IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Found that because I want to play around with setsharesecurity, for this I
need the "whoami" call figuring out the SID of the currently connected user.
Not activating this test yet until the build farm has picked up the new samba4
revision.
Volker
(cherry picked from commit 5cfe482841)
Why? It moves these structs from the data into the text segment, so they
will never been copy-on-write copied. Not much, but as in German you say
"Kleinvieh macht auch Mist...."
in a lookup_sidX reply isn't optional - like the
lookup_sidX query it needs to be defined in the
struct.
All this will go away with PIDL (thank goodness....).
Jerry - I think this is a showstopper to be merged
for 3.0.25b.
I'll be watching the build farm to see if anything broke.
Jeremy.
Convert the low-hanging fruit of the LSA server. This provides a sample how
the server calls can be converted one by one, see the "proxy_lsa_call"
function.
Volker
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
Remove some unused code: pdb_find_alias is not used anymore, and nobody I
think has ever used the pdb_nop operations for group mapping. smbpasswd and
tdb use the default ones and ldap has its own.
Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right
now really makes use of it, but it feels wrong to throw away information so
early.
Volker
rpc-lsa test even considers NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED not to be an
error.
Before someone re-activates this, show me a working sniff please :-)
Volker
Found that because I want to play around with setsharesecurity, for this I
need the "whoami" call figuring out the SID of the currently connected user.
Not activating this test yet until the build farm has picked up the new samba4
revision.
Volker
1177
In reg_perfcount.c: 1200 1202 1203 1204
In regfio.c: 1243 1245 1246 1247 1251
Jerry, the reg_perfcount and regfio.c ones, can you take a look please? This
is really your code, and I'm not sure I did the right thing to return an
error.
smbcacls.c: 1377
srv_eventlog_nt.c: 1415 1416 1417
srv_lsa_nt.c: 1420 1421
srv_netlog_nt.c: 1429
srv_samr_nt: 1458 1459 1460
Volker
Volker
servers. Also add a new "net rpc audit" tool. The lsa query infolevels
were taken from samb4 IDL, the lsa policy flags and categories are
partly documented on msdn. I need to cleanup the double
lsa_query_info_policy{2}{_new} calls next.
Guenther
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
by saving the UNIX token used to set a delete on close flag,
and using it when doing the delete. libsmbsharemodes.so still
needs updating to cope with this change.
Samba4 torture tests to follow.
Jeremy.
box with gcc4 and -O6...
Fix a bunch of C99 dereferencing type-punned pointer will break
strict-aliasing rules errors. Also added prs_int32 (not uint32...)
as it's needed in one place. Find places where prs_uint32 was being
used to marshall/unmarshall a time_t (a big no no on 64-bits).
More warning fixes to come.
Thanks to Volker for nudging me to compile like this.
Jeremy.
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
printmig.exe assumes that the LUID of the SeBackupPrivlege
on the target server matches the LUID of the privilege
on the local client. Even though an LUID is never guaranteed
to be the same across reboots. How *awful*! My cat could
write better code! (more on my cat later....)
* Set the privelege LUID in the global PRIVS[] array
* Rename RegCreateKey() to RegCreateKeyEx() to better match MSDN
* Rename the unknown field in RegCreateKeyEx() to disposition
(guess according to MSDN)
* Add the capability to define REG_TDB_ONLY for using the reg_db.c
functions and stress the RegXXX() rpc functions.
