=============================
- Release Notes for Samba 3.3.0
- January, 27 2009
+ Release Notes for Samba 3.3.2
+ March, 12 2009
=============================
-This is the first stable release of Samba 3.3.0.
+This is the latest bugfix release release of the Samba 3.3 series.
-Major enhancements in Samba 3.3.0 include:
+Major enhancements in Samba 3.3.2 include:
- General changes:
- o The passdb tdbsam version has been raised.
-
- Configuration/installation:
- o Splitting of library directory into library directory and separate
- modules directory.
- o The default value of "ldap ssl" has been changed to "start tls".
-
- File Serving:
- o Extended Cluster support.
- o New experimental VFS modules "vfs_acl_xattr" and "vfs_acl_tdb"
- to store NTFS ACLs on Samba file servers.
-
- Winbind:
- o Simplified idmap configuration.
- o New idmap backends "adex" and "hash".
- o Added new parameter "winbind reconnect delay".
- o Added support for user and group aliasing.
- o Added support for multiple domains to idmap_ad.
-
- Administrative tools:
- o The destination "all" of smbcontrol does now affect all running
- daemons including nmbd and winbindd.
- o New 'net rpc vampire keytab' and 'net rpc vampire ldif' commands.
- o The 'net' utility can now use kerberos for joining and authentication.
- o The 'wbinfo' utility can now add, modify and remove identity mapping entries.
-
- Libraries:
- o NetApi library implements various new calls for User- and Group
- Account Management.
-
-
-General changes
-===============
-
-The passdb tdbsam version has been raised as among other things the RID counter
-has been moved from the winbindd_idmap.tdb to the passdb.tdb file to make
-"passdb backend = tdbsam" working in clustered environments.
-
-Please note that an updated passdb.tdb file is _not_ compatible with Samba
-versions before 3.3.0! Please backup your passdb.tdb file if
-you use "passdb backend = tdbsam". That can be achieved by running
-
-'tdbbackup /etc/samba/passdb.tdb'
-
-before the update.
-
-
-Configure changes
-=================
-
-The configure option "--with-libdir" has been removed. The library
-directory can still be specified by using the existing "--libdir" option.
-A new option "--with-modulesdir" has been added to allow the specification
-of a separate directory for the shared modules.
-
-
-Configuration changes
-=====================
-
-The default value of "ldap ssl" has been changed to "start tls". This means,
-Samba will use the LDAPv3 StartTLS extended operation (RFC2830) for
-communicating with directory servers by default. If your directory servers
-do not support this extended operation, you will have to set
-"ldap ssl = no". Otherwise, Samba could not contact the directory servers
-anymore!
-
-
-Winbind idmap backend changes
-=============================
-
-The idmap configuration has changed with version 3.3 to something that
-allows a smoother upgrade path from pre-3.0.25 configurations that use
-"idmap backend". The reason for this change is that to many, also to Samba
-developers, the 3.0.25 style configuration with "idmap config" turned out
-to be very complex. Version 3.3 no longer deprecates the "idmap backend"
-parameter, instead with "idmap backend" the default idmap backend is
-specified.
-
-Accordingly, the "idmap config <domain> : default = yes" setting is no
-longer being looked at.
-
-The alloc backend defaults to the default backend, which should be able to
-allocate IDs. In the default distribution the tdb and ldap backends can
-allocate, the ad and rid backends can not. The idmap alloc range is now
-being set with the "old" parameters "idmap uid" and "idmap gid".
-
-The "idmap domains" parameter has been removed.
-
-
-winbind reconnect delay
-=======================
-
-This is a new parameter which specifies the number of seconds the Winbind
-daemon will wait between attempts to contact a Domain controller for a domain
-that is determined to be down or not contactable.
-
-
-Winbind's Name Aliasing
-=======================
-
-Name aliasing in Winbind is a feature that allows an administrator to
-map a fully qualified user or group name from a Windows domain to a
-convenient short name for Unix access. This is similar to the username
-map functionality supported by smbd but is primary intended for
-clients and servers making use of Winbind's PAM and NSS libraries.
-
-For example, the user "DOMAIN\fred" has been mapped to the Unix name
-"freddie".
-
- $ getent passwd "DOMAIN\fred"
- freddie:x:1000:1001:Fred Jones:/home/freddie:/bin/bash
-
- $ getent passwd freddie
- freddie:x:1000:1001:Fred Jones:/home/freddie:/bin/bash
-
-The name aliasing support is provided by individual nss_info plugins.
-For example, the new "adex" plugin reads the uid attribute from Active
-Directory to make a short login name to the fully qualified name.
-While the new "hash" module utilizes a local file to map "short_name
-= QUALIFIED\name". Both user and group name mapping is supported.
-Please refer to the "winbind nss info" option in smb.conf(5) and
-to individual plugin man pages for further details.
-
-
-idmap_hash
-==========
-
-The idmap_hash plugin provides similar support as the idmap_rid
-module. However, uids and gids are generated from the full domain
-SID using a hashing algorithm that maps the lower 19 bits from the user
-or group RID to bits 0 - 19 in the Unix id and hashes 96 bits from
-the domain SID to bits 20 - 30 in the Unix id. The result is a 31 bit
-uid or gid that is consistent across machines and provides support for
-trusted domains.
-
-Please refer to the idmap_hash(8) man page for more details.
-
-
-idmap_adex
-==========
-
-The adex idmap/nss_info plugin is an adaptation of the Likewise
-Enterprise plugin with support for OU based cells removed
-(since the Windows pieces to manage the cells are not available).
-
-This plugin supports
-
- * The RFC2307 schema for users and groups.
- * Connections to trusted domains
- * Global catalog searches
- * Cross forest trusts
- * User and group aliases
-
-Prerequisite: Add the following attributes to the Partial Attribute
-Set in global catalog:
-
- * uidNumber
- * uid
- * gidNumber
-
-A basic config using the current trunk code would look like:
-
-[global]
- idmap backend = adex
- idmap uid = 10000 - 29999
- idmap gid = 10000 - 29999
- winbind nss info = adex
-
- winbind normalize names = yes
- winbind refresh tickets = yes
- template homedir = /home/%D/%U
- template shell = /bin/bash
-
-Please refer to the idmap_adex(8) man page for more details.
+ * Fix "force group" (bug #6155).
+ * Fix saving of files on Samba share using MS Office 2007 (bug #6160).
+ * Fix guest authentication in setups with "security = share" and
+ "guest ok = yes" when Winbind is running.
+ * Fix corruptions of source path in tar mode of smbclient (bug #6161).
######################################################################
Changes
#######
-smb.conf changes
-----------------
-
- Parameter Name Description Default
- -------------- ----------- -------
- cups connection timeout New 30
- idmap config DOM:range Removed
- idmap domains Removed
- init logon delayed hosts New ""
- init logon delay New 100
- ldap ssl Changed Default start tls
- share modes Deprecated
- winbind reconnect delay New 30
-
-
-Changes since 3.3.0rc2:
------------------------
-
-
-o Jeremy Allison <jra@samba.org>
- * BUG 4308: Fix corrupting of file ACLs during Excel save operations.
- * BUG 5979: Fix level 2 oplocks being granted improperly.
- * BUG 5980: Race condition when granting level2 oplocks can cause break
- notify to be missed.
- * BUG 5986: Editing a stream is broken (rename problems).
- * BUG 5990: Strict allocate should be checked before ftruncate.
- * BUG 6009: Setting "min receivefile size = 1" breaks writes.
- * BUG 6016: Alternate Data Streams / Extended Attributes seem to conflict.
- * BUG 6017: Fix magic scripts.
- * BUG 6019: Fix file corruption in Clustered SMB/NFS environment managed via
- CTDB.
- * BUG 6021: smbclient du command does not recuse properly.
- * BUG 6024: Deprecate the "share modes" parameter.
- * BUG 6030: Add missing <th> header in Status page.
- * BUG 6035: Fix possible race between fcntl F_SETLKW and alarm delivery.
- * BUG 6040: Calling Samba print server with an aliased DNS-name fails.
- * Fix gcc 4.3.2 warnings.
- * Fix more asprintf errors and error code paths.
- * Attempt to fix crash seen with new CUPS async printcap loading code.
- * Add winbindd_reinit_after_fork(), cleaning out all possible events
- in a forked child.
- * Make winbindd_cm.c use winbindd_reinit_after_fork().
- * Fix race condition in alarm lock processing.
- * Fixes crash bug in SWAT.
-
-
-o Michael Adam <obnox@samba.org>
- * Fix build of pam_winbind.so on older Linux systems.
- * Packaging RHEL-CTDB: Fix build of [u]mount.cifs.
- * Prevent access to root filesystem when connecting with empty service name.
- * Fix distclean target and add realdistclean target in the docs build.
- * Add manpage for idmap_tdb2.
- * Clarify idmap manpages.
-
-
-o Kai Blin <kai@samba.org>
- * BUG 5953: Fix smbclient crashes.
-
-
-o Gerald (Jerry) Carter <jerry@samba.org>
- * Fix "allow trusted domain" so it disables trusted domains.
- * Return immediately on a failed GC connection in ads_connect.
-
-
-o SATOH Fumiyasu <fumiyas@osstech.jp>
- * Fix gmem->numgids and gmem->maxgids breakage on Solaris 64-bit.
- * Fix SIGBUS on non-x86 CPUs in libsmbclient.
- * Fix a compile-time warning.
-
-
-o Holger Hetterich <hhetter@novell.com>
- * Add a simple tdb integrity check to tdbtool.
-
-
-o Björn Jacke <bj@sernet.de>
- * Correct the description of the "ldap timeout" parameter.
-
-
-o Volker Lendecke <vl@samba.org>
- * BUG 5913: Fix build error with at least GCC 4.2.2.
- * BUG 5933: Fix incrementing/decrementing of num_validated_vuids.
- * BUG 5953: Make cli_send_smb_direct_writeX use writev.
- * BUG 5965: Fix creation of the first share using SWAT.
- * BUG 5969: Optimize smbclient put command.
- * BUG 6012: Add "get_real_filename" to full_audit.
- * BUG 6014: Fix segfault when calling mget without arguments.
- * Fix a spinning smbd when printing.
- * Fix a memory leak in cups_pull_comment_location.
- * Fix a valgrind error.
- * Fix a "ignoring function call result" warning.
- * Fix some C++ warnings.
- * Fix an ancient uninitialized variable read.
- * Fix a bad memleak in vfs_full_audit.
-
-
-o Derrell Lipman <derrell.lipman@unwireduniverse.com>
- * BUG 6022: Make smbc_urlencode and smbc_urldecode in libsmbclient.
- * Determine case sensitivity based on file system attributes.
-
-
-o Stefan Metzmacher <metze@samba.org>
- * net_status: Use dbwrap to open sessionid.tdb.
- * Fix dbwrap_store_uint32() to match dbwrap_store_int32().
- * Make marshalling struct samu from and to a buffer more generic.
- * Store the next rid counter in passdb.tdb instead of winbind_idmap.tdb.
- * Register the client connection via CTDB_CONTROL_TCP_ADD.
- * Don't need to call messaging_reinit() twice.
- * Raise TDBSAM_VERSION.
- * Add manpage for vfs_fileid.
- * Rename 'fd_event' to 'winbindd_fd_event' to avoid confusion.
- * Recreate the per domain check_online_event without relying on global
- state.
- * Handle the smb signing states the same in the krb5 and ntlmssp cases.
- * Re-add 'fileid:algorithm' option to vfs_fileid.
- * Fix CTDB IPv6 support in cluster setups.
- * Reinit_after_fork() should reinit the event context before the
- messaging context.
- * Fix PCAP support in socket_wrapper.
-
-
-o Lars Müller <lars@samba.org>
- * Tweak with pam defines of older Linux versions.
-
-
-o Tim Prouty <tprouty@samba.org>
- * Fix stream marshalling to return the correct streaminfo status.
- * Allow renames of streams via NTRENAME and fix stream error codes on
- rename.
- * Remove a few unnecessary checks from the streams xattr module.
- * Remove a few unnecessary checks from the streams depot module and fix to
- work with NTRENAME.
-
-
-o Andreas Schneider <anschneider@suse.de>
- * Fix a segfault if ? is there but the options are NULL.
- * Avoid flooding of syslog with failing pam_putenv messages.
-
-
-o Karolin Seeger <kseeger@samba.org>
- * BUG 6000: Avoid bashism in perfcount.init.
- * Change default value of "ldap ssl" to "start tls".
- * Update version number in the manpages.
- * Fix several small issues and typos in the manpages.
- * Check if Unix account exists before asking for the password in smbpasswd.
-
-
-o Todd Stecher <todd.stecher@gmail.com>
- * Fix memory leaks and other fixes found by Coverity.
-
-
-o Bo Yang <boyang@novell.com>
- * Clean event context after child is forked.
- * Fix broken krb5 refresh chain.
- * Set entry->refresh_time to make ccache_regain_all_now() work correctly.
- * Refresh sequence number as soon as possible.
- * Don't set child->requests to NULL in parent after fork.
- * Don't send message to any other child in child process.
- * Fix bug in get_dc_name_via_netlogon(), null pointer reference.
-
-
-"Changes since" sections of 3.3 previews and release candidates follow:
-=======================================================================
+Changes since 3.3.1:
+--------------------
-Changes since 3.3.0rc1:
-------------------------
o Jeremy Allison <jra@samba.org>
- * BUG 1254: Fix "write list" in setups using "security = share".
- * BUG 5937: Fix filenames with "*" char hiding other files.
- * BUG 5953: Fix segfaults in smbclient.
- * Fix usrmgr opening a user object as non-root.
-
-
-o Michael Adam <obnox@samba.org>
- * BUG 3661: Add support for trusted domains to idmap_ad.
- * Fix default backend handling for ad backends.
- * Fix potential segfault in vfs_tsmsm.
- * Fix several RHEL CTDB packaging issues.
-
-
-o Guenther Deschner <gd@samba.org>
- * BUG 5957: Do not abort rename process on valid rename script.
- * Fix various potential memleaks in samr_SetUserInfo.
- * Fix access bits in netapi.
-
-
-o Steve French <stevef@smf-t60p.smfdom>
- * BUG 5934: Use USER environment in mount.cifs when no user is specified.
- * variable
-
-
-o SATOH Fumiyasu <fumiyas@osstech.co.jp>
- * BUG 5688: LPQ process is orphaned if socket address parameter is invalid.
- * Vars for signals must be volatile sig_atomic_t.
-
-
-o Henning Henkel <henning.henkel@fh-furtwangen.de>
- * BUG 5929: Fix build of vfs_prealloc with option --with-cluster-support and
- GPFS.
-
+ * BUG 6082: Fix renaming and deleting of directories using Windows clients.
+ * BUG 6154: Make ZFS honor admin users.
+ * BUG 6155: Fix "force group".
+ * BUG 6160: Fix saving of files on Samba share using MS Office 2007.
+ * BUG 6161: Fix corruptions of source path in tar mode of smbclient.
+ * Fix some NetBSD warnings.
+ * Fix bug in processing of open modes in POSIX open.
+ * Fix use of streams modules with CIFSFS client.
+ * Ensure ACL modules work with POSIX paths.
+ * Use fsp->posix_open in preference if we have it.
+ * Fix more POSIX path lstat calls.
-o Tomasz Krasuski <kr0tki@poczta.onet.pl>
- * BUG 5928: Fix 'testparm --version'.
-
-o Jeff Layton <jlayton@redhat.com>
- * Allow mounts to ipv6 capable servers in mount.cifs.
-
-
-o Volker Lendecke <vl@samba.org>
- * Fix crash bug when freeing a non-malloc'ed buffer if the client sends a
- non-encrypted packet with the crypto state set.
- * Fix error code when smbclient puts a file over an existing directory.
- * Pass the get_real_filename operation through the VFS.
-
-
-o Stefan Metzmacher <metze@samba.org>
- * BUG 5749: Re-set acctflags while joining.
- * Fix several issues concerning Alternate Data Streams.
- * Fix valgrind bug lp_parm_const_string().
- * Fix setting of trust passwords using 'net rpc trustdom add'.
- * Correctly detect if the current dc is the closest one.
-
-
-o Tim Prouty <tprouty@samba.org>
- * Fix a delete on close divergence from windows.
-
-
-o Dan Sledz <dsledz@isilon.com>
- * Fix logging to syslog.
-
-
-o Yasuma Takeda <yasuma@osstech.co.jp>
- * BUG 5944: Fix starting of nmbd with "socket address" set to "".
-
-
-o Bo Yang <boyang@novell.com>
- * Fix script installmo.sh when no .po file exists.
-
-
-----------------------------------------------------
-
-Changes since 3.3.0pre2:
-------------------------
-
-o Michael Adam <obnox@samba.org>
- * Fix eventlog crash.
- * Make keytab filename argument mandatory to "net rpc vampire keytab".
- * Add domain prefix to username in lookup_groupmem().
- * Honour "winbind use default domain" in lookup_groupmem().
- * Sanely handle NULL domain in add_member().
- * Don't list the domain twice when expanding internal aliases.
- * Prevent negative GM/ cache entries due to broken connections.
- * Use the reconnect methods instead of the rpc methods directly.
-
-
-o Jeremy Allison <jra@samba.org>
- * BUG 5080: Fix access to cups-printers with cups 1.3.4.
- * BUG 5814: Fix Winbind crash bug while doing "rescan_trusted_domain".
- * BUG 5818: Sort ACEs in smbcacl output properly and honor inheritance.
- * BUG 5825: Fix account locking with an LDAP backend.
- * BUG 5826: Fix truncated filenames when accessing old servers.
- * BUG 5873: Fix ACL inheritance.
- * BUG 5889: Fix "delete veto files = no".
- * BUG 5891: Fix smbd crash when viewing the eventlog exported by "eventlog
- list".
- * BUG 5900: Fix vfs_readonly.
- * BUG 5903: Fix breaking of file contents in vfs_streams_xattr.
- * BUG 5904: Fix SIGABRT while servicing getaddrinfo() request caused by
- libnss_wins.
- * BUG 5914: Fix redefinition of struct name_list.
- * Correctly fix smbclient to terminate on eof from server.
- * Fix client timeout when searching for a large number of cups printers.
- * Unify access checks for lsa server functions.
- * Remove the requirement for ldap call made as root.
- * Cope with MAXIMUM_ALLOWED_ACCESS requests when opening handles.
- * Fix net rpc vampire, based on an *amazing* piece of debugging work by
- "Cooper S. Blake" <the_analogkid@yahoo.com>.
- * Fix memory leak in error path, spotted by Martin Zielinski <mz@seh.de>.
- * Add vfs_acl_tdb.c module to do ACLs completely in userspace.
- * Use fxattr calls whenever possible (trying to work around the strange
- Linux kernel oplock bug).
-
-
-o Kai Blin <kai@samba.org>
- * BUG 5892: Fix net rap printq info documentation.
- * Add placeholder functions to libwbclient.
-
-
-o Gerald (Jerry) Carter <jerry@samba.org>
- * Use the same prerequisite for DDNS update as Windows XP.
- * Make "lwinet ads dns register" honor the "interfaces" parameter.
+o Andrew Tridgell <tridge@samba.org>
+ * Fix a bug in message handling for the change notify code.
o Steven Danneman <steven.danneman@isilon.com>
- * Add options to manage identity mapping entries to wbinfo and Winbind.
- * Fix to allow setting of NULL DACL/SACL.
-
-
-o Guenther Deschner <gd@samba.org>
- * BUG 5888: Fix remote rpc service management.
- * Ensure consistency when reporting password complexity.
- * Fix _lsa_GetUserName.
- * Fix access check in _samr_QuerySecurity().
- * _samr_DeleteUser needs to wipe out the user_handle on success.
- * NetGroupEnum_r needs to handle servers with no groups.
- * Fix numerous netapi issues.
- * Add support for partial and delta netlogon replication in
- "net rpc vampire".
- * Add automatic machine password update in Winbind for member servers.
- * Add German internalization for pam_winbind.
- * Add Winbind krb5 locator plugin manpage.
- * Add new wbclient wbcLookupDomainControllerEx call.
- * Use autogenerated DCE/RPC routines for one more call on SVCCTL
- named pipe.
- * Use autogenerated NBT routines from Samba4 for Mailslot/CLDAP
- parsing.
- * Fix Winbind password change code for Windows 2000 DCs.
- * Fix PNP_HwProfInfo NDR parsing.
- * Add wbclient wbcLogonUser and wbcLogoffUserEx functions.
- * Add automatic home directory creation for pam_winbind.
-
+ * Fix guest authentication in setups with "security = share" and "guest ok =
+ yes" when Winbind is running.
-o Mathias Dietz <MDIETZ@de.ibm.com>
- * Search for gpfs functions in both libgpfs_gpl.so an libgpfs.so.
+o Steve French <smfrench@gmail.com>
+ * BUG 4640: Fix guest mounts in mount.cifs.
+ * Fix displaying the version string properly when no other parameters passed
+ in in mount.cifs.
-o Dina Fine <dina@exanet.com>
- * BUG 5908: Fix internal change notify on share directories.
-
-o Nils Goroll <nils.goroll@hamburg.de>
- * BUG 5135: Prevent calling POSIX ACL vfs methods on zfs share.
- * BUG 5446: Prevent calling POSIX ACL vfs methods on zfs share.
-
-
-o Jeff Layton <jlayton@redhat.com>
- * Have uppercase_string return success on NULL pointer in mount.cifs.
- * Make mount.cifs return codes match the return codes for /bin/mount.
+o Björn Jacke <bj@sernet.de>
+ * Prefer gssapi header files from subdirectory.
o Volker Lendecke <vl@samba.org>
- * BUG 5691: Fig smbd panic on Solaris.
- * BUG 5840: Fix segfault in "rpcclient lsaaddacctrights".
- * BUG 5860: safe_strcpy gives a nasty error message for overlong strings.
- * Fix the offset checks in the trans routines (CVE-2008-4314).
- * Fix a potential NULL deref in found by the IBM Checker.
- * Fix an uninitialized variable found by the IBM Checker.
- * Fix an unlikely memleak found by the IBM Checker.
- * Fix some missing error handlings.
- * Add workaround for domain joins using a netbios name which is different
- from the hostname.
- * Fix a valgrind error in idmap_ad_sids_to_unixids().
- * Make memcache_add_talloc NULL out the source pointer.
- * Fix memleak in memcache_add_talloc found by Martin Zielinski <mz@seh.de>.
- * Fix memleak in calculate_next_machine_pwd_change.
-
-
-o Jeff Layton <jlayton@redhat.com>
- * mount.cifs: use lock/unlock_mtab scheme from util-linux-ng mount prog.
-
-
-o Derrell Lipman <derrell.lipman@unwireduniverse.com>
- * BUG 5805: Don't close stdout when calling setup_logging multiple times.
+ * BUG 6124: Fix the build on IRIX.
+ * BUG 6176: winbindd -n should disable the winbind idmap cache.
+ * Add a vfs_preopen module to hide fs latencies.
+ * Don't log NDR_PRINT_DEBUG at level 0, this always ends up in syslog.
+ * Fix a valgrind error / segfault in dns_register_smbd().
o Stefan Metzmacher <metze@samba.org>
- * Return an error instead of crashing when no realm is given.
-
-
-o TAKAHASHI Motonobu <monyo@samba.gr.jp>
- * 5901: Fix default value for streams_depot location.
-
-
-o Tim Prouty <tim.prouty@isilon.com>
- * Fix several build warnings.
-
-
-o Andreas Schneider <mail@cynapses.org>
- * Delete the krb5 ccname variable from the PAM environment if set.
- * Add a function out of pam_sm_close_session to delete the credentials.
- * Fix circular dependency error with autoconf 2.6.3.
-
-
-o Davide Sfriso <sfriso@virgilio.it>
- * BUG 5906: Fix Winbind crash bug during 'getent group' on PDC.
+ * Fix build on SLES8.
+ * Decremented by 1 for ntcancel requests.
-o Dan Sledz <dsledz@isilon.com>
- * Add FreeBSD configure check for backtrace_symbols.
- * Allow SYSLOG_FACILITY to be modified with a new configure option called
- --with-syslog-facility.
-
-
-o Joe Smith <yasumoto7@gmail.com>
- * Fix typo in source/utils/net_rap.c.
-
-
-o Martin Schwenke <martin@meltin.net>
- * Prevent make errors for picky makes when $(EXTRA_ALL_TARGETS) is empty.
- * Add @CIFSUPCALL_PROGS@ to "all" target so cifs.upcall gets built at
- compile time rather than install time.
+o Tim Prouty <tprouty@samba.org>
+ * Fix creation of core files.
-o Yasuma Takeda <yasuma@osstech.co.jp>
- * BUG 5909: Fix MS-DFS links containing multibyte characters on Vista.
+o Dan Sledz <dan.sledz@isilon.com>
+ * Fix first mapping of uids/gids in Winbind.
o Bo Yang <boyang@novell.com>
- * Fix broken msgids in ntstatus_errors.
- * i18n/l10n pam_winbind
-
-
-----------------------------------------------------
-
-Changes since 3.3.0pre1:
-------------------------
-
-o Michael Adam <obnox@samba.org>
-
- * BUG 5492: Fix RHEL SPEC file by removing libmsrpc stuff.
- * BUG 5507: Fix several issues in the RHEL SPEC file.
-
-
-o Jeremy Allison <jra@samba.org>
- * BUG 5729: Explicitly allow "-valid".
- * BUG 5737: Fix winbindd crash in an unusual failure mode.
- * BUG 5751: Fix showing of ACLs on DFS in (lib)smbclient.
- * BUG 5762: Fix opening of mangled directory name (resulted
- 'is a stream name').
- * BUG 5783: Fix FindFirst where search pattern == mangled filename.
- * BUG 5790: Fix returning of STATUS_OBJECT_NAME_NOT_FOUND on set file
- disposition.
- * BUG 5797: Fix moving of readonly files.
- * Fix crashes when looking up a non-existant uid.
- * Fix getting/setting of NT ACLs on a file.
- * Add st_birthtime and friends for accurate create times on *BSD
- and MacOSX).
- * Fix the wcache_invalidate_samlogon calls.
- * Clarify usage of "force create mode".
- * Get smbd to look (read-only) into the winbindd cache for uid/gid <--> sid
- mappings.
- * Write times code update.
- * Add experimental version of VFS module acl_xattr.
- * Fix rename_open_files.
- * Make SMB traffic analyzer VFS module more efficient.
-
-
-o Gerald W. Carter <jerry@samba.org>
- * Fix segfault when calling nss_get_info() with a NULL ads structure.
- * Add support for name aliasing in Winbind.
- * Add the idmap/nss-info provider from Likewise Open.
- * Allow an admin to define the "uid" attribute for a RFC2307
- user object in AD to be the username alias.
- * Add new idmap backend "adex" to support RFC2307 enabled AD forests.
- * Add new idmap backend "hash".
-
-
-o Steven Danneman <steven.danneman@isilon.com>
- * Fix build warnings.
- * Cleanup of DC enumeration in get_dcs().
-
-
-o Guenther Deschner <gd@samba.org>
- * BUG 5710: Fix changing of machine account passwords.
- * BUG 5784: Fix pam_winbind build issue on Solaris.
- * Fix invalid sid copy (hit when enumerating sibling domains) in Winbind.
- * Fix double installation of cifs.upcall.
- * Add change-user-password command to wbinfo.
- * Fix segfault in _srvsvc_NetShareAdd.
-
-
-o James Ding <ding_cc@hotmail.com>
- * BUG 5736: Fix Winbind crash bug with trusted domains.
-
-
-o Ephi Dror <Ephi.Dror@datadomain.com>
- * Correct the netsamlogon_clear_cached_user function.
-
-
-o Holger Hetterich <hhetter@novell.com>
- * Add new VFS module to analyze SMB traffic to record write and read
- operations on the Samba server.
-
-
-o Jeff Layton <jlayton@redhat.com>
- * Fix build warnings in cifs.upcall.
-
-
-o Volker Lendecke <vl@sernet.de>
- * BUG 5707: Do proper error handling if the socket is closed.
- * BUG 5778: Don't define 'strlcat' and 'strlcpy' if it's already defined.
- * Fix Coverity IDs 587 and 589.
- * Increase the default positive idmap cache time to a week.
- * Fix calculation of useable_space for trans2 and nttrans replies.
- * Add mapping of generic bits when setting an NFSv4 ACL.
-
-
-o Stefan Metzmacher <metze@samba.org>
- * Some write time fixes.
-
-
-o Karolin Seeger <kseeger@samba.org>
- * Add new parameter "cups connection timeout".
-
-
-o Simo Sorce <idra@samba.org>
- * Fix enumeration of nested group memberships in Winbind.
- This affected only setups using "security = ads".
-
-
-o Timur <timur@FreeBSD.org>
- * Fix cut and paste error in quota code.
- * Fix display of POSIX ACLs.
- * Fix aio on FreeBSD.
-
-
-o Andrew Tridgell <tridge@samba.org>
- * Fix permissions of group_mapping.ldb (CVE-2008-3789).
- * Avoid a race condition in glibc between AIO and setresuid().
- * Add missing become root for AIO operations.
- * Fix an errno handling bug that could lead to an infinite loop.
- * Fix logic of tsmsm_sendfile().
- * Fix handling of arbitrary new PAC types.
- * Fix segfault on startup with trusted domains.
- * Fix segfault on the CTDB destructor code.
- * Fix memory leak.
- * Re-add "winbind:ignore domains".
-
-
-o Jelmer Vernooij <jelmer@samba.org>
- * Fix segfault (Debian bug #431696).
-
-
-o Qiao Yang <geoyang@ironport.com>
- * Fix a memleak.
+ * Initialize the id_map status in idmap_ldap to avoid surprise.
+ * Fix initialization of idmap status.
######################################################################
git.samba.org / obnox / samba-ctdb.git / blobdiff