summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-07-11s3:vfs_gpfs: Check softquota before gracetimeChristof Schmitt1-1/+2
gpfs_quotactl can return a non-zero softquota gracetime even when no softquota has been set. This could lead to "disk full" being reported to a client. The easiest fix is to check for a valid softquota before checking the softquota gracetime.
2012-07-11build: fix some indentation (tabs/vs spaces) in source3/wscriptMichael Adam1-2/+2
Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 11 19:37:12 CEST 2012 on sn-devel-104
2012-07-11build: fix waf checks for seteuid on non-Linux platformsMichael Adam1-5/+4
An indentation error had linux-specific checks called on non-linux with the effect that "#define USE_LINUX_THREAD_CREDENTIALS 1" was effective.
2012-07-11Add in the threaded async open engine.Jeremy Allison1-0/+393
Fixes all issues raised originally. This code will only do threaded opens with thread-specific credentials (Linux for now) and changes credentials before doing the call. Also only fires on O_CREAT|O_EXCL so will only create new files, never open old ones async. Volker, this is isolated enough that it shouldn't prevent you from refactoring it into a new module when the aio pread/pwrite code is moved into the default aio path. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 11 08:04:56 CEST 2012 on sn-devel-104
2012-07-11Move set_thread_credentials_permanently() to set_thread_credentials()Jeremy Allison2-16/+16
as we need to keep the saved set uid/gid otherwise there is an interaction with open[at]() and NO_ATIME returning EPERM. As this is meant for threaded code inside the process we don't need to do an irreverisble change anyway. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 11 03:54:00 CEST 2012 on sn-devel-104
2012-07-10Fix typo we've had for a long time in set_re_uid() in the USE_SETRESUID case.Jeremy Allison1-1/+1
We only set the real euid, not the effective one. This is not a security issue as this is *only* used in the quota code, and only between code that brackets it with save_re_uid()/restore_re_uid(), Also this is not used on most platforms (we use USE_SETREUID by preference) but it's better to have this right. Bug to follow to get this fixed in 3.6.next and 3.5.next.
2012-07-10Cope with a (non-security) open race we've had for ever as NTCreateX isn't ↵Jeremy Allison1-0/+25
atomic on POSIX. On open without create, the file did exist, but some other (local or NFS) process either renamed/unlinked and re-created the file with different dev/ino after we walked the path, but before we did the open. We could retry the open but it's a rare enough case it's easier to just fail the open to prevent creating any problems in the open file db having the wrong dev/ino key. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 10 21:57:33 CEST 2012 on sn-devel-104
2012-07-10Now we have a guaranteed indication of a file being created, use it to set ↵Jeremy Allison1-12/+8
the create disposition correctly.
2012-07-10Add function fd_open_atomic() which uses O_CREAT|O_EXCL to return a ↵Jeremy Allison1-4/+107
guaranteed indication of creation of a new file.
2012-07-10Simplify the logic in open_file() some more.Jeremy Allison1-48/+36
Move the inheritance work into the if block where we created the file. We can never have created the file (and thus need no inheritance) for a stat-open. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 10 03:30:22 CEST 2012 on sn-devel-104
2012-07-09Simplify the logic in open_file().Jeremy Allison1-22/+15
Move the fstat call into the block which opens a file descriptor. Remove the stat() call in the stat-open case. We already failed the open if !file_existed.
2012-07-09Use new common function.Jeremy Allison1-1/+1
2012-07-09Make check_same_stat() and check_same_dev_ino() common functions.Jeremy Allison4-31/+33
2012-07-09Factor out check_same_dev_ino() from check_same_stat() so it can be called ↵Jeremy Allison1-2/+15
separately.
2012-07-09lib/ldb: Bump ldb release due to pyldb changesAndrew Bartlett3-1/+261
We strictly need these changes to pass make test, and the concat change is backwards incompatible, so we really want to use the right version. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Jul 9 04:34:06 CEST 2012 on sn-devel-104
2012-07-06s4-torture: add ntprinting ndr operations testsuite.Günther Deschner3-1/+442
Guenther Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Jul 6 20:55:26 CEST 2012 on sn-devel-104
2012-07-06ntprinting: mark the final 4 byte null pointer for printer data in ↵Günther Deschner1-0/+1
ndr_pull_ntprinting_printer as read. Guenther
2012-07-06ndr: fix push/pull DATA_BLOB with NDR_NOALIGNDavid Disseldorp1-12/+22
This change addresses bug 9026. There are 3 use cases for DATA_BLOB marshalling/unmarshalling: 1) ndr_push_DATA_BLOB and ndr_pull_DATA_BLOB when called with LIBNDR_FLAG_ALIGN* alignment flags set, are used to push/pull padding bytes _only_. The length is determined by the alignment required and the current ndr offset. e.g. dcerpc.idl: typedef struct { ... [flag(NDR_ALIGN8)] DATA_BLOB _pad; } dcerpc_request; 2) When called with the LIBNDR_FLAG_REMAINING flag, all remaining bytes in the ndr buffer are pushed/pulled. e.g. dcerpc.idl: typedef struct { ... [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier; } dcerpc_request; 3) When called without alignment flags, push/pull a uint32 length _and_ a corresponding byte array to/from the ndr buffer. e.g. drsblobs.idl typedef [public] struct { ... DATA_BLOB data; } DsCompressedChunk; The fix for bug 8373 changed the definition of "alignment flags", such that when called with LIBNDR_FLAG_NOALIGN ndr_push/pull_DATA_BLOB behaves as (1: padding bytes) rather than (3: uint32 length + byte array). This breaks marshalling/unmarshalling for the following structures. eventlog.idl: typedef [flag(NDR_NOALIGN|NDR_PAHEX),public] struct { ... DATA_BLOB sid; ... } eventlog_Record_tdb; ntprinting.idl: typedef [flag(NDR_NOALIGN),public] struct { ... DATA_BLOB *nt_dev_private; } ntprinting_devicemode; typedef [flag(NDR_NOALIGN),public] struct { ... DATA_BLOB data; } ntprinting_printer_data; Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-06ntprinting: make decode_ntprinting helpers public in idl.Günther Deschner1-3/+3
Guenther
2012-07-06s3: Fix Coverity ID 709470 Uninitialized scalar variableVolker Lendecke1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Jul 6 18:46:06 CEST 2012 on sn-devel-104
2012-07-06s4-selftest: do a dbcheck on our two vampire DCsAndrew Bartlett2-1/+2
However, due to using --domain-critical-only we have to knownfail the vampire DC here, as we do not fill in the backlinks on non-critical objects correctly. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 6 16:54:10 CEST 2012 on sn-devel-104
2012-07-06s4-dbcheck: Check for an object without a parentAndrew Bartlett1-0/+44
Such objects are then moved to the appropriate LostAndFound container, just as they would be if replicated. Andrew Bartlett
2012-07-06s4-dsdb: Remove unused variables in py_dsdb_get_partitions_dnAndrew Bartlett1-3/+0
2012-07-06pydsdb: Add bindings for dsdb_wellknown_dn()Andrew Bartlett2-0/+38
2012-07-06pyldb: Add bindings for ldb_dn_remove_base_componentsAndrew Bartlett2-0/+20
2012-07-06s4-pydsdb: Add bindings for dsdb_find_nc_root()Andrew Bartlett2-0/+26
2012-07-06s4-pydsdb: Improve PyErr_LDB_{DN,}_OR_RAISE to use py_check_dcerpc_typeAndrew Bartlett1-2/+9
This checks the type rather than just dereferencing the pointer. Andrew Bartlett
2012-07-06pyldb: Fix dn concat operation to be the other way aroundAndrew Bartlett2-2/+2
This now concatonates Dn(ldb, "cn=config") + Dn(ldb, "dc=samba,dc=org") as "cn=config,dc=samba,dc=org" Andrew Bartlett
2012-07-06auth: Common function for retrieving PAC_LOGIN_INFO from PACChristof Schmitt7-123/+54
Several functions use the same logic as kerberos_pac_logon_info. Move kerberos_pac_logon_info to common code and reuse it to remove the code duplication. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-07-06s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for tcpAndreas Schneider1-0/+10
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jul 6 11:50:40 CEST 2012 on sn-devel-104
2012-07-06s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for npAndreas Schneider3-0/+45
2012-07-06s4-lsarpc: Restrict LookupSids3 to crypto connections only.Andreas Schneider1-0/+10
2012-07-06s4-lsarpc: Restrict LookupNames4 to crypto connections only.Andreas Schneider1-0/+10
2012-07-06s4-lsarpc: Don't call lsa_OpenPolicy2 in lsa_LookupSids3.Andreas Schneider1-46/+48
2012-07-06s4-lsaprc: Don't call lsa_OpenPolicy2 in lsa_LookupNames4.Andreas Schneider1-49/+53
2012-07-06selftest: Update knownfail list for samba4.rpc.lsalookup.Andreas Schneider1-1/+5
2012-07-06s4-selftest: Don't run lsarpc requiring a named pipe over tcpip.Andreas Schneider1-1/+1
2012-07-06s4-selftest: Don't plan lsa.secrets tests over tcpip.Andreas Schneider1-4/+4
These will only work over a named pipe or ncalrpc.
2012-07-06s4-libnet: Skip calling lsarpc functions over a wrong pipe.Andreas Schneider1-0/+9
2012-07-06s4-torture: Call lsarpc tests over the correct pipe.Andreas Schneider1-0/+6
2012-07-06s4-torture: Don't consider NONE_MAPPED an error in LookupSids3.Andreas Schneider1-3/+19
2012-07-06s4-torture: Don't consider NONE_MAPPED an error in LookupNames4.Andreas Schneider1-3/+15
2012-07-06s4-torture: Add a lsarpc test_GetUserName_fail function.Andreas Schneider1-0/+59
2012-07-06s4-torture: Add a lsarpc test_OpenPolicy2_fail function.Andreas Schneider2-21/+74
2012-07-06s4-torture: Add a lsarpc test_OpenPolicy_fail function.Andreas Schneider1-17/+74
2012-07-06s4-torture: Add a lsarpc test_LookupNames4_fail function.Andreas Schneider1-23/+74
2012-07-06s4-torture: Add a lsarpc test_LookupSids3_fail function.Andreas Schneider1-15/+68
2012-07-06s3-lsarpc: Enforce a secure connection for LookupSids3 and LookupNames4.Andreas Schneider1-8/+14
http://thread.gmane.org/gmane.network.protocol.cifs.general/291
2012-07-06s3-lsarpc: Restrict lsa_LookupNames4 to ncacn_ip_tcp connections.Andreas Schneider1-12/+23
See MS-LAT, Section 2.1 Transport.
2012-07-06s3-lsarpc: Restrict lsa_LookupSids3 to ncacn_ip_tcp connections.Andreas Schneider1-12/+23
See MS-LAT, Section 2.1 Transport.
generated by cgit (git 2.34.1) at 2024-11-04 16:14:55 +0000