Andrew Bartlett [Sat, 2 Nov 2002 07:54:04 +0000 (07:54 +0000)]
Clean up this a little - add comments describing a bit of what is going on
here.
Andrew Bartlett [Sat, 2 Nov 2002 07:09:17 +0000 (07:09 +0000)]
Add a 'ldap trust ids' option that lets pdb_ldap check for posixAccount
attributes rather than calling getpwnam() on the user.
This should help fix some of metze's performance issues - particularly on
enumerations.
There is a consequential change to the operation of 'non unix account's in LDAP
- they are no longer restricted to being 'within' the NUA range, but will
always be added to that range.
Finally, there is the doco for this and the previous LDAP SSL changes.
Richard Sharpe [Sat, 2 Nov 2002 06:21:10 +0000 (06:21 +0000)]
Make sure that %u is used for SID elements ...
Andrew Bartlett [Sat, 2 Nov 2002 03:37:26 +0000 (03:37 +0000)]
Return the result code, not false (0 == success) on error...
Andrew Bartlett [Sat, 2 Nov 2002 03:14:27 +0000 (03:14 +0000)]
Fixes for pdb_ldap:
- Default is now for start-tls, on the ldap (not ldaps) port
- We check for 'I am currently root' in the right place now, and don't
accidentily use a cached connection.
- We don't loop on failure to be root, or some other errors.
- A bit cleaner error reporting for add/modify.
- Both the OpenLDAP and manual URI parsing tested.
Andrew Bartlett
Tim Potter [Sat, 2 Nov 2002 01:51:34 +0000 (01:51 +0000)]
Fix --set-auth-user command to delete entries from the secrets file when an
empty username/password is passed on the command line. Previously we were
leaving the domain name set and the password set to a NULL character.
Added a --get-auth-user command to display the restrict anonymous username
information. Can only be run successfully by root.
Tim Potter [Sat, 2 Nov 2002 01:35:18 +0000 (01:35 +0000)]
Some winbindd cleanups I made trying to fix cr1020:
- move winbindd client handling into accessor functions in
winbindd_util.c
- move some winbindd socket routines into accessor functions in
winbindd_utils.c
(The deadlock situation mentioned in the appliance branch is probably
not applicable since we don't clear the connection cache on SIGHUP.
Perhaps we should?)
Jelmer Vernooij [Sat, 2 Nov 2002 01:07:27 +0000 (01:07 +0000)]
Add popt_common_socket_options
Tim Potter [Sat, 2 Nov 2002 01:05:47 +0000 (01:05 +0000)]
Handle the case where the password used in RPC connections (for restrict
anonymous support) is blank.
Tim Potter [Sat, 2 Nov 2002 00:45:19 +0000 (00:45 +0000)]
Display pipe name in rpc bind failure debug.
Jelmer Vernooij [Sat, 2 Nov 2002 00:44:19 +0000 (00:44 +0000)]
Convert to popt
Jelmer Vernooij [Sat, 2 Nov 2002 00:20:29 +0000 (00:20 +0000)]
Initial updating of Diagnosis
Jelmer Vernooij [Sat, 2 Nov 2002 00:17:21 +0000 (00:17 +0000)]
Update status of docs - some more manpages are now up-to-date
Jelmer Vernooij [Sat, 2 Nov 2002 00:16:36 +0000 (00:16 +0000)]
Update manpages - make ready for 3.0
Richard Sharpe [Fri, 1 Nov 2002 08:53:28 +0000 (08:53 +0000)]
Add the changes to change the SIDs ...
You must make two passes over NTUSER.DAT, one for the OWNER SID and one for
GROUP SID.
I have not tested this yet ... that is, I have not tried to use this on
a Win2K etc server.
Richard Sharpe [Fri, 1 Nov 2002 07:43:54 +0000 (07:43 +0000)]
Add more. Parse SIDs on the command line ... soon will actually mod the
SecDescs in the NTUSER.DAT ...
Richard Sharpe [Fri, 1 Nov 2002 05:41:56 +0000 (05:41 +0000)]
Fix a problem with spaces vs tabs
Richard Sharpe [Fri, 1 Nov 2002 05:29:11 +0000 (05:29 +0000)]
Revert that stupid one line change.
Richard Sharpe [Fri, 1 Nov 2002 05:24:38 +0000 (05:24 +0000)]
Fix small typo ...
Richard Sharpe [Fri, 1 Nov 2002 05:06:19 +0000 (05:06 +0000)]
Add more code to the profiles program and add Makefile.in support.
Tim Potter [Fri, 1 Nov 2002 00:38:26 +0000 (00:38 +0000)]
Tidyup of some DCERPC pipe connection debugs. The new LSA_DS stuff
generates some errors we haven't seen before which are inappropriately
logged at level 0.
Jeremy Allison [Thu, 31 Oct 2002 23:41:02 +0000 (23:41 +0000)]
Fix slowdown because of enumerating all print queues on every smbd startup.
Jeremy.
Jelmer Vernooij [Thu, 31 Oct 2002 22:00:20 +0000 (22:00 +0000)]
Add initial upgrading doc (doesn't contain much currently)
Start using more entities
Jim McDonough [Thu, 31 Oct 2002 19:20:33 +0000 (19:20 +0000)]
Re-enable use of existing kerberos tickets.
Jeremy Allison [Thu, 31 Oct 2002 18:43:05 +0000 (18:43 +0000)]
Check the long_archi name is not null.
Jeremy.
Jelmer Vernooij [Thu, 31 Oct 2002 18:08:45 +0000 (18:08 +0000)]
add smb_load_modules() to load a list of modules - does this function look ok ?
Volker Lendecke [Thu, 31 Oct 2002 17:34:49 +0000 (17:34 +0000)]
search & replace doesn't always work reliably :-)
Volker
Richard Sharpe [Thu, 31 Oct 2002 17:27:47 +0000 (17:27 +0000)]
Add a small utility that can print out the SEC DESCs in NTUSER.DAT.
This is an early, messy version of the code, but it illustrates what can
be done. It currently only prints the Owner SID, Group SID, and Perms and
SID from each ACE.
Once more work is done, it could actually walk the SEC DESCs and ACEs and
change the SIDS ...
John Terpstra [Thu, 31 Oct 2002 04:17:29 +0000 (04:17 +0000)]
Another Buchan Milne patch that escaped the last commit.
John Terpstra [Thu, 31 Oct 2002 04:16:26 +0000 (04:16 +0000)]
Applied Buchan Milne's patches.
Jelmer Vernooij [Wed, 30 Oct 2002 19:23:22 +0000 (19:23 +0000)]
Rerun autoconf
Jim McDonough [Wed, 30 Oct 2002 18:18:25 +0000 (18:18 +0000)]
Fix build. Don't use BSD setenv. Use POSIX putenv.
Jeremy, it wasn't me!!!!!!
Jelmer Vernooij [Wed, 30 Oct 2002 17:50:36 +0000 (17:50 +0000)]
use sys_dlopen instead of dlopen (thanks to jra for noticing)
Tim Potter [Wed, 30 Oct 2002 14:52:53 +0000 (14:52 +0000)]
Fix boog in argument list for nt_create_andx.
Jelmer Vernooij [Wed, 30 Oct 2002 12:50:47 +0000 (12:50 +0000)]
The locking description in this doc is outdated - note that
Jelmer Vernooij [Wed, 30 Oct 2002 12:07:49 +0000 (12:07 +0000)]
- Remove RTLD_GLOBAL
- make smb_load_module() return the return value of init_module()
Andrew Tridgell [Wed, 30 Oct 2002 12:03:40 +0000 (12:03 +0000)]
added a timegm() function for systems that don't have it
Jelmer Vernooij [Wed, 30 Oct 2002 12:01:19 +0000 (12:01 +0000)]
Add init_module_function typedef for new module system
Jelmer Vernooij [Wed, 30 Oct 2002 11:52:36 +0000 (11:52 +0000)]
Add initial vesion of new module system
John Terpstra [Wed, 30 Oct 2002 04:04:00 +0000 (04:04 +0000)]
Not sure why this is here - so off it goes.
John Terpstra [Wed, 30 Oct 2002 03:54:19 +0000 (03:54 +0000)]
Adding Buchan Milne's updates from HEAD.
John Terpstra [Wed, 30 Oct 2002 03:50:23 +0000 (03:50 +0000)]
Adding Buchan Milne's updates.
John Terpstra [Wed, 30 Oct 2002 03:29:01 +0000 (03:29 +0000)]
Added Buchan Milne's DESTDIR patch.
Jelmer Vernooij [Tue, 29 Oct 2002 21:46:36 +0000 (21:46 +0000)]
Add autom4te.cache (used by newer autoconfs)
Jelmer Vernooij [Tue, 29 Oct 2002 16:20:06 +0000 (16:20 +0000)]
We also support security = server
Jelmer Vernooij [Tue, 29 Oct 2002 16:19:32 +0000 (16:19 +0000)]
2.2 was the previous release - don't talk about it like it's current
Jelmer Vernooij [Tue, 29 Oct 2002 16:18:10 +0000 (16:18 +0000)]
Small markup fixes
Jelmer Vernooij [Tue, 29 Oct 2002 16:16:37 +0000 (16:16 +0000)]
-E doesn't take arguments
Jelmer Vernooij [Tue, 29 Oct 2002 16:12:57 +0000 (16:12 +0000)]
Sync with actual changes
Andrew Bartlett [Tue, 29 Oct 2002 08:21:40 +0000 (08:21 +0000)]
Fix a nice little memory leak in our uid changing code.
Andrew Bartlett
Tim Potter [Tue, 29 Oct 2002 04:39:33 +0000 (04:39 +0000)]
Added close and unlink functions.
Jeremy Allison [Mon, 28 Oct 2002 22:04:47 +0000 (22:04 +0000)]
Fix fd leak with kernel change notify.
Jeremy.
Jelmer Vernooij [Mon, 28 Oct 2002 19:57:33 +0000 (19:57 +0000)]
Fix typo (-s -> -S)
Jelmer Vernooij [Mon, 28 Oct 2002 19:54:11 +0000 (19:54 +0000)]
Update info on ldap suffix (thanks metze)
Jelmer Vernooij [Mon, 28 Oct 2002 19:24:48 +0000 (19:24 +0000)]
document ldap suffix
Volker Lendecke [Mon, 28 Oct 2002 12:55:22 +0000 (12:55 +0000)]
Implement 'net maxrid'. Needed to find the maximum current rid to
set 'algorithmic rid base' correctly after a 'net rpc vampire'.
Volker
John Terpstra [Sun, 27 Oct 2002 00:04:13 +0000 (00:04 +0000)]
Remove make_printerdef from binary install process.
Jelmer Vernooij [Sat, 26 Oct 2002 14:49:30 +0000 (14:49 +0000)]
Fix bug in '-d'
Andrew Bartlett [Sat, 26 Oct 2002 01:47:38 +0000 (01:47 +0000)]
One more step towards to better PDC.
This patch, from "Stefan (metze) Metzmacher" <metze@metzemix.de> implements an
LDAP connection cache. This removes the quite silly situation where every
single passdb operation involved a new LDAP connection.
The hope is that this will give us a decent performance boost in some usrmgr
related activities, and in the sid->name/sid->uid code.
The remaining things I think are 'todo' for pdb_ldap (in the near term) are:
- intergrate volker's next_rid patch for NUA accounts,
- add a 'trust ldap ids' option (remove Get_Pwnam() hit on enumerations).
- put the group mapping actually into ldap
- Schema fixes and do utf8 conversion
- server failover (try a second server for the rebind on fail)
- ensure we block between an 'add' and the ldap master replicating to our
local slave (mezte found this issue, kills domain joins)
Andrew Bartlett
Andrew Bartlett [Sat, 26 Oct 2002 00:59:21 +0000 (00:59 +0000)]
Make sure that we always return False if the password change never returns.
(A stuck 'unix passowrd sync' was gettting reported as 'success', causing
all sorts of fun)
Andrew Bartlett
Andrew Bartlett [Sat, 26 Oct 2002 00:55:14 +0000 (00:55 +0000)]
Updates to winbind's PAM client and server - make the debug logs
work a bit better for password changing.
Andrew Bartlett
Jeremy Allison [Sat, 26 Oct 2002 00:29:21 +0000 (00:29 +0000)]
Fix problem where an fd would be left open for every printer queue.
Jeremy.
Gerald Carter [Fri, 25 Oct 2002 22:17:29 +0000 (22:17 +0000)]
PURGE_PRINTER fix from APP_HEAD
Jelmer Vernooij [Fri, 25 Oct 2002 02:37:11 +0000 (02:37 +0000)]
Fix memory leak (patch by Steve Langasek)
Jelmer Vernooij [Fri, 25 Oct 2002 00:36:28 +0000 (00:36 +0000)]
Only run free_private_data when it's specified (reported by Steve Langasek aka vorlon)
Jelmer Vernooij [Thu, 24 Oct 2002 13:30:45 +0000 (13:30 +0000)]
Document -P and -V (patch from Guenther Deschner <gd@suse.de>)
Jeremy Allison [Wed, 23 Oct 2002 22:23:39 +0000 (22:23 +0000)]
Reverted a fix from Volker (sorry). We need to move this fix to the correct
place.
Jeremy.
Jelmer Vernooij [Wed, 23 Oct 2002 15:29:35 +0000 (15:29 +0000)]
Move OID documents to web module
Andrew Tridgell [Wed, 23 Oct 2002 03:37:51 +0000 (03:37 +0000)]
much simpler code to choose a DC to contact in winbindd. We now always
choose the server that has the most bits in common in its IP with one
of our interfaces.
Jeremy Allison [Wed, 23 Oct 2002 01:55:40 +0000 (01:55 +0000)]
Debug level 12 is a typo.
Jeremy.
Jeremy Allison [Wed, 23 Oct 2002 01:22:45 +0000 (01:22 +0000)]
First cut of new ACL mapping code from Andreas Gruenbacher <agruen@suse.de>.
This is not 100% the same as what SuSE shipped in their Samba, there is
a crash bug fix, a race condition fix, and a few logic changes I'd like to
discuss with Andreas. Added Andreas to (C) notices for posix_acls.c
Jeremy.
Andrew Tridgell [Wed, 23 Oct 2002 00:23:30 +0000 (00:23 +0000)]
if trusted domains are disabled then we should not try to connect to
them in winbindd
Andrew Tridgell [Wed, 23 Oct 2002 00:02:26 +0000 (00:02 +0000)]
fixed a possible segv when dealing with a blank password
Jeremy Allison [Tue, 22 Oct 2002 22:17:06 +0000 (22:17 +0000)]
Fix for systems that allow more than 65536 open files per process.
Jeremy.
Simo Sorce [Tue, 22 Oct 2002 16:10:45 +0000 (16:10 +0000)]
Some was asking to look at this code, so better it stay there until we decide what to do with it.
Last updates are support for the right way to support privileges.
Simo.
Tim Potter [Mon, 21 Oct 2002 21:21:33 +0000 (21:21 +0000)]
Fixed bug in session setup kwlist.
Added some basic error handling. Just throw a RuntimeError exception
on error.
Volker Lendecke [Mon, 21 Oct 2002 20:33:00 +0000 (20:33 +0000)]
Same segfault as in add_groupmem.
Volker
Volker Lendecke [Mon, 21 Oct 2002 20:31:59 +0000 (20:31 +0000)]
pdb_unix.c did not really expect group RIDs dictated by a PDC and looking
like user RIDs.
Volker
Gerald Carter [Mon, 21 Oct 2002 20:28:11 +0000 (20:28 +0000)]
merge from samba_3_0
removed the following parameters
* postscript
* printer driver
* printer driver location
* printer driver file
also removed the get_a_printer_driver_9x_compatible() function
Volker Lendecke [Mon, 21 Oct 2002 19:28:56 +0000 (19:28 +0000)]
This moves the group mapping API into the passdb backend.
Currently this calls back to mapping.c, but we have the framework
to get the information into LDAP and the passdb.tdb (should we? I
think so..).
This has received moderate testing with net rpc vampire and
usrmgr. I found the add_groupmem segfault in add_aliasmem as
well, but that will be another checkin.
Volker
Volker Lendecke [Mon, 21 Oct 2002 19:25:04 +0000 (19:25 +0000)]
I was somewhat annoyed by 'pdbedit -a vl' spitting an error message
at me :-)
Volker
Jelmer Vernooij [Mon, 21 Oct 2002 19:22:46 +0000 (19:22 +0000)]
Fix usage message
Jelmer Vernooij [Mon, 21 Oct 2002 19:21:41 +0000 (19:21 +0000)]
Remove obsolete acconfig.h - we now use comments in AC_DEFINE()
Jelmer Vernooij [Mon, 21 Oct 2002 18:01:02 +0000 (18:01 +0000)]
Add faq chapter about the samba features
Jelmer Vernooij [Mon, 21 Oct 2002 17:59:51 +0000 (17:59 +0000)]
Don't say we need WINS Replication documentation
Jelmer Vernooij [Mon, 21 Oct 2002 16:28:27 +0000 (16:28 +0000)]
Recognize FreeBSD5 correctly (not as being sysv...)
Gerald Carter [Mon, 21 Oct 2002 15:49:26 +0000 (15:49 +0000)]
sync with SAMBA_3_0
Jelmer Vernooij [Mon, 21 Oct 2002 15:36:51 +0000 (15:36 +0000)]
Sync with metze's CVS tree
Jelmer Vernooij [Mon, 21 Oct 2002 13:41:34 +0000 (13:41 +0000)]
Small patch from metze to add 3 parameters to vfs_init, as it requires
Jelmer Vernooij [Mon, 21 Oct 2002 13:31:32 +0000 (13:31 +0000)]
Add text doc about what work is left on the docs for 3.0
Martin Pool [Mon, 21 Oct 2002 11:44:26 +0000 (11:44 +0000)]
Test both new samba.tdbpack and oldtdbutil pack/unpack routines.
This makes the test suite fail because at the moment they are in fact
not behaving the same way.
Martin Pool [Mon, 21 Oct 2002 11:13:53 +0000 (11:13 +0000)]
Import old pure Python version of tdbpack/unpack, so that we can do
compatibility testing against the shiny new C version.
This version is slightly modified to not call codepage conversion
routines, and renamed tdbutil->oldtdbutil.
Tim Potter [Mon, 21 Oct 2002 09:54:41 +0000 (09:54 +0000)]
The libsmb module uses py_ntsec.o
Tim Potter [Mon, 21 Oct 2002 09:53:31 +0000 (09:53 +0000)]
Fixed up tconx function. Implemented nt_create_andx, query_secdesc
and set_secdesc functions.
Tim Potter [Mon, 21 Oct 2002 08:23:20 +0000 (08:23 +0000)]
Whoops - this should be in py_smb.c
Martin Pool [Mon, 21 Oct 2002 07:41:08 +0000 (07:41 +0000)]
Give better error messages for TypeError, which will arise if e.g. you
try to pack an Int using a string tdbpack format.
Tim Potter [Mon, 21 Oct 2002 04:47:29 +0000 (04:47 +0000)]
More cleanups of validation functions.
Tim Potter [Mon, 21 Oct 2002 04:44:44 +0000 (04:44 +0000)]
Zero some more return values.
Andrew Tridgell [Mon, 21 Oct 2002 04:30:51 +0000 (04:30 +0000)]
add a 'mangle prefix' option to allow people to tune the number of
characters used in the prefix for 8.3 names in the hash2
algorithm. The longer the prefix the more readable the 8.3 names will
be, but the weaker the hash.
this was added because of someone complaining that the new hashing
algorithm was unreadable but the old one was broken :)
Tim Potter [Mon, 21 Oct 2002 04:17:43 +0000 (04:17 +0000)]
level should be a uint32 in enum_ports function.