IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
2 separate CPPFLAGS variables. So just cleanup the SAMBA_CPPFLAGS
for out of tree builds. This has been tested locally and works.
Maybe metze can find a better way tomorrow.
(This used to be commit 8aa681df99)
like negative values in the generated code.
I'm not sure how we can solve that in samba3 as the generated code is commited
Maybe we need to alsways pass --uint-enums
metze
(This used to be commit 9468dcc5d5)
test with gcc 4.1.0. As the build farm is not in the best state right now,
this should not matter.
Stefan, is there any chance we get the IMMEDIATE_STRUCTURES back and have
libreplace at the same time?
Volker
(This used to be commit 776bd5e36d)
This has had some basic testing. I'll do more during the next couple of days and hopefully also
make RPC-SRVSVC from Samba4 pass against it.
(This used to be commit ef10672399)
Many things work (OpenHKLM, etc...) but some still don't.
This shouldn't block anyone so I'm checking it in.
Will probably move to a bzr tree after this for
longer dev cycles between checkins.
(This used to be commit cf1404a0d7)
* Remove the old wkssvc server, client, & parsing code.
* Update srv_wkssvc_nt.c with stubs for the remaining
stubs
(This used to be commit 0cb79ee13f)
SASL/Steve/Andrew I can't right now ask why the aio.h is needed for the
timespec test.
Might have to revert that soon.
Volker
(This used to be commit fa53ad6571)
- we now define the set of samba related include path in one place
so that we can't get it wrong in different places
metze
(This used to be commit 6bf0aad052)
* as openlog() is non-reentrant and pam_winbind thereby overrides the
syslog settings of the calling application, directly call syslog (or
pam_vsyslog if available)
* support the PAM_SILENT flag to avoid any log messages beeing created
Guenther
(This used to be commit 0f7e37ffc4)
strtoull. This is a copy of the stuff in samba4 libreplace, which is GPL. I
hope it is ok to copy&paste it into a GPL file. Tridge, we could also create a
replace_lpgl.c if needed.
Volker
(This used to be commit f8346687d9)
the LGPL. Original code by Krishna Ganugapati <krishnag@centeris.com>.
Additional work by me.
It's still got some warts, but non-secure updates do
currently work. There are at least four things left to
really clean up.
1. Change the memory management to use talloc() rather than
malloc() and cleanup the leaks.
2. Fix the error code reporting (see initial changes to
dnserr.h)
3. Fix the secure updates
4. Define a public interface in addns.h
5. Move the code in libads/dns.c into the libaddns/ directory
(and under the LGPL).
A few notes:
* Enable the new code by compiling with --with-dnsupdate
* Also adds the command 'net ads dns register'
* Requires -luuid (included in the e2fsprogs-devel package).
* Has only been tested on Linux platforms so there may be portability
issues.
(This used to be commit 36f04674ae)
ntlm_auth module to allow it to use winbindd cached
credentials.The credentials are currently only stored
in a krb5 MIT environment - we need to add an option to
winbindd to allow passwords to be stored even in an NTLM-only
environment.
Patch from Robert O'Callahan, modified with some fixes
by me.
Jeremy.
(This used to be commit ae7cc298a1)
code is wrong or bad or anything, just that it
needs to be discussed & reviewed on the samba-technical
list before we add a platform-specific NFSv4 mapping.
That way lies a lot of future pain :-).
Jeremy.
(This used to be commit 330899ec30)
modularizes our interface into the special posix API used on
the system. Without this patch the specific API flavor is
determined at compile time, something which severely limits
usability on systems with more than one file system. Our
first targets are AIX with its JFS and JFS2 APIs, at a later
stage also GPFS. But it's certainly not limited to IBM
stuff, this abstraction is also necessary for anything that
copes with NFSv4 ACLs. For this we will check in handling
very soon.
Major contributions can be found in the copyright notices as
well as the checkin log of the vl-posixacls branch. The
final merge to 3_0 post-3.0.23 was done by Peter Somogyi
<psomogyi@gamax.hu>
(This used to be commit ca0c73f281)
This patch is mainly based on the work of Todd Stecher
<tstecher@isilon.com> and has been reviewed by Jeremy.
I sucessfully tested and valgrinded it with MIT 1.4.3, 1.3.5, Heimdal
0.7.2 and 0.6.1rc3.
Guenther
(This used to be commit 535d03cbe8)
This fixes a problem where the clock definition for clock_gettime() is
present at compile time, but is not available on the running system. In
this case, we fall back to less-preferred clocks until we find one that
we can use.
(This used to be commit fc6ed6a1aa)
a more specific probe to try and eliminate old, incompatible
DMAPI implementations provided by IRIX 6.4 and AIX 4.3.
(This used to be commit aafd4db457)
might pull in libpthread. This is quite bad, firstly because it can
cause oplock signals on Linux to go wonky, and secondly because merely
linking with pthreads can cause performance degradations due to implicit
locking requirements.
The solution is to only search for clock_gettime if --with-profiling-data
was specified. If we do end up searching for it, then we test whether
linking with librt pulled in libpthread, and we only allow the definition
for clock_gettime to succeed if libpthread was NOT linked in.
Problem reported by Thomas Bork and diagnosed by Volker Lendecke.
(This used to be commit 5712644fcc)
stack tracing support. This provides an easy way for users to provide
stack traces (hopefully it will be implemented on something other than
ia64).
(This used to be commit 0b5e07e12d)
kerberized pam_winbind and workstation restrictions are in effect.
The krb5 AS-REQ needs to add the host netbios-name in the address-list.
We don't get the clear NT_STATUS_INVALID_WORKSTATION code back yet from
the edata of the KRB_ERROR but the login at least fails when the local
machine is not in the workstation list on the DC.
Guenther
(This used to be commit 8b2ba11508)
handling anymore when we remove $(LIBS) from pam_winbind again.
Also make sure to build our own copy of iniparser with -fPIC.
Guenther
(This used to be commit e32c4f6f6e)
primarily intended for ia64 systems where libunwind knows more about
the different ways of walking the stack that just about anything else.
(This used to be commit 256a19d722)
is produced when a process exits abnormally.
First, we coalesce the core dumping code so that we greatly improve our
odds of being able to produce a core file, even in the case of a memory
fault. I've removed duplicates of dump_core() and split it in two to
reduce the amount of work needed to actually do the dump.
Second, we refactor the exit_server code path to always log an explanation
and a stack trace. My goal is to always produce enough log information
for us to be able to explain any server exit, though there is a risk
that this could produce too much log information on a flaky network.
Finally, smbcontrol has gained a smbd fault injection operation to test
the changes above. This is only enabled for developer builds.
(This used to be commit 56bc02d644)
Samba3 - with some 64-bit macro madness. Attempt to fix
the broken directory handling in the *BSD-of-the-month
club.
Jeremy.
(This used to be commit fd98427f64)
for module in ; do ... ; done
leads to an error (true64, solaris 8).
We now use {,UN}INSTALL_PAM_MODULES to get replaced by configure.
Therfore we don't run into the {,un}installpammodules rule if no PAM
module is requested.
Thanks to Björn Jacke for pointing to this issue.
(This used to be commit 07a70f8f86)
Nothing happens if PAM_MODULES is empty which is our default.
The default destination dir is "${LIBDIR}/security". It's possible to
overwrite the default with --with-pammodulesdir while calling configure.
(This used to be commit 7163c68605)
- add configure tests --with-selftest-prefix=/tmp/samba-test
this is needed because the path name of unix socket can only be 108 chars long
- add configure test --with-smbtorture4-path=/home/foo/prefix/samba4/bin/smbtorture
this will be used to run samba4's smbtorture inside samba3's make test later
metze
(This used to be commit d9df1853b9)
the POSIX interface. Note that this removes support for inherited
capabilities. This wasn't used, and probably should not be.
(This used to be commit 763f4c0148)
called as part of the all rule (again only if pam modules are requested
by configure).
Add pam_winbind rule.
Ensure proto_exists before we build the pam modules.
Add test_pam_modules rule to test if the built pam modules have any
unresolved symbols. For test_pam_modules we use script/tests/dlopen.sh
which was written by Nalin Dahyabhai <nalin@redhat.com>. Thanks Nalin!
RedHat and SuSE use this script to test nss and pam modules since
several years.
(This used to be commit 71b2eb55ad)
The intention is to have the resulting binaries at one place. This is
also usefull for upcoming changes to provide a test_pammodules rule.
With these changes I even got aware of
testsuite/nsswitch/pam_winbind_syms.exp But this only covers
pam_winbind.
(This used to be commit 9883957b74)
to substitute rootsbindir in {,un}installbin.sh.in.
Pass $prefix as third arg to installbin/ uninstallbin as rootsbindir by
default is $prefix/sbin.
(This used to be commit 7773b8c9e0)
if we use ./configure --prefix=dir && make install
Vendors might use ./configure --with-rootsbindir=/sbin && make
DESTDIR=/var/tmp/samba/ install if they use a buildroot.
Thanks to Björn Jacke for pointing me at the stderr output of the build
farm.
(This used to be commit 75c95d149a)
unmount.cifs. This is controlled via CIFSMOUNT_PROGS which is set by
configure by default to yes on linux systems only. It's possible to
disable with --without-cifsmount anyhow.
Added ROOTSBINDIR to the Makefile to allow us an install to /sbin and
not $prefix/sbin. Configurable with --with-rootsbindir.
(This used to be commit a2ab4cc824)
with the new rules: uninstallservers uninstalldat, uninstallswat (calles
uninstallmsg), uninstallmodules, uninstallclientlib, and
uninstalllibmsrpc.
We still leave directories. We might try to remove the dirs we created
in reverse order.
The new uninstall scripts are sym links to the respective install
scripts. Inside we set mode to install or uninstall.
installservers is now used to install the servers. These are no longer
installed with installbin.
(This used to be commit 43549301b9)
the build on Solaris, AIX and S390. The fundamental problem is
that macros like AX_CFLAGS_IRIX_OPTION can spuriously succeed.
(This used to be commit 30122f61c3)
always assume we can get a struct timespec out of a stat
struct. This will allow us to portably move to nsec timestamps
on files and directories in the file server code in future.
Jeremy.
(This used to be commit 07132d8796)
Jeremy, configure.in decides whether aio support works quite early in the
sequence of checks. Wouldn't it be better to only use aio support if really
all necessary functions actually are around?
Volker
(This used to be commit 246b5b4356)
Finally cleanup the way idmap modules are build and loaded, idmap_rid
now will have to be loaded without prefix, just "rid".
Guenther
(This used to be commit a77e02177d)
always linearize into little-endian. Should fix all
Solaris issues with this, plus provide a cleaner base
moving forward for cluster-aware Samba where smbd's
can communicate across different compilers/architectures
(eventually these message will have to go cross-machine).
Jeremy.
(This used to be commit d01824b785)
oplocks across the cluster. Adapt Samba to it.
The gpfs API is called via libgpfs.so. This code is written with dlopen(), so
that you can compile on a system with gpfs installed and later on run on
systems without gpfs available.
So to actually make Samba call gpfs share mode calls you need to compile with
gpfs.h and libgpfs.so around and set 'gpfs share = yes' on the shares you
export from GPFS.
Volker
(This used to be commit 2253b17a1a)
installlibmsrpc. This works the same way as we're already doing it for
libsmbclient. Default is to build it.
Add a soname to libmsrpc as we do it for libsmbclient. We already had
the MAJOR and MINOR variable in the Makefile.
(This used to be commit 6794d44099)
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d7)
be provisioned on demand - calls script with domain,
username, challenge and LM and NT responses - passing
the info through a pipe.
Jeremy.
(This used to be commit 67be4ee41c)
- fix the logic for using the builtin linux quota support
(hopeful fix the quota build on the fedora 4 builtfarm boxes)
metze
(This used to be commit 6768c07bd1)
systems. This causes share libs to be built with .sl instead of .so
extensions. Patch from Adrian Tam to fix bugzilla #2733.
(This used to be commit 84936e7491)
notify code. Bugid #2285. The last commit by me on behalf
of James as he will be able to do his own now :-).
Jeremy.
(This used to be commit 524298b3f3)
Several incarnations of gcc bork with
Compiling dynconfig.c
/tmp/ccXd94O5.s: Assembler messages:
/tmp/ccXd94O5.s:1202: Error: suffix or operands invalid for `mov'
/tmp/ccXd94O5.s:1289: Error: suffix or operands invalid for `mov'`
Thanks to Bent Vangli for the the leg work and suggestions.
(This used to be commit 318fe7ba00)
compiler supports it.
We have to compile with -fPIE and not -fpie. Else ppc and s390(x) will
fail (to small GOT).
It's possible to disable configure's PIE detection with --disable-pie
(This used to be commit 07845bb4c5)
1. using smbc_getxattr() et al, one may now request all access control
entities in the ACL without getting all other NT attributes.
2. added the ability to exclude specified attributes from the result set
provided by smbc_getxattr() et al, when requesting all attributes,
all NT attributes, or all DOS attributes.
3. eliminated all compiler warnings, including when --enable-developer
compiler flags are in use. removed -Wcast-qual flag from list, as that
is specifically to force warnings in the case of casting away qualifiers.
Note: In the process of eliminating compiler warnings, a few nasties were
discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces
are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED
kerberos interfaces are being used. Someone who knows kerberos
should look at these and determine if there is an alternate method
of accomplishing the task.
(This used to be commit 994694f7f2)
pulling back all recent rpc changes from trunk into
3.0. I've tested a compile and so don't think I've missed
any files. But if so, just mail me and I'll clean backup
in a couple of hours.
Changes include \winreg, \eventlog, \svcctl, and
general parse_misc.c updates.
I am planning on bracketing the event code with an
#ifdef ENABLE_EVENTLOG until I finish merging Marcin's
changes (very soon).
(This used to be commit 4e0ac63c36)
lanuage, English, at the moment). Fixes#2261. If other languages
might are added in the future, this parameter will still not be needed.
(This used to be commit d41e790b4b)
* Implement a fixed mapping of forbidden NT characters in filenames that are
* used a lot by the CAD package Catia.
*
* Yes, this a BAD BAD UGLY INCOMPLETE hack, but it helps quite some people
* out there. Catia V4 on AIX uses characters like "<*$ a *lot*, all forbidden
* under Windows...
Volker
(This used to be commit 8c0148df81)
Vince Brimhall <vbrimhall@novell.com> - slight tidyup by me to
use Samba conventions.
Vince - thanks a *lot* for this code - please test to make sure
I haven't messed anything up.
Jeremy.
(This used to be commit 6f5ea963ab)
"allocation roundup size", by default set as 1Mb. From
advice by BlueArc about Windows client behaviour. VC++
people can set this to zero to turn it off.
Jeremy.
(This used to be commit 833ca10177)
configure-checks (At least Heimdal uses KRB5_CONFIG for locating it's
configuration-file (usually /etc/krb5.conf)). Renaming it to KRB5CONFIG
prevents configure-checks that use heimdal-libs from segfaulting while
the lib reads the krb5-config binary as a configuration file...
Vendors that used the KRB5_CONFIG-variable to let configure find a
custom krb5-config binary have to use KRB5CONFIG now.
Guenther
(This used to be commit 95edb3c67f)
Written by Sumit Bose <sbose@suse.de> and myself a while ago.
idmap_rid does a direct, static mapping between RIDs and UIDs/GIDs using
the idmap-range as offset. It does thus allow to have a unified mapping
over several winbindd-systems without having the need of a central
LDAP-Server (and all related dependencies and problems this solution can
bring).
Compile:
./configure --with-shared-modules=idmap_rid
Usage:
idmap backend = idmap_rid
idmp_rid does even allow you to have multiple mappings (for trusted
domains). This is a rather problemtic feature and will be turned off by
default rather soon. The problem is that ranges can quickly overlap when
not measured with caution.
idmap backend = idmap_rid:"MYDOMAIN=1000-9999 OTHER=10000-19999"
Will valgrind idmap_rid later today and fix a couple of things.
Guenther
(This used to be commit 49a238bd37)
--allow-shlib-undefined flag defined. This causes a stackload of
warnings when building modules.
Fix by Michel Gravey which closes bugzilla #1776.
(This used to be commit ad53c55513)
HPUX. This is Richard Allen's suggestion to get HPUX to use cc instead of
ld.
Also he added some missing $(DYNEXP) on link lines and removed the definition
of $(LINK) as it is no longer used in the Makefile.
(This used to be commit 9481f2a79e)
