IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Only link to nss_wrapper when it is enabled.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct 23 07:35:28 UTC 2010 on sn-devel-104
Not needed - privileges code prevents "enable privileges = no" from adding privileges
anyway.
This reverts commit a8b95686a7.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 23:41:36 UTC 2010 on sn-devel-104
to maintain compatibility with smb.conf manpage.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 18:15:48 UTC 2010 on sn-devel-104
Avoid linking against socket_wrapper outside of developer mode.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu Oct 21 20:26:11 UTC 2010 on sn-devel-104
open and get/set NT security descriptor code.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 21 00:15:57 UTC 2010 on sn-devel-104
through Get_Pwnam_alloc(), which is the correct wrapper function. We were using
it *some* of the time anyway, so this just makes us properly consistent.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
We need the system server info in the rpc services.
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Mon Oct 18 12:43:16 UTC 2010 on sn-devel-104
that is called from many places, not just smb.conf processing. Only
clean parametric options when doing actual smb.conf reading (or
registry equivalent).
Michael Adams, Volker, Metze, please check.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 16 06:46:19 UTC 2010 on sn-devel-104
Samba ACL module to ignore mapping to lower POSIX layer. With this
fix Samba 3.6.x now passes RAW-ACLs (with certain smb.conf parameters
set).
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 16 01:26:31 UTC 2010 on sn-devel-104
It turns out a client can send an NTCreateX call for a new file, but specify
FILE_ATTRIBUTE_DIRECTORY in the attribute list. Windows silently strips this,
but we don't - causing the unix_mode() function to go through the "mode bits
for new directory" codepath, instead of the "mode bits for new file" codepath.
Jeremy.
The source3/ code uses these constants in a lot of places, and it will
take time and care to rename them, if that is desired. Linking the
macros here will at least allow common code to use the IDL based macros,
and preserve a documentary link between the constants (other than just their value)
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
These are unused in source3/ code at the moment, but it would be
unfortunate if that were to change, and this function not be updated.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This prints the security token including the privileges as strings
instead of just a bitmap.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
The wrapper call is left here to avoid changing semantics for
the NULL parameter case.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
ported from the v3-4-ctdb branch to master
This used to be commit 1f138cc9f4a
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Oct 13 13:34:25 UTC 2010 on sn-devel-104
convert the onclose option of the vfs_syncops module from a
global option to a service-specific one
as preparation for further flags, use a struct to store in the VFS handle
instead of just the onclose flag
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
the "protected" inheritance problem (bleeding up from the POSIX
layer).
Jeremy
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Oct 12 00:57:41 UTC 2010 on sn-devel-104
All I see is a fd_event that does not need a special destructor.
Tim, Steven, I've added the #error as well for you to remove after review.
Thanks,
Volker
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Oct 8 20:48:11 UTC 2010 on sn-devel-104
As pointed out by an OEM, the code within smbd/posix_acl.c, even though passed
a const pointer to a security descriptor, still modifies the ACE entries within
it (which are not const pointers).
This means ACLs stored in the extended attribute by the acl_xattr module have
already been modified by the POSIX acl layer, and are not the original intent
of storing the "unmodified" ACL from the client.
Use dup_sec_desc to make a copy of the incoming ACL on talloc_tos() - that
is what is then modified inside smbd/posix_acl.c, leaving the original ACL
to be correctly stored in the xattr.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 8 00:37:53 UTC 2010 on sn-devel-104
This fixes a crash in the echo responder when the client started to send the
NetBIOS-Level 0x85-style keepalive packets. We did not correctly check the
packet length, so the code writing the signing seqnum overwrote memory after
the malloc'ed area for the 4 byte keepalive packet.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 7 19:47:35 UTC 2010 on sn-devel-104
These are both exclusive to Solaris/OpenSolaris.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 7 00:26:39 UTC 2010 on sn-devel-104
Without this, we can get a writable pipe end, but the writev call on the pipe
will block.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Oct 6 13:57:30 UTC 2010 on sn-devel-104
in the destination struct for a rename, so set the flag appropriately.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 6 00:29:51 UTC 2010 on sn-devel-104
This allows to run make test (w/o smbtorture4 for now) using waf.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Oct 5 18:24:55 UTC 2010 on sn-devel-104
From pjb1008@cam.ac.uk - Service numbers start from 0.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Oct 5 17:32:34 UTC 2010 on sn-devel-104
We don't do the fancy symlinking to idmap modules though.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Oct 5 10:50:53 UTC 2010 on sn-devel-104
It is not universally guaranteed that an enum is represented as a uint32_t.
This starts to be THE BUG (tm) in Samba. What can I do to explain this
to people a bit better? It seems that the verbose explanations I put into
the recent checkins fixing similar bugs are not clear enough.
Anybody who does is not 100% clear about what this patch fixes please
contact me directly so that we can talk it through on the phone to agree
on a wording that everybody can understand.
Thanks,
Volker
Quite a few of our internal routines put stuff on talloc_tos() these days.
In top-level netapi routines, properly allocate a stackframe and clean it
again. Also, don't leak memory in the rpccli_ callers onto the libnetapi
context.
Previously, only one fd handler was being called per main message loop
in all smbd child processes.
In the case where multiple fds are available for reading the fd
corresponding to the event closest to the beginning of the event list
would be run. Obviously this is arbitrary and could cause unfairness.
Usually, the first event fd is the network socket, meaning heavy load
of client requests can starve out other fd events such as oplock
or notify upcalls from the kernel.
In this patch, I have changed the behavior of run_events() to unset
any fd that it has already called a handler function, as well
as decrement the number of fds that were returned from select().
This allows the caller of run_events() to iterate it, until all
available fds have been handled.
I then changed the main loop in smbd child processes to iterate
run_events(). This way, all available fds are handled on each wake
of select, while still checking for timed or signalled events between
each handler function call. I also added an explicit check for
EINTR from select(), which previously was masked by the fact that
run_events() would handle any signal event before the return code
was checked.
This required a signature change to run_events() but all other callers
should have no change in their behavior. I also fixed a bug in
run_events() where it could be called with a selrtn value of -1,
doing unecessary looping through the fd_event list when no fds were
available.
Also, remove the temporary echo handler hack, as all fds should be
treated fairly now.
this fails intermittently on sn-devel. Guenther suggested adding it to
knownfail
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Oct 1 04:37:36 UTC 2010 on sn-devel-104
This is supposed to improve the winbind reconnect time after an ip address
has been moved away from a box. Any kind of HA scenario will benefit from
this, because winbindd does not have to wait for the TCP timeout to kick in
when a local IP address has been dropped and DC replies are not received
anymore.
If select returns -1, we can't rely on the fd sets. The current code might loop
endlessly because when putting an invalid fd (the closed socket?) on the read
set, a select implementation might choose not to touch it but directly return
with EINVAL. Thus run_events will see the socket readable, which leads to a
"return true", and thus a NT_STATUS_RETRY -> same game again.
We should never get into this situation, but to me the logfiles given in bug
7518 do not reveal enough information to understand how this can happen.
Without this, all security descriptor checks for the winreg spoolss backend fail
and make our spoolss system in its current shape basically unusable.
Andreas, please check.
Guenther
