summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* s3: smbd/nmbd/winbindd - fix append on trailing slash on system paths.Jeremy Allison2014-04-051-1/+1
| | | | | | | | | | | | | | | | | | The xx_path() function incorrectly uses talloc_asprintf_append() instead of talloc_asprintf() on a path that may have been modified by the trim_string() call previously. talloc_asprintf_append() always sticks the new text at the *end* of the allocated buffer, not at the end of the string. Fix bug #10538 - Daemons crashing when lock/state/cache directory parameter has a trailing slash https://bugzilla.samba.org/show_bug.cgi?id=10538 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sat Apr 5 13:40:30 CEST 2014 on sn-devel-104
* s3: enforce a positive allocation_file_size for non-empty filesBjörn Baumbach2014-04-051-0/+12
| | | | | | | | | | | | | | Some file systems do not allocate a block for very small files. But for non-empty file should report a positive size. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Apr 5 03:09:00 CEST 2014 on sn-devel-104
* vfs: Store ACL control flags in gpfs vfs module.Alexander Werth2014-04-051-23/+114
| | | | | | | | Use literals to allow a compile and execution on gpfs 3.4. Signed-off-by: Alexander Werth <alexander.werth@de.ibm.com> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs: Support NFS control flags in nfs4_acls.c.Alexander Werth2014-04-052-1/+27
| | | | | | | | | | | The ACL control flags stores in particular the dacl protected bit which is responsible for the "Include inherited permissions from this object's parent" checkbox. This stores the information in the ACL struct passed to and from file system specific vfs modules. Signed-off-by: Alexander Werth <alexander.werth@de.ibm.com> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-kerberos: make ipv6 support for generated krb5 config files more robust.Günther Deschner2014-04-041-2/+27
| | | | | | | | | | | | | Older MIT Kerberos libraries will add any secondary ipv6 address as ipv4 address, defining the (default) krb5 port 88 circumvents that. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Apr 4 16:33:12 CEST 2014 on sn-devel-104
* s3: rpc_server/srvsvc: count open files in NetConnEnumShekhar Amlekar2014-04-031-11/+47
| | | | | | | | | Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Apr 3 21:19:43 CEST 2014 on sn-devel-104
* s3: rpc_server/srvsvc: count share connections in NetConnEnumShekhar Amlekar2014-04-031-9/+45
| | | | | | Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s3: rpc_server/srvsvc: added routines to compute opens on share connections.Shekhar Amlekar2014-04-031-0/+49
| | | | | | | | | Added routines count_share_opens() and share_file_fn() to count opens on share connections. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s3: rpc_server/srvsvc: Added routines to count share connections.Shekhar Amlekar2014-04-031-0/+64
| | | | | | | | | Added routines count_share_conns() and share_conn_fn() to count connections to a share. Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* autorid: use the db argument in the initialize traverse action.Michael Adam2014-04-031-2/+2
| | | | | | | | | | | | | | By a copy and paste error, the global autorid_db was used. This was not currently a problem in behaviour, because this autorid_db is passed as the argument. This change fixes the callback function for consistency. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Apr 3 08:36:55 CEST 2014 on sn-devel-104
* s3: messages: Implement cleanup of dead records.Jeremy Allison2014-04-034-0/+68
| | | | | | | | | | | | When a smbd process dies, pending messages.tdb records for this process might not get cleaned up. Implement a cleanup for dead records that is triggered after a smbd dies uncleanly; the records for that PID are deleted. Based on a patchset from Christof Schmitt <cs@samba.org>. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* autorid: make the whole initialization atomic with one transaction.Michael Adam2014-04-031-10/+38
| | | | | | | | | | | | | | | | | | | | | | | | Originally, there were several writing operations: - store the range HWM - store the alloc uid HWM - store the alloc gid HWM - store the config - create mappings for a whole list of wellknown sids Each of these consisted of its own transaction, the wellknown preallocation even of one transaction per sid. This change wrapps all of these in one big transaction. Thereby making the whole initialization atomic, and with respect to the creation of the wellknown mappings also more deterministic. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Apr 3 02:41:25 CEST 2014 on sn-devel-104
* autorid: initialize: fix typo in and further improve a debug message.Michael Adam2014-04-031-2/+2
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: initialize: use the split db_open and init_hwms function instead of ↵Michael Adam2014-04-031-1/+6
| | | | | | | | | db_init This way, we can later put all of the storing functions inside one transaction. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: initialize: open the autorid db as late as possible.Michael Adam2014-04-031-8/+9
| | | | | | | But make sure to link the db context to commonconfig afterwards. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: initialize: link config to commonconfig as soon as it is allocated.Michael Adam2014-04-031-1/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: initialize: link commonconfig to dom as soon as it is allocatedMichael Adam2014-04-031-2/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: initialize: store config directly before allocating well knowns.Michael Adam2014-04-031-7/+6
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: split idmap_autorid_db_open and idmap_autorid_init_hwms out of ↵Michael Adam2014-04-032-9/+50
| | | | | | | | | idmap_autorid_db_init These will be used separately in the full initialization function. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: in idmap_autorid_saveconfig, add a debug msg when loading gives errorMichael Adam2014-04-031-0/+2
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: improve the precision of the DEBUG at the end of add_rangeMichael Adam2014-04-031-2/+5
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: add a DEBUG upon talloc fail in the add_range function.Michael Adam2014-04-031-0/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: when storing a new range, always check it does not exist.Michael Adam2014-04-031-15/+22
| | | | | | | | | | | Also check for existence when the range is >= the HWM, typically the "acquire" case where we bump the HWM. In case of external modification, we would previously simply overwrite an an existing range mapping. Now we check and throw INTERNAL_DB_CORRUPTION in this case. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: fix a potential for data corruption.Michael Adam2014-04-031-1/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The initialization of the HWM values in autorid.tdb was racy: It did: 1. fetch the HWM value 2. if it did not exist, store 0 in a transaction. This can be racy if two processes at the same time try to run the initialization code, especially in a cluster, when winbindd and smbd are started simultaneously on all nodes. The race is that the HWM is not re-fetched inside the transaction. Assume both processes see that the HWM does not exist. Both try to start a transaction. Process 1 gets the lock and process 2 blocks. After Process 1 has stored the HWM, it proceeds and manages to start subsequent transactions which also bump the HWM value (e.g. a range allocation, which is also triggered from allocation code). When process 2 finally manages to start the transaction, the HWM value is aready > 0. But process 2 does not look again and simply overwrites the HWM with 0. So the next allocation will overwrite an existing mapping, at least partially. This patch changes the mechanism to: 1. fetch the hwm value 2. if it does not exist start a transaction 3. fetch the hwm value 4. if it does not exist, store 0 5. commit the transaction. Note: this is not theoretical. Corruptions have been seen in cluster environments. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: print debug message when a HWM key has been createdMichael Adam2014-04-031-0/+2
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: reverse logic flow in idmap_autorid_init_hwm(), decreasing indentation.Michael Adam2014-04-031-9/+13
| | | | | | | I.e. move writing case to the end. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* autorid: store hwm as uint32_t in idmap_autorid_init_hwm()Michael Adam2014-04-031-1/+1
| | | | | | | | The HWM is treated as uint32_t all the times. This was just a leftover from old code. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Allow FSRVP access generic HRESULT error message descriptionsNoel Power2014-04-021-0/+8
| | | | | | | | | | | | FSRVP can possibly return any HRESULT error in addition to it's own specific errors. This change searches the HRESULT errors for a description if the error doesn't match any of the known FSRVP ones. Also removed some errors defined in fsrvp.idl (now that they are defined in hresult.h) Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Run rpc.samr.passwords.badpwdcount against s3dcAndrew Bartlett2014-04-021-1/+1
| | | | | | Change-Id: I9529def954521bf8ab05212759a2ef6bbe9913f8 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* lib/param: Add new parameter "old password allowed period"Andrew Bartlett2014-04-021-0/+1
| | | | | | Change-Id: I46228b492ba71ba4f3fee380a1ccadb328e3ade1 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Rework samdb_result_acct_flags to use either userAccountControl or ↵Andrew Bartlett2014-04-021-6/+5
| | | | | | | | | | | | | | | | msDS-User-Account-Control-Computed This allows us to avoid the domain lookup in the constructed attribute when not required. By using msDS-User-Account-Control-Computed the lockout and password expiry checks are now handled in the operational ldb module. Andrew Bartlett Change-Id: I6eb94933e4602e2e50c2126062e9dfa83a46191b Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Run rpc.samr.passwords.lockout against the s3dc environmentAndrew Bartlett2014-04-021-1/+1
| | | | | | Change-Id: I7ee562cbf1e067ed90b22e212002e88752450e34 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* kerberos: Map KRB5KDC_ERR_CLIENT_REVOKED to NT_STATUS_ACCOUNT_LOCKED_OUTAndrew Bartlett2014-04-021-1/+1
| | | | | | Change-Id: I333083e11a56d0f99ec36df25a96804d0ff2d110 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Do not reset bad password count to 0 if account is disabledAndrew Bartlett2014-04-021-11/+11
| | | | | | Change-Id: I895435fb278eae5d92b4a8e15d062769c0e8a71a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Only call pdb_get_acct_ctrl() once in check_sam_securityAndrew Bartlett2014-04-021-4/+6
| | | | | | Change-Id: I43792711543e25c50c29ab5a24d16f614c670cca Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-samr: Refuse to set lockout_duration < lockout_window per ↵Andrew Bartlett2014-04-021-0/+17
| | | | | | | | | | | | rpc.samr.passwords.lockout This was not noticed previously because the test was not run. Andrew Bartlett Change-Id: I88701b6c3057ec26f44b3ccab4134ac9aabe552a Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Rename wbinfo_s3 to wbinfo_simple and reorder code for clarityAndrew Bartlett2014-04-022-42/+25
| | | | | | | | | Change-Id: Ic2e06e448fce1d91422b711abf663b9253009a53 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Apr 2 13:07:24 CEST 2014 on sn-devel-104
* winbindd: Ensure we do not look at rid_array before checking if it was returnedAndrew Bartlett2014-04-021-3/+3
| | | | | | | | We no longer return early if there are no members, we just return an empty array. Change-Id: I7b0949e0c0b9277426a8007514a8658615f6c709 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3-auth: Add prototype for plugin function to reduce warnings in auth_samba4Andrew Bartlett2014-04-021-0/+1
| | | | | | Change-Id: I0aa703bb2766f1353a176a0c3f25424bbc4953f5 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3-auth: Remember to always free the talloc_stackframe() in auth_samba4Andrew Bartlett2014-04-021-0/+2
| | | | | | Change-Id: I94469de9d463ee90365bae43094231efaf0a7d8c Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* auth_samba4: Fix auth_samba4 to correctly provide a messaging context for itselfAndrew Bartlett2014-04-021-16/+9
| | | | | | | | This is done by calling make_auth4_context_s4(), avoiding code duplication. Change-Id: I3a3bf4e4273f27078c308d55102e4a1f4b052d17 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3-auth: Finally change make_user_info_*() use a parent talloc contextAndrew Bartlett2014-04-028-49/+63
| | | | | | Change-Id: Iedf516e8c24e0d18064aeedd8e287ed692d3c5b4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3:wscript_build: explicitly use allow_warnings=True where neededStefan Metzmacher2014-04-021-6/+18
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:rpc_server: explicitly use allow_warnings=True for RPC_SPOOLSSStefan Metzmacher2014-04-021-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:pam_smbpass: explicitly use allow_warnings=TrueStefan Metzmacher2014-04-021-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:modules: explicitly use allow_warnings=True were neededStefan Metzmacher2014-04-021-0/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: avoid argv related const warningsStefan Metzmacher2014-04-022-3/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:utils: explicitly check the return value of fscanf() to avoid unused ↵Stefan Metzmacher2014-04-021-1/+1
| | | | | | | warnings in smbta-util.c Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:utils: check the status of open_socket_out() correctly in smbfilter.cStefan Metzmacher2014-04-021-3/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:utils: use char packet[] in smbfilter.c to avoid warningsStefan Metzmacher2014-04-021-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2024-10-01 07:15:13 +0000