Jim McDonough [Mon, 10 Jan 2005 18:29:52 +0000 (18:29 +0000)]
r4651: Add "refuse machine password change" policy field. This update will just
return the appropriate reg value. Enforcement to be added soon.
Also, fix account policy tdb upgrade so it doesn't just wipe out everything
that was in there from a a previous version.
Günther Deschner [Mon, 10 Jan 2005 15:28:07 +0000 (15:28 +0000)]
r4646: Allow Account Lockout with Lockout Duration "forever" (until admin
unlocks) to be set and displayed in User Manager.
Guenther
Gerald Carter [Mon, 10 Jan 2005 13:17:36 +0000 (13:17 +0000)]
r4645: patch from Rob to fix the build breakage in vfstest after the reload_printers() cleanup
Günther Deschner [Mon, 10 Jan 2005 10:23:57 +0000 (10:23 +0000)]
r4633: Finally give rpcclient a port-command.
Guenther
Volker Lendecke [Sat, 8 Jan 2005 13:33:19 +0000 (13:33 +0000)]
r4604: Attempt to fix the buildfarm build.
vfstest refers to reload_printers, only defined in smbd/server.c. Jerry, could
you take a look at that?
Thanks,
Volker
Jeremy Allison [Sat, 8 Jan 2005 00:51:12 +0000 (00:51 +0000)]
r4601: Removed any use of the MAX_XXX_STR style definitions. A little larger
change than I'd hoped for due to formating changes to tidy up code.
Jeremy.
Jeremy Allison [Thu, 6 Jan 2005 23:45:53 +0000 (23:45 +0000)]
r4581: From Derrell.Lipman@UnwiredUniverse.com. Use nanosleep instead of select
when we have it in smb_msleep.
Jeremy.
Gerald Carter [Thu, 6 Jan 2005 23:27:28 +0000 (23:27 +0000)]
r4579: small changes to allow the members og the Domain Admins group on the Samba DC to join clients to the domain -- needs more testing and security review but does work with initial testing
Jeremy Allison [Thu, 6 Jan 2005 19:32:39 +0000 (19:32 +0000)]
r4577: Fix from William Jojo <jojowil@hvcc.edu> for AIX 5.3 compile.
Jeremy.
Gerald Carter [Thu, 6 Jan 2005 17:50:51 +0000 (17:50 +0000)]
r4575: adding extra debug to cm_prepare_connection()
Stefan Metzmacher [Thu, 6 Jan 2005 17:25:34 +0000 (17:25 +0000)]
r4573: merge -r 4572 from SAMBA_4_0:
remove configure and include/config.h*
before running autoheader && autoconf
this fixes bug where configure didn't get correctly updated
(I assume autoconf uses some caching...)
metze
Volker Lendecke [Thu, 6 Jan 2005 15:35:02 +0000 (15:35 +0000)]
r4570: Replace cli->nt_pipe_fnum with an array of NT file numbers, one for each
supported pipe. Netlogon is still special, as we open that twice, one to do
the auth2, the other one with schannel.
The client interface is completely unchanged for those who only use a single
pie. cli->pipe_idx is used as the index for everything except the "real"
client rpc calls, which have been explicitly converted in my last commit. Next
step is to get winbind to just use a single smb connection for multiple pipes.
Volker
Volker Lendecke [Thu, 6 Jan 2005 11:42:40 +0000 (11:42 +0000)]
r4561: This looks a lot larger than it is, this is to reduce the clutter on future
patches.
Pass down the pipe_idx down to all functions in cli_pipe where nt_pipe_fnum is
referenced. First step towards having multiple pipes on a cli_struct. The idea
is to not have a single nt_pipe_fnum but an array for the pipes we support.
Volker
Jeremy Allison [Thu, 6 Jan 2005 00:45:39 +0000 (00:45 +0000)]
r4545: Fix based on work by Derrell.Lipman@UnwiredUniverse.com :
* In an application with signals, it was possible for functions to block
indefinitely while awaiting timeouts. This patch ensures that if a system
call with a timeout is aborted and needs to be restarted, it is restarted
with a timeout which is adjusted for the amount of time already waited.
Jeremy.
Gerald Carter [Wed, 5 Jan 2005 16:20:35 +0000 (16:20 +0000)]
r4539: patch from Rob -- adding real printcap name cache function to speed up printcap reloads
Jim McDonough [Wed, 5 Jan 2005 16:02:56 +0000 (16:02 +0000)]
r4538: Fix bugzilla 2198, accounts which have password last set to 0 are getting
no passwords after vampire. Set password last set field to now.
Gerald Carter [Wed, 5 Jan 2005 01:54:58 +0000 (01:54 +0000)]
r4525: fix Fedora specfile to include pam_winbind(8) man page
Jim McDonough [Tue, 4 Jan 2005 20:02:56 +0000 (20:02 +0000)]
r4514: Fix for bugzilla 1770. Remove READ_ATTRIBUTES from GENERIC_EXECUTE, otherwise
modification of an ACL that contains an ACE with execute only will cause
that to be upgraded to read/execute. Side effect is that dirs/files with
execute only show up as special permissions, which is still correct.
Jelmer Vernooij [Sun, 26 Dec 2004 21:06:43 +0000 (21:06 +0000)]
r4370: Don't assume the compiler supports declarations after statements.
Jeremy Allison [Sun, 26 Dec 2004 18:51:49 +0000 (18:51 +0000)]
r4369: Patch for bug #2190 (SWAT displaying parameters in UNIX charset)
not utf8. Fixed by Shiro Yamada <shiro@miraclelinux.com>.
Jeremy.
Günther Deschner [Fri, 24 Dec 2004 00:56:30 +0000 (00:56 +0000)]
r4353: Finally get length of munged_dial correct.
Guenther
Günther Deschner [Fri, 24 Dec 2004 00:38:22 +0000 (00:38 +0000)]
r4352: Base64-encode munged-dial with correct length in 'net rpc vampire'.
Guenther
Günther Deschner [Fri, 24 Dec 2004 00:08:15 +0000 (00:08 +0000)]
r4351: Vampire Logon-Hours. Update Logon-Hours only when they have changed.
Guenther
Gerald Carter [Thu, 23 Dec 2004 22:03:29 +0000 (22:03 +0000)]
r4350: bumping version to 3.0.11pre2
Jeremy Allison [Thu, 23 Dec 2004 18:40:50 +0000 (18:40 +0000)]
r4346: Fix cut-and-paste error - bugid #2189. Fixed by Buck Huppmann <buckh@pobox.com>
Jeremy.
Günther Deschner [Thu, 23 Dec 2004 09:36:49 +0000 (09:36 +0000)]
r4343: forgot to add info-level 8 to SAMR_UNKNOWN_2E as well.
Guenther
Andrew Bartlett [Thu, 23 Dec 2004 02:16:57 +0000 (02:16 +0000)]
r4337: Produce a slightly different error message is lanman authentication is
disabled, rather than simply unavailable.
Andrew Bartlett
Günther Deschner [Wed, 22 Dec 2004 23:50:31 +0000 (23:50 +0000)]
r4336: Apply some other samba4 SAMR idl that is just too obvious. Don't hard
set the value "forcibly disconnect remote users from server when logon
hours expire" to "no", instead take the value from our account-policy
storage.
Guenther
Jeremy Allison [Wed, 22 Dec 2004 22:07:04 +0000 (22:07 +0000)]
r4334: Fix for bugid #2186 - from Buck Huppmann <buckh@pobox.com>
to prevent uninitialized creds being freed.
Jeremy.
Günther Deschner [Wed, 22 Dec 2004 16:58:43 +0000 (16:58 +0000)]
r4331: Implement SAMR query_dom_info-call info-level 8 server- and client-side,
based on samba4-idl.
This saves us an enormous amount of totally unnecessary ldap-traffic
when several hundreds of winbind-daemons query a Samba3 DC just to get
the fake SAM-sequence-number (time(NULL)) by enumerating all users, all
groups and all aliases when query-dom-info level 2 is used.
Note that we apparently never get the sequence number right (we parse a
uint32, although it's a uint64, at least in samba4 idl). For the time
being, I would propose to stay with that behaviour.
Guenther
Jeremy Allison [Tue, 21 Dec 2004 23:14:20 +0000 (23:14 +0000)]
r4330: Fix for bug found by Rob Foehl <rwf@loonybin.net>. Remember to
add in the bcc length for readX on named pipes.
Jeremy.
Günther Deschner [Tue, 21 Dec 2004 11:10:28 +0000 (11:10 +0000)]
r4312: Marking "min password length" as depreciated (to be removed in one of
the next releases). The corresponding functionality is better handled
with the account policy. See
https://bugzilla.samba.org/show_bug.cgi?id=1705 for details.
Guenther
Günther Deschner [Tue, 21 Dec 2004 10:26:59 +0000 (10:26 +0000)]
r4311: 'Document' the -L switch when adding groups with "net rpc group".
Guenther
Jeremy Allison [Tue, 21 Dec 2004 07:08:11 +0000 (07:08 +0000)]
r4306: Couple more MALLOC fixes from albert chin (china@thewrittenword.com).
Jeremy.
Jeremy Allison [Tue, 21 Dec 2004 04:34:14 +0000 (04:34 +0000)]
r4305: Fix from Albert Chin (china@thewrittenword.com) to fix the
earlier malloc changes.
Jeremy.
Jeremy Allison [Tue, 21 Dec 2004 01:04:11 +0000 (01:04 +0000)]
r4301: One more *alloc -> SMB_MALLOC (not compiled by default).
Jeremy.
Jeremy Allison [Mon, 20 Dec 2004 22:33:37 +0000 (22:33 +0000)]
r4296: Patch from William Jojo <jojowil@hvcc.edu> to fix HPUX sendfile and add
configure.in tests and code for sendfile on AIX.
Jeremy.
Jeremy Allison [Mon, 20 Dec 2004 22:04:53 +0000 (22:04 +0000)]
r4295: Don't include header len in data write debug.
Jeremy.
Jeremy Allison [Mon, 20 Dec 2004 22:01:42 +0000 (22:01 +0000)]
r4293: Fix inspired by debug trace from Rob Foehl <rwf@loonybin.net> - catch sendfile
errors correctly and return the correct values we want the caller to return (-1
meaning none in correct cases).
Jeremy.
Jeremy Allison [Mon, 20 Dec 2004 21:14:28 +0000 (21:14 +0000)]
r4291: More *alloc fixes inspired by Albert Chin (china@thewrittenword.com).
Jeremy
Günther Deschner [Mon, 20 Dec 2004 18:42:58 +0000 (18:42 +0000)]
r4289: Close LDAP-Connection before retrying to open a new connection in the
retry-loop.
This fixes a deadlock-situation when ldapsam is used with the ldapi
interface: getpeername won't fail while trying to detect dead
connections on unix domain sockets. When the ldapi-connection was closed
server-side (due to OpenLDAP's idletimeout) we *never* got a new LDAP
connection.
Guenther
Günther Deschner [Mon, 20 Dec 2004 12:52:33 +0000 (12:52 +0000)]
r4287: Vampire SAM_DELTA_DOMAIN_INFO.
Based on samba4-idl. The decoding of account-lockout-string is somewhat
experimental though.
Guenther
Günther Deschner [Mon, 20 Dec 2004 11:36:39 +0000 (11:36 +0000)]
r4286: Give back 8 byte lm_session_key in Netrsamlogon-reply.
The old #ifdef JRATEST-block was copying 16 bytes and thus overwriting
acct_flags with bizarre values, breaking a lot of things.
This patch is successfully running in a production environment for quite
some time now and is required to finally allow Exchange 5.5 to access
another Exchange Server when both are running on NT4 in a
samba-controlled domain. This also allows Exchange Replication to take
place, Exchange Administrator to access other Servers in the network,
etc. Fixes Bugzilla #1136.
Thanks abartlet for helping me with that one.
Guenther
Günther Deschner [Mon, 20 Dec 2004 11:05:54 +0000 (11:05 +0000)]
r4285: Allow -v or -l for displaying verbose groupmap-listing as well as
"verbose".
Guenther
Tim Potter [Sun, 19 Dec 2004 03:23:10 +0000 (03:23 +0000)]
r4273: Same fix for r4272 in SAMBA_3_0 branch.
Tim Potter [Sun, 19 Dec 2004 00:53:52 +0000 (00:53 +0000)]
r4270: Add some const as a fix for bugzilla #2135.
Tim Potter [Sun, 19 Dec 2004 00:31:31 +0000 (00:31 +0000)]
r4268: Merge fix for bugzilla #2150.
Tim Potter [Fri, 17 Dec 2004 22:16:30 +0000 (22:16 +0000)]
r4260: Change the license for the winbindd external interface more liberal.
Tim Potter [Fri, 17 Dec 2004 21:59:47 +0000 (21:59 +0000)]
r4259: Fix cast in SMB_XMALLOC_ARRAY. Bugzilla #2168.
Günther Deschner [Fri, 17 Dec 2004 13:14:22 +0000 (13:14 +0000)]
r4258: strlower username, not (non-existing) domain_username.
Guenther
Volker Lendecke [Fri, 17 Dec 2004 11:42:10 +0000 (11:42 +0000)]
r4256: Add a patch from kllin@it.su.se: New Parameter 'afs token lifetime' tells the
AFS client when to throw away a token.
Thanks,
Volker
Volker Lendecke [Fri, 17 Dec 2004 10:20:53 +0000 (10:20 +0000)]
r4254: Add an undocumented hack. I had to delete a wrong mapping (a user that had
ended up as a gid in winbindd_idmap.tdb) from winbindd_idmap.tdb. Stopping
winbind was not an option on that machine....
net idmap delete <idmap-file> <SID>
Thanks,
Volker
Volker Lendecke [Fri, 17 Dec 2004 09:35:54 +0000 (09:35 +0000)]
r4252: Comment clarification from Love Hörnquist Åstrand <lha@stacken.kth.se>.
Thanks,
Volker
Volker Lendecke [Fri, 17 Dec 2004 09:05:41 +0000 (09:05 +0000)]
r4251: AFS does not cope with spaces in file names. Implement a stupid mapping that
maps the space to another character choosable by afsacl:space.
Volker
P.S: Who is "OH"? ;-)
Volker Lendecke [Fri, 17 Dec 2004 08:51:23 +0000 (08:51 +0000)]
r4248: Implement smbstatus -n, don't lookup users and groups. On heavily loaded
winbind systems, looking up hundreds of users can turn out to be a bit too
expensive if you just want to find out which smbd handles a particular IP
address.
Volker
P.S: Who is "OH"? ;-)
Jeremy Allison [Thu, 16 Dec 2004 21:16:48 +0000 (21:16 +0000)]
r4241: More *alloc fixes.
Jeremy.
Jeremy Allison [Thu, 16 Dec 2004 21:14:08 +0000 (21:14 +0000)]
r4238: More *alloc fixes.
Jeremy.
Jeremy Allison [Thu, 16 Dec 2004 21:12:29 +0000 (21:12 +0000)]
r4236: More *alloc fixes.
Jeremy.
Jeremy Allison [Thu, 16 Dec 2004 21:06:33 +0000 (21:06 +0000)]
r4234: More malloc fixes to use the macros.
Jeremy.
Günther Deschner [Wed, 15 Dec 2004 19:37:35 +0000 (19:37 +0000)]
r4226: display infolevel 12 in query_dom_info.
Guenther
Volker Lendecke [Wed, 15 Dec 2004 15:39:23 +0000 (15:39 +0000)]
r4224: Today is not my day ....
Volker Lendecke [Wed, 15 Dec 2004 14:23:15 +0000 (14:23 +0000)]
r4222: Always compile before commit...
Günther Deschner [Wed, 15 Dec 2004 14:16:12 +0000 (14:16 +0000)]
r4221: when in the multi-mapping mode of idmap_rid:
allow BUILTIN domain-mapping.
Guenther
Volker Lendecke [Wed, 15 Dec 2004 13:13:15 +0000 (13:13 +0000)]
r4219: Fix samba3 samr "idl"... According to samba4 idl samr_DomInfo2 contains a
comment string and not an unknown 12 byte structure...
Found after abartlet's smbtorture extended this string to
"Tortured by Samba4: Fri Nov 26 15:40:18 2004 CET"
;-))
Volker
Volker Lendecke [Wed, 15 Dec 2004 12:05:48 +0000 (12:05 +0000)]
r4217: Fix open_any_socket_out.
This was a missing merge from HEAD or rather a commit to 3_0 from the wrong
source. Fixed slightly over HEAD, HEAD merge will follow.
Deal with connection refused according to the specs.
Volker
Günther Deschner [Wed, 15 Dec 2004 10:12:10 +0000 (10:12 +0000)]
r4216: fix segfault in idmap_rid
(only ever shows up when the somewhat hidden
IDMAP_RID_SUPPORT_TRUSTED_DOMAINS - define is set).
Thanks to Stephan Martin <sm@suse.de> for reporting this bug.
Guenther
Jeremy Allison [Wed, 15 Dec 2004 01:25:24 +0000 (01:25 +0000)]
r4212: Ensure we only look at the bottom bit of large_readx.
Set the 14 word version of write if size > 0xffff as
well as 64-bit offset.
Jeremy.
John Terpstra [Tue, 14 Dec 2004 23:05:27 +0000 (23:05 +0000)]
r4208: Set version to 3.0.11
Jeremy Allison [Tue, 14 Dec 2004 01:11:22 +0000 (01:11 +0000)]
r4190: When changing length calculations, get them right......
Jeremy.
Jeremy Allison [Tue, 14 Dec 2004 00:33:53 +0000 (00:33 +0000)]
r4188: Ensure we add in the upper length in the right place !
Jeremy.
Jeremy Allison [Tue, 14 Dec 2004 00:25:11 +0000 (00:25 +0000)]
r4186: Fix client & server to allow 127k READX calls.
Jeremy.
Jeremy Allison [Tue, 14 Dec 2004 00:20:55 +0000 (00:20 +0000)]
r4184: Removed unused extern.
Jeremy.
Simo Sorce [Sat, 11 Dec 2004 17:09:28 +0000 (17:09 +0000)]
r4153: port from trunk of pdbedit changes
Jeremy Allison [Sat, 11 Dec 2004 00:30:28 +0000 (00:30 +0000)]
r4143: Make strict locking an enum. Auto means use oplock optimization.
Jeremy.
Gerald Carter [Fri, 10 Dec 2004 21:08:34 +0000 (21:08 +0000)]
r4134: check the setprinter(3) based on the access permissions on the handle and avoid the call to print_access_chaeck()
Günther Deschner [Fri, 10 Dec 2004 10:42:47 +0000 (10:42 +0000)]
r4130: add bad_password_count and logon_count to vampire (inspired by a patch
from Lars Mueller <lmuelle@suse.de>), just for completeness.
Note that though we have logon_count implemented in all pdb-backends but
never (for good reason!) update the counter.
Guenther
Volker Lendecke [Fri, 10 Dec 2004 10:30:59 +0000 (10:30 +0000)]
r4128: Cron jobs etc seem to do an initgroups for root quite frequently. So
log.winbindd is spammed with 'user root does not exist'. Increase debug level.
Volker
Günther Deschner [Fri, 10 Dec 2004 09:45:03 +0000 (09:45 +0000)]
r4127: vampire munged_dial.
Guenther
Jeremy Allison [Fri, 10 Dec 2004 05:49:48 +0000 (05:49 +0000)]
r4126: Fix from Björn Jacke <bjoern@j3e.de> for bugid #2040 - ensure the locale
is reset to C to get ASCII-compatible toupper/lower functions.
Jeremy.
Jeremy Allison [Thu, 9 Dec 2004 22:10:40 +0000 (22:10 +0000)]
r4121: Optimisation from Nadav Danieli <nadavd@exanet.com>. If we're oplocked,
short circuit some is_locked() tests.
Jeremy.
Jeremy Allison [Thu, 9 Dec 2004 21:42:00 +0000 (21:42 +0000)]
r4120: Never, ever, doubt valgrind :-). Fix order of evaluation bug that's been in the
bitmap code for ever. Remove silly extra space in paranoid malloc.
Jeremy.
Jeremy Allison [Thu, 9 Dec 2004 01:07:06 +0000 (01:07 +0000)]
r4108: As check_self is *always* False in every invokation, remove the
logic for it. We still pass Samba4 RAW-LOCK test.
Jeremy.
Herb Lewis [Wed, 8 Dec 2004 17:30:50 +0000 (17:30 +0000)]
r4103: lock timeout is in milliseconds (as in reply.c)
Gerald Carter [Wed, 8 Dec 2004 03:02:29 +0000 (03:02 +0000)]
r4094: BUG 2107: fix memory bloating caused by large numbers of print_queue_updates() requests sent via messages.tdb
Jeremy Allison [Wed, 8 Dec 2004 01:52:23 +0000 (01:52 +0000)]
r4092: Bring into line with new *alloc rules.
Jeremy.
Gerald Carter [Tue, 7 Dec 2004 19:00:45 +0000 (19:00 +0000)]
r4089: fix logic error in add_a_form() that only compared N characters instead of the entire form name
Jeremy Allison [Tue, 7 Dec 2004 18:25:53 +0000 (18:25 +0000)]
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
Gerald Carter [Mon, 6 Dec 2004 19:25:25 +0000 (19:25 +0000)]
r4083: consolidate printer searches to use find_service rather than for loops
Gerald Carter [Thu, 2 Dec 2004 17:11:18 +0000 (17:11 +0000)]
r4043: BUG 2091: don't remove statically defined printers in remove_stale_printers()
Jeremy Allison [Thu, 2 Dec 2004 00:55:47 +0000 (00:55 +0000)]
r4032: Fix bug #2110 - ensure we convert to ucs2 correctly.
Jeremy.
Gerald Carter [Wed, 1 Dec 2004 21:11:54 +0000 (21:11 +0000)]
r4030: patch from Rob -- don't force the cups printer-make-and-model tag as the comment for autoloaded printers
Gerald Carter [Wed, 1 Dec 2004 21:01:27 +0000 (21:01 +0000)]
r4029: solaris packaging fixes from Rob
Gerald Carter [Wed, 1 Dec 2004 20:11:31 +0000 (20:11 +0000)]
r4028: * prevent the background LPQ daemon from updating
the print queue cache just because multiple smbd
processes sent a message that it was out of date.
* add some extra debug messages while trying to track down
down jobs being left in the queue after printing has
completed.
Jeremy Allison [Tue, 30 Nov 2004 22:57:41 +0000 (22:57 +0000)]
r4023: Code tidyup to fix bug #2098.
Jeremy.
Jeremy Allison [Tue, 30 Nov 2004 18:58:58 +0000 (18:58 +0000)]
r4020: Fix for crash reported by Bård Kalbakk <baard@inett.biz>.
Don't go fishing for the authorisation data unless we
know it's there.
Jeremy.
Gerald Carter [Tue, 30 Nov 2004 15:55:27 +0000 (15:55 +0000)]
r4019: better error logging in register_message_flags() from Rob
Gerald Carter [Tue, 30 Nov 2004 15:52:46 +0000 (15:52 +0000)]
r4018: * move claim_connection from the netbios session request
reply code to the negprot reply code to cope with
client connections on port 445. Fixes the spurious
"register_message_flags: tdb fetch failed" errors.
* don't run the backgroup LPQ daemon when we are running
in interactive mode.
Jeremy Allison [Tue, 30 Nov 2004 06:41:38 +0000 (06:41 +0000)]
r4016: Fix for bug found by Steve French client code (cifsfs) on
POSIX ACL set. You need to *get* a permset_t pointer from the entry before
any of the permset code will accept it as a valid value
Jeremy.
Jeremy Allison [Tue, 30 Nov 2004 01:01:43 +0000 (01:01 +0000)]
r4009: Fix from Timur Bakeyev <timur@com.bat.ru> for bugid #2100,
change the way we check for errors after a dlopen (which
may set internal warnings which get picked up by mistake
in dlsym).
Jeremy
Jeremy Allison [Tue, 30 Nov 2004 00:22:04 +0000 (00:22 +0000)]
r4007: Fix bug #2088 - ensure inherit permissions is only applied on a new file,
not an existing one.
Jeremy.