Rusty Russell [Wed, 27 Mar 2013 01:08:52 +0000 (11:38 +1030)]
source4/cluster and source4/ntvfs: add dbwrap option.
This makes the cluster code use dbwrap_local_open(), so it can handle
NTDB. This paves the way for ctdb to support ntdb files.
brlock.tdb, notify.tdb and openfiles.tdb can now be brlock.ntdb,
notify.ntdb and openfiles.ntdb, if 'use ntdb' is set.
Note: current ctdb doesn't support NTDB, so setting 'use ntdb' now is
not a good idea!
Cc: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Wed, 27 Mar 2013 01:08:06 +0000 (11:38 +1030)]
Samba3-HOWTO: mention NTDB.
Not sure if we're keeping this up-to-date, but try to document which
databases can be NTDB now.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sun, 24 Mar 2013 03:36:16 +0000 (14:06 +1030)]
schannel_store.tdb: make it schannel_store.ntdb if 'use ntdb'.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sun, 24 Mar 2013 03:35:16 +0000 (14:05 +1030)]
libcli/auth: convert to dbwrap.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sun, 24 Mar 2013 03:34:16 +0000 (14:04 +1030)]
dbwrap: allow transactions on non-persistent non-clustered dbs.
Otherwise we can't use dbwrap for schannel_store:
transactions not supported on non-persistent database /home/rusty/samba/st/dc/private/schannel_store.tdb
Note that the source3/lib/dbwrap/dbwrap_ctdb.c transaction start will
return an error with the same message anyway.
Cc: Michael Adam <obnox@samba.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sun, 24 Mar 2013 03:33:16 +0000 (14:03 +1030)]
secrets: use lpcfg_private_db_path() convenience helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sun, 24 Mar 2013 03:32:16 +0000 (14:02 +1030)]
lib/param: lpcfg_private_db_path()
This wrapper avoids testing lpcfg_use_ntdb() everywhere.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sun, 24 Mar 2013 03:31:16 +0000 (14:01 +1030)]
source4/scripting/python/samba/samba3: handle ntdb files.
Upgrading old Samba 3 instances seems like a place where we don't have
to read ntdb files, but Andrew Bartlett points out that you can run a
Samba 4.0 and even a 4.1 'classic' domain and desire to migrate that
to the AD DC.
So make this upgrade code generic: if it finds an ntdb file, read
that, otherwise read the tdb file.
Cc: Jelmer Vernooij <jelmer@samba.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Andrew Bartlett [Wed, 20 Mar 2013 01:46:22 +0000 (12:46 +1100)]
vfs-btrfs: Fix build on 32 bit platforms by using long long types
Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sun, 24 Mar 2013 03:28:02 +0000 (13:58 +1030)]
Revert "vfs_btrfs: fix compile on 32-bit platforms."
This reverts commit
fd6d0361d6fef5f8175967ddbae4a2b1d79dfcad.
Unreviewed, and Andrew has a better fix.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Sat, 23 Mar 2013 06:57:57 +0000 (17:27 +1030)]
ntdb: don't call open hook when re-opening an existing database.
In particular, the Samba dbwrap wrapper can do this for schannel_store,
with the openhook set to clear the database if it can get the lock
(which, being in the same process, it can).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Sat Mar 23 09:39:50 CET 2013 on sn-devel-104
Rusty Russell [Sat, 23 Mar 2013 06:56:57 +0000 (17:26 +1030)]
vfs_btrfs: fix compile on 32-bit platforms.
uint64_t are not unsigned longs on 32-bit platforms:
[3265/3996] Compiling source3/modules/vfs_btrfs.c
../source3/modules/vfs_btrfs.c: In function ‘btrfs_copy_chunk_send’:
../source3/modules/vfs_btrfs.c:118:3: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 3 has type ‘uint64_t’ [-Werror=format]
../source3/modules/vfs_btrfs.c:118:3: error: format ‘%ld’ expects argument of type ‘long int’, but argument 4 has type ‘int64_t’ [-Werror=format]
../source3/modules/vfs_btrfs.c:118:3: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 5 has type ‘uint64_t’ [-Werror=format]
../source3/modules/vfs_btrfs.c:118:3: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 7 has type ‘uint64_t’ [-Werror=format]
../source3/modules/vfs_btrfs.c: In function ‘btrfs_copy_chunk_recv’:
../source3/modules/vfs_btrfs.c:180:2: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 2 has type ‘off_t’ [-Werror=format]
cc1: some warnings being treated as errors
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Volker Lendecke [Thu, 21 Mar 2013 21:00:06 +0000 (22:00 +0100)]
smbd: Tune "dir" a bit.
for i in $(seq 1 20000) ; do echo dir ; done | smbclient //127.0.0.1/tmp -U%
without and with this patch:
$ time bin/smbd -d0 -i
smbd version 4.1.0pre1-GIT-
1f139ae started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
Beendet
real 0m28.342s
user 0m10.249s
sys 0m10.513s
$ time bin/smbd -d0 -i
smbd version 4.1.0pre1-GIT-
1f139ae started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
Beendet
real 0m27.348s
user 0m9.089s
sys 0m10.853s
The "real" timestamp is irrelevant, this also contains the time between
starting smbd and the smbclient job. It's the "user" time. The result that this
patch improves the time spent in user space by 10% is consistent.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 22 22:10:57 CET 2013 on sn-devel-104
Jeremy Allison [Thu, 21 Mar 2013 20:47:07 +0000 (13:47 -0700)]
Fix bug #9733 - smbcontrol close-share is not working.
As part of forcibly disconnecting a client from a share,
smbd must atomically call reload_services() to ensure that
the entry in the ServicePtrs[] array corresponding to
that share is removed if the share was removed from
the smb.conf or registry entries.
Otherwise the ServicePtrs[] array entry for the share
remains active and the client races to auto-reconnect to
the share before a second message to reload the smb.conf
file can be sent.
This has to be done as part of the close-share message
processing, as removing the share from the smb.conf file
first, then telling the smbd to reload followed by the
forcible disconnect message doesn't work as in this
sequence of events when the reload message is received
the client is still connected to the share, so the
ServicePtrs[] entry is still left active.
The forcible-disconnect + service reload has to be done
together as an atomic operation in order for this to work.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Mar 22 20:10:11 CET 2013 on sn-devel-104
Jeremy Allison [Fri, 8 Mar 2013 21:44:08 +0000 (13:44 -0800)]
Fix tevent testsuite issue on Solaris.
On Solaris/Nexenta/Illumos once a pipe is full it will not be reported
as writable until PIPE_BUF (actually on Solaris 4096, which is less than
PIPE_BUF) bytes have been read from it.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Mar 22 18:16:45 CET 2013 on sn-devel-104
Jeremy Allison [Fri, 8 Mar 2013 18:09:01 +0000 (10:09 -0800)]
Solaris/Illumos/Nexenta creates pipes that are bi-directional by default.
Ensure the test code will pass against such a system (allow writes/reads
going both ways).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Fri, 22 Mar 2013 13:15:57 +0000 (14:15 +0100)]
BUG 9735: Fix winbind seperator in upn to username conversion.
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 22 16:18:06 CET 2013 on sn-devel-104
Stefan Metzmacher [Mon, 18 Mar 2013 11:52:50 +0000 (11:52 +0000)]
s3:waf fix build on AIX
AIX acl code needs to be built by default on AIX,
otherwise smbd will fail to start because of missing symbols
This fixes Bug 9557 - build succeeds, but binaries don't run
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Thu Mar 21 16:31:19 CET 2013 on sn-devel-104
Stefan Metzmacher [Wed, 20 Mar 2013 07:49:20 +0000 (08:49 +0100)]
s4:torture: let raw.read accept larger reads than 0x10000
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 20 21:53:20 CET 2013 on sn-devel-104
Stefan Metzmacher [Tue, 19 Mar 2013 16:11:03 +0000 (17:11 +0100)]
s4:torture: raw.read fix large reads against windows
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 13 Mar 2013 22:45:12 +0000 (15:45 -0700)]
s3:selftest: Add LARGE_READX test into our make test infrastructure.
Tested against non-encrypted and encrypted connections.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Wed, 13 Mar 2013 22:43:21 +0000 (15:43 -0700)]
s3:torture: Add new LARGE_READX test to investigate large SMBreadX behavior.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 18 Mar 2013 18:50:38 +0000 (19:50 +0100)]
s4:smb_server: fix large read_andx requests
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 15 Mar 2013 18:57:48 +0000 (11:57 -0700)]
s3:smbd: Add functions calc_max_read_pdu()/calc_read_size() to work out the length we should return.
LARGE_READX test shows it's always safe to return a short read.
Windows does so. Do the calculations to return what will fit
in a read depending on what the client negotiated.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Fri, 15 Mar 2013 18:53:04 +0000 (11:53 -0700)]
s3:smbd: Remove server_will_accept_large_read() and erroneous comment.
We're going to replace this with a function that calculates
the max PDU to return on a read and supports short reads.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Mon, 18 Mar 2013 22:05:24 +0000 (15:05 -0700)]
s3:smbd: Fix off-by 4 error in wrap protection code in create_outbuf()
Subtract 4 from smb_size (39) here as the length
of the SMB reply following the 4 byte type+length
field can be up to 0xFFFFFF bytes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 18 Mar 2013 11:36:30 +0000 (12:36 +0100)]
s3:smbd: add some const to req_is_in_chain()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 19 Mar 2013 12:24:46 +0000 (13:24 +0100)]
s3:smbd: remove silly (SMB_OFF_T_BITS == 64) checks
configure will abort if sizeof(off_t) is not 8.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 18 Mar 2013 09:10:25 +0000 (10:10 +0100)]
s3:smbd: keep global_client_caps and max_send from the first successful session setup
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 18 Mar 2013 08:33:00 +0000 (09:33 +0100)]
s3:libsmb: let cli_read_andx_create() accept any length
It's up to the server to decide the allowed length.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 13 Mar 2013 22:23:52 +0000 (15:23 -0700)]
libcli/smb: smb1cli_inbuf_parse_chain() and smb1cli_conn_dispatch_incoming() should use smb_len_tcp.
They have to cope with large READX call replies that have
a length greater than smb_len_nbt() can handle.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 18 Mar 2013 14:02:55 +0000 (15:02 +0100)]
libcli/smb: defer failing for missing NEGOTIATE_SECURITY_SIGNATURES_ENABLED
Windows servers take a look at the FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED
flag during a session setup and turn on signing if the client requires it.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 19 Mar 2013 08:03:38 +0000 (09:03 +0100)]
s3:libsmb: make use of SMB_CAP_LEGACY_CLIENT_MASK instead of SMB_CAP_CLIENT_MASK
This should allow smbclient to keep using large reads against older Samba versions
(<= 3.6.x) and other servers that may also require this.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 19 Mar 2013 08:02:52 +0000 (09:02 +0100)]
libcli/smb: add SMB_CAP_LEGACY_CLIENT_MASK define
Older Samba releases (<= 3.6.x)
expect the client to send CAP_LARGE_READX
in order to let the client use large reads.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Gregor Beck [Wed, 20 Mar 2013 12:00:26 +0000 (13:00 +0100)]
s3:registry accept windows like long hivenames
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Mar 20 17:08:52 CET 2013 on sn-devel-104
Christian Ambach [Thu, 14 Mar 2013 22:19:25 +0000 (23:19 +0100)]
s3:include bump profile memory area version number
forgot to bump this earlier when removing the counters for setdir
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Mon, 18 Mar 2013 08:36:17 +0000 (09:36 +0100)]
wkssvc: Fix bug 9727, NULL pointer dereference
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 18 11:39:27 CET 2013 on sn-devel-104
Ricky Nance [Mon, 11 Mar 2013 19:47:19 +0000 (14:47 -0500)]
samba-tool group list: add more info to samba-tool group list
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Mar 17 12:56:47 CET 2013 on sn-devel-104
Jeremy Allison [Fri, 15 Mar 2013 22:05:31 +0000 (15:05 -0700)]
Fix bug #9724 - is_encrypted_packet() function incorrectly used inside server.
The is_encrypted_packet() function should only be used on the raw received data
to determine if a packet came in encrypted. Once we're inside the SMB1
processing code in smbd/reply.c we should be looking at the
smb1request->encrypted field to determine if a packet was really encrypted or
not.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Mar 16 12:44:44 CET 2013 on sn-devel-104
Andrew Bartlett [Thu, 14 Mar 2013 23:14:35 +0000 (10:14 +1100)]
examples/libsmbclient: Cast mode_t to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 15 20:22:08 CET 2013 on sn-devel-104
Andrew Bartlett [Thu, 14 Mar 2013 23:06:10 +0000 (10:06 +1100)]
s3-lsad: Cast getpid() result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 23:02:53 +0000 (10:02 +1100)]
s3-epmd: Cast getpid() result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 22:59:31 +0000 (09:59 +1100)]
vfs_smb_traffic_analyzer: Cast mode_t to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 22:52:13 +0000 (09:52 +1100)]
dbwrap: Cast getpid() result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 10:17:54 +0000 (21:17 +1100)]
spoolssd: Cast getpid() result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 10:15:18 +0000 (21:15 +1100)]
s3-smbd/process.c: Cast pid_t result to int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 09:36:34 +0000 (20:36 +1100)]
s3-lib/server_prefork: Cast pid_t result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 09:18:46 +0000 (20:18 +1100)]
s4-ntvfs: Cast getpid() result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 09:14:19 +0000 (20:14 +1100)]
lib/util: Cast mode_t result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 08:55:29 +0000 (19:55 +1100)]
ntdb: Cast getpid() result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 14 Mar 2013 08:26:44 +0000 (19:26 +1100)]
ccan: Cast getpid() result to unsigned int for GNU/Solaris build
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 14 Mar 2013 10:19:51 +0000 (11:19 +0100)]
torture: Update ndr README.
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Mar 15 13:51:51 CET 2013 on sn-devel-104
Andreas Schneider [Thu, 14 Mar 2013 06:29:20 +0000 (07:29 +0100)]
torture: Add ntprinting latin1 test.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 17:42:02 +0000 (18:42 +0100)]
s3-net: Add encoding=<CP> to 'net printing dump'.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 10:39:08 +0000 (11:39 +0100)]
s3-net: Add encoding=<CP> to 'net printing migrate'.
This allows you to convert printing tdb's which are in e.g. in latin1 to
convert to UTF-8 and import them into the registry.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 14:17:54 +0000 (15:17 +0100)]
ndr: Pass down string_flags in ndr_pull_ntprinting_printer().
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Mon, 11 Mar 2013 14:47:00 +0000 (15:47 +0100)]
idl: Add flags for strings in ntprinting idl.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Mon, 11 Mar 2013 14:45:15 +0000 (15:45 +0100)]
ndr: Add ndr_ntprinting_string_flags() function.
It defaults to utf8string.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 10:36:38 +0000 (11:36 +0100)]
pidl: Add skip option to elements.
This option allows to skip struct elements in pull and push function.
This can be used to pass flags to the structure e.g. for string values.
Reviewed-by: Günther Deschner <gd@samba.org>
Volker Lendecke [Wed, 13 Mar 2013 12:33:58 +0000 (13:33 +0100)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Mar 14 14:46:02 CET 2013 on sn-devel-104
Ira Cooper [Wed, 13 Mar 2013 13:36:11 +0000 (13:36 +0000)]
tsocket: ENOMEM can be retried on illumos/Solaris.
The writev system call can return -1 and errno ENOMEM, as a
retriable condition.
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 13 23:50:05 CET 2013 on sn-devel-104
Guenter Kukkukk [Wed, 13 Mar 2013 04:46:07 +0000 (05:46 +0100)]
vfstest: update the manual page
many added commands were missing.
The "-c" multiple command parameter option delimiter is not the
colon (anymore) - the semicolon is used.
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 13 08:27:54 CET 2013 on sn-devel-104
Guenter Kukkukk [Tue, 12 Mar 2013 00:44:59 +0000 (01:44 +0100)]
vfs_catia: testcase - add missing pieces
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@samba.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Tue Mar 12 07:36:13 CET 2013 on sn-devel-104
Guenter Kukkukk [Mon, 11 Mar 2013 04:34:27 +0000 (05:34 +0100)]
vfs_catia: testcase - implement vfstest additions
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Guenter Kukkukk [Sun, 10 Mar 2013 04:43:24 +0000 (05:43 +0100)]
vfs_catia: write a testcase - add a translate command to vfstest
first approach
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Guenter Kukkukk [Tue, 12 Mar 2013 03:51:03 +0000 (04:51 +0100)]
vfstest: fix the "-c" multiple-command option
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Andrew Bartlett [Wed, 27 Feb 2013 13:03:19 +0000 (00:03 +1100)]
scripting: No longer install samba_upgradeprovision
This tool is an important part of the toolkit a Samba Team member can
use to assist a user with the upgrade of a very old Samba 4.0 AD DC
installation.
However, like all powerful tools, it has sharp edges, and these need
to have more protection added before we recommend the tool be used.
The WHATSNEW already indicated that this tool should not be used but a
large number of users have run it, and due to lack of testing in the
past, some have run into bugs.
While this tool can be run in debug modes, by default it simply fixes
the database following a series of internal rule. This does a good
job much of the time, but does not request permission in the way that
dbcheck does, and will create extra objects for things like the DNS
partitions.
By removing this from the installed binaries, we provide another
signal that it should not be used right now, until these matters are
fixed and some clear documentation on how to safely use the tool can
be written.
Andrew Bartlett
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Mar 12 02:51:23 CET 2013 on sn-devel-104
Christian Ambach [Mon, 11 Mar 2013 21:23:27 +0000 (22:23 +0100)]
s3: remove some dead code (for setdir command)
set dir seems to have been a special SMB command used by Pathworks clients
the supporting code for it was already removed in 2007, so just remove all
remnants related to it (smb.conf parameter, documentation, ...)
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 12 01:03:37 CET 2013 on sn-devel-104
Andrew Bartlett [Sun, 10 Mar 2013 09:25:53 +0000 (20:25 +1100)]
Revert "Ensure the masks don't conflict with the ACL checks."
This reverts commit
78594909b8b22bd07978922b1c85dfd6f6456963 which was
needed by
7622aa16adeb00bf161a6dd07664c37125391272.
This change masked bug #9462 which was fixed by
2013bb9b4dbed747921df2591068e2765428f57d. The issue was that the
defaults for the substituted parameters did not match the old
parameter. Changing the values in our test suite hid the issue, but
did not fix the issue.
(Additional change in the revert is to correct the expected ACL value
in posixacl.py due to changed implied inherited permissions).
Andrew Bartlett
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 11 19:46:24 CET 2013 on sn-devel-104
Andrew Bartlett [Fri, 8 Mar 2013 05:15:37 +0000 (16:15 +1100)]
smbd:posix_acls Remove incorrectly added lp_create_mask() and lp_dir_mask() calls
When
6adc7dad96b8c7366da042f0d93b28c1ecb092eb removed the calls to
lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode
these calls were replaced with lp_create_mask() and lp_dir_mask()
The issue is that while lp_security_mask() and lp_dir_security_mask defaulted to
0777, the replacement calls did not. This changes behaviour, and incorrectly
prevents a posix mode being specified by the client from being applied to
the disk in the non-ACL enabled case.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andrew Bartlett [Fri, 8 Mar 2013 05:49:21 +0000 (16:49 +1100)]
param: Remove incorrectly added defaults in AD DC allowing WORLD WRITABLE files
These defaults were incorrectly added in
fc5caffbc139d63cab1ec105884863f73772586f in what turns out to be an
incorrect fix for bug #9462, which was in turn introduced by the
swapping of security mask (default 0777) for create mask (0755) in
6adc7dad96b8c7366da042f0d93b28c1ecb092eb.
While the permissions on sysvol and netlogon (the default shares) were
fixed by provision, any additional shares that did not yet have an
explit ACL set would create world-writable files by default.
Administrators will need to manually correct the file permissions on
any additional shares that were created after installation of the AD
DC.
Andrew Bartlett
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Mar 10 12:00:31 CET 2013 on sn-devel-104
Christof Schmitt [Thu, 21 Feb 2013 19:33:23 +0000 (12:33 -0700)]
Add testcase for idmap_rfc2307 module
Create a new test environment with 'idmap config DOMAIN : backend =
rfc2307'. A new test script adds LDAP records and queries them again for
the mapped uid and gid.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar 9 08:18:43 CET 2013 on sn-devel-104
Christof Schmitt [Thu, 21 Feb 2013 19:33:19 +0000 (12:33 -0700)]
packaging(RHEL-CTDB): Add idmap_rfc2307 module
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:33:13 +0000 (12:33 -0700)]
s3-net: Allow setting the ldap password for idmap_rfc2307
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:32:54 +0000 (12:32 -0700)]
s3-docs: Add manpage for idmap_rfc2307 module
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:32:37 +0000 (12:32 -0700)]
s3-winbindd: Add new module idmap_rfc2307
This module allows querying id mappings from LDAP servers as described
in RFC 2307. The LDAP records can be queried from an Active Directory
Server or from a stand-alone LDAP server.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:31:41 +0000 (12:31 -0700)]
s3-winbindd: Move connection to AD server from idmap_ad
Having this in a common place allows reuse by other idmap modules.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:31:37 +0000 (12:31 -0700)]
s3-winbindd: Use common helper function for connecting to ADS
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:31:28 +0000 (12:31 -0700)]
s3-winbindd: Move code for verifying ADS connection to common helper function
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:31:19 +0000 (12:31 -0700)]
s3-winbindd: Move idmap_fetch_secret to idmap_utils.c for reuse
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 21 Feb 2013 19:30:48 +0000 (12:30 -0700)]
s3-winbindd: Move common code for LDAP id mapping to idmap_utils
idmap_ad and idmap_ldap use the same helper functions and the same
maximum query size. Move the code to idmap_utils so that it can be
shared by every module issuing LDAP queries.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Gohmann [Fri, 8 Mar 2013 19:57:31 +0000 (20:57 +0100)]
s4-dns: dlz_bind9: Check result to avoid segfault
We saw this issue in a customer environment with many CNF objects. I
wasn't able to reproduce it, but I got the following core dump:
(gdb) directory samba4-4.0.0~rc6/source4/dns_server/
Source directories searched: /root/samba4-4.0.0~rc6/source4/dns_server:$cdir:$cwd
(gdb) bt
#0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830
#1 0xb4b0bdb8 in dlz_lookup (zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", dbdata=0x9648e48, lookup=0xb6db7588) at ../source4/dns_server/dlz_bind9.c:875
#2 0x080b43d8 in dlopen_dlz_lookup ()
#3 0xb7701755 in findnode () from /usr/lib/libdns.so.81
#4 0xb7701d22 in find () from /usr/lib/libdns.so.81
#5 0xb7639e5f in dns_db_find () from /usr/lib/libdns.so.81
#6 0x08075476 in query_find ()
#7 0x0807acb9 in ns_query_start ()
#8 0x08060712 in client_request ()
#9 0xb743022b in run () from /usr/lib/libisc.so.81
#10 0xb7216955 in start_thread () from /lib/i686/cmov/libpthread.so.0
#11 0xb706c1de in clone () from /lib/i686/cmov/libc.so.6
(gdb) f 0
#0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830
830 el = ldb_msg_find_element(res->msgs[0], "dnsRecord");
(gdb) p res->msgs
$1 = (struct ldb_message **) 0x0
(gdb) p res->count
$2 = 0
(gdb)
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Disseldorp [Fri, 8 Mar 2013 10:47:56 +0000 (11:47 +0100)]
doc: add vfs_btrfs man page
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Disseldorp [Fri, 8 Mar 2013 10:47:55 +0000 (11:47 +0100)]
s3-vfs: add vfs_btrfs module
Currently it only plumbs itself into the copy_chunk call path,
translating such requests into BTRFS_IOC_CLONE_RANGE calls.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Richard Sharpe [Fri, 8 Mar 2013 01:36:37 +0000 (17:36 -0800)]
Correct the name of the nss_winbind module for FreeBSD by creating a symlink
from the FreeBSD required name to the built module.
Signed-off-by: Timur Bakeyev <timur@FreeBSD.org>
Reviewed-by: Andrew Bartlett <abartlett@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Fri Mar 8 05:04:04 CET 2013 on sn-devel-104
Michael Adam [Mon, 4 Mar 2013 11:52:26 +0000 (12:52 +0100)]
s3:idmap: fix a debug message and lower its level
It is not an error to be logged at level 1 when a
domain has no explicitly configured idmap backend.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 8 03:16:54 CET 2013 on sn-devel-104
Guenter Kukkukk [Thu, 28 Feb 2013 23:58:05 +0000 (00:58 +0100)]
vfs_catia: add my copyright
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 7 22:24:47 CET 2013 on sn-devel-104
Guenter Kukkukk [Thu, 28 Feb 2013 23:36:08 +0000 (00:36 +0100)]
vfs_catia: add a sample for filename mapping to the manual page
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Guenter Kukkukk [Thu, 28 Feb 2013 05:12:36 +0000 (06:12 +0100)]
vfs_catia: fix the completely outdated manual page
The complete rework around 3.5.0 was not even mentioned somewhere.
(i was not able to find any info about that major change)
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Guenter Kukkukk [Wed, 27 Feb 2013 04:50:52 +0000 (05:50 +0100)]
vfs_catia: fix the translation to "vfs_translate_to_windows"
THANKS to an IRC user (Raimund ?) who asked for a char mapping possibility.
I suggested vfs_catia - but it did not work!
Hopefully now it will. :-)
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Guenter Kukkukk [Wed, 27 Feb 2013 04:34:05 +0000 (05:34 +0100)]
vfs_catia: add debug class for that module
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 28 Feb 2013 12:30:16 +0000 (23:30 +1100)]
docs: Add documentation for osName and osVer
This was previously documented only in the online help.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 7 01:36:01 CET 2013 on sn-devel-104
Andrew Bartlett [Thu, 28 Feb 2013 11:59:48 +0000 (22:59 +1100)]
net ads join: Add support for specifying the machine account password
This allows a predictable password to be specified, just like --machinepass does on samba-tool domain join.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 28 Feb 2013 11:57:45 +0000 (22:57 +1100)]
selftest: Fix specification of --machinepass to actually set a unique password
Because perl does not assert on dereferencing an invalid hash key
we did not notice that the passwords were being set to machine, not
machineloCalMemberPass.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Ira Cooper [Wed, 6 Mar 2013 00:54:43 +0000 (00:54 +0000)]
waf: add -fstack-protector to LDFLAGS if detected.
If we compile with -fstack-protector, we should link
with it.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 6 04:06:04 CET 2013 on sn-devel-104
Scott Lovenberg [Tue, 5 Mar 2013 00:09:12 +0000 (19:09 -0500)]
Documentation: Add a warning to "socket options"
Add a warning to the "socket options" section of the
smb.conf man page that changing socket options can be
dangerous to performance. Hopefully this will cut down on
users reporting poor performance after changing socket
options.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Mon, 25 Feb 2013 16:34:21 +0000 (17:34 +0100)]
Make sure to set umask() before calling mkstemp().
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Mar 6 01:16:34 CET 2013 on sn-devel-104
Andreas Schneider [Mon, 25 Feb 2013 16:16:45 +0000 (17:16 +0100)]
s4-libregistry: Improve NULL handling of name.
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Mon, 25 Feb 2013 14:48:20 +0000 (15:48 +0100)]
dsdb: Check for pointers before we deference them.
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Mon, 25 Feb 2013 14:41:23 +0000 (15:41 +0100)]
gensec: recv_handler can't be NULL at that point.
We probably want to segfault here if it is NULL.
Reviewed-by: David Disseldorp <ddiss@samba.org>