ira/wip.git
11 years agos4-kcc: simplify the ReplicaGetInfo implementation a bit
Andrew Tridgell [Fri, 15 Jan 2010 23:37:26 +0000 (10:37 +1100)]
s4-kcc: simplify the ReplicaGetInfo implementation a bit

11 years agos4-kcc: squash a warning
Andrew Tridgell [Fri, 15 Jan 2010 23:36:56 +0000 (10:36 +1100)]
s4-kcc: squash a warning

11 years agos4-drs: better debug info when security checks fail
Andrew Tridgell [Fri, 15 Jan 2010 23:36:40 +0000 (10:36 +1100)]
s4-drs: better debug info when security checks fail

show the security token of the user at debug level 2

11 years agos4-dsdb: require admin access for DsReplicaGetInfo
Andrew Tridgell [Fri, 15 Jan 2010 23:36:06 +0000 (10:36 +1100)]
s4-dsdb: require admin access for DsReplicaGetInfo

11 years agos4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS infoType.
Andrew Tridgell [Fri, 15 Jan 2010 08:36:16 +0000 (19:36 +1100)]
s4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS infoType.

This patch includes the framework for the implementation of all infoTypes of
the DsGetReplInfo() call, and includes the implementation for the first one,
the DS_REPL_INFO_NEIGHBORS.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
11 years agos4-drs: give better debug info on unsupported DRS calls
Andrew Tridgell [Fri, 15 Jan 2010 08:34:32 +0000 (19:34 +1100)]
s4-drs: give better debug info on unsupported DRS calls

11 years agos4-drs: torture test for DsGetReplInfo() (RPC-DSGETINFO test).
Erick Nogueira do Nascimento [Wed, 23 Dec 2009 19:54:30 +0000 (17:54 -0200)]
s4-drs: torture test for DsGetReplInfo() (RPC-DSGETINFO test).

Signed-off-by: Andrew Tridgell <tridge@samba.org>
11 years agos4-dsdb: added isGlobalCatalogReady
Andrew Tridgell [Fri, 15 Jan 2010 08:13:26 +0000 (19:13 +1100)]
s4-dsdb: added isGlobalCatalogReady

needed for dcdiag.exe

11 years agoSecond part of bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.
Jeremy Allison [Sat, 16 Jan 2010 01:33:24 +0000 (17:33 -0800)]
Second part of bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.

Protect against SMB_STRDUP of null...

Jeremy.

11 years agoFix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.
Jeremy Allison [Sat, 16 Jan 2010 01:22:35 +0000 (17:22 -0800)]
Fix bug 7045 - Bad (non memory copying) interfaces in smbc_setXXXX calls.

In smbc_free_context libsmbclient just called free() on the string options
so it assumes the callers have malloced them before setting them via smbc_set
calls.

Change to corretly malloc/free string options to the library.

Jeremy

11 years agos4-ldb: cope with bad ptr alignment in ldb_index.c
Andrew Tridgell [Fri, 15 Jan 2010 21:58:27 +0000 (08:58 +1100)]
s4-ldb: cope with bad ptr alignment in ldb_index.c

We can't assume that a rec_ptr will come back from a tdb traverse with
alignment sufficient for a pointer.

11 years agos4 selftest: Ignore more winbind test known to fail
Kai Blin [Fri, 15 Jan 2010 01:08:35 +0000 (02:08 +0100)]
s4 selftest: Ignore more winbind test known to fail

11 years agos4-smbtorture: add setup_schannel_netlogon_pipe() function.
Günther Deschner [Thu, 14 Jan 2010 23:25:06 +0000 (00:25 +0100)]
s4-smbtorture: add setup_schannel_netlogon_pipe() function.

Guenther

11 years agoFix bug #7036 - net rpc getsid fails in hardened windows environments.
Jeremy Allison [Thu, 14 Jan 2010 23:39:30 +0000 (15:39 -0800)]
Fix bug #7036 - net rpc getsid fails in hardened windows environments.

Fix suggested by Dave.Daugherty@Centrify.com.

11 years agos4-torture: Migrate ntp_signd test to tsocket.
Andreas Schneider [Thu, 14 Jan 2010 11:57:56 +0000 (12:57 +0100)]
s4-torture: Migrate ntp_signd test to tsocket.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
11 years agoPart 4 of bug #7028 - include scannedonly VFS module
Olivier Sessink [Thu, 14 Jan 2010 20:13:14 +0000 (12:13 -0800)]
Part 4 of bug #7028 - include scannedonly VFS module

Fix some issues with handling names ending in '/'.

11 years agos3-libsmbclient: Fix crash bug in SMBC_parse_path().
Günther Deschner [Thu, 14 Jan 2010 18:34:26 +0000 (19:34 +0100)]
s3-libsmbclient: Fix crash bug in SMBC_parse_path().

Patch from Tim Waugh <twaugh@redhat.com>.
This resolves https://bugzilla.redhat.com/show_bug.cgi?id=552658

LIBSMBCLIENT-OPENDIR torture test checks this as well.

Guenther

11 years agos4-smbtorture: add rather simple libsmbclient torture testsuite.
Günther Deschner [Tue, 12 Jan 2010 16:42:00 +0000 (17:42 +0100)]
s4-smbtorture: add rather simple libsmbclient torture testsuite.

Guenther

11 years agos3:auth: fix account unlock regression introduced with fix for bug #4347
Michael Adam [Thu, 14 Jan 2010 13:24:35 +0000 (14:24 +0100)]
s3:auth: fix account unlock regression introduced with fix for bug #4347

By an oversight, the patchset for #4347 made the unlocking of a locked
account after the lockout duration ineffective.
Thanks to Björn for finding this!

Michael

11 years agos3 selftest: Enable the WINBIND-STRUCT tests
Kai Blin [Wed, 13 Jan 2010 12:58:20 +0000 (13:58 +0100)]
s3 selftest: Enable the WINBIND-STRUCT tests

11 years agos3 test: Fix WINBINDD-STRUCT tests
Kai Blin [Thu, 14 Jan 2010 12:21:44 +0000 (13:21 +0100)]
s3 test: Fix WINBINDD-STRUCT tests

The struct-based tests are working in make selftest, make them work in plain
"make test" as well.

11 years agos3 selftest: Fix LOOKUP_SID test.
Kai Blin [Wed, 13 Jan 2010 15:46:17 +0000 (16:46 +0100)]
s3 selftest: Fix LOOKUP_SID test.

WINBINDD_LIST_USERS does not give a domain name if we're a DC and the user is
from our domain.

11 years agos3 selftest: Fix WINBINDD_LIST_GROUPS test
Kai Blin [Wed, 13 Jan 2010 15:02:00 +0000 (16:02 +0100)]
s3 selftest: Fix WINBINDD_LIST_GROUPS test

If there's no groups in the database, there are no entries in extra_data. This
caused WINBINDD_LIST_GROUPS test to fail. Use the fact that
WINBINDD_LIST_GROUPS now reports the number of groups in data.num_entries to
identify the "no groups" case.

11 years agos3 winbindd: Return number of groups in data.num_entries for WINBINDD_LIST_GROUPS
Kai Blin [Wed, 13 Jan 2010 14:59:57 +0000 (15:59 +0100)]
s3 winbindd: Return number of groups in data.num_entries for WINBINDD_LIST_GROUPS

This allows to test if there's something wrong with the group list in
extra_data or if there's simply no groups in the database.

Volker, please check.

11 years agos3 selftest: Allow the enumeration of users and groups
Kai Blin [Wed, 13 Jan 2010 14:21:14 +0000 (15:21 +0100)]
s3 selftest: Allow the enumeration of users and groups

This fixes the WINBINDD_GETPWENT test.

11 years agos3 selftest: Fix the WINBINDD_GETDCNAMEe test.
Kai Blin [Wed, 13 Jan 2010 13:49:26 +0000 (14:49 +0100)]
s3 selftest: Fix the WINBINDD_GETDCNAMEe test.

The WINBINDD_GETDCNAME test expected an NSS_STATUS_SUCCESS return from all
calls. However, this does not apply for BUILTIN and the DC's own domain.
Make the test work again by skipping those two.

11 years agos3 winbindd: Get WINBINDD_CHECK_MACHACC torture test to work again.
Kai Blin [Wed, 13 Jan 2010 13:10:33 +0000 (14:10 +0100)]
s3 winbindd: Get WINBINDD_CHECK_MACHACC torture test to work again.

WINBINDD_CHECK_MACHACC used to report an NTSTATUS error and appropriate error
strings. Make this work again.

11 years agos4:provision_users.ldif - Add a comment that some objects under "Users" are now locat...
Matthias Dieter Wallnöfer [Wed, 13 Jan 2010 16:39:28 +0000 (17:39 +0100)]
s4:provision_users.ldif - Add a comment that some objects under "Users" are now located elsewhere

This is needed due to the new RID/SID distribution system

11 years agos4:provision_users.ldif - Add objects for IIS
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 13:20:09 +0000 (14:20 +0100)]
s4:provision_users.ldif - Add objects for IIS

Some WSPP locations point out that beginning with Windows Server 2008 they're
also per default present.

Compared against Windows Server 2008

11 years agos4:provision_users.ldif - Add additional BUILTIN objects
Matthias Dieter Wallnöfer [Mon, 11 Jan 2010 21:12:01 +0000 (22:12 +0100)]
s4:provision_users.ldif - Add additional BUILTIN objects

Compared against Windows Server 2008

11 years agos4:provision_users.ldif - add the restant part of the objects needing for RODC support
Matthias Dieter Wallnöfer [Mon, 11 Jan 2010 21:01:42 +0000 (22:01 +0100)]
s4:provision_users.ldif - add the restant part of the objects needing for RODC support

RODC = Read Only Domain Controllers

Compared against Windows Server 2008

11 years agos4:provision_users.ldif - Fix up errors on existing entries
Matthias Dieter Wallnöfer [Mon, 11 Jan 2010 20:57:32 +0000 (21:57 +0100)]
s4:provision_users.ldif - Fix up errors on existing entries

Compared against Windows Server 2008

11 years agos4:provision_users.ldif - Simple reordering
Matthias Dieter Wallnöfer [Mon, 11 Jan 2010 20:44:18 +0000 (21:44 +0100)]
s4:provision_users.ldif - Simple reordering

Sorted according the SID - easier for later enhancements.

11 years agos4:provision_users.ldif - Remove system objects from the wrong place
Matthias Dieter Wallnöfer [Mon, 11 Jan 2010 20:36:40 +0000 (21:36 +0100)]
s4:provision_users.ldif - Remove system objects from the wrong place

Objects like the "Cryptographic Operators", "Event Log Readers" don't belong
here but into the builtin domain.

11 years agos4:SAMR RPC - Fix the criteria for group searches
Matthias Dieter Wallnöfer [Tue, 12 Jan 2010 21:16:36 +0000 (22:16 +0100)]
s4:SAMR RPC - Fix the criteria for group searches

This should match the MS-SAMR documentation (section 3.1.5.5.1.1)

11 years agos4-idl: get rid of the operation specific DRS options flags
Andrew Tridgell [Thu, 14 Jan 2010 03:40:53 +0000 (14:40 +1100)]
s4-idl: get rid of the operation specific DRS options flags

It was confusing to have several sets of incomplete options when WSPP
uses a single set.

11 years agos4-torture: switch smbtorture to the generic DRS options
Andrew Tridgell [Thu, 14 Jan 2010 03:38:18 +0000 (14:38 +1100)]
s4-torture: switch smbtorture to the generic DRS options

11 years agos4-drs: switch the DRS server to the generic DRS options flags
Andrew Tridgell [Thu, 14 Jan 2010 03:38:00 +0000 (14:38 +1100)]
s4-drs: switch the DRS server to the generic DRS options flags

11 years agos4-torture: switch to generic DRS options flags
Andrew Tridgell [Thu, 14 Jan 2010 03:37:40 +0000 (14:37 +1100)]
s4-torture: switch to generic DRS options flags

11 years agos4-drepl: switch drepl over to using the generic DRS options flags
Andrew Tridgell [Thu, 14 Jan 2010 03:37:22 +0000 (14:37 +1100)]
s4-drepl: switch drepl over to using the generic DRS options flags

WSPP uses a single set of flags for all these DRS operations.

11 years agos4-idl: update the DRS_OPTIONS bits based on the latest WSPP docs
Andrew Tridgell [Thu, 14 Jan 2010 03:19:22 +0000 (14:19 +1100)]
s4-idl: update the DRS_OPTIONS bits based on the latest WSPP docs

11 years agos4-drs: Uses dsdb_load_partition_usn() with urgent_uSN in s4 code
Fernando J V da Silva [Wed, 13 Jan 2010 16:08:56 +0000 (14:08 -0200)]
s4-drs: Uses dsdb_load_partition_usn() with urgent_uSN in s4 code

Signed-off-by: Andrew Tridgell <tridge@samba.org>
11 years agos4-drs: Store uSNUrgent for Urgent Replication
Fernando J V da Silva [Thu, 7 Jan 2010 18:30:05 +0000 (16:30 -0200)]
s4-drs: Store uSNUrgent for Urgent Replication

When a object or attribute is created/updated/deleted, according
to [MS-ADTS] 3.1.1.5.1.6, it stores the uSNUrgent on @REPLCHANGED
for the partitions that it belongs.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
11 years agos3:pdb_ldap: restore Samba 3.0.x behavior and use the first "uid" value.
Stefan Metzmacher [Tue, 5 Jan 2010 12:30:42 +0000 (13:30 +0100)]
s3:pdb_ldap: restore Samba 3.0.x behavior and use the first "uid" value.

See bug #6157 for more details.

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 25806f43ddee7e2653e907eea2c6fcc075960fa1)

11 years agos3:smbldap: add smbldap_talloc_first_attribute()
Stefan Metzmacher [Tue, 5 Jan 2010 12:30:19 +0000 (13:30 +0100)]
s3:smbldap: add smbldap_talloc_first_attribute()

metze

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit c992127f8a96c37940a6d298c7c6859c47f83d9b)

11 years agos4:dsdb: use validate_update module
Stefan Metzmacher [Tue, 29 Sep 2009 09:14:33 +0000 (11:14 +0200)]
s4:dsdb: use validate_update module

metze

11 years agos4:dsdb/schema: add dsdb_syntax_OID_validate_ldb()
Stefan Metzmacher [Tue, 12 Jan 2010 22:45:02 +0000 (23:45 +0100)]
s4:dsdb/schema: add dsdb_syntax_OID_validate_ldb()

This is a very heavy weight way of checking this syntax,
but it's very complex and using the existing function
should be ok for now. We can optimize it later.

metze

11 years agos4:dsdb/schema: add dsdb_syntax_DN_STRING_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_DN_STRING_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_DN_BINARY_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_DN_BINARY_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_DN_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_DN_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_PRESENTATION_ADDRESS_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_PRESENTATION_ADDRESS_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_UNICODE_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_UNICODE_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_DATA_BLOB_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_DATA_BLOB_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_NTTIME_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_NTTIME_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_NTTIME_UTC_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_NTTIME_UTC_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_INT64_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_INT64_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_BOOL_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_BOOL_validate_ldb()

metze

11 years agos4:dsdb: add validate_update module
Stefan Metzmacher [Tue, 29 Sep 2009 09:14:09 +0000 (11:14 +0200)]
s4:dsdb: add validate_update module

metze

11 years agos4:dsdb/schema: add inftrastructure for dsdb_validate_ldb()
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add inftrastructure for dsdb_validate_ldb()

metze

11 years agos4:dsdb/schema: add dsdb_syntax_DN_STRING_* wrappers
Stefan Metzmacher [Tue, 29 Sep 2009 16:57:01 +0000 (18:57 +0200)]
s4:dsdb/schema: add dsdb_syntax_DN_STRING_* wrappers

metze

11 years agos4:dsdb/resolve_oids: also resolve oid in search attribute list
Stefan Metzmacher [Tue, 29 Sep 2009 10:00:39 +0000 (12:00 +0200)]
s4:dsdb/resolve_oids: also resolve oid in search attribute list

metze

11 years agos4:dsdb/schema_load: add a TODO about schema reloading
Stefan Metzmacher [Wed, 13 Jan 2010 11:00:27 +0000 (12:00 +0100)]
s4:dsdb/schema_load: add a TODO about schema reloading

metze

11 years agos4:ldb/tests: do a "schemaUpdateNow" after creating a new attribute in ldap_schema.py
Stefan Metzmacher [Wed, 13 Jan 2010 10:45:05 +0000 (11:45 +0100)]
s4:ldb/tests: do a "schemaUpdateNow" after creating a new attribute in ldap_schema.py

It seems that windows doesn't need that.

And we should think about a check for reloading the schema
at the start of each "write" operation.

metze

11 years agos4:dsdb/repl: reorder dreplsrv_op_notify* functions
Stefan Metzmacher [Wed, 13 Jan 2010 15:00:20 +0000 (16:00 +0100)]
s4:dsdb/repl: reorder dreplsrv_op_notify* functions

This make the whole async dreplsrv_op_notify_send/recv()
readable.

metze

11 years agos4:dsdb/repl: change dreplsrv_op_notify_send/recv() to tevent_req
Stefan Metzmacher [Mon, 11 Jan 2010 19:00:07 +0000 (20:00 +0100)]
s4:dsdb/repl: change dreplsrv_op_notify_send/recv() to tevent_req

metze

11 years agos4:dsdb/common: fix major bug in lsa_BinaryString to ldb_val conversation.
Stefan Metzmacher [Tue, 12 Jan 2010 08:59:26 +0000 (09:59 +0100)]
s4:dsdb/common: fix major bug in lsa_BinaryString to ldb_val conversation.

In lsa_BinaryString length and size are byte counts!

TODO: we may need to do byte order conversion in this functions too...

metze

11 years agos4:ldb_msg: first try to decode integers as signed and then fallback to unsigned
Stefan Metzmacher [Mon, 11 Jan 2010 19:18:09 +0000 (20:18 +0100)]
s4:ldb_msg: first try to decode integers as signed and then fallback to unsigned

LDAP only knowns about signed integers, so let
ldb_msg_find_attr_as_uint() and ldb_msg_find_attr_as_uint64() cope
with it.

metze

11 years agos4:dsdb/common: let samdb_msg_add_uint() call samdb_msg_add_int()
Stefan Metzmacher [Mon, 11 Jan 2010 19:17:53 +0000 (20:17 +0100)]
s4:dsdb/common: let samdb_msg_add_uint() call samdb_msg_add_int()

This is important as LDAP servers always play with int32 values
and we have to encode 0x80000000 as "-2147483648" instead of "2147483648".

metze

11 years agos4:dsdb/common: let samdb_msg_add_uint64() call samdb_msg_add_int64()
Stefan Metzmacher [Mon, 11 Jan 2010 19:00:43 +0000 (20:00 +0100)]
s4:dsdb/common: let samdb_msg_add_uint64() call samdb_msg_add_int64()

This is important as LDAP servers always play with int64 values
and we have to encode 0x8000000000000000LL as "-9223372036854775808"
instead of "9223372036854775808".

metze

11 years agos4:ldb: be more strict in parsing ldb time strings
Stefan Metzmacher [Mon, 11 Jan 2010 12:11:48 +0000 (13:11 +0100)]
s4:ldb: be more strict in parsing ldb time strings

metze

11 years agoselftest: Print reason when a test fails unexpectedly
Kai Blin [Wed, 13 Jan 2010 09:07:25 +0000 (10:07 +0100)]
selftest: Print reason when a test fails unexpectedly

11 years agos4-ntp_signd: Migrate to tsocket.
Andreas Schneider [Tue, 12 Jan 2010 16:30:04 +0000 (17:30 +0100)]
s4-ntp_signd: Migrate to tsocket.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
11 years agoFixed a problem with incorrect default SD owner/group.
Nadezhda Ivanova [Wed, 13 Jan 2010 13:16:38 +0000 (15:16 +0200)]
Fixed a problem with incorrect default SD owner/group.

11 years agos3: Fix a winbind segfault in "trusted_domains"
Volker Lendecke [Wed, 13 Jan 2010 11:20:26 +0000 (12:20 +0100)]
s3: Fix a winbind segfault in "trusted_domains"

We have to initialize domain->backend by calling "get_cache" before doing a
query

Thanks to Christian Ambach to find this :-)

11 years agoComparison tool for LDAP servers (using Ldb)
Zahari Zahariev [Wed, 13 Jan 2010 08:41:56 +0000 (10:41 +0200)]
Comparison tool for LDAP servers (using Ldb)

This tool is integrated with Samba4 Ldb. It provides a useful output
where you can find easy differences in objects or attributes within
naming context (Domain, Configuration or Schema).

Added functionality for two sets of credentials.

11 years agoMerge branch 'master' of git://git.samba.org/samba
Nadezhda Ivanova [Wed, 13 Jan 2010 10:02:31 +0000 (12:02 +0200)]
Merge branch 'master' of git://git.samba.org/samba

11 years agoFix bug #7034 - vfs_cap causes signal 11 (SIGSEGV)
SASAJIMA Toshihiro [Wed, 13 Jan 2010 05:43:23 +0000 (21:43 -0800)]
Fix bug #7034 - vfs_cap causes signal 11 (SIGSEGV)

11 years agoFix two uses of strncat -> strlcat. Ensure proper use of strncpy when setting socket...
Jeremy Allison [Wed, 13 Jan 2010 05:18:36 +0000 (21:18 -0800)]
Fix two uses of strncat -> strlcat. Ensure proper use of strncpy when setting socket name.

Jeremy.

11 years agoMake file access control decisions a lot easier to debug (at level 10).
Jeremy Allison [Wed, 13 Jan 2010 05:06:09 +0000 (21:06 -0800)]
Make file access control decisions a lot easier to debug (at level 10).

Jeremy.

11 years agoFix bug #7033 - SMBrmdir call always returns true, even on failure to delete a directory.
Jeremy Allison [Wed, 13 Jan 2010 00:55:31 +0000 (16:55 -0800)]
Fix bug #7033 - SMBrmdir call always returns true, even on failure to delete a directory.

Argh. Missed the second (and essential) part of the fix for the above :-(.

Jeremy

11 years agoFix bug #7033 - SMBrmdir call always returns true, even on failure to delete a directory.
Jeremy Allison [Wed, 13 Jan 2010 00:50:40 +0000 (16:50 -0800)]
Fix bug #7033 - SMBrmdir call always returns true, even on failure to delete a directory.

There is a codepath missing to propagate back error returns from the rmdir
POSIX call inside close_directory when delete on close is set. This means doing
an rmdir on a Windows command line will always report success, even when the
directory was not deleted. This fix adds that codepath back into Samba.

Jeremy.

11 years agoFix bug #6876 - Delete of an object whose parent folder does not have delete rights...
Jeremy Allison [Wed, 13 Jan 2010 00:04:44 +0000 (16:04 -0800)]
Fix bug #6876 - Delete of an object whose parent folder does not have delete rights fails even if the delete right is set on the object.

Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.

Jeremy.

11 years agoRemove the global char *LastDir.
Jeremy Allison [Tue, 12 Jan 2010 22:48:23 +0000 (14:48 -0800)]
Remove the global char *LastDir.

This is no longer used for anything.

11 years agos3: Lift the version of the scannedonly VFS module
Volker Lendecke [Tue, 12 Jan 2010 21:58:51 +0000 (22:58 +0100)]
s3: Lift the version of the scannedonly VFS module

11 years agos3: Add the "scannedonly" vfs virus scanner interface module
Olivier Sessink [Mon, 11 Jan 2010 20:53:37 +0000 (21:53 +0100)]
s3: Add the "scannedonly" vfs virus scanner interface module

11 years agoStrip trailing spaces
Simo Sorce [Tue, 12 Jan 2010 16:05:16 +0000 (11:05 -0500)]
Strip trailing spaces

11 years agodocs: fix xml tag in the pdbedit manpage
Michael Adam [Tue, 12 Jan 2010 11:29:14 +0000 (12:29 +0100)]
docs: fix xml tag in the pdbedit manpage

Michael

11 years agos3:auth: add comment to nulling out stolen sampass
Michael Adam [Tue, 12 Jan 2010 11:25:32 +0000 (12:25 +0100)]
s3:auth: add comment to nulling out stolen sampass

Adding this comment makes me think, I could also
have changed make_server_info_sam() talloc_move
instead of talloc_steal, but that would have
changed the signature... Well the comment is a
first step. :-)

Michael

11 years agos3: Remove a pointless if-statement
Volker Lendecke [Tue, 12 Jan 2010 12:53:01 +0000 (13:53 +0100)]
s3: Remove a pointless if-statement

11 years agos4-selftest: RPC-SAMR-PASSWORDS-BADPWDCOUNT fails against s4.
Günther Deschner [Tue, 12 Jan 2010 11:34:55 +0000 (12:34 +0100)]
s4-selftest: RPC-SAMR-PASSWORDS-BADPWDCOUNT fails against s4.

Seems like account lockout is not implemented at all yet.

Guenther

11 years agotestprogs: remove unused test_EachDriver from spoolss test.
Günther Deschner [Mon, 11 Jan 2010 14:40:37 +0000 (15:40 +0100)]
testprogs: remove unused test_EachDriver from spoolss test.

Guenther

11 years agotestprogs: add EnumPrinterKey test to spoolss test.
Günther Deschner [Mon, 11 Jan 2010 14:40:16 +0000 (15:40 +0100)]
testprogs: add EnumPrinterKey test to spoolss test.

Guenther

11 years agos4-smbtorture: fix GetAliasMembership test in RPC-SAMR.
Günther Deschner [Mon, 11 Jan 2010 11:40:01 +0000 (12:40 +0100)]
s4-smbtorture: fix GetAliasMembership test in RPC-SAMR.

Guenther

11 years agos4-smbtorture: add RPC-SAMR-PASSWORDS-BADPWDCOUNT torture test.
Günther Deschner [Mon, 11 Jan 2010 20:18:51 +0000 (21:18 +0100)]
s4-smbtorture: add RPC-SAMR-PASSWORDS-BADPWDCOUNT torture test.

This test checks the behavior (since w2k3 sp1) of the badPwdCount samr attribute
in relation to password history and successfull and unsucessful netlogon
samlogons.

Michael, please check. This should help verifiying Bug #4347.

Guenther

11 years agos4-smbtorture: allow test_SamLogon to test interactive samlogon in RPC-SAMR family...
Günther Deschner [Tue, 12 Jan 2010 10:48:23 +0000 (11:48 +0100)]
s4-smbtorture: allow test_SamLogon to test interactive samlogon in RPC-SAMR family of tests.

Guenther

11 years agos3-lanman: Allow a level2 descriptor for a level1 NetShareGetInfo
Giovanni Bajo [Mon, 11 Jan 2010 21:18:40 +0000 (22:18 +0100)]
s3-lanman: Allow a level2 descriptor for a level1 NetShareGetInfo

Windows seems to allow this

http://lists.samba.org/archive/samba-technical/2009-November/068116.html

has a dump of this.

11 years agoFix comment/debug messages
Simo Sorce [Mon, 11 Jan 2010 16:48:12 +0000 (11:48 -0500)]
Fix comment/debug messages

11 years agotestprogs: fix driver levels in spoolss test.
Günther Deschner [Mon, 11 Jan 2010 11:38:22 +0000 (12:38 +0100)]
testprogs: fix driver levels in spoolss test.

Guenther

11 years agotestprogs: test each printer, do not abort after first failure.
Günther Deschner [Mon, 11 Jan 2010 11:37:45 +0000 (12:37 +0100)]
testprogs: test each printer, do not abort after first failure.

Guenther