Günther Deschner [Tue, 15 Nov 2011 18:01:45 +0000 (19:01 +0100)]
s3-smbldap: remove duplicate prototype of smbldap_init().
Guenther
Günther Deschner [Tue, 15 Nov 2011 16:53:25 +0000 (17:53 +0100)]
s3-net: use better state variable name for smbldap_state.
Guenther
Günther Deschner [Mon, 17 Oct 2011 16:03:31 +0000 (18:03 +0200)]
s3-passdb: split out passdb/pdb_ldap_schema.c
Guenther
Günther Deschner [Mon, 17 Oct 2011 16:00:01 +0000 (18:00 +0200)]
s3: move smbldap_util to pdb_ldap_util.
Guenther
Günther Deschner [Mon, 17 Oct 2011 15:17:18 +0000 (17:17 +0200)]
s3-smbldap: use include/smb_ldap.h in smbldap.h
Guenther
Stefan Metzmacher [Tue, 15 Nov 2011 20:50:54 +0000 (21:50 +0100)]
lib/util/debug: with log level = 10 we should be more verbose
log level = 10 already impacts performance, so we can turn on
more details and print the pid, [e][u|g]id and class information.
So it implies "debug pid = yes", "debug uid = yes" and "debug class = yes".
This generates a lot more useful log files.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Nov 16 12:25:02 CET 2011 on sn-devel-104
Amitay Isaacs [Wed, 16 Nov 2011 00:18:18 +0000 (11:18 +1100)]
provision: Set the security descriptor while creating partitions
With Matthieu's patch, the setting of security descriptor on
partition dn at create time works correctly.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Wed Nov 16 08:54:25 CET 2011 on sn-devel-104
Matthieu Patou [Tue, 15 Nov 2011 23:56:28 +0000 (00:56 +0100)]
s4-dsdb: rework the NC detection for the descriptor calculation
This checks if instanceType attribute is available, and if
INSTANCE_TYPE_IS_NC_HEAD bit is set. If the bit is set, then
the DN is NC root and security descriptor is not inherited
from parent SD.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Tue, 15 Nov 2011 23:17:50 +0000 (10:17 +1100)]
s3-s4-upgrade: do not add description if it is empty string or none
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Wed Nov 16 05:53:41 CET 2011 on sn-devel-104
Jeremy Allison [Wed, 16 Nov 2011 01:29:59 +0000 (17:29 -0800)]
Final part of patchset to fix bug #8556 - ACL permissions ignored when SMBsetatr is requested.
This now plumbs access checks through all setattr calls.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 16 04:20:04 CET 2011 on sn-devel-104
Jeremy Allison [Wed, 16 Nov 2011 01:41:48 +0000 (17:41 -0800)]
Remove the check for FILE_WRITE_ATTRIBUTES from smb_set_file_time(). It
is called from places like fileio.c that need to update the write time
on a file handle only open for write, without neccessarily having
FILE_WRITE_ATTRIBUTES permission. Move all checks to before the
smb_set_file_time() callers.
Jeremy Allison [Wed, 16 Nov 2011 00:49:42 +0000 (16:49 -0800)]
Always set the attribute first, before the time.
Jeremy Allison [Wed, 16 Nov 2011 00:22:09 +0000 (16:22 -0800)]
Move handle-based access check into handle codepath.
Jeremy Allison [Wed, 16 Nov 2011 00:20:44 +0000 (16:20 -0800)]
We've already checked fsp must be non-null here.
Jeremy Allison [Wed, 16 Nov 2011 00:16:54 +0000 (16:16 -0800)]
Remove unneeded access check. This is done inside smb_set_file_time().
Jeremy Allison [Wed, 16 Nov 2011 00:14:47 +0000 (16:14 -0800)]
Remove unneeded access check. This is done inside smb_set_file_size().
Jeremy Allison [Wed, 16 Nov 2011 00:14:16 +0000 (16:14 -0800)]
Move handle based access check into handle code path.
Stefan Metzmacher [Tue, 15 Nov 2011 13:32:35 +0000 (14:32 +0100)]
HEIMDAL:lib/krb5: add utf8 support to build_logon_name() for the PAC
Pair-Programmed-With: Arvid Requate <requate@univention.de>
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Nov 16 02:00:12 CET 2011 on sn-devel-104
Stefan Metzmacher [Tue, 15 Nov 2011 13:38:38 +0000 (14:38 +0100)]
HEIMDAL:lib/wind: export wind_ucs2write()
Pair-Programmed-With: Arvid Requate <requate@univention.de>
metze
Stefan Metzmacher [Tue, 15 Nov 2011 14:57:40 +0000 (15:57 +0100)]
HEIMDAL:lib/winbd: fix wind_ucs2write with WIND_RW_LE
Pair-Programmed-With: Arvid Requate <requate@univention.de>
metze
Stefan Metzmacher [Tue, 15 Nov 2011 14:57:10 +0000 (15:57 +0100)]
HEIMDAL:lib/wind: fix wind_ucs4utf8() and wind_ucs2utf8()
Pair-Programmed-With: Arvid Requate <requate@univention.de>
metze
Jeremy Allison [Tue, 15 Nov 2011 21:27:14 +0000 (13:27 -0800)]
Fix bug #8561 - Password change settings not fully observed.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 16 00:22:41 CET 2011 on sn-devel-104
Jeremy Allison [Tue, 15 Nov 2011 19:27:56 +0000 (11:27 -0800)]
Ensure we correctly calculate reply credits over all returned
SMB2 replies, and do as Windows does and return the total in the
last SMB2 reply. Fixes an issue found by Christian M Ambach <christian.ambach@de.ibm.com>
(and thanks to Christian for the initial patch this was based on).
Jeremy Allison [Tue, 15 Nov 2011 19:27:42 +0000 (11:27 -0800)]
Remove unneeded NULL check.
Matthias Dieter Wallnöfer [Thu, 20 Oct 2011 20:00:15 +0000 (22:00 +0200)]
s4:partition LDB module - fix handling regarding special DNs on searches
Normally they should always be passed to the main backend unless
something different has been specified.
Reviewed-by: abartlet
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Nov 15 22:43:06 CET 2011 on sn-devel-104
Matthias Dieter Wallnöfer [Sun, 13 Nov 2011 20:33:09 +0000 (21:33 +0100)]
s4:torture/rpc/samr.c - use "NULL" instead of "0" when initialising pointers
Matthias Dieter Wallnöfer [Sun, 13 Nov 2011 20:13:59 +0000 (21:13 +0100)]
s4:join.py - fix typo
Björn Jacke [Tue, 15 Nov 2011 18:12:02 +0000 (19:12 +0100)]
s3: allow to set TCP_NODELAYACK socket option on AIX
this is the AIX way to disable delayed ACKs, the same like TCP_QUICKACK on
Linux
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Nov 15 21:00:07 CET 2011 on sn-devel-104
Stefan Metzmacher [Mon, 14 Nov 2011 08:54:05 +0000 (09:54 +0100)]
s3:smbd/aio: handle_aio_completed() should do nothing if aio_ex->fsp is NULL
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Nov 15 18:47:55 CET 2011 on sn-devel-104
Stefan Metzmacher [Mon, 14 Nov 2011 08:53:25 +0000 (09:53 +0100)]
s3:smbd/aio: pass ECANCELED to the smb2 aio handlers
metze
Stefan Metzmacher [Mon, 14 Nov 2011 08:33:22 +0000 (09:33 +0100)]
s3:smb2_read: make it possible to cancel aio reads
metze
Stefan Metzmacher [Mon, 14 Nov 2011 08:33:22 +0000 (09:33 +0100)]
s3:smb2_write: make it possible to cancel aio writes
metze
Stefan Metzmacher [Mon, 14 Nov 2011 08:52:47 +0000 (09:52 +0100)]
s3:smbd/aio: add cancel_smb2_aio()
metze
Stefan Metzmacher [Mon, 14 Nov 2011 14:29:37 +0000 (15:29 +0100)]
s3:smb2_ioctl: STATUS_PENDING is defered by 1 millisecond for SMB2_IOCTL
metze
Stefan Metzmacher [Mon, 14 Nov 2011 14:50:47 +0000 (15:50 +0100)]
s3:smb2_create: defer STATUS_PENDING for 2 seconds as before
metze
Stefan Metzmacher [Mon, 14 Nov 2011 14:42:55 +0000 (15:42 +0100)]
s3:smb2_server: pass explicit defer_times to smbd_smb2_request_pending_queue()
metze
Stefan Metzmacher [Wed, 9 Nov 2011 10:47:33 +0000 (11:47 +0100)]
s3:smb2_server: always send STATUS_PENDING responses, but delayed by 0.5 milliseconds
In future we'll pass the delay from the caller.
metze
Andreas Schneider [Mon, 14 Nov 2011 09:01:31 +0000 (10:01 +0100)]
s3-winbind: Don't fail on users without a uid.
This fixes bug #8608.
If you join samba with idmap_ad backend to an AD. When you try to
enumerate users with 'getent passwd' and the user doesn't have a uid
set, then getent is aborted cause of NT_STATUS_NONE_MAPPED. If we can't
map a user we should not stop but continue enumerating users.
This normally happens with the default user 'krbtgt' with idmap_ad but
could also happen with other backends.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Nov 15 16:52:04 CET 2011 on sn-devel-104
Andreas Schneider [Wed, 9 Nov 2011 19:48:23 +0000 (20:48 +0100)]
s3-winbind: Make sure the map is clean.
Andreas Schneider [Mon, 14 Nov 2011 09:01:03 +0000 (10:01 +0100)]
s3-winbind: Increase the negative cache entry timout.
The timout for the cache entry of a negative connection should be the
double of a connect timeout (which is 30 seconds).
Stefan Metzmacher [Fri, 11 Nov 2011 15:55:37 +0000 (16:55 +0100)]
s4:dsdb/schema_data: reject schema update unless they're allowed
"dsdb:schema update allowed = yes" is now needed in smb.conf
to enable schema updates, as schema updates are a currenty a good
way to prevent samba from startup again, because of errors in
the schema definition.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Nov 15 13:00:07 CET 2011 on sn-devel-104
Stefan Metzmacher [Sat, 12 Nov 2011 10:03:05 +0000 (11:03 +0100)]
selftest/Samba4: allow schema updates
metze
Stefan Metzmacher [Fri, 11 Nov 2011 11:12:17 +0000 (12:12 +0100)]
s4:dsdb/schema: add "dsdb:schema update allowed" option to enable schema updates
By default schema updates are not allowed anymore, as we don't have
complete validation code to prevent database corruption.
metze
Stefan Metzmacher [Fri, 11 Nov 2011 15:43:18 +0000 (16:43 +0100)]
s4:dsdb/schema_data: reject changes to schemaInfo, msDs-Schema-Extensions, msDS-IntId
As windows we return CONSTRAINT_VIOLATION now.
metze
Stefan Metzmacher [Fri, 11 Nov 2011 14:54:11 +0000 (15:54 +0100)]
s4:dsdb/schema_data: make sure we reject schema changes if we're not the schema master
metze
Stefan Metzmacher [Fri, 11 Nov 2011 13:51:32 +0000 (14:51 +0100)]
s4:dsdb/schema_data: make sure we only allow objects one level below the schema base
The objectclass module should also check for this, but make sure
we also reject it on things like provision.
metze
Stefan Metzmacher [Mon, 14 Nov 2011 08:16:58 +0000 (09:16 +0100)]
s4:libnet_vampire: setup base_dn on the self_made_schema
metze
Stefan Metzmacher [Mon, 14 Nov 2011 07:54:18 +0000 (08:54 +0100)]
s4:libnet_vampire: use dsdb_modify(..., DSDB_FLAG_AS_SYSTEM) to store prefixMap
metze
Stefan Metzmacher [Mon, 14 Nov 2011 07:52:51 +0000 (08:52 +0100)]
s4:param/provision: pass schema_dn to provision_get_schema()
metze
Stefan Metzmacher [Fri, 11 Nov 2011 15:35:59 +0000 (16:35 +0100)]
s4:dsdb/schema: pass and remember the schema_dn in dsdb_set_schema_from_ldif()
metze
Stefan Metzmacher [Fri, 11 Nov 2011 15:34:48 +0000 (16:34 +0100)]
s4:dsdb/pydsdb: pass down schema_dn to _dsdb_set_schema_from_ldif()
metze
Stefan Metzmacher [Fri, 11 Nov 2011 15:32:05 +0000 (16:32 +0100)]
s4:python/samba/schema: pass down the schema_dn to set_from_ldif()
metze
Stefan Metzmacher [Fri, 11 Nov 2011 14:56:01 +0000 (15:56 +0100)]
s4:dsdb/samldb: use DSDB_FLAG_AS_SYSTEM in samldb_schema_info_update()
We should only be able to update the schemaInfo internaly.
metze
Stefan Metzmacher [Tue, 15 Nov 2011 08:45:46 +0000 (09:45 +0100)]
s4:libnet: initialize forest structure in py_net_replicate_init()
metze
Giampaolo Lauria [Mon, 14 Nov 2011 22:54:29 +0000 (17:54 -0500)]
samba-tool: Don't set UF_PASSWD_NOTREQD flag on "user disable"
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue Nov 15 02:51:16 CET 2011 on sn-devel-104
Giampaolo Lauria [Fri, 11 Nov 2011 15:37:39 +0000 (10:37 -0500)]
samba-tool: Remove "domain machinepassword" command
As per Andrew Bartlett's comment:
"we should remove it. This was originally a script to support some
interactions between samba3 and samba4, when they were in distinct build
systems. We now can call between the two systems without difficulty at
runtime, so this command has no value."
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Günther Deschner [Mon, 14 Nov 2011 17:23:01 +0000 (18:23 +0100)]
s4-smbtorture: add spoolss_OpenPrinterEx ndr test with full devmode.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Nov 14 20:21:48 CET 2011 on sn-devel-104
Günther Deschner [Mon, 14 Nov 2011 15:29:57 +0000 (16:29 +0100)]
s3-modules: remove the last "init_module" traces.
Guenther
Jelmer Vernooij [Mon, 14 Nov 2011 13:55:49 +0000 (14:55 +0100)]
Fix default value for subunitrun --list.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Nov 14 17:27:03 CET 2011 on sn-devel-104
Jelmer Vernooij [Mon, 14 Nov 2011 12:47:50 +0000 (13:47 +0100)]
selftesthelpers: Revert perl changes, add comment on why the original code was necessary.
Jelmer Vernooij [Mon, 14 Nov 2011 12:10:11 +0000 (13:10 +0100)]
s4-tests: Use plansmbtorturesuite where possible.
Jelmer Vernooij [Mon, 14 Nov 2011 00:54:43 +0000 (01:54 +0100)]
s4-tests: Remove unnecessary py suffix.
Jelmer Vernooij [Mon, 14 Nov 2011 00:54:26 +0000 (01:54 +0100)]
s4-tests: Allow listing tests run for iconv.
Jelmer Vernooij [Mon, 14 Nov 2011 00:13:36 +0000 (01:13 +0100)]
subunitrun: Don't load smb.conf when just listing tests.
Jelmer Vernooij [Sun, 13 Nov 2011 21:33:41 +0000 (22:33 +0100)]
Remove broken code - these lines use undefined symbols.
Jelmer Vernooij [Sun, 13 Nov 2011 21:15:49 +0000 (22:15 +0100)]
waf: Fix uselib_store for system libsubunit.
Jelmer Vernooij [Sun, 13 Nov 2011 20:51:53 +0000 (21:51 +0100)]
selftesthelpers: Cope with empty binary mappings list, simplify handling of perl.
Stefan Metzmacher [Mon, 14 Nov 2011 09:51:56 +0000 (10:51 +0100)]
s4:selftest: samba4.urgent_replication.python needs to run as "dc:local"
As it uses local files on the dc.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Nov 14 15:48:33 CET 2011 on sn-devel-104
Stefan Metzmacher [Mon, 14 Nov 2011 13:10:17 +0000 (14:10 +0100)]
selftest/selftesthelpers.py: construct a fullname with env in plantestsuite_idlist()
Like we already do for plantestsuite_loadlist()
metze
Stefan Metzmacher [Mon, 14 Nov 2011 11:21:38 +0000 (12:21 +0100)]
selftest: planpythontestsuite() should fill 'name' is it's None
Otherwise make test shows tests with name "None".
metze
Stefan Metzmacher [Thu, 10 Nov 2011 11:20:20 +0000 (12:20 +0100)]
s3:smb2_flush: outbody only needs 4 bytes
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Nov 14 10:01:30 CET 2011 on sn-devel-104
Jelmer Vernooij [Sun, 13 Nov 2011 20:40:12 +0000 (21:40 +0100)]
Move testr configuration to root.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 13 23:19:27 CET 2011 on sn-devel-104
Jelmer Vernooij [Sun, 13 Nov 2011 17:01:09 +0000 (18:01 +0100)]
waf: Factor checking for undefined symbol flags out into separate method.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 13 19:38:38 CET 2011 on sn-devel-104
Jelmer Vernooij [Sun, 13 Nov 2011 16:50:52 +0000 (17:50 +0100)]
waf: Simplify handling of python modules.
Jelmer Vernooij [Sun, 13 Nov 2011 16:29:10 +0000 (17:29 +0100)]
Jelmer Vernooij [Sun, 13 Nov 2011 16:20:57 +0000 (17:20 +0100)]
pytdb: Shorter description which fits on a single line.
Jelmer Vernooij [Sun, 13 Nov 2011 16:18:10 +0000 (17:18 +0100)]
testtools: Import new upstream snapshot.
Jelmer Vernooij [Sun, 13 Nov 2011 16:17:54 +0000 (17:17 +0100)]
subunit: Import new upstream snapshot.
Jelmer Vernooij [Sat, 12 Nov 2011 19:24:35 +0000 (20:24 +0100)]
wafsamba: Support allow_undefined_symbols in SAMBA_SUBSYSTEM.
Jelmer Vernooij [Sat, 12 Nov 2011 15:56:01 +0000 (16:56 +0100)]
wafsambaa: Support libraries that don't have the same name as their pkg-config file.
Jelmer Vernooij [Sat, 12 Nov 2011 15:36:39 +0000 (16:36 +0100)]
ldb: Only check for pkg-config file when checking for system ldb.
Jelmer Vernooij [Sat, 12 Nov 2011 15:36:28 +0000 (16:36 +0100)]
tevent: Only check for pkg-config file when checking for system tevent.
Jelmer Vernooij [Sat, 12 Nov 2011 15:36:18 +0000 (16:36 +0100)]
tdb: Only check for pkg-config file when checking for system tdb.
Jelmer Vernooij [Sat, 12 Nov 2011 15:36:07 +0000 (16:36 +0100)]
talloc: Only check for pkg-config file when checking for system talloc.
Jelmer Vernooij [Sat, 12 Nov 2011 15:35:48 +0000 (16:35 +0100)]
subunit: Only check for pkg-config file and use proper pkg-config file name.
Jelmer Vernooij [Sat, 12 Nov 2011 15:35:11 +0000 (16:35 +0100)]
wafsamba: add CHECK_BUNDLED_SYSTEM_PKG function.
Jelmer Vernooij [Sat, 12 Nov 2011 15:14:33 +0000 (16:14 +0100)]
tevent: Only build pytevent if the system doesn't provide it.
Jelmer Vernooij [Sat, 12 Nov 2011 14:51:16 +0000 (15:51 +0100)]
ldb: Use pyembed rather than pyext for ldb-util library.
Jelmer Vernooij [Sat, 12 Nov 2011 14:50:54 +0000 (15:50 +0100)]
tevent: remove unnecessary enablement.
Jelmer Vernooij [Sat, 12 Nov 2011 14:38:45 +0000 (15:38 +0100)]
pytalloc-util: Don't mark as python extension, use pyembed instead.
Jelmer Vernooij [Sat, 12 Nov 2011 04:20:10 +0000 (05:20 +0100)]
waf: Don't link python modules against libpython2.x, consistent with other Python modules.
Rather, rely just on waf's pyext feature. This fixes a warning from dh_python2.
Jelmer Vernooij [Fri, 11 Nov 2011 17:32:55 +0000 (18:32 +0100)]
upgrade: use logger.warning.
Matthieu Patou [Sun, 13 Nov 2011 13:09:24 +0000 (14:09 +0100)]
samba-tool: allow dbcheck to correct the originating_change_time of the deleted object container
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sun Nov 13 15:47:53 CET 2011 on sn-devel-104
Matthieu Patou [Sun, 13 Nov 2011 13:08:32 +0000 (14:08 +0100)]
s4-dsdb: initialize correctly the value of originating_change_time for the Deleted Object Container
Matthieu Patou [Wed, 5 Oct 2011 14:23:37 +0000 (16:23 +0200)]
s4-drs: check if we have a domain level >= 2k8r2 as before the isRecycled do not exists and so is always False
Having a false value cause the link on removed attribute to be always
returned which is what we try to avoid.
Matthieu Patou [Sun, 13 Nov 2011 12:15:47 +0000 (13:15 +0100)]
samba-tool: dbcheck avoid problems with deleted objects
We have to search for deleted objects as well as the previous search
might have been done with the show_deleted control. If not samba-tool
fails with no such DN error while fetching the object.
Matthieu Patou [Fri, 11 Nov 2011 18:01:54 +0000 (19:01 +0100)]
s4: Simple test script to create lots of contacts to stress the LDB
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Fri Nov 11 22:02:53 CET 2011 on sn-devel-104
Matthieu Patou [Thu, 10 Nov 2011 19:59:09 +0000 (20:59 +0100)]
s4-librpc: do not limit to the first IP when trying to do a rpc connection
The function continue_ip_resolve_name was calling resolve_name_recv which returns
only the first IP for a given hostname.
Instead we use resolve_name_multiple_recv which returns all the IP for a given
hostname. This kind of problem can occur if a host has more than 1 IP but is listenning
only on 1.
Matthieu Patou [Thu, 10 Nov 2011 14:36:22 +0000 (15:36 +0100)]
s4-socket: allow connect_multi_next_socket to try all the IP for a given host
This fix an incorrect behavior which was that if a host has 2 IP but
was listening on only 1 (and the second one) connect_multi_next_socket
was not able to connect because it used only the first result.
Amitay Isaacs [Fri, 11 Nov 2011 04:29:35 +0000 (15:29 +1100)]
py_passdb: Cannot steal an item pointer from an array
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Fri Nov 11 12:04:33 CET 2011 on sn-devel-104