IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The package list has some "strange" things in them, but more important is
using the same list everywhere. We can hopefully harmonise the package lists
to a single file in Samba git soom, merging the docker and packer image creation.
Additionally, Travis CI will probably need to move to Docker once we change
beyond Ubuntu 14.04, so it will simple reference the gitlab.com image then.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed Jun 27 07:51:14 CEST 2018 on sn-devel-144
Windows has 'CN=DNS Settings' child object underneath the Server object.
This was causing the removal of the server object in remove_dc() to
fail.
Noticed this problem while testing the backup/restore tool manually
against a Windows VM.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13484
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Jun 26 23:32:51 CEST 2018 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485
Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Björn Baumbach <bb@sernet.de>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 26 20:29:19 CEST 2018 on sn-devel-144
Add quiet command-line argument to allow suppressing the help log
message printed automatically after establishing a smbclient connection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485
Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Björn Baumbach <bb@sernet.de>
Fix flapping test:
[242(3560)/242 at 25m3s] samba4.dsdb.samdb.ldb_modules.audit_log
UNEXPECTED(failure):
samba4.dsdb.samdb.ldb_modules.audit_log.test_operation_json_empty(none)
REASON: Exception: Exception: difftime(after, actual) >= 0
../source4/dsdb/samdb/ldb_modules/tests/test_audit_log.c:74: error:
The tests truncate the microsecond portion of the time, so the
difference could be less than 0.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 26 06:09:46 CEST 2018 on sn-devel-144
Because we have tests for this in the auth audit code, we do not need to have
the complexity of checking that we got DCE/RPC over SMB as an authorization
message here.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
The variable name "ac" typically implies the async context, and the long-life
private context is normally denoted private, not context. This aligns better
with other modules.
talloc_get_type_abort() is now also used.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This is only used for selftest, to send out the log messages for checking.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
These errors are already logged at DBG_NOTICE in get_event_server()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
It is better if this is a known zero value to start, even if we check the errors
correctly.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
NT_STATUS_OBJECT_NAME_NOT_FOUND is not a case we can ignore, it would mean that event_server
is not initialised.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This build target is already --without-ad-dc and is the one we need to ensure is
compatible with a host without the Jansson JSON library.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jun 26 02:03:30 CEST 2018 on sn-devel-144
We still build some of the ldb_modules even when we are not a DC, so we must
split up the DSDB_MODULE_HELPERS.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This allows a --without-ad-dc --enable-selftest build to compile, still testing some
fileserver-only features.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This combination is untested and it is reasonable to require this
broadly available library for the AD DC build.
Doing so keeps the combinational complexity down and ensures we test
what we ship. (It was failing to compile).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is the common location of the audit logging code now
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is not a general purpose profiling solution, but these JSON
logs are already being generated and stored, so this is worth adding.
This will allow administrators to identify long running
transactions, and identify potential performance bottlenecks.
This complements a similar patch set to log authentication duration.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 25 11:16:18 CEST 2018 on sn-devel-144
This is not a general purpose profiling solution, but these JSON logs are already being
generated and stored, so this is worth adding.
Some administrators are very keen to know how long authentication
takes, particularly due to long replication transactions in other
processes.
This complements a similar patch set to log the transaction duration.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This fixes "samba-tool ntacl set -d10"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 23 04:56:44 CEST 2018 on sn-devel-144
there are also mem leaks in this function
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
MIT kerberos 1.13 and older only stores 8 bits of the KVNO. The change
from commit 35b2fb4ff3 resulted in breakage for these kerberos
versions: 'net ads keytab create' reads a large KVNO from AD, and only
the lower 8 bits are stored. The next check then removed the entry again
as the 8 bit value did not match the currently valid KVNO.
Fix this by limiting the check to only 8 bits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13478
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Sat Jun 23 00:57:47 CEST 2018 on sn-devel-144
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jun 22 11:57:19 CEST 2018 on sn-devel-144
Applications (like OpenSSH) don't know about users and and
their relationship to Kerberos principals. This plugin allows that
Kerberos principals can be validated against local user accounts.
Administrator@WURST.WORLD -> WURST\Administrator
https://web.mit.edu/kerberos/krb5-latest/doc/plugindev/localauth.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13480
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jun 21 15:52:02 CEST 2018 on sn-devel-144
../source3/utils/smbget.c: In function ‘smb_download_file’:
../source3/utils/smbget.c:97:27: error: ‘b’ directive output may be truncated writing 1 byte into a region of size between 0 and 19 [-Werror=format-truncation=]
snprintf(buffer, l, "%jdb", (intmax_t)s);
^
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
../source3/registry/reg_perfcount.c: In function ‘reg_perfcount_get_hkpd’:
../source3/registry/reg_perfcount.c:337:29: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
snprintf(buf, buflen,"%d%s", key_part1, key_part2);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
../source4/dsdb/samdb/ldb_modules/samldb.c: In function ‘samldb_add’:
../source4/dsdb/samdb/ldb_modules/samldb.c:424:6: error: ‘found’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (found) {
^
../source4/dsdb/samdb/ldb_modules/samldb.c:348:11: note: ‘found’ was declared here
bool ok, found;
^~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
In case of a failing call to copy_netr_SamInfo3, the allocated memory
for "validation" needs to be free'd before returning.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 20 21:05:40 CEST 2018 on sn-devel-144
The original heimdal code introduces a segmentation fault, due to an
uninitialized pointer. This code does not seem to be tested very well.
Revert "heimdal: Add include/includedir directives for krb5.conf"
This reverts commit 0a6e9b6c0e.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Björn Baumbach <bbaumbach@samba.org>
Autobuild-Date(master): Wed Jun 20 17:48:16 CEST 2018 on sn-devel-144
Running make test TEST=samba4.drs.samba_tool_drs.python results in
BlackboxProcessError: Command '/tmp/samba-testbase/b12/samba/bin/samba-tool drs clone-dc-database samba.example.com --server=localdc -USAMBADOMAIN/Administrator%locDCpass1 --targetdir=/tmp/samba-testbase/b12/samba/bin/ab/tmp/tmpWPo8r3'; exit status 255; stdout: ''; stderr: 'ERROR(<type 'exceptions.NameError'>): uncaught exception - global name 'logging' is not defined
File "bin/python/samba/netcmd/__init__.py", line 177, in _run
return self.run(*args, **kwargs)
File "bin/python/samba/netcmd/drs.py", line 697, in run
logger.setLevel(logging.INFO)
'
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 20 04:08:53 CEST 2018 on sn-devel-144
Fix errors in samba.tests.samba_tool.visualize_drs that with python 3
will generate exception with messages something like
'can't iterate dict_values'
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
When PSOs exist in the DB, there is some extra overhead involved in user
logins (an extra expand-nested-groups operation for every user login).
Currently password_lockout tests are quite query-intensive - each call
to _check_account() does ~6 RPC operations/LDB searches (plus sleeps for
20 millisecs). Plus the actual user login attempt being tested. It looks
like the current test needs to do 3 login attempts/_check_account()
calls within a 2-second window. While the PSO test cases usually work
OK, sometimes they fail (presumably they take slightly longer and fall
outside this 2-second window). Presumably this is due to the cloud
instance's CPU being slightly more loaded when the test is run.
Long-term the plan is to refactor the user login so that the extra
expand-nested-groups operation is unnecessary for PSOs. In the
short-term, increase the window the test uses from 2 seconds to 3
seconds.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The PSO minPwdAge test was using a 1 second timeout. While this seemed
to work fine most of the time, we did see a rackspace failure that was
presumably due to the test taking longer than 1-second to execute
(which resulted in the password not being correctly rejected).
This patch increases the minPwdAge used, to try to avoid this problem
happening.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 19 11:43:16 CEST 2018 on sn-devel-144
Cherry-pick of Heimdal commit fe43be85587f834266623adb0ecf2793d212a7ca
Removed tests and documentation from original commit by
Björn Baumbach <bb@sernet.de>, since we do not ship them.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11573
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Björn Baumbach <bbaumbach@samba.org>
Autobuild-Date(master): Mon Jun 18 15:52:26 CEST 2018 on sn-devel-144
Check asprintf() return value.
Make use of krb5_enomem().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11573
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Alexander Bokovoy <ab@samba.org>