IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is a more general API that caches data with a LRU scheme. See
include/cache.h. No comments yet, I'm still working on it. But Jeremy has given
me a hint in one of his checkins that he would like to make use of this now.
The idea is that we get rid of all our silly little caches and merge them all
into one cache that we can then very easily trim, for example even with a
smbcontrol message if someone decides memory is tight. The main user is the
stat cache, this patch also converts the getwd cache. More caches to come.
(This used to be commit 7a911b3571)
If mDNS is supported, attempt to register the first port we are
listening on for the _smb._tcp service. This provides more reliable
service discovery than NetBIOS browsing.
(This used to be commit 1e7241517d)
This is meant as a replacement for the internal tdb. To me it seems a bit silly
that for in-memory structures we do our own memory management. With this rbt
based approach we can make use of the system-supplied malloc.
(This used to be commit 54e5d44046)
* Added checks for spnego prereq keyutils.h and kerberos in configure.in
Signed-off-by: Igor Mammedov <niallain@gmail.com>
(This used to be commit f802db70b8)
Patch 1 of 3:
- Patch 1 adds the new variables
- Patch 2 makes uses of them for files belonging to the "state" path
and the "code pages" path
This patch seemed more easily acceptable, which explains why we
separated it from patch 3
- Patch 3 reassigns files to the "cache" path. Indeed all "debatable"
changes have been moved to that one
The point is adding:
- a path for non discardable state data: basically all TDB files
that may need to be backed up
- a path for shared data: mostly codepage stuff
- a path for cache data to host files such as
browse.dat, printers.tbd, <printer>.tdb
All these are currently mixed in "libdir" (${prefix}/lib/samba by default).
The patch keeps these new paths to point to ${prefix}/lib/samba by default
and does therefore not change the software behaviour. Used alone, it just
adds unused variables...so it can safely be used in sources without any
behaviour change and no impact on Samba developers work.
(This used to be commit b7d2fadbef)
Hi!
Can you check and push them?
Thanks,
Volker
From b488af5905e2dee12a1a72a3b40801ae5c26f24f Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@sernet.de>
Date: Sat, 27 Oct 2007 14:20:09 +0200
Subject: [PATCH] Fix some warnings and errors
(This used to be commit e17d3e10e8)
the final goal is to have 3 child dispatch tables
'domain', 'idmap' and 'locator' instead of one.
metze
(cherry picked from commit 97c63f1b95)
(This used to be commit a1c354866c)
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
(This used to be commit 6585ea2cb7)
into a tiny winbindd DsGetDcName client. This still does not solve the case of
using the locator from within winbindd itself but at least gencache.tdb and
others are no longer corrupted.
Guenther
(This used to be commit 908e7963b8)
and alters the device id depending on the configured algorithm.
The algorithm is configured via "fileid:algorithm":
- "fsname" (default) uses a uint64 hash over the mount point
- "fsid" uses the fsid returned from statfs()
This is needed for "clustering = yes" on some clusterfilesystems
metze
(This used to be commit 30f9171cca)
commit 0d4bbd197198a94bf4e29e0ccd175a40a60097f3
Author: Gerald (Jerry) Carter <jerry@samba.org>
Date: Mon Jul 2 20:08:19 2007 -0500
Introduce GNU ld linker export-script for hiding non-public symbols
in shared libraries.
Based on initial patch from Julien Cristau <jcristau@debian.org>
and suggestions from James Peach <jpeach@samba.org>. Currently
the libsmbsharemodes libraries still exports *. Signed off on
my Derrell as well.
(This used to be commit c42cf731b4)
The global options are stored as values in the subkey "global"
of the SMBCONF registry key.
The activation is accomplished in smb.conf though a new special
semantic of the "include" parameter: "include = registry" triggers
the processing of the registry global options exactly at the
position of the include statement. Options read from the registry
take the same precedence as parameters loaded from a file via
include. Need to reload the registry globals is detected by
watching the tdb sequence number.
Registry shares are automatically activated when the registry
globals are processed.
So a "registry only" configuration can be realized by an
smb.conf that looks as follows:
================================
[global]
include = registry
================================
The global options and registry shares can be conveniently
edited with the "net conf" utility.
Caveat:
A possible pitfall consists in using "include = registry"
together with the "lock directory" directive in the registry.
This problem will be addressed in the next time.
Note on the code:
Processing of the registry options is accomplished by a function
process_registry_globals() in loadparm.c The current version is
only an interim solution: It is handcoded instead of using the
infrastructure of reg_api.c. The reason for this is that using
reg_api still has too large linker dependencies, bloating virtually
all targets by PASSDB_OBJ, SMBLDAP_OBJ, GROUPDB_OBJ and LDB stuff.
A version of process_registry_globals that uses reg_api is
included but commented out. The goal is to eventually refactor
and restructure the registry code so that one can use the reg_api
to access only the registry tdb and not link all the dynamic
backends with all their linking implications.
(This used to be commit 24b0cbcb37)
activation of global registry options in loadparm.c, mainly to
extract functionality from net_conf.c to be made availabel elsewhere
and to minimize linker dependencies.
In detail:
* move functions registry_push/pull_value from lib/util_reg.c to new file
lib/util_reg_api.c
* create a fake user token consisting of builtin administrators sid and
se_disk_operators privilege by hand instead of using get_root_nt_token()
to minimize linker deps for bin/net.
+ new function registry_create_admin_token() in new lib/util_reg_smbconf.c
+ move dup_nt_token from auth/token_util.c to new file lib/util_nttoken.c
+ adapt net_conf.c and Makefile.in accordingly.
* split lib/profiles.c into two parts: new file lib/profiles_basic.c
takes all the low level mask manipulation and format conversion functions
(se_priv, privset, luid). the privs array is completely hidden from
profiles.c by adding some access-functions. some mask-functions are not
static anymore.
Generally, SID- and LUID-related stuff that has more dependencies
is kept in lib/profiles.c
* Move initialization of regdb from net_conf.c into a function
registry_init_regdb() in lib/util_reg_smbconf.c.
Michael
(This used to be commit efd3e2bfb7)
emited to the Makefile in the DEVELOPER_CFLAGS variable. This makes
it easy to turn developer mode on and off without waiting for
configure to run. The developer flags are only added to CFLAGS for
the --enable-developer and --enable-krb5developer cases.
(This used to be commit 4b392a76eb)
I'm 100% certain I've forgotten to merge something, but the main code
should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and
messages_ctdbd.c.
There should be no changes to the non-cluster case, it does survive make
test on my laptop.
It survives some very basic tests with ctdbd enables, I did not do the
full test suite for clusters yet.
Phew...
Volker
(This used to be commit 15553d6327)
INIPARSER_OBJ from the bin/net target altogether. I re-add it
in the guise of @BUILD_INIPARSER@ (to NET_OBJ). This also
eliminates the need to have @BUILD_INIPARSER@ in the deps for
the bin/net target.
Same procedure for the pam_winbindd module.
Michael
(This used to be commit 114a80dd2e)
- unify handling on @BUILD_INIPARSER@
btw: nsswitch/pam_winbind.c doesn't compile anymore on SuSE 10.2!
I think we should build pam modules by default to notice things
like this in the build-farm...
metze
(This used to be commit 1f30ac2905)
the iniparser source code, I do it in a way we can still have
a unmodified copy of iniparser in source/iniparser/
and have the wrapper stuff in source/iniparser_build/.
If the build-farm is happy with this I'll merge it to 3_0_26
tomorrow...
metze
(This used to be commit 43d390d186)
This replaces the internal explicit dev/ino file id representation by a
"struct file_id". This is necessary as cluster file systems and NFS
don't necessarily assign the same device number to the shared file
system. With this structure in place we can now easily add different
schemes to map a file to a unique 64-bit device node.
Jeremy, you might note that I did not change the external interface of
smb_share_modes.c.
Volker
(This used to be commit 9b10dbbd5d)
This removes message_block / message_unblock. I've talked to Jeremy and
Günther, giving them my reasons why I believe they have no effect.
Neither could come up with a counter-argument, so they go :-)
(This used to be commit a925e0991f)
replaced by MSG_FLAG_LOWPRIORITY or'ed into the msg_type. To enable this,
changed the msg_type definitions to hexadecimal.
This way we could theoretically add the MSG_FLAG_NODUPLICATES again, but I
would rather not do this, because that one is racy and can't be guaranteed at
all.
(This used to be commit 3f5eb8a960)
doing this because for the clustering the marshalling is needed in more
than one place, so I wanted a decent routine to marshall a message_rec
struct which was not there before.
Tridge, this seems about the same speed as it used to be before, the
librpc/ndr overhead in my tests was under the noise.
Volker
(This used to be commit eaefd00563)
database backends in place dynamically.
The main abstractions are db_context and db_record, it should be mainly
self-describing, see include/dbwrap.h. You open the db just as you would open
a tdb, this time with db_open(). If you want to fetch a record, just do the
db->fetch() call, if you want to do operations on it, you need to get it with
fetch_locked().
I added dbwrap_file.c (not heavily tested lately) as an example for what can
be done with that abstraction, uses a file per key. So if anybody is willing
to shape that up, we might have a chance on reiserfs again.... :-)
This abstraction works fine for brlock.tdb, locking.tdb, connections.tdb and
sessionid.tdb. It should work fine for the others as well, I just did not yet
get around to convert them.
If nobody loudly screams NO, then I will import the code that uses this soon.
Volker
(This used to be commit e9d7484ca2)
and connections_forall. This centralizes all the routines that did individual
tdb_open("connections.tdb") and direct tdb_traverse.
Volker
(This used to be commit e43e94cda1)
toolchain independent, but since there's no portable method for
doing makefile includes, we can actually use the dependencies with
GNU make. It's easy to add this for other makes, but I don't have
any to test.
This also moves as much m4 as possible into the m4 directory where
no-one has to look at it. AFAICT, there's no way to hide depcomp
in there too, which is unfortunate.
(This used to be commit aa14900f82)
sockets to listen on a little, because in the launchd case these
are provided for us. We also add an idle timeout so that a daemon
can exit after a period of inactivity.
(This used to be commit fc8589a337)
is moving functions around to fix some linker dependencies for the registry.
Michael, I've renamed your auth_utils2.c to token_utils.c.
Thanks!
Volker
(This used to be commit 9de16f25c1)
for copying files from Samba when using Windows Vista Windows
explorer.... :-). By default if you add this I can go on my
vmware sessions from 7MB/sec to 12MB/sec (+1 extra MB/sec if
I turn sendfile on).
Jeremy.
(This used to be commit 97fdd67e83)
to restructure libsmb/smb_signing.c so it isn't in
the base libs path but lives in libsmb instead (like
smb_seal.c does).
Jeremy.
(This used to be commit 1b828f051d)
not just an NTLMSSP - grr. This complicates the re-use of
common client and server code but I think I've got it right.
Not turned on of valgrinded yet, but you can see it start
to take shape !
Jeremy.
(This used to be commit 60fc9c0aed)
these out as I implement. Don't add to SAMBA_3_0_25, this
is experimental code.
NFSv4 you're now officially on notice... :-).
Jeremy.
(This used to be commit 5bfe638f21)
This is a starting point and may get changed. Basically we need follow the
exact same path to detect (K)DCs like other Samba tools/winbind do. In
particular with regard to the server affinity cache and the site-awarness for
DNS SRV lookups.
To compile just call "make bin/smb_krb5_locator.so", copy to
/usr/lib/plugin/krb5/ (Heimdal HEAD) or /usr/lib/krb5/plugins/libkrb5/ (MIT)
and you should immediately be able to kinit to your AD domain without having
your REALM with kdc or kpasswd directives defined in /etc/krb5.conf at all.
Tested with todays Heimdal HEAD and MIT krb5 1.5.
Guenther
(This used to be commit 34ae610bd5)
moment. To use, use something like:
./bin/ndrdump -l bin/smbd winreg winreg_EnumValue in <filename>
or to see what functions are available:
./bin/ndrdump -l bin/smbd winreg
(This used to be commit 0db258c600)
proto should be required before creating any binary from now on.
Remove proto_exists from the all, pam_smbpass, and pam_bindind rule.
(This used to be commit 95d2297974)
not compiled yet. This way the modifications become visible later.
ntvfs/common/notify.c -> smbd/notify_internal.c
ntvfs/sysdep/inotify.c -> smbd/notify_inotify.c
Naturally I had to disable notify again :-)
Volker
(This used to be commit cdb7d582b7)
This allows a provider to supply the homedirectory, etc...
attributes for a user without requiring support in core
winbindd code. The idmap_ad.c module has been modified
to provide the idmap 'ad' library as well as the rfc2307 and sfu
"winbind nss info" support.
The SID/id mapping is working in idmap_ad but the nss_info
still has a few quirks that I'm in the process of resolving.
(This used to be commit aaec0115e2)
complete, in particular the various mask bits are not correctly supported
yet. Checkin in now, I want to see how the build farm likes it.
Volker
(This used to be commit c9a5d011a9)
in the next step we can store them in LDAP to be replicated across DCs.
Thanks to Michael Adam <ma@sernet.de>
Volker
(This used to be commit 3c879745cf)
The main thing here is a rewrite of srv_winreg_nt.c. The core functionality
has moved to registry/reg_api.c which is then usable by the rest of Samba as
well.
On that way it fixes creating keys with more than one element in the
path. This did not work before.
Two things that sneaked in (sorry :-) is the change of some routines from
NTSTATUS to WERROR the removed "parent" argument to regkey_open_internal.
Volker
(This used to be commit fea52801de)
(http://www.centeris.com/) under my copyright.
* Rework error reporting to use DNS_ERROR instead
of int32
* Convert memory allocation to use talloc()
* Generalize the DNS request/response packet marshalling
* Fix the secure update requests
(This used to be commit c787983336)
Convert the low-hanging fruit of the LSA server. This provides a sample how
the server calls can be converted one by one, see the "proxy_lsa_call"
function.
Volker
(This used to be commit 99e54a213a)
we now don't compile mostly each .c file twice.
- we use PICFLAG for all object files
- PICFLAG defaults to PIE_CFLAGS and is then overwritten
if the system supports shared libraries
as we currently always use -fPIE if available
(and at least on linux -fPIE produces the same code as -fPIC)
it doesn't change anything in the resulting code.
"high performance" binaries can be build with
"--disable-pie --disable-shared" if someone really needs to...
metze
(This used to be commit 6db1f57f45)
but disable building of shared libs and modules whe enable_shared != yes
Also make it easier to track down the problem with lost LDFLAGS values
on AIX.
metze
(This used to be commit 3367e306e6)
like negative values in the generated code.
I'm not sure how we can solve that in samba3 as the generated code is commited
Maybe we need to alsways pass --uint-enums
metze
(This used to be commit 9468dcc5d5)
the first is to not enable the ldap ldb backend just yet. This will
need configure tests to conditionally include. We should be able to
use the m4 files from lib/ldb/
The 2nd is to fix libads/gpo.o not to publicly prototype a function
that needs ldap.h
(This used to be commit 1cf17edc14)
This has had some basic testing. I'll do more during the next couple of days and hopefully also
make RPC-SRVSVC from Samba4 pass against it.
(This used to be commit ef10672399)
Many things work (OpenHKLM, etc...) but some still don't.
This shouldn't block anyone so I'm checking it in.
Will probably move to a bzr tree after this for
longer dev cycles between checkins.
(This used to be commit cf1404a0d7)
* Remove the old wkssvc server, client, & parsing code.
* Update srv_wkssvc_nt.c with stubs for the remaining
stubs
(This used to be commit 0cb79ee13f)
We usually do not get the results from user/group script modifications
immediately. A lot of users do add nscd restart/refresh commands into
their scripts to workaround that while we could flush the nscd caches
directly using libnscd.
Guenther
(This used to be commit 7db6ce295a)
- we now define the set of samba related include path in one place
so that we can't get it wrong in different places
metze
(This used to be commit 6bf0aad052)
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28)
initial work. I'm including the librpc/gen_ndr directory
in svn temporarily just to get some compile issues straightened
out.
(This used to be commit cf271aa433)
the LGPL. Original code by Krishna Ganugapati <krishnag@centeris.com>.
Additional work by me.
It's still got some warts, but non-secure updates do
currently work. There are at least four things left to
really clean up.
1. Change the memory management to use talloc() rather than
malloc() and cleanup the leaks.
2. Fix the error code reporting (see initial changes to
dnserr.h)
3. Fix the secure updates
4. Define a public interface in addns.h
5. Move the code in libads/dns.c into the libaddns/ directory
(and under the LGPL).
A few notes:
* Enable the new code by compiling with --with-dnsupdate
* Also adds the command 'net ads dns register'
* Requires -luuid (included in the e2fsprogs-devel package).
* Has only been tested on Linux platforms so there may be portability
issues.
(This used to be commit 36f04674ae)
we want to walk more printing code in the build farm I think doing that with a
customized printing backend is much easier than with a set of shell scripts.
Jerry, comments?
Volker
(This used to be commit 949cd6b992)
ntlm_auth module to allow it to use winbindd cached
credentials.The credentials are currently only stored
in a krb5 MIT environment - we need to add an option to
winbindd to allow passwords to be stored even in an NTLM-only
environment.
Patch from Robert O'Callahan, modified with some fixes
by me.
Jeremy.
(This used to be commit ae7cc298a1)
code is wrong or bad or anything, just that it
needs to be discussed & reviewed on the samba-technical
list before we add a platform-specific NFSv4 mapping.
That way lies a lot of future pain :-).
Jeremy.
(This used to be commit 330899ec30)
modularizes our interface into the special posix API used on
the system. Without this patch the specific API flavor is
determined at compile time, something which severely limits
usability on systems with more than one file system. Our
first targets are AIX with its JFS and JFS2 APIs, at a later
stage also GPFS. But it's certainly not limited to IBM
stuff, this abstraction is also necessary for anything that
copes with NFSv4 ACLs. For this we will check in handling
very soon.
Major contributions can be found in the copyright notices as
well as the checkin log of the vl-posixacls branch. The
final merge to 3_0 post-3.0.23 was done by Peter Somogyi
<psomogyi@gamax.hu>
(This used to be commit ca0c73f281)
