IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This reverts commit 50c891d3dfb75c9f607f7ad2a578aa3ba5d91988.
There's more to this code -- sorry for the spam
(This used to be commit 6e0e0cb8dd6f57de36c041e2ba4b82feeb357ce8)
With the old code, if more than VUID_CACHE_SIZE elements were used all new
entries ended up in slot 0. With this checkin we do cycle.
Jeremy, please revert if the old behaviour was intentional
(This used to be commit 50c891d3dfb75c9f607f7ad2a578aa3ba5d91988)
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
since any SID/uid/gid translation calls will reset the struct when
popping the security ctx. This should fix the standalone server
configuration issues reported by David Rankin (thanks for the logs).
(This used to be commit 63cb25bad19d9600399a6ee2221497d71e805320)
acls code. I'm pretty sure this was safe, but become_root()
does other things to the token stack that become_root_uid_only()
does not, and as we're going into a vfs redirectred function
I decided it wasn't safe for now.
Jeremy.
(This used to be commit b3e0f45488595aa96c852dab8e1349631a85dded)
and the decision which token to use (conn or vuser) does not really belong
here, it is better done in the two places where this is called.
Volker
(This used to be commit 0a138888adf7a0f04a38cd911e797e1a379e908b)
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
by saving the UNIX token used to set a delete on close flag,
and using it when doing the delete. libsmbsharemodes.so still
needs updating to cope with this change.
Samba4 torture tests to follow.
Jeremy.
(This used to be commit 23f16cbc2e8cde97c486831e26bcafd4ab4a9654)
iterator functions so it can be used easily in a for loop.
Drops duplicated code from posix_acls.c
Jeremy.
(This used to be commit 81f30bf5985f5c6dc8399c4695dfa6f14140fde1)
security descriptor, allow read access. The code failed in this case.
Jeremy, could you please cross-check this? The way I understood your code it
could only work if smb.conf and secdesc said the same. This made the use of
srvmgr a bit difficult.... What was your intention on how to use the
share_info.tdb?
The current code might check the secdesc twice, but I don't see any decent way
around it that does not completely clutter the code.
Volker
(This used to be commit 7c673bd910e1fcbbf07198f38ceddd81e9064c11)
pam_smbpass.so will load ok. Had to move some functions around to work
around dependency problems (hence the new passdb/lookup_sid.c)
Also make sure that libsmbclient.a is built and installed when
we support shared libraries.
(This used to be commit 780055f4422f11fb0524ac1f003cdc5f317f8b19)
Still testing this, but I'm checking it in
so Volker can test it as well. Should be right.
(This used to be commit 8edf193722f699cc33baed410917a78a5e28d0a4)
purpose. Replace with an array of SAM_ACCOUNT/DOMAIN_GRP entries.
ZERO struct's in smbd/uid.c stops core dumps when sid_to_XX
functions fail. Getting ready to add caching.
Jeremy.
(This used to be commit 9d0692a54fe2cb087f25796ec2ab5e1d8433e388)
* remove idmap_XX_to_XX calls from smbd. Move back to the
the winbind_XXX and local_XXX calls used in 2.2
* all uid/gid allocation must involve winbindd now
* move flags field around in winbindd_request struct
* add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id()
to prevent automatic allocation for unknown SIDs
* add 'winbind trusted domains only' parameter to force a domain member
server to use matching users names from /etc/passwd for its domain
(needed for domain member of a Samba domain)
* rename 'idmap only' to 'enable rid algorithm' for better clarity
(defaults to "yes")
code has been tested on
* domain member of native mode 2k domain
* ads domain member of native mode 2k domain
* domain member of NT4 domain
* domain member of Samba domain
* Samba PDC running winbindd with trusts
Logons tested using 2k clients and smbclient as domain users
and trusted users. Tested both 'winbind trusted domains only = [yes|no]'
This will be a long week of changes. The next item on the list is
winbindd_passdb.c & machine trust accounts not in /etc/passwd (done
via winbindd_passdb)
(This used to be commit 8266dffab4aedba12a33289ff32880037ce950a8)
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.
Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.
The code has been tested and seem to work right, more testing is needed for
corner cases.
Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)
Simo.
(This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
- user_ok() and user_in_group() now take a list of groups, instead of
looking for the user in the members of all groups.
- The 'server_info' returned from the authentication is now kept around
- in future we won't copy the sesion key, username etc, we will just
referece them directly.
- rhosts upgraded to use the SAM if possible, otherwise fake up based on
getpwnam().
- auth_util code to deal with groups upgraded to deal with non-winbind domain
members again.
Andrew Bartlett
(This used to be commit 74b5436c75114170ce7c780c19226103d0df9060)
caching code. Reduces load on winbindd. Probably should be moved to
use gencache at some future date.
Jeremy.
(This used to be commit f2674d1ac94fd5928754b8176cdd65eda50bf66e)
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
- off-by-one fix - fixes warnings about insufficent space in buffer.
- fix a memleak in uid.c - we forgot to free() the allocated struct.
(This used to be commit b8951a6551b352e4aac7e8b0ecf7fec3f2d9634e)
