Michael Adam [Mon, 1 Dec 2008 02:05:40 +0000 (03:05 +0100)]
packaging(RHEL-CTDB): explicitly build the gpfs module
to prevent potetential problems on PTF8 systems where there
is no valid autodetecting configure check yet.
Michael
Michael Adam [Mon, 1 Dec 2008 02:43:12 +0000 (03:43 +0100)]
winbindd/nss_info: remove unused variable from nss_init()
Michael
Michael Adam [Mon, 1 Dec 2008 02:07:19 +0000 (03:07 +0100)]
packaging(RHEL-CTDB): use ccache if available
Michael
Michael Adam [Mon, 1 Dec 2008 01:01:44 +0000 (02:01 +0100)]
winbindd/nss_info: fix default backend handling for ad backends.
This fixes "winbind nss info = rfc2307" (or sfu or sfu20).
Originally, only explicitly configured domains (like "rfc2307:domain")
worked with the ad module, since the domain name was not passed
backe to the module. This is fixed by recording the first backend
listed without domain in the "winbind nss info" parameter as the
default backend, and creating new nss_domain entries (using this default
backend) on the fly as requests for domains which are not explicitly
configured are encountered.
Michael
Michael Adam [Sun, 30 Nov 2008 23:56:50 +0000 (00:56 +0100)]
winbindd/nss_info: whitespace cleanup.
Remove trailing spaces and fix tab / space mixup.
Michael
Michael Adam [Sun, 30 Nov 2008 22:00:19 +0000 (23:00 +0100)]
winbindd_cache: add debugging to get_nss_info_cached()
Michael
Michael Adam [Sun, 30 Nov 2008 21:57:41 +0000 (22:57 +0100)]
winbindd/nss_info: add entry debug message to nss_get_info()
Michael
Michael Adam [Sun, 30 Nov 2008 21:54:42 +0000 (22:54 +0100)]
winbindd/nss_info: add debugging to nss_init()
Michael
Michael Adam [Sun, 30 Nov 2008 21:50:26 +0000 (22:50 +0100)]
winbindd/idmap_ad: add entry debug message to nss_ad_get_info()
Michael
Michael Adam [Wed, 26 Nov 2008 22:09:49 +0000 (23:09 +0100)]
winbindd/idmap_ad: add support for trusted domains to idmap_ad (bug #3661)
This initial fix does at least work for explicitly configured domains.
The patch has a few disadvantages:
1. It does work only for explicitly configured domains, not with
the default backend (idmap backend = ad), since it relies on the
domain name being passed in via the idmap_domain. One workaround
for this would be to create clones of the default idmap_domain
for domains not explicitly configured.
2. It calls find_domain_from_name_noinit() from idmap_ad_cached_connection.
The problem here is that only the NetBIOS domain name (workgroup
name) is passed in via the idmap_domain struct, and the module
has to establish a connection to the domain based on that information.
find_domain_from_name_noinit() has the disadvantage that it uses the state
of the domain list at fork time (unless used from the main winbindd).
But this should be ok as long as the primary domain was reachable at
start time.
For nss_info, the situation is similar - This will only work for domains
explicitly configured in smb.conf as follows:
"winbind nss info = rfc2307:dom1 sfu:dom2 rfc2307:dom3 template:dom4"
Setting the default nss info to one of the ad backends (rfc2307, sfu, sfu20)
will fail since the domain name is not passed in with the nss_domain_entry.
Michael
Michael Adam [Wed, 26 Nov 2008 21:23:34 +0000 (22:23 +0100)]
winbindd/idmap_ad: refactor core of nss_{sfu|sfu20|rfc2307}_init to common function.
Michael
Michael Adam [Wed, 26 Nov 2008 14:16:22 +0000 (15:16 +0100)]
winbindd/idmap_ad: rename ctx to mem_ctx in nss_ad_get_info()
in preparation to using the idmap_ad_context there
Michael
Michael Adam [Fri, 28 Nov 2008 09:40:42 +0000 (10:40 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_sid_to_unixid
Michael
Michael Adam [Fri, 28 Nov 2008 09:40:01 +0000 (10:40 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_unixid_to_sid
Michael
Michael Adam [Fri, 28 Nov 2008 09:08:46 +0000 (10:08 +0100)]
winbindd/idmap: add diagnostic entry debug msg to idmap_find_domain().
Michael
Michael Adam [Fri, 28 Nov 2008 09:05:19 +0000 (10:05 +0100)]
winbindd/idmap_util: unify entering debug messages and add ouput of domain
Michael
Michael Adam [Fri, 28 Nov 2008 23:15:15 +0000 (00:15 +0100)]
Revert "Fix "getent passwd" with empty winbindd_idmap.tdb"
This reverts commit
ef6aa2d0665de3b42b6761bd53e005a7091dd512.
Not passing the domain we have to idmap_sid_to[ug]id() from
winbindd_fill_pwent() will ignore explicitly configured backends
for the given domain and ask the default backend instead.
This will taint the cache with mappings from the default backend
even for sids that would get mapped by the explicit backend.
Michael
Jeremy Allison [Tue, 18 Nov 2008 18:58:48 +0000 (10:58 -0800)]
Re-structure Volker's patch to "Fix trans2findfirst for the large directory optimization". Makes the change clearer.
Jeremy.
(cherry picked from commit
71878cb566aa9edeb85ac134a1ad60cfbc2927fe)
Signed-off-by: Michael Adam <obnox@samba.org>
Mathias Dietz [Wed, 12 Nov 2008 13:32:45 +0000 (14:32 +0100)]
Search for gpfs functions in both libgpfs_gpl.so an libgpfs.so
As of GPFS 3.2.1 PTF8 libgpfs will be available as GPL, so we don't need the
special libgpfs_gpl lib anymore. For backwards compatibility with pre-PTF8 GPFS
installations, still look there.
(cherry picked from commit
61468186cece7370576a2d13992f9a523067e4be)
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
93dd57627795b92b3d3f723a105271aead395dd1)
Stefan Metzmacher [Mon, 24 Nov 2008 14:07:56 +0000 (15:07 +0100)]
libads/ldap.c: return an error instead of crashing when no realm is given
The bug was triggered by "net ads info -S 127.8.7.6" (where 127.8.7.6 doesn't exist)
and "disable netbios = yes".
metze
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
e2a60d2e1fd7455f08e73f8d1c513ca240c0f0af)
(cherry picked from commit
8fc213fcd4c5a6ddaa0d44965bcd0ca1afbbbc84)
Volker Lendecke [Tue, 18 Nov 2008 16:03:38 +0000 (17:03 +0100)]
Fix trans2findfirst for the large directory optimization
With
case sensitive = yes
preserve case = no
short preserve case = no
default case = upper
a "dir FOO.txt" would not find "FOO.TXT" because FOO.txt ends up unconverted in
the mask for mask_match.
Jeremy, please check!
Volker
(cherry picked from commit
0dbcc308e30b121268cdfcdd70c50c4ed38ab433)
(cherry picked from commit
96764065e2e2eaa13cb71bc9ea2d75800da7db4f)
Michael Adam [Thu, 18 Sep 2008 03:02:14 +0000 (05:02 +0200)]
packaging(RHEL-CTDB): adapt configure.rpm to changes to the spec file
Michael
Michael Adam [Tue, 11 Nov 2008 12:47:37 +0000 (13:47 +0100)]
packaging(RHEL-CTDB): move the cifs.upcall manpage to the client package
Michael
Michael Adam [Tue, 11 Nov 2008 12:45:40 +0000 (13:45 +0100)]
packaging(RHEL-CTDB): add the cifs.upcall binary to the client package.
Michael
Michael Adam [Mon, 10 Nov 2008 13:58:39 +0000 (14:58 +0100)]
build: prevent make errors for picky makes when $(EXTRA_ALL_TARGETS) is empty
picky make implementations don't like lines with only tabs in rules or dependencies
Michael
Martin Schwenke [Fri, 7 Nov 2008 01:20:59 +0000 (12:20 +1100)]
Add @CIFSUPCALL_PROGS@ to "all" target so cifs.upcall gets built at
compile time rather than install time. This stops problems where
packaging scripts pass CFLAGS to "make" but not "make install".
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 30 Oct 2008 15:38:07 +0000 (16:38 +0100)]
winbindd: speed up fill_grent_mem (i.e. winbindd_getgrent) a lot.
With large groups, getgrent ran into timeouts because after each
single user that was added to the expanded group list, the list
was sorted and made unique.
Now the list is sorted just once after all members have been added.
Michael
Holger Hetterich [Tue, 14 Oct 2008 18:37:41 +0000 (11:37 -0700)]
Fix the "Premature end of data in tag" error when buiding the manpage, fix a typo in the text, add an example for anonymization usage.
(cherry picked from commit
1d202a8a7bccc65e47fc78b17d89b7e74a358487)
(cherry picked from commit
abfdb52b60e84980d22e6c6c3479e67e20311b12)
Holger Hetterich [Mon, 13 Oct 2008 21:18:54 +0000 (14:18 -0700)]
Update the manpage for vfs_smb_traffic_analyzer to include the anonymize_prefix option
(cherry picked from commit
c67cf648331bf4b8268813cb005b7283dd65eb73)
(cherry picked from commit
9222fde6505deb31324b507d73c96bcb6edb161d)
Holger Hetterich [Mon, 13 Oct 2008 21:14:25 +0000 (14:14 -0700)]
Enable optional anonymization of user names,
if the configuration parameter anonymization_prefix is defined in
smb.conf, and use the prefix given there.
(cherry picked from commit
86a621a1a3e08bad8a0b276d8444f1f69a500385)
(cherry picked from commit
e9359e6e8f692c693aad95f9a241c41cc23aa02a)
Tim Prouty [Tue, 7 Oct 2008 17:30:22 +0000 (10:30 -0700)]
Fixed build warning "passing arg from incompatible pointer type"
The fix explicitly makes the conversion from timeval to time_t using the
existing time utility functions.
Compiling modules/vfs_smb_traffic_analyzer.c
modules/vfs_smb_traffic_analyzer.c: In function `smb_traffic_analyzer_send_data':
modules/vfs_smb_traffic_analyzer.c:173: warning: passing arg 1 of `localtime' from incompatible pointer type
(cherry picked from commit
22852666ddf3e77404373042ceecb19747ae25cd)
(cherry picked from commit
ed955214133c264865d2f6ca532349f0c1ea8d4b)
Jeremy Allison [Wed, 1 Oct 2008 19:30:12 +0000 (12:30 -0700)]
Turn the socket connections into a refcounted list - in the common case there'll now only be one socket per smbd.
Changed the format of the wire data to (a) include a version number (V1) as the first element. (b) removed the
";)" at the end an replaced it with a "\n". Receiver can change back if needed, and now receiver can just log
"as-is" to a text file (making testing easier). Added my (C). Sorry Holger, but I've changed quite a bit now.
Jeremy.
(cherry picked from commit
7ea95c19305a2fb6efc95acc4e96f083e31f6c6f)
(cherry picked from commit
63603373628901fcb6a816d9ac9b5340dd8d8662)
Jeremy Allison [Tue, 30 Sep 2008 23:20:29 +0000 (16:20 -0700)]
Convert to allocated strings. Use write_data(), not send as this doesn't correctly
deal with EINTR. Jim and Holger please check this still works.
Jeremy.
(cherry picked from commit
dc1ff1a9c07edf7e3e649b256667704ad59aafbd)
(cherry picked from commit
747f7a5647851290f6a3968477a8749e1134777c)
Jeremy Allison [Tue, 30 Sep 2008 22:09:49 +0000 (15:09 -0700)]
Restructure the module so it connects to the remote data sink
on connect, and closes the socket on client disconnect. This should
make it much more efficient. Store the remote fd in a private data
pointer off the handle. Finally we need to remove the fstrings and
convert to allocated buffer storage.
Jeremy.
(cherry picked from commit
2f7884babcefcb04d1f9a877dde41e11b0f7b825)
(cherry picked from commit
1bf75ac9781c60be5a7b5899bc42aa1d198091d9)
Holger Hetterich [Mon, 29 Sep 2008 12:34:36 +0000 (14:34 +0200)]
Add an initial version of a manpage for the vfs_smb_traffic_analyzer module.
(cherry picked from commit
503d1c0226fb38c21b14fe1deac11b0ec461b4d0)
(cherry picked from commit
1394827cfda4eeff5b4239b6ed5c93fcaaed0e2e)
Jeremy Allison [Thu, 25 Sep 2008 18:56:10 +0000 (11:56 -0700)]
Use IPv4/v6 independent calls. Change safe_strcpy/cat to strlcpy/cat (this
needs changing to talloc_sprintf) and fix file descriptor resource leaks
in error paths. Jim and Holger please check !
Jeremy.
(cherry picked from commit
d55becbe492cf3c95ef45ebb2c123067a9297b4f)
(cherry picked from commit
caa0f1131872f82c1a346f701830544b372e4317)
Jim McDonough [Thu, 25 Sep 2008 00:47:03 +0000 (20:47 -0400)]
Fix the new vfs_smb_traffic_analyzer build for static links
(cherry picked from commit
d36039acd8f1722ba76b5999d7fea4f046735817)
(cherry picked from commit
f64bcae4ff2bb1a9db603c1f38e1e4fa2e5148bc)
Holger Hetterich [Wed, 24 Sep 2008 23:01:00 +0000 (19:01 -0400)]
SMB traffic analyzer vfs module from Holger Hetterich <hhetter@novell.com>
Used to gather data to feed to a database for live and historical
analysis of usage per user, per share, etc.
Helper apps to read the data still to come. This one still needs to be
made ipv6 enabled (connection is made to the helper app).
(cherry picked from commit
baf49e5fcabd3682927fe19974c97bbae4be7379)
(cherry picked from commit
aeabc475d8abf9a820b4846a30cf92cc253bc939)
Volker Lendecke [Sun, 21 Sep 2008 18:39:17 +0000 (20:39 +0200)]
Attempt to fix bug 5778
Jeff, Steve, please check!
(cherry picked from commit
110756cc7bcaed5a9d6aa58f3b3fe4481f8d1f31)
(cherry picked from commit
46b050e525b339fbac68329f668e47ebd11b3e08)
(cherry picked from commit
ecc67001315111493738e893917c4550be7828a1)
Günther Deschner [Wed, 22 Oct 2008 21:16:19 +0000 (23:16 +0200)]
s3-samr-server: fix access check in _samr_QuerySecurity().
Guenther
(cherry picked from commit
25cb282f7042e8192c0bc6d720df0646b74e9a47)
(cherry picked from commit
96b35c32ae99d74608ad95d063629554fee77979)
Jeremy Allison [Mon, 20 Oct 2008 23:53:05 +0000 (16:53 -0700)]
Remove the requirement for ldap call made as root. Add in security
checks for all SAMR calls.
Jeremy.
(cherry picked from commit
b848f96d747fb41c074dd073f24f186539257d71)
(cherry picked from commit
b339f17132b18edad52b4c2f6b348e4b8d789bcb)
Günther Deschner [Wed, 22 Oct 2008 23:42:27 +0000 (01:42 +0200)]
s3-samr-server: _samr_DeleteUser needs to wipe out the user_handle on success.
Guenther
(cherry picked from commit
8a0054c6d273049bea235803db25912f6cf03610)
(cherry picked from commit
40a904ee021e4c9390235f1d476bc37b87ac9b70)
(cherry picked from commit
ae01a98d49be39c258e479d610fa2e58ea2b6c62)
Jeremy Allison [Wed, 22 Oct 2008 20:18:58 +0000 (13:18 -0700)]
Fix net rpc vampire, based on an *amazing* piece of debugging work by "Cooper S. Blake" <the_analogkid@yahoo.com>.
"I believe I have found two bugs in the 3.2 code and one bug that
carried on to the 3.3 branch. In the 3.2 code, everything is
located in the utils/net_rpc_samsync.c file. What I believe is the
first problem is that fetch_database() is calling
samsync_fix_delta_array() with rid_crypt set to true, which means
the password hashes are unencrypted from the RID encryption.
However, I believe this call is redundant, and the corresponding
call for samdump has rid_crypt set to false. So I think the
rid_crypt param should be false in fetch_database().
If you follow the code, it makes its way to sam_account_from_delta()
where the password hashes are decrypted a second time by calling
sam_pwd_hash(). I believe this is what is scrambling my passwords.
These methods were refactored somewhere in the 3.3 branch. Now the
net_rpc_samsync.c class calls rpc_vampire_internals, which calls
libnet/libnet_samsync.c, which calls samsync_fix_delta_array() with
rid_crypt always set to false. I think that's correct. But the
second bug has carried through in the sam_account_from_delta()
function:
208 if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) {
209 sam_pwd_hash(r->rid, r->ntpassword.hash, lm_passwd, 0);
210 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED);
211 }
212
213 if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) {
214 sam_pwd_hash(r->rid, r->lmpassword.hash, nt_passwd, 0);
215 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED);
If you look closely you'll see that the nt hash is going into the
lm_passwd variable and the decrypted value is being set in the lanman
hash, and the lanman hash is being decrypted and put into the nt hash
field. So the LanMan and NT hashes look like they're being put in
the opposite fields."
Fix this by removing the rid_crypt parameter.
Jeremy.
(cherry picked from commit
e38436f731ff09333588cc0751c79029a569f390)
(cherry picked from commit
61046225de8a4cd77e94d8c5c4a8f510bc11b79e)
Volker Lendecke [Wed, 22 Oct 2008 12:26:05 +0000 (14:26 +0200)]
Fix bug 5840: Segfault in "rpcclient lsaaddacctrights"
(cherry picked from commit
79222e476edbccf81e70cf1c0d1f40db0b88e20b)
(cherry picked from commit
369fecaeb2470a1f7e68417ccdddb61334e37d92)
Jeremy Allison [Wed, 22 Oct 2008 00:06:53 +0000 (17:06 -0700)]
Cope with MAXIMUM_ALLOWED_ACCESS requests when opening handles.
Jeremy.
(cherry picked from commit
82ec832f7edffe2fcfd1bb067e092c159bed2973)
(cherry picked from commit
042e50f8709cfbe45d5b184cb3c4fe1b16bdc3b0)
Andreas Schneider [Mon, 20 Oct 2008 15:35:42 +0000 (17:35 +0200)]
Delete the krb5 ccname variable from the PAM environment if set.
If winbind sets the KRB5CCNAME variable it should unset it when
the cache gets destroyed.
(cherry picked from commit
e7b0d1c984a37600a234c1f4c95b06e9b5898f30)
(cherry picked from commit
ddba89d7713923bfbf1c8492c5dc6c6d5b220f1e)
Günther Deschner [Mon, 20 Oct 2008 18:16:03 +0000 (20:16 +0200)]
s3-samr-server: be consistent when reporting we do password complexity.
Guenther
(cherry picked from commit
7c2831c5872ad26e1e0cd7df59d6c0b88d566760)
(cherry picked from commit
f8d4596ec2b8f35dd3cc05aa7ee356abb9c0920b)
Jeremy Allison [Fri, 17 Oct 2008 22:25:58 +0000 (15:25 -0700)]
Unify access checks for lsa server functions.
Jeremy.
(cherry picked from commit
ef15ff6abec34377ab7fa75201e2799c0bb72aeb)
(cherry picked from commit
afed4929f9c707fb72b0e8dd12b1a1e8dcab9a84)
Jeremy Allison [Fri, 17 Oct 2008 04:04:18 +0000 (21:04 -0700)]
Cope with bad trans2mkdir requests from System i QNTC IBM SMB client.
If total_data == 4 Windows doesn't care what values
are placed in that field, it just ignores them.
The System i QNTC IBM SMB client puts bad values here,
so ignore them.
Jeremy.
(cherry picked from commit
5b1d8588d01d11251541829c5a3dff211fe925fd)
(cherry picked from commit
feb057d4503118e519b5dbd9d2c3ca2c1ee55380)
Jeremy Allison [Thu, 16 Oct 2008 22:06:13 +0000 (15:06 -0700)]
Unify the logic in pull_ascii_base_talloc() and pull_ucs2_base_talloc().
Jeremy.
(cherry picked from commit
5109bd33719a4bb1534cb0e012c92ec778fb26df)
(cherry picked from commit
01fd94981e322da59ac2c00055220c89de135ebe)
Jeremy Allison [Thu, 16 Oct 2008 18:57:51 +0000 (11:57 -0700)]
Fix bug 5826 - Directory/Filenames get truncated when 3.2.0 client acesses old server.
Karolin this is a show-stopper for 3.2.5.
There was some code in pull_ucs2_base_talloc() to cope with this case which
hadn't been added to pull_ascii_base_talloc(). The older Samba returns non
unicode names which is why you are seeing this codepath being executed.
Jeremy.
(cherry picked from commit
09fa53d927436310ae3c17096d42e2fa4de1dd2e)
(cherry picked from commit
f3b0e219f1a7660ff275db701935eecbe053fa25)
Jeremy Allison [Tue, 14 Oct 2008 23:05:00 +0000 (16:05 -0700)]
Attempt to fix bug #5818 - "smbcacls: sorts ACEs improperly and loses inheritance", based on
a patch from Paul Fertser <fercerpav@gmail.com>. I also added the ability to get/set hex
and symbolic inheritance flag names on ACE flags. I'm still investigating the effects
of setting the "SEC_DESC_DACL_AUTO_INHERIT_REQ" flag as I don't yet see what effects
this is having on the ACE sent.
Jeremy.
(cherry picked from commit
e59a21e945e6336f3d7622bf77cf5c2304936b70)
(cherry picked from commit
5d2d94b46bd2ab03e2f83036b4d7fa3e401c3458)
Jeremy Allison [Tue, 14 Oct 2008 22:40:44 +0000 (15:40 -0700)]
Note url explaining this code.
Jeremy.
(cherry picked from commit
4f1cdfe0901f4c78dff56ae5c26d2801b97d50d5)
(cherry picked from commit
9953885d0be6a2477f5fd29940f3f1d6a7136cf4)
Volker Lendecke [Tue, 7 Oct 2008 19:24:25 +0000 (21:24 +0200)]
Fix bug 5691: SIGBUS on Solaris
(cherry picked from commit
0f3f34033a80e44fa18cae452a164e445392138a)
(cherry picked from commit
41b2199fd87598076a1f45106b512c94042f7968)
Volker Lendecke [Sun, 12 Oct 2008 08:41:29 +0000 (10:41 +0200)]
Jeremy Allison [Sat, 11 Oct 2008 00:25:44 +0000 (17:25 -0700)]
Now it's working, back port the aync fix for parsing large cups printer lists.
Jeremy.
(cherry picked from commit
48ee5a66d18b805d03f93c85e98a41374d82cfb9)
(cherry picked from commit
f5f7ed4041ef986a5ce208d59bbf39d34373ce71)
Jeff Layton [Thu, 9 Oct 2008 14:44:37 +0000 (10:44 -0400)]
mount.cifs: make return codes match the return codes for /bin/mount (try #3)
The manpage for /bin/mount specifies that the return code should be a
positive integer (actually, it's a bitfield). Clean up the return
codes from mount.cifs to make them match the expected return values
from /bin/mount. This necessary for proper integration with autofs.
This is the third attempt at this patch. The changes here are minor,
just changing some return's from main() into exit() calls for
consistency's sake.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit
2374799c8114ae3ed422d1cbe4ca12c4fd075274)
(cherry picked from commit
98bcd52a568c274707cc6ccb9071d07a8bfca1ca)
Jeff Layton [Thu, 9 Oct 2008 14:42:28 +0000 (10:42 -0400)]
mount.cifs: have uppercase_string return success on NULL pointer
We currently don't attempt to uppercase the device portion of the mount
string if there isn't a prefixpath. Fix that by making uppercase_string
return success without doing anything on a NULL pointer.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit
34b5cfe8a0cb8674da0c5ac7d81b6e64160ccaa2)
(cherry picked from commit
3f4cdabc965f824b70891f6a6bcb29e5f9b579e5)
Jeremy Allison [Wed, 8 Oct 2008 18:40:16 +0000 (11:40 -0700)]
Fix bug #5814 - Winbindd dumping core in a strange manner while doing "rescan_trusted_domain".
From analysis by hargagan <shargagan@novell.com> :
"The winbindd_child_died() is also getting called from process_loop() in case of
SIGCHLD signal. In this case it doesn't make the timeout_handler to NULL for
the first request. It then initiate a new request using
schedule_async_request() which installs a new timeout handler for the same
request. In such a case, for a badly unresponsive system both the timeout
handler can be called. For the first call the "private_data" will be cleared
and for another call the timeout handler will be detecting the double free. So,
for such a case as well, the winbindd_child_died() should make the
timeout_handler to NULL."
Jeremy.
(cherry picked from commit
ce8de496ec139b7a56db20c5ffbcbdc2f4db0a51)
(cherry picked from commit
15b2f1d8744d157b131a0441e8738d8519de37c7)
Tim Prouty [Tue, 7 Oct 2008 17:13:51 +0000 (10:13 -0700)]
Fixed "declaration shadows global declaration" warnings.
The patch simply uses a more descriptive variable name for tcp_seq.
lib/socket_wrapper/socket_wrapper.c:753: warning: declaration of 'tcp_seq' shadows a global declaration
/usr/include/netinet/tcp.h:40: warning: shadowed declaration is here
lib/socket_wrapper/socket_wrapper.c: In function `swrap_marshall_packet':
lib/socket_wrapper/socket_wrapper.c:919: warning: declaration of 'tcp_seq' shadows a global declaration
/usr/include/netinet/tcp.h:40: warning: shadowed declaration is here
(cherry picked from commit
03cbea1d653c716b16347c831aa56dca0eb297ab)
(cherry picked from commit
fa3096b975de2c7fd747ca9f344e36c911e27a9c)
Volker Lendecke [Sun, 5 Oct 2008 21:29:50 +0000 (14:29 -0700)]
OS/X does not have rl_done in readline.h
(cherry picked from commit
af055bb8d89a14ed572f76b5f8fe492e0ed98e12)
(cherry picked from commit
829e29c95ad6c1b5744dcffb4586ff7c875e3831)
Jeremy Allison [Fri, 3 Oct 2008 21:56:30 +0000 (14:56 -0700)]
Correctly fix smbclient to terminate on eof from server.
Jeremy.
(cherry picked from commit
4dc2eb7f42bad6812d21bf4577e2901b04a5ca83)
(cherry picked from commit
28fa519a80bfcd30737a51ad157d134322c1fed9)
Gerald (Jerry) Carter [Fri, 3 Oct 2008 15:51:54 +0000 (10:51 -0500)]
net_dns: Make "lwinet ads dns register" honor the "interfaces" parameter.
This is helpful on multihomed hosts that only require a subset
of IP addresses be registered with DNS.
(cherry picked from commit
17c9f8810598d8117befc896d12a597a52b0ac3b)
(cherry picked from commit
2fb742e127f725b56f308538852d7b10b86f29c1)
(cherry picked from commit
d2242f9776cfed2dfff44db180dbf34fbbba2e5e)
Gerald (Jerry) Carter [Fri, 3 Oct 2008 15:51:21 +0000 (10:51 -0500)]
libaddns: Use the same prerequisite for DDNS update as Windows XP.
Hostname, TYPE: CNAME, CLASS: NONE
This has to have been broken for ages. I cannot see
how it would have worked in any environment.
(cherry picked from commit
6b6402bce318a48b0890ed6fc23ed5b30440927b)
(cherry picked from commit
adde53eddb85e9af391c3f77425a3376c5c60dbf)
(cherry picked from commit
35130846b4595cc3a937e10a113d2805a5b2c096)
Jeremy Allison [Thu, 2 Oct 2008 21:02:20 +0000 (14:02 -0700)]
Fix bug #5080. Access to cups-printers via samba broken with cups 1.3.4, Unsupported character set.
Cups 1.3.4 expects utf8 to be used in all messages to/from the server. We may be using a
different character set so we need to use talloc utf8 push/pull functions in all communication.
Contains the !server fix already applied to 3.3.
Jeremy.
(cherry picked from commit
a1323951a3264f81be07276f021201bee0d8d0f5)
(cherry picked from commit
47161923108222c41db4572b5f44cdb2b6d84a51)
Derrell Lipman [Thu, 2 Oct 2008 13:17:49 +0000 (09:17 -0400)]
Fix bug 5805: don't close stdout
- When calling setup_logging multiple times, the code was closing the debug
file descriptor before opening or assigning the new one. We don't, however,
want to close the debug file descriptor if it is stdout.
Derrell
(cherry picked from commit
7142872d2c6e0be42307671afa31016f6940007d)
(cherry picked from commit
a937de4a626a8084e852bf7d345441bab15963cd)
Günther Deschner [Fri, 5 Sep 2008 12:01:45 +0000 (14:01 +0200)]
build: don't install the cifs.upcall binary twice.
Guenther
(cherry picked from commit
1f44b4aaa5f700827ee2ab272ae4b59e559b094b)
(cherry picked from commit
020c03bff844ef976dd786a755c4d682bf161a3d)
(cherry picked from commit
5a9a190a5588b0cf938bc5c9659b7704d18cd4a3)
(cherry picked from commit
c83295d3b575be80a432c4716be62cd63eb3bdef)
(cherry picked from commit
cfc8dc236dda869dbe4141bef80f6965ce76188d)
Karolin Seeger [Mon, 15 Sep 2008 14:33:16 +0000 (16:33 +0200)]
man cifs.upcall: Fix typo, wrap lines.
Karolin
(cherry picked from commit
c4f361a17f51e4897ac2faafc65ebc8349e19001)
(cherry picked from commit
da7a60a82bfecbf5b1a10bdbccf4682fd92b65bb)
(cherry picked from commit
468e3b91d27f691ba6315eeb0fdcee22a4e4fdb9)
Timur [Tue, 16 Sep 2008 01:43:26 +0000 (18:43 -0700)]
Timur [Tue, 16 Sep 2008 01:24:58 +0000 (18:24 -0700)]
Fix display of POSIX ACLs.
(cherry picked from commit
faa732c245c9296ff4cd4a56f353c3d5d1b0d202)
(cherry picked from commit
5843283891fea066d59265a930f58903f0dca429)
Timur [Tue, 16 Sep 2008 01:19:01 +0000 (18:19 -0700)]
Fix cut and paste error in quota code.
(cherry picked from commit
c2a05d4ed34aa8185a7d236e8d7b1493d67a3068)
(cherry picked from commit
18c7ebdff74c08ea1c3696a001be1dedeb3ccf52)
Steven Danneman [Tue, 16 Sep 2008 00:55:22 +0000 (17:55 -0700)]
Simple fix for warning:
Compiling utils/sharesec.c
utils/sharesec.c: In function `change_share_sec':
utils/sharesec.c:404: warning: 'sd' might be used uninitialized in this function
(cherry picked from commit
931abf7898f574fcf70c239b2ad5c180ff6bb8e8)
(cherry picked from commit
f16f12feefc54fa407d5b9539e73a782dc15b12a)
Steven Danneman [Mon, 15 Sep 2008 23:28:30 +0000 (16:28 -0700)]
Fix build warning on FreeBSD
Fix for the following build warning:
Compiling torture/cmd_vfs.c
torture/cmd_vfs.c: In function `cmd_open':
torture/cmd_vfs.c:275: warning: unsigned int format, different type arg (arg 3)
torture/cmd_vfs.c: In function `cmd_mknod':
torture/cmd_vfs.c:992: warning: unsigned int format, different type arg (arg 3)
sccanf had mismatched types for mode_t between formating parameter and var args.
(cherry picked from commit
d10c386472175ceb312b9bcca07822a6df66a266)
(cherry picked from commit
3cbed0e4f196af56ca9a1fe7b219c4b86bfcb5cb)
Jeremy Allison [Mon, 15 Sep 2008 21:13:23 +0000 (14:13 -0700)]
Fix bug 5761 "open of mangled directory name results in 'is a stream name'"
reported by Regan Heath <Regan.Heath@BridgeHeadSoftware.com>.
Jeremy.
(cherry picked from commit
1b839eb9e4a6312e638d1856d1225b170525da7e)
(cherry picked from commit
06b7980f5b3dee9d17c31ed03688296f523ae393)
Jeff Layton [Sun, 14 Sep 2008 12:37:45 +0000 (08:37 -0400)]
mount.cifs: make local versions of strlcat and strlcpy static
...to silence -Wmissing-prototypes
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit
b08f07f84e448e56116b84ba5fa59b211e584822)
(cherry picked from commit
62f79a5f38a0b44534c7dd4335431160cc719b3d)
Jeff Layton [Sun, 14 Sep 2008 12:37:45 +0000 (08:37 -0400)]
cifs.upcall: make most functions static and silence compiler warnings
...to silence -Wmissing-prototypes and some uninit'ed variable
warnings. Thanks to GD for the extra-paranoid compiler flags.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit
bc5274eb66ebe40aea3ab917a20f2f353172ca93)
(cherry picked from commit
326bd60b594ad796604c24b39067495174653d15)
Jeremy Allison [Fri, 12 Sep 2008 22:04:11 +0000 (15:04 -0700)]
Modify a comment to make things clearer.
Jeremy.
(cherry picked from commit
46a5c08b101f1c218ecd6397614dde1d13a9077a)
(cherry picked from commit
cad8e9f04466241ba2d88df75c31779b77873bbb)
Jeff Layton [Fri, 12 Sep 2008 17:37:13 +0000 (13:37 -0400)]
cifs.upcall: move default install location to EPREFIX/sbin
cifs.upcall links to libraries that live under /usr, so installing it
in /sbin doesn't seem appropriate. Move it to EPREFIX/sbin instead
(i.e. /usr/sbin).
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit
fe280993dea71b87b6042d6aded389b10bcd0b56)
(cherry picked from commit
ca377e8bd68025bb89cc25ea64a55aa0a4b4c360)
Jeff Layton [Fri, 12 Sep 2008 17:37:13 +0000 (13:37 -0400)]
cifs.upcall: enable building by default on linux
When building on linux, default to building cifs.upcall. Throw a
warning if ADS support is disabled or keyutils isn't installed.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit
7f1193d3c83b0c19f17c8f70542491222c9644da)
(cherry picked from commit
2896d35972c0e00c388085511aaf2d398aca7e2b)
Jeremy Allison [Fri, 12 Sep 2008 00:31:36 +0000 (17:31 -0700)]
Use the given name, not the absolute pathname, when printing out ACL info.
Make this match the non-ACL case.
Jeremy.
(cherry picked from commit
1ca6239b9f67caafed50db5f284df00c5988ba03)
(cherry picked from commit
db91aa5b384fe8f527b547556182b5346382e370)
Jeremy Allison [Thu, 11 Sep 2008 23:18:54 +0000 (16:18 -0700)]
Fix bug #5751 cannot show ACLs on DFS reported by SATOH Fumiyasu <fumiyas@osstech.co.jp>.
Fix for smbclient and libsmbclient.
Jeremy.
(cherry picked from commit
71d00ef2888834ebed2a387a111a95bac1d227ad)
(cherry picked from commit
023f8d6b91db702ddb33f6af0f43e026729f8742)
Michael Adam [Tue, 21 Oct 2008 14:32:50 +0000 (16:32 +0200)]
packaging(RHEL-CTDB): Bump release number to ctdb.50 for the next RPM.
Michael
Volker Lendecke [Fri, 17 Oct 2008 09:53:13 +0000 (11:53 +0200)]
Bump RPM version number to ctdb.50
Jeremy Allison [Thu, 16 Oct 2008 01:08:07 +0000 (18:08 -0700)]
Don't use debug level 1 to log a trivial message.
Jeremy.
Volker Lendecke [Sun, 5 Oct 2008 21:34:58 +0000 (14:34 -0700)]
Remove an unused variable
Volker Lendecke [Sun, 5 Oct 2008 21:34:01 +0000 (14:34 -0700)]
Fix some missing error handlings
Volker Lendecke [Sun, 5 Oct 2008 21:28:33 +0000 (14:28 -0700)]
Fix an uninitialized variable warning
Not sure if we can ever not get domain and dns_domain, but gcc complained
Volker Lendecke [Sun, 5 Oct 2008 02:39:39 +0000 (19:39 -0700)]
Fix an unlikely memleak found by the IBM checker
Volker Lendecke [Sun, 5 Oct 2008 02:38:42 +0000 (19:38 -0700)]
Fix an uninitialized variable found by the IBM Checker
Volker Lendecke [Sun, 5 Oct 2008 02:38:04 +0000 (19:38 -0700)]
Fix a potential NULL deref in line 258 found by the IBM checker
Jeremy Allison [Wed, 1 Oct 2008 22:00:35 +0000 (15:00 -0700)]
Whitespace cleanup.
Jeremy.
Jeremy Allison [Wed, 1 Oct 2008 20:22:02 +0000 (13:22 -0700)]
Fix use of DLIST_REMOVE as spotted by Constantine Vetoshev <gepardcv@gmail.com>.
This API is unusual in that if used to remove a non-list head it nulls out
the next and prev pointers. This is what you want for debugging (don't want
an entry removed from the list to be still virtually linked into it) but
means there is no consistent idiom for use as the next and prev pointers
get trashed on removal from the list, meaning you must save them yourself.
You can use it one way when deleting everything via the head pointer, as
this preserves the next pointer, but you *must* use it another way when not
deleting everything via the head pointer. Fix all known uses of this (the main
one is in conn_free_internal() and would not free all the private data entries
for vfs modules. The other changes in web/statuspage.c and winbindd_util.c
are not strictly neccessary, as the head pointer is being used, but I've done
them for consistency. Long term we must revisit this as this API is too hard
to use correctly.
Jeremy.
Jeremy Allison [Tue, 30 Sep 2008 20:21:27 +0000 (13:21 -0700)]
Fix the make test problem Karolin reported. Now rename_open_files actually works correctly we must emit the change notify before we change the name, not before.
Jeremy.
Jeremy Allison [Mon, 29 Sep 2008 17:57:32 +0000 (10:57 -0700)]
Ensure we null out fsp after a close in all paths.
Jeremy.
Jelmer Vernooij [Mon, 29 Sep 2008 17:53:36 +0000 (10:53 -0700)]
Avoid freeing fsp twice when opening new_file fails. (Debian #431696)
If opening new_file fails, fsp would still be set to the files_struct of
old_file.
Jeremy Allison [Sat, 27 Sep 2008 01:37:33 +0000 (18:37 -0700)]
Second part of the fix for bug #5790 - samba returns STATUS_OBJECT_NAME_NOT_FOUND on set file disposition call.
This was my fault. I use a singleton cache (positive and negative) to speed up pathname based qfileinfo/setfileinfo lookups for alternate fsp's open on the same path. I only invalidated the negative cache on adding a new file fsp, as I incorrectly imagined the new fsp was put at the *end* of the open files list. DLIST_ADD puts it at the start, meaning any subsequent open wasn't seen once the cache was set. Doh !
Jeremy.
Jeremy Allison [Fri, 26 Sep 2008 22:18:18 +0000 (15:18 -0700)]
Fix bug #5797 - Moving readonly files fails. Reported by infomail@lordb.de.
We don't need to deny a DELETE open on a readonly file (I'm also adding a s4
torture test for this), the set_file_disposition call will return
NT_STATUS_CANNOT_DELETE if the delete-on-close bit is set
on a readonly file (and we already do this).
Jeremy.
Günther Deschner [Thu, 25 Sep 2008 23:32:16 +0000 (01:32 +0200)]
s3-srvsvc: fix _srvsvc_NetShareAdd segfault.
parm_err is not a ref pointer.
Guenther
(cherry picked from commit
29942b7043c1a31ad4fb76d01ab19fd3dbf26f0a)
Jeremy Allison [Wed, 24 Sep 2008 21:26:06 +0000 (14:26 -0700)]
Fix bug #5790 samba returns STATUS_OBJECT_NAME_NOT_FOUND on set file disposition.
We were checking that fd != -1 in file_find_di_XXX calls which is no longer
needed due to a change in internal semantics.
Jeremy.
Jeremy Allison [Tue, 23 Sep 2008 23:38:04 +0000 (16:38 -0700)]
Fix winbindd crash in an unusual failure mode. Bug #5737. Based on original patch from shargagan@novell.com
Jeremy.