IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
There is no need to call pdb_set_pass_must_change_time() because
nothing ever consults that value. It is always calculated from the
domain policy.
Also, this means we no longer store the value in LDAP. The value
would only ever be set when migrating from tdbsam or smbpasswd, not on
password changes, so would become incorrect over time.
Andrew Bartlett
In this case, the blob is already in memory, so it is easier to return the full
blob to the caller, and let the caller decide if some interface restriction
stops the full blob from being passed all the way up the stack.
This allows us to quickly write a python wrapper for this xattr storage
mechanism.
Andrew Bartlett
This will allow db_open_tdb() to be called from common code, which may
already have a loadparm context loaded.
It also slowly moves the lp_ctx up the stack, as required to remove
the library loop between smbconf and the registry.
Andrew Bartlett
From notify_internal.c:
/*
* The notify database is split up into two databases: One
* relatively static index db and the real notify db with the
* volatile entries.
*/
This change is necessary to make notify scale better in a cluster
This will help notify torture tests: A tevent barrier can be waited on with
tevent_barrier_wait_send/recv. The barrier is initialized with a number of
requests that it will accept waiting. When that number is reached, all those
requests will be released and their callback will be called. The barrier will
be free for re-use again.
This is a void* that represents a signal handler attached to some
custom tevent_context. This is necessary to make the tdb based
messaging infrastructure trigger its business when we are sitting in
tevent_loop_once for an event context that is not the main one in the
messaging context.
This is designed to spread the load on individual ctdb records to allow upper
layers to do backoff mechanisms. In the ctdb case, do not get the record if a
local lock is already taken. If we are not dmaster, do at most one migrate
attempt.
For the tdb case, this is a nonblocking fetch_locked. If someone else has the
lock, give up.
This is a caching layer for the notify database and potentially for the brlock
database. It caches the parse_record operation as long as the underlying seqnum
does not change.
Windows server doesn't set the SMB2_SESSION_FLAG_IS_GUEST nor
SMB2_SESSION_FLAG_IS_NULL flag.
This fix makes sure we don't try to verify a signature on the
final session setup response.
metze
sys/inotify.h was added to glibc 2.4 in 2006.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Apr 13 21:15:00 CEST 2012 on sn-devel-104
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Apr 13 02:23:36 CEST 2012 on sn-devel-104
This way we can't end up with a mismatch between outstanding events and the counter.
We may still have problems with canceling and not correctly freeing the aio
struct, but at least the counter won't get out of sync anymore.
fixed by Volker for vfs_aio_fork as ref 0aacdbfada.
From that change:
aio_suspend does not signal the main process with a signal, it just waits. The
aio_fork module does not use the signal at all, it directly calls back into the
main smbd by calling smbd_aio_complete_aio_ex. This is an abstraction
violation, but the alternative would have been to use signals where they are
not needed. However, in wait_for_aio_completion this bites us: With aio_fork we
call handle_aio_completed twice on the same aio_ex struct: Once from the call
to handle_aio_completion within the aio_fork module and once from the code in
wait_for_aio_completion.
Fix this differently here by not calling directly back into smbd,
but using a new function aio_linux_setup_returns() to setup the
return values that wait_for_aio_completion() in the main smbd
will pick up by calling handle_aio_completd().
The remaining gssapi_parse functions were used exclusively in
gensec_krb5. Move them there and make them static.
Signed-off-by: Andreas Schneider <asn@samba.org>
This is clearly a utiliy function generic to gensec. Also the 3 callers
had identical implementations. Provide a generic implementation for all
of them and avoid duplicating the code everywhere.
Signed-off-by: Andreas Schneider <asn@samba.org>
if kernel oplocks are not enabled for that share, we can grant level2 oplocks
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Apr 11 22:45:21 CEST 2012 on sn-devel-104
We don't need to do a talloc here, we already have a long-lived
pointer we can pass in as the private data.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Apr 11 08:05:47 CEST 2012 on sn-devel-104
This isn't strictly required - this isn't a build break at the moment,
but is a good practice to directly depend on the major libraries we
use, and helps us to have more fine-grained rather than global
dependencies.
Andrew Bartlett
We've just talloc_asprintf'ed the fullpath, so talloc_get_size knows the
strlen.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Apr 10 13:20:22 CEST 2012 on sn-devel-104
On platforms that don't have an RT signal space, signal initialization
fails. aio_fork and aio_pthread don't need the signal, so this would
block them from running as well.
The delete tokens are unique to each name hash representing a pathname,
if we don't correctly return here we'll add duplicate tokens for a
given pasname hash.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Apr 7 02:13:58 CEST 2012 on sn-devel-104
on a 32-bit system and defined as a long, then inside vfswrap_get_alloc_size()
we cast to a uint64_t. This sign-extends when converting to unsigned,
so if the high bit of st_ex_blksize is set we return insane values to clients.
Now that we always require a 64 bit off_t, we no longer need SMB_OFF_T.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Apr 6 01:47:43 CEST 2012 on sn-devel-104
(We also already use any other macro as set by getconf LFS_CFLAGS, and
the standard AC_SYS_LARGEFILE macro in libreplace).
This is instead of using the transitional *64 posix largefile API
Andrew Bartlett
Use correct check to see if veto files has been enabled. Even if not
set lp_veto_files() returns a valid string address (to a '\0' character).
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Apr 5 01:36:04 CEST 2012 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Apr 3 19:19:33 CEST 2012 on sn-devel-104
This removes the last user of ads_verify_ticket(), and means that we
only have one code path to verify an incoming krb5 (GSSAPI) ticket.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Otherwise, really simple clients (such as the current ntlm_auth gss-spnego client)
will not select krb5.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This imports the gensec handling code from the source4 ntlm_auth, which
will eventually be used for all the NTLMSSP and SPNEGO clients and servers
but which is only used for gss-spnego for now.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is a module that, like vfs_xattr_tdb, stores extended attributes
in a DB on disk. This uses the format needed to support the
posix:eadb smb.conf option.
Andrew Bartlett
aio_suspend does not signal the main process with a signal, it just waits. The
aio_fork module does not use the signal at all, it directly calls back into the
main smbd by calling smbd_aio_complete_aio_ex. This is an abstraction
violation, but the alternative would have been to use signals where they are
not needed. However, in wait_for_aio_completion this bites us: With aio_fork we
call handle_aio_completed twice on the same aio_ex struct: Once from the call
to handle_aio_completion within the aio_fork module and once from the code in
wait_for_aio_completion.
This patch fixes it in a pretty bad way by introducing flag variables and more
state. But the mid-term plan is to replace the posix aio calls from the vfs and
do pread_send/recv and pwrite_send/recv at the vfs layer, so this will
significantly change anyway.
Thanks to Kirill Malkin <kirill.malkin@starboardstorage.com> for reporting this
crash!
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sat Mar 31 15:25:55 CEST 2012 on sn-devel-104
This removes a dependency on "struct notify_entry" and makes the nature of the
API more explicit. We depend upon the VFS module to mask out elements from
e->filter and e->subdir_filter that it took over to handle.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Mon Mar 26 17:45:44 CEST 2012 on sn-devel-104
The performance of these is minimal (these days) and they can return
invalid results when used as part of applications that do not use
sys_fork().
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104
The smaller libraries are currently all trivial in size and don't have
any dependencies other than samba-util.
Having lots of small private libraries is a pain for packaging,
and there isn't much advantage in this.
if setting the lease in GPFS failed, there is not much sense in trying
to set a lease just locally that would not inform us of openers
on other cluster nodes
GPFS provides the gpfs_prealloc call. Implement the fallocate
callback with mode VFS_FALLOCATE_EXTEND_SIZE using this call.
There is no support for VFS_FALLOCATE_KEEP_SIZE, so report
this mode as not available.
When a client requests the information about free space and space used,
adjust the reported values according to quotas in the GPFS file system:
- Retrieve quotas for the current user, current group and fileset for
the top level of the share.
- If the soft block quota grace time has expired, report disk as full.
- If a hard block quota has been exceeded, report disk as full.
- If none of the hard block quotas been exceeded, report
share size and free space according to the lowest limits found in
the quotas.
- If no applicable hard block quota has been set, report the
information from the statfs call.
This feature is disabled by default and has to be enabled by setting the
option gpfs:dfreequota.
Add the GPFS api calls for reporting the quotas and free space:
- get_gpfs_quota for querying a quota
- get_gpfs_fset_id for mapping a path to a fileset id
Based on code from Richard Sharpe. Move to talloc from malloc.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Mar 22 00:20:41 CET 2012 on sn-devel-104
We only need one notify_ctx per smbd. The notify_array can become quite large.
It's based on absolute paths, so there's no point in having a copy of the
complete array in memory multiple times.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Wed Mar 21 14:26:07 CET 2012 on sn-devel-104
This ensures that we have some check on the session keys being returned
as the RC4 cipher is not checksumed.
The check comes from the fact that the credentials chain is tied to
the session key, and so if the credentials check passes then the
netlogon session key will be correct, and so the user session key
will be correctly decrypted.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Mar 19 21:31:46 CET 2012 on sn-devel-104
This fixes a coredump with a NULL DACL in add_directory_inheritable_components().
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Mar 17 01:05:57 CET 2012 on sn-devel-104
With --export-dynamic flag on OpenBSD 5.x, extra symbols get added in the
data segment which causes ABI generation script to fail.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Fri Mar 16 16:04:31 CET 2012 on sn-devel-104
This will help later if we have to handle a SMB2TreeDisconnect different
compared to a SMB2SessionLogoff and a TCPDisconnect.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Mar 15 21:56:09 CET 2012 on sn-devel-104
This applies to all child processes making use of reinit_after_fork().
It is implemented by establishing a pipe between parent and child.
The child watches for EOF on the read end of the pipe, indidcating
an exited parent.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Mar 15 12:43:41 CET 2012 on sn-devel-104
It's not necessary to keep the global notify record locked during
the inotify and notify_onelevel.tdb operations.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
On some platforms you can not debug coredumps after the default signal handler
gets done dumping core. This allows waf to have an option to disable our
default signal handler.
This matches the autoconf build, and should partially address bug #8709.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Mar 15 01:12:15 CET 2012 on sn-devel-104
