1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

286 Commits

Author SHA1 Message Date
Gerald Carter
1839b4be14 r14634: Many bug fixes thanks to train rides and overnight stays in airports
* Finally fix parsing idmap uid/gid ranges not to break with spaces
  surrounding the '-'
* Allow local groups to renamed by adding info level 2 to
  _samr_set_aliasinfo()
* Fix parsing bug in _samr_del_dom_alias() reply
* Prevent root from being deleted via Samba
* Prevent builting groups from being renamed or deleted
* Fix bug in pdb_tdb that broke renaming user accounts
* Make sure winbindd is running when trying to create the Administrators
  and Users BUILTIN groups automatically from smbd (and not just check the
  winbind nexted groups parameter value).
* Have the top level rid allocator verify that the RID it is about to
  grant is not already assigned in our own SAM (retries up to 250 times).
  This fixes passdb with existing SIDs assigned to users from the RID algorithm
  but not monotonically allocating the RIDs from passdb.
(This used to be commit db1162241f)
2007-10-10 11:15:41 -05:00
Gerald Carter
41a0da4cfc r14457: Add a few more special cases for RID 513 in the samr code.
Now that I know what all the requirements for this group are
I can generalize the code some more and make it cleaner.
But at least this is working with lusrmgr.msc on XP and 2k now.
(This used to be commit d2c1842978)
2007-10-10 11:15:31 -05:00
Gerald Carter
0ce53f8ba5 r14403: * modifies create_local_nt_token() to create a BUILTIN\Administrators
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'

* Add a SID domain to the group mapping enumeration passdb call
  to fix the checks for local and builtin groups.  The SID can be
  NULL if you want the old semantics for internal maintenance.
  I only updated the tdb group mapping code.

* remove any group mapping from the tdb that have a
  gid of -1 for better consistency with pdb_ldap.c.
  The fixes the problem with calling add_group_map() in
  the tdb code for unmapped groups which might have had
  a record present.

* Ensure that we distinguish between groups in the
  BUILTIN and local machine domains via getgrnam()
  Other wise BUILTIN\Administrators & SERVER\Administrators
  would resolve to the same gid.

* Doesn't strip the global_sam_name() from groups in the
  local machine's domain (this is required to work with
  'winbind default domain' code)

Still todo.

* Fix fallback Administrators membership for root and domain Admins
  if nested groups = no or winbindd is not running

* issues with "su - user -c 'groups'" command

* There are a few outstanding issues with BUILTIN\Users that
  Windows apparently tends to assume.  I worked around this
  presently with a manual group mapping but I do not think
  this is a good solution.  So I'll probably add some similar
  as I did for Administrators.
(This used to be commit 612979476a)
2007-10-10 11:15:28 -05:00
Volker Lendecke
fde3304981 r13955: Fix Coverity ID 139.
Not a bug in the strictest sense, more a clarification. This whole routine
assumes new_gid != NULL anyway, so there's no point in checking.

Volker
(This used to be commit dfbf09c772)
2007-10-10 11:11:01 -05:00
Jeremy Allison
894358a8f3 r13915: Fixed a very interesting class of realloc() bugs found by Coverity.
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.

The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :

 tmp = realloc(p, size);
 if (!tmp) {
    SAFE_FREE(p);
    return error;
 } else {
    p = tmp;
 }

However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :

 p = realloc(p, size)
 if (!p) {
    return error;
 }

which will leak the memory pointed to by p on realloc fail.

This commit (hopefully) fixes all these cases by moving to
a standard idiom of :

 p = SMB_REALLOC(p, size)
 if (!p) {
    return error;
 }

Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.

For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :

 tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
 if (!tmp) {
    SAFE_FREE(p);
    return error;
 } else {
    p = tmp;
 }

SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).

It remains to be seen what this will do to our Coverity bug count :-).

Jeremy.
(This used to be commit 1d710d06a2)
2007-10-10 11:10:59 -05:00
Gerald Carter
fb5362c069 r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()
macro which sets the freed pointer to NULL.
(This used to be commit b65be8874a)
2007-10-10 11:10:14 -05:00
Volker Lendecke
301d51e13a r13494: Merge the stuff I've done in head the last days.
Volker
(This used to be commit bb40e544de)
2007-10-10 11:10:06 -05:00
Gerald Carter
0af1500fc0 r13316: Let the carnage begin....
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed)
2007-10-10 11:06:23 -05:00
Volker Lendecke
88d3b08147 r12438: Remove an unused function
(This used to be commit 561e351d25)
2007-10-10 11:05:56 -05:00
Volker Lendecke
db6eea0fb4 r12185: Cosmetic cleanup
(This used to be commit d1e8f9afff)
2007-10-10 11:05:48 -05:00
Volker Lendecke
4d03fc55df r12182: Cosmetic cleanup
(This used to be commit 81c358b511)
2007-10-10 11:05:48 -05:00
Volker Lendecke
05ac2de0df r12051: Merge across the lookup_name and lookup_sid work. Lets see how the build farm
reacts :-)

Volker
(This used to be commit 9f99d04a54)
2007-10-10 11:05:43 -05:00
Jeremy Allison
8d7c886671 r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4
x86_64 box.
Jeremy.
(This used to be commit d720867a78)
2007-10-10 11:05:02 -05:00
Gerald Carter
54abd2aa66 r10656: BIG merge from trunk. Features not copied over
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d7)
2007-10-10 11:04:48 -05:00
Gerald Carter
450e8d5749 r7130: remove 'winbind enable local accounts' code from the 3.0 tree
(This used to be commit 318c3db4cb)
2007-10-10 10:57:01 -05:00
Tim Potter
70490aae0c r6769: Fix bugzilla #2538 and #2527. Unused variables found by Jason Mader.
(This used to be commit 68b1c1f533)
2007-10-10 10:56:54 -05:00
Volker Lendecke
d3d6126d94 r6351: This is quite a large and intrusive patch, but there are not many pieces that
can be taken out of it, so I decided to commit this in one lump. It changes
the passdb enumerating functions to use ldap paged results where possible. In
particular the samr calls querydispinfo, enumdomusers and friends have
undergone significant internal changes. I have tested this extensively with
rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will
follow later.

The code is based on a first implementation by Günther Deschner, but has
evolved quite a bit since then.

Volker
(This used to be commit f0bb44ac58)
2007-10-10 10:56:38 -05:00
Volker Lendecke
83e11ba86c r6263: Get rid of generate_wellknown_sids, they are const static and initializable
statically.

Volker
(This used to be commit 3493d9f383)
2007-10-10 10:56:33 -05:00
Herb Lewis
978ca84860 r6225: get rid of warnings from my compiler about nested externs
(This used to be commit efea76ac71)
2007-10-10 10:56:30 -05:00
Jeremy Allison
202c7b4571 r6092: This much const causes the compiler on Fedora Core 2
to throw up.
Jeremy.
(This used to be commit 051f0ed807)
2007-10-10 10:56:21 -05:00
Volker Lendecke
e84ead0cfd r6080: Port some of the non-critical changes from HEAD to 3_0. The main one is the
change in pdb_enum_alias_memberships to match samr.idl a bit closer.

Volker
(This used to be commit 3a67865169)
2007-10-10 10:56:20 -05:00
Volker Lendecke
140752fd35 r5647: Caches are good for performance, but you get a consistency problem.
Fix bug # 2401.

Volker
(This used to be commit eb4ef94f24)
2007-10-10 10:55:53 -05:00
Günther Deschner
5f54cc9bd3 r5264: Log with loglevel 0 when account-administration scripts fail.
Guenther
(This used to be commit 3d391ef149)
2007-10-10 10:55:35 -05:00
Gerald Carter
d94d87472c r4724: Add support for Windows privileges in Samba 3.0
(based on Simo's code in trunk).  Rewritten with the
following changes:

* privilege set is based on a 32-bit mask instead of strings
  (plans are to extend this to a 64 or 128-bit mask before
   the next 3.0.11preX release).
* Remove the privilege code from the passdb API
  (replication to come later)
* Only support the minimum amount of privileges that make
  sense.
* Rewrite the domain join checks to use the SeMachineAccountPrivilege
  instead of the 'is a member of "Domain Admins"?' check that started
  all this.

Still todo:

* Utilize the SePrintOperatorPrivilege in addition to the 'printer admin'
  parameter
* Utilize the SeAddUserPrivilege for adding users and groups
* Fix some of the hard coded _lsa_*() calls
* Start work on enough of SAM replication to get privileges from one
  Samba DC to another.
* Come up with some management tool for manipultaing privileges
  instead of user manager since it is buggy when run on a 2k client
  (haven't tried xp).  Works ok on NT4.
(This used to be commit 77c10ff9aa)
2007-10-10 10:53:51 -05:00
Jeremy Allison
acf9d61421 r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f)
2007-10-10 10:53:32 -05:00
Volker Lendecke
154d5f913b r3566: Completely replace the queryuseraliases call. The previous implementation does
not exactly match what you would expect.

XP workstations during login actually do this, so we should better become a
bit more correct. The LDAP query issued is not really fully optimal, but it is
a lot faster and more correct than what was there before. The change in
passdb.h makes it possible that queryuseraliases is done with a single ldap
query.

Volker
(This used to be commit 2508d4ed1e)
2007-10-10 10:53:09 -05:00
Volker Lendecke
9c61daf667 r3561: Since we have tdb_reopen_all() after all forks, the local_pid logic is not
correct anymore. If we actually open the tdb before the fork, we end up
opening the tdb twice. Jerry, jra, this also happens in the locking and
printing subsystems. You might want to check it there (not that it actually
happens right now, but this gave me some confusion lately...).

Volker
(This used to be commit 40cad9dcc1)
2007-10-10 10:53:09 -05:00
Andrew Bartlett
3d50211480 r2865: Add static and remove unused functions that only cload the blame-game
in finding out who is causing the massive performance problems with
large LDAP directories.

Andrew Bartlett
(This used to be commit f16ed2616a)
2007-10-10 10:52:55 -05:00
Günther Deschner
823936d180 r2753: Workaround for the (rather broken) _samr_query_useraliases rpc-call.
_samr_query_useraliases shows up with all kind of very weird memberships
(global-groups, machine-accounts, etc.). Sometimes even if there is no
alias-membership at all.

One of the biggest mistakes is to convert any unix-group the user is a
member of, into an alias by default in get_group_from_gid.

get_alias_user_groups should be rewritten to use
pdb_enum_alias_memberships.

Guenther
(This used to be commit 73ab2d2a74)
2007-10-10 10:52:51 -05:00
Gerald Carter
7af3777ab3 r116: volker's patch for local group and group nesting
(This used to be commit b393469d95)
2007-10-10 10:51:10 -05:00
Gerald Carter
931df5850e r39: * importing .cvsignore files
* updateing WHATSNEW with vl's change
(This used to be commit a7e2730ec4)
2007-10-10 10:51:05 -05:00
Rafal Szczesniak
1fabcf0a12 Fix to debug message lacking termination with '\n'.
rafal
(This used to be commit 2a7dd46943)
2004-03-09 18:58:19 +00:00
Volker Lendecke
8f3507338e When creating a group via a script, don't let winbind do it as well.
Volker
(This used to be commit 6a229f1488)
2004-02-17 21:25:42 +00:00
Volker Lendecke
7ff912521a Fix memleak just introduced. Thanks to abartlet :-)
Volker
(This used to be commit be485eea81)
2004-01-25 10:14:50 +00:00
Volker Lendecke
4d6b478b19 On my SuSE 8.2 (glibc 2.3.2) the getpwnam inside pdb_getsampwnam reset
the surrounding getpwent loop to the first entry. So smbd went into an
endless loop.

Volker
(This used to be commit 1797b16fad)
2004-01-25 10:04:10 +00:00
Andrew Bartlett
b4593e92ff JHT came up with a nasty (broken) torture case in preparing examples for
his book.

This prompted me to look at the code that reads the unix group list.  This
code did a lot of name -> uid -> name -> sid translations, which caused
problems.  Instead, we now do just name->sid

I also cleaned up some interfaces, and client tools.

Andrew Bartlett
(This used to be commit f9e59f8bc0)
2004-01-02 05:32:07 +00:00
Gerald Carter
87fddf6a98 more group lookup access fixes on the neverending bug 281
(This used to be commit 9359a6ea80)
2003-12-10 16:40:17 +00:00
Gerald Carter
3d929b1ce6 * fix RemoveSidForeignDomain() ; bug 252
* don't fall back to unmapped UNIX group for
  get_local_group_from_sid()
* remove an extra become/unbecome_root() pair
  from group enumeration
(This used to be commit da12bbdb0d)
2003-12-04 03:35:46 +00:00
Gerald Carter
c39f5fea4a more access fixes for group enumeration in LDAP; bug 281
(This used to be commit 68283407e0)
2003-11-24 17:31:38 +00:00
Tim Potter
22ecf22068 Fix syntax error!
(This used to be commit cd0b6f74ba)
2003-08-15 17:38:11 +00:00
Gerald Carter
dff37bed45 fix compile warnings on IRIX
(This used to be commit b9779ba590)
2003-08-15 17:01:49 +00:00
Tim Potter
80c1f1d865 Fixup a bunch of printf-style functions and debugs to use unsigned long when
displaying pid_t, uid_t and gid_t values.  This removes a whole lot of warnings
on some of the 64-bit build farm machines as well as help us out when 64-bit
uid/gid/pid values come along.
(This used to be commit f93528ba00)
2003-07-22 04:31:20 +00:00
Gerald Carter
a84270ce11 fixes for 'net rpc vampire'. I can now take a blank Samba host
and migrate an NT4 domain and still logon from domain members
(tested logon scripts, system policies, profiles, & home directories)
(passdb backend = tdbsam)

removed call to idmap_init_wellknown_sids() from winbindd.c
since the local domain should be handled by the guest passdb backend
(and you don't really always want the Administrator account to be root)
...and we didn't pay attention to this anyways now.
(This used to be commit 837d7c54d3)
2003-07-16 02:20:53 +00:00
Volker Lendecke
e9e3421db9 We should report if a group mapping fails. This should fix bug#225.
Jerry, this is assigned to you. Do you want to answer it?

However, we have to decide what to do if a mapping is to be done for a
unix group not in LDAP....

Volker
(This used to be commit bf449d467c)
2003-07-15 17:23:36 +00:00
Gerald Carter
03d5867d52 moving more code around.
* move rid allocation into IDMAP.  See comments in _api_samr_create_user()
  * add winbind delete user/group functions

I'm checking this in to sync up with everyone.  But I'm going to split
the add a separate winbindd_allocate_rid() function for systems
that have an 'add user script' but need idmap to give them a RID.
Life would be so much simplier without 'enable rid algorithm'.
The current RID allocation is horrible due to this one fact.
Tested idmap_tdb but not idmap_ldap yet.  Will do that tomorrow.

Nothing has changed in the way a samba domain is represented, stored,
or search in the directory so things should be ok with previous installations.

going to bed now.
(This used to be commit 0463045cc7)
2003-07-11 05:33:40 +00:00
Gerald Carter
16ff7b26f6 Large set of changes to add UNIX account/group management
to winbindd.  See README.idmap-and-winbind-changes for details.
(This used to be commit 1111bc7b0c)
2003-07-09 16:44:47 +00:00
Alexander Bokovoy
cd6687673a Fix memleak in groupdb. Spotted by Metze
(This used to be commit 5280c69531)
2003-07-04 09:56:50 +00:00
Simo Sorce
75a5c0b307 Ok, this patch removes the privilege stuff we had in, unused, for some time.
The code was nice, but put in the wrong place (group mapping) and not
supported by most of the code, thus useless.

We will put back most of the code when our infrastructure will be changed
so that privileges actually really make sense to be set.

This is a first patch of a set to enhance all our mapping code cleaness and
stability towards a sane next beta for 3.0 code base

Simo.
(This used to be commit e341e7c49f)
2003-06-18 15:24:10 +00:00
Volker Lendecke
e6fd597fce And some more memory leaks in mapping.c and pdb_tdb.c. tdb_nextkey
mallocs its key, so we should free it after use.

Volker
(This used to be commit 9750799ba2)
2003-06-18 12:00:52 +00:00
Volker Lendecke
1eb6447727 And more other memory leaks. One new (idmap) and one ancient (groupdb).
Volker
(This used to be commit 2392f460ae)
2003-06-17 12:31:02 +00:00
Simo Sorce
c823b191ab And finally IDMAP in 3_0
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.

Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.

The code has been tested and seem to work right, more testing is needed for
corner cases.

Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)

Simo.
(This used to be commit 0e58085978)
2003-05-12 18:12:31 +00:00
Gerald Carter
e30c2e18f6 don't implement any group mapping functions in the guest sam module
(This used to be commit a354bf4b7e)
2003-04-29 05:31:06 +00:00
Tim Potter
e038e2dff3 Fix broken regexp in cvsignore for *.po{,32} files.
(This used to be commit a17622103b)
2003-04-14 05:33:41 +00:00
Martin Pool
bdca5d31c3 Ignore .po and .po32 files.
(This used to be commit f01d94b027)
2003-04-09 06:01:15 +00:00
Volker Lendecke
da7c72736a The group mapping functions are not called
directly anymore, but instead through the passdb
interface. So we can make them static.

Volker
(This used to be commit a91af4bea8)
2003-03-23 11:44:14 +00:00
Andrew Bartlett
3e19eda335 Remove 'unixsam' from the default passdb backends.
The intention is to remove the muliple passdb backends, but we need the
'guest' account to always be there.  If the admin adds the guest account to
(say) LDAP, there will only be one backend required for operation.

This helps remove some nasty behaviours with adding accounts to the system
for both the RPC 'create user' and the SAMSYNC code.  Users 'added' with
an 'add user/machine' script won't magicly appear, and machine accounts
'pre-added' to unix, but not the smbpasswd file will not cause mayhem.

This commit also implements somthing tridge discussed with me, the concept
of 'default' passdb operation pointers - so that each backend does not
need it's own stub funcitons wrapping the default tdb privilages/group
mapping code.

This also removes an implicit 'sid->name' and 'name->sid' mapping from our
own local SID space, to winbind usernames.  When adding mapping for NIS/LDAP
non-sam users in future, we need to be careful.

Andrew Bartlett
(This used to be commit 6f32fa2349)
2003-02-22 12:01:05 +00:00
Martin Pool
335fbbfbc9 add_initial_entry should fail if string_to_sid fails.
(This used to be commit bb095dc28d)
2003-02-18 01:05:56 +00:00
Gerald Carter
5fb5950258 small merges from SAMBA_3_0; mostly typos, renames, etc...
(This used to be commit 9ac196dad4)
2003-01-15 18:31:46 +00:00
Andrew Bartlett
6d66fb308a BIG patch...
This patch makes Samba compile cleanly with -Wwrite-strings.
 - That is, all string literals are marked as 'const'.  These strings are
always read only, this just marks them as such for passing to other functions.

What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables).  The rest
is just adding a lot of 'const'.

As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).

Andrew Bartlett
(This used to be commit 92a777d0ea)
2003-01-02 09:07:17 +00:00
Jeremy Allison
f023d6129b Lots of fixes for error paths where tdb_fetch() data need freeing.
Found via a post from Arcady Chernyak <Arcady.Chernyak@efi.com>.
Jeremy.
(This used to be commit 19f86f1f72)
2002-11-23 02:52:38 +00:00
Jeremy Allison
250c980119 Removed global_myworkgroup, global_myname, global_myscope. Added liberal
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit 82b8f749a3)
2002-11-12 23:15:52 +00:00
Volker Lendecke
5dbf435408 This moves the group mapping API into the passdb backend.
Currently this calls back to mapping.c, but we have the framework
to get the information into LDAP and the passdb.tdb (should we? I
think so..).

This has received moderate testing with net rpc vampire and
usrmgr. I found the add_groupmem segfault in add_aliasmem as
well, but that will be another checkin.

Volker
(This used to be commit f30095852f)
2002-10-21 19:28:56 +00:00
Volker Lendecke
8cb53d56f2 Revert changes
(This used to be commit 975fd17f8a)
2002-10-17 08:12:20 +00:00
Volker Lendecke
4f001512cd Create group mappings on the fly.
Volker
(This used to be commit e2fc1de34a)
2002-10-16 09:41:42 +00:00
Jeremy Allison
9c94d1a2f7 Add a timeout to tdb_lock_bystring(). Ensure we never have more than
MAX_PRINT_JOBS in a queue.
Jeremy.
(This used to be commit bb58a08af4)
2002-10-04 22:53:30 +00:00
Volker Lendecke
06ce201a29 Ok, getting a bit more ambitious. Stop me, if this is wrong. ;-)
When creating a group you have to take care of the fact that the
underlying unix might not like the group name. This change gets around
that problem by giving the add group script the chance to invent a
group name. It then must only return the newly created numerical gid.

Volker
(This used to be commit b959419ed3)
2002-09-23 16:21:01 +00:00
Volker Lendecke
9251be2afc Sorry for the new parameter, but I think to really reflect what's coming
in via deltas, we need a way to set a user's primary group.

Volker
(This used to be commit 9f7a16acf1)
2002-09-21 14:14:40 +00:00
Jelmer Vernooij
2b2b0f7119 Put in intermediate version of new SAM system. It's not stable yet, code
might be ugly, etc - please don't blame me for anything but instead try to fix
the code :-). Compiling of the new sam system can be enabled with the
configure option --with-sam

Removing passdb/passgrp.c as it's unused
fix typo in utils/testparm.c
(This used to be commit 4b7de5ee23)
2002-08-28 04:54:43 +00:00
Andrew Bartlett
b0ffabdcca Globally replace 'global_sam_sid' with get_global_sam_sid(), a self
initialising function.  This patch thanks to the work of
"Stefan (metze) Metzmacher" <metze@metzemix.de>

This is partly to enable the transition to SIDs in the the passdb.

Andrew Bartlett
(This used to be commit 96afea638e)
2002-06-07 14:33:33 +00:00
Jean-François Micouleau
8295173206 DEBUG cleanup.
J.F.
(This used to be commit 1ece80a6b7)
2002-04-19 13:39:52 +00:00
Tim Potter
cd68afe312 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06)
2002-01-30 06:08:46 +00:00
Tim Potter
86aa1d20f9 Since we have dynamic initialisation in the group mapping code, make
init_group_mapping() a static function and don't call it from any client
programs.

Not sure whether I've made a bigger mess here or not...
(This used to be commit 3c887d9021)
2002-01-29 01:01:14 +00:00
Andrew Bartlett
de03bb6160 Patch from Kevin Stefanik <kstef@mtppi.org> to do some more error checking for
group mapping init failures.
(This used to be commit cd6a2dad4e)
2002-01-27 10:53:43 +00:00
Andrew Bartlett
c311d24ce3 A nice *big* change to the fundemental way we do things.
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps
them around for a long time - often past the next call...

This adds a getpwnam_alloc and a getpwuid_alloc to the collection.

These function as expected, returning a malloced structure that can be
free()ed with passwd_free(&passwd).

This patch also cuts down on the number of calls to getpwnam - mostly by
taking advantage of the fact that the passdb interface is already
case-insensiteve.

With this patch most of the recursive cases have been removed (that I know
of) and the problems are reduced further by not using the sys_ interface
in the new code.  This means that pointers to the cache won't be affected.
(This is a tempoary HACK, I intend to kill the password cache entirly).

The only change I'm a little worried about is the change to
rpc_server/srv_samr_nt.c for private groups.  In this case we are getting
groups from the new group mapping DB.  Do we still need to check for private
groups?  I've toned down the check to a case sensitve match with the new code,
but we might be able to kill it entirly.

I've also added a make_modifyable_passwd() function, that copies a passwd
struct into the form that the old sys_getpw* code provided.  As far as I can
tell this is only actually used in the pass_check.c crazies, where I moved
the final 'special case' for shadow passwords (out of _Get_Pwnam()).

The matching case for getpwent() is dealt with already, in lib/util_getent.c

Also included in here is a small change to register the [homes] share at vuid
creation rather than just in one varient of the session setup.  (This picks
up the SPNEGO cases).  The home directory is now stored on the vuid, and I
am hoping this might provide a saner way to do %H substitions.

TODO:  Kill off remaining Get_Pwnam_Modify calls (they are not needed), change
the remaining sys_getpwnam() callers to use getpwnam_alloc() and move
Get_Pwnam to return an allocated struct.

Andrew Bartlett
(This used to be commit 1d86c7f942)
2002-01-17 08:45:58 +00:00
Andrew Tridgell
2f4a6d60ef don't try to allocate zero bytes
(This used to be commit d09616da68)
2002-01-13 11:46:04 +00:00
Jeremy Allison
a842a3d458 When re-writing tdb version numbers as little endian int32, we must
change the version number also.
Jeremy.
(This used to be commit 3dec9cf99a)
2002-01-09 05:24:07 +00:00
Jeremy Allison
91536cc901 Fixed all uses of tdb_fetch/store/_int to use explicit int32 little endian
in tdb's. All except winbindd_idmap.... Hmmmmmm.
Jeremy.
(This used to be commit ec71f1732b)
2002-01-09 04:13:30 +00:00
Jeremy Allison
eca99f5c22 Fixed nasty cast of tdb_delete in traversals.
Jeremy.
(This used to be commit a0cdec3acc)
2002-01-03 22:48:48 +00:00
Andrew Bartlett
a3f891dbd2 Actually enforce the passdb API.
Thou shalt not reference SAM_ACCOUNT members directly - always use
pdb_get/pdb_set.

This is achived by making the whole of SAM_ACCOUNT have a .private member,
where the real members live.  This caught a pile of examples, and these have
beeen fixed.

The pdb_get..() functions are 'const' (have been for some time) and this
required a few small changes to constify other functions.

I've also added some debugs to the pdb get and set, they can be removed if
requested.

I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb
interface, but I need the flags info to do it properly.

The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such
I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result.

Finally, any and all testing is always appriciated - but the basics seem to
work.

Andrew Bartlett
(This used to be commit d3dd28f6c4)
2002-01-02 07:41:54 +00:00
Jean-François Micouleau
922eb763d7 added a boolean to the group mapping functions to specify if we need or
not the privileges. Usually we don't need them, so the memory is free
early.

lib/util_sid.c: added some helper functions to check an SID.

passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !

rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.

	J.F.
(This used to be commit 6c87e96149)
2001-12-04 21:53:47 +00:00
Jean-François Micouleau
cdf9b42754 added a tdb to store the account policy informations.
You can change them with either usermanager->policies->account
or from a command prompt on NT/W2K: net accounts /domain

we can add a rpc accounts to the net command. As the net_rpc.c is still
empty, I did not start. How should I add command to it ? Should I take the
rpcclient/cmd_xxx functions and call them from there ?

alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more
for jeremy ;-)

        J.F.
(This used to be commit bc28a8eebd)
2001-12-03 17:14:23 +00:00
Andrew Tridgell
e101224d83 init group db before use
this fixes the smbpasswd segvs
(This used to be commit d2bcdfd995)
2001-12-03 00:00:43 +00:00
Jean-François Micouleau
92a2d1d463 groups in the Builtin domain S-5-32 are alias and not well-known groups
J.F.
(This used to be commit 192978e3fc)
2001-12-01 23:56:05 +00:00
Tim Potter
0d5f30fe5f Missing return in free_privilege()
(This used to be commit b35d90cd89)
2001-11-30 00:46:40 +00:00
Jean-François Micouleau
fac01bda8b Changed again how the privilege list is handled in the group mapping code.
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It
makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP
struct as some privilege showing in USRMGR.EXE are not real privs but a
bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT
3.1 box to verify, but I'm too lazy (yes I still have my CDs).

Added 3 more LSA calls: SetSystemAccount, AddPrivileges and
RemovePrivileges, we can manage all this privilege from UserManager.

Time to change the NT_USER_TOKEN struct and add checks in all the rpc
functions. Fun, fun, fun.

        J.F.
(This used to be commit 3f0a9ef2b8)
2001-11-29 16:05:05 +00:00
Andrew Tridgell
ad2974cd05 added "net join" command
this completes the first stage of the smbd ADS support
(This used to be commit 058a5aee90)
2001-11-24 14:16:41 +00:00
Jean-François Micouleau
ca477a61e7 added lsaenumprivsaccount and lsalookupprivvalue to rpcclient
and more to come ...

	J.F.
(This used to be commit 1748d5a2af)
2001-11-24 00:13:41 +00:00
Jean-François Micouleau
2527f5ef52 Changed how the privileges are stored in the group mapping code. It's now
an array of uint32. That's not perfect but that's better.

Added more privileges too.

Changed the local_lookup_rid/name functions in passdb.c to check if the
group is mapped. Makes the LSA rpc calls return correct groups

Corrected the return code in the LSA server code enum_sids.

Only enumerate well known aliases if they are mapped to real unix groups.
Won't confuse user seeing groups not available.

Added a short/long view to smbgroupedit.

now decoding rpc calls to add/remove privileges to sid.

        J.F.
(This used to be commit f29774e589)
2001-11-23 15:11:22 +00:00
Tim Potter
dc1fc3ee8e Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.
(This used to be commit 2d0922b0ea)
2001-10-02 04:29:50 +00:00
Simo Sorce
81fdc3c3f7 move to SAFE_FREE()
(This used to be commit e61aec84ed)
2001-09-17 04:16:35 +00:00
Andrew Tridgell
7f641b4676 fixed compilation of groupdb
(This used to be commit 23e2561a1c)
2001-09-17 03:40:55 +00:00
Simo Sorce
31c3f7a8b2 move to SAFE_FREE()
(This used to be commit 89833bbbd8)
2001-09-17 00:58:15 +00:00
Andrew Tridgell
9a9ac2739b got rid of USE_TDB_MMAP_FLAG as its not needed any more
(This used to be commit c26e0d3f27)
2001-09-06 22:08:19 +00:00
Jeremy Allison
5f0b9d0830 Realloc fix.
Jeremy.
(This used to be commit 82153dde95)
2001-08-19 18:25:14 +00:00
Jeremy Allison
a680611c0b Realloc fixes.
Jeremy.
(This used to be commit 6b90263292)
2001-08-19 18:19:04 +00:00
Jeremy Allison
4f14ec2dd1 Realloc fixes.
Jeremy.
(This used to be commit e4ef9e332f)
2001-08-19 18:01:08 +00:00
Jeremy Allison
e077bcada9 Realloc fixes.
Jeremy.
(This used to be commit 560ae7615e)
2001-08-19 17:54:10 +00:00
Simo Sorce
2e783a4707 this is a big global fix for the ptr = Realloc(ptr, size) bug.
many possible mem leaks, and segfaults fixed.

someone should port this fix to 2.2 also.
(This used to be commit fa8e55b8b4)
2001-08-12 17:30:01 +00:00
Jeremy Allison
996719cce2 Added "use mmap" for HPUX.
Jeremy.
(This used to be commit 840802f106)
2001-07-30 22:21:31 +00:00
Jean-François Micouleau
554a455d40 when retrieving by sid fill also the map.sid field
(This used to be commit f47797fa95)
2001-07-09 18:17:00 +00:00
Andrew Tridgell
05fc3e578c use LDSHFLAGS not -shared in several places
(This used to be commit 8ec9c87b5d)
2001-06-04 05:13:59 +00:00
Jeremy Allison
8c4d6548a9 groupdb/mapping.c: Fix gcc compiler warning.
smbd/connection.c: Sync up with code in 2.2
Jeremy.
(This used to be commit 87025c223d)
2001-05-17 00:24:34 +00:00
Jean-François Micouleau
b6a6b4b02e fixes to the group mapping code.
Not ready yet.

	J.F.
(This used to be commit 62a7a567fd)
2001-05-08 16:33:18 +00:00
Jean-François Micouleau
f35157f392 Big cleanup of passdb and backends.
I did some basic tests but I have probably broken something. Notably the
password changing. So don't cry ;-)

	J.F.
(This used to be commit a4a4c02b12)
2001-05-04 15:44:27 +00:00
Jeremy Allison
2ef68c7e92 Merge of Andrew's changes in 2.2.
Jeremy.
(This used to be commit fc76681812)
2001-04-13 19:12:06 +00:00
Jeremy Allison
da8805b377 groupdb/mapping.c:
include/proto.h: Fix missing (void) in proto.
rpc_server/srv_samr_nt.c: Fix user private group problem by filtering out groups that
							clash with users.
smbd/posix_acls.c: Ensure default ACE's are sensible.
utils/pdbedit.c: Fix from Simo Sorce.
Jeremy.
(This used to be commit 29414fe0d6)
2001-03-23 02:14:08 +00:00
Jean-François Micouleau
0053bd8b80 first pass of the new group mapping code
J.F.
(This used to be commit 7154deb026)
2001-03-23 00:50:31 +00:00
Andrew Tridgell
00e3fe1324 moved trans2.h and nterr.h into includes.h with all our other includes
(This used to be commit d7cd7c88fd)
2000-04-25 14:06:57 +00:00
Andrew Tridgell
32a965e09c 2nd phase of head branch sync with SAMBA_2_0 - this delets all the files that were in the head branch but weren't in SAMBA_2_0
(This used to be commit d7b2087865)
1999-12-13 13:35:20 +00:00
Andrew Tridgell
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76)
1999-12-13 13:27:58 +00:00
Luke Leighton
93a1aa7ccb reverted lookup change. from ignacio.
(This used to be commit 5b8961a9d4)
1999-08-05 18:50:13 +00:00
Luke Leighton
0ad513f42c renamed getfilepwent() and endfilepwent() to getfileent() and endfileent()
as they are generic "file line-by-line" reading routines.  lines with
"#" at the front are ignored (as comments).  this code started out as
the password file reading code.
(This used to be commit ef6df590fd)
1999-07-13 19:54:40 +00:00
Luke Leighton
a424da878f Ignacio Coupeau <icoupeau@unav.es> suggested modification to ldap search.
(This used to be commit 7d63376417)
1999-07-08 19:04:04 +00:00
Luke Leighton
a18c6ba9a4 Greg Dickie spotted some wierd memory corruption problem with group
database enumeration.
(This used to be commit b0381bb262)
1999-03-09 23:22:36 +00:00
Luke Leighton
0cfca572c9 last unix group not being listed. spotted by jacques sansdrap.
(This used to be commit 2d5fc5c7cf)
1999-02-19 15:46:38 +00:00
Luke Leighton
1153f00f88 cache unix groups so that two-level getgrent calls don't occur.
(This used to be commit f7dfa55a2e)
1999-02-03 00:49:24 +00:00
Matthew Chapman
c35bf45785 Finally committing my LDAP changes.
* Added new APIs for modifying groups.
* RIDs are allocated similarly to NT, starting from 1000 and incrementing by 1
  for each new user/group.
* RIDs are now consistently in hex

* Fixed bugs reported by Allan Bjorklund <allan@umich.edu>:
   - ldap_close_connection is exported by OpenLDAP - changed to ldap_disconnect
   - Missing ldap_connect() in getusergroups functions
   - ldap_next_entry was being called too early while retrieving a sam_struct
   - LDAP globals should be extern in sampassldap.c

* Fixed bugs reported by Martin Hofbauer <mh@bacher.at>
   - Newly added workstation trust accounts had attributes DU rather than W.
   - User dn's were forced to start with "uid=XX" rather than using the existing
     dn.
(This used to be commit 91c77f5432)
1999-01-15 05:00:26 +00:00
Luke Leighton
4323fd4072 added ldap files by Matthew Chapman.
(This used to be commit 2bc031e8fa)
1998-12-07 22:52:49 +00:00
Luke Leighton
312f4f3960 - lib/unix_sec_ctxt.c
attempt at taking lib/uid.c and getting a unix security context
	change module that is independent of "cnums" and "snums".
	a security context is needed for pipes, not just IPC$ or other
	services.

- group database API

	added add_group/alias_member, del_group/alias_member,
	del_group/alias_entry functions.  del_builtin_entry() is
	deliberately set to NULL to cause an exception, you cannot
	delete builtin aliases.

- parse_lsa.c srv_lsa.c

	fixed lookup_names code, it was a load of trash and didn't do
	anything.

- cmd_samr.c rpcclient.c srv_samr.c

	added "deletegroup", "deletealias", "delaliasmem", "delgroupmem",
	"addgroupmem", "addaliasmem", "createalias", "creategroup", to
	both client and server code.

	server code calls into unix stubs right now, which don't actually
	do anything.  the only instance where they are expected to do
	anything is in appliance mode NOT even in the ldap code or anything.

	client code modified to call samr_lookup_names() for group code
	(because we can) and lsa_lookup_names() for alias code (because
	we have to).

- srv_lookup.c

	oops, lookup on unsplit name, we got lookup on DOMAIN, DOMAIN\name
	instead of DOMAIN, name.
(This used to be commit b8175702ef)
1998-12-07 17:23:48 +00:00
Luke Leighton
78df0fb8f1 added rid and sid_name_use to DOMAIN_GRP_MEMBER, for use in group member
query.

domain groups now work, hurrah!  only thing is that the description is
one character long, don't know why (which is wierd in itself).
(This used to be commit 78a86c6496)
1998-12-02 22:05:56 +00:00
Luke Leighton
f768238582 ok. unix-nt mapping code issues
need to check, when looking up group members, that a group member is
a unix user [being mapped to an nt user] FIRST then if that fails
check that a group member is a unix group [being mapped to an nt group].

why?  because you can have group names in a unix /etc/group file with
the same name as users.

this _might_ be a problem...
(This used to be commit 585d47644d)
1998-12-01 23:51:17 +00:00
Luke Leighton
013ff4d6b2 builtin alias password API
(This used to be commit 58c0f0a77c)
1998-11-30 15:42:40 +00:00
Luke Leighton
30038de462 weekend work. user / group database API.
- split sam_passwd and smb_passwd into separate higher-order function tables

- renamed struct smb_passwd's "smb_user" to "unix_user".  added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.

NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.

- added query_useraliases code to rpcclient.

- dealt with some nasty interdependencies involving non-smbd programs
and the password database API.  this is still not satisfactorily
resolved completelely, but it's the best i can do for now.

- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.

lots of debugging done, it's still not finished.  the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect.  the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7)
1998-11-29 20:03:33 +00:00
Luke Leighton
b20fc00464 we have a problem: resolution of "Primary Group RID" which we assumed
would only be a domain group rid.  it can also be a local group rid,
which causes us problems in attempting to turn a unix gid into the
correct rid (domain group or local group).

sooo.... the fix is _in_ there, we just can't use it because it causes
link / knock-on problems in nmbd.
(This used to be commit e4ee653870)
1998-11-26 00:48:31 +00:00
Luke Leighton
5ebcdbae9b yeehaah got users to be included in S-1-5-xxx-yyy-zzz's local groups.
now need search capability on S-1-5-20, which will need argh, a
"group database API" on S-1-5-20, and the ability to add BUILTIN\Admins
etc to "local group map" argh.
(This used to be commit a24f6eb00b)
1998-11-25 23:54:30 +00:00
Luke Leighton
9a0cb06b24 fixing group database issues
(This used to be commit 591c63e3e1)
1998-11-25 23:11:25 +00:00
Jeremy Allison
bfc38ff872 Makefile.in: Added maintainer mode fixes.
aclocal.m4: Added AC_LIBTESTFUNC.
configure.in: Fixed -lsecurity -lsec problems.
client.c: dos_ fixes.
groupdb/aliasunix.c: Dead code removal.
include/includes.h: Added default PRINTCAP_NAME.
lib/genrand.c: dos_ fixes.
lib/replace.c: Added strtoul.
lib/system.c: dos_ fixes.
lib/util.c: dos_ fixes.
lib/util_sid.c: Signed/unsigned fixes.
lib/util_str.c: removed bad const.
locking/locking_slow.c: dos_ fixes.
printing/printing.c: dos_ fixes.
rpc_server/srv_samr.c: Dead code removal.
rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN !
smbd/dir.c: dos_ fixes.
smbd/open.c: dos_ fixes.
smbd/oplock.c: dos_ fixes.
smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes.

Jeremy.
(This used to be commit 6acb4b68f6)
1998-11-25 21:17:20 +00:00
Luke Leighton
ced486c841 sorting out difference between aliases and groups in the cases where
unix groups are not explicitly mapped.

i.e as a PDC or BDC you can have domain groups, as a member of a domain
you cannot.

as a member of a domain, unmapped unix groups are assumed to be aliases,
and as a PDC or BDC, unmapped unix groups are assumed to be unix groups.

there is _one_ other check needed with aliases to be added: unmapped unix
groups that have the same name as an NT group on the PDC (for which i will
need to write an LsaLookupNames call) should be assumed to be domain groups
on the PDC.
(This used to be commit 53b49b44e1)
1998-11-24 16:47:49 +00:00
Luke Leighton
d73f8e58af cvs being STUPID
(This used to be commit 22802195ed)
1998-11-23 22:45:36 +00:00
Luke Leighton
eab235dd4a cvs being STUPID
(This used to be commit ba78b5932a)
1998-11-23 22:16:37 +00:00
Luke Leighton
db24da8b36 cvs is acting wierd.
(This used to be commit 10e4cbd264)
1998-11-23 22:07:05 +00:00
Jeremy Allison
9579b98237 Added OSF1 changes to HEAD (-lsecurity etc.)
groupdb/groupdb.c: Fixed compile error caught by IRIX compiler.
utils/smbpasswd.c: Fixed SunOS optind, optarg problem.
Jeremy.
(This used to be commit 30af39ae1e)
1998-11-18 22:04:24 +00:00
Jeremy Allison
768761820e Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.

This code still needs surgery :-(.

Jeremy.
(This used to be commit 18ff93a9ab)
1998-11-17 20:50:07 +00:00
Luke Leighton
74d539f557 - group database API. oops and oh dear, the threat has been carried out:
the pre-alpha "domain group" etc parameters have disappeared.

- interactive debug detection

- re-added mem_man (andrew's memory management, detects memory corruption)

- american spellings of "initialise" replaced with english spelling of
  "initialise".

- started on "lookup_name()" and "lookup_sid()" functions.  proper ones.

- moved lots of functions around.  created some modules of commonly used
  code.  e.g the password file locking code, which is used in groupfile.c
  and aliasfile.c and smbpass.c

- moved RID_TYPE_MASK up another bit.  this is really unfortunate, but
  there is no other "fast" way to identify users from groups from aliases.
  i do not believe that this code saves us anything (the multipliers)
  and puts us at a disadvantage (reduces the useable rid space).
  the designers of NT aren't silly: if they can get away with a user-
  interface-speed LsaLookupNames / LsaLookupSids, then so can we.  i
  spoke with isaac at the cifs conference, the only time for example that
  they do a security context check is on file create.  certainly not on
  individual file reads / writes, which would drastically hit their
  performance and ours, too.

- renamed myworkgroup to global_sam_name, amongst other things, when used
  in the rpc code.  there is also a global_member_name, as we are always
  responsible for a SAM database, the scope of which is limited by the role
  of the machine (e.g if a member of a workgroup, your SAM is for _local_
  logins only, and its name is the name of your server.  you even still
  have a SID.  see LsaQueryInfoPolicy, levels 3 and 5).

- updated functionality of groupname.c to be able to cope with names
  like DOMAIN\group and SERVER\alias.  used this code to be able to
  do aliases as well as groups.  this code may actually be better
  off being used in username mapping, too.

- created a connect to serverlist function in clientgen.c and used it
  in password.c

- initialisation in server.c depends on the role of the server.  well,
  it does now.

- rpctorture.  smbtorture.  EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e609)
1998-11-17 16:19:04 +00:00
Jeremy Allison
8fc1504ff8 Makefile.in configure configure.in include/config.h.in: Changes for DGUX and UNIXWARE.
groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf.
include/includes.h: Fix YP problem.
include/smb.h: Fix ZERO_STRUCTP.
lib/util_sock.c: Added strerror() in debugs.
passdb/ldap.c: Don't use snprinf, use slprintf.
rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf.
script/installman.sh: DGUX changes.
smbd/open.c smbd/oplock.c: Fixed gcc warnings.
web/swat.c: Changes USER to SWAT_USER.
(This used to be commit 4c2b5a0098)
1998-11-13 21:41:01 +00:00
Luke Leighton
d91a7b3162 the start of the start of the SAM database API
(This used to be commit 3eacd3013c)
1998-11-05 16:54:07 +00:00