summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2003-06-24add tdb backup function separation and winbind idmap upgrade code formSimo Sorce5-171/+413
pre-2.2.4 tdb database format. tx volker for your work on this (This used to be commit 2bdbeb9e97a59ecd16f74fbb04ab5ca57b28a757)
2003-06-24More tuning of Kerberos detection - don't fall through to detect kerberos libsTim Potter1-3/+6
when we have already decided that we can't do it. (This used to be commit db792ed530da4e040084d4b42b716ffdcdd13bd3)
2003-06-24More sensible behaviour for bug 152. If we don't have krb5.h and were ↵Tim Potter1-10/+36
explicitly configured using --with-ads then give an error, otherwise fall back to compiling without ADS. Tested on redhat 8.0 with and without MIT kerberos packages installed. Metze, let me know if this is working OK for you now! (This used to be commit 7ea81535b8180314acbf0873104a8c942ce4ec14)
2003-06-24Fixes from Martin Dorey <mdorey@bluearc.com> to only ask for and changeJeremy Allison1-7/+6
the requested parts of the ACL. Jeremy. (This used to be commit c35a88201c619f0ebbaf38adbd0ec2af77e23981)
2003-06-24Move the map acl inherit parameter into the protocol section.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 076d9a3c9bc264d9456a67da9366bd73d3ce69d5)
2003-06-23Add documentation for "map acl inherit" parameter.Jeremy Allison1-0/+17
Jeremy. (This used to be commit a97f25c78591db3f6326610ea62b183fa3b9434d)
2003-06-23Fixed the merge_default_aces() code to work correctly with inheritance.Jeremy Allison1-11/+38
Hopefully will fix jcmd bugs :-). Jeremy. (This used to be commit 482e6c79edefc8aaacbb37f807d2076e59b40e26)
2003-06-23* s/get_dc_name/rpc_dc_name/g (revert a previous change)Gerald Carter8-178/+43
* move back to qsort() for sorting IP address in get_dc_list() * remove dc_name_cache in cm_get_dc_name() since it slowed things down more than it helped. I've made a note of where to add in the negative connection cache in the ads code. Will come back to that. * fix rpcclient to use PRINTER_ALL_ACCESS for set printer (instead of MAX_ALLOWED) * only enumerate domain local groups in our domain * simplify ldap search for seqnum in winbindd's rpc backend (This used to be commit f8cab8635b02b205b4031279cedd804c1fb22c5b)
2003-06-23wrap group enuemration in brcome/unbecome_root() (bug #110)Gerald Carter1-0/+14
(This used to be commit 3918fffc7f07202f4c0b940f877184eea7561135)
2003-06-23fix typo (bug #170)Gerald Carter1-1/+1
(This used to be commit d376b67de9ff7a43c9c03c8640d9fe1671d223cb)
2003-06-23fix bug #178; available space in devmode should be intGerald Carter1-1/+1
(This used to be commit 944480b89a829f159cabff100d83a72400aa6b6c)
2003-06-23lp_security() is a function not an integerAndrew Tridgell1-1/+1
(This used to be commit 71907f32ba9c8700ba185b565a50c55a3a451758)
2003-06-23Change AC_MSG_ERROR() in krb5.h detection code to AC_MSG_WARN()Tim Potter1-1/+1
until I repair my destroyed development system and check in a proper fix for this. (This used to be commit efad5dab522c466ae9e6bc114d0a0e6d1a7ed06d)
2003-06-23* set domain->last_status = NT_STATUS_SERVER_DISABLED on an ads_connect() ↵Gerald Carter5-36/+276
failure * Fix code to use winbind_rpc methods for trusted mixed mode or NT4 domains ( does no one ever test this? ) * add in LDAP code to get the sequence number for rpc based seqnum update. ( this is needed if the DC is upgraded and samba is not reconfigured to use security = ads; it's not pretty but it works (from app_head) ) * fix bug that caused us to enumerate domain local groups in domains other than our own (This used to be commit 14f2cd139a22454571cea8475d3b7c5c2787d378)
2003-06-23Produce an error if Active Directory support is requested and we don'tTim Potter1-0/+4
have krb5.h Should fix bug 152. (This used to be commit 82d3dd757be5c56fdeb97e66f64ec25d5e202614)
2003-06-23Repair indentation in autoconf Kerberos detection code. This shouldTim Potter1-120/+169
make it easier to understand/debug. (This used to be commit 86b6ff134c2631be1346cea1cd7a17ae815a3759)
2003-06-22Found out a good number of NT_STATUS_IS_ERR used the wrong way.Simo Sorce22-60/+60
As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. (This used to be commit c501e84d412563eb3f674f76038ec48c2b458687)
2003-06-21(fixing bug in my last commit)Andrew Bartlett1-6/+6
This isn't C++ - start your code *after* all the variables are declared... Andrew Bartlett (This used to be commit b7760faedc2181538ffc325e727808e6df8f943f)
2003-06-21Fix memory leak. secrets_fetch allocates memory.Volker Lendecke1-0/+2
Volker (This used to be commit 2ec8d1ff88d3984a317a4a53ca3a299e8a68a9d7)
2003-06-21This removes the StrCaseCmp() stuff from 'net idmap' and 'netAndrew Bartlett5-179/+203
groupmap'. The correct way to implement this stuff is via a function table, as exampled in all the other parts of 'net'. This also moves the idmap code into a new file. Volker, is this your code? You might want to put your name on it. Andrew Bartlett (This used to be commit 477f2d9e390bb18d4f08d1cac9c981b73d628c4f)
2003-06-21This patch fixes some issues with idmap_tdb as raised by bug #181Andrew Bartlett1-91/+115
The idea here is to eliminate the need to *set* the 'HWM' (High Water Mark) in the tdb. Instead, each caller wanting to add an item to the TDB uses the fact that an insert will *fail* if entry already exists. More importantly, this means that we don't need to know the value of the idmap uid/gid values when setting arbitrary entries, which can occur on an smb.conf without such values specified. Then all we need to do is loop until we get an id that will insert. This means that the HWM does not need to be accurate, and we can have IDs allocates safely above the HWM. Setting the HWM to an arbitrary value was racy in the past - now we don't even do it. This patch also adds paranoia in reading the tdb - both the entry, and it's reverse entry must be present. This means that we don't need to 'clean up' after an abnormal failure (which would probably fail too), instead we rely on readers to ignore the half-completed entry. The way this is done will allow SIDs to then allocated an ID when things are normal again. Andrew Bartlett (This used to be commit 74709e159cdcd4dbcf138428a85067b38c4ebe64)
2003-06-21Always initialize.Andrew Bartlett1-0/+2
(This used to be commit 75081860af5ace873f53c361ec34d029b7864ff7)
2003-06-21merge of the netsamlogon caching code from APPLIANCE_HEADGerald Carter14-173/+667
This replaces the universal group caching code (was originally based on that code). Only applies to the the RPC code. One comment: domain local groups don't show up in 'getent group' that's easy to fix. Code has been tested against 2k domain but doesn't change anything with respect to NT4 domains. netsamlogon caching works pretty much like the universal group caching code did but has had much more testing and puts winbind mostly back in sync between branches. (This used to be commit aac01dc7bc95c20ee21c93f3581e2375d9a894e1)
2003-06-21This patch works towards to goal of common code shared between idmap_ldapAndrew Bartlett4-276/+386
and pdb_ldap. So far, it's just a function rename, so that the next patch can be a very simple matter of copying functions, without worrying about what changed in the process. Also removes the 'static' pointers for the rebind procedures, replacing them with a linked list of value/key lookups. (Only needed on older LDAP client libs) Andrew Bartlett (This used to be commit f93167a7e1c56157481a934d2225fe19786a3bff)
2003-06-20Fixed sorting algorithm to prevent problems with W2K clients.Jeremy Allison1-2/+2
Jeremy. (This used to be commit fa8ca20ed440673d02ac5669f8d4c6623c1fdb6d)
2003-06-20Fix bug #136. Add message about erroneous empty "passdb backend" parameter.Jim McDonough1-0/+4
(This used to be commit 897125a9dbbd3f921d944e7bb7c5694a130c5173)
2003-06-20Fix bug #136: "passdb backend = " caused smbd to segfault.Jim McDonough1-0/+5
Instead, spit out an error message. (This used to be commit 22f083b227a6f03ae42b985e45e9c384982c6ed2)
2003-06-20Fix mount options for ro, dir_mode, file_modeSteve French1-2/+2
(This used to be commit 7e7cf0dd98ec8e28c02cb9e36064eaf098339801)
2003-06-20fixed a bug found by volkerAndrew Tridgell1-1/+2
when we are traversing a readonly dababase we should not try to cleanup the pending-delete records (This used to be commit f327c06108cd1a9146f4c24aa4274997be0b4fb4)
2003-06-20Updating change from "winbind uid/gid" to "idmap uid/gid"John Terpstra1-2/+2
(This used to be commit 81abfec7faf8675391d017c2e4160cd77a1ab157)
2003-06-20Applied Vance Lankhaar's spelling fixes.John Terpstra36-450/+507
(This used to be commit 7eea35ba9f02f465403c21f5c33461035ad56176)
2003-06-20The default action for AC_CHECK_LIB is to add the library to $LIBS soTim Potter1-7/+6
this doesn't need to be done explicitly in the Kerberos checks. Also there was a duplicate AC_CHECK_LIB(resolv, dn_expand) which is done early on in the configure process. (This used to be commit fa66e2e1e1186d8c8965e1a13d49f4af2e71a442)
2003-06-20Back out some of the changes to nsstest. I've kept the NULL pointerTim Potter1-138/+8
dereference bugfixes but left out the gethostbyname (wins) tests pending a nicer way to integrate it. (This used to be commit a7e67aaffe13b2828861046013b51d62aa1db057)
2003-06-20Missed initial param, typo.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 036a551b10f1cb436ea36acbb40983249de8310d)
2003-06-20Mapping of Windows ACL inheritance and protected bits onto extended attributesJeremy Allison2-16/+464
if available. Adds new parameter "map acl inheritance" (docs coming soon) off by default. Allows W2K acl inheritance dialogs to work correctly on POSIX acls. Jeremy. (This used to be commit a83595e80ae539135fa1a65d6066b10ac94fbad1)
2003-06-19Minor Debian updates.Eloy Paris2-5/+23
(This used to be commit f9f5211d79feb07f20f6aad9e8829d19eaf096fd)
2003-06-18Fix typoJelmer Vernooij1-1/+1
(This used to be commit 598a7596f233d63974196ca00fc68c2f71f6e219)
2003-06-18VFS modules are located in the subdirectory vfs of $LIBDIRJelmer Vernooij1-1/+1
(This used to be commit 76182f47386a58d27901c0628dcd298bd111c634)
2003-06-18Remove short -A option, but still leave in the --set-auth-user option.Jim McDonough1-2/+2
This reflects a change made in wbinfo as a result of bug 158. (This used to be commit 2628259c2051dd1f0802bced82bfb5ffaed2a12d)
2003-06-18Add installmodules to installJelmer Vernooij1-1/+1
(This used to be commit 33e8dd88434710427fcf43048477ab072606d634)
2003-06-18Ok, this patch removes the privilege stuff we had in, unused, for some time.Simo Sorce16-689/+184
The code was nice, but put in the wrong place (group mapping) and not supported by most of the code, thus useless. We will put back most of the code when our infrastructure will be changed so that privileges actually really make sense to be set. This is a first patch of a set to enhance all our mapping code cleaness and stability towards a sane next beta for 3.0 code base Simo. (This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e)
2003-06-18Updated Debian patches so they apply cleanly and without warnings atEloy Paris1-11/+10
build time. (This used to be commit 37acf55b609e90d4ae1a4b6bafb6067487352cee)
2003-06-18Remove the -A option of wbinfo, leaving only the long version,Jim McDonough1-1/+1
--set-auth-user. There was enough confusion, as in bug #158, when a user accidentally typed -A instead of -a, and would get themselves stuck with a non-working winbind. I've made the changes to docs/docbook/manpages/wbinfo.xml, but I'm not sure what to do beyond that. Is checking that in enough? (This used to be commit 70fe85e4698ce2c26372b050417986bf4a96680b)
2003-06-18There's nothing particularly secret in idmap.tdb, so create it withVolker Lendecke1-1/+1
0644 as the other databases. Volker (This used to be commit 5849053930474b1e735f3232995813ef5126ad00)
2003-06-18And some more memory leaks in mapping.c and pdb_tdb.c. tdb_nextkeyVolker Lendecke2-2/+15
mallocs its key, so we should free it after use. Volker (This used to be commit 9750799ba2e1aaa59fa255f23880c9c618195c3d)
2003-06-18Better panic cleanly than segfault later when no sid can be found and created.Volker Lendecke1-2/+3
Everybody who calls get_global_sam_sid expects this to return non-NULL, and there are way too many places where this is called. Volker (This used to be commit 2dfa896e6fdd52aa0eebe7d811c7b4072fe98be3)
2003-06-17And more other memory leaks. One new (idmap) and one ancient (groupdb).Volker Lendecke2-0/+5
Volker (This used to be commit 2392f460aeb11f32759e84faf1e7ace73c5db281)
2003-06-17Fix a memory leak in pdb_tdb.c.Volker Lendecke1-0/+2
Simo, I remember you complaining about a memleak there, could it be this one, or did you resolve it at that time? Volker (This used to be commit c660595deda2ce836c0a191da0236f850004ba0d)
2003-06-17Make static (patch from metze)Jelmer Vernooij2-2/+2
(This used to be commit 908b16cc2a8b6c5c67aae0e1af9d51f57fe31212)
2003-06-17Fix building idmap_winbind as shared moduleJelmer Vernooij1-1/+1
(This used to be commit 255603779621be4025d4892f589f39f3bfa08976)