IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
error messages: We relied upon a stat that a directory did not exist to later
on then do the mkdir or not. This does the mkdir directly and copes with a
potential error.
The second one is more important: It's possible with Samba 3 to do a
ntcreate&x with NTCREATEX_OPTIONS_DIRECTORY and we happily do a NT_STATUS_OK.
Also move up the use_nt_status() logic a bit. I think this does not belong
into the core routines, the smb server as such should take care of it.
Jeremy, do you think this should go to 3.0.24?
I'll update samba4torture when the build farm has picked up this checkin.
Volker
(This used to be commit 472fb11f49)
after it's child died unexpectedly whilst the parent
was waiting for a reply. We need to clean up the request
we're not going to service, plus we still need to call
the continuation function with a "False" flag so it
can clean things up. Still testing this, but I think
I'm right.
Jeremy
(This used to be commit 9b04ac0c81)
the network cable out of the machine *exactly*
after the init_dc_connect() call in cm_connect_sam()
or cm_connect_lsa() call succeeded but before any
of the other calls fail, and they have debug level
10 set in the log, then we'd crash due to dereferencing
a now NULL pointer (conn->cli gets set to NULL when
the init_dc_connect() call called from cm_get_schannel_dcinfo()
fails). Yes, before you ask this *did* happen on a
customer site :-).
Jeremy.
(This used to be commit a0278a0cb0)
stuff & friends.
Survives raw-mkdir. I'll activate that tomorrow when all build farm machines
have picked up the changed samba4 torture test.
Volker
(This used to be commit 37e7a3f35f)
* fail on invalid credential flags in pam_sm_setcred
* parse config file for pam_sm_acct_mgmt and pam_sm_open_session
Guenther
(This used to be commit 2a428ac814)
Make sure we route all request to remote DCs via the main process
so that IDMAP can correctly reuse DC connections and use the
async interface.
This fixes also idmap_nss so that it is able to resolve local
group names (requires patch on the samba dc earlier committed
to SAMBA_3_0 to make it resolve both the mapped and the unmapped
name).
Simo.
(This used to be commit 4297510f22)
still needs to contact the DC's for non async requests
like enumerate users/groups etc. Now that online
DC detection is tied to async events we must enable
the processing of events in the main loop of winbindd.
Finally got rid of the last hard coded domain->initialized = 1
code in init_child_recv() - now all domain->initialized = True
gets done only in the connection manager code when either
we're online and have spoken to the DC or are offline and
we know we can't talk to the DC.
Jeremy.
(This used to be commit b3c98057fb)
ncreate does. This is a bit slower (about 10-20%), because it goes touches the
share mode db, but I think not having to call change_owner_to_parent and
friends in fewer places outweighs this. And, mkdir is not the way current
Windows boxes create directories, they do it via the ncreate call.
Volker
(This used to be commit ddae494fbe)
don't have a check online event handler set.
We need to add one once we're been asked to
go back online as this is the only way to actually
go into the online state. Doh ! :-).
Jeremy.
(This used to be commit 5d36c4e031)
A reversed check made it impossile to fallback to the Unix Domain mapping code.
Also fix a potential use of a freed array.
Jerry,
my tests shows that this code now correctly handle the fallback to Unix Domain
when our Domain member is asked for a mapped group that has a unix name different
from the Windows name against a Samba DC and we do not use winbindd but share
users/groups by other means (ldap / sync of passwd and group files)
Immediate Fix would be to discuss if we should answer back when DOMAIN\unixgroup -> SID
is asked for, in the case the unixgroup name is mapped to a different name.
IE: DOMAIN\Domain Admins -> ntadmins
Currently if we are asked for "DOMAIN\Domain Admins" we return the dom admins SID
If we are asked for "DOMAIN\ntadmins we return "not found", but we may consider to
return the Domain admins SID in this case too.
Comments are welcome on this point!
Long term fix I think is the unixinfo pipe and of course an idmap_unixinfo moudle.
Simo.
(This used to be commit 07bdbb4c21)
