IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Skip tdb migration of printer and security descriptor entries which
refer to non-existent printers.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Jun 30 10:54:23 CEST 2011 on sn-devel-104
My previous patches fixed up all direct TDB callers, but there are a
few utility functions and the db_context functions which are still
using the old -1 / 0 return codes.
It's clearer to fix up all the callers of these too, so everywhere is
consistent: non-zero means an error.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This is a helper for the common case of opening a tdb with a logging
function, but it doesn't do all the work, since TDB1 and TDB2's log
functions are different types.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Since TDB2 functions return the error directly, tdb_errorstr() taken an
error code, not the tdb as it does in TDB1.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
TDB2 returns a negative error number on failure. This is compatible
if we always check for < 0 instead of == -1.
Also, there's no tdb_traverse_read in TDB2: we don't try to make
traverse reliable any more, so there are no write locks anyway.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
TDB2 returns a negative error number on failure. This is compatible
if we always check for != 0 instead of == -1.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
TDB2 returns a negative error number on failure. This is compatible
if we always check for != 0 instead of == -1.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
The parsing code made some strange assumptions about what is a printer
name, and what is a comment.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri May 20 22:52:23 CEST 2011 on sn-devel-104
This way we can configure which rpc service we actually want to connect to.
By default it uses an "embedded" interface and calls rpc_pipe_open_internal()
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri May 13 14:40:26 CEST 2011 on sn-devel-104
we deal with lp_cups_server in cups_connect() already, inside the URI all our
other cups functions we use ipp://localhost, do the same here.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed May 11 11:36:07 CEST 2011 on sn-devel-104
We never free the request in our cups api usage except for here. The reason is
probably htis (from the cupsDoConnect API docs):
"This function sends the IPP request to the specified server, retrying and
authenticating as necessary. The request is freed with ippDelete() after
receiving a valid IPP response."
Revert "Fix a memory leak in cups_pull_comment_location"
This reverts commit fee2664dad.
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue May 10 17:32:58 CEST 2011 on sn-devel-104
We create a fake connection here and don't have an vuid. So work with
the session_info directly here.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Apr 11 22:56:12 CEST 2011 on sn-devel-104
As found by valgrind, tmp_pcap_cache is not freed following printer list
tdb update.
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Mar 16 16:37:58 CET 2011 on sn-devel-104
There is currently a lot of duplicate code included for processing
responses to CUPS_GET_PRINTERS and CUPS_GET_CLASSES requests. This
change splits this code into a separate function.
Signed-off-by: Andreas Schneider <asn@samba.org>
Use printcap IDL for marshalling and unmarshalling messages between cups
child and parent smbd processes. This simplifies the IPC and ensures
the parent is notified of cups errors encountered by the child.
https://bugzilla.samba.org/show_bug.cgi?id=7994
Signed-off-by: Andreas Schneider <asn@samba.org>
cups_async_callback() is called to receive new printcap data from a
child process which requests the information from cupsd.
Newly received printcap information is stored in a temporary printcap
cache (tmp_pcap_cache). Once the child process closes the printcap IPC
file descriptor, the system printcap cache is replaced with the newly
populated tmp_pcap_cache, however this only occurs if tmp_pcap_cache is
non null (has at least one printer).
If the printcap cache is empty, which is the case when cups is not
exporting any printers, the printcap cache is not replaced resulting in
stale data.
https://bugzilla.samba.org/show_bug.cgi?id=7915
Signed-off-by: Andreas Schneider <asn@samba.org>
The cups local_pcap_copy global served as a temporary buffer during
asynchronous cups printcap cache updates, as well as indicating when
the printcap cache had not yet been filled and printcap cache update
should block.
As smbd printcap reads are now triggered by the parent smbd following
printcap cache update, the variable and blocking mechanism are no longer
needed.
Signed-off-by: Andreas Schneider <asn@samba.org>
Configuring force user/group settings for the print$ share currently has
unexpected results, this is explained by how the driver upload/add
process takes place. Consider the following example:
[print$]
path = /print-drv
write list = $DRIVER_UPLOAD_USER
force group = ntadmin
- the client connects to the [print$] share and uploads all driver
files to the /print-drv/W32X86 directory.
- This is permitted, as /print-drv/W32X86 is owned by group ntadmin, and
the "force group = ntadmin" takes effect for the [print$] session.
- Once all files are uploaded, the client connects to the [ipc$]
share and issues an AddPrinterDriverEx spoolss request.
- In handling this request move_driver_to_download_area() is called,
which attempts to create the directory /print-drv/W32X86/3
- The create directory fails, as it is done as the user connected to
the [ipc$] share which does not have permission to write to the driver
directory. The [print$] "force group = ntadmin" has no effect.
This is a regression from previous behaviour prior to the commit:
783ab04 Convert move_driver_to_download_area to use create_conn_struct.
https://bugzilla.samba.org/show_bug.cgi?id=7921
Signed-off-by: Andreas Schneider <asn@samba.org>
samba3.posix_s3.rpc.spoolss.driver fails with the xattr_tdb vfs module
loaded as a part of make test. The (now checked) create_directory() call
in move_driver_to_download_area() fails, uncovering another bug in the
printer driver upload code path.
move_driver_to_download_area() creates a new conn_struct for
manipulating files in [print$]. The VFS layer is plumbed through with
the call to create_conn_struct(), however SMB_VFS_CONNECT() is never
called. Many vfs modules expect state stored at connect time with
SMB_VFS_HANDLE_SET_DATA() to be available on any IO operation and fail
if this is not the case.
This fix adds a call to SMB_VFS_CONNECT() in create_conn_struct() prior
to IO.
https://bugzilla.samba.org/show_bug.cgi?id=7976
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 2 01:16:30 CET 2011 on sn-devel-104
WERR_ACCESS_DENIED errors are mapped to WERR_UNKNOWN_PRINTER_DRIVER,
resulting in incorrect error messages on Windows clients.
move_driver_to_download_area() returns the same error status values
to the caller via the *perr argument as well as the return value.
The create_directory() call is not checked for error.
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This will allow the auth_serversupplied_info struct to be migrated
to auth_session_info easier.
Adnrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
metze
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Fri Jan 21 13:14:49 CET 2011 on sn-devel-104
printer_list_need_refresh() was used previously to ensure one smbd
process did not attempt to update the printer_list tdb during or soon
after update by another smbd.
It is no longer needed, as pcap updates are now only performed by the
parent smbd process following startup, SIGHUP, config update or printcap
cache time expiry.
Callers of pcap_cache_replace() assume the existing printcap cache is
replaced by the new values provided. This is not currently the case,
old entries should be removed.
Since commit eada8f8a, updates to the cups pcap cache are performed
asynchronously - cups_cache_reload() forks a child process to request
cups printer information and notify the parent smbd on completion.
Currently printer shares are reloaded immediately following the call to
cups_cache_reload(), this occurs prior to smbd receiving new cups pcap
information from the child process. Such behaviour can result in stale
print shares as outlined in bug 7836.
This fix ensures print shares are only reloaded after new pcap data has
been received.
Pair-Programmed-With: Lars Müller <lars@samba.org>
The tdb traverse function returns the number of elements traversed, or
less than zero on error, printer_list_traverse() is incorrectly checking
for non-zero return.
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Mon Dec 20 18:44:41 CET 2010 on sn-devel-104
Not needed - privileges code prevents "enable privileges = no" from adding privileges
anyway.
This reverts commit a8b95686a7.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 23:41:36 UTC 2010 on sn-devel-104
to maintain compatibility with smb.conf manpage.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 18:15:48 UTC 2010 on sn-devel-104
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
It is not universally guaranteed that an enum is represented as a uint32_t.
This starts to be THE BUG (tm) in Samba. What can I do to explain this
to people a bit better? It seems that the verbose explanations I put into
the recent checkins fixing similar bugs are not clear enough.
Anybody who does is not 100% clear about what this patch fixes please
contact me directly so that we can talk it through on the phone to agree
on a wording that everybody can understand.
Thanks,
Volker
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open
without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt
this is still safe to use as if opening an existing tdb the new
hash will be ignored - it's only used on creating a new tdb not
opening an old one.
Jeremy.
This does a length-limited check, and so avoids reading beyond the
allocated memory if the server sends less than 16 bytes.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This new call is available in the merged privileges code, and
takes an enum as the parameter, rather than a bitmask.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
