summaryrefslogtreecommitdiffstats
path: root/source3/param
Commit message (Collapse)AuthorAgeFilesLines
* Add a parameter to disable the automatic creation of krb5.conf filesVolker Lendecke2009-08-261-0/+12
| | | | | | | | | | | | | | This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of transitive AD trusts. The workaround is to add a [capaths] directive to /etc/krb5.conf, which we don't automatically put into the krb5.conf winbind creates. The alternative would have been something like a "krb5 conf include", but I think if someone has to mess with /etc/krb5.conf at this level, it should be easy to add the site-local KDCs as well. Next alternative is to correctly figure out the [capaths] parameter for all trusted domains, but for that I don't have the time right now. Sorry :-)
* Add "store create time" parameter (docs to follow)Jeremy Allison2009-08-121-0/+12
| | | | | that stores the create time in the user.DosTimestamps EA. Jeremy.
* Attempt to fix the buildVolker Lendecke2009-07-141-22/+0
|
* Revert this commit :Jeremy Allison2009-07-141-0/+11
| | | | | | | | | | | s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect. For now. This is a feature request and I think we need to design it a little differently so as not to touch core change_to_user() code. Jeremy.
* S3: Small fix to get rid of annoying log message.Bo Yang2009-07-151-0/+3
| | | | Signed-off-by: Bo Yang <boyang@samba.org>
* s3: Make smbd aware of permission change of usershare. Since usershare are ↵Bo Yang2009-07-151-0/+11
| | | | relatively volatile and non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
* Consolidate create/delete account paths in pdbeditSimo Sorce2009-05-291-0/+5
| | | | | | | | | Use common paths like for smbpasswd, so that all utilities behave the same way. As for smbpasswd this changes the behavior of pdbedit to create/delete unix users is the add/delete user scripts are provided, or ldapsam:editposix is configured. Signed-off-by: Günther Deschner <gd@samba.org>
* s3: make passdb backend defaults to tdbsamBjörn Jacke2009-05-271-1/+1
|
* Introduce "struct stat_ex" as a replacement for SMB_STRUCT_STATVolker Lendecke2009-05-261-31/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch introduces struct stat_ex { dev_t st_ex_dev; ino_t st_ex_ino; mode_t st_ex_mode; nlink_t st_ex_nlink; uid_t st_ex_uid; gid_t st_ex_gid; dev_t st_ex_rdev; off_t st_ex_size; struct timespec st_ex_atime; struct timespec st_ex_mtime; struct timespec st_ex_ctime; struct timespec st_ex_btime; /* birthtime */ blksize_t st_ex_blksize; blkcnt_t st_ex_blocks; }; typedef struct stat_ex SMB_STRUCT_STAT; It is really large because due to the friendly libc headers playing macro tricks with fields like st_ino, so I renamed them to st_ex_xxx. Why this change? To support birthtime, we already have quite a few #ifdef's at places where it does not really belong. With a stat struct that we control, we can consolidate the nanosecond timestamps and the birthtime deep in the VFS stat calls. At this moment it is triggered by a request to support the birthtime field for GPFS. GPFS does not extend the system level struct stat, but instead has a separate call that gets us the additional information beyond posix. Without being able to do that within the VFS stat calls, that support would have to be scattered around the main smbd code. It will very likely break all the onefs modules, but I think the changes will be reasonably easy to do.
* s3:param: add PROTOCOL_SMB2Stefan Metzmacher2009-05-201-0/+1
| | | | metze
* s3:swat: hide "config backend" from swatMichael Adam2009-05-151-1/+1
| | | | Michael
* s3:param: prevent includes from being dumped in dump_*() functions.Michael Adam2009-05-151-3/+6
| | | | | | This fixes bug #4271: testparm should not print includes. Michael
* Add some constVolker Lendecke2009-05-141-1/+2
|
* s3:loadparm: free the file_list at the start of loadparmMichael Adam2009-05-121-0/+2
| | | | | | | | This should reduce the waste of memory when using "config file" or "config backend". It also reduces the risk of triggering reloads due to some old unused files being checked. Michael
* s3:loadparm: refactor freeing of file_list out into free_file_lists()Michael Adam2009-05-121-13/+21
| | | | Michael
* s3 Reorder loadparm to keep aliases togetherSteven Danneman2009-05-051-6/+6
| | | | This keeps the "browseable" and "browsable" aliases together.
* s3:loadparm: handle registry config source in file_list - fixes bug #6320Michael Adam2009-05-061-34/+44
| | | | Michael
* s3:loadparm: use the returnvalue of service_ok() in process_smbconf_service().Michael Adam2009-05-051-1/+1
| | | | Michael
* s3:smbd/service: switch load_registry_service/shares to use loadparm routinesMichael Adam2009-04-291-1/+1
| | | | | | | | | | | instead of reading the registry directly with tdb and activating the configure options by hand. This eliminates the need for repeating checks done in loadparm. For instance it disables registry shares without path in the server as is the case with text based shares. Michael
* s3:loadparm: refactor process_registry_service out or process_registry_globalsMichael Adam2009-04-291-11/+25
| | | | Michael
* s3:loadparm: prevent infinite include nesting.Michael Adam2009-04-281-2/+19
| | | | | | | | | | | | This introduces a hard coded MAX_INCLUDE_DEPTH of 100. When this is exceeded, handle_include (and hence lp_load) fails. One could of course implement a more intelligent loop detection in the include-tree, but this would require some restructuring of the internal loadparm housekeeping. Maybe as a second improvement step. Michael
* s3:mark registry shares without path unavailable just as with text configMichael Adam2009-04-281-0/+3
| | | | | | This prevents users from getting access to "/" in misconfigured setups. Michael
* s3-loadparm: Fix resume command typo for "printing = vlp".Günther Deschner2009-04-131-1/+1
| | | | Guenther
* s3/loadparm: Fiy typos.Karolin Seeger2009-04-071-2/+2
| | | | Karolin
* s3/cups: add encryption supportBjörn Jacke2009-03-301-0/+34
|
* s3: Remove redundant commentTim Prouty2009-03-231-4/+0
|
* s3:smbd: use new simplified snb_signing code in the serverStefan Metzmacher2009-03-231-3/+8
| | | | | | | | | We keep the seqnum/mid mapping in the smb_request structure. This also moves one global variable into the smbd_server_connection struct. metze
* Attempt to fix the build on IRIXVolker Lendecke2009-03-041-1/+3
|
* s3: Wrap usage of rlimit in configure checksSteven Danneman2009-02-221-20/+19
|
* Revert "s3 auth: Add parameter that forces every user through an NSS lookup"Tim Prouty2009-02-211-11/+0
| | | | | | | | After the discussion on samba-technical, it was decided that the best answer for now was to revert this change. The right way to do this is to rewrite the token api to use opaque tokens with pluggable modules. This reverts commit 8e19a288052bca5efdb0277a40c1e0fdd099cc2b.
* Fix an uninitialized variableVolker Lendecke2009-02-211-1/+1
|
* S3: Detect max_open_files from systemtodd stecher2009-02-201-1/+37
| | | | | - Attempt to use syscalls to determine max-open-files value. - Add in periodic logging when max file limit reached
* s3 auth: Add parameter that forces every user through an NSS lookupZach Loafman2009-02-161-0/+11
| | | | | | When set to yes, "force username map" forces every user, even AD users, through an NSS lookup. This allows the token to be overridden with information from NSS in certain broken environments.
* Rename lp_smb_perfcount_module() to lp_perfcount_module() to match the ↵Volker Lendecke2009-02-141-1/+1
| | | | parameter name
* s3: Added new parameter "map untrusted to domain"Steven Danneman2009-02-121-0/+13
| | | | | | | When enabled this reverts smbd to the legacy domain remapping behavior when a user provides an untrusted domain This partially reverts d8c54fdd
* S3: New module interface for SMB message statistics gatheringtodd stecher2009-02-091-0/+11
| | | | | | | This changelist allows for the addition of custom performance monitoring modules through smb.conf. Entrypoints in the main message processing code have been added to capture the command, subop, ioctl, identity and message size statistics.
* s3/libads: Change "ldap ssl:ads" parameter to "ldap ssl ads".Karolin Seeger2009-02-051-0/+12
| | | | Karolin
* Add two new parameters to control how we verify kerberos tickets. Removes ↵Dan Sledz2009-02-011-5/+28
| | | | | | | | | | | | | | | | | | | | | | | lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket.
* s3: make better use of ccache by not including version.h in every C-file.Michael Adam2009-01-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | version.h changes rather frequently. Since it is included via includes.h, this means each C file will be a cache miss. This applies to the following situations: * When building a new package with a new Samba version * building in a git branch after calling mkversion.sh after a new commit (i.e. virtually always) This patch improves the situation in the following way: * remove inlude "version.h" from includes.h * Use samba_version_string() instead of SAMBA_VERSION_STRING in files that use no other macro from version.h instead of SAMBA_VERSION_STRING. * explicitly include "version.h" in those files that use more macros from "version.h" than just SAMBA_VERSION_STRING. Michael
* Deprecate the "share modes" parameter to address bug #6024, swat disagrees ↵Jeremy Allison2009-01-121-1/+1
| | | | | | with smbstatus as to share mode with share modes = No set in samba. Jeremy.
* Make STATEDIR and CACHEDIR configurable through ./configure and loadparm.cSteven Danneman2009-01-121-3/+46
| | | | | | If they are not explicitely set in either place both will default to LOCKDIR. Signed-off-by: Michael Adam <obnox@samba.org>
* Fix a typo found by the IBM CheckerVolker Lendecke2009-01-041-1/+1
|
* Fix use of "time offset" parameter, and add test to make sure I don't break ↵Jelmer Vernooij2008-12-231-2/+0
| | | | it again :-)
* s3:loadparm/docs: Set default for "ldap ssl" to "start tls".root2008-12-211-1/+1
| | | | | | | This has been discussed on samba-technical before. 3.3 and newer only! Karolin
* s3: loadparm: Clean-up list of parameters.Karolin Seeger2008-12-211-8/+1
| | | | | | We don't need to list several combinations of lowercase and uppercase here. Karolin
* s3/loadparm.c: Change default value for "ldap ssl".Karolin Seeger2008-12-171-1/+1
| | | | | | | | | | | | | | | | | LDAP_SSL_ON is not defined at all. That's why the actual default value was "" for a long time. Set a more sensible default value without chnging the default behaviour. -----8<------------------snip--------------8<-------------- user@host:/data/git/samba/v3-0-test/source> git grep LDAP_SSL_ON | cat include/smb.h:enum ldap_ssl_types {LDAP_SSL_ON, LDAP_SSL_OFF, LDAP_SSL_START_TLS}; param/loadparm.c: Globals.ldap_ssl = LDAP_SSL_ON; ----->8------------------snap-------------->8-------------- It's the same in 3.2 and 3.3 series. Karolin
* s3:loadparm: fix copy service error (canonicalize_servicename: NULL source name)Michael Adam2008-12-151-1/+1
| | | | | | this was introduced by commit 3358a139d2dc77eb4c842d41722b1acc24bd2cb2. Michael
* s3:loadparm: add service-struct based variants of the free-parameter routinesMichael Adam2008-12-151-7/+46
| | | | | | | and use the abstracted free_one_parameter_common() in old free_one_parameter_by_snum() as well as in new free_one_parameter() Michael
* s3:loadparm: rename free_parameters() to free_parameters_by_snum()Michael Adam2008-12-151-4/+5
| | | | Michael
* s3:loadparm: rename free_parameter() to free_one_parameter_by_snum()Michael Adam2008-12-151-3/+5
| | | | Michael
generated by cgit (git 2.34.1) at 2025-09-02 13:20:17 +0000