1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

85613 Commits

Author SHA1 Message Date
Andrew Bartlett
1a279f74b7 ldb: Cope with substring match with no chunks in ldb_filter_from_tree
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-24 12:54:18 -07:00
Jeremy Allison
32d0b75afb Note how vfs_gpfs uses the "acl map full control" parameter.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 24 21:24:38 CEST 2013 on sn-devel-104
2013-06-24 21:24:38 +02:00
Jeremy Allison
056e636778 Add missing documentation for vfs_zfsacl.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-24 19:33:34 +02:00
Jeremy Allison
b00d9d2453 Use existing "acl map full control" parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's.
Windows maps an open request of GENERIC_ALL on files to 0x1FF specific bits, which
includes DELETE_CHILD even though this has no meaning on file ACE's. If a returned
NFSv4 ACE entry for a file has all other specific bits set except for DELETE (which
comes from the containing directory) and DELETE_CHILD (which has no meaning) then
optionally add it into the returned ACE entry.

This is using the same parameter in the same way as it is currently used
in smbd/posix_acls.c. Note that as this parameter is on by default, it
is already being tested in the existing raw.acl tests.

Fixes issue with Microsoft SMB2 torture test suite found at the interop event
in Redmond, WA.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-24 19:33:34 +02:00
David Disseldorp
398ee49bda s3/smbclient: fix incorrect command tab completions
smbclient commands can offer tab-completion for local and remote paths.
This behaviour is specified for the first two arguments using the
compl_args entry in the commands struct.
This change fixes a number of incorrectly specified compl_args values.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Aurélien Aptel <aurelien.aptel@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jun 24 19:32:54 CEST 2013 on sn-devel-104
2013-06-24 19:32:53 +02:00
Andrew Bartlett
d544d178f0 build: Remove the struct MD5Context conf file check.
Fix the build.

Reviewed-by: Jeremy Allison <jra@samba.org>
Tested-by: Christian Ambach <ambi@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Mon Jun 24 14:11:09 CEST 2013 on sn-devel-104
2013-06-24 14:11:09 +02:00
Simo Sorce
9b88166f45 lsa4: Fix a set but unused variable warning
Also insure that we exit immediately on any error.

Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 24 12:17:52 CEST 2013 on sn-devel-104
2013-06-24 12:17:52 +02:00
Andrew Bartlett
0ee8650d77 ldb: Ensure not to segfault on a filter such as (mail=)
As reported by Robin McCorkell <xenopathic@gmail.com> triggered by
Mozilla Thunderbird as an LDAP client.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 22 09:33:14 CEST 2013 on sn-devel-104
2013-06-22 09:33:14 +02:00
Steve French
bbe09b3319 Add missing SMB2/SMB3 share capability flag define
SMB3.02 adds SHARE_CAP_ASYMMETRIC

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 21 22:57:16 CEST 2013 on sn-devel-104
2013-06-21 22:57:16 +02:00
Volker Lendecke
06e5401f7b lsa4: Fix a set but unused variable warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
7d5daaa9f4 lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
2448fe3ffe lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
720b4d3932 lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Jeremy Allison
6c49f90965 Fix glusterfs backend crash found at the Microsoft interop event.
Based on a fix originally from Raghavendra Talur <rtalur@redhat.com>.

When a new document is created in explorer, a check for file_exist is made.
vfs_gluster_get_real_filename was returning 0 even when the file did not
exist.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Christopher R. Hertel" <crh@ubiqx.mn.org>
2013-06-21 10:58:47 -07:00
Volker Lendecke
b96cea4aa5 Fix some blank line endings
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
2013-06-21 19:57:06 +02:00
Volker Lendecke
d2642cb1b9 dns: Fix CID 1034969 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 21 17:32:16 CEST 2013 on sn-devel-104
2013-06-21 17:32:16 +02:00
Christian Ambach
ad86e2a599 s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN
when creating a BUILTIN group, make the strategy dependent on passdb backend behavior
1. if passdb is responsible for BUILTIN (normal case), call pdb_create_builtin_alias with gid=0 argument
so it asks winbindd for a gid to be used
2. if passdb is not responsible, ask for a mapping for the group first and let pdb_create_builtin_alias
create the mapping based on the gid that was determined in the mapping request

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 21 12:49:10 CEST 2013 on sn-devel-104
2013-06-21 12:49:10 +02:00
Christian Ambach
2d2d13ee61 s3:passdb add a gid argument to pdb_create_builtin_alias
make it possible to skip the allocation of a new gid from winbind
by specifying the gid to be used

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:24 +02:00
Christian Ambach
212baedcd5 s3:utils/net_sam make use of pdb_create_builtin helper function
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:24 +02:00
Christian Ambach
df41835eea s3:passdb expose pdb_create_builtin function
this one first tries to map the principal before
allocating a new gid

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:23 +02:00
Christian Ambach
6a048b424a s3:passdb/pdb_tdb add parameter to control handling of BUILTIN
with tdbsam:map builtin, one can control if tdbsam should
be used to map entries from BUILTIN or not.
By default, they will be mapped (as in older releases)

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:23 +02:00
Christian Ambach
324b3cc00c s3:passdb/pdb_ldap remove an unnecessary check
as general passdb code already verifies for which
idmap domains the module is responsible, requests for
other domains should not come in here any more

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:22 +02:00
Christian Ambach
01e094b53f s3:passdb/pdb_ldap make the module handle well-known
overwrite the passdb defaults and let this module handle well-knowns

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:21 +02:00
Christian Ambach
987de8a971 s3:passdb make pdb_sid_to_id honor backend responsibilities
only ask passdb backend for mapping if it is responsible

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:21 +02:00
Christian Ambach
55dd9e6a9c s3:passdb/pdb_samba_dsdb make the module handle well-known
overwrite the passdb defaults and let this module handle well-knowns

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:20 +02:00
Christian Ambach
56df37d332 s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functions
ask passdb to determine if sid/object should be handled by passdb or not

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:20 +02:00
Christian Ambach
0ad38d777f s3:passdb add pdb_*_is_responsible_for* functions
allows PDB modules to specify for which special domains they
are responsible when it comes to SID->xid conversion

By default, passdb modules will be responsible for local BUILTIN,
local SAM and Unix Users/Groups

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:19 +02:00
Christian Ambach
9eb67f259f s3:passdb add idmap control functions
make it possible for each backend to specify for which domains
it should be asked for SID->xid mappings

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:19 +02:00
Christian Ambach
0ad89c3cc9 s3:passdb/samba_dsdb fix some compiler warnings
about gids and group_sids being potentially uninitialized

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:18 +02:00
Christian Ambach
e211b5c5d2 s3:passdb/samba_dsdb fix a compiler warning
about discarding const modifier

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:18 +02:00
Christian Ambach
e17bc56caf s3:utils/net_lookup fix a format-error
clang complains about short being used for unsigned as format-error

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:17 +02:00
Andrew Bartlett
88c72fceb1 s4-winbind: Add special case for BUILTIN domain
This should mean that lookups for the BUILTIN domain cause less trouble
then they have in the past, because they will no longer go via the
trusted domain handler.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
2013-06-20 15:30:00 +02:00
Jeremy Allison
d4091c5809 Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in "EOF on stdin"
Only install the stdin handler if it's a pipe or fifo.

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-20 13:41:01 +02:00
Andrew Bartlett
fc13489c91 build: Build with system md5.h on OpenIndiana
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5.  I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.

This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-19 21:32:36 +02:00
Jeremy Allison
5c4772ec1d Re-add umask(0) code removed by commit 3a7c2777ee
Without the umask code the pipe permissions are affected by the
umask of the calling process. As only smbd currently sets its
umask to zero (nmbd and winbindd should do the same) this causes
the winbindd pipe to be unavailable to the nss library code unless
winbindd is run from an init process that explicitly sets umask
to zero. When testing from the command line this can be hard to
track down :-).

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 18 04:31:27 CEST 2013 on sn-devel-104
2013-06-18 04:31:27 +02:00
Jeremy Allison
fcc43cfbe3 Fix xx_path() - return check from mkdir() is incorrect.
This is very old code, but mkdir() fails with -1, not 0.
Only print the error message is mkdir failed with anything
other than EEXIST.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-18 02:41:10 +02:00
David Disseldorp
d924da9bc8 docs/vfs_catia: rework man page
The vfs_catia man page refers to two configuration variants, one
applying to Samba <= 3.4.x and one referring to Samba >= 3.5.x.
This change removes all information specific to Samba <= 3.4.x, as such
versions have been discontinued.

This change also improves formatting and nomenclature: configuration
parameters, examples and caveats are split into separate sections, and
server-side/client-side terms replace the ambiguous use of Unix and
Windows.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 17 23:23:57 CEST 2013 on sn-devel-104
2013-06-17 23:23:57 +02:00
David Disseldorp
8ac17fff80 docs/vfs_catia: remove space-char mapping recommendation
The vfs_catia man page currently recommends the mapping of server-side
space-characters (0x20) to client-side plus-minus characters (0xb1).

This recommendation should not be made, as 0x20 is a valid filename
component on both system character sets.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-17 12:26:56 -07:00
David Disseldorp
8d759658a0 vfs_catia: use translate direction enum instead of int
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-17 12:26:36 -07:00
Christof Schmitt
4cd7e1d283 vfs_streams_xattr: Do not attempt to write empty attribute twice
The create disposition FILE_OVERWRITE_IF is mapped to the flags
O_CREAT|O_TRUNC. In vfs_streams_xattr, this triggers two calls to
SMB_VFS_SETXATTR. The second can fail if O_EXCL is also set, resulting
in an unnecessary error.

Merge the identical code to handle O_CREAT and O_TRUNC to avoid setting
an empty attribute twice. Also add the flags parameter to the debug
message.

Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-17 10:41:46 -07:00
Volker Lendecke
9f25ad44a9 librpc: Shorten dcerpc_binding_handle_call a bit
... saves 200 bytes on 64 bit Linux with -O3

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 14 22:27:43 CEST 2013 on sn-devel-104
2013-06-14 22:27:43 +02:00
Volker Lendecke
7982d2aff8 librpc: Use tevent_req_poll_ntstatus
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-06-14 20:30:33 +02:00
Volker Lendecke
20bede7baa libsmbclient: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-06-14 20:30:33 +02:00
Volker Lendecke
fffb70168d tsocket: Add some const
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-06-14 20:30:33 +02:00
Volker Lendecke
cf86f3e81b gencache: Simplify gencache_init a bit
Use the implicit cleanup facility CLEAR_IF_FIRST provides

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-06-14 20:30:33 +02:00
Volker Lendecke
c71d6ecbcb genrand: Slightly simplify do_reseed
The only caller set "use_fd" to "true".

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 14 20:29:56 CEST 2013 on sn-devel-104
2013-06-14 20:29:56 +02:00
Volker Lendecke
dd0e38b5fe tevent: Fix Coverity ID 989236 Operands don't affect result
"unsigned" could be less than uint64_t, so idx==UINT64_MAX is always false.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-14 09:31:39 -07:00
Stefan Metzmacher
f1781adb05 dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
2013-06-13 18:19:24 +02:00
Stefan Metzmacher
122214b16b dsdb: don't allow a missing nTSecurityDescriptor in dsdb_get_sd_from_ldb_message()
Every object has a nTSecurityDescriptor attribute.

This also avoids potential segfaults in the callers.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-06-13 14:18:27 +02:00
Stefan Metzmacher
5959affa03 dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check searches
We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
Also the result of this search not controlled by the client
nor is the result exposed to the client.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-13 13:57:42 +02:00