Karolin Seeger [Wed, 19 Nov 2008 12:08:41 +0000 (13:08 +0100)]
manpages: Document new wbinfo idmapping options.
--set-uid/gid-mapping
--remove-uid/gid-mapping
Karolin
Karolin Seeger [Wed, 19 Nov 2008 12:08:00 +0000 (13:08 +0100)]
WHATSNEW: Update changes since 3.3.0pre2.
Karolin
Steven Danneman [Tue, 28 Oct 2008 06:36:36 +0000 (23:36 -0700)]
[PATCH] Clean-up various trailing space and >80 column lines.
Steven Danneman [Tue, 28 Oct 2008 06:37:55 +0000 (23:37 -0700)]
[PATCH] Added ability to remove id mappings in wbinfo and libwbclient.
The idmap_tdb backend already provides an interface to remove existing id
mappings. This commit plumbs that ability up through, winbindd, libwbclient,
and wbinfo.
Added new winbindd command:
WINBINDD_REMOVE_MAPPING
Added new libwbclient interfaces:
wbcRemoveUidMapping() and wbcRemoveGidMapping()
Added new wbinfo options:
--remove-uid-mapping
--remove-gid-mapping
Increased libwbclient version to 0.2
Increased winbind interface version to 20
Steven Danneman [Tue, 28 Oct 2008 06:46:44 +0000 (23:46 -0700)]
[PATCH] Added ability to set id mappings in wbinfo.
The two new parameters are:
--set-uid-mapping
--set-gid-mapping
These allow wbinfo to create new, or override existing id mappings in the
idmap backend. These expose the exisiting ability of libwbclient
and winbindd to do this, up through a command line utility.
Günther Deschner [Sun, 21 Sep 2008 16:57:26 +0000 (18:57 +0200)]
netlogon: move password change code out to rpccli_netlogon_set_trust_password.
Guenther
Günther Deschner [Sat, 20 Sep 2008 16:20:29 +0000 (18:20 +0200)]
netlogon: refactor just_change_the_password a bit.
Guenther
Günther Deschner [Sat, 20 Sep 2008 15:01:20 +0000 (17:01 +0200)]
netlogon: use init_netr_CryptPassword in "just_change_the_password"
Guenther
Günther Deschner [Sat, 20 Sep 2008 15:00:30 +0000 (17:00 +0200)]
netlogon: add init_netr_CryptPassword.
Guenther
Günther Deschner [Wed, 19 Nov 2008 01:07:35 +0000 (02:07 +0100)]
netlogon: change parameters string to lsa_BinaryString.
Guenther
Günther Deschner [Mon, 10 Nov 2008 11:32:26 +0000 (12:32 +0100)]
s3-netlogon: fix type of parameters string in user delta.
Guenther
Günther Deschner [Sat, 27 Sep 2008 01:29:01 +0000 (03:29 +0200)]
wbclient: add wbcLookupDomainControllerEx call.
Guenther
Günther Deschner [Thu, 2 Oct 2008 11:11:31 +0000 (13:11 +0200)]
wbclient: add wbcGuidToString and wbcStringToGuid helper functions.
Guenther
Günther Deschner [Thu, 2 Oct 2008 11:06:50 +0000 (13:06 +0200)]
wbclient: add wbcGuid structure.
Guenther
Günther Deschner [Thu, 2 Oct 2008 11:07:14 +0000 (13:07 +0200)]
wbclient: add my copyright.
Guenther
Günther Deschner [Sat, 27 Sep 2008 01:11:59 +0000 (03:11 +0200)]
krb5-locator: fix dsgetdcname caller.
Guenther
Günther Deschner [Sat, 27 Sep 2008 01:11:33 +0000 (03:11 +0200)]
wbinfo: fix dsgetdcname caller.
Guenther
Günther Deschner [Sat, 27 Sep 2008 01:05:47 +0000 (03:05 +0200)]
s3-winbindd: add dsgetdcname request and reply to winbind structure.
Guenther
Günther Deschner [Tue, 18 Nov 2008 08:52:35 +0000 (09:52 +0100)]
s3-libnet-samsync: store samsync sequence number state in keytab.
Guenther
Günther Deschner [Tue, 18 Nov 2008 08:49:37 +0000 (09:49 +0100)]
s3-libnet-samsync: refactor libnet_samsync.
Guenther
Günther Deschner [Tue, 18 Nov 2008 08:42:59 +0000 (09:42 +0100)]
s3-libnet-samsync: pass back sequence number from fetch_sam_entries_keytab.
Guenther
Günther Deschner [Tue, 18 Nov 2008 02:45:38 +0000 (03:45 +0100)]
s3-libnet-samsync: use netr_DatabaseDeltas unless full replication enforced.
Guenther
Günther Deschner [Tue, 18 Nov 2008 01:01:03 +0000 (02:01 +0100)]
s3-libnet-samsync: pass sequence number pointer to process routine.
Guenther
Günther Deschner [Mon, 17 Nov 2008 18:34:56 +0000 (19:34 +0100)]
s3-libnet-samsync: move all modules to startup,process,finish callbacks.
Guenther
Günther Deschner [Mon, 17 Nov 2008 16:14:19 +0000 (17:14 +0100)]
s3-libnet-samsync: call init and close ops function where appropriate.
Guenther
Günther Deschner [Mon, 17 Nov 2008 15:31:59 +0000 (16:31 +0100)]
s3-libnet-samsync: use samsync_ops.
Guenther
Günther Deschner [Mon, 17 Nov 2008 15:29:11 +0000 (16:29 +0100)]
s3-libnet-samsync: add samsync_ops to all samsync modules.
Guenther
Günther Deschner [Mon, 17 Nov 2008 15:28:34 +0000 (16:28 +0100)]
s3-libnet-samsync: add samsync_ops.
Guenther
Günther Deschner [Tue, 18 Nov 2008 00:16:53 +0000 (01:16 +0100)]
s3-libnet: move add_to_keytab_entries to libnet_keytab.
Guenther
Günther Deschner [Tue, 18 Nov 2008 12:25:50 +0000 (13:25 +0100)]
s3-net: add "net rpc vampire passdb" that allows to take arguments.
Guenther
Günther Deschner [Tue, 11 Nov 2008 18:00:26 +0000 (19:00 +0100)]
s3-net: use net_scan_dc in net rpc vampire keytab.
Guenther
Günther Deschner [Tue, 11 Nov 2008 17:59:57 +0000 (18:59 +0100)]
s3-net: add net_scan_dc function.
Guenther
Günther Deschner [Tue, 11 Nov 2008 17:59:21 +0000 (18:59 +0100)]
s3-net: add net_dc_info struct.
Guenther
Günther Deschner [Tue, 4 Nov 2008 15:25:40 +0000 (16:25 +0100)]
s3-net-vampire: add support for partial replication (individual deltas).
Guenther
Günther Deschner [Tue, 4 Nov 2008 14:49:27 +0000 (15:49 +0100)]
s3-libnet-samsync: add support for partial replication.
Guenther
Günther Deschner [Tue, 18 Nov 2008 22:50:02 +0000 (23:50 +0100)]
re-run make idl.
Guenther
Günther Deschner [Thu, 6 Nov 2008 15:50:39 +0000 (16:50 +0100)]
netlogon: use 8bit SamDatabaseID and DeltaEnum in netr_ChangeLogEntry.
Guenther
Günther Deschner [Tue, 18 Nov 2008 22:43:09 +0000 (23:43 +0100)]
netlogon: add 8bit varients of netr_SamDatabaseID8Bit and netr_DeltaEnum.
Guenther
Günther Deschner [Tue, 4 Nov 2008 10:35:48 +0000 (11:35 +0100)]
netlogon-idl: use netr_ChangeLogEntry subcontext in netr_DatabaseRedo.
Guenther
Günther Deschner [Tue, 4 Nov 2008 10:34:35 +0000 (11:34 +0100)]
netlogon-idl: add netr_ChangeLogObject union.
Guenther
Günther Deschner [Mon, 3 Nov 2008 12:38:20 +0000 (13:38 +0100)]
netlogon-idl: add netr_ChangeLogFlags.
Guenther
Günther Deschner [Thu, 30 Oct 2008 09:54:25 +0000 (10:54 +0100)]
netlogon-idl: add netr_ChangeLogEntry.
Guenther
Günther Deschner [Thu, 30 Oct 2008 08:29:17 +0000 (09:29 +0100)]
netlogon: fix IDL for netr_DatabaseRedo.
Guenther
Steven Danneman [Sat, 15 Nov 2008 21:07:15 +0000 (13:07 -0800)]
Fix extended DN parse error when AD object does not have a SID.
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse
error occured because of bad input, or the DN was valid but contained no SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
Steven Danneman [Sat, 15 Nov 2008 03:16:12 +0000 (19:16 -0800)]
Whitespace and >80 column cleanups.
Günther Deschner [Tue, 14 Oct 2008 11:36:15 +0000 (13:36 +0200)]
s3-build: fix init_samba_module missing proto warning.
Guenther
(cherry picked from commit
f4f59bf24803df975ed38d558c7b0931ca575c3d)
Michael Adam [Mon, 22 Sep 2008 08:34:57 +0000 (10:34 +0200)]
winbind_util: fix an implicit cast compile warning.
Michael
Günther Deschner [Thu, 13 Nov 2008 18:42:13 +0000 (19:42 +0100)]
s3-svctl-server: fix remote rpc service management (bug #5888).
Don't TALLOC_FREE a non-talloced [ref] pointer.
Guenther
Günther Deschner [Thu, 16 Oct 2008 00:00:46 +0000 (02:00 +0200)]
s3: remove old marshalling for SVCCTL_QUERY_SERVICE_CONFIG.
Guenther
Günther Deschner [Wed, 15 Oct 2008 23:35:27 +0000 (01:35 +0200)]
s3: remove rpccli_svcctl_query_config.
Guenther
Günther Deschner [Tue, 18 Nov 2008 17:01:00 +0000 (18:01 +0100)]
s3: use IDL generated rpc for _svcctl_QueryServiceConfigW.
Guenther
Günther Deschner [Tue, 18 Nov 2008 18:27:35 +0000 (19:27 +0100)]
s3: re-run make idl.
Guenther
Günther Deschner [Wed, 15 Oct 2008 23:21:46 +0000 (01:21 +0200)]
idl: fix svcctl_QueryServiceConfigW.
Guenther
Dina Fine [Tue, 18 Nov 2008 20:44:42 +0000 (12:44 -0800)]
Fix bug #5908 - Samba 3.0.32 - internal change notify on share directory fails"
Kai Blin [Tue, 18 Nov 2008 15:31:34 +0000 (16:31 +0100)]
libsmb: Fix up pointer passed to cli_send_trans in cli_link_internal
Seems like this one fell victim to the pstring removal. The other callers seem
to be fine, even though removing the casts would make the code less confusing.
Jeremy Allison [Tue, 18 Nov 2008 18:58:33 +0000 (10:58 -0800)]
Re-structure Volker's patch to "Fix trans2findfirst for the large directory optimization". Makes the change clearer.
Jeremy.
Karolin Seeger [Tue, 18 Nov 2008 16:40:20 +0000 (17:40 +0100)]
WHATSNEW: Update changes since 3.3.0pre2.
Karolin
Günther Deschner [Tue, 18 Nov 2008 16:06:53 +0000 (17:06 +0100)]
s3: merge german pam_winbind message translations from
Guenther
Volker Lendecke [Tue, 18 Nov 2008 16:03:38 +0000 (17:03 +0100)]
Fix trans2findfirst for the large directory optimization
With
case sensitive = yes
preserve case = no
short preserve case = no
default case = upper
a "dir FOO.txt" would not find "FOO.TXT" because FOO.txt ends up unconverted in
the mask for mask_match.
Jeremy, please check!
Volker
Davide Sfriso [Mon, 17 Nov 2008 23:39:34 +0000 (15:39 -0800)]
Fix bug #5906 when running winbindd on a Samba PDC. Winbindd crash on 'getent group'.
Jeremy Allison [Mon, 17 Nov 2008 22:13:28 +0000 (14:13 -0800)]
Fix bug #5900 reported by monyo@samba.gr.jp - vfs_readonly.so does not work.
Jeremy.
Günther Deschner [Mon, 17 Nov 2008 17:25:01 +0000 (18:25 +0100)]
s3-libnet-samsync: use enctype 23 for vampired keytab entries.
Guenther
(cherry picked from commit
a48abdaa811c76e64a3383fe970e62b7bbb3582c)
Karolin Seeger [Mon, 17 Nov 2008 14:23:34 +0000 (15:23 +0100)]
s3 create-tarball.sh: Remove dashes in git commands.
Newer git versions (e.g. 1.6.0.2) do not provide the 'git-' commands
any longer.
Karolin
(cherry picked from commit
0cba859f12177aaf3ef2d96663f0a51f61c24d56)
Bo Yang [Sun, 16 Nov 2008 08:34:34 +0000 (16:34 +0800)]
Fix broken msgids in ntstatus_errors
Signed-off-by: Günther Deschner <gd@samba.org>
Kai Blin [Mon, 17 Nov 2008 07:37:21 +0000 (08:37 +0100)]
net: Fix net rap printq info documentation (bug #5892)
Carsten Dumke <carsten@cdumke.de> reported and provided a patch
for v3.0 and v3.2. (See
0a7fb721cdc)
This fixes the same issue in v3.3 and also changes the auto-generated usage
information to give better help about net rap printq info.
TAKAHASHI Motonobu [Sun, 16 Nov 2008 12:17:16 +0000 (13:17 +0100)]
Fix bug 5901: Default for streams_depot location
Günther Deschner [Wed, 15 Oct 2008 09:26:33 +0000 (11:26 +0200)]
s3-libgpo: fix build for security cse.
Guenther
(cherry picked from commit
3cb281e48f9943a5188f040d941bb1e0fc32cdad)
Volker Lendecke [Fri, 14 Nov 2008 12:42:54 +0000 (13:42 +0100)]
Make memcache_add_talloc NULL out the source pointer
This is an orthogonality measure to make clear this pointer now belongs to the
cache.
(cherry picked from commit
e6080c6e87d6fe3995b121a772bf3f6343fa666f)
Volker Lendecke [Thu, 13 Nov 2008 22:50:19 +0000 (23:50 +0100)]
Actually finish memcache_add_talloc
This fixes a memleak found by Martin Zielinski <mz@seh.de>. Thanks for
looking closely!
Volker
(cherry picked from commit
a31a84a078100819809e6d40dbc3df207a50a0b2)
Günther Deschner [Fri, 14 Nov 2008 16:45:36 +0000 (17:45 +0100)]
make some more parts of security.idl public and re-run make idl.
Guenther
Günther Deschner [Fri, 14 Nov 2008 15:12:34 +0000 (16:12 +0100)]
re-run make idl.
Guenther
Stefan Metzmacher [Fri, 7 Nov 2008 09:49:59 +0000 (10:49 +0100)]
security.idl: sometimes ACEs have some padding at the end
metze
Volker Lendecke [Fri, 14 Nov 2008 12:13:40 +0000 (13:13 +0100)]
Rename some variables in getpwnam_alloc() for clarity
Volker Lendecke [Fri, 14 Nov 2008 11:49:18 +0000 (12:49 +0100)]
sys_pwnam doesn't return talloced memory, so don't mix up the returned struct.
(cherry picked from commit
eb99923991960e53bd150ac8f1d818cb746101b4)
Jeremy Allison [Fri, 14 Nov 2008 01:18:06 +0000 (17:18 -0800)]
Move v2 from timestamp to 16-byte hash. Got the change in before on disk format is fixed.
Jeremy.
Günther Deschner [Thu, 13 Nov 2008 20:11:12 +0000 (21:11 +0100)]
re-run make idl.
Guenther
Günther Deschner [Thu, 13 Nov 2008 20:11:31 +0000 (21:11 +0100)]
Fix PNP_GetHwProfInfo() (fixes Bug: #5888).
Guenther
Jeremy Allison [Thu, 13 Nov 2008 19:51:19 +0000 (11:51 -0800)]
Fix the build (hangs head in shame :-).
Jeremy.
Günther Deschner [Thu, 13 Nov 2008 16:30:00 +0000 (17:30 +0100)]
pam_winbind: translate some more string.
boyang, please check.
Guenther
Bo Yang [Thu, 30 Oct 2008 05:02:41 +0000 (13:02 +0800)]
i18n/l10n pam_winbind
Jeremy Allison [Thu, 13 Nov 2008 03:32:35 +0000 (19:32 -0800)]
Merge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into samba-3-3-test
Jeremy Allison [Thu, 13 Nov 2008 03:31:46 +0000 (19:31 -0800)]
Pretty print out SD's on get/set.
Jeremy.
Jeremy Allison [Wed, 12 Nov 2008 22:05:39 +0000 (14:05 -0800)]
Fix memory leak in error path, spotted by Martin Zielinski <mz@seh.de>.
Jeremy.
Jeremy Allison [Tue, 11 Nov 2008 22:38:00 +0000 (14:38 -0800)]
Fix bug 5891] : smbd crashed when viewing the eventlog exported by "eventlog list"
Don't mix TALLOC and SAFE_FREE().
Jeremy.
Jeremy Allison [Tue, 11 Nov 2008 22:20:32 +0000 (14:20 -0800)]
Fix bug 5889. "delete veto files = no" seems to break.
Jeremy.
Jeremy Allison [Tue, 11 Nov 2008 18:24:41 +0000 (10:24 -0800)]
Merge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into v3-3-test
Jeremy Allison [Tue, 11 Nov 2008 01:58:09 +0000 (17:58 -0800)]
Added vfs_acl_tdb.c module to do ACLs completely in userspace. Passes all of RAW-ACLS except for the last test which uses a non-POSIX chown. More testing/documentation to follow.
Jeremy.
Michael Adam [Mon, 10 Nov 2008 08:51:39 +0000 (09:51 +0100)]
make keytab filename argument mandatory to "net rpc vampire keytab"
This prevents unintended overwriting of the default path /etc/krb5.keytab (e.g.).
Michael
Michael Adam [Mon, 10 Nov 2008 14:01:18 +0000 (15:01 +0100)]
build: prevent make errors for picky makes when $(EXTRA_ALL_TARGETS) is empty
picky make implementations don't like lines with only tabs in rules or dependencie
Michael
(cherry picked from commit
058d1e2d0a4985825a62d2adc336a48d91ae4771)
Martin Schwenke [Fri, 7 Nov 2008 01:20:59 +0000 (12:20 +1100)]
Add @CIFSUPCALL_PROGS@ to "all" target so cifs.upcall gets built at
compile time rather than install time. This stops problems where
packaging scripts pass CFLAGS to "make" but not "make install".
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
884349af686faaf7b6bfec08eb2ac5dbc8e30fe5)
Kai Blin [Fri, 7 Nov 2008 08:50:33 +0000 (09:50 +0100)]
ntlm_auth: Put huge NTLMv2 blobs into extra_data on CRAP auth
This fixes bug #5865
Jeremy Allison [Sun, 9 Nov 2008 06:58:59 +0000 (22:58 -0800)]
Fix a subtle logic bug in the adaption of se_create_child_secdesc(), pass RAW-ACL inheritance tests. Only access masks for SD get/set left to fix.
Jeremy.
Jeremy Allison [Fri, 7 Nov 2008 07:29:55 +0000 (23:29 -0800)]
If we didn't inherit any ACE's the ACE pointer should be NULL.
Jeremy.
Jeremy Allison [Fri, 7 Nov 2008 04:50:11 +0000 (20:50 -0800)]
Make us clean under valgrind --leak-check=full by using talloc_autofree_context() instead of NULL.
Remove the code in memcache that does a TALLOC_FREE on stored pointers. That's a disaster waiting
to happen. If you're storing talloc'ed pointers, you can't know their lifecycle and they should
be deleted when their parent context is deleted, so freeing them at some arbitrary point later
will be a double-free.
Jeremy.
Jeremy Allison [Fri, 7 Nov 2008 04:41:52 +0000 (20:41 -0800)]
Merge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into v3-3-test
Herb Lewis [Fri, 7 Nov 2008 04:41:02 +0000 (20:41 -0800)]
Convert to use VFS layer.
Jeff Layton [Thu, 6 Nov 2008 20:13:48 +0000 (15:13 -0500)]
mount.cifs: use lock/unlock_mtab scheme from util-linux-ng mount prog
The util-linux-ng sources have a good, but rather complex scheme for
locking the mtab before updating it. Mount helpers need to follow the
same scheme. Advisory locking only works if everyone is using the same
locking scheme.
Copy the routines we need from util-linux-ng into a separate source file
and then have mount.cifs and umount.cifs link in this object.
The long term goal is to have these routines in a separate helper
library (libmount). Mount helpers can then dynamically link in that lib.
Until that happens, this should serve as a suitable stopgap solution.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Jeremy Allison [Thu, 6 Nov 2008 14:42:34 +0000 (06:42 -0800)]
Fix bug #5825 - Account locking out doesnt work with an LDAP backend.Based on a problem found by Boyang. Only the pdb_nds backend implements login attempts so this was broken for tdbsam and ldap.
Jeremy.
Jeremy Allison [Thu, 6 Nov 2008 09:59:17 +0000 (01:59 -0800)]
Start factoring out the inheritance differences.
Jeremy.
Jeremy Allison [Thu, 6 Nov 2008 09:46:40 +0000 (01:46 -0800)]
Final fix to make us pass NULL SD test in RAW-ACLs. Not sure if this is 100% right. Only inheritance left to fix.
Jeremy.