summaryrefslogtreecommitdiffstats
path: root/source/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* r5789: Patch from William Jojo <jojowil@hvcc.edu> - AIX has no default ACLs.Jeremy Allison2005-03-141-0/+7
| | | | | Bug #2445. Jeremy.
* r5726: merge LsaLookupPrivValue() code from trunkGerald Carter2005-03-101-59/+57
|
* r5647: Caches are good for performance, but you get a consistency problem.Volker Lendecke2005-03-031-0/+14
| | | | | | Fix bug # 2401. Volker
* r5565: fix breakage on gcc 2.96Gerald Carter2005-02-251-1/+1
|
* r5556: Fix the build on AIX.Günther Deschner2005-02-251-4/+14
| | | | | | | use AF_UNIX instead of AF_LOCAL (thanks to Doug VanLeuven <roamdad-at-sonic.net>) and make smbldap_open() a bit more readable. Guenther
* r5522: Better handling of LDAP over IPC connections that have expired on theGünther Deschner2005-02-231-4/+1
| | | | | | LDAP-Server. Guenther
* r5517: code cleanup; rename the sorted_tree to pathtree (used by registry code) Gerald Carter2005-02-231-39/+40
| | | | | | I was going to use this for tracking dfs mounts in smbclient but found another way. Still the cleanup is valid so commiting it. should be minimally disruptive since it is not widely used.
* r5484: Fix a memleakVolker Lendecke2005-02-211-2/+2
|
* r5436: small merges from trunkGerald Carter2005-02-171-5/+5
|
* r5431: couple of cimpile fixes from Jason Mader <jason@ncac.gwu.edu> -- BUGS ↵Gerald Carter2005-02-171-8/+16
| | | | 2341 & 2342
* r5428: Apply some const. LDAP attribs should now be declared const char ↵Volker Lendecke2005-02-171-8/+8
| | | | | | | | *attr[]. This gives some new warnings in smbldap.c, but a the callers are cleaned up. Volker
* r5349: After talking with Jerry, reverted the addition of account policies toGünther Deschner2005-02-122-412/+100
| | | | | | passdb in 3_0 (they are still in trunk). Guenther
* r5343: Fix for bug#1525. Timestamps interpreted incorrectly on 64-bit time_t ↵Jeremy Allison2005-02-111-0/+7
| | | | | | values. Jeremy.
* r5342: Reformat some very old code.Jeremy Allison2005-02-111-256/+281
| | | | Jeremy.
* r5331: Support SIDs as %s replacements in the afs username map parameter.Volker Lendecke2005-02-111-0/+4
| | | | | | | Add 'log nt token command' parameter. If set, %s is replaced with the user sid, and %t takes all the group sids. Volker
* r5235: Fix compile warning.Günther Deschner2005-02-041-1/+1
|
* r5203: additional changes for BUG 2291 to restrict who can join a BDC and ↵Gerald Carter2005-02-031-1/+1
| | | | add domain trusts
* r5174: ensure that we consistently use the current_user_info.smb_name vs. ↵Gerald Carter2005-02-021-0/+12
| | | | smb_name when parsing smb.conf and reloading config files
* r5163: Fix bugzilla 2062:Jim McDonough2005-02-011-1/+6
| | | | turn off broadcast for all 390 NICs.
* r5158: BUG 2263: patch from Timur Bakeyev <timur@com.bat.ru> to guard ↵Gerald Carter2005-02-011-4/+10
| | | | base64_encode_data_blob() against empty blobs
* r5150: consolidate the samr_make.*obj_sd() functions to share codeGerald Carter2005-01-311-39/+0
|
* r5127: Fix Bug 2289 -- thanks to jason@ncac.gwu.eduVolker Lendecke2005-01-311-2/+1
|
* r5100: We should only care about case-sensitivity when *reading* an incomingJeremy Allison2005-01-301-2/+2
| | | | | filename, not returning one. Makes us pass one more Samba4 RAW-SEARCH test. Jeremy.
* r5066: A couple of small fixes from James Peach @ SGI.Jeremy Allison2005-01-282-2/+7
| | | | Jeremy.
* r5015: (based on abartlet's original patch to restrict password changes)Gerald Carter2005-01-261-4/+74
| | | | | | | | | * added SE_PRIV checks to access_check_samr_object() in order to deal with the run-time security descriptor and their interaction with user rights * Reordered original patch in _samr_set_userinfo[2] to still allow root/administrative password changes for users and machines.
* r4995: fail set_privileges() if 'enable privileges = no' to prevent confused ↵Gerald Carter2005-01-251-0/+3
| | | | admins who never read what I write :-)
* r4989: Display failed LDAP-server-uri.Günther Deschner2005-01-251-1/+2
| | | | Guenther
* r4925: Migrate Account Policies to passdb (esp. replicating ldapsam).Günther Deschner2005-01-222-100/+412
| | | | | | | | Does automated migration from account_policy.tdb v1 and v2 and offers a pdbedit-Migration interface. Jerry, please feel free to revert that if you have other plans. Guenther
* r4917: Merge some of Derrell.Lipman@UnwiredUniverse.com obvious fixes.Jeremy Allison2005-01-221-2/+2
| | | | | Added text explaining units in pdbedit time fields. Jeremy.
* r4849: * finish SeAddUsers support in srv_samr_nt.cGerald Carter2005-01-191-7/+18
| | | | | | | | | * define some const SE_PRIV structure for use when you need a SE_PRIV* to a privilege * fix an annoying compiler warngin in smbfilter.c * translate SIDs to names in 'net rpc rights list accounts' * fix a seg fault in cli_lsa_enum_account_rights caused by me forgetting the precedence of * vs. []
* r4840: * Add more generic root-dse inspection function to check for givenGünther Deschner2005-01-191-0/+101
| | | | | | | | | controls or extensions. * Check and remember if ldapsam's LDAP Server support paged results (in preparation of adding async paged-results to set|get|end-sampwent in ldapsam). Guenther
* r4822: fix return code when you ask for a non-privileged SID via one of the ↵Gerald Carter2005-01-181-0/+9
| | | | privileges RPC calls
* r4809: * include SeDiskOperatorPrivilege and SeRemoteShutdownPrivilegeGerald Carter2005-01-171-88/+25
| | | | | | (noty enfornced yet though) * add 'enable privileges (off by default) to control whether or not any privuleges can be assigned to SIDs
* r4805: Last planned change to the privileges infrastructure:Gerald Carter2005-01-171-120/+309
| | | | | | | | | | | * rewrote the tdb layout of privilege records in account_pol.tdb (allow for 128 bits instead of 32 bit flags) * migrated to using SE_PRIV structure instead of the PRIVILEGE_SET structure. The latter is now used for parsing routines mainly. Still need to incorporate some client support into 'net' so for setting privileges. And make use of the SeAddUserPrivilege right.
* r4746: add server support for lsa_enum_acct_rights(); last checkin for the nightGerald Carter2005-01-151-0/+16
|
* r4742: add server support for lsa_add/remove_account_rights() and fix some ↵Gerald Carter2005-01-151-12/+65
| | | | parsing bugs related to that code
* r4736: small set of merges from rtunk to minimize the diffsGerald Carter2005-01-141-1/+1
|
* r4731: Fix the buildVolker Lendecke2005-01-141-1/+2
|
* r4724: Add support for Windows privileges in Samba 3.0Gerald Carter2005-01-133-219/+526
| | | | | | | | | | | | | | | | | | | | | | | | | | | | (based on Simo's code in trunk). Rewritten with the following changes: * privilege set is based on a 32-bit mask instead of strings (plans are to extend this to a 64 or 128-bit mask before the next 3.0.11preX release). * Remove the privilege code from the passdb API (replication to come later) * Only support the minimum amount of privileges that make sense. * Rewrite the domain join checks to use the SeMachineAccountPrivilege instead of the 'is a member of "Domain Admins"?' check that started all this. Still todo: * Utilize the SePrintOperatorPrivilege in addition to the 'printer admin' parameter * Utilize the SeAddUserPrivilege for adding users and groups * Fix some of the hard coded _lsa_*() calls * Start work on enough of SAM replication to get privileges from one Samba DC to another. * Come up with some management tool for manipultaing privileges instead of user manager since it is buggy when run on a 2k client (haven't tried xp). Works ok on NT4.
* r4651: Add "refuse machine password change" policy field. This update will justJim McDonough2005-01-101-14/+52
| | | | | | | return the appropriate reg value. Enforcement to be added soon. Also, fix account policy tdb upgrade so it doesn't just wipe out everything that was in there from a a previous version.
* r4581: From Derrell.Lipman@UnwiredUniverse.com. Use nanosleep instead of selectJeremy Allison2005-01-061-1/+14
| | | | | when we have it in smb_msleep. Jeremy.
* r4545: Fix based on work by Derrell.Lipman@UnwiredUniverse.com :Jeremy Allison2005-01-061-4/+26
| | | | | | | | | * In an application with signals, it was possible for functions to block indefinitely while awaiting timeouts. This patch ensures that if a system call with a timeout is aborted and needs to be restarted, it is restarted with a timeout which is adjusted for the amount of time already waited. Jeremy.
* r4334: Fix for bugid #2186 - from Buck Huppmann <buckh@pobox.com>Jeremy Allison2004-12-221-0/+8
| | | | | to prevent uninitialized creds being freed. Jeremy.
* r4306: Couple more MALLOC fixes from albert chin (china@thewrittenword.com).Jeremy Allison2004-12-211-1/+1
| | | | Jeremy.
* r4305: Fix from Albert Chin (china@thewrittenword.com) to fix theJeremy Allison2004-12-212-6/+6
| | | | | earlier malloc changes. Jeremy.
* r4296: Patch from William Jojo <jojowil@hvcc.edu> to fix HPUX sendfile and addJeremy Allison2004-12-201-1/+57
| | | | | configure.in tests and code for sendfile on AIX. Jeremy.
* r4291: More *alloc fixes inspired by Albert Chin (china@thewrittenword.com).Jeremy Allison2004-12-203-35/+34
| | | | Jeremy
* r4289: Close LDAP-Connection before retrying to open a new connection in theGünther Deschner2004-12-201-0/+1
| | | | | | | | | | | | retry-loop. This fixes a deadlock-situation when ldapsam is used with the ldapi interface: getpeername won't fail while trying to detect dead connections on unix domain sockets. When the ldapi-connection was closed server-side (due to OpenLDAP's idletimeout) we *never* got a new LDAP connection. Guenther
* r4270: Add some const as a fix for bugzilla #2135.Tim Potter2004-12-191-1/+1
|
* r4256: Add a patch from kllin@it.su.se: New Parameter 'afs token lifetime' ↵Volker Lendecke2004-12-171-1/+5
| | | | | | | | | | tells the AFS client when to throw away a token. Thanks, Volker
generated by cgit (git 2.34.1) at 2025-09-24 22:07:47 +0000