samba.git
13 years agomount.cifs: make cifs mounts honor the USER environment variable
Steve French [Fri, 5 Dec 2008 00:22:59 +0000 (18:22 -0600)]
mount.cifs: make cifs mounts honor the USER environment variable

If the user is not specified in the mount command or in a credential
file, then we are supposed to look for the USER environment variable
(this is usually, but not always set to the username of the current
uid, but it can be overridden by the user, which we were not checking)

Fixes samba bugzilla bug# 5934

13 years agoFix bug #5937 - filenames with "*" char hide other files
Jeremy Allison [Thu, 4 Dec 2008 23:34:09 +0000 (15:34 -0800)]
Fix bug #5937 - filenames with "*" char hide other files
Jeremy.

13 years agoFix bug #5929 - vfs_prealloc does not build with option --with-cluster-support and...
Henning Henkel [Thu, 4 Dec 2008 21:47:54 +0000 (13:47 -0800)]
Fix bug #5929 - vfs_prealloc does not build with option --with-cluster-support and GPFS

13 years agoRemove unused var.
Jeremy Allison [Thu, 4 Dec 2008 19:27:59 +0000 (11:27 -0800)]
Remove unused var.
Jeremy.

13 years agoFix bug #1254 - write list not working under share-level security
Jeremy Allison [Thu, 4 Dec 2008 19:12:01 +0000 (11:12 -0800)]
Fix bug #1254 - write list not working under share-level security
A somewhat more elegant fix than I could use for 3.2.x or 3.0.x.
Turns out the only part of check_user_ok() that needs to change
for share level security is the VUID cache pieces, so I can just
always use check_user_ok() for all lp_security() cases.
Jeremy

13 years agowinbindd: fix horrible mis-indentation of toplvl braces in getgrsid_sid2gid_r
Michael Adam [Thu, 4 Dec 2008 13:04:33 +0000 (14:04 +0100)]
winbindd: fix horrible mis-indentation of toplvl braces in getgrsid_sid2gid_r

to make code more readable

Michael

13 years agowinbindd: don't open a new dc connection in winbindd_getpwnam (main winbindd)
Michael Adam [Wed, 3 Dec 2008 15:38:55 +0000 (16:38 +0100)]
winbindd: don't open a new dc connection in winbindd_getpwnam (main winbindd)

This is just to find the corresponding domain struct.
Actual connection is handled by the domain child.

Michael

13 years agowinbindd: don't open a new dc connection in winbindd_getgrnam (main winbindd)
Michael Adam [Wed, 3 Dec 2008 14:59:17 +0000 (15:59 +0100)]
winbindd: don't open a new dc connection in winbindd_getgrnam (main winbindd)

This is just to find the corresponding domain struct.
Actual connection is handled by the domain child.

Michael

13 years agos3:net: fix password set of 'net rpc trustdom add'
Stefan Metzmacher [Thu, 4 Dec 2008 11:26:03 +0000 (12:26 +0100)]
s3:net: fix password set of 'net rpc trustdom add'

metze
(cherry-picked from commit 2b8f3e253d3a56aac996287f5ce265d0c915b3c8)

13 years agoChange sockaddr util function names for consistency and to eliminate name conflicts
Tim Prouty [Wed, 3 Dec 2008 18:37:03 +0000 (10:37 -0800)]
Change sockaddr util function names for consistency and to eliminate name conflicts

13 years agolibwbclient: avoid usage talloc_init() in library code
Stefan Metzmacher [Wed, 3 Dec 2008 08:07:00 +0000 (09:07 +0100)]
libwbclient: avoid usage talloc_init() in library code

talloc_init() is a compat function for the old samba3
non-hierachical talloc implementation. It enables
the talloc null tracking which should never be done
by library code.

metze
(cherry picked from commit afa0d6b0b14e0ef2293bd8468ffc1d6330abdb5b)

13 years agoconfigure.in: Fix smbtorture_s3 tests.
Kai Blin [Wed, 3 Dec 2008 00:08:49 +0000 (16:08 -0800)]
configure.in: Fix smbtorture_s3 tests.

Seems like Jeremy forgot to fix configure.in when importing d448132 to master
in 8d674e35. Generate the vfs_streams_depot module so make test works again.

13 years agodocs: Add default value for "writeable" to man smb.conf.
Karolin Seeger [Tue, 2 Dec 2008 19:50:02 +0000 (20:50 +0100)]
docs: Add default value for "writeable" to man smb.conf.

Karolin
(cherry picked from commit c09e04ac83365333605b7b1db3d07ccfd451a667)

13 years agoImplement type multi_sz for "net registry setvalue"
Volker Lendecke [Tue, 2 Dec 2008 12:27:50 +0000 (13:27 +0100)]
Implement type multi_sz for "net registry setvalue"

13 years agos3-net: allow to list a keytab generated using net rpc vampire.
Günther Deschner [Tue, 2 Dec 2008 11:57:02 +0000 (12:57 +0100)]
s3-net: allow to list a keytab generated using net rpc vampire.

Guenther
(cherry picked from commit c554080dd988791ec2db37c96ff7cc709b0ee6ab)

13 years agos3: Fix 'ctx' might be used unitialized warnings
Tim Prouty [Tue, 2 Dec 2008 05:56:59 +0000 (21:56 -0800)]
s3: Fix 'ctx' might be used unitialized warnings

13 years agos3:selftest: test the streams_depot module as it passes make test
Stefan Metzmacher [Mon, 1 Dec 2008 22:37:40 +0000 (14:37 -0800)]
s3:selftest: test the streams_depot module as it passes make test

The streams_xattr module only passes sometimes on my laptop.

metze

13 years agos3:smbd: close the low level fd of the base_fsp, if the file was created
Stefan Metzmacher [Mon, 1 Dec 2008 22:28:41 +0000 (14:28 -0800)]
s3:smbd: close the low level fd of the base_fsp, if the file was created

metze

13 years agos3:streams_xattr: fstat should do a stat on the base file
Stefan Metzmacher [Mon, 1 Dec 2008 22:27:15 +0000 (14:27 -0800)]
s3:streams_xattr: fstat should do a stat on the base file

The behavior of stat and fstat should be the same.

metze

13 years agos3:streams_xattr: recheck fsp->fsp_name after a rename
Stefan Metzmacher [Mon, 1 Dec 2008 22:25:39 +0000 (14:25 -0800)]
s3:streams_xattr: recheck fsp->fsp_name after a rename

metze

13 years agos3:smbd: give the correct error when trying to replace a stream
Stefan Metzmacher [Mon, 1 Dec 2008 22:23:53 +0000 (14:23 -0800)]
s3:smbd: give the correct error when trying to replace a stream

metze

13 years agos3:vfs: fix FCHMOD_ACL macros
Stefan Metzmacher [Mon, 1 Dec 2008 22:22:10 +0000 (14:22 -0800)]
s3:vfs: fix FCHMOD_ACL macros

metze

13 years agos3:streams_depot: add an option to disable the xattr checks
Stefan Metzmacher [Mon, 1 Dec 2008 22:20:36 +0000 (14:20 -0800)]
s3:streams_depot: add an option to disable the xattr checks

streams_depot:check_valid=no is useful when the filesystem
has no xattr support and files are only published via samba.

metze

13 years agos3:streams_depot: fix valgrind bug lp_parm_const_string() doesn't talloc the default...
Stefan Metzmacher [Mon, 1 Dec 2008 22:11:54 +0000 (14:11 -0800)]
s3:streams_depot: fix valgrind bug lp_parm_const_string() doesn't talloc the default value

metze

13 years agos3:streams_depot: add support for stream renames
Stefan Metzmacher [Mon, 1 Dec 2008 22:10:27 +0000 (14:10 -0800)]
s3:streams_depot: add support for stream renames

metze

13 years agos3:streams_depot: map 'file::$DATA' to just 'file'
Stefan Metzmacher [Mon, 1 Dec 2008 21:59:00 +0000 (13:59 -0800)]
s3:streams_depot: map 'file::$DATA' to just 'file'

metze

13 years agos3:streams_xattr: add support for renaming streams
Stefan Metzmacher [Mon, 1 Dec 2008 21:54:32 +0000 (13:54 -0800)]
s3:streams_xattr: add support for renaming streams

metze

13 years agos3:smbd: only try and fallback to open a directory if it's not a stream open
Stefan Metzmacher [Mon, 1 Dec 2008 21:51:39 +0000 (13:51 -0800)]
s3:smbd: only try and fallback to open a directory if it's not a stream open

metze

13 years agoMerge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into v3-3-test
Jeremy Allison [Mon, 1 Dec 2008 21:45:26 +0000 (13:45 -0800)]
Merge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into v3-3-test

13 years agos3:smbd: write times should be set on the base file instead of the stream name
Stefan Metzmacher [Mon, 1 Dec 2008 21:44:40 +0000 (13:44 -0800)]
s3:smbd: write times should be set on the base file instead of the stream name

metze

13 years agos3-samr: fix various potential memleaks in samr_SetUserInfo.
Günther Deschner [Mon, 1 Dec 2008 21:20:41 +0000 (22:20 +0100)]
s3-samr: fix various potential memleaks in samr_SetUserInfo.

Was there any reason why we did all these individual TALLOC_FREEs ?

Guenther

13 years agos3-samr: fix return code for invalid password sets in SetUserInfo.
Günther Deschner [Thu, 27 Nov 2008 00:25:46 +0000 (01:25 +0100)]
s3-samr: fix return code for invalid password sets in SetUserInfo.

Guenther

13 years agos3-samr: never allow to alter pwdlastset directly.
Günther Deschner [Thu, 27 Nov 2008 16:29:30 +0000 (17:29 +0100)]
s3-samr: never allow to alter pwdlastset directly.

Guenther

13 years agos3:smbd: return DELETE_PENDING on path based operations on streams, when the main...
Stefan Metzmacher [Mon, 1 Dec 2008 21:35:13 +0000 (13:35 -0800)]
s3:smbd: return DELETE_PENDING on path based operations on streams, when the main file was deleted.

metze

13 years agos3:smbd: construct the correct newname for stream renames
Stefan Metzmacher [Mon, 1 Dec 2008 21:31:28 +0000 (13:31 -0800)]
s3:smbd: construct the correct newname for stream renames

The Windows Explorer creates temporary streams and renames
them later via SFILEINFO_RENAME_INFO. The newname comes
in as ":Stream:$DATA".

metze

13 years agos3:smbd: wildcard characters are allowed in stream names
Stefan Metzmacher [Mon, 1 Dec 2008 21:27:08 +0000 (13:27 -0800)]
s3:smbd: wildcard characters are allowed in stream names

We only check the filename of the basefile now.

metze

13 years agos3:smbd: correctly verify stream names to pass RAW-STREAMS
Stefan Metzmacher [Mon, 1 Dec 2008 21:21:56 +0000 (13:21 -0800)]
s3:smbd: correctly verify stream names to pass RAW-STREAMS

metze

13 years agos3:smbd: '|' isn't allowed in windows filenames
Stefan Metzmacher [Mon, 1 Dec 2008 20:59:40 +0000 (12:59 -0800)]
s3:smbd: '|' isn't allowed in windows filenames

metze

13 years agoSet PRESENT flag when returning NULL [SD]ACL like Windows does.
Steven Danneman [Mon, 1 Dec 2008 19:12:59 +0000 (11:12 -0800)]
Set PRESENT flag when returning NULL [SD]ACL like Windows does.

This could also be handled inside each ACL VFS module, by setting the PRESENT
flag when a NULL [SD]ACL is created.

13 years agoFix a debug message, append the correct \n
Volker Lendecke [Mon, 1 Dec 2008 16:35:19 +0000 (17:35 +0100)]
Fix a debug message, append the correct \n

13 years agos3-libnetjoin: Fix bug #5749. Re-set acctflags while joining. fix from metze.
Günther Deschner [Fri, 28 Nov 2008 23:12:26 +0000 (00:12 +0100)]
s3-libnetjoin: Fix bug #5749. Re-set acctflags while joining. fix from metze.

Guenther

13 years agos3-libnetjoin: remove unused md4_trust_password, found by metze.
Günther Deschner [Fri, 28 Nov 2008 23:10:18 +0000 (00:10 +0100)]
s3-libnetjoin: remove unused md4_trust_password, found by metze.

Guenther

13 years agos3-samr: add init_samr_user_info25 and init_samr_user_info26.
Günther Deschner [Fri, 28 Nov 2008 10:15:29 +0000 (11:15 +0100)]
s3-samr: add init_samr_user_info25 and init_samr_user_info26.

Guenther

13 years agos3-samr: fix init_samr_user_info{23,24} callers.
Günther Deschner [Mon, 24 Nov 2008 17:49:37 +0000 (18:49 +0100)]
s3-samr: fix init_samr_user_info{23,24} callers.

Guenther

13 years agos3-build: re-run make samba3-idl.
Günther Deschner [Mon, 24 Nov 2008 15:32:18 +0000 (16:32 +0100)]
s3-build: re-run make samba3-idl.

Guenther

13 years agosamr: fix samr_UserInfo24 and samr_UserInfo26.
Günther Deschner [Mon, 24 Nov 2008 15:31:49 +0000 (16:31 +0100)]
samr: fix samr_UserInfo24 and samr_UserInfo26.

Guenther

13 years agoFix script installmo.sh when no .po file exists
Bo Yang [Tue, 2 Dec 2008 00:35:26 +0000 (08:35 +0800)]
Fix script installmo.sh when no .po file exists

13 years agovfs_tsmsm: fix potential segfault (freeing uninitialized buffer)
Michael Adam [Mon, 1 Dec 2008 05:17:43 +0000 (06:17 +0100)]
vfs_tsmsm: fix potential segfault (freeing uninitialized buffer)

Michael

13 years agowinbindd/nss_info: remove unused variable from nss_init()
Michael Adam [Mon, 1 Dec 2008 03:22:33 +0000 (04:22 +0100)]
winbindd/nss_info: remove unused variable from nss_init()

Michael

13 years agowinbindd/nss_info: make nss_domain_list_add_domain() static
Michael Adam [Mon, 1 Dec 2008 03:22:02 +0000 (04:22 +0100)]
winbindd/nss_info: make nss_domain_list_add_domain() static

Michael

13 years agowinbindd/nss_info: fix default backend handling for ad backends.
Michael Adam [Mon, 1 Dec 2008 01:01:44 +0000 (02:01 +0100)]
winbindd/nss_info: fix default backend handling for ad backends.

This fixes "winbind nss info = rfc2307" (or sfu or sfu20).
Originally, only explicitly configured domains (like "rfc2307:domain")
worked with the ad module, since the domain name was not passed
backe to the module. This is fixed by recording the first backend
listed without domain in the "winbind nss info" parameter as the
default backend, and creating new nss_domain entries (using this default
backend) on the fly as requests for domains which are not explicitly
configured are encountered.

Michael

13 years agowinbindd/nss_info: whitespace cleanup.
Michael Adam [Sun, 30 Nov 2008 23:56:50 +0000 (00:56 +0100)]
winbindd/nss_info: whitespace cleanup.

Remove trailing spaces and fix tab / space mixup.

Michael

13 years agowinbindd_cache: add debugging to get_nss_info_cached()
Michael Adam [Sun, 30 Nov 2008 22:00:19 +0000 (23:00 +0100)]
winbindd_cache: add debugging to get_nss_info_cached()

Michael

13 years agowinbindd/nss_info: add entry debug message to nss_get_info()
Michael Adam [Sun, 30 Nov 2008 21:57:41 +0000 (22:57 +0100)]
winbindd/nss_info: add entry debug message to nss_get_info()

Michael

13 years agowinbindd/nss_info: add debugging to nss_init()
Michael Adam [Sun, 30 Nov 2008 21:54:42 +0000 (22:54 +0100)]
winbindd/nss_info: add debugging to nss_init()

Michael

13 years agowinbindd/idmap_ad: add entry debug message to nss_ad_get_info()
Michael Adam [Sun, 30 Nov 2008 21:50:26 +0000 (22:50 +0100)]
winbindd/idmap_ad: add entry debug message to nss_ad_get_info()

Michael

13 years agowinbindd/idmap_ad: add support for trusted domains to idmap_ad (bug #3661)
Michael Adam [Wed, 26 Nov 2008 22:09:49 +0000 (23:09 +0100)]
winbindd/idmap_ad: add support for trusted domains to idmap_ad (bug #3661)

This initial fix does at least work for explicitly configured domains.

The patch has a few disadvantages:

1. It does work only for explicitly configured domains, not with
   the default backend (idmap backend = ad), since it relies on the
   domain name being passed in via the idmap_domain. One workaround
   for this would be to create clones of the default idmap_domain
   for domains not explicitly configured.

2. It calls find_domain_from_name_noinit() from idmap_ad_cached_connection.
   The problem here is that only the NetBIOS domain name (workgroup
   name) is passed in via the idmap_domain struct, and the module
   has to establish a connection to the domain based on that information.
   find_domain_from_name_noinit() has the disadvantage that it uses the state
   of the domain list at fork time (unless used from the main winbindd).
   But this should be ok as long as the primary domain was reachable at
   start time.

For nss_info, the situation is similar - This will only work for domains
explicitly configured in smb.conf as follows:
"winbind nss info = rfc2307:dom1 sfu:dom2 rfc2307:dom3 template:dom4"
Setting the default nss info to one of the ad backends (rfc2307, sfu, sfu20)
will fail since the domain name is not passed in with the nss_domain_entry.

Michael

13 years agowinbindd/idmap_ad: refactor core of nss_{sfu|sfu20|rfc2307}_init to common function.
Michael Adam [Wed, 26 Nov 2008 21:23:34 +0000 (22:23 +0100)]
winbindd/idmap_ad: refactor core of nss_{sfu|sfu20|rfc2307}_init to common function.

Michael

13 years agowinbindd/idmap_ad: rename ctx to mem_ctx in nss_ad_get_info()
Michael Adam [Wed, 26 Nov 2008 14:16:22 +0000 (15:16 +0100)]
winbindd/idmap_ad: rename ctx to mem_ctx in nss_ad_get_info()

in preparation to using the idmap_ad_context there

Michael

13 years agowinbindd/idmap: add diagnostic entry debug msg to idmap_backends_sid_to_unixid
Michael Adam [Fri, 28 Nov 2008 09:40:42 +0000 (10:40 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_sid_to_unixid

Michael

13 years agowinbindd/idmap: add diagnostic entry debug msg to idmap_backends_unixid_to_sid
Michael Adam [Fri, 28 Nov 2008 09:40:01 +0000 (10:40 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_unixid_to_sid

Michael

13 years agowinbindd/idmap: add diagnostic entry debug msg to idmap_find_domain().
Michael Adam [Fri, 28 Nov 2008 09:08:46 +0000 (10:08 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_find_domain().

Michael

13 years agowinbindd/idmap_util: unify entering debug messages and add ouput of domain
Michael Adam [Fri, 28 Nov 2008 09:05:19 +0000 (10:05 +0100)]
winbindd/idmap_util: unify entering debug messages and add ouput of domain

Michael

13 years agowinbindd/nss_info: change nss_map_{to|from}_alias to take nss_domain_entry
Michael Adam [Mon, 1 Dec 2008 03:17:55 +0000 (04:17 +0100)]
winbindd/nss_info: change nss_map_{to|from}_alias to take nss_domain_entry

instead of just the domain name

Michael

13 years agoWHATSNEW: Update changes.
Karolin Seeger [Thu, 27 Nov 2008 15:09:23 +0000 (16:09 +0100)]
WHATSNEW: Update changes.

Karolin

13 years agoFix the offset checks in the trans routines
Volker Lendecke [Sat, 8 Nov 2008 16:14:06 +0000 (17:14 +0100)]
Fix the offset checks in the trans routines

This fixes a potential crash bug, a client can make us read memory we
should not read. Luckily I got the disp checks right...

Volker
(cherry picked from commit 64a1d80851da5b05e70ec6c96f6e9bd473748369)
(cherry picked from commit f04c5650a3aeca23591ddc781c4b297caaf9bb3f)

13 years agolibwbclient: Implement wbcGetgrent and wbcGetgrlist
Kai Blin [Sun, 23 Nov 2008 16:11:09 +0000 (17:11 +0100)]
libwbclient: Implement wbcGetgrent and wbcGetgrlist

13 years agolibwbclient: Implement wbcGetpwent
Kai Blin [Sun, 23 Nov 2008 15:36:01 +0000 (16:36 +0100)]
libwbclient: Implement wbcGetpwent

13 years agolibwbclient: Add placeholder function for WINBINDD_CCACHE_NTLMAUTH
Kai Blin [Sun, 23 Nov 2008 14:16:17 +0000 (15:16 +0100)]
libwbclient: Add placeholder function for WINBINDD_CCACHE_NTLMAUTH

13 years agolibwbclient: Fix typo in wbcGetgrent docstring.
Kai Blin [Sun, 23 Nov 2008 10:18:40 +0000 (11:18 +0100)]
libwbclient: Fix typo in wbcGetgrent docstring.

13 years agolibwbclient: Add placeholder function for WINBINDD_GETGRLST
Kai Blin [Sun, 23 Nov 2008 10:17:42 +0000 (11:17 +0100)]
libwbclient: Add placeholder function for WINBINDD_GETGRLST

13 years agolibwbclient: Add placeholder functions for wbcQuery[GSU]idTo[GSU]id
Kai Blin [Sat, 22 Nov 2008 23:57:33 +0000 (00:57 +0100)]
libwbclient: Add placeholder functions for wbcQuery[GSU]idTo[GSU]id

13 years agoFix circular dependency error with autoconf 2.6.3.
Andreas Schneider [Wed, 26 Nov 2008 21:20:22 +0000 (13:20 -0800)]
Fix circular dependency error with autoconf 2.6.3.

Signed-off-by: Andreas Schneider <anschneider@suse.de>
13 years agoWHATSNEW: Update changes.
Karolin Seeger [Wed, 26 Nov 2008 14:58:42 +0000 (15:58 +0100)]
WHATSNEW: Update changes.

Karolin

13 years agoWHATSNEW: Update changes and release date.
Karolin Seeger [Wed, 26 Nov 2008 10:20:03 +0000 (11:20 +0100)]
WHATSNEW: Update changes and release date.

Karolin

13 years agoFix bug #5914 - Build failure: redefinition of struct name_list
Jeremy Allison [Tue, 25 Nov 2008 23:54:53 +0000 (15:54 -0800)]
Fix bug #5914 - Build failure: redefinition of struct name_list
Jeremy.

13 years agos3-samr: fix _samr_LookupNames return code.
Günther Deschner [Tue, 25 Nov 2008 11:19:35 +0000 (12:19 +0100)]
s3-samr: fix _samr_LookupNames return code.

Guenther

13 years agos3-libnetjoin: fix build warning.
Günther Deschner [Fri, 21 Nov 2008 14:56:30 +0000 (15:56 +0100)]
s3-libnetjoin: fix build warning.

Guenther

13 years agos3-libnetjoin: try to show a better error message upon invalid configuration.
Günther Deschner [Thu, 6 Nov 2008 12:37:03 +0000 (13:37 +0100)]
s3-libnetjoin: try to show a better error message upon invalid configuration.

Guenther

13 years agoWHATSNEW: add more items.
Günther Deschner [Fri, 21 Nov 2008 22:28:23 +0000 (23:28 +0100)]
WHATSNEW: add more items.

Guenther

13 years agozfsacl: "return" is not a function.
Michael Adam [Mon, 24 Nov 2008 15:35:41 +0000 (16:35 +0100)]
zfsacl: "return" is not a function.

Michael

13 years agozfsacl: Prevent calling POSIX ACL vfs methods on zfs share.
Nils Goroll [Mon, 17 Nov 2008 00:06:28 +0000 (01:06 +0100)]
zfsacl: Prevent calling POSIX ACL vfs methods on zfs share.

This is a proposed fix for Bugs #5135 and #5446.

Signed-off-by: Michael Adam <obnox@samba.org>
13 years ago[PATCH] Allow SYSLOG_FACILITY to be modified with a new configure option called ...
Dan Sledz [Mon, 17 Nov 2008 01:40:03 +0000 (17:40 -0800)]
[PATCH] Allow SYSLOG_FACILITY to be modified with a new configure option called --with-syslog-facility

13 years agoFix bug #5873 - ACL inheritance cannot be broken. This regresses #4308, but that...
Jeremy Allison [Mon, 24 Nov 2008 23:28:53 +0000 (15:28 -0800)]
Fix bug #5873 - ACL inheritance cannot be broken. This regresses #4308, but that will have to
be fixed another way.
Jeremy.

13 years agoFix to allow setting of NULL DACL/SACL
Steven Danneman [Mon, 24 Nov 2008 20:05:09 +0000 (12:05 -0800)]
Fix to allow setting of NULL DACL/SACL

This is a modification of Jeremy's 7522ef15aca2429ef57c75d8297dd8121e79c9da
commit.

If no DACL/SACL is present in the packet, the SEC_INFO field should still be
passed down as is to the VFS layer to signal the creation of a NULL DACL/SACL.

As seen in metze RAW-ACL test_nttrans_create_null_dacl(), a NULL DACL is set
regardless of the SEC_DESC_DACL_PRESENT bit being set.

13 years agoSearch for gpfs functions in both libgpfs_gpl.so an libgpfs.so
Mathias Dietz [Wed, 12 Nov 2008 13:32:45 +0000 (14:32 +0100)]
Search for gpfs functions in both libgpfs_gpl.so an libgpfs.so

As of GPFS 3.2.1 PTF8 libgpfs will be available as GPL, so we don't need the
special libgpfs_gpl lib anymore. For backwards compatibility with pre-PTF8 GPFS
installations, still look there.

13 years agolibads/ldap.c: return an error instead of crashing when no realm is given
Stefan Metzmacher [Mon, 24 Nov 2008 14:07:56 +0000 (15:07 +0100)]
libads/ldap.c: return an error instead of crashing when no realm is given

The bug was triggered by "net ads info -S 127.8.7.6" (where 127.8.7.6 doesn't exist)
and "disable netbios = yes".

metze

Signed-off-by: Michael Adam <obnox@samba.org>
13 years agotags: Ignore include/proto.h from tag generation
Kai Blin [Sun, 23 Nov 2008 21:31:12 +0000 (22:31 +0100)]
tags: Ignore include/proto.h from tag generation

13 years agonfs4_acls: make prototype header match definition for smb_set_nt_acl_nfs4()
Michael Adam [Sat, 22 Nov 2008 00:51:41 +0000 (01:51 +0100)]
nfs4_acls: make prototype header match definition for smb_set_nt_acl_nfs4()

Add the const from nfs4_acls.c to nfs4_acls.h
This fixes my build of the zfsacl module on solaris.

Michael

13 years agoRevert f268d75f5ed1258b08c5571780ea3be6724daed4 - "Fix the logic bug that caused...
Jeremy Allison [Sat, 22 Nov 2008 06:46:37 +0000 (22:46 -0800)]
Revert f268d75f5ed1258b08c5571780ea3be6724daed4 - "Fix the logic bug that caused us to
run into kernel oplocks on an open for a stream inside a file with stream_xattr module. On
opening the base_fsp we must break existing oplocks." as it broke make test.
Jeremy

13 years agoFix the logic bug that caused us to run into kernel oplocks on an open for a stream...
Jeremy Allison [Sat, 22 Nov 2008 02:20:55 +0000 (18:20 -0800)]
Fix the logic bug that caused us to run into kernel oplocks on an open for a stream inside a file with stream_xattr module. On opening the base_fsp we must break existing oplocks.
Jeremy.

13 years ago[PATCH] FreeBSD configure check for backtrace_symbols
Dan Sledz [Sat, 15 Nov 2008 02:41:17 +0000 (18:41 -0800)]
[PATCH] FreeBSD configure check for backtrace_symbols

On FreeBSD backtrace_symbols is defined in libexecinfo.so.1.  Look for it
there as well.

13 years agoMerge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into v3-3-test
Jeremy Allison [Sat, 22 Nov 2008 00:04:12 +0000 (16:04 -0800)]
Merge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into v3-3-test

13 years agoUse fxattr calls whenever possible (trying to work around the strange Linux kernel...
Jeremy Allison [Sat, 22 Nov 2008 00:03:35 +0000 (16:03 -0800)]
Use fxattr calls whenever possible (trying to work around the strange Linux kernel oplock bug).
Jeremy.

13 years agowinbindd: make all winbind rpc-methods static.
Michael Adam [Fri, 21 Nov 2008 23:02:40 +0000 (00:02 +0100)]
winbindd: make all winbind rpc-methods static.

Now that the methods are no longer needed in winbindd_ads,
we can make them static again.

Michael

13 years agos3-winbindd_ads: use the reconnect methods instead of the rpc methods directly
Michael Adam [Fri, 21 Nov 2008 01:26:50 +0000 (02:26 +0100)]
s3-winbindd_ads: use the reconnect methods instead of the rpc methods directly

Some of the ads methods just point to the rpc methods.
This makes winbindd_ads use the reconnect methods instead of
calling the rpc methods directly in order to prevent
negative cache entries for e.g. name_to_sid, when the dc
has closed the connection without sending a reset.

Michael

13 years agowinbindd_ads: prevent negative GM/ cache entries due to broken connections
Michael Adam [Thu, 20 Nov 2008 15:57:44 +0000 (16:57 +0100)]
winbindd_ads: prevent negative GM/ cache entries due to broken connections

The ads lookup_groupmem() function calls lda_lookupsids to resolve sids
to names. This is tried only once. So in case the connection was broken,
e.g. closed by the server (without a reset packet), there will be an empty
GM/ cache entry for the requested group which will prevent proper working
of access checks among other checks for the expiry period.

This patch works around this problem by retrying once if the lsa_lookupsids
call fails, re-establishing the dc-connection, as we already do in many other
places (e.g. the winbindd retry methods for the rpc layer).

Michael

13 years agowinbindd_group: don't list the domain twice when expanding internal aliases
Michael Adam [Sun, 21 Sep 2008 00:07:43 +0000 (02:07 +0200)]
winbindd_group: don't list the domain twice when expanding internal aliases

Before this, "getent group builtin\\administrators" expanded
domain group members in the form DOMAIN\domain\user.

Michael

13 years agowinbindd_group: sanely handle NULL domain in add_member().
Michael Adam [Sun, 21 Sep 2008 00:06:44 +0000 (02:06 +0200)]
winbindd_group: sanely handle NULL domain in add_member().

Michael

13 years agowinbindd_ads: honour "winbind use default domain" in lookup_groupmem().
Michael Adam [Mon, 22 Sep 2008 08:39:37 +0000 (10:39 +0200)]
winbindd_ads: honour "winbind use default domain" in lookup_groupmem().

This fixes the output of "getent group" when "winbind use default domain = yes"
with security = ads.

Michael