IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
No client should use the old protocol without DCERPC level integrity/privacy,
but Maybe there're some lagacy OEM file servers, which require this.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is already the default, because "require strong key = yes" is
the default.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
I guess that's what we try to test here, as 'use spnego' was only evaluated
on in the smb server part.
The basically tests the 'raw NTLMv2 auth' option, we set it to yes on
some environments, but keep a knownfail for the ad_member.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This parameter is already deprecated in favor of the newer idmap_nss backend.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This parameter is already deprecated in favor of the newer idmap_nss backend.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
GCC on a Ubuntu 16.04 instance said:
[3174/4240] Compiling source3/modules/vfs_cap.c
In file included from ../source3/include/includes.h:301:0,
from ../source3/modules/vfs_fruit.c:20:
../source3/modules/vfs_fruit.c: In function
‘fruit_disk_free’:
../source3/../lib/util/debug.h:217:7: error: ‘bandsize’ may be used
uninitialized in this function [-Werror=maybe-uninitialized]
&& (dbgtext body) )
^
../source3/modules/vfs_fruit.c:6302:9: note: ‘bandsize’ was
declared here
size_t bandsize;
^
[3175/4240] Compiling source3/modules/vfs_expand_msdfs.c
[3176/4240] Compiling source3/modules/vfs_shadow_copy.c
[3177/4240] Compiling source3/modules/vfs_shadow_copy2.c
cc1: all warnings being treated as errors
Waf: Leaving directory
/home/ubuntu/autobuild/b17854/samba-o3/bin'
Build failed: -> task failed (err #1):
{task: cc vfs_fruit.c -> vfs_fruit_25.o}
make: *** [all] Error 1
As far as I can tell, it is wrong, and the bandsize variable never
gets passed uninititalised to DEBUG.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
We previously removed the stream from the underlying filesystem stream
backing store when the client zeroes out FinderInfo in the AFP_AfpInfo
stream, but this causes certain operations to fail (eg stat) when trying
to access the stream over any file-handle open on that stream.
So instead of deleting, set delete-on-close on the stream. The previous
commit already implemented not to list list streams with delete-on-close
set which is necessary to implemenent correct macOS semantics for this
particular stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jan 9 17:09:12 CET 2018 on sn-devel-144
This is in preperation of fixing the implementation of removing the
AFP_AfpInfo stream by zeroing the FinderInfo out.
We currently remove the stream blob from the underyling filesystem
backing store, but that results in certain operations to fail on any
still open file-handle.
The fix comes in the next commit which will convert to backing store
delete operation to a set delete-on-close on the stream.
This commit adds filtering on streams that have the delete-on-close
set. It is only needed for the fruit:metadata=stream case, as with
fruit:metadata=netatalk the filtering is already done in
fruit_streaminfo_meta_netatalk().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
No change in behaviour, just some refactoring before adding more code to
fruit_streaminfo_meta_stream() in the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This test more operations in the zeroed out FinderInfo test, ensuring
after zeroing out FinderInfo, operations on the filehandle still work
and that enumerating streams doesn't return the stream anymore.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This test suite had a memory impact of around 2.5GB, from built-up LDAP
connection handlers under the standard process model.
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jan 9 08:22:27 CET 2018 on sn-devel-144
Making it a subsystem adds the correct include directory for
libpamtest.h.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 8 21:04:16 CET 2018 on sn-devel-144
Otherwise net join when failing at the CLDAP ping stage will put a
negative entry for the DC in the conncache which can trigger *hard* to
debug problems later in winbindd.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jan 8 15:22:10 CET 2018 on sn-devel-144
This test suite had a memory impact of around 2.2GB, from LDAP connection
handlers under the standard process model.
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jan 8 08:02:15 CET 2018 on sn-devel-144
Over the length of a run of this suite (which runs under the standard process
model), memory usage from LDAP connection handlers reaches 4GB. This patch
reduces it to a manageable amount.
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
writing that they are correct for version x is not always precise. But we're
working on that also :-)
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
this is from the WINS server, which was released earlier as samba4wins.
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
we don't need to list them all as special cases because we exclude parametric
options generally now from the default value test.
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
we don't get the values of the parametric options.
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Turn the systemd service files under packaging into template (.in) files
with @VAR@ substitutions and add configure options to install and tweak
them.
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Update after call with the GnuTLS maintainer to see what is supported in
GnuTLS, what is working in FIPS mode or not, and what features we require
to move to GnuTLS in future. The benefit will be FIPS certification and
more hardware accelerated crypto.
Bugs have been opened against GnuTLS to implment the missing features or
add functions to declare use of old crypto functions as non-crypto use.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Rationale: Using the existing substitutions in construction of paths
(dynamic shares, created on client connect) results in directory names with
colons and dots in them. Those can be hard to use when accessed from a
different share, as Windows does not allow : in paths and has some ideas about
dots.
Signed-off-by: Dr. Thomas Orgis <thomas.orgis@uni-hamburg.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Mourik Jan C Heupink <heupink@merit.unu.edu>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Mourik Jan C Heupink <heupink@merit.unu.edu>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This in turn is based on what we use at Catalyst minus some helpful packages like editors
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jan 8 03:16:30 CET 2018 on sn-devel-144
Based-on-a-patch-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jan 6 04:41:24 CET 2018 on sn-devel-144
Based-on-a-patch-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Enabling fileid:algorithm = fsname_nodirs uses the hostname algorithm
for directories and thus breaks cluster lock coherence for directories.
Based-on-a-patch-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Using fileid:algorithm = hostname makes fileid generate
fileids based on the hostname. This breaks cluster lock coherence.
Based-on-a-patch-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is in preperation of adding an additional mapping function that
acts differently depending of the file type. No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
When using the fsname or fsid algorithm a stat() and statfs() call is
required for all mounted file systems to generate the file_id. If e.g.
an NFS file system is unresponsive such a call might block and the smbd
process will become unresponsive. Add "fileid:fstype deny",
"fileid:fstype allow", "fileid:mntdir deny", and "fileid:mntdir allow"
options to ignore potentially unresponsive file systems.
See also https://lists.samba.org/archive/samba-technical/2016-January/111553.html
for a discussion about why this is useful.
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We might want to use the tcp flavor in the future in the forwarder for a
single, persistent TCP connection. Then we can easily re-publish it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
