IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
might be ugly, etc - please don't blame me for anything but instead try to fix
the code :-). Compiling of the new sam system can be enabled with the
configure option --with-sam
Removing passdb/passgrp.c as it's unused
fix typo in utils/testparm.c
Just now it is acommandline tool like smbclient and rpcclient that is able to
perform operations on the file system passing through the vfs layer
It is not complete yet, some functions have simply faked up data, but module
loading works yet and basic operations too.
Thanks to Eric Lorimer for helping out with the initial setup.
Simo.
'system_smbd.c' file, where it can link with become_root() and unbecome_root(),
and therefore avoiding some nasty 'it workes on linux' bugs.
(The replacement function is implemented in terms of initgroups(), which is
naturally only avaliable to root).
Andrew Bartlett
Tridge suggested a generic caching mechanism for Samba to avoid the
proliferation of little cache files hanging around limpet like in the
locks directory. Someone should probably implement this at some
stage.
dependencies. This benifits packagers (like debian) becouse then our client
code won't have references to 'server only' libraries.
(In particular, it removes the client dependency on CUPS, which was raised in
a debian bug report).
Andrew Bartlett
will make it easier to prove this package correct from an audit point of view.
smbumount to follow, but it uses pstrcpy() so I'll need to decide what to do
with that.
Andrew Bartlett
*.o) and implment new enum_dom_users code in the SAMR RPC subsystem.
Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the
eventual hope that we might one day support muliple domains off a single
passdb. To extract the RID, we use sid_peek_check_rid(), and supply an
'expected' domain SID.
The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to
srv_samr_util.c, to ease linking in passdb users.
Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in
pdb_compat.c
Andrew Bartlett
Now smbclient, net, and swat use their own proto files - now the global
proto.h
The change to libads/kerberos.c was to break up the dependency on secrets.c -
we want to be able to write an ADS client that doesn't need local secrets.
I have other breakups in the works - I will remove the dependency of
rpc_parse on passdb (and therefore secrets.c) shortly.
(NOTE: This patch does *not* break up includes.h, or other such forbidden
actions).
Andrew Bartlett
this:
More code cleanup - this lot a bit more dodgy than the last:
The aim is to trim pwd_cache down to size. Its overly complex, and a
pain to deal with. With a header comment like this:
'obfusticaion is planned'
I think it deserved to die (at least partly).
This was being done to allow 'cli_establish_connection' to die - its
functionality has been replaced by cli_full_connection(), which does
not duplicate code everywhere for creating names etc.
This also removes the little 'init' fucntions for the various pipes,
becouse they were only used in one place, and even then it was dodgy.
(I've reworked smbcacls not to use anonymous connections any more, as
this will (should) fail with a 'restrict anonymous' PDC).
This allowed me to remove cli_pipe_util.c, which was calling
cli_establish_connection.
tpot: I'm not sure what direction you were going with the client stuff,
and you may well have been wanting the init functions. If thats the case,
give me a yell and I'll reimplement them against cli_full_connection.
Andrew Bartlett
the DATA_BLOB code into its own file.
It would be nice to go over some of the other util.c functions, and check
that we still use them all, and that we use them in more than one place.
Andrew Bartlett
cleanup some of the code in net_rpc_join re const warnings and
fstrings.
Passdb:
Make the %u and %U substituions in passdb work.
This is done by declaring these paramters to be 'const' and doing
the substitution manually. I'm told this is us going full circle,
but I can't really see a better way.
Finally these things actually seem to work properly...
Make the lanman code use the pdb's recorded values for homedir etc
rather than the values from lp_*()
Add code to set the plaintext password in the passdb, where it can
decide how to store/set it. For use with a future 'ldap password
change' option, or somthing like that...
Add pdb_unix, so as to remove the 'not in passdb' special cases from the
local_lookup_*() code. Quite small, as it uses the new 'struct passwd ->
SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd)
Other:
Fix up the adding of [homes] at session setup time to actually pass
the right string, that is the unix homedir, not the UNC path.
Fix up [homes] so that for winbind users is picks the correct name.
(bad interactions with the default domain code previously)
Change the rpc_server/srv_lsa_nt.c code to match NT when for the
SATUS_NONE_MAPPED reply: This was only being triggered on
no queries, now it is on the 'no mappings' (ie all mappings failed).
Checked against Win2k.
Policy Question: Should SID -> unix_user.234/unix_group.364 be
considered a mapping or not? Currently it isn't.
Andrew Bartlett
This option was badly maintained, useless and confused our users and
distirbutors. (its SSL, therfore it must be good...)
No windows client uses this protocol without help from an SSL tunnel.
I can't see any reason why setting up a unix-side SSL wrapper would
be any more difficult than the > 10 config options this mess added
to samba in any case.
On the Samba client end, I think the LIBSMB_PROG hack should be
sufficient to start stunnel on the unix side. We might extend this
to take %i and %p (IP and port) if there is demand.
Andrew Bartlett
