13 years agoChange uint_t to unsigned int in lib/talloc
Matt Kraai [Tue, 5 Jan 2010 17:40:26 +0000 (09:40 -0800)]
Change uint_t to unsigned int in lib/talloc

Signed-off-by: Stefan Metzmacher <>
13 years agoChange uint_t to unsigned int in lib/crypto
Matt Kraai [Tue, 5 Jan 2010 17:39:56 +0000 (09:39 -0800)]
Change uint_t to unsigned int in lib/crypto

Signed-off-by: Stefan Metzmacher <>
13 years agoChange uint_t to unsigned int in lib/replace
Matt Kraai [Tue, 5 Jan 2010 17:43:24 +0000 (09:43 -0800)]
Change uint_t to unsigned int in lib/replace

Signed-off-by: Stefan Metzmacher <>
13 years agos4:NBT-WINSREPLICATION: don't mark a local variable as static
Stefan Metzmacher [Mon, 1 Feb 2010 16:30:30 +0000 (17:30 +0100)]
s4:NBT-WINSREPLICATION: don't mark a local variable as static

This was somehow introduced in commit 8773e743c518578584d07d35ffdafdd598af88b0.


13 years agoAdd debug to make it clear when EA dosmode set is invoked.
Jeremy Allison [Tue, 2 Feb 2010 03:21:35 +0000 (19:21 -0800)]
Add debug to make it clear when EA dosmode set is invoked.


13 years agoFix bug #7084 - Create time on directories not stored properly in an EA in new create...
Jeremy Allison [Tue, 2 Feb 2010 02:50:43 +0000 (18:50 -0800)]
Fix bug #7084 - Create time on directories not stored properly in an EA in new create time code.

Remove erroneous optimisation that caused no EA to be set
if calculated btime matched st_ex btime, and calculated DOS
attribute matched existing file attribute.


13 years agoTorture test for bug 7084 - Create time on directories not stored properly in an...
Jeremy Allison [Tue, 2 Feb 2010 02:49:50 +0000 (18:49 -0800)]
Torture test for bug 7084 - Create time on directories not stored properly in an EA in new create time code.

Ensure new files in a directory don't reset the create time.


13 years agoArg. Got the sense of the test reversed to fix bug #7080 - Quota only shown when...
Jeremy Allison [Mon, 1 Feb 2010 23:57:16 +0000 (15:57 -0800)]
Arg. Got the sense of the test reversed to fix bug #7080 - Quota only shown when logged as root.. Doh !


13 years agoFix bug #7080 - Quota only shown when logged as root.
Jeremy Allison [Mon, 1 Feb 2010 23:55:55 +0000 (15:55 -0800)]
Fix bug #7080 - Quota only shown when logged as root.

conn->server_info->utok.uid == 0

isn't the correct check to see if we're root anymore. As rpc_samr_nt.c does,
the correct check is :

geteuid() == sec_initial_uid()


13 years agos4:NBT-WINS: test large scopes
Stefan Metzmacher [Mon, 1 Feb 2010 14:32:37 +0000 (15:32 +0100)]
s4:NBT-WINS: test large scopes


13 years agos4:NBT-WINS: pass the expected rcode of the name registration to the test code
Stefan Metzmacher [Mon, 1 Feb 2010 13:55:14 +0000 (14:55 +0100)]
s4:NBT-WINS: pass the expected rcode of the name registration to the test code


13 years agos4:NBT-WINSREPLICATION: test replication with names including scopes
Stefan Metzmacher [Sat, 30 Jan 2010 09:50:33 +0000 (10:50 +0100)]
s4:NBT-WINSREPLICATION: test replication with names including scopes


13 years agos4:NBT-WINSREPLICATION: fix compiler warnings
Stefan Metzmacher [Fri, 29 Jan 2010 15:42:24 +0000 (16:42 +0100)]
s4:NBT-WINSREPLICATION: fix compiler warnings


13 years agos4:NBT-WINSREPLICATION: use an array of nbt_names to loop over different names
Stefan Metzmacher [Fri, 29 Jan 2010 15:33:58 +0000 (16:33 +0100)]
s4:NBT-WINSREPLICATION: use an array of nbt_names to loop over different names


13 years agos4:winsserver: reject name registrations with a scope length > 237
Stefan Metzmacher [Mon, 1 Feb 2010 13:39:13 +0000 (14:39 +0100)]
s4:winsserver: reject name registrations with a scope length > 237

This matches Windows 2008 behavior. Name releases are just ignored.


13 years agos4:wrepl_server: truncate the scope of a netbios name to 237 bytes as Windows 2008...
Stefan Metzmacher [Sun, 31 Jan 2010 17:59:41 +0000 (18:59 +0100)]
s4:wrepl_server: truncate the scope of a netbios name to 237 bytes as Windows 2008 does


13 years agolibcli/nbt: fix ndr_push_nbt_string() string labels with a length of 63 (0x3F) are...
Stefan Metzmacher [Mon, 1 Feb 2010 14:18:15 +0000 (15:18 +0100)]
libcli/nbt: fix ndr_push_nbt_string() string labels with a length of 63 (0x3F) are allowed


13 years agos4/ldif: Handle Schema:prefixMap blobs in W2K3 and W2K8
Kamen Mazdrashki [Wed, 20 Jan 2010 16:10:05 +0000 (18:10 +0200)]
s4/ldif: Handle Schema:prefixMap blobs in W2K3 and W2K8

Signed-off-by: Stefan Metzmacher <>
13 years agos4/ldif: Better control on ldif_write_NDR() errors processing
Kamen Mazdrashki [Wed, 20 Jan 2010 15:58:39 +0000 (17:58 +0200)]
s4/ldif: Better control on ldif_write_NDR() errors processing

Current implementation mask NDR_ errors implicitly.
Thus the caller has no opportunity handle such an error.

Signed-off-by: Stefan Metzmacher <>
13 years agos4/idl: drsblobs IDL regeneration
Kamen Mazdrashki [Tue, 19 Jan 2010 14:54:09 +0000 (16:54 +0200)]
s4/idl: drsblobs IDL regeneration

Signed-off-by: Stefan Metzmacher <>
13 years agos4/drsblobs: Custom ndr_print_ implementation for drsuapi_MSPrefixMap_Entry
Kamen Mazdrashki [Tue, 19 Jan 2010 14:53:32 +0000 (16:53 +0200)]
s4/drsblobs: Custom ndr_print_ implementation for drsuapi_MSPrefixMap_Entry

Signed-off-by: Stefan Metzmacher <>
13 years agos4/idl: PrefixMap description for W2K3 and W2K8 Schema:prefixMap attribute
Kamen Mazdrashki [Tue, 19 Jan 2010 14:52:10 +0000 (16:52 +0200)]
s4/idl: PrefixMap description for W2K3 and W2K8 Schema:prefixMap attribute

Signed-off-by: Stefan Metzmacher <>
13 years agotdb: fix an early release of the global lock that can cause data corruption
Volker Lendecke [Fri, 29 Jan 2010 17:21:09 +0000 (18:21 +0100)]
tdb: fix an early release of the global lock that can cause data corruption

There was a bug in tdb where the

                tdb_brlock(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1);

(ending the transaction-"mutex") was done before the

                        /* remove the recovery marker */

This means that when a transaction is committed there is a window where another
opener of the file sees the transaction marker while the transaction committer
is still fully functional and working on it. This led to transaction being
rolled back by that second opener of the file while transaction_commit() gave
no error to the caller.

This patch moves the F_UNLCK to after the recovery marker was removed, closing
this window.

13 years agos4-smbtorture: check for RouterReplyPrinterEx packets inside backchannel in RPC-SPOOL...
Günther Deschner [Sun, 31 Jan 2010 19:39:36 +0000 (20:39 +0100)]
s4-smbtorture: check for RouterReplyPrinterEx packets inside backchannel in RPC-SPOOLSS-NOTIFY.


13 years agos4-smbtorture: also test RouterRefreshPrinterChangeNotify call in RPC-SPOOLSS-NOTIFY.
Günther Deschner [Sun, 31 Jan 2010 19:31:00 +0000 (20:31 +0100)]
s4-smbtorture: also test RouterRefreshPrinterChangeNotify call in RPC-SPOOLSS-NOTIFY.


13 years agos4-smbtorture: rework spoolss_NotifyOption handling in RPC-SPOOLSS-NOTIFY.
Günther Deschner [Sun, 31 Jan 2010 19:30:09 +0000 (20:30 +0100)]
s4-smbtorture: rework spoolss_NotifyOption handling in RPC-SPOOLSS-NOTIFY.


13 years agotestprogs: also print printer info during GetPrinter spoolss test.
Günther Deschner [Sun, 31 Jan 2010 19:23:35 +0000 (20:23 +0100)]
testprogs: also print printer info during GetPrinter spoolss test.


13 years agos4:kdc streamline context initialization
Simo Sorce [Sun, 31 Jan 2010 18:28:04 +0000 (13:28 -0500)]
s4:kdc streamline context initialization

Allow other plugins to init the context without having it try to grab sockets
or set samba specific logging.

13 years agos4:kdc Streamline client access verification call
Simo Sorce [Sun, 31 Jan 2010 17:49:07 +0000 (12:49 -0500)]
s4:kdc Streamline client access verification call

Move the core to pac-glue so that other plugins can use it.

13 years agos4:kdc Fix netbios name retrieval
Simo Sorce [Sun, 31 Jan 2010 17:53:50 +0000 (12:53 -0500)]
s4:kdc Fix netbios name retrieval

The code was looping but always checking only the first address.

13 years agos4:ldb quiet down rootdse control registration
Simo Sorce [Sun, 31 Jan 2010 18:24:18 +0000 (13:24 -0500)]
s4:ldb quiet down rootdse control registration

13 years agos3: Fix some DEBUG messages
Volker Lendecke [Sun, 31 Jan 2010 14:38:16 +0000 (15:38 +0100)]
s3: Fix some DEBUG messages

13 years agoFix bug #7079 - cliconnect gets realm wrong with trusted domains.
Jeremy Allison [Sun, 31 Jan 2010 03:24:28 +0000 (19:24 -0800)]
Fix bug #7079 - cliconnect gets realm wrong with trusted domains.

Passing NULL as dest_realm for cli_session_setup_spnego() was
always using our own realm (as for a NetBIOS name). Change this
to look for the mapped realm using krb5_get_host_realm() if
the destination machine name is a DNS name (contains a '.').
Could get fancier with DNS name detection (length, etc.) but
this will do for now.


13 years agos3/smbd: Fix string buffer overflow causing heap corruption
Steven Danneman [Sat, 30 Jan 2010 21:29:23 +0000 (13:29 -0800)]
s3/smbd: Fix string buffer overflow causing heap corruption

The destname malloc size was not taking into account the 1 extra byte
needed if a string without a leading '/' was passed in and that slash
was added.

This would cause the '\0' byte to be written past the end of the
malloced destname string and corrupt whatever heap memory was there.

This problem would be hit if a share name was given in smb.conf without
a leading '/' and if it was the exact size of the allocated STRDUP memory
which in some implementations of malloc is a power of 2.

13 years agos4:ldb Fix check made conditional by mistake
Simo Sorce [Sat, 30 Jan 2010 07:57:33 +0000 (02:57 -0500)]
s4:ldb Fix check made conditional by mistake

13 years agos4:ldb add support for permissive modify control
Simo Sorce [Sat, 30 Jan 2010 05:33:22 +0000 (00:33 -0500)]
s4:ldb add support for permissive modify control

13 years agoFix a really interesting problem found by Volker's conversion of sessionsetup SPNEGO...
Jeremy Allison [Sat, 30 Jan 2010 00:41:53 +0000 (16:41 -0800)]
Fix a really interesting problem found by Volker's conversion of sessionsetup SPNEGO to asynchronous code.

Normally clistr_push_fn() can depend upon cli->outbuf being
initialized by negprot and sessionsetup packets, and cli->outbuf[smb_flgs2] being
correctly set with FLAGS2_UNICODE_STRINGS when cli_setup_packet() is called. When
all the sessionsetups are async, then cli_setup_packet() is never called, the async
code uses cli_setup_packet_buf() - which initializes the allocated async buffer,
not the cli->outbuf one. So the first time clistr_push_fn() is called is from
libsmb/clidfs.c:cli_dfs_get_referral(), just after the connection and tconX.
In this case cli->outbuf has never been initialized, and cli->outbuf[smb_flgs2] = 0
so the DFS query pushes ASCII on the wire, which is not what we want :-).

Remove the dependency on cli->outbuf[smb_flgs2] in clistr_push_fn(), and
fake up a SVAL(cli->outbuf, smb_flg2) value using cli_ucs2(cli) function
instead, which has been initialized. We only care about the FLAGS2_UNICODE_STRINGS
bit anyway.

I don't think this is an issue for 3.5.0 as the sessionsetup is still
synchronous there, but Volker PLEASE CHECK !


13 years agoFix const warning.
Jeremy Allison [Fri, 29 Jan 2010 22:36:36 +0000 (14:36 -0800)]
Fix const warning.


13 years agoRevert "s4:include/includes.h - Need to include "system/network.h""
Matthias Dieter Wallnöfer [Fri, 29 Jan 2010 20:36:23 +0000 (21:36 +0100)]
Revert "s4:include/includes.h - Need to include "system/network.h""

This reverts commit 97fd03a15a694450e80310fc776a58c6fde58a52.

This obviously broke the build. Revert it for now.

13 years agos4:include/includes.h - Need to include "system/network.h"
Matthias Dieter Wallnöfer [Fri, 29 Jan 2010 19:13:38 +0000 (20:13 +0100)]
s4:include/includes.h - Need to include "system/network.h"

Otherwise I don't get the definition of "struct in_addr" for "lib/util/util.h" on CentOS 4.

13 years agos4:libcli/util/tstream.c - Need to include "system/network.h"
Matthias Dieter Wallnöfer [Fri, 29 Jan 2010 19:01:34 +0000 (20:01 +0100)]
s4:libcli/util/tstream.c - Need to include "system/network.h"

Otherwise I don't get "struct iovec" through "<sys/uio.h>" on CentOS 4.

13 years agolibcli/nbt: fix off-by-one bug in ndr_pull_wrepl_nbt_name()
Stefan Metzmacher [Thu, 28 Jan 2010 17:58:23 +0000 (18:58 +0100)]
libcli/nbt: fix off-by-one bug in ndr_pull_wrepl_nbt_name()

The scope starts at byte 17 with index 16.


13 years agolibcli/nbt: fix ndr_pull/push_wrepl_nbt_name()
Stefan Metzmacher [Thu, 28 Jan 2010 17:52:46 +0000 (18:52 +0100)]
libcli/nbt: fix ndr_pull/push_wrepl_nbt_name()

[MS-WINSRA] — v20091104 was wrong
regarding section " Name Record"

If the name buffer is already 4 byte aligned
Windows (at least 2003 SP1 and 2008) add 4 extra
bytes. This can happen when the name has a scope.


13 years agos3: link thread objects in libsmbclient only and adjust linker flags
Björn Jacke [Fri, 29 Jan 2010 14:23:29 +0000 (15:23 +0100)]
s3: link thread objects in libsmbclient only and adjust linker flags

13 years agoAIX doesn't have MSG_DONTWAIT
olivier [Fri, 29 Jan 2010 11:04:35 +0000 (12:04 +0100)]
AIX doesn't have MSG_DONTWAIT

13 years agoFixed a bug caused by a typo. Infrastructure role didn't work.
Nadezhda Ivanova [Fri, 29 Jan 2010 13:42:46 +0000 (15:42 +0200)]
Fixed a bug caused by a typo. Infrastructure role didn't work.

13 years agos4/ldap: Test to expoit ldb_ildap bug in case of nested search requests
Kamen Mazdrashki [Mon, 25 Jan 2010 01:17:29 +0000 (03:17 +0200)]
s4/ldap: Test to expoit ldb_ildap bug in case of nested search requests

Signed-off-by: Stefan Metzmacher <>
13 years agos4/ldap: Fix nested searches SEGFAULT bug
Kamen Mazdrashki [Mon, 25 Jan 2010 10:22:39 +0000 (12:22 +0200)]
s4/ldap: Fix nested searches SEGFAULT bug

Signed-off-by: Stefan Metzmacher <>
13 years agos4: Ignore few more auto-generated files
Kamen Mazdrashki [Fri, 22 Jan 2010 13:23:17 +0000 (15:23 +0200)]
s4: Ignore few more auto-generated files

13 years agolibrpc: rerun 'make idl'
Stefan Metzmacher [Fri, 29 Jan 2010 12:07:39 +0000 (13:07 +0100)]
librpc: rerun 'make idl'


13 years agosecurity.idl: add wellknown TrustedInstaller SID
Stefan Metzmacher [Fri, 29 Jan 2010 12:07:00 +0000 (13:07 +0100)]
security.idl: add wellknown TrustedInstaller SID


13 years agos3: by default don't use pthread pool support
Björn Jacke [Fri, 29 Jan 2010 11:42:25 +0000 (12:42 +0100)]
s3: by default don't use pthread pool support

13 years agolib/util: remove data_blob_talloc_reference()
Stefan Metzmacher [Tue, 5 Jan 2010 19:14:04 +0000 (20:14 +0100)]
lib/util: remove data_blob_talloc_reference()

We want to avoid the usage of talloc_reference() in Samba.


13 years agos4:auth_sam: avoid usage of data_blob_talloc_reference() and copy the session keys
Stefan Metzmacher [Tue, 5 Jan 2010 19:11:29 +0000 (20:11 +0100)]
s4:auth_sam: avoid usage of data_blob_talloc_reference() and copy the session keys


13 years agos4:libcli: remove unneeded talloc_reference() usage
Stefan Metzmacher [Wed, 27 Jan 2010 10:01:25 +0000 (11:01 +0100)]
s4:libcli: remove unneeded talloc_reference() usage


13 years agos4:kdc remove dead code and comments
Simo Sorce [Fri, 29 Jan 2010 00:32:38 +0000 (19:32 -0500)]
s4:kdc remove dead code and comments

13 years agos4:kdc Fill in more data fields
Simo Sorce [Thu, 28 Jan 2010 13:58:44 +0000 (08:58 -0500)]
s4:kdc Fill in more data fields

13 years agos4:kdc move db functions in their own file
Simo Sorce [Thu, 28 Jan 2010 06:27:11 +0000 (01:27 -0500)]
s4:kdc move db functions in their own file

Keep all heimdal related plugin code within hdb_samba4.c
Move interfaces needed by multiple plugins in db-glue.c

Move sequence context in main db context so that we do
not depend on db->hdb_dbc in the common code.

Remove unnecessary paremeters from function prototypes

13 years agos4:kdc Use a clearer name for the samba kdc entry
Simo Sorce [Thu, 28 Jan 2010 05:19:59 +0000 (00:19 -0500)]
s4:kdc Use a clearer name for the samba kdc entry

Renames hdb_samba4_private to samba_kdc_entry
Streamlines members of the entry and the kdc db contextto avoid
unnecessary duplication.

13 years agos4:kdc Use better db context structure
Simo Sorce [Thu, 28 Jan 2010 05:08:36 +0000 (00:08 -0500)]
s4:kdc Use better db context structure

This allows to use a common structure not tied to hdb_samba4
Also allows to avoid many casts within hdb_samba4 functions

This is the first step to abstract samba kdc databse functions
so they can be used by the MIT forthcoming plugin.

13 years agoFix bug #7069 - smbget does not return an error status after some errors
Jeremy Allison [Thu, 28 Jan 2010 18:38:24 +0000 (10:38 -0800)]
Fix bug #7069 - smbget does not return an error status after some errors

A combination patch from Johannes Poehlmann <> and
Jeremy. Fix the return codes from smb_download_file() and smb_download_dir().


13 years agos3/winbind_ccache: Fix typo in debug message.
Karolin Seeger [Thu, 28 Jan 2010 14:10:54 +0000 (15:10 +0100)]
s3/winbind_ccache: Fix typo in debug message.


13 years agotsocket: Fix the description of tstream_writev_queue_send/recv
Kai Blin [Thu, 28 Jan 2010 10:16:24 +0000 (11:16 +0100)]
tsocket: Fix the description of tstream_writev_queue_send/recv

13 years agotsocket: Fix description for tstream_readv_pdu_queue_send/recv
Kai Blin [Thu, 28 Jan 2010 10:11:33 +0000 (11:11 +0100)]
tsocket: Fix description for tstream_readv_pdu_queue_send/recv

13 years agos4-ldbtest: fixed python import
Andrew Tridgell [Thu, 28 Jan 2010 07:02:39 +0000 (18:02 +1100)]
s4-ldbtest: fixed python import

13 years agos4-drs: implementation of some delete test cases
Eduardo Lima [Mon, 18 Jan 2010 17:03:48 +0000 (15:03 -0200)]
s4-drs: implementation of some delete test cases

Signed-off-by: Andrew Tridgell <>
13 years agocleanup: remove trailing spaces and tabs
Simo Sorce [Thu, 28 Jan 2010 07:05:05 +0000 (02:05 -0500)]
cleanup: remove trailing spaces and tabs

13 years agos4-drs: Reads uSNUrgent and sets Urgent Replication Bit for DS_ReplicaSync when necessary
Fernando J V da Silva [Thu, 21 Jan 2010 11:20:44 +0000 (09:20 -0200)]
s4-drs: Reads uSNUrgent and sets Urgent Replication Bit for DS_ReplicaSync when necessary

If an urgent replication is necessary, so the uSNUrgent stored is equal to the
uSNHighest stored, then when sending the DS_ReplicaSync message it sets the

Signed-off-by: Fernando J V da Silva <>
Signed-off-by: Andrew Tridgell <>
13 years agoSecond part of fix for bug #7072 - Accounts can't be unlocked from ldap.
Jeremy Allison [Thu, 28 Jan 2010 00:52:40 +0000 (16:52 -0800)]
Second part of fix for bug #7072 - Accounts can't be unlocked from ldap.

Missed read of entry_timestamp (was entry->entry_timestamp).


13 years agoFix bug #7072 - Accounts can't be unlocked from ldap.
Jeremy Allison [Thu, 28 Jan 2010 00:42:06 +0000 (16:42 -0800)]
Fix bug #7072 - Accounts can't be unlocked from ldap.

Fix suggested by Andy Hanton <>. The LOGIN_CACHE
struct contains two time_t entries, but was being written to and
read from via tdb_pack/tdb_unpack functions using explicit 32-bit int specifiers.
This would break on machines with a 64-bit time_t. Use correct int
sizes for tdb_pack/tdb_unpack.

We have to fix this properly before 2037 :-).


13 years agotestsuite/libsmbclient use source3 in the path of the C and LFLAGS
Lars Müller [Wed, 27 Jan 2010 23:40:39 +0000 (00:40 +0100)]
testsuite/libsmbclient use source3 in the path of the C and LFLAGS

13 years agoLink testsuite/libsmbclient against required libtdb and libwbclient
Lars Müller [Wed, 27 Jan 2010 23:38:04 +0000 (00:38 +0100)]
Link testsuite/libsmbclient against required libtdb and libwbclient

13 years agos3: syntax fix
Björn Jacke [Wed, 27 Jan 2010 22:43:23 +0000 (23:43 +0100)]
s3: syntax fix

13 years agos3: Install and uninstall the static version of libwbclient
Lars Müller [Wed, 27 Jan 2010 21:40:19 +0000 (22:40 +0100)]
s3: Install and uninstall the static version of libwbclient

This requires to call configure with --enable-static which isn't the case
by default.

13 years agos4:windc move windc plugin in its own file
Simo Sorce [Tue, 26 Jan 2010 16:56:16 +0000 (11:56 -0500)]
s4:windc move windc plugin in its own file

Keep all heimdal related plugin code within wdc-samba4.c
Leave only interfaces common to multiple plugins in pac-glue.c

13 years agos4:PAC make common functions public
Simo Sorce [Tue, 26 Jan 2010 16:43:54 +0000 (11:43 -0500)]
s4:PAC make common functions public

13 years agos4:PAC Streamline pac-glue step 2
Simo Sorce [Tue, 26 Jan 2010 16:09:32 +0000 (11:09 -0500)]
s4:PAC Streamline pac-glue step 2

Split functions so that no assumption is made about which plugin
is using them

13 years agos4:PAC Streamline pac-glue
Simo Sorce [Tue, 26 Jan 2010 16:06:00 +0000 (11:06 -0500)]
s4:PAC Streamline pac-glue

First step, preparing to share the code between multiple plugins.

13 years agos3: get pthread detection also on HP-UX right
Björn Jacke [Wed, 27 Jan 2010 17:54:55 +0000 (18:54 +0100)]
s3: get pthread detection also on HP-UX right

13 years agoImplemented net fsmo command for transferring fsmo roles
Nadezhda Ivanova [Wed, 27 Jan 2010 15:57:37 +0000 (17:57 +0200)]
Implemented net fsmo command for transferring fsmo roles

The command allows the user to transfer a fsmo role to the server to which
the connection is established. Roles can be transferred or seized. By default a
transfer is attempted even if seize option is chosen, as it is dangerous to
seize a role if the current owner is still running.
example use:
net fsmo show --host=hostnameoraddress --username=username --password=password
net fsmo transfer --role=role --host=hostnameoraddress --username=username --password=password
net fsmo seize --role=role --host=hostnameoraddress --username=username --password=password [--force]

Tested against Win2008. Does not work for samba 4 yet as we are missing the GetNCChanges extensions.

13 years agos4-smbtorture: pick correct last packet while checking backchannel replies in RPC...
Günther Deschner [Wed, 27 Jan 2010 14:04:00 +0000 (15:04 +0100)]
s4-smbtorture: pick correct last packet while checking backchannel replies in RPC-SPOOLSS-NOTIFY.


13 years agos3-selftest: try to get RPC-SPOOLSS-NOTIFY running during make test on the buildfarm.
Günther Deschner [Wed, 27 Jan 2010 12:39:24 +0000 (13:39 +0100)]
s3-selftest: try to get RPC-SPOOLSS-NOTIFY running during make test on the buildfarm.


13 years agos4:torture: refactor querying of domain info out into test_QueryDomainInfo2_level()
Michael Adam [Thu, 21 Jan 2010 23:47:42 +0000 (00:47 +0100)]
s4:torture: refactor querying of domain info out into test_QueryDomainInfo2_level()

Used in several places.

(Note: The _level suffix in the function name is just because
test_QueryDomainInfo2() already exists as an overall test for all levels.)


Signed-off-by: Günther Deschner <>
13 years agos4:torture: create new test_SetDomainInfo_ntstatus()
Michael Adam [Thu, 21 Jan 2010 23:46:19 +0000 (00:46 +0100)]
s4:torture: create new test_SetDomainInfo_ntstatus()

for checking for SetDomainInfo giving a desired return code.


Signed-off-by: Günther Deschner <>
13 years agos4:torture: refactor setting of domain inf out into test_SetDomainInfo()
Michael Adam [Thu, 21 Jan 2010 23:21:29 +0000 (00:21 +0100)]
s4:torture: refactor setting of domain inf out into test_SetDomainInfo()

and use it in several places.


Signed-off-by: Günther Deschner <>
13 years agos4:torture: refactor setting account flags out into test_SetUserInfo_acct_flags()
Michael Adam [Thu, 21 Jan 2010 22:55:51 +0000 (23:55 +0100)]
s4:torture: refactor setting account flags out into test_SetUserInfo_acct_flags()

and use this in four places (enabling/disabling accounts).


Signed-off-by: Günther Deschner <>
13 years agoFix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to...
Jeremy Allison [Wed, 27 Jan 2010 00:51:57 +0000 (16:51 -0800)]
Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write.

Only works on Linux kernels 2.6.26 and above. Grants CAP_KILL capability
to allow Linux threads under different euids to send signals to each other.


13 years agoAdd dependency of bin/smbfilter to libwbclient.
Lars Müller [Tue, 26 Jan 2010 21:54:15 +0000 (22:54 +0100)]
Add dependency of bin/smbfilter to libwbclient.

13 years agos4-libcli: Fixed a talloc_reference error.
Andreas Schneider [Tue, 26 Jan 2010 13:57:15 +0000 (14:57 +0100)]
s4-libcli: Fixed a talloc_reference error.

Signed-off-by: Andreas Schneider <>
Signed-off-by: Matthias Dieter Wallnöfer <>
13 years agos4:winsrepl.idl: add random interface uuid
Stefan Metzmacher [Tue, 26 Jan 2010 14:22:09 +0000 (15:22 +0100)]
s4:winsrepl.idl: add random interface uuid

This is needed to include the wrepl interface into


13 years agos4:smbtorture: add BASE-BENCH-HOLDOPEN
Stefan Metzmacher [Tue, 26 Jan 2010 14:20:57 +0000 (15:20 +0100)]
s4:smbtorture: add BASE-BENCH-HOLDOPEN

This is useful for manual performance testing with a large
number of share mode entries.


13 years agomount.cifs: don't allow it to be run as setuid root program
Jeff Layton [Tue, 26 Jan 2010 13:15:41 +0000 (08:15 -0500)]
mount.cifs: don't allow it to be run as setuid root program

mount.cifs has been the subject of several "security" fire drills due to
distributions installing it as a setuid root program. This program has
not been properly audited for security and the Samba team highly
recommends that it not be installed as a setuid root program at this

To make that abundantly clear, this patch forcibly disables the ability
for mount.cifs to run as a setuid root program. People are welcome to
trivially patch this out, but they do so at their own peril.

A security audit and redesign of this program is in progress and we hope
that we'll be able to remove this in the near future.

Signed-off-by: Jeff Layton <>
13 years agomount.cifs: check for invalid characters in device name and mountpoint
Jeff Layton [Tue, 26 Jan 2010 13:15:41 +0000 (08:15 -0500)]
mount.cifs: check for invalid characters in device name and mountpoint

It's apparently possible to corrupt the mtab if you pass embedded
newlines to addmntent. Apparently tabs are also a problem with certain
earlier glibc versions. Backslashes are also a minor issue apparently,
but we can't reasonably filter those.

Make sure that neither the devname or mountpoint contain any problematic
characters before allowing the mount to proceed.

Signed-off-by: Jeff Layton <>
13 years agomount.cifs: take extra care that mountpoint isn't changed during mount
Jeff Layton [Tue, 26 Jan 2010 13:15:41 +0000 (08:15 -0500)]
mount.cifs: take extra care that mountpoint isn't changed during mount

It's possible to trick mount.cifs into mounting onto the wrong directory
by replacing the mountpoint with a symlink to a directory. mount.cifs
attempts to check the validity of the mountpoint, but there's still a
possible race between those checks and the mount(2) syscall.

To guard against this, chdir to the mountpoint very early, and only deal
with it as "." from then on out.

Signed-off-by: Jeff Layton <>
13 years agos4-smbtorture: also test smbc_getOptionUseCCache
Günther Deschner [Tue, 26 Jan 2010 11:10:17 +0000 (12:10 +0100)]
s4-smbtorture: also test smbc_getOptionUseCCache

13 years agos3: Enable use of ccache by default for libsmbclient
Volker Lendecke [Tue, 26 Jan 2010 09:51:32 +0000 (10:51 +0100)]
s3: Enable use of ccache by default for libsmbclient

Disable this by setting the environment variable LIBSMBCLIENT_NO_CCACHE, which
has the advantage over an smb.conf option to be easily settable per

13 years agoCorrect fix for unused variable return from ndr_decode. Use it :-).
Jeremy Allison [Tue, 26 Jan 2010 01:38:55 +0000 (17:38 -0800)]
Correct fix for unused variable return from ndr_decode. Use it :-).

13 years agoRevert "s3: remove unused Variable"
Jeremy Allison [Tue, 26 Jan 2010 01:06:54 +0000 (17:06 -0800)]
Revert "s3: remove unused Variable"

This reverts commit 9536d94d5478b63fc05047964b40d8786a7246c4.

Bjorn, your change removed the ndr_decoding of the dos attribute.
Not a good idea :-).


13 years agoRevert "libreplace: fix unused varibale warning on IRIX"
Björn Jacke [Tue, 26 Jan 2010 00:16:37 +0000 (01:16 +0100)]
Revert "libreplace: fix unused varibale warning on IRIX"

this one was broken

13 years agos3: fix detection and flags for using pthread
Björn Jacke [Mon, 25 Jan 2010 23:17:10 +0000 (00:17 +0100)]
s3: fix detection and flags for using pthread

I hope this fixes the build on Tru64, IRIX and maybe bug #6983