idra/samba.git
9 years agos3-prefork: Improve heuristics
Simo Sorce [Tue, 16 Aug 2011 22:20:51 +0000 (18:20 -0400)]
s3-prefork: Improve heuristics

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-lsasd: User new prefork helpers to simplify code.
Simo Sorce [Tue, 16 Aug 2011 16:01:02 +0000 (12:01 -0400)]
s3-lsasd: User new prefork helpers to simplify code.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-spoolssd: User new prefork helpers to simplify code.
Simo Sorce [Tue, 16 Aug 2011 15:38:03 +0000 (11:38 -0400)]
s3-spoolssd: User new prefork helpers to simplify code.

Also stop using the listening as now the prefork code properly sets
the PF_WORKER_ACCEPTING flag and it can be relied upon without having to keep
additional status around.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-prefork: add a few more utility functions
Simo Sorce [Tue, 16 Aug 2011 15:09:20 +0000 (11:09 -0400)]
s3-prefork: add a few more utility functions

Add a few util functions children side so that daemons do not have
to care about properly setting num_clients and state. Let a common
helper do it so that they are all consistent.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-prefrok: Handle only valid children
Simo Sorce [Tue, 16 Aug 2011 15:07:27 +0000 (11:07 -0400)]
s3-prefrok: Handle only valid children

Children that are about to exit shouldn't be counted as a source of
connections, and also makes no sense to chenge their allowances if they are
about to exit.
Also children with negative num_clients are faulty, exclude them as well.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-prefork: Fix worker flags handling.
Simo Sorce [Tue, 16 Aug 2011 15:37:41 +0000 (11:37 -0400)]
s3-prefork: Fix worker flags handling.

We can't have a clear idea of wether the worker is IDLE or BUSY.
The only things we can tell is if it is Alive, whether it is currently
Accepting connections or wether it is Exiting soon.

Remove PF_WORKER_IDLE, PF_WORKER_BUSY and replace their use with
PF_WORKER_ALIVE. Also properly assign PF_WORKER_ACCEPTING so that
users of the API can rely on the flag.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-prefork: do not use a lock_fd, just race on accept()
Simo Sorce [Tue, 16 Aug 2011 13:30:28 +0000 (09:30 -0400)]
s3-prefork: do not use a lock_fd, just race on accept()

We used a lock mimicking what apache does for preforked children.
But it doesn't work properly in our case because we do not stop once a request
has been served. Clients are allowed to perform multiple requests and keep the
connection open.
This means that if we allow multiple clients per children, then a child could
take the lock and then be asked to do a long or even locking operation by a
client it already is serving. This woulkd cause the whole server to deadlock,
as the child is now busy and also holding on the lock.
Using a race on accept() by having a tevent_fd on the listening socket wait
for read events we never deadlock. At most we cause a bit of contention among
children. But in the generic case connections are much less frequent for us as
clients tend to be long lived. So the little contention we may have is not a
big deal.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agorpc_server: Add forward declaration for dcerpc_transport_t.
Andreas Schneider [Tue, 16 Aug 2011 07:52:42 +0000 (09:52 +0200)]
rpc_server: Add forward declaration for dcerpc_transport_t.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-waf: Fix build with lsasd.
Andreas Schneider [Mon, 15 Aug 2011 11:25:37 +0000 (13:25 +0200)]
s3-waf: Fix build with lsasd.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-lsasd: Use prefrok utils to manage children
Simo Sorce [Fri, 12 Aug 2011 21:21:50 +0000 (17:21 -0400)]
s3-lsasd: Use prefrok utils to manage children

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-spoolssd: Use prefrok utils to manage children
Simo Sorce [Fri, 12 Aug 2011 19:25:48 +0000 (15:25 -0400)]
s3-spoolssd: Use prefrok utils to manage children

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-prefork: Add common utilities for daemons
Simo Sorce [Fri, 12 Aug 2011 19:24:17 +0000 (15:24 -0400)]
s3-prefork: Add common utilities for daemons

Daemons using the prefork infrastructure may want to use these utils to
configure and manage a pool of children.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-spoolss: Introduce helper function to manage pool.
Simo Sorce [Fri, 12 Aug 2011 16:24:48 +0000 (12:24 -0400)]
s3-spoolss: Introduce helper function to manage pool.

We were not properly managing allowed clients and pool management was
duplicated across a few callers.
Concentrate all management heuristics in one single function.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-prefork: Allow better management of allowed_clients
Simo Sorce [Fri, 12 Aug 2011 16:24:13 +0000 (12:24 -0400)]
s3-prefork: Allow better management of allowed_clients

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-winbind: We need to use internal rpc connections in winbind.
Andreas Schneider [Fri, 12 Aug 2011 09:19:09 +0000 (11:19 +0200)]
s3-winbind: We need to use internal rpc connections in winbind.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-spoolssd: Fix spoolss logging.
Simo Sorce [Thu, 11 Aug 2011 18:23:19 +0000 (14:23 -0400)]
s3-spoolssd: Fix spoolss logging.

Use the same code as in lsasd.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-lsasd: Import fixes from spoolssd
Simo Sorce [Thu, 11 Aug 2011 18:24:05 +0000 (14:24 -0400)]
s3-lsasd: Import fixes from spoolssd

Properly rotate log files in children by using a gloabl lsasd_child_id
variable.
Simplify code by using a global lsasd_pool variable, we can never use
more than one prefork pool in the same process anyway.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agoselftest: Enable testing of the lsa service daemon.
Andreas Schneider [Thu, 11 Aug 2011 07:51:16 +0000 (09:51 +0200)]
selftest: Enable testing of the lsa service daemon.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Use rpc_epmapper_mode() in ep_register()
Simo Sorce [Wed, 10 Aug 2011 20:17:44 +0000 (16:17 -0400)]
s3-rpc_server: Use rpc_epmapper_mode() in ep_register()

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Use rpc_service_mode() in np_open()
Simo Sorce [Wed, 10 Aug 2011 20:13:42 +0000 (16:13 -0400)]
s3-rpc_server: Use rpc_service_mode() in np_open()

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Use rpc_service_mode() in rpc_pipe_open_interface()
Simo Sorce [Wed, 10 Aug 2011 19:34:37 +0000 (15:34 -0400)]
s3-rpc_server: Use rpc_service_mode() in rpc_pipe_open_interface()

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agoselftest: Fix daemon testing to use the new syntax.
Simo Sorce [Thu, 11 Aug 2011 02:04:19 +0000 (22:04 -0400)]
selftest: Fix daemon testing to use the new syntax.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Replace RPC_SERVICE_MODE_DAEMON checks
Simo Sorce [Wed, 10 Aug 2011 19:23:20 +0000 (15:23 -0400)]
s3-rpc_server: Replace RPC_SERVICE_MODE_DAEMON checks

Use rpc_daemon_type() macros where appropriate instead.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Move config helpers in one place.
Simo Sorce [Wed, 10 Aug 2011 20:33:22 +0000 (16:33 -0400)]
s3-rpc_server: Move config helpers in one place.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Add helper to define/retrieve daemons configuration
Simo Sorce [Wed, 10 Aug 2011 19:02:24 +0000 (15:02 -0400)]
s3-rpc_server: Add helper to define/retrieve daemons configuration

Wtith this set of helper functions we make it easy to configure if we want to
use an embedded rpc server, or if we want to fork one. Or even just disable it
and let a third party server be used when the service is configured as
"external".

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Reduce code duplication
Simo Sorce [Wed, 10 Aug 2011 18:25:56 +0000 (14:25 -0400)]
s3-rpc_server: Reduce code duplication

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-smbd: Start lsasd as deamon.
Andreas Schneider [Tue, 2 Aug 2011 08:59:05 +0000 (10:59 +0200)]
s3-smbd: Start lsasd as deamon.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Correctly register lsa, samr and netlogon.
Andreas Schneider [Fri, 15 Jul 2011 16:34:17 +0000 (18:34 +0200)]
s3-rpc_server: Correctly register lsa, samr and netlogon.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-lsasd: Create a lsa service daemon.
Andreas Schneider [Mon, 23 May 2011 10:39:07 +0000 (12:39 +0200)]
s3-lsasd: Create a lsa service daemon.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-spoolssd: Check if we were able to create the prefork pool.
Andreas Schneider [Fri, 15 Jul 2011 16:08:35 +0000 (18:08 +0200)]
s3-spoolssd: Check if we were able to create the prefork pool.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-prefork: Fix cast warning.
Andreas Schneider [Wed, 20 Jul 2011 12:24:15 +0000 (14:24 +0200)]
s3-prefork: Fix cast warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Make dcerpc_ncacn_accept() public.
Andreas Schneider [Wed, 20 Jul 2011 14:26:48 +0000 (16:26 +0200)]
s3-rpc_server: Make dcerpc_ncacn_accept() public.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Check explicit for external and daemon server type.
Andreas Schneider [Wed, 3 Aug 2011 10:14:16 +0000 (12:14 +0200)]
s3-rpc_server: Check explicit for external and daemon server type.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agos3-rpc_server: Fix include order in srv_pipe_hnd.c.
Andreas Schneider [Wed, 3 Aug 2011 10:13:56 +0000 (12:13 +0200)]
s3-rpc_server: Fix include order in srv_pipe_hnd.c.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
9 years agotalloc: Fix talloc-compat pc files/headers.
Jelmer Vernooij [Sun, 21 Aug 2011 01:19:17 +0000 (03:19 +0200)]
talloc: Fix talloc-compat pc files/headers.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Aug 21 04:53:07 CEST 2011 on sn-devel-104

9 years agowafsamba: Only install .pc files if libraries are public.
Jelmer Vernooij [Sun, 21 Aug 2011 01:02:58 +0000 (03:02 +0200)]
wafsamba: Only install .pc files if libraries are public.

9 years agotdb: Install pkg-config file.
Jelmer Vernooij [Sun, 21 Aug 2011 00:54:53 +0000 (02:54 +0200)]
tdb: Install pkg-config file.

9 years agowafsamba: Require public libraries to have headers.
Jelmer Vernooij [Sun, 21 Aug 2011 00:26:51 +0000 (02:26 +0200)]
wafsamba: Require public libraries to have headers.

9 years agodcerpc-binding: Install header file.
Jelmer Vernooij [Sun, 21 Aug 2011 00:24:50 +0000 (02:24 +0200)]
dcerpc-binding: Install header file.

9 years agogensec: Install header file.
Jelmer Vernooij [Sun, 21 Aug 2011 00:24:36 +0000 (02:24 +0200)]
gensec: Install header file.

9 years agosamdb: Install header file.
Jelmer Vernooij [Sun, 21 Aug 2011 00:24:25 +0000 (02:24 +0200)]
samdb: Install header file.

9 years agos4/libpolicy: Install header file.
Jelmer Vernooij [Sun, 21 Aug 2011 00:24:12 +0000 (02:24 +0200)]
s4/libpolicy: Install header file.

9 years agowafsamba: Require public libraries to have a pc file specified, or explicitly specifi...
Jelmer Vernooij [Sun, 21 Aug 2011 00:09:14 +0000 (02:09 +0200)]
wafsamba: Require public libraries to have a pc file specified, or explicitly specified that they don't need one.

9 years agowbclient: Add pkg-config file.
Jelmer Vernooij [Sat, 20 Aug 2011 00:34:16 +0000 (02:34 +0200)]
wbclient: Add pkg-config file.

9 years agosamba-credentials: Add pkg-config file.
Jelmer Vernooij [Sat, 20 Aug 2011 00:32:58 +0000 (02:32 +0200)]
samba-credentials: Add pkg-config file.

9 years agoEnsure we never wait past absolute entime to do a get_cached_ldap_connect().
Jeremy Allison [Sat, 20 Aug 2011 16:37:04 +0000 (09:37 -0700)]
Ensure we never wait past absolute entime to do a get_cached_ldap_connect().

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Aug 20 20:09:37 CEST 2011 on sn-devel-104

9 years agoRemove the tortured logic in another_ldap_try() and turn it into
Jeremy Allison [Sat, 20 Aug 2011 04:40:54 +0000 (21:40 -0700)]
Remove the tortured logic in another_ldap_try() and turn it into
get_cached_ldap_connect(), which much better describes it's function.

Now we always break at the right places in the loop, we can replace
the while (another_ldap_try(ldap_state, &rc, &attempts, abs_endtime))
construct with simply while (1).

9 years agoFactor out the ldap_get_option calls into a function.
Jeremy Allison [Sat, 20 Aug 2011 04:30:04 +0000 (21:30 -0700)]
Factor out the ldap_get_option calls into a function.

9 years agoSimplify the logic on the another_ldap_try() loops by breaking
Jeremy Allison [Sat, 20 Aug 2011 04:27:18 +0000 (21:27 -0700)]
Simplify the logic on the another_ldap_try() loops by breaking
early out of the loop on success.

9 years agoMove the alarm setup/teardown out of another_ldap_try() and into separate
Jeremy Allison [Sat, 20 Aug 2011 04:19:28 +0000 (21:19 -0700)]
Move the alarm setup/teardown out of another_ldap_try() and into separate
functions that bracket the another_ldap_try() loop. We now never leave a
dangling alarm pending on success.

9 years agoAllow the timeout pointer to ldap_search_ext_s() to be NULL if lp_ldap_timeout()...
Jeremy Allison [Sat, 20 Aug 2011 04:08:10 +0000 (21:08 -0700)]
Allow the timeout pointer to ldap_search_ext_s() to be NULL if lp_ldap_timeout() == 0.

9 years agoMake it clear the time here is an absolute endtime. Don't set the alarm if the LDAP...
Jeremy Allison [Sat, 20 Aug 2011 04:01:49 +0000 (21:01 -0700)]
Make it clear the time here is an absolute endtime. Don't set the alarm if the LDAP timeout is zero.

9 years agoAlways remove the alarm before changing the handler, not the other way around.
Jeremy Allison [Sat, 20 Aug 2011 03:55:41 +0000 (20:55 -0700)]
Always remove the alarm before changing the handler, not the other way around.

9 years agoRemove old_handler as alarms can't be nested. Use SIG_IGN instead.
Jeremy Allison [Sat, 20 Aug 2011 03:54:41 +0000 (20:54 -0700)]
Remove old_handler as alarms can't be nested. Use SIG_IGN instead.

9 years agoChange got_alarm from bool to the correct type of SIG_ATOMIC_T.
Jeremy Allison [Sat, 20 Aug 2011 03:53:49 +0000 (20:53 -0700)]
Change got_alarm from bool to the correct type of SIG_ATOMIC_T.

9 years agoIf "ldap timeout" is non-zero, set the local search timeout to
Jeremy Allison [Sat, 20 Aug 2011 01:43:51 +0000 (18:43 -0700)]
If "ldap timeout" is non-zero, set the local search timeout to
be one second longer than the remote search timeout (which is
set to the "ldap timeout" value). This allows the remote search
timeout to fire in preference.

Allow lp_ldap_timeout() to be zero. Don't set the any local alarm
if so.

9 years agoRe-arrange the optimization to reduce tdb fcntl calls if smbd is not
Ira Cooper [Fri, 19 Aug 2011 17:32:29 +0000 (10:32 -0700)]
Re-arrange the optimization to reduce tdb fcntl calls if smbd is not
clustered. procid_is_me() is much cheaper to test and can optimize
up to 50% of the calls to serverid_exists(). Volker please check.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Aug 20 01:15:07 CEST 2011 on sn-devel-104

9 years agos3:passdb/py_passdb.c - restore Python >= 2.4 compatibility
Matthias Dieter Wallnöfer [Fri, 19 Aug 2011 17:27:32 +0000 (19:27 +0200)]
s3:passdb/py_passdb.c - restore Python >= 2.4 compatibility

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Aug 19 21:03:44 CEST 2011 on sn-devel-104

9 years agoldb:ldb_controls.c - cosmetic indentation fix
Matthias Dieter Wallnöfer [Wed, 22 Jun 2011 12:46:09 +0000 (14:46 +0200)]
ldb:ldb_controls.c - cosmetic indentation fix

9 years agoldb - two cosmetic fixes
Matthias Dieter Wallnöfer [Tue, 21 Jun 2011 09:32:02 +0000 (11:32 +0200)]
ldb - two cosmetic fixes

@ldb.h: Removes an invalid comment line
@pyldb.c: Fixes indentation

9 years agoRevert "s3-messaging: IDMAP_ messages belongs to the Winbind range"
Simo Sorce [Fri, 19 Aug 2011 12:07:30 +0000 (08:07 -0400)]
Revert "s3-messaging: IDMAP_ messages belongs to the Winbind range"

This reverts commit 102f39ae3e7df26faf81595c8e0120b2e2a45bbd.

These messages are handled by smbd not winbind, and could potentially be of
general interest.

Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Fri Aug 19 16:16:05 CEST 2011 on sn-devel-104

9 years agos3-passdb pdb_samba4 handles PDB_PWHISTORY already
Andrew Bartlett [Mon, 15 Aug 2011 08:07:09 +0000 (18:07 +1000)]
s3-passdb pdb_samba4 handles PDB_PWHISTORY already

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Aug 19 10:40:16 CEST 2011 on sn-devel-104

9 years agos3_upgrade: Set the administrator password on upgrade
Amitay Isaacs [Fri, 19 Aug 2011 05:53:28 +0000 (15:53 +1000)]
s3_upgrade: Set the administrator password on upgrade

In the upgrade process, set the administrator password from the
existing root or administrator account.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Fix the get/set routines for pw_history for samu
Amitay Isaacs [Fri, 19 Aug 2011 05:50:49 +0000 (15:50 +1000)]
s3-passdb: Fix the get/set routines for pw_history for samu

Return pw_history with current string length (which is a multiple
of PW_HISTORY_ENTRY_LEN) and same thing for setting the pw_history.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3_upgrade: Do not add administrator and root accounts from s3 to s4
Amitay Isaacs [Fri, 19 Aug 2011 02:33:15 +0000 (12:33 +1000)]
s3_upgrade: Do not add administrator and root accounts from s3 to s4

Need to copy the password from s3 for administrator/root to s4.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agopython-samba3: Secrets file loaded from private dir, not lib dir
Amitay Isaacs [Fri, 19 Aug 2011 02:30:19 +0000 (12:30 +1000)]
python-samba3: Secrets file loaded from private dir, not lib dir

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Display username when reporting error on add_sam_account.
Amitay Isaacs [Fri, 19 Aug 2011 02:27:42 +0000 (12:27 +1000)]
s3-passdb: Display username when reporting error on add_sam_account.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Use pdb_get_nt_passwd() to get nt passwd.
Amitay Isaacs [Fri, 19 Aug 2011 02:26:53 +0000 (12:26 +1000)]
s3-passdb: Use pdb_get_nt_passwd() to get nt passwd.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3upgrade: Add idmap migration, users/groups import
Amitay Isaacs [Thu, 18 Aug 2011 05:21:32 +0000 (15:21 +1000)]
s3upgrade: Add idmap migration, users/groups import

Added users/groups import from s3 using python wrapper for passdb.
Fix idmap entries for users/groups when migrating from s3 idmap.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agoprovision: Add idmap database handle to the result of provision
Amitay Isaacs [Thu, 18 Aug 2011 05:17:40 +0000 (15:17 +1000)]
provision: Add idmap database handle to the result of provision

It is required in s3_upgrade script to migrate idmap database from s3 to s4.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agosamba3-python: Add methods to get any entry (user/group) and its sid from idmap
Amitay Isaacs [Thu, 18 Aug 2011 05:15:20 +0000 (15:15 +1000)]
samba3-python: Add methods to get any entry (user/group) and its sid from idmap

This is required in upgrade_s3 script to migrate idmap database from s3 to s4

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agopy_security: Fix comparison between two dom_sid objects
Amitay Isaacs [Thu, 18 Aug 2011 05:11:20 +0000 (15:11 +1000)]
py_security: Fix comparison between two dom_sid objects

dom_sid_compare() function can return values other than -1, 0, 1.
Python requires compare function to return value from [-1, 0, 1].

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Fix call for search_aliases(). It returns bool and not NTSTATUS.
Amitay Isaacs [Thu, 18 Aug 2011 05:08:22 +0000 (15:08 +1000)]
s3-passdb: Fix call for search_aliases(). It returns bool and not NTSTATUS.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Return list of sids from python wrapper enum_group_members
Amitay Isaacs [Thu, 18 Aug 2011 05:07:06 +0000 (15:07 +1000)]
s3-passdb: Return list of sids from python wrapper enum_group_members

Instead of returning rids as the C api does, return sids, so it is
similar to enum_aliasmem and can be used easily in s3_upgrade.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Make arguments for python wrapper enum_group_mapping() optional
Amitay Isaacs [Thu, 18 Aug 2011 05:05:18 +0000 (15:05 +1000)]
s3-passdb: Make arguments for python wrapper enum_group_mapping() optional

Set the defaults, if no arguments are provided.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Added python wrapper for passdb methods
Amitay Isaacs [Thu, 18 Aug 2011 05:02:22 +0000 (15:02 +1000)]
s3-passdb: Added python wrapper for passdb methods

Added following methods
 - uid_to_sid, gid_to_sid, sid_to_id, new_rid
 - get_trusteddom_pw, set_trusteddom_pw, del_trusteddom_pw, enum_trusteddoms
 - get_trusted_domain, get_trusted_domain_by_sid, set_trusted_domain,
   del_trusted_domain, enum_trusted_domains
 - get_secret, set_secret, delete_secret

Updated documentation for all methods

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Python wrapper for passdb
Amitay Isaacs [Mon, 15 Aug 2011 07:21:38 +0000 (17:21 +1000)]
s3-passdb: Python wrapper for passdb

- Added Groupmap python wrapper
- Added passdb methods

   getgrsid, getgrgid, getgrnam
   create_dom_group, delete_dom_group
   add_group_mapping_entry, update_group_mapping_entry, delete_group_mapping_entry
   enum_group_mapping, enum_group_members
   add_groupmem, del_groupmem
   create_alias, delete_alias
   get_aliasinfo, set_aliasinfo
   add_aliasmem, del_aliasmem, enum_aliasmem
   get_account_policy, set_account_policy
   search_groups, search_aliases

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agos3-passdb: Replace SMB_MALLOC_ARRAY()/SAFE_FREE() with talloc equivalents.
Amitay Isaacs [Mon, 15 Aug 2011 07:12:46 +0000 (17:12 +1000)]
s3-passdb: Replace SMB_MALLOC_ARRAY()/SAFE_FREE() with talloc equivalents.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
9 years agoFix bug #8370 - vfs_chown_fsp broken -- returns in the wrong directory
Jeremy Allison [Thu, 18 Aug 2011 21:11:45 +0000 (14:11 -0700)]
Fix bug #8370 - vfs_chown_fsp broken -- returns in the wrong directory

Ensure we always use vfs_ChDir() to keep the singleton cache coherent.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Aug 19 00:43:05 CEST 2011 on sn-devel-104

9 years agocredentials: Rename library to samba-credentials to avoid name clashes.
Jelmer Vernooij [Thu, 18 Aug 2011 18:43:00 +0000 (20:43 +0200)]
credentials: Rename library to samba-credentials to avoid name clashes.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu Aug 18 22:16:38 CEST 2011 on sn-devel-104

9 years agosmb_common: Fix include paths.
Jelmer Vernooij [Thu, 18 Aug 2011 13:21:02 +0000 (15:21 +0200)]
smb_common: Fix include paths.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu Aug 18 16:54:01 CEST 2011 on sn-devel-104

9 years agocli-raw: Add public libsmbclient-raw library.
Jelmer Vernooij [Thu, 18 Aug 2011 12:19:18 +0000 (14:19 +0200)]
cli-raw: Add public libsmbclient-raw library.

9 years agolibcliraw: Install more header files.
Jelmer Vernooij [Thu, 18 Aug 2011 12:01:12 +0000 (14:01 +0200)]
libcliraw: Install more header files.

9 years agosmb_common: Install some more headers.
Jelmer Vernooij [Thu, 18 Aug 2011 11:43:42 +0000 (13:43 +0200)]
smb_common: Install some more headers.

9 years agolibcliraw: Install request.h and signing.h.
Jelmer Vernooij [Thu, 18 Aug 2011 11:31:03 +0000 (13:31 +0200)]
libcliraw: Install request.h and signing.h.

9 years agosmb_composite: Remove unnecessary include of signing header.
Jelmer Vernooij [Thu, 18 Aug 2011 11:08:34 +0000 (13:08 +0200)]
smb_composite: Remove unnecessary include of signing header.

9 years agosmb_composite: Integrate prototypes in header file.
Jelmer Vernooij [Thu, 18 Aug 2011 10:59:25 +0000 (12:59 +0200)]
smb_composite: Integrate prototypes in header file.

9 years agoUse public pytalloc header file.
Jelmer Vernooij [Sun, 14 Aug 2011 13:34:08 +0000 (15:34 +0200)]
Use public pytalloc header file.

9 years agos3/ldap: don't continue if we couldn't get the domain info on startup
Björn Jacke [Mon, 15 Aug 2011 12:46:12 +0000 (14:46 +0200)]
s3/ldap: don't continue if we couldn't get the domain info on startup

while some things work without the domain info, some important things don't,
which is highly irritating. As even calls like EnumTrustDom fail and
thus clients' domain logins fail we are sufficiently broken to refuse to go on.

Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Thu Aug 18 12:48:37 CEST 2011 on sn-devel-104

9 years agos4-test: use dbcheck on more of our selftest databases
Andrew Tridgell [Mon, 15 Aug 2011 05:58:27 +0000 (15:58 +1000)]
s4-test: use dbcheck on more of our selftest databases

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Aug 18 02:58:55 CEST 2011 on sn-devel-104

9 years agos4-test: only check one database in quickcheck
Andrew Tridgell [Mon, 15 Aug 2011 06:20:21 +0000 (16:20 +1000)]
s4-test: only check one database in quickcheck

9 years agos4-dsdb: fixed deletion of backlinks for fl2000 DCs
Andrew Tridgell [Mon, 15 Aug 2011 06:03:11 +0000 (16:03 +1000)]
s4-dsdb: fixed deletion of backlinks for fl2000 DCs

when in FL 2000 we were not correctly deleting backlinks as we uses
dsdb_find_dn_by_guid() which doesn't find deleted objects. Modules
should use dsdb_module_dn_by_guid() which prevents going to the top
level, and finds deleted objects

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-dsdb: added comments and fixed backlink check in repl_meta_data
Andrew Tridgell [Mon, 15 Aug 2011 06:01:39 +0000 (16:01 +1000)]
s4-dsdb: added comments and fixed backlink check in repl_meta_data

added comments explaining the backlink deletion code, plus fix a use
of a bitwise operation in a boolean expression, and avoid calling
dsdb_functional_level() inside a loop

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-dirsync: use dsdb_module_dn_by_guid() not dsdb_find_dn_by_guid() in modules
Andrew Tridgell [Mon, 15 Aug 2011 05:59:23 +0000 (15:59 +1000)]
s4-dirsync: use dsdb_module_dn_by_guid() not dsdb_find_dn_by_guid() in modules

this prevents us going to the top level of the module stack

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agosamba-tool: changed samba-tool user delete to use samdb instead of Net()
Andrew Tridgell [Mon, 15 Aug 2011 02:07:50 +0000 (12:07 +1000)]
samba-tool: changed samba-tool user delete to use samdb instead of Net()

this makes it possible to use with -H, so you can delete users on
remote DCs or against local databases

9 years agos4-samdb: added deleteuser() to samdb
Andrew Tridgell [Mon, 15 Aug 2011 02:06:59 +0000 (12:06 +1000)]
s4-samdb: added deleteuser() to samdb

This is similar to deletegroup()

9 years agos4-test: prevent the utable test from crashing
Andrew Tridgell [Sun, 14 Aug 2011 23:53:45 +0000 (09:53 +1000)]
s4-test: prevent the utable test from crashing

9 years agoAdapt del_sid_from_array to Samba coding style
Volker Lendecke [Wed, 17 Aug 2011 12:10:15 +0000 (14:10 +0200)]
Adapt del_sid_from_array to Samba coding style

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 17 16:46:24 CEST 2011 on sn-devel-104

9 years agoFix a typo
Volker Lendecke [Wed, 17 Aug 2011 12:09:10 +0000 (14:09 +0200)]
Fix a typo

9 years agos3: Next step to fix MIT trusts
Volker Lendecke [Wed, 17 Aug 2011 10:05:26 +0000 (12:05 +0200)]
s3: Next step to fix MIT trusts

aa3f10c was not complete in the sense that it did not fully cover some
conditions that led to invalid domains in the winbind parent

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 17 13:59:06 CEST 2011 on sn-devel-104