IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
NT4 is long dead, and we should not change which ACL we return based
on what we think the client is. The reason we should not do this, is
that if we are using vfs_acl_xattr then the hash will break if we do.
Additionally, it would require that the python VFS interface set the
global remote_arch to fake up being a modern client.
This instead seems cleaner and removes untested code (the tests are
updated to then handle the results of the modern codepath).
The supporting 'acl compatability' parameter is also removed.
Andrew Bartlett
Reviewed by: Jeremy Allison <jra@samba.org>
Signing cannot be disabled for SMB2 by design, so fix the documentation
instead.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 3 23:47:23 CEST 2012 on sn-devel-104
This reverts commit e809abf55f.
This parameter still exists, it is just only used as parametric option
in the code and not easy to spot when looking out for lp_xxx
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Thu Sep 27 06:18:38 CEST 2012 on sn-devel-104
This means that instead of failing due to the default commandline values not being quite correct
that we clearly fail at loadparm and testparm time when parsing the printing= line.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 3 10:30:37 CEST 2012 on sn-devel-104
This parameter is only used in our NBT client code and in nmbd as a
fallback when we fail to select a better interface from "interfaces"
to use directly.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 27 12:16:25 CEST 2012 on sn-devel-104
This essentially reverts the commit 611ef42053
Author: Yasuma Takeda <yasuma@osstech.co.jp>
Date: Fri Dec 5 13:37:51 2008 -0800
Fix bug #5944 - nmbd does not boot if socket adress = "" is defined in smb.conf
Intead, the documentation is fixed so that the correct default is
recorded. Removing the special case handling here allows this to be
dealt with in the same way as all other parameters.
Andrew Bartlett
Changes from Lars Müller and Olaf Flebbe:
a) The location in the filesystem defaults to STATEDIR/usershare
b) If undefined the default location is used; if set to zero (the
default) user defined shares are ignored.
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Tue Jun 26 19:55:00 CEST 2012 on sn-devel-104
Thanks to Frans Luteijn <f.a.g.luteijn at knoware.nl> for providing the fixes!
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Mon Jun 11 23:16:26 CEST 2012 on sn-devel-104
This falls out of the removal of security=share, because we now require that
a session setup has been performed before (essentially) all other operations.
Andrew Bartlett
This matches the lib/param code, as is a seperate parameter for the
client there.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed May 30 06:04:41 CEST 2012 on sn-devel-104
Add hint that setting "profile acls = yes" on normal shares can cause trouble.
Karolin
Autobuild-User: Karolin Seeger <kseeger@samba.org>
Autobuild-Date: Tue May 8 18:47:59 CEST 2012 on sn-devel-104
Part of a fix for bug #7938. Based on a patch provided by John Bradshaw
<john@johnbradshaw.org>.
Karolin
Autobuild-User: Karolin Seeger <kseeger@samba.org>
Autobuild-Date: Tue May 8 13:56:32 CEST 2012 on sn-devel-104
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.
The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok. This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server
At the same time, this closes the door on one of the most arcane areas
of Samba authentication.
Naturally, full user-name/password authentication remain available in
security=user and above.
This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.
Andrew Bartlett
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| SEC_SHARE |
| security=share |
| |
| |
| 5 March |
| |
| 2012 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
Change the defaults and the documentation to reflect the 64k limit.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Oct 13 12:22:23 CEST 2011 on sn-devel-104
Add "allow insecure widelinks" to re-enable the ability (requested
by some sites) to have "widelinks = yes" and "unix extensions = yes".
Based on an original patch by Linda Walsh <samba@tlinx.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Sep 14 03:55:45 CEST 2011 on sn-devel-104
The only users I can find of this on the internet involve confused
users, and our own documentation recommends never setting this. Don't
confuse our users any longer.
Andrew Bartlett
This strange parameter is apparently very rarely used, and it seems to
me that on modern networks, if clients don't have correct clocks and
DST offsets, that many other things (Kerberos) start to fail pretty
quickly, and time and DST tables tend to be internet delivered anyway.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Jun 11 03:54:45 CEST 2011 on sn-devel-104
This means that it no longer takes % substituations, and so the documentation for this behaviour is removed from the smb.conf manpage. (This mode is only useful in security=server, which is already marked as deprecated in 3.6).
Andrew Bartlett
This follows up on the agreement on the samba-technical list in Jan
2011 to deprecate these options, and to possibly remove these in the
4.0 release after user feedback.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri May 13 19:51:41 CEST 2011 on sn-devel-104
This reverts commit ecf48af135.
This makes Samba unusable on systems without Linux and
a modern Filesystem.
This was discussed with Jeremy on IRC:
http://irclog.samba.org/2011/01/20110126-Wed.log
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Mar 28 09:00:09 CEST 2011 on sn-devel-104
Since commit 7022554, smbds share a printcap cache (printer_list.tdb),
therefore ordering of events between smbd processes is important when
updating printcap cache information. Consider the following two process
example:
1) smbd1 receives HUP or printcap cache time expiry
2) smbd1 checks whether pcap needs refresh, it does
3) smbd1 marks pcap as refreshed
4) smbd1 forks child1 to obtain cups printer info
5) smbd2 receives HUP or printcap cache time expiry
6) smbd2 checks whether pcap needs refresh, it does not (due to step 3)
7) smbd2 reloads printer shares prior to child1 completion (stale pcap)
8) child1 completion, pcap cache (printer_list.tdb) is updated by smbd1
9) smbd1 reloads printer shares based on new pcap information
In this case both smbd1 and smbd2 are reliant on the pcap update
performed on child1 completion.
The prior commit "reload shares after pcap cache fill" ensures that
smbd1 only reloads printer shares following pcap update, however smbd2
continues to present shares based on stale pcap data.
This commit addresses the above problem by driving pcap cache and
printer share updates from the parent smbd process.
1) smbd0 (parent) receives a HUP or printcap cache time expiry
2) smbd0 forks child0 to obtain cups printer info
3) child0 completion, pcap cache (printer_list.tdb) is updated by smbd0
4) smbd0 reloads printer shares
5) smbd0 notifies child smbds of pcap update via message_send_all()
6) child smbds read fresh pcap data and reload printer shares
This architecture has the additional advantage that only a single
process (the parent smbd) requests printer information from the printcap
backend.
Use time_mono in housekeeping functions As suggested by Björn Jacke.
vl recently pointed me to a valid reason to use posix locking = no.
Fix the smb.conf manpage to explain this reason, as this question
comes up on the samba mailing list from time to time as well.
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Wed Dec 1 10:37:30 CET 2010 on sn-devel-104
This boolean option controls whether at exit time the server dumps a list of
files with debug level 0 that were still open for write. This is an
administrative aid to find the files that were potentially corrupt if the
network connection died.
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
Jeremy.
Thanks to the Debian samba package maintainers
<pkg-samba-maint@lists.alioth.debian.org> for providing the patch!
Fix bug #7017 (Typos and spelling errors in manpages).
Karolin
in the "user.DOSATTRIB" EA. From the docs:
In Samba 3.5.0 and above the "user.DOSATTRIB" extended attribute has been extended to store
the create time for a file as well as the DOS attributes. This is done in a backwards compatible
way so files created by Samba 3.5.0 and above can still have the DOS attribute read from this
extended attribute by earlier versions of Samba, but they will not be able to read the create
time stored there. Storing the create time separately from the normal filesystem meta-data
allows Samba to faithfully reproduce NTFS semantics on top of a POSIX filesystem.
Passes make test but will need more testing.
Jeremy.
When something in the cluster blocks, it can happen that we wait indefinitely
long for ctdb, just adding to the blocking condition. In theory, nothing should
block, but as someone said "In practice the difference between theory and
practice is larger than in theory". This adds a timeout parameter in seconds,
after which we stop waiting for ctdb and panic.
This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of
transitive AD trusts. The workaround is to add a [capaths] directive to
/etc/krb5.conf, which we don't automatically put into the krb5.conf winbind
creates.
The alternative would have been something like a "krb5 conf include", but I
think if someone has to mess with /etc/krb5.conf at this level, it should be
easy to add the site-local KDCs as well.
Next alternative is to correctly figure out the [capaths] parameter for all
trusted domains, but for that I don't have the time right now. Sorry :-)
This changelist allows for the addition of custom performance
monitoring modules through smb.conf. Entrypoints in the main message
processing code have been added to capture the command, subop, ioctl,
identity and message size statistics.
-Correct the parameter names.
-Fix typos.
-Fix related parameters.
This fixes bug #6008.
Thanks to TAKAHASHI Motonobu <monyo@samba.gr.jp> for reporting!
Karolin
The default timeout for connections to CUPS servers is set
to 5 minutes in the CUPS libraries. The smbd hangs on startup
until the timeout is reached if the CUPS server is unreachable.
This parameter makes the timeout configurable. The default value
is set to 30 seconds.
Karolin
reconnect code to cope with rebooting a DC. This
replaces the code I asked Volker to revert.
The logic is pretty simple. It adds a new parameter,
"winbind reconnect delay", set to 30 seconds by
default, which determines how long to wait between
connection attempts.
To avoid overwhelming the box with DC-probe
forked children, the code now keeps track of
the DC probe child per winbindd_domain struct
and only starts a new one if the existing one
has died.
I also added a little logic to make sure the
dc probe child always sends a message whatever
the reason for exit so we will always reschedule
another connect attempt.
Also added documentation.
Jeremy.
(This used to be commit 8027197635)
Have no idea why the previous sequence of characters was causing
iconv to choke on my Ubuntu 8.04. Reword the entry some
for clarity and to advoid this failure.
(cherry picked from commit b0b4bd2466)
(This used to be commit 4d89c39f26)
Fixed manpages generation to properly create handle smb.conf parameters' titles
Changed HTML generator to include links for every smb.conf parameter.
Now we have correct linking between different HTML documents.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
(This used to be commit 056935ff1f)
