libcli/security: add init_mask to existing children in insert_in_object_tree

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

libcli/security: handle node initialisation in one spot in insert_in_object_tree()

This removes special-case for initalising the children array in
insert_in_object_tree().  talloc_realloc() handles the intial allocate
case perfectly well, so there is no need to have this duplicated.

This also restores having just one place were the rest of the elements
are intialised, to ensure uniform behaviour.

To do this, we have to rework insert_in_object_tree to have only one
output variable, both because having both root and new_node as output
variables was too confusing, and because otherwise the two pointers
were being allowed to point at the same memory.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

libcli/security: avoid usage of dom_sid_parse_talloc() in sec_access_check_ds()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

libcli/security: simplify get_ace_object_type()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

libcli/security: fix formating in access_check.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

libcli/security: fix whitespaces in access_check.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: the SEC_ADS_DELETE_CHILD checks need objectclass->schemaIDGUID

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: make use of acl_check_access_on_objectclass() for the object in acl_delete()

We should only use dsdb_module_check_access_on_dn() on the parent.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: make use of acl_check_access_on_{attribute,objectclass} in acl_rename()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: make use of acl_check_access_on_attribute() in acl_modify()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: remove unused acl_check_access_on_class()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: use acl_check_access_on_objectclass() instead of acl_check_access_on_class()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: Use the structural objectClass in acl_check_access_on_attribute()

This commit enters the GUID into the object tree so that that access
rights assigned to the structural objectClass are also available, as
well as rights assigned to the attribute property groups.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: Pass the structural objectClass into acl_check_access_on_attribute

This will, when the GUID is entered into the object tree (not in this
commit) ensure that access rights assigned to the structural
objectClass are also available, as well as rights assigned to the
attribute property groups.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: Remove unused get_oc_guid_from_message()

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: ask for the objectClass attribute if it's not in the scope of the clients search

This will be used later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: use dsdb_get_structural_oc_from_msg() rather than class_schemaid_guid_by_lDAPDisplayName

This uses dsdb_get_last_structural_objectclass(), which encodes this ordering
knowledge in one place in the code, rather than using this uncommented
magic expression:

(char *)oc_el->values[oc_el->num_values-1].data

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_rename()

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_modify()

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: add acl_check_access_on_objectclass() helper

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: Add helper function dsdb_get_structural_oc_from_msg()

This will eventually replace get_oc_guid_from_message(), returning the full dsdb_class.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: attr is not optional to acl_check_access_on_attribute()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: dsdb_attribute_by_lDAPDisplayName() is needed for all attributes

"clearTextPassword" is the only exception.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: introduce a 'el' helper variable to acl_modify()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-acl: introduce a 'msg' helper variable to acl_modify()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-schema: make sure we build [system]PossibleInferiors completely

Otherwise callers like dsdb_schema_copy_shallow() will corrupt the
talloc hierarchie.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-schema: make sure use clean caches in schema_inferiors.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dsdb-schema: make schema_subclasses_order_recurse() static

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

BUG 9474: Downgrade v4 printer driver requests to v3.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 21 16:11:02 CET 2013 on sn-devel-104

BUG 9574: Fix a possible null pointer dereference in spoolss.

If the the client enumerates the printers and didn't specify a
servername we have a null pointer dereference, so the process serving
the connection crashes.

Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jan 21 13:30:11 CET 2013 on sn-devel-104

Tests: remove redondent testsuites in provision

Removed provision are already tested somewhere else.

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Mon Jan 21 09:59:43 CET 2013 on sn-devel-104

Tests: avoid adding python options that are functions in the env

This fix errors when running test --testenv --screen

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Tests: rewrite ldap_schema to specify attributes

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Fix warnings with mismatched sizes in arguments to DEBUG statements.

This can cause compile errors on 32-bit systems.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jan 19 12:14:13 CET 2013 on sn-devel-104

Remove some unused variables.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

heimdal_build: Try again to sort out the strerror_r mess

Reviewed-by: Stefan Metzmacher <metze@samba.org>

printing: Free talloc_stackframe() on all exit paths

Reviewed-by: Stefan Metzmacher <metze@samba.org>

nsswitch: Fix two bitfield constants being the same.

WBFLAG_PAM_AUTH_PAC and WBFLAG_BIG_NTLMV2_BLOB
are the same causing errors in NTLMv2 authentication.

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 18 22:13:09 CET 2013 on sn-devel-104

Sort winbind request flags. Ira saw we have a duplicate.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed by: Ira Cooper <ira@wakeful.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

smbtorture: Satisfy a linker dependency

Reviewed by: Jeremy Allison <jra@samba.org>

winbind: Handle child requests in a tevent_fd

This enables the use of standard tevent_loop_once in the child, which
now also uses epoll where available.

Reviewed by: Jeremy Allison <jra@samba.org>

winbind: Introduce "struct child_handler_state"

This will make the next patch simpler. child_handler_state contains the
information that the handler for the parent fde needs to pass to
process_child_request

Reviewed by: Jeremy Allison <jra@samba.org>

winbind: Use standard tevent_context_init

This makes winbind use epoll instead of poll

Reviewed by: Jeremy Allison <jra@samba.org>

BUG 9378: Add extra attributes for AD printer publishing.

Currently attempting to publish a printer in AD fails with "Object class
violation", due to a number of missing attributes in the LDAP request.

Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jan 18 17:27:35 CET 2013 on sn-devel-104

printing: Remove invalid free from error path.

Reviewed-by: Andreas Schneider <asn@samba.org>

Remove locking across the lifetime of the copychunk call.

Previous commit handles this around each read/write call.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jan 18 01:47:01 CET 2013 on sn-devel-104

Move copychunk locking to be local to the read/write calls.

Eliminates the need to hold locks across the
entire lifetime of the call.

Next commit will remove these.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Add additional copychunk checks.

For printer, ipc$ connections, and directory handles.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Move handle checking code to copychunk_check_handles().

Planning to add extra checks to ensure we don't attempt
copychunk on printer or IPC$ handles.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

tevent: Fix a comment

liboop.org is now in a language I don't understand. But it does definitely not
contain a library.

Reviewed by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 18 00:05:37 CET 2013 on sn-devel-104

printing: Create default architecture directories on init.

Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 17 20:36:17 CET 2013 on sn-devel-104

s3-spoolss: use configurable spoolss architecture in compose_spoolss_server_path().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Jan 17 18:53:47 CET 2013 on sn-devel-104

spoolss: make spoolss deal with ndr64 SetForm by using proper container object.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

spoolss: make spoolss deal with ndr64 AddForm by using proper container object.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

s4-torture: add ndr64 spoolss_SetPrinter ndr test.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

spoolss: make spoolss deal with ndr64 ULONG_PTR of devmode_ptr and secdesc_ptr.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

dsdb-operational: Avoid doing the ldb_attr_cmp if bypass flag is not set

Most of the time this flag is not set and so we can avoid the strcasecmp
in ldb_attr_cmp()

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 17 17:10:32 CET 2013 on sn-devel-104

torture: Fix fsmo test to use correct -H samba-tool syntax

However, the test still does not pass.

Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb: Do not hold the transaction over the IRPC call to perform a role transfer

This avoids one samba process locking out another from the DB.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

selftest: also skip raw.search as it also spins

Reviewed-by: Stefan Metzmacher <metze@samba.org>

drs-fsmo: Improve handling of FSMO role takeover.

This needs to be more async, and give less scary errors.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb-acl: calculate sDRightsEffective based on "nTSecurityDescriptor"

acl_check_access_on_attribute should never be called with attr=NULL
because we don't check access on an attribute in that case

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Thu Jan 17 11:21:10 CET 2013 on sn-devel-104

dsdb-acl: add helper variable 'ldb' in acl_sDRightsEffective

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>

libcli/security: don't look at the inherited type in get_ace_object_type()

The inherited_type is only used to decide if aces should be inherited
effectively or not (INHERIT_ONLY) for the specified object.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>

dsdb-acl: fix the order of special and system checks

First we check for a special dn, then for system access.
All allocations happen after this checks in order to avoid
allocations we won't use.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>

dsdb-acl: Do not apply ACL on special DNs to hide attributes that the user shouldn't see

This fix frequent reindexing when using python script with a
user that is not system.
The reindexing is caused by ACL module hidding (removing) attributes in
the search request for all attributes in dn=@ATTRIBUTES and because
dsdb_schema_set_indices_and_attributes checks that the list of
attributes that it just calculated from the schema is the same as the
list written in @ATTRIBUTES, if not the list is replaced and a
reindexing is triggered.

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb-acl: talloc_free the private context when we pass to the next module

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>

dsdb-acl: don't call dsdb_user_password_support() if we don't use the result

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>

smb2_ioctl: copychunk request max output validation

Check that the copychunk ioctl request maximum output specified by the
client is large enough to hold copychunk response data.

Reviewed by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 17 00:59:44 CET 2013 on sn-devel-104

smb2_ioctl: track copychunk response output state

Treat the response data independent to the status.

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: copychunk CHECK_READ and CHECK_WRITE

[MS-SMB2] 3.3.5.15.6 Handling a Server-Side Data Copy Request, specifies
that the copychunk destination file handle be granted FILE_WRITE_DATA
and FILE_READ_DATA access.

FILE_READ_DATA access must also be granted on the copychunk source file,
which may be done implicitly with execute permission.

Reviewed by: Jeremy Allison <jra@samba.org>

torture: copychunk test suite improvements

Allow for large files in test_setup_copy_chunk():
  Write test data in 1M IOs, rather than attempting to do the whole
  thing in one go.

Add copychunk bad resume key test:
  Send a copy chunk request with an intentionally bogus resume key
  (source key handle).

Add copychunk src=dest test:
  Test copychunk requests where the source and destination handles refer
  to the same file.

Add copychunk src=dest overlap test.

Add desired access args to test_setup_copy_chunk().

Add copychunk_bad_access test:
  Open the copychunk source and destination files with differing
  desired_access values. Confirm copychunk response matches 2k8 and 2k12
  behaviour.

Add copy_chunk_src_exceed test:
  Attempts to copy more data than is present in the copychunk source
  file.

Add copy_chunk_src_exceed_multi test:
  Test whether the first chunk in a multi-chunk copychunk request is
  written to disk, where the second chunk is invalid due to src file
  overrun.

Add copy_chunk_sparse_dest test:
  Issue a request where the target offset exceeds the file size, resulting
  in a sparse region.

Add copy_chunk_max_output_sz test.

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: only pass through to VFS on a valid fsp

A null fsp is dereferenced on VFS call.

Reviewed by: Jeremy Allison <jra@samba.org>

torture: replace ioctl failure returns with helper calls

Also change test_ioctl_get_shadow_copy() to use torture_skip(), and
clean up test output.

Reviewed by: Jeremy Allison <jra@samba.org>

torture: add locking tests for copychunk

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: perform locking around copychunk requests

For each chunk in a copychunk request, take a read and write lock on
the source and destination files respectively.

Also change the resume key format to use a combination of the persistent
and volatile handles. Thanks to Metze for his help on this.

Reviewed by: Jeremy Allison <jra@samba.org>

smbd: split out file_fsp_get from file_fsp_smb2

Obtain the files_struct from smb2req, persistent_id and
volatile_id.

Reviewed by: Jeremy Allison <jra@samba.org>

torture: skip FSCTL_SRV_ENUM_SNAPS test when not supported

If FSCTL_SRV_ENUM_SNAPS fails with NT_STATUS_NOT_SUPPORTED then skip the
test, this means we can run the full ioctl test suite as part of
autobuild.

Reviewed by: Jeremy Allison <jra@samba.org>

selftest: enable samba3.smb2.ioctl tests against s3fs

These tests are now expected to pass with copy-chunk support now
implemented.

This effectively reverts 632b1042aed94a71d810613fcdbbfecf615a25fa.

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: remove ioctl error response assumptions

MS-SMB2 3.3.4.4 documents cases where a ntstatus indicating an error
should not be considered a failure. In such a case the output data
buffer should be sent to the client rather than an error response
packet.

Add a new fsctl copy_chunk test to confirm field limits are sent back
in response to an oversize chunk request.

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: add support for FSCTL_SRV_COPYCHUNK

SMB2 clients can issue FSCTL_SRV_COPYCHUNK requests in order to copy
data between files on the server side only, rather than reading data
then writing back from the client. FSCTL_SRV_COPYCHUNK is used by
default for Explorer SMB2 file copies on Windows Server 2012.

2.2.32.1 SRV_COPYCHUNK_RESPONSE in [MS-SMB2] describes the requirement
for the server to provide maximum copychunk request size limits in ioctl
responses carrying STATUS_INVALID_PARAMETER.

Reviewed by: Jeremy Allison <jra@samba.org>

s3-vfs: add copy_chunk vfs hooks

copy_chunk copies n bytes from a source file at a specific offset to a
destination file at a given offset. This interface will be used in
handling smb2 FSCTL_SRV_COPYCHUNK ioctl requests.

Use a pread/pwrite loop in vfs_default, so that requests referring to
the same src and dest file are possible.

Provide send and receive hooks for copy chunk VFS interface, allowing
asynchronous behaviour.

Check whether the request source offset + length exceeds the current
size. Return STATUS_INVALID_VIEW_SIZE under such a condition, matching
Windows server behaviour.

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: add FSCTL_SRV_REQUEST_RESUME_KEY support

Use existing ioctl IDL infrastructure for marshalling. Support for this
ioctl is a prerequisite for FSCTL_SRV_COPYCHUNK handling.
The client-opaque resume key is constructed using the server side
dev/inode file identifier.

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: split ioctl handler code on device type

Add per device type ioctl handler source files for FSCTL_DFS,
FSCTL_FILESYSTEM, FSCTL_NAMED_PIPE and FSCTL_NETWORK_FILESYSTEM.

Reviewed by: Jeremy Allison <jra@samba.org>

smb2_ioctl: split ioctl handlers into separate funtions

Reviewed by: Jeremy Allison <jra@samba.org>

build(waf): fix the abi_match for the pdb library

The global wildcard match is automatically added by the parsing code
if the global match list is empty. Specifying an explicit '*' as the only
global match lets the parsing code add a second '*' to the local list,
which is an error tolerated on my linux by ld (the GNU linker), but
not by the stricter GNU ELF linker "gold".

Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>

Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Jan 16 21:31:00 CET 2013 on sn-devel-104

s4-torture: add ndr64 spoolss openprinterex to ndr test.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jan 16 13:26:53 CET 2013 on sn-devel-104

s4-torture: allow to do ndr tests with flags, not only ndr_flags.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

spoolss: Make OpenPrinterEx work with NDR64 by using UserInfo Container.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

test: dbwrap_tool requires --persistent for the registry now

Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jan 15 16:31:35 CET 2013 on sn-devel-104

docs: document the "--persistent" option in dbwrap_tool(1)

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

s3:dbwrap_tool: add --persistent switch and mode for non-persistent DBs

This changes the default for dbwrap_tool to open a DB as non-persistent.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

dbwrap: add dbwrap_is_persistent()

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: document the command line options in dbwrap_tool(1)

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: use the popt.common.samba.client entity in samba-tool(8)

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: use the entities popt.common.samba.server and stdarg.help in samba(8)

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: add popt.common.samba.server and popt.common.samba.client entities

These are comprised by the popt.common.samba entity and the stdarg.server.debug
or the stdarg.client.debut entity, respectively.
The difference is only in the default value of the debug level setting.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: fix the stdarg.configfile entity to print a "=" sign after the long option

This makes the appearance equal to the other options like --debuglevel or
--log-basename.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: use the stdarg.option entity in the popt.common.samba entity

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: add an entity stdarg.option for the "--option" command line parameter

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>