summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* provision: fix nTSecurityDescriptor attributes of CN=*,${CONFIGDN} (bug #9481)Stefan Metzmacher2013-01-274-0/+34
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: fix nTSecurityDescriptor of CN={LostAndFound,System},${DOMAINDN} ↵Stefan Metzmacher2013-01-272-0/+6
| | | | | | | (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: setup names.name_map['DnsAdmins']Stefan Metzmacher2013-01-271-0/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: introduce names.name_map = {}Stefan Metzmacher2013-01-271-0/+1
| | | | | | | | This will be used to translated names in SDDL values, which are not wellknown, e.g. 'DnsAdmins'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add get_dns_{forest,domain}_microsoft_dns_descriptor()Stefan Metzmacher2013-01-272-0/+16
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add get_config_ntds_quotas_descriptor()Stefan Metzmacher2013-01-272-0/+8
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add get_{config,domain}_delete_protected*_descriptor()Stefan Metzmacher2013-01-272-0/+40
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* schema.py: add optional name_map={} to get_schema_descriptor()Stefan Metzmacher2013-01-271-1/+1
| | | | | | | | This is not used, but makes the prototype compatible with the other get_*_descriptor() functions. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: add optional name_map={} argument to get_*_descriptor()Stefan Metzmacher2013-01-271-32/+30
| | | | | | | | This will allow subsitute non-wellkown names in the SDDL, e.g. 'DnsAdmins'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: import/export get_dns_partition_descriptor()Stefan Metzmacher2013-01-271-1/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* provision: setup names.dns{forest,domain}dnStefan Metzmacher2013-01-271-1/+22
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: fix resetting of 'nTSecurityDescriptor' on schema ↵Stefan Metzmacher2013-01-271-1/+1
| | | | | | | | | | objects Without this schema_data_modify() will reject updates to schema objects by default. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: don't reset 'whenCreated' when resetting ↵Stefan Metzmacher2013-01-271-2/+0
| | | | | | | 'nTSecurityDescriptor' Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbckecker: fix nTSecurityDescriptor values from before 4.0.0rc6 (bug #9481)Stefan Metzmacher2013-01-271-2/+181
| | | | | | | | | They inherited effective ACE for the wrong object classes. For SACL ACEs the problem was also present in 4.0.0. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-descriptor: get_default_group() should always return the DAG sid (bug ↵Stefan Metzmacher2013-01-271-5/+10
| | | | | | | #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests/sec_descriptor: the default owner behavior depends on ↵Stefan Metzmacher2013-01-271-4/+4
| | | | | | | | | domainControllerFunctionality (bug #9481) Not on the domainFunctionality. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/security: calculate INHERIT_ONLY correcty for AUDIT and ALARM aces ↵Stefan Metzmacher2013-01-271-4/+16
| | | | | | | (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4-process_single: Use pid,task_id as cluster_id in process_single just like ↵Andrew Bartlett2013-01-261-8/+13
| | | | | | | | | | | | | | | | process_prefork This avoids two different process single task servers (eg the drepl server) sharing the same server id. The task id starts at 2^31 to avoid collision with the fd based scheme for connections. Fix-bug: https://bugzilla.samba.org/show_bug.cgi?id=9598 Reported-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Jan 26 16:13:05 CET 2013 on sn-devel-104
* pymessaging: Pass around the server_id struct to python callbacks rather ↵Andrew Bartlett2013-01-261-3/+13
| | | | | | | | | | than the tuple This is not used currently, but may avoid going to and from the python types when we do not need to. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pymessaging: Use correct unsigned types for server ID tuple elememntsAndrew Bartlett2013-01-261-3/+3
| | | | | | | | | This is needed if we start using the top bits of these values. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* ldb: Ensure to decrement the transaction_active whenever we delete a transactionAndrew Bartlett2013-01-264-1/+266
| | | | | | | | | | | | | | | | | This is in the error path for prepare_commit, which rarely fails, but when it does we need to ensure that when a new transaction is opened, that it really starts a new transaction. We bump the version to recognise critical fix for the AD DC Without this fix, a single invalid inbound replicated link disables all subsequent replication as we operate without a transaction (which is refused by ldb_tdb). Andrew Bartlett Reviewed-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* ldb: fix a warning by converting from TDB_DATA to struct ldb_valStefan Metzmacher2013-01-261-1/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Regression test for bug #9587 - archive flag is always set on directories.Jeremy Allison2013-01-251-0/+186
| | | | | | | | | | | Ensure we get the correct attributes on files and directories after a rename. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Jan 25 13:42:40 CET 2013 on sn-devel-104
* Fix bug #9587 - archive flag is always set on directories.Jeremy Allison2013-01-251-1/+2
| | | | | | | | | | | | Creating a directory to a Samba share sets the attributes to 'D' only (correct) - only when creating a new file should the 'A' attribute be set. However, doing a rename of that directory sets the 'A' attribute in error. This should only be done on a file rename. smbclient regression test to follow. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* bug9598: s4-process_single: Use pid,fd as cluster_id in process_single just ↵Andrew Bartlett2013-01-251-3/+8
| | | | | | | | | | | | | | | | like process_prefork This avoids two different process single servers (say LDAP and the RPC server) sharing the same server id. Fix-bug: https://bugzilla.samba.org/show_bug.cgi?id=9598 Reported-by: Matthieu Patou <mat@matws.net> Reviewed-by: Matthieu Patou <mat@matws.net> Signed-off-by: Andrew Bartlett <abartlett@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jan 25 12:00:04 CET 2013 on sn-devel-104
* Avoid a very small memleak on talloc_tos()Volker Lendecke2013-01-251-4/+1
| | | | | | | | | | "fname" did leak on talloc_tos(). Not really a bad memleak, but as I just came across it I thought I might just fix it Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jan 25 00:54:01 CET 2013 on sn-devel-104
* Fix bug #9572 - File corruption during SMB1 read by Mac OSX 10.8.2 clients.Jeremy Allison2013-01-241-2/+30
| | | | | | | | | | | | | | | | Accept a large read if we told the client we have UNIX extensions and the client sent a non-zero upper 16-bit size. Do the non-zero upper 16-bit size check first to save a function call in what is a hot path. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jan 24 21:01:51 CET 2013 on sn-devel-104
* Revert "s3:smbd: SMB ReadX with size > 0xffff should only possible for samba ↵Jeremy Allison2013-01-241-10/+1
| | | | | | | | | | | | | clients." Part of fix for bug #9572 - File corruption during SMB1 read by Mac OSX 10.8.2 clients This reverts commit f8c26c16b82989e002b839fc9eba6386fc036f6a. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-torture: add some basic tests for PlayGDIScriptOnPrinterIC.Günther Deschner2013-01-241-1/+110
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jan 24 19:20:52 CET 2013 on sn-devel-104
* s3-rpcclient: add cmd_spoolss_play_gdi_script_on_printer_ic.Günther Deschner2013-01-241-0/+103
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: add UNIVERSAL_FONT_ID_ctr for debugging.Günther Deschner2013-01-241-0/+5
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: Add UNIVERSAL_FONT_ID.Günther Deschner2013-01-241-0/+6
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: fill in spoolss_PlayGDIScriptOnPrinterIC IDL.Günther Deschner2013-01-241-1/+7
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-rpcclient: decode OsVersion{Ex} binary blobs when displaying printerdata.Günther Deschner2013-01-241-0/+21
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-spoolss: Make it easier to manipulate the returned OSVersion at runtime.Günther Deschner2013-01-241-3/+11
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: make spoolss deal with ndr64 StartDocPrinter by using proper ↵Günther Deschner2013-01-244-14/+29
| | | | | | | | | container object. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* spoolss: add more spoolss_DriverAttributes values.Günther Deschner2013-01-241-3/+13
| | | | | | | | | | The level5 driver does return only one of these flags with a different value, will get fixed later. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: ldbsearch.1.xml: Correct meta data.Karolin Seeger2013-01-241-3/+3
| | | | | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Karolin Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 24 16:09:37 CET 2013 on sn-devel-104
* docs: ldbrename.1.xml: Correct meta data.Karolin Seeger2013-01-241-3/+3
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Karolin Reviewed-by: Stefan Metzmacher <metze@samba.org>
* docs: ldbmodify.1.xml: Correct meta data.Karolin Seeger2013-01-241-3/+3
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Karolin Reviewed-by: Stefan Metzmacher <metze@samba.org>
* docs: ldbedit.1.xml: Correct meta data.Karolin Seeger2013-01-241-3/+3
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Karolin Reviewed-by: Stefan Metzmacher <metze@samba.org>
* docs: ldbdel.1.xml: Correct meta data.Karolin Seeger2013-01-241-3/+3
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Karolin Reviewed-by: Stefan Metzmacher <metze@samba.org>
* docs: ldbadd.1.xml: Correct meta data.Karolin Seeger2013-01-241-3/+3
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Karolin Reviewed-by: Stefan Metzmacher <metze@samba.org>
* docs: ldb.3.xml: Correct meta data.Karolin Seeger2013-01-241-2/+2
| | | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Karolin Reviewed-by: Stefan Metzmacher <metze@samba.org>
* gensec: Allow login without a PAC by default (bug #9581)Andrew Bartlett2013-01-241-1/+1
| | | | | | | | | The sense of this test was inverted. We only want to take the ACCESS_DENIED error if gensec:require_pac=true. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Fix bug #9586 - smbd[29175]: disk_free: sys_popen() failed" message logged ↵Jeremy Allison2013-01-241-1/+1
| | | | | | | | | | | | | in /var/log/message many times. Ensure when reading lines from an interruptible pipe source we ignore EINTR. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Jan 24 10:45:48 CET 2013 on sn-devel-104
* dsdb-acl: remove unused variableStefan Metzmacher2013-01-231-1/+0
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jan 23 20:04:09 CET 2013 on sn-devel-104
* smbd: Fix a NULL vs false return errorVolker Lendecke2013-01-231-1/+1
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* waf: Fix pdb_ldap which cannot be built as a module.Andreas Schneider2013-01-231-2/+4
| | | | | | | | | | | The module has two init functions, pdb_ldap_init() and pdb_ldapsam_init(). As a shared module only one can be found until we create a symlink. Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Jan 23 10:51:59 CET 2013 on sn-devel-104
* ldap: Remove obsolete convertSambaAccount script.Andreas Schneider2013-01-231-233/+0
| | | | | | | We removed ldapsam_compat support which used sambaAccount already some time ago. See commit 02c239c6d35f47f13143c66baffbd303373b8028. Reviewed-by: Günther Deschner <gd@samba.org>
generated by cgit (git 2.34.1) at 2025-09-25 08:28:36 +0000