1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

1310 Commits

Author SHA1 Message Date
Michael Adam
de3bc10ef6 loadparm: add new parameter "acl allow execute always"
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-09-10 23:30:19 +02:00
Jeremy Allison
f2fb829cee s3:param: Correctly set up cli_maxprotocol, cli_minprotocol in our parameter block.
Set to PROTOCOL_NT1, PROTOCOL_CORE by default.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9829

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-08-15 09:07:05 +02:00
Andrew Bartlett
26279a9698 auth: Remove "password level"
We now only lowercase the password, we do not attempt to find another case
combination that the password might be in.

This option is already depricated, so it is now time to remove it.

Andrew Bartlett

Reviewed-by: Simo Sorce <idra@samba.org>
2013-06-11 08:35:21 -04:00
Kai Blin
61a2ad3c02 swat: Remove swat.
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Sat May 18 16:32:38 CEST 2013 on sn-devel-104
2013-05-18 16:32:38 +02:00
Christian Ambach
fb924d02ec s3: remove some dead code (for setdir command)
set dir seems to have been a special SMB command used by Pathworks clients
the supporting code for it was already removed in 2007, so just remove all
remnants related to it (smb.conf parameter, documentation, ...)

Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 12 01:03:37 CET 2013 on sn-devel-104
2013-03-12 01:03:37 +01:00
Andrew Bartlett
287b5f6c0f param: Remove incorrectly added defaults in AD DC allowing WORLD WRITABLE files
These defaults were incorrectly added in
fc5caffbc1 in what turns out to be an
incorrect fix for bug #9462, which was in turn introduced by the
swapping of security mask (default 0777) for create mask (0755) in
6adc7dad96.

While the permissions on sysvol and netlogon (the default shares) were
fixed by provision, any additional shares that did not yet have an
explit ACL set would create world-writable files by default.

Administrators will need to manually correct the file permissions on
any additional shares that were created after installation of the AD
DC.

Andrew Bartlett

Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Mar 10 12:00:31 CET 2013 on sn-devel-104
2013-03-10 12:00:31 +01:00
Andreas Schneider
6b2b125ab9 s3-param: Don't leak file descriptor.
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2013-02-22 16:36:13 +01:00
Rusty Russell
3c9c3029f2 param: 'use ntdb' flag (off by default).
For simplicity, we use this in the caller to choose between filenames.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-20 05:31:20 +01:00
Michael Adam
c37a493902 s3:param: add new lp_idmap_default_backend()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:34 +01:00
Michael Adam
321401e7d1 s3:param: introduce new lp_idmap_backend() that takes the domain
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:34 +01:00
Michael Adam
4198e800d8 s3:param: add a comment
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:34 +01:00
Michael Adam
085b9767a6 s3:param: remove unused function lp_idmap_backend()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:33 +01:00
Michael Adam
600ba80246 s3:param: remove unused functions lp_idmap_uid() and lp_idmap_gid()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:33 +01:00
Michael Adam
58b302d76a s3:param: add utility function lp_idmap_default_range()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:32 +01:00
Michael Adam
1342bdd55c s3:param: add a utility function lp_idmap_range() to get the configured range for a given domain.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:32 +01:00
Michael Adam
e7b39fba5e s3:param: remove an old comment (that is not up-to date any more)
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-02-05 17:36:32 +01:00
Stefan Metzmacher
4fb0b61ad8 s3:param: set "map archive = no" in ROLE_ACTIVE_DIRECTORY_DC
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-20 17:37:19 +01:00
Michael Adam
d7cab973fc s3:param: make init_locals() static.
it is only used in loadparm.c

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Nov 16 03:33:34 CET 2012 on sn-devel-104
2012-11-16 03:33:34 +01:00
Andrew Bartlett
3fc2c03ea3 s3-param: Handle setting default AD DC per-share settings in init_locals()
This function is helpfully called between when we finish processing
the globals and when we start processing the individual shares.  This
means that the "vfs objects" and other per-share settings we specify
here become the defaults for (eg) [netlogon] and [sysvol] but the
admin can override these on a per-share basis or (as we must in make
test) for the whole server.

This broke setting and fetching of group policy objects from Windows
clients, since this setting was moved from fileserver.conf in
8518dd6406, and wasn't found in 'make
test' because we have to override the vfs objects to insert the
xattr_tdb and fake_acl modules.

Andrew Bartlett

Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-16 01:52:28 +01:00
Andrew Bartlett
75c51d6561 s3-param: Move the options needed for running smbd in the AD DC to loadparm
This avoids the whole fileserver.conf thing, and simply handles everything in C.

The main challenge is that if s3fs is enabled in a member server
configuration (unlikely) then these options will not be set, and it
overrides any other attempt to set these as globals.  (The previous
approach essentially just changed defaults, because the include =
of smb.conf was after the values were set in fileserver.conf).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Nov  1 11:47:22 CET 2012 on sn-devel-104
2012-11-01 11:47:22 +01:00
Jeremy Allison
db62a159b8 Remove the parameters:
security mask
force security mode
directory security mask
force directory security mode

and update the docs.
2012-10-04 12:04:21 -07:00
Jeremy Allison
92fee007bb Revert "Add functions to programatically set the security mask and directory security mask parameters."
This reverts commit 8f0ecbbbee.

Not now needed as part of the move to remove security mask parameters.
2012-10-04 09:52:38 -07:00
Jeremy Allison
8f0ecbbbee Add functions to programatically set the security mask and directory security mask parameters. 2012-10-02 11:41:35 -07:00
Matthieu Patou
2a7484eb72 panic action is defined as GLOBAL_VAR(szPanicAction) not GLOBAL_VAR(panic_action)
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 18 06:12:00 CEST 2012 on sn-devel-104
2012-09-18 06:12:00 +02:00
Michael Adam
1d012a6780 s3: introduce a new share config option "durable handles" defaulting to "yes"
This is in order to be able to turn durable handles off and on on a per share
basis.

Note: This is only used in combination with:

	kernel share modes = no
	kernel oplocks = no
	posix locking = no

Which means CIFS/SMB2 only access.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-08 19:46:08 +02:00
Michael Adam
da07186962 s3: add an option "kernel share modes" to be able to switch off using kernel flocks
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-08 11:10:54 +02:00
Michael Adam
f2f47b4bae loadparm: remove remnants of removed option "share modes"
(This completes commit d0878b3b81)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-08 11:09:45 +02:00
Stefan Metzmacher
1c9c5c1276 s3:param: change "server max protocol" to "SMB3"
metze
2012-09-08 03:39:06 +02:00
Andrew Bartlett
f453117569 s3-printing: Restrict printing=cups to systems with cups development headers at build time
This means that instead of failing due to the default commandline values not being quite correct
that we clearly fail at loadparm and testparm time when parsing the printing= line.

Andrew Bartlett
2012-09-06 11:16:11 +10:00
Andrew Bartlett
9983ad7a80 s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC
The name samba_dsdb is not ideal, but it matches the primary ldb
module we use, and more importantly it avoids having '4' in the name.
We should slowly avoid using the term samba4 in long-term places like
the smb.conf because it is confusing to users given we are shipping
Samba 4.0 as an AD DC as well as all the other supported roles (domain
member/standalone server/classic DC)

Additionally, samba4 will be an odd name when we eventually release
Samba 5.0!

samba4 remains accepted as an alias to ensure existing smb.conf files
load, but to allow changes here in the future, we set the value during
the smb.conf load, and not during the provision when we are an AD DC.

This simplifies the default smb.conf for the vast majority of our
users and reduces the number of things listed in smb.conf files that
we later have to work around if we wish to change the
name/implementation of the passdb glue module again.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep  4 04:45:16 CEST 2012 on sn-devel-104
2012-09-04 04:45:16 +02:00
Andrew Bartlett
e17bf6af22 s3-param: Avoid assert on use of talloc_tos() without stackframe
This is hit during samba-tool domain classicupgrade

Andrew Bartlett
2012-08-28 07:57:28 +10:00
Andrew Bartlett
8518dd6406 file_server: Move default VFS module settings to loadparm.c
This means that any utility that calls into the VFS layer will get the
right modules.

Because we use the fake_acls backend we need to override this whole
list in Samba4.pm however.

Andrew Bartlett
2012-08-23 15:02:26 +02:00
Andrew Bartlett
4d5471f1c6 build: Remove special case for the build farm
Except in the formatting of the selftest output, this removes the special case
of the build farm, so that an autobuild, a manual make test and the build farm
are more similar.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 21 06:39:04 CEST 2012 on sn-devel-104
2012-08-21 06:39:04 +02:00
Stefan Metzmacher
e5d4e8df6b s3:smbd: lp_smb_encrypt() returns SMB_SIGNING_* values
metze
2012-08-17 14:51:57 +02:00
Stefan Metzmacher
2b41f3702f s3:param: fix compiler warnings with FN_GLOBAL_CONST_STRING()
metze
2012-08-10 15:56:05 +02:00
Jeremy Allison
b70f23c2b5 Correctly check for errors in strlower_m() returns. 2012-08-09 12:08:18 -07:00
Andrew Bartlett
d825adf86a s3-param: Remove never-reached condition for popts == NULL
All the callers provide a parametric options pointer to fill in.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug  7 17:16:38 CEST 2012 on sn-devel-104
2012-08-07 17:16:37 +02:00
Andrew Bartlett
31d1fde037 s3-param: Remove never-reached condition for opt_list == NULL
All the callers provide a parametric options pointer to fill in.

Andrew Bartlett
2012-08-07 23:20:54 +10:00
Rusty Russell
d65bded0c2 source3/loadparm.c: Move string_set/string_free inside.
The only user, so make them static inside loadparm.c

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-07 23:20:05 +10:00
Rusty Russell
a14c02d2a7 source3/loadparm: make struct loadparm_service a talloc object.
This gives us a place to allocate members from.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-07 23:20:05 +10:00
Rusty Russell
592e3f4b23 loadparm: Add ctx member to struct loadparm_global.
Rather than tallocing global parameters off NULL, keep it neat by having
a Global.ctx member.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-07 23:20:04 +10:00
Christian Ambach
18c152f8aa lib/param: move enum dns_update_settings to lib/param 2012-08-06 18:07:52 +02:00
Andrew Bartlett
49b2720317 lib/param: Also enable vlp when --enable-selftest is specified 2012-08-06 20:51:55 +10:00
Andrew Bartlett
dc00df2add lib/param: Rename "socket address" to "nbt client socket address" to clarify role
This parameter is only used in our NBT client code and in nmbd as a
fallback when we fail to select a better interface from "interfaces"
to use directly.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 27 12:16:25 CEST 2012 on sn-devel-104
2012-07-27 12:16:25 +02:00
Andrew Bartlett
ca24820736 lib/param: Remove unused "paranoid server security"
This became unused when security=server went away.

Andrew Bartlett
2012-07-27 03:34:23 +02:00
Andrew Bartlett
42e405a422 param: Make socket_address common, Revert 611ef42053
This essentially reverts the commit 611ef42053
Author: Yasuma Takeda <yasuma@osstech.co.jp>
Date:   Fri Dec 5 13:37:51 2008 -0800

    Fix bug #5944 - nmbd does not boot if socket adress = "" is defined in smb.conf

Intead, the documentation is fixed so that the correct default is
recorded.  Removing the special case handling here allows this to be
dealt with in the same way as all other parameters.

Andrew Bartlett
2012-07-27 03:34:23 +02:00
Andrew Bartlett
bc1826abd6 lib/param: Merge parameter tables into a common file
This file is then included into both loadparm systems.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-27 03:34:23 +02:00
Andrew Bartlett
2429647790 s3-param: Merge "log file" parameter with lib/param
The lib/param code uses a special handler for setting the log file.

We need to set this here, so that we can make this table common.

Andrew Bartlett
2012-07-27 03:34:22 +02:00
Andrew Bartlett
3367fd01d4 lib/param: Merge handling of security/domain master/domain logons/server role
This ensures that the same input parameters always gives the same
output values in both loadparm systems.

Andrew Bartlett
2012-07-24 11:01:17 +02:00
Andrew Bartlett
b62b031815 lib/param: Make lp_usershare_max_shares() a common parameter
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-24 11:01:17 +02:00