| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
errno.
tests/* - Added #if defined(HAVE_UNISTD_H) to help with large file stuff.
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I have added a new define for configure - HAVE_EXPLICIT_LARGEFILE_SUPPORT.
This is tested for at the end of configure by the following check :
"As a gating factor for large file support, in order to
use <4GB files we must have the following minimal support
available.
long long, a 64 bit off_t or off64_t, a 64 bit ino_t or
ino64_t. If we don't have all of these then disable large
file support."
I have to do this as HPUX will detect the open64 etc.
functions in libc but *THEY DON'T WORK* before HPUX11.x.
The definitions in include/includes.h that set up large
file defines, and the calls in lib/system.c that use the explicit
large file functions are now depended on HAVE_EXPLICIT_LARGEFILE_SUPPORT
also being defined.
include/rpc_lsa.h: Upped number of groups to 96 as a temporary
measure.
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
was in seconds. This meant that PDC -> BDC failover took so long it essentiually
didn't happen.
include/client.h: Added explicit comment that cli->timeout should be milliseconds.
include/local.h: Changed LONG_CONNECT_TIMEOUT & SHORT_CONNECT_TIMEOUT to be milliseconds.
lib/smbrun.c: Tidied up fork failure catching.
lib/util_sock.c: Ensured timeout treated as milliseconds.
libsmb/clientgen.c: Added comment.
rpc_server/srv_pipe_hnd.c: Luke's changes.
smbd/chgpasswd.c: Paranoia code for EINTR around sys_waitpid.
Jeremy.
|
|
|
|
|
| |
Code <from Elmar.Daegele@bln.siemens.de>.
Jeremy.
|
|
|
|
|
| |
on a read on /dev/random.
Jeremy.
|
|
|
|
| |
Jeremy.
|
|
|
|
|
|
|
| |
IRIX) we would infinately loop on a SIGCLD in the password changing code.
Just lucky we didn't get bitten in the generic SIGCLD case (but I fixed
that too).
Jeremy.
|
|
|
|
|
|
| |
if you send this query to a FAT volume. Phew - I'm glad I got this one in
under the wire for 2.0.0.....
Jeremy.
|
|
|
|
|
|
|
|
| |
autoconf tests.
tests/trapdoor.c: Fixed problem where setresgid was being called in block of code that was
#ifdefed for setregid.
Jeremy.
|
|
|
|
|
|
|
|
| |
array for directory handles. This tidied up the code a *lot*.
Plus it means I've fixed the bug in PR#10058, which was due to an
NT app that wanted to simultaneously open >256 directory handles.
Jeremy.
|
|
|
|
|
|
|
|
|
| |
--with-mmap code.
lib/time.c: Changed %T to %H:%M:%S for systems that don't have %T.
locking/locking_slow.c: Re-added FTRUNCATE_NEEDS_ROOT code - now to test for it...
smbd/quotas.c: Fixed IRIX quota compile.
Jeremy.
|
|
|
|
| |
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
smbd/chgpasswd.c.
smbd/chgpasswd.c
smbd/open.c: Ensure that we replace SIGCLD handler with CatchChildLeaveStatus()
*before* we expect to reap a child status - and reset it to CatchChild()
after we've done the sys_waitpid(). The original CatchChild() code
would eat the status code from the zombie in the signal handler, meaning
that the sys_waitpid() calls in check_access_allowed_for_current_user()
and chgpasswd would never return a status.
smbd/open.c:
smbd/reply.c:
smbd/close.c: Check error return on close() calls - ensure a valid error return
is sent back to the client. This catches the "file truncated"
bug when a user has run out of quota (or space) and the ENOSPC
error is returned on the *close()* call, not the write() (eg. on
an nfs mounted drive).
smbd/fileio.c: Added check for ESPIPE on sys_lseek() in file_seek() to allow
people to use Windows clients to communicate with UNIX fifo's
(like they could in 1.9.18).
Jeremy.
|
|
|
|
|
|
|
| |
wildcards against both long and short filenames in a trans2 wildcard
match. This fix gets us closer to NT compatibility (still not entirely
there yet.... one more issue I know about to fix....).
Jeremy.
|
|
|
|
| |
Jeremy.
|
|
|
|
|
|
|
|
|
|
| |
Changed privilage to privilege.
Also added set_real_uid() call to lib/util_sec.c.
Removed last set[re]uid calls from quotas.c - all such calls now live only
in lib/util_sec.c.
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All setuid code now resides in the one module lib/util_sec.c.
The interfaces this module exports are :
void gain_root_privilage(void); - Set real/eff/saved uid's to 0.
void gain_root_group_privilage(void); - Set real/eff/saved gid's to 0.
int set_effective_uid(uid_t uid); - Set eff uid *only* to given value.
int set_effective_gid(gid_t gid); - Set eff gid *only* to given value.
BOOL become_user_permanently(uid_t uid, gid_t gid); - Set real/eff/saved uid's and gid's
to uid and gid permanently - with no way back to root.
Most of the quota code now uses these calls (except for a few
special cases).
smbd/chgpasswd.c: Ensured the dochild exits in the fork()'d child.
libsmb/nmblib.c: Fix from Jasper for memory leak.
Jeremy.
|
|
|
|
|
|
| |
(hopefully) should be portable to all sorts of weird systems and
also provide standard interfaces for the rest of the code.
Jeremy.
|
|
|
|
|
|
|
|
| |
lib/system.c script/mkproto.awk include/includes.h: Added sys_readdir that
wraps readdir64.
lib/util.c: Changed gethostname() to use sizeof(hostname) as the second arg
for buffer size.
Jeremy.
|
|
|
|
|
|
| |
source/include/DesktopDB.h source/lib/streams.c: MAC support won't make it into 2.0,
although 2.0.1 will have it.
Jeremy.
|
|
|
|
|
| |
lib/debug.c: File size check from Jasper.
Jeremy.
|
|
|
|
|
| |
fd limits and always returns RLIM_INFINITY for a RLIMIT_NOFILE query.
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
changes are bzero -> memset as the compiler on HPUX is very picky about
bzero (probably a strange define).
The significant changes are in configure.in, to fix the HPUX shadow.h
problem and also move the large file support to the correct place.
passdb/pass_check.c: Added includes for KRB5, DCE and AFS if requested in autoconf.
tests/trapdoor.c: Fix to use setresuid and setresgid if defined.
The rest of the changes are bzero -> memset.
Jeremy.
|
|
|
|
|
|
|
|
|
|
| |
allow/deny that could
silently deny access. Log them if they occur.
smbd/close.c smbd/oplock.c smbd/reply.c: Removed a global oplock variable (hurrah!).
Removal of the oplocks flags and any kernel oplocks is now done in
either close() or in reply_locking() by calling release_file_oplock().
Jeremy.
|
|\ |
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| | |
creating locking masks
|
| |
| |
| |
| | |
cnums and snums.
|
| |
| |
| |
| |
| |
| | |
LsaLookupSids etc from within SamrQueryAliasMembers, for example.
fnum is now a parameter to client functions. thanks to mike black
for starting the ball rolling.
|
| | |
|
| |
| |
| |
| | |
sure it is a samba process that is running.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- renamed do_lsa_xxx to lsa_xxx
- added "enumgroups [-m]" command, enumerates groups, shows members.
- added cmd_sam_add_groupmem(), need to call these in rpcclient.c
- added cmd_sam_add_aliasmem(), need to call these in rpcclient.c
- modified "enumaliases [-m]" command
- improved "enumgroups" and "enumaliases" to display names not just RIDS/SIDs.
- renamed "samr_unknown_12" to "samr_lookup_rids".
- added the following client-side functions:
get_samr_query_groupmem()
get_samr_query_aliasmem()
get_samr_query_groupinfo()
samr_enum_dom_groups()
samr_enum_dom_aliases()
samr_add_aliasmem()
samr_add_groupmem()
- improved display output (display.c)
|
| |
| |
| |
| | |
DB API
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
being able to use next_token() outside of string_to_sid calls.
use strchr instead
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
|
| |
| |
| |
| | |
stupid compile errors with file_rename() call just created.
|
| |
| |
| |
| | |
added code that moves MACHINE.SID to DOMAIN_NAME.SID if it exists.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
i may simply go for a response in the NetSamLogon returning the
unix username, forcing the NT user to appear to be a unix user,
however even that is fraught with implications.
might just have to go the whole hog and do this tuple thing,
"unix_name + nt_name" always associated together...
issue with api_net_sam_logon, getsam21pwent() being called twice,
the second time overwriting static buffer data (argh) so had to
make a copy.
noticed a nested "become_root()"/"unbecome_root()" which will have
to be tracked down...
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
|
| |
| |
| |
| | |
added their replacements, added sam password database API modules
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
aclocal.m4: Added AC_LIBTESTFUNC.
configure.in: Fixed -lsecurity -lsec problems.
client.c: dos_ fixes.
groupdb/aliasunix.c: Dead code removal.
include/includes.h: Added default PRINTCAP_NAME.
lib/genrand.c: dos_ fixes.
lib/replace.c: Added strtoul.
lib/system.c: dos_ fixes.
lib/util.c: dos_ fixes.
lib/util_sid.c: Signed/unsigned fixes.
lib/util_str.c: removed bad const.
locking/locking_slow.c: dos_ fixes.
printing/printing.c: dos_ fixes.
rpc_server/srv_samr.c: Dead code removal.
rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN !
smbd/dir.c: dos_ fixes.
smbd/open.c: dos_ fixes.
smbd/oplock.c: dos_ fixes.
smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes.
Jeremy.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
unix groups are not explicitly mapped.
i.e as a PDC or BDC you can have domain groups, as a member of a domain
you cannot.
as a member of a domain, unmapped unix groups are assumed to be aliases,
and as a PDC or BDC, unmapped unix groups are assumed to be unix groups.
there is _one_ other check needed with aliases to be added: unmapped unix
groups that have the same name as an NT group on the PDC (for which i will
need to write an LsaLookupNames call) should be assumed to be domain groups
on the PDC.
|
| | |
|
| | |
|
| | |
|