Günther Deschner [Thu, 27 Nov 2008 16:29:30 +0000 (17:29 +0100)]
s3-samr: never allow to alter pwdlastset directly.
Guenther
(cherry picked from commit
d288734d862e8d35fe1cb905f8d697d3d73b42ad)
Stefan Metzmacher [Mon, 1 Dec 2008 21:35:13 +0000 (13:35 -0800)]
s3:smbd: return DELETE_PENDING on path based operations on streams, when the main file was deleted.
metze
(cherry picked from commit
7d70eac1b343641aefcbaeb6639d1b101c448cc0)
Stefan Metzmacher [Mon, 1 Dec 2008 21:31:28 +0000 (13:31 -0800)]
s3:smbd: construct the correct newname for stream renames
The Windows Explorer creates temporary streams and renames
them later via SFILEINFO_RENAME_INFO. The newname comes
in as ":Stream:$DATA".
metze
(cherry picked from commit
a92cfb4802fb42969a5e82d27d7ca4dcd966a5a3)
Stefan Metzmacher [Mon, 1 Dec 2008 21:27:08 +0000 (13:27 -0800)]
s3:smbd: wildcard characters are allowed in stream names
We only check the filename of the basefile now.
metze
(cherry picked from commit
a47e8e7438133ca3bc1f1b577ccd9d0fde8baea0)
Stefan Metzmacher [Mon, 1 Dec 2008 21:21:56 +0000 (13:21 -0800)]
s3:smbd: correctly verify stream names to pass RAW-STREAMS
metze
(cherry picked from commit
6f8e7146cd51c81963f9e2830a4ed7e37eefdf1f)
Stefan Metzmacher [Mon, 1 Dec 2008 20:59:40 +0000 (12:59 -0800)]
s3:smbd: '|' isn't allowed in windows filenames
metze
(cherry picked from commit
7435fe9d147fd495aa2dd9cc97f6fd0c1e93bddc)
Steven Danneman [Mon, 1 Dec 2008 19:12:59 +0000 (11:12 -0800)]
Set PRESENT flag when returning NULL [SD]ACL like Windows does.
This could also be handled inside each ACL VFS module, by setting the PRESENT
flag when a NULL [SD]ACL is created.
(cherry picked from commit
efaac8049e43279266b5ea35dab8a866a96205b4)
Volker Lendecke [Mon, 1 Dec 2008 16:35:19 +0000 (17:35 +0100)]
Fix a debug message, append the correct \n
(cherry picked from commit
263c1ca96bd68dced4577a2504073e1140fa26a1)
Michael Adam [Mon, 1 Dec 2008 05:17:43 +0000 (06:17 +0100)]
vfs_tsmsm: fix potential segfault (freeing uninitialized buffer)
Michael
(cherry picked from commit
87191fdbf929767dad7715acbff8a414b8091544)
Michael Adam [Mon, 1 Dec 2008 03:22:33 +0000 (04:22 +0100)]
winbindd/nss_info: remove unused variable from nss_init()
Michael
(cherry picked from commit
479537fa1d0ffff8d7489c7e96cb416d7c1554aa)
Michael Adam [Mon, 1 Dec 2008 03:22:02 +0000 (04:22 +0100)]
winbindd/nss_info: make nss_domain_list_add_domain() static
Michael
(cherry picked from commit
606e28f35538ff42e6c0845a7e9d2415a75ccaf5)
Michael Adam [Mon, 1 Dec 2008 01:01:44 +0000 (02:01 +0100)]
winbindd/nss_info: fix default backend handling for ad backends.
This fixes "winbind nss info = rfc2307" (or sfu or sfu20).
Originally, only explicitly configured domains (like "rfc2307:domain")
worked with the ad module, since the domain name was not passed
backe to the module. This is fixed by recording the first backend
listed without domain in the "winbind nss info" parameter as the
default backend, and creating new nss_domain entries (using this default
backend) on the fly as requests for domains which are not explicitly
configured are encountered.
Michael
(cherry picked from commit
348983fd92fa6ab448d490c70c0abb4f7b604b1d)
Michael Adam [Sun, 30 Nov 2008 23:56:50 +0000 (00:56 +0100)]
winbindd/nss_info: whitespace cleanup.
Remove trailing spaces and fix tab / space mixup.
Michael
(cherry picked from commit
715335caca2bbdc31c4a65ecf7c3bf602cd73781)
Michael Adam [Sun, 30 Nov 2008 22:00:19 +0000 (23:00 +0100)]
winbindd_cache: add debugging to get_nss_info_cached()
Michael
(cherry picked from commit
31531c906c336dd07b5ff217f9c1c6bedfeae40c)
Michael Adam [Sun, 30 Nov 2008 21:57:41 +0000 (22:57 +0100)]
winbindd/nss_info: add entry debug message to nss_get_info()
Michael
(cherry picked from commit
60a469ef3fff16a8585a6c62785777563f4ec587)
Michael Adam [Sun, 30 Nov 2008 21:54:42 +0000 (22:54 +0100)]
winbindd/nss_info: add debugging to nss_init()
Michael
(cherry picked from commit
9c1d9c31849585dbd33367db3e0708fda7b0b9f0)
Michael Adam [Sun, 30 Nov 2008 21:50:26 +0000 (22:50 +0100)]
winbindd/idmap_ad: add entry debug message to nss_ad_get_info()
Michael
(cherry picked from commit
8d00acb552f8f67f0b28ce7eeb8bccb0e6dcd850)
Michael Adam [Wed, 26 Nov 2008 22:09:49 +0000 (23:09 +0100)]
winbindd/idmap_ad: add support for trusted domains to idmap_ad (bug #3661)
This initial fix does at least work for explicitly configured domains.
The patch has a few disadvantages:
1. It does work only for explicitly configured domains, not with
the default backend (idmap backend = ad), since it relies on the
domain name being passed in via the idmap_domain. One workaround
for this would be to create clones of the default idmap_domain
for domains not explicitly configured.
2. It calls find_domain_from_name_noinit() from idmap_ad_cached_connection.
The problem here is that only the NetBIOS domain name (workgroup
name) is passed in via the idmap_domain struct, and the module
has to establish a connection to the domain based on that information.
find_domain_from_name_noinit() has the disadvantage that it uses the state
of the domain list at fork time (unless used from the main winbindd).
But this should be ok as long as the primary domain was reachable at
start time.
For nss_info, the situation is similar - This will only work for domains
explicitly configured in smb.conf as follows:
"winbind nss info = rfc2307:dom1 sfu:dom2 rfc2307:dom3 template:dom4"
Setting the default nss info to one of the ad backends (rfc2307, sfu, sfu20)
will fail since the domain name is not passed in with the nss_domain_entry.
Michael
(cherry picked from commit
9423214217558036c4c88d48efead41df48d2492)
Michael Adam [Wed, 26 Nov 2008 21:23:34 +0000 (22:23 +0100)]
winbindd/idmap_ad: refactor core of nss_{sfu|sfu20|rfc2307}_init to common function.
Michael
(cherry picked from commit
1ffceacbc1696bcee6a5f0dc414487b305ba2b4c)
Michael Adam [Wed, 26 Nov 2008 14:16:22 +0000 (15:16 +0100)]
winbindd/idmap_ad: rename ctx to mem_ctx in nss_ad_get_info()
in preparation to using the idmap_ad_context there
Michael
(cherry picked from commit
9c23d62f07867f4d94d822f0190c6479ffb7df24)
Michael Adam [Fri, 28 Nov 2008 09:40:42 +0000 (10:40 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_sid_to_unixid
Michael
(cherry picked from commit
ac878b8bdf15ad10eedb342cc5e71962b96f0b4b)
Michael Adam [Fri, 28 Nov 2008 09:40:01 +0000 (10:40 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_unixid_to_sid
Michael
(cherry picked from commit
18a6ad74922b9d7619c895156bc729c959ce3c84)
Michael Adam [Fri, 28 Nov 2008 09:08:46 +0000 (10:08 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_find_domain().
Michael
(cherry picked from commit
f33f2536acaef7444e5c1df7b69088535804d68d)
Michael Adam [Fri, 28 Nov 2008 09:05:19 +0000 (10:05 +0100)]
winbindd/idmap_util: unify entering debug messages and add ouput of domain
Michael
(cherry picked from commit
458d0abd07daeda2456ddf6131f04f738df4e520)
Michael Adam [Mon, 1 Dec 2008 03:17:55 +0000 (04:17 +0100)]
winbindd/nss_info: change nss_map_{to|from}_alias to take nss_domain_entry
instead of just the domain name
Michael
(cherry picked from commit
d586facf3c501bcf5d67abde28febe9299518c37)
Günther Deschner [Tue, 2 Dec 2008 11:57:02 +0000 (12:57 +0100)]
s3-net: allow to list a keytab generated using net rpc vampire.
Guenther
(cherry picked from commit
c554080dd988791ec2db37c96ff7cc709b0ee6ab)
(cherry picked from commit
5f0b7973e04013cc5e3032cb2e96f5e718fb50b5)
Bo Yang [Tue, 2 Dec 2008 00:35:26 +0000 (08:35 +0800)]
Fix script installmo.sh when no .po file exists
(cherry picked from commit
f7825e07c9674f994d7c0d571448c2927721fdaf)
Günther Deschner [Fri, 28 Nov 2008 23:12:26 +0000 (00:12 +0100)]
s3-libnetjoin: Fix bug #5749. Re-set acctflags while joining. fix from metze.
Guenther
(cherry picked from commit
bc3a277455dd4557e796ddc0bef0f52a11f889e7)
Günther Deschner [Fri, 28 Nov 2008 23:10:18 +0000 (00:10 +0100)]
s3-libnetjoin: remove unused md4_trust_password, found by metze.
Guenther
(cherry picked from commit
f479fdc29813c3452fd22c4a2780f0bc5066e664)
Günther Deschner [Fri, 28 Nov 2008 10:15:29 +0000 (11:15 +0100)]
s3-samr: add init_samr_user_info25 and init_samr_user_info26.
Guenther
(cherry picked from commit
b72a6e2e9d93be619d6cd242ccfdf8ac07715bc3)
Günther Deschner [Mon, 24 Nov 2008 17:49:37 +0000 (18:49 +0100)]
s3-samr: fix init_samr_user_info{23,24} callers.
Guenther
(cherry picked from commit
82dfb92cae1ffc52a92ea27ba96dc875ce0ae4a1)
Günther Deschner [Mon, 24 Nov 2008 15:32:18 +0000 (16:32 +0100)]
s3-build: re-run make samba3-idl.
Guenther
(cherry picked from commit
c28e83417dc67083b06fb060f5382ceb082bbdcd)
Günther Deschner [Mon, 24 Nov 2008 15:31:49 +0000 (16:31 +0100)]
samr: fix samr_UserInfo24 and samr_UserInfo26.
Guenther
(cherry picked from commit
0315308cbc724bbf54b7767b4af307217833f541)
Karolin Seeger [Thu, 27 Nov 2008 15:09:23 +0000 (16:09 +0100)]
WHATSNEW: Update changes.
Karolin
(cherry picked from commit
b22d3462b9baa3eab2224b9776bc10a0a0bf8512)
Volker Lendecke [Sat, 8 Nov 2008 16:14:06 +0000 (17:14 +0100)]
Fix the offset checks in the trans routines
This fixes a potential crash bug, a client can make us read memory we
should not read. Luckily I got the disp checks right...
Volker
(cherry picked from commit
64a1d80851da5b05e70ec6c96f6e9bd473748369)
(cherry picked from commit
f04c5650a3aeca23591ddc781c4b297caaf9bb3f)
(cherry picked from commit
5718a4761af9b77ea17b64f12f1010c99f738c96)
Kai Blin [Sun, 23 Nov 2008 16:11:09 +0000 (17:11 +0100)]
libwbclient: Implement wbcGetgrent and wbcGetgrlist
(cherry picked from commit
4bfe0e069983b1af050c2df6157b161e8ea572e9)
Kai Blin [Sun, 23 Nov 2008 15:36:01 +0000 (16:36 +0100)]
libwbclient: Implement wbcGetpwent
(cherry picked from commit
e30448bfbeaebfa5a3225dcc87244d9d0024f082)
Kai Blin [Sun, 23 Nov 2008 14:16:17 +0000 (15:16 +0100)]
libwbclient: Add placeholder function for WINBINDD_CCACHE_NTLMAUTH
(cherry picked from commit
28a92eedc8e05ebbf323ba15fadc7e9215f054fb)
Kai Blin [Sun, 23 Nov 2008 10:18:40 +0000 (11:18 +0100)]
libwbclient: Fix typo in wbcGetgrent docstring.
(cherry picked from commit
a5b6d05cc7bc2f15c7b0d06fe7d42ef07097ea0f)
Kai Blin [Sun, 23 Nov 2008 10:17:42 +0000 (11:17 +0100)]
libwbclient: Add placeholder function for WINBINDD_GETGRLST
(cherry picked from commit
bf6c372693fafb1fb79c6c06a071a07ac35c1959)
Kai Blin [Sat, 22 Nov 2008 23:57:33 +0000 (00:57 +0100)]
libwbclient: Add placeholder functions for wbcQuery[GSU]idTo[GSU]id
(cherry picked from commit
69ec02231ec6d24a126c8e1cb6b7ac7ab08e93bc)
Andreas Schneider [Wed, 26 Nov 2008 21:20:22 +0000 (13:20 -0800)]
Fix circular dependency error with autoconf 2.6.3.
Signed-off-by: Andreas Schneider <anschneider@suse.de>
(cherry picked from commit
ce8bfac470869d21e0618db903b9cee4ab283091)
Karolin Seeger [Wed, 26 Nov 2008 14:58:42 +0000 (15:58 +0100)]
WHATSNEW: Update changes.
Karolin
(cherry picked from commit
1888b07267845634e21ee9e7e220c7e1ff9e66bc)
Jeremy Allison [Tue, 25 Nov 2008 23:54:53 +0000 (15:54 -0800)]
Fix bug #5914 - Build failure: redefinition of struct name_list
Jeremy.
(cherry picked from commit
528e01f402e54f8d6c1b74a5b7647c037f456412)
Karolin Seeger [Wed, 26 Nov 2008 10:20:03 +0000 (11:20 +0100)]
WHATSNEW: Update changes and release date.
Karolin
(cherry picked from commit
b2b19535d5e5356ec7dcf97c2d550fdd01a02b27)
Günther Deschner [Tue, 25 Nov 2008 11:19:35 +0000 (12:19 +0100)]
s3-samr: fix _samr_LookupNames return code.
Guenther
(cherry picked from commit
dc7c2d63b3ce142959aa863f000fa9140de99eb0)
Günther Deschner [Fri, 21 Nov 2008 14:56:30 +0000 (15:56 +0100)]
s3-libnetjoin: fix build warning.
Guenther
(cherry picked from commit
3e529fb619384e694e01204ca305e2a13724defd)
Günther Deschner [Thu, 6 Nov 2008 12:37:03 +0000 (13:37 +0100)]
s3-libnetjoin: try to show a better error message upon invalid configuration.
Guenther
(cherry picked from commit
0e99fe1855c66e9743725d43ba92ec59f35f5b55)
Günther Deschner [Fri, 21 Nov 2008 22:28:23 +0000 (23:28 +0100)]
WHATSNEW: add more items.
Guenther
(cherry picked from commit
ffca48241731d416090215b194da5f8047303329)
Michael Adam [Mon, 24 Nov 2008 15:35:41 +0000 (16:35 +0100)]
zfsacl: "return" is not a function.
Michael
(cherry picked from commit
7518cbbad3d866253c03d4d080d0880e343499c5)
Nils Goroll [Mon, 17 Nov 2008 00:06:28 +0000 (01:06 +0100)]
zfsacl: Prevent calling POSIX ACL vfs methods on zfs share.
This is a proposed fix for Bugs #5135 and #5446.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
a9f20b4f4283904478e21a109bede26c8685b056)
Dan Sledz [Mon, 17 Nov 2008 01:40:03 +0000 (17:40 -0800)]
[PATCH] Allow SYSLOG_FACILITY to be modified with a new configure option called --with-syslog-facility
(cherry picked from commit
9e74113ecdad2df46b3a77d195e37a38c7e77d3d)
Jeremy Allison [Mon, 24 Nov 2008 23:28:53 +0000 (15:28 -0800)]
Fix bug #5873 - ACL inheritance cannot be broken. This regresses #4308, but that will have to
be fixed another way.
Jeremy.
(cherry picked from commit
fa7a8f051debefa4e061b167a6906785d90deada)
Steven Danneman [Mon, 24 Nov 2008 20:05:09 +0000 (12:05 -0800)]
Fix to allow setting of NULL DACL/SACL
This is a modification of Jeremy's
7522ef15aca2429ef57c75d8297dd8121e79c9da
commit.
If no DACL/SACL is present in the packet, the SEC_INFO field should still be
passed down as is to the VFS layer to signal the creation of a NULL DACL/SACL.
As seen in metze RAW-ACL test_nttrans_create_null_dacl(), a NULL DACL is set
regardless of the SEC_DESC_DACL_PRESENT bit being set.
(cherry picked from commit
fc064837fbf84726ad66b16ef6e1f8c67d47a1fe)
Mathias Dietz [Wed, 12 Nov 2008 13:32:45 +0000 (14:32 +0100)]
Search for gpfs functions in both libgpfs_gpl.so an libgpfs.so
As of GPFS 3.2.1 PTF8 libgpfs will be available as GPL, so we don't need the
special libgpfs_gpl lib anymore. For backwards compatibility with pre-PTF8 GPFS
installations, still look there.
(cherry picked from commit
61468186cece7370576a2d13992f9a523067e4be)
Stefan Metzmacher [Mon, 24 Nov 2008 14:07:56 +0000 (15:07 +0100)]
libads/ldap.c: return an error instead of crashing when no realm is given
The bug was triggered by "net ads info -S 127.8.7.6" (where 127.8.7.6 doesn't exist)
and "disable netbios = yes".
metze
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
e2a60d2e1fd7455f08e73f8d1c513ca240c0f0af)
Kai Blin [Sun, 23 Nov 2008 21:31:12 +0000 (22:31 +0100)]
tags: Ignore include/proto.h from tag generation
(cherry picked from commit
66d8109119d4a840584bda42b4bb98d2c7ee2417)
Michael Adam [Sat, 22 Nov 2008 00:51:41 +0000 (01:51 +0100)]
nfs4_acls: make prototype header match definition for smb_set_nt_acl_nfs4()
Add the const from nfs4_acls.c to nfs4_acls.h
This fixes my build of the zfsacl module on solaris.
Michael
(cherry picked from commit
5572b01ae515405ca0da3d2913fe30294caa3516)
Jeremy Allison [Sat, 22 Nov 2008 06:46:37 +0000 (22:46 -0800)]
Revert
f268d75f5ed1258b08c5571780ea3be6724daed4 - "Fix the logic bug that caused us to
run into kernel oplocks on an open for a stream inside a file with stream_xattr module. On
opening the base_fsp we must break existing oplocks." as it broke make test.
Jeremy
(cherry picked from commit
11c4962cf6b6e6f66f5ce5788b331d43bd743248)
Jeremy Allison [Sat, 22 Nov 2008 02:20:55 +0000 (18:20 -0800)]
Fix the logic bug that caused us to run into kernel oplocks on an open for a stream inside a file with stream_xattr module. On opening the base_fsp we must break existing oplocks.
Jeremy.
(cherry picked from commit
f268d75f5ed1258b08c5571780ea3be6724daed4)
Dan Sledz [Sat, 15 Nov 2008 02:41:17 +0000 (18:41 -0800)]
[PATCH] FreeBSD configure check for backtrace_symbols
On FreeBSD backtrace_symbols is defined in libexecinfo.so.1. Look for it
there as well.
(cherry picked from commit
a56572994ee1de318172321e301be1ec4c1b6a8f)
Jeremy Allison [Sat, 22 Nov 2008 00:03:35 +0000 (16:03 -0800)]
Use fxattr calls whenever possible (trying to work around the strange Linux kernel oplock bug).
Jeremy.
(cherry picked from commit
e8eabd9275389799f7ec9fcf62ff864aeea6312c)
Michael Adam [Fri, 21 Nov 2008 23:02:40 +0000 (00:02 +0100)]
winbindd: make all winbind rpc-methods static.
Now that the methods are no longer needed in winbindd_ads,
we can make them static again.
Michael
(cherry picked from commit
cfc77901cace0f6ce241a5873148092e4edac4de)
Michael Adam [Fri, 21 Nov 2008 01:26:50 +0000 (02:26 +0100)]
s3-winbindd_ads: use the reconnect methods instead of the rpc methods directly
Some of the ads methods just point to the rpc methods.
This makes winbindd_ads use the reconnect methods instead of
calling the rpc methods directly in order to prevent
negative cache entries for e.g. name_to_sid, when the dc
has closed the connection without sending a reset.
Michael
(cherry picked from commit
b89d75a093ef87bc7cccb8914d246c8e932f0352)
Michael Adam [Thu, 20 Nov 2008 15:57:44 +0000 (16:57 +0100)]
winbindd_ads: prevent negative GM/ cache entries due to broken connections
The ads lookup_groupmem() function calls lda_lookupsids to resolve sids
to names. This is tried only once. So in case the connection was broken,
e.g. closed by the server (without a reset packet), there will be an empty
GM/ cache entry for the requested group which will prevent proper working
of access checks among other checks for the expiry period.
This patch works around this problem by retrying once if the lsa_lookupsids
call fails, re-establishing the dc-connection, as we already do in many other
places (e.g. the winbindd retry methods for the rpc layer).
Michael
(cherry picked from commit
c833b19b0c3e746b53e6731988cd8bb6aca927f5)
Michael Adam [Sun, 21 Sep 2008 00:07:43 +0000 (02:07 +0200)]
winbindd_group: don't list the domain twice when expanding internal aliases
Before this, "getent group builtin\\administrators" expanded
domain group members in the form DOMAIN\domain\user.
Michael
(cherry picked from commit
7204116c9edcd98ea20cbc5f29e5f25737f78a41)
Michael Adam [Sun, 21 Sep 2008 00:06:44 +0000 (02:06 +0200)]
winbindd_group: sanely handle NULL domain in add_member().
Michael
(cherry picked from commit
3c286b1e7a1dbf68f57eca9d60e1c1bd49a4091c)
Michael Adam [Mon, 22 Sep 2008 08:39:37 +0000 (10:39 +0200)]
winbindd_ads: honour "winbind use default domain" in lookup_groupmem().
This fixes the output of "getent group" when "winbind use default domain = yes"
with security = ads.
Michael
(cherry picked from commit
39e04a65056d3c82ede8c283918e4dc505875b63)
Michael Adam [Sat, 20 Sep 2008 23:20:32 +0000 (01:20 +0200)]
winbindd_rpc: add domain prefix to username in lookup_groupmem().
This makes the output of "getent group" of a domain group show the
domain prefix with "security = domain".
Michael
(cherry picked from commit
a2667f18957233bee80dd5214e20f3f031f0a354)
Michael Adam [Mon, 22 Sep 2008 08:37:11 +0000 (10:37 +0200)]
winbindd_util: add fill_domain_username_talloc().
A talloc version of fill_domain_username().
Michael
(cherry picked from commit
54890450e23da8642e3b4c8224e04a7af5d98d15)
Michael Adam [Mon, 22 Sep 2008 08:36:32 +0000 (10:36 +0200)]
winbindd_util: add prototype for fill_domain_username_talloc().
A talloc version of fill_domain_username().
Michael
(cherry picked from commit
83cb69c6ad02e607f0ca90848f72ae2f1c3a67c7)
Michael Adam [Mon, 22 Sep 2008 12:51:51 +0000 (14:51 +0200)]
winbindd: fix a comment typo
Michael
(cherry picked from commit
cb5b2410d4ae16aa9afa022c3b60cfb8d46d25e9)
Jeremy Allison [Fri, 21 Nov 2008 20:53:53 +0000 (12:53 -0800)]
Second part of the fix for bug #5903 - vfs_streams_xattr breaks contents of the file
Jeremy.
(cherry picked from commit
019dcf49572404b1cb3c12aca4e7eaa052aeeedd)
Jeremy Allison [Fri, 21 Nov 2008 19:09:02 +0000 (11:09 -0800)]
Ensure we always reply in reply_printopen().
Jeremy.
(cherry picked from commit
e0744713f2959446c918f817f0c602ba370eed77)
Jeremy Allison [Fri, 21 Nov 2008 18:57:20 +0000 (10:57 -0800)]
First part of fix for bug #5903 - vfs_streams_xattr breaks contents of the file.
Restructures parts of open code so that fsp must be allocated before calling
open_file_ntcreate(_internal). Also fix up file ref-counting inside files.c.
Jeremy.
(cherry picked from commit
b2626032626dcccd660c047f91130e81e380ae17)
Günther Deschner [Fri, 21 Nov 2008 16:33:22 +0000 (17:33 +0100)]
krb5_locator: use wbcLookupDomainControllerEx() for query.
Guenther
(cherry picked from commit
b63b4028ed8823626a956bb437e275a1b1432483)
Günther Deschner [Sat, 27 Sep 2008 01:09:07 +0000 (03:09 +0200)]
s3-winbindd: use new, richer structures in WINBINDD_DSGETDCNAME implementation.
Guenther
(cherry picked from commit
df554493c74ea611bfc5d890a4c2eca6eb3106d1)
Günther Deschner [Wed, 12 Nov 2008 13:27:51 +0000 (14:27 +0100)]
pam_winbind: fix some invalid blob handling.
Guenther
(cherry picked from commit
f84fe8b0025850b31560f149ebaa27cf5a504694)
Andreas Schneider [Fri, 21 Nov 2008 10:39:01 +0000 (11:39 +0100)]
Create a function out of pam_sm_close_session to delete the credentials.
This is the way the creds should be deleted. Now we have back a
close_session function which can be used for other things.
(cherry picked from commit
e451daf4c2e1a6de6c109e88243b535d7e15cb35)
Andreas Schneider [Mon, 20 Oct 2008 12:54:11 +0000 (14:54 +0200)]
Delete the krb5 ccname variable from the PAM environment if set.
If winbind sets the KRB5CCNAME variable it should unset it when
the cache gets destroyed.
(cherry picked from commit
b656b672a3216829f3488734b058dd9f86409e5b)
Günther Deschner [Fri, 21 Nov 2008 10:34:52 +0000 (11:34 +0100)]
Set the right return value if wbc_status is set to an error.
Guenther
(cherry picked from commit
458a65b409f25f913a8122b320b38d1669137f06)
Günther Deschner [Thu, 14 Aug 2008 12:41:50 +0000 (14:41 +0200)]
pam_winbind: document mkhomedir option.
Guenther
(cherry picked from commit
69109cd0b896ce7dfbe04b713367c8f1c933dc98)
Günther Deschner [Fri, 21 Nov 2008 10:33:52 +0000 (11:33 +0100)]
pam_winbind: re-add mkhomedir option.
Guenther
(cherry picked from commit
6a2d15f1de9fb7b93a31129139dea667303393db)
Günther Deschner [Fri, 29 Aug 2008 14:12:04 +0000 (16:12 +0200)]
pam_winbind: remove unused pam_winbind_request().
Guenther
(cherry picked from commit
e878e876b5ebc46536d83995c5bccd11c8f23b82)
Günther Deschner [Tue, 19 Aug 2008 12:52:24 +0000 (14:52 +0200)]
pam_winbind: fix wbc_auth_error_to_pam_error().
Guenther
(cherry picked from commit
4e8e29174146e324ae0fb5af6799b256d49e05ab)
Günther Deschner [Mon, 25 Aug 2008 12:35:42 +0000 (14:35 +0200)]
pam_winbind: remove some unused macros.
Guenther
(cherry picked from commit
47a32ce25b29e189ce424f860bb4f624e6f39147)
Günther Deschner [Tue, 19 Aug 2008 12:48:23 +0000 (14:48 +0200)]
pam_winbind: use wbclient equivalents for ACB_PWNOEXP and some NETLOGON flags.
Guenther
(cherry picked from commit
69fd76d15bb8acdb1cc452ab68e1c4e65adbedcb)
Günther Deschner [Tue, 19 Aug 2008 09:07:59 +0000 (11:07 +0200)]
pam_winbind: use libwbclient for WINBINDD_PAM_AUTH.
Guenther
(cherry picked from commit
26ca8d5504f1ef56355eb5ece88b1ac728869737)
Günther Deschner [Fri, 21 Nov 2008 10:31:01 +0000 (11:31 +0100)]
pam_winbind: use libwbclient for WINBINDD_PAM_LOGOFF.
Guenther
(cherry picked from commit
18f1585539bb306101f3471103a2936c2dfd0aa3)
Günther Deschner [Fri, 21 Nov 2008 10:22:07 +0000 (11:22 +0100)]
pam_winbind: use libwbclient for WINBINDD_PAM_CHAUTHTOK.
Guenther
(cherry picked from commit
a820f7c960c12f924c60fb9978543106e286e27f)
Günther Deschner [Thu, 14 Aug 2008 21:33:12 +0000 (23:33 +0200)]
pam_winbind: use libwbclient for WINBINDD_LOOKUPNAME/LOOKUPSID.
Guenther
(cherry picked from commit
252715060fca9fd75b899a6df3ff65b67aad4ec8)
Günther Deschner [Thu, 14 Aug 2008 16:17:00 +0000 (18:17 +0200)]
pam_winbind: use libwbclient for WINBINDD_INFO.
Guenther
(cherry picked from commit
9c11f1a9d174d800696640671894e7071292444f)
Günther Deschner [Thu, 14 Aug 2008 16:15:29 +0000 (18:15 +0200)]
pam_winbind: use libwbclient for WINBINDD_GETPWNAM.
Guenther
(cherry picked from commit
d1821ad64960308bae9ad34ab53f565be4f5c967)
Günther Deschner [Tue, 19 Aug 2008 11:36:39 +0000 (13:36 +0200)]
pam_winbind: add _pam_check_remark_auth_err().
Guenther
(cherry picked from commit
1bf5777bf2f45c44e2e53617a01ebbffc05c330e)
Günther Deschner [Tue, 19 Aug 2008 08:59:18 +0000 (10:59 +0200)]
pam_winbind: add wbc_auth_error_to_pam_error().
Guenther
(cherry picked from commit
6e0f91ad93e75f0f00f157c1e8eaab5b4f0f54f3)
Günther Deschner [Fri, 15 Aug 2008 01:13:18 +0000 (03:13 +0200)]
pam_winbind: add wbc_error_to_pam_error().
Guenther
(cherry picked from commit
b779820cabf0e2885526a72cae62e775588a6bab)
Günther Deschner [Fri, 21 Nov 2008 10:16:11 +0000 (11:16 +0100)]
pam_winbind: prepare to use libwbclient inside pam_winbind.
Guenther
(cherry picked from commit
3b93b9d65b0cb057887e8d286fc6c3bb06e1e7d1)
Günther Deschner [Fri, 21 Nov 2008 10:13:42 +0000 (11:13 +0100)]
pam_winbind: convert to use talloc.
Guenther
(cherry picked from commit
76be70a7190327f1bcd2ea240591a139830d580f)
Volker Lendecke [Sat, 23 Aug 2008 11:12:36 +0000 (13:12 +0200)]
Use talloc_stackframe() in machine_password_change_handler (This used to be commit
79103000b13c95325534db749a0da638a3eb1807)
(cherry picked from commit
72a2b9615025c249c7cf1376ebeeb6a29537504f)
Volker Lendecke [Sat, 23 Aug 2008 11:12:05 +0000 (13:12 +0200)]
Fix a memleak in calculate_next_machine_pwd_change (This used to be commit
5314f06dcdf14ce5e038a03a3e4dfded227bd00c)
(cherry picked from commit
fa20fa5d243ee640f5d564525358c1f5ba2df3a7)