kai/samba.git
8 years agowintest Remove the password expiry as the first step
Andrew Bartlett [Thu, 9 Dec 2010 11:05:14 +0000 (22:05 +1100)]
wintest Remove the password expiry as the first step

This is particularly important before dcpromo, as the password will
otherwise be expired in the new domain.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Dec  9 13:33:00 CET 2010 on sn-devel-104

8 years agowaf: remove the restriction that private libraries must not have a vnum
Andrew Tridgell [Thu, 9 Dec 2010 10:58:20 +0000 (21:58 +1100)]
waf: remove the restriction that private libraries must not have a vnum

we need the vnum for ABI checking for public libraries built as
private libraries when bundled

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Dec  9 12:47:41 CET 2010 on sn-devel-104

8 years agowaf: fixed path to abi_directory
Andrew Tridgell [Thu, 9 Dec 2010 10:49:01 +0000 (21:49 +1100)]
waf: fixed path to abi_directory

this broke in a recent patch

8 years agos4-spnego Match Windows 2008, and no longer supply a name in the CIFS Negprot
Andrew Bartlett [Thu, 9 Dec 2010 06:51:36 +0000 (17:51 +1100)]
s4-spnego Match Windows 2008, and no longer supply a name in the CIFS Negprot

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Dec  9 08:50:28 CET 2010 on sn-devel-104

8 years agos4-lsa Implement kerberos ticket life policy
Andrew Bartlett [Thu, 9 Dec 2010 03:17:54 +0000 (14:17 +1100)]
s4-lsa Implement kerberos ticket life policy

We now no longer print tickets with a potentially infinite life, and
we report the same life over LSA as we use in the KDC.  We should get
this from group policy, but for now it's parametric smb.conf options.

Andrew Bartlett

8 years agos4-tests Workaround new default of 'client ntlmv2 auth = yes' in tests
Andrew Bartlett [Sat, 4 Dec 2010 06:02:49 +0000 (17:02 +1100)]
s4-tests Workaround new default of 'client ntlmv2 auth = yes' in tests

The new default breaks some tests that were assuming LM or NTLM auth

Andrew Bartlett

8 years agos4-client Use NTLMv2 by default in the Samba4 client.
Andrew Bartlett [Sat, 4 Dec 2010 03:59:29 +0000 (14:59 +1100)]
s4-client Use NTLMv2 by default in the Samba4 client.

8 years agowaf: add a dependency between the library and its vscript
Andrew Tridgell [Thu, 9 Dec 2010 02:06:22 +0000 (13:06 +1100)]
waf: add a dependency between the library and its vscript

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Dec  9 04:32:18 CET 2010 on sn-devel-104

8 years agowaf: don't use symbol versioning on our modules
Andrew Tridgell [Thu, 9 Dec 2010 01:30:30 +0000 (12:30 +1100)]
waf: don't use symbol versioning on our modules

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agowaf: use vscripts for our private libraries too
Andrew Tridgell [Thu, 9 Dec 2010 01:24:48 +0000 (12:24 +1100)]
waf: use vscripts for our private libraries too

if the library has a vnum, then use it. If it doesn't have a vnum then
use the application version for symbol versions

8 years agowaf: make mkdir_p on a empty string not recurse forever
Andrew Tridgell [Thu, 9 Dec 2010 01:23:40 +0000 (12:23 +1100)]
waf: make mkdir_p on a empty string not recurse forever

8 years agowaf-abi: auto-generate per-symbol versions from ABI files
Andrew Tridgell [Thu, 9 Dec 2010 00:10:45 +0000 (11:10 +1100)]
waf-abi: auto-generate per-symbol versions from ABI files

This changes our version-script generation to use the ABI files that
are saved in git with each version number change of our public
libraries.

We use these ABI files to generate a linker version script that gives
the exact version number that each symbol was introduced. This
provides us with automatic fine grained symbol versioning.

Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agobuild: do not duplicate the checks for python in samba4
Matthieu Patou [Wed, 8 Dec 2010 21:38:12 +0000 (00:38 +0300)]
build: do not duplicate the checks for python in samba4

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Thu Dec  9 00:47:23 CET 2010 on sn-devel-104

8 years agobuild: Cope with broken libiconv
Matthieu Patou [Wed, 8 Dec 2010 21:17:37 +0000 (00:17 +0300)]
build: Cope with broken libiconv

library iconv needs mbrtowc but some system didn't provide it (ie.
HP-UX 11.0)

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Dec  8 23:19:19 CET 2010 on sn-devel-104

8 years agodcerpc.idl: fix typo 0x800000000 => 0x80000000
Stefan Metzmacher [Wed, 8 Dec 2010 18:01:45 +0000 (19:01 +0100)]
dcerpc.idl: fix typo 0x800000000 => 0x80000000

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Dec  8 20:13:03 CET 2010 on sn-devel-104

8 years agos4:ldb: add ABI/ldb-0.9.20.sigs
Stefan Metzmacher [Wed, 8 Dec 2010 15:08:19 +0000 (16:08 +0100)]
s4:ldb: add ABI/ldb-0.9.20.sigs

metze

8 years agos4:ldb: build libldb and pyldb-util as private libraries when building for samba4
Stefan Metzmacher [Wed, 8 Dec 2010 14:12:57 +0000 (15:12 +0100)]
s4:ldb: build libldb and pyldb-util as private libraries when building for samba4

This matches the behavior of the talloc and tdb builds.

metze

8 years agotalloc: build pytalloc-util with the same logic as libtalloc
Stefan Metzmacher [Wed, 8 Dec 2010 11:42:02 +0000 (12:42 +0100)]
talloc: build pytalloc-util with the same logic as libtalloc

metze

8 years agotalloc: mark pytalloc-util functions as _PUBLIC_
Stefan Metzmacher [Wed, 8 Dec 2010 14:10:21 +0000 (15:10 +0100)]
talloc: mark pytalloc-util functions as _PUBLIC_

metze

8 years agotalloc: remove unused PyString_FromString_check_null() from pytalloc-util
Stefan Metzmacher [Wed, 8 Dec 2010 14:09:33 +0000 (15:09 +0100)]
talloc: remove unused PyString_FromString_check_null() from pytalloc-util

metze

8 years agopidl:Samba4/Python.pm: use PyString_FromStringOrNULL() from pyrpc_util
Stefan Metzmacher [Wed, 8 Dec 2010 14:08:45 +0000 (15:08 +0100)]
pidl:Samba4/Python.pm: use PyString_FromStringOrNULL() from pyrpc_util

metze

8 years agos4:python: add PyString_FromStringOrNULL() to pyrpc_util
Stefan Metzmacher [Wed, 8 Dec 2010 14:07:32 +0000 (15:07 +0100)]
s4:python: add PyString_FromStringOrNULL() to pyrpc_util

metze

8 years agobuildtools: private_libraries should not have a version in the soname
Stefan Metzmacher [Wed, 8 Dec 2010 11:40:19 +0000 (12:40 +0100)]
buildtools: private_libraries should not have a version in the soname

metze

8 years agobuildtools: add the PRIVATE_EXTENSION for private libraries
Stefan Metzmacher [Wed, 8 Dec 2010 11:02:51 +0000 (12:02 +0100)]
buildtools: add the PRIVATE_EXTENSION for private libraries

metze

8 years agobuildtools: make sure we have no '+' in the version scripts
Stefan Metzmacher [Wed, 8 Dec 2010 11:40:59 +0000 (12:40 +0100)]
buildtools: make sure we have no '+' in the version scripts

This happens if '--git-local-changes' was used.

metze

8 years agosmbtorture: use xxxULL notation instead of INT64_C(xxx)
Matthieu Patou [Wed, 8 Dec 2010 12:32:49 +0000 (15:32 +0300)]
smbtorture: use xxxULL notation instead of INT64_C(xxx)

The first one is portable the second not always

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Dec  8 15:48:10 CET 2010 on sn-devel-104

8 years agos4-acl: Replaced talloc_reference with talloc_steal, as aclread is the only one using...
Nadezhda Ivanova [Wed, 8 Dec 2010 12:30:23 +0000 (14:30 +0200)]
s4-acl: Replaced talloc_reference with talloc_steal, as aclread is the only one using this result message.

No need to reference as no one further up the stack uses the result, it is the result of a secondary request sent by aclread.

As a result from code review by Kamen Mazdrashki and Anatoliy Atanasov

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Dec  8 15:01:51 CET 2010 on sn-devel-104

8 years agoAdd ncacn_http (RTS) IDL implementation in dcerpc.idl
Julien Kerihuel [Sun, 5 Dec 2010 22:10:30 +0000 (23:10 +0100)]
Add ncacn_http (RTS) IDL implementation in dcerpc.idl

Signed-off-by: Julien Kerihuel <j.kerihuel@openchange.org>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Wed Dec  8 14:17:45 CET 2010 on sn-devel-104

8 years agoldb: bump version number after introduction of new constant.
Jelmer Vernooij [Wed, 8 Dec 2010 12:19:20 +0000 (13:19 +0100)]
ldb: bump version number after introduction of new constant.

8 years agos4-acl: Fixed incorrect value of LDB_FLAG_INTERNAL_INACCESSIBLE_ATTRIBUTE
Nadezhda Ivanova [Wed, 8 Dec 2010 11:19:27 +0000 (13:19 +0200)]
s4-acl: Fixed incorrect value of LDB_FLAG_INTERNAL_INACCESSIBLE_ATTRIBUTE

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Dec  8 13:31:48 CET 2010 on sn-devel-104

8 years agos4-pkgconfig: add @LIB_RPATH@ to our link flags
Andrew Tridgell [Wed, 8 Dec 2010 09:41:37 +0000 (20:41 +1100)]
s4-pkgconfig: add @LIB_RPATH@ to our link flags

this is only set when rpath is used on install. It ensures that
applications that link against Samba libraries get the rpath right

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Dec  8 12:46:00 CET 2010 on sn-devel-104

8 years agowaf: added --disable-symbol-versions configure option
Andrew Tridgell [Wed, 8 Dec 2010 08:00:00 +0000 (19:00 +1100)]
waf: added --disable-symbol-versions configure option

some people may not want symbol versions.

8 years agos4-ldb: added @LIB_RPATH@ to the ldb pc file
Andrew Tridgell [Wed, 8 Dec 2010 07:47:54 +0000 (18:47 +1100)]
s4-ldb: added @LIB_RPATH@ to the ldb pc file

8 years agowaf: support @LIB_RPATH@ in pc files
Andrew Tridgell [Wed, 8 Dec 2010 07:47:39 +0000 (18:47 +1100)]
waf: support @LIB_RPATH@ in pc files

this will be used to get the needed -Wl,-rpath options into our pc
files

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agos4-acl: Changed the mechanism of attribute removal to speed it up.
Nadezhda Ivanova [Wed, 8 Dec 2010 10:12:34 +0000 (12:12 +0200)]
s4-acl: Changed the mechanism of attribute removal to speed it up.

Instead of using ldb_msg_remove_attr, now we are flagging the attributes to be removed,
and allocating the new elements array to be returned at once. This seems to decrease the
overhead by 50 percent.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Dec  8 12:00:27 CET 2010 on sn-devel-104

8 years agos4-acl: Added a flag to mark an element as failing an access check.
Nadezhda Ivanova [Wed, 8 Dec 2010 10:03:43 +0000 (12:03 +0200)]
s4-acl: Added a flag to mark an element as failing an access check.

8 years agondr: Another try to support the build on non-IPv6 systems
Kai Blin [Mon, 6 Dec 2010 06:43:35 +0000 (07:43 +0100)]
ndr: Another try to support the build on non-IPv6 systems

Signed-off-by: Matthieu Patou <mat@matws.net>
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Dec  8 10:26:00 CET 2010 on sn-devel-104

8 years agos4-param Allow +foo syntax in smb.conf list parsing
Andrew Bartlett [Wed, 8 Dec 2010 05:27:38 +0000 (16:27 +1100)]
s4-param Allow +foo syntax in smb.conf list parsing

The idea here is to allow an smb.conf file to work from the defaults,
rather than override them.  For example, 'server services = +openchange'.

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Dec  8 09:39:06 CET 2010 on sn-devel-104

8 years agos4-spnego use "not_defined_in_RFC4178@please_ignore" if no principal specified
Andrew Bartlett [Wed, 8 Dec 2010 07:52:33 +0000 (18:52 +1100)]
s4-spnego use "not_defined_in_RFC4178@please_ignore" if no principal specified

We need to make this the default, but for now just send it if we have
not been given a target principal.

Andrew Bartlett

8 years agolibcli/auth bring ADS_IGNORE_PRINCIPAL in common
Andrew Bartlett [Sat, 4 Dec 2010 04:23:44 +0000 (15:23 +1100)]
libcli/auth bring ADS_IGNORE_PRINCIPAL in common

8 years agobuild: tru64 needs -shared for building libs
Matthieu Patou [Wed, 8 Dec 2010 06:47:36 +0000 (09:47 +0300)]
build: tru64 needs -shared for building libs

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Dec  8 08:33:54 CET 2010 on sn-devel-104

8 years agowaf: added -Wmissing-prototypes to build
Andrew Tridgell [Wed, 8 Dec 2010 04:04:33 +0000 (15:04 +1100)]
waf: added -Wmissing-prototypes to build

This ensures that we always have a prototype for any function we
declare

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Dec  8 06:12:07 CET 2010 on sn-devel-104

8 years agowaf: make all generators depend on their rules
Andrew Tridgell [Wed, 8 Dec 2010 04:03:35 +0000 (15:03 +1100)]
waf: make all generators depend on their rules

this ensures we rebuild when a constructed rule changes

8 years agos3-waf: fixed version number handling
Andrew Tridgell [Wed, 8 Dec 2010 03:58:12 +0000 (14:58 +1100)]
s3-waf: fixed version number handling

8 years agos4-heimdal: enable symbol versioning in heimdal
Andrew Tridgell [Wed, 8 Dec 2010 03:57:31 +0000 (14:57 +1100)]
s4-heimdal: enable symbol versioning in heimdal

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>

8 years agowaf: use -Wl,--version-script if available
Andrew Tridgell [Wed, 8 Dec 2010 03:52:43 +0000 (14:52 +1100)]
waf: use -Wl,--version-script if available

This enables symbol version on our libraries, if the system supports
it

If the library is a public library, then set the symbol version based
on the major number. If it is a private library then set it based on
the full version number (which will include the git hash if
available).

This ensures that applications using our libraries don't use symbols
from other libraries that they may be linked to. It also ensures we
only use the right version of any private libraries.

Note that the linker ends up generating both a version and unversioned
symbol for all symbols. This means existing users of our public
libraries will continue to work, with symbols resolved to the
unversioned symbol. When applications are re-linked they will bind to
the specific symbol version.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>

8 years agowaf: added configure test for -Wl,--version-script
Andrew Tridgell [Wed, 8 Dec 2010 00:26:32 +0000 (11:26 +1100)]
waf: added configure test for -Wl,--version-script

this checks that the linker supports --version-script

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agos4-dns: dlz_bind9 doesn't need to link to gensec any more
Andrew Tridgell [Wed, 8 Dec 2010 00:29:34 +0000 (11:29 +1100)]
s4-dns: dlz_bind9 doesn't need to link to gensec any more

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agos4-waf: get the version number right on private libraries
Andrew Tridgell [Wed, 8 Dec 2010 00:25:28 +0000 (11:25 +1100)]
s4-waf: get the version number right on private libraries

use the first digit of the version number for the library version

Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>

8 years agos4-dns: use ldb hooks for samba extensions in dlz_bind9
Andrew Tridgell [Tue, 7 Dec 2010 22:58:52 +0000 (09:58 +1100)]
s4-dns: use ldb hooks for samba extensions in dlz_bind9

this avoids linking dlz_bind9 directly to heimdal, which allows a
RTLD_DEEPBIND in ldb module loading to find the right kerberos version

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agos4-ldb: use RTLD_DEEPBIND if available for ldb modules
Andrew Tridgell [Tue, 7 Dec 2010 22:41:25 +0000 (09:41 +1100)]
s4-ldb: use RTLD_DEEPBIND if available for ldb modules

this allows us to avoid issues with ldb using heimdal while an
application using ldb using MIT kerberos

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agos4-dns: allow a remote ldap server to be used with dlz_bind9
Andrew Tridgell [Tue, 7 Dec 2010 22:04:49 +0000 (09:04 +1100)]
s4-dns: allow a remote ldap server to be used with dlz_bind9

this allows for configs like this:

dlz "Samba zone" {
database "dlopen /usr/lib/samba/modules/bind9/dlz_bind9.so
-H ldap://10.0.0.4 -Uadministrator@v2.tridgell.net%penguin -k no";
};

8 years agos4-dsdb: register samba handlers in dsdb module
Andrew Tridgell [Tue, 7 Dec 2010 21:22:21 +0000 (08:22 +1100)]
s4-dsdb: register samba handlers in dsdb module

8 years agos4-ldb: ensure ldb_register_samba_handlers() is not done twice
Andrew Tridgell [Tue, 7 Dec 2010 21:22:07 +0000 (08:22 +1100)]
s4-ldb: ensure ldb_register_samba_handlers() is not done twice

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agowintest: use --add-ref for RODC replication
Andrew Tridgell [Tue, 7 Dec 2010 21:21:40 +0000 (08:21 +1100)]
wintest: use --add-ref for RODC replication

this forces the creation of the repsTo attribute, and allows more
complete testing of RODC replication

8 years agosamba-tools: more reasonable defaults for samba-tool commands
Andrew Tridgell [Tue, 7 Dec 2010 21:20:54 +0000 (08:20 +1100)]
samba-tools: more reasonable defaults for samba-tool commands

- fallback to machine account where possible

- default to local hostname where this is reasonable

8 years agosamba-tools: export doesn't need any credentials
Andrew Tridgell [Tue, 7 Dec 2010 21:19:25 +0000 (08:19 +1100)]
samba-tools: export doesn't need any credentials

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agos4-provision Always run slaptest to convert the config file
Andrew Bartlett [Sat, 4 Dec 2010 02:47:05 +0000 (13:47 +1100)]
s4-provision Always run slaptest to convert the config file

If the directory exists, it does not mean that it is configured - we
may be on a re-run of the provision.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Dec  8 05:19:12 CET 2010 on sn-devel-104

8 years agos4-provision Add an invalid names check for 'domain == netbiosname'
Andrew Bartlett [Sat, 4 Dec 2010 01:34:44 +0000 (12:34 +1100)]
s4-provision Add an invalid names check for 'domain == netbiosname'

(This is also invalid)

Andrew Bartlett

8 years agobuild: fix hpux build pb
Matthieu Patou [Tue, 7 Dec 2010 20:42:15 +0000 (23:42 +0300)]
build: fix hpux build pb

Pair-Programmed-With: Thomas Nagy <tnagy2pow10@gmail.com>

Fix the library extension from .so to .sl
Add full path to library when linking this is needed due to a strange
behavior of HP-UX:

This command: gcc demo demo.c -L dir1/dir2/ -lsomelib
will give a binary with a hard coded lib like dir1/dir2/libsomelib.sl.
Somehow like a partial rpath, it has the first impact of fooling waf
detection of wether the plateform support libraries or not (leading to
being unable to compile samba on HPUX) and the impact of having non
functionnal binaries.

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Dec  8 00:32:50 CET 2010 on sn-devel-104

8 years agodocs: clarify the idmap_rid manpage (bug #7788)
Michael Adam [Tue, 7 Dec 2010 16:30:27 +0000 (17:30 +0100)]
docs: clarify the idmap_rid manpage (bug #7788)

The idmap_rid module should not be used as a default backend.
Also mention that the old snytax "idmap backend = rid:domain=range ..."
is not supported any more.

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec  7 19:07:57 CET 2010 on sn-devel-104

8 years agodocs: clarify the idmap_ad manpage (bug #6322)
Michael Adam [Tue, 7 Dec 2010 14:47:52 +0000 (15:47 +0100)]
docs: clarify the idmap_ad manpage (bug #6322)

The idmap_ad module can not be used as a default backend.

8 years agolibcli/auth: let spnego_write_mech_types() check the asn1_load() return
Stefan Metzmacher [Wed, 1 Dec 2010 23:40:01 +0000 (00:40 +0100)]
libcli/auth: let spnego_write_mech_types() check the asn1_load() return

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Dec  7 18:23:41 CET 2010 on sn-devel-104

8 years agos3:ntlm_auth: support clients which offer a spnego mechs we don't support
Stefan Metzmacher [Wed, 1 Dec 2010 23:39:23 +0000 (00:39 +0100)]
s3:ntlm_auth: support clients which offer a spnego mechs we don't support

Before we rejected the authentication if we don't support the
first spnego mech the client offered.

We now negotiate the first mech we support.

This fix works arround problems, when a client
sends the NEGOEX (1.3.6.1.4.1.311.2.2.30) oid,
which we don't support.

metze

8 years agos3:ntlm_auth: free session key, as we don't use it (at least for now)
Stefan Metzmacher [Wed, 1 Dec 2010 04:52:29 +0000 (05:52 +0100)]
s3:ntlm_auth: free session key, as we don't use it (at least for now)

metze

8 years agos3:ntlm_auth: fix memory leak in the raw ntlmssp code path
Stefan Metzmacher [Wed, 1 Dec 2010 04:50:59 +0000 (05:50 +0100)]
s3:ntlm_auth: fix memory leak in the raw ntlmssp code path

metze

8 years agoMake sure that user exists after running add user script before adding sam account.
Bjoern Baumbach [Tue, 7 Dec 2010 13:36:44 +0000 (14:36 +0100)]
Make sure that user exists after running add user script before adding sam account.

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec  7 17:37:52 CET 2010 on sn-devel-104

8 years agos3-waf: add configure/declaration checks for fdatasync, readahead and splice.
Günther Deschner [Tue, 7 Dec 2010 14:33:51 +0000 (15:33 +0100)]
s3-waf: add configure/declaration checks for fdatasync, readahead and splice.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Dec  7 16:50:23 CET 2010 on sn-devel-104

8 years agos3-waf: add valgrind configure checks.
Günther Deschner [Tue, 7 Dec 2010 13:59:53 +0000 (14:59 +0100)]
s3-waf: add valgrind configure checks.

Guenther

8 years agos4:libnet_samsync_ldb.c - simplify a talloc steal call
Matthias Dieter Wallnöfer [Tue, 7 Dec 2010 13:58:52 +0000 (14:58 +0100)]
s4:libnet_samsync_ldb.c - simplify a talloc steal call

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Dec  7 16:05:30 CET 2010 on sn-devel-104

8 years agos4:libnet_samsync_ldb.c - introduce an error message on failed domain synchronisation
Matthias Dieter Wallnöfer [Tue, 7 Dec 2010 13:57:17 +0000 (14:57 +0100)]
s4:libnet_samsync_ldb.c - introduce an error message on failed domain synchronisation

8 years agos3:registry: improve debug messages about regdb refcount changes
Michael Adam [Fri, 22 Oct 2010 10:16:20 +0000 (12:16 +0200)]
s3:registry: improve debug messages about regdb refcount changes

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec  7 15:18:03 CET 2010 on sn-devel-104

8 years agos3-waf: build vfs_fileid module if possible.
Günther Deschner [Tue, 7 Dec 2010 11:46:50 +0000 (12:46 +0100)]
s3-waf: build vfs_fileid module if possible.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Dec  7 14:01:46 CET 2010 on sn-devel-104

8 years agos3-waf: add support for --with-dnsupdate.
Günther Deschner [Tue, 7 Dec 2010 11:20:09 +0000 (12:20 +0100)]
s3-waf: add support for --with-dnsupdate.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Dec  7 13:07:51 CET 2010 on sn-devel-104

8 years agos3-waf: fix the build of nsstest in the non-devel build.
Günther Deschner [Tue, 7 Dec 2010 11:04:35 +0000 (12:04 +0100)]
s3-waf: fix the build of nsstest in the non-devel build.

Guenther

8 years agos3-waf: fix library names (we installed liblibsmbclient, etc.)
Günther Deschner [Tue, 7 Dec 2010 11:04:11 +0000 (12:04 +0100)]
s3-waf: fix library names (we installed liblibsmbclient, etc.)

Guenther

8 years agos3-waf: fix pam dependencies of the RPC_SAMR server.
Günther Deschner [Tue, 7 Dec 2010 10:49:57 +0000 (11:49 +0100)]
s3-waf: fix pam dependencies of the RPC_SAMR server.

Guenther

8 years agos3: Fix bug 7844: Race in winbind
Volker Lendecke [Mon, 6 Dec 2010 20:45:21 +0000 (12:45 -0800)]
s3: Fix bug 7844: Race in winbind

If a child dies, the parent process right away closes the socket.
This is wrong, with tevent we still have events pending. This works
fine for epoll but does not for at least the FreeBSD select variant.
Tevent sticks a closed socket into the select masks. This then
returns an error EBADF. When this happens, the parent winbind dies
instead of forking a new child.

This moves the socket close from the SIGCHLD cleanup function to
the socket receiver. I could not reproduce the parent death anymore
and it did not create an obvious fd leak.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Dec  6 23:21:02 CET 2010 on sn-devel-104

8 years agos3: Fix bug 7842: WINBIND_LOOKUPRIDS does not return the proper domain name
Volker Lendecke [Sat, 4 Dec 2010 19:16:00 +0000 (20:16 +0100)]
s3: Fix bug 7842: WINBIND_LOOKUPRIDS does not return the proper domain name

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Dec  6 21:18:07 CET 2010 on sn-devel-104

8 years agos3: Fix bug 7841: WINBINDD_LOOKUPRIDS asks the wrong domain
Volker Lendecke [Sat, 4 Dec 2010 19:31:36 +0000 (20:31 +0100)]
s3: Fix bug 7841: WINBINDD_LOOKUPRIDS asks the wrong domain

8 years agos3: Fix bug 7843: Expand the local SAMs aliases
Jeremy Allison [Sun, 5 Dec 2010 19:40:21 +0000 (20:40 +0100)]
s3: Fix bug 7843: Expand the local SAMs aliases

8 years agos3-waf: add pam configure checks.
Günther Deschner [Wed, 1 Dec 2010 20:26:49 +0000 (21:26 +0100)]
s3-waf: add pam configure checks.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Dec  6 17:34:45 CET 2010 on sn-devel-104

8 years agos4-acl: Remove unused variables from aclread module.
Nadezhda Ivanova [Mon, 6 Dec 2010 15:00:56 +0000 (17:00 +0200)]
s4-acl: Remove unused variables from aclread module.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Mon Dec  6 16:48:35 CET 2010 on sn-devel-104

8 years agos4:acl_read LDB module - fix attributes list
Matthias Dieter Wallnöfer [Mon, 6 Dec 2010 13:27:20 +0000 (14:27 +0100)]
s4:acl_read LDB module - fix attributes list

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Dec  6 15:11:44 CET 2010 on sn-devel-104

8 years agos4-acl: Some optimisation of the aclread module
Nadezhda Ivanova [Mon, 6 Dec 2010 11:58:29 +0000 (13:58 +0200)]
s4-acl: Some optimisation of the aclread module

Modified the aclread module to now insert the attributes needed to perform access checks in the same request,
instead of doind a separate search per entry. Also, instanceType is now used to determine id the object has a parent
instead of parentGUID, which saves one additional search in operational.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Mon Dec  6 13:50:19 CET 2010 on sn-devel-104

8 years agos4-acl: Moved aclread module below descriptor and acl.
Nadezhda Ivanova [Mon, 6 Dec 2010 11:53:06 +0000 (13:53 +0200)]
s4-acl: Moved aclread module below descriptor and acl.

The aclread needs to be belod descriptor, as it needs to have the full nTsecurityDescriptor to make the
checks, and the descriptor module may filter out parts of it if SD_FLAGS_CONTROL is provided.

8 years agoRevert "lib/util:tests/time.c - "test_timestring" - fix it on Solaris"
Matthias Dieter Wallnöfer [Mon, 6 Dec 2010 10:28:22 +0000 (11:28 +0100)]
Revert "lib/util:tests/time.c - "test_timestring" - fix it on Solaris"

This reverts commit 654e0102ddb0acaaf45fb55c15818722235fcc9f.
This should better be handled by the replace library.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Dec  6 12:17:31 CET 2010 on sn-devel-104

8 years agolib/util/fault.c - fix "pid_t" printf warning on Solaris
Matthias Dieter Wallnöfer [Mon, 6 Dec 2010 10:27:05 +0000 (11:27 +0100)]
lib/util/fault.c - fix "pid_t" printf warning on Solaris

According to "http://www.ibm.com/developerworks/linux/library/l-solar/"
it's generally a 32bit "int" - therefore this cast should fit.

8 years agos4:torture/locktest.c - fix "pid_t" printf warning on Solaris
Matthias Dieter Wallnöfer [Mon, 6 Dec 2010 10:24:55 +0000 (11:24 +0100)]
s4:torture/locktest.c - fix "pid_t" printf warning on Solaris

According to "http://www.ibm.com/developerworks/linux/library/l-solar/"
it's generally a 32bit "int" - therefore this cast should fit.

8 years agos4:torture/locktest.c - fix one indentation
Matthias Dieter Wallnöfer [Mon, 6 Dec 2010 10:24:12 +0000 (11:24 +0100)]
s4:torture/locktest.c - fix one indentation

8 years agos4:client/client.c - fix Solaris warning by a type cast
Matthias Dieter Wallnöfer [Mon, 6 Dec 2010 10:23:30 +0000 (11:23 +0100)]
s4:client/client.c - fix Solaris warning by a type cast

8 years agos4:fix some shadowed declaration warnings on Solaris by renaming the symbols
Matthias Dieter Wallnöfer [Mon, 6 Dec 2010 10:06:27 +0000 (11:06 +0100)]
s4:fix some shadowed declaration warnings on Solaris by renaming the symbols

8 years agos4-dns: return the correct TTL
Andrew Tridgell [Mon, 6 Dec 2010 06:18:30 +0000 (17:18 +1100)]
s4-dns: return the correct TTL

I've now patched the bind9 sdlz layer to cope with multiple TTLS on a
name/type pair

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Dec  6 08:12:11 CET 2010 on sn-devel-104

8 years agos4-dns: support Samba command line options to the dlz_bind.so module
Andrew Tridgell [Mon, 6 Dec 2010 05:57:12 +0000 (16:57 +1100)]
s4-dns: support Samba command line options to the dlz_bind.so module

this allows setting of Samba command line options in named.conf

8 years agos4-dns: added flags support for dlz_bind9
Andrew Tridgell [Mon, 6 Dec 2010 05:56:18 +0000 (16:56 +1100)]
s4-dns: added flags support for dlz_bind9

this will allow us to set the THREADSAFE flag if we make this
threadsafe. For now we don't set that flag, and let bind9 do the
locking for us.

8 years agos4-dns: a dlz module for bind9
Andrew Tridgell [Mon, 6 Dec 2010 03:12:07 +0000 (14:12 +1100)]
s4-dns: a dlz module for bind9

this module can be loaded into bind9 if bind9 has been built with the
--with-dlz-dlopen option. It provides access bind9 access to the
DNS records in SAMDB.

You can then start bind9 with this in named.conf:

dlz "Samba zone" {
database "dlopen /usr/lib/samba/modules/bind9/dlz_bind9.so";
};

See http://git.samba.org/tridge/bind9.git for a bind9 tree with the
dlz_dlopen driver. See also the discussion on the bind-workers mailing
list

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Dec  6 05:48:30 CET 2010 on sn-devel-104

8 years agoidtree: fix overflow for v. large ids on allocation and removal
Rusty Russell [Mon, 6 Dec 2010 03:05:50 +0000 (13:35 +1030)]
idtree: fix overflow for v. large ids on allocation and removal

Chris Cowan tracked down a SEGV in sub_alloc: idp->level can actually
be equal to 7 (MAX_LEVEL) there, as it can be in sub_remove.

(We unfairly blamed a shift of a signed var for this crash in commit
 2db1987f5a3a).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Mon Dec  6 05:02:22 CET 2010 on sn-devel-104

8 years agos4-repl_meta_data: Print function name when we can't find attribute in Schema cache
Kamen Mazdrashki [Sun, 5 Dec 2010 22:17:43 +0000 (00:17 +0200)]
s4-repl_meta_data: Print function name when we can't find attribute in Schema cache

Same error message is printed by linked_attributes.c module
and it was really hard to tell where the error occurred

Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Mon Dec  6 00:05:59 CET 2010 on sn-devel-104

8 years agos4-linked_attributes: Give more info where an error occured
Kamen Mazdrashki [Sun, 5 Dec 2010 15:19:44 +0000 (17:19 +0200)]
s4-linked_attributes: Give more info where an error occured

We have exact same error messages at different locations
and it is little bit hard to tell where the error came from
from the log.

8 years agos4-repl_meta_data: Remove duplicated check
Kamen Mazdrashki [Sun, 5 Dec 2010 15:11:28 +0000 (17:11 +0200)]
s4-repl_meta_data: Remove duplicated check