| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
regarding
error messages: We relied upon a stat that a directory did not exist to later
on then do the mkdir or not. This does the mkdir directly and copes with a
potential error.
The second one is more important: It's possible with Samba 3 to do a
ntcreate&x with NTCREATEX_OPTIONS_DIRECTORY and we happily do a NT_STATUS_OK.
Also move up the use_nt_status() logic a bit. I think this does not belong
into the core routines, the smb server as such should take care of it.
Jeremy, do you think this should go to 3.0.24?
I'll update samba4torture when the build farm has picked up this checkin.
Volker
|
| | |
| |
| |
| |
| |
| |
| |
| | |
now have
tmp_talloc_ctx().
Volker
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fixes parts of
raw-open.
Volker
|
| | | |
|
| | |
| |
| |
| | |
NULL dereference
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
after it's child died unexpectedly whilst the parent
was waiting for a reply. We need to clean up the request
we're not going to service, plus we still need to call
the continuation function with a "False" flag so it
can clean things up. Still testing this, but I think
I'm right.
Jeremy
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
the network cable out of the machine *exactly*
after the init_dc_connect() call in cm_connect_sam()
or cm_connect_lsa() call succeeded but before any
of the other calls fail, and they have debug level
10 set in the log, then we'd crash due to dereferencing
a now NULL pointer (conn->cli gets set to NULL when
the init_dc_connect() call called from cm_get_schannel_dcinfo()
fails). Yes, before you ask this *did* happen on a
customer site :-).
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
inherit_acl
stuff & friends.
Survives raw-mkdir. I'll activate that tomorrow when all build farm machines
have picked up the changed samba4 torture test.
Volker
|
| | | |
|
| | |
| |
| |
| | |
Volker
|
| | |
| |
| |
| |
| |
| |
| | |
* fail on invalid credential flags in pam_sm_setcred
* parse config file for pam_sm_acct_mgmt and pam_sm_open_session
Guenther
|
| | |
| |
| |
| |
| | |
only do it for our primary domain.
Jeremy.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make sure we route all request to remote DCs via the main process
so that IDMAP can correctly reuse DC connections and use the
async interface.
This fixes also idmap_nss so that it is able to resolve local
group names (requires patch on the samba dc earlier committed
to SAMBA_3_0 to make it resolve both the mapped and the unmapped
name).
Simo.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Jeremy: sidstr formerly could be NULL (when num_aliases was 0), since we
strdup here it needs to exist.
Guenther
|
| | |
| |
| |
| |
| |
| |
| | |
This gives much nicer error messages when failing to join due to clock
skew.
Guenther
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
still needs to contact the DC's for non async requests
like enumerate users/groups etc. Now that online
DC detection is tied to async events we must enable
the processing of events in the main loop of winbindd.
Finally got rid of the last hard coded domain->initialized = 1
code in init_child_recv() - now all domain->initialized = True
gets done only in the connection manager code when either
we're online and have spoken to the DC or are offline and
we know we can't talk to the DC.
Jeremy.
|
| | |
| |
| |
| | |
more no previous prototype warnings
|
| | |
| |
| |
| | |
get rid of previous prototype warnings
|
| | | |
|
| | |
| |
| |
| | |
clean up a bunch of no previous prototype warnings
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
This fixes pam password changes in the online case.
Guenther
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
code paths
ncreate does. This is a bit slower (about 10-20%), because it goes touches the
share mode db, but I think not having to call change_owner_to_parent and
friends in fewer places outweighs this. And, mkdir is not the way current
Windows boxes create directories, they do it via the ncreate call.
Volker
|
| | |
| |
| |
| | |
ther way.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
don't have a check online event handler set.
We need to add one once we're been asked to
go back online as this is the only way to actually
go into the online state. Doh ! :-).
Jeremy.
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| | |
get rid of warning: value computed is not used
|
| | |
| |
| |
| | |
get rid of more nested extern declarations warnings
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| |
| |
| | |
is set.
Guenther
|
| | |
| |
| |
| |
| |
| | |
(e.g. to get the debug flag)
Guenther
|
| | |
| |
| |
| |
| | |
send_smb failures should be clean exits. All times when we exit as
a matter of policy should also be clean exits.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
look at
errno, all go straight to ERROR_NT(status).
Volker
|
| | |
| |
| |
| |
| |
| |
| |
| | |
change_owner_to_parent
a bit closer together: Move the lp_inherit_perms() check into the callers.
Volker
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
automatic
conversion, but not when we pass pointers down to other functions.
Simo, please check.
Volker
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A reversed check made it impossile to fallback to the Unix Domain mapping code.
Also fix a potential use of a freed array.
Jerry,
my tests shows that this code now correctly handle the fallback to Unix Domain
when our Domain member is asked for a mapped group that has a unix name different
from the Windows name against a Samba DC and we do not use winbindd but share
users/groups by other means (ldap / sync of passwd and group files)
Immediate Fix would be to discuss if we should answer back when DOMAIN\unixgroup -> SID
is asked for, in the case the unixgroup name is mapped to a different name.
IE: DOMAIN\Domain Admins -> ntadmins
Currently if we are asked for "DOMAIN\Domain Admins" we return the dom admins SID
If we are asked for "DOMAIN\ntadmins we return "not found", but we may consider to
return the Domain admins SID in this case too.
Comments are welcome on this point!
Long term fix I think is the unixinfo pipe and of course an idmap_unixinfo moudle.
Simo.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
I think "anonimous" is correctly spelled "anonymous". The Solaris compile is
referring to this as "anonymous" in line 814 of smbldap.c. Simo, please check.
Thanks,
Volker
|
| | | |
|
| | | |
|
| | | |
|
