IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12399
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 8 17:16:47 CET 2016 on sn-devel-144
(cherry picked from commit ec0297bbd0110f8bfddda2e21d94a882094d1c11)
Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-5-test): Tue Jan 31 11:30:12 CET 2017 on sn-devel-144
This reverts commit 586f8b73b6c189cb825ce2e8817230ca57f87d35.
This patchset slipped in by accident and is not in master yet.
The commit message does not fit to the set of patches, because numerous patches
have been squashed into one commit. It's a rewrite of vfs_fruit.
Reverting until review will be finished and patches are in master.
Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-5-test): Fri Jan 27 09:48:52 CET 2017 on sn-devel-144
Pair-Programmed-With: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jan 12 15:34:25 CET 2017 on sn-devel-144
(cherry picked from commit 7870c645b79da647bae45b4dc95e7d6e9abcd91a)
Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-5-test): Thu Jan 26 12:15:13 CET 2017 on sn-devel-144
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Sat Jan 21 17:00:54 CET 2017 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12535
(cherry picked from commit 5059c8e2e3a6159bc2917ddd80d09fab35b39e66)
Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-5-test): Wed Jan 25 23:47:29 CET 2017 on sn-devel-144
Ensure that it doesn't mangle the rt_tables file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12516
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Jan 17 06:02:23 CET 2017 on sn-devel-144
(cherry picked from commit eaa508b82650197a7d473a24b3362e9e9c329937)
Commit 0ca00267cd2620a14968961738bcd2a69b597e95 removed explicit
continuations in strings for awk programs. In one case this causes a
disconnect between condition and action, where an implicit
continuation does not work. This results in duplicate lines in the
rt_tables file.
Move the opening brace for the action to make the implicit
continuation work as expected.
An alternative would be to revert the removal of the explicit
continuations and add shellcheck tags. However, that doesn't mean
that an author of future code will necessarily use explicit
continuations, so the same mistake might still be make in the future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12516
Reported-by: Barry Evans <bevans@pixitmedia.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit f9368f8e129cb32ee30cb6501a6fe728db37e1d5)
This changed to "ctdb gratarp" some time ago but the scripts were
never updated.
Fix the documentation for the ctdb tool too.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12512
Reported-by: Ralph Böhme <slow@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 5e00a6b346325f52e35b9785eaffd72239aebcf5)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12469
The code to lock multiple databases has been dropped from ctdb_lock.c.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 5b1076dc61f5e3f006c1b8cef98e7d2d3cc1bfba)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12509
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan 10 17:40:58 CET 2017 on sn-devel-144
(cherry picked from commit e84e44ce923e5dc7529bb813e10a2890528a4ab0)
Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-5-test): Thu Jan 12 23:22:28 CET 2017 on sn-devel-144
This avoids the usage of the ccselect_realm logic in MIT krb5,
which leads to unpredictable results.
The problem is the usage of gss_acquire_cred(), that just creates
a credential handle without ccache.
As result gss_init_sec_context() will trigger a code path
where it use "ccselect" plugins. And the ccselect_realm
module just chooses a random ccache from a global list
where the realm of the provides target principal matches
the realm of the ccache user principal.
In the winbindd case we're using MEMORY:cliconnect to setup
the smb connection to the DC. For ldap connections we use
MEMORY:winbind_ccache.
The typical case is that we do the smb connection first.
If we try to create a new ldap connection, while the
credentials in MEMORY:cliconnect are expired,
we'll do the required kinit into MEMORY:winbind_ccache,
but the ccselect_realm module will select MEMORY:cliconnect
and tries to get a service ticket for the ldap server
using the already expired TGT from MEMORY:cliconnect.
The solution will be to use gss_krb5_import_cred() and explicitly
pass the desired ccache, which avoids the ccselect logic.
We could also use gss_acquire_cred_from(), but that's only available
in modern MIT krb5 versions, while gss_krb5_import_cred() is available
in heimdal and all supported MIT versions (>=1.9).
As far as I can see both call the same internal function in MIT
(at least for the ccache case).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12480
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 7c3ea9fe96336483752adb821f8062a883d52998)
Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-5-test): Wed Jan 11 21:46:58 CET 2017 on sn-devel-144
We always have gss_krb5_import_cred(), it available in heimdal
and also the oldest version (1.9) of MIT krb5 that we support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12480
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit b61a93755ca59a58775c1c8c21baee49fef42fbf)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12480
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 6f029d58703f657e46fee35fc663128157db4d9f)
MSG_ID_SYNC is broadcast to each node when a MSG_ID_JOIN has been
received from all nodes. After MSG_ID_SYNC is successfully broadcast,
the join handler is unregistered. However, if another MSG_ID_JOIN is
received before the join handler is unregistered then MSG_ID_SYNC is
re-broadcast. This results in multiple attempts to unregister the
join handler.
Once all MSG_ID_JOIN messages are received, unregister the join handler
to ignore any extra MSG_ID_JOIN messages. Also, make sure that while
join handler is being unregistered, MSG_ID_JOIN messages are ignored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12500
Identified-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jan 6 12:27:23 CET 2017 on sn-devel-144
(cherry picked from commit 4635c22411a7864dd70703f854ec9844816e0294)
ReFS doesn't support compression, but responds to set-compression FSCTLs
with NT_STATUS_OK if (and only if) the requested compression format is
COMPRESSION_FORMAT_NONE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12144
Reported-by: Nick Barrett <nick@barrett.org.nz>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 9 23:14:28 CET 2017 on sn-devel-144
(cherry picked from commit 28cc347876b97b7409d6efd377f031fc6df0c5f3)
This test case was overlooked in the previous bso#12144 update -
set compression requests with format=COMPRESSION_FORMAT_NONE should
succeed if the server / backing storage doesn't offer compression
support.
Confirm that Samba matches Windows Server 2016 ReFS behaviour here.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12144
Reported-by: Nick Barrett <nick@barrett.org.nz>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 6fde123176409e261d955e24b3d28e5124f33bed)
NT_STATUS_ACCOUNT_DISABLED,
NT_STATUS_PASSWORD_RESTRICTION,
NT_STATUS_PWD_HISTORY_CONFLICT,
NT_STATUS_PWD_TOO_RECENT,
NT_STATUS_PWD_TOO_SHORT
now map to PAM_AUTHTOK_ERR (Authentication token manipulation error), which is
the closest match.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=2210
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 69f10080c3765a9b139fbad7f3dc633066fdded2)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12479
Back-port from cherry pick from commit b92cac857823ac2d29133fba2fde57cf58805b45)
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-5-test): Mon Jan 9 13:38:17 CET 2017 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12479
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit e0f1ed9f450851bf5b7fec84577b50047309db3f)
When reinitializing the ctdb messaging subsystem we must free the ctdb
connection fde.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12485
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
The system /etc/krb5.conf defines some defaults like:
default_ccache_name = KEYRING:persistent:%{uid}
We need to respect that so should include it in our own created
krb5.conf file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12441
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 4ef772be3a7259b48253643392574fab28c37916)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12441
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit f464f69b33b40c81d6ee57bebf9d59837431739b)
It can happen that we get 0 cleanup events, so remove this error
message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12396
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Sep 16 16:43:16 CEST 2016 on sn-devel-144
IMPORTANT
=========
this is a backport of commit 7d4b4a429955cf7fd43f3ac83990c5386ac8cd76
that only uses the spelling corrections of comments and the tests
without changing any behaviour. This greatly simplifies the backport.
Changing the option names in the tests without fixing the code means
that this patchset can't be used to run autobuild...
ORIGINAL COMMIT MESSAGE
=======================
Fix all occurences of bad spelling of "resource" as "res*s*ource" (two
s).
One of the places where this was wrong was when parsing parametric
options in the VFS connect() function in the module. As a result any
setting of
fruit:resource=something
in smb.conf was silently ignored and the default ("file") was active.
In Samba 4.6 we accept both the wrong and the correct spelling, in Samba
4.7 the bad spelling will be removed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12412
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(adopted from commit 7d4b4a429955cf7fd43f3ac83990c5386ac8cd76)
Typically smbd should have looked into the idmap cache itself before
contacting winbind. But winbind has internal users of this API (getpwuid
and getgrgid for example), and those need to use the cache too.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12484
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Wed Dec 28 00:06:41 CET 2016 on sn-devel-144
(cherry picked from commit 91d027554e414f371b3237110d1c92033d929992)
Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-5-test): Mon Jan 2 14:34:42 CET 2017 on sn-devel-144
This fixes a performance regression for "hide unreadable". With an empty
gencache, we only do xid2sid calls when reading a large number of acls. We
lost caching the xid2sid calls while implmenting the multiple-id calls,
probably because at that time the bug with ID_TYPE_BOTH backends was still
pending. This patch restores the xid2sid caching hopefully correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12484
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit f7f49a2354c99d95a302f070fe3aa97a949063c8)
When asking for gid2sid with an idmap backend that does ID_TYPE_BOTH
and the sid in question is actually a user, the parent winbind needs
to know about it. The next commit will prime the gencache also after
xid2sid calls, and if we filled it with a ID_TYPE_GID entry, a later
sid2uid call would fail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12484
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 9079dc4f4501c4e868f46de41b82927b69dc78d5)
Redundant RELEASE_IPs gives nodes a preview of where an IP address
will move to. However, if the associated TAKEOVER_IP fails then the
node will actually be unhosted.
This is similar to commit 77a29b37334b9df62b755b6f538fb975e105e1ff.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Dec 16 12:32:02 CET 2016 on sn-devel-144
(cherry picked from commit cd20ced3fb9c71d38450f90224677f21a27d2548)
Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-5-test): Tue Dec 20 16:26:27 CET 2016 on sn-devel-144
Otherwise it prints 4294967295 for the PNN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 2514a9cd17fa9435792308aefdbebcc0a60a68f3)
The GET_PUBLIC_IP_INFO control fails for unassigned addresses because
PNN is CTDB_UNKNOWN_PNN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit a6e5b6abe969e12cf26acf320f2c4bf40b377982)
First argument to talloc_asprintf_append() is the string being
appended to, not a talloc context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit acaa4407ca3be9fb5637790079656f1eabf3848c)
The new hash-table-based method of merging the IP information does not
sort, whereas the RB-tree method implicitly sorted. This probably
only really matters for the "all" case, but sort regardless to ensure
consistent output format.
Sorting has to be done here instead of when printing to ensure
consistency between ip[] and ipinfo[].
No longer reverse the sort order.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 7bcef2f0e2969551134e0d72f0956685eeec10a3)
Add new function ctdb_sock_addr_cmp(), which returns a 3-way result
useful for qsort(3). Reimplent ctdb_sock_addr_same() using this.
In the process, make arguments const so that ctdb_sock_addr_cmp() can
be used with qsort().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 362f066d617c8a186164db613537867329702ab7)
The name of the addresses file to modify is based on the original
selection of a test node at the top of the test. Repeating the
selection a test node can result in a mismatch between the new test
node and the addresses file. This occurs on local daemons, because
the addresses file name has the original node number in it but the
test is being performed on the the newly selected node number.
For some reason this test has only occasionally failed. An upcoming
commit that stops the output of "ctdb ip" from being reversed causes
this test to fail (nearly?) every time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 25aad0df06038d0b595f09d947b9977dcc0ec8a8)
Calling programs expect to cleanly read from STDOUT.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12467
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 9fbd544b90c2b27985637a9bb3fa520f891f8696)
Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-5-test): Wed Dec 14 16:37:10 CET 2016 on sn-devel-144
This test passes against Win2K12 but fails against smbd
without the previous commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12466
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 10 10:11:10 CET 2016 on sn-devel-144
(cherry picked from commit b5c0745b0c99d6cef21b5e7eb695e15aae5d4e38)
Reported and proposed fix by Shilpa K <shilpa.krishnareddy@gmail.com>.
When processing DENY ACE entries for owner rights SIDs (S-1-3-4) the
code OR's in the deny access mask bits without taking into account if
they were being requested in the requested access mask.
E.g. The current logic has:
An ACL containining:
[0] SID: S-1-3-4
TYPE: DENY
MASK: WRITE_DATA
[1] SID: S-1-3-4
TYPE: ALLOW
MASK: ALLOW_ALL
prohibits an open request by the owner for READ_DATA - even though this
is explicitly allowed.
Furthermore a non-canonical ACL containing:
[0] SID: User SID 1-5-21-something
TYPE: ALLOW
MASK: READ_DATA
[1] SID: S-1-3-4
TYPE: DENY
MASK: READ_DATA
[2] SID: User SID 1-5-21-something
TYPE: ALLOW
MASK: WRITE_DATA
prohibits an open request by the owner for READ_DATA|WRITE_DATA - even
though READ_DATA is explicitly allowed in ACE no 0 and is thus already
filtered out of the "access-still-needed" mask when the deny ACE no 1 is
evaluated.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12466
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 29b02cf22f3c0f2d556408e9e768d68c1efc3b96)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12460
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Dec 7 11:52:03 CET 2016 on sn-devel-144
(cherry picked from commit 52fad16f1c20109f352c25832d841ff778b2518a)
