IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is important in some situations where these queries might be
costly LDAP queries and is just not required for the system token.
This is because the system token should be just the NT
AUTHORITY\SYSTEM user and just enough unix info to allow the token to
be used.
Andrew Bartlett
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 19 13:34:28 CEST 2012 on sn-devel-104
This is important in some situations where these queries might be
costly LDAP queries and is just not required for the system token.
This is because the system token should be just the NT
AUTHORITY\SYSTEM user and just enough unix info to allow the token to
be used.
We query only NSS to get the name of sec_initial_uid()
Signed-off-by: Andreas Schneider <asn@samba.org>
With the split up to handle system specially, there is no need for these
static helper functions any more.
Andrew Bartlett
Signed-off-by: Andreas Schneider <asn@samba.org>
This removes the duplication on how to detect that a user is system in Samba
now that the smbd system account is also only SID_NT_SYSTEM we can use the same
check everywhere.
Andrew Bartlett
Signed-off-by: Andreas Schneider <asn@samba.org>
This is copied from tdb; we build the utilities, but as nothing else
links against it, we shouldn't be adding anything to the normal samba
binary sizes.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Tue Jun 19 07:31:06 CEST 2012 on sn-devel-104
This reverts commit f1becfa27b. The hack was
actually only required due to a configuration issue in our buildfarm scripts.
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Mon Jun 18 20:07:08 CEST 2012 on sn-devel-104
This should fix the waf build on AIX, which has a splice symbol.
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 18 11:43:01 CEST 2012 on sn-devel-104
auth_netlogond was an important module in the development of the
combined Samba 4.0, and was the first module to link smbd with the AD
authentication store, showing that it was possible for NTLM
authentication to be offloaded to the AD server components.
We now have auth_samba4, which provides the full GENSEC stack to smbd,
which also matches exactly the group membership and privileges
assignment and which is supported and tested as part of the official
Samba 4.0 release configuration.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 16 10:13:20 CEST 2012 on sn-devel-104
pdb_ads was an important module in the development of the combined Samba 4.0, and
was the first module to show that standard samba3 tools such as smbpasswd can be
made to operate on the sam.ldb.
We now have pdb_samba4, which operates directly on the sam.ldb, rather than via
ldapi://, which uses transactions and which is supported and tested as part
of the official Samba 4.0 release configuration.
This module is not as complete (for example, it does not honour the idmap
configuration) and requires that the samba binary be running to operate.
Andrew Bartlett
for the Trans2 calls. See MS-CIFS 2.2.4.47.2 for details.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 16 07:59:19 CEST 2012 on sn-devel-104
Some early Linux 2.6 platforms can not handle sendfile and _FILE_OFFSET_BITS == 64
This disables sendfile() on these platforms.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 16 02:21:28 CEST 2012 on sn-devel-104
With "gpfs:acl=no" you can pass the acl calls to the next SMB_VFS module.
Based on a patch from Hans-Dieter Schuster <hans-dieter.schuster@ts.fujitsu.com>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
This corrects an error in 8e31d97c8b.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 15 16:25:20 CEST 2012 on sn-devel-104
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 15 14:20:04 CEST 2012 on sn-devel-104
We need to keep these files away from where waf might see them.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 15 11:10:14 CEST 2012 on sn-devel-104
To cover all the enum values, ROLE_ACTIVE_DIRECTORY_DOMAIN_CONTROLLER
is mapped to the samba4 auth module, and this is no longer required to
be specified in fileserver.conf.
Andrew Bartlett
This will allow us to detect from the smb.conf if this is a Samba4 AD
DC which will allow smarter handling of (for example) accidentially
starting smbd rather than samba.
To cope with upgrades from existing Samba4 installs, 'domain
controller' is a synonym of 'active directory domain controller' and
new parameters 'classic primary domain controller' and 'classic backup
domain controller' are added.
Andrew Bartlett
The SID for the SYSTEM token should be a fixed value, and not the
administrator. Note however that it will be replaced by the SID of
sec_initial_uid() by the create_local_token() code. Fixing this
requires fixes the other parts of the code that cannot cope with a
token of just SID_NT_SYSTEM.
Andrew Bartlett
This continues on from commit caaebb455c
which is marked as being part of bug #8944, ldapsam:trusted and ipasam
and an additional fix for bug #8567
(0528cb5f3a).
The problem here was that the primary_gid was simply the pointer result
of dom_sid_parse_talloc() cast to a uint32_t (found by the IRIX cc on
the build farm).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 15 05:22:41 CEST 2012 on sn-devel-104
Note: it is actually wrong to access the fsp->fnum at all here,
since the fnum is part of the smb layer that should not be used
in the vfs layer. But this is subject be separated more cleanly
in later commits. This change only unifies the logging of fsp->fnum.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is in preparation for changing the type of files_struct.fnum
to unit64_t.
This can safely be done, since all checks have been converted to
using FNUM_FIELD_INVALID and fsp->fnum is only ever set to either
FNUM_FIELD_INVALID or some i + FILE_HANDLE_OFFSET with i >= 0 and
FILE_HANDLE_OFFSET > 0.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
It seems to be important to have unique persistent file ids,
because windows clients seem to index files by server_guid + persistent_file_id.
Which may break, if we just have a 16-bit range per connection
and the client connects multiple times.
Based on code from Ira Cooper. Use fsp->fh->gen_id as the persistent
fileid in SMB2.
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 14 22:04:13 CEST 2012 on sn-devel-104
This calculates a 64-bit value that most likely uniquely identifies
the files_struct globally to the server.
* 32-bit random gen_id
* 16-bit truncated open_time
* 16-bit fnum (valatile_id)
Based on code from Ira Cooper. Use fsp->fh->gen_id as the persistent
fileid in SMB2.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
metze
This makes sure the value is never 0, it's between 1 and UINT32_MAX.
While fsp->fh->gen_id is 'unsigned long' currently (which might by 8 bytes),
there's some oplock code which truncates it to uint32_t (using IVAL()).
Which means we could reuse fsp->fh->gen_id as persistent file id
until we have a final fix, which uses database.
See bug #8995 for more details.
Based on code from Ira Cooper. Ensure fsp->fh->gen_id starts from
a random point. We will use this as the SMB2 persistent_id.
metze
The original code contained rawmemchr for performance reasons. I
would expect the very common strlen routine to be not much worse
performance-wise than rawmemchr. On top, for me this patch simplifies
the expression a bit.
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jun 14 16:55:58 CEST 2012 on sn-devel-104
The fd count is implicit
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 14 01:53:17 CEST 2012 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 12 12:41:10 CEST 2012 on sn-devel-104
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 12 02:26:31 CEST 2012 on sn-devel-104
This patch is related to change 0ea7152ff4
Comments are added to explain why we call dump_core_setup 3 times.
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Mon Jun 11 21:21:11 CEST 2012 on sn-devel-104
We "TALLOC_FREE(curr)" and assign prev=curr in the for-loop header.
This will lead to "prev"==NULL always. In this loop, we do not need
to correctly re-shuffle the linked list, we delete all from the
beginning anyway.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 11 17:26:53 CEST 2012 on sn-devel-104
We have dereferenced fsp before. Because smb2 is only handle based,
this is a bogus check.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 11 15:30:54 CEST 2012 on sn-devel-104
using multiplicative suffixes like K, M etc. in dd isn't portable
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Sun Jun 10 23:29:42 CEST 2012 on sn-devel-104
This reverts commit c2716a7d5ccf78f9716b703c22e6cf4d4f179656.
This is not needed anymore, as we have file_fsp_smb2() now.
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Jun 10 18:04:21 CEST 2012 on sn-devel-104
or should we leave the NetBSD and FreeBSD platforms just broken? Actually these
two *want* to have broken platforms as they use different errno's than POSIX
demands *interntionally*. The POSIX errno ELOOP for O_NOFOLLOW open calls on
symlinks is clear and unambiguous. See http://gnats.netbsd.org/43154 for the
interesting NetBSD discussion on that.
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Sun Jun 10 16:10:02 CEST 2012 on sn-devel-104
fsp->fnum is the same as in_file_id_volatile.
When we start to support durable handles we should pass
in_file_id_persistent.
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jun 9 18:50:32 CEST 2012 on sn-devel-104
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 8 23:20:20 CEST 2012 on sn-devel-104
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 8 18:08:09 CEST 2012 on sn-devel-104
fss_create_expose connects to an FSRVP server and negotiates the
creation and exposure of a share shadow-copy.
shadow-copies of multiple shares can be requested with a single
fss_create_expose request.
ddiss@plati:~> bin/rpcclient -k -U 'LURCH\administrator%password' \
ncacn_np:lutze[sign]
rpcclient $> fss_create_expose backup ro hyper
381884f2-b578-45ea-b8d2-cf82491f4011: shadow-copy set created
...
share hyper@{B6137E21-9CBB-4547-A21D-E7AD40D0874B} exposed as a snapshot
of \\lutze\hyper
fss_delete removes the shadow-copy share:
rpcclient $> fss_delete hyper 381884f2-b578-45ea-b8d2-cf82491f4011 \
b6137e21-9cbb-4547-a21d-e7ad40d0874
Shadow-copies can be created read-write or read-only.
Experimenting with Windows Server "8" beta, a recovery complete call is
required after creating a read-write (ATTR_AUTO_RECOVERY) shadow copy.
Otherwise subsequent creation requests fail with
FSRVP_E_SHADOW_COPY_SET_IN_PROGRESS.
Without this fix in some situations winbindd can't coredump.
Such cases append when samba is compiled in a custom prefix (ie.
/home/build/mat/prod/1/) in this case get_dyn_LOGFILEBASE or basename(lp_logfile)
before the configuration file and the command line is parsed will be something like /home/build/mat/prod/1/var
which might not exists on the host where you run it (where it's most
probably more "normal" directories).
Specifying --log-basename didn't help as dump_core_setup is called before the command line and
the config file is read so it didn't help getting a correct value in dump_core_setup.
We fix this issue by calling dump_core_setup() also after the command
line has been read and also after the configfile has been parsed so that
the final location for the coredump is coherent with the final logile
location.
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Fri Jun 8 06:33:33 CEST 2012 on sn-devel-104
This fixes the SAMBA3_MODULE for idmap_ad so it will actually attempt to build.
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Fri Jun 8 04:38:04 CEST 2012 on sn-devel-104
This makes the code and output for in waf and autoconf identical.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 7 08:35:33 CEST 2012 on sn-devel-104
Note: this changes the format of brlock.tdb!
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Jun 6 23:22:00 CEST 2012 on sn-devel-104
This moves the start of the range of valid cnum values up from 0 to CNUM_OFFSET
(currently 1), so that in a later step we can use 0 as invalid cnum value
instead of the current -1. This will allow us to change the type of cnum to
uint32_t from a mix of int and unsigned.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Only sconn->smb1.sessions.next_vuid remains as uint16_t,
so that we do not generate larger values yet.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jun 6 12:07:33 CEST 2012 on sn-devel-104
Also make all the message say the same thing.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Jun 6 10:17:55 CEST 2012 on sn-devel-104
With this change, the define to check for AIO is HAVE_AIO, consistant
with other subsystems.
It is now also on by default in the autoconf build, as it has been for waf.
Andrew Bartlett
this also disables the examples/VFS build for waf now. Finally we should create a
wscript file for examples/VFS.
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Jun 5 23:56:22 CEST 2012 on sn-devel-104
the dependency was introduced by 737a1c9b96
We now call auto* in examples/VFS from within the main autogen.sh.
This fixes bug #8978.
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Jun 5 17:32:22 CEST 2012 on sn-devel-104
This requires a share with :
create mask = 0777
force create mode = 0
directory mask = 0777
force directory mode = 0
set so we don't mess with requested permissions.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jun 5 08:20:03 CEST 2012 on sn-devel-104
Autoconf 2.68 NEWS says:
** The macros AC_PREPROC_IFELSE, AC_COMPILE_IFELSE, AC_LINK_IFELSE, and
AC_RUN_IFELSE now warn if the first argument failed to use
AC_LANG_SOURCE or AC_LANG_PROGRAM to generate the conftest file
contents. A new macro AC_LANG_DEFINES_PROVIDED exists if you have
a compelling reason why you cannot use AC_LANG_SOURCE but must
avoid the warning.
Signed-off-by: Martin Schwenke <martin@meltin.net>
This falls out of the removal of security=share, because we now require that
a session setup has been performed before (essentially) all other operations.
Andrew Bartlett
We can't manipulate file_attributes if it's a posix call. I'll look
at adding a test for this asap.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jun 5 04:26:11 CEST 2012 on sn-devel-104
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Jun 3 23:37:02 CEST 2012 on sn-devel-104
In case we have a left-over entry in the share mode entry array,
the SMB_ASSERT(got_tokens) is likely to kick in. It happens when
we are about to delete a file with initial delete on close. We don't
have a delete on close token set in the locking.tdb record. We see
the fsp->initial_delete_on_close set, add the delete_on_close token
to lck. Then "delete_file" is being set to true. Then later on we
do the notify_deferred_opens. This walks the list, also checking
for share_mode_stale_pid. We have already deleted our own share
mode entry, share_mode_stale_pid() sees the left-over entry. It not
also deletes that one but also the delete on close token. This leads
to a different view of "delete_file" a.k.a. "got_tokens" further
down in close_remove_share_mode, leading the SMB_ASSERT to fire.
This patch attempts to fix the issue by keeping around our own share
mode entry for almost the whole routine, preventing share_mode_stale_pid()
from removing the delete tokens.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
