Karolin Seeger [Mon, 12 Oct 2009 11:45:39 +0000 (13:45 +0200)]
WHATSNEW: Update changes.
Karolin
(cherry picked from commit
0e52cec95a7b6040a1dd6e6bb5c5439fd3378a32)
Karolin Seeger [Mon, 12 Oct 2009 11:10:29 +0000 (13:10 +0200)]
WHATSNEW. Update changes since 3.3.8.
Karolin
(cherry picked from commit
680e39a6795729dfa5e9a748e189f1424324434f)
Karolin Seeger [Mon, 12 Oct 2009 09:24:30 +0000 (11:24 +0200)]
s3:wbc_sid: Fix build.
Use talloc_free instead of TALLOC_FREE.
Signed-off-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
95389ecdeb2e1d9d9512210a92c05c7a2d753409)
Volker Lendecke [Fri, 9 Oct 2009 20:58:14 +0000 (22:58 +0200)]
s3: Fix a memleak reported by dmarkey (cherry picked from commit
5aeb954ba9382e1975c64ac96f1e377ed6af3ae0)
Fix bug #6797.
(cherry picked from commit
68c77a51410bd3a1a0fbe61d6714a9a95b4d82cd)
Volker Lendecke [Fri, 18 Sep 2009 17:45:36 +0000 (19:45 +0200)]
s3:smbclient: Fix bug 6606 (reported as 6744) in 3.3
This is a port of
1f34ffa0ca and
24309bdb2efc to 3.3.
Fix file corruption using smbclient with NT4 server.
(cherry picked from commit
b0fdc578fb10062c36ce2df18ab37cab57a89692)
Jeremy Allison [Wed, 7 Oct 2009 22:49:56 +0000 (15:49 -0700)]
Correct fix for bug 6781 - Cannot rename subfolders in Explorer view with recent versions of Samba. Without this fix, renaming a directory ./a to ./b, whilst a directory ./aa was already open would fail. Jeremy.
(cherry picked from commit
1f604d26d038956a6ddde892610c9b2254268160)
Jeremy Allison [Thu, 8 Oct 2009 22:55:35 +0000 (15:55 -0700)]
Fix bug 6769 - symlink unlink does nothing. Jeremy.
(cherry picked from commit
fdc28f6700c97e1276e3d6ae1f242f7daa9bab9e)
Michael Adam [Thu, 8 Oct 2009 14:44:48 +0000 (10:44 -0400)]
s3:mount.cifs: make "mount.cifs -V" print the version, not usage.
(cherry-picked from
d7ca4997017e86b6f23ced64f1f1672bfb15716b)
Also make "mount.cifs -h" not exit with error exit code but with return code 0.
Michael
Part 2/2 of a fix for bug #6692 (mount.cifs segfault).
(cherry picked from commit
d41131948346619be98514331d7059d9bffecac5)
Jeff Layton [Thu, 8 Oct 2009 14:42:37 +0000 (10:42 -0400)]
Revert "cifs mount did not properly display version string when no other parameters passed in."
This reverts commit
c7bf0f4c222ae46be2a751997e03197832b494cd.
Part 1/2 of a fix for bug #6692.
(cherry picked from commit
2cda51b4e6fba53c04f87e4c2dd99a952a63d812)
Karolin Seeger [Thu, 8 Oct 2009 13:21:00 +0000 (15:21 +0200)]
WHATSNEW: Add more coherent explanation for bug #6680.
Karolin
(cherry picked from commit
6c4fe1086020d7bc278d84c56b6cbcc6e3a64b5d)
Günther Deschner [Thu, 8 Oct 2009 13:16:25 +0000 (15:16 +0200)]
s3-pamsmbpass: copy _pam_get_item and _pam_get_data from pam_winbind.
Fix bug #6790.
Guenther
(cherry picked from commit
baa2c10b11a960dd70b3d32b4868a303d85ca9b2)
Karolin Seeger [Thu, 8 Oct 2009 13:12:27 +0000 (15:12 +0200)]
WHATSNEW: List major enhancements.
Karolin
(cherry picked from commit
113e33cc8d9cb4f68345a39081580db18c0468d8)
Karolin Seeger [Thu, 8 Oct 2009 13:09:46 +0000 (15:09 +0200)]
WHATSNEW: Update release notes.
Karolin
(cherry picked from commit
30064fe10bab01bea629b0564078323725bdea03)
Günther Deschner [Fri, 19 Jun 2009 15:43:57 +0000 (17:43 +0200)]
s3-{u}mount.cifs: remove unrequired dependency on popt.
Fixes bug #6789.
Guenther
(cherry picked from commit
f8b2fc49937a72fe64c3e4310141f45fb7d679bf)
Volker Lendecke [Wed, 7 Oct 2009 13:53:46 +0000 (15:53 +0200)]
s3:winbind: Only ever handle one event after a select call
While handling an fd event, the situation with other fds can change. I've just
seen a winbind stuck in the accept() call on the privileged pipe. I can only
imagine this happen because under high load we first handled other requests and
meanwhile the client on the privileged pipe went away.
(cherry picked from commit
a4df4406f12281db60fd6612c6ebf93d77af9152)
Jeremy Allison [Mon, 5 Oct 2009 23:28:59 +0000 (16:28 -0700)]
Fix bug 6776 - Running overlapping Byte Lock test will core dump Samba daemon. Re-write core of POSIX locking logic. Jeremy.
(cherry picked from commit
faf7197b3b4ac9fefeb0fca31a888c9e84bed92f)
Andrew Klosterman [Tue, 8 Sep 2009 15:38:37 +0000 (17:38 +0200)]
s3:smbd: Fix bug 6690, wrong error check
(cherry picked from commit
076e24cbaf9009f744978b03ddf6ef593d90e9c1)
Stefan Metzmacher [Thu, 24 Sep 2009 19:35:38 +0000 (21:35 +0200)]
s3:winbindd_cm: don't invalidate the whole connection when just samr gave ACCCESS_DENIED
metze
(cherry picked from commit
c6d485583aba69b38b2972224e27edb60c3bf09a)
Günther Deschner [Wed, 7 Oct 2009 12:34:05 +0000 (14:34 +0200)]
s3:rpc_server: we need to make a copy of my_name in serverinfo_to_SamInfo3()
This is important for the case the server_info already contains a logon_server.
metze
(cherry picked from commit
855ac932cf86272aaf02bf68e1fbf0e0a2902982)
Günther Deschner [Tue, 6 Oct 2009 09:10:47 +0000 (11:10 +0200)]
s3-rpc_client: fix rpccli_set_timeout to cope with abstract transport.
taken from:
b7094c0b804984de8e0b50c17e7908a2685df557
Guenther
(cherry picked from commit
3ca4a7bb33c56aa813247d0ea51863d7ded2e5de)
Volker Lendecke [Wed, 23 Sep 2009 04:23:50 +0000 (06:23 +0200)]
s3:winbind: Fix an uninitialized variable (cherry picked from commit
0724649a8a7c04d015317d9dc2ae43ee87c1bd25)
(cherry picked from commit
b50ae28be07b93eef04e6e4b9eeb9fc440e21bd4)
Günther Deschner [Thu, 17 Sep 2009 07:43:36 +0000 (09:43 +0200)]
s3-winbindd: Fix Bug #6711: trusts to windows 2008 (2008 r2) not working.
Winbindd should always try to use LSA via an schannel authenticated ncacn_ip_tcp
connection when talking to AD for LSA lookup calls.
In Samba <-> W2k8 interdomain trust scenarios, LookupSids3 and LookupNames4 via an
schannel ncacn_ip_tcp LSA connection are the *only* options to successfully resolve
sids and names.
Guenther
(cherry picked from commit
6a8ef6c424c52be861ed2a9806f917a64ec892a6)
(cherry picked from commit
acc5e6012adca290ddc067a4ed25a8161b74250e)
Günther Deschner [Sat, 12 Sep 2009 21:30:39 +0000 (23:30 +0200)]
s3-winbindd: add cm_connect_lsa_tcp().
Guenther
(cherry picked from commit
58f2deb94024f002e3c3df47f45454edc97f47e1)
(cherry picked from commit
7e4e12f120c666f31af042ab59fd9478017740ea)
Günther Deschner [Thu, 17 Sep 2009 07:42:49 +0000 (09:42 +0200)]
s3-rpc_client: fix non initialized structure in rpccli_lsa_lookup_sids_noalloc.
Guenther
(cherry picked from commit
a4b5c792c55ef90648a528d279beec32f86a9b22)
(cherry picked from commit
bd2e674cc3ab0fb6f1d988b0b19b6ad5544512b3)
Günther Deschner [Sat, 12 Sep 2009 22:28:49 +0000 (00:28 +0200)]
s3-rpc_client: add rpccli_lsa_lookup_sids3 wrapper.
Guenther
(cherry picked from commit
2f9adf04e4b3e16c046cb371a428a8a70d5de041)
(cherry picked from commit
18ba75b763a2fec8f7b05af0444212990753fe1b)
Günther Deschner [Fri, 11 Sep 2009 17:35:14 +0000 (19:35 +0200)]
s3-rpc_client: add rpccli_lsa_lookup_names4 wrapper.
Guenther
(cherry picked from commit
ff968712bab6c2635ef74723c6f52b0fdac4b424)
(cherry picked from commit
0d4d3c8e1e5312a820fcaede65471566e75e272c)
Günther Deschner [Thu, 17 Sep 2009 06:06:34 +0000 (08:06 +0200)]
s3-winbindd: add and use winbindd_lookup_names().
Guenther
(cherry picked from commit
99c3fc19587431efda1ae6161453d84673b32071)
(cherry picked from commit
afbe7c3605edcb8f7dfc64399681f23fa947fe57)
Günther Deschner [Thu, 17 Sep 2009 05:59:25 +0000 (07:59 +0200)]
s3-winbindd: add and use winbindd_lookup_sids().
Guenther
(cherry picked from commit
f0b52b8c3133e3696db361d9d0e7d1fff0fab991)
(cherry picked from commit
5c2c17ffd62010f4590502f40aee9e40997a647a)
Günther Deschner [Thu, 10 Sep 2009 20:23:21 +0000 (22:23 +0200)]
s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_schannel().
Guenther
(cherry picked from commit
bea8e5fa6038d5abd2ec1e12f9005c4a04abb79f)
(cherry picked from commit
864c0b58aec55e37cf304b28c762a5259fc0ec67)
Günther Deschner [Mon, 5 Oct 2009 15:41:06 +0000 (17:41 +0200)]
s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_spnego_ntlmssp and cli_rpc_pipe_open_ntlmssp.
Guenther
(cherry picked from commit
41158d10cdad5b923d0bfa608f73c0daf8ccd352)
Günther Deschner [Tue, 4 Nov 2008 17:40:24 +0000 (18:40 +0100)]
s3-rpc_client: add cli_rpc_pipe_open_noauth_transport.
Guenther
(cherry picked from commit
87f61a144b8d25c90b847940ca03ced1f77b036c)
(cherry picked from commit
c968714f7910ba90c2e989e46d18c265d9f9b549)
Karolin Seeger [Wed, 7 Oct 2009 07:23:27 +0000 (09:23 +0200)]
WHATSNEW: Prepare release notes for Samba 3.3.9.
Karolin
(cherry picked from commit
f31c2218c4cd6c04b4899f46c3cc2294c677a688)
Karolin Seeger [Wed, 7 Oct 2009 06:44:52 +0000 (08:44 +0200)]
VERSION: Raise version number up to 3.3.9.
Karolin
(cherry picked from commit
b6f21ad0732d207c7c831c6094fad25e1469b426)
Jeremy Allison [Fri, 2 Oct 2009 10:23:32 +0000 (12:23 +0200)]
Second part of a fix for bug #6235.
Domain enumeration breaks if master browser has space in name.
(cherry picked from commit
d984b39d971b7fc8f66e6c5376a2b7a98dfc20d8)
Derrell Lipman [Fri, 2 Oct 2009 10:22:25 +0000 (12:22 +0200)]
Fix bug #6532.
Domain enumeration breaks if master browser has space in name.
(cherry picked from commit
e3601a43421cc51b2b4b6413f547daf6ea9b0b41)
Kumar Thangavelu [Fri, 29 May 2009 09:27:38 +0000 (11:27 +0200)]
s3/getdcname: Fix 'net' crash.
'net' command crashed when attempting to join a
domain. This occurred in a very specific case where
the DC had multiple IPs and one of the IPs was invalid.
Signed-off-by: Volker Lendecke <vl@samba.org>
Fixes bug #6420.
(cherry picked from commit
30cca93674d0dad15ad0ccfaf0d81f94d7d17b4a)
Bo Yang [Wed, 16 Sep 2009 15:58:35 +0000 (23:58 +0800)]
s3: Don't overwrite password in pam_winbind, subsequent pam modules might use the old password and new password.
Signed-off-by: Bo Yang <boyang@samba.org>
Fix bug #6735.
(cherry picked from commit
457cbb36700cf460375cdbea85ada5676e03aa45)
Volker Lendecke [Wed, 9 Sep 2009 10:24:08 +0000 (12:24 +0200)]
s3:libsmb: Correctly chew keepalive packets
Thanks a *lot* to Günther to send me the relevant traces!
Volker
Signed-off-by: Günther Deschner <gd@samba.org>
Fixes bug #6646 (Winbind authentication issue on 3.2.13/14 and 3.4.0 (was:
[Samba] Crazied NTLM_AUTH on samba 3.4.0)).
(cherry picked from commit
28674fcda7aaf839fdf5704e4133a0bd3a3f93a2)
Günther Deschner [Wed, 9 Sep 2009 00:29:58 +0000 (02:29 +0200)]
s3-winbindd: Fix Bug #6700: Use dns domain name when needing to guess server principal.
Patch from Robert LeBlanc <robert@leblancnet.us>.
Thanks!
Guenther
(cherry picked from commit
cd920dcff320a097bcc46a9468a78cedca6fb2be)
Günther Deschner [Tue, 8 Sep 2009 09:57:52 +0000 (11:57 +0200)]
s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.
The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a
W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56
byte). We should just ignore the remaining 12 zeroed bytes and proceed.
Guenther
(cherry picked from commit
e7e1e1887e79e4dcbd8836b775e387751c44f318)
Simo Sorce [Sat, 5 Sep 2009 14:18:12 +0000 (10:18 -0400)]
Check we read off the compelte event from inotify
The kernel may return a short read, so we must use read_data() to make sure we
read off the full buffer. If somethign bad happens we also need to kill the
inotify watch because the filedescriptor will return out of sync structures if
we read only part of the data.
Fixes bug #6693.
(cherry picked from commit
7fd407fefe92939ecb78400d22aac55590851f70)
Volker Lendecke [Sun, 30 Aug 2009 09:39:41 +0000 (11:39 +0200)]
s3:libwbclient: Fix bug 6349, initialize domain info struct
(cherry picked from commit
39a7cc3c1fd6a3fbb56c8030b6e12962d9fb7181)
Günther Deschner [Tue, 1 Sep 2009 09:58:05 +0000 (11:58 +0200)]
wbclient: Fix Bug #6680: always activate handling of large (> 256 byte) ntlmv2 blobs in wbcAuthenticateUserEx().
Guenther
(cherry picked from commit
7253d96fc205717d9fed973bbcad2884ce656fd9)
Volker Lendecke [Tue, 14 Jul 2009 21:12:59 +0000 (23:12 +0200)]
Fix bug 5886
Ok, that's a very long-standing one. I finally got around to install a recent
OpenLDAP and test the different variants of setting a NULL password etc.
Thanks all for your patience!
Volker
(cherry picked from commit
983c6f22f411aab2488fe41b5b06174c55108868)
Stefan Metzmacher [Thu, 27 Aug 2009 11:16:15 +0000 (13:16 +0200)]
s3:netlogon: replace cred_hash3 by des_crypt112_16
This makes sure we don't truncate the session key to 8 bytes
Fixes bug #6664.
metze
(cherry picked from commit
570a8cf5bb6924905b3ad20353d1e7b0ca087748)
Volker Lendecke [Wed, 29 Jul 2009 08:30:52 +0000 (04:30 -0400)]
Fix unqualified "net join"
Kai, please check!
Fixes bug #6585.
Thanks,
Volker
(cherry picked from commit
d8543da9dad3286cd330b98374405edb9f976e77)
(cherry picked from commit
bf7d1758a77a462d9b30cc2549a960736884ee32)
(cherry picked from commit
9509763346de5e587a098a90e33a5e38d6d00a78)
Günther Deschner [Thu, 6 Aug 2009 15:17:26 +0000 (17:17 +0200)]
s3-ldap: Fix Bug #5879. Update LDAP schema for Netscape DS 5.
Patch from TAKEDA Yasuma <yasuma@osstech.co.jp>.
Guenther
(cherry picked from commit
9fa042bb9f71057fc869e37d4cc180e8a772b1bb)
(cherry picked from commit
a01f0a4025d382c1bc82f4992ea4566db4df3818)
Stefan Metzmacher [Tue, 11 Aug 2009 09:17:14 +0000 (11:17 +0200)]
s3:winbindd: raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds.
metze
(cherry picked from commit
1e1445bc7672b17a1d689fa0f0732b05b6e04da5)
Fixes bug #6627.
(cherry picked from commit
8d57806544dade748aaac9cc493deb75d4e95735)
Michael Adam [Fri, 26 Jun 2009 12:09:10 +0000 (14:09 +0200)]
s3:passdb: fix bug #6509: use gid (not uid) cache in fetch_gid_from_cache().
With the previous code, the cache can never have been hit at all.
Michael
(cherry picked from commit
c70d54508e1cb8f5edbad02a632dfd52d65fd699)
Bo Yang [Fri, 7 Aug 2009 06:58:36 +0000 (14:58 +0800)]
s3: Unable to browse DFS when using kerberos in libsmbclient
Signed-off-by: Bo Yang <boyang@samba.org>
Fixes bug #6615.
(cherry picked from commit
40da23b6a7dc7acfbdf76a6808b7e50c6c39093e)
Karolin Seeger [Thu, 6 Aug 2009 08:06:29 +0000 (10:06 +0200)]
s3/smbldap: Fix typo in debug message.
Karolin
(cherry picked from commit
54dffbea663ecf4542d6c5e30da6e346d5d60424)
(cherry picked from commit
2538df1ea3229ea6d8242b5ae6fdd3d453395609)
Jeremy Allison [Mon, 18 May 2009 21:26:37 +0000 (14:26 -0700)]
Fix SAMR server for winbindd access. Ensure we allow MAX_ACCESS to be mapped to what we're giving Everyone. Jeremy.
Fixes bug #6504.
(cherry picked from commit
4e854cb52cfb4f3c25c92324c6e7505f1c8290b3)
Yannick Bergeron [Thu, 30 Jul 2009 23:31:24 +0000 (19:31 -0400)]
Increase the max_grp value to 128 (AIX NGROUPS_MAX value) instead of 32 to allow AIX to call sys_getgrouplist only once
(cherry picked from commit
c3e12444f57e24dcd6c9259537ed0489db4658e9)
(cherry picked from commit
2666b3e27444ffcad3afc21e276f189ac238433f)
(cherry picked from commit
1da21f70ec4cebb7ee523dda8abf4100584901f8)
Karolin Seeger [Mon, 3 Aug 2009 08:19:45 +0000 (10:19 +0200)]
s3/docs: Fix typos.
Thanks to OPC oota <t-oota@dh.jp.nec.com> for reporting!
Karolin
(cherry picked from commit
7ee7ec3fdba2ef6a6cc3e1f96a5d2154290cdb18)
(cherry picked from commit
c94d3183a8e4c7e03c0dd2771cb7b9f4665198ce)
(cherry picked from commit
1310ba934b87b804f435cef2c21e6e65590e4a83)
Jeremy Allison [Wed, 30 Sep 2009 12:27:26 +0000 (14:27 +0200)]
Fix for CVE-2009-2906.
Summary:
Specially crafted SMB requests on
authenticated SMB connections can send smbd
into a 100% CPU loop, causing a DoS on the
Samba server.
Karolin Seeger [Wed, 30 Sep 2009 11:55:06 +0000 (13:55 +0200)]
WHATSNEW: Update release notes.
Karolin
Jeremy Allison [Mon, 28 Sep 2009 11:44:12 +0000 (13:44 +0200)]
Fix for CVE-2009-2813.
===========================================================
== Subject: Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#: CVE-2009-2813
==
== Versions: All versions of Samba later than 3.0.11
==
== Summary: If a user in /etc/passwd is misconfigured to have
== an empty home directory then connecting to the home
== share of this user will use the root of the filesystem
== as the home directory.
===========================================================
Jeff Layton [Fri, 25 Sep 2009 11:01:59 +0000 (07:01 -0400)]
mount.cifs: don't leak passwords with verbose option
When running mount.cifs with the --verbose option, it'll print out the
option string that it passes to the kernel...including the mount
password if there is one. Print a placeholder string instead to help
ensure that this info can't be used for nefarious purposes.
Also, the --verbose option printed the option string before it was
completely assembled anyway. This patch should also make sure that
the complete option string is printed out.
Finally, strndup passwords passed in on the command line to ensure that
they aren't shown by --verbose as well. Passwords used this way can
never be truly kept private from other users on the machine of course,
but it's simple enough to do it this way for completeness sake.
Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
Part 2/2 of a fix for CVE-2009-2948.
Jeff Layton [Fri, 25 Sep 2009 11:00:18 +0000 (07:00 -0400)]
mount.cifs: check access of credential files before opening
It's possible for an unprivileged user to pass a setuid mount.cifs a
credential or password file to which he does not have access. This can cause
mount.cifs to open the file on his behalf and possibly leak the info in the
first few lines of the file.
Check the access permissions of the file before opening it.
Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
Part 1/2 of a fix for CVE-2009-2948.
Karolin Seeger [Mon, 28 Sep 2009 11:39:23 +0000 (13:39 +0200)]
WHATSNEW: Prepare release notes for 3.3.8.
Karolin
Karolin Seeger [Thu, 24 Sep 2009 12:28:54 +0000 (14:28 +0200)]
Raise version up to 3.3.8.
Karolin
Karolin Seeger [Tue, 28 Jul 2009 08:26:59 +0000 (10:26 +0200)]
WHATSNEW: Remove major enhancements.
There are not that much bugs that have been fixed for that release and it's a
bit difficult to determine major ones...
Karolin
(cherry picked from commit
7ac712fc96c2557a8ca51d5bf67957eb6861a21c)
Karolin Seeger [Mon, 27 Jul 2009 14:21:16 +0000 (16:21 +0200)]
WHATSNEW: Start WHATSNEW for 3.3.7.
Karolin
(cherry picked from commit
b280a2fee579fe1a999617c8e01b079e5e989c9d)
Karolin Seeger [Mon, 27 Jul 2009 13:56:02 +0000 (15:56 +0200)]
VERSION: Raise version number up to 3.3.7.
Karolin
(cherry picked from commit
fe911ee58b5c0b0c6c9c23bee8d10bbf53f5a90b)
Michael Adam [Mon, 27 Jul 2009 12:09:39 +0000 (14:09 +0200)]
docs: fix typos in the net man page.
Noted by Oota Toshiya <t-oota@dh.jp.nec.com> .
Michael
(cherry picked from commit
4d25298b133279c0918e0663cf2fd59f7e11672f)
Bo Yang [Sat, 18 Jul 2009 06:23:24 +0000 (14:23 +0800)]
handling upn
lookupname failed, cannot find domain when attempt
to change password.
This addresses bug #6560.
Signed-off-by: Bo Yang <boyang@samba.org>
(cherry picked from commit
830c4da460bcad919421acf9d537cf577b231de7)
Stefan Metzmacher [Tue, 30 Jun 2009 14:03:11 +0000 (16:03 +0200)]
s3:util: let parent_dirname() correctly return toplevel filenames
metze
(cherry picked from commit
a14efbadd53ac9678d75e6029f947d63cfa0c4e5)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This addresses bug #6526.
(cherry picked from commit
58f449318dd07240c60513559cf682aa243d3e4c)
Jeremy Allison [Thu, 2 Jul 2009 06:37:59 +0000 (08:37 +0200)]
Fix bug #6520 time stamps.
E.g. last mod time is not preserved when "unix extensions=yes" are set - and u
Cancel out any pending "sticky" writes or "last write" changes when
doing a UNIX info level set.
Jeremy.
(cherry picked from commit
5b03af33ad45368bea7cf6cabc91f62e2503de99)
Matt Kraai [Wed, 1 Jul 2009 06:18:11 +0000 (08:18 +0200)]
s3/docs: Fix typo.
This fixes bug #6519.
(cherry picked from commit
4fb1f8e8fe46b3e77c06612ac3fc3d67cf650a11)
(cherry picked from commit
39bfcc5d50892ad0c387f0ca3932e961e77fdc39)
(cherry picked from commit
408cc7ec9f4119aa9a768474152a83ef796309a9)
Jim McDonough [Mon, 29 Jun 2009 13:42:35 +0000 (09:42 -0400)]
Don't require "Modify property" perms to unjoin (bug #6481) "net ads leave" stopped working when "modify properties" permissions were not granted (meaning you had to be allowed to disable the account that you were about to delete).
Libnetapi should not delete machine accounts, as this does not
happen on win32. The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag
really means "disable" (both in practice and docs).
However, to keep the functionality in "net ads leave", we
will still try to do the delete. If this fails, we try
to do the disable.
Additionally, it is possible in windows to not disable or
delete the account, but just tell the local machine that it
is no longer in the account. libnet can now do this as well.
Don't use ads realm name for non-ads case. #6481
Also check that the connection to ads worked.
(cherry picked from commit
6f9ed71a87e4ed5665ee8999ebf987e2165629c6)
Günther Deschner [Mon, 29 Jun 2009 13:27:13 +0000 (15:27 +0200)]
s3-test: add RPC-SAMR-MACHINE-AUTH to list of tests to run against s3.
Guenther
(cherry picked from commit
99f68c7b1c527bc39acd0f9db15f65ce087c5dca)
Volker Lendecke [Tue, 16 Jun 2009 09:51:11 +0000 (11:51 +0200)]
s3/lanman: Workaround for KB932762.
This addresses bug #6498.
(cherry picked from commit
a702dea5a86f22e0b7857b67447152a06b3bbea2)
(cherry picked from commit
aa769edfcef6937927201f765509c10b60764817)
Björn Jacke [Sat, 4 Apr 2009 09:21:01 +0000 (11:21 +0200)]
s3:configure: "test" only takes one "=" (cherry picked from commit
ddd37c2b235eb03ddb438ebb2cdd14dd67f867f3)
This fixes bug #6497.
(cherry picked from commit
bcb3a4746710cb4e2800010c23b6e810c78e603d)
Karolin Seeger [Fri, 19 Jun 2009 13:23:22 +0000 (15:23 +0200)]
s3/docs: Fix typo.
This fixes bug #6412.
Thanks to Carsten Dumke <carsten [at] cdumke.de> for reporting!
Karolin
(cherry picked from commit
4ad43a21344b43f1c9fe459165098bcab1695711)
(cherry picked from commit
84750d556d0a42b5d8b134308311e2cb9a533b58)
(cherry picked from commit
304c25a518aba988c3d36e78f6a8416a340b3b33)
Günther Deschner [Wed, 13 May 2009 13:17:46 +0000 (15:17 +0200)]
s3-net: Fix bug 6340: don't segfault when cleartext trustdom pwd could not be retrieved.
Guenther
(cherry picked from commit
b4fe7ad41953c2c60bf9333cff4a5e83fcbe582e)
Jeremy Allison [Fri, 19 Jun 2009 08:10:13 +0000 (10:10 +0200)]
Fix bug #6487: Missing DFS call in trans2 mkdir call. (cherry picked from commit
1a0005e1c508cf3b170d1c7e43b94a47b2820506)
(cherry picked from commit
133cdb46be154eeceb080fa9db88a38d9f87c919)
Günther Deschner [Tue, 5 May 2009 10:54:21 +0000 (12:54 +0200)]
s3-pam_winbind: Fix Bug 6253: Use correct value for password expiry calculation.
Based on patch from Blindauer Emmanuel <samba@mooby.net>.
Guenther
(cherry picked from commit
3815e87f1ffea44c4d76e6c2515ff4894f6896c9)
Günther Deschner [Mon, 11 May 2009 16:27:40 +0000 (18:27 +0200)]
s3-lsa: Fix _lsa_LookupNames2() server implementation which always returned a NULL sid_array since 3.2.0.
Found by torture test.
This makes it possible to search for users while adding them to groups via
windows usermanager.
Fixes bug #6484.
Guenther
(cherry picked from commit
0cfe59f1b580371f445b50151ceae5aef02bf0c4)
Jeremy Allison [Thu, 18 Jun 2009 09:53:52 +0000 (11:53 +0200)]
Fix bug #6476 - more then 3000 smbd-zombies in memory
We weren't reaping children in the [x]inetd case.
Jeremy.
(cherry picked from commit
7e51314f2e18241876b049642fcb133df7e44c70)
Karolin Seeger [Thu, 18 Jun 2009 07:32:10 +0000 (09:32 +0200)]
s3/docs: Add documentation for 'net sam rights'.
This is part of a fix for bug #6328.
Karolin
(cherry picked from commit
a5a31512de9d9b9ed7eed906487dd154fde7e483)
Karolin Seeger [Wed, 17 Jun 2009 13:21:24 +0000 (15:21 +0200)]
Revert "s3/packaging: source -> source3"
This reverts commit
646d465780fd0afea2454cf2e1c732c39a93491e.
Pushed by accident...
(cherry picked from commit
8cf6e03e9ebffa759a2a66339124492ef3e8d26f)
Karolin Seeger [Wed, 17 Jun 2009 13:19:20 +0000 (15:19 +0200)]
s3/packaging: pam_winbind has been moved to section 8.
Karolin
(cherry picked from commit
13494c0f8f9459c51b520a7cf60790e9e2f475b4)
(cherry picked from commit
3c44cd7a10948454fea58f521164fdbe7e20d959)
Karolin Seeger [Wed, 17 Jun 2009 13:18:16 +0000 (15:18 +0200)]
s3/packaging: source -> source3
Karolin
(cherry picked from commit
6098be34ba62b96908e6dfe7a9d63519cee6a5af)
(cherry picked from commit
646d465780fd0afea2454cf2e1c732c39a93491e)
Günther Deschner [Tue, 16 Jun 2009 13:00:20 +0000 (15:00 +0200)]
s3-netapi: Fix Bug #6451: net/libnetapi user rename using wrong access bits.
Guenther
(cherry picked from commit
29b8e08b83eeb0ab7d33bf46981cdbad8c35dc9b)
(cherry picked from commit
adecea9ce358e30d1b3847f3931479e6f7b42592)
Jeremy Allison [Sat, 30 May 2009 20:28:03 +0000 (13:28 -0700)]
Fix bug #6421 - POSIX read-only open fails on read-only shares. The change to smbd/trans2.c opens up SETFILEINFO calls to POSIX_OPEN only. The change to first smbd/open.c closes 2 holes that would have been exposed by allowing POSIX_OPENS on readonly shares, and their ability to set arbitrary flags permutations. The O_CREAT -> O_CREAT|O_EXCL change removes an illegal combination (O_EXCL without O_CREAT) that previously was being passed down to the open syscall. Jeremy.
(cherry picked from commit
79f26472b4ae561ec00c30f31dd63ccab6dfc0c4)
Karolin Seeger [Wed, 17 Jun 2009 08:23:21 +0000 (10:23 +0200)]
s3/libsmb: Fix typo in error message.
Thanks to Herb Lewis <hlewis [at] panasas.com> for noticing!
Karolin
(cherry picked from commit
095f66b0ed74d4b5c7561ca05bbfdf33f60d0600)
(cherry picked from commit
eb3889c8b745023bfd7956bfcd961adbe78b6cea)
Karolin Seeger [Tue, 23 Jun 2009 09:35:13 +0000 (11:35 +0200)]
VERSION: Raise version number up to 3.3.6.
Karolin
Karolin Seeger [Tue, 23 Jun 2009 09:33:44 +0000 (11:33 +0200)]
WHATSNEW: Update changes since 3.3.5.
Karolin
Jeremy Allison [Fri, 19 Jun 2009 09:00:41 +0000 (11:00 +0200)]
Bug 6488: acl_group_override() call in posix acls references an uninitialized variable.
(cherry picked from commit
f92195e3a1baaddda47a5d496f9488c8445b41ad)
Karolin Seeger [Tue, 16 Jun 2009 09:49:54 +0000 (11:49 +0200)]
s3/docs: Fix typo.
Karolin
(cherry picked from commit
6e45c21384b8845422967ff1fa46e48de9fee1ab)
Karolin Seeger [Mon, 15 Jun 2009 13:08:43 +0000 (15:08 +0200)]
WHATSNEW: Fix typo.
Karolin
(cherry picked from commit
acde34bc7d5b038f5965acc0fccaff6f7658f3d5)
Karolin Seeger [Mon, 15 Jun 2009 12:31:04 +0000 (14:31 +0200)]
WHATSNEW: Update changes since 3.3.4.
Karolin
(cherry picked from commit
80e7638aed61cc908e7d658d208d1925ff16247c)
Andreas Schneider [Mon, 15 Jun 2009 10:22:58 +0000 (12:22 +0200)]
Fix the section of the pam_winbind manpage.
Signed-off-by: Andreas Schneider <mail@cynapses.org>
(cherry picked from commit
2f2ef4afae99eadb2b546319aa915f6391acce40)
Andreas Schneider [Mon, 15 Jun 2009 10:21:07 +0000 (12:21 +0200)]
Move pam_winbind to the right manpage section (8).
Signed-off-by: Andreas Schneider <mail@cynapses.org>
(cherry picked from commit
59ab1574e41993d24733affbca07d3f7da245fc7)
(cherry picked from commit
d547aab1511c72e1cab034e2945f6ad63bda6659)
(cherry picked from commit
c9b89676983c5fd0ec12df121fc5d9e06facdd80)
Andreas Schneider [Mon, 15 Jun 2009 10:16:49 +0000 (12:16 +0200)]
Dcoument the PAM data exports in the pam_winbind manpage.
Signed-off-by: Andreas Schneider <mail@cynapses.org>
(cherry picked from commit
1809ff4b2339bd3066532abccea0944da45edf64)
(cherry picked from commit
5d2dfba6d1699c6e417cc21233a1cc871f3c0ad1)
(cherry picked from commit
282682c989a8008de5f8d30c48c9a740b315a230)
Andreas Schneider [Mon, 15 Jun 2009 10:16:15 +0000 (12:16 +0200)]
Document the try_first_pass option in the pam_winbind manpage.
Signed-off-by: Andreas Schneider <mail@cynapses.org>
(cherry picked from commit
779eea49de3f53040fe792de4b74b73a0c51ecb3)
(cherry picked from commit
24d6f697844bc85a03c047e5470abcfdd53735a2)
(cherry picked from commit
2ed85b0ebfc50cad847050cc6b5269c470956ea3)
Andreas Schneider [Mon, 15 Jun 2009 10:15:26 +0000 (12:15 +0200)]
Add a synopsis section to the pam_winbind manpage.
Signed-off-by: Andreas Schneider <mail@cynapses.org>
(cherry picked from commit
24f9f32fedb92f881658db856db15173e57af0bd)
(cherry picked from commit
55df96313c5b966f41b0b5c426cf6a420cafa855)
(cherry picked from commit
f738862d9f419fec27c9fb15c880a452aff333d9)
Jeremy Allison [Mon, 15 Jun 2009 08:43:27 +0000 (10:43 +0200)]
Revert the extra SAMR and LSA checks.
These were added between 3.2.4 and 3.2.5 that have caused users problems.
This fixes among others bug #6089 and #6112.
(cherry picked from commit
bd2f3695c117773032e16958a0266d0d1e75defe)
Karolin Seeger [Mon, 15 Jun 2009 06:33:22 +0000 (08:33 +0200)]
s3/libsmb: Fix debug message.
This fixes bug #6472.
Karolin
Signed-off-by: Volker Lendecke <vl@samba.org>
Was commit
f92269a6 in master.
(cherry picked from commit
7108ebb87902f3b5d2c43ba95d557278ad8e120f)
Jeremy Allison [Fri, 12 Jun 2009 13:41:20 +0000 (15:41 +0200)]
Fix bug #6297 - owner of sticky directory cannot delete files created by others. The reason we couldn't delete was we were erroring out early if requestor was not the owner of the file we wanted to delete, instead of checking if the requestor owned the directory as well. If either of these is true, we must go on and check the ACL. Karolin, this is a must for 3.4.0 and also 3.3.next. I'll update the bug report with patches for 3.4.0 and 3.3.next and ask vl to review. Jeremy.
(cherry picked from commit
966a51da8998cfd15875ba047b7f765c84b914dd)
git.samba.org / aaptel / samba-autobuild / .git / log