1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00

1020 Commits

Author SHA1 Message Date
Luca Olivetti
a9e008ee36 Fix bug #7263 - Unable to print using Samba 3.5.1 and cups-1.1.23-40.46 on SLES10.
Fix cups encryption setting

I had the same problem and it's due to the fact that samba doesn't respect the
"cups encryption" setting since lp_cups_encrypt changes the value: if you set
"cups encryption=no", the first call will change it to HTTP_ENCRYPT_NEVER,
since that is 1 (i.e. true), the next call will change it to
HTTP_ENCRYPT_ALWAYS and after that it'll remain set as HTTP_ENCRYPT_ALWAYS.
This patch fixes this problem.

Don't mix up the HTTP_ENCRYPT_XXX constants up with the
enumeration constants (True, False, Auto) used in the
loadparm code.
2010-05-04 15:07:57 -07:00
Volker Lendecke
5fc2801c09 s3: Cache the username map in gencache
This is for uses with a heavy-weight username map script
2010-04-13 09:30:06 +02:00
Jeremy Allison
9c410118cb Parameterize "smb2 max read", "smb2 max write", "smb2 max trans".
Set to 64k by default.

Jeremy.
2010-04-06 15:43:35 -07:00
Volker Lendecke
0205633ed9 s3: Use bitmap_talloc in loadparm 2010-03-28 15:25:16 +02:00
Jeremy Allison
fac8ca52ad Fix bug #7240 - Net usershare is not case sensitive.
Updates usershare files in a backwards compatible way.
I don't intend to back port this fix to 3.5.x as it
depends on a version upgrade in the share_info.tdb share security database.

Jeremy.
2010-03-26 17:09:58 -07:00
Jeremy Allison
7509b56b5f share_info.tdb could use non-canonicalized sharenames.
Fix this by moving canonicalization into lib/sharesec.c. Update the
db version to 3. Ensures we always find share names with security
descriptors attached.

Jeremy.
2010-03-22 15:57:31 -07:00
Volker Lendecke
70f9338bf2 s3: Add the "ctdb locktime warn threshold" parameter
This is mainly a debugging aid for post-mortem analysis in case a cluster file
system is slow.
2010-03-22 17:32:18 +01:00
Stefan Metzmacher
752240ccdc s3:param: add "async smb echo handler" option
This will enable an extra forked process that will reply
to SMBecho requests, while the main process is blocked by another
request.

metze
2010-03-22 17:15:12 +01:00
Volker Lendecke
b2f45f20b0 s3: Add "log writeable files on exit" parameter
This boolean option controls whether at exit time the server dumps a list of
files with debug level 0 that were still open for write. This is an
administrative aid to find the files that were potentially corrupt if the
network connection died.
2010-03-22 12:03:44 +01:00
Jeremy Allison
a6f402ad87 Remove lp_safe_widelinks() -> convert to just lp_widelinks. Suggestion from Volker.
Create widelinks_warning(int snum) to cover the message needed in make_connection.

Jeremy.
2010-02-11 15:16:23 -08:00
Simo Sorce
5d92d969dd Introduce lp_safe_widelinks()
This way we avoid any chance that a configuration reload may turn
back on wide links when unix extensions are enabled.
2010-02-11 16:27:17 -05:00
Jeremy Allison
f2d7d9774e Revert "Change the default of "nmbd bind explicit broadcast" to "no""
This reverts commit 84fba3c1bc962804259f201d465acfdf0cd3c6a8.

Now we have a "processed packet queue" in nmbd we can go back
to doing this by default.

Jeremy.
2010-02-10 12:42:27 -08:00
Jeremy Allison
84fba3c1bc Change the default of "nmbd bind explicit broadcast" to "no"
until the double processing problem in bug #7118 is fixed.

Jeremy.
2010-02-10 08:39:37 -08:00
Jeremy Allison
3f2415c9bf Make "nmbd bind explicit broadcast" on by default.
Fix a comment typo.

Jeremy.
2010-02-08 14:35:02 -08:00
Stefan Metzmacher
0140bc389d s3:nmbd: change "nmbd:bind explicit broadcast" into "nmbd bind explicit broadcast"
metze
2010-02-08 18:35:11 +01:00
Jeremy Allison
bd269443e3 Fix bug 7104 - "wide links" and "unix extensions" are incompatible.
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.

Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.

Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.

Jeremy.
2010-02-05 15:20:18 -08:00
Karolin Seeger
5dd86c7394 s3:loadparm: Change the "ldap deref" value "defualt" to "auto".
That's an established value. Default is a bit confusing.

Karolin
2009-12-11 11:56:26 +01:00
Björn Jacke
e92b034d8a s3: make own defines for ldap deref types
there are too many naming clashes between different ldap libs and ldb libs.
Let's simply make our own defines. The numbers are well standarized. This also
makes the default for "ldap deref" be "default" which means we won't tell the
ldap library what to do. Ѕo by default it's all up to what the server and our
libs think they should to do.
2009-12-10 22:22:54 +01:00
Björn Jacke
66836445a2 s3: add LDAP Alias Dereferencing support
Thanks to Dan Cox for initial patch for 3.0. This closes #2350.
2009-12-10 21:28:05 +01:00
Volker Lendecke
9550ade18e s3: de-deprecate "write cache size" to prevent its removal without a proper alternative 2009-12-07 16:26:00 +01:00
Jeremy Allison
b6fdecd112 Fix bug #6837 - "Too many open files" when trying to access large number of files
from Windows 7. Original patch by me fixed up with the correct open files number
by jmaggard10@hotmail.com.
Jeremy.
2009-12-02 10:01:14 -08:00
Bo Yang
62a27325d9 s3: Fix crash in free_file_list().
Signed-off-by: Bo Yang <boyang@samba.org>
2009-11-30 19:22:47 +08:00
Volker Lendecke
69a68208bd s3: Restore "fake directory create times" as a share parameter 2009-11-29 11:22:05 +01:00
Volker Lendecke
e41e21b9d4 s3: "load_usershare_shares" only looks at the mode and uid 2009-11-29 11:22:02 +01:00
Volker Lendecke
5e6031c9c5 s3: "load_usershare_service" only looks at the mode and uid 2009-11-29 11:22:02 +01:00
Volker Lendecke
7e9c2c5df3 s3: "usershare_exists" only looks at the mode and mtime 2009-11-29 11:22:02 +01:00
Volker Lendecke
e5392748ec s3: "process_usershare_file" only looks at the dev, ino, mode and size 2009-11-29 11:22:02 +01:00
Volker Lendecke
552313a79c s3: "process_usershare_file" only looks at the mode and size 2009-11-29 11:22:02 +01:00
Volker Lendecke
0d0eec9fb2 s3: "parse_usershare_file" only looks at the mode and uid 2009-11-29 11:22:02 +01:00
Volker Lendecke
44ce5603dd s3: Pass the "fake dir create times" parameter to sys_*stat
Step 0 to restore it as a per-share paramter
2009-11-29 11:22:01 +01:00
Volker Lendecke
7930206f5c Revert "s3: Make the implicit reference to get_Protocol in lp_use_sendfile() explicit"
This reverts commit 6a149022976fe6a5579ec9afc7a4d2dcb44dc8af.
2009-11-23 16:34:59 +01:00
Volker Lendecke
cf2febf3d1 s3: Make alloc_sub_basic() static 2009-11-21 20:54:10 +01:00
Volker Lendecke
6a14902297 s3: Make the implicit reference to get_Protocol in lp_use_sendfile() explicit 2009-11-21 20:49:17 +01:00
Volker Lendecke
b79bcd972c s3: Fix some nonempty blank lines 2009-11-21 20:49:16 +01:00
Jeremy Allison
a770caed0f Remove "store create time" code, cause create time to be stored
in the "user.DOSATTRIB" EA. From the docs:
In Samba 3.5.0 and above the "user.DOSATTRIB" extended attribute has been extended to store
the create time for a file as well as the DOS attributes. This is done in a backwards compatible
way so files created by Samba 3.5.0 and above can still have the DOS attribute read from this
extended attribute by earlier versions of Samba, but they will not be able to read the create
time stored there. Storing the create time separately from the normal filesystem meta-data
allows Samba to faithfully reproduce NTFS semantics on top of a POSIX filesystem.
Passes make test but will need more testing.
Jeremy.
2009-11-17 14:55:02 -08:00
Jeremy Allison
a8769e6675 Second part of bugfix for 6865 - acl_xattr module: Has dependency that inherit acls = yes or xattrs are removed.
We also need dos filemode = true set as well.
Jeremy.
2009-11-11 18:35:18 -08:00
Günther Deschner
8eac3075b6 s3-param: fix set_inherit_acls().
Jeremy, please check.

Guenther
2009-11-09 16:03:38 +01:00
Jeremy Allison
bd2ffb1c7a Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or xattrs are removed.
Jeremy.
2009-11-06 21:53:07 -08:00
Volker Lendecke
d415d4d32f s3: Add parameter "ctdb timeout"
When something in the cluster blocks, it can happen that we wait indefinitely
long for ctdb, just adding to the blocking condition. In theory, nothing should
block, but as someone said "In practice the difference between theory and
practice is larger than in theory". This adds a timeout parameter in seconds,
after which we stop waiting for ctdb and panic.
2009-11-05 12:05:36 +01:00
Jeremy Allison
cbafe17bb3 Remove "Protocol" as an extern, and add accessor functions.
Jeremy.
2009-11-04 15:15:50 -08:00
Volker Lendecke
ad6ee94950 s3: Make "debug hires timestamp" default to true
It does not cost much and can help a lot when debugging
2009-11-02 10:08:39 +01:00
Karolin Seeger
f381faa8d6 s3: Rename new parameter "ldap ref follow" to "ldap follow referral".
This parameter will be introduced with Samba 3.5.0.

Karolin
2009-10-26 12:11:59 +01:00
Olaf Flebbe
5ec557d9f6 s3/loadparm: Fix severe HPUX compiler issue.
Members of struct should be initialized explictly.
Fixes bug #6804.
2009-10-13 18:38:39 +02:00
Jan Engelhardt
c5d5969e24 s3/smbldap: add option to disable following LDAP refs
Fix bug #6717.
2009-10-12 11:34:58 +02:00
Jeremy Allison
00ce3e143f Fix for CVE-2009-2813.
===========================================================
== Subject:     Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#:     CVE-2009-2813
==
== Versions:    All versions of Samba later than 3.0.11
==
== Summary:     If a user in /etc/passwd is misconfigured to have
==              an empty home directory then connecting to the home
==              share of this user will use the root of the filesystem
==              as the home directory.
===========================================================
2009-10-01 10:23:29 -07:00
Björn Jacke
f410d23185 s3: BSD needs sys/sysctl.h included to build properly
FreeBSD (and other BSDs, too) need sys/sysctl.h inclueded to use sysctlbyname().

Thanks to Timur Bakeyev for that.
2009-09-15 06:54:31 +02:00
Volker Lendecke
b824b1b7bf Add a parameter to disable the automatic creation of krb5.conf files
This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of
transitive AD trusts. The workaround is to add a [capaths] directive to
/etc/krb5.conf, which we don't automatically put into the krb5.conf winbind
creates.

The alternative would have been something like a "krb5 conf include", but I
think if someone has to mess with /etc/krb5.conf at this level, it should be
easy to add the site-local KDCs as well.

Next alternative is to correctly figure out the [capaths] parameter for all
trusted domains, but for that I don't have the time right now. Sorry :-)
2009-08-26 15:28:06 +02:00
Jeremy Allison
d6270df748 Add "store create time" parameter (docs to follow)
that stores the create time in the user.DosTimestamps EA.
Jeremy.
2009-08-12 13:00:54 -07:00
Volker Lendecke
b134d4bc4a Attempt to fix the build 2009-07-14 21:29:22 +02:00
Jeremy Allison
d57e67f9eb Revert this commit :
s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and
non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.

For now. This is a feature request and I think we need
to design it a little differently so as not to touch
core change_to_user() code.

Jeremy.
2009-07-14 11:25:45 -07:00