8 years agov3-2-ctdb: bump the ctdb vendor patch level to 72 v3-2-ctdb
Volker Lendecke [Mon, 10 May 2010 14:30:07 +0000 (16:30 +0200)]
v3-2-ctdb: bump the ctdb vendor patch level to 72

9 years agos3: Fork multiple children per domain
Volker Lendecke [Wed, 7 Apr 2010 15:45:12 +0000 (17:45 +0200)]
s3: Fork multiple children per domain

9 years agos3: Introduce winbindd_child_busy()
Volker Lendecke [Wed, 7 Apr 2010 15:44:18 +0000 (17:44 +0200)]
s3: Introduce winbindd_child_busy()

9 years agos3: Remove the separate "child" argument from setup_domain_child()
Volker Lendecke [Wed, 7 Apr 2010 15:43:37 +0000 (17:43 +0200)]
s3: Remove the separate "child" argument from setup_domain_child()

9 years agofix snapshot content display with hide unreadable
Christian Ambach [Fri, 9 Apr 2010 11:38:28 +0000 (13:38 +0200)]
fix snapshot content display with hide unreadable

With the hide unreadable option set, snapshots are be displayed
as empty because the shadow_copy2 module did not implement the
fget_nt_acl call that is used by the hide unreadable code and
so the paths were not corrected internally.

To prevent multiple conversions of the paths when the acl call
does a VFS_STAT (like the nfs4acl code does), a check was added
to convert_shadow2_name() so it will not touch paths any more
that look like they have already been converted.

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agolibwbclient: Re-Fix a bug that was fixed with e5741e27c4c
Volker Lendecke [Tue, 13 Apr 2010 10:09:21 +0000 (12:09 +0200)]
libwbclient: Re-Fix a bug that was fixed with e5741e27c4c

> r21878: Fix a bug with smbd serving a windows terminal server: If winbind
> decides smbd to be idle it might happen that smbd needs to do a winbind
> operation (for example sid2name) as non-root. This then fails to get the
> privileged pipe. When later on on the same connection another authentication
> request comes in, we try to do the CRAP auth via the non-privileged pipe.
> This adds a winbindd_priv_request_response() request that kills the existing
> winbind pipe connection if it's not privileged.

The fix for this was lost during the conversion to libwbclient.

Thanks to Ira Cooper <samba@ira.wakeful.net> for pointing this out!


9 years agofix a segfault in the notify subsystem
Christian Ambach [Mon, 5 Apr 2010 12:12:52 +0000 (14:12 +0200)]
fix a segfault in the notify subsystem

When the notify_array cannot be loaded correctly,
do not keep the half-baked parsing results in the global variable.

This can lead to segfaults next time notify_load is entered and
the seqnum has not changed. This has been seen in a case
where mixed smbd versions were running in a CTDB cluster
(versions with and w/o commit c216d1e6 that changed the
notify_entry structure).
There will be missed notifications until all smbds are at the
same software level, but this should be acceptable and is better
than crashing and interrupting client operations.

This fix cleans up the notify_array, removes the unparseable data
from the TDB and returns a fresh notify_array that can be worked

The NDR_PRINT_DEBUG had to be moved to only be called when the
parsing succeeded, it was seen to cause additional segfaults.

The status variable is intentionally left to NT_STATUS_OK to not
make callers abort and report errors to the clients and make them

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agov3-2-ctdb: bump the ctdb vendor patch level to 71
Volker Lendecke [Tue, 9 Mar 2010 11:33:09 +0000 (12:33 +0100)]
v3-2-ctdb: bump the ctdb vendor patch level to 71

9 years agov3-2-ctdb: Fix the RPM build
Volker Lendecke [Tue, 9 Mar 2010 12:05:33 +0000 (13:05 +0100)]
v3-2-ctdb: Fix the RPM build

9 years agos3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.
Günther Deschner [Tue, 8 Sep 2009 09:57:52 +0000 (11:57 +0200)]
s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.

The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a
W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56
byte). We should just ignore the remaining 12 zeroed bytes and proceed.

(cherry picked from commit e7e1e1887e79e4dcbd8836b775e387751c44f318)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
9 years agos3:netlogon: replace cred_hash3 by des_crypt112_16
Stefan Metzmacher [Thu, 27 Aug 2009 11:16:15 +0000 (13:16 +0200)]
s3:netlogon: replace cred_hash3 by des_crypt112_16

This makes sure we don't truncate the session key to 8 bytes
Fixes bug #6664.

(similar to commit 570a8cf5bb6924905b3ad20353d1e7b0ca087748)

9 years agos3:libsmb: fix make proto after krb5 fixes
Stefan Metzmacher [Wed, 3 Mar 2010 11:16:21 +0000 (12:16 +0100)]
s3:libsmb: fix make proto after krb5 fixes


9 years agoclikrb5: Prefer krb5_free_keytab_entry_contents to krb5_kt_free_entry.
Jelmer Vernooij [Thu, 4 Jun 2009 21:43:31 +0000 (23:43 +0200)]
clikrb5: Prefer krb5_free_keytab_entry_contents to krb5_kt_free_entry.

Both functions exist in MIT Kerberos >= 1.7, but only
krb5_free_keytab_entry_contents has a prototype.

Part of a fix for bug #6918 (Build breaks with krb5-client-1.7-6.1.i586).
(cherry picked from commit f7f183aba2c53426620bab7e934ce79b516dc4fc)

9 years agos3: fixed krb5 build problem on ubuntu karmic
Andrew Tridgell [Thu, 15 Oct 2009 23:40:50 +0000 (10:40 +1100)]
s3: fixed krb5 build problem on ubuntu karmic

Karmic has MIT krb5 1.7-beta3, which has the symbol
krb5_auth_con_set_req_cksumtype but no prototype for it.

See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531635
(cherry picked from commit a6e4cb500b4162cae1d906a1762507370b4ee89e)

Part of a fix for bug #6918.
(cherry picked from commit fbaed41c8f583f633673aca2f600c517744d28b5)

9 years agoFix for CVE-2009-2813.
Jeremy Allison [Mon, 28 Sep 2009 11:52:57 +0000 (13:52 +0200)]
Fix for CVE-2009-2813.

== Subject:     Misconfigured /etc/passwd file may share folders unexpectedly
== CVE ID#:     CVE-2009-2813
== Versions:    All versions of Samba later than 3.0.11
== Summary:     If a user in /etc/passwd is misconfigured to have
==              an empty home directory then connecting to the home
==              share of this user will use the root of the filesystem
==              as the home directory.

9 years agobump the ctdb vendor patch level to 70
Christian Ambach [Mon, 25 Jan 2010 10:09:15 +0000 (11:09 +0100)]
bump the ctdb vendor patch level to 70

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agov3-4-ctdb: Do not do any logrotation
Volker Lendecke [Thu, 14 Jan 2010 17:26:01 +0000 (18:26 +0100)]
v3-4-ctdb: Do not do any logrotation

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agomount.cifs: don't leak passwords with verbose option
Jeff Layton [Fri, 25 Sep 2009 11:03:44 +0000 (07:03 -0400)]
mount.cifs: don't leak passwords with verbose option

When running mount.cifs with the --verbose option, it'll print out the
option string that it passes to the kernel...including the mount
password if there is one. Print a placeholder string instead to help
ensure that this info can't be used for nefarious purposes.

Also, the --verbose option printed the option string before it was
completely assembled anyway. This patch should also make sure that
the complete option string is printed out.

Finally, strndup passwords passed in on the command line to ensure that
they aren't shown by --verbose as well. Passwords used this way can
never be truly kept private from other users on the machine of course,
but it's simple enough to do it this way for completeness sake.

Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agomount.cifs: check access of credential files before opening
Jeff Layton [Fri, 25 Sep 2009 11:03:44 +0000 (07:03 -0400)]
mount.cifs: check access of credential files before opening

It's possible for an unprivileged user to pass a setuid mount.cifs a
credential or password file to which he does not have access. This can cause
mount.cifs to open the file on his behalf and possibly leak the info in the
first few lines of the file.

Check the access permissions of the file before opening it.

Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agoFix for CVE-2009-2906.
Jeremy Allison [Wed, 30 Sep 2009 12:24:50 +0000 (14:24 +0200)]
Fix for CVE-2009-2906.

Specially crafted SMB requests on
authenticated SMB connections can send smbd
into a 100% CPU loop, causing a DoS on the
Samba server.

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agos3 oplocks: Remove oplocks before handling delete on close semantics
Tim Prouty [Wed, 4 Feb 2009 07:17:48 +0000 (23:17 -0800)]
s3 oplocks: Remove oplocks before handling delete on close semantics

Unlinking a file while still holding an oplock can cause problems with
kernel oplocks.  This simply releases the oplock before actually
unlinking the file.

9 years agov3-2-ctdb: Bump the ctdb vendor patch level to 69. 3.2.11-ctdb-69
Stefan Metzmacher [Tue, 15 Dec 2009 11:42:09 +0000 (12:42 +0100)]
v3-2-ctdb: Bump the ctdb vendor patch level to 69.


9 years agoFix bug 6478
Volker Lendecke [Tue, 16 Jun 2009 10:23:31 +0000 (12:23 +0200)]
Fix bug 6478

This is the part of checkin cfee2025 that is relevant to this bug.

9 years agoBug 6488: acl_group_override() call in posix acls references an uninitialized variabl...
Jeremy Allison [Fri, 19 Jun 2009 09:00:41 +0000 (11:00 +0200)]
Bug 6488: acl_group_override() call in posix acls references an uninitialized variable. (cherry picked from commit f92195e3a1baaddda47a5d496f9488c8445b41ad)

9 years agostreamline some log levels for invalid servicenames
Christian Ambach [Wed, 2 Dec 2009 19:06:37 +0000 (20:06 +0100)]
streamline some log levels for invalid servicenames

I don't think we need to log the fact that a user gave a wrong sharename in Explorer with the highest log level.
The level of this was not very consistent:
service.c: DEBUG(3,("find_service() failed to find service %s\n", service));
service.c: DEBUG(0,("%s (%s) couldn't find service %s\n",
smb2_tcon.c: DEBUG(1,("smbd_smb2_tree_connect: couldn't find service %s\n",

This changes the last two to 3 as the first one.

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agoadd e2fsprogs-devel as build dependency this is needed for AD because it contains...
Christian Ambach [Mon, 6 Jul 2009 12:08:57 +0000 (14:08 +0200)]
add e2fsprogs-devel as build dependency this is needed for AD because it contains libcom/libcom_err files and headers

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
9 years agos3: Fix a crash in notify_remove_onelevel when "change notify = no" 3.2.11-ctdb-68
Volker Lendecke [Thu, 5 Nov 2009 14:06:21 +0000 (15:06 +0100)]
s3: Fix a crash in notify_remove_onelevel when "change notify = no"

9 years agopackaging(RHEL-CTDB): add the current githash to the rpm release number by default
Michael Adam [Wed, 4 Nov 2009 11:26:46 +0000 (12:26 +0100)]
packaging(RHEL-CTDB): add the current githash to the rpm release number by default

Disable this (to build a release-rpm) by calling

USE_GITHASH=no makerpms.sh


9 years agos3: Fix a 100% CPU loop when ctdbd dies during a traverse
Volker Lendecke [Mon, 2 Nov 2009 15:59:15 +0000 (16:59 +0100)]
s3: Fix a 100% CPU loop when ctdbd dies during a traverse

9 years agov3-2-ctdb: Bump the ctdb vendor patch level to 68.
Michael Adam [Tue, 3 Nov 2009 07:08:34 +0000 (08:08 +0100)]
v3-2-ctdb: Bump the ctdb vendor patch level to 68.


9 years agov3-2-ctdb: Bump the ctdb vendor patch level to 67. 3.2.11-ctdb-67
Volker Lendecke [Mon, 19 Oct 2009 11:10:58 +0000 (13:10 +0200)]
v3-2-ctdb: Bump the ctdb vendor patch level to 67.

9 years agos3: Attempt to fix a deadlock between smbd and ctdbd
Volker Lendecke [Fri, 16 Oct 2009 10:37:27 +0000 (12:37 +0200)]
s3: Attempt to fix a deadlock between smbd and ctdbd

In Samba we access the notify databases under the locking.tdb lock when closing a file. This leads to a deadlock with ctdb when doing a recovery.

This is a bad hack, and ctdb will need to get fixed for this. But for now, it
seems necessary.

9 years agowbclient: Fix Bug #6680: always activate handling of large (> 256 byte) ntlmv2 blobs...
Günther Deschner [Tue, 1 Sep 2009 09:58:05 +0000 (11:58 +0200)]
wbclient: Fix Bug #6680: always activate handling of large (> 256 byte) ntlmv2 blobs in wbcAuthenticateUserEx().


9 years agos3: Fix shadow copy display on Windows 7
Volker Lendecke [Thu, 8 Oct 2009 12:02:39 +0000 (14:02 +0200)]
s3: Fix shadow copy display on Windows 7

Windows 7 is a bit more picky on our NT_STATUS_BUFFER_TOO_SMALL. Announce the
right buffer size, the same amount we later check for.

9 years agov3-2-ctdb: Bump the ctdb vendor patch level to 66.
Michael Adam [Tue, 22 Sep 2009 14:25:53 +0000 (16:25 +0200)]
v3-2-ctdb: Bump the ctdb vendor patch level to 66.


9 years agopackaging(RHEL-CTDB): control starting of nmbd via START_NMBD from /etc/sysconfig... 3.2.11-ctdb-65
Michael Adam [Tue, 22 Sep 2009 12:26:35 +0000 (14:26 +0200)]
packaging(RHEL-CTDB): control starting of nmbd via START_NMBD from /etc/sysconfig/samba


9 years agoFix bug in processing of open modes in POSIX open. Was missing case of "If file exist...
Jeremy Allison [Wed, 25 Feb 2009 20:53:45 +0000 (12:53 -0800)]
Fix bug in processing of open modes in POSIX open. Was missing case of "If file exists open. If file doesn't exist error." Damn damn damn. CIFSFS client will have to have fallback cases for this error for a long time. Jeremy.

9 years agos3: Fix vfs_shadow_copy2 to allow in-path @GMT-xxx
Andrew Tridgell [Wed, 16 Sep 2009 01:22:56 +0000 (03:22 +0200)]
s3: Fix vfs_shadow_copy2 to allow in-path @GMT-xxx

9 years agos3:gpfs: Add support for the gpfs_ftruncate call
Volker Lendecke [Tue, 15 Sep 2009 00:19:14 +0000 (02:19 +0200)]
s3:gpfs: Add support for the gpfs_ftruncate call

9 years agos3:dbwrap_ctdb: set dmaster in ctdb_transaction_store() also when updating an existin...
Michael Adam [Fri, 11 Sep 2009 11:23:34 +0000 (13:23 +0200)]
s3:dbwrap_ctdb: set dmaster in ctdb_transaction_store() also when updating an existing record

not only when creating a record.

This matches commit e9194a130327d6b05a8ab90bd976475b0e93b06d from ctdb-master.


Signed-off-by: Michael Adam <obnox@samba.org>
9 years agodo not merge ACEs with different SMB_ACE4_INHERIT_ONLY_ACE flag, this leads to wrong...
Christian Ambach [Sun, 5 Jul 2009 14:03:15 +0000 (16:03 +0200)]
do not merge ACEs with different SMB_ACE4_INHERIT_ONLY_ACE flag, this leads to wrong inheritance flags in the ACL e.g. (on GPFS) user:10000036:rwxc:allow (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED




would be merged to



so the explicit right for the user on the parent directory will be gone (the InheritOnly flag only accounts to subdirectories)
thus leaving the user without access to the directory itself

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
(cherry picked from commit 5e7da42f6ea768a1e2eeeb15b8b2c41cdfcac94f)

Signed-off-by: Michael Adam <obnox@samba.org>
9 years agov3-2-ctdb: bump the vendor patch level to 65 for the next release
Michael Adam [Wed, 26 Aug 2009 15:27:14 +0000 (17:27 +0200)]
v3-2-ctdb: bump the vendor patch level to 65 for the next release


9 years agoAdd a parameter to disable the automatic creation of krb5.conf files 3.2.11-ctdb-64
Volker Lendecke [Wed, 26 Aug 2009 12:56:41 +0000 (14:56 +0200)]
Add a parameter to disable the automatic creation of krb5.conf files

This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of
transitive AD trusts. The workaround is to add a [capaths] directive to
/etc/krb5.conf, which we don't automatically put into the krb5.conf winbind

The alternative would have been something like a "krb5 conf include", but I
think if someone has to mess with /etc/krb5.conf at this level, it should be
easy to add the site-local KDCs as well.

Next alternative is to correctly figure out the [capaths] parameter for all
trusted domains, but for that I don't have the time right now. Sorry :-)

9 years agov3-2-ctdb: Bump the ctdb vendor patch level to 64.
Michael Adam [Thu, 20 Aug 2009 15:52:39 +0000 (17:52 +0200)]
v3-2-ctdb: Bump the ctdb vendor patch level to 64.


9 years agopackaging(RHEL-CTDB): pam_winbindd man page has moved from section 7 to 8 3.2.11-ctdb-63
Michael Adam [Mon, 3 Aug 2009 11:45:40 +0000 (13:45 +0200)]
packaging(RHEL-CTDB): pam_winbindd man page has moved from section 7 to 8

This due to updating the docs tarball to the current 3.2 docs.


9 years agos3:dsgetdcname: Fix a crash in dsgetdcname
Volker Lendecke [Wed, 19 Aug 2009 12:22:09 +0000 (14:22 +0200)]
s3:dsgetdcname: Fix a crash in dsgetdcname

When returning NT_STATUS_OK we can't leave *info == NULL, this crashes
in is_closest_site called from dsgetdcname().

9 years agos3:dsgetdcname: Inline dsgetdcname_cache_refresh
Volker Lendecke [Wed, 19 Aug 2009 12:19:22 +0000 (14:19 +0200)]
s3:dsgetdcname: Inline dsgetdcname_cache_refresh

9 years agoUse defined names rather than numeric constants to make code clearer. Jeremy.
Jeremy Allison [Fri, 14 Aug 2009 22:06:11 +0000 (15:06 -0700)]
Use defined names rather than numeric constants to make code clearer. Jeremy.

9 years agogpfs.so: map the file_inherit and dir_inherit flags away for files
Michael Adam [Mon, 10 Aug 2009 16:18:19 +0000 (18:18 +0200)]
gpfs.so: map the file_inherit and dir_inherit flags away for files

GPFS sets inherits dir_inhert and file_inherit flags
to files, too, which confuses windows, and seems to
be wrong anyways.

So when mapping a nfs4 acl to a windows acl, we map these
flags away for files.


9 years agoMake refusal of SEC_DESC_DACL_PROTECTED configurable
Volker Lendecke [Thu, 13 Aug 2009 04:33:16 +0000 (06:33 +0200)]
Make refusal of SEC_DESC_DACL_PROTECTED configurable

This adds a parameter "gpfs:refuse_dacl_protected" that defaults to false.

GPFS has no place to store the SEC_DESC_DACL_PROTECTED ACL bit. With this
parameter we give customers an option to either ignore this bit or refuse
setting an ACL with it.

9 years agov3-2-ctdb: Bump the ctdb vendor patch to 63 for the next release
Michael Adam [Wed, 29 Jul 2009 09:57:29 +0000 (11:57 +0200)]
v3-2-ctdb: Bump the ctdb vendor patch to 63 for the next release


9 years agoAlign nttrans replies the same way Windows does it build_3.2.11_ctdb_62
Volker Lendecke [Fri, 3 Jul 2009 11:28:01 +0000 (13:28 +0200)]
Align nttrans replies the same way Windows does it

Signed-off-by: Michael Adam <obnox@samba.org>
9 years agoFor a non-existing stream, we have to return NAME_NOT_FOUND
Volker Lendecke [Thu, 2 Jul 2009 12:01:57 +0000 (14:01 +0200)]
For a non-existing stream, we have to return NAME_NOT_FOUND

Signed-off-by: Michael Adam <obnox@samba.org>
9 years agos3:util: let parent_dirname() correctly return toplevel filenames
Stefan Metzmacher [Tue, 30 Jun 2009 14:03:11 +0000 (16:03 +0200)]
s3:util: let parent_dirname() correctly return toplevel filenames


9 years agoFix notify_onelevel: notify is not necessarily enabled
Volker Lendecke [Thu, 30 Apr 2009 10:24:51 +0000 (12:24 +0200)]
Fix notify_onelevel: notify is not necessarily enabled

Thanks to Günther Deschner!


Signed-off-by: Michael Adam <obnox@samba.org>
9 years agoAdd notify_onelevel.tdb
Volker Lendecke [Tue, 14 Apr 2009 18:39:14 +0000 (20:39 +0200)]
Add notify_onelevel.tdb

This optimizes non-recursive notifys. For non-recursive notifies we can use a
per-directory file-id indexed notify record. This matters for the Windows
Explorer and IIS cases which do not use recursive notifies. In these cases, we
do not have to shuffle around the whole notify record on every change.

For the cluster case, this improves correctness of the notifies, ctdb only
distributes the tdb seqnum once a second, so we can lose notifies.

9 years agoRename notify_context->db to db_recursive
Volker Lendecke [Tue, 14 Apr 2009 12:56:35 +0000 (14:56 +0200)]
Rename notify_context->db to db_recursive

9 years agos3: Modifications to generic notify structures to allow implementation of OneFS notify.
Steven Danneman [Fri, 20 Feb 2009 21:23:53 +0000 (13:23 -0800)]
s3: Modifications to generic notify structures to allow implementation of OneFS notify.

The OneFS kernel based change notify system takes an fd of the directory
to watch in it's initialization syscall.  Since we already have this
directory open, this commit plumbs that fd down to the VFS layer via the
notify_entry struct.

We also need to know if the watch is taken out on a snapshot directory.
The full file_id struct is also passed down to make this determination.
The file_id marshalling wrappers are hand written here, but should
eventually be auto-generated by moving the struct file_id into the idl.

9 years agoDo not crash in ctdbd_traverse if ctdbd is not around
Volker Lendecke [Mon, 4 May 2009 12:39:56 +0000 (14:39 +0200)]
Do not crash in ctdbd_traverse if ctdbd is not around

Signed-off-by: Michael Adam <obnox@samba.org>
9 years agoreject ACLs with DESC_DACL_PROTECTED on GPFS
Christian Ambach [Thu, 9 Jul 2009 12:45:23 +0000 (14:45 +0200)]

as GPFS does not support the ACE4_FLAG_NO_PROPAGATE NFSv4 flag (which would be the mapping for the DESC_DACL_PROTECTED flag), the status of this flag is currently silently ignored by Samba. That means that if you deselect the "Allow inheritable permissions..." checkbox in Windows' ACL dialog and then apply the ACL, the flag will be back immediately.

To make sure that automatic migration with e.g. robocopy does not lead to ACLs silently (and unintentionally) changed, this patch adds an explicit check for this flag and if set, it will return NT_STATUS_NOT_SUPPORTED so errors are shown up on the Windows side and the Administrator is aware of the ACLs not being settable like intended

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
9 years agoshadow_copy2: The system getrealfilename() can't deal with a 0-length fname
Volker Lendecke [Tue, 30 Jun 2009 12:26:32 +0000 (14:26 +0200)]
shadow_copy2: The system getrealfilename() can't deal with a 0-length fname

This fixes viewing the content of snapshots in the share root directory. We
have to treat the filename that *just* consists of "@GMT-YYYY.MM.DD-HH.MM.SS"
like the share root, which is the current working directory.

9 years agodo not log chdir with level 0 if reason is access denied
Christian Ambach [Tue, 21 Jul 2009 11:56:17 +0000 (13:56 +0200)]
do not log chdir with level 0 if reason is access denied

this changes the level of logs caused by users trying to access shares
or subdirectories for which they do not have access to in the ACL

this can fill up the samba log even with log level 0 and is more an
expected kind of logs that IMHO should not be logged with such a high

All other errors while chdir() will still be logged with level 0

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
9 years agos3:idmap_ldap: filter out of range mappings in default idmap config
Michael Adam [Wed, 27 May 2009 17:25:44 +0000 (19:25 +0200)]
s3:idmap_ldap: filter out of range mappings in default idmap config

This fixes bug #6417

(cherry picked from commit e381c13b023f2b512b3f6aec133db9f323bc8132)

9 years agos3:idmap_tdb2: filter out of range mappings in default idmap config
Michael Adam [Wed, 27 May 2009 17:24:03 +0000 (19:24 +0200)]
s3:idmap_tdb2: filter out of range mappings in default idmap config

This fixes bug #6416

(cherry picked from commit e12670a1053edf57af137026bd3fdb9fc7dfb0b2)

9 years agos3:idmap_tdb: filter out of range mappings in default idmap config
Michael Adam [Wed, 27 May 2009 17:12:28 +0000 (19:12 +0200)]
s3:idmap_tdb: filter out of range mappings in default idmap config

This fixes bug #6415

(cherry picked from commit 3d3f39838261ddc401053dadcc5bd8e6317a3a8e)

9 years agoconfigure: Kill linker warnings about 32bit libs on 64bit Linux.
Kai Blin [Mon, 12 May 2008 12:39:03 +0000 (14:39 +0200)]
configure: Kill linker warnings about 32bit libs on 64bit Linux.
(cherry picked from commit 4f01af6efd6a483b85638141b7f726835e9835ea)

9 years agov3-2-ctdb: Bump the ctdb vendor patch to 62 for the next release
Michael Adam [Wed, 20 May 2009 23:40:06 +0000 (01:40 +0200)]
v3-2-ctdb: Bump the ctdb vendor patch to 62 for the next release


9 years agoUse SMB_VFS_NEXT_CLOSE. This VFS stuff is really opaque to me... build_3.2.11_ctdb.61
Volker Lendecke [Mon, 18 May 2009 04:18:57 +0000 (06:18 +0200)]
Use SMB_VFS_NEXT_CLOSE. This VFS stuff is really opaque to me...

9 years agoFix bug disclosed by lock8 torture test
Volker Lendecke [Mon, 18 May 2009 04:02:07 +0000 (06:02 +0200)]
Fix bug disclosed by lock8 torture test

We have to drop the gpfs level share modes, regardless of whether we put
the file into the pending close queue.

9 years agoWe have to deny a level 2 oplock if kernel oplocks are enabled
Volker Lendecke [Wed, 8 Apr 2009 06:29:23 +0000 (08:29 +0200)]
We have to deny a level 2 oplock if kernel oplocks are enabled

The second r/o opener of a file is supposed to get a level2 oplock. The first
opener due to the protection in process_oplock_break_message() has been forced
to break to no oplock. The second opener according to locking.tdb gets a level2
oplock. Further down in open_file_ntcreate we try to set this level2 oplock in
the kernel, and the non-clustered Linux kernel disallows this. The rules for
the kernel leases are a bit baroque, but the attempt to do the SETLEASE
correctly fails and we end up with no oplock for any client.

In the clustered case however the linux kernel on the second opening node has
not seen the open fd of the first node, it is only the cluster fs that has this
information. If the cluster fs does not have the very same notion of leases as
the local kernel has, we can end up with a WRLCK style kernel lease for the
second opener where locking.tdb only indicates a level2 oplock. Getting a
kernel oplock break signal with just a level2 oplock in locking.tdb is
something smbd is not prepared for. For example after sending out the break in
response to the kernel signal we set a timeout, waiting for a reply.

More work needs to be done to make level2 kernel oplocks real for us. This
patch addresses a real problem we have right now without them.

9 years agoMove down the become_root()/unbecome_root() calls into the VFS modules
Volker Lendecke [Mon, 18 May 2009 11:30:16 +0000 (13:30 +0200)]
Move down the become_root()/unbecome_root() calls into the VFS modules

The aio_fork module does not need this, as it does not communicate via signals
but with pipes. Watching a strace log with those become_root() calls in aio.c
is absolutely awful, and it does affect performance.

9 years agoIn aio_fork, we have to close all fd's, we might hold a gpfs share mode
Volker Lendecke [Mon, 18 May 2009 07:49:23 +0000 (09:49 +0200)]
In aio_fork, we have to close all fd's, we might hold a gpfs share mode

Keeping such an fd open prohibits another open of that same file.

Signed-off-by: Michael Adam <obnox@samba.org>
9 years agoAdd "file_walk_table" to do stuff with all open files
Volker Lendecke [Mon, 18 May 2009 07:46:05 +0000 (09:46 +0200)]
Add "file_walk_table" to do stuff with all open files

Signed-off-by: Michael Adam <obnox@samba.org>
9 years agoFix a race condition in vfs_aio_fork with gpfs share modes
Volker Lendecke [Mon, 18 May 2009 07:36:16 +0000 (09:36 +0200)]
Fix a race condition in vfs_aio_fork with gpfs share modes

Signed-off-by: Michael Adam <obnox@samba.org>
9 years agos3:first cut at dbwrap_tool - a tdb tool that is CTDB-aware.
Michael Adam [Thu, 14 May 2009 23:48:55 +0000 (01:48 +0200)]
s3:first cut at dbwrap_tool - a tdb tool that is CTDB-aware.

This tool (in contrast to tdbtool) reads Samba's configuration
and if clustering = yes, it talks to CTDB instead of accessing
the TDB data bases directly. This is done by simply using
the dbwrap mechanim, just like the Samba daemons.

This first version can read and write int32 and uint32 values
and delete records from a (c)tdb database.
More operations will follow.

This tool can already be useful in CTDB environments, e.g. when
"net idmap restore" fails to set the USER and GROUP HWM keys,
because the methods are deliberately not implemented in
idmap_tdb2.c. You can manually set the high water marks
"dbwrap_tool store idmap_tdb2.tdb 'USER HWM' int32 12345"
"dbwrap_tool store idmap_tdb2.tdb 'GROUP HWM' int32 67890"


9 years agos3:fix bug #6371, unsuccessful net conf setparm leaves empty share
Michael Adam [Sun, 17 May 2009 20:15:02 +0000 (22:15 +0200)]
s3:fix bug #6371, unsuccessful net conf setparm leaves empty share

Wrap creation of share and setting of parameter into a transaction.


9 years agoMichael Adam v3-2-ctdb: Bump the ctdb vendor patch to 61 for the next release
Michael Adam [Mon, 18 May 2009 08:56:51 +0000 (10:56 +0200)]
Michael Adam v3-2-ctdb: Bump the ctdb vendor patch to 61 for the next release


9 years agos3:smbd: fix the fix for mapped IPv4 address handling in release_ip(). build_3.2.11_ctdb.60
Michael Adam [Fri, 8 May 2009 13:14:33 +0000 (15:14 +0200)]
s3:smbd: fix the fix for mapped IPv4 address handling in release_ip().

It was too late... Thanks Metze for noticing.


9 years agonet groupfilter: fix an unused variable warning.
Michael Adam [Fri, 8 May 2009 09:22:59 +0000 (11:22 +0200)]
net groupfilter: fix an unused variable warning.


9 years agoFix printf type warning. Jeremy.
Jeremy Allison [Thu, 19 Feb 2009 21:11:36 +0000 (13:11 -0800)]
Fix printf type warning. Jeremy.

9 years agos3: make release_ip() call (ctdb) cope with IPv4 mapped addresses
Michael Adam [Thu, 7 May 2009 23:11:43 +0000 (01:11 +0200)]
s3: make release_ip() call (ctdb) cope with IPv4 mapped addresses


9 years agoDo not use the file system GET_REAL_FILENAME for mangled names
Volker Lendecke [Wed, 15 Apr 2009 11:01:09 +0000 (13:01 +0200)]
Do not use the file system GET_REAL_FILENAME for mangled names

9 years agoRevert "Do not use the file system GET_REAL_FILENAME for mangled names"
Volker Lendecke [Mon, 27 Apr 2009 14:59:01 +0000 (16:59 +0200)]
Revert "Do not use the file system GET_REAL_FILENAME for mangled names"

This reverts commit 5589d41d4ca1ad7db0227a1e7777e59c965b6c7c.

9 years agos3:loadparm: handle registry config source in file_list - fixes bug #6320
Michael Adam [Wed, 6 May 2009 00:08:33 +0000 (02:08 +0200)]
s3:loadparm: handle registry config source in file_list - fixes bug #6320

I.e. does not require smbd restart after changing share default options
in the global registry section with "include = registry".


9 years agos3:smbd/service: switch load_registry_service/shares to use loadparm routines
Michael Adam [Tue, 28 Apr 2009 23:49:53 +0000 (01:49 +0200)]
s3:smbd/service: switch load_registry_service/shares to use loadparm routines

instead of reading the registry directly with tdb and activating the
configure options by hand.

This eliminates the need for repeating checks done in loadparm.
For instance it disables registry shares without path in the server
as is the case with text based shares.

(cherry picked from commit 077bcc11257697b243916fbb02cd72b3a122b9ba)

9 years agos3:loadparm: refactor process_registry_service out or process_registry_globals
Michael Adam [Tue, 28 Apr 2009 23:31:03 +0000 (01:31 +0200)]
s3:loadparm: refactor process_registry_service out or process_registry_globals

(cherry picked from commit fb3b6576127ce837ac711e87c293d1f4cf97473c)

9 years agoloadparm: rename process_registry_service() to process_smbconf_service().
Michael Adam [Wed, 24 Sep 2008 18:31:39 +0000 (20:31 +0200)]
loadparm: rename process_registry_service() to process_smbconf_service().

There is nothing registry-specific in that function.


9 years agopm_process():raise level of debug message
Michael Adam [Tue, 28 Apr 2009 13:52:44 +0000 (15:52 +0200)]
pm_process():raise level of debug message


9 years agos3:loadparm: prevent infinite include nesting.
Michael Adam [Mon, 27 Apr 2009 16:10:14 +0000 (18:10 +0200)]
s3:loadparm: prevent infinite include nesting.

This introduces a hard coded MAX_INCLUDE_DEPTH of 100.
When this is exceeded, handle_include (and hence lp_load) fails.

One could of course implement a more intelligent loop detection
in the include-tree, but this would require some restructuring
of the internal loadparm housekeeping. Maybe as a second improvement


10 years agos3:mark registry shares without path unavailable just as with text config
Michael Adam [Mon, 27 Apr 2009 23:24:27 +0000 (01:24 +0200)]
s3:mark registry shares without path unavailable just as with text config

This prevents users from getting access to "/" in misconfigured setups.


Signed-off-by: Michael Adam <obnox@samba.org>
10 years agoFix annoying debug messages when no snapshots are used
Volker Lendecke [Tue, 28 Apr 2009 09:16:19 +0000 (11:16 +0200)]
Fix annoying debug messages when no snapshots are used

Not being able to open the shadow copy directory is the same as having no
shadow copy support at all. The VFS module should in this case not log with
debug level 0 and set ENOSYS to indicate "no shadow copies used" to the higher

Signed-off-by: Michael Adam <obnox@samba.org>
10 years agov3-2-ctdb: bump ctdb vendor patch level to 60
Michael Adam [Wed, 22 Apr 2009 21:42:14 +0000 (23:42 +0200)]
v3-2-ctdb: bump ctdb vendor patch level to 60


10 years agoWHATSNEW: Rewording. build_3.2.11_ctdb.59
Karolin Seeger [Fri, 17 Apr 2009 09:57:41 +0000 (11:57 +0200)]
WHATSNEW: Rewording.


10 years agoVERSION: Raise version number upt to 3.2.11.
Karolin Seeger [Fri, 17 Apr 2009 09:52:02 +0000 (11:52 +0200)]
VERSION: Raise version number upt to 3.2.11.


10 years agoWHATSNEW: Update changes since 3.2.10.
Karolin Seeger [Fri, 17 Apr 2009 08:42:31 +0000 (10:42 +0200)]
WHATSNEW: Update changes since 3.2.10.


10 years agoWhen doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid.
Jeremy Allison [Thu, 16 Apr 2009 22:14:37 +0000 (15:14 -0700)]
When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid.

10 years agoDon't look up local user for remote changes, even when root.
Jim McDonough [Thu, 16 Apr 2009 14:42:59 +0000 (16:42 +0200)]
Don't look up local user for remote changes, even when root.

10 years agos3-lsa: Fix Bug #6263. Unexpected LookupSids reply crashes XP pre-SP3.
Günther Deschner [Wed, 15 Apr 2009 23:42:35 +0000 (01:42 +0200)]
s3-lsa: Fix Bug #6263. Unexpected LookupSids reply crashes XP pre-SP3.

LookupSids needs to bounce back string sids in case of NT_STATUS_NONE_MAPPED.

(cherry picked from commit 597be402e40ff880b595ae49a8600b932365cbcb)

10 years agoFix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+
Jeremy Allison [Wed, 15 Apr 2009 21:09:32 +0000 (14:09 -0700)]
Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+
What a difference a name makes... :-). Just because something is missnamed
don't automatically use it for a security check in _samr_OpenDomain().

10 years agos3-loadparm: Fix resume command typo for "printing = vlp".
Guenther Deschner [Mon, 13 Apr 2009 16:44:54 +0000 (09:44 -0700)]
s3-loadparm: Fix resume command typo for "printing = vlp".