summaryrefslogtreecommitdiffstats
path: root/source
Commit message (Collapse)AuthorAgeFilesLines
...
| * r21018: Removing the set_domain_online_request again in trustdom_recv().Günther Deschner2007-01-251-9/+0
| | | | | | | | | | | | | | | | | | | | Jeremy, we really can't do that. There are setups with hundred and more trusted domains out there, I have one customer who tells me it takes more then half an hour for him after winbind is up and running. That request registers the check_domain_online_handler which in turn forks off the child immediately. Also discussed with Volker. Guenther
| * r21016: Fix pam_sm_setcred again. Günther Deschner2007-01-251-1/+1
| | | | | | | | | | | | Jerry, the switch statement must ignore the PAM_SILENT flag. Guenther
| * r21015: fix typo that breaks the buildGerald Carter2007-01-251-1/+1
| |
| * r21014: move some functionss to winbindd_group.c and make staticGerald Carter2007-01-252-148/+144
| |
| * r21013: * Remove "inline" keyword Gerald Carter2007-01-251-5/+5
| | | | | | | | | | | | * Remove anpther check for PAM_SILENT that prevents logging to syslog * Add missing check for TRY_FIRST_PASS when using authtok (missed from previous merge)
| * r21012: Patch from Danilo Almeida @ Centeris (via me):Gerald Carter2007-01-252-21/+168
| | | | | | | | | | | | | | | | | | Details: Improve PAM logging - The improved logging is far tracking down PAM-related bugs - PAM_SILENT was being mis-used to suppress syslog output instead of suppressing user output. This lets PAM_SILENT still log to syslog. - Allow logging of item & data state via debug_state config file option. - Logging tracks the pam handle used.
| * r21011: Another patch from Danilo Almeida @ Centeris (via me):Gerald Carter2007-01-251-4/+7
| | | | | | | | | | | | | | Details: Reset the "new password prompt required" state whenever we do a new auth. In more detail, in pam_sm_authenticate, if not settting PAM_WINBIND_NEW_AUTHTOK_REQD, then clean any potentially present PAM_WINBIND_NEW_AUTHTOK_REQD.
| * r21010: fix the pstring change in ntlm_auth for require-membership-of in ↵Gerald Carter2007-01-251-1/+1
| | | | | | | | ntlm_auth
| * r21009: Patch from Danilo Almeida @ Centeris (via me). Gerald Carter2007-01-253-49/+236
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch details: Support most options in pam_winbind.conf; support comma-separated names in require-membership-of. Details below: 1) Provides support for almost all config options in pam_winbind.conf (all except for use_first_pass, use_authtok, and unknown_ok). - That allows us to work well when invoked via call_modules from pam_unix2.conf as well as allowing use of spaces in names used w/require_membership_of. 2) Support for comma-separated list of names or SID strings in require_membership_of/require-membership-of. - Increased require_membership_of field in winbind request from fstring (256) to pstring (1024). - In PAM side, parse out multiple names or SID strings and convert all of them to SID strings. - In Winbind side, support membership check against multiple SID strings.
| * r21007: move $(SOCKET_WRAPPER_OBJ) to OBJ definition instead of link line like Herb Lewis2007-01-241-6/+8
| | | | | | | | all other uses - merge from 3_0_24
| * r21005: Add a debug message for EAGAIN error of setresuid.Volker Lendecke2007-01-241-1/+7
| | | | | | | | Volker
| * r21004: Patch from Mathias Dietz <MDIETZ@de.ibm.com> to fix multi-nodeJim McDonough2007-01-241-1/+1
| | | | | | | | sharemodes in gpfs.
| * r21003: Display LDAP base in debug statement.Günther Deschner2007-01-241-2/+2
| | | | | | | | Guenther
| * r21002: Get rid of unused macros - merge change from 3_0_24Herb Lewis2007-01-243-48/+40
| |
| * r21001: * Use a simple '#define LDAPMessage void' to fix the buildGerald Carter2007-01-245-45/+9
| | | | | | | | | | | | problems in the nss_info interface when HAVE_LDAP is undefined. * Revert previous ifdef HAVE_ADS brakets * Remove an unused init function wrapper.
| * r20998: Fix debug messageVolker Lendecke2007-01-241-1/+2
| |
| * r20996: Build fix from Kai BlinAndrew Bartlett2007-01-241-1/+2
| |
| * r20994: Remove unused code.James Peach2007-01-241-122/+0
| |
| * r20993: temporary build fix to get things going again on non-ADS systemsGerald Carter2007-01-241-0/+4
| |
| * r20992: another attempt at fixing the build breakageGerald Carter2007-01-244-26/+37
| |
| * r20987: fix build farm breakage when ADS support is not present (caused by ↵Gerald Carter2007-01-241-0/+4
| | | | | | | | nss_info_methods API)
| * r20986: Commit the prototype of the nss_info plugin interface.Gerald Carter2007-01-2418-456/+893
| | | | | | | | | | | | | | | | | | | | | | This allows a provider to supply the homedirectory, etc... attributes for a user without requiring support in core winbindd code. The idmap_ad.c module has been modified to provide the idmap 'ad' library as well as the rfc2307 and sfu "winbind nss info" support. The SID/id mapping is working in idmap_ad but the nss_info still has a few quirks that I'm in the process of resolving.
| * r20985: leave room for terminating NULL when printing password hashes via ↵Gerald Carter2007-01-241-2/+2
| | | | | | | | 'pdbedit -L -w'
| * r20982: Fix a segfault -- I wonder why my make test did not show this earlier...Volker Lendecke2007-01-231-1/+2
| |
| * r20970: Allow to define workstation for samlogon in rpcclient (for testing).Günther Deschner2007-01-232-8/+17
| | | | | | | | Guenther
| * r20966: Only attempt to reload the config file atfer the fork point if weJames Peach2007-01-231-2/+6
| | | | | | | | | | are in daemon mode. If we are in inetd mode, there's really no point in rechecking it so soon.
| * r20965: Fix spelling.James Peach2007-01-231-2/+2
| |
| * r20951: Remove the DOM_SID field in the struct idmap_domain and bounceGerald Carter2007-01-223-142/+128
| | | | | | | | | | | | | | | | | | | | | | | | | | | | domain SID lookups through the struct winbindd_domain *domain_list by searching by name. Refactor the order lookup when searching for the correct idmap_domain to a single function and remove the requirement that the default domain be listed first in the config file. I would still like to make the idmap_domain array a linked list and remove the existing code which makes use of indexes into the list. Basic testing with tdb pans out ok.
| * r20933: Fix the build without inotifyVolker Lendecke2007-01-211-2/+2
| |
| * r20932: This is the basic infrastructure for inotify support. This is far ↵Volker Lendecke2007-01-214-1/+283
| | | | | | | | | | | | | | | | | | from being complete, in particular the various mask bits are not correctly supported yet. Checkin in now, I want to see how the build farm likes it. Volker
| * r20931: This changes the notify infrastructure from a polling-based to an ↵Volker Lendecke2007-01-2112-785/+484
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | event-driven based approach. The only remaining hook into the backend is now void *(*notify_add)(TALLOC_CTX *mem_ctx, struct event_context *event_ctx, files_struct *fsp, uint32 *filter); (Should we put this through the VFS, so that others can more easily plug in?) The trick here is that the backend can pick filter bits that the main smbd should not handle anymore. Thanks to tridge for this idea. The backend can notify the main smbd process via void notify_fsp(files_struct *fsp, uint32 action, char *name); The core patch is not big, what makes this more than 1800 lines are the individual backends that are considerably changed but can be reviewed one by one. Based on this I'll continue with inotify now. Volker
| * r20917: Fix missing error returns pointed out by "Li, Ying (ESG)" ↵Jeremy Allison2007-01-191-0/+3
| | | | | | | | | | | | <ying.li2@hp.com> Jeremy.
| * r20916: Add in the delete on close final fix - but only enabledJeremy Allison2007-01-197-0/+63
| | | | | | | | | | with -DDEVELOPER. Jeremy.
| * r20915: Fixed the bad merge from 3.0.24.Jeremy Allison2007-01-191-6/+8
| | | | | | | | Jeremy.
| * r20914: Sync up incorrect differences between 3.0.24 and 3.0Jeremy Allison2007-01-191-12/+11
| | | | | | | | Jeremy.
| * r20913: Fix the build.Jeremy Allison2007-01-191-3/+4
| | | | | | | | Jeremy.
| * r20912: Ensure the list always remains sorted even whenJeremy Allison2007-01-191-17/+29
| | | | | | | | | | moving events around. Jeremy.
| * r20911: Fix copyright message in winbindd to use the macro from smb.hGerald Carter2007-01-191-2/+3
| |
| * r20905: Windows 2000 returns NT_STATUS_ACCOUNT_RESTRICTION if the pwGerald Carter2007-01-191-3/+11
| | | | | | | | | | | | | | chnage fails due to policy settings where as 2003 (the chgpasswd3() request) fails with NT_STATUS_PASSWORD_RESTRICTION. Thunk down to the same return code so we correctly retreive the password policy in both cases.
| * r20904: This is a placeholder fix. Apparently Windows 2000Gerald Carter2007-01-191-1/+9
| | | | | | | | | | | | | | | | | | is sharing the IDL for the SAMR pipe with Windows 2003 but returning NT_STATUS_NOT_SUPPORTED rather than a DCE/RCE fault. We need to catch this in the general sense by looking at the returned PDU size. But this immediate change fixes password changes via pam_winbind against Windows 2000 DCs.
| * r20903: Replace the hardcoded "smb.conf" string with the dyn_CONFIGFILEGerald Carter2007-01-191-6/+7
| |
| * r20883: W00t! I now understand how "delete on close" reallyJeremy Allison2007-01-185-35/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | works - even with the strange "initial delete on close" semantics. The "initial delete on close" flag isn't committed to the share mode db until the handle is closed, and is discarded if any real "delete on close" was set. This allows me to remove the "initial_delete_on_close" flag from the share db, and move it into a BOOL in files_struct. Warning ! You must do a make clean after this. Cope with the wrinkle in directory delete on close which is done differently from files. We now pass all Samba4 smbtortute BASE-DELETE tests except for the one checking that files can't be created in a directory which has the delete on close set (possibly expensive to fix). Jeremy.
| * r20880: Fix memory leak in new sitename code. You got *really*Jeremy Allison2007-01-181-1/+1
| | | | | | | | | | close Guenther, then you forgot to use "key" :-) :-). Jeremy.
| * r20878: Fix build with --enable-profilingVolker Lendecke2007-01-181-1/+0
| |
| * r20877: Random notify fixesVolker Lendecke2007-01-181-13/+8
| |
| * r20876: Fix bug 4346 -- Thanks to YAMASAKI HiroyukiVolker Lendecke2007-01-181-1/+1
| |
| * r20875: Pass DCE/RPC server call arguments as a struct rather than as ↵Jelmer Vernooij2007-01-1831-1389/+1349
| | | | | | | | | | | | separate arguments. This makes it a bit more similar to the Samba4 code.
| * r20874: We need to distinguish client sitenames per realm. We were overwritingGünther Deschner2007-01-186-26/+75
| | | | | | | | | | | | | | the stored client sitename with the sitename from each sucessfull CLDAP connection. Guenther
| * r20873: Some correctness fixes w.r.t. Samba4 torture BASE-DELETE.Jeremy Allison2007-01-188-21/+111
| | | | | | | | | | | | | | | | Allow us to correctly refuse to set delete on close on a non-empty directory. There are still some delete-on-close wrinkles to be fixed, but I understand how to do that better now. I'll fix this tomorrow. Jeremy.
| * r20862: When in disconnected mode there is no need to try a fallback to a siteGünther Deschner2007-01-171-0/+18
| | | | | | | | | | | | less DNS query. This speeds up offline detection slightly. Guenther
generated by cgit (git 2.34.1) at 2025-09-30 13:22:56 +0000