IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
This feature got broken in some of the other updates.
Now each open handle stores an pointer to an open tdb
data structure (not the tdb pointer itself).
Clearing can be done with a simple elog_close_tdb( elog, True )
to force a close and then calling elog_open_tdb( logname, True )
to force an tdb truncate. Permissions on existing tdbs are
maintained which is important.
* We don't currently handle backup. Haven't looked at the
format of a backuped up eventlog to know what the deal is.
(This used to be commit 2df34c9403446d12f1ceeac38cbda5d3ba805b02)
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
* rewrote the tdb layout of privilege records in account_pol.tdb
(allow for 128 bits instead of 32 bit flags)
* migrated to using SE_PRIV structure instead of the PRIVILEGE_SET
structure. The latter is now used for parsing routines mainly.
Still need to incorporate some client support into 'net' so
for setting privileges. And make use of the SeAddUserPrivilege
right.
(This used to be commit 41dc7f7573c6d637e19a01e7ed0e716ac0f1fb15)
still doing more testing, but it fixes a behaviour that we've been wrong
on ever since the start of Samba.
Jeremy.
(This used to be commit 894cc6d16296b934c112786eec896846156aee5d)
(no need to include all of smbd files to use some basic sec functions)
also minor compile fixes
couldn't compile to test these due to some kerberos problems wirh 3.0,
but on HEAD they're working well, so I suppose it's ok to commit
(This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
Needs to be rewritten to use a reference counter, but this
will work for now.
also the memory allocation in the printing code needs to be cleaned
up to use talloc exclusively.
(This used to be commit 3d293027563b36411b7f84ed9d8f47f926271c6f)
This replaces the universal group caching code (was originally
based on that code). Only applies to the the RPC code.
One comment: domain local groups don't show up in 'getent group'
that's easy to fix.
Code has been tested against 2k domain but doesn't change anything
with respect to NT4 domains.
netsamlogon caching works pretty much like the universal group
caching code did but has had much more testing and puts winbind
mostly back in sync between branches.
(This used to be commit aac01dc7bc95c20ee21c93f3581e2375d9a894e1)
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
degree of seperation betwen reading/writing the raw NamedPipe SMB packets
and the matching operations inside smbd's RPC components.
This patch is designed for no change in behaviour, and my tests hold that to be
true. This patch does however allow for the future loadable modules interface
to specify function pointers in replacement of the fixed state.
The pipes_struct has been split into two peices, with smb_np_struct taking the
information that should be generic to where the data ends up.
Some other minor changes are made: we get another small helper function in
util_sock.c and some of the original code has better failure debugs and
variable use. (As per on-list comments).
Andrew Bartlett
(This used to be commit 8ef13cabdddf58b741886782297fb64b2fb7e489)
- gss error code patch from a.bokovoy@sam-solutions.net
- better sid dumping in ads_dump
- fixed help in wbinfo
(This used to be commit ee1c3e1f044b4ef62169ad74c5cac40eef81bfda)
activate you need to:
- install krb5 libraries
- run configure
- build smbclient
- run kinit to get a TGT
- run smbclient with the -k option to choose kerberos auth
(This used to be commit d33057585644e1337bac743e25ed7653bfb39eef)
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor
limit that we hit with nasty consequences on some systems
I would eventually prefer us to have a configure test to see if we need
to replace stdio, but for now this code needs to be tested widely so
I'm enabling it by default.
(This used to be commit 1af8bf34f1caa3e7ec312d8109c07d32a945a448)
- added WERROR for win32 error codes
- added a configure test for immediate structures
still lots to do, so its not enabled by default, but the main
structure is there
(This used to be commit 24f9ab683dec52587ee56717e821b49c0fa3d70f)
major changes include:
- added NSTATUS type
- added automatic mapping between dos and nt error codes
- changed all ERROR() calls to ERROR_DOS() and many to ERROR_NT()
these calls auto-translate to the client error code system
- got rid of the cached error code and the writebmpx code
We eventually will need to also:
- get rid of BOOL, so we don't lose error info
- replace all ERROR_DOS() calls with ERROR_NT() calls
but that is too much for one night
(This used to be commit 83d9896c1ea8be796192b51a4678c2a3b87f7518)
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267960e56005a741817ebd227ecfc512a)
it will avoid problems with lists being longer than 1024 bytes
just now only ip list parameters have been converted to the new type
(hosts allow, hosts deny, ssl hosts, ssl hosts resign)
(This used to be commit e1572f85d6247b760db10825b2fa688d7ed50bd3)
- cleaned up GNUC printf attribute macros
- added enum handling in mkproto
- removed non-vararg code
- made slprintf and vslprintf just macros for snprintf and vsnprintf
- don't need slprintf code any more
(This used to be commit c7aeb2254dfc3cd0aa0b6c0bdd426f9323be0ddf)
Currently does exactly the same thing (returns ACLs the same way). This
code is written to try and get a POSIX ACL via the abstract sys_XX interface,
then fall back to providing a UNIX based ACL if the calls fail. Seems to
work. Next step is to add a --with-posix-acls to configure.in and then
check on a POSIX ACL system that a complex ACL is returned correctly
as an NT ACL. Note that the ACL set (a more complex problem) is not
addressed yet.
Jeremy.
(This used to be commit 4339e20202a876dbadc07980b731f711463b7299)
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
Added a become_root()/unbecome_root() (push/pop security context)
around the initgroups() call to ensure it would succeed. Hmmm - I
wonder if this call being done as non-root might explain any "group access"
bugs we've had in the past....
Jeremy.
(This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0)
semi-connection and a rpcclient prompt, but no functionality there yet.
Will be a few more days on that.
--jerry
(This used to be commit 269051aa0c52728278a1d290148564f11cf7f189)
