kai/samba.git
8 years agowintest: cope with VMs sometimes not rebooting
Andrew Tridgell [Sat, 27 Nov 2010 00:33:52 +0000 (11:33 +1100)]
wintest: cope with VMs sometimes not rebooting

my w2k8 image occasionally gets stuck in the early stages of
booting. This adds code to detect a failed reboot, in which case the
VM is reset

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov 27 02:42:19 CET 2010 on sn-devel-104

8 years agowintest: avoid adding a blank line to resolv.conf on each run
Andrew Tridgell [Fri, 26 Nov 2010 23:28:15 +0000 (10:28 +1100)]
wintest: avoid adding a blank line to resolv.conf on each run

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov 27 01:47:48 CET 2010 on sn-devel-104

8 years agowintest: handle missing firewall commands
Andrew Tridgell [Fri, 26 Nov 2010 23:27:22 +0000 (10:27 +1100)]
wintest: handle missing firewall commands

my w2k3 box doesn't have these firewall commands

8 years agos3-param Fix lp_set_cmdline() to set the flag on alias values too
Andrew Bartlett [Fri, 26 Nov 2010 21:17:09 +0000 (08:17 +1100)]
s3-param Fix lp_set_cmdline() to set the flag on alias values too

Otherwise, -d10 would be overridden by 'debug level = 1', because
debug level is an alias of 'log level' which -d was setting.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Nov 27 01:02:40 CET 2010 on sn-devel-104

8 years agoFix endianess problems as discovered on the build farm
Matthieu Patou [Fri, 26 Nov 2010 20:45:13 +0000 (23:45 +0300)]
Fix endianess problems as discovered on the build farm

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Fri Nov 26 22:32:16 CET 2010 on sn-devel-104

8 years agoldb-tdb: Add more information about full scan
Matthieu Patou [Tue, 23 Nov 2010 21:14:10 +0000 (00:14 +0300)]
ldb-tdb: Add more information about full scan

8 years agos3/configure: fix GNU ld version detection with old gcc releases
Björn Jacke [Fri, 26 Nov 2010 14:14:14 +0000 (15:14 +0100)]
s3/configure: fix GNU ld version detection with old gcc releases

needed as old gcc releases output everything to stderr, even stdout output from
ld

Fixes #7825

Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Fri Nov 26 20:15:24 CET 2010 on sn-devel-104

8 years agos3: Fix filling in the pam_auth_crap domain name
Volker Lendecke [Fri, 26 Nov 2010 09:55:48 +0000 (10:55 +0100)]
s3: Fix filling in the pam_auth_crap domain name

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Nov 26 14:43:20 CET 2010 on sn-devel-104

8 years agos4:rootdse LDB module - remove unused variable
Matthias Dieter Wallnöfer [Fri, 26 Nov 2010 12:10:20 +0000 (13:10 +0100)]
s4:rootdse LDB module - remove unused variable

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Nov 26 13:58:27 CET 2010 on sn-devel-104

8 years agos4:objectclass LDB module - simply use "msg" when requesting the message
Matthias Dieter Wallnöfer [Fri, 26 Nov 2010 12:08:27 +0000 (13:08 +0100)]
s4:objectclass LDB module - simply use "msg" when requesting the message

8 years agos4:objectclass LDB module - move the "mem_ctx" allocation to a better place
Matthias Dieter Wallnöfer [Fri, 26 Nov 2010 12:03:59 +0000 (13:03 +0100)]
s4:objectclass LDB module - move the "mem_ctx" allocation to a better place

It's only needed if we've a schema around.

8 years agos4-dsdb Reorganise and clarify the LSA objectClass check (forbidden on LDAP)
Andrew Bartlett [Thu, 25 Nov 2010 23:11:30 +0000 (10:11 +1100)]
s4-dsdb Reorganise and clarify the LSA objectClass check (forbidden on LDAP)

This arranged the check to avoid talloc_strdup() (the schema pointers
are constant, and can be relied upon), and checks the untrusted bit
first (it is faster), before the ldb_attr_cmp().

The strcmp() here was valid, if unusual, because the ldapDisplayName
values are already in the correct case, but strcasecmp() is more
correct, as for the small extra cost, we avoid a difficult to diagnose
bug later.

Andrew Bartlett

Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
8 years agos4-objectclass Use a specific local variable name, not 'value'
Andrew Bartlett [Thu, 25 Nov 2010 23:10:01 +0000 (10:10 +1100)]
s4-objectclass Use a specific local variable name, not 'value'

This makes it clearer what the local variable in use here does.

Andrew Bartlett

Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
8 years agos4-kcc: fixed valgrind errors in drs replicaInfo server side
Andrew Tridgell [Fri, 26 Nov 2010 01:38:06 +0000 (12:38 +1100)]
s4-kcc: fixed valgrind errors in drs replicaInfo server side

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Nov 26 03:52:30 CET 2010 on sn-devel-104

8 years agos4-provision: fixed eadb automatic and manual setting in provision
Andrew Tridgell [Fri, 26 Nov 2010 01:10:55 +0000 (12:10 +1100)]
s4-provision: fixed eadb automatic and manual setting in provision

we should not set posix:eadb in lp in the acl native test code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agowintest: do an initial replication of CN=Configuration to transfer dnsHostname
Andrew Tridgell [Fri, 26 Nov 2010 00:36:29 +0000 (11:36 +1100)]
wintest: do an initial replication of CN=Configuration to transfer dnsHostname

this fixes the drs replication in the dcpromo test

8 years agowintest: fixed "rndc command" option in provision
Andrew Tridgell [Fri, 26 Nov 2010 00:33:49 +0000 (11:33 +1100)]
wintest: fixed "rndc command" option in provision

we need to point at the generated rndc.conf

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agowintest: make IPv6 optional in wintest
Andrew Tridgell [Fri, 26 Nov 2010 00:33:10 +0000 (11:33 +1100)]
wintest: make IPv6 optional in wintest

we need some more work on IPv6 support in s4 before this works

8 years agos4-provision: don't try to look for an IPv6 address when not specified
Andrew Tridgell [Thu, 25 Nov 2010 23:20:03 +0000 (10:20 +1100)]
s4-provision: don't try to look for an IPv6 address when not specified

the getaddrinfo() method of finding an IPv6 address is incorrect. We
could do it via the Samba interfaces code, but until we have that it
is better to not try to auto-detect IPv6

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

8 years agolibrpc: fix builds without IPv6 suport (HP-UX 11.00)
Björn Jacke [Fri, 26 Nov 2010 01:17:14 +0000 (02:17 +0100)]
librpc: fix builds without IPv6 suport (HP-UX 11.00)

Kai, please check.

Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Fri Nov 26 03:07:21 CET 2010 on sn-devel-104

8 years agos3/smbtorture: use $MAKE to build to make sure we use the make that makes our build
Björn Jacke [Fri, 26 Nov 2010 01:14:09 +0000 (02:14 +0100)]
s3/smbtorture: use $MAKE to build to make sure we use the make that makes our build

8 years agoѕ3/configue: set Tru64 cc's PIC switch right (none)
Björn Jacke [Fri, 26 Nov 2010 00:32:53 +0000 (01:32 +0100)]
ѕ3/configue: set Tru64 cc's PIC switch right (none)

-fPIC made shared library builds fail there

8 years agos4-dsdb Remove rootDSE and anonymous checks from acl_read
Andrew Bartlett [Thu, 25 Nov 2010 05:17:10 +0000 (16:17 +1100)]
s4-dsdb Remove rootDSE and anonymous checks from acl_read

The rootdse module handles rootDSE requests, and blocks anonymous
access, so we on't need to do it again here.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Nov 26 00:36:19 CET 2010 on sn-devel-104

8 years agos4-dsdb Add 'block anonymous' checks to the rootdse module
Andrew Bartlett [Thu, 25 Nov 2010 05:13:17 +0000 (16:13 +1100)]
s4-dsdb Add 'block anonymous' checks to the rootdse module

This ensures that one single point checks for and blocks anonymous
read access to the database over LDAP.

Andrew Bartlett

8 years agos4-dsdb Remove mem_ctx argument from dsdb_module_find_dsheuristics().
Andrew Bartlett [Thu, 25 Nov 2010 05:12:39 +0000 (16:12 +1100)]
s4-dsdb Remove mem_ctx argument from dsdb_module_find_dsheuristics().

A function that does not return memory should not take a memory context.

Andrew Bartlett

8 years agos4-tests: Made acl tests to reconnect if dSHeuristics is being manipulated
Nadezhda Ivanova [Thu, 25 Nov 2010 19:01:05 +0000 (21:01 +0200)]
s4-tests: Made acl tests to reconnect if dSHeuristics is being manipulated

Also made password tests set dSHeuristics only once rather that once per test.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 25 20:48:38 CET 2010 on sn-devel-104

8 years agos4-tests: Modified create_ou to only accept security.descriptor type for sd to avoid...
Nadezhda Ivanova [Thu, 25 Nov 2010 17:57:51 +0000 (19:57 +0200)]
s4-tests: Modified create_ou to only accept security.descriptor type for sd to avoid confusion

It used to work with sddl as well, but this is confusing and could lead to errors. It also caused a message about tallocing a security descriptor to appear.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 25 19:46:42 CET 2010 on sn-devel-104

8 years agos4-dsdb: Switched to using a dictionary in create_ou for consistency.
Nadezhda Ivanova [Thu, 25 Nov 2010 12:25:28 +0000 (14:25 +0200)]
s4-dsdb: Switched to using a dictionary in create_ou for consistency.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 25 14:12:52 CET 2010 on sn-devel-104

8 years agos4-dsdb: Fixed wrong assignment of name attribute to description atribute in create_ou.
Nadezhda Ivanova [Thu, 25 Nov 2010 12:02:51 +0000 (14:02 +0200)]
s4-dsdb: Fixed wrong assignment of name attribute to description atribute in create_ou.

8 years agos4:lsa RPC server / objectclass LDB module - fix the creation of trusted domain objects
Matthias Dieter Wallnöfer [Thu, 25 Nov 2010 08:33:47 +0000 (09:33 +0100)]
s4:lsa RPC server / objectclass LDB module - fix the creation of trusted domain objects

Tridge pointed out that it is to dangerous to allow them to be created
with SYSTEM permissions. The solution using the "untrusted" flag should
be much more viable.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Nov 25 13:05:56 CET 2010 on sn-devel-104

8 years agos4-tests: Modified speedtest.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:16:14 +0000 (01:16 +0200)]
s4-tests: Modified speedtest.py to use samba.tests.delete_force

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 25 01:28:19 CET 2010 on sn-devel-104

8 years agos4-tests: Modified sec_descriptor.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:15:24 +0000 (01:15 +0200)]
s4-tests: Modified sec_descriptor.py to use samba.tests.delete_force

8 years agos4-tests: Modified sam.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:14:58 +0000 (01:14 +0200)]
s4-tests: Modified sam.py to use samba.tests.delete_force

8 years agos4-tests: Modified passwords.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:13:47 +0000 (01:13 +0200)]
s4-tests: Modified passwords.py to use samba.tests.delete_force

8 years agos4-tests: delete_force was unused, removed it.
Nadezhda Ivanova [Wed, 24 Nov 2010 23:13:24 +0000 (01:13 +0200)]
s4-tests: delete_force was unused, removed it.

8 years agos4-tests: Modified ldap_schema.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:12:42 +0000 (01:12 +0200)]
s4-tests: Modified ldap_schema.py to use samba.tests.delete_force

8 years agos4-tests: Modified ldap.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:12:18 +0000 (01:12 +0200)]
s4-tests: Modified ldap.py to use samba.tests.delete_force

8 years agos4-tests: Modified deletetest.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:11:57 +0000 (01:11 +0200)]
s4-tests: Modified deletetest.py to use samba.tests.delete_force

8 years agos4-tests: Modified bind.py to use samba.tests.delete_force
Nadezhda Ivanova [Wed, 24 Nov 2010 23:11:29 +0000 (01:11 +0200)]
s4-tests: Modified bind.py to use samba.tests.delete_force

8 years agos4-tests: Modified acly.py to use common delete_force instead of defining its own.
Nadezhda Ivanova [Wed, 24 Nov 2010 15:48:56 +0000 (17:48 +0200)]
s4-tests: Modified acly.py to use common delete_force instead of defining its own.

8 years agos4-tests: Added a common definition of delete_force.
Nadezhda Ivanova [Wed, 24 Nov 2010 15:47:27 +0000 (17:47 +0200)]
s4-tests: Added a common definition of delete_force.

8 years agos4-smbtorture: pick a better printer in RPC-SPOOLSS-ACCESS.
Günther Deschner [Wed, 24 Nov 2010 09:57:09 +0000 (10:57 +0100)]
s4-smbtorture: pick a better printer in RPC-SPOOLSS-ACCESS.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov 24 22:07:33 CET 2010 on sn-devel-104

8 years agos4:objectclass LDB module - LSA objects - allow them if the SYSTEM control is specified
Matthias Dieter Wallnöfer [Tue, 23 Nov 2010 14:15:09 +0000 (15:15 +0100)]
s4:objectclass LDB module - LSA objects - allow them if the SYSTEM control is specified

This fits better than the RELAX one.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Nov 24 18:23:01 CET 2010 on sn-devel-104

8 years agos4:objectclass LDB module - move one checks into the "objectclass derivation loop"
Matthias Dieter Wallnöfer [Tue, 23 Nov 2010 14:07:49 +0000 (15:07 +0100)]
s4:objectclass LDB module - move one checks into the "objectclass derivation loop"

This denies objects created from possible derivated classes from the prohibited
ones.

Also small cosmetic improvements for another check.

8 years agos4:objectclass LDB module - some more or less cosmetic return value macro changes
Matthias Dieter Wallnöfer [Wed, 24 Nov 2010 16:02:35 +0000 (17:02 +0100)]
s4:objectclass LDB module - some more or less cosmetic return value macro changes

Sometimes "ldb_module_oom" fits better than "ldb_operr" or "ldb_oom".

8 years agos4-tests: Modified sec_descriptor to use samdb.newgroup instead of locally defined...
Nadezhda Ivanova [Wed, 24 Nov 2010 15:18:09 +0000 (17:18 +0200)]
s4-tests: Modified sec_descriptor to use samdb.newgroup instead of locally defined method.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Nov 24 17:38:28 CET 2010 on sn-devel-104

8 years agos4-dsdb: Extended samdb.newgroup to set the group's security descriptor.
Nadezhda Ivanova [Wed, 24 Nov 2010 15:17:15 +0000 (17:17 +0200)]
s4-dsdb: Extended samdb.newgroup to set the group's security descriptor.

8 years agos3:winbind correct a copy&paste error
Christian Ambach [Wed, 24 Nov 2010 10:57:59 +0000 (11:57 +0100)]
s3:winbind correct a copy&paste error

negative results of sid->gid lookups should be stored with
idmap_cache_set_sid2gid instead of idmap_cache_set_sid2uid

This seems to be a copy&paste error when similar logic from the
sid2uid path was copied here in 84b88f4b.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Nov 24 16:53:01 CET 2010 on sn-devel-104

8 years agos3: Correctly calculate the wbinfo -s result
Volker Lendecke [Tue, 23 Nov 2010 13:28:45 +0000 (14:28 +0100)]
s3: Correctly calculate the wbinfo -s result

8 years agos3-test: try to avoid a problem of CFLAGS propogating to the torture build
Andrew Tridgell [Wed, 24 Nov 2010 12:53:38 +0000 (23:53 +1100)]
s3-test: try to avoid a problem of CFLAGS propogating to the torture build

CFLAGS is set by s3 to include -D_SAMBA_BUILD_=3. We need to ensure
this does not propogate to the smbtorture4 build

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov 24 14:40:16 CET 2010 on sn-devel-104

8 years agowintest: added an IPv6 address, and use fully qualified hostname
Andrew Tridgell [Wed, 24 Nov 2010 06:48:39 +0000 (17:48 +1100)]
wintest: added an IPv6 address, and use fully qualified hostname

this also makes the resolv.conf handling more robust

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov 24 11:34:30 CET 2010 on sn-devel-104

8 years agos3-libnetapi Load case tables earlier
Andrew Bartlett [Wed, 24 Nov 2010 07:04:02 +0000 (18:04 +1100)]
s3-libnetapi Load case tables earlier

If we don't load the case tables as the 'first' thing we do, we will
segfault on the first case insensitive string comparison.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Nov 24 09:21:05 CET 2010 on sn-devel-104

8 years agos3-libnetapi Add function header comments
Andrew Bartlett [Wed, 24 Nov 2010 06:59:41 +0000 (17:59 +1100)]
s3-libnetapi Add function header comments

Andrew Bartlett

8 years agos3-netapi Add libnetapi_net_init(), don't double-init common Samba subsystems
Andrew Bartlett [Sun, 21 Nov 2010 09:40:50 +0000 (20:40 +1100)]
s3-netapi Add libnetapi_net_init(), don't double-init common Samba subsystems

The issue here is that libnet and net were both trying to load the
smb.conf files, the case tables and set the debug levels.  The set of
the debug levels caused problems, because it would force the level to
0, not (say) 10 as requested on the command line.

This regression was apparently introduced in
cf4de8ec2c8df2ceabbe3d836d296b058e7b19fb when eliminating
AllowDebugChange.

Andrew Bartlett

8 years agolib/debug Add clarifying comments
Andrew Bartlett [Tue, 2 Nov 2010 20:09:45 +0000 (07:09 +1100)]
lib/debug Add clarifying comments

8 years agowintest Don't connect to localhost or unqualified hostname, bind interface only
Andrew Bartlett [Wed, 24 Nov 2010 02:46:22 +0000 (13:46 +1100)]
wintest Don't connect to localhost or unqualified hostname, bind interface only

Instead, connect to ${INTERFACE_IP} and the fully qualified hostname,
so that we talk to the the interface where Samba is (now) bound.
Using 'bind interfaces only' means that the other Samba instances
(properly configured) can still run while the tests progress.

(killall operations that currently terminate other Samba instances
still need work).

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Nov 24 08:33:03 CET 2010 on sn-devel-104

8 years agos4-setup correct the require BIND version for Dynamic DNS
Andrew Bartlett [Wed, 24 Nov 2010 00:49:18 +0000 (11:49 +1100)]
s4-setup correct the require BIND version for Dynamic DNS

8 years agowintest: fixed cleanup of /etc/resolv.conf
Andrew Tridgell [Wed, 24 Nov 2010 05:42:43 +0000 (16:42 +1100)]
wintest: fixed cleanup of /etc/resolv.conf

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov 24 07:29:49 CET 2010 on sn-devel-104

8 years agowintest: remove reliance on hostname in /etc/hosts
Andrew Tridgell [Wed, 24 Nov 2010 03:16:35 +0000 (14:16 +1100)]
wintest: remove reliance on hostname in /etc/hosts

- don't setwinvars() in test code
- use fully qualified names where possible
- don't delete named and rndc config

8 years agowintest: fixed interface handling and DNS forwarding
Andrew Tridgell [Wed, 24 Nov 2010 02:36:21 +0000 (13:36 +1100)]
wintest: fixed interface handling and DNS forwarding

- allow for _IP vars on VMs
- resolve IPs using nmblookup
- forward DNS requests for windows domains

8 years agoAdd in fsp->access_mask checks. Not required (underlying system does this)
Jeremy Allison [Tue, 23 Nov 2010 23:59:33 +0000 (15:59 -0800)]
Add in fsp->access_mask checks. Not required (underlying system does this)
but makes logic cleaner. Pointed out by Metze.

Jeremy.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 24 01:47:13 CET 2010 on sn-devel-104

8 years agos4-devel: we don't need to override these scripts now
Andrew Tridgell [Tue, 23 Nov 2010 23:11:14 +0000 (10:11 +1100)]
s4-devel: we don't need to override these scripts now

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov 24 01:02:43 CET 2010 on sn-devel-104

8 years agos3-torture: remove the merged_build tests for building smbtorture4
Andrew Tridgell [Tue, 23 Nov 2010 23:06:38 +0000 (10:06 +1100)]
s3-torture: remove the merged_build tests for building smbtorture4

s3 now builds smbtorture4 if the required packages (perl, python, ads)
are available. This should ensure that smbtorture4 is built in the
build farm when possible

8 years agos4-dynconfig: override more paths when running from the build directory
Andrew Tridgell [Tue, 23 Nov 2010 11:44:53 +0000 (22:44 +1100)]
s4-dynconfig: override more paths when running from the build directory

this ensures consistency between binaries and scripts when testing as
a developer

8 years agos4-kcc: disable the NDR printing of DRS getinfo requests
Andrew Tridgell [Tue, 23 Nov 2010 11:43:33 +0000 (22:43 +1100)]
s4-kcc: disable the NDR printing of DRS getinfo requests

8 years agoFix bug #7812 - vfs_acl_xattr/vfs_acl_tdb: ACL inheritance cannot be disabled
Jeremy Allison [Tue, 23 Nov 2010 22:31:43 +0000 (14:31 -0800)]
Fix bug #7812 - vfs_acl_xattr/vfs_acl_tdb: ACL inheritance cannot be disabled

We were losing the incoming security descriptor revision number and
most importantly the "type" field as sent by the client. Ensure we
correctly store these in the xattr object.

Jeremy.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 24 00:18:57 CET 2010 on sn-devel-104

8 years agopyldb: Fix broken test.
Jelmer Vernooij [Tue, 23 Nov 2010 20:39:34 +0000 (21:39 +0100)]
pyldb: Fix broken test.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Tue Nov 23 23:20:38 CET 2010 on sn-devel-104

8 years agoMake log level of the server configurable in make test
Matthieu Patou [Tue, 23 Nov 2010 20:47:36 +0000 (23:47 +0300)]
Make log level of the server configurable in make test

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Tue Nov 23 22:36:37 CET 2010 on sn-devel-104

8 years agos4-tests: Modified acl.py to use samdb.newgroup instead of custom methods.
Nadezhda Ivanova [Tue, 23 Nov 2010 19:59:39 +0000 (21:59 +0200)]
s4-tests: Modified acl.py to use samdb.newgroup instead of custom methods.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Tue Nov 23 21:46:07 CET 2010 on sn-devel-104

8 years agos4-dsdb: Changed filter to find the account of a user by samAccountName
Nadezhda Ivanova [Tue, 23 Nov 2010 19:54:09 +0000 (21:54 +0200)]
s4-dsdb: Changed filter to find the account of a user by samAccountName

In newuser, a filter by dn was given to setpassword to find the account whose password is to be reset.
It appears however that if given filter of type (dn=CN=smth) Windows fails to return the entry, and the
tests that use newuser fail against it. Changed to use samAccountName instead.

8 years agoFix bug #7785 - atime limit.
Jeremy Allison [Tue, 23 Nov 2010 19:12:17 +0000 (11:12 -0800)]
Fix bug #7785 - atime limit.

On a 64-bit time_t system make MAX_TIME_T the max value that
can be represented in a struct tm. This allows applications to
set times in the future beyond the 32-bit time_t limit (2037).

This is only in source3/configure.in, needs adding to the waf
configure/build system (but I'll need help with that).

Jeremy.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Nov 23 21:00:14 CET 2010 on sn-devel-104

8 years agos4-test/repl_schema: Refactor the test a little bit to
Kamen Mazdrashki [Tue, 23 Nov 2010 15:15:21 +0000 (17:15 +0200)]
s4-test/repl_schema: Refactor the test a little bit to

- Cleanup imports
- make sure we have testtools and subunit imported
- use dictionaries instead of LDIFs for schema modification
  so now callers for _make_class can easily add new attributes
  for created class
- simplify a little bit classSchema creation
- test attributeSchema replication

Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Tue Nov 23 18:44:46 CET 2010 on sn-devel-104

8 years agos4-tests: Make all DRS python tests to start with samba4.drs.* prefix
Kamen Mazdrashki [Wed, 10 Nov 2010 04:15:19 +0000 (06:15 +0200)]
s4-tests: Make all DRS python tests to start with samba4.drs.* prefix

8 years agos4-pfm_verify: Explicitly pass LoadParm() instance to system_session() function
Kamen Mazdrashki [Tue, 23 Nov 2010 15:19:29 +0000 (17:19 +0200)]
s4-pfm_verify: Explicitly pass LoadParm() instance to system_session() function

Otherwise system_session() creates a LoadParm() instance
wich resets certain params to their defaults from smb.conf
("log level" for instance)

8 years agos4-tests: Modified sec_descriptor.py to use samdb.newuser instead of custom methods.
Nadezhda Ivanova [Tue, 23 Nov 2010 15:52:55 +0000 (17:52 +0200)]
s4-tests: Modified sec_descriptor.py to use samdb.newuser instead of custom methods.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Tue Nov 23 17:58:38 CET 2010 on sn-devel-104

8 years agos4-tests: Modified acl.py to use samdb.newuser instead of custom methods.
Nadezhda Ivanova [Tue, 23 Nov 2010 15:51:40 +0000 (17:51 +0200)]
s4-tests: Modified acl.py to use samdb.newuser instead of custom methods.

8 years agos4-dsdb: Extended samdb.newuser to accept security descriptor for the object and...
Nadezhda Ivanova [Tue, 23 Nov 2010 15:48:53 +0000 (17:48 +0200)]
s4-dsdb: Extended samdb.newuser to accept security descriptor for the object and optionally skip password reset

Sometimes for testing purposes we create users without any permissions on their objects and password reset
cannot be performed at that point, and is not necessary. For this purpose we can now optionally skip this step.
The default is still to reset the user password.
Also, a security.descriptor object can be specified during the user creation to override using the default one.
defaultSecurityDescriptor is still used by default.

8 years agos3-docs: Update 3.2 features.
Samba-JP oota [Tue, 23 Nov 2010 16:06:48 +0000 (17:06 +0100)]
s3-docs: Update 3.2 features.

8 years agos4-tests: Modified sec_descriptor.py to use SamDB.create_ou()
Nadezhda Ivanova [Tue, 23 Nov 2010 12:33:11 +0000 (14:33 +0200)]
s4-tests: Modified sec_descriptor.py to use SamDB.create_ou()

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Tue Nov 23 14:19:34 CET 2010 on sn-devel-104

8 years agos4-tests: Modified acl.py to use SamDB.create_ou()
Nadezhda Ivanova [Tue, 23 Nov 2010 12:32:42 +0000 (14:32 +0200)]
s4-tests: Modified acl.py to use SamDB.create_ou()

8 years agos4-dsdb: Added a python method to SamDB for creating organizationalUnits
Nadezhda Ivanova [Tue, 23 Nov 2010 12:31:34 +0000 (14:31 +0200)]
s4-dsdb: Added a python method to SamDB for creating organizationalUnits

8 years agowintest: tidyups and new conf variables
Andrew Tridgell [Tue, 23 Nov 2010 09:20:18 +0000 (20:20 +1100)]
wintest: tidyups and new conf variables

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Nov 23 13:01:10 CET 2010 on sn-devel-104

8 years agos4-ldb: added an environment varibale LDB_WARN_UNINDEXED
Andrew Tridgell [Tue, 23 Nov 2010 09:19:49 +0000 (20:19 +1100)]
s4-ldb: added an environment varibale LDB_WARN_UNINDEXED

when LDB_WARN_UNINDEXED is set, we produce warnings about unindexed
searches. This makes it easier to find performance problems caused by
unindexed searches.

8 years agos4-tests: Ldap tests now use the get_dsheuristics and set_dsheuristics from SamDB.
Nadezhda Ivanova [Tue, 23 Nov 2010 09:22:10 +0000 (11:22 +0200)]
s4-tests: Ldap tests now use the get_dsheuristics and set_dsheuristics from SamDB.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Tue Nov 23 11:08:37 CET 2010 on sn-devel-104

8 years agos4-tests: Password tests now use the get_dsheuristics and set_dsheuristics from SamDB.
Nadezhda Ivanova [Tue, 23 Nov 2010 09:21:47 +0000 (11:21 +0200)]
s4-tests: Password tests now use the get_dsheuristics and set_dsheuristics from SamDB.

8 years agos4-tests: Acl tests now use the get_dsheuristics and set_dsheuristics from SamDB.
Nadezhda Ivanova [Tue, 23 Nov 2010 09:21:22 +0000 (11:21 +0200)]
s4-tests: Acl tests now use the get_dsheuristics and set_dsheuristics from SamDB.

8 years agos4-dsdb: Added python helpers for getting and seting dSHeuristics to SamDB
Nadezhda Ivanova [Tue, 23 Nov 2010 09:20:12 +0000 (11:20 +0200)]
s4-dsdb: Added python helpers for getting and seting dSHeuristics to SamDB

8 years agowintest Evolve wintest to handle it's own BIND nameserver
Andrew Bartlett [Tue, 23 Nov 2010 06:38:31 +0000 (17:38 +1100)]
wintest Evolve wintest to handle it's own BIND nameserver

The changes here start our own copy of BIND, listening on a new
interface that we create at the start of the script.  The user must
specify the IP address etc that this interface will have, and BIND and
Samba will bind to that interface only.

This means that we won't conflict with an existing BIND on the system,
so long as it isn't configured to listen on all interfaces.

We also auto-create the /etc/resolv.conf and restore it at the end of
the script, using the existing server value from the script as a
forwarder.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Nov 23 08:30:34 CET 2010 on sn-devel-104

8 years agowintest Improve wintest's handling of IP addresses and add more auto-setup
Andrew Bartlett [Tue, 23 Nov 2010 04:04:31 +0000 (15:04 +1100)]
wintest Improve wintest's handling of IP addresses and add more auto-setup

 - Don't change the IP address if DHCP is not in use

   The main reason to 'fix' the IP is to get around Dynamic DNS issues caused
   by the DHCP server, if the VM is already on a fixed IP, it does not matter.

 - Set the maximum telnet connection limit to 1024

   This ensures that we can always make a new connection, regardless
   of the existing configuration.  We also catch more conditions when
   the server has restricted the number of connections, and try again.

 - Set the route after the connection drops out

   My WinXP box always wants to drop the default route

 - Set the DNS as a distinct step

   My WinXP box drops the connection when we set DNS servers

Andrew Bartlett

8 years agowintest Explian that this is my KVM/libvirt configuration
Andrew Bartlett [Tue, 23 Nov 2010 04:02:30 +0000 (15:02 +1100)]
wintest Explian that this is my KVM/libvirt configuration

8 years agowintest example configuration file for a KVM based wintest
Andrew Bartlett [Mon, 22 Nov 2010 10:26:13 +0000 (21:26 +1100)]
wintest example configuration file for a KVM based wintest

Andrew Bartlett

8 years agowintest Allow substitute to cope with objects like pexpect.EOF
Andrew Bartlett [Mon, 22 Nov 2010 10:24:56 +0000 (21:24 +1100)]
wintest Allow substitute to cope with objects like pexpect.EOF

These are not strings, but may get passed into this function on the
way to pexpect.

Andrew Bartlett

8 years agowintest Set the virtual machine IP to match it's dynamic IP, but don't use DHCP
Andrew Bartlett [Mon, 22 Nov 2010 10:23:38 +0000 (21:23 +1100)]
wintest Set the virtual machine IP to match it's dynamic IP, but don't use DHCP

The idea here is that the virtual machine stays on the address
allocated by DHCP, but is configured statically.  This avoids the need
to manually set the address on the host, but avoids the host being
instructed by DHCP not to do Dynamic DNS.

Andrew Bartlett

8 years agowintest Force krb5.conf for BIND so we use the one generated for this test
Andrew Bartlett [Mon, 22 Nov 2010 10:21:57 +0000 (21:21 +1100)]
wintest Force krb5.conf for BIND so we use the one generated for this test

This avoids needing to set the krb5.conf for the whole host to match
the test environment.

Andrew Bartlett

8 years agos3: Add a word of warning about "winbind use default domain"
Volker Lendecke [Mon, 22 Nov 2010 21:39:45 +0000 (22:39 +0100)]
s3: Add a word of warning about "winbind use default domain"

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Nov 22 23:26:11 CET 2010 on sn-devel-104

8 years agos3: Fix some typos
Volker Lendecke [Mon, 22 Nov 2010 21:37:56 +0000 (22:37 +0100)]
s3: Fix some typos

8 years agos3: Use sid_check_is..
Volker Lendecke [Mon, 22 Nov 2010 21:22:32 +0000 (22:22 +0100)]
s3: Use sid_check_is..

8 years agoservice_ldap, service_smb: Lowercase output file names.
Jelmer Vernooij [Mon, 22 Nov 2010 18:42:47 +0000 (19:42 +0100)]
service_ldap, service_smb: Lowercase output file names.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Nov 22 20:28:14 CET 2010 on sn-devel-104

8 years agos4-tests: Adapted passwords.py to use set_minPwdAge from SamDB.
Nadezhda Ivanova [Mon, 22 Nov 2010 16:51:55 +0000 (18:51 +0200)]
s4-tests: Adapted passwords.py to use set_minPwdAge from SamDB.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Mon Nov 22 18:39:06 CET 2010 on sn-devel-104

8 years agos4-tests: Adapted acl.py to use set_minPwdAge from SamDB.
Nadezhda Ivanova [Mon, 22 Nov 2010 16:50:35 +0000 (18:50 +0200)]
s4-tests: Adapted acl.py to use set_minPwdAge from SamDB.