IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
get_pass can return NULL on error. Ensure that
this is always the case and fix all callers to cope
(some already did).
Reported by Joonas Kuorilehto <joneskoo@codenomicon.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10320
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Dec 16 15:17:58 CET 2013 on sn-devel-104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 8 21:24:21 CET 2012 on sn-devel-104
When initialize_password_db returns an error this means that the SID
stored in the backend cannot be read. Return this error directly
instead of creating a random SID through get_global_sam_sid.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Mon Apr 30 13:07:20 CEST 2012 on sn-devel-104
If we are actually a DC, then the only SID we have is the domain SID,
and looking for it under the local name fails if we are a Samba4 AD DC.
Andrew Bartlett
This ensures that the translations and any embedded strings are in the
same charset. It won't be the one from the user's locale (we no
longer auto-detect that), but it will be self-consistent.
Thanks to Steve Langasek for pointing this function out!
Andrew Bartlett
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
This is a tool to check the consistency of an idmap tdb database.
The default mode is to scan the database and list invalid entries,
e.g. records with an invalid format, or records which are valid
but for which the reverse mapping entry is missing.
With the "--repair" switch, one can enter an interactive
repair mode which will prompt for each invalid entry found
with the option to delete, skip or edit the record.
There is also a non-interactive repair mode triggered by "--auto"
which will remove all records with invalid content and fill up
mappings which are missing the reverse entry.
The "--test" parameter lets "net idmap check" only list the
changes that would be written and not actually commit them to
the database.
The "--lock" option allows to lock the database already in the
first reading traverse, in order to remove the race when the
database has to be closed and reopened again before writing
the changes.
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Apr 4 18:21:09 CEST 2011 on sn-devel-104
Someone wasn't careful about testing when not running as root :-).
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Dec 15 20:45:25 CET 2010 on sn-devel-104
By removing this global variable, the API between the two different
debug systems is made more similar. Both s3 and s4 now have
lp_set_cmdline() which ensures that the smb.conf cannot overwrite
these the user-specified log level.
Andrew Bartlett
This change improves the setup_logging() API so that callers which
wish to set up logging to stderr can simply ask for it, rather than
directly modify the dbf global variable.
Andrew Bartlett
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
This is the basis to implement global locks in ctdb without depending on a
shared file system. The initial goal is to make ctdb persistent transactions
deterministic without too many timeouts.
If we put strings like "Usage:" into separate _() macros and not the whole
"Usage:..." string we can cover much more messages by only one single
translation. The drawback is that the message in the sources looks less pretty.
This reverts commit fb262f79fa
and related commits c36031778e72fd5fa6bb and
38cd0e086f
This change caused more trouble than it solved. We need to do this differently.
Reverting so we don't accidently release this.
This provides a compromise between stability and performance: gencache is a
persistent database these days that for performance reasons can not use tdb
transactions for all writes. This patch splits up gencache into gencache.tdb
and gencache_notrans.tdb. gencache_notrans is used with CLEAR_IF_FIRST, writes
to it don't use transactions. By default every 5 minutes and when a program
exits, all entries from _notrans.tdb are transferred to gencache.tdb in one
transaction.
Attention:
The meaning of the -N flag changed.
To get the old meaning for net groupmap set, use the long option --ntname
The long option for using kerberos changed from --kerberos to --use-kerberos
net rpc commands will now prompt for a password if none is given.
As a benefit, net will now accept an authentication file like other samba
command line tools. So no need to specify the password on the command line in
scripts anymore.
This should fix bug #6357
Signed-off-by: Kai Blin <kai@samba.org>
