IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
[MS-SMB] 3.3.5.1 Receiving Any Message says that the seqnum
is incremented by only for ntcancel requests for any other
request it's by incremented by 2, even if it doesn't expect
a response.
metze
This removes many loops over all the arrays
(from regsubkey_ctr_key_exists) and thus
reduces "net conf drop" from 1m55 to 48seconds
and "net conf import" from 1m55 to 58 seconds
for 2000 shares on my box.
Michael
This fixes a bug in 116ce19b, where we didn't clear the pid cache in
become_daemon() and thus the /var/run/smbd.pid didn't match the actual
pid of the parent process.
Currently S4 will clear the pid cache on fork but doesn't yet take
advantage of the pid cache by using sys_pid() instead of the direct
get_pid().
After the discussion on samba-technical, it was decided that the best
answer for now was to revert this change. The right way to do this is
to rewrite the token api to use opaque tokens with pluggable modules.
This reverts commit 8e19a28805.
The OneFS kernel based change notify system takes an fd of the directory
to watch in it's initialization syscall. Since we already have this
directory open, this commit plumbs that fd down to the VFS layer via the
notify_entry struct.
We also need to know if the watch is taken out on a snapshot directory.
The full file_id struct is also passed down to make this determination.
The file_id marshalling wrappers are hand written here, but should
eventually be auto-generated by moving the struct file_id into the idl.
This extends the file_id struct to add an additional generic uint64_t
field: extid. For backwards compatibility with dev/inodes stored in
xattr_tdbs and acl_tdbs, the ext id is ignored for these databases.
This patch should cause no functional change on systems that don't use
SMB_VFS_FILE_ID_CREATE to set the extid.
Existing code that uses the smb_share_mode library will need to be
updated to be compatibile with the new extid.
When set to yes, "force username map" forces every user, even AD
users, through an NSS lookup. This allows the token to be overridden
with information from NSS in certain broken environments.
This patch adds 3 new VFS OPs for Windows byte range locking: BRL_LOCK_WINDOWS,
BRL_UNLOCK_WINDOWS and BRL_CANCEL_WINDOWS. Specifically:
* I renamed brl_lock_windows, brl_unlock_windows and brl_lock_cancel to
*_default as the default implementations of the VFS ops.
* The blocking_lock_record (BLR) is now passed into the brl_lock_windows and
brl_cancel_windows paths. The Onefs implementation uses it - future
implementations may find it useful too.
* Created brl_lock_cancel to do what brl_lock/brl_unlock do: set up a
lock_struct and call either the Posix or Windows lock function. These happen
to be the same for the default implementation.
* Added helper functions: increment_current_lock_count() and
decrement_current_lock_count().
* Minor spelling correction in brl_timeout_fn: brl -> blr.
* Changed blocking_lock_cancel() to return the BLR that it has cancelled. This
allows us to assert its the lock that we wanted to cancel. If this assert ever
fires, this path will need to take in the BLR to cancel, rather than choosing
on its own.
* Adds a small helper function: find_blocking_lock_record_by_id(). Used by the
OneFS implementation, but could be useful for others.
After a lot of testing against various Windows servers (W2K, W2K3, W2K8),
within an AD domain it seems that unknown domains will only be translated
to the local account domain, not the netbios name of the member server's
domain. This makes samba act more like Windows.
* Adds wbcGetSidAliases that calls the lookup_useraliases function.
* Updates wbinfo and winbind_util.c to call the new function.
* Also added winbind_get_groups helper function.
* Adds the plumbing required to lookup users by sid into winbind, wbinfo
and smbd helper lib (winbind_util.c).
* Removes some double declarations of winbind_util.c functions.
* Bumps the winbind protocol version to 21 and the minor version of
wbclient to 3.
By default this VFS call is a NOOP, but the onefs vfs module takes advantage
of it to initialize direntry search caches at the beginning of each
TRANS2_FIND_FIRST, TRANS2_FIND_NEXT, SMBffirst, SMBsearch, and SMBunique
* VFS_OP_READDIR can now provide stat information, take advantage of it
if it's available
* is_visible_file(): optimistically expect the provided stat buffer is
already valid
* dptr_ReadDirName(): refactor code for easier readability, functionality
is the same
A few functions in oplocks_onefs.c need to be accessed from the onefs
vfs module. It would be ideal if oplocks were implemented at the vfs
layer, but since they aren't yet, a new header is added to
source3/include to make these functions available to the onefs vfs
module. oplocks_onefs.o doesn't need to be linked into the onefs vfs
module explicitly, since it is already linked into smbd by default.
Here is a short description for each of the new capability flags:
KOPLOCKS_LEVEL2_SUPPORTED: Level 2 oplocks are supported natively in
the kernel.
KOPLOCKS_DEFERRED_OPEN_NOTIFICATION: The kernel notifies deferred
openers when they can retry the open.
KOPLOCKS_TIMEOUT_NOTIFICATION: The kernel notifies smbds when an
oplock break times out.
KOPLOCKS_OPLOCK_BROKEN_NOTIFICATION: The kernel notifies smbds when an
oplock is broken.
This replaces release_level2_oplocks_on_change with
contend_level2_oplock_begin/end in order to contend level2 oplocks
throughout an operation rather than just at the begining. This is
necessary for some kernel oplock implementations, and also lays the
groundwork for better correctness in Samba's standard level2 oplock
handling. The next step for non-kernel oplocks is to add additional
state to the share mode lock struct that prevents any new opens from
granting oplocks while a contending operation is in progress.
All operations that contend level 2 oplocks are now correctly spanned
except for aio and synchronous writes. The two write paths both have
non-trivial error paths that need extra care to get right.
RAW-OPLOCK and the rest of 'make test' are still passing with this
change.
This changelist allows for the addition of custom performance
monitoring modules through smb.conf. Entrypoints in the main message
processing code have been added to capture the command, subop, ioctl,
identity and message size statistics.
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum. Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab
For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only
The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.
The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode. This keytab is only used in
ads_verify_ticket.
The idea of this is that all client utils like smbpasswd and also for example
"net join" do not access our internal databases like passdb and secrets.tdb
directly anymore but pass everything throught the well-established RPC
interfaces.
The way you use this is the following: With rpc_cli_smbd_conn_init() or its
async variant you initialize a "struct rpc_cli_smbd_conn". This structure is
the link to a freshly forked smbd, ready to be used for RPC services. You
should only ever have one such structure in your program. More don't hurt, but
are plainly unnecessary.
If you want to use the SAMR pipe to change a passwort, you connect to that pipe
with rpc_pipe_open_local. Do you normal rpccli_samr calls on that and your
locally forked smbd will connect to passdb for you.
GD, this might make the distinction between the _l and _r calls in libnetapi
mostly unnecessary. At least it is intended to do so... :-)
1) Add in smb_file_time struct to clarify code and make room for createtime.
2) Get and set create time from SMB messages.
3) Fixup existing VFS modules + examples Some OS'es allow for the
setting of the birthtime through kernel interfaces. This value is
generically used for Windows createtime, but is not settable in the
code today.
