1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

516 Commits

Author SHA1 Message Date
Jeremy Allison
b0a434386d s3:param: Add new option "strict rename".
Control whether smbd can rename directories containing
open files. Defaults to "no" (meaning we *can* do
such renames).

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-10-31 03:47:40 +01:00
Andrew Bartlett
0f6ad5370e docs: Explain that winbindd enforces smb signing by default.
Change-Id: I9341fa3bd7480836ac5e0c18e28458175b42d44a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-10-17 12:57:08 +02:00
Andrew Bartlett
14f6256c51 s3-winbindd: Allow winbindd to connect over SMB2 to servers
This allows SMB signing to work against many more DCs, and so improves network security.

The default for "client max protocol" remains NT1 in the rest of the code.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-10-08 01:09:51 +02:00
Stefan Metzmacher
6db8a55601 docs-xml: document SMB3_10 as available protocol for the client side
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-10-07 22:47:04 +02:00
Andrew Bartlett
afe02d12f4 winbindd: Change value of "ldap sasl wrapping" to sign
This is to disrupt MITM attacks between us and our DC

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2014-09-30 12:32:05 +02:00
Marc Muehlfeld
4639f6d7ba docs: Fix typos in smb.conf (inherit acls)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10761

Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug  7 00:52:42 CEST 2014 on sn-devel-104
2014-08-07 00:52:42 +02:00
Stefan Metzmacher
98426ad467 lib/param: change the default for "winbind expand groups" to "0"
Expanding groups requires the usage of SAMR, which is often not possible
with the trust account credentials. This has caused a lot of trouble
in the past, as this is the only operation which requires a member to
contact a dc of a trusted domain directly, which is not always possible.
With this changed default, it should only be required to contact
a dc of our own domain. This is the correct behavior for a domain member.

As expanding groups is mostly cosmetic, we should avoid it.
This is similar to "winbind enum users" and "winbind enum groups",
which are also off by default.

Only some broken applications calculate the group memberships of
users by traversing groups, such applications will require
"winbind expand groups = 1".

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Björn Jacke <bj@sernet.de>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 31 18:48:36 CEST 2014 on sn-devel-104
2014-07-31 18:48:36 +02:00
Jeremy Allison
2535803627 s3: winbindd: Add new parameter "winbind request timeout" set to 60 seconds with man page.
"This parameter specifies the number of seconds the winbindd
daemon will wait before disconnecting either a client connection
with no outstanding requests (idle) or a client connection with a
request that has remained outstanding (hung) for longer than this
number of seconds."

Bug 3204 winbindd: Exceeding 200 client connections, no idle connection found

https://bugzilla.samba.org/show_bug.cgi?id=3204

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2014-07-29 21:08:12 +02:00
Stefan Metzmacher
a6523d78c3 s3:smb2_negprot: change "smb max {read,write,trans}" to 8MiB (as default)
This matches Windows 2012R2.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 11 04:59:29 CEST 2014 on sn-devel-104
2014-07-11 04:59:29 +02:00
Garming Sam
93448f4be9 param: change a number of parameters from P_LIST to P_CMDLIST
These parameters are being changed to use their original syntax to match source3.

netbios aliases, interfaces, auth methods, invalid users, valid users,
admin users, read list, write list, hosts allow, hosts deny, preload
modules, smb ports, name resolve order, svcctl list, cluster addresses,
init logon delayed hosts, wins server, eventlog list, usershare prefix
allow list, usershare prefix deny list, vfs objects, winbind nss info

The documentation has also been changed to be consistent with the
change.

Change-Id: I536481098a508e0366c910b180f2db6a6f0634a9
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@samba.org>
2014-07-07 23:32:35 +02:00
Andrew Bartlett
f3710320ce s4-winbind: Use winbindd in the AD DC by default
(Including changes to knownfail to match the new winbindd in use in each environment)

Change-Id: I9e08086eba98e95e05a99afef28315e2857aae56
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  4 05:19:54 CEST 2014 on sn-devel-104
2014-07-04 05:19:54 +02:00
Andrew Bartlett
655cd95f00 docs: Remove most references to Samba-3 and change to just Samba
References are kept where the version number makes sense in the context.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-06-03 19:00:14 +02:00
Andreas Schneider
416958ca62 doc-xml: Add documentation for 'spoolss: os_[major|minor|build]' options.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2014-05-23 17:44:28 +02:00
Andrew Bartlett
9d5f4cabf3 lib/param: Add new parameter "old password allowed period"
Change-Id: I46228b492ba71ba4f3fee380a1ccadb328e3ade1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-02 17:12:47 +02:00
Stefan Metzmacher
24054b5f8b s3:param: move lp_ctdbd_socket() to ctdbd_conn.c
This allows us to use CTDB_PATH only in ctdbd_conn.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-03-24 17:09:10 +01:00
Björn Baumbach
1b5a6d8d78 docs-smbdotconf: fix WINBINDD_SOCKET_DIR path in fallback table
Signed-off-by: Björn Baumbach <bb@sernet.de>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar  3 23:42:22 CET 2014 on sn-devel-104
2014-03-03 23:42:22 +01:00
Björn Baumbach
a5e5547ad4 docs-smbdotconf: Fix build - add missing XML entities (config paths)
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-03-03 12:19:25 -08:00
Garming Sam
218d3976a5 param: change share backend to use a constant string
Substitution is not necessary for this parameter.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 12 03:17:39 CET 2014 on sn-devel-104
2014-02-12 03:17:38 +01:00
Garming Sam
f38b1dbbe5 param: change fstype to use a constant string
Substitution isn't really necessary for this parameter.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-12 13:17:14 +13:00
Garming Sam
89ff7b0d85 param: remove special cases for tls files
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-12 13:17:14 +13:00
Andrew Bartlett
0c7ed5a8ab param: No longer have a special case for lp_configfile
This parameter is renamed because it does not normally return the current smb.conf file, but
instead returns the next one, as found in a config file = directive, to be loaded.

This avoids a conflict with the lpcfg_configfile from lib/param, which does refer to the
current smb.conf path.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-12 13:17:13 +13:00
Andrew Bartlett
4ea7318e56 lib/param: Remove special handling for 'state dir' and 'cache dir'
The build system gives these two parameters different defaults
(compared with lock dir) in both the --enable-fhs and default mode, so
the logic to use lock dir no longer applies unless the build has been
very specially constructed.

Therefore, remove the special case handling and make these normal
parameters again.

Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-12 13:17:13 +13:00
Andrew Bartlett
86850860f8 lib/param: Normalise "read raw" and "write raw" parameters
They have been changed to function like normal parameters,
removing a special case in the loadparm system.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-12 13:17:13 +13:00
Garming Sam
bb0b85777b docs: insert function name "wins_dns_proxy" into dns proxy parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Garming Sam
372072f104 docs: insert function name "wins_server_list" into wins server parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Garming Sam
023045ffaf docs: insert function name "_disable_spoolss" into disable spoolss parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Garming Sam
b0ccb91602 docs: insert function name "logfile" into log file parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Garming Sam
77835145df docs: insert function name "defaultservice" into default service parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Garming Sam
4864ac979c docs: insert function name "auto_services" into preload parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Garming Sam
d3b9d77c6f docs: insert function name "we_are_a_wins_server" into wins support parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Garming Sam
ca39dc8e12 docs: insert function name "timestamp_logs" into debug timestamp parameter
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-02-10 15:26:44 +13:00
Shekhar Amlekar
be8cd928cf docs-xml: Add parameter CSC policy to the change share command.
Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>

Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Thu Feb  6 19:43:06 CET 2014 on sn-devel-104
2014-02-06 19:43:06 +01:00
Garming Sam
caa1db7358 docs: insert meta data for copy parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:31 +01:00
Garming Sam
1fab5fe2a2 docs: insert meta data for max print jobs parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:30 +01:00
Garming Sam
d9f6ea99e3 docs: insert meta data for wide links parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:29 +01:00
Garming Sam
e435807734 docs: insert meta data for -valid parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:29 +01:00
Garming Sam
9e32e1a39a docs: insert meta data for available parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:28 +01:00
Garming Sam
779443d4aa docs: insert meta data for tls keyfile parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:28 +01:00
Garming Sam
7a84d455e9 docs: insert meta data for tls dh params file parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:27 +01:00
Garming Sam
0eb41b0515 docs: insert meta data for tls crlfile parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:27 +01:00
Garming Sam
1eac2cd317 docs: insert meta data for tls certfile parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:26 +01:00
Garming Sam
adcda7fea3 docs: insert meta data for tls cafile parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:25 +01:00
Garming Sam
f08135ea75 docs: insert meta data for state directory parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:25 +01:00
Garming Sam
333eef827f docs: insert meta data for printcap name parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:24 +01:00
Garming Sam
d4822272c6 docs: insert meta data for ldap user suffix parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:24 +01:00
Garming Sam
46da271af1 docs: insert meta data for ldap machine suffix parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:23 +01:00
Garming Sam
a32400d2c4 docs: insert meta data for ldap idmap suffix parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:23 +01:00
Garming Sam
e57ef85810 docs: insert meta data for ldap group suffix parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:22 +01:00
Garming Sam
4122a64464 docs: insert meta data for include parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:21 +01:00
Garming Sam
7c94edbc78 docs: insert meta data for idmap uid parameter - mark do not generate function
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-02-03 00:47:21 +01:00