cvs2svn Import User [Sat, 9 Feb 2002 03:51:36 +0000 (03:51 +0000)]
This commit was manufactured by cvs2svn to create tag
'release-3-0-alpha15'.
Samba Release Account [Sat, 9 Feb 2002 03:51:35 +0000 (03:51 +0000)]
preparing for release of 3.0-alpha15
Andrew Bartlett [Sat, 9 Feb 2002 03:29:36 +0000 (03:29 +0000)]
Do the reverse DNS lookup, but only if 'hostname lookups = yes'
Andrew Bartlett
Gerald Carter [Fri, 8 Feb 2002 21:51:40 +0000 (21:51 +0000)]
merge from APPLIANCE_HEAD
Andrew Bartlett [Fri, 8 Feb 2002 06:43:55 +0000 (06:43 +0000)]
Fix up some of the DEBUG lines in winbind_pam.c
Herb Lewis [Thu, 7 Feb 2002 20:20:05 +0000 (20:20 +0000)]
smbsh need CC not SHLD
Herb Lewis [Thu, 7 Feb 2002 20:09:17 +0000 (20:09 +0000)]
quite errors about unnecessary const casting - don't build libnss_wins.so
Andrew Tridgell [Thu, 7 Feb 2002 02:44:37 +0000 (02:44 +0000)]
when a trusted domain is down an ADS server will return a success on a
get trusted domains query but leave the domain SID blank - we need to
fail the add of the trusted domain in winbindd in that case
Christopher R. Hertel [Wed, 6 Feb 2002 22:51:07 +0000 (22:51 +0000)]
I added two lines of comments regarding the include= parameter. Someone
here at the UofM was burned today because they had left that line in its
default location.
Andrew Bartlett [Wed, 6 Feb 2002 20:31:26 +0000 (20:31 +0000)]
Try to get this finally working. (Note to self: *always* check build farm...)
:-)
Andrew Bartlett
Jim McDonough [Wed, 6 Feb 2002 02:28:46 +0000 (02:28 +0000)]
Fix ldapmod list overrun check. Also better document and format ldap control for permissive modify.
Tim Potter [Wed, 6 Feb 2002 02:22:33 +0000 (02:22 +0000)]
0x is the traditional prefix for displaying hex numbers.
Herb Lewis [Wed, 6 Feb 2002 00:56:43 +0000 (00:56 +0000)]
no longer need separate build o32 smbwrapper
Herb Lewis [Wed, 6 Feb 2002 00:53:00 +0000 (00:53 +0000)]
fix for IRIX toolroot builds
Andrew Bartlett [Tue, 5 Feb 2002 23:45:29 +0000 (23:45 +0000)]
Fix use of uninitialsed variable in PAM code
Andrew Bartlett [Tue, 5 Feb 2002 21:05:04 +0000 (21:05 +0000)]
See if we can get slightly valid C for the non-PAM case here.
Andrew Bartlett
Andrew Bartlett [Tue, 5 Feb 2002 09:40:36 +0000 (09:40 +0000)]
Drastic impromvents to pam_winbind.
This adds code to do generic PAM -> NTSTATUS and NTSTATUS -> PAM error
conversions, and uses them to make the error handling in pam_winbind sane.
In particular, pam_winbind now uses PAM error codes, not silly '-1, -2 ...'
stuff, and logs the NTSTATUS error that winbind now sends over the pipe.
Added code to wbinfo to display these - makes a big difference in debugging
winbindd.
The main change here is the code to allow pam_winbind password changing to
correctly stack - This code ripped from pam_unix, and the copyright attached.
(Same as for all pam modules, including pam_winbind)
Andrew Bartlett
Andrew Tridgell [Tue, 5 Feb 2002 06:42:35 +0000 (06:42 +0000)]
got rid of a silly '*' in printout
Andrew Tridgell [Tue, 5 Feb 2002 03:55:20 +0000 (03:55 +0000)]
- only show 1 cleanup msg per client
- show client count in progress
Andrew Tridgell [Tue, 5 Feb 2002 03:02:14 +0000 (03:02 +0000)]
fixed the directory removal for when the dir doesn't exit
Jeremy Allison [Tue, 5 Feb 2002 02:40:16 +0000 (02:40 +0000)]
Fix stupid typo !
Jeremy.
Andrew Tridgell [Tue, 5 Feb 2002 01:31:47 +0000 (01:31 +0000)]
rewrote smbtorture to use the new dbench 2 format and methods
Andrew Tridgell [Tue, 5 Feb 2002 01:31:16 +0000 (01:31 +0000)]
check for empty parameters in qpathinfo
Andrew Tridgell [Tue, 5 Feb 2002 01:30:50 +0000 (01:30 +0000)]
support double functions
Andrew Tridgell [Tue, 5 Feb 2002 01:30:02 +0000 (01:30 +0000)]
fixed a bug in qpathinfo client code
Gerald Carter [Mon, 4 Feb 2002 14:15:29 +0000 (14:15 +0000)]
removed several parameters ("client code page", "valid chars",
"code page directory", "character set", et. al.)
Richard Sharpe [Mon, 4 Feb 2002 02:24:29 +0000 (02:24 +0000)]
Add the new smbprint shell script, smbprint-new.sh that is supposed to fix some problems under *BSD and etc ...
Simo Sorce [Mon, 4 Feb 2002 00:59:23 +0000 (00:59 +0000)]
better debug messages!
Andrew Bartlett [Sun, 3 Feb 2002 03:51:01 +0000 (03:51 +0000)]
A new simpiler syntax demands a new simpiler HOWTO. (This can all be reverted
if new simpiler syntax was a bad idea...).
Andrew Bartlett
Andrew Bartlett [Sun, 3 Feb 2002 03:25:26 +0000 (03:25 +0000)]
Make smbgroupedit a little easier on the user.
We now have error messages for most of the failure cases, and the
'sid' arguments for delete and change can now take the nt group name
as a string.
Also fix up all the internal functions to be static, keeping the
namespace clean.
Andrew Bartlett
Jim McDonough [Sat, 2 Feb 2002 22:09:03 +0000 (22:09 +0000)]
Change ADS_ERROR family of macros - removed semicolon from the end, since they were only being used correctly in one location, and all other assumed the semicolon wasn't there. Amazing that none of them mattered syntactically, until today.
Jim McDonough [Sat, 2 Feb 2002 22:07:22 +0000 (22:07 +0000)]
Update for function name changes, plus do some of the optional attributes on printer modify, now that the ldap control is working.
Jim McDonough [Sat, 2 Feb 2002 22:06:10 +0000 (22:06 +0000)]
merge in some changes from Alexey Kotovich. Return ADS_STATUS instead of BOOLs. Add support for bervals in mod lists. Also put undocumented AD ldap control in to allow modifications when an attribute does not yet exist.
Gerald Carter [Sat, 2 Feb 2002 15:44:37 +0000 (15:44 +0000)]
merge from 2.2
Gerald Carter [Sat, 2 Feb 2002 06:08:43 +0000 (06:08 +0000)]
merge from 2.2 and regen
Gerald Carter [Sat, 2 Feb 2002 04:58:57 +0000 (04:58 +0000)]
merge from 2.2
Jim McDonough [Sat, 2 Feb 2002 02:06:03 +0000 (02:06 +0000)]
Add support for net ads printer to publish, remove, or display printer info in the directory. Only publishes required fields right now.
Jim McDonough [Sat, 2 Feb 2002 02:04:01 +0000 (02:04 +0000)]
Minor bug fixes, plus support to remove a printer. Commented out optional attributes until a method for checking for their existence is done.
Simo Sorce [Fri, 1 Feb 2002 23:20:08 +0000 (23:20 +0000)]
update from 2.2
Jim McDonough [Fri, 1 Feb 2002 17:42:41 +0000 (17:42 +0000)]
Add ads printer information
Jim McDonough [Fri, 1 Feb 2002 17:13:39 +0000 (17:13 +0000)]
Fix build errors on non-ldap systems...change function parms from LDAPMod ** to void **
Jim McDonough [Fri, 1 Feb 2002 16:58:01 +0000 (16:58 +0000)]
Fix file header description and copyright (from cut-and-paste laziness)
Jim McDonough [Fri, 1 Feb 2002 16:17:39 +0000 (16:17 +0000)]
Add ldap_printer.c build for ADS printer objects.
Jim McDonough [Fri, 1 Feb 2002 16:15:53 +0000 (16:15 +0000)]
Module for ADS operations on a printer object in the directory. Initially it creates and modifies a printQueue object in the directory
Jim McDonough [Fri, 1 Feb 2002 16:14:33 +0000 (16:14 +0000)]
Add functions for modifying an entry in ADS. Needed for printer publishing.
Jeremy Allison [Thu, 31 Jan 2002 23:26:12 +0000 (23:26 +0000)]
Fix from Michael Steffens <michael_steffens@hp.com> to make signal
processing work correctly in winbindd. This is a really good patch
that gives full select semantics to the Samba modified select.
Jeremy.
Andrew Tridgell [Thu, 31 Jan 2002 12:47:42 +0000 (12:47 +0000)]
reduced memory usage in winbindd with a rpc backend by using a
separate talloc context for each partial fetch
Tim Potter [Thu, 31 Jan 2002 11:54:01 +0000 (11:54 +0000)]
Removed unused variables.
Andrew Tridgell [Thu, 31 Jan 2002 11:49:29 +0000 (11:49 +0000)]
added 'wbinfo --sequence' to show sequence numbers of all domains
Tim Potter [Thu, 31 Jan 2002 11:44:00 +0000 (11:44 +0000)]
Added administrator access check for server side add, delete and setform
rpcs. The only one I have been able to verify is addform - can't get the
client side routines working properly yet. )-:
Tim Potter [Thu, 31 Jan 2002 11:42:16 +0000 (11:42 +0000)]
Added make functions for SPOOL_Q_{ADD,SET,DELETE}FORM.
I'm pretty sure that the useless_ptr in spoolss_io_q_setform() needs to be
initialised to 1 otherwise the form isn't marshalled at all. JF, can you
verify this? If so then this probably applies to the io functions for
setform and deleteform.
Andrew Bartlett [Thu, 31 Jan 2002 11:38:47 +0000 (11:38 +0000)]
Initialise some SAM_ACCOUNT structs to NULL, and add some more error checking.
Andrew Bartlett
Tim Potter [Thu, 31 Jan 2002 11:37:48 +0000 (11:37 +0000)]
Added addform, setform and deleteform cli functions.
Tim Potter [Thu, 31 Jan 2002 11:36:30 +0000 (11:36 +0000)]
Added addform, setform and deleteform commands. The only one I could get
to actually work was addform. )-:
Removed a whole bunch of calls to werror_to_ntstatus() because there isn't
a one-to-one mapping of NTSTATUS values to WERROR values. This function
maps WERR_ACCESS_DENIED to NTSTATUS_INVALID_LOCK_SEQUENCE or something
silly like that.
Tim Potter [Thu, 31 Jan 2002 11:30:36 +0000 (11:30 +0000)]
Added some constants for the flags field in the FORM_1 structure.
The level2 field in SPOOL_Q_ADDFORM is probably part of the FORM structure
as a discriminated union.
Tim Potter [Thu, 31 Jan 2002 11:28:02 +0000 (11:28 +0000)]
Added constant for WERR_FILE_EXISTS.
Andrew Tridgell [Thu, 31 Jan 2002 09:37:26 +0000 (09:37 +0000)]
this fixes the problem of not being able to add a SD to a file on a
non-domain Samba server from a NT4 client.
Note that this exactly reverses a change by Jeremy on the 18th of
December 2001, reverting the code back to what JF originally wrote. I
have looked carefully with a sniffer and JFs original NULL sid is
correct (ie. it matches what NT4 does) and also fixes the problem.
Sending a blank sid (which is what jeremy's patch did) causes NT4 to
give a classic "parameter is incorrect error" and prevents the
addition of new ACLs.
Samba Release Account [Wed, 30 Jan 2002 12:12:16 +0000 (12:12 +0000)]
preparing for release of 3.0-alpha14
Andrew Bartlett [Wed, 30 Jan 2002 12:06:22 +0000 (12:06 +0000)]
Back out herb's changes (to allow smbpasswd -x to work on accounts outside
/etc/passwd) and replace them with a version that works. Unfortunetly HEAD and
2.2 have different passdb interfaces and different local_password_change
functions...
Andrew Bartlett
Andrew Bartlett [Wed, 30 Jan 2002 10:50:07 +0000 (10:50 +0000)]
An attempt at producing the correct Makefile magic for wrepld_proto.h to be
automatically generated on first 'make'. This wasn't being picked up by the
build farm becouse of the explicit 'make proto'.
The 'make proto' bit isn't somthing our alpha testers know about (its certainly
not clearly documented) and its meant to be automatic.
I hope this works...
Andrew Bartlett
Tim Potter [Wed, 30 Jan 2002 06:10:09 +0000 (06:10 +0000)]
Addd wrepld (what a cool name!)
Tim Potter [Wed, 30 Jan 2002 06:09:48 +0000 (06:09 +0000)]
Added wrepld_proto.h
Tim Potter [Wed, 30 Jan 2002 06:08:46 +0000 (06:08 +0000)]
Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
Tim Potter [Wed, 30 Jan 2002 05:49:20 +0000 (05:49 +0000)]
Unused file.
Gerald Carter [Wed, 30 Jan 2002 05:45:09 +0000 (05:45 +0000)]
merge from 2.2
Herb Lewis [Wed, 30 Jan 2002 04:07:42 +0000 (04:07 +0000)]
merge change from @_2 to allow smbpasswd -x to delete user even if no
entry in /etc/passwd.
There are still differences in the local_password_change function. I'm
not sure which was the latest so I didn't change any thing else. Someone
needs to take a look and sync these up.
Tim Potter [Wed, 30 Jan 2002 03:23:40 +0000 (03:23 +0000)]
Fix for password change from Samuel Ziegler <sam@xpedion.com>
Tim Potter [Wed, 30 Jan 2002 03:14:20 +0000 (03:14 +0000)]
Removed silly fprintf(stderr, ...) debug.
Part of Samuel Ziegler's patch to get winbind password changing working
again in HEAD.
Martin Pool [Tue, 29 Jan 2002 05:34:16 +0000 (05:34 +0000)]
Doc.
Jeremy Allison [Tue, 29 Jan 2002 01:17:44 +0000 (01:17 +0000)]
Fix "strict allocate" to write the data out on ftruncate with extend.
Jeremy.
Tim Potter [Tue, 29 Jan 2002 01:01:14 +0000 (01:01 +0000)]
Since we have dynamic initialisation in the group mapping code, make
init_group_mapping() a static function and don't call it from any client
programs.
Not sure whether I've made a bigger mess here or not...
Gerald Carter [Mon, 28 Jan 2002 17:36:33 +0000 (17:36 +0000)]
make all-docs to make sure everything is up-to-date
Andrew Bartlett [Mon, 28 Jan 2002 00:54:37 +0000 (00:54 +0000)]
Name another talloc.
Simo Sorce [Sun, 27 Jan 2002 16:37:12 +0000 (16:37 +0000)]
minor fix and checks
Andrew Bartlett [Sun, 27 Jan 2002 12:12:22 +0000 (12:12 +0000)]
Some more 'winbind default domain' support patches from Alexander Bokovoy
<a.bokovoy@sam-solutions.net>.
This patch is designed to remove the 'special cases' required for this support.
In particular this now kills off winbind_initgroups, as it appears no longer to
be required.
Andrew Bartlett
Andrew Bartlett [Sun, 27 Jan 2002 12:06:27 +0000 (12:06 +0000)]
Yes, dev is an 'input/output' paramater...
Andrew Bartlett
Andrew Bartlett [Sun, 27 Jan 2002 10:53:43 +0000 (10:53 +0000)]
Patch from Kevin Stefanik <kstef@mtppi.org> to do some more error checking for
group mapping init failures.
Gerald Carter [Sun, 27 Jan 2002 05:37:23 +0000 (05:37 +0000)]
merge from 2.2 and regenerate
Andrew Bartlett [Sun, 27 Jan 2002 03:00:56 +0000 (03:00 +0000)]
Give pdbedit a -D paramater for setting the DEBUGLEVEL (makes debugging passdb
much saner :-).
Change to pdb_init_sam()/pdb_free_sam() loop rather than reset based due to
the talloc basis.
Andrew Bartlett
Gerald Carter [Sat, 26 Jan 2002 22:27:12 +0000 (22:27 +0000)]
merge from APPLIANCE_HEAD
Andrew Bartlett [Sat, 26 Jan 2002 12:24:18 +0000 (12:24 +0000)]
- Provide sid->name lookup support for non-unix accounts.
- Rework the name -> sid lookup function to always try local lookup first (for
local domain names) before trying winbind. This seems to eliminate my winbind
feedback loop problems. (I don't use winbind for nsswitch, where there are
almost certainly further issues).
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 11:48:42 +0000 (11:48 +0000)]
Back out some of the less well thought out ideas from last weeks work on
winbind default domains, particulary now I understand whats going on a lot
better. This ensures that the RPC client code does as little 'magic' as
possible - this is up to the application/user. (Where - for to name->sid code
- it was all along). This leaves the change that allows the sid->name code to
return domains and usernames in seperate paramaters.
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 10:10:25 +0000 (10:10 +0000)]
Bring this code into line with new winbind_lookup_name() interface. I think
this might need a bit more work - or at least documentation.
This is certainly a worthwile little hack, as it avoids the need to invert the
group database. I don't think we should allow unqualified domains here - as
that allows us to distinguish between (at least some) usernames and these
'special' groups.
Andrew Bartlett [Sat, 26 Jan 2002 10:06:23 +0000 (10:06 +0000)]
Make a talloc'ed copy of this strings so we can pass the right kind of pointer
to the function. This fixes a nice little segfault the brute-force-casting
created. :-)
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 10:05:10 +0000 (10:05 +0000)]
Rework lookup_name() to take seperate username/domain args, and to remove
varioius crazy 'if winbind didn't find it' cases. This makes winbind default
domain support easier to intergrate with smbd.
Andrew Bartlett [Sat, 26 Jan 2002 10:03:25 +0000 (10:03 +0000)]
Add the become_root()/unbecome_root() wrapper around the lookup_name() call,
and its new args.
Andrew Bartlett [Sat, 26 Jan 2002 10:02:23 +0000 (10:02 +0000)]
Move the lsa code across to the changed args for lookup_name, and surround it
in become_root()/unbecome_root().
Also only allocate the memory the client reqests - and don't allow the client
to trigger an SMB_ASSERT if they ask for 'more'.
Up the maximum number of sids allowed, and note that this is an arbiary guess,
and can be raised without consequence.
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 09:58:11 +0000 (09:58 +0000)]
We may as well not use these temporary variables - they are only used once and
just make it harder to debug (gcc stips optomises them away).
Andrew Bartlett [Sat, 26 Jan 2002 09:56:47 +0000 (09:56 +0000)]
local_lookup_name() doens't acutally use its 'domain' argument, so drop it and
make its use clearer.
Andrew Bartlett [Sat, 26 Jan 2002 09:55:38 +0000 (09:55 +0000)]
Change the winbind interface to use seperate 'domain' and 'username' feilds for
the sid->uid and uid->sid conversions.
Remove some duplicate arguments from these funcitons, and update the
request/response structures for this and the 'winbind domain name' feature.
As such 'winbindd_lookup_name' now takes both a domain and username.
Andrew Bartlett [Sat, 26 Jan 2002 09:52:55 +0000 (09:52 +0000)]
Allow a winbind client to obtain the server's domain name.
Andrew Bartlett [Sat, 26 Jan 2002 09:50:28 +0000 (09:50 +0000)]
Remove the 'direct to winbind' hacks, as they should (if I understand
correctly) be no longer needed. This is in aid of the 'winbind default domain'
code - which works much better when smbd always goes via the standard unix
interfaces.
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 06:28:50 +0000 (06:28 +0000)]
This always points at a string literal, so it probably should be 'const'.
Andrew Bartlett [Sat, 26 Jan 2002 06:24:53 +0000 (06:24 +0000)]
Fix up a security issue with the way we handle domain groups retuned on the
info3. These are RIDs, and it only makes sense to combine them with the domain
SID returned with them. This is important for trusted domains, where that sid
might be other than the one we currently reterive from the secrets.tdb.
Also remove the become_root()/unbecome_root() wrapper from around both
remaining TDB users: Both are now initialised at smbd startup.
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 06:18:59 +0000 (06:18 +0000)]
fix typo
Andrew Bartlett [Sat, 26 Jan 2002 06:16:36 +0000 (06:16 +0000)]
The new plugable password backend system needs to be initialised after
lp_load().
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 06:02:28 +0000 (06:02 +0000)]
These changes commited on a 'no less broken' basis.
The previous code attempted to call winbind to find out the domain sid. This
couldn't work for a number of reasons - not the least of which was that both
the client and server ends would reject any name (in this case domain name)
without a \ in it (or lp_winbind_seperator()).
I think this is what was intended to occour. If there is still some need to
contact winbind for this information, I suggest a new call be created for this
- as it the server-side code doesn't allow for this information to be extracted
easily in any case.
Finally, it gets in the way of the default domain code a bit - hence why I was
actually looking at it...
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 05:53:07 +0000 (05:53 +0000)]
Try to get the compiler not to complain about assignments and truth values...
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 05:52:20 +0000 (05:52 +0000)]
Try to move towards slightly sane linking for Samba by removing some pdb_...()
calls from rpc_parse/parse_net.c - instead these values are passed as a
paramater.
Unfortunetly some there is still some samr work to be done before this is
actually useful.
Andrew Bartlett
Andrew Bartlett [Sat, 26 Jan 2002 01:52:52 +0000 (01:52 +0000)]
Add some information tidbits to an error DEBUG().