sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-18 06:04:06 +03:00
Code
56,916 Commits 60 Branches 1,145 Tags
Commit Graph

56916 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthias Dieter Wallnöfer
a69f84fd2a s4:ldb_ldap - Fix intendation 2009-10-18 10:45:15 +02:00
Andrew Tridgell
bc2b4192c0 s4-test: the ldap secdesc test is expected to fail for now 
Nadya, if this is not correct and you think this should be passing
already the please let me know. When I looked over it, it doesn't look
like it has a chance of passing until your acl module is in place and
enabled by default.
 2009-10-18 16:32:01 +11:00
Andrew Tridgell
5d3659a881 s4-test: SMB2 oplocks in s4 are a mess 
I don't have time to fix these right now, and as we don't advertise
SMB2 by default I'll mark it as a known failure till we start enabling
SMB2 by default.
 2009-10-18 15:57:21 +11:00
Andrew Tridgell
81eb31f07b s4: spelling error 2009-10-18 15:56:16 +11:00
Andrew Tridgell
9ae4daeb96 s4-torture: fixed the streams tests for Samba4 
In some cases we were not doing streams tests on s4 that we should. In
others, we were calling tests that are known to fail on s4. Some of
those are a bit puzzling.
 2009-10-18 15:06:13 +11:00
Andrew Tridgell
764c09e6bc s4-streams: fixed handling of stream rename and overwrite 2009-10-18 15:06:13 +11:00
Andrew Tridgell
44612c74a6 s4-pvfs: rename with full name gives SHARING_VIOLATION 2009-10-18 15:06:12 +11:00
Andrew Tridgell
83db71e9a7 s4-pvfs: when reporting the file name, don't include the :$DATA suffix 2009-10-18 15:06:12 +11:00
Andrew Tridgell
2d4ad4f504 s4-pvfs: the STREAM_INFORMATION calls don't need any access flags 2009-10-18 15:06:11 +11:00
Andrew Tridgell
edd0ea5225 s4-pvfs: fixed update of stream sizes 
The data_blob_free() was changing the size we set the stream to
 2009-10-18 15:06:11 +11:00
Jeremy Allison
8d85757578 Fix posix_unlink test. Was doing grep without quotes around the 
target string.
Jeremy.
 2009-10-17 20:46:22 -07:00
Andrew Tridgell
a2aa13da32 s4-pvfs: more fixes for ACLs on file creation 
The passed in SD is not used to limit the access mask allowed on file
create.
 2009-10-18 10:32:06 +11:00
Andrew Tridgell
bae8c93d9b s4-smb2: fixed SMB2 find commands 
The change to check for invalid \ prefix on SMB2 paths broke the
internal SMB2 code.
 2009-10-18 10:30:10 +11:00
Andrew Tridgell
0463d69883 s4-pvfs: change the handling of access checking on create 
Previously when a file was created, we produces the resulting access
mask based on an ACL check against the parent. This change means we
now calculate the inherited ACL much earlier, and produce the
resulting access mask from that ACL, or the user supplied ACL.
 2009-10-18 07:13:47 +11:00
Andrew Tridgell
d1efaf39f5 smb2-torture: samba4 allows SEC_FLAG_SECURITY to be used with privileges 2009-10-18 07:13:47 +11:00
Andrew Tridgell
a319ba49e7 s4: fixed howto for new binary name 2009-10-18 07:13:46 +11:00
Jeremy Allison
d6351adca9 Fix the smbtorture4 build. root_fid is a "union smb_handle". tridge 
please check.
Jeremy.
 2009-10-17 12:56:15 -07:00
Jeremy Allison
096589aead Trying to find out why the posix_unlink test build farm is still failing even 
though we're now successfully deleting the symlink.
Jeremy.
 2009-10-17 10:38:44 -07:00
Jeremy Allison
7c51fa6d69 Merge branch 'master' of ssh://jra@git.samba.org/data/git/samba 2009-10-17 10:36:33 -07:00
Volker Lendecke
3e3214fd91 s3:winbind: Move fillup_pw_field() as static to wb_fill_pwent.c 2009-10-17 17:13:02 +02:00
Andrew Tridgell
46b7938d7e s4-smbserver: removed bogus initialisation of two union arms 
Thanks to Metze for spotting this.
 2009-10-17 13:12:24 +11:00
Andrew Tridgell
bf6fcc6121 s4-pvfs: when uwrap is enabled, ignore chown errors 
chown is expected to fail under uwrap
 2009-10-17 13:01:04 +11:00
Andrew Tridgell
dbebe0f621 s4-torture: fixed the default ACL for s4 
s4 returns group and world ACEs in the default acl, based on unix
permissions
 2009-10-17 13:01:04 +11:00
Andrew Tridgell
05f5f22361 s4-torture: minor debugging enhancements 2009-10-17 13:01:04 +11:00
Andrew Tridgell
8c7a81408a s4-schema: We should not need Samba4TopExtra now 
The last attribute this contained was 'privilege' which is now gone
 2009-10-17 13:01:03 +11:00
Andrew Tridgell
6b1ab9cd47 s4-pvfs: don't auto-apply privilege bits in unix acl handling either 2009-10-17 13:01:03 +11:00
Andrew Tridgell
c3b09d18a8 s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masks 2009-10-17 13:01:03 +11:00
Andrew Tridgell
53dec869b8 s4-torture: the BASE-CREATEX_ACCESS test is broken for non-administrators 
See my msg to samba-technical about this test and privilege testing.
 2009-10-17 13:01:03 +11:00
Andrew Tridgell
533b102493 s4-torture: cleanup after the MAXIMUM_ALLOWED test 2009-10-17 13:01:03 +11:00
Andrew Tridgell
5d5d951311 s4-pvfs: use privileges rather than "uid == 0" in unix access check 
This makes the unix access check much closer to the full ACL check
 2009-10-17 13:01:03 +11:00
Andrew Tridgell
9da4af062b s4-security: honor more of the privilege access bits 2009-10-17 13:01:03 +11:00
Andrew Tridgell
7226ba73a0 s4-torture: add a special check for administrators and privileges 
lsa privileges calls don't expand groups. darn.
 2009-10-17 13:01:03 +11:00
Andrew Tridgell
9526487010 s4-lsasrv: make sure only admins can alter privileges 2009-10-17 13:01:02 +11:00
Andrew Tridgell
f794e8d43d s4-provision: added the default privileges db 
privileges are now stored in a separate database
 2009-10-17 13:01:02 +11:00
Andrew Tridgell
cc3e1d9022 s4-provision: removed the old privilege attributes 
Our schema is getting a bit cleaner :-)
 2009-10-17 13:01:02 +11:00
Andrew Tridgell
f3f695f18f s4-torture: show the sid we are basing privilege tests on 2009-10-17 13:01:02 +11:00
Andrew Tridgell
30be3fd143 s4-privileges: moved privileges to private/privilege.ldb 
We were storing privileges in the sam, which was OK when we were a
standalone DC, but is no good when we replicate with a windows DC.

This moves the privileges to a separate (local) database
 2009-10-17 13:01:02 +11:00
Andrew Tridgell
b6a1beb131 added NT_STATUS_NOT_OK_RETURN_AND_FREE() 
Try to make it a bit easier to avoid leaks in common code
 2009-10-17 13:01:02 +11:00
Jeremy Allison
f1d9960284 Add comment explaining about symlink following & posix. 
Jeremy.
 2009-10-16 18:13:06 -07:00
Jeremy Allison
ea3c077236 Last 2 VFS_STAT -> LSTAT fixes I can see in the modules code. 
Jeremy.
 2009-10-16 17:20:40 -07:00
Jeremy Allison
010dfbf1fd Fix one missing STAT -> LSTAT with POSIX pathnames in vfs_xattr_tdb.c. Caught by the torture tester. I love unit tests :-). Jeremy. 2009-10-16 16:38:59 -07:00
Björn Jacke
7655282ede s3: build pam_smbpass when possible 2009-10-16 23:46:52 +02:00
Günther Deschner
64e8aa1b14 s3-netlogon: fix updating trust accout passwords with downlevel domains. 
When choosing the netlogon password set function, make sure to look at the
*negotiated* flags in the cli->dc state, not the ones we start the negotiation
with.

Guenther
 2009-10-16 18:03:32 +02:00
Günther Deschner
20c07674f6 nsswitch: increase libwbclient version after adding wbcChangeTrustCredentials(). 
Guenther
 2009-10-16 16:08:55 +02:00
Karolin Seeger
79c2c61b99 s3:packaging: Fix building RHEL packages. 
Fix bug #6721.
Thanks to Eero Volotinen <eero.volotinen@medicel.com> for providing the patch!

Karolin
 2009-10-16 16:00:26 +02:00
Matthias Dieter Wallnöfer
fef032fac7 s3:srv_samr_nt - another fix for the reject reason 2009-10-16 15:26:14 +02:00
Günther Deschner
22276961c3 s4-smbtorture: extend netr_LogonControl test in RPC-NETLOGON. 
Guenther
 2009-10-16 14:54:58 +02:00
Günther Deschner
8267564e1c s3-netlogon: Fix _netr_ServerPasswordSet2 cleartext blob handling. 
Following Andrew's advice, let's straight md4 the plaintext blob and avoid
trying to get a paintext string out of the input the client sends.

Guenther
 2009-10-16 14:54:57 +02:00
Günther Deschner
c2966a0766 s4-smbtorture: test wbcLookupUserSids in WINBIND-WBCLIENT as well. 
Guenther
 2009-10-16 14:54:57 +02:00
Günther Deschner
246597cb0d s4-smbtorture: test wbcGuidToString and friends as well in WINBIND-WBCLIENT. 
Guenther
 2009-10-16 14:54:57 +02:00