IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
No change in behaviour as we still ignore lookup erros as well as a not-found
result.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Returns NTSTATUS instead of bool. lookup_name_smbconf() becomes a thin
wrapper around lookup_name_smbconf_ex().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
lookup_name() becomes a thin wrapper around lookup_name_internal(). Prepares for
adding more callers to lookup_name_internal() that are interested in the
NTSTATUS return value to distinguish between NAME_NOT_FOUND lookup results and
real errors.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
No change in behaviour, prepares for returning NTSTATUS instead of bool from
lookup_name().
Review-with: git show -w
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Differs from winbind_lookup_name() by
- returning NTSTATUS instead of bool, so callers can distinguish between
STATUS_NAME_NOT_FOUND lookup results and real errors.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This basically reverts commit 313db81ad3de6cf7759d6a0fc21ee32419b2e62b.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
In this case names that couldn't be resolved will be have a NULL sid pointer
which would trigger a crash in sid_copy().
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Previously LookupNames would fail if a name could not be translated, so winbindd
clients like libwbclient couldn't differentiate between not being able to talk
to a DC and just an unkown name.
As a visible change this alters
$ bin/wbinfo -n Idontexist
failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup name Idontexist
to
$ bin/wbinfo -n Idontexist
failed to call wbcLookupName: WBC_ERR_SOME_NOT_MAPPED
Could not lookup name Idontexist
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
No change in behaviour.
After calling set_domain_offline() domain->offline will be set to false, iow
everytime
if (!domain->internal && was_online)
is true,
if (!domain->internal &&
!domain->online &&
was_online)
will also true, so we can drop the second if expression.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
A lot easier to make sense of the complex logic when using this name.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Not adding a specific test for per-user hide files as that uses the exact same
mechanism as the per-user veto files.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Test files are stored beneath "$SHAREPATH/dir1", not "$SHAREPATH/dir_1".
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Needed to fix circular dependencies between samba-passdb, secrets3 and
samba3util (iirc).
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Prepares for adding per-user support to both options. I don't think it makes
sense also adding per-user support to "veto oplock files" and "aio write behind"
so I'm ignoring those.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reduces indentation of the code code that is run in this function and prepares
for adding more of it.
Review with: git show -w
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
We should avoid using /tmp in selftest
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 23 13:53:13 UTC 2024 on atb-devel-224
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15683
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 19 11:13:28 UTC 2024 on atb-devel-224
In standalone setups we use the PAM stack to verify
the plaintext authentication, so we need to pass it
down...
There are still production systems out there
(legacy audio/video recording systems...)
using this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 17 11:17:54 UTC 2024 on atb-devel-224
pam_matrix calls smb_pam_conv() with resp=NULL in some situation,
we should not segfault...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Updating things like the bad pwd count should not clear the
stored LM HASH with 'lanman auth = no'.
This allows testing with 'lanman auth = no' and 'lanman auth = yes'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This demonstrates that we currently have problems with
plaintext and lanman authentication. In both domain member
and standalone setups.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
DEBUG_PASSWORDS --> DEBUG_PASSWORD
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Wed Jul 17 08:49:46 UTC 2024 on atb-devel-224
"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: tainted_data_return: Called function ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"", and a possible return value may be less than zero.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: assign: Assigning: ""thistime"" = ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"".
samba-4.20.0rc2/source3/modules/vfs_preopen.c:221: overflow: The expression ""nread"" is considered to have possibly overflowed.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: overflow: The expression ""talloc_get_size(namebuf) - nread"" is deemed overflowed because at least one of its arguments has overflowed.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: overflow_sink: ""talloc_get_size(namebuf) - nread"", which might have underflowed, is passed to ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"". [Note: The source code implementation of the function has been overridden by a builtin model.]
213| ssize_t thistime;
214|
215|-> thistime = read(sock_fd, namebuf + nread,
216| talloc_get_size(namebuf) - nread);
217| if (thistime <= 0) {"
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Can't test these in selftest, we can't create devices and I don't want
us to depend on /dev to exist. Tested manually on a system where
/dev/null exists:
Try "help" to get a list of possible commands.
smb: \> allinfo null
altname: null
create_time: Fri Jun 21 02:45:59 PM 2024 CEST
access_time: Fri Jun 21 02:45:59 PM 2024 CEST
write_time: Fri Jun 21 02:45:59 PM 2024 CEST
change_time: Fri Jun 21 02:45:59 PM 2024 CEST
attributes: (480)
stream: [::$DATA], 0 bytes
0x80000014 (IO_REPARSE_TAG_NFS)
0x524843 (NFS_SPECFILE_CHR)
1/3
smb: \>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 12 21:36:16 UTC 2024 on atb-devel-224
For the last major release(v4.20) we had a warning issued(fe16ae1fe834)
to inform about the plan to disable building vfs_ceph in the absence of
certain required APIs. This is now due to make the changes and further
disable building the module if minimum required libcephfs APIs are not
present. As we speak this requirement includes ceph_select_filesystem()
and *at() variants of libcephfs APIs. These were around since v17(even
earlier for ceph_select_filesystem) which is the lowest non-EOL version
of Ceph available[1] at the moment.
[1] https://docs.ceph.com/en/latest/releases/#ceph-releases-index
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Tue Jul 9 13:05:47 UTC 2024 on atb-devel-224
