IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
In Samba3 there is a very handy Makefile target 'test_pam_modules'. It let
quickly veryfy, that obtained PAM module actually is loadable and doesn't
miss any dependency libs. the only problem that on FreeBSD it doesn't work
OOTB, as it unconditionally adds -ldl to the list of libraries when FreeBSD
doesn't have it and doesn't need it.
This small patch fixes the problem for FreeBSD and, I hope, still valid
for othe systems, where -ldl is required. Has to be tested there though.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
It seems, that SMB_LIBRARY macro has small bug in the logic, when showing
if shall the SHARED version of the library be build.
If the default value is given as a parameter, it reports "yes" when library
is going to be build(?).
This small patch makes report consistent.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
In addition to [FreeBSD 14] there is another place, where we (re)define
SIGRTMIN - in SMB_IF_RTSIGNAL_BUG macro in /source3/m4/aclocal.m4.
Here is another small patch.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
In the includes we define SIGRTMIN to 32 if it's not defined already. This
value could be fairly low and it's better to use NSIG(number of defined
signals) as the lower mark for the available signals.
We have similar defenition in the source3/smbd/aio.c, which can be safely
removed, as it comes from includes.h then.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Enabling dmalloc in Samba3 build leads to the wrong detection of the
strndup() function - there isn't one in FreeBSD prior to 7.2, but
dmalloc defines it, so, farther tests with -ldmalloc added wrongly
find it. the cheapest fix is to move dmalloc detection and inclusion
to the bottom of configure, so it can't affect detection of the system
capabilities.
Here is the patch.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This patch for Samba4. It's not really inspired by any real need, just
for the consistency. We define replace/system/locale.h as a generic
header, that includes all locale related headers and we are using
nl_langinfo at least in Samba3. So, it would be consistent to add yet
another locale-related header to the set of locale.h headers.
Here is the patch.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This patch is for Samba4. It adds configure tunable for modulesdir -
location, where modules should be installed. In the case, when no
FHS compliance is used and libdir is redefined, modulesdir still
points to $PREFIX/modules. In some installations it may be not desired.
I'd rather set it myself :)
So, here is the patch.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This patch is relevant for Samba4 source mostly. The way, how readline
compiled under FreeBSD makes it require stdio.h to get all the necessary
declarations. Without this addition rl_event_hook is not properly detected.
With regards,
Timur Bakeyev.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Add a new section entitled FILE AND DIRECTORY OWNERSHIP AND PERMISSIONS
that attempts to cover information about this topic. Change the uid=
and gid= options to refer to that section. Add new varlistentries for
forceuid, forcegid and dynperm.
Also update the information about how the program behaves when installed
as a setuid binary.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
when _samr_LookupRids is called with no rids, it needs to return
NT_STATUS_NONE_MAPPED (not NT_STATUS_NO_MEMORY).
Found by RPC-SAMR torture test.
Guenther
This is the third attempt to clean up the checks when a setuid
mount.cifs is run by an unprivileged user. The main difference in this
patch from the last one is that it fixes a bug where the mount might
have failed if unnecessarily if CIFS_LEGACY_SETUID_CHECK was set.
When mount.cifs is installed setuid root and run as an unprivileged
user, it does some checks to limit how the mount is used. It checks that
the mountpoint is owned by the user doing the mount.
These checks however do not match those that /bin/mount does when it is
called by an unprivileged user. When /bin/mount is called by an
unprivileged user to do a mount, it checks that the mount in question is
in /etc/fstab, that it has the "user" option set, etc.
This means that it's currently not possible to set up user mounts the
standard way (by the admin, in /etc/fstab) and simultaneously protect
from an unprivileged user calling mount.cifs directly to mount a share
on any directory that that user owns.
Fix this by making the checks in mount.cifs match those of /bin/mount
itself. This is a necessary step to make mount.cifs safe to be installed
as a setuid binary, but not sufficient. For that, we'd need to give
mount.cifs a proper security audit.
Since some users may be depending on the legacy behavior, this patch
also adds the ability to build mount.cifs with the older behavior.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
The 'ldap suffix' is not added automatically to the 'ldap admin dn'.
This fixes bug #5584.
Thanks to Stefan Bauer <stefan.bauer [at] plzk.de> for reporting!
Karolin