IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The flags FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL
FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_META
were only used in swat. Remove these, since swat does
no longer exist.
Flags FLAG_DEPRECATED, FLAG_DEFAULT, FLAG_HIDE are used and hence kept.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
There are still many files to touch before we can remove the #define but this
gets the last include files in source3/includes.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allson <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 1 21:52:25 CEST 2015 on sn-devel-104
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11245
We were supplying an empty value for the "host" binding string option, causing
dcerpc_binding_vector_add_port() call to fail.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Apr 30 15:14:27 CEST 2015 on sn-devel-104
Streams implementing VFS modules may implement streams in a way that the
fsp will have the basefile open in the fsp fd, so lacking a distinct fd
for the stream, kernel_flock will apply on the basefile which is
wrong. The actual check is deffered to the VFS module implementing the
kernel_flock call.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11243
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Replace all callers with direct calls to server_id_str_buf without
talloc_tos()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fall back to POSIX ACLs in this case.
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Apr 28 13:19:25 CEST 2015 on sn-devel-104
If cli is not set, only attempt numeric conversions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11237
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This will allow moving code to a shared file without relying on a global
variable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11237
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We now have reset_delete_on_close_lck, this was called with "true"
everywhere now.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Boolean flags passed down make things more complex than necessary...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
smbd_reinit_after_fork is a simple wrapper around reinit_after_fork that
should be used after forking from the main smbd.
At the moment the only additional step it performs is resetting
am_parent to NULL.
A subsequent commit will make use of this function.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is only used in command line contexts, especially for testparm
which relies on safe defaults. The only changed use is in sharesec,
but it does not harm to also safe the defaults there.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
This is only ever called in client context, and only called once.
So there is no point at all in requesting reinit_globals.
Set it to false.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
This is the initial loading of the config in the daemons (and some tools).
So we should save the defaults here. This should especially take into account
some dynamic defaults like log file and maybe some changed values
handed in via the command line.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
This is not called from the server (which loads registry shares lazily),
so add_ipc is always false...
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
There is no point in choosing global_only when forcing to load
all shares from registry at the same time...
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Most common pattern with shares, including IPC,
but not forcing immediate loading of all registry shares.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 22 06:22:29 CEST 2015 on sn-devel-104
This is needed on Solaris.
It fixes https://bugzilla.samba.org/show_bug.cgi?id=11217
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 22 03:43:30 CEST 2015 on sn-devel-104
Signed-off-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 22 01:04:02 CEST 2015 on sn-devel-104
The error code path in case fsp == NULL misses a call
tevent_req_nterror().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Apr 21 22:14:07 CEST 2015 on sn-devel-104
Signed-off-by: Anoop C S <achiraya@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 18 01:33:04 CEST 2015 on sn-devel-104
Based on an idea by Volker to optimize cpu usage when
parsing struct share_mode_data entries.
Add a 64-bit sequence number to the share mode entry,
and after the entry is stored back in the db, cache
the in-memory version using talloc reparenting into the
memcache. The memcache key used is the same struct file_id
used as the key into the locking db.
On read, check if the locking db version sequence number
matches the in-memory cache, and if so reparent the
memcache version back onto the required memory context.
Saves all the ndr decoding when multiple accesses to the
same lock entry happen in succession.
Design also improved by Metze and Ira.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr 17 22:38:34 CEST 2015 on sn-devel-104
we need to map 0x01-0x1F to 0xF001-0xF01F as 0x01-0x1F are win32 illegal
characters.
see https://support.microsoft.com/en-us/kb/kbview/117258
Even if the MS KB article writes "invalid ntfs characters" they are actually
not illegal in ntfs, just in the win32 API.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11221
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Ralf Böhme <slow@samba.org>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Fri Apr 17 20:00:48 CEST 2015 on sn-devel-104
Call get_gpfs_quota directly from vfs_gpfs_disk_free_quota to get user
and group quotas.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Querying the fileset id requires additional GPFS API calls and also
opening a directory, which might have other side effects. A better
option would be configuring the file system with --filesetdf, then the
fileset quota is automatically reflected in the free space information
reported from gpfs.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 16 23:44:00 CEST 2015 on sn-devel-104
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 16 07:30:30 CEST 2015 on sn-devel-104
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 16 00:37:28 CEST 2015 on sn-devel-104
On cache_key allocation failure, set_printer_hnd_name() currently
stumbles through the rest of the function, and includes extra logic to
handle a NULL key later on.
Handling the allocation failure early makes sense, and also allows for
the NULL key checks to be removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Apr 15 18:55:50 CEST 2015 on sn-devel-104
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <rb@sernet.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 15 05:57:25 CEST 2015 on sn-devel-104
Currently the name cache is only cleared on printer deletion. This means
that if a printer undergoes a name change, the old name remains in the
cache and can be subsequently used incorrecly if another printer takes
the same name as the old.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11210
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 14 05:37:50 CEST 2015 on sn-devel-104
Bug #11186: Crash seen in libsmbclient due to free of server structure during SMBC_getxattr() call
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11186
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Apr 14 02:58:43 CEST 2015 on sn-devel-104
https://bugzilla.samba.org/show_bug.cgi?id=11199
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Apr 9 16:57:15 CEST 2015 on sn-devel-104
Not used right now, but prevent future confusion.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Apr 8 19:36:36 CEST 2015 on sn-devel-104
If a vfs module has no ACL callbacks, smbd will use its default ACL
callbacks. These default ACL callbacks operate on local filesytem,
it's clearly wrong for ceph case.
libcephfs does not support ACL yet, so this patch adds ACL callbacks
that do nothing.
Signed-off-by: Yan, Zheng <zyan@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
libcephfs version 0.94 adds 'file descriptor' version xattr functions.
This patch makes corresponding samba VFS callbacks use these new
functions.
Signed-off-by: Yan, Zheng <zyan@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
If we set 'winbind use default domain' and specify 'force user = user'
without a domain name we fail to log in. In this case we need to try a
lookup with the domain name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11185
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 31 21:17:23 CEST 2015 on sn-devel-104
With FSRVP server support now present along with suitable mock-up test
infrastructure, run the FSRVP test suite against s3fs.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The shell_snap VFS module plumbs into the snapshot (aka shadow-copy)
management paths used by Samba's File Server Remote VSS Protocol (FSRVP)
server.
The following shell callouts may be configured in smb.conf:
shell_snap: check path command
- Called when an FSRVP client wishes to check whether a given
share supports snapshot create/delete requests.
- The command is called with a single <share path> argument.
- The command must return 0 if <share path> is capable of being
snapshotted.
shell_snap: create command
- Called when an FSRVP client wishes to create a snapshot.
- The command is called with a single <share path> argument.
- The command must return 0 status if the snapshot was
successfully taken.
- The command must output the path of the newly created snapshot
to stdout.
shell_snap: delete command
- Called when an FSRVP client wishes to delete a snapshot.
- The command is called with <base share path> and
<snapshot share path> arguments.
- The command must return 0 status if the snapshot was
successfully removed.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This patch implements some simple FSRVP server housekeeping. On startup
the server scans the cached entries, any entries where the underlying
system paths associated with shadow copies no longer exist are removed
from the cache and from the registry.
This behaviour is disabled by default, but can be enabled via the new
"fss: prune stale" smb.conf parameter.
Signed-off-by: Noel Power <noel.power@suse.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The Samba fss_agent RPC server is an implementation of the File Server
Remote VSS (Volume Shadow Copy Service) Protocol, or FSRVP for short.
FSRVP is new with Windows Server 2012, and allows authenticated clients
to remotely request the creation, exposure and deletion of share
snapshots.
The fss_agent RPC server processes requests on the FssAgentRpc named
pipe, and dispatches relevant snapshot creation and deletion requests
through to the VFS.
The registry smb.conf back-end is used to expose snapshot shares, with
configuration parameters and share ACLs cloned from the base share.
There are three FSRVP client implementations that I'm aware of:
- Samba rpcclient includes fss_X commands.
- Windows Server 2012 includes diskshadow.exe.
- System Center 2012.
FSRVP operations are only processed for users with:
- Built-in Administrators group membership, or
- Built-in Backup Operators group membership, or
- Backup Operator privileges, or
- Security token matches the initial process UID
MS-FSRVP specifies that server state should be stored persistently
during operation and retrieved on startup. Use the existing fss_srv.tdb
FSRVP state storage back-end to satisfy this requirement.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Extend vfs_snapper to support the new remote snapshot creation and
deletion hooks added for FSRVP.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The "btrfs: manipulate snapshots" smb.conf parameter is disabled by
default, to encourage use of, and pass requests through to, the
vfs_snapper module.
When enabled, issue BTRFS_IOC_SNAP_CREATE_V2 and BTRFS_IOC_SNAP_DESTROY
ioctls accordingly. The ioctls are issued as root, so rely on permission
checks in the calling FSRVP server process.
Base share paths must exist as btrfs subvolumes in order to
be supported for snapshot operations.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This change adds three new VFS hooks covering snapshot manipulation:
- snap_check_path
Check whether a path supports snapshots.
- snap_create
Request the creation of a snapshot of the provided path.
- snap_delete
Request the deletion of a snapshot.
These VFS call-outs will be used in future by Samba's File Server Remote
VSS Protocol (FSRVP) server.
MS-FSVRP states:
At any given time, Windows servers allow only one shadow copy set to
be going through the creation process.
Therefore, only provide synchronous hooks for now, which can be
converted to asynchronous _send/_recv functions when the corresponding
DCE/RPC server infrastructure is in place.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
MS-FSRVP specifies:
the server MUST persist all state information into an implementation-
specific configuration store.
This change adds a fss_srv TDB database to preserve FSRVP server state,
with the following keys used to track shadow copy state and hierarchy:
- sc_set/<shadow copy set GUID>
A shadow copy set tracks a collection of zero or more shadow copies,
as initiated by a StartShadowCopySet FSRVP client request.
- sc_set/<shadow copy set GUID>/sc/<shadow copy GUID>
A shadow copy defines information about a snapshot base volume, the
snapshot path, and a collection of share maps. It is initiated by an
AddToShadowCopySet client request.
- sc_set/<shadow copy set GUID>/sc/<shadow copy GUID>/smap/<smap GUID>
A share map tracks new shares that are created to expose shadow
copies.
All structures are marshalled into on-disk format using the previously
added fsrvp_state IDL library.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Instead of having every 2nd byte as '\0' in the utf16 password,
because the utf8 form is based on an ascii subset, we convert
the random buffer from CH_UTF16MUNGED to CH_UTF8.
This way we have a random but valid utf8 string,
which is almost like what Windows is doing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
We should maintain current and previous passwords on both sides of the trust,
which mean we need to pass our view of the new version to the remote DC.
This avoid problems with replication delays and make sure the kvno
for cross-realm tickets is in sync.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Using pdb_get_trust_credentials() works for all kind of trusts
and gives us much more details regarding the credentials.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
SEC_CHAN_DNS_DOMAIN trusts use longer passwords, Windows uses 240 UTF16 bytes.
Some trustAttribute flags may also make impact on the length on Windows,
but we could be better if we know that the remote domain is an AD domain.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
The number of current and previous elements need to match and we have to
fill TRUST_AUTH_TYPE_NONE if needed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
