Samuel Cabrero [Wed, 25 May 2022 12:35:55 +0000 (14:35 +0200)]
s3:winbind: Return ADS_STATUS from ads_cached_connection()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 11:25:32 +0000 (13:25 +0200)]
s3:winbind: Pass a memory context to ads_idmap_cached_connection()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:23:38 +0000 (13:23 +0200)]
s3:printing: Allocate a temporary talloc context for nt_printer_publish()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:10:35 +0000 (13:10 +0200)]
s3:libsmb: Allocate a temporary talloc context for ads_dc_name()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:05:43 +0000 (13:05 +0200)]
s3:libnet: Allocate a temporary talloc context in libnet_connect_ads()
Prepare to allocate ADS_STRUCT under a talloc context. Pass a talloc
context where the ads struct will be moved on success.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 10:01:13 +0000 (12:01 +0200)]
s3:netapi: Allocate a temporary talloc context for NetGetJoinableOUs_l()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 10:44:36 +0000 (12:44 +0200)]
pygpo: Make ads_ADSType object inherit from pytalloc_BaseObject
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:36:54 +0000 (09:36 +0200)]
s3:libnet: Allocate the machine name string under its container's talloc context
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:16:59 +0000 (09:16 +0200)]
s3:libnet: Allocate the machine name string under its container's talloc context
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 13:59:11 +0000 (15:59 +0200)]
s3:winbind: Fix a memory leak in ads_cached_connection()
The trust password was leaked.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 12:17:51 +0000 (14:17 +0200)]
s3:winbind: Fix a memory leak in ads_idmap_cached_connection()
The trust password was leaked.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 11:21:02 +0000 (13:21 +0200)]
s3:winbind: Remove dupplicated talloc_get_type() call
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 16:09:02 +0000 (18:09 +0200)]
s3:libads: Pass the correct ADS_STRUCT pointer to ads_msgfree
The search is performed using the ads_s pointer.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 16:06:47 +0000 (18:06 +0200)]
s3:libads: Clear previous CLDAP ping flags when reusing the ADS_STRUCT
Fixes the problem described in commit
a26f535dedc651afa2a25dd37113ac71787197ff
but for ads_domain_func_level() function.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:25:03 +0000 (13:25 +0200)]
s3:printing: Fix temporary talloc context leak
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 3 Jun 2022 03:37:01 +0000 (05:37 +0200)]
vfs_acl_xattr: add acl_xattr:security_acl_name option
Pair-Programmed-With: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Mon, 20 Jun 2022 16:48:56 +0000 (18:48 +0200)]
bootstrap: Use quay.io to download fedora images
The docker registry is rate limited now. This often leads to errors, so
use the Red Hat registry.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jun 26 23:08:03 UTC 2022 on sn-devel-184
Andrew Bartlett [Thu, 24 Mar 2022 23:50:26 +0000 (12:50 +1300)]
WHATSNEW: Announce support for dropping the NT hash
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Sun, 10 Apr 2022 23:54:24 +0000 (11:54 +1200)]
samba-tool user: Accomodate missing unicodePwd in getpassword command
To allow for the NT hash not being stored when NTLM authentication is
disabled, we use the AES256 key instead for verification against the
other packages if the unicodePwd attribute is not present.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 9 May 2022 02:50:15 +0000 (14:50 +1200)]
samba-tool user: When possible, obtain AES256 key and salt
We will make use of these in the next commit to check that the
supplemental packages are up-to-date with the current password.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 9 May 2022 02:37:58 +0000 (14:37 +1200)]
auth/credentials: Add get_aes256_key()
This makes it possible to generate AES256 keys in Python from a given
password and salt.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 9 May 2022 02:35:05 +0000 (14:35 +1200)]
auth/credentials: Add cli_credentials_get_aes256_key()
This allows us to generate AES256 keys from a given password and salt.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 31 Jan 2022 01:08:13 +0000 (14:08 +1300)]
dsdb: Allow password history and password changes without an NT hash
We now allow this to be via the ENCTYPE_AES256_CTS_HMAC_SHA1_96 hash instead
which allows us to decouple Samba from the unsalted NT hash for
organisations that are willing to take this step (for user accounts).
(History checking is limited to the last three passwords only, as
ntPwdHistory is limited to NT hash values, and the PrimaryKerberosCtr4
package only stores three sets of keys.)
Since we don't store a salt per-key, but only a single salt, the check
will fail for a previous password if the account was renamed prior to a
newer password being set.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 10 Jun 2022 00:47:01 +0000 (12:47 +1200)]
s4-auth: For LDAP simple bind, fall back to checking the ENCTYPE_AES256_CTS_HMAC_SHA1_96 if stored
Since we don't store a salt per-key, but only a single salt, when we do
not have the NT hash in the unicodePwd (eg ntlm auth = disabled), the check
will fail for a previous password if the account was renamed prior to a
newer password being set.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Wed, 18 May 2022 08:12:36 +0000 (20:12 +1200)]
s4:kdc: Add helper function to extract AES256 key and salt
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 11 Apr 2022 03:44:09 +0000 (15:44 +1200)]
tests/krb5: Add test for presence of NT hash
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 24 Jun 2022 08:39:57 +0000 (10:39 +0200)]
third_party: Update nss_wraper to version 1.1.12
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 24 22:29:33 UTC 2022 on sn-devel-184
Martin Schwenke [Fri, 27 May 2022 13:19:46 +0000 (23:19 +1000)]
ctdb-scripts: Drop use of eval in CTDB callout handling
eval is not required and causes the follow ShellCheck warning:
SC2294 (warning): eval negates the benefit of arrays. Drop eval to
preserve whitespace/symbols (or eval as string).
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 24 10:40:50 UTC 2022 on sn-devel-184
Martin Schwenke [Fri, 27 May 2022 13:16:28 +0000 (23:16 +1000)]
ctdb-tests: Do not require eval tricks for faking NFS callout
The current code requires the use of eval in the NFS callout handling
to facilitate testing. Improve the code to remove this need.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 02:40:20 +0000 (13:40 +1100)]
ctdb-scripts: Avoid ShellCheck warning SC2162
SC2162 read without -r will mangle backslashes
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 02:00:40 +0000 (13:00 +1100)]
ctdb-tests: Fix faking of program stack traces
The current code works in all current cases but is lazy and wrong.
Fix it to avoid breaking on code changes involving different thread
setups.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 01:55:07 +0000 (12:55 +1100)]
ctdb-tests: Improve Debian-style event script unit testing
Tests can be run by hand using different distro styles, such as:
CTDB_NFS_DISTRO_STYLE=systemd-debian \
./tests/run_tests.sh ./tests/UNIT/eventscripts/{06,60}.nfs.*
This fixes known problems for Debian styles, so the tests now pass for
the following values of CTDB_NFS_DISTRO_STYLE:
systemd-redhat
sysvinit-redhat
systemd-debian
sysvinit-debian
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 01:52:10 +0000 (12:52 +1100)]
ctdb-scripts: Parameterise /etc directory to aid testing
At the moment test results can be influenced by real system
configuration files.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 01:47:10 +0000 (12:47 +1100)]
ctdb-scripts: Set NFS services to "AUTO" if started by another service
For example, in Sys-V init "rquotad" is started by the main "nfs"
service. At the moment the call-out can't distinguish between this
case and "should never be run". Services set to "AUTO" are
hand-stopped/started via service_stop()/service_start() on failure via
restart_after.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2022 04:21:37 +0000 (14:21 +1000)]
ctdb-scripts: Refactor the manual RPC service start/stop
This logic needs improving, so factor the decision making into new
functions service_or_manual_stop() and service_or_manual_start().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 17 Mar 2022 23:41:26 +0000 (10:41 +1100)]
ctdb-scripts: Simplify and rename basic_stop() and basic_start()
Drop the argument. These now just stop/start the overall NFS service,
so rename them appropriately.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 17 Mar 2022 23:33:05 +0000 (10:33 +1100)]
ctdb-scripts: Move nfslock out of basic_stop() and basic_start()
These are only called in one place and should be done inline, since
that is less confusing.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 17 Mar 2022 23:53:45 +0000 (10:53 +1100)]
ctdb-tests: Reformat script
Samba is reformatting shell scripts using
shfmt -w -p -i 0 -fn
so update this one before editing.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Andreas Schneider [Fri, 24 Jun 2022 07:36:27 +0000 (09:36 +0200)]
s3:waf: Fix version number of public libsmbconf
Error: ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15108
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 24 09:48:38 UTC 2022 on sn-devel-184
Björn Jacke [Mon, 20 Jun 2022 19:19:36 +0000 (21:19 +0200)]
docs-xml: add missing generic nfs4 parameters in nfs4_xattr man page
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Wed Jun 22 18:57:53 UTC 2022 on sn-devel-184
Björn Jacke [Mon, 20 Jun 2022 19:17:48 +0000 (21:17 +0200)]
docs_xml: use the nfs4 parameter include file in zfsacl man page
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Mon, 20 Jun 2022 19:16:10 +0000 (21:16 +0200)]
docs_xml: use the nfs4 parameter include file in gpfs man page
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Mon, 20 Jun 2022 19:13:32 +0000 (21:13 +0200)]
docs-xml: add nfs4.xml.include documenting the generic NFS4 ACL parameters
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Ralph Boehme [Mon, 29 Nov 2021 22:09:33 +0000 (23:09 +0100)]
vfs_gpfs: use sys_fstatat() in stat_with_capability()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12421
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Bjoern Jacke <bjacke@samba.org>
Andrew Bartlett [Tue, 21 Jun 2022 07:23:26 +0000 (19:23 +1200)]
build: Ensure that SAMBA_GENERATOR() tasks fail on error
Previously the error from inside the shell was eaten.
This showed up particularly as a failure to notice errors when running xsltproc
to build the manpages.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 22 16:43:30 UTC 2022 on sn-devel-184
Andrew Bartlett [Mon, 20 Jun 2022 23:44:04 +0000 (11:44 +1200)]
docs: Show current system path for smb.conf in &smb.conf entity
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Mon, 20 Jun 2022 02:35:19 +0000 (14:35 +1200)]
docs-xml: Use &pathconfig.WINBINDD_SOCKET_DIR; to avoid reference to old /tmp/.winbindd
We can now write docs that follow how the software on this system was
built, which is much less confusing for users. Also /tmp/.winbindd
has not been used for a long time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15101
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Mon, 20 Jun 2022 02:34:05 +0000 (14:34 +1200)]
build: Allow &pathconfig XML entities to be used in all manpages, not just smb.conf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15101
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 22 Jun 2022 06:37:06 +0000 (08:37 +0200)]
lib:cmdline: Fix error handling of --client-protection=sign|encrypt|off
Best reviewed with `git show -b`
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 22 11:49:23 UTC 2022 on sn-devel-184
Andreas Schneider [Wed, 22 Jun 2022 06:34:20 +0000 (08:34 +0200)]
lib:cmdline: Fix error handling of --use-krb5-ccache=CCACHE
Best reviewed with `git show -b`
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 22 Jun 2022 06:28:40 +0000 (08:28 +0200)]
lib:cmdline: Fix error handling of --use-kerberos=desired|required|off
Best reviewed with `git show -b`
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 24 May 2022 08:17:00 +0000 (10:17 +0200)]
testprogs: Fix auth with smbclient and krb5 ccache
--use-kerberos=required will ask the user to provide a username and
password to do a kinit. The test will open a password prompt in this
case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat xattr-tdb-1/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jun 22 10:10:48 UTC 2022 on sn-devel-184
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat vfstest-catia/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat vfstest-acl/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:08 +0000 (15:34 +0200)]
s3:tests: Reformat stream-depot/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:08 +0000 (15:34 +0200)]
s3:tests: Reformat full_audit_segfault/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat wb_pad.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat test_zero_data.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat test_winbind_ignore_domains.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat test_wbinfo_sids2xids.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_wbinfo_lookuprids_cache.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_virus_scanner.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_veto_rmdir.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_valid_users.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_usernamemap.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_timestamps.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_tevent_glib_glue.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_testparm_s3.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Björn Jacke [Sat, 3 Jul 2021 22:50:57 +0000 (00:50 +0200)]
security.idl: add missing BUILTIN SIDs
see:
https://docs.microsoft.com/en-us/windows/win32/secauthz/well-known-sids
https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/active-directory-security-groups
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/security-identifiers-in-windows
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 20 18:18:15 UTC 2022 on sn-devel-184
Jeremy Allison [Sat, 18 Jun 2022 00:51:35 +0000 (17:51 -0700)]
s3: VFS: streams_xattr: Add the same accommodation to streams_xattr_unlinkat() as used in streams_xattr_renameat().
vfs_fruit passes a synthetic filename here where smb_fname->fsp==NULL
when configured to use "fruit:resource = stream" so we need to use
synthetic_pathref() to get an fsp on the smb_fname->base_name
in order to call SMB_VFS_FREMOVEXATTR().
This is the same change we already use in streams_xattr_renameat()
and streams_xattr_stat(), the other pathname operations we implement
here.
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15099
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Jun 20 14:24:20 UTC 2022 on sn-devel-184
Jeremy Allison [Sat, 18 Jun 2022 00:49:43 +0000 (17:49 -0700)]
s3: tests: Add test that shows smbd crashes using vfs_fruit with fruit:resource = stream on deleting a file.
Add knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15099
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Noel Power [Thu, 16 Jun 2022 16:17:45 +0000 (17:17 +0100)]
s3/client: fix dfs deltree, resolve dfs path
since
4cc4938a2866738aaff4dc91550bb7a5ad05d7fb do_list seems
to deal with non dfs root path, hence we need to resolve the
path before calling cli_unlink.
Also remove the knownfail
We additionally have to also remove the fallback to remove 'file3'
int the smbcacls_dfs_propagate_inherit.teardown as the deltree
that happens in the baseclass now succeeds.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 17 17:12:07 UTC 2022 on sn-devel-184
Noel Power [Fri, 17 Jun 2022 09:58:48 +0000 (10:58 +0100)]
Add test smbclient 'delree' of dir (on DFS share)
deltree of a file on a DFS share results in NT_STATUS_OBJECT_PATH_NOT_FOUND
Addionally add a knownfail for this (to be removed in subsequent patch
to fix bug)
We also need to add a knownfail (which will not be removed) for the
new test which will fail in smb1 envs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Thu, 16 Jun 2022 14:12:05 +0000 (15:12 +0100)]
s3/client: fix dfs delete, resolve dfs path
since
4cc4938a2866738aaff4dc91550bb7a5ad05d7fb do_list seems
to deal with non dfs root path, hence we need to resolve the
path before calling cli_unlink.
Also remove the knownfail
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 17 Jun 2022 09:25:49 +0000 (10:25 +0100)]
Add test smbclient 'del' of file (on DFS share)
del of a file on a DFS share results in NT_STATUS_OBJECT_PATH_NOT_FOUND
Addionally add a knownfail (will be removed in following patch to
fix the bug)
We also need to add a knownfail (which will not be removed) for the
new test which will fail in smb1 envs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 17 Jun 2022 09:15:42 +0000 (10:15 +0100)]
Add new dfs node msdfs-share pointing to new msdfs-share2
Also add another node within msdfs-share2 pointing to normal share
This patch is in preperation for creating a test for 'del' &
'deltree' on DFS shares. The extra redirection is necessary to
reproduce the bug
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Douglas Bagnall [Wed, 13 Apr 2022 23:47:57 +0000 (11:47 +1200)]
s4/torture/unix_info2: return NULL on failure
false is also NULL, but NULL is NULLer.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 17 02:18:32 UTC 2022 on sn-devel-184
Douglas Bagnall [Wed, 13 Apr 2022 00:09:08 +0000 (12:09 +1200)]
bind_dlz: some commentary for b9_format
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 13 Apr 2022 03:20:50 +0000 (15:20 +1200)]
dns/dlz: remember old timestamp for dynamic records
If we don't tell dns_common_replace() the old timestamp, it will
think the node is static because the timestamp is 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Saxl [Mon, 4 Apr 2022 13:33:45 +0000 (15:33 +0200)]
dlz_bind9: call dns_name_is_static before adding space for record
dns_name_is_static is called after adding a uninitialized element to
recs. There is a chance that the uninizialized memory reads a element
with dwTimeStamp=0 and wType!=0. In that case dns_name_is_static will
return true
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Michael Saxl <mike@mwsys.mine.bz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 16 Apr 2021 04:45:01 +0000 (16:45 +1200)]
tortures/dlz: more DNS update tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 13 Apr 2022 23:25:26 +0000 (11:25 +1200)]
torture: add torture_assertf()
Often we go 'torture_assert(tctx, expr, talloc_asprintf(tctx, "foo
%s", foo));' which is just a pain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 13 Apr 2022 23:40:43 +0000 (11:40 +1200)]
torture/bind_dlz: return the right kind of failure
torture_fail() is a macro that returns false, which evaluates to ISC_R_SUCCESS
in int context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Sat, 24 Apr 2021 04:17:46 +0000 (16:17 +1200)]
torture/dlz: minor reformatting for README.Coding
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 21 Apr 2021 04:34:50 +0000 (04:34 +0000)]
torture/dlz: reserve test_ prefix for actual tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 16 Apr 2021 06:49:36 +0000 (18:49 +1200)]
torture/dlz: putrr callback recognises more than A records
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 16 Jun 2022 05:26:08 +0000 (17:26 +1200)]
util/debug: share classname table with tests
The executables generated from lib/util/tests/test_logging.c are used
by the samba.tests.logfiles tests to test logging with various
smb.confs that assign classes to various files at different levels
etc.
Previously test_logging.c had its own version of the table; now it
shares one with debug.c
We put the table in a sub-directory (lib/util/debug-classes/), because
adding local_include=True to the wscript_build stanza causes the
compiler confusion between <time.h> and lib/util/time.h.
Note: there are still two other lists of the class names, in
python/samba/tests/logfiles.py and
docs-xml/smbdotconf/logging/loglevel.xml.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 26 May 2022 03:55:12 +0000 (15:55 +1200)]
debug: add DBG_DEV()
This can be a useful macro when you are trying to track the behaviour
of one process out of the dozens that samba starts up, and when your
interest is in following it over time, not necessarily in a single
stack.
In DEVELOPER mode, if you call 'debug_developer_enable()' in the
process you're following, then any instances of DBG_DEV() will work
like DBG_ERR(), also adding ":DEV:12345:" where "12345" is the pid of
th current process.
Within debug.c itself, the macro always writes to stderr, because the
debug.c functions are not all reentrant.
When not in DEVELOPER MODE, the macro evaluates to nothing.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 26 May 2022 03:51:25 +0000 (15:51 +1200)]
debug: drop an '#if _SAMBA_BUILD_ == 3'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 8 Jun 2022 02:48:42 +0000 (14:48 +1200)]
tests: rename logging test source
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 8 Jun 2022 02:40:36 +0000 (14:40 +1200)]
tests: adapt logging test for s3.
There is one knownfail, where it seems an smb.conf like
log file = foo
log level = 2 tdb:2@baa ldb:3
will send the ldb logs to 'baa' instead of 'foo' (i.e., the last
opened log file, rather than the default log file).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 26 May 2022 05:19:51 +0000 (17:19 +1200)]
tests: test source4 cmdline/smb.conf log level
The 'log level' line in smb.conf allows messages from different log
classes to be sent to different places, but we have not tested that
this works. Now we do, somewhat.
The test involves running a special binary based on a stripped down
source4/samba/server.c that just starts up, parses the command line
and a given smb.conf, then logs messages from multiple classes and
exits.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 3 Jun 2022 02:56:10 +0000 (14:56 +1200)]
s3/smbd: stdin fstat failure is a failure
It seems we forgot we were in main.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_symlink_traversal_smb2.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_symlink_traversal_smb1_posix.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_symlink_traversal_smb1.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_symlink_rename_smb1_posix.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_success.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:11 +0000 (15:34 +0200)]
s3:tests: Reformat test_substitutions.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>