Jeremy Allison [Tue, 22 Nov 2011 20:33:54 +0000 (12:33 -0800)]
Remove the setting of the inherited ACL on new files/directories. This is
now done correctly in the main codepath. The vfs_acl_XXXX modules are
now thin shims that simply store/retrieve ACLs as they should be.
Jeremy Allison [Tue, 22 Nov 2011 20:33:27 +0000 (12:33 -0800)]
Move setting the inherited ACL into the main open code path. Next will
remove it from the ACL modules.
Jeremy Allison [Tue, 22 Nov 2011 19:53:51 +0000 (11:53 -0800)]
Move the "set SD" code into provided SD and "inherit acls" branches.
Jeremy Allison [Tue, 22 Nov 2011 18:37:56 +0000 (10:37 -0800)]
Only add the SD if it's not a new stream file.
Jeremy Allison [Tue, 22 Nov 2011 18:28:52 +0000 (10:28 -0800)]
Move the add security descriptor code to *after* all the other meta-data is
updated. We may be adding an SD that restricts our own access.
Volker Lendecke [Tue, 22 Nov 2011 16:37:07 +0000 (17:37 +0100)]
s3: Fix wb_next_pwent_fill_done
Within a callback routine it is not possible to call tevent_req_post
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Nov 22 19:17:30 CET 2011 on sn-devel-104
Kai Blin [Tue, 22 Nov 2011 10:26:04 +0000 (11:26 +0100)]
s3 libaddns: Prevent a crash when dns_create_update fails
When dns_create_update() fails, it does not initialize *req, and then TALLOC_FREE(req) in the
error handling crashes if we're lucky.
Instead of going into the generic error handling, treat the failure in dns_create_update() like
dns_create_update_request() and just pass on the error.
Thanks to Harry Mason for reporting this issue.
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Tue Nov 22 14:29:07 CET 2011 on sn-devel-104
Andrew Tridgell [Tue, 22 Nov 2011 03:58:29 +0000 (14:58 +1100)]
s4-dns: added --no-credentials option to samba_dnsupdate
this is for a user who is doing DNS updates via key files rather than
GSSAPI. This allows the update to go through without a kerberos error
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Nov 22 06:34:59 CET 2011 on sn-devel-104
Jeremy Allison [Mon, 21 Nov 2011 21:06:00 +0000 (13:06 -0800)]
Fix a bunch of "warning: variable ‘XXXX’ set but not used [-Wunused-but-set-variable]" warnings from the new gcc.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Nov 21 23:39:08 CET 2011 on sn-devel-104
Stefan Metzmacher [Mon, 21 Nov 2011 17:03:44 +0000 (18:03 +0100)]
s3:winbindd_cm: close sockfd on error in cm_prepare_connection()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Nov 21 19:58:58 CET 2011 on sn-devel-104
Stefan Metzmacher [Mon, 21 Nov 2011 17:03:07 +0000 (18:03 +0100)]
s3:libsmb: close fd on error in cli_connect_nb()
metze
Günther Deschner [Mon, 21 Nov 2011 12:13:11 +0000 (13:13 +0100)]
librpc: install drsuapi and drsblobs headers.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Nov 21 17:24:28 CET 2011 on sn-devel-104
Günther Deschner [Mon, 21 Nov 2011 11:55:04 +0000 (12:55 +0100)]
s3-waf: remove version from libpdb.so for now.
Guenther
Günther Deschner [Fri, 18 Nov 2011 14:38:02 +0000 (15:38 +0100)]
s4-smbtorture: add ndr test for nbt_netlogon_packet to avoid future regressions.
Guys, we really should make sure to always add ndr tests like this whenever we
change some sensitive libndr or handmarshalling bits.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Sun Nov 20 23:10:39 CET 2011 on sn-devel-104
Stefan Metzmacher [Sat, 19 Nov 2011 13:02:22 +0000 (14:02 +0100)]
s3:smb2_negprot: add support for SMB2_22
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Nov 20 16:46:45 CET 2011 on sn-devel-104
Stefan Metzmacher [Sat, 19 Nov 2011 13:01:25 +0000 (14:01 +0100)]
lib/param: add "SMB2_22" to enum_protocol
metze
Matthieu Patou [Fri, 18 Nov 2011 23:37:27 +0000 (00:37 +0100)]
s4-dsdb: Modify the repl_meta_data behavior to allow Metadata change on attribute interSiteTopologyGenerator even if the value didn't change
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Nov 19 16:47:53 CET 2011 on sn-devel-104
Matthias Dieter Wallnöfer [Sat, 19 Nov 2011 11:59:01 +0000 (12:59 +0100)]
socket_wrapper/py_socket_wrapper.c - include Python 2.4 compatiblity code
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov 19 14:53:43 CET 2011 on sn-devel-104
Jeremy Allison [Fri, 18 Nov 2011 21:13:02 +0000 (13:13 -0800)]
Remove rawmemchr calls - found by Ira Cooper. These are glibc-specific calls, makes us completely non-portable.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Nov 18 23:50:50 CET 2011 on sn-devel-104
Karolin Seeger [Thu, 17 Nov 2011 20:23:09 +0000 (21:23 +0100)]
s3/packaging: Fix rpm build issues on RHEL4.
Second part of a fix for bug #7705 (RHEL samba.spec broken - and fix).
Based on patches of Jason Haar and Daniël van Eeden. Thanks a lot!
Karolin
Autobuild-User: Karolin Seeger <kseeger@samba.org>
Autobuild-Date: Fri Nov 18 22:13:06 CET 2011 on sn-devel-104
Stefan Metzmacher [Fri, 18 Nov 2011 12:20:43 +0000 (13:20 +0100)]
s3:libsmb: verify num_setup for SMBnttrans in cli_pull_trans()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Nov 18 15:13:52 CET 2011 on sn-devel-104
Stefan Metzmacher [Fri, 18 Nov 2011 12:19:19 +0000 (13:19 +0100)]
s3:libsmb: fix compiler warning in cli_pull_trans()
metze
Stefan Metzmacher [Fri, 18 Nov 2011 07:40:18 +0000 (08:40 +0100)]
s3:libsmb: only align unicode pipe_name (bug #8586)
metze
Volker Lendecke [Thu, 17 Nov 2011 21:36:22 +0000 (22:36 +0100)]
s3: Fix bug 8371
ndr_set_flag or's in the given flag (ALIGN4). At this point, ndr->flags
contains NOALIGN, which will persist. In ndr_push_DATA_BLOB NOALIGN overrides
everything else, so that the ALIGN4 is not respected.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Nov 18 09:33:37 CET 2011 on sn-devel-104
Amitay Isaacs [Fri, 18 Nov 2011 03:35:56 +0000 (14:35 +1100)]
s3-py-passdb: Fix handling of uninitialized gid values
Uninitialized gid value is set to -1 and return as such from python
passdb api.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Fri Nov 18 06:18:33 CET 2011 on sn-devel-104
Amitay Isaacs [Thu, 17 Nov 2011 23:34:44 +0000 (10:34 +1100)]
dsdb: Fix the password expiry calculation
As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if
pwdLastSet = null, or
pwdLastSet = 0, or
(maxPwdAge != 0x8000000000000000 and (ST - pwdLastSet) > maxPwdAge)
Amitay Isaacs [Thu, 17 Nov 2011 22:55:38 +0000 (09:55 +1100)]
s3-passdb_test: Policy values are converted to signed integer
No need to check value for 0xffffffff (
4294967295).
Amitay Isaacs [Thu, 17 Nov 2011 07:51:14 +0000 (18:51 +1100)]
s4-s3-upgrade: Add --verbose option to print extra details
Andrew Bartlett [Thu, 17 Nov 2011 07:24:24 +0000 (18:24 +1100)]
s4-auth log details about any token we fail to convert to a unix token
Now that entries are being added into the idmap DB from Samba3, and
may be UID or GID but not BOTH, failures are more likely.
Andrew Bartlett
Amitay Isaacs [Thu, 17 Nov 2011 05:08:16 +0000 (16:08 +1100)]
s4-s3-upgrade: Fix idmap types ID_TYPE_UID/ID_TYPE_GID instead of UID/GID
Amitay Isaacs [Wed, 16 Nov 2011 22:34:57 +0000 (09:34 +1100)]
samba-tool: Fix the domain account policy max_pwd_age calculation
Windows sets maxPwdAge to -0x8000000000000000 when maximum password
age is set to 0 days.
Amitay Isaacs [Wed, 16 Nov 2011 01:59:52 +0000 (12:59 +1100)]
s4-s3-upgrade: Fix the minimum and maximum password age calculation
Windows sets maxPwdAge to -0x8000000000000000 when maximum password age
is set to 0 days.
Andrew Bartlett [Wed, 16 Nov 2011 05:51:06 +0000 (16:51 +1100)]
s4-s3-upgrade now look for -1 as the special 'not set' value
this is possible because we know the py_passdb will always set -1
here, not passing though 0xFFFFFFFF.
Andrew Bartlett
Karolin Seeger [Thu, 17 Nov 2011 20:02:30 +0000 (21:02 +0100)]
s3/packaging: Fix rpm build issues on RHEL.
Fix bug #7705 (RHEL samba.spec broken - and fix).
Based on patches of Jason Haar and Daniël van Eeden. Thanks a lot!
Karolin
Autobuild-User: Karolin Seeger <kseeger@samba.org>
Autobuild-Date: Thu Nov 17 23:05:28 CET 2011 on sn-devel-104
Kai Blin [Tue, 15 Nov 2011 07:38:27 +0000 (08:38 +0100)]
s4 dns: Reduce test output noise by upping log level for dns_name_packet logging
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Thu Nov 17 20:10:05 CET 2011 on sn-devel-104
Kai Blin [Thu, 10 Nov 2011 23:32:09 +0000 (00:32 +0100)]
s4 dns: Add a first test case
Kai Blin [Mon, 7 Nov 2011 23:34:01 +0000 (00:34 +0100)]
s4 dns: Turn on internal DNS server during testing
Amitay Isaacs [Fri, 14 Oct 2011 06:24:16 +0000 (17:24 +1100)]
socket_wrapper: Added python interface to socket_wrapper
The socket_wrapper does not support setting blocking flag or
timeouts on the sockets.
To use socket module in python, use
from samba import socket
Signed-off-by: Kai Blin <kai@samba.org>
Jelmer Vernooij [Thu, 17 Nov 2011 01:31:13 +0000 (02:31 +0100)]
samba.tests.dsdb: Import TestCase from samba.tests.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu Nov 17 08:36:17 CET 2011 on sn-devel-104
Jelmer Vernooij [Thu, 17 Nov 2011 01:30:38 +0000 (02:30 +0100)]
samba.tests: Make sure testtools is available before importing it.
Richard Sharpe [Mon, 14 Nov 2011 15:47:38 +0000 (07:47 -0800)]
Improve configure.in so it can be used outside the Samba source tree.
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Thu Nov 17 07:00:38 CET 2011 on sn-devel-104
Amitay Isaacs [Tue, 15 Nov 2011 01:34:40 +0000 (12:34 +1100)]
ldb: Add handy macros for reporting error inside ldb module
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Thu Nov 17 05:24:46 CET 2011 on sn-devel-104
Amitay Isaacs [Mon, 14 Nov 2011 06:34:17 +0000 (17:34 +1100)]
s4-dsdb: Remove unsed variable
Günther Deschner [Wed, 16 Nov 2011 23:55:04 +0000 (00:55 +0100)]
s3-smbldap: move ldap_open_with_timeout out of smb_ldap.h to ads where it lives.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Nov 17 03:47:53 CET 2011 on sn-devel-104
Günther Deschner [Wed, 16 Nov 2011 23:44:41 +0000 (00:44 +0100)]
s3-smbldap: remove duplicate LDAP_OPT_SUCCESS define.
Guenther
Günther Deschner [Wed, 16 Nov 2011 21:53:24 +0000 (22:53 +0100)]
s3-winbindd: no need to globally include ldap headers in winbindd.
Guenther
Günther Deschner [Wed, 16 Nov 2011 21:50:18 +0000 (22:50 +0100)]
s3-smbldap: include talloc.h and tevent.h in smbldap.h
Guenther
Günther Deschner [Wed, 16 Nov 2011 18:31:34 +0000 (19:31 +0100)]
s3-param: loadparm has no dependency to smbldap.
Guenther
Günther Deschner [Wed, 16 Nov 2011 17:59:26 +0000 (18:59 +0100)]
s3-smbldap: improve smbldap.h readability and rearrange some defines.
Guenther
Günther Deschner [Wed, 16 Nov 2011 17:54:02 +0000 (18:54 +0100)]
s3-smbldap: remove duplicate prototype.
Guenther
Andrew Bartlett [Thu, 10 Nov 2011 06:41:28 +0000 (17:41 +1100)]
s3-nmbd Remove AD netlogon response from s3 nmbd server
I do not want users with misconfigurations to have nmbd respond
with this partially correct packet. For example, it hardcodes
the site as Default-First-Site-Name.
If nmbd wishes to return this information, it would need to query
the AD database using the same APIs that the source4/ nbt server
does.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Nov 17 02:10:54 CET 2011 on sn-devel-104
Andrew Bartlett [Thu, 10 Nov 2011 09:16:23 +0000 (20:16 +1100)]
s4-s3-upgrade Test getdomainsid as well
Andrew Bartlett [Thu, 10 Nov 2011 08:57:05 +0000 (19:57 +1100)]
s3-net Do not look for a local SID when we are a DC
If we are actually a DC, then the only SID we have is the domain SID,
and looking for it under the local name fails if we are a Samba4 AD DC.
Andrew Bartlett
Andrew Bartlett [Thu, 10 Nov 2011 10:27:13 +0000 (21:27 +1100)]
lib/param simplify server role values specified in smb.conf
The pdc/bdc split is only in smb.conf for Samba3 DCs, and so is
too confusing to document in this paramter. It will be clearer
to sort out "domain master" into a "pdc emulator" paramter
to conver this distinction.
Andrew Bartlett
Andrew Bartlett [Thu, 10 Nov 2011 10:16:18 +0000 (21:16 +1100)]
docs: Add documentation for server role
Andrew Bartlett [Thu, 10 Nov 2011 08:48:06 +0000 (19:48 +1100)]
libds: Make server role values explicit for easier debugging
Andrew Bartlett [Thu, 10 Nov 2011 08:34:36 +0000 (19:34 +1100)]
param: use lp_is_security_and_server_role_valid()
This also permits a few more valid combinations, due to the layer at which this is
being used.
Andrew Bartlett
Amitay Isaacs [Thu, 10 Nov 2011 06:45:28 +0000 (17:45 +1100)]
param: Check if server role and security parameters are conflicting
Andrew Bartlett [Thu, 10 Nov 2011 06:11:56 +0000 (17:11 +1100)]
lib/param: Add tests for security= behaviour now it operates with server role
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Thu, 10 Nov 2011 06:11:18 +0000 (17:11 +1100)]
param: Connect lp_security to the lib/param code to allow tests
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Thu, 10 Nov 2011 05:26:57 +0000 (16:26 +1100)]
s4-provision permit server role to be the ROLE_ strings from s3
Also convert between the aliases in one single place.
Andrew Bartlett
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Thu, 10 Nov 2011 05:07:52 +0000 (16:07 +1100)]
param: Add tests for automatic server role guessing
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Amitay Isaacs [Thu, 10 Nov 2011 04:42:44 +0000 (15:42 +1100)]
py-param: Add python interface to get server_role
Andrew Bartlett [Thu, 10 Nov 2011 04:19:33 +0000 (15:19 +1100)]
param: Move enum values into a common (included) .c file
This #include hack is required as it is not possible to declare a
compile-time sized array in a header file.
Andrew Bartlett
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Thu, 10 Nov 2011 04:22:37 +0000 (15:22 +1100)]
param: move server role helpers into loadparm.h
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Tue, 1 Nov 2011 01:59:38 +0000 (12:59 +1100)]
s4-s3-upgrade Add test of net getlocalsid after the upgrade
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Thu, 10 Nov 2011 01:45:54 +0000 (12:45 +1100)]
param: calculate server role from security, and security from server role
This allows smb.conf files from either the samba3 or samba4 tradition
to come to the same value of server role, using the information in the
smb.conf file.
This is important so that tools like 'net getlocalsid' work against a
Samba4 AD installation (yes, users have tried this).
Andrew Bartlett
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Thu, 10 Nov 2011 02:37:54 +0000 (13:37 +1100)]
s3-param remove lp_domain_logons(), always use IS_DC
This makes the code internally consistant.
Andrew Bartlett
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Andrew Bartlett [Thu, 10 Nov 2011 01:50:09 +0000 (12:50 +1100)]
param: make server role list common and include auto (for the new default)
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
Amitay Isaacs [Tue, 8 Nov 2011 02:22:37 +0000 (13:22 +1100)]
roles: Add ROLE_AUTO to indicate that the server role is calculated
Amitay Isaacs [Tue, 8 Nov 2011 01:12:06 +0000 (12:12 +1100)]
s3-param: Add "server role" as global parameter
This will help extracting server role processing code in common
library.
Amitay Isaacs [Tue, 8 Nov 2011 00:36:00 +0000 (11:36 +1100)]
param: Add "domain logons" and "domain master" parameters
This makes parsing of config files with s3 loadparm code and s4 loadparm
code consistent.
Björn Baumbach [Wed, 16 Nov 2011 15:57:25 +0000 (16:57 +0100)]
s3-libsmb/passchange.c: remove some cli_nt_error() calls
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Nov 16 20:36:11 CET 2011 on sn-devel-104
Björn Baumbach [Wed, 16 Nov 2011 15:52:38 +0000 (16:52 +0100)]
s3-winbindd/winbindd_cm.c: remove cli_nt_error()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Wed, 16 Nov 2011 15:37:24 +0000 (16:37 +0100)]
s3-libsmb/clidfs.c: remove cli_nt_error()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 16 Nov 2011 15:48:37 +0000 (16:48 +0100)]
s3:winbindd_cm: remove unused ads_status
metze
Björn Baumbach [Wed, 16 Nov 2011 15:21:13 +0000 (16:21 +0100)]
s3-torture: remove all cli_nt_error() calls in torture
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Wed, 16 Nov 2011 14:03:49 +0000 (15:03 +0100)]
s3-torture: replace cli_errstr() with nt_errstr()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Wed, 16 Nov 2011 13:45:01 +0000 (14:45 +0100)]
s3-libsmb: introduce option to disable dos error mapping
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 16 Nov 2011 14:06:30 +0000 (15:06 +0100)]
s3:smbd: calculate the negprot signing flags from the signing_state
We should map from lp_server_signing() just once in srv_init_signing().
metze
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov 16 18:59:49 CET 2011 on sn-devel-104
Andreas Schneider [Wed, 16 Nov 2011 13:54:11 +0000 (14:54 +0100)]
s3: Fix wbinfo socket dir path.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Nov 16 17:19:56 CET 2011 on sn-devel-104
Stefan Metzmacher [Thu, 22 Sep 2011 19:23:02 +0000 (21:23 +0200)]
Revert "Fix bug #8453 - smbclient segfaults when dialect option -m is used for legacy dialects"
This reverts commit
f261ac1932ecdae925b27301aa3e907757845a85.
We now handle that in cli_state_create().
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Nov 16 15:44:05 CET 2011 on sn-devel-104
Stefan Metzmacher [Tue, 20 Sep 2011 03:23:53 +0000 (05:23 +0200)]
s3:libsmb: always init cli->{server_os,server_domain,server_type}
We should do that at creation time of cli_state.
metze
Günther Deschner [Mon, 17 Oct 2011 15:19:27 +0000 (17:19 +0200)]
s3-waf: create a smbldap.so library.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov 16 14:03:05 CET 2011 on sn-devel-104
Günther Deschner [Tue, 15 Nov 2011 22:57:58 +0000 (23:57 +0100)]
s3-smbldap: remove dependency to secrets subsystem.
Guenther
Günther Deschner [Tue, 15 Nov 2011 22:56:38 +0000 (23:56 +0100)]
s3-smbldap: extend smbldap_init() with binddn/bindsecret arguments.
Guenther
Günther Deschner [Tue, 15 Nov 2011 18:01:45 +0000 (19:01 +0100)]
s3-smbldap: remove duplicate prototype of smbldap_init().
Guenther
Günther Deschner [Tue, 15 Nov 2011 16:53:25 +0000 (17:53 +0100)]
s3-net: use better state variable name for smbldap_state.
Guenther
Günther Deschner [Mon, 17 Oct 2011 16:03:31 +0000 (18:03 +0200)]
s3-passdb: split out passdb/pdb_ldap_schema.c
Guenther
Günther Deschner [Mon, 17 Oct 2011 16:00:01 +0000 (18:00 +0200)]
s3: move smbldap_util to pdb_ldap_util.
Guenther
Günther Deschner [Mon, 17 Oct 2011 15:17:18 +0000 (17:17 +0200)]
s3-smbldap: use include/smb_ldap.h in smbldap.h
Guenther
Stefan Metzmacher [Tue, 15 Nov 2011 20:50:54 +0000 (21:50 +0100)]
lib/util/debug: with log level = 10 we should be more verbose
log level = 10 already impacts performance, so we can turn on
more details and print the pid, [e][u|g]id and class information.
So it implies "debug pid = yes", "debug uid = yes" and "debug class = yes".
This generates a lot more useful log files.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Nov 16 12:25:02 CET 2011 on sn-devel-104
Amitay Isaacs [Wed, 16 Nov 2011 00:18:18 +0000 (11:18 +1100)]
provision: Set the security descriptor while creating partitions
With Matthieu's patch, the setting of security descriptor on
partition dn at create time works correctly.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Wed Nov 16 08:54:25 CET 2011 on sn-devel-104
Matthieu Patou [Tue, 15 Nov 2011 23:56:28 +0000 (00:56 +0100)]
s4-dsdb: rework the NC detection for the descriptor calculation
This checks if instanceType attribute is available, and if
INSTANCE_TYPE_IS_NC_HEAD bit is set. If the bit is set, then
the DN is NC root and security descriptor is not inherited
from parent SD.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Tue, 15 Nov 2011 23:17:50 +0000 (10:17 +1100)]
s3-s4-upgrade: do not add description if it is empty string or none
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Wed Nov 16 05:53:41 CET 2011 on sn-devel-104
Jeremy Allison [Wed, 16 Nov 2011 01:29:59 +0000 (17:29 -0800)]
Final part of patchset to fix bug #8556 - ACL permissions ignored when SMBsetatr is requested.
This now plumbs access checks through all setattr calls.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 16 04:20:04 CET 2011 on sn-devel-104
Jeremy Allison [Wed, 16 Nov 2011 01:41:48 +0000 (17:41 -0800)]
Remove the check for FILE_WRITE_ATTRIBUTES from smb_set_file_time(). It
is called from places like fileio.c that need to update the write time
on a file handle only open for write, without neccessarily having
FILE_WRITE_ATTRIBUTES permission. Move all checks to before the
smb_set_file_time() callers.
Jeremy Allison [Wed, 16 Nov 2011 00:49:42 +0000 (16:49 -0800)]
Always set the attribute first, before the time.
Jeremy Allison [Wed, 16 Nov 2011 00:22:09 +0000 (16:22 -0800)]
Move handle-based access check into handle codepath.
Jeremy Allison [Wed, 16 Nov 2011 00:20:44 +0000 (16:20 -0800)]
We've already checked fsp must be non-null here.
git.samba.org / sfrench / samba-autobuild / .git / log