8 years agos3-posix_acls: Handle IDMAP_BOTH by setting an ACL for both the UID and GID form s3-acls
Andrew Bartlett [Thu, 3 May 2012 01:07:58 +0000 (11:07 +1000)]
s3-posix_acls: Handle IDMAP_BOTH by setting an ACL for both the UID and GID form

We need to split things up into a new helper function add_current_ace_to_acl() in order for
there to be more posix ACL elements than NT ACL elements.

Andrew Bartlett

8 years agos4:torture:rpc: add a new test samba3.smb2-pipe-read-logoff
Michael Adam [Wed, 2 May 2012 16:09:48 +0000 (18:09 +0200)]
s4:torture:rpc: add a new test samba3.smb2-pipe-read-logoff

 - open a pipe via smb2
 - trigger a read which hangs since there is nothing to read
 - do a logoff
 - wait for the read to return and check the status

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed May  2 19:57:45 CEST 2012 on sn-devel-104

8 years agos4:torture:rpc: add a new test samba3.smb2.pipe-read-tdis
Michael Adam [Wed, 2 May 2012 16:03:33 +0000 (18:03 +0200)]
s4:torture:rpc: add a new test samba3.smb2.pipe-read-tdis

 - open a pipe via smb2
 - trigger a read which hangs since there is nothing to read
 - do a tree disconnect
 - wait for the read to return and check the status

8 years agos4:torture:rpc: add a test samba3.smb2-pipe-read-close
Michael Adam [Wed, 2 May 2012 12:25:58 +0000 (14:25 +0200)]
s4:torture:rpc: add a test samba3.smb2-pipe-read-close

* open a pipe via smb2
* trigger a read which hangs since there is nothing to read
* close the pipe file handle
* wait for the read to reaturn and check the status

8 years agos4:torture:rpc: fix a comment typo in samba3.smb2-reauth2
Michael Adam [Wed, 2 May 2012 15:33:33 +0000 (17:33 +0200)]
s4:torture:rpc: fix a comment typo in samba3.smb2-reauth2

8 years agos4:torture:rpc: remove an accidentially committed character (in a comment)
Michael Adam [Wed, 2 May 2012 11:55:45 +0000 (13:55 +0200)]
s4:torture:rpc: remove an accidentially committed character (in a comment)

8 years agos3-passdb: Add extra debug on ID mapping failures
Andrew Bartlett [Sat, 21 Apr 2012 00:22:35 +0000 (10:22 +1000)]
s3-passdb: Add extra debug on ID mapping failures

Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed May  2 15:34:13 CEST 2012 on sn-devel-104

8 years agos3-idmap: remove (now) unused function idmap_cache_set_sid2both()
Andrew Bartlett [Wed, 2 May 2012 08:44:16 +0000 (10:44 +0200)]
s3-idmap: remove (now) unused function idmap_cache_set_sid2both()

Signed-off-by: Michael Adam <obnox@samba.org>
8 years agos3-idmap: convert most idmap_cache callers to unixid API
Andrew Bartlett [Fri, 23 Mar 2012 10:11:33 +0000 (21:11 +1100)]
s3-idmap: convert most idmap_cache callers to unixid API

This will eventually allow the struct unixid to be passed all the way up
and down the stack.

Andrew Bartlett

Signed-off-by: Michael Adam <obnox@samba.org>
8 years agos3-idmap: Rework idmap_cache to store ID_TYPE_BOTH values
Andrew Bartlett [Fri, 23 Mar 2012 10:01:01 +0000 (21:01 +1100)]
s3-idmap: Rework idmap_cache to store ID_TYPE_BOTH values

This required that the lower level cache store a UID/GID and a type, and that
we operate on struct unixid rather than just uid/gid.

The ID_TYPE_BOTH is then handled as being a positive mapping for both
a UID and GID value.  Wrapper functions are provided so that callers are not
changed in this patch.

Andrew Bartlett

Signed-off-by: Michael Adam <obnox@samba.org>
8 years agos3-winbindd: Do not use WBC_ types internally in winbindd
Andrew Bartlett [Fri, 23 Mar 2012 06:58:39 +0000 (17:58 +1100)]
s3-winbindd: Do not use WBC_ types internally in winbindd

Use the types from idmap.idl instead

Signed-off-by: Michael Adam <obnox@samba.org>
8 years agos3:passdb: remove a forward declaration of wbcSidToUnixId that has become unnecessary
Michael Adam [Wed, 2 May 2012 07:49:02 +0000 (09:49 +0200)]
s3:passdb: remove a forward declaration of wbcSidToUnixId that has become unnecessary

8 years agos3:passdb: rename sids_to_unix_ids() --> sids_to_unixids() for consistency
Michael Adam [Wed, 2 May 2012 07:48:28 +0000 (09:48 +0200)]
s3:passdb: rename sids_to_unix_ids() --> sids_to_unixids() for consistency

8 years agos3-passdb: Use struct unixid in sids_to_unix_ids
Andrew Bartlett [Fri, 23 Mar 2012 06:30:34 +0000 (17:30 +1100)]
s3-passdb: Use struct unixid in sids_to_unix_ids

This avoids the union in the struct wbcUnixId and moves us to using only struct unixid

Andrew Bartlett

Signed-off-by: Michael Adam <obnox@samba.org>
8 years agos3-passdb: Rename legacy_sid_to_id -> legacy_sid_to_unixid for clarity
Andrew Bartlett [Fri, 23 Mar 2012 05:51:47 +0000 (16:51 +1100)]
s3-passdb: Rename legacy_sid_to_id -> legacy_sid_to_unixid for clarity

Signed-off-by: Michael Adam <obnox@samba.org>
8 years agos3-passdb: Change pdb_sid_to_id() to return struct unixid
Andrew Bartlett [Thu, 15 Mar 2012 22:16:23 +0000 (09:16 +1100)]
s3-passdb: Change pdb_sid_to_id() to return struct unixid

This will make it easier to consistantly pass a struct unixid all the way up and
down the idmap stack, and allow ID_TYPE_BOTH to be handled correctly.

Andrew Bartlett

Signed-off-by: Michael Adam <obnox@samba.org>
8 years agoselftest: make the knownfail patterns for the driver_info_winreg more specific
Michael Adam [Thu, 26 Apr 2012 13:31:28 +0000 (15:31 +0200)]
selftest: make the knownfail patterns for the driver_info_winreg more specific

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed May  2 11:23:26 CEST 2012 on sn-devel-104

8 years agos4-provision: Fix up --use-s3fs to create the directory for xattr.tdb
Andrew Bartlett [Wed, 2 May 2012 00:45:51 +0000 (10:45 +1000)]
s4-provision: Fix up --use-s3fs to create the directory for xattr.tdb

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed May  2 04:45:05 CEST 2012 on sn-devel-104

8 years agos4-wintest: --use-s3fs in wintest
Andrew Bartlett [Wed, 2 May 2012 00:45:15 +0000 (10:45 +1000)]
s4-wintest: --use-s3fs in wintest

8 years agos4-provision: Fix --use-s3fs to parse correctly
Andrew Bartlett [Wed, 2 May 2012 00:44:45 +0000 (10:44 +1000)]
s4-provision: Fix --use-s3fs to parse correctly

8 years agotestsuite/libsmbclient: Remove unused and expensive-to-link testsuite
Andrew Bartlett [Tue, 1 May 2012 23:49:19 +0000 (09:49 +1000)]
testsuite/libsmbclient: Remove unused and expensive-to-link testsuite

This testsuite never got off the ground, and unlike the other
libsmbclient tests, it is not integrated into make test, has no driver
script we could integrate.

As it has been in this state for 10 years, and adding it to the compile
did not find any link-time issues (particularly in comparison to the
link-time cost for so many individual binaries), I am now removing them.

The libsmbclient examples are seperate to this, and remain in

Andrew Bartlett

8 years agoselftest: 'store dos attributes = yes' is now set in fileserver.conf
Andrew Bartlett [Tue, 1 May 2012 23:39:33 +0000 (09:39 +1000)]
selftest: 'store dos attributes = yes' is now set in fileserver.conf

As such, there is no need to set it or the permissions-based mappings here as well.

Andrew Bartlett

8 years agos4-provision: set 'dcerpc endpoint servers' but not 'vfs objects'
Andrew Bartlett [Tue, 1 May 2012 23:38:39 +0000 (09:38 +1000)]
s4-provision: set 'dcerpc endpoint servers' but not 'vfs objects'

The VFS objects are now set in the fileserver.conf, but this is only read by smbd, so
the provision-time smb.conf needs to turn off the extra Samba4 DCE/RPC services.

Andrew Bartlett

8 years agofile_server: set 'store dos attributes = yes'
Andrew Bartlett [Tue, 1 May 2012 23:37:08 +0000 (09:37 +1000)]
file_server: set 'store dos attributes = yes'

This means we do not need the old permissions-based mappings.

Andrew Bartlett

8 years agoselftest: run more raw.samba3 against secshare simple file server
Andrew Bartlett [Tue, 1 May 2012 10:11:04 +0000 (20:11 +1000)]
selftest: run more raw.samba3 against secshare simple file server

This allows these tests to run in an environment where they can pass,
as they fail when ACL support is turned on in smbd.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed May  2 02:51:27 CEST 2012 on sn-devel-104

8 years agoselftest: Run smbtorture tests being run against s3dc against plugin_s4_dc as well
Andrew Bartlett [Mon, 30 Apr 2012 05:32:08 +0000 (15:32 +1000)]
selftest: Run smbtorture tests being run against s3dc against plugin_s4_dc as well

8 years agoselftest: Do not start samba4 srvsvc in plugin_s4_dc mode
Andrew Bartlett [Tue, 1 May 2012 06:06:39 +0000 (16:06 +1000)]
selftest: Do not start samba4 srvsvc in plugin_s4_dc mode

8 years agoselftest: add hooks required for printing to Samba4.pm
Andrew Bartlett [Mon, 30 Apr 2012 13:39:27 +0000 (23:39 +1000)]
selftest: add hooks required for printing to Samba4.pm

8 years agoselftest: mark samba3.raw.samba3checkfsp as flapping on plugin_s4_dc
Andrew Bartlett [Tue, 1 May 2012 21:19:13 +0000 (07:19 +1000)]
selftest: mark samba3.raw.samba3checkfsp as flapping on plugin_s4_dc

This fails on my Fedora 16 workstation, but passes on sn-devel.

Andrew Bartlett

8 years agoselftest: mark samba3.raw.acls.inheritance(plugin_s4_dc) as flapping
Andrew Bartlett [Tue, 1 May 2012 11:47:28 +0000 (21:47 +1000)]
selftest: mark samba3.raw.acls.inheritance(plugin_s4_dc) as flapping

This seems to succeed on sn-devel, but fails in a local make test on
my workstation.

Andrew Bartlett

8 years agoselftest: add knownfail entries for plugin_s4_dc tests
Andrew Bartlett [Mon, 30 Apr 2012 13:39:10 +0000 (23:39 +1000)]
selftest: add knownfail entries for plugin_s4_dc tests

8 years agoselftest: change knownfail to cope with running plugin_s4_dc as well
Andrew Bartlett [Mon, 30 Apr 2012 10:55:30 +0000 (20:55 +1000)]
selftest: change knownfail to cope with running plugin_s4_dc as well

8 years agofile_server: use embedded srvsvc
Andrew Bartlett [Tue, 1 May 2012 06:06:25 +0000 (16:06 +1000)]
file_server: use embedded srvsvc

8 years agofile_server: Use the embedded winreg server
Andrew Bartlett [Mon, 30 Apr 2012 06:03:33 +0000 (16:03 +1000)]
file_server: Use the embedded winreg server

8 years agofile_server: use embedded ntsvcs server
Andrew Bartlett [Mon, 30 Apr 2012 05:22:04 +0000 (15:22 +1000)]
file_server: use embedded ntsvcs server

8 years agofile_server: use embedded eventlog server
Andrew Bartlett [Mon, 30 Apr 2012 05:19:43 +0000 (15:19 +1000)]
file_server: use embedded eventlog server

8 years agofile_server: forward dssetup, but use embedded svcctl for s3fs
Andrew Bartlett [Mon, 30 Apr 2012 05:13:49 +0000 (15:13 +1000)]
file_server: forward dssetup, but use embedded svcctl for s3fs

8 years agoselftest: Use same pattern for path to share as Samba3.pm
Andrew Bartlett [Mon, 30 Apr 2012 05:08:38 +0000 (15:08 +1000)]
selftest: Use same pattern for path to share as Samba3.pm

This helps as we declare tests that were previously targetted at Samba3 only.

Andrew Bartlett

8 years agoselftest: Add hideunread share to plugin_s4_dc
Andrew Bartlett [Mon, 30 Apr 2012 05:17:54 +0000 (15:17 +1000)]
selftest: Add hideunread share to plugin_s4_dc

8 years agoselftest: run plugin_s4_dc with 'acl_xattr xattr_tdb streams_depot' VFS modules
Andrew Bartlett [Mon, 30 Apr 2012 05:16:15 +0000 (15:16 +1000)]
selftest: run plugin_s4_dc with 'acl_xattr xattr_tdb streams_depot' VFS modules

8 years agoselftest: prepare to run smbtorture tests against plugin_s4_dc
Andrew Bartlett [Thu, 26 Apr 2012 05:20:02 +0000 (15:20 +1000)]
selftest: prepare to run smbtorture tests against plugin_s4_dc

8 years agoselftest: attempt to test samba3hide in a different environment
Andrew Bartlett [Wed, 18 Apr 2012 06:05:22 +0000 (16:05 +1000)]
selftest: attempt to test samba3hide in a different environment

This should ensure that the samba3hide test is still run and passes,
in a non-ACLed environment.

Andrew Bartlett

8 years agoselftest: Enable ACL testing against the s3dc environment
Andrew Bartlett [Tue, 17 Apr 2012 01:56:23 +0000 (11:56 +1000)]
selftest: Enable ACL testing against the s3dc environment

Previously, ACL tests were skipped and the correct modules for ACL
testing were not loaded.

The addition of a knownfail entry for raw.samba3* tests is due to an
inconsitancy between the behaviour with and without ACL modules loaded
- posix chown calls appear to be ignored in this mode.

Andrew Bartlett

8 years agos3-smbd: Use security_session_user_level() rather than nt_token_check_sid()
Andrew Bartlett [Tue, 1 May 2012 07:13:34 +0000 (17:13 +1000)]
s3-smbd: Use security_session_user_level() rather than nt_token_check_sid()

This allows the unix.whoami test to pass when configured as part of the AD DC.

The struct auth_session_info is slightly different in the AD DC configuration
when using auth_samba4.  In particular, there is a distinction between Guest
and Anonymous logins.

Andrew Bartlett

8 years agos3:torture fix flakey testcase
Christian Ambach [Tue, 1 May 2012 19:21:40 +0000 (21:21 +0200)]
s3:torture fix flakey testcase

don't put database into /tmp, use lp_private_dir() to put
it into the selftest prefix

Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed May  2 00:57:05 CEST 2012 on sn-devel-104

8 years agos3:selftest run LOCAL-IDMAP-TDB-COMMON in make test
Christian Ambach [Mon, 30 Apr 2012 15:02:46 +0000 (17:02 +0200)]
s3:selftest run LOCAL-IDMAP-TDB-COMMON in make test

Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Tue May  1 11:07:08 CEST 2012 on sn-devel-104

8 years agos3:torture: add idmap_tdb_common test code
Christian Ambach [Wed, 22 Feb 2012 14:44:27 +0000 (15:44 +0100)]
s3:torture: add idmap_tdb_common test code

8 years agos3:winbindd/idmap_tdb: use idmap_tdb_common code
Christian Ambach [Mon, 20 Feb 2012 11:13:56 +0000 (12:13 +0100)]
s3:winbindd/idmap_tdb: use idmap_tdb_common code

8 years agos3:winbindd/idmap_tdb2: fix logic error in set_mapping_action
Christian Ambach [Sun, 26 Feb 2012 16:49:23 +0000 (17:49 +0100)]
s3:winbindd/idmap_tdb2: fix logic error in set_mapping_action

fix an endless loop

8 years agos3:winbindd/idmap_tdb2: use idmap_tdb_common code
Christian Ambach [Fri, 17 Feb 2012 16:34:03 +0000 (17:34 +0100)]
s3:winbindd/idmap_tdb2: use idmap_tdb_common code

8 years agos3:winbindd/autorid use idmap_tdb_common code in autorid
Christian Ambach [Wed, 25 Jan 2012 18:06:16 +0000 (19:06 +0100)]
s3:winbindd/autorid use idmap_tdb_common code in autorid

- use common logic for the allocation pool
- add a idmap_tdb style 1on1 mapping for non-domain SIDs
  like Everyone (S-1-1-0)

8 years agos3:winbindd add idmap_tdb_common file to store common code of TDB idmap backends
Christian Ambach [Mon, 16 Jan 2012 16:21:38 +0000 (17:21 +0100)]
s3:winbindd add idmap_tdb_common file to store common code of TDB idmap backends

8 years agos3:util add sid_check_is_wellknown_builtin()
Christian Ambach [Tue, 17 Jan 2012 12:59:56 +0000 (13:59 +0100)]
s3:util add sid_check_is_wellknown_builtin()

8 years agomove VERSION to alpha21
Andrew Bartlett [Tue, 1 May 2012 04:42:33 +0000 (14:42 +1000)]
move VERSION to alpha21

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue May  1 08:16:38 CEST 2012 on sn-devel-104

8 years agoprepare WHATSNEW for alpha20 and mark as release
Andrew Bartlett [Tue, 1 May 2012 04:40:48 +0000 (14:40 +1000)]
prepare WHATSNEW for alpha20 and mark as release

8 years agos4-upgradedns: Update serverdn with only the attributes that have changed
Amitay Isaacs [Thu, 19 Apr 2012 23:39:53 +0000 (09:39 +1000)]
s4-upgradedns: Update serverdn with only the attributes that have changed

This fixes the issue of ldb 'Operations Error' when trying to modify
hasPartialReplicaNCs attribute.

Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue May  1 05:28:04 CEST 2012 on sn-devel-104

8 years agoFix bug #8873 - self granting privileges in security=ads.
Jeremy Allison [Tue, 17 Apr 2012 19:30:15 +0000 (12:30 -0700)]
Fix bug #8873 - self granting privileges in security=ads.

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May  1 01:04:46 CEST 2012 on sn-devel-104

8 years agoFix the loop unrolling inside resolve_ads(). If we don't get
Jeremy Allison [Mon, 30 Apr 2012 18:05:51 +0000 (11:05 -0700)]
Fix the loop unrolling inside resolve_ads(). If we don't get
an IP list don't use interpret_string_addr(), as this only
returns one address, use interpret_string_addr_internal()

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Apr 30 23:21:16 CEST 2012 on sn-devel-104

8 years agoProtect all of the name resolution methods from returning null addrs. Ensure all...
Jeremy Allison [Fri, 27 Apr 2012 23:25:58 +0000 (16:25 -0700)]
Protect all of the name resolution methods from returning null addrs. Ensure all returns go through remove_duplicate_addrs2().

8 years agoFix convert_ss2service() to filter out zero addresses.
Jeremy Allison [Fri, 27 Apr 2012 23:07:20 +0000 (16:07 -0700)]
Fix convert_ss2service() to filter out zero addresses.

8 years agoFix remove_duplicate_addrs2 to do exactly what it says. Previously it could leave...
Jeremy Allison [Fri, 27 Apr 2012 23:02:15 +0000 (16:02 -0700)]
Fix remove_duplicate_addrs2 to do exactly what it says. Previously it could leave zero addresses in the list.

8 years agos4:samldb LDB module - homogenize LDB search attributes arrays
Matthias Dieter Wallnöfer [Sat, 21 Apr 2012 15:32:48 +0000 (17:32 +0200)]
s4:samldb LDB module - homogenize LDB search attributes arrays

First they do not need to be "static" any longer since we have abandoned
asynchronous result handling (where global variables have been important).
In addition add some "const" in order to protect us from unwanted writes.

Reviewed-by: Andrew Bartlett
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Apr 30 16:46:20 CEST 2012 on sn-devel-104

8 years agos4-libnet: Add mem_ctx to libnet_rpc_groupdel calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 10:29:56 +0000 (20:29 +1000)]
s4-libnet: Add mem_ctx to libnet_rpc_groupdel calls (bug #8889)

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Apr 30 14:41:36 CEST 2012 on sn-devel-104

8 years agos4-libnet: Add mem_ctx to libnet_rpc_groupadd calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 10:27:33 +0000 (20:27 +1000)]
s4-libnet: Add mem_ctx to libnet_rpc_groupadd calls (bug #8889)

8 years agos4-libnet: Add mem_ctx to libnet_rpc_usermod calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 10:25:55 +0000 (20:25 +1000)]
s4-libnet: Add mem_ctx to libnet_rpc_usermod calls (bug #8889)

8 years agos4-libnet: Add mem_ctx to libnet_rpc_userdel calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 10:23:07 +0000 (20:23 +1000)]
s4-libnet: Add mem_ctx to libnet_rpc_userdel calls (bug #8889)

8 years agos4-libnet: Add mem_ctx to libnet_rpc_useradd calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 10:14:42 +0000 (20:14 +1000)]
s4-libnet: Add mem_ctx to libnet_rpc_useradd calls (bug #8889)

8 years agos4-libnet: Add mem_ctx to libnet_rpc_groupinfo calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 10:09:58 +0000 (20:09 +1000)]
s4-libnet: Add mem_ctx to libnet_rpc_groupinfo calls (bug #8889)

8 years agos4-libnet: Add mem_ctx to libnet_DomainClose calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 10:02:42 +0000 (20:02 +1000)]
s4-libnet: Add mem_ctx to libnet_DomainClose calls (bug #8889)

8 years agos4-libnet: Add mem_ctx to libnet_DomainOpen calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 09:57:45 +0000 (19:57 +1000)]
s4-libnet: Add mem_ctx to libnet_DomainOpen calls (bug #8889)

8 years agos4-libnet: Add mem_ctx to libnet_Lookup calls (bug #8889)
Andrew Bartlett [Mon, 30 Apr 2012 09:35:25 +0000 (19:35 +1000)]
s4-libnet: Add mem_ctx to libnet_Lookup calls (bug #8889)

8 years agonet: Let get*sid return error from passdb init
Christof Schmitt [Tue, 24 Apr 2012 21:33:46 +0000 (14:33 -0700)]
net: Let get*sid return error from passdb init

When initialize_password_db returns an error this means that the SID
stored in the backend cannot be read. Return this error directly
instead of creating a random SID through get_global_sam_sid.

Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Mon Apr 30 13:07:20 CEST 2012 on sn-devel-104

8 years agopassdb: Do not panic in initialize_password_db
Christof Schmitt [Tue, 24 Apr 2012 21:42:28 +0000 (14:42 -0700)]
passdb: Do not panic in initialize_password_db

A call to initialize_password_db leads to smb_panic in case the backend
returns an error. All callers to initialize_password_db check the return
value, so this code path should return the status instead of calling

Move the call to smb_panic from pdb_get_methods_reload pdb_get_methods
to get it out of the initialize code path.  This allows printing the
proper error message for 'net getlocalsid' which is much nicer than
printing the panic stack trace.

8 years agos3-auth_samba4: use new_server_id_task() to allocate server id values
Andrew Bartlett [Wed, 25 Apr 2012 07:40:35 +0000 (17:40 +1000)]
s3-auth_samba4: use new_server_id_task() to allocate server id values

This is rather than just picking a random number out of the air.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Apr 30 11:29:34 CEST 2012 on sn-devel-104

8 years agos3-lib Add a way to allocate the task_id value in server_id
Andrew Bartlett [Thu, 21 Jul 2011 06:29:38 +0000 (16:29 +1000)]
s3-lib Add a way to allocate the task_id value in server_id

This safely allocates the task_id so that when we have multiple event
contexts, they can each have their own messaging context, particularly
for the imessaging subsystem under source4.

Andrew Bartlett

8 years agos4-messaging: Fill in the whole server_id in all use cases
Andrew Bartlett [Mon, 30 Apr 2012 05:44:01 +0000 (15:44 +1000)]
s4-messaging: Fill in the whole server_id in all use cases

This started per https://bugzilla.samba.org/show_bug.cgi?id=8872#c4
and avoids any possible collision with a different process.

We also need to ensure that across a Samba installation on a single
node that id.vnn is the same.  Samba4 previously used 0, while Samba3
used NONCLUSTER_VNN.  When a message is sent between these 'different'
nodes, the error NT_STATUS_INVALID_DEVICE_REQUEST is raised.

Andrew Bartlett

8 years agos4-torture: convert samba3misc tests to use torture_failure and torture_assert
Andrew Bartlett [Mon, 30 Apr 2012 04:57:41 +0000 (14:57 +1000)]
s4-torture: convert samba3misc tests to use torture_failure and torture_assert

This helps us when these tests fail, as subunit-formatted failures can
be declared as knownfail entries, and show up correctly in the make
test output.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Apr 30 08:34:52 CEST 2012 on sn-devel-104

8 years agos4-torture: move samba3 tests to use torture helper functions
Andrew Bartlett [Mon, 30 Apr 2012 04:15:12 +0000 (14:15 +1000)]
s4-torture: move samba3 tests to use torture helper functions

8 years agos4-torture: Move various samba3 tests to the torture_suite_add_1smb_test wrapper
Andrew Bartlett [Mon, 30 Apr 2012 04:05:19 +0000 (14:05 +1000)]
s4-torture: Move various samba3 tests to the torture_suite_add_1smb_test wrapper

8 years agos4:samldb LDB module - implement "fSMORoleOwner" attribute protection
Matthias Dieter Wallnöfer [Sat, 21 Apr 2012 16:16:43 +0000 (18:16 +0200)]
s4:samldb LDB module - implement "fSMORoleOwner" attribute protection

This is a very essential attribute since it references to various domain
master roles (PDC emulator, schema...) depending on which entry it has
been set. Incautious modifications can cause severe problems.

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Apr 30 02:04:24 CEST 2012 on sn-devel-104

8 years agos4:dsdb/common/util.c - samdb_is_pdc() - fail if the "fSMORoleOwner" attribute has...
Matthias Dieter Wallnöfer [Fri, 20 Apr 2012 16:15:23 +0000 (18:15 +0200)]
s4:dsdb/common/util.c - samdb_is_pdc() - fail if the "fSMORoleOwner" attribute has not been set

8 years agoAdd some debug for FOOBAR return case as they are hard to diagnose
Matthieu Patou [Sun, 29 Apr 2012 05:12:40 +0000 (22:12 -0700)]
Add some debug for FOOBAR return case as they are hard to diagnose

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sun Apr 29 09:08:15 CEST 2012 on sn-devel-104

8 years agodsdb: more RELAX to DBCHECK control shift so that only dbcheck can do uncontrolled...
Matthieu Patou [Sun, 29 Apr 2012 04:51:12 +0000 (21:51 -0700)]
dsdb: more RELAX to DBCHECK control shift so that only dbcheck can do uncontrolled changes

8 years agodsdb: change control from relax to dbcheck
Matthieu Patou [Sat, 28 Apr 2012 22:55:06 +0000 (15:55 -0700)]
dsdb: change control from relax to dbcheck

Comment indicate that this is needed by dbcheck only and it permits
other projects to push broken schema and remain undetected

8 years agodns server: move very verbose debug to higher level 2 -> 8
Matthieu Patou [Sat, 28 Apr 2012 22:53:41 +0000 (15:53 -0700)]
dns server: move very verbose debug to higher level 2 -> 8

8 years agos3: Remove a SMB_ASSERT
Volker Lendecke [Sat, 28 Apr 2012 17:55:31 +0000 (19:55 +0200)]
s3: Remove a SMB_ASSERT

Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sat Apr 28 23:38:45 CEST 2012 on sn-devel-104

8 years agos3: Fix bug 8904 -- wbinfo --lookup-sids "" crashes winbind
Volker Lendecke [Sat, 28 Apr 2012 17:51:46 +0000 (19:51 +0200)]
s3: Fix bug 8904 -- wbinfo --lookup-sids "" crashes winbind

Much of the code further down and up the call chain expects the
structures wb_lookupsids returns to be allocated. Do that despite
we have nothing to look up.

8 years agoAdd an audit file VFS routine so we can handle auditing with SACLs.
Richard Sharpe [Sat, 28 Apr 2012 04:31:34 +0000 (21:31 -0700)]
Add an audit file VFS routine so we can handle auditing with SACLs.

Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Sat Apr 28 08:05:00 CEST 2012 on sn-devel-104

8 years agos4:torture: add a check for talloc success in rpc.samba3.randomauth2
Michael Adam [Fri, 27 Apr 2012 22:35:56 +0000 (00:35 +0200)]
s4:torture: add a check for talloc success in rpc.samba3.randomauth2

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Sat Apr 28 02:10:39 CEST 2012 on sn-devel-104

8 years agos4:torture: add a check for talloc success in the rpc.samba3 suite
Michael Adam [Fri, 27 Apr 2012 22:34:36 +0000 (00:34 +0200)]
s4:torture: add a check for talloc success in the rpc.samba3 suite

8 years agos4:torture: add a rpc.samba3.smb2-reauth2 test
Michael Adam [Fri, 27 Apr 2012 22:31:57 +0000 (00:31 +0200)]
s4:torture: add a rpc.samba3.smb2-reauth2 test

like smb-reauth2, only for smb2

8 years agos4:torture: add a rpc.samba3.smb2-reauth1 test
Michael Adam [Fri, 27 Apr 2012 14:20:38 +0000 (16:20 +0200)]
s4:torture: add a rpc.samba3.smb2-reauth1 test

8 years agos4:librpc: create a binding on the pipe if necessary in dcerpc_pipe_open_smb2_send()
Stefan Metzmacher [Fri, 27 Apr 2012 14:18:47 +0000 (16:18 +0200)]
s4:librpc: create a binding on the pipe if necessary in dcerpc_pipe_open_smb2_send()

Pair-Programmed-With: Michael Adam <obnox@samba.org>

8 years agoselftest: Add test to ensure that bug #8872 does not come back
Andrew Bartlett [Fri, 27 Apr 2012 02:52:54 +0000 (12:52 +1000)]
selftest: Add test to ensure that bug #8872 does not come back

The raw.composite test checks that we handle mutliple concurrent connections.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Apr 27 16:25:37 CEST 2012 on sn-devel-104

8 years agoselftest: Place the test environment at the end of the failure lines
Andrew Bartlett [Fri, 27 Apr 2012 02:50:36 +0000 (12:50 +1000)]
selftest: Place the test environment at the end of the failure lines

This allows a knownfail entry to be added for only one environment, rather than
all environments.

Andrew Bartlett

8 years agoselftest: Remove silly space before unit test name
Andrew Bartlett [Fri, 27 Apr 2012 02:49:14 +0000 (12:49 +1000)]
selftest: Remove silly space before unit test name

When we have no description, there is no need for a leading space here

Andrew Bartlett

8 years agos3:winbindd: also try SMB2 when connecting to "IPC$"
Stefan Metzmacher [Thu, 26 Apr 2012 10:06:21 +0000 (12:06 +0200)]
s3:winbindd: also try SMB2 when connecting to "IPC$"


Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Apr 27 13:10:15 CEST 2012 on sn-devel-104

8 years agos3:libsmb/cli_np_tstream: add support for SMB2
Stefan Metzmacher [Wed, 25 Apr 2012 18:18:22 +0000 (20:18 +0200)]
s3:libsmb/cli_np_tstream: add support for SMB2


8 years agos3:libsmb/cli_np_tstream: remove unused tstream_cli_np_existing()
Stefan Metzmacher [Thu, 26 Apr 2012 12:05:40 +0000 (14:05 +0200)]
s3:libsmb/cli_np_tstream: remove unused tstream_cli_np_existing()


8 years agos3:libsmb: add smb2cli_ioctl*
Stefan Metzmacher [Wed, 21 Dec 2011 10:04:43 +0000 (11:04 +0100)]
s3:libsmb: add smb2cli_ioctl*