1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

85525 Commits

Author SHA1 Message Date
Volker Lendecke
4da8984c1b sharesec: Document -v/--view
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-26 16:49:34 +02:00
Volker Lendecke
780e2b092d sharesec: Implement --view-all
Listing individual shares can be quite slow when you have a lot of shares. This
implements a --view-all option that prints something like

[share1]
REVISION:1
OWNER:(NULL SID)
GROUP:(NULL SID)
ACL:S-1-1-0:ALLOWED/0/FULL

[share2]
REVISION:1
OWNER:(NULL SID)
GROUP:(NULL SID)
ACL:S-1-1-0:ALLOWED/0/FULL

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-26 16:49:33 +02:00
Christian Ambach
4ee73fd97b s3:smbd/close remove filesystem lock before removing sharemode
otherwise we are open for a race condition:

opener 1 opens file and closes it
- during the close, the share mode entry will be removed from
  locking.tdb, but share mode in the file system will be dropped later
  after delete_on_close and write time updates have been done

opener 2 requests open of same file with file overwrite
- locking.tdb does not list original entry, but file system share mode
  is still around
- VFS_FTRUNCATE will fail and error was converted to STATUS_ACCESS_DENIED

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Tue Jun 25 14:48:44 CEST 2013 on sn-devel-104
2013-06-25 14:48:44 +02:00
Christian Ambach
935992fc55 s3:smbd/close use common exit path
do not return early here, but use the common exit path that will
remove the share mode from the record

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25 12:54:06 +02:00
Christian Ambach
245b5ffdde s3:lib add mapping for ETXTBSY
add ETXTBSY to the errno->STATUS conversion table.
It will be mapped to STATUS_SHARING_VIOLATION

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25 12:54:00 +02:00
Daniel Gan-Levi
526f0dff96 s3-ctdb: Fix auto-enabling of CTDB readonly support
This fixes Bug 9957

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9957
Signed-off-by: Daniel Gan-Levi <danielg@il.ibm.com>
Reviewed-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25 12:53:54 +02:00
Christian Ambach
c9924ebccd s3:smbd/aio mark file as modified in the SMB2 case
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25 12:53:46 +02:00
Christian Ambach
e65c53226c nsswitch: fix a comment
the beginning if is only ifdef LINUX now, not the long list this comment refers to

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25 12:53:28 +02:00
Andrew Bartlett
48ae86f74c heimdal_build: Add missing dep on samba4kgetcred
This started to fail on current Debian Sid with system Heimdal after a binutils update.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 25 02:30:59 CEST 2013 on sn-devel-104
2013-06-25 02:30:59 +02:00
Andrew Bartlett
7bf8fc7ca2 torture: Add tests for LDAP substring search with no strings provided
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 24 23:55:07 CEST 2013 on sn-devel-104
2013-06-24 23:55:07 +02:00
Andrew Bartlett
70cb7fd214 libcli/ldap: Cope with substring match with no chunks in ldap_push_filter
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-24 12:54:26 -07:00
Andrew Bartlett
4ca9639269 ldb: bump version to allow a depencency on the substring crash fix
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-24 12:54:22 -07:00
Andrew Bartlett
1a279f74b7 ldb: Cope with substring match with no chunks in ldb_filter_from_tree
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-24 12:54:18 -07:00
Jeremy Allison
32d0b75afb Note how vfs_gpfs uses the "acl map full control" parameter.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 24 21:24:38 CEST 2013 on sn-devel-104
2013-06-24 21:24:38 +02:00
Jeremy Allison
056e636778 Add missing documentation for vfs_zfsacl.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-24 19:33:34 +02:00
Jeremy Allison
b00d9d2453 Use existing "acl map full control" parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's.
Windows maps an open request of GENERIC_ALL on files to 0x1FF specific bits, which
includes DELETE_CHILD even though this has no meaning on file ACE's. If a returned
NFSv4 ACE entry for a file has all other specific bits set except for DELETE (which
comes from the containing directory) and DELETE_CHILD (which has no meaning) then
optionally add it into the returned ACE entry.

This is using the same parameter in the same way as it is currently used
in smbd/posix_acls.c. Note that as this parameter is on by default, it
is already being tested in the existing raw.acl tests.

Fixes issue with Microsoft SMB2 torture test suite found at the interop event
in Redmond, WA.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-24 19:33:34 +02:00
David Disseldorp
398ee49bda s3/smbclient: fix incorrect command tab completions
smbclient commands can offer tab-completion for local and remote paths.
This behaviour is specified for the first two arguments using the
compl_args entry in the commands struct.
This change fixes a number of incorrectly specified compl_args values.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Aurélien Aptel <aurelien.aptel@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jun 24 19:32:54 CEST 2013 on sn-devel-104
2013-06-24 19:32:53 +02:00
Andrew Bartlett
d544d178f0 build: Remove the struct MD5Context conf file check.
Fix the build.

Reviewed-by: Jeremy Allison <jra@samba.org>
Tested-by: Christian Ambach <ambi@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Mon Jun 24 14:11:09 CEST 2013 on sn-devel-104
2013-06-24 14:11:09 +02:00
Simo Sorce
9b88166f45 lsa4: Fix a set but unused variable warning
Also insure that we exit immediately on any error.

Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 24 12:17:52 CEST 2013 on sn-devel-104
2013-06-24 12:17:52 +02:00
Andrew Bartlett
0ee8650d77 ldb: Ensure not to segfault on a filter such as (mail=)
As reported by Robin McCorkell <xenopathic@gmail.com> triggered by
Mozilla Thunderbird as an LDAP client.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 22 09:33:14 CEST 2013 on sn-devel-104
2013-06-22 09:33:14 +02:00
Steve French
bbe09b3319 Add missing SMB2/SMB3 share capability flag define
SMB3.02 adds SHARE_CAP_ASYMMETRIC

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 21 22:57:16 CEST 2013 on sn-devel-104
2013-06-21 22:57:16 +02:00
Volker Lendecke
06e5401f7b lsa4: Fix a set but unused variable warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
7d5daaa9f4 lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
2448fe3ffe lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
720b4d3932 lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Jeremy Allison
6c49f90965 Fix glusterfs backend crash found at the Microsoft interop event.
Based on a fix originally from Raghavendra Talur <rtalur@redhat.com>.

When a new document is created in explorer, a check for file_exist is made.
vfs_gluster_get_real_filename was returning 0 even when the file did not
exist.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Christopher R. Hertel" <crh@ubiqx.mn.org>
2013-06-21 10:58:47 -07:00
Volker Lendecke
b96cea4aa5 Fix some blank line endings
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
2013-06-21 19:57:06 +02:00
Volker Lendecke
d2642cb1b9 dns: Fix CID 1034969 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 21 17:32:16 CEST 2013 on sn-devel-104
2013-06-21 17:32:16 +02:00
Christian Ambach
ad86e2a599 s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN
when creating a BUILTIN group, make the strategy dependent on passdb backend behavior
1. if passdb is responsible for BUILTIN (normal case), call pdb_create_builtin_alias with gid=0 argument
so it asks winbindd for a gid to be used
2. if passdb is not responsible, ask for a mapping for the group first and let pdb_create_builtin_alias
create the mapping based on the gid that was determined in the mapping request

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 21 12:49:10 CEST 2013 on sn-devel-104
2013-06-21 12:49:10 +02:00
Christian Ambach
2d2d13ee61 s3:passdb add a gid argument to pdb_create_builtin_alias
make it possible to skip the allocation of a new gid from winbind
by specifying the gid to be used

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:24 +02:00
Christian Ambach
212baedcd5 s3:utils/net_sam make use of pdb_create_builtin helper function
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:24 +02:00
Christian Ambach
df41835eea s3:passdb expose pdb_create_builtin function
this one first tries to map the principal before
allocating a new gid

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:23 +02:00
Christian Ambach
6a048b424a s3:passdb/pdb_tdb add parameter to control handling of BUILTIN
with tdbsam:map builtin, one can control if tdbsam should
be used to map entries from BUILTIN or not.
By default, they will be mapped (as in older releases)

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:23 +02:00
Christian Ambach
324b3cc00c s3:passdb/pdb_ldap remove an unnecessary check
as general passdb code already verifies for which
idmap domains the module is responsible, requests for
other domains should not come in here any more

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:22 +02:00
Christian Ambach
01e094b53f s3:passdb/pdb_ldap make the module handle well-known
overwrite the passdb defaults and let this module handle well-knowns

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:21 +02:00
Christian Ambach
987de8a971 s3:passdb make pdb_sid_to_id honor backend responsibilities
only ask passdb backend for mapping if it is responsible

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:21 +02:00
Christian Ambach
55dd9e6a9c s3:passdb/pdb_samba_dsdb make the module handle well-known
overwrite the passdb defaults and let this module handle well-knowns

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:20 +02:00
Christian Ambach
56df37d332 s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functions
ask passdb to determine if sid/object should be handled by passdb or not

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:20 +02:00
Christian Ambach
0ad38d777f s3:passdb add pdb_*_is_responsible_for* functions
allows PDB modules to specify for which special domains they
are responsible when it comes to SID->xid conversion

By default, passdb modules will be responsible for local BUILTIN,
local SAM and Unix Users/Groups

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:19 +02:00
Christian Ambach
9eb67f259f s3:passdb add idmap control functions
make it possible for each backend to specify for which domains
it should be asked for SID->xid mappings

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:19 +02:00
Christian Ambach
0ad89c3cc9 s3:passdb/samba_dsdb fix some compiler warnings
about gids and group_sids being potentially uninitialized

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:18 +02:00
Christian Ambach
e211b5c5d2 s3:passdb/samba_dsdb fix a compiler warning
about discarding const modifier

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:18 +02:00
Christian Ambach
e17bc56caf s3:utils/net_lookup fix a format-error
clang complains about short being used for unsigned as format-error

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:17 +02:00
Andrew Bartlett
88c72fceb1 s4-winbind: Add special case for BUILTIN domain
This should mean that lookups for the BUILTIN domain cause less trouble
then they have in the past, because they will no longer go via the
trusted domain handler.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
2013-06-20 15:30:00 +02:00
Jeremy Allison
d4091c5809 Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in "EOF on stdin"
Only install the stdin handler if it's a pipe or fifo.

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-20 13:41:01 +02:00
Andrew Bartlett
fc13489c91 build: Build with system md5.h on OpenIndiana
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5.  I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.

This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-19 21:32:36 +02:00
Jeremy Allison
5c4772ec1d Re-add umask(0) code removed by commit 3a7c2777ee
Without the umask code the pipe permissions are affected by the
umask of the calling process. As only smbd currently sets its
umask to zero (nmbd and winbindd should do the same) this causes
the winbindd pipe to be unavailable to the nss library code unless
winbindd is run from an init process that explicitly sets umask
to zero. When testing from the command line this can be hard to
track down :-).

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 18 04:31:27 CEST 2013 on sn-devel-104
2013-06-18 04:31:27 +02:00
Jeremy Allison
fcc43cfbe3 Fix xx_path() - return check from mkdir() is incorrect.
This is very old code, but mkdir() fails with -1, not 0.
Only print the error message is mkdir failed with anything
other than EEXIST.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-18 02:41:10 +02:00
David Disseldorp
d924da9bc8 docs/vfs_catia: rework man page
The vfs_catia man page refers to two configuration variants, one
applying to Samba <= 3.4.x and one referring to Samba >= 3.5.x.
This change removes all information specific to Samba <= 3.4.x, as such
versions have been discontinued.

This change also improves formatting and nomenclature: configuration
parameters, examples and caveats are split into separate sections, and
server-side/client-side terms replace the ambiguous use of Unix and
Windows.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 17 23:23:57 CEST 2013 on sn-devel-104
2013-06-17 23:23:57 +02:00
David Disseldorp
8ac17fff80 docs/vfs_catia: remove space-char mapping recommendation
The vfs_catia man page currently recommends the mapping of server-side
space-characters (0x20) to client-side plus-minus characters (0xb1).

This recommendation should not be made, as 0x20 is a valid filename
component on both system character sets.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-17 12:26:56 -07:00