IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to marshall this into and from an NDR blob on disk, which will
allow us to fake up ACL support during make test, and to test the NT ACL emulation
using python bindings via the VFS.
Andrew Bartlett
The acl element is changed to be a talloc child, and is no longer one element
longer than requested by virtue of the acl[1] base pointer.
This also avoids one of the few remaining cases of over-allocation of a structure.
Andrew Bartlett
The internal domain used in 'make test' does not report a DC name, so
just add tests similar to the old wbcPingDc call.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Use wbcPingDc2 to get the DC name and print it.
Cleanup error messages: Remove "Could not ping our DC", there is always
a more specific message. Avoid printing "failed to call wbcPingDc" in
case the ping has been attempted and it returns an error, the error is
already printed.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Add wbcPingDc2 that optionally returns the DC that was attempted to
ping. wbcPing is implemented as a wrapper around wbcPingDc2.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
The DC that was attempted to ping is useful for troubleshooting. Return
the DC name in the response to the wbclient.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
The client checks for an error code in response.data.auth.nt_status,
make sure the result is stored there.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
The "serverReference" attribute is available on the "server" object
not on the "nTDSA" object.
This allows connections to RODCs, as they don't have a
E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DNSDOMAIN}
principal.
Pair-Programmed-With: Björn Baumbach <bb@sernet.de>
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 14 18:57:41 CEST 2012 on sn-devel-104
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 14 17:16:54 CEST 2012 on sn-devel-104
We often want to know if we own an FSMO role (for example). This tries to be more
efficient by comparing the GUID, rather than the string DN, as this does not need
to be re-fetched each time.
Andrew Bartlett
As the normal case (outside provision) uses a copy, this avoids a case
where a caller might modify a global variable accidentily.
As suggested by metze.
Andrew Bartlett
The index into the elements needs to match between
msg->elements and md->ctr.ctr1.array, which means we should
pre-allocate them with the same size.
Pair-Programmed-With: Björn Baumbach <bb@sernet.de>
metze
As this value is calculated new each time, we need to give it a context to live on.
If the value is the forced value during provision, a reference is taken.
This was responsible for the memory leak in the replication process. In the
example I was given, this DN appeared in memory 13596 times!
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
The decrement operation has been missing.
Problem found by Mohammad Ebrahim Abravi <lamp.mia@gmail.com>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
'Freed frame ../source3/libsmb/clilist.c:934, expected ../source3/client/clitar.c:821'
Cause: (strequal(finfo->name,"..") || strequal(finfo->name,"."))
evaluates to true, do_tar returns without freeing ctx
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 13 23:12:50 CEST 2012 on sn-devel-104
This reworks dsdb_replicated_objects_commit() to have a proper local tmp_ctx and
to be more careful about what schema is set (only setting a global schema if
the original schema was global).
In particular, the new working_schema is not given a talloc reference
to the old schema. This ensures that the old schema can go away when
no longer used.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Aug 11 10:31:57 CEST 2012 on sn-devel-104
These sequence numbers were only used for telling if the schema was
changed, and are no longer directly related to the replication USN.
The per-partition replication USN can be obtained from the
@REPLCHANGED record on the per-partition database, and this is done
with an ldb_search().
Andrew Bartlett
This way we do not track both the partition seq number and the
replication USN for schema reload purposes.
We only need one indication of actual data change, and the replication
per-partition sequence number is no more expensive to obtain than the
ldb per-partition sequence number.
Andrew Bartlett
By checking just the IDMAP, and by removing the sidmap and lookup_sid calls, we support
IDMAP_BOTH. This is because by checking for a mapping to a GID first, we can rely on
the fact that IDMAP_BOTH will resolve to a GID.
If the sidmap idea is valued - it allows multiple SIDs to map to a single unix ID, this should
be done in the IDMAP layer.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 11 01:17:36 CEST 2012 on sn-devel-104
As the test for a valid posix ACL is based on the unix uid/gid only appearing once in the ACL
the merge process also needs to be UID/GID based.
This is a problem when we have multiple builtin groups mapped to the same POSIX group
as happens in a Samba4 provision.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
This is consistent with the rest of Samba which uses this structure to represent
a unix uid or gid.
World values remain represented by the owner_type being WORLD_ACE in the containing
structure. A -1 value is filled in to the unixid.id in the same way the .world value
was initialised in the union.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
When a user owns a file, but does not have specific permissions on that file, we need to
make up the user permissions. This change ensures that the first thing that we do
is to look up the SID, and confirm it is a user. Then, we avoid the getpwnam()
and directly create the token via the SID.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
