summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Document the try_first_pass option in the pam_winbind manpage.Andreas Schneider2009-06-151-5/+8
| | | | | | | Signed-off-by: Andreas Schneider <mail@cynapses.org> (cherry picked from commit 779eea49de3f53040fe792de4b74b73a0c51ecb3) (cherry picked from commit 24d6f697844bc85a03c047e5470abcfdd53735a2) (cherry picked from commit 2ed85b0ebfc50cad847050cc6b5269c470956ea3)
* Add a synopsis section to the pam_winbind manpage.Andreas Schneider2009-06-151-0/+25
| | | | | | | Signed-off-by: Andreas Schneider <mail@cynapses.org> (cherry picked from commit 24f9f32fedb92f881658db856db15173e57af0bd) (cherry picked from commit 55df96313c5b966f41b0b5c426cf6a420cafa855) (cherry picked from commit f738862d9f419fec27c9fb15c880a452aff333d9)
* WHATSNEW: Update changes since 3.2.11.Karolin Seeger2009-06-151-0/+8
| | | | Karolin
* WHATSNEW: Attach old release notes.Karolin Seeger2009-06-121-0/+1640
| | | | Karolin
* s3/idmap: Fix out of memory error with Winbind idmap.Sébastien Prud'homme2009-06-121-2/+6
| | | | This fixes bug #5945.
* Revert the extra SAMR and LSA checks.Jeremy Allison2009-06-122-70/+0
| | | | | These were added between 3.2.4 and 3.2.5 that have caused users problems. This fixes among others bug #6089 and #6112.
* s3-groupdb: fix enum_aliasmem in ldb branch.Günther Deschner2009-06-121-1/+1
| | | | | | | | | | | It is totally valid to have an alias with no members. This fixes bug #6465. Tridge, please check. Found by RPC-SAMR torture test. Guenther
* s3-docs: Fix Bug #4280. Shutdown scripts are called as root for privileged ↵Günther Deschner2009-06-122-2/+2
| | | | | | | | | users. GUenther (cherry picked from commit 3938d1e5fa1996f64e92d33d6893bab620d16b23) (cherry picked from commit 0491f038403036814acf6eacc7bb742345bbe27b) (cherry picked from commit d4b57dab0beada704fcbeae86ae5b5dd257030a0)
* WHATSNEW: Add bug numbers.Karolin Seeger2009-06-101-4/+6
| | | | Karolin
* WHATSNEW: Update changes since 3.2.11.Karolin Seeger2009-06-101-2/+7
| | | | Karolin
* s3/docs: Fix typos.Karolin Seeger2009-06-101-3/+3
| | | | | | | | | | Fix typos reported by OPC oota <t-oota [at] dh.jp.nec.com>. Thanks! Karolin (cherry picked from commit ad0d8032068fc9b920e205d3f5f923174101d777) (cherry picked from commit b7d54f443ade79d3f2b71aa138fd5254754bb750) (cherry picked from commit cec179962a833771b9fdba3ba747b571ef27ace6)
* s3/docs: Fix example.Karolin Seeger2009-06-061-2/+2
| | | | | | | | | | | The 'ldap suffix' is not added automatically to the 'ldap admin dn'. This fixes bug #5584. Thanks to Stefan Bauer <stefan.bauer [at] plzk.de> for reporting! Karolin (cherry picked from commit 0fee798552038b730b0107540d6cfeb475803555) (cherry picked from commit 629e7aa91a33a5428676d8f6eeac19ea9fec14d6) (cherry picked from commit 01acd8d9277362ae3c0e92963f66e7af3202b84d)
* s3/passdb: Fix debug message: 'net setmaxrid' does not exist.Karolin Seeger2009-06-061-2/+2
| | | | | | | | This is aiming bug #6351. Karolin (cherry picked from commit c94d1cd7b1dc3ff99ae5a1eb9058ed6015fb9749) (cherry picked from commit 11ed212591d612632fcb47f1eac10507b89ffdec)
* s3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases.Günther Deschner2009-06-061-0/+12
| | | | | | | This is now also verified with the RPC-SAMR-LARGE-DC test. Guenther (cherry picked from commit fca7dce1a908570e463ddcbd663955fcafd1d843)
* s3/docs: Fix typo.Karolin Seeger2009-06-051-2/+2
| | | | | | | Karolin (cherry picked from commit 613c8acbdd93210b40ec6fa48cbbf297a061b3cc) (cherry picked from commit c84f1c7ac9da7e26f28cb233efe45614f0cedea3) (cherry picked from commit 8878670414bd2607ad238b4fb61a109d5f430538)
* WHATSNEW: Add changes since 3.2.11.Karolin Seeger2009-06-021-0/+43
| | | | Karolin
* VERSION: Raise version number up to 3.2.12.Karolin Seeger2009-06-021-1/+1
| | | | Karolin
* WHATSNEW: Start WHATSNEW for 3.2.12.Karolin Seeger2009-06-021-28/+5
| | | | Karolin
* s3/docs: Fix typo.Karolin Seeger2009-05-291-1/+1
| | | | | | | | | | This fixes bug #4341. Thanks to Michael Cartmell <michael.cartmell [at] thomson.com> for reporting! Karolin (cherry picked from commit 2228cc6a0f942b774bef7fb0b99009897fa4dff4) (cherry picked from commit e1b1f14e0260395a8d452ea0a129bcc9bb3f98cc) (cherry picked from commit de156e6ee292ad7fc683d681d7c4b44edba67626)
* s3: zero an uninitialized arrayMarc VanHeyningen2009-05-281-1/+4
| | | | | | | | Invalid pointers were being dereferenced in lookup_sids causing occasional seg faults. Signed-off-by: Tim Prouty <tprouty@samba.org> (cherry picked from commit 34ca12c9396f7c8475cd1525bdbc40021b0e533f)
* Fix a race condition in winbind leading to a panicVolker Lendecke2009-05-271-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | In winbind, we do multiple events in one select round. This needs fixing, but as long as we're still using it, for efficiency reasons we need to do that. What can happen is the following: We have outgoing data pending for a client, thus state->fd_event.flags == EVENT_FD_WRITE Now a new client comes in, we go through the list of clients to find an idle one. The detection for idle clients in remove_idle_client does not take the pending data into account. We close the socket that has pending outgoing data, the accept(2) one syscall later gives us the same socket. In new_connection(), we do a setup_async_read, setting up a read fde. The select from before however had found the socket (that we had already closed!!) to be writable. In rw_callback we only want to see a readable flag, and we panic in the SMB_ASSERT(flags == EVENT_FD_READ). Found using bin/smbtorture //127.0.0.1/tmp -U% -N 500 -o 2 local-wbclient Volker (commit 68c5c6df in master)
* s3/docs: Fix typos.Karolin Seeger2009-05-251-4/+4
| | | | | | | | Thanks to Oota Toshiya <t-oota at dh.jp.nec.com> for reporting! Karolin (cherry picked from commit f3df38362cc15211d9fca8229a0f9d9fc9c8e481) (cherry picked from commit 7434898b10a5c5780bd015b7bdca3eaa7a2b5475)
* s3/groupmapping: Groupdb mapping fix (bug #6386).Jeremy Allison2009-05-231-6/+20
|
* Insure we always return NULL on error.Simo Sorce2009-05-231-0/+1
| | | | | | | It is not technically an ldb bug, but apparently some callers try to access res before checking the ldb_search() return code. So make their attempt very evident (a NULL dereference will make it cristal clear where the bug is).
* Make test for open modes more robust against other bits.Jeremy Allison2009-05-231-1/+1
| | | | | | Jeremy. (cherry picked from commit 8d178837f259757340a09a688ed194e3e4a92c36) (cherry picked from commit 6631ca4a51d4b13d2edd2dc899f7b76c233825b5)
* Fix bug in processing of open modes in POSIX open.Jeremy Allison2009-05-231-0/+2
| | | | | | | | | Was missing case of "If file exists open. If file doesn't exist error." Damn damn damn. CIFSFS client will have to have fallback cases for this error for a long time. Jeremy. (cherry picked from commit b652082648c49b525d2b2ce619b575ee75bc242e) (cherry picked from commit 12cf12f10c1c6adad568daf6c16144a99b0f822e)
* Fix bug 6382: Case insensitive access to DFS links brokenVolker Lendecke2009-05-231-0/+2
|
* s3/docs: Fix shutdown script example.Karolin Seeger2009-05-191-4/+5
| | | | | | | | | This fixes bug #5897. Thanks to TAKAHASHI Motonobu <monyo [at] samba.gr.jp> for reporting and providing the example! Karolin (cherry picked from commit f741b90ee8f74077871a0b5d1df55c0dd34a313f) (cherry picked from commit 1653bbf50b02e4f4dc2f01c5dab32c1cc4894582)
* s3-auth: use full 16byte session key in make_user_info_netlogon_interactive().Jeremy Allison2009-05-192-3/+2
| | | | | | | | | | | | | | | | | | Patch from Jeremy. With this patch, I was able to join Windows 7 RC to a Samba3 DC, and login into a Samba 3 Domain. There are still two registry settings required: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Do *not* modify the other netlogon registry parameters that were passed around, they weaken security. Guenther / Jeremy.
* s3-credentials: protect netlogon_creds_server_step() against NULL creds.Guenther Deschner2009-05-191-0/+4
| | | | | | Found by SCHANNEL torture tests. Guenther
* After getting confirmation from Guenther, add 3 changes we'll ultimately ↵Jeremy Allison2009-05-191-13/+23
| | | | need to fix bug #6099 Samba returns incurrate capabilities list. 1). Add a comment to point out that r->in.negotiate_flags is an aliased pointer to r->out.negotiate_flags. 2). Ensure we return NETLOGON_NEG_STRONG_KEYS in our flags return if the client requested it. 3). Clean up the error exits so we always return the same way. Signed off by Guenther. Jeremy.
* Jeremy, with 9a5d5cc1db0ee60486f932e34cd7961b90c70a56 you alter the in ↵Guenther Deschner2009-05-191-2/+6
| | | | | | negotiate flags (which are a pointer to the out negotiate flags assigned in the generated netlogon server code). So, while you wanted to just set the *out* negflags, you did in fact reset the *in* negflags, effectively eliminating the NETLOGON_NEG_STRONG_KEYS bit (formerly known as NETLOGON_NEG_128BIT) which then caused creds_server_init() to generate 64bit creds instead of 128bit, causing the whole chain to break. *Please* check. Guenther
* s3/ldap: also handle DirX return codesBjörn Jacke2009-05-151-0/+2
| | | | | this is a backport of f238809d236443b8968e1b4b197a55935c7c7e85 from master (cherry picked from commit 1b040289f14bb22d3b6ab07a452236549d6c9bf6)
* s3:smbd: fix posix acls when setting an ACL without explicit ACE for the ↵Stefan Metzmacher2009-05-131-3/+18
| | | | | | | | | | | | | | | | | | owner (bug#2346) The problem of bug #2346 remains for users exported by winbindd, because create_token_from_username() just fakes the token when the user is not in the local sam domain. This causes user_in_group_sid() to give totally wrong results. In uid_entry_in_group() we need to check if we already have the full unix token in the current_user struct. If so we should use the current_user unix token, instead of doing a very complex user_in_group_sid() which doesn't give reliable results anyway. metze (cherry picked from commit b79eff843be392f3065e912edca1434081d93c44) (cherry picked from commit cb5c72c0a05a78ff1b86eb02cf5ecd3d7d69623d)
* s3/packaging: Fix build on RHEL when ccache is not available.Karolin Seeger2009-05-131-2/+1
| | | | | | | | | | | This fixes bug #5832. Patch was provided by D.L. Meyer <dlmeyer [at] uiuc.edu>. Thanks for reporting and providing the patch! Karolin (cherry picked from commit 42e0cb8c0a1b8470ac8e9ad1c5a741e299debb8f) (cherry picked from commit b2205a7697598729f85cb767621b8c610654053c)
* Fix bug 5798: "CFLAGS info lost in configure"Volker Lendecke2009-05-131-1/+1
| | | | | | | picked from 9097a67de Volker (cherry picked from commit 9ffb1e6f0ded2647efe567912873a1a63e2ffed1)
* Fix bug #6291 - force user stop working. A previous fix broke the invariant ↵Jeremy Allison2009-05-111-1/+37
| | | | | | that *uid is always initialized on return from create_token_from_username(). Restore it. Jeremy. (cherry picked from commit 09b76c57098ed4d11855000ae31cd346cb9a765d)
* s3/docs: Remove unnecessary .sp.Karolin Seeger2009-05-061-10/+10
| | | | | | | Karolin (cherry picked from commit 4a4dc776b2f0ca813abcf4f47f0d5721f75f3e6a) (cherry picked from commit 6a617a9677da9df8f70cf2039245cfb5ce3d94c3) (cherry picked from commit 8c5771422bf25dba0638c3419ac14f0841b94293)
* s3-docs: Fix Bug #6331. Document "net dom join/net dom unjoin".Günther Deschner2009-05-061-0/+82
| | | | | | Guenther (cherry picked from commit e398f1e91575909d2a90fab1e6f00804815a0b2f) (cherry picked from commit e19dddb2b438b75dcd995aaa763fcbe55d7de5cc)
* s3/packaging: Add keyutils-devel to build requires.Karolin Seeger2009-05-041-1/+1
| | | | | | | | | This should fiy bug #5853. Thanks to D.L. Meyer <dlmeyer [at] uiuc.edu> for reporting. Karolin (cherry picked from commit d8de7e3193143ec50d86adc704123ca240a8f549) (cherry picked from commit c89c2db8c51bd3cede2e2e8fb58214971eda4129)
* s3/docs: Fix typo.Karolin Seeger2009-05-041-1/+3
| | | | | | Karolin (cherry picked from commit c2eb0d87a2436614741119ebd14fda05b42a2ddd) (cherry picked from commit 98c238a54dbe3e64262252a9fb38b382c53c1bcf)
* 3.2 samr bug 6301: fix samr_ConnectVersion enum which is 32bit not 16bit.Günther Deschner2009-05-042-4/+4
| | | | | | Port of 67ca76c288eb095ae to 3.2 Signed-off-by: Volker Lendecke <vl@samba.org>
* s3/docs: Fix typos.Karolin Seeger2009-05-031-4/+5
| | | | | | | | | | That fixes bug #4247. Thanks to David McNeill <davemc [at] mcpond.co.nz> for reporting! Karolin (cherry picked from commit eaf949947c2eb03363c4b6f588f87b70110d6ff7) (cherry picked from commit cea79d1fbf44b0d5bff5aa12962fb3d3cb61c367) (cherry picked from commit 226620d0ed221da983b4f662fcef14906588f1bd)
* s3/docs: Fix typo.Karolin Seeger2009-05-031-1/+1
| | | | | | | | | | This fixes bug #4245. Thanks to David McNeill <davemc [at] mcpond.co.nz> for reporting! Karolin (cherry picked from commit 579c91581f5b6d5341a12923fe6cde377223caff) (cherry picked from commit 49caab4044e47236594c6688f202aed555b9da61) (cherry picked from commit 139f95c85f96e7ccba024283608f9ee5990f6676)
* s3/docs: Fix serveral typos.Karolin Seeger2009-04-291-5/+5
| | | | | | | | | | This fixes bug #4315. Thanks to Felipe Augusto van de Wiel <faw [at] cathedrallabs [dot] org>! Karolin (cherry picked from commit 3422b9c546cdd262bd747e1e737c2b6479b4d21e) (cherry picked from commit 3da62734fffa99cde1084beeb69e94a7bc623dde) (cherry picked from commit b487a48c876fcaf88ec3fb4b05bacdd9b0bd8cd0)
* s3-selftest: test wbinfo --allocate-uid/gid.Günther Deschner2009-04-231-0/+2
| | | | | Guenther (cherry picked from commit c3843c40b5c426910a184dcef3b17283e6e224e9)
* Fix profile acls in some corner casesSimo Sorce2009-04-221-3/+18
| | | | | Always add back the real original owner of the directory in the ACE List after we steal its ACE for the Administrators group.
* Avoid duplicate acesSimo Sorce2009-04-221-13/+48
| | | | | | When adding arbitrary aces to an nt_ace_list we need to make sure we are not actually adding a duplicate. add_or_replace_ace() takes care of doing the right thing.
* Add comment explaining the previous fix.Jeremy Allison2009-04-221-0/+6
| | | | Jeremy.
* Fix bug #6279 - winbindd crash. Cope with LDAP libraries returning ↵Jeremy Allison2009-04-221-0/+4
| | | | | | LDAP_SUCCESS but not returning a result. Jeremy
generated by cgit (git 2.34.1) at 2024-05-21 13:04:54 +0000