Oliver Liebel [Tue, 24 Feb 2009 00:37:58 +0000 (11:37 +1100)]
Added mmr and olc to the OpenLDAP backend provisioning-scripts
These extensions add mmr (multi-master-replication) and olc
(openldap-online-configuration) capabilities to the
provisioning-scripts (provision-backend and provision.py), for use
with the openldap-backend (only versions >=2.4.15!).
Changes / additions made to the provision-backend -script:
added new command-line-options:
--ol-mmr-urls=<list of whitespace separated ldap-urls> for use with mmr
(can be combined with --ol-olc=yes),
--ol-olc=[yes/no] (activate automatic conversion from static slapd.conf
to olc),
--ol-slaptest=<path to slaptest binary> (needed in conjunction with
--ol-olc=yes)
Changes / additions made to the provision.py -script: added
extensions, that will automatically generate the chosen mmr and/or olc
setup for the openldap backend, according to the to chosen parameters
set in the provision-backend script
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Steven Danneman [Tue, 24 Feb 2009 04:46:11 +0000 (20:46 -0800)]
Refactored sys_fork() and sys_pid() into shared util library
This fixes a bug in 116ce19b, where we didn't clear the pid cache in
become_daemon() and thus the /var/run/smbd.pid didn't match the actual
pid of the parent process.
Currently S4 will clear the pid cache on fork but doesn't yet take
advantage of the pid cache by using sys_pid() instead of the direct
get_pid().
Günther Deschner [Mon, 23 Feb 2009 10:43:32 +0000 (11:43 +0100)]
s3-spoolss: fix notify_printer_status_byname.
This took me almost a week to find, so here a little longer explanation:
When a windows client registers printer *status* change notifies using
spoolss_RemoteFindFirstChangeNotify, it registers them to a print server handle,
not a printer handle. We were then correctly monitoring the printer status
changes but were sending out the spoolss_RouterReplyPrinterEx via the back-channel
connection with job_id set to 0 (which we only may do for monitored printer
change status notifies on printer handlers, not print server handles). Windows
was then showing a new empty dummy printer icon in the explorer as it cannot
route the notify event to the approriate local handle. It also discarded the
content of the notify event message of course. With this, printer change notify for
pausing, resuming and purging printers nicely works again here.
Jerry, Tim and all other printing gurus, please check.
Günther Deschner [Mon, 23 Feb 2009 23:45:25 +0000 (00:45 +0100)]
spoolss: add spoolss_DriverInfo101 to IDL.
Note that the size_is of the spoolss_DriverFileInfo is not reflected on the ndr.
It is just used as pidl cannot handle a relative pointer to a static array of
structs.
Derrell Lipman [Mon, 23 Feb 2009 18:50:11 +0000 (13:50 -0500)]
Make char* parameters const
- Use const in function signatures whenever appropriate, to help prevent
errant scribbling on users' buffers. smbc_set_credentials() always acted as
if its formal parameters were const char *, and changing the formal
declaration to specify that should not cause any change to the ABI. It is
still allowable to pass a writable buffer to a function which specifies that
it will not write to the buffer.
Simo Sorce [Sun, 22 Feb 2009 06:50:49 +0000 (01:50 -0500)]
Make all transactions nested in ldb. The current samba4 code expects this
behavior anyway, and given we can only have one transaction active per
ldb context this is the only sane model we can support.
Fix ldb_tdb transactions, we could return back with an error with neither
committing nor canceling the actual tdb transaction in some error paths
within the ltdb commit and cancel transaction paths.
Added also some debugging to trace what was going on.
Tim Prouty [Fri, 20 Feb 2009 21:28:36 +0000 (13:28 -0800)]
s3: If sendfile returns 0 bytes read, fall back to the normal read path
This allows sendfile implementations that are atomic to avoid having
to send zeros or kill the client connection on a short read (usually
the file was truncated).
Tim Prouty [Sat, 21 Feb 2009 21:57:10 +0000 (13:57 -0800)]
Revert "s3 auth: Add parameter that forces every user through an NSS lookup"
After the discussion on samba-technical, it was decided that the best
answer for now was to revert this change. The right way to do this is
to rewrite the token api to use opaque tokens with pluggable modules.
Jelmer Vernooij [Sat, 21 Feb 2009 17:21:20 +0000 (18:21 +0100)]
Add --enable-external-* flags for libraries shipped with Samba, to allow
explicitly enabling or disabling the use of the version provided by the
system.
Dan Sledz [Fri, 13 Feb 2009 20:28:57 +0000 (12:28 -0800)]
Introduce a new passdb backend: pdb_onefs_sam
Implements a custom backend for onefs that exclusively uses the wbclient
interface for all passdb calls.
It lacks some features of a standard passdb.
In particular it's a read only interface and doesn't implement privileges.
Dan Sledz [Fri, 13 Feb 2009 20:24:22 +0000 (12:24 -0800)]
Introduce a new authentication backend auth_onefs_wb
This new backend is custom tailored to onefs' unique requirements:
1) No fallback logic
2) Does not validate the domain of the user
3) Handles unencrypted passwords
Dan Sledz [Tue, 9 Dec 2008 08:29:26 +0000 (08:29 +0000)]
Allow building with an external libwbclient library
Introduce a new configure option --with-wbclient which specifies a
location to find a compatible libwbclient library to link against. This
options is overwritten by --with-winbind
todd stecher [Thu, 19 Feb 2009 17:33:30 +0000 (09:33 -0800)]
S3: Detect max_open_files from system
- Attempt to use syscalls to determine max-open-files value.
- Add in periodic logging when max file limit reached
Steven Danneman [Fri, 20 Feb 2009 21:25:17 +0000 (13:25 -0800)]
s3: OneFS implementation of change notify
The OneFS Samba implementation of change notify is modeled after the
usage of Linux's inotify kernel subsystem. A single call is made
into the onefs.so VFS module to initialize kernel tracking of certain
file change events. When these events occur a kernel notification is
sent to smbd and the notification event is translated and given to the
general Samba Change Notify layer through a callback function.
The most difficult aspect is converting an SMB CompletionFilter to
a matching ifs_event mask, and then back to an appropriate change
notify action. Currently, not all possible cases are handled by the
this module, but the most prevalent ones, which are tested by
smbtorture, are implemented.
Steven Danneman [Wed, 18 Feb 2009 00:20:18 +0000 (16:20 -0800)]
s3: Make change notify immediately return a catch-all packet on underlying error
* This allows a problem in the underlying CN backend to be bubbled up
to the general CN layer so a catch-all reply can be returned
* We now also return a catch-all response immediately if the server-side
event queue becomes too big
Steven Danneman [Fri, 20 Feb 2009 21:23:53 +0000 (13:23 -0800)]
s3: Modifications to generic notify structures to allow implementation of OneFS notify.
The OneFS kernel based change notify system takes an fd of the directory
to watch in it's initialization syscall. Since we already have this
directory open, this commit plumbs that fd down to the VFS layer via the
notify_entry struct.
We also need to know if the watch is taken out on a snapshot directory.
The full file_id struct is also passed down to make this determination.
The file_id marshalling wrappers are hand written here, but should
eventually be auto-generated by moving the struct file_id into the idl.
Steven Danneman [Fri, 20 Feb 2009 01:06:27 +0000 (17:06 -0800)]
Added torture tests to RAW-NOTIFY
* This adds a test to check the change notify behavior of the SMB server
when more events have been generated than can be returned in a single
change notify response.
* Second test makes sure the server doesn't return notification events
for changes to the watched directory itself
Jeremy Allison [Fri, 20 Feb 2009 16:23:52 +0000 (08:23 -0800)]
Fix bug #6133 - Cannot delete non-ACL files on Solaris/ZFS/NFSv4 ACL filesystem.
As the NFSv4 ACL mapping code doesn't map write directory into the DELETE_CHILD
permission bit (which we require before allowing a delete) no one can delete
files without an explicit DELETE_CHILD bit set on the directory. Add this mapping.
Jeremy.