Michael Adam [Thu, 23 Dec 2010 15:43:55 +0000 (16:43 +0100)]
s3:ctdb: correctly handle cstatus if CTDB_CTRL_FLAG_NOREPLY is set.
Michael Adam [Wed, 22 Dec 2010 13:16:07 +0000 (14:16 +0100)]
s3:dbwrap_ctdb: in ctdb_delete, send a SCHEDULE_FOR_DELETION control to local ctdbd
This way, the record will be scheduled for fast vacuuming.
Volker Lendecke [Mon, 7 Mar 2011 15:29:41 +0000 (08:29 -0700)]
v3-4-ctdb: Bump ctdb vendor patch level to 24
Volker Lendecke [Wed, 8 Dec 2010 14:03:36 +0000 (15:03 +0100)]
s3: Fix ENODATA for getacl on .snapshot dirs
The best we can do is to allow everything to the world.
Volker Lendecke [Mon, 29 Nov 2010 13:07:59 +0000 (06:07 -0700)]
v3-4-ctdb: Deal with mmsnapdir -a
Christian Ambach [Tue, 22 Feb 2011 14:45:44 +0000 (15:45 +0100)]
s3:libsmb only log a dead connection if it was not closed
in case the cli was closed before (e.g. via a dropped ip message)
it can be expected that the read here returns with an error and so
we should not log that a connection is dead when it was closed before
Volker Lendecke [Thu, 24 Feb 2011 09:50:46 +0000 (02:50 -0700)]
s3: GPFS can't deal with mangled names
In getrealfilename, avoid calling the GPFS function
Volker Lendecke [Mon, 28 Feb 2011 15:24:17 +0000 (08:24 -0700)]
v3-4-ctdb: Bump ctdb vendor patch level to 23
Christian Ambach [Wed, 23 Feb 2011 10:10:15 +0000 (11:10 +0100)]
s3: Survive an idle child that was killed
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Feb 28 14:53:20 CET 2011 on sn-devel-104
(cherry picked from commit
3854413c246a3a69d100af6e827ce8f217bf408e)
Jeremy Allison [Thu, 3 Feb 2011 01:47:19 +0000 (17:47 -0800)]
Fix value overflow (one too many 'f's ).
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Feb 3 03:35:32 CET 2011 on sn-devel-104
Volker Lendecke [Tue, 15 Feb 2011 09:22:31 +0000 (02:22 -0700)]
v3-4-ctdb: Bump ctdb vendor patch level to 22
Christian Ambach [Thu, 10 Feb 2011 14:55:50 +0000 (15:55 +0100)]
nsswitch: fix a segfault in the krb5 locator plugin
after the number of retries was exceeded, the loop did not
bail out correctly with an error and went on using a null pointer
Volker Lendecke [Wed, 9 Feb 2011 10:00:00 +0000 (11:00 +0100)]
s3: Cope with 192.168.1.1/24 in smbcontrol ip-dropped
Volker Lendecke [Fri, 11 Feb 2011 07:44:36 +0000 (08:44 +0100)]
s3: Add more checks and better fallback to addrchange
From http://netsplit.com/2011/02/09/the-proc-connector-and-socket-filters/ I
learned a bit more about netlink...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Feb 11 10:47:09 CET 2011 on sn-devel-104
Volker Lendecke [Mon, 7 Feb 2011 09:48:07 +0000 (02:48 -0700)]
v3-4-ctdb: Bump ctdb vendor patch level to 21
Stefan Metzmacher [Fri, 4 Feb 2011 11:54:36 +0000 (12:54 +0100)]
s3:lib/addrchange: set ctx->sock to -1 after close
The makes the code more consistent with similar destructors.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Feb 4 15:52:55 CET 2011 on sn-devel-104
Stefan Metzmacher [Fri, 4 Feb 2011 11:53:38 +0000 (12:53 +0100)]
s3:lib/addrchange: remove unused pointer
metze
Stefan Metzmacher [Fri, 4 Feb 2011 11:32:41 +0000 (12:32 +0100)]
s3:lib/addrchange: let addrchange_done() retry and ignore unknown message types
Messages like RTM_NEWLINK should be just ignored.
metze
Stefan Metzmacher [Fri, 4 Feb 2011 11:29:42 +0000 (12:29 +0100)]
s3:winbindd: fix segfaults on addrchange errors and make DEBUG() statements more usefull
metze
Volker Lendecke [Wed, 2 Feb 2011 12:08:40 +0000 (05:08 -0700)]
v3-4-ctdb: Work around the 1024-fd limit in select
This is an extremely dirty hack that just postpones the problem that select
only allows 1024 file descriptors to be queried by increasing the limit
to 16384.
Volker Lendecke [Tue, 1 Feb 2011 12:23:06 +0000 (05:23 -0700)]
v3-4-ctdb: Bump ctdb vendor patch level to 20
Volker Lendecke [Mon, 31 Jan 2011 16:25:55 +0000 (17:25 +0100)]
s3: Send a dropped_ip message if we lose an IP
Volker Lendecke [Thu, 27 Jan 2011 15:56:13 +0000 (16:56 +0100)]
s3: test addrchange
Volker Lendecke [Thu, 27 Jan 2011 11:58:22 +0000 (12:58 +0100)]
s3: Add support for AF_NETLINK addr notifications
Via an AF_NETLINK socket, the Linux kernel can inform us when IP addresses are
added or dropped.
This will first be used in winbind, it was triggered by clustering with ctdb.
When winbind is connected to a domain controller and ctdb decides to move away
the IP address that winbind used locally for the connection to the DC, the next
request will run into a timeout. winbind sends out its request, but the
response will never arrive: The IP is gone.
It will also be interesting for more reliable online/offline detection, but
this is something for future winbind refactoring.
Volker Lendecke [Tue, 1 Feb 2011 10:39:45 +0000 (03:39 -0700)]
v3-4-ctdb: Add recfrom_send/recv
Volker Lendecke [Mon, 31 Jan 2011 10:58:45 +0000 (11:58 +0100)]
v3-4-ctdb: Bump ctdb vendor patch level to 19
Michael Adam [Sun, 30 Jan 2011 12:49:14 +0000 (13:49 +0100)]
s3:net registry: ignore WERR_BADFILE when --force is given in deletekey[_recursive]
Michael Adam [Sun, 30 Jan 2011 12:44:31 +0000 (13:44 +0100)]
s3:registry: in deletekey_recursive, fix return code upon error.
correctly keep the werr from inside the transaction when the opearation
inside the transaction fails.
What is the correct behaviour if the cancel operation fails?
Michael Adam [Wed, 22 Sep 2010 04:21:38 +0000 (06:21 +0200)]
s3:registry: remove unneeded TALLOC_CTX argument from reg_deletekey_recursive
Michael Adam [Wed, 22 Sep 2010 04:27:49 +0000 (06:27 +0200)]
s3:net: add subcommand net registry deletekey_recursive
to delete a key including subkeys
Christian Ambach [Thu, 27 Jan 2011 18:31:45 +0000 (19:31 +0100)]
s3: fix empty ACL dialog for file in snapshot
Explorer failed to display the ACL of a file when it was
located in a snapshot.
Originally, this was already fixed with
30b5a1d2290fb09d362
in samba-ctdb v3.2.
The patch was ported to master, but there is no fget_nt_acl
operation any more so that part was ommited.
Afterwards, it was ported from there to 3.4 missing
the fget_nt_acl part now.
Re-adding now the lost part
Christian Ambach [Mon, 17 Jan 2011 13:56:52 +0000 (14:56 +0100)]
v3-4-ctdb: Bump ctdb vendor patch level to 18
Volker Lendecke [Fri, 14 Jan 2011 12:14:22 +0000 (05:14 -0700)]
s3: Make sure we call wbcAuthenticateUserEx correctly
There are cases where we fill in params.password.response.lm_data with non-NULL
where params.password.response.lm_length is 0. wbcAuthenticateUserEx does not
like that.
Volker Lendecke [Mon, 10 Jan 2011 16:25:00 +0000 (17:25 +0100)]
s3: Add wbinfo --dc-info
Christian Ambach [Thu, 13 Jan 2011 15:04:36 +0000 (16:04 +0100)]
s3:vfs aio_fork children do not go away
on RHEL 5.5, recvmsg() does not return when it is reading
from the socket and the process on the other side closes
its connection. This left aio children around that should
have gone already and were just wasting system resources.
This patch makes the child go away by writing invalid
data to it so that the child exits.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Christian Ambach [Thu, 13 Jan 2011 14:59:18 +0000 (15:59 +0100)]
s3:vfs fix children cleanup in aio_fork
the cleanup loop in aio_fork always stopped operation
on the first inactive child it found. In case lots of
children need to be reaped, it will take multiple runs
before all children are gone
Christian Ambach [Mon, 17 Jan 2011 13:06:15 +0000 (14:06 +0100)]
v3-4-ctdb: Bump ctdb vendor patch level to 17
Volker Lendecke [Tue, 21 Dec 2010 20:55:01 +0000 (21:55 +0100)]
s3: Use smbsock_any_connect in winbind
Volker Lendecke [Tue, 21 Dec 2010 17:52:53 +0000 (18:52 +0100)]
s3: Retry *SMBSERVER in nb_connect
Volker Lendecke [Mon, 13 Dec 2010 16:17:51 +0000 (17:17 +0100)]
s3: Add smbsock_any_connect
Volker Lendecke [Sun, 12 Dec 2010 17:55:06 +0000 (18:55 +0100)]
s3: Add an async smbsock_connect
This connects to 445 and after 5 milliseconds also to 139. It treats a netbios
session setup failure as equivalent as a TCP connect failure. So if 139 is
faster but fails the nb session setup, the 445 still has the chance to succeed.
Volker Lendecke [Wed, 22 Dec 2010 14:21:27 +0000 (15:21 +0100)]
v3-4-test: Pull in tevent_req_poll_ntstatus from master
Volker Lendecke [Sun, 12 Dec 2010 17:54:31 +0000 (18:54 +0100)]
s3: Add async cli_session_request
This does not do the redirects, but I think that might be obsolete anyway
Volker Lendecke [Wed, 22 Dec 2010 14:15:47 +0000 (15:15 +0100)]
v3-4-test: Pull in read_smb_send from master
Volker Lendecke [Sun, 12 Dec 2010 17:53:49 +0000 (18:53 +0100)]
s3: Add some const to name_mangle()
Volker Lendecke [Thu, 16 Dec 2010 11:26:02 +0000 (04:26 -0700)]
s3: Fix shadow-copy module for drag&drop from a snapshot
We have to return NT_STATUS_NOT_SAME_DEVICE to trigger the Windows client to
start a copy itself. Unbeknownst to us via the ACLs snapshots are read-only, so
a rename would trigger a EACCES. Unfortunately the MacOS/X finder does not do
the smart NOT_SAME_DEVICE fallback that Windows does.
Volker Lendecke [Mon, 13 Dec 2010 12:42:30 +0000 (13:42 +0100)]
v3-4-ctdb: Bump ctdb vendor patch level to 16
Volker Lendecke [Fri, 10 Dec 2010 15:48:19 +0000 (08:48 -0700)]
s3: Reply correctly to FSCTL_IS_VOLUME_DIRTY
Volker Lendecke [Mon, 29 Nov 2010 17:09:49 +0000 (18:09 +0100)]
s3: Add shadow copy info to smbclient allinfo
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Nov 30 12:23:50 CET 2010 on sn-devel-104
Volker Lendecke [Mon, 29 Nov 2010 16:39:43 +0000 (17:39 +0100)]
s3: Add cli_shadow_copy_data
Christian Ambach [Thu, 9 Dec 2010 10:25:17 +0000 (11:25 +0100)]
s3:registry correct a debug level
this is not a level 0 message, move it to 10
Volker Lendecke [Fri, 3 Dec 2010 08:34:02 +0000 (01:34 -0700)]
s3: Fix serverid_exists
In the cluster case it can happen that a node just died and we did not yet have
the time to clean up serverid.tdb. If the corresponding serverid.tdb record
that represented a process was migrated away from the dead record, it
represents existence of a process where it is already dead.
Volker Lendecke [Fri, 3 Dec 2010 09:13:46 +0000 (02:13 -0700)]
v3-4-ctdb: Fix debuginfo builds
Christian Ambach [Wed, 24 Nov 2010 10:57:59 +0000 (11:57 +0100)]
s3:winbind correct a copy&paste error
negative results of sid->gid lookups should be stored with
idmap_cache_set_sid2gid instead of idmap_cache_set_sid2uid
This seems to be a copy&paste error when similar logic from the
sid2uid path was copied here in
84b88f4b.
Volker Lendecke [Tue, 23 Nov 2010 13:49:12 +0000 (14:49 +0100)]
v3-4-test: Protect against invalid winbindd_cache entries
Volker Lendecke [Tue, 23 Nov 2010 13:28:45 +0000 (14:28 +0100)]
v3-4-test: Correctly calculate the wbinfo -s result
Volker Lendecke [Tue, 2 Nov 2010 16:18:31 +0000 (17:18 +0100)]
v3-4-ctdb: Bump ctdb vendor patch level to 15
Christian Ambach [Wed, 10 Nov 2010 17:37:02 +0000 (18:37 +0100)]
s3:winbind killed winbind child logs back trace
change the signal that the winbind parent sends to a children
that timed out answering a request from SIGTERM to SIGXCPU
By adding this differentation, it is possible to dump
a backtrace of the child only in this case, not when winbind
is shutting down
The backtrace is meant as a debug aid to determine what
a child was waiting for when it timed out
Christian Ambach [Wed, 10 Nov 2010 17:35:19 +0000 (18:35 +0100)]
s3:util add log_stack_trace_with_level
add a new function log_stack_trace_with_level to specify
the debug level with which backtraces will be written to the log
Volker Lendecke [Wed, 17 Nov 2010 15:56:28 +0000 (08:56 -0700)]
s3: Make winbind recover from a signing error
When winbind sees a signing error on the smb connection to a DC (for whatever
reason, our bug, network glitch, etc) it should recover properly. The "old"
code in clientgen.c just closed the socket in this case. This is the right
thing to do, this connection is spoiled anyway. The new, async code did not do
this so far, which led to the code in winbindd_cm.c not detect that we need to
reconnect.
Volker Lendecke [Tue, 2 Nov 2010 16:18:31 +0000 (17:18 +0100)]
v3-4-ctdb: Bump ctdb vendor patch level to 14
Michael Adam [Wed, 13 Oct 2010 14:57:26 +0000 (16:57 +0200)]
v3-4-ctdb: Bump ctdb vendor patch level to 13
Volker Lendecke [Mon, 25 Oct 2010 09:07:36 +0000 (11:07 +0200)]
s3: Pass tdb_flags to ctdbd when attaching to a db
This is required to make ctdb create databases with INCOMPATIBLE_HASH
Stefan Metzmacher [Thu, 21 Oct 2010 10:37:51 +0000 (12:37 +0200)]
s3: use TDB_INCOMPATIBLE_HASH (the jenkins hash) on all TDB_CLEAR_IF_FIRST tdb's.
In the backport we only use TDB_INCOMPATIBLE_HASH if CLEAR_IF_FIRST
was also set, that should make downgrades easier to handle.
(similar to commit
f98d217514433cd06887f8c0217a7835392f0375)
metze
Rusty Russell [Thu, 21 Oct 2010 10:09:15 +0000 (12:09 +0200)]
tdb: TDB_INCOMPATIBLE_HASH, to allow safe changing of default hash.
This flag to tdb_open/tdb_open_ex effects creation of a new database:
1) Uses the Jenkins lookup3 hash instead of the old gdbm hash if none is
specified,
2) Places a non-zero field in header->rwlocks, so older versions of TDB will
refuse to open it.
This means that the caller (ie Samba) can set this flag to safely
change the hash function. Versions of TDB from this one on will either
use the correct hash or refuse to open (if a different hash is specified).
Older TDB versions will see the nonzero rwlocks field and refuse to open
it under any conditions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(cherry picked (modified) from commit
2dcf76c9247ff02a1779000dbbecdc418473ca41)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Rusty Russell [Fri, 24 Sep 2010 06:09:43 +0000 (15:39 +0930)]
tdb: automatically identify Jenkins hash tdbs
If the caller to tdb_open_ex() doesn't specify a hash, and tdb_old_hash
doesn't match, try tdb_jenkins_hash.
This was Metze's idea: it makes life simpler, especially with the upcoming
TDB_INCOMPATIBLE_HASH flag.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(cherry picked from commit
ccac258d14dda7d8a994a7b80474ce6d85478a6d)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 21 Oct 2010 12:10:36 +0000 (14:10 +0200)]
s3:configure: build common/hash.o from lib/tdb
metze
Rusty Russell [Thu, 21 Oct 2010 10:11:00 +0000 (12:11 +0200)]
tdb: fix non-WAF build, commit 1.2.6 ABI file.
Sorry Jeremy.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(cherry picked (modified) from commit
b7cd6af5b45840a3588ad0cd50b4414f32f8b792)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Rusty Russell [Thu, 21 Oct 2010 10:02:01 +0000 (12:02 +0200)]
tdb: add Bob Jenkins lookup3 hash as helper hash.
This is a better hash than the default: shipping it with tdb makes it easy
for callers to use it as the hash by passing it to tdb_open_ex().
This version taken from CCAN and modified, which took it from
http://www.burtleburtle.net/bob/c/lookup3.c.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(cherry picked (modified) from commit
3258cf3f11bf7c68a2e69e1808c4551cc899725a)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Mon, 20 Sep 2010 23:01:51 +0000 (16:01 -0700)]
lib/tdb: fix c++ build warning in tdb_header_hash().
Guenther
(cherry picked from commit
1585c4df68a66569524a41def95488666dd827dd)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Rusty Russell [Thu, 21 Oct 2010 09:55:19 +0000 (11:55 +0200)]
tdb: put example hashes into header, so we notice incorrect hash_fn.
This is Stefan Metzmacher <metze@samba.org>'s patch with minor changes:
1) Use the TDB_MAGIC constant so both hashes aren't of strings.
2) Check the hash in tdb_check (paranoia, really).
3) Additional check in the (unlikely!) case where both examples hash to 0.
4) Cosmetic changes to var names and complaint message.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
(cherry picked (modified for v3-4) from commit
786b7263000dedcb97e7369402e2e9dc967e36c4)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 19 Oct 2010 06:59:14 +0000 (08:59 +0200)]
s3: Add some DEBUG
Volker Lendecke [Tue, 19 Oct 2010 06:53:21 +0000 (08:53 +0200)]
s3: Cope with EINTR in smbd_[un]lock_socket
Michael Adam [Wed, 13 Oct 2010 14:57:26 +0000 (16:57 +0200)]
v3-4-ctdb: Bump ctdb vendor patch level to 12
Volker Lendecke [Wed, 6 Oct 2010 16:24:13 +0000 (18:24 +0200)]
s3: Fix the async echo responder for netbios keepalives
This fixes a crash in the echo responder when the client started to send the
NetBIOS-Level 0x85-style keepalive packets. We did not correctly check the
packet length, so the code writing the signing seqnum overwrote memory after
the malloc'ed area for the 4 byte keepalive packet.
Volker Lendecke [Sat, 2 Oct 2010 15:07:00 +0000 (17:07 +0200)]
s3: Stop using the write cache after an oplock break
This fixes samba-bug 7715: If "write cache size" is set (a typical tuning knob
that might be applied in critical customer situations by performance experts),
smbd can corrupt data. This fixes it.
Volker Lendecke [Wed, 6 Oct 2010 13:05:59 +0000 (15:05 +0200)]
s3: Make the write end of the echo responder pipe non-blocking
Without this, we can get a writable pipe end, but the writev call on the pipe
will block.
Michael Adam [Wed, 22 Sep 2010 04:00:00 +0000 (06:00 +0200)]
s3:tests: fix misplaced '...' for grep pattern in test_net_registry.sh
Volker Lendecke [Thu, 17 Jun 2010 08:53:56 +0000 (10:53 +0200)]
Revert "v3-4-ctdb: Do not do any logrotation"
This reverts commit
0ce0f33c9bfdb9d0a5364e3902926fcc3a6d8ae1.
Volker Lendecke [Wed, 29 Sep 2010 10:17:05 +0000 (12:17 +0200)]
s3: Add "smbcontrol winbindd ip-dropped <local-ip>"
This is supposed to improve the winbind reconnect time after an ip address
has been moved away from a box. Any kind of HA scenario will benefit from
this, because winbindd does not have to wait for the TCP timeout to kick in
when a local IP address has been dropped and DC replies are not received
anymore.
Volker Lendecke [Wed, 22 Sep 2010 12:23:43 +0000 (05:23 -0700)]
s3: Fix a deadlock between notify_onelevel.tdb and notify.tdb
notify_add() locks notify_onlevel.tdb while having notify.tdb locked.
file_free() calls notify_remove_onelevel(), and due to this talloc hierarchy
problem the tdb record is not unlocked again timely. Thus notify.tdb will be
locked while notify_onelevel still has a lock.
Sorry, Ronnie, for causing you some grey hair and thanks for the stacktraces.
Volker
Michael Adam [Mon, 27 Sep 2010 10:43:39 +0000 (12:43 +0200)]
libsmbconf: parse an empty share as empty share, not as NULL.
This fixes a segfault in net conf import:
Importing a text file with an empty share resulted in a segfault.
Now this creates an empty share in registry config, just as it
should.
Thanks to Gregor Beck <gbeck@sernet.de> for reporting.
(cherry picked from commit
84127dd50420a7d0e8f389d4af15d52fca6cd809)
Gregor Beck [Wed, 29 Sep 2010 13:13:55 +0000 (15:13 +0200)]
s3-net: add roundtrip tests for registry import/export
Gregor Beck [Wed, 29 Sep 2010 13:13:26 +0000 (15:13 +0200)]
s3-net: test: make MALLOC_CHECK verbose on failure
Gregor Beck [Wed, 29 Sep 2010 13:12:49 +0000 (15:12 +0200)]
s3-net: add command rpc registry export
Gregor Beck [Wed, 29 Sep 2010 13:11:49 +0000 (15:11 +0200)]
s3-net: add command rpc registry import
Gregor Beck [Wed, 29 Sep 2010 13:06:05 +0000 (15:06 +0200)]
s3-net: add command registry convert
Gregor Beck [Wed, 29 Sep 2010 13:05:21 +0000 (15:05 +0200)]
s3-net: add command registry export
Gregor Beck [Wed, 29 Sep 2010 13:03:11 +0000 (15:03 +0200)]
s3-net: add command registry import
Gregor Beck [Wed, 29 Sep 2010 12:54:15 +0000 (14:54 +0200)]
s3-registry: add support for registration entries (.reg) files
Gregor Beck [Wed, 29 Sep 2010 12:50:33 +0000 (14:50 +0200)]
s3-lib: add srprs, primitives to build simple recursive parsers
Gregor Beck [Wed, 29 Sep 2010 12:49:40 +0000 (14:49 +0200)]
s3-lib: add cbuf, a talloced character buffer
Günther Deschner [Fri, 25 Sep 2009 09:35:46 +0000 (11:35 +0200)]
s3-util: use pull_reg_multi_sz in reg_pull_multi_sz.
Guenther
Rusty Russell [Mon, 20 Sep 2010 04:19:19 +0000 (13:49 +0930)]
Really enable core dumps in Linux
commit
e1f1ce68e1f685400a8c68bcec14018e3d1fc29d
Author: Rusty Russell <rusty@rustcorp.com.au>
Date: Mon Sep 20 13:33:30 2010 +0930
source3: dump core on Linux, even after seteuid/etc.
The "dumpable" flag is reset on every call to set*uid, so we need to
reset it to 1 in the signal handler itself.
This code dates back to commit
ac01fda2b97b 6 years ago :(
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Jeremy Allison [Thu, 9 Sep 2010 13:48:23 +0000 (15:48 +0200)]
Fix bug #7669.
Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in
Samba4).
CVE-2010-3069:
===========
Description
===========
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.
A connection to a file share is needed to exploit this
vulnerability, either authenticated or unauthenticated
(guest connection).
(cherry picked from commit
df20a300758bc12286820e31fcf573bdfc2147bc)
Michael Adam [Mon, 13 Sep 2010 15:27:16 +0000 (17:27 +0200)]
no need any more to manually create catalog file in build-manpages-nogit
Michael Adam [Mon, 13 Sep 2010 15:26:20 +0000 (17:26 +0200)]
no need any more to create catalog file manually in build-manpages-git
Michael Adam [Mon, 13 Sep 2010 15:18:18 +0000 (17:18 +0200)]
docs: use abs_top_builddir instead of BUILDDIR to let configure create correct catalog file
The use of the catalog file is still controlled by exporting the
XML_CATALOG_FILES variable as described in build/README
Michael Adam [Mon, 13 Sep 2010 09:52:53 +0000 (11:52 +0200)]
packaging(RHEL-CTDB): add a comment, why we need precompiled manpages as fallback
Particularly the version of the docbook XSL style sheets shipped with
RHEL5 have are missing some definitions needed for building the manpages.
Michael Adam [Thu, 9 Sep 2010 15:56:03 +0000 (17:56 +0200)]
packaging/RHEL-CTDB: do not use an external docs tarball
try to build the manpages instead and use a checked in manpage-only tarball
if it does not work