Andrew Bartlett [Fri, 16 Oct 2015 00:00:20 +0000 (13:00 +1300)]
samba-tool domain demote: Remove dns-SERVER object as well
This object is not in standard AD, but Marc Muehlfeld
correctly notes that Samba creates it for BIND9_DLZ
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 14 Oct 2015 03:57:31 +0000 (16:57 +1300)]
samba-tool domain demote: Remove all references to the demoted host, even in DNS
We search the in-directory DNS records for entries that point to the
name or IP that the dead DC was using, and remove them
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 14 Oct 2015 03:56:41 +0000 (16:56 +1300)]
pydns: Add replace_by_dn()
This allows us to find a DNS record by searching LDB and unpacking the dnsRecord
but replace the record using the common code that will create a tombstone
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 23 Oct 2015 00:12:03 +0000 (13:12 +1300)]
samba-tool domain demote: Use dn.add_base/dn.add_child
This is done primarilly to set the pattern that we should manipulate ldb.Dn values
with the helper routines, not just by concatonation via format strings.
We also restrict our exception hadling to only the expected errors, not
all errors.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 23 Oct 2015 00:05:24 +0000 (13:05 +1300)]
samba-tool domain demote: Remove correct DNs and from the correct locations
The previous code missed the CN=DFSR-GlobalSettings children and did
not cope with subdomains. The root DN may not be the domain DN if
we are a subdomain.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 13 Oct 2015 22:59:26 +0000 (11:59 +1300)]
dns_server: Give WERR_DNS_ERROR_NAME_DOES_NOT_EXIST on empty records
When not looking for tombstones, a record without a dnsRecord value may as
well not be present, so just return WERR_DNS_ERROR_NAME_DOES_NOT_EXIST
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 13 Oct 2015 03:41:44 +0000 (16:41 +1300)]
selftest: Add tests confirming the demote actually removes objects
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 13 Oct 2015 02:26:20 +0000 (15:26 +1300)]
samba-tool domain demote: Refuse to remove ourself
This ensures that a different server is the one being demoted from the local database
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 13 Oct 2015 02:23:55 +0000 (15:23 +1300)]
selftest: Run samba-tool domain demote while we have a clone of the DB handy
This avoids needing to run the demote on the main replicated DB
of the selftest system
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 24 Sep 2015 02:07:51 +0000 (14:07 +1200)]
samba-tool domain demote: Rework to allow cleanup of partial demotion, catch more errors
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Sep 2015 03:51:33 +0000 (15:51 +1200)]
selftest: Make it clear that the first argument to KCC.run() is unused
This is unused because we have already provided a database via import_ldif
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Sep 2015 03:40:00 +0000 (15:40 +1200)]
selftest: Run demote test against the RODC environment also
Andrew Bartlett [Tue, 22 Sep 2015 03:39:19 +0000 (15:39 +1200)]
selftest: Reorder tests.py to ensure that demote, then dbcheck run last.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 22 Oct 2015 22:23:05 +0000 (11:23 +1300)]
samba-tool domain demote: Allow to operate on an RODC and a subdomain
On an RODC the local database cannot be modified, and the flags to remove
are different, we need instead to remove UF_PARTIAL_SECRETS_ACCOUNT.
If we are in a subdomain, then db.get_root_basedn() points to the
forest root, not the root of our domain
If the removeDsServer() fails with WERR_DS_DRA_NO_REPLICA
this may be reasonably considered to be success in this case.
Finally, the remove_dc.remove_sysvol_references() is reused
for objects not under the computer account.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
domain demote
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 14 Sep 2015 03:56:52 +0000 (15:56 +1200)]
samba-tool domain demote: Add --remove-other-dead-server
The new version of this tool now can remove another DC that is
itself offline. The --remove-other-dead-server removes
as many references to the DC as possible.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Sep 2015 03:32:57 +0000 (15:32 +1200)]
dns_server: Add python method to extract a DNS entry from a ldb.MessageElement
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Sep 2015 03:25:30 +0000 (15:25 +1200)]
pydsdb: Also accept ldb.MessageElement values to dsdb routines
This shows the correct way to accept a value that may be a list of strings
or a proper ldb.MessageElement.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Sep 2015 00:11:04 +0000 (12:11 +1200)]
dns_server: Add a python module directly accessing DNS records in sam.ldb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Sep 2015 00:10:00 +0000 (12:10 +1200)]
dns_server: Put more code in common
This will allow a python module to be written to modify DNS entries in sam.ldb directly
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 14 Sep 2015 01:47:31 +0000 (13:47 +1200)]
selftest: Add tests for samdb_to_ldif_file
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 14 Sep 2015 01:48:04 +0000 (13:48 +1200)]
python/kcc: Write correct module list into the file during ldif_to_samdb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 14 Oct 2015 00:49:01 +0000 (13:49 +1300)]
ldb: Fix python bindings to accept a string as a DN
This fixes add_base(), add_child() and is_child_of().
This removes a toally incorrect cast of struct ldb_dn to struct ldb_context.
A helper routine is used instead
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 12 Oct 2015 04:50:27 +0000 (17:50 +1300)]
samba-tool drs clone-dc-database: Require --targetdir
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 19 Aug 2015 01:30:55 +0000 (13:30 +1200)]
repl: Use DSDB_REPL_FLAG_PRIORITISE_INCOMING in samba-tool drs replicate --local
Previously this would only be set when we did server-to-server replication
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 19 Aug 2015 01:29:35 +0000 (13:29 +1200)]
samba-tool drs clone-dc: Add --include-secrets option
This allows the creation of domain clones that have no secrets,
and so make it safer to examine databases that demonstrate issues
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 19 Aug 2015 01:26:41 +0000 (13:26 +1200)]
repl: Give an error if we get a secret when not expecting one
We should never get a secret from a server when we specify DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING
This asserts that this is the case.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 17 Aug 2015 03:33:31 +0000 (15:33 +1200)]
samba-tool: Add new command 'samba-tool drs clone-dc-database'
This command makes a clone of an existing AD Domain, but does not
join the domain. This allows us to test if the join would work
without adding objects to the target DC.
The server password will need to be reset for the clone to
be any use, see the source4/scripting/devel/chgtdcpass
(Based on patches written with Garming Sam)
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 25 Aug 2015 03:51:19 +0000 (15:51 +1200)]
samba-tool: Remove vampire subcommand and now unused libnet_Vampire()
This has been deprecated for a long time now
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 24 Sep 2015 02:08:37 +0000 (14:08 +1200)]
repl_meta_data: Print more detail into the LDB error string, not just DEBUG()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Volker Lendecke [Tue, 6 Oct 2015 14:10:43 +0000 (16:10 +0200)]
smbd: Send SMB2 oplock breaks unencrypted
This is not what Windows server does, but it seems that Windows
clients expect. Windows->Windows never runs into this issue, because
an encryption-enabled SMB3 connection will always use leases, and lease
breaks *are* unencrypted...
You can reproduce the issue Windows->Windows by disabling leases on the
Windows server. Disable leases using the registry key:
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\DisableLeasing
Dochelp confirmed that this is a valid workaround for Windows clients
dropping encrypted oplock breaks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11570
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 24 05:01:32 CEST 2015 on sn-devel-104
Anoop C S [Tue, 20 Oct 2015 05:53:23 +0000 (11:23 +0530)]
smbd/quotas: Remove invalid quota status switch case
getquota_rslt structure from rquota.h defines the enum
named status whose values start from 1. But in quotas.c
we have an invalid check for status 0. This change is
to remove that particular switch case.
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 24 01:31:21 CEST 2015 on sn-devel-104
Andrew Bartlett [Thu, 22 Oct 2015 00:54:41 +0000 (13:54 +1300)]
autobuild: Confirm we can build without --enable-developer
We also confirm that such builds do not contain the NTVFS file server
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Wed, 21 Oct 2015 23:01:48 +0000 (12:01 +1300)]
Add samba4.smb2.create.mkdir-dup(ad_dc_ntvfs) as flapping
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Fri, 9 Oct 2015 20:30:17 +0000 (09:30 +1300)]
build: Enable NTVFS file server to be omitted
We now only build it by default with --enable-sefltest, or otherwise
if requested.
The NTVFS file server still has features not present in the smbd file
server, such as a CIFS/SMB proxy, and a radically different design,
but it is also not undergoing any ongoing development so this keeps it
in a safe state for care and maintaince, with less of a security risk
if such an issue were to come up.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Martin Schwenke [Tue, 20 Oct 2015 01:38:38 +0000 (12:38 +1100)]
ctdb-scripts: Use "ctdb ip all" instead of "ctdb ip -n all"
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Oct 23 06:44:45 CEST 2015 on sn-devel-104
Martin Schwenke [Tue, 20 Oct 2015 01:37:17 +0000 (12:37 +1100)]
ctdb-doc: Stop using "ctdb -n all ..."
This is deprecated. For many commands it doesn't make sense. Instead
of "ctdb ip -n all" use "ctdb ip all".
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 20 Oct 2015 01:28:16 +0000 (12:28 +1100)]
ctdb-tests: Change "ctdb ip -n all" to "ctdb ip all"
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 20 Oct 2015 01:25:01 +0000 (12:25 +1100)]
ctdb-tools: Support "ctdb ip all" as equivalent to "ctdb ip -n all"
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 20 Oct 2015 01:12:39 +0000 (12:12 +1100)]
ctdb-tests: Do not test "ctdb nodestatus -n all"
This is low value and will no longer be supported.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 19 Oct 2015 05:51:48 +0000 (16:51 +1100)]
ctdb-tests: Drop use of "ctdb delip -n all" in simple tests
Add new function delete_ip_from_all_nodes(). Also
ctdb_get_all_pnns().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 19 Oct 2015 05:05:44 +0000 (16:05 +1100)]
ctdb-tests: Drop simple uses of "ctdb -n all ..." from simple tests
None of these uses of -n are particularly useful. "-n all" will be
deprecated.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Tom Schulz [Thu, 22 Oct 2015 09:12:01 +0000 (11:12 +0200)]
texpect: undefined symbol rep_fprintf
Add libreplace dependency to texpect, fixes a linking error on Solaris.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11511
Signed-off-by: Tom Schulz <schulz@adi.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Oct 22 14:28:17 CEST 2015 on sn-devel-104
Jeremy Allison [Wed, 21 Oct 2015 18:13:46 +0000 (11:13 -0700)]
auth: gensec: Parameters out_mem_ctx and ev are passed in the wrong order to gensec_spnego_server_try_fallback().
Fix suggested by <lev@zadarastorage.com>. Fixes a memory leak.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11565
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Oct 22 11:27:19 CEST 2015 on sn-devel-104
Volker Lendecke [Wed, 21 Oct 2015 13:15:51 +0000 (15:15 +0200)]
messaging: Fix creating the dgm lockfile
There might be situations where the lock directory moves to a
location where a previous installation left the datagram sockets
(Yes, I just came across this). We can't really deal with it except
by just removing the socket without properly checking.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 22 02:14:29 CEST 2015 on sn-devel-104
Ralph Boehme [Wed, 21 Oct 2015 14:08:00 +0000 (16:08 +0200)]
lib/tsocket: fix non-blockging connect() error handling
Non-blockging connect() either returns immediate success, or -1 with
errno EINPROGESS as indication that the connection is pending. All other
errnos indicate immediate failure.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Christof Schmitt [Wed, 21 Oct 2015 18:12:22 +0000 (11:12 -0700)]
README.Coding: Update section about debug macros
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Wed, 21 Oct 2015 18:07:57 +0000 (11:07 -0700)]
Remove function name from callers of DBG_*
It is now added automatically.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Wed, 21 Oct 2015 18:07:35 +0000 (11:07 -0700)]
debug: Prefix messages from DBG_* with function name
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 21 Oct 2015 10:01:26 +0000 (12:01 +0200)]
dcerpc.idl: accept invalid dcerpc_bind_nak pdus
Older Samba versions (<= 4.1) had a bug in the dcerpc_bind_nak
idl, see commit
f73ef3028c4f4583c81b611a9714608eae79360c.
Note: ndr_pull_dcerpc_bind_nak() was generated by pidl and
has been extended by the (_available == 0) check.
That's why we ignore the 80 char per line limit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11327
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 21 20:34:28 CEST 2015 on sn-devel-104
Andrew Bartlett [Tue, 20 Oct 2015 21:37:25 +0000 (10:37 +1300)]
selftest: Fix memset parameters in test for async_connect_send()
This fixes:
../lib/async_req/async_connect_send_test.c: In function ‘main’:
../lib/async_req/async_connect_send_test.c:88:3: error: ‘memset’ used with constant zero length parameter; this could be due to transposed parameters [-Werror=memset-transposed-args]
memset(&addr, sizeof(addr), 0);
^
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11564
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 21 17:31:00 CEST 2015 on sn-devel-104
Stefan Metzmacher [Wed, 21 Oct 2015 08:02:33 +0000 (10:02 +0200)]
script/release.sh: make it possible to create stable .x releases (x >= 1)
This version was used to create samba-4.3.1.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 21 14:27:53 CEST 2015 on sn-devel-104
Douglas Bagnall [Tue, 30 Jun 2015 22:45:47 +0000 (10:45 +1200)]
autobuild: add some system information to the autobuild tarball
When running multiple autobuilds on VMs with various parameters, you
can easily get confused about which was which, and the tarball doesn't
help much. This adds an extra file with information about the system.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 21 Oct 2015 01:10:57 +0000 (14:10 +1300)]
dynconfig: Use replace.h and memory.h directly, not via includes.h
includes.h brings in talloc.h, but this was recently removed as a dependency.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 21 11:26:38 CEST 2015 on sn-devel-104
Jeremy Allison [Tue, 20 Oct 2015 19:31:03 +0000 (12:31 -0700)]
s3-torture: Remove (incorrect) samba3-specific behavior in samba3.raw.unlink now the server is correct
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11452
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 19 Oct 2015 23:06:01 +0000 (16:06 -0700)]
s3-torture: Add WILDDELETE test to smbtorture3 to test old wildcard delete with zero attribute
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11452
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 19 Oct 2015 23:04:02 +0000 (16:04 -0700)]
s3-smbd: Fix old DOS client doing wildcard delete - gives a attribute type of zero
In the wildcard delete path we forgot to map 0 -> FILE_ATTRIBUTE_NORMAL
as we do in the non-wildcard delete path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11452
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Ralph Boehme [Thu, 15 Oct 2015 08:06:42 +0000 (10:06 +0200)]
net: print file path in serverid wipedbs --verbose
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 21 03:10:28 CEST 2015 on sn-devel-104
Andrew Bartlett [Tue, 17 Mar 2015 03:05:37 +0000 (16:05 +1300)]
provision: Allow more OS levels in sambadns
While we do not support these yet, they make no difference to DNS, so permit up to 2012R2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 20 23:23:13 CEST 2015 on sn-devel-104
Andrew Bartlett [Tue, 17 Mar 2015 03:02:52 +0000 (16:02 +1300)]
dsdb: Add functional levels for 2012 and 2012R2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 11 Aug 2015 02:03:55 +0000 (14:03 +1200)]
samba_upgradedns: Remove unused variable
dnssecret is not used at any point later in the script
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Fri, 7 Aug 2015 04:27:23 +0000 (16:27 +1200)]
samba-tool dns: Trap on conneciton errors and give useful info
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Fri, 7 Aug 2015 00:53:08 +0000 (12:53 +1200)]
selftest: Correct comment about MAX_WRAPPED_INTERFACES
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Mon, 31 Aug 2015 00:51:14 +0000 (12:51 +1200)]
torture: Add better debug message when tsocket_address_inet_from_strings fails
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 18 Oct 2015 20:21:10 +0000 (22:21 +0200)]
async_req: fix non-blocking connect()
According to Stevens UNIX Network Programming and various other sources,
the correct handling for non-blocking connect() is:
- when the initial connect() return -1/EINPROGRESS polling the socket
for *writeability*
- in the poll handler call getsocktopt() with SO_ERROR to get the
finished connect() return value
Simply calling connect() a second time without error checking is
probably wrong and not portable. For a successfull connect() Linux
returns 0, but Solaris will return EISCONN:
24254: 0.0336 0.0002 connect(4, 0xFEFFECAC, 16, SOV_DEFAULT) Err#150 EINPROGRESS
24254: AF_INET name = 10.10.10.143 port = 1024
24254: 0.0349 0.0001 port_associate(3, 4, 0x00000004, 0x0000001D,0x080648A8) = 0
24254: 0.0495 0.0146 port_getn(3, 0xFEFFEB50, 1, 1, 0xFEFFEB60) = 1 [0]
24254: 0.0497 0.0002 connect(4, 0x080646E4, 16, SOV_DEFAULT) Err#133 EISCONN
24254: AF_INET name = 10.10.10.143 port = 1024
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11564
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 18 Oct 2015 20:23:20 +0000 (22:23 +0200)]
selftest: add a test for async_connect_send()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11564
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 20 Oct 2015 10:01:22 +0000 (12:01 +0200)]
README.Coding: initialize pointers
Pointers must be initialized to NULL.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 20 Oct 2015 09:35:23 +0000 (11:35 +0200)]
s4:lib/messaging: use a helper variable for tdb flags
Small refactoring that eliminates a nested function call. These are a
pita when stepping with gdb.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11562
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Oct 20 14:54:57 CEST 2015 on sn-devel-104
Ralph Boehme [Wed, 14 Oct 2015 10:40:03 +0000 (12:40 +0200)]
s4:lib/messaging: use correct path for names.tdb
source3 messaging_init() calls server_id_db_init() (where names.tdb is
created) with lock_path. source4 imessaging_init() otoh wrongly used the
special lock_path subdirectory "msg.lock":
> find /opt/samba/ -name names.tdb
/opt/samba/var/lock/msg.lock/names.tdb
/opt/samba/var/lock/names.tdb
> tdbdump /opt/samba/var/lock/names.tdb
{
key(14) = "notify-daemon\00"
data(27) = "28609/
12756565486113779780\00"
}
> tdbdump /opt/samba/var/lock/msg.lock/names.tdb
{
key(15) = "winbind_server\00"
data(8) = "28593/0\00"
}
With this patch both source3 and source4 messaging now use the same
names.tdb which is what we want:
> find /opt/samba/ -name names.tdb
/opt/samba/var/lock/names.tdb
> tdbdump /opt/samba/var/lock/names.tdb
{
key(15) = "winbind_server\00"
data(8) = "26434/0\00"
}
{
key(14) = "notify-daemon\00"
data(26) = "26452/
3454520012124001687\00"
}
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11562
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 8 Sep 2015 13:47:26 +0000 (15:47 +0200)]
script/release.sh: make it possible to create stable .0 releases
This version was used to create samba-4.3.0.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Wed, 14 Oct 2015 09:41:23 +0000 (11:41 +0200)]
lib: Remove unused serverid_get_random_unique_id
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct 19 15:12:22 CEST 2015 on sn-devel-104
Volker Lendecke [Wed, 14 Oct 2015 09:31:07 +0000 (11:31 +0200)]
lib: Add some debug to dgm_ref
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 19:30:30 +0000 (21:30 +0200)]
lib: Push down unique generation one level
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 18:59:57 +0000 (20:59 +0200)]
lib: Remove unused global my_unique_id
The unique_id is now always attached to a messaging_context.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:37:14 +0000 (17:37 +0200)]
lib: Remove unused procid_is_me()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:28:14 +0000 (17:28 +0200)]
lib: Remove unused procid_self()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:26:34 +0000 (17:26 +0200)]
lib: Remove procid_self() from messages.c
This together with the removal of procid_self obsoletes the global
my_unique.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 16 Oct 2015 09:36:48 +0000 (11:36 +0200)]
lib: Fix pid_to_procid()
Putting in my_unique_id is just wrong. Now that we have
a cheap way to read everyone's unique ids out of the lockfile,
we can fix it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:21:55 +0000 (17:21 +0200)]
winbindd: Remove reference to procid_self()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:21:30 +0000 (17:21 +0200)]
fssd: Remove reference to procid_self()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:20:48 +0000 (17:20 +0200)]
auth: Remove procid_self() from auth_samba4
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 16 Oct 2015 22:13:47 +0000 (15:13 -0700)]
smbd: Fix file name buflen and padding in notify repsonse
The array is uint16, doubling the file name length consumes twice the space
required.
As we're hand assembling this as a series of concatinated individual data_blobs,
we must take care to ensure the correct 4 byte alignment that was
being masked by the previous doubling of the filename length.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10634
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Oct 18 01:56:41 CEST 2015 on sn-devel-104
Ralph Boehme [Mon, 24 Aug 2015 15:45:14 +0000 (17:45 +0200)]
vfs_streams_xattr: fix and simplify streams_xattr_get_name()
streams_xattr_get_name() fails to chop off the stream type in case
config->store_stream_type is false and the passed stream name contains a
stream type.
Eg when the passed in stream name is ":mystream:$DATA", but
config->store_stream_type is false, we must generate a xattr name of
"mystream" or "user.mystream".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 16 23:27:01 CEST 2015 on sn-devel-104
Ralph Boehme [Mon, 24 Aug 2015 15:43:40 +0000 (17:43 +0200)]
vfs_fruit: hide the Netatalk metadata xattr in streaminfo
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 24 Aug 2015 15:42:35 +0000 (17:42 +0200)]
vfs_fruit: add and use define for the Netatalk metadata xattr
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Anoop C S [Fri, 9 Oct 2015 11:32:52 +0000 (11:32 +0000)]
s3.lib: Remove invalid switch case from sysquotas_nfs
getquota_rslt structure from rquota.h defines the enum
named status whose values start from 1. But in
sysquotas_nfs.c we have an invalid check for status 0.
This change is to remove that particular switch case.
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Mon, 10 Aug 2015 00:40:13 +0000 (12:40 +1200)]
build: Build *_wrapper without -DNDEBUG for in-tree use
These binaires are not installed, so are only used in make test,
and there we need debug output.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Oct 16 16:36:22 CEST 2015 on sn-devel-104
Douglas Bagnall [Thu, 1 Oct 2015 04:24:02 +0000 (17:24 +1300)]
ntlm auth: spelling fixes
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Douglas Bagnall [Wed, 19 Aug 2015 22:00:11 +0000 (10:00 +1200)]
samba-tool --help: possessive pronoun "its" has no apostrophe
"it's" is reserved for the contraction of "it is".
This *is* somewhat illogical, which is how you know its proper
English.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Wed, 14 Oct 2015 04:06:56 +0000 (15:06 +1100)]
ctdb-scripts: Lock debugging should print kernel stack for process in D state
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Thu, 8 Oct 2015 09:25:20 +0000 (20:25 +1100)]
ctdb-daemon: Change handling of default capabilities
Centrally define all the default capabilities to make the defaults
crystal clear. Capability-related command-line options now have a
direct correspondence rather than a reverse correspondence.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Fri, 16 Oct 2015 03:45:28 +0000 (14:45 +1100)]
ctdb-recovery: Update vnnmap before database recovery
Once the databases are recovered, all the pending calls are resent.
If the vnnmap is not updated, then the nodes can redirect calls to nodes
that are not part of the new vnnmap.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Oct 16 09:31:34 CEST 2015 on sn-devel-104
Anubhav Rakshit [Wed, 14 Oct 2015 12:46:06 +0000 (18:16 +0530)]
s4:torture: Add test case for Replay of Persistent Handle on a Single Channel.
Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 16 02:00:28 CEST 2015 on sn-devel-104
Jeremy Allison [Wed, 14 Oct 2015 18:20:08 +0000 (11:20 -0700)]
s3: test: Fix standalone valid users fileserver test.
Test was originally added for bug #11320. At the time
I remarked the only way I could get this to reproduce
the issue was to use "+WORKGROUP\userdup" instead of
just "+userdup" (which was the actual problem reported),
but I didn't investigage enough to discover the underlying
problem which is actually bug:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11555
(lookup_names() logic for unqualified (no DOMAIN\
component) names is incorrect). On a standalone
fileserver "WORKGROUP\name" should not resolve,
but "NETBIOS-NAME\name" and just "name" should.
This corrects the test now that lookups for unqualified
names are now being done correctly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Thu Oct 15 22:58:54 CEST 2015 on sn-devel-104
Jeremy Allison [Thu, 15 Oct 2015 16:20:58 +0000 (09:20 -0700)]
s3: lsa: lookup_name() logic for unqualified (no DOMAIN\ component) names is incorrect.
Change so we only use unqualified name lookup logic if
domain component = "" and LOOKUP_NAME_ISOLATED flag is
passed in.
Remember to search for "NT Authority" *before* going
into unqualified name lookup logic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11555
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Ralph Boehme [Thu, 15 Oct 2015 10:35:26 +0000 (12:35 +0200)]
s3:lib: validate domain name in lookup_wellknown_name()
If domain argument is not an empty string, only search the matching
wellknown domain name.
As the only wellknown domain with a name is "NT Authority", passing ""
to lookup_wellknown_name() will search all domains inlcuding "NT
Authority".
Passing "NT Authority" otoh will obviously only search that domain.
This change makes lookup_wellknown_name() behave like this:
in domain | in name | ok | out sid | out domain
========================================================
Dialup + S-1-5-1 NT Authority
NT Authority Dialup + S-1-5-1 NT Authority
Creator Authority Dialup - - -
Creator Owner + S-1-3-0 ""
Creator Authority Creator Owner - - -
NT Authority Creator Owner - - -
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11555
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Jeremy Allison [Tue, 13 Oct 2015 22:33:47 +0000 (15:33 -0700)]
s4: torture: Add SMB2 access-based enumeration test. Passes against Win2k12R2.
https://bugzilla.samba.org/show_bug.cgi?id=10252
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct 14 19:00:03 CEST 2015 on sn-devel-104
Jeremy Allison [Fri, 9 Oct 2015 22:08:05 +0000 (15:08 -0700)]
lib: cli: Add accessor function smb2cli_tcon_flags() to get tcon flags.
We need this to see if a share supports access-based enumeration.
https://bugzilla.samba.org/show_bug.cgi?id=10252
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Tue, 13 Oct 2015 23:49:41 +0000 (16:49 -0700)]
s3: smbd: Fix our access-based enumeration on "hide unreadable" to match Windows.
Torture test to follow.
https://bugzilla.samba.org/show_bug.cgi?id=10252
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Wed, 14 Oct 2015 09:21:52 +0000 (11:21 +0200)]
ctdb: fix typos in wscript comment.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Amitay Isaacs [Tue, 13 Oct 2015 23:09:08 +0000 (10:09 +1100)]
ctdb-tests: Fix CID
1327218-
1327221
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct 14 13:32:02 CEST 2015 on sn-devel-104