| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |/ |
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
winbindd server
|
| |
|
|
|
|
|
|
|
| |
servers. Also add a new "net rpc audit" tool. The lsa query infolevels
were taken from samb4 IDL, the lsa policy flags and categories are
partly documented on msdn. I need to cleanup the double
lsa_query_info_policy{2}{_new} calls next.
Guenther
|
| |
|
|
|
|
|
|
| |
into 3.0. Also merge the new POSIX lock code - this
is not enabled unless -DDEVELOPER is defined.
This doesn't yet map onto underlying system POSIX
locks. Updates vfs to allow lock queries.
Jeremy.
|
| |
|
|
| |
Volker
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is produced when a process exits abnormally.
First, we coalesce the core dumping code so that we greatly improve our
odds of being able to produce a core file, even in the case of a memory
fault. I've removed duplicates of dump_core() and split it in two to
reduce the amount of work needed to actually do the dump.
Second, we refactor the exit_server code path to always log an explanation
and a stack trace. My goal is to always produce enough log information
for us to be able to explain any server exit, though there is a risk
that this could produce too much log information on a flaky network.
Finally, smbcontrol has gained a smbd fault injection operation to test
the changes above. This is only enabled for developer builds.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Guenther
|
| |
|
|
|
| |
in error code path.
Jeremy.
|
| | |
|
| |
|
|
| |
otherwise append to output file specified.
|
| |
|
|
|
|
|
| |
different directory the temp files should be in, or is /tmp ok?
Still have to get rid of the output file hardcoding, but that is to
come, because I need to cleanup stdout.
|
| |
|
|
|
|
| |
kerberos_kinit_password_ext provides access to more options.
Guenther
|
| | |
|
| |
|
|
|
|
| |
* Add back in the import/export support to pdbedit
* Fix segv in pam_smbpass
* Cleanup some error paths in pdb_tdb and pdb_interface
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
|
| |
|
|
|
| |
specified once in an ACL, so it can be allocated a second time,
overwriting the first
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
sstring_sub().
|
| |
|
|
|
| |
Need to go back and correct the assumption that an "ldap xxx suffix"
parm must have an OU.
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
make it cleaner. There's still more to do on this...
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
users/workstations
|
| |
|
|
|
|
| |
net rpc vampire is ugly....
Volker
|
| | |
|
| |
|
|
|
|
| |
Jeremy, you might want to take a look here.
Volker
|
| | |
|
| | |
|
| |
|
|
|
| |
Fix machine accounts (should not have valid shells) and users with no
home directory (were getting previous user's directory).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
| |
affinity cache.
Guenther
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
|
