Samuel Cabrero [Thu, 26 May 2022 11:35:11 +0000 (13:35 +0200)]
s3:net: Refactor net_ads_setspn_list(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:31:57 +0000 (13:31 +0200)]
s3:net: Refactor net_ads_keytab_create(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:29:56 +0000 (13:29 +0200)]
s3:net: Refactor net_ads_keytab_add(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:25:40 +0000 (13:25 +0200)]
s3:net: Refactor net_ads_keytab_flush(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:23:30 +0000 (13:23 +0200)]
s3:net: Refactor net_ads_sid(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:20:36 +0000 (13:20 +0200)]
s3:net: Refactor net_ads_dn(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:18:01 +0000 (13:18 +0200)]
s3:net: Refactor net_ads_search(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:14:50 +0000 (13:14 +0200)]
s3:net: Refactor net_ads_changetrustpw(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 11:08:01 +0000 (13:08 +0200)]
s3:net: Refactor net_ads_password(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 10:46:05 +0000 (12:46 +0200)]
s3:net: Refactor net_ads_printer_remove(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 10:40:32 +0000 (12:40 +0200)]
s3:net: Refactor net_ads_printer_publish(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 10:29:14 +0000 (12:29 +0200)]
s3:net: Refactor net_ads_printer_info(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 10:23:17 +0000 (12:23 +0200)]
s3:net: Refactor net_ads_printer_search(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 10:11:16 +0000 (12:11 +0200)]
s3:net: Refactor net_ads_dns_unregister(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 10:08:45 +0000 (12:08 +0200)]
s3:net: Refactor net_ads_dns_register(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:37:15 +0000 (09:37 +0200)]
s3:net: Refactor net_ads_join(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:25:34 +0000 (09:25 +0200)]
s3:net: Refactor net_ads_join_ok(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:18:11 +0000 (09:18 +0200)]
s3:net: Refactor net_ads_leave(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:10:06 +0000 (09:10 +0200)]
s3:net: Refactor net_ads_status(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 16:06:14 +0000 (18:06 +0200)]
s3:net: Refactor net_ads_group(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Best viewed with "git diff -b".
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 16:02:11 +0000 (18:02 +0200)]
s3:net: Refactor ads_group_delete(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:57:34 +0000 (17:57 +0200)]
s3:net: Refactor ads_group_add(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:41:50 +0000 (17:41 +0200)]
s3:net: Refactor net_ads_user(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Best viewed using "git diff -b".
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:33:02 +0000 (17:33 +0200)]
s3:net: Refactor ads_user_delete(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:27:41 +0000 (17:27 +0200)]
s3:net: Refactor ads_user_info(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:18:08 +0000 (17:18 +0200)]
s3:net: Refactor ads_user_add(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:09:51 +0000 (17:09 +0200)]
s3:net: Pass a memory context to ads_startup_nobind()
The ads struct will be allocated under this context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:07:42 +0000 (17:07 +0200)]
s3:net: Refactor net_ads_workgroup(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:04:58 +0000 (17:04 +0200)]
s3:net: Refactor net_ads_info(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 15:02:14 +0000 (17:02 +0200)]
s3:net: Refactor net_ads_lookup(), allocate a talloc context
ADS_STRUCT will be allocated in the talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 16:05:38 +0000 (18:05 +0200)]
s3:libads: Allocate temporary memory context for ads_domain_func_level()
Prepare to allocate ADS_STRUCT under talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 16:02:04 +0000 (18:02 +0200)]
s3:libads: Rename talloc context
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 14:17:42 +0000 (16:17 +0200)]
s3:winbind: Allocate a temporary memory context for dcip_check_name_ads()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 14:14:11 +0000 (16:14 +0200)]
s3:winbind: Early return on error in dcip_check_name_ads()
Also use new debug macros and improve debug message.
Best viewed with "git diff -b".
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 14:00:22 +0000 (16:00 +0200)]
s3:winbind: Factor out dcip_check_name_ads()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 14:16:17 +0000 (16:16 +0200)]
s3:winbind: Create a temporary talloc context for ads_cached_connection_connect()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 14:15:22 +0000 (16:15 +0200)]
s3:winbind: Pass a memory context to ads_cached_connection_connect()
The ads struct will be allocated under this context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 14:13:38 +0000 (16:13 +0200)]
s3:winbind: Allocate a temporary memory context for ads_cached_connection()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 14:12:03 +0000 (16:12 +0200)]
s3:winbind: Allocate a temporary talloc context for ads_idmap_cached_connection()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 14:06:21 +0000 (16:06 +0200)]
s3:winbind: Init pointers to NULL and use new debug macros
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 12:35:55 +0000 (14:35 +0200)]
s3:winbind: Return ADS_STATUS from ads_cached_connection()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 11:25:32 +0000 (13:25 +0200)]
s3:winbind: Pass a memory context to ads_idmap_cached_connection()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:23:38 +0000 (13:23 +0200)]
s3:printing: Allocate a temporary talloc context for nt_printer_publish()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:10:35 +0000 (13:10 +0200)]
s3:libsmb: Allocate a temporary talloc context for ads_dc_name()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:05:43 +0000 (13:05 +0200)]
s3:libnet: Allocate a temporary talloc context in libnet_connect_ads()
Prepare to allocate ADS_STRUCT under a talloc context. Pass a talloc
context where the ads struct will be moved on success.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 10:01:13 +0000 (12:01 +0200)]
s3:netapi: Allocate a temporary talloc context for NetGetJoinableOUs_l()
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 10:44:36 +0000 (12:44 +0200)]
pygpo: Make ads_ADSType object inherit from pytalloc_BaseObject
Prepare to allocate ADS_STRUCT under a talloc context.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:36:54 +0000 (09:36 +0200)]
s3:libnet: Allocate the machine name string under its container's talloc context
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Thu, 26 May 2022 07:16:59 +0000 (09:16 +0200)]
s3:libnet: Allocate the machine name string under its container's talloc context
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 13:59:11 +0000 (15:59 +0200)]
s3:winbind: Fix a memory leak in ads_cached_connection()
The trust password was leaked.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 12:17:51 +0000 (14:17 +0200)]
s3:winbind: Fix a memory leak in ads_idmap_cached_connection()
The trust password was leaked.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Wed, 25 May 2022 11:21:02 +0000 (13:21 +0200)]
s3:winbind: Remove dupplicated talloc_get_type() call
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 16:09:02 +0000 (18:09 +0200)]
s3:libads: Pass the correct ADS_STRUCT pointer to ads_msgfree
The search is performed using the ads_s pointer.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 16:06:47 +0000 (18:06 +0200)]
s3:libads: Clear previous CLDAP ping flags when reusing the ADS_STRUCT
Fixes the problem described in commit
a26f535dedc651afa2a25dd37113ac71787197ff
but for ads_domain_func_level() function.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samuel Cabrero [Tue, 24 May 2022 11:25:03 +0000 (13:25 +0200)]
s3:printing: Fix temporary talloc context leak
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 3 Jun 2022 03:37:01 +0000 (05:37 +0200)]
vfs_acl_xattr: add acl_xattr:security_acl_name option
Pair-Programmed-With: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Mon, 20 Jun 2022 16:48:56 +0000 (18:48 +0200)]
bootstrap: Use quay.io to download fedora images
The docker registry is rate limited now. This often leads to errors, so
use the Red Hat registry.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jun 26 23:08:03 UTC 2022 on sn-devel-184
Andrew Bartlett [Thu, 24 Mar 2022 23:50:26 +0000 (12:50 +1300)]
WHATSNEW: Announce support for dropping the NT hash
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Sun, 10 Apr 2022 23:54:24 +0000 (11:54 +1200)]
samba-tool user: Accomodate missing unicodePwd in getpassword command
To allow for the NT hash not being stored when NTLM authentication is
disabled, we use the AES256 key instead for verification against the
other packages if the unicodePwd attribute is not present.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 9 May 2022 02:50:15 +0000 (14:50 +1200)]
samba-tool user: When possible, obtain AES256 key and salt
We will make use of these in the next commit to check that the
supplemental packages are up-to-date with the current password.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 9 May 2022 02:37:58 +0000 (14:37 +1200)]
auth/credentials: Add get_aes256_key()
This makes it possible to generate AES256 keys in Python from a given
password and salt.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 9 May 2022 02:35:05 +0000 (14:35 +1200)]
auth/credentials: Add cli_credentials_get_aes256_key()
This allows us to generate AES256 keys from a given password and salt.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 31 Jan 2022 01:08:13 +0000 (14:08 +1300)]
dsdb: Allow password history and password changes without an NT hash
We now allow this to be via the ENCTYPE_AES256_CTS_HMAC_SHA1_96 hash instead
which allows us to decouple Samba from the unsalted NT hash for
organisations that are willing to take this step (for user accounts).
(History checking is limited to the last three passwords only, as
ntPwdHistory is limited to NT hash values, and the PrimaryKerberosCtr4
package only stores three sets of keys.)
Since we don't store a salt per-key, but only a single salt, the check
will fail for a previous password if the account was renamed prior to a
newer password being set.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 10 Jun 2022 00:47:01 +0000 (12:47 +1200)]
s4-auth: For LDAP simple bind, fall back to checking the ENCTYPE_AES256_CTS_HMAC_SHA1_96 if stored
Since we don't store a salt per-key, but only a single salt, when we do
not have the NT hash in the unicodePwd (eg ntlm auth = disabled), the check
will fail for a previous password if the account was renamed prior to a
newer password being set.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Wed, 18 May 2022 08:12:36 +0000 (20:12 +1200)]
s4:kdc: Add helper function to extract AES256 key and salt
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 11 Apr 2022 03:44:09 +0000 (15:44 +1200)]
tests/krb5: Add test for presence of NT hash
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 24 Jun 2022 08:39:57 +0000 (10:39 +0200)]
third_party: Update nss_wraper to version 1.1.12
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 24 22:29:33 UTC 2022 on sn-devel-184
Martin Schwenke [Fri, 27 May 2022 13:19:46 +0000 (23:19 +1000)]
ctdb-scripts: Drop use of eval in CTDB callout handling
eval is not required and causes the follow ShellCheck warning:
SC2294 (warning): eval negates the benefit of arrays. Drop eval to
preserve whitespace/symbols (or eval as string).
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 24 10:40:50 UTC 2022 on sn-devel-184
Martin Schwenke [Fri, 27 May 2022 13:16:28 +0000 (23:16 +1000)]
ctdb-tests: Do not require eval tricks for faking NFS callout
The current code requires the use of eval in the NFS callout handling
to facilitate testing. Improve the code to remove this need.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 02:40:20 +0000 (13:40 +1100)]
ctdb-scripts: Avoid ShellCheck warning SC2162
SC2162 read without -r will mangle backslashes
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 02:00:40 +0000 (13:00 +1100)]
ctdb-tests: Fix faking of program stack traces
The current code works in all current cases but is lazy and wrong.
Fix it to avoid breaking on code changes involving different thread
setups.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 01:55:07 +0000 (12:55 +1100)]
ctdb-tests: Improve Debian-style event script unit testing
Tests can be run by hand using different distro styles, such as:
CTDB_NFS_DISTRO_STYLE=systemd-debian \
./tests/run_tests.sh ./tests/UNIT/eventscripts/{06,60}.nfs.*
This fixes known problems for Debian styles, so the tests now pass for
the following values of CTDB_NFS_DISTRO_STYLE:
systemd-redhat
sysvinit-redhat
systemd-debian
sysvinit-debian
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 01:52:10 +0000 (12:52 +1100)]
ctdb-scripts: Parameterise /etc directory to aid testing
At the moment test results can be influenced by real system
configuration files.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 18 Mar 2022 01:47:10 +0000 (12:47 +1100)]
ctdb-scripts: Set NFS services to "AUTO" if started by another service
For example, in Sys-V init "rquotad" is started by the main "nfs"
service. At the moment the call-out can't distinguish between this
case and "should never be run". Services set to "AUTO" are
hand-stopped/started via service_stop()/service_start() on failure via
restart_after.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2022 04:21:37 +0000 (14:21 +1000)]
ctdb-scripts: Refactor the manual RPC service start/stop
This logic needs improving, so factor the decision making into new
functions service_or_manual_stop() and service_or_manual_start().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 17 Mar 2022 23:41:26 +0000 (10:41 +1100)]
ctdb-scripts: Simplify and rename basic_stop() and basic_start()
Drop the argument. These now just stop/start the overall NFS service,
so rename them appropriately.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 17 Mar 2022 23:33:05 +0000 (10:33 +1100)]
ctdb-scripts: Move nfslock out of basic_stop() and basic_start()
These are only called in one place and should be done inline, since
that is less confusing.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 17 Mar 2022 23:53:45 +0000 (10:53 +1100)]
ctdb-tests: Reformat script
Samba is reformatting shell scripts using
shfmt -w -p -i 0 -fn
so update this one before editing.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Andreas Schneider [Fri, 24 Jun 2022 07:36:27 +0000 (09:36 +0200)]
s3:waf: Fix version number of public libsmbconf
Error: ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15108
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 24 09:48:38 UTC 2022 on sn-devel-184
Björn Jacke [Mon, 20 Jun 2022 19:19:36 +0000 (21:19 +0200)]
docs-xml: add missing generic nfs4 parameters in nfs4_xattr man page
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Wed Jun 22 18:57:53 UTC 2022 on sn-devel-184
Björn Jacke [Mon, 20 Jun 2022 19:17:48 +0000 (21:17 +0200)]
docs_xml: use the nfs4 parameter include file in zfsacl man page
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Mon, 20 Jun 2022 19:16:10 +0000 (21:16 +0200)]
docs_xml: use the nfs4 parameter include file in gpfs man page
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Mon, 20 Jun 2022 19:13:32 +0000 (21:13 +0200)]
docs-xml: add nfs4.xml.include documenting the generic NFS4 ACL parameters
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Ralph Boehme [Mon, 29 Nov 2021 22:09:33 +0000 (23:09 +0100)]
vfs_gpfs: use sys_fstatat() in stat_with_capability()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12421
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Bjoern Jacke <bjacke@samba.org>
Andrew Bartlett [Tue, 21 Jun 2022 07:23:26 +0000 (19:23 +1200)]
build: Ensure that SAMBA_GENERATOR() tasks fail on error
Previously the error from inside the shell was eaten.
This showed up particularly as a failure to notice errors when running xsltproc
to build the manpages.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 22 16:43:30 UTC 2022 on sn-devel-184
Andrew Bartlett [Mon, 20 Jun 2022 23:44:04 +0000 (11:44 +1200)]
docs: Show current system path for smb.conf in &smb.conf entity
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Mon, 20 Jun 2022 02:35:19 +0000 (14:35 +1200)]
docs-xml: Use &pathconfig.WINBINDD_SOCKET_DIR; to avoid reference to old /tmp/.winbindd
We can now write docs that follow how the software on this system was
built, which is much less confusing for users. Also /tmp/.winbindd
has not been used for a long time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15101
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Mon, 20 Jun 2022 02:34:05 +0000 (14:34 +1200)]
build: Allow &pathconfig XML entities to be used in all manpages, not just smb.conf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15101
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 22 Jun 2022 06:37:06 +0000 (08:37 +0200)]
lib:cmdline: Fix error handling of --client-protection=sign|encrypt|off
Best reviewed with `git show -b`
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 22 11:49:23 UTC 2022 on sn-devel-184
Andreas Schneider [Wed, 22 Jun 2022 06:34:20 +0000 (08:34 +0200)]
lib:cmdline: Fix error handling of --use-krb5-ccache=CCACHE
Best reviewed with `git show -b`
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 22 Jun 2022 06:28:40 +0000 (08:28 +0200)]
lib:cmdline: Fix error handling of --use-kerberos=desired|required|off
Best reviewed with `git show -b`
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 24 May 2022 08:17:00 +0000 (10:17 +0200)]
testprogs: Fix auth with smbclient and krb5 ccache
--use-kerberos=required will ask the user to provide a username and
password to do a kinit. The test will open a password prompt in this
case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat xattr-tdb-1/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jun 22 10:10:48 UTC 2022 on sn-devel-184
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat vfstest-catia/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat vfstest-acl/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:08 +0000 (15:34 +0200)]
s3:tests: Reformat stream-depot/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:08 +0000 (15:34 +0200)]
s3:tests: Reformat full_audit_segfault/run.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat wb_pad.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat test_zero_data.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Fri, 22 Apr 2022 13:34:12 +0000 (15:34 +0200)]
s3:tests: Reformat test_winbind_ignore_domains.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
git.samba.org / gd / samba / .git / log