IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
now combined all the ad-hoc AC_SUBST variables into three generalised
ones:
EXTRA_BIN_PROGS Additional programs to install in ${prefix}/sbin
EXTRA_SBIN_PROGS Additional programs to install in ${prefix}/bin
EXTRA_ALL_TARGETS Additional targets to build by default
SHLIB_PROGS Shared library objects (pam, winbind) to build
We also build some extra stuff by default: the python extensions (if
--with-python specified), smbmount related binaries (if
--with-smbmount specified), and the samba torture suite.
The idea behind this is to have everything that is configured built by
default to detect breakage as soon as possible when people make low
level changes.
(This used to be commit d6dfe3ea69)
(quoting his mail)
Ok, here's round two of splitting up the library dependencies. I think
the first one's been steeping in CVS for long enough now.
This splits off the "authentication" libs (libpam, libcrypt) into their
own group. A modest gain, but you've gotta start somewhere.
Steve Langasek
postmodern programmer
(This used to be commit a1c63d04b8)
compile a non-ADS, non-LDAP version of Samba on a machine with
Kerberos and LDAP libraries installed.
This shouldn't break anything - let's keep an eye on the build
farm just in case.
(This used to be commit b9460e79a1)
might be ugly, etc - please don't blame me for anything but instead try to fix
the code :-). Compiling of the new sam system can be enabled with the
configure option --with-sam
Removing passdb/passgrp.c as it's unused
fix typo in utils/testparm.c
(This used to be commit 4b7de5ee23)
external lib dependencies - let's hope this patch stays around for longer than
the previous attempt.
Andrew Bartlett
(This used to be commit d0c0e9f427)
Just now it is acommandline tool like smbclient and rpcclient that is able to
perform operations on the file system passing through the vfs layer
It is not complete yet, some functions have simply faked up data, but module
loading works yet and basic operations too.
Thanks to Eric Lorimer for helping out with the initial setup.
Simo.
(This used to be commit 42ae5eb826)
Back out last night's patch to to reduce -l dependencies until we can ensure
that *all* configurations/platforms work...
Andrew Bartlett
(This used to be commit 35eefe7a19)
dependencies. This benifits packagers (like debian) becouse then our client
code won't have references to 'server only' libraries.
(In particular, it removes the client dependency on CUPS, which was raised in
a debian bug report).
Andrew Bartlett
(This used to be commit d5f2e33b34)
Finally the cascaded VFS patch is in.
Testing is very welcome, specially with layered multiple vfs modules.
A big thank to Alexander Bokovoy for his work and patience :)
Simo.
(This used to be commit 56283601af)
almost working, seem it does not yet properly detect if windbind is running or not in all situations testing is welcome.
(This used to be commit e0988e9186)
in get_alias_user_groups(). The old method used getgrent() which is
extremely slow when the number of groups is large
(This used to be commit 44e92b6523)
rebind proc (some give an extra paramter to pass a void* paramater) and
some small changes for the SMB signing code to reset things when the
signing starts, and to 'turn off' signing if the session setup failed.
Andrew Bartlett
(This used to be commit a8805a34e5)
This option was badly maintained, useless and confused our users and
distirbutors. (its SSL, therfore it must be good...)
No windows client uses this protocol without help from an SSL tunnel.
I can't see any reason why setting up a unix-side SSL wrapper would
be any more difficult than the > 10 config options this mess added
to samba in any case.
On the Samba client end, I think the LIBSMB_PROG hack should be
sufficient to start stunnel on the unix side. We might extend this
to take %i and %p (IP and port) if there is demand.
Andrew Bartlett
(This used to be commit b04561d3fd)
when assigning on va_list to another, or when passing a va_list as an
argument to a function. Not using it causes segv's and other unpredictable
results.
We need to check all over the place for this...
(This used to be commit 331132678c)
<Michael.Gerdts@alcatel.com>. The struct passwd in Solaris contains some
extra fields which must be initialised otherwise nscd crashes.
(This used to be commit a67323d071)
Use $CC instead of $SHLD for the "test whether building a shared library
actually works". At the moment this is failing as $SHLD (and $LDSHFLAGS -
look at the value this is set to for Solaris) are designed to be used from
a Makefile and not within configure so this test will always fail!
Tridge has suggested moving to libtool^H^H^H^H^H a shell script that
invokes the right linker with the right args and solves this problem
nicely.
(This used to be commit 4caf71d5b2)
- pam_winbind updates from vance, fixing a typo and making some the options
work properly.
- Extra parinoia in the winbind connection loop
- Allow pam_winbind to compile on HP-UX (Don Mcall, more work to do).
- Fix up configure.in to use the same method for building the test .so
as the Makefile uses.
Andrew Bartlett
(This used to be commit 8e705dd921)
meant to be DYNEXP, but I'll confirm that with the original contributor.
Thanks to vance for spotting this!
Andrew Bartlett
(This used to be commit cf9cae48e6)
This allow the user to select
'passdb backend = plugin : /path/to/plugin.so : pluging args'
And load any arbitary plugin. Apparently Jelmer has a mysql plugin in the
works - hence this patch.
We probably need to rework the interface a bit before 3.0 (add versioning of
some kind) but this is a good start.
Andrew Bartlett
(This used to be commit d6d18b70f0)
would like. We use them to initialise other struct (lookup) tables, so test
that as well.
Also try not to segfault during our snprintf tests - test both with a 0 len
buffer and without any buffer at all.
Andrew Bartlett
(This used to be commit 2d80ab7122)
Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem. In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.
This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime. The 'passdb backend' paramater
has been created (and documented!) to support this.
As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.
This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.
While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly). Most of this was
to do with % macro expansion on stored data. It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them. tdbsam needs
to use a similar system to pdb_ldap in this regard.
This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these. I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.
Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.
The non-unix-account support in this patch has been proven! It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!
Other changes:
Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.
pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend). Extra checks have been added in
some places.
Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.
pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.
The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly. This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.
Doco:
I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c5)
screen-full of kerberos warnings.
This is almost as good, and I can actually see the Samba warnings.
Andrew Bartlett
(This used to be commit 35a6275e18)
the specifies the units that st_blocks is in. The reason for this is
that HPUX uses 8k, AIX uses a #defined constant and everyone else (tm)
uses 512 byte units.
Needed for the CIFS UNIX extensions - coming to a Samba server near
you soon.... :-).
Jeremy.
(This used to be commit 38cfffea5f)
Also more insertion of parenthesis to handle struct members called
'free'.
You can now get useful dmalloc output, as long as it is compatible
with your C library. On RH7.1 it looks like you have to rebuild
dmalloc to allow free(0) by default, because something in libcrypt
does that. (sigh)
(This used to be commit 391cbb6901)
We now include the libber.h file if required, but currently we just don't use
ldap. (I'll chase this up).
In the meantime, I've moved the ads_status code about, its now in its own file,
and has a couple of #ifdefs to allow smbd to link - becouse the lack of LDAP
caused HAVE_ADS to be undefined. (I hope its not too ugly).
Andrew Bartlett
(This used to be commit 14407c87e2)
nsswitch code uses vsyslog without checking for it.
Provide replacement for vsyslog in lib/snprintf if not found by configure.
Jeremy.
(This used to be commit ab2e55cdb3)
This should remove some confusion from the ./configure, but does not affect the
'real' kerberos support currently residing in smbd/sesssetup.c.
This code is vunerable to a spoofed KDC, and is best replaced by --with-pam and
the pam_krb5 module. This module includes measures to prevent such spoofing.
Andrew Bartlett
(This used to be commit 3235880b41)
activate you need to:
- install krb5 libraries
- run configure
- build smbclient
- run kinit to get a TGT
- run smbclient with the -k option to choose kerberos auth
(This used to be commit d330575856)
