Volker Lendecke [Thu, 4 Jan 2018 19:37:16 +0000 (20:37 +0100)]
libnet: Use talloc_zero instead of ZERO_STRUCTP
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Trever L. Adams [Wed, 24 Jan 2018 18:21:11 +0000 (11:21 -0700)]
Samba-VirusFilter: clean up dir check vfs_close and vfs_open
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Trever L. Adams [Wed, 24 Jan 2018 17:42:11 +0000 (10:42 -0700)]
Samba-VirusFilter: fix virusfilter_vfs_close() crash
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Wed, 24 Jan 2018 11:57:43 +0000 (12:57 +0100)]
libnmb: Fix CID
1428474 Incorrect expression (COPY_PASTE_ERROR)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 25 01:53:53 CET 2018 on sn-devel-144
Trever L. Adams [Tue, 18 Oct 2016 19:40:01 +0000 (13:40 -0600)]
Samba-VirusFilter: clamav VFS and man page.
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas@osstech.co.jp>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jan 24 15:08:59 CET 2018 on sn-devel-144
Trever L. Adams [Tue, 18 Oct 2016 19:39:20 +0000 (13:39 -0600)]
Samba-VirusFilter: F-Secure AntiVirus (fsav) VFS and man page.
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas@osstech.co.jp>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Trever L. Adams [Tue, 18 Oct 2016 19:38:14 +0000 (13:38 -0600)]
Samba-VirusFilter: Sophos VFS backend.
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas@osstech.co.jp>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Trever L. Adams [Tue, 18 Oct 2016 19:34:53 +0000 (13:34 -0600)]
Samba-VirusFilter: common headers and sources.
Samba-VirusFilter Contributors:
SATOH Fumiyasu @ OSS Technology Corp., Japan
Module creator/maintainer
Luke Dixon luke.dixon@zynstra.com
Samba 4 support
Trever L. Adams
Documentation
Code contributions
Samba-master merge work
With many thanks to the Samba Team.
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas@osstech.co.jp>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Trever L. Adams [Tue, 18 Oct 2016 19:37:19 +0000 (13:37 -0600)]
Samba-VirusFilter: memcache changes.
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Martin Schwenke [Tue, 23 Jan 2018 09:18:54 +0000 (20:18 +1100)]
ctdb-tests: Fix a typo
This typo causes the script to be run with the default shell. If this
is not bash then the shell will fail to parse integration.bash.
This is a regression caused by commit
c607989d91b64d837253aae794b1a3d6013eb3e0. Clearly nobody has run this
test on Debian for a long time. :-(
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Jan 24 10:28:52 CET 2018 on sn-devel-144
Martin Schwenke [Mon, 22 Jan 2018 08:48:02 +0000 (19:48 +1100)]
ctdb-tests: Add a UNIT pseudo-test-suite
This runs all of the unit tests.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 22 Jan 2018 08:14:48 +0000 (19:14 +1100)]
ctdb-tests: Only use socket-wrapper for simple, local daemon tests
The run_tests.sh -S option now takes the path to the socker-wrapper
shared library.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 20 Jan 2018 06:05:37 +0000 (17:05 +1100)]
ctdb-tests: Add timeout for individual tests, default is 10 minutes
This will cause a hung test to time out and fail rather than letting a
test run hang indefinitely. Some tests can take 5 minutes to run, so
10 minutes should be plenty.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Tue, 16 Jan 2018 15:21:08 +0000 (16:21 +0100)]
libnmb: Move "read_packet" to nmbd
It's only used there
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 24 05:48:19 CET 2018 on sn-devel-144
Volker Lendecke [Tue, 16 Jan 2018 14:50:19 +0000 (15:50 +0100)]
libnmb: Make nb_packet_read_recv return a talloc'ed pkt
This saves a few explicit destructors only doing free_packet()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 23 Jan 2018 13:39:21 +0000 (14:39 +0100)]
libnmb: Add "parse_packet_talloc"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 13 Jan 2018 16:41:01 +0000 (17:41 +0100)]
libcli/resolve: Make functions static
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 23 06:36:36 CET 2018 on sn-devel-144
Volker Lendecke [Sat, 13 Jan 2018 16:39:24 +0000 (17:39 +0100)]
libcli/resolve: Make functions static
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 13 Jan 2018 16:38:16 +0000 (17:38 +0100)]
libcli/resolve: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 5 Jan 2018 16:11:43 +0000 (17:11 +0100)]
dsgetdcname: Fix a signed/unsigned hickup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 18 Jan 2018 12:28:30 +0000 (13:28 +0100)]
libnmb: Fix two signed/unsigned hickups
Two warnings less
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 16 Jan 2018 14:04:06 +0000 (15:04 +0100)]
libnmb: tsocket_address_unix_from_path deals fine with NULL
Other callers use NULL instead of "". Streamline it a bit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 16 Jan 2018 14:07:47 +0000 (15:07 +0100)]
libnmb: Remove a pointless struct member
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 15 Jan 2018 15:12:15 +0000 (16:12 +0100)]
libsmb: Give unexpected.c its own header
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 19 Jan 2018 13:30:20 +0000 (14:30 +0100)]
waf: Fix NFS quota support with libtirpc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 22 17:26:52 CET 2018 on sn-devel-144
Andreas Schneider [Fri, 19 Jan 2018 14:34:32 +0000 (15:34 +0100)]
wafsamba: Allow passing 'lib' to CHECK_STRUCTURE_MEMBER
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
We need to be able to point it to the right header location, so we need
to be able to pass the 'lib' that it gets set.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 16 Jan 2018 16:48:10 +0000 (17:48 +0100)]
build: deal with recent glibc sunrpc header removal
We need to rely on libtirpc or libntirpc to be around in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10976
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Fri, 19 Jan 2018 08:33:21 +0000 (09:33 +0100)]
include: Create system/nis.h in libreplace
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Fri, 19 Jan 2018 08:32:49 +0000 (09:32 +0100)]
s3:waf: Move HAVE_NETGROUP to wscript
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Stefan Metzmacher [Fri, 19 Jan 2018 10:50:55 +0000 (11:50 +0100)]
dbcheck: disable fixing duplicate linked attributes until we can recover lost forward links
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 17 Jan 2018 07:07:03 +0000 (08:07 +0100)]
repl_meta_data: fix linked attribute corruption on databases with unsorted links on expunge
This is really critical bug, it removes valid linked attributes.
When a DC was provisioned/joined with a Samba version older than 4.7
is upgraded to 4.7 (or later), it can happen that the garbage collection
(dsdb_garbage_collect_tombstones()), triggered periodically by the 'kcc' task
of 'samba' or my 'samba-tool domain tombstones expunge' corrupt the linked attributes.
This is similar to Bug #13095 - Broken linked attribute handling,
but it's not triggered by an originating change.
The bug happens in replmd_modify_la_delete()
were get_parsed_dns_trusted() generates a sorted array of
struct parsed_dn based on the values in old_el->values.
If the database doesn't support the sortedLinks compatibleFeatures
in the @SAMBA_DSDB record, it's very likely that
the array of old_dns is sorted differently than the values
in old_el->values.
The problem is that struct parsed_dn has just a pointer
'struct ldb_val *v' that points to the corresponding
value in old_el->values.
Now if vanish_links is true the damage happens here:
if (vanish_links) {
unsigned j = 0;
for (i = 0; i < old_el->num_values; i++) {
if (old_dns[i].v != NULL) {
old_el->values[j] = *old_dns[i].v;
j++;
}
}
old_el->num_values = j;
}
old_el->values[0] = *old_dns[0].v;
can change the value old_dns[1].v is pointing at!
That means that some values can get lost while others
are stored twice, because the LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
allows it to be stored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 18 Jan 2018 13:54:04 +0000 (14:54 +0100)]
testprogs:blackbox: add regression test for unsorted links in tombstones-expunge.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Martin Schwenke [Thu, 18 Jan 2018 05:08:15 +0000 (16:08 +1100)]
talloc: Fix documentation typo
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jan 22 11:11:38 CET 2018 on sn-devel-144
Amitay Isaacs [Mon, 22 Jan 2018 01:54:49 +0000 (12:54 +1100)]
ctdb-tests: Avoid race condition in sock_daemon test 5
This test fails when it takes more than 10s to run. This can occur
when the system is loaded and socket-wrapper is used.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Volker Lendecke [Thu, 18 Jan 2018 09:57:23 +0000 (10:57 +0100)]
docs: Remove prog_guide4.txt
Move the still relevant parts elsewhere
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sun Jan 21 11:48:01 CET 2018 on sn-devel-144
Volker Lendecke [Fri, 19 Jan 2018 12:15:58 +0000 (12:15 +0000)]
vfs_fileid: Fix the 32-bit build
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Puran Chand [Wed, 10 Jan 2018 07:43:44 +0000 (13:13 +0530)]
Added smbc_SetConfiguration which lets the user set the smb.conf for libsmbclient code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13229
Signed-off-by: Puran Chand <pchand@vmware.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Alexander Bokovoy [Tue, 24 Oct 2017 09:01:39 +0000 (12:01 +0300)]
mit-kdb: support MIT Kerberos 1.16 KDB API changes
MIT Kerberos 1.16 adds ability to audit local and remote addresses
during AS_REQ processing. As result, audit_as_req callback signature
was changed to include the addresses and KDB API version was increased.
Change mit-kdb code to properly expose audit_as_req signature KDC
expects in 1.16 version. Also update #ifdefs to account for the new
KDB API version.
This commit does not add actual audit of the local and remote IP
addresses, it only makes it possible to compile against MIT Kerberos
1.16.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jan 19 01:36:22 CET 2018 on sn-devel-144
Volker Lendecke [Wed, 17 Jan 2018 13:45:49 +0000 (14:45 +0100)]
winbind: Fix CID
1427626 Uninitialized scalar variable
Likely a false positive, but Coverity can't follow all the paths leading
to line 1598.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jan 17 23:58:34 CET 2018 on sn-devel-144
Volker Lendecke [Wed, 17 Jan 2018 13:38:41 +0000 (14:38 +0100)]
pdb: Fix CID
1427620 Resource leak
It's not exactly a resource leak (we only really realloc if we shrink
dramatically), but assigning the result from tdb_realloc looks nicer.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 17 Jan 2018 13:42:31 +0000 (14:42 +0100)]
winbind: Fix CID
1427626 Uninitialized scalar variable
Likely a false positive, but Coverity can't follow all the paths leading
to line 2030
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 17 Jan 2018 13:38:41 +0000 (14:38 +0100)]
pdb: Fix CID
1427624 Resource leak
It's not exactly a resource leak (we only really realloc if we shrink
dramatically), but assigning the result from tdb_realloc looks nicer.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Sachin Prabhu [Tue, 14 Nov 2017 10:21:44 +0000 (15:51 +0530)]
vfs_glusterfs: Add fallocate support for vfs_glusterfs
Adds fallocate support to the vfs glusterfs plugin.
v2: Add check for glusterfs-api version.
RHBZ:
1478875
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 17 06:09:29 CET 2018 on sn-devel-144
Christof Schmitt [Wed, 10 Jan 2018 22:56:08 +0000 (15:56 -0700)]
Remove file system sharemode before calling unlink
GPFS implements the DENY_DELETE sharemode, which prevents unlink() from
deleting the file.. This causes the problem that deleting a file through
"delete on close" fails, as the code in close.c first calls unlink() and
only later removes the file system sharemode.
Fix this by removing the file system sharemode before calling unlink().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13217
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Wed Jan 17 01:31:53 CET 2018 on sn-devel-144
Günther Deschner [Tue, 16 Jan 2018 15:25:01 +0000 (16:25 +0100)]
packaging: fix default systemd-dir path.
https://bugzilla.samba.org/show_bug.cgi?id=13227
By default we should not end up with a
/usr/usr/lib/systemd/system path.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jan 16 21:02:28 CET 2018 on sn-devel-144
Günther Deschner [Mon, 15 Jan 2018 20:56:22 +0000 (21:56 +0100)]
python: fix the build with python3.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13221
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Jamie McClymont [Mon, 15 Jan 2018 02:25:10 +0000 (15:25 +1300)]
selftest: fix envvars for creation of default user in wait_for_start
Resolves failure of ad_member to start up under ad_dc (if
the user is determined to be needed).
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13225
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Jan 16 07:12:01 CET 2018 on sn-devel-144
Volker Lendecke [Mon, 15 Jan 2018 10:42:29 +0000 (11:42 +0100)]
srcctl3: Improve debug messages
A customer's syslog was filled with
_svcctl_OpenServiceW: Failed to get a valid security descriptor
messages. This improves the messages to give info about which service failed
with which error code. Also, it makes OpenServiceW fail with the same error
message Windows fails with for unknown services.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 16 02:43:03 CET 2018 on sn-devel-144
Volker Lendecke [Mon, 15 Jan 2018 09:47:51 +0000 (10:47 +0100)]
rpc_server: Improve a debug message
A client sending us a bind with an unknown interface should not spam
syslog by default. Also, show what interface the client tried to connect
to.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 11 Jan 2018 08:06:31 +0000 (09:06 +0100)]
s3:rpc_client: Clenup copy_netr_SamInfo3() code
This gets rid of some strange macro and makes sure we clenaup at the
end.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 15 22:16:13 CET 2018 on sn-devel-144
Andreas Schneider [Thu, 11 Jan 2018 08:37:22 +0000 (09:37 +0100)]
s3:winbind: Use a stackframe and cleanup when leaving
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Thu, 11 Jan 2018 08:27:50 +0000 (09:27 +0100)]
s3:winbind: Use a goto for cleaning up at the end
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Thu, 11 Jan 2018 08:23:05 +0000 (09:23 +0100)]
s3:winbindd: Improve logic so it is easier to understand
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Karolin Seeger [Thu, 11 Jan 2018 10:11:56 +0000 (11:11 +0100)]
VERSION: Bump version up to 4.9.0pre1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Jan 15 02:51:51 CET 2018 on sn-devel-144
Karolin Seeger [Thu, 11 Jan 2018 10:01:57 +0000 (11:01 +0100)]
VERSION: Bump version up to 4.8.0rc1...
and disable GIT_SNAPSHOT for the release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 11 Jan 2018 09:02:33 +0000 (10:02 +0100)]
WHATSNEW: Add release notes for Samba 4.8.0rc1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Fri, 12 Jan 2018 12:45:33 +0000 (13:45 +0100)]
s4:torture: Improve error message in whoami test
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Sun Jan 14 22:09:24 CET 2018 on sn-devel-144
Andreas Schneider [Thu, 11 Jan 2018 10:00:43 +0000 (11:00 +0100)]
s3:test: Always validate the join after changing the secret
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Pair-Programmed-With: Ralph Boehme <slow@samba.org>
Mathieu Parent [Thu, 11 Jan 2018 20:18:46 +0000 (21:18 +0100)]
waf: Remove build system info (uname -a)
Preventing reproducible builds while adding minor benefit.
More information at <https://reproducible-builds.org/>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13213
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Mathieu Parent [Thu, 12 May 2016 20:16:24 +0000 (22:16 +0200)]
systemd: Fix kill path
Bug-Debian: https://bugs.debian.org/828730
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12402
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Mathieu Parent [Thu, 12 May 2016 20:16:24 +0000 (22:16 +0200)]
systemd: Add documentation to Unit files
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12402
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Mathieu Parent [Thu, 11 Jan 2018 09:07:17 +0000 (10:07 +0100)]
systemd: syslog.target is obsolete
After=syslog.target is unnecessary by now because syslog is
socket-activated and will therefore be started when needed.
Ref: https://lintian.debian.org/tags/systemd-service-file-refers-to-obsolete-target.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12402
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Volker Lendecke [Thu, 11 Jan 2018 10:55:39 +0000 (11:55 +0100)]
torture: Add test for channel sequence number handling
We run into an assert when the csn wraps
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jan 14 14:47:15 CET 2018 on sn-devel-144
Volker Lendecke [Thu, 11 Jan 2018 10:25:49 +0000 (11:25 +0100)]
smbXcli: Add "force_channel_sequence"
This enables use of the channel sequence number even for
non-multi-channel servers. This makes our client invalid, but we need to
protect against broken clients with tests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 11 Jan 2018 14:34:45 +0000 (15:34 +0100)]
smbd: Fix channel sequence number checks for long-running requests
When the client's supplied csn overflows and hits a pending, long-running
request's csn, we panic. Fix this by counting the overflows in
smbXsrv_open_global0->channel_generation
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 10 Jan 2018 13:59:08 +0000 (14:59 +0100)]
smbd: Remove a "!" from an if-condition for easier readability
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 10 Jan 2018 14:51:56 +0000 (15:51 +0100)]
torture4: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 10 Jan 2018 13:29:01 +0000 (14:29 +0100)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sun, 14 Jan 2018 08:58:13 +0000 (09:58 +0100)]
winbindd: set routing_domain when enumerating trusts
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Garming Sam [Tue, 9 Jan 2018 03:28:36 +0000 (16:28 +1300)]
docs: Remove reference to environment variables for now
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jan 14 03:08:01 CET 2018 on sn-devel-144
David Mulder [Tue, 21 Nov 2017 10:44:12 +0000 (03:44 -0700)]
gpo: Add the winbind call to gpupdate
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 6 Dec 2017 19:51:22 +0000 (12:51 -0700)]
Revert "gpo: Create the gpo update service"
This reverts commit
5662e49b49f6557c80f216f510f224bbf800f40a.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Mon, 8 Jan 2018 16:19:13 +0000 (09:19 -0700)]
gpo: Continue parsing GPOs even if one fails
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Mon, 8 Jan 2018 16:16:11 +0000 (09:16 -0700)]
gpo: Fix crashes in gpo unapply
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrej Gessel [Mon, 13 Nov 2017 10:07:43 +0000 (11:07 +0100)]
samba_kcc: do not commit new nTDSConnection, if we are rodc
Traceback (most recent call last):
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/sbin/samba_kcc", line 337, in <module>
/usr/local/samba/sbin/samba_kcc: attempt_live_connections=opts.attempt_live_connections)
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/lib/python2.7/site-packages/samba/kcc/__init__.py", line 2644, in run
/usr/local/samba/sbin/samba_kcc: all_connected = self.intersite(ping)
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/lib/python2.7/site-packages/samba/kcc/__init__.py", line 1883, in intersite
/usr/local/samba/sbin/samba_kcc: all_connected = self.create_intersite_connections()
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/lib/python2.7/site-packages/samba/kcc/__init__.py", line 1817, in create_intersite_connections
/usr/local/samba/sbin/samba_kcc: part, True)
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/lib/python2.7/site-packages/samba/kcc/__init__.py", line 1769, in create_connections
/usr/local/samba/sbin/samba_kcc: partial_ok, detect_failed)
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/lib/python2.7/site-packages/samba/kcc/__init__.py", line 1594, in create_connection
/usr/local/samba/sbin/samba_kcc: lbh.commit_connections(self.samdb)
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/lib/python2.7/site-packages/samba/kcc/kcc_utils.py", line 827, in commit_connections
/usr/local/samba/sbin/samba_kcc: connect.commit_added(samdb, ro)
/usr/local/samba/sbin/samba_kcc: File "/usr/local/samba/lib/python2.7/site-packages/samba/kcc/kcc_utils.py", line 1123, in commit_added
/usr/local/samba/sbin/samba_kcc: (self.dnstr, estr))
/usr/local/samba/sbin/samba_kcc: samba.kcc.kcc_utils.KCCError: Could not add nTDSConnection for (CN=
862f0429-c72c-4a81-ae9a-
96820bb2f96d,CN=NTDS Settings,
CN=BUILDHOST,CN=Servers,CN=Testsite,CN=Sites,CN=Configuration,DC=samdom,DC=com) - (Invalid LDB reply type 1)
../source4/dsdb/kcc/kcc_periodic.c:693: Failed samba_kcc - NT_STATUS_ACCESS_DENIED
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Sat Jan 13 22:01:49 CET 2018 on sn-devel-144
Douglas Bagnall [Fri, 15 Dec 2017 02:58:46 +0000 (15:58 +1300)]
samba_kcc: simplify NCReplica.set_instantiated_flags()
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 13 Dec 2017 04:50:56 +0000 (17:50 +1300)]
samba_kcc: simplify NCReplica constructor
There is nothing to be gained from setting the dn and guid separately
except subtle bugs.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 13 Dec 2017 04:35:29 +0000 (17:35 +1300)]
samba_kcc: clarify readonly logging, removing now unused function
The unused function was somewhat misnamed.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 13 Dec 2017 03:04:19 +0000 (16:04 +1300)]
samba_kcc: remove unused functions
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 29 Nov 2017 20:24:05 +0000 (09:24 +1300)]
samba_kcc: fix dot_file_dir documentation
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 16 Nov 2017 03:47:32 +0000 (16:47 +1300)]
samba_kcc: remove an unused function
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 9 Aug 2017 23:57:24 +0000 (11:57 +1200)]
samba-tool visualize for understanding AD DC behaviour
To work out what is happening in a replication graph, it is sometimes
helpful to use visualisations. We introduce a samba-tool subcommand to
write Graphviz dot output and generate text-based heatmaps of the
distance in hops between DCs.
There are two subcommands, two graphical modes, and (roughly) two modes of
operation with respect to the location of authority.
`samba-tool visualize ntdsconn` looks at NTDS Connections.
`samba-tool visualize reps` looks at repsTo and repsFrom objects.
In '--distance' mode (default), the distances between DCs are shown in
a matrix in the terminal. With '--color=yes', this is depicted as a
heatmap. With '--utf8' it is a lttle prettier.
In '--dot' mode, Graphviz dot output is generated. When viewed using
dot or xdot, this shows the network as a graph with DCs as vertices
and connections edges. Certain types of degenerate edges are shown in
different colours or line-styles.
Normally samba-tool talks to one database; with the '-r' (a.k.a.
'--talk-to-remote') option attempts are made to contact all the DCs
known to the first database. This is necessary to get sensible results
from `samba-tool visualize reps` because the repsFrom/To objects are
not replicated, and it can reveal replication issues in other modes.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 10 Aug 2017 03:29:43 +0000 (15:29 +1200)]
samba_kcc: use new graph module for writing dot files
We avoid changing the (annoying) signature of write_dot_file().
Using samba_kcc to write dot files may be deprecated.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 10 Jan 2018 02:25:22 +0000 (15:25 +1300)]
python/graph: module for generating ASCII and graphviz visualisations
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 11 Jan 2018 08:56:40 +0000 (21:56 +1300)]
samba_kcc: respect kcc.read_only flag on RODC
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 2 Jan 2018 20:20:09 +0000 (09:20 +1300)]
samba_kcc: kcc.debug module defers to samba.colour
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Sun, 7 Jan 2018 10:17:38 +0000 (23:17 +1300)]
python: module containing ANSI colour sequences
This is going to be used by `samba-tool visualize` and samba_kcc.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 5 Jan 2018 03:45:37 +0000 (16:45 +1300)]
python tests: assert string equality, with diff
In the success case this works just like self.assertEqual(),
but when things fail you get a better representation of where it went
wrong (a unified diff).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 11 Jan 2018 18:32:59 +0000 (07:32 +1300)]
samba_kcc: documentation fix
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 12 Jan 2018 13:52:45 +0000 (14:52 +0100)]
s4:torture/samba_tool_drs: demote the test dc at the end of test_samba_tool_replicate_local()
Otherwise this taints other tests which might follow.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 11 Jan 2018 11:46:24 +0000 (12:46 +0100)]
WHATSNEW: document some more new options
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Sat Jan 13 17:12:38 CET 2018 on sn-devel-144
Stefan Metzmacher [Wed, 29 Nov 2017 15:02:28 +0000 (16:02 +0100)]
winbindd: add "winbind scan trusted domains = no" to avoid trust enumeration
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 13 Dec 2017 07:53:16 +0000 (08:53 +0100)]
winbindd: add more trust types to get_trust_type_string
Add support for the following trust types: "Local", "Workstation",
"RWDC", "RODC"´and "Routed (via ...)".
Where we previously returned "None" this now returns "Routed (via ...)",
otherwise (hopefully) no change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 13 Dec 2017 15:01:50 +0000 (16:01 +0100)]
libwbclient: add more trust types
Prepare libwbclient for additional trust types and trust routing.
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 13 Dec 2017 15:02:22 +0000 (16:02 +0100)]
wbinfo: support for local, workstation and routed trust types
Prepare wbinfo for additional trust types and trust routing.
This also modifies the output line for a "None" trust type by skipping
the transitivity and direction -- that just doesn't make sense without a
trust.
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Tue, 19 Dec 2017 16:26:46 +0000 (17:26 +0100)]
libwbclient: add trust routing and more trust-types
This adds the struct member and the defines, the implementation comes
later.
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Tue, 28 Nov 2017 16:46:03 +0000 (17:46 +0100)]
winbindd: fix trust_is_oubound()
A trust is only inbound if NETR_TRUST_FLAG_OUTBOUND is set. Trust flags = 0x0
does not imply an outbound trust, nor does NETR_TRUST_FLAG_IN_FOREST.
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Tue, 28 Nov 2017 16:44:41 +0000 (17:44 +0100)]
winbindd: fix trust_is_inbound()
A trust is only inbound if NETR_TRUST_FLAG_INBOUND is set. Trust flags = 0x0
does not imply an inbound trust, nor does NETR_TRUST_FLAG_IN_FOREST.
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Tue, 28 Nov 2017 16:32:59 +0000 (17:32 +0100)]
winbindd: transitive trust logic in trust_is_transitive()
trust_is_transitive() currently defaults to transitive=true, unless
LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE, LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN or
LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL trust attribute is set.
This is not correct, for the trust to be transative,
LSA_TRUST_ATTRIBUTE_WITHIN_FOREST or LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE must
be set.
Logic taken from dsdb_trust_routing_by_name().
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 29 Nov 2017 09:55:25 +0000 (10:55 +0100)]
winbindd: use add_trusted_domain_from_auth
After a successfully authentication, ensure we have the users domain in our
domain list and the TDC.
Signed-off-by: Ralph Boehme <slow@samba.org>