10 years agos4:samdb_set_password/samdb_set_password_sid - Better comments and cosmetics
Matthias Dieter Wallnöfer [Sat, 24 Oct 2009 17:31:01 +0000 (19:31 +0200)]
s4:samdb_set_password/samdb_set_password_sid - Better comments and cosmetics

10 years agos3: Add parameter "ctdb timeout"
Volker Lendecke [Tue, 3 Nov 2009 04:41:02 +0000 (05:41 +0100)]
s3: Add parameter "ctdb timeout"

When something in the cluster blocks, it can happen that we wait indefinitely
long for ctdb, just adding to the blocking condition. In theory, nothing should
block, but as someone said "In practice the difference between theory and
practice is larger than in theory". This adds a timeout parameter in seconds,
after which we stop waiting for ctdb and panic.

10 years agos4:samdb python bindings - add a wrapper for "dsdb_make_schema_global"
Matthias Dieter Wallnöfer [Tue, 27 Oct 2009 22:24:46 +0000 (23:24 +0100)]
s4:samdb python bindings - add a wrapper for "dsdb_make_schema_global"

10 years agos4:samdb python bindings - make the python wrap connect more like the C one
Matthias Dieter Wallnöfer [Tue, 27 Oct 2009 18:52:21 +0000 (19:52 +0100)]
s4:samdb python bindings - make the python wrap connect more like the C one

Add call for setting the create permissions.

10 years agos4:samdb python bindings - Reorder some function bodies to match the order in "ldb_wr...
Matthias Dieter Wallnöfer [Tue, 27 Oct 2009 18:50:33 +0000 (19:50 +0100)]
s4:samdb python bindings - Reorder some function bodies to match the order in "ldb_wrap_connect"

10 years agos4:kdc: remove unused struct kpasswd_socket
Stefan Metzmacher [Wed, 4 Nov 2009 18:22:24 +0000 (19:22 +0100)]
s4:kdc: remove unused struct kpasswd_socket


10 years agos3: Fix kerberos refresh chain.
Bo Yang [Fri, 6 Nov 2009 00:20:25 +0000 (08:20 +0800)]
s3: Fix kerberos refresh chain.

Signed-off-by: Bo Yang <>
10 years agoFix debug comment (brain wasn't working...).
Jeremy Allison [Thu, 5 Nov 2009 00:04:41 +0000 (16:04 -0800)]
Fix debug comment (brain wasn't working...).

10 years agoFilter the returned DOS attributes by 0xFF for clients
Jeremy Allison [Wed, 4 Nov 2009 23:25:15 +0000 (15:25 -0800)]
Filter the returned DOS attributes by 0xFF for clients
using older protocols (LANMAN2 or below).

10 years agoRemove "Protocol" as an extern, and add accessor functions.
Jeremy Allison [Wed, 4 Nov 2009 23:15:50 +0000 (15:15 -0800)]
Remove "Protocol" as an extern, and add accessor functions.

10 years agos3: add support for full windows timestamps resolution on files
Björn Jacke [Wed, 4 Nov 2009 10:15:31 +0000 (11:15 +0100)]
s3: add support for full windows timestamps resolution on files

setting nanosecond timestamps using utimensat() was first supported by Linux
kernel 2.6.22 and glibc 2.6. It's specified in POSIX.1-2008.

This effectively makes us use Windows' full 100ns timestamp resolution -
actually just an improvement from 10^-6 to 10^-7.

For now Linux CIFS vfs will also just be able to make use of 100ns resolution,
not 1ns.

10 years agoAdded security descriptor for the domain NC to provisioning.
Nadezhda Ivanova [Wed, 4 Nov 2009 13:58:54 +0000 (15:58 +0200)]
Added security descriptor for the domain NC to provisioning.

Necessary for correct descriptor inheritance. Based on the default state
of a single DC. Will be modified later when we support multiple DCs.

10 years agos4:provisioning - Fixed minor bugs in provisioning tool and partition module.
Endi S. Dewata [Wed, 4 Nov 2009 01:45:22 +0000 (19:45 -0600)]
s4:provisioning - Fixed minor bugs in provisioning tool and partition module.

10 years agolibcli/nbt Move more of lmhosts lookup into common code
Andrew Bartlett [Tue, 3 Nov 2009 03:15:07 +0000 (14:15 +1100)]
libcli/nbt Move more of lmhosts lookup into common code

This aims to eventually share this with Samba4.

Andrew Bartlett

10 years agolib/util Fix comments in rfc1738.c.
Andrew Bartlett [Mon, 2 Nov 2009 05:39:31 +0000 (16:39 +1100)]
lib/util Fix comments in rfc1738.c.

The Samba version does not use static buffers

Andrew Bartlett

10 years agos3-netlogon: make sure we protect some function codes in _netr_LogonControl2Ex().
Günther Deschner [Tue, 3 Nov 2009 23:34:29 +0000 (00:34 +0100)]
s3-netlogon: make sure we protect some function codes in _netr_LogonControl2Ex().


10 years agos3-netlogon: let s3 pass against RPC-NETLOGON-S3 again.
Günther Deschner [Mon, 19 Oct 2009 09:28:00 +0000 (11:28 +0200)]
s3-netlogon: let s3 pass against RPC-NETLOGON-S3 again.


10 years agos3-netlogon: implement _netr_NETLOGON_INFO_4 in netr_LogonControl2Ex() and friends...
Günther Deschner [Wed, 7 Oct 2009 22:58:02 +0000 (00:58 +0200)]
s3-netlogon: implement _netr_NETLOGON_INFO_4 in netr_LogonControl2Ex() and friends as well.


10 years agos3-netlogon: implement remote trust account changing in netr_LogonControl2Ex() and...
Günther Deschner [Wed, 7 Oct 2009 22:38:53 +0000 (00:38 +0200)]
s3-netlogon: implement remote trust account changing in netr_LogonControl2Ex() and friends.


10 years agosecurity: re-run make samba3-idl after IDL change.
Günther Deschner [Tue, 3 Nov 2009 22:46:26 +0000 (23:46 +0100)]
security: re-run make samba3-idl after IDL change.


10 years agos3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy().
Günther Deschner [Tue, 3 Nov 2009 10:45:15 +0000 (11:45 +0100)]
s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy().

Add dummys (just like s4 does) and fill in some more appropriate error codes.


10 years agos4-smbtorture: skip three info levels while testing s3 with RPC-LSA.
Günther Deschner [Tue, 3 Nov 2009 10:46:07 +0000 (11:46 +0100)]
s4-smbtorture: skip three info levels while testing s3 with RPC-LSA.

These are only supported by s3 when running pdb_ads atm.


10 years agos4-smbtorture: skip QueryInfoPolicy2 while running RPC-LSA against s3.
Günther Deschner [Mon, 2 Nov 2009 19:11:14 +0000 (20:11 +0100)]
s4-smbtorture: skip QueryInfoPolicy2 while running RPC-LSA against s3.

This is only supported by s3 when running pdb_ads atm.


10 years agos4-smbtorture: skip QueryDomainInformationPolicy test against s3 in RPC-LSA.
Günther Deschner [Mon, 2 Nov 2009 15:51:00 +0000 (16:51 +0100)]
s4-smbtorture: skip QueryDomainInformationPolicy test against s3 in RPC-LSA.


10 years agos4-smbtorture: simplify some torture_comments in RPC-LSA.
Günther Deschner [Mon, 2 Nov 2009 18:59:47 +0000 (19:59 +0100)]
s4-smbtorture: simplify some torture_comments in RPC-LSA.


10 years agos3-passdb: cleanup some callers of pdb_get_trusteddom_pw().
Günther Deschner [Fri, 30 Oct 2009 01:15:45 +0000 (02:15 +0100)]
s3-passdb: cleanup some callers of pdb_get_trusteddom_pw().


10 years agoFix debug statements to use correct function name.
Jeremy Allison [Tue, 3 Nov 2009 19:22:19 +0000 (11:22 -0800)]
Fix debug statements to use correct function name.

10 years agorequires_resume_key is a bool not int.
Jeremy Allison [Tue, 3 Nov 2009 19:21:02 +0000 (11:21 -0800)]
requires_resume_key is a bool not int.

10 years agoFix more of the RAW-SEARCH test. Older info levels are
Jeremy Allison [Tue, 3 Nov 2009 19:19:24 +0000 (11:19 -0800)]
Fix more of the RAW-SEARCH test. Older info levels are
not 4 byte aligned (levels 1 - 3).

10 years agotsocket: rewrite tsocket_guide.txt to reflect the current APIs
Stefan Metzmacher [Tue, 3 Nov 2009 17:06:17 +0000 (18:06 +0100)]
tsocket: rewrite tsocket_guide.txt to reflect the current APIs


10 years agotsocket_bsd: return -1 and set errno to ENAMETOOLONG if the unix path is too long
Stefan Metzmacher [Tue, 3 Nov 2009 16:23:07 +0000 (17:23 +0100)]
tsocket_bsd: return -1 and set errno to ENAMETOOLONG if the unix path is too long


10 years agotsocket: remove prototype of non-existing tsocket_address_inet_set_broadcast()
Stefan Metzmacher [Tue, 3 Nov 2009 16:22:27 +0000 (17:22 +0100)]
tsocket: remove prototype of non-existing tsocket_address_inet_set_broadcast()


10 years agoFixed some missing flags and bugs in the security creation.
Nadezhda Ivanova [Tue, 3 Nov 2009 11:30:06 +0000 (13:30 +0200)]
Fixed some missing flags and bugs in the security creation.

Also, added some logging. It needs improvement, possibly ability to
turn in on and off via configuration file.

10 years agoFixed a bug in object specific access checks.
Nadezhda Ivanova [Tue, 3 Nov 2009 10:27:43 +0000 (12:27 +0200)]
Fixed a bug in object specific access checks.

10 years agos3: Remove debug_ctx()
Volker Lendecke [Tue, 3 Nov 2009 09:59:18 +0000 (10:59 +0100)]
s3: Remove debug_ctx()

smbd just crashed on me: In a debug message I called a routine preparing a
string that itself used debug_ctx. The outer routine also used it after the
inner routine had returned. It was still referencing the talloc context
that the outer debug_ctx() had given us, which the inner DEBUG had already

10 years agoAdded some dn to the info in the log messages.
Nadezhda Ivanova [Tue, 3 Nov 2009 09:21:05 +0000 (11:21 +0200)]
Added some dn to the info in the log messages.

10 years agoRemoved the default DACL from token, as we will not be using it.
Nadezhda Ivanova [Mon, 2 Nov 2009 14:50:28 +0000 (16:50 +0200)]
Removed the default DACL from token, as we will not be using it.

10 years agoConvert from numbers to correct SMB_FIND_XX constant names.
Jeremy Allison [Tue, 3 Nov 2009 00:17:36 +0000 (16:17 -0800)]
Convert from numbers to correct SMB_FIND_XX constant names.

10 years agos3:registry: add an extra check for dsize==0 to regdb_fetch_keys_internal()
Michael Adam [Mon, 2 Nov 2009 23:51:27 +0000 (00:51 +0100)]
s3:registry: add an extra check for dsize==0 to regdb_fetch_keys_internal()

Don't only rely on dptr == NULL.
I stumbled over this one when rewriting some of the dbwrap_ctdb code.


10 years agos3:registry: add safety check for return value of tdb_unpack to regdb_fetch_keys_inte...
Michael Adam [Mon, 2 Nov 2009 23:47:37 +0000 (00:47 +0100)]
s3:registry: add safety check for return value of tdb_unpack to regdb_fetch_keys_internal()

Prevents segfaults in some situations.

(For a non existent or empty record, we sometimes rely on the fetch operation
 to return dsize==0 and sometimes we rely on dptr==NULL.)


10 years agos3:dbwrap_ctdb: add debug message to transaction_fetch_start()
Michael Adam [Sat, 31 Oct 2009 12:16:34 +0000 (13:16 +0100)]
s3:dbwrap_ctdb: add debug message to transaction_fetch_start()

for the case that another local process has started a transaction
bewteen releasing the transaction_lock record and starting the


10 years agos3:dbwrap_ctdb: split combined check in two and add descriptive debug
Michael Adam [Sat, 31 Oct 2009 12:13:04 +0000 (13:13 +0100)]
s3:dbwrap_ctdb: split combined check in two and add descriptive debug

in db_ctdb_transaction_fetch_start() for error conditions when re-fetching
the transaction_lock record inside the transaction


10 years agos3:dbwrap_ctdb: fix race condition with concurrent transactions on the same node.
Michael Adam [Wed, 28 Oct 2009 23:01:45 +0000 (00:01 +0100)]
s3:dbwrap_ctdb: fix race condition with concurrent transactions on the same node.

In ctdb_transaction_commit(), when the trans2_commit control fails, there
is a race condition in the 1 second sleep between the local transaction_cancel
and the call to ctdb_replay_transaction(): The database is not locked, and
neither is the transaction_lock record. So another client can start and possibly
complete a new transaction in this gap, but only on the same node: The locking
of the transaction_lock record on a different node which involves migration of
the record to the other node has been disabled by introduction of the
transaction_active flag on the db which closes precisely this gap from the start
of the commit until the call to TRANS2_FINISH or TRANS2_ERROR.
But this mechanism does not cover the case where a process on the same node
tries to start a transaction: There is no obstacle to locking the transaction_lock
record because the record does not need to be migrated.

This commit closes this race condition in ctdb_transaction_fetch_start()
by using the new ctdb_ctrl_transaction_active() call to ask the local
ctdb daemon whether it has a transaction running on the database.
If so, the check is repeated until the running transaction is done.

This does introduce an additional call to the local ctdbd when starting
transactions, but it does close the (hopefully) last race condition.


10 years agos3:configure: add a check for the new CTDB_CONTROL_TRANS2_ACTIVE
Michael Adam [Wed, 28 Oct 2009 22:56:59 +0000 (23:56 +0100)]
s3:configure: add a check for the new CTDB_CONTROL_TRANS2_ACTIVE


10 years agos3:dbwrap_ctdb: add new db_ctdb_transaction_active() that calls CTDB_CONTROL_TRANS2_C...
Michael Adam [Wed, 28 Oct 2009 22:56:03 +0000 (23:56 +0100)]
s3:dbwrap_ctdb: add new db_ctdb_transaction_active() that calls CTDB_CONTROL_TRANS2_COMMIT


10 years agos3:dbwrap_ctdb: fix a race in starting concurrent transactions on a single node
Michael Adam [Wed, 28 Oct 2009 00:54:04 +0000 (01:54 +0100)]
s3:dbwrap_ctdb: fix a race in starting concurrent transactions on a single node

There are two races in concurrent transactions on a single node.
One in starting a transaction and one with replay during commit.

This commit closes the first race by storing the client pid in the
transaction-lock record and comparing the stored pid against its own
pid after releasing the lock and refetching the record inside the


10 years agos3:dbwrap_ctdb: use db_ctdb_ltdb_fetch() inside db_ctdb_transaction_fetch_start
Michael Adam [Wed, 28 Oct 2009 00:50:15 +0000 (01:50 +0100)]
s3:dbwrap_ctdb: use db_ctdb_ltdb_fetch() inside db_ctdb_transaction_fetch_start


10 years agos3:dbwrap_ctdb: use db_ctdb_ltdb_fetch() inside db_ctdb_transaction_fetch()
Michael Adam [Wed, 28 Oct 2009 00:28:38 +0000 (01:28 +0100)]
s3:dbwrap_ctdb: use db_ctdb_ltdb_fetch() inside db_ctdb_transaction_fetch()


10 years agos3:dbwrap_ctdb: add a function db_ctdb_ltdb_fetch()
Michael Adam [Mon, 2 Nov 2009 23:55:41 +0000 (00:55 +0100)]
s3:dbwrap_ctdb: add a function db_ctdb_ltdb_fetch()

This fetches a record from the db and splits out the ctdb header.


10 years agos3:dbrwap_ctdb: add a function db_ctdb_ltdb_store()
Michael Adam [Thu, 22 Oct 2009 14:27:45 +0000 (16:27 +0200)]
s3:dbrwap_ctdb: add a function db_ctdb_ltdb_store()

and use it in db_ctdb_store() and db_ctdb_transaction_store().


10 years agos3:dbwrap_ctdb: reformat a comment slightly to enhance clearness.
Michael Adam [Thu, 22 Oct 2009 12:37:51 +0000 (14:37 +0200)]
s3:dbwrap_ctdb: reformat a comment slightly to enhance clearness.


10 years agoFix bug 6867 - trans2findnext returns reply_nterror(req, ntstatus) In a directory...
Jeremy Allison [Mon, 2 Nov 2009 20:15:25 +0000 (12:15 -0800)]
Fix bug 6867 - trans2findnext returns reply_nterror(req, ntstatus) In a directory with a lot of files.

10 years agos3: Fix a 100% CPU loop when ctdbd dies during a traverse
Volker Lendecke [Mon, 2 Nov 2009 15:59:15 +0000 (16:59 +0100)]
s3: Fix a 100% CPU loop when ctdbd dies during a traverse

10 years agos3-gencache: restore gencache_get behavior with NULL args (with torture test).
Günther Deschner [Mon, 2 Nov 2009 12:01:58 +0000 (13:01 +0100)]
s3-gencache: restore gencache_get behavior with NULL args (with torture test).

Without this, we panic in wins_srv_is_dead() and fail to start nmbd with
wins support.

Volker, please check.


10 years agos3: Make "debug hires timestamp" default to true
Volker Lendecke [Mon, 2 Nov 2009 09:05:38 +0000 (10:05 +0100)]
s3: Make "debug hires timestamp" default to true

It does not cost much and can help a lot when debugging

10 years agos4:dsdb Fix up after the MAP_ constants became LDB_MAP_
Andrew Bartlett [Fri, 30 Oct 2009 12:45:21 +0000 (23:45 +1100)]
s4:dsdb Fix up after the MAP_ constants became LDB_MAP_

10 years agos4:provision Remove LDB backend files in provision
Andrew Bartlett [Fri, 30 Oct 2009 12:42:03 +0000 (23:42 +1100)]
s4:provision Remove LDB backend files in provision

Rather than try and remove the records in the LDB files, make the
provision remove the whole file.  This also removes the need to try
and carry forward the old ldb filenames.

Andrew Bartlett

10 years agos4:provision Split ProvisionBackend out of the main provision script
Andrew Bartlett [Fri, 30 Oct 2009 04:18:42 +0000 (15:18 +1100)]
s4:provision Split ProvisionBackend out of the main provision script

This splits the code, while keeping the original behaviour.  The file had become just too long.

Andrew Bartlett

10 years agos4:provision Inline 'ldap_backend_shutdown' for clarity
Andrew Bartlett [Fri, 30 Oct 2009 03:54:21 +0000 (14:54 +1100)]
s4:provision Inline 'ldap_backend_shutdown' for clarity

10 years agos4:provision Fix samdb test with new provision code
Andrew Bartlett [Fri, 30 Oct 2009 03:51:57 +0000 (14:51 +1100)]
s4:provision Fix samdb test with new provision code

10 years agos4:provision Move 'Schema' into it's own file
Andrew Bartlett [Fri, 30 Oct 2009 03:31:25 +0000 (14:31 +1100)]
s4:provision Move 'Schema' into it's own file

10 years agos4:provision Make 'linked_attributes' and 'dnsyntax_attributes' a property of the...
Andrew Bartlett [Fri, 30 Oct 2009 03:05:21 +0000 (14:05 +1100)]
s4:provision Make 'linked_attributes' and 'dnsyntax_attributes' a property of the Schema

10 years agos4:provision Rework provision to always have a ProvisionBackend
Andrew Bartlett [Fri, 30 Oct 2009 02:16:10 +0000 (13:16 +1100)]
s4:provision Rework provision to always have a ProvisionBackend

Rather than treat the LDAP backend as a special case, treat all
backends the same, with different callbacks.

Andrew Bartlett

10 years agos4 - SID allocation using FDS DNA plugin
Endi S. Dewata [Wed, 28 Oct 2009 20:28:31 +0000 (15:28 -0500)]
s4 - SID allocation using FDS DNA plugin

10 years agos4:dsdb - Removed redundant domain SID filter.
Endi S. Dewata [Tue, 27 Oct 2009 19:59:28 +0000 (14:59 -0500)]
s4:dsdb - Removed redundant domain SID filter.

10 years agos4:dsdb - Store SID as string in FDS.
Endi S. Dewata [Sat, 24 Oct 2009 03:59:48 +0000 (22:59 -0500)]
s4:dsdb - Store SID as string in FDS.

10 years agos4 - Mapped AD schema to existing FDS schema.
Endi S. Dewata [Sat, 24 Oct 2009 01:09:07 +0000 (20:09 -0500)]
s4 - Mapped AD schema to existing FDS schema.

10 years agos4:dsdb - Fixed attribute dereferencing for FDS
Endi S. Dewata [Wed, 21 Oct 2009 21:02:18 +0000 (16:02 -0500)]
s4:dsdb - Fixed attribute dereferencing for FDS

10 years agoRemove special case logic in 'samdb_relative_path'.
Andrew Bartlett [Thu, 29 Oct 2009 22:03:10 +0000 (09:03 +1100)]
Remove special case logic in 'samdb_relative_path'.

While this logic (avoiding to prefix a non-filename with a path) is
important in the code this was copied from (private_dir()), none of
the callers of this function need it.

Andrew Bartlett

10 years agos4:dsdb Revert back to using DN:filename in the partitions record
Andrew Bartlett [Thu, 29 Oct 2009 22:00:13 +0000 (09:00 +1100)]
s4:dsdb Revert back to using DN:filename in the partitions record

This allows us to change the escaping function without breaking
existing installs.  The new escaping function (used for new databases)
is RFC1738 URI encoding, except for the trivial cases without special

The new databases are also placed in a subdirectory, sam.ldb.d per an
earlier suggestion by metze.

Andrew Bartlett

10 years agolib/util Use rfc1738.c from Squid for all our URL encode/decode needs.
Andrew Bartlett [Thu, 29 Oct 2009 21:58:34 +0000 (08:58 +1100)]
lib/util Use rfc1738.c from Squid for all our URL encode/decode needs.

Andrew Bartlett

10 years agolib/util Add rfc1738 escape/unescape code from Squid
Andrew Bartlett [Thu, 29 Oct 2009 06:09:49 +0000 (17:09 +1100)]
lib/util Add rfc1738 escape/unescape code from Squid

This is intended to replace our rfc1738_unescape(), and give us an
rfc1738_escape implementation (and hopefully is better tested and more

Andrew Bartlett

10 years agos4:credentials Put the 'secrets.keytab' in the same directory as secrets.ldb
Andrew Bartlett [Wed, 28 Oct 2009 05:49:30 +0000 (16:49 +1100)]
s4:credentials Put the 'secrets.keytab' in the same directory as secrets.ldb

This avoids trouble when the secrets.ldb is updated with ldbedit but
an smb.conf is not specified.

Andrew Bartlett

10 years agos4: Create a script for updating a running provision with change introduced since...
Matthieu Patou [Tue, 27 Oct 2009 12:31:40 +0000 (15:31 +0300)]
s4: Create a script for updating a running provision with change introduced since the initial provision

10 years agos4:torture/raw/samba3misc - Add "discard_const_p" macro before a string
Matthias Dieter Wallnöfer [Sat, 17 Oct 2009 20:37:24 +0000 (22:37 +0200)]
s4:torture/raw/samba3misc - Add "discard_const_p" macro before a string

10 years agos4:ldb Remove debug traces duplicated by the new generic trace code
Andrew Bartlett [Tue, 27 Oct 2009 02:56:40 +0000 (13:56 +1100)]
s4:ldb Remove debug traces duplicated by the new generic trace code

10 years agos3:ldap: don't search when no values where found
Björn Jacke [Fri, 30 Oct 2009 23:45:09 +0000 (00:45 +0100)]
s3:ldap: don't search when no values where found

10 years agouuid.c: Remove some dead code
Volker Lendecke [Sun, 1 Nov 2009 11:56:23 +0000 (12:56 +0100)]
uuid.c: Remove some dead code

10 years agos3: Fix the RPC server SUBSYSTEM declaration
Volker Lendecke [Sat, 31 Oct 2009 10:28:55 +0000 (11:28 +0100)]
s3: Fix the RPC server SUBSYSTEM declaration

If I read SMB_SUBSYSTEM right then the 2nd argument needs to be the file where
the static_init_rpc (in this case) is defined. This seems to have moved from
server.c to process.c.

Jelmer, please check!


10 years agos3:Makefile: add LIBREPLACE_LIBS for talloc, tdb and wbclient
Björn Jacke [Sat, 31 Oct 2009 09:37:44 +0000 (10:37 +0100)]
s3:Makefile: add LIBREPLACE_LIBS for talloc, tdb and wbclient

10 years agoѕ3:buildsystem: fix depenencies for libreplace
Björn Jacke [Fri, 30 Oct 2009 18:54:52 +0000 (19:54 +0100)]
ѕ3:buildsystem: fix depenencies for libreplace

This problem became visible after adding the picky -z defs linker option: On
Solaris libreplace had unresolved symbols, which showed up in the libtalloc
build. PAM_WINBIND_EXTRA_LIBS and WINBIND_NSS_EXTRA_LIBS had been workarounds
to make things work at two placeѕ. These variables have been obsoleted now.
This patch introduces LIBREPLACE_LIBS which contans the linker flags needed for
linking anything using libreplace.

10 years agoѕ3:ldap: search for account policies in objectclass sambaDomain, not *
Björn Jacke [Fri, 30 Oct 2009 20:50:41 +0000 (21:50 +0100)]
ѕ3:ldap: search for account policies in objectclass sambaDomain, not *

10 years agos3/docs: Fix typo.
Karolin Seeger [Fri, 30 Oct 2009 15:47:22 +0000 (16:47 +0100)]
s3/docs: Fix typo.

Fix bug #4250. Thanks to TAKAHASHI Motonobu <> for reporting!


10 years agos3/docs: Remove reference to nonexistent file.
Karolin Seeger [Fri, 30 Oct 2009 15:31:55 +0000 (16:31 +0100)]
s3/docs: Remove reference to nonexistent file.

Fix bug #4252. Thanks to TAKAHASHI Motonobu <> for reporting!


10 years agos4:nbt_server/wins/winsdb - Fix "const" warning
Matthias Dieter Wallnöfer [Sat, 17 Oct 2009 20:31:34 +0000 (22:31 +0200)]
s4:nbt_server/wins/winsdb - Fix "const" warning

10 years agos4-smbtorture: skip bigendian tests against s3 in RPC-LSA-SECRETS.
Günther Deschner [Thu, 29 Oct 2009 13:50:56 +0000 (14:50 +0100)]
s4-smbtorture: skip bigendian tests against s3 in RPC-LSA-SECRETS.


10 years agos3-rpcclient: add deletetrustdom command.
Günther Deschner [Wed, 28 Oct 2009 14:37:11 +0000 (15:37 +0100)]
s3-rpcclient: add deletetrustdom command.


10 years agos3-rpcclient: add createtrustdom command.
Günther Deschner [Wed, 28 Oct 2009 13:13:32 +0000 (14:13 +0100)]
s3-rpcclient: add createtrustdom command.


10 years agos3-lsa: expand struct lsa_info to carry name and sd.
Günther Deschner [Thu, 29 Oct 2009 22:50:20 +0000 (23:50 +0100)]
s3-lsa: expand struct lsa_info to carry name and sd.


10 years agos3-lsa: use switch in _lsa_QuerySecurity().
Günther Deschner [Thu, 29 Oct 2009 11:36:30 +0000 (12:36 +0100)]
s3-lsa: use switch in _lsa_QuerySecurity().


10 years agos4-smbtorture: fix warning in RPC-WKSSVC torture test.
Günther Deschner [Fri, 30 Oct 2009 11:13:21 +0000 (12:13 +0100)]
s4-smbtorture: fix warning in RPC-WKSSVC torture test.


10 years agos4:kdc/hdb-samba4 - Remove unused variable
Matthias Dieter Wallnöfer [Fri, 30 Oct 2009 11:13:26 +0000 (12:13 +0100)]
s4:kdc/hdb-samba4 - Remove unused variable

10 years agoChange RAW-STREAMS for s3 to allow rename over an existing stream,
Jeremy Allison [Thu, 29 Oct 2009 23:38:34 +0000 (16:38 -0700)]
Change RAW-STREAMS for s3 to allow rename over an existing stream,
we need to file a CAR to find out why Windows gives INVALID_PARAMETER
for this.

10 years agoStart fixing the RAW-STREAMS test - ensure that the xattr
Jeremy Allison [Thu, 29 Oct 2009 23:14:12 +0000 (16:14 -0700)]
Start fixing the RAW-STREAMS test - ensure that the xattr
used to store the stream info in is not
seen in when enumerating EAs.

10 years agos3: Fix incorrect rc check of nscd_flush_cache.
Jim McDonough [Thu, 29 Oct 2009 15:11:43 +0000 (11:11 -0400)]
s3: Fix incorrect rc check of nscd_flush_cache.

At least this only resulted in an incorrect debug message.

10 years agos3-secrets: use autogenerated code for TRUSTED_DOM_PASS struct parsing from a tdb.
Günther Deschner [Wed, 28 Oct 2009 15:42:44 +0000 (16:42 +0100)]
s3-secrets: use autogenerated code for TRUSTED_DOM_PASS struct parsing from a tdb.


10 years agos3: add secrets.idl.
Günther Deschner [Wed, 28 Oct 2009 15:21:53 +0000 (16:21 +0100)]
s3: add secrets.idl.


10 years agotdb: update README a bit
Kirill Smelkov [Wed, 21 Oct 2009 17:18:58 +0000 (21:18 +0400)]
tdb: update README a bit

While studying tdb, I've noticed a couple of mismatches between readme
and actual code:

- tdb_open_ex changed it's log_fn argument to log_ctx
- there is now no tdb_update(), which it seems was transformed into
  non-exported tdb_update_hash()

There were other mismatches, but I don't remember them now, sorry.

Signed-off-by: Kirill Smelkov <>
Signed-off-by: Rusty Russell <>
10 years agotdb: add tests for double .close() in pytdb
Kirill Smelkov [Wed, 21 Oct 2009 17:18:57 +0000 (21:18 +0400)]
tdb: add tests for double .close() in pytdb

The reason I do it is that when using older python-tdb as shipped in
Debian Lenny, python interpreter crashes on this test:

    (gdb) bt
    #0  0xb7f8c424 in __kernel_vsyscall ()
    #1  0xb7df5640 in raise () from /lib/i686/cmov/
    #2  0xb7df7018 in abort () from /lib/i686/cmov/
    #3  0xb7e3234d in __libc_message () from /lib/i686/cmov/
    #4  0xb7e38624 in malloc_printerr () from /lib/i686/cmov/
    #5  0xb7e3a826 in free () from /lib/i686/cmov/
    #6  0xb7b39c84 in tdb_close () from /usr/lib/
    #7  0xb7b43e14 in ?? () from /var/lib/python-support/python2.5/
    #8  0x0a038d08 in ?? ()
    #9  0x00000000 in ?? ()

master's pytdb does not (we have a check for self->closed in obj_close()),
but still...

Signed-off-by: Kirill Smelkov <>
Signed-off-by: Rusty Russell <>
10 years agotdb: reset tdb->fd to -1 in tdb_close()
Kirill Smelkov [Wed, 21 Oct 2009 17:18:56 +0000 (21:18 +0400)]
tdb: reset tdb->fd to -1 in tdb_close()

So that erroneous double tdb_close() calls do not try to close() same
fd again. This is like SAFE_FREE() but for fd.

Signed-off-by: Kirill Smelkov <>
Signed-off-by: Rusty Russell <>