IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is no longer useful as it doesn't support async requests.
It could be readded using pthreadpool_tevent_job_send()
and wbcCtxAuthenticateUserEx() if required.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is no longer useful as the 'winbind' backend also
handles the rodc case now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is marked as knownfail for quite some time.
I don't think such a test is a reason to the 'auth methods' option.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The "winbind_wbclient" backend is unused and will be removed soon.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
this was never disabling ipv6, only v6-only interfaces. This can be achieved
with the interfaces parameter also if wanted.
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Puran Chand <pchand@vmware.com>
Reviewed-by: Garming Sam <garming@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Dec 10 04:56:23 CET 2017 on sn-devel-144
Test was using an invalid password, which causes test failure with early
password validation patch
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Checks password against default quality and length standards when it is entered,
allowing a second chance to enter one (if interactive), rather than running
through the provisioning process and bailing on an exception
Includes unit tests for the newly-added python wrapper of check_password_quality
plus black-box tests for the checks in samba-tool.
Breaks an openldap test which uses an invalid password.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9710
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12235
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Remove the unique constraint on the objectSID index, and enable the
unique_object_sids module.
This allows duplicate objectSIDs on foreign security principals, and
disallows duplicates for local objectSIDs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
New module that sets the LDB_FLAG_INTERNAL_UNIQUE_VALUE on all local
objectSIDS and ensure it is cleared for any foreign security principals.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This avoids running the test while samba is modifying and locking the same database,
as this can lead to a deadlock.
The deadlock is not seen in production as the LDB read lock is not held while
waiting for another process, but this test needs to do this to demonstrate
the locking safety.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec 8 21:47:55 CET 2017 on sn-devel-144
HDB_ERR_NOT_FOUND_HERE indicated a very specific error on an RODC.
We should not map any error to HDB_ERR_NOT_FOUND_HERE,
we should just pass errors along unmapped.
Otherwise we'll hit the logic bug in:
if (ret == KDC_PROXY_REQUEST) {
uint16_t port;
if (!sock->kdc_socket->kdc->am_rodc) {
DEBUG(0,("kdc_udp_call_loop: proxying requested when not RODC"));
talloc_free(call);
goto done;
}
And just don't send an error message to the client.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13132
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec 6 23:16:54 CET 2017 on sn-devel-144
Thanks to Doug Nazar <nazard@nazar.ca> for spotting this!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12986
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from heimdal commit a79b59ba27070a015479e8d981b7e685dbe34310)
Reviewed-by: Andreas Schneider <asn@samba.org>
The child process gets the kernel lease and then notifies
the parent process to continue by writing a byte up a pipe.
It then sets the alarm and calls pause() to wait for the
parent process to contact the smbd and get it to trigger
the break request using an open call.
It is possible for the parent to run and trigger the break
request after the child has written to the pipe, but *before*
the child calls pause(). We then miss the signal notifying
the child to break the lease.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13121
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
This reveals that the conversion doesn't work properly with
fruit:metadata=stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The previous use of localdir and torture_setup_local_file() was
motivated by the fact that by default vfs_fruit rejects access to files
with a "._" prefix.
Since a previous commit allowed SMB access to ._ files, rewrite the
test_adouble_conversion() test to create the ._ AppleDouble file over
SMB.
This also renders torture_setup_local_file() obsolete.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is needed for a subsequent commit that modifies an existing test to
write a ._ file over SMB instead of using the ugly local creation hack.
SMB acces of ._ files requires "fruit:veto_appledouble = no", so let's
set it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This needs for work in all possible fruit configs, so test it.
This currently fails with stream_depot, as we don't propely copy over
the resourcefork data from the ._ file to the stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Previously this test, that tests for correct conversion of ':' in stream
names, only worked with streams_xattr with "fruit:metadata" set to
"netatalk".
In order to have test coverage for fruit shares with other configs,
split the test into two:
one test creates the stream over SMB and run against all shares, the
other one is the unmodified existing test and is only run against the
share with streams_xattr and fruit:metadata=netatalk.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This should not happen, but stopping all replication because of it is a pain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 24 19:53:50 CET 2017 on sn-devel-144
USER is memberOf GROUP and they both were deleted on W2K8R2 AD. Domain join ends
with error below.
Failed to apply records: ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:421
8: Failed to remove backlink of memberOf when deleting CN=USER\0ADEL:a1f2a2cc-1
179-4734-b753-c121ed02a34c,CN=Deleted Objects,DC=samdom,DC=intern: dsdb_module_
search_dn: did not find base dn CN=GROUP\0ADEL:030d0be1-3ada-4b93-8371-927f2092
3116,CN=Deleted Objects,DC=samdom,DC=intern (0 results): Operations error
Failed to commit objects: WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13120
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
These tests now confirm we can handle these issues at runtime
as well as at dbcheck
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This will be used by dbcheck to fix duplicate link values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will be used by dbcheck to fix duplicate link values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This validates some more combinations and ensures that the changes
in 962a1b3220 are tested.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Fix various places where there is potential truncation
while doing time / size calculations.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is normally called with a transaction or before access is shared.
The python code and some tests may also cause an issue, but as these are
fixed at runtime, this is only a temporary issue that resolves itself.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
In schema_load_init, we find that the writing of indices is not locked
in any way. This leads to race conditions. To resolve this, we need to
have a new state (SCHEMA_COMPARE) which can report to the caller that we
need to open a transaction to write the indices.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
NTTIME is an unsigned quantity. When comparing two
of them, first calculate a signed difference, then
take absolute value.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Fix picky developer clang warning about assignment
of an enum value to a variable of a different enum type.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Some pidl-generated code includes static functions that are
to be optimized-away by the compiler if not used. When
running picky developer with clang that breaks the build. This
change ignores this warning for the pidl-generated python binding
files.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
