: Make byte-range locking tdb self-cleaning.
+ * Ensure every exit error path in the session setup code calls
+ nt_status_squash().
+ * Use portable wrapper functions instead of seteuid directly in
+ winbindd.
+ * Make "change notify timeout" a per-share parameter.
+ * Fix regression in SAMBA_4_0's smbtorture DENY tests.
+ * Fix valgrind-spotted issue in BASE-DELETE test.
+ * Fix early termination condition in winbindd when trying to
+ connect to a remote DC.
+ * Instruct winbindd to ignore fd_set when select() returns -1.
+ * BUG 3779: Make nmbd udp sockets non-blocking to prevent problem
+ with select returning true but no data being available.
+ * Back port talloc_steal() fixes from SAMBA_4_0 (original fixes by
+ Andrew Tridgell).
* BUG 3467: Fix delete on close semantics needed by WinXP Media
Center Ed. for simultaneous recording and playback (thanks to
Jason Qian for the debugging assistance).
@@ -677,8 +274,19 @@ o Jeremy Allison <jra@samba.org>
you ask for exactly 64k bytes it returns 0.
+o Andrew Bartlett <abartlet@samba.org>
+ * Work around abort() in the OpenLDAP client libs caused by a NULL
+ msg pointer.
+
+
+o Timur Bakeyev <timur@com.bat.ru>
+ * BUG 2961: Fix compile warnings for pam_smbpass.
+ * BUG 2746, 3763: Fix compile warnings in pam_winbind.
+
+
o Alexander Bokovoy <ab@samba.org>
* Fix 'smbcontrol shutdown' messages for nmbd and winbindd.
+ * Fix absolute symlinks in the installbin.sh script.
o Max N. Boyarov <m.boyarov@sam-solutions.net>
@@ -686,6 +294,31 @@ o Max N. Boyarov <m.boyarov@sam-solutions.net>
o Gerald (Jerry) Carter <jerry@samba.org>
+ * Fix 'make install' problem when building outside source/.
+ * Fix 'net ads join' when the workgroup is set incorrectly in
+ smb.conf.
+ * Re-add code to include the BUILTIN\Administrators SID when
+ winbindd is not running, but the user's token includes the
+ Domain Admin SID. Fixes access problem for managing Services.
+ * Only call the printer publishing calls if 'security = ads'.
+ * Normalize printing keys when deleting.
+ * Only store LANMAN passwords on a change if 'lanman auth = yes'.
+ * Look at the NT password (not lanman one) when determining if 'smbpasswd
+ -e' should probably for a password.
+ * Default eventlog tdbs to mode 0660 to allow easier access by
+ BUILTIN\Administrators.
+ * Remove extra call to create_user on member servers without winbindd.
+ * Replace the use of OpenLDAP's ldap_domain2hostlist() for locating
+ AD DC's with out own DNS SRV queries.
+ * Fix compile error on HP-UX reported by Ryan Novosielski.
+ * Rewrite 'net ads join' to share common code with 'net rpc join'
+ and behave more like a Windows XP client.
+ * Remove --with-ldapsam option from configure (only used for
+ backwards compatibility for 2.2 smb.conf files).
+ * Remove 'wins partners' and 'hosts equiv' smb.conf parameters.
+ * Remove rhosts authentication module.
+ * Reimplement 'net ads leave' to disable the machine account in the
+ domain rather than removing it.
* Rewrite of tdbsam file descriptor handling.
* Add server affinity support when selecting a remote
domain controller.
@@ -743,7 +376,86 @@ o Gerald (Jerry) Carter <jerry@samba.org>
is running but having problems.
+o Mathias Dietz <MDIETZ@de.ibm.com>
+ * EPERM can be a valid return from getting an xattr.
+ Don't disable if we get it.
+
+
o Guenther Deschner <gd@samba.org>
+ * Fix memleaks in winbindd ads searches.
+ * Fix timestamp bug in pam_winbindd which forced users to change
+ passwords prematurely.
+ * Small debug message cleanups.
+ * Small fixes for 'net ads password'.
+ * BUG 3843: Allow to set passwords directly when creating users
+ via "net rpc user add"
+ * Add "rpc shell" to the usage text for the net command.
+ * Winbindd user aliases lookup fixes for large domains.
+ * Fix memleak in the CLDAP processing code.
+ * Enable AD features in winbindd's PAM support only when
+ communicating with an AD domain controller.
+ * Set our internal domains to "online" by default in winbindd.
+ * BUG 3800: Fill the password_policy method in winbindd for
+ winbindd_passdb.
+ * Fix memory leak when LDAP POSIX attribute queries fail.
+ * Honor the krb5 principal name change (of the new ads join code)
+ in the kerberized winbind pam_auth.
+ * Correctly handle the case when there is no configuration file
+ for pam_winbind.
+ * Adding "own-domain" switch to wbinfo which is handy from time
+ to time.
+ * BUG 3823: Fix in-forest domain trust enumeration in winbindd.
+ * Fix winbindd group enumeration for groups with no members.
+ * Correct "net ads changetrustpw" to use the sAMAccountName.
+ * Fix winbindd in ADS domains by removing code using the
+ UPN and rely upon the sAMAccountName.
+ * Fix a eDir related memory leak.
+ * Don't try to add the sn attribute twice to an LDAP
+ inetOrgPerson + samSamAccount entry.
+ * Fix winbind function table typo.
+ * Attempt to send the correct warning from pam_winbind when a password
+ change was attempted too early.
+ * Don't use cached credentials when changing passwords.
+ * Correctly disallow unauthorized access when logging on with the
+ kerberized pam_winbind and workstation restrictions are in effect.
+ * Save useless round trips in pam_winbind's auth calls.
+ * Make the existence of the /etc/security/pam_winbind.conf file
+ non-critical and fallback to only parse the argv options in that
+ case.
+ * Add winbind debug class to the main winbindd process.
+ * Be consistent between rpc and ads winbind backend: let the
+ ads backend query the samlogon cache first as well.
+ * Ignore BUILTIN groups when searching AD for group memberships.
+ * Fix KRB5KDC_ERR_POLICY -> NTSTATUS mapping.
+ * Cleanup credential caches from winbind's linked list.
+ * Fix 'winbindd -n' for new persistent caches.
+ * Fix searching by SID in winbindd.
+ * Add "smbcontrol winbind onlinestatus" for debugging purpose.
+ * Prefer to use the indexed objectCategory attribute (instead of
+ objectClass which is not indexed on AD) in LDAP queries.
+ * Free LDAP result in ads_get_attrname_by_oid().
+ * Prevent unnecessary storing of password in a WINBINDD_CCACHE_ENTRY.
+ * Prevent passwords of winbindd's list of credential caches from
+ being swapped to disk using mlock().
+ * BUG 3345: Expand the "winbind nss info" to also take "rfc2307" to
+ support the plain posix attributes LDAP schema from win2k3-r2
+ (based on patches from Howard Wilkinson and Bob Gautier).
+ * Add more robust code for fallback when lookup_usergroups() fails.
+ * Fix 'net rpc join' for winbindd running on a Samba DC.
+ * Add help text for new 'net rpc audit' utility.
+ * Add net ads search SID.
+ * samrQueryDomainInfo level 5 should return the domain name, not our
+ netbios name when we are a DC.
+ * Add some more client rpc for the querydominfo calls (from samba4 idl).
+ * Process all the supported info levels in the samr_query_domain_info2
+ call.
+ * Wrap the samr_query_domain_info2() call around
+ samr_query_domain_info().
+ * Fix segv in smbctool.
+ * Honour the time_offset also when verifying Kerberos tickets.
+ * Prevent unnecessary longstanding LDAP connection to eDirectory.
+ * Fix segv in smbspool.
+ * BUG 1914: Allow to store 24 password history entries in ldapsam.
* Enhancements to various commands in rpcclient
* Don't force 'Administrator' to change an expired password on
logon.
@@ -789,12 +501,9 @@ o Guenther Deschner <gd@samba.org>
in /etc/security/pam_winbind.conf.
-o Mathias Dietz <MDIETZ@de.ibm.com>
- * EPERM can be a valid return from getting an xattr.
- Don't disable if we get it.
-
-
-o Aleksey Fedoseev <aleksey@fedoseev.net>
+o Aleksey Fedoseev <fedoseev@ru.ibm.com>
+ * Fix parameter type for 'acl compatibility'.
+ * Fixes for msgtest torture tool.
* Fix crash bug in the file locking code.
@@ -802,7 +511,17 @@ o Arek Glabek <aglabek@centeris.com>
* Fix parsing error on input parameters in eventlogadm.
-o Bjoern Jacke <bjacke@sernet.de>.
+o Paul Green <paulg@samba.org>
+ * Properly rebuild time limit on systems with executable extensions.
+ * Fix build on platforms that do not support shared libs.
+ * Remove dead code in the auth_script module.
+
+
+o Bjoern Jacke <samba@j3e.de>.
+ * Fix DMAPI compile failures on AIX and True64.
+ * Fix AIX PIC suffix (use .o instead of .po).
+ * Fall back to less-preferred clocks until we find one that we
+ can use if clock_gmtime() is not available at run-time.
* Fix EA support on AIX platforms.
* Automatically disable file shares with no explicit path set.
* Remove the local hack to set the RO bit on directories in
@@ -813,11 +532,54 @@ o Bjoern Jacke <bjacke@sernet.de>.
o William Jojo <jojowil@hvcc.edu>
+ * Fixes for the winbind NSS library on AIX.
* Fix VFS builds on AIX platforms.
* Fixes for the AIX version of libnss_winbind.so
+o Leonid Kabanov <lkabanov@mail.ru>
+ * BUG 3711: Shell portability fixes for 'make test'.
+
+
o Volker Lendecke <vl@samba.org>
+ * Fixes for various Klocwork defect reports.
+ * Fixes for various Coverity defect reports.
+ * BUG 3848: Fix WinXP join error in a Samba domain using ldapsam.
+ * Fix more potential seg-faults when something on our way to a
+ DC connection fails.
+ * Never fall back to using the IP address for a DC's name in RPC
+ connections.
+ * Implement recycle:subdir_mode.
+ * Activate RPC-AUTHCONTEXT in "make test".
+ * Portability fixes for 'make test'.
+ * Correctly set the group RID in init_sam_from_buffer.
+ * Fix missing prompt in smbclient.
+ * Return correct error code upon success from _net_srv_pwset().
+ * Fix Windows XP joins to a Samba domain.
+ * Fix 'valid users = +unixgroup' which was failing with smbpasswd
+ when mapped to a non-algorithmic rid.
+ * Fix regression which upper-cased machine names passed to the
+ 'add machine script'.
+ * Correct parsing error in parse_net.c for user's with no group
+ membership.
+ * Fix off by one error in client SPNEGO code and other klocwork
+ bug fixes.
+ * Memory leak fixes in 'net sam'.
+ * BUG 3720: Fix uninitialized error return variable.
+ * Default "passdb expand explicit" to no.
+ * BUG 3741: Re-enable algorithmic SID mapping in one critical place.
+ * Fix user NT token creation when utilizing a username map.
+ * More coverity fixes.
+ * Fix a VUID bug in 'security = share'.
+ * Correctly fill in the gid for local users.
+ * Fix some warnings on True64.
+ * Add special close handling for fake files.
+ * BUG 3788: Fix nss_winbind's getgrouplist() call on AIX.
+ * BUG 3435: Fix 'msdfs root = yes' in [homes].
+ * Instruct winbindd to find a trusted DC on its own when running on
+ a Samba DC.
+ * Fix segv in child winbindd processes caused by a failed tconX
+ to the DC.
* Dynamically compute the maximum password age based no the
last change time rather than reading the must change time
from the passdb record.
@@ -839,6 +601,8 @@ o Volker Lendecke <vl@samba.org>
o Derrell Lipman <derrell@samba.org>
[libsmbclient]
+ * BUG 3814: Only set the DFS capability flag in client requests
+ if the share is a DFS root.
* Fix bug causing previous settings to be re-initialized
when parsing new configuration files.
* BUG 3446: Don't ignore the authentication domain when parsing
@@ -849,10 +613,18 @@ o Derrell Lipman <derrell@samba.org>
o Jason Mader <jason@ncac.gwu.edu>
- * Compiler warning fixes.
+ * Numerous compiler warning fixes.
+
+
+o John E. Malmberg <wb8tyw@qsl.net>
+ * Make smbldap obey config tests.
o Jim McDonough <jmcd@us.ibm.com>
+ * Fixes for 'make test' on AIX.
+ * Ensure we do a wildcard search for SID's starting with the global SAM
+ sid, not an exact search (from John Janosik).
+ * Adapt smbclient fix to smbtree to enable long share names.
* Prevent machines and users with no home directory from
getting the previous entries home path when migrating via
'net rpc vampire' (based on a patch from Richard Renard).
@@ -862,6 +634,12 @@ o Jim McDonough <jmcd@us.ibm.com>
o Stefan Metzmacher <metze@samba.org>
+ * Add more tests to 'make test'.
+ * Try to make timelimit.c more portable.
+ * Fix linking of smbmount tools with --enable-socket-wrapper.
+ * Pass 'target:samba3=yes' to samba4's smbtorture when running
+ samba3's make test.
+ * Miscellaneous fixes for 'make test'.
* Add improved support for 'make test' including making
use of smbtorture from SAMBA_4_0.
* Add --no-process-group to all server programs
@@ -870,6 +648,7 @@ o Stefan Metzmacher <metze@samba.org>
o Lars Müller <lmuelle@samba.org>
+ * Fix lock calls in the python tdb bindings.
* Add -k switch to tdbdump for accessing a single key.
* Debian packaging fixes.
* Add -t|--password-from-stdin option to pdbedit as we had
@@ -878,6 +657,35 @@ o Lars Müller <lmuelle@samba.org>
o James Peach <jpeach@sgi.com>
+ * Ensure smbclient always prompts on standard output when in
+ interactive mode.
+ * BUG 3801, 3805: Fix MIPSPro compiler warnings on IRIX.
+ * Introduce command line options to set the remainder of the
+ parameters in dynconfig.c.
+ * Avoid pulling in -lpthreads caused by -lrt.
+ * Fix build failures on IRIX 6.4 due to DMAPI support.
+ * Isolate the slow CLOCK_REALTIME message in the profiling code.
+ * Correct comparison logic so that libunwind can be correctly detected.
+ * Implement a "stacktrace" smbcontrol option using libunwind's remote
+ stack tracing support (ia64 only).
+ * Use dynamic buffers in the IRIX nsswitch module to prevent truncation
+ of long group lists.
+ * New autoconf macro to test for sysconf variables.
+ * Change profiling data macros to use stack variables rather than
+ globals. This catches mismatched start/end calls and removes
+ the need for special nested profiling calls.
+ * Rewrite AC_LIBTESTFUNC so that it works like the callers
+ of it expect.
+ * Use clock_gettime for profiling timstamps if it is available. Use
+ the fastest clock available on uniprocessors.
+ * Preserve errno in fcntl lock wrappers.
+ * Initialize our saved uid and gid so that we can tell when we
+ created the profiling shmem segment and don't bogusly refuse to
+ look at it.
+ * Add a new option "enable core files" which can be used to disable
+ automatic core file dumping.
+ * Update our internal copy of popt to that distributed with the RPM
+ 4.2 source code.
* Add support for FAM for file change notification.
* Disable sendfile if the 'write cache;' has been enabled.
* Refactor capability interface from being IRIX-specific to
@@ -891,7 +699,28 @@ o James Peach <jpeach@sgi.com>
a DMAPI-based HSM is interested in.
+o Tim Potter <tpot@samba.org>
+ * Build janitorial duties.
+ * BUG 3725: Put references to $PICFLAGS in quotes.
+
+
+o Aruna Prabakar <aruna.prabakar@hp.com>
+ * Show -W option in smbpasswd usage text.
+
+
+o ISHIKAWA Tomonori <toishika@fsi.co.jp>
+ * BUG 2715: Fix nmbd datagram comment buffer size for multibyte
+ character strings
+
+
+o Andreas Schwab
+ * Correct syntax error in aclocal.m4.
+
+
o Simo Sorce <idra@samba.org>
+ * Pam modules install fix.
+ * Allow "net changesecretpw" to accept a password via stdin.
+ * Implement 'net setdomainsid' command.
* Ensure that sid -> group conversion are done as root.
* BUG 3413: Sanity check for existence of 'ldap admin
dn' before setting a password in secrets.tdb (based on
@@ -899,11 +728,22 @@ o Simo Sorce <idra@samba.org>
* New revision of the snprintf replace code.
-o ISHIKAWA Tomonori <toishika@fsi.co.jp>
- * BUG 2715: Fix nmbd datagram comment buffer size for multibyte
- character strings
+o Todd Stecher
+ * Add TCP fallback for our implementation of the CHANGEPW
+ kpasswd calls.
+
+
+o Ronan Waide <waider@waider.ie>
+ * Add 'wbinfo -i' functionality to exercise winbindd's getpwnam()
+ functionality.
+o Shlomi Yaakobovich <Shlomi@exanet.com>
+ * Fix for machine password time_t overflow.
+
+
+Release Notes for older release follow:
+
--------------------------------------------------
==============================
Release Notes for Samba 3.0.22
@@ -1095,7 +935,7 @@ o Jeremy Allison <jra@samba.org>
* Consistency fixes: Remove use of uint8_t -> uint8.
* BUG 3346: Fix crash bug in big-endian boxes by linearizing
structure when passing through the messaging API.
- * BUG 3421: Fix segv in the kerberos key tab code (Thanks to
+ * BUG 3421: Fix segv in the Kerberos key tab code (Thanks to
Luke Deller).
* Force smbd to exit if the guest account internal setup fails.
* BUG 3419: vfs_full_audit fixes for multiple connections.
@@ -1325,7 +1165,7 @@ o Volker Lendecke <vl@samba.org>
Common bugs fixed in 3.0.21 include:
- o Missing groups in a user's token when logging in via kerberos
+ o Missing groups in a user's token when logging in via Kerberos
o Incompatibilities with newer MS Windows hotfixes and
embedded OS platforms
o Portability and crash bugs.
@@ -1505,7 +1345,7 @@ o Gerald (Jerry) Carter <jerry@samba.org>
* Allow winbindd to select the appropriate backend methods
based on the DC attributes and not the security parameter.
* Re-add the netsamlogon_cache tdb and ensure that user entries
- are updated from the PAC data during kerberos ticket
+ are updated from the PAC data during Kerberos ticket
validation.
* Fix lockup when running 'wbinfo -t' on a Samba PDC caused
by mangling machine names in sub_set_smb_name().
@@ -1550,7 +1390,7 @@ o Guenther Deschner <gd@samba.org>
* Use LDAP bitwise matching rule when searching for groups
in ADS.
* Avoid an infinite loop when retrying to connect in smbspool.
- * Memory leak fixes in the kerberos PAC parsing code.
+ * Memory leak fixes in the Kerberos PAC parsing code.
* Improve NT_STATUS error messages returned from pam_winbind.
* Rename unknown samr group fields in samr structures with
the correct name.removed separate "builtin" search enumeration.
@@ -1605,7 +1445,7 @@ o Volker Lendecke <vl@samba.org>
* Fix connection bug to port 445 and 139 after a successful
getdcname response.
* Add additional calls to initialize_krb5_error_table() for
- kerberos client code.
+ Kerberos client code.
* Implement the possibility to have AFS users as SIDs in pts.
* Removed unused alternative_name code from winbindd.
* Protect against NULL alternative_name strings in winbindd.
@@ -1874,7 +1714,7 @@ o Guenther Deschner <gd@samba.org>
* Prevent BUILTIN sids returned in the user's token from
a Windows DC from being applied to any local group mappings
on the Samba host.
- * Plug memory leaks in the kerberos keytab code.
+ * Plug memory leaks in the Kerberos keytab code.
* Ensure BUILTIN groups are returned from winbindd's idmap_rid
backend when 'winbind nested groups' is enabled.
* Fix crash bug in winbindd caused by 64-bit build issues.
@@ -2191,7 +2031,7 @@ o Andrew Bartlett <abartlet@samba.org>
printers when connecting via MS-RPC.
* BUG 2391: Fix segv caused by free a static pointer returned
from getpwnam().
- * Support kerberos authentication in smbd when using a keytab
+ * Support Kerberos authentication in smbd when using a keytab
and participating in a non-Microsoft Kerberos realm.
@@ -2414,7 +2254,7 @@ o Steven Edwards <steven_ed4153@yahoo.com>.
o Rodrigo Fernandez-Vizarra <Rodrigo.Fernandez-Vizarra@Sun.COM>
- * BUG 1780: Add kerberos (file based ticket cache) support
+ * BUG 1780: Add Kerberos (file based ticket cache) support
to smbspool.
@@ -3269,7 +3109,7 @@ o John Terpstra <jht@samba.org>
o Doug VanLeuven <roamdad@sonic.net>
- * Add more case/realm/name permutations to the kerberos keytab.
+ * Add more case/realm/name permutations to the Kerberos keytab.
* AIX compile fixes.
@@ -3402,7 +3242,7 @@ o Jeremy Allison <jra@samba.org>
Mrinal Kalakrishnan <mail@mrinal.net>).
* BUG 2270: Fix memory leaks in cups printing backend support
(based on work by Lars Mueller).
- * BUG 2255: Fix debug level in kerberos error messages.
+ * BUG 2255: Fix debug level in Kerberos error messages.
* BUG 2110: Ensure we convert to ucs2 correctly after the
CAN-2004-0930 patch.
* Make strict locking an enum. Auto means use oplock optimization.
@@ -3886,7 +3726,7 @@ Common bugs fixed in 3.0.8 include:
o Inconsistencies in the username map functionality when
configured on domain member servers.
o Various compile warnings and errors on various platforms.
- o Fixes for kerberos interoperability with Windows 200x
+ o Fixes for Kerberos interoperability with Windows 200x
domains when using DES keys.
o Fix for CAN-2004-0930 -- smbd remote DoS vulnerability.
o Fix for CAN-2004-0882 -- possible buffer overrun in smbd.
@@ -3921,7 +3761,7 @@ Change in Username Map
Previous Samba releases would only support reading the fully qualified
username (e.g. DOMAIN\user) from the username map when performing a
-kerberos login from a client. However, when looking up a map
+Kerberos login from a client. However, when looking up a map
entry for a user authenticated by NTLM[SSP], only the login name would be
used for matches. This resulted in inconsistent behavior sometimes
even on the same server.
@@ -4505,8 +4345,8 @@ New features introduced in this release include:
o Using a cups server other than localhost.
o Maintaining the service principal entry in the system
keytab for integration with other kerberized services.
- Please refer to the 'use kerberos keytab' entry in
- smb.conf(5). When using the heimdal kerberos libraries,
+ Please refer to the 'use Kerberos keytab' entry in
+ smb.conf(5). When using the heimdal Kerberos libraries,
you must also specify the following in /etc/krb5.conf:
[libdefaults]
default_keytab_name = FILE:/etc/krb5.keytab
@@ -4572,7 +4412,7 @@ smb.conf changes
force unknown acl user New
ldap timeout New
printcap cache time New
- use kerberos keytab New
+ use Kerberos keytab New
commits
-------
@@ -4759,7 +4599,7 @@ o Guenther Deschner <gd@sernet.de>
the owner uid is set to the current uid. Same for group sid.
* Ensure that REG_SZ values in the SetPrinterData actually
get written in UNICODE strings rather than ASCII.
- * Ensure that the last kerberos error return is not invalid.
+ * Ensure that the last Kerberos error return is not invalid.
* Display share ACL entries from rpcclient.
* Correct infinite loop in pam_winbind's verification of
group membership in the 'other sids' field in the user_info3
@@ -4822,7 +4662,7 @@ o Volker Lendecke <vl@samba.org>
* Fix two memleaks in login_cache.c.
* fixes memory bloat when unmarshalling strings.
* Fix compile errors using gcc 3.2 on SuSE 8.2.
- * Fix the build for systems without kerberos headers.
+ * Fix the build for systems without Kerberos headers.
* Allow winbindd to handle authentication requests only when
started without either an 'idmap uid' or 'idmap gid' range.
* Fix the build for systems without ldap headers.
@@ -4888,7 +4728,7 @@ o Buchan Milne <bgmilne@mandrake.org>
o Lars Mueller <lmuelle@samba.org>
* BUG 1279: Added 'printcap cache time' parameter.
* Fix afs related build issues on SuSE.
- * Fix compiler warnings in the kerberos client code.
+ * Fix compiler warnings in the Kerberos client code.
o James Peach <jpeach@sgi.com>
@@ -5888,7 +5728,7 @@ o Volker Lendecke <vl@samba.org>
* Add a German translation for SWAT.
* Fix a segfaults in winbindd.
* Fix the user's domain passed to register_vuid() from
- reply_spnego_kerberos().
+ reply_spnego_Kerberos().
* Add NSS example code in nss_winbind to convert UNIX
id's <-> Windows SIDs.
* Display more descriptive error messages for login via 'net'.
@@ -6265,7 +6105,7 @@ o Ensure the ${libdir} is created by the installclientlib script.
o Fix detection of Windows 2003 client architecture in the smb.conf
%a variable.
o Ensure that smbd calls the add user script for a missing UNIX
- user on kerberos auth call (bug 445).
+ user on Kerberos auth call (bug 445).
o Fix bugs in hosts allow/deny when using a mismatched
network/netmask pair.
o Protect alloc_sub_basic() from crashing when the source string
@@ -6655,9 +6495,9 @@ aware of when moving to Samba 3.0.
with an Active Directory domain using the native Windows
Kerberos 5 and LDAP protocols.
- MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption
+ MIT Kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption
type which is neccessary for servers on which the
- administrator password has not been changed, or kerberos-enabled
+ administrator password has not been changed, or Kerberos-enabled
SMB connections to servers that require Kerberos SMB signing.
Besides this one difference, either MIT or Heimdal Kerberos
distributions are usable by Samba 3.0.
diff --git a/source/VERSION b/source/VERSION
index a035c7f61d7..ed624093d10 100644
--- a/source/VERSION
+++ b/source/VERSION
@@ -57,7 +57,7 @@ SAMBA_VERSION_PRE_RELEASE=
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
########################################################
-SAMBA_VERSION_RC_RELEASE=3
+SAMBA_VERSION_RC_RELEASE=
########################################################
# To mark SVN snapshots this should be set to 'yes' #
generated by cgit (git 2.34.1) at 2024-05-10 02:30:48 +0000