IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This sets it for all enviornments, as it is harmless if ntvfs is used
and critical if the provision script runs in s3fs mode.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 23 16:42:41 CEST 2012 on sn-devel-104
This command verifies that the current on-disk ACLs match the directory and
the defaults from provision.
Unlike sysvolreset, this does not change any of the permissions.
Andrew Bartlett
Needing to be able to write this test is the primary reason I have
been reworking the VFS and posix ACL layer over the past few weeks.
By exposing the POSIX ACL as a IDL object we can eaisly manipulate it
in python, and then verify that the ACL was handled correctly.
This ensures the when we write an ACL in provision, that it will
indeed allow that access at the FS layer.
We need to extend this beyond just the critical two ACLs set during
provision, to also include some special (hard) cases involving the
merging of ACE entries, as this is the most delicate part of the ACL
transfomation.
A similar test should also be written to read the posix ACL and the
mapped NT ACL on a file that has never had an NT ACL set.
Andrew Bartlett
This handles the fact that smbd will rarely override the POSIX ACL enforced by
the kernel. This has caused issues with the creation of group policies by
other members of the Domain Admins group.
Andrew Bartlett
This means that any utility that calls into the VFS layer will get the
right modules.
Because we use the fake_acls backend we need to override this whole
list in Samba4.pm however.
Andrew Bartlett
The loadparm context on the schema DB might have gone away already.
Pre-cache the schema refresh interval at load time to avoid worrying
about this.
Andrew Bartlett
We do not need filesystem ACLs set when creating the reference provision, so it is
easier to use the NTVFS backend as it does not cause trouble with make test.
Andrew Bartlett
Microsoft documentation states that maximum fqdn length is 64 characters, so extending DNS Domain column to 65 characters.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 23 03:49:00 CEST 2012 on sn-devel-104
The function align_string() is now broken as base_ptr no longer
points at the start of the SMB data packet, but
at the start of the returned TRANS2 data area.
Replace it with a check for FLAGS2_UNICODE_STRINGS and
a call to ucs2_align().
Because these run as non-root, we need to avoid doing things that will
fail during the provision. The main test of the s3fs provision is the
plugin_s4_dc environment with a smb.conf that specifies vfs_fake_acls.
Andrew Bartlett
This is an odd option, but is needed because I wish to add assertions about
ACL setting that will not work in make test without the vfs_fake_acls module
loaded.
Andrew Bartlett
This refers to LDB add operations as well, we have only to be careful on
"@ATTRIBUTES" entries.
E.g.
dn: cn=testperson,cn=users,dc=...,dc=...
objectClass: person
url: www.example.com
url: www.example.com
should not work.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
