Jeremy Allison [Mon, 8 Apr 2013 23:38:03 +0000 (16:38 -0700)]
Use an index i rather than re-using a state variable.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Apr 2013 23:31:53 +0000 (16:31 -0700)]
Protect against early error in SMB_VFS_NEXT_READDIR.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Apr 2013 22:11:28 +0000 (15:11 -0700)]
Change source3/modules/vfs_dirsort.c from MALLOC -> TALLOC.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Ralph Wuerthner [Thu, 4 Apr 2013 11:29:01 +0000 (13:29 +0200)]
s3:smbd: do not access data behind req->buf+req->buflen in srvstr_pull_req_talloc()
The last 3 patches address bug #9782 - Panic when running 'smbtorture smb.base'.
Ralph Wuerthner [Thu, 4 Apr 2013 11:24:36 +0000 (13:24 +0200)]
s3:smbd: convert srvstr_pull_req_talloc() into a function
Ralph Wuerthner [Thu, 4 Apr 2013 10:59:36 +0000 (12:59 +0200)]
s3:smbd: do not access data behind req->buf+req->buflen in srvstr_get_path_req_wcard()
Andreas Schneider [Thu, 4 Apr 2013 10:18:25 +0000 (12:18 +0200)]
BUG 9766: Cache name_to_sid/sid_to_name correctly.
If there is no domain_name specified we still need to set to for
caching else we will not find the entry later if we lookup the entry
with the domain_name.
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Apr 9 16:32:44 CEST 2013 on sn-devel-104
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Fri Apr 12 11:44:46 CEST 2013 on sn-devel-104
Andreas Schneider [Fri, 5 Apr 2013 12:07:37 +0000 (14:07 +0200)]
BUG 9139: Fix the username map optimization.
If we successfully map a user. We call
set_last_from_to(user_in, unixname);
in the while loop reading the map file. After a successfull map we don't
stop and continue the loop to check all other mappings in the username
mapfile. But when we hit the end of the file and leave the loop we call:
set_last_from_to(user_in, user_in);
This overwrites the successful mapping, and the next time we call
map_username() we skip the username and no mapping is done.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Alexander Bokovoy [Thu, 11 Apr 2013 07:45:12 +0000 (09:45 +0200)]
[PATCH] getpass: Don't fail if stdin is not a tty
We don't need to manipulate the tty state (such as turning off
echo) when prompting for passwords if we're not reading from a tty.
Backport based on a patch provided by Stef Walter <stefw@gnome.org>.
Fix bug #9767 - "net ads join" fails when called via stdin.
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Thu Apr 11 11:35:07 CEST 2013 on sn-devel-104
Andreas Schneider [Wed, 3 Apr 2013 13:46:00 +0000 (15:46 +0200)]
BUG 9699: Fix adding case sensitive spn.
We should be able to define the case of the spn cause it is important
for some services like nfs. 'net ads keytab add "nfs"' should not
result in an uppercase spn.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 3 23:57:32 CEST 2013 on sn-devel-104
Volker Lendecke [Tue, 9 Apr 2013 19:18:34 +0000 (21:18 +0200)]
vfs_fake_perms: Fix bug 9775, segfault for "artificial" conn_structs
Signed-off-by: Volker Lendecke <vl@samba.org>
The last 3 patches address bug #9775, segfault for "artificial" conn_structs.
Volker Lendecke [Tue, 9 Apr 2013 19:07:23 +0000 (21:07 +0200)]
vfs_fake_perms: Slightly streamline code
Don't initialize a variable directly set
Signed-off-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Tue, 9 Apr 2013 19:07:23 +0000 (21:07 +0200)]
vfs_fake_perms: Slightly streamline code
Do an early error return
Signed-off-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Fri, 22 Mar 2013 08:30:05 +0000 (09:30 +0100)]
s3:modules: fix the build of vfs_notify_fam (bug #9545)
This adds the --with-fam option and configure checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
0d75c902254c6e27964c631459ef8e9b379b77fc)
Karolin Seeger [Tue, 9 Apr 2013 08:12:56 +0000 (10:12 +0200)]
VERSION: Bump version number up to 4.0.6
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Apr 2013 08:11:23 +0000 (10:11 +0200)]
VERSION: Disable git snapshots for the 4.0.5 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Apr 2013 08:08:57 +0000 (10:08 +0200)]
WHATSNEW: Add major enhancements.
And update some of the changes since 4.0.4.
Karolin
Karolin Seeger [Mon, 8 Apr 2013 10:58:53 +0000 (12:58 +0200)]
WHATSNEW: Add changes since 4.0.4.
Karolin
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon Apr 8 14:47:58 CEST 2013 on sn-devel-104
Jeremy Allison [Thu, 28 Mar 2013 15:55:11 +0000 (08:55 -0700)]
Ensure EA value is allocated on the right context.
Ensure we free on error condition (tidyup, not a leak).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Apr 2 21:54:33 CEST 2013 on sn-devel-104
The last 9 patches address bug #9130 - Certain xattrs cause Windows error
0x800700FF.
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon Apr 8 10:34:37 CEST 2013 on sn-devel-104
Jeremy Allison [Wed, 27 Mar 2013 18:54:34 +0000 (11:54 -0700)]
Final fix for bug #9130 - Certain xattrs cause Windows error 0x800700FF
The spec lies when it says that NextEntryOffset is the only value
considered when finding the next EA. We were adding 4 more extra
pad bytes than needed (i.e. if the next entry already was on a 4
byte boundary, then we were adding 4 additional pad bytes).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Jeremy Allison [Tue, 26 Mar 2013 23:46:51 +0000 (16:46 -0700)]
Ensure we don't return uninitialized memory in the pad bytes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Jeremy Allison [Tue, 26 Mar 2013 20:26:49 +0000 (13:26 -0700)]
Add a test to show that zero-length EA's are never returned over SMB2.
Zero length EA's only delete an EA, never store. Proves we should
never return zero-length EA's even if they have been set on the
POSIX side.
ntvfs server doesn't implement the FULL_EA_INFORMATION setinfo
call, so add to selftest/knownfail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Jeremy Allison [Tue, 26 Mar 2013 23:38:00 +0000 (16:38 -0700)]
Fix bug #9130 - Certain xattrs cause Windows error 0x800700FF
Ensure ntvfs server never returns zero length EA's.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Jeremy Allison [Tue, 26 Mar 2013 23:37:22 +0000 (16:37 -0700)]
Fix bug #9130 - Certain xattrs cause Windows error 0x800700FF
Ensure we never return any zero-length EA's.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Jeremy Allison [Tue, 26 Mar 2013 22:54:31 +0000 (15:54 -0700)]
Change estimate_ea_size() to correctly estimate the EA size over SMB2.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Jeremy Allison [Tue, 26 Mar 2013 22:46:06 +0000 (15:46 -0700)]
Modify fill_ea_chained_buffer() to be able to do size calculation only, no marshalling.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Jeremy Allison [Fri, 29 Mar 2013 17:07:20 +0000 (10:07 -0700)]
Ensure we can never return an uninitialized EA list.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Andreas Schneider [Tue, 2 Apr 2013 11:08:19 +0000 (13:08 +0200)]
BUG 9758: Don't leak the epm_Map policy handle.
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Tue Apr 2 17:16:56 CEST 2013 on sn-devel-104
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Sun Apr 7 23:39:23 CEST 2013 on sn-devel-104
Andreas Schneider [Tue, 2 Apr 2013 11:09:13 +0000 (13:09 +0200)]
epm: Increase debug level for already registered endpoints.
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Jeremy Allison [Mon, 25 Mar 2013 16:54:50 +0000 (09:54 -0700)]
Optimization suggested by Volker. Don't do a stat system call on normal read path.
Only do it if we need it in the sendfile() path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Mar 28 17:51:22 CET 2013 on sn-devel-104
Fix bug #9748 - Remove unneeded fstat system call from hot read path.
Volker Lendecke [Thu, 21 Mar 2013 21:00:06 +0000 (22:00 +0100)]
smbd: Tune "dir" a bit.
for i in $(seq 1 20000) ; do echo dir ; done | smbclient //127.0.0.1/tmp -U%
without and with this patch:
$ time bin/smbd -d0 -i
smbd version 4.1.0pre1-GIT-
1f139ae started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
Beendet
real 0m28.342s
user 0m10.249s
sys 0m10.513s
$ time bin/smbd -d0 -i
smbd version 4.1.0pre1-GIT-
1f139ae started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
Beendet
real 0m27.348s
user 0m9.089s
sys 0m10.853s
The "real" timestamp is irrelevant, this also contains the time between
starting smbd and the smbclient job. It's the "user" time. The result that this
patch improves the time spent in user space by 10% is consistent.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix bug #9736 - Change to smbd/dir.c code gives significant performance
increases on large directory listings.
Andreas Schneider [Fri, 22 Mar 2013 13:15:57 +0000 (14:15 +0100)]
BUG 9735: Fix winbind seperator in upn to username conversion.
Reviewed-by: Günther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Thu, 21 Mar 2013 20:47:07 +0000 (13:47 -0700)]
Fix bug #9733 - smbcontrol close-share is not working.
As part of forcibly disconnecting a client from a share,
smbd must atomically call reload_services() to ensure that
the entry in the ServicePtrs[] array corresponding to
that share is removed if the share was removed from
the smb.conf or registry entries.
Otherwise the ServicePtrs[] array entry for the share
remains active and the client races to auto-reconnect to
the share before a second message to reload the smb.conf
file can be sent.
This has to be done as part of the close-share message
processing, as removing the share from the smb.conf file
first, then telling the smbd to reload followed by the
forcible disconnect message doesn't work as in this
sequence of events when the reload message is received
the client is still connected to the share, so the
ServicePtrs[] entry is still left active.
The forcible-disconnect + service reload has to be done
together as an atomic operation in order for this to work.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 2 Apr 2013 03:11:26 +0000 (20:11 -0700)]
Fix bad SMB2 opcode reading in server.
SMB2 opcodes are 16-bit values. We should *never*
be reading them with IVAL(inhdr, SMB2_HDR_OPCODE),
it should always be SVAL(inhdr, SMB2_HDR_OPCODE).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Tue Apr 2 07:28:48 CEST 2013 on sn-devel-104
Fix bug #9760 - Incorrect parsing of SMB2 command codes.
Andrew Bartlett [Fri, 22 Mar 2013 10:58:25 +0000 (21:58 +1100)]
scripting: Fill the ProvisionNames hash with strings, not ldb.MessageElement or Dn
This avoids the need to fix it up again in samba_upgradedns.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Mar 25 13:25:30 CET 2013 on sn-devel-104
(cherry picked from commit
30adf0cdbae6d9aaf2e72513d9c33267248f20c0)
The last 12 patches address bug #9740 - Add samba-tool dbcheck
--reset-well-known-acls.
Andrew Bartlett [Fri, 22 Mar 2013 10:36:49 +0000 (21:36 +1100)]
samba-tool ldapcmp: Remove the GUID -> name mappings
These mappings are very convenient, however because they are not
one-to-one, they lead to differences being reported when none exist,
dependent only on the order the schema searches return results in.
Sadly the time saved by the names is offset by the time wasted chasing
the 'differences' that don't exist.
This in turn fixes some tests that were previously knownfail
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
5d42260eecfd4f26cc82637ce1bc989083c9eb9d)
Andrew Bartlett [Fri, 22 Mar 2013 06:12:43 +0000 (17:12 +1100)]
selftest: Add tests for samba-tool dbcheck --reset-well-known-acls
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
1589e46d11f29551f3598876b62e29fcbad06580)
Andrew Bartlett [Fri, 22 Mar 2013 11:16:03 +0000 (22:16 +1100)]
scripting: Modify samba.descriptor.get_diff_sds() to cope with a missing reference owner
This allows the reference SD not to have an owner specified, and still
have the comparison with a database SD that does have an owner pass.
(And the same for owning group).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
874a93bc1c437543474a6c574b0065b7b953ad38)
Andrew Bartlett [Mon, 11 Feb 2013 03:49:01 +0000 (14:49 +1100)]
samba-tool dbcheck: Allow dbcheck to correct an nTSecurityDescriptor without an owner or group
This is done by making a modification to the SD, which triggers it to be
filled in if we have the correct session_info established on the DB.
However, we normally want dbcheck running as system, so we wrap
the session_info set around this operation only.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
4789a3072a4241841c096115dbdb0c3259968e68)
Andrew Bartlett [Mon, 11 Feb 2013 03:49:01 +0000 (14:49 +1100)]
samba-tool dbcheck: Add --reset-well-known-acls
This will allow an upgrade from Samba 4.0.0 without needing to run
samba_upgradeprovision, which for now is not the preferred upgrade
tool.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
810f8b48d925ea15f3439c4b228741d8fddaccd8)
Andrew Bartlett [Fri, 22 Mar 2013 05:19:27 +0000 (16:19 +1100)]
scripting: Move get_diff_sds from samba.upgradehelpers to samba.descriptor
This helps avoid a dependency loop when we use get_diff_sds in dbcheck.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9040e2684161ce75738e9da0fee191aa34858607)
Andrew Bartlett [Fri, 22 Mar 2013 00:15:38 +0000 (11:15 +1100)]
scripting: Modify samba.descriptor.get_wellknown_sds() use samdb calls only
We need this routine not to use the names context as this is tied to
provision, and we end up in a circular dependency if we use that in
dbcheck.
Andrew Bartlett
(cherry picked from commit
a113ddbf881c5905bbf7072638c7ba8843eeb85e)
Andrew Bartlett [Thu, 21 Mar 2013 02:34:26 +0000 (13:34 +1100)]
scripting: Move samba.provision.descriptor to samba.descriptor
This will allow dbcheck to import it, without a cirucular dependency via
samba.provision importing dbcheck.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
352aff8ed7e06c14b7a00a56b31c79ffddf71dd4)
Andrew Bartlett [Thu, 21 Mar 2013 01:49:46 +0000 (12:49 +1100)]
scripting: Make samba.provision.descriptor.get_wellknown_sds() return ldb.Dn objects
As we look to use this function in more places, it does not make sense to constantly create
Dn objects from the strings.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
e81a97dd6fc2da701f2cbf42513311a7a44adad3)
Andrew Bartlett [Wed, 20 Mar 2013 03:50:55 +0000 (14:50 +1100)]
scripting: Fix documentation comment on upgradehelpers.py:get_clean_sd
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
6df17fe799968ca7e2f92ce9e294e3962ac8cbaf)
Andrew Bartlett [Wed, 20 Mar 2013 03:12:26 +0000 (14:12 +1100)]
scripting: Move the list of well known SDs to samba.provision.descriptor
This will allow us to call this from dbcheck.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
3da89b01faebba669434b07db344c203a4521ca2)
Andrew Bartlett [Sun, 17 Feb 2013 11:45:59 +0000 (22:45 +1100)]
selftest: Remove output directories to save disk space
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
b9b637569960ae7eef5ee12436624af34a718a9a)
The last 32 patches address bug #9725 - upgradeprovision and samba-tool dbcheck
patches for 4.0.NEXT.
Andrew Bartlett [Mon, 18 Feb 2013 04:56:18 +0000 (15:56 +1100)]
samba_upgradeprovision: Do not reset every DN when changing an SD
SD propogation is handled by an LDB module, we do not need to touch each
and every DN to make it happen.
Now that we do not need to put this via a hash, the dnToRecalculate
list is changed to be a list of Dn objects, not strings so that:
if dn in listWellknown
is handled using a schema comparison (avoiding different case forms
tripping it up).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
d5d88bd82b1cb51da09cf3b3dec40f180f5ed29f)
Andrew Bartlett [Mon, 18 Feb 2013 04:15:52 +0000 (15:15 +1100)]
samba_upgradeprovision: do not maintain dnNotToRecalculate as a list
We only need a boolean indication, not the actual values.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
0f247dce00fd26230cdb0566ce4f51a2ea8cfc2b)
Andrew Bartlett [Mon, 18 Feb 2013 04:05:00 +0000 (15:05 +1100)]
samba_upgradeprovision: only run rebuild_sd in --full mode
This is a potentially destructive routine, and should not be run by default.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9bc32bfd65700c816ebb2a3004ad568327218f86)
Andrew Bartlett [Mon, 18 Feb 2013 02:00:31 +0000 (13:00 +1100)]
samba_upgradeprovision: Remove alwaysRecalculate, this is too dangerous
I am unclear on why this was added, but the idea that we ever always reset data
in the directory is not reasonable to me, so I am removing it.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
81cda856faf2a5efd38965fd4c3b1f5551ad94d9)
Andrew Bartlett [Mon, 18 Feb 2013 01:28:23 +0000 (12:28 +1100)]
samba_upgradeprovision: Remove unused checkKeepAttributeOldMtd
lastProvisionUSNs is never None, instead the code requries the administrator to populate this
attribute in the directory.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
09b82d5fdc05a1f440aa96a690c202d4b0df134b)
Andrew Bartlett [Sun, 17 Feb 2013 11:44:56 +0000 (22:44 +1100)]
samba_upgradeprovision: Remove inherited ACEs before comparing the SDs
This avoids changing an SD when it is not really required.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9b8d5bba507615aee95a46fd9ae75aa782fd7e66)
Andrew Bartlett [Sun, 17 Feb 2013 11:03:18 +0000 (22:03 +1100)]
scripting: Rework samba.upgradehelpers.get_diff_sddls to be get_diff_sds
This moves the SDDL conversion inside the get_diff_sds function and prepares
for removing inherited ACEs from the SD before comparison.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
5074b98714c9e038cc31872111508c1d92562841)
Andrew Bartlett [Sat, 16 Feb 2013 10:58:57 +0000 (21:58 +1100)]
samba_upgradeprovision: Remove auto-detection of pre-alpha9 databases
These are incredibly rare, and administrators running such databases
not only ask the Samba Team for help personally, they can read --help.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
787a6aacc3003731784b29fd92c683036c8730a7)
Andrew Bartlett [Sat, 16 Feb 2013 02:12:53 +0000 (13:12 +1100)]
selftest: Rename samba4.blackbox.upgradeprovision.py to samba4.blackbox.upgradeprovision.current
This name matches the other upgradeprovision tests for older saved provisions.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9d6af4938f7bc80b10202d7055c2c32a483bbb5f)
Andrew Bartlett [Fri, 15 Feb 2013 14:07:27 +0000 (01:07 +1100)]
selftest: Run dbcheck and improved upgrdeprovision tests against release-4-0-0
The improved upgradeprovision tests now call ldapcmp to verify the
changes made do actually bring the database in line with a fresh
provision.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
08f0562240155a871bd2a78d217db660e8ee3c91)
Andrew Bartlett [Fri, 15 Feb 2013 14:08:20 +0000 (01:08 +1100)]
selftest: Add ldapcmp to ensure upgradeprovision of a fresh DB is a no-op
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
d7936ee20c20635d62657cb821ff6dc4eb5fe33c)
Andrew Bartlett [Fri, 15 Feb 2013 14:05:56 +0000 (01:05 +1100)]
selftest: Add in a provision from 4.0.0 to run tests against
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
f1f36ad3517cd0e6bceb4b0cc37721a15be4d588)
Andrew Bartlett [Thu, 14 Feb 2013 04:01:10 +0000 (15:01 +1100)]
selftest: Do an ldapcmp run against the upgraded domain
This checks (with a set of known issues marked in the --filter attribute) that the upgraded
domain matches a fresh provision.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
72f73ebaff8d75fc39770ec785964b0d3c9738cc)
Andrew Bartlett [Thu, 14 Feb 2013 04:00:01 +0000 (15:00 +1100)]
samba-tool ldapcmp: Add support for checking DNSDOMAIN and DNSFOREST by default
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
24c4d818d14c3931cf0cbff3070685fe409e66c6)
Andrew Bartlett [Sun, 10 Feb 2013 21:25:41 +0000 (08:25 +1100)]
samba-tool dbcheck: fix msDS-HasInstantiatedNCs attributes to match instanceType on our ntdsDSA
This value is only a link to the local value of intanceType on our server, so only fix it for our server.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
f508435d23445a8b3076f89cbe042e2da1ac0701)
Andrew Bartlett [Fri, 1 Mar 2013 06:29:09 +0000 (17:29 +1100)]
scripting: Correct parsing of binary DN
The DN is of the form B:8:
01020304:DC=samba,DC=example,DC=com. We need
to account for the case where the 8 is actually (say) 16, and so not just
one character.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
97389c3ec24526837e91fcfcaf7439491fcdb214)
Andrew Bartlett [Fri, 15 Feb 2013 22:36:07 +0000 (09:36 +1100)]
subunit: Add a sh macro for skipping a test
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
0180a027cbc9725ae13023ddfdb8079f147864c5)
Andrew Bartlett [Thu, 14 Feb 2013 03:59:28 +0000 (14:59 +1100)]
samba-tool ldapcmp: Add --skip-missing-dn to not error on DNs present in one DB but not the other
This is needed to compare some parts of the database, particularly in --two mode, which
are just never going to have exactly the same DNs.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
606f5d6cc6b018259ba0306fe3b55e21b4b70fdb)
Andrew Bartlett [Mon, 11 Feb 2013 22:20:03 +0000 (09:20 +1100)]
samba-tool domain classicupgrade: Fix typo in error path for multiple account flags
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
161fa15697fab9effbe1db9640cece847dcf63cd)
Andrew Bartlett [Tue, 15 Jan 2013 10:53:30 +0000 (21:53 +1100)]
samba-tool domain classicupgrade: Print a better error when the ldap backend PW was not found
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
669c302f2d78ab4bbd35982373ae079246c8979d)
Andrew Bartlett [Mon, 11 Feb 2013 03:50:49 +0000 (14:50 +1100)]
samba-tool dbcheck: fix comment on err_wrong_sd
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
68f13f5d7e80f2041e140a12fc2f7139561c83ce)
Jelmer Vernooij [Fri, 28 Dec 2012 14:37:14 +0000 (15:37 +0100)]
Move python modules from source4/scripting/python/ to python/.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar 2 03:57:34 CET 2013 on sn-devel-104
(cherry picked from commit
87afc3aee1ea593069322a49355dd8780d99e123)
Andrew Bartlett [Fri, 1 Mar 2013 23:58:50 +0000 (10:58 +1100)]
build: Change bin/default/python -> bin/python symlink to bin/default/python_modules
This avoids a collision with the new top level python directory.
Andrew Bartlett
(cherry picked from commit
80fce353e740c793619005ac102ab07fb5e7d280)
Andrew Bartlett [Fri, 1 Mar 2013 21:28:11 +0000 (08:28 +1100)]
build: Rename samba_python waf node to avoid duplicate name
This makes it clearer when debuging build issues.
Andrew Bartlett
(cherry picked from commit
2d13532cb3ad3a3deaee1f158408478284bc595a)
Andrew Bartlett [Mon, 11 Feb 2013 03:46:43 +0000 (14:46 +1100)]
dsdb-descriptor: Avoid segfault copying an SD without an owner or group
This is an unusual SD, but it does exist is some very old upgraded databases.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 22 11:06:17 CET 2013 on sn-devel-104
(cherry picked from commit
e4d85fa73d3ce1f397fdd416af6b8c903a473824)
Andrew Bartlett [Mon, 11 Feb 2013 03:45:57 +0000 (14:45 +1100)]
dsdb-descriptor: Spell out security descriptor flags as constants
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
87db2331fc855473d8b3cad1c4149807823aa3c4)
Andrew Bartlett [Sun, 17 Feb 2013 07:15:52 +0000 (18:15 +1100)]
samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2
This is really important, because copying a file will both ignore
locks held by another process and break any locks we hold (due to
POSIX brain-damage regarding multiple fds on one file in a process).
By leaving this to tdbbackup in a child, both of these issues are avoided.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 19 07:48:18 CET 2013 on sn-devel-104
(cherry picked from commit
2cf83f7c645e4b216cf6f23857fd72ec0e6ca7a6)
Andrew Bartlett [Sun, 17 Feb 2013 07:41:00 +0000 (18:41 +1100)]
samba_upgradeprovision: Do not update privileges.ldb any more (unchanged since 2009)
This update was only a total oblitoration of the existing database
and not a merge, and the shutil.copy would both disregard and break
locks on the database that are held at this point.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
(cherry picked from commit
3c51e18a0cd1cb4b54cd29e312abd7cc2c0fbc98)
Andrew Bartlett [Sun, 17 Feb 2013 07:14:06 +0000 (18:14 +1100)]
scripting: Make tdb_copy a common util function in samba.tdb_util
This will allow samba_upgradeprovision to also call it.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
(cherry picked from commit
396df64ef6f2c66c35989ecda3e564d5578fe9f3)
Andrew Bartlett [Sun, 17 Feb 2013 06:57:42 +0000 (17:57 +1100)]
scripting: Make tdb_copy use the python subprocess module
This makes the code more robust to spaces in the file names (etc).
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
(cherry picked from commit
2c2759e408d9c45c2aee0c2578f45edd246afec3)
Andrew Bartlett [Fri, 15 Feb 2013 21:51:51 +0000 (08:51 +1100)]
samba_upgradeprovision: Remove options to fix FS ACLs
samba-tool ntacl sysvolreset handles this better, and makes this tool
much less confusing internally.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 19 06:06:41 CET 2013 on sn-devel-104
(cherry picked from commit
06780ae82281fb62a08d0c3604d2e679976756c2)
Volker Lendecke [Mon, 18 Mar 2013 08:36:17 +0000 (09:36 +0100)]
wkssvc: Fix bug 9727, NULL pointer dereference
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 18 11:39:27 CET 2013 on sn-devel-104
(cherry picked from commit
05a7a10c88be99d864eacd6f9d37a340022f01f6)
Stefan Metzmacher [Mon, 18 Mar 2013 11:52:50 +0000 (11:52 +0000)]
s3:waf fix build on AIX
AIX acl code needs to be built by default on AIX,
otherwise smbd will fail to start because of missing symbols
This fixes Bug 9557 - build succeeds, but binaries don't run
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Thu Mar 21 16:31:19 CET 2013 on sn-devel-104
(cherry picked from commit
1f139ae2d162ebb045ce4eabb76a138baedfe44a)
Richard Sharpe [Thu, 28 Mar 2013 02:36:43 +0000 (19:36 -0700)]
Make sure that we only propogate the INHERITED flag when we are allowed to.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Fix bug #9747 - When creating a directory Samba allows inherited bit to slip
through.
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Apr 2 23:07:34 CEST 2013 on sn-devel-104
Andrew Bartlett [Fri, 22 Mar 2013 02:47:46 +0000 (13:47 +1100)]
build: Do not pass CPP="" to pidl, skip the env variable entirely
This will cause pidl to use $CC -E instead.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
afe9343880ee27cf9fe937c6379c469435ef20d6)
The last 2 patches address bug #9739 - [PATCH] PIDL build fixes for hosts
without CPP (Solaris 11).
Andrew Bartlett [Fri, 22 Mar 2013 02:06:43 +0000 (13:06 +1100)]
build: Remove the forced use of only the first part of the compiler string
This corrects parts of
378295c3fe813c70815a14c7de608e4a859bd6cc and
301d59caf2ee6f49e108b748b0e38221dec9bb96. This is seen if CC="ccache
gcc" and CPP isn't used for some reason.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
7dc6dfd90c5182ed85042b22d4864d3e9b007531)
Andrew Bartlett [Wed, 27 Feb 2013 13:03:19 +0000 (00:03 +1100)]
scripting: No longer install samba_upgradeprovision
This tool is an important part of the toolkit a Samba Team member can
use to assist a user with the upgrade of a very old Samba 4.0 AD DC
installation.
However, like all powerful tools, it has sharp edges, and these need
to have more protection added before we recommend the tool be used.
The WHATSNEW already indicated that this tool should not be used but a
large number of users have run it, and due to lack of testing in the
past, some have run into bugs.
While this tool can be run in debug modes, by default it simply fixes
the database following a series of internal rule. This does a good
job much of the time, but does not request permission in the way that
dbcheck does, and will create extra objects for things like the DNS
partitions.
By removing this from the installed binaries, we provide another
signal that it should not be used right now, until these matters are
fixed and some clear documentation on how to safely use the tool can
be written.
Andrew Bartlett
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Mar 12 02:51:23 CET 2013 on sn-devel-104
(cherry picked from commit
389197e7c31e8d6616e6503181c088940ddb5986)
Fix bug #9728 - DO NOT install samba_upgradeprovision in 4.0.x.
Andrew Bartlett [Thu, 27 Dec 2012 23:05:40 +0000 (10:05 +1100)]
scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually them
This allows the script to be used to create/remove the samba-specific dns-SERVER account
when we do not need to create the in-directory partition.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
(cherry picked from commit
edbc26bca84ee77b5a9571ba8dc9416c0db25906)
Fix bug #9721 - samba_upgradedns patch for robustness (do not guess addresses
when just changing roles).
Andrew Bartlett [Fri, 21 Dec 2012 22:28:05 +0000 (09:28 +1100)]
samba-tool classicupgrade: Do not print the admin password during upgrade
This changes the code to only set and show a new password if no admin
user is found during the upgrade.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 16:55:23 CET 2013 on sn-devel-104
(cherry picked from commit
051a1a9c6417c2cbffa7d091ae477a6c7922d363)
Fix bug #samba-tool classicupgrade patch to not print incorrect admin passwords.
Andrew Bartlett [Thu, 23 Aug 2012 05:18:13 +0000 (15:18 +1000)]
s4-dbcheck: Allow forcing an override of an old @MODULES record
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
99d872ee9261a299add4718c38234dfe9f7658fc)
Fix bug #9719 - dbcheck patch from master needed in 4.0.
Andrew Bartlett [Fri, 28 Dec 2012 01:36:06 +0000 (12:36 +1100)]
selftest: Add test for rfc2307 mapping handling
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
c9d2ca585e198b1006bbf7f1a3c988c1188b66cb)
The last 2 patches address bug #9718 - rfc2307 patches not yet in 4.0.
Andrew Bartlett [Wed, 26 Dec 2012 09:48:12 +0000 (20:48 +1100)]
s4-idmap: Remove requirement that posixAccount or posixGroup be set for rfc2307
This change matches the source3/idmap/idmap_ad.c code, and allows this
feature to work with only the setting of the UID/GID in Active
Directory Users and Computers.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
5e0fcb04a48d96669ed4376bfa17f679e3582236)
Andrew Bartlett [Thu, 10 Jan 2013 01:00:03 +0000 (12:00 +1100)]
build: Set LD_LIBRARY_PATH in install_with_python.sh
This ensures that the python install finishes correctly.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 14:00:13 CET 2013 on sn-devel-104
(cherry picked from commit
213e7260a83d4349132e8c159798b476cec3f814)
Fix bug #9717 - install_with_python fix not yet in 4.0.x.
Jeremy Allison [Fri, 15 Mar 2013 22:05:31 +0000 (15:05 -0700)]
Fix bug #9724 - is_encrypted_packet() function incorrectly used inside server.
The is_encrypted_packet() function should only be used on the raw received data
to determine if a packet came in encrypted. Once we're inside the SMB1
processing code in smbd/reply.c we should be looking at the
smb1request->encrypted field to determine if a packet was really encrypted or
not.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Mar 16 12:44:44 CET 2013 on sn-devel-104
(cherry picked from commit
1d15fc75a33b7368049876368f4b70c188bbd55e)
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Thu Mar 21 11:15:16 CET 2013 on sn-devel-104
Andreas Schneider [Thu, 14 Mar 2013 06:29:20 +0000 (07:29 +0100)]
torture: Add ntprinting latin1 test.
Reviewed-by: Günther Deschner <gd@samba.org>
The last 7 patches address bug #9723 - Add a tool to migrate latin1 printing
tdb's to registry.
Andreas Schneider [Tue, 12 Mar 2013 17:42:02 +0000 (18:42 +0100)]
s3-net: Add encoding=<CP> to 'net printing dump'.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 10:39:08 +0000 (11:39 +0100)]
s3-net: Add encoding=<CP> to 'net printing migrate'.
This allows you to convert printing tdb's which are in e.g. in latin1 to
convert to UTF-8 and import them into the registry.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 14:17:54 +0000 (15:17 +0100)]
ndr: Pass down string_flags in ndr_pull_ntprinting_printer().
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Mon, 11 Mar 2013 14:47:00 +0000 (15:47 +0100)]
idl: Add flags for strings in ntprinting idl.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Mon, 11 Mar 2013 14:45:15 +0000 (15:45 +0100)]
ndr: Add ndr_ntprinting_string_flags() function.
It defaults to utf8string.
Reviewed-by: Günther Deschner <gd@samba.org>
Andreas Schneider [Tue, 12 Mar 2013 10:36:38 +0000 (11:36 +0100)]
pidl: Add skip option to elements.
This option allows to skip struct elements in pull and push function.
This can be used to pass flags to the structure e.g. for string values.
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 20 Mar 2013 07:49:20 +0000 (08:49 +0100)]
s4:torture: let raw.read accept larger reads than 0x10000
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The last 16 patches address bug #9706 - Parameter is incorrect on Android.
Stefan Metzmacher [Tue, 19 Mar 2013 16:11:03 +0000 (17:11 +0100)]
s4:torture: raw.read fix large reads against windows
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>