IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Else SAFE_FREE seg faults. Thanks to Günther for pointing me at this.
I've implemented in in this was as we should announce to remove the
idmap_ strip stuff after some time at all.
(This used to be commit 6a5bf399a5)
On a Windows share, a file with read-only dosmode can be opened with
DELETE_ACCESS. But on a Samba share (delete readonly = no), it
fails with NT_STATUS_CANNOT_DELETE error.
This semantic causes a problem that a user can not
rename a file with read-only dosmode on a Samba share
from a Windows command prompt (i.e. cmd.exe, but can rename
from Windows Explorer).
Jeremy.
(This used to be commit dd185c7aa8)
If we detect a leading 'idmap_' for the idmap backend setting we strip
this and inform about the deprecated config with DEBUG 0.
I'm not sure if we should set a TTL of one year or five additional
releases from now for this code.
This is required for the changes Günther made as the first step to solve
bug #3264. With this fix we can even run with an old config. This is
very important as we else will break existing configurations with an
update.
(This used to be commit 34c7d8c069)
Introduces level 9 of getuserinfo and allows to successfully install MS SMS2003
on a member of a Samba domain. Also added support for this level in rpcclient.
The code for infolevel 9 is modelled upon Samba-TNG by Alex Deiter.
Jerry, we need this in 3.0.21b.
(This used to be commit 93461646ce)
Finally cleanup the way idmap modules are build and loaded, idmap_rid
now will have to be loaded without prefix, just "rid".
Guenther
(This used to be commit a77e02177d)
Correctly handle the case where users logon with an expired password.
In that case pam_sm_authenticate has to return PAM_SUCESS instead of
PAM_NEW_AUTHTOK_REQD or PAM_AUTHTOK_EXPIRED and pam_sm_acct_mgmt has to
take care of requesting an immediate password change. (see the Linux PAM
documentation).
Fixes Bugzilla #1524, #3205. Tested with login, sshd, kdm and gdm on
Linux.
Thanks to Scott Barker <Scott_Barker@mtechIT.com>.
Guenther
(This used to be commit 4cb662ffd7)
always linearize into little-endian. Should fix all
Solaris issues with this, plus provide a cleaner base
moving forward for cluster-aware Samba where smbd's
can communicate across different compilers/architectures
(eventually these message will have to go cross-machine).
Jeremy.
(This used to be commit d01824b785)
Simplify the interfaces to domain trusts a bit: Nothing outside secrets.c
needs to know we're storing stuff in ucs2.
Volker
(This used to be commit a01fa43ed2)
oplocks across the cluster. Adapt Samba to it.
The gpfs API is called via libgpfs.so. This code is written with dlopen(), so
that you can compile on a system with gpfs installed and later on run on
systems without gpfs available.
So to actually make Samba call gpfs share mode calls you need to compile with
gpfs.h and libgpfs.so around and set 'gpfs share = yes' on the shares you
export from GPFS.
Volker
(This used to be commit 2253b17a1a)
do not open connection when only looking for cached connection; also, fix crash caused by missing initialization following recent locale changes
(This used to be commit 0070d816ab)
When enumerating what could be a server name or a workgroup name, first
check for an existing server structure. If none exists, then go through
the previous determination of whether it's a serrver or a workgroup. This
should avoid doing a NetBIOS name query each time, if we've already
connected to the specified server. (While we're at it, clean up indenting
and line length in this area of code.)
(This used to be commit 85e4cab1d9)
revert immediately previous change and fix problem correctly. Interfaces were being loaded before all configuration files had been read. *This* should fix byg 3336.
(This used to be commit ded5fceef1)
add" with "Server is unwilling to perform". Seems we have to put in the
same userAccountControl bits the server would pick when we wouldn't send
them at all.
Guenther
(This used to be commit fd5da5875c)
talloc_string_sub. Someone with time on his hands could convert all the
callers of all_string_sub to this.
realloc_string_sub is *only* called from within substitute.c, it could be
moved there I think.
Volker
(This used to be commit be6c9012da)
Jeremy, there's a #ifdef'ed 0 call to this in your usershare code. We need to
talk about what exactly what you intend to do here and in what scenarios.
Volker
(This used to be commit 95094ef758)
Ensure it returns a BOOL.
Jerry (and anyone else) please check this, I think
all uses are now correct but could do with another
set of eyes. Essential for 3.0.21 release.
Jeremy.
(This used to be commit 0c7b8a7637)
to make the dev/inode numbers match what SFU expects.
If we're using 8 byte inodes we'll lose the top 4 bytes
and replace them with a dev_t instead, but this seem
reasonable to ensure uniqueness.
Jeremy.
(This used to be commit e53574d0b4)
account is disabled. If we get this we can't check
the password so have to tell the client the account
was disabled.
Jeremy.
(This used to be commit 43c2d545ab)
Ensure that when libsmbclient copies a cli, it prevents the cli from later
being freed, by turning off the 'allocated' flag.
Change a DEBUG message in pipe_open code from level 0 to level 1 since
libsmbclient is now regularly attempting to open a pipe for share enumeration,
and falling back to RAP if RPC is unavailable (e.g. win98). We don't want
the debug message to display when the pipe open fails, under these normal
circumstances.
(This used to be commit 965025c057)
1. Fix a crash bug which should have reared its ugly head ages ago, but for
some reason, remained dormant until recently. The bug pertained to
libsmbclient doing a structure assignment of a cli after having opened a
pipe. The pipe open code makes a copy of the cli pointer that was passed
to it. If the cli is later copied (and that cli pointer that was saved
is no longer valid), the pipe code will cause a crash during shutdown or
when the copied cli is closed.
2. The 'type' field in enumerated shares was not being set correctly with
the new RPC-based mechanism for enumerating shares.
(This used to be commit 62a02b8f2a)
that have open file handles to allow them to correctly
implement delete on close. There is a further correctness
fix I'm intending to add to this to cope with different share
paths, but not right now...
Jeremy.
(This used to be commit 932e337db8)
revving the minor version number for libsmbsharemodes (we
now have a new _ex interface that takes the share path
as well as the filename). Needed for #3303. Some code written
by SATOH Fumiyasu <fumiya@samba.gr.jp> included in the changes
to locking/locking.c. The smbstatus output is a bit of a mess
and needs overhauling...
Jeremy.
(This used to be commit 9d93af713f)
Use the subtree delete ldap control when running 'net ads leave'
to ensure that the machine account is actually deleted.
(This used to be commit e96000c16c)
the name (must be abolute - start with /, must not end in /,
must have ./ and ../ removed). Of course for realpath resolved
paths this won't be the case but for others we need this name
to be canonicalized. This name is going into the sharemode db
for #3303 so needs to be in a normalized format.
Jeremy.
(This used to be commit 22e3300911)
nested group support. Always add the BUILTIN\Administrators
SID to a Domain Admins token.
This solves the extra steps of establishing a group map for
the local Administrators SID in order to control services.
Windows also tends to expect the Administrators group to be
usable when setting up security permissions on shares.
Volker's work will probably fix this long term, but this
gets us past some of the setup hurdles for 3.0.21.
(This used to be commit 170b6a68bc)
* Add a few new error codes for disabled services
* dump some more details about service status in 'net rpc service'
* disable the WINS and NetLogon services if not configured in smb.conf
Still trying to figure out how to disable the start button
on the NetLogon and WINS services.
(This used to be commit c0f54eeebc)
use it as though it were an in-memory db and dump out to
a flat file every 2 mins, but that can now change.
Jeremy.
(This used to be commit a342681792)
installlibmsrpc. This works the same way as we're already doing it for
libsmbclient. Default is to build it.
Add a soname to libmsrpc as we do it for libsmbclient. We already had
the MAJOR and MINOR variable in the Makefile.
(This used to be commit 6794d44099)
version.
The IRIX 6.2 version is still without this check as I'm not sure if
setmntent() is implemented in the same way.
(This used to be commit 519ed7ca0e)
box with gcc4 and -O6...
Fix a bunch of C99 dereferencing type-punned pointer will break
strict-aliasing rules errors. Also added prs_int32 (not uint32...)
as it's needed in one place. Find places where prs_uint32 was being
used to marshall/unmarshall a time_t (a big no no on 64-bits).
More warning fixes to come.
Thanks to Volker for nudging me to compile like this.
Jeremy.
(This used to be commit c65b752604)
Windows XP box, smbspool has to mimic smbclient behaviour and also send
a password-less NTLMSSP session setup.
Guenther
(This used to be commit 1136862e6d)
We came to the conclusion that changing the default is something that has to
wait one or two more releases, but it will happen one way or the other.
Volker
(This used to be commit 30fcdf84d8)
talloc_describe_all() function. Fix smbcontrol <pid> pool-usage
as we desparately need it working in the field to track down
memory leaks. Seriously, when new functionality like the
Samba4 talloc is added, don't just disable working functionality
like "pool-usage", fix the damn thing first !
Jeremy.
(This used to be commit 2e262a75cc)
Fix that, and also add in comments for all possible CL and CO PDU
types. Make sure we process them correctly.
Jeremy.
(This used to be commit 672113a627)
"As a special case for directories with large numbers of files, if the
case options are set as follows, "case sensitive = yes", "case
preserve = no", "short preserve case = no" then the "default case"
option will be applied and will modify all filenames sent from the client
when accessing this share."
This is needed as fixing the case preserve rules to only apply to
new filenames broke the large directory fix. Glad we caught this
before release. Thanks to jht for this one.
Jeremy.
(This used to be commit abc21cc732)
get_time_zone() was overwriting static buffer returned by
gmtime(). Lars - this is a mandatory fix for the next patch...
Jeremy.
(This used to be commit 68d03a7a74)
search enumeration, fixed count of groups and users to return
zero if we're getting domain info on the builtin domain (need
to fix the enumgroup and enumuser calls also). Added count_sam_aliases
to return the correct alias count. Need to push the SID arg
down into the group mapping interface so we only return the
correct aliases. Upped passdb version numer for Volkers
changes. SAM-MYSQL guys - you will need to fix your backend
now. More tests needed.
Jeremy.
(This used to be commit b53d5cd565)
samr_lookup_rids twice. It was done in the srv_samr_nt.c code as well as in
the pdb module. Remove the latter, this might happen more often.
Volker
(This used to be commit 57f0cf8cdd)
static.
One long overdue simplification: Change local_lookup_sid to local_lookup_rid
its responsible for "our" domain only, in fact it checked for it.
Volker
(This used to be commit 35ba5e083c)
no. This changes our default behaviour.
Sorry, Ingo, this *is* a bug that needs fixing.
Jerry, you might want to put a marker into the WHATSNEW.txt when this is due.
Volker
(This used to be commit 6622db97bb)
setup comes in with the vc (virtual connection) field set to zero. This is
done by Windows, probably you can tweak that by some registry key.
This boolean option controls whether an incoming session setup
should kill other connections coming from the same IP. This matches
the default Windows 2003 behaviour.
Setting this parameter to yes becomes necessary when you have a flaky
network and windows decides to reconnect while the old connection
still has files with share modes open. These files become inaccessible
over the new connection.
The client sends a zero VC on the new connection, and Windows 2003
kills all other connections coming from the same IP. This way the
locked files are accessible again.
Please be aware that enabling this option will kill connections behind
a masquerading router.
Volker
(This used to be commit 5629ca1623)
call START_TLS again after rebinding to another LDAP server. (ldaps://
uri's are handled at by recent versions of OpenLDAP).
Guenther
(This used to be commit 3ccea032cb)
Also allow to use START_TLS in the pdb_nds_update_login_attempts
function when doing simple binds to eDir.
Guenther
(This used to be commit 04a3ac5e50)
results. We now cache them for 10 seconds, down from 30 seconds
(however each re-use will refresh the idle timeout). Any set calls
will flush the cache.
Jeremy.
(This used to be commit c9a0720f55)
