Michael Adam [Tue, 17 Jun 2008 09:36:21 +0000 (11:36 +0200)]
packaging(RHEL-CTDB): bump Release to ctdb.33 for the next build
Michael
Michael Adam [Wed, 28 May 2008 11:25:31 +0000 (13:25 +0200)]
packaging(RHEL-CTDB): remove the libnss_wins modules to reduce deps.
Michael
Volker Lendecke [Fri, 13 Jun 2008 12:24:05 +0000 (14:24 +0200)]
bump version number to 32
Volker Lendecke [Fri, 13 Jun 2008 10:01:31 +0000 (12:01 +0200)]
Correctly return NULL from messaging_ctdbd_connection if messaging_init failed
Volker Lendecke [Fri, 13 Jun 2008 10:00:24 +0000 (12:00 +0200)]
Exit smbstatus cleanly if messaging_init fails
Volker Lendecke [Fri, 6 Jun 2008 17:45:26 +0000 (19:45 +0200)]
Package 32-bit versions of libtalloc into the winbind rpm
Volker Lendecke [Fri, 6 Jun 2008 11:50:06 +0000 (13:50 +0200)]
Fix README: DOCS_DIR is replaced by DOCS_TARBALL
Volker Lendecke [Fri, 6 Jun 2008 11:49:00 +0000 (13:49 +0200)]
Bump up version number
Michael Adam [Fri, 23 May 2008 16:13:53 +0000 (18:13 +0200)]
packaging(RHEL-CTDB): use /usr/%{_libarch} instead of %{_libdir}
To fix creation of 32bit packges on x86_64
Michael
Michael Adam [Fri, 23 May 2008 16:06:53 +0000 (18:06 +0200)]
packaging(RHEL-CTDB): remove duplicate block from spec file.
Michael
Michael Adam [Fri, 23 May 2008 13:12:01 +0000 (15:12 +0200)]
packaging(RHEL-CTDB): fix placement and link direction of new shared libs
libwbclient, libtalloc, libtdb, and libnetapi are now installed
into /usr/lib{,64} by their SONAME. The symlink is made from
the .so files to point to the SONAME files (e.g., libtdb.so.1).
Michael
Michael Adam [Fri, 23 May 2008 12:03:11 +0000 (14:03 +0200)]
packaging(RHEL-CTDB): bump rpm release to the next version ctdb.29
Michael
Michael Adam [Fri, 23 May 2008 11:44:13 +0000 (13:44 +0200)]
packaging(RHEL-CTDB): add "service winbind condrestart" to "%post common"
Michael
Michael Adam [Fri, 23 May 2008 10:52:21 +0000 (12:52 +0200)]
packaging(RHEL-CTDB): use "/sbin/service smb" instead of "%{initdir}/smb"
Michael
Michael Adam [Fri, 23 May 2008 10:51:32 +0000 (12:51 +0200)]
packaging(RHEL-CTDB): ignore errors from init scripts in pre/post scripts.
Michael
Michael Adam [Fri, 23 May 2008 10:50:14 +0000 (12:50 +0200)]
packaging(RHEL-CTDB): in %preun, first stop the service then deactivate
Michael
Michael Adam [Fri, 23 May 2008 10:48:55 +0000 (12:48 +0200)]
packaging(RHEL-CTDB): use condrestart instead of restart in %post script
Michael
Michael Adam [Fri, 23 May 2008 10:47:42 +0000 (12:47 +0200)]
packaging(RHEL-CTDB): move service smb restart from %postun to %post
What would be the use of restarting a service that has just
been uninstalled...
Michael
Michael Adam [Fri, 23 May 2008 10:26:28 +0000 (12:26 +0200)]
packaging(RHEL-CTDB): move "chkconfig --del winbind" to "%preun common"
remains of winbind are being removed from the main package.
also stop the winbind service in the "%preun common" script.
Michael
Michael Adam [Fri, 23 May 2008 09:58:01 +0000 (11:58 +0200)]
packaging(RHEL-CTDB): remove winbind init script and its linke from main pkg
Winbind along with its libraries and init script is packaged in the
samba-common rpm.
Michael
Michael Adam [Wed, 21 May 2008 09:41:51 +0000 (11:41 +0200)]
packaging: bump the rhel-ctdb rpm releas number to ctbd.28
Michael
Volker Lendecke [Mon, 19 May 2008 14:08:04 +0000 (16:08 +0200)]
Do not call testparm in /etc/init.d/smb
For SOFS, we do know that we have netbios disabled, and testparm in the ctdb
shutdown event locks up due to a locked registry.tdb
Andrew Tridgell [Mon, 21 Apr 2008 16:40:45 +0000 (18:40 +0200)]
keep compatibility with v3-0-ctdb name for fileid:mapping option
Andrew Tridgell [Mon, 21 Apr 2008 16:39:56 +0000 (18:39 +0200)]
update configure.rpm for clustered Samba usage
Volker Lendecke [Mon, 19 May 2008 16:15:06 +0000 (18:15 +0200)]
Add winbind:online check timeout parameter
This is a band-aid for the rather convoluted offline/online mess in winbind
right now. Winbind re-uses the offline functionality that is targeted at domain
client installations on laptops to not overload disfunctional DCs. It uses the
winbind cache timeout as the retry timeout after a DC reboot.
I am using a parametric options because when this mess is cleaned up, that
parameter needs to go away again.
I'd recommend to use something like
winbind:online check timeout = 30
in typical LAN environments. This means a reconnect is attempted every 30
seconds.
Volker
Volker Lendecke [Tue, 12 Aug 2008 20:31:52 +0000 (22:31 +0200)]
Attempt to fix bug 5684
With the ctdb checkin
dde9f3f006 tdb optimized out write lock checks for
write-enabled transaction. Sadly, this also removed the possibility to ever
remove dead records left over from tdb_delete calls within a transaction.
Tridge, please check this! Did
dde9f3f006 have any reason beyond performance
optimizations?
Thanks,
Volker
Volker Lendecke [Tue, 1 Jul 2008 12:24:47 +0000 (14:24 +0200)]
Attempt to fix the build on Irix CC
(cherry picked from commit
666bf8456ac44cbbbd5524af2bf4fd89e18ddf62)
Jeremy Allison [Tue, 12 Aug 2008 21:40:01 +0000 (14:40 -0700)]
Merge from Herb. print correct test status
Jeremy Allison [Tue, 12 Aug 2008 20:35:15 +0000 (13:35 -0700)]
Fix bug 5686 - libsmbclient segfaults with more than one SMBCCTX.
Here is a patch to allow many subsystems to be re-initialized. The only
functional change I made was to remove the null context tracking, as the memory
allocated here is designed to be left for the complete lifetime of the program.
Freeing this early (when all smb contexts are destroyed) could crash other
users of talloc.
Jeremy.
Herb Lewis [Mon, 7 Jul 2008 19:44:13 +0000 (12:44 -0700)]
use variables for files used in multiple places
(cherry picked from commit
cee044bc42d955c535dbb6bb372af01089d37756)
Michael Adam [Tue, 12 Aug 2008 13:19:17 +0000 (15:19 +0200)]
Make sure to always set errno on error path in OpenDir (and hence scan_directory).
Michael
Michael Adam [Tue, 12 Aug 2008 12:59:59 +0000 (14:59 +0200)]
Fix unix_convert() for "*" after changing map_nt_error_from_unix().
map_nt_error_from_unix() now assumes that it is called in
an error path and returns an error even for a given errno == 0.
The original behaviour of unix_convert() used the mapping
of errno == 0 ==> NT_STATUS_OK to return success through
an error path.
I think this must have been an oversight, and unix_convert() worked
only by coincidence (or because explicitly using the knowledge
of the conceptually wrong working of map_nt_error_from_unix().
This patch puts this straight by not interpreting errno == 0
as an error condition and proceeding in that case.
Jeremy - please check!
Michael
Andrew Tridgell [Sun, 10 Aug 2008 00:43:36 +0000 (10:43 +1000)]
I found lots of places where we assume error will be set when calling
one of our virtualised functions, such as db_open(), but error is only
set when a system call fails, and it is not uncommon for us to fail a
function internally without ever making a system call. That led to us
passing back success when a function had in fact failed.
I found two places where we relied on map_nt_error_from_unix()
returning success when errno==0, but lots and lots of places where we
relied on the reverse, so I fixed those two places.
map_nt_error_from_unix() will now always return an error, returning
NT_STATUS_UNSUCCESSFUL if errno is 0
(cherry picked from commit
69d40ca4c1af925d4b0e59ddc69ef8c26e6501d1)
Andrew Tridgell [Mon, 11 Aug 2008 07:21:11 +0000 (17:21 +1000)]
ensure we give an error code to any routines above that are looking
for one
Jeff Layton [Tue, 12 Aug 2008 18:32:54 +0000 (14:32 -0400)]
cifs.upcall: negatively instantiate keys on error
When a request-key upcall exits without instantiating a key, the kernel
will negatively instantiate the key with a 60s timeout. Older kernels,
however seem to also link that key into the session keyring. This
behavior can interefere with subsequent mount attempts until the
key times out. The next request_key() call will get this negative key
even if the upcall would have worked the second time.
Fix this by having cifs.upcall negatively instantiate the key itself
with a 1s timeout and don't attach it to the session keyring.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Volker Lendecke [Tue, 12 Aug 2008 09:59:13 +0000 (11:59 +0200)]
Remove two unused variables
Volker Lendecke [Tue, 29 Jul 2008 07:04:17 +0000 (09:04 +0200)]
Do not create a new mapping if a domain with an explicit config fails
Volker Lendecke [Fri, 18 Jul 2008 10:30:24 +0000 (12:30 +0200)]
Make the docs actually build
Thanks to Karolin for the friendly build service :-)
Volker Lendecke [Thu, 17 Jul 2008 12:05:57 +0000 (14:05 +0200)]
Document idmap rewrite
Volker Lendecke [Thu, 17 Jul 2008 11:32:28 +0000 (13:32 +0200)]
Some doxygen comments for idmap
Volker Lendecke [Wed, 16 Jul 2008 16:14:33 +0000 (18:14 +0200)]
Fix prototypes
Volker Lendecke [Wed, 16 Jul 2008 14:51:46 +0000 (16:51 +0200)]
Remove "idmap alloc config : range" parameter
This was overwritten by "idmap uid/gid" anyway. These are now the range
parameters for the alloc backend.
Volker Lendecke [Sun, 13 Jul 2008 10:07:40 +0000 (12:07 +0200)]
idmap rewrite
Volker Lendecke [Sun, 13 Jul 2008 07:59:57 +0000 (09:59 +0200)]
Remove the multi-ID lookup code and the 3.2.0 version of idmap_cache
Volker Lendecke [Mon, 14 Jul 2008 10:32:18 +0000 (12:32 +0200)]
Directly call backends from idmap_[ugs]_to_[ugs]id
Volker Lendecke [Fri, 11 Jul 2008 11:58:31 +0000 (13:58 +0200)]
Move the gid2sid cache to the parent winbind process
Volker Lendecke [Mon, 7 Jul 2008 20:09:39 +0000 (22:09 +0200)]
Move the uid2sid cache to the parent winbind process
Michael Adam [Tue, 12 Aug 2008 08:18:51 +0000 (10:18 +0200)]
WHATSNEW: fix one occurrence of 3.2.0 to say 3.3.0.
Michael
Günther Deschner [Wed, 30 Jul 2008 19:38:21 +0000 (21:38 +0200)]
libnetjoin: support kerberized joining/unjoing (fix #5416).
Guenther
Günther Deschner [Fri, 1 Aug 2008 17:15:52 +0000 (19:15 +0200)]
netapi: add NetLocalGroupSetMembers example code.
Guenther
Günther Deschner [Fri, 1 Aug 2008 15:13:43 +0000 (17:13 +0200)]
netapi: add NetLocalGroupDelMembers example code.
Guenther
Günther Deschner [Fri, 1 Aug 2008 14:03:00 +0000 (16:03 +0200)]
netapi: add NetLocalGroupAddMembers example code.
Guenther
Günther Deschner [Mon, 11 Aug 2008 17:43:24 +0000 (19:43 +0200)]
netapi: implement NetLocalGroupSetMembers_r().
Guenther
Günther Deschner [Mon, 11 Aug 2008 17:42:42 +0000 (19:42 +0200)]
netapi: implement NetLocalGroupDelMembers_r().
Guenther
Günther Deschner [Fri, 1 Aug 2008 14:02:21 +0000 (16:02 +0200)]
netapi: implement NetLocalGroupAddMembers_r().
Guenther
Günther Deschner [Thu, 31 Jul 2008 14:24:58 +0000 (16:24 +0200)]
netapi: add NetLocalGroup*Member calls to public headers.
Guenther
Günther Deschner [Thu, 31 Jul 2008 14:05:11 +0000 (16:05 +0200)]
netapi: add skeleton for NetLocalGroup*Member calls.
Guenther
Günther Deschner [Mon, 11 Aug 2008 17:08:46 +0000 (19:08 +0200)]
re-run make idl.
Guenther
Günther Deschner [Thu, 31 Jul 2008 14:03:57 +0000 (16:03 +0200)]
netapi: add remaining NetLocalGroup*Member calls to IDL.
Guenther
Günther Deschner [Thu, 31 Jul 2008 19:09:00 +0000 (21:09 +0200)]
netapi: add NetUserModalsGet and NetUserModalsSet tests.
Guenther
Günther Deschner [Thu, 31 Jul 2008 19:08:31 +0000 (21:08 +0200)]
netapi: implement NetUserModalsSet_r.
Guenther
Günther Deschner [Thu, 31 Jul 2008 17:26:29 +0000 (19:26 +0200)]
netapi: implement NetUserModalsGet_r.
Guenther
Günther Deschner [Thu, 31 Jul 2008 15:39:07 +0000 (17:39 +0200)]
netapi: add example code for NetUserModalsGet and NetUserModalsSet.
Guenther
Günther Deschner [Thu, 31 Jul 2008 14:47:15 +0000 (16:47 +0200)]
netapi: add NetUserModalsGet and NetUserModalsSet to public headers.
Guenther
Günther Deschner [Thu, 31 Jul 2008 14:43:27 +0000 (16:43 +0200)]
netapi: add skeleton for NetUserModalsGet and NetUserModalsSet.
Guenther
Günther Deschner [Mon, 11 Aug 2008 17:07:51 +0000 (19:07 +0200)]
re-run make idl.
Guenther
Günther Deschner [Thu, 31 Jul 2008 14:42:42 +0000 (16:42 +0200)]
netapi: add NetUserModalsSet and NetUserModalsGet to IDL.
Guenther
Günther Deschner [Fri, 1 Aug 2008 15:22:00 +0000 (17:22 +0200)]
doserr: add WERR_MEMBER_IN_ALIAS.
Guenther
Günther Deschner [Fri, 1 Aug 2008 14:44:05 +0000 (16:44 +0200)]
netapi: add NetApiBufferAllocate.
Guenther
Günther Deschner [Fri, 1 Aug 2008 13:15:05 +0000 (15:15 +0200)]
netapi: add ConvertStringSidToSid().
Guenther
Günther Deschner [Thu, 31 Jul 2008 19:04:51 +0000 (21:04 +0200)]
netapi: generate the netapi testsuite makefile.
Guenther
Günther Deschner [Mon, 11 Aug 2008 09:20:38 +0000 (11:20 +0200)]
fix build warning.
Guenther
Volker Lendecke [Sat, 9 Aug 2008 19:39:18 +0000 (21:39 +0200)]
Make events robust against their event_context being freed
Volker Lendecke [Sun, 10 Aug 2008 15:53:35 +0000 (17:53 +0200)]
fix smb_len calculation for chained requests
I think chain_reply() is one of the most tricky parts of Samba. This recursion
needs to go away, we need to sequentially walk the chain list.
Volker Lendecke [Sun, 10 Aug 2008 15:37:08 +0000 (17:37 +0200)]
Fix andx offset calculation for more than 2 chained requests
Untested code is broken code.... Test follows later, it's quite an intrusive
change to libsmb/
Volker Lendecke [Sun, 10 Aug 2008 09:33:15 +0000 (11:33 +0200)]
Remove an unused variable, process.c has its static copy
Michael Adam [Fri, 8 Aug 2008 23:04:55 +0000 (01:04 +0200)]
nmbd: add support for delayed initial samlogon packages.
The hosts or networks configured with "init logon delayed hosts"
have their initial samlogon packages (empty username) delayed
by the value configured with "init logon delay" (defaulting
to 100 milliseconds).
This gives the administrator some control over what clients would
consider the preferred logon server: they choose the server that
repsonds most quickly.
Michael
Michael Adam [Fri, 8 Aug 2008 23:03:06 +0000 (01:03 +0200)]
nmbd_packets: make queue_packet() public.
Michael
Michael Adam [Fri, 8 Aug 2008 22:31:48 +0000 (00:31 +0200)]
loadparm: add two parameters "init logon delay hosts" and "init logon delay"
"init logon delays hosts" takes a list of hosts names or addresses
or networks for which the initial SAMLOGON reply should be delayed
(so other DCs get preferred by XP workstations if there are any).
This option takes the same type of list as "hosts allow" does.
"init logon delay" allows one to configure the delay for the hosts
configured for delayed initial samlogon with "init logon delayed hosts".
The value is interpreted as milliseconds. The default value is 100.
This commit only introduces the parameters.
They will be activated in a subsequent commit.
Michael
Michael Adam [Fri, 8 Aug 2008 22:05:38 +0000 (00:05 +0200)]
lib/access: make list_match() public.
Michael
Michael Adam [Fri, 8 Aug 2008 22:03:23 +0000 (00:03 +0200)]
lib/access: make client_match() public.
Michael
Jeremy Allison [Fri, 8 Aug 2008 23:08:11 +0000 (16:08 -0700)]
One more build fix. Ensure we have KRB5_AUTH_CONTEXT_USE_SUBKEY defined before we compile the new code.
Jeremy.
Jeremy Allison [Fri, 8 Aug 2008 22:15:36 +0000 (15:15 -0700)]
Try and fix the build for systems that don't have krb5_auth_con_set_req_cksumtype().
Jeremy.
Jeremy Allison [Fri, 8 Aug 2008 21:33:55 +0000 (14:33 -0700)]
Merge branch 'v3-3-test' of ssh://jra@git.samba.org/data/git/samba into v3-3-test
Jeremy Allison [Fri, 8 Aug 2008 21:32:15 +0000 (14:32 -0700)]
Add Derrick Schommer's <dschommer@F5.com> kerberos delegation patch. Some
work by me and advice by Love.
Jeremy.
Michael Adam [Fri, 8 Aug 2008 21:30:19 +0000 (23:30 +0200)]
build: fix a no previous prototype warning when building without ldap/gssapia
move prototype of dns_create_update_request() to appropriate section in dns.h
Michael
Michael Adam [Fri, 8 Aug 2008 21:03:51 +0000 (23:03 +0200)]
libnet samsync ldif: fix the build without LDAP.
Michael
Yannick Bergeron [Fri, 8 Aug 2008 17:32:15 +0000 (13:32 -0400)]
using NGROUPS_MAX instead of 32 for the max group value in rep_initgroups() subroutine in lib/replace/replace.c
Volker Lendecke [Fri, 8 Aug 2008 16:30:57 +0000 (18:30 +0200)]
Add simple async wrappers around send, recv and connect
To be used later :-)
Jeremy Allison [Fri, 8 Aug 2008 00:55:57 +0000 (17:55 -0700)]
Fix bug #5675 with a varient of Tim Waugh's patch,
as proposed by James Peach.
Jeremy.
Jeremy Allison [Fri, 8 Aug 2008 00:49:19 +0000 (17:49 -0700)]
Fix "might be used uninitialized" warnings.
Jeremy.
Volker Lendecke [Thu, 7 Aug 2008 16:18:10 +0000 (18:18 +0200)]
Fix a build failure on host sunX
Yannick Bergeron [Wed, 6 Aug 2008 17:23:00 +0000 (13:23 -0400)]
Solve an IBM XL C/C++ compiler error encountered in get_exit_code() auth_errors array initialization in client/smbspool.c
Karolin Seeger [Wed, 6 Aug 2008 12:26:41 +0000 (14:26 +0200)]
WHATSNEW: Start WHATSNEW for 3.3.0pre1.
Karolin
Michael Adam [Wed, 6 Aug 2008 11:56:52 +0000 (13:56 +0200)]
libnetapi: fix build of shared library after libnet_join changes.
This needs create_builtin_administrators() and create_builtin_users()
from token_utils now. Did not pop up because the only users of the
shared lib currently are the examples in lib/netapi/examples/
which are not automatically built.
Michael
Andrew Tridgell [Wed, 6 Aug 2008 06:35:43 +0000 (16:35 +1000)]
fixed permissions on ctdb databases
Andrew Tridgell [Wed, 6 Aug 2008 04:02:45 +0000 (14:02 +1000)]
fixed a fd leak when trying to regain contact to a domain controller
in winbind
When a w2k3 DC is rebooted the 139/445 ports come up before the
udp/389 cldap port. During this brief period, winbind manages to
connect to 139/445 but not to udp 389. It then enters a tight loop
where it leaks one fd each time. In a couple of seconds it runs out of
file descriptors, and leaves winbind crippled after the DC does
finally come up
Michael Adam [Tue, 5 Aug 2008 21:38:56 +0000 (23:38 +0200)]
dbwrap: add comment describing behaviour of dbwrap_change_int32_atomic().
Michael
Michael Adam [Tue, 5 Aug 2008 21:14:05 +0000 (23:14 +0200)]
secrets: fix replacemend random seed generator (security issue).
This is a regression introduced by the change to dbwrap.
The replacement dbwrap_change_int32_atomic() does not
correctly mimic the behaviour of tdb_change_int32_atomic():
The intended behaviour is to use *oldval as an initial
value when the entry does not yet exist in the db and to
return the old value in *oldval.
The effect was that:
1. get_rand_seed() always returns sys_getpid() in *new_seed
instead of the incremented seed from the secrets.tdb.
2. the seed stored in the tdb is always starting at 0 instead
of sys_getpid() + 1 and incremented in subsequent calls.
In principle this is a security issue, but i think the danger is
low, since this is only used as a fallback when there is no useable
/dev/urandom, and this is at most called on startup or via
reinit_after_fork.
Michael
Michael Adam [Tue, 5 Aug 2008 21:13:06 +0000 (23:13 +0200)]
dbwrap: add comment describing behaviour of dbwrap_change_uint32_atomic().
Michael