IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
After the fixes to directory_create_or_exist(), this should not be
needed anymore, but lets try to make autobuild reliable first.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Mar 14 13:44:41 CET 2012 on sn-devel-104
Error found by Andrew Bartlett <abartlet@samba.org> and Ricky Nance
<ricky.nance@weaubleau.k12.mo.us>.
Don't use a pointer when you really mean a bool flag.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Mar 13 21:56:15 CET 2012 on sn-devel-104
It's a bit confusing to mix low-level and high-level libraries. We had
multiple libraries in one directory, and there were have circular
dependencies with other libraries outside that directory (in this case,
samba-hostconfig).
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 10 23:13:01 CET 2012 on sn-devel-104
This is used to enable async chained command sequences. A synchronous
reply_xxx command does not need to take are anymore about and_x
chaining. The async commands (pipe r/w at this moment) must do so
however. When finished, they must inform the main chain engine that
they are finished with a smb_request_done call.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sat Mar 10 17:14:05 CET 2012 on sn-devel-104
This is a new implementation of our andx handling code. The old
code was quite involved in that it was called from within the reply_
handlers. This leads to pretty complex faking of smb_request
structures to give them the same environment, independent of whether
they are called directly or from within chain_reply.
chain_reply needs to go because it blocks really async handling of
chained requests.
for all requests that have max_???? checks, also do a check of the
creditcharge the client has sent (when using largemtu)
Signed-off-by: Jeremy Allison <jra@samba.org>
This patch ensures consistency in behaviour between NTLMSSP and NTLM
session setup handlers. By calling the same layer that auth_ntlmssp
calls, we can not only allow redirection of all authentication to the
AD DC, we ensure that map to guest and username map handling is
consistent, even in the file server alone.
Andrew Bartlett
Since the piddir got moved from the lockdir by default, the default piddir
wasn't getting created stopping some configurations from running.
Signed-off-by: Jeremy Allison <jra@samba.org>
The plan is to have files_struct as some kind of low level
abstraction for a smb1/smb2 opens, that can be used by SMB_VFS modules.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Mar 6 23:04:01 CET 2012 on sn-devel-104
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.
The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok. This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server
At the same time, this closes the door on one of the most arcane areas
of Samba authentication.
Naturally, full user-name/password authentication remain available in
security=user and above.
This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.
Andrew Bartlett
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| SEC_SHARE |
| security=share |
| |
| |
| 5 March |
| |
| 2012 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
We now only close fds 0, 1, 2 when we are a forked daemon, and take
care not to close a file descriptor that we might need for foreground
stdin monitoring.
This should fix stdout logging in the lsa and epmapper deamons (ie in
make test).
Andrew Bartlett
linux_statvfs is pretty much what you use when you have susv4.
No real code change, this moves linux_statvfs to the bottom of the
(LINUX) to #ifdef (STAT_STAVFS).
the share security mask, take priviliges into account for the connecting
user.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Feb 28 20:21:26 CET 2012 on sn-devel-104
This adds an alisas to ensure that both our loadparm systems know all
the names.
I would like to move to the 'server ..' name as canonical, and this
will be raised on the list.
Andrew Bartlett
This matches the name used elsewhere in the code.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Feb 25 05:24:19 CET 2012 on sn-devel-104
No code change, just remove a {} block left over as the else branch
from the previous commit
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri Feb 24 18:07:48 CET 2012 on sn-devel-104
We end up in a nested event loop without this.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Feb 21 17:24:28 CET 2012 on sn-devel-104
get_share_mode_lock_fresh is just a confusing name
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sun Feb 19 19:16:41 CET 2012 on sn-devel-104
We no longer need to call poll() directly inside smbd !
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Feb 17 02:49:13 CET 2012 on sn-devel-104
sys_poll() is only needed if the signal pipe is set up and used, but as
no signal handler ever writes to the pipe, this can all be removed.
signal based events are now handled via tevent.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Replaced the undescriptive SMB_PORT1 and SMB_PORT2 defined constants
with the slightly more descriptive names NBT_SMB_PORT and TCP_SMB_PORT.
Also replaced several hard-coded references to the well-known port
numbers (139 and 445, respectively) as appropriate.
Small changes to clarify some comments regarding the two transport
types.
Signed-off-by: Simo Sorce <idra@samba.org>
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Feb 16 08:29:41 CET 2012 on sn-devel-104
We set ctx->private_data = sconn a few lines above
and expect 'sconn' in the signal event handler.
Thanks to Christian Ambach <ambi@samba.org> for the
bug report.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Feb 10 21:48:18 CET 2012 on sn-devel-104
This fixes bug #8554, #8612 and #8748.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Feb 9 16:39:04 CET 2012 on sn-devel-104
SMB_ACL_USER_OBJ ACE (the owner ACE entry) has a duplicate
permission entry as an SMB_ACL_USER, and a gid for a
SMB_ACL_GROUP_OBJ ACE (the primary group ACE entry) also has
a duplicate permission entry as an SMB_ACL_GROUP. If not,
then if the ownership or group ownership of this file or
directory gets changed, the user or group can lose their
access.
This makes the logic much easier to follow.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jan 31 21:52:45 CET 2012 on sn-devel-104
The second if-statement could never have kicked in, assuming the
SMB_ASSERT above was right.
Jeremy, please check!
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Jan 31 20:15:36 CET 2012 on sn-devel-104
Remove erroneous check on FILE_WRITE_ATTRIBUTES when changing POSIX
permissions - this isn't an attribute set call (unless you're storing
attributes in POSIX permissions, which is not recommended).
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jan 24 00:44:24 CET 2012 on sn-devel-104
This also fixes the support for smb sealing with krb5 in make test, as
this now relies on secrets.tdb rather than /etc/krb5.keytab.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
connection_struct as a parameter, fix the interface to allow
it to return an NTSTATUS.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jan 19 07:25:49 CET 2012 on sn-devel-104
Ensure the cnum used to claim the connection for SMB2 is the
id that will be used for the SMB2 tcon. Based on code from
Ira Cooper <ira@wakeful.net>.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jan 18 23:14:32 CET 2012 on sn-devel-104
But 8175 was fixed in a way that brlock.tdb was always locked before
locking.tdb. This patch fixes the bug in a different way. locking.tdb
is the central tdb for files and should always be locked first.
This patch solves the problem by postponing the level2 break messages,
which are async anyway.
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
This slightly simplifies the code path for all callers which assume
that a share mode exists already. Only the callers in open_file_ntcreate
and open_directory will ever create new share modes.
Signed-off-by: Jeremy Allison <jra@samba.org>
call out of smbd_aio_complete_aio_ex() and into the caller.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jan 12 03:10:52 CET 2012 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jan 5 18:51:47 CET 2012 on sn-devel-104
This is possible because the s3 gensec modules are started as
normal gensec modules, so we do not need a wrapper any more.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This makes the long term owner of this memory more clear. So far only the
clear cases have been moved from NULL however.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
The code to set a DOS error on short writeX return is amazingly
legacy code, and also breaks the reply as fixup_chain_error_packet()
enforces a 2-byte wct on any reply where smb_rcls != 0.
Found in testing by Andrew Bartlett. Thanks Andrew !
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Dec 31 08:05:35 CET 2011 on sn-devel-104
This function handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
