Andrew Tridgell [Mon, 1 Jun 2009 06:36:56 +0000 (16:36 +1000)]
mark samAccountName, objectGUID and objectSID as unique indexed
Andrew Tridgell [Mon, 1 Jun 2009 06:36:21 +0000 (16:36 +1000)]
added support for unique indexing in ldb
When a attribute is marked as LDB_ATTR_FLAG_UNIQUE_INDEX then attempts
to add a 2nd record that has the same attribute value for this
attribute as another record will fail.
This provides a much more efficient mechanism for ensuring that
attributes like objectGUID are unique
Andrew Tridgell [Mon, 1 Jun 2009 03:42:51 +0000 (13:42 +1000)]
fix uninitialised use of samctx
Andrew Tridgell [Mon, 1 Jun 2009 03:13:07 +0000 (13:13 +1000)]
overallocate all records by 25%
This greatly reduces the fragmentation of databases where records
tend to grow slowly by a small amount each time. The case where this
is most seen is the ldb index records. Adding this overallocation
reduced the size of the resulting database by more than 20x when
running a test that adds 10k users.
Andrew Tridgell [Mon, 1 Jun 2009 03:11:39 +0000 (13:11 +1000)]
auto-repack in transactions that expand the tdb
The idea behind this is to recover from badly fragmented free
lists. Choosing the point where the file expands is fairly arbitrary,
but seems to work well.
Andrew Tridgell [Mon, 1 Jun 2009 02:58:48 +0000 (12:58 +1000)]
when comp_num is zero, the case folded DN is always ""
This fixes a bug where we would look at an uninitialised
dn->linearized
Andrew Tridgell [Mon, 1 Jun 2009 00:39:30 +0000 (10:39 +1000)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Volker Lendecke [Sun, 31 May 2009 09:14:06 +0000 (11:14 +0200)]
Fix some nonempty blank lines
Volker Lendecke [Sun, 31 May 2009 09:06:23 +0000 (11:06 +0200)]
Fix a C++ warning
Günther Deschner [Sat, 30 May 2009 20:43:17 +0000 (22:43 +0200)]
nss_wrapper: try to fix the build of nss_wrapper on solaris.
Guenther
Jeremy Allison [Sat, 30 May 2009 20:28:03 +0000 (13:28 -0700)]
Fix bug #6421 - POSIX read-only open fails on read-only shares.
The change to smbd/trans2.c opens up
SETFILEINFO calls to POSIX_OPEN only. The change to first smbd/open.c closes 2
holes that would have been exposed by allowing POSIX_OPENS on readonly shares,
and their ability to set arbitrary flags permutations. The O_CREAT ->
O_CREAT|O_EXCL change removes an illegal combination (O_EXCL without O_CREAT)
that previously was being passed down to the open syscall.
Jeremy.
Volker Lendecke [Sat, 30 May 2009 16:24:14 +0000 (18:24 +0200)]
Move a comment where it belongs
Simo Sorce [Sat, 30 May 2009 14:16:31 +0000 (10:16 -0400)]
Make it possible to change machine account sids
Fixes bug #6081
Simo Sorce [Sat, 30 May 2009 13:48:38 +0000 (09:48 -0400)]
Remove trailing whitespaces
Jeremy Allison [Sat, 30 May 2009 09:30:16 +0000 (11:30 +0200)]
Simplify the dropbox patch
Volker Lendecke [Sat, 30 May 2009 08:12:53 +0000 (10:12 +0200)]
Move ads flags mapping to lib/
Volker Lendecke [Sat, 30 May 2009 07:54:14 +0000 (09:54 +0200)]
talloc_strdup "dir" in wb_context_init
Volker Lendecke [Sat, 30 May 2009 07:49:17 +0000 (09:49 +0200)]
Handle EINTR in async_sock.c
Günther Deschner [Sat, 30 May 2009 00:25:11 +0000 (02:25 +0200)]
s3-selftest: Fix invalid /etc/group file used with nss_wrapper.
Found by torture test.
Guenther
Kai Blin [Tue, 21 Apr 2009 07:58:42 +0000 (09:58 +0200)]
libwbclient: Store the winbind socket dir to use in the wb_context
Kai Blin [Wed, 1 Apr 2009 12:22:05 +0000 (14:22 +0200)]
libwbclient: Silence a compiler warning
Kai Blin [Thu, 16 Apr 2009 12:53:36 +0000 (14:53 +0200)]
libwbclient: Add async call framework.
Volker Lendecke [Wed, 13 May 2009 13:46:35 +0000 (15:46 +0200)]
Re-Add the "dropbox" functionality with -wx rights on a directory
Günther Deschner [Fri, 29 May 2009 07:21:11 +0000 (09:21 +0200)]
nss_wrapper: add test_nwrap_membership to testsuite.
Guenther
Günther Deschner [Fri, 29 May 2009 20:37:07 +0000 (22:37 +0200)]
nss_wrapper: restructure parts of the testsuite.
Guenther
Günther Deschner [Fri, 29 May 2009 07:19:16 +0000 (09:19 +0200)]
nss_wrapper: add support for getgrouplist.
Guenther
Jeremy Allison [Fri, 29 May 2009 21:58:34 +0000 (14:58 -0700)]
Make cli_nt_delete_on_close() async.
Jeremy.
Michael Adam [Fri, 29 May 2009 21:48:26 +0000 (23:48 +0200)]
s3:pdbedit: fix "format not a string literal and no format arguments" warnings
Michael
Michael Adam [Thu, 28 May 2009 23:12:47 +0000 (01:12 +0200)]
s3:add prototype of map_nt_error_from_wbcErr() to proto.h
Michael
Michael Adam [Thu, 28 May 2009 23:08:36 +0000 (01:08 +0200)]
libsmbclient: make SMBC_module_terminate() static.
Michael
Michael Adam [Thu, 28 May 2009 23:02:46 +0000 (01:02 +0200)]
s3:pam_smbpass: make smb_update_db() static.
Michael
Volker Lendecke [Fri, 29 May 2009 19:27:53 +0000 (21:27 +0200)]
Add smbldap_talloc_single_blob()
Günther Deschner [Fri, 29 May 2009 17:22:43 +0000 (19:22 +0200)]
s4-smbtorture: fix the build w/o libnetapi.
This is surely the wrong fix, but I could not figure out why the samba4 build
system adds the init function although the m4 macro had switched off the torture
libnetapi subsystem when the headers and libs were not found.
Can one of the samba4 build gurus please have a look ?
Guenther
Volker Lendecke [Fri, 29 May 2009 16:28:36 +0000 (18:28 +0200)]
util: Change license on tevent_unix to LGPLv3+
Volker Lendecke [Fri, 29 May 2009 12:15:51 +0000 (14:15 +0200)]
s3 async wbclient: Change license to LGPLv3+
Volker Lendecke [Fri, 29 May 2009 12:14:50 +0000 (14:14 +0200)]
async_sock: Change license to LGPLv3+
Kai Blin [Fri, 29 May 2009 12:06:50 +0000 (14:06 +0200)]
s3 wbc_async: Fix copyright notice cut&paste error.
Volker created all these prototypes, I just created the file and moved them over.
Signed-off-by: Kai Blin <kai@samba.org>
Günther Deschner [Fri, 29 May 2009 16:11:39 +0000 (18:11 +0200)]
Revert "s3-selftest: enable NETAPI-INITIALIZE and NETAPI-USER against samba3."
This reverts commit
8da15dc29a920cd6f4d2ed96e8de4fbcd9d1ba11.
Günther Deschner [Fri, 29 May 2009 14:59:35 +0000 (16:59 +0200)]
s3-selftest: enable NETAPI-INITIALIZE and NETAPI-USER against samba3.
Guenther
Günther Deschner [Fri, 29 May 2009 14:49:29 +0000 (16:49 +0200)]
s4-smbtorture: add NETAPI-GROUP test.
Guenther
Günther Deschner [Fri, 29 May 2009 14:39:04 +0000 (16:39 +0200)]
s4-smbtorture: add NETAPI-USER test.
Guenther
Günther Deschner [Fri, 29 May 2009 16:08:02 +0000 (18:08 +0200)]
s3-passdb: fix uninitialized variable in local_password_change().
Guenther
Simo Sorce [Sun, 17 May 2009 00:36:28 +0000 (20:36 -0400)]
Consolidate create/delete account paths in pdbedit
Use common paths like for smbpasswd, so that all utilities
behave the same way. As for smbpasswd this changes the behavior
of pdbedit to create/delete unix users is the add/delete user
scripts are provided, or ldapsam:editposix is configured.
Signed-off-by: Günther Deschner <gd@samba.org>
Simo Sorce [Sat, 16 May 2009 22:10:39 +0000 (18:10 -0400)]
Consolidate user create/delete paths in smbpasswd
This patch changes the way smbpasswd behaves when adding/deleting users.
smbpasswd now calls pdb_create_user/pdb_delete_user, this means that if
add/delete user scripts are configured then they are used to create or
delete unix users as well. If the scripts are not defined the behavioris
unchanged.
This also allow to use smbpasswd -a/-x with ldapsam:editposix to allow
automatic creation/deletion of users.
Signed-off-by: Günther Deschner <gd@samba.org>
Günther Deschner [Fri, 29 May 2009 14:36:44 +0000 (16:36 +0200)]
s4-smbtorture: add very basic LIBNETAPI testsuite.
Guenther
Günther Deschner [Thu, 28 May 2009 14:14:18 +0000 (16:14 +0200)]
s3-selftest: enable LOCAL-NSS-WRAPPER test against samba 3.
Guenther
Günther Deschner [Thu, 28 May 2009 14:13:33 +0000 (16:13 +0200)]
s4-smbtorture: add a very basic NSS-WRAPPER testsuite.
Guenther
Günther Deschner [Thu, 28 May 2009 14:08:04 +0000 (16:08 +0200)]
util: move add_gid_to_array_unique to toplevel and add add_uid_to_array_unique.
Guenther
Günther Deschner [Fri, 29 May 2009 11:18:23 +0000 (13:18 +0200)]
s4-smbtorture: remove trailing whitespace.
Guenther
Günther Deschner [Fri, 29 May 2009 11:16:25 +0000 (13:16 +0200)]
s4-smbtorture: Fix test_SamLogon() for netlogon servers not yet supporting
validation level 6.
Guenther
Günther Deschner [Fri, 29 May 2009 11:15:27 +0000 (13:15 +0200)]
s3-netlogon: Fix _netr_LogonSamLogon{Ex} with validation level != 3.
Guenther
Günther Deschner [Fri, 29 May 2009 10:42:15 +0000 (12:42 +0200)]
s3-netlogon: return proper error code for unsupported validation class.
Guenther
Günther Deschner [Fri, 29 May 2009 10:41:41 +0000 (12:41 +0200)]
s3-rpc_server: increase max number of open policy handles per pipe to 2048.
Guenther
Kumar Thangavelu [Fri, 29 May 2009 09:27:38 +0000 (11:27 +0200)]
s3/getdcname: Fix 'net' crash.
'net' command crashed when attempting to join a
domain. This occurred in a very specific case where
the DC had multiple IPs and one of the IPs was invalid.
Signed-off-by: Volker Lendecke <vl@samba.org>
Karolin Seeger [Fri, 29 May 2009 07:49:49 +0000 (09:49 +0200)]
s3/docs: Fix typo.
This fixes bug #4341.
Thanks to Michael Cartmell <michael.cartmell [at] thomson.com> for reporting!
Karolin
Volker Lendecke [Fri, 29 May 2009 07:42:31 +0000 (09:42 +0200)]
Fix some nonempty blank lines
Andrew Bartlett [Fri, 29 May 2009 07:12:06 +0000 (17:12 +1000)]
Win2k3 don't allow creating of domain trust accounts over SAMR
Andrew Bartlett [Fri, 29 May 2009 07:02:19 +0000 (17:02 +1000)]
s4:torture Don't try to Close a Deleted handle
Andrew Kroeger [Fri, 29 May 2009 01:18:33 +0000 (20:18 -0500)]
s4: Add additional 2-letter SID/RID mappings.
Information from http://msdn.microsoft.com/en-us/library/
aa379602(VS.85).aspx
Andrew Kroeger [Fri, 29 May 2009 01:02:42 +0000 (20:02 -0500)]
s4: Add additional well-known SID's/RID's.
Information was found at http://support.microsoft.com/kb/243330
Not all well-known identifiers were included - only those necessary for
enhancing the 2-letter mappings used in SDDL strings were added.
Andrew Bartlett [Fri, 29 May 2009 02:15:28 +0000 (12:15 +1000)]
s4:setup Remove generated attributes from provision_configuration
Incorrectly added in
95eeef91d3ed7daf8e19029eadcc610caf26db63, and
found by OpenLDAP backend tests run by Theodor Chirana <office@adaptcom.ro>
Andrew Bartlett
Andrew Bartlett [Thu, 28 May 2009 22:35:59 +0000 (08:35 +1000)]
s4:torture Don't run QueryDisplayInfo test for SAMR-USERS-PRIVILEGES
Andrew Bartlett [Thu, 28 May 2009 22:35:41 +0000 (08:35 +1000)]
s4:torture Clean up users and groups added in RPC-SAMR-LARGE-DC
Andrew Bartlett [Thu, 28 May 2009 04:49:29 +0000 (14:49 +1000)]
s4:torture Half the repeditive tests run by RPC-SAMR-PASSWORDS-PWDLASTSET
Andrew Bartlett [Thu, 28 May 2009 04:13:11 +0000 (14:13 +1000)]
Explicitly list RPC-SAMR-PASSWORDS-PWDLASTSET and RPC-SAMR-USERS-PRIVILAGES as slow
Andrew Bartlett [Thu, 28 May 2009 01:44:44 +0000 (11:44 +1000)]
s4:client Match Samba3 and remove smbmount from the distribution
Andrew Bartlett [Thu, 28 May 2009 00:42:28 +0000 (10:42 +1000)]
s4:torture Make the RPC-SAMR-PWDLASTET more efficient
By using SamLogonEx we avoid setting up the credentials chain for each
request.
(Needs to be pushed further up the stack, to only connect to NETLOGON once).
Andrew Bartlett
Andrew Bartlett [Fri, 29 May 2009 00:34:00 +0000 (10:34 +1000)]
Fix incorrect RID for KRBTGT. (was incorectly 514, should be 502)
Requires recompile of source4/kdc/*
Found by Andrew Kroeger <andrew@id10ts.net>
Andrew Bartlett
Andrew Bartlett [Fri, 29 May 2009 00:34:00 +0000 (10:34 +1000)]
Fix incorrect RID for KRBTGT. (was incorectly 514, should be 502)
Requires recompile of source4/kdc/*
Found by Andrew Kroeger <andrew@id10ts.net>
Andrew Bartlett
Jeremy Allison [Thu, 28 May 2009 23:15:09 +0000 (16:15 -0700)]
Make cli_posix_chown()/cli_posix_chmod() async.
Jeremy.
Tim Prouty [Thu, 28 May 2009 21:11:43 +0000 (14:11 -0700)]
s3 onefs: update the onefs module to be compliant with stat_ex
Tim Prouty [Thu, 28 May 2009 21:11:17 +0000 (14:11 -0700)]
s3: Fix a few more users of stat to use stat_ex
Tim Prouty [Thu, 28 May 2009 20:34:28 +0000 (13:34 -0700)]
s3 tdbtorture: Fix linking issue
tdbtorture now calls the tdb transaction code and needs to link it appropriately
Jeremy Allison [Thu, 28 May 2009 20:32:00 +0000 (13:32 -0700)]
Make cli_posix_stat() async.
Jeremy.
Steven Danneman [Thu, 28 May 2009 00:14:49 +0000 (17:14 -0700)]
s3/auth map NULL domains to our global sam name
This is an addendum to
d8c54fdd, which made make_user_info_map() match
Windows behavior by mapping untrusted domains given to smbd on the wire
with the users credentials to smbd's global sam name.
This fix was being circumvented in the case where the client passed
a NULL domain. Vista clients do this. In that case smbd was always
remapping the name to the machine workgroup. The NULL domain case
should also be mapped to the global sam name.
Removing the code in this patch, causes us to fall down to the logic
added in
d8c54fdd and properly map the domain.
Jeremy Allison [Thu, 28 May 2009 20:05:50 +0000 (13:05 -0700)]
Make getfacl async.
Jeremy.
Bo Yang [Fri, 29 May 2009 08:10:19 +0000 (16:10 +0800)]
s3: fix building of pam_smbpass.
Signed-off-by: Bo Yang <boyang@samba.org>
Günther Deschner [Thu, 28 May 2009 13:32:55 +0000 (15:32 +0200)]
s3-winbindd: fix remaining callers of sid_binstring().
Guenther
Andrew Tridgell [Thu, 28 May 2009 12:12:00 +0000 (22:12 +1000)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Volker Lendecke [Thu, 28 May 2009 12:09:44 +0000 (14:09 +0200)]
Fix some nonempty blank lines
Björn Jacke [Wed, 27 May 2009 22:25:48 +0000 (00:25 +0200)]
s3:nmbd: fix typo
Günther Deschner [Thu, 28 May 2009 09:51:46 +0000 (11:51 +0200)]
nss_wrapper: fix nss_wrapper build for solaris.
Guenther
Günther Deschner [Thu, 28 May 2009 08:53:53 +0000 (10:53 +0200)]
nss_wrapper: remove re-structuring leftovers (unused variables).
Guenther
Volker Lendecke [Thu, 28 May 2009 09:18:22 +0000 (11:18 +0200)]
Make sid_binstring & friends take a talloc context
Volker Lendecke [Wed, 27 May 2009 16:40:31 +0000 (18:40 +0200)]
TALLOC_ZERO_P->talloc_zero
Volker Lendecke [Wed, 27 May 2009 16:40:13 +0000 (18:40 +0200)]
Do not segfault in pdb_search_destructor if no real search was started
Volker Lendecke [Wed, 27 May 2009 23:02:40 +0000 (01:02 +0200)]
Add smbldap_pull_sid
Günther Deschner [Thu, 28 May 2009 08:40:22 +0000 (10:40 +0200)]
s3-selftest: use nss_wrapper.pl as "add user to group" and "delete user from group" script.
Guenther
Günther Deschner [Thu, 28 May 2009 08:39:37 +0000 (10:39 +0200)]
nss_wrapper: support member add and delete for groups in nss_wrapper.pl.
Guenther
Günther Deschner [Wed, 27 May 2009 20:35:14 +0000 (22:35 +0200)]
nss_wrapper: split out passwd and group paths in nss_wrapper.pl.
Guenther
Günther Deschner [Wed, 27 May 2009 16:38:10 +0000 (18:38 +0200)]
nss_wrapper: restructure nwrap calls.
Guenther
Andrew Tridgell [Thu, 28 May 2009 07:35:12 +0000 (17:35 +1000)]
fixed tdbbackup to give tdb error messages
Andrew Tridgell [Thu, 28 May 2009 06:12:34 +0000 (16:12 +1000)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Andrew Tridgell [Thu, 28 May 2009 06:11:45 +0000 (16:11 +1000)]
a useful debugging tool
When looking at performance problems with ldb it can be useful to see
which searches causes unindexed full searches. This makes it easy to
enable that.
Andrew Tridgell [Thu, 28 May 2009 06:10:47 +0000 (16:10 +1000)]
fixed one-level indexing
one-level indexing was not always effective due to some broken logic
in the indexing code. This change means that if normal indexing fails,
we can still fall back on one-level indexing.
This reduces the number of full unindexed searches in s4 quite a lot
Andrew Tridgell [Thu, 28 May 2009 06:08:49 +0000 (16:08 +1000)]
enable one-level indexing in sam.ldb
Andrew Tridgell [Thu, 28 May 2009 06:08:28 +0000 (16:08 +1000)]
make TDB_NOSYNC affect all the fsync/msync calls in transactions
During a transaction commit tdb normally uses fsync/msync calls to
make it crash safe. This can be disabled using the TDB_NOSYNC flag,
but it wasn't disabling all the code paths that caused a fsync/msync.
Jeremy Allison [Thu, 28 May 2009 05:02:20 +0000 (22:02 -0700)]
Add a smbclient "readlink" command and add docs for it.
Jeremy.
Jeremy Allison [Thu, 28 May 2009 04:51:15 +0000 (21:51 -0700)]
Add cli_posix_readlink() and a torture test for it.
Jeremy.
Jeremy Allison [Thu, 28 May 2009 00:28:23 +0000 (17:28 -0700)]
Add aync POSIX hardlink and symlink and torture test for them.
Missing call cli_readlink() is next.
Jeremy.