IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
cups_async_callback() is called to receive new printcap data from a
child process which requests the information from cupsd.
Newly received printcap information is stored in a temporary printcap
cache (tmp_pcap_cache). Once the child process closes the printcap IPC
file descriptor, the system printcap cache is replaced with the newly
populated tmp_pcap_cache, however this only occurs if tmp_pcap_cache is
non null (has at least one printer).
If the printcap cache is empty, which is the case when cups is not
exporting any printers, the printcap cache is not replaced resulting in
stale data.
https://bugzilla.samba.org/show_bug.cgi?id=7915
Signed-off-by: Andreas Schneider <asn@samba.org>
The cups local_pcap_copy global served as a temporary buffer during
asynchronous cups printcap cache updates, as well as indicating when
the printcap cache had not yet been filled and printcap cache update
should block.
As smbd printcap reads are now triggered by the parent smbd following
printcap cache update, the variable and blocking mechanism are no longer
needed.
Signed-off-by: Andreas Schneider <asn@samba.org>
Configuring force user/group settings for the print$ share currently has
unexpected results, this is explained by how the driver upload/add
process takes place. Consider the following example:
[print$]
path = /print-drv
write list = $DRIVER_UPLOAD_USER
force group = ntadmin
- the client connects to the [print$] share and uploads all driver
files to the /print-drv/W32X86 directory.
- This is permitted, as /print-drv/W32X86 is owned by group ntadmin, and
the "force group = ntadmin" takes effect for the [print$] session.
- Once all files are uploaded, the client connects to the [ipc$]
share and issues an AddPrinterDriverEx spoolss request.
- In handling this request move_driver_to_download_area() is called,
which attempts to create the directory /print-drv/W32X86/3
- The create directory fails, as it is done as the user connected to
the [ipc$] share which does not have permission to write to the driver
directory. The [print$] "force group = ntadmin" has no effect.
This is a regression from previous behaviour prior to the commit:
783ab04 Convert move_driver_to_download_area to use create_conn_struct.
https://bugzilla.samba.org/show_bug.cgi?id=7921
Signed-off-by: Andreas Schneider <asn@samba.org>
samba3.posix_s3.rpc.spoolss.driver fails with the xattr_tdb vfs module
loaded as a part of make test. The (now checked) create_directory() call
in move_driver_to_download_area() fails, uncovering another bug in the
printer driver upload code path.
move_driver_to_download_area() creates a new conn_struct for
manipulating files in [print$]. The VFS layer is plumbed through with
the call to create_conn_struct(), however SMB_VFS_CONNECT() is never
called. Many vfs modules expect state stored at connect time with
SMB_VFS_HANDLE_SET_DATA() to be available on any IO operation and fail
if this is not the case.
This fix adds a call to SMB_VFS_CONNECT() in create_conn_struct() prior
to IO.
https://bugzilla.samba.org/show_bug.cgi?id=7976
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 2 01:16:30 CET 2011 on sn-devel-104
WERR_ACCESS_DENIED errors are mapped to WERR_UNKNOWN_PRINTER_DRIVER,
resulting in incorrect error messages on Windows clients.
move_driver_to_download_area() returns the same error status values
to the caller via the *perr argument as well as the return value.
The create_directory() call is not checked for error.
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This will allow the auth_serversupplied_info struct to be migrated
to auth_session_info easier.
Adnrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
metze
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Fri Jan 21 13:14:49 CET 2011 on sn-devel-104
printer_list_need_refresh() was used previously to ensure one smbd
process did not attempt to update the printer_list tdb during or soon
after update by another smbd.
It is no longer needed, as pcap updates are now only performed by the
parent smbd process following startup, SIGHUP, config update or printcap
cache time expiry.
Callers of pcap_cache_replace() assume the existing printcap cache is
replaced by the new values provided. This is not currently the case,
old entries should be removed.
Since commit eada8f8a, updates to the cups pcap cache are performed
asynchronously - cups_cache_reload() forks a child process to request
cups printer information and notify the parent smbd on completion.
Currently printer shares are reloaded immediately following the call to
cups_cache_reload(), this occurs prior to smbd receiving new cups pcap
information from the child process. Such behaviour can result in stale
print shares as outlined in bug 7836.
This fix ensures print shares are only reloaded after new pcap data has
been received.
Pair-Programmed-With: Lars Müller <lars@samba.org>
The tdb traverse function returns the number of elements traversed, or
less than zero on error, printer_list_traverse() is incorrectly checking
for non-zero return.
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Mon Dec 20 18:44:41 CET 2010 on sn-devel-104
Not needed - privileges code prevents "enable privileges = no" from adding privileges
anyway.
This reverts commit a8b95686a7.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 23:41:36 UTC 2010 on sn-devel-104
to maintain compatibility with smb.conf manpage.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 18:15:48 UTC 2010 on sn-devel-104
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
It is not universally guaranteed that an enum is represented as a uint32_t.
This starts to be THE BUG (tm) in Samba. What can I do to explain this
to people a bit better? It seems that the verbose explanations I put into
the recent checkins fixing similar bugs are not clear enough.
Anybody who does is not 100% clear about what this patch fixes please
contact me directly so that we can talk it through on the phone to agree
on a wording that everybody can understand.
Thanks,
Volker
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open
without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt
this is still safe to use as if opening an existing tdb the new
hash will be ignored - it's only used on creating a new tdb not
opening an old one.
Jeremy.
This does a length-limited check, and so avoids reading beyond the
allocated memory if the server sends less than 16 bytes.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This new call is available in the merged privileges code, and
takes an enum as the parameter, rather than a bitmask.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
