summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* samba-tool: allow for running dbcheck against a remove ldap serverAndrew Tridgell2011-06-221-5/+14
| | | | this is useful for running it against a Windows server
* samba-tool: expanded dbcheck DN checkingAndrew Tridgell2011-06-221-21/+104
| | | | | | | this now checks for bad GUID elements in DN links, and offers to fix them when possible Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: prioritise GUID in extended_dn_inAndrew Tridgell2011-06-221-8/+11
| | | | | | | if we search with a base DN that has both a GUID and a SID, then use the GUID first. This matters for the S-1-5-17 SID. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: catch duplicate matches in extended_dn_inAndrew Tridgell2011-06-221-0/+12
| | | | | | | | When searching using extended DNs, if there are multiple matches then return an object not found error. This is needed for the case of a duplicate objectSid, which happens for S-1-5-17 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4:auth/kerberos: protect kerberos_kinit_password_cc() against old KDCsStefan Metzmacher2011-06-221-1/+47
| | | | | | | | | | Old KDCs may not support S4U2Self (or S4U2Proxy) and return tickets which belongs to the client principal of the TGT. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 22 09:10:55 CEST 2011 on sn-devel-104
* s4:auth/kerberos: remove one indentation level in kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-94/+99
| | | | | | This will make the following changes easier to review. metze
* s4:auth/kerberos: reformat kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-32/+41
| | | | | | In order to make the following changes easier to review. metze
* s4:auth/kerberos: don't mix s4u2self creds with machine account credsStefan Metzmacher2011-06-221-24/+76
| | | | | | | | | | | It's important that we don't store the tgt for the machine account in the same krb5_ccache as the ticket for the impersonated principal. We may pass it to some krb5/gssapi functions and they may use them in the wrong way, which would grant machine account privileges to the client. metze
* s4:auth/kerberos: use better variable names in kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-27/+41
| | | | | | This will make the following changes easier to review. metze
* s4:auth/kerberos: don't ignore return code in kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-0/+2
| | | | metze
* samba-tool: added missing GUID component checks to dbcheckAndrew Tridgell2011-06-221-4/+93
| | | | | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Jun 22 07:59:30 CEST 2011 on sn-devel-104
* pyldb: added methods to get/set extended components on DNsAndrew Tridgell2011-06-221-0/+51
| | | | | | this will be used by the dbcheck code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* pydsdb: added get_syntax_oid_from_lDAPDisplayName()Andrew Tridgell2011-06-222-0/+45
| | | | | | this gives you access to the syntax oid of an attribute Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* ldb: added extended_str() method to pyldbAndrew Tridgell2011-06-221-0/+16
| | | | | | this gives access to ldb_dn_get_extended_linearized() from python Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* ldb: expose syntax oids to pythonAndrew Tridgell2011-06-221-0/+10
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* samba-tool: try to keep dbcheck.py in a logical orderingAndrew Tridgell2011-06-221-29/+38
| | | | keep individual error handlers together and separate from driver code
* s4-dsdb: don't add zero GUID to BINARY_DNAndrew Tridgell2011-06-221-9/+11
| | | | | | | When converting from DRS to ldb format for a BINARY_DN, don't add the GUID extended DN element if the GUID is all zeros. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-smbtorture: rework the spoolss notify test a bit.Günther Deschner2011-06-211-16/+15
| | | | Guenther
* s4-smbtorture: use ipv4 addresses for backchannel spoolss change notifyGünther Deschner2011-06-211-1/+1
| | | | | | connections for now. Guenther
* s4/auth: Trivial spelling fixes.Brad Hards2011-06-212-6/+6
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* build: move dynconfig for top level build upAndrew Bartlett2011-06-211-115/+0
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-param Autogenerate the loadparm_globals and loadparm_service tablesAndrew Bartlett2011-06-213-153/+226
| | | | | | | | | | This makes it much easier and less error prone to add new parameters as we merge the s3 and s4 loadparm systems. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Jun 21 04:41:54 CEST 2011 on sn-devel-104
* selftest: Run tests for libsmbclient and libnetapiAndrew Bartlett2011-06-212-1/+6
| | | | | | | This adds the known failure for the one test (netbios browsing) that fails. Andrew Bartlett
* s4-torture Enable libnetapi and libsmbclient tests using combined buildAndrew Bartlett2011-06-214-27/+25
| | | | | | | | | | | | | | | Because we now always build the source3 code, we can link directly against a private libnetapi and libsmbclient to test the behaviour of these important APIs. We use a private libnetapi_net_init(), and by using this interface rather than the public one, we can ensure that the correct smb.conf is loaded (as smbtorture4 is a Samba4 semantics binary). The #include of the source3 includes.h is required to do the manual lp_load(). Andrew Bartlett
* s4-cmdline: Rename popt tables to avoid symbol conflictsAndrew Bartlett2011-06-213-12/+12
| | | | | | | | These same names are use in the source3 popt code, which is called from in libsmbclient and libnet. These are then included in the smbtorture binary for testing Andrew Bartlett
* lib/util: Use common d_printf() in the whole codebaseAndrew Bartlett2011-06-211-6/+0
| | | | | | | | | This removes the lang_tdb based varient, the only user of the lang_tdb code is SWAT, which calls that directly. 'net' and 'pam_winbind' are internationalised using gettext. Andrew Bartlett
* s4-param Add my authorship to this scriptAndrew Bartlett2011-06-211-2/+3
|
* Use tevent_req_oomVolker Lendecke2011-06-204-5/+5
| | | | This fixes a few Coverity errors
* tdb2: tie it into build process if --enable-tdb2-breaks-compatRusty Russell2011-06-201-1/+1
| | | | | | | | | | | This is simplistic. We need to support making TDB2 a standalone library, but for now, we simply built it in-tree. Once we have tdb1 compatibility in tdb2, we can rename this option to --enable-tdb2. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb2: create tdb2 versions of various testing TDBs.Rusty Russell2011-06-201-2/+5
| | | | | | | Soon, TDB2 will handle tdb1 files, but until then, we substitute. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_compat: use tdb_open_compat.Rusty Russell2011-06-203-29/+51
| | | | | | | | | This is a helper for the common case of opening a tdb with a logging function, but it doesn't do all the work, since TDB1 and TDB2's log functions are different types. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb2: #ifdef out TDB_ERR_NOLOCK and TDB_ERR_LOCK_TIMEOUT.Rusty Russell2011-06-201-0/+4
| | | | | | | | These don't exist in tdb2. The former is used in one weird place in tdb1, and the latter not at all. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* ldb: replace 'struct TDB_DATA' with 'TDB_DATA'Rusty Russell2011-06-203-6/+6
| | | | | | | The typedef is TDB2 compatible, the struct isn't. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_unlockall/tdb_unlockall_read: ignore return value.Rusty Russell2011-06-201-1/+2
| | | | | | | | | TDB2 returns void here. tdb_unlockall will *always* return with the database unlocked, but it will complain via the log function if it wasn't locked. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_traverse/tdb_traverse_read: check returns for negative, not -1.Rusty Russell2011-06-202-3/+3
| | | | | | | | | | | TDB2 returns a negative error number on failure. This is compatible if we always check for < 0 instead of == -1. Also, there's no tdb_traverse_read in TDB2: we don't try to make traverse reliable any more, so there are no write locks anyway. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_transaction_cancel: ignore return value.Rusty Russell2011-06-201-4/+1
| | | | | | | | | TDB2 returns void here. tdb_transaction_cancel will *always* return with the transaction cancelled, but it will complain via the log function if a transaction wasn't in progress. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_store: check returns for 0, not -1.Rusty Russell2011-06-203-3/+3
| | | | | | | | TDB2 returns a negative error number on failure. This is compatible if we always check for != 0 instead of == -1. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_delete: check returns for 0, not -1.Rusty Russell2011-06-201-1/+1
| | | | | | | | TDB2 returns a negative error number on failure. This is compatible if we always check for != 0 instead of == -1. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_fetch_compat: use instead of tdb_fetch.Rusty Russell2011-06-207-15/+17
| | | | | | | This is a noop for tdb1. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_compat.h: divert every tdb build and includes to tdb_compatRusty Russell2011-06-2015-20/+25
| | | | | | | | We change all the headers and wscript files to use tdb_compat; this means we have one place to decide whether to use TDB1 or TDB2. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* pyldb: add unit test for get(myattribute, defVal)Matthieu Patou2011-06-201-0/+5
| | | | | Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Mon Jun 20 09:23:15 CEST 2011 on sn-devel-104
* libcli/util Rename common map_nt_error_from_unix to avoid duplicate symbolAndrew Bartlett2011-06-2026-116/+116
| | | | | | | | | | | | The two error tables need to be combined, but for now seperate the names. (As the common parts of the tree now use the _common function, errmap_unix.c must be included in the s3 autoconf build). Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Jun 20 08:12:03 CEST 2011 on sn-devel-104
* libcli/util Bring samba4 unix -> nt_status code in common.Andrew Bartlett2011-06-205-169/+3
| | | | | | | | Due to library link orders, this is already the function that is being used. However we still need to sort out the duplicate symbol issues, probably by renaming things. Andrew Bartlett
* s3-libcli Remove unused error mapping tablesAndrew Bartlett2011-06-201-549/+0
| | | | | | The functions which uesed these tables have since moved in common. Andrew Bartlett
* build: Put lockdir and cachedir in FHS-like locations by defaultAndrew Bartlett2011-06-201-2/+2
| | | | | | | | | | This does not move statedir, leaving it in PREFIX/var/locks because state files such as idmap are dangerous to move, as they might re-create, causing chaos. This isn't ideal, but I don't have a better solution right now. Andrew Bartlett
* s4-build Change default paths and --with flags for a 4.0 releaseAndrew Bartlett2011-06-201-58/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following changes are made since Samba 3.6: * --with-ncalrpcdir and --with-nmbdsocketdir are replaced with --with-socket-dir (with ntp_signd, winbindd, nmbd subdirs) * This moves the winbind socket out of /tmp. Distributions have moved this out of /tmp for quite some time now, and /var/run in the FHS blessed location these days. --with-socketdir should point to /var/run in a distribution package. * Configuration files are expected in PREFIX/etc instead of PREFIX/lib (they need to be moved manually) * SWAT data files have moved to PREFIX/share/swat (alongside PREFIX/share/setup containing samba4 provision templates). * The --with-fhs option is no longer available (it was never very useful, and major distributions (Debian, OpenSuSE, Fedora) either specified every option (overriding the effect) or didn't specify it at all. * PID files are now in PREFIX/var/run, moved from PREFIX/var/locks * The ncalrpc and nmbd sockets are now in PREFIX/var/run by default The following changes are made for users of Samba3 binaries built with the top level build in master * 'state' files are now expected to be in their Samba 3.6 location PREFIX/var/locks (and will need to be moved manually) Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-upgradeprovision: propose the use of findprovisionranges if no ranges are ↵Matthieu Patou2011-06-201-0/+14
| | | | | | | present Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Mon Jun 20 00:30:59 CEST 2011 on sn-devel-104
* s4: create script to find provision ranges for old provision without this ↵Matthieu Patou2011-06-191-0/+174
| | | | information
* s4-sambatool: extract the confirm function in a separte module for reuseMatthieu Patou2011-06-192-10/+36
|
* s4-samba-tool: remove unused importsMatthieu Patou2011-06-191-2/+1
|
generated by cgit (git 2.34.1) at 2025-09-03 05:51:52 +0000