Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-08-25 | s4:winbind: convert wb_sid2domain to tevent_req internally | Stefan Metzmacher | 1 | -74/+174 | |
The public wrapper still uses composite_context, because I don't have time to fix all the callers... metze | |||||
2012-08-25 | s4:librpc/rpc: don't do async requests if gensec doesn't support async ↵ | Stefan Metzmacher | 1 | -0/+32 | |
replies (bug #9097) metze | |||||
2012-08-25 | s4:librpc/rpc: also call dcerpc_schedule_io_trigger() after bind and ↵ | Stefan Metzmacher | 1 | -0/+7 | |
alter_context responses metze | |||||
2012-08-25 | s4:librpc/rpc: use dcerpc_req_dequeue() in dcerpc_request_recv_data() | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2012-08-25 | s4:librpc/rpc: use talloc_zero for 'struct rpc_request' | Stefan Metzmacher | 1 | -11/+1 | |
metze | |||||
2012-08-25 | libcli/smb: split out a smb_transport private library | Stefan Metzmacher | 1 | -3/+15 | |
metze | |||||
2012-08-25 | libcli/smb: wscript_build => wscript | Stefan Metzmacher | 1 | -1/+2 | |
We'll need some configure checks in future. metze | |||||
2012-08-24 | Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen(). | Jeremy Allison | 3 | -13/+3 | |
The code in SMBNTLMv2encrypt_hash() should not be requesting case changes on the domain name. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104 | |||||
2012-08-24 | Remove useless bool "upper_case_domain" parameter. | Jeremy Allison | 1 | -13/+2 | |
2012-08-24 | Move uppercasing the domain out of smb_pwd_check_ntlmv2() | Jeremy Allison | 1 | -9/+21 | |
Allows us to remove a silly bool parameter. Based on work done by "Blohm, Guntram (I/FP-37, extern)" <extern.guntram.blohm@audi.de>. | |||||
2012-08-24 | s3:lib: make sure we don't try to send messages to server_id's marked as ↵ | Stefan Metzmacher | 1 | -0/+4 | |
disconnected metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Aug 24 15:54:48 CEST 2012 on sn-devel-104 | |||||
2012-08-24 | s3:lib: remove unused processes_exist() | Stefan Metzmacher | 1 | -70/+0 | |
metze | |||||
2012-08-24 | s3:lib: readd the CTDB_CONTROL_CHECK_SRVIDS optimization to serverids_exist() | Stefan Metzmacher | 1 | -0/+45 | |
metze | |||||
2012-08-24 | s3:lib: only loop over the server_ids we need to verify in serverids_exist() | Stefan Metzmacher | 1 | -11/+23 | |
metze | |||||
2012-08-24 | s3:lib: use server_id_is_disconnected() in serverids_exist() | Stefan Metzmacher | 1 | -0/+4 | |
metze | |||||
2012-08-24 | s3:lib: inline processes_exist() into serverids_exist() | Stefan Metzmacher | 1 | -14/+99 | |
metze | |||||
2012-08-24 | s3:lib: SERVERID_UNIQUE_ID_NOT_TO_VERIFY only means not to verify the ↵ | Stefan Metzmacher | 1 | -3/+4 | |
'unique_id' part It doesn't mean the the server_id is always valid. metze | |||||
2012-08-24 | lib/util: don't SMB_ASSERT() in process_exists_by_pid() | Stefan Metzmacher | 1 | -1/+3 | |
Just return false... metze | |||||
2012-08-24 | s3:lib: implement process_exists() as wrapper of serverid_exists() | Stefan Metzmacher | 1 | -14/+2 | |
The changes the behavior of process_exists() it checks the pid.unique_id now, if it's not SERVERID_UNIQUE_ID_NOT_TO_VERIFY. metze | |||||
2012-08-24 | s3:g_lock: use serverid_exists() with SERVERID_UNIQUE_ID_NOT_TO_VERIFY | Stefan Metzmacher | 1 | -1/+10 | |
metze | |||||
2012-08-24 | s3:lib: implement serverid_exists() as wrapper of serverids_exist() | Stefan Metzmacher | 1 | -30/+5 | |
metze | |||||
2012-08-24 | s3:lib: remove CTDB_CONTROL_CHECK_SRVIDS optimization in serverids_exist() ↵ | Stefan Metzmacher | 1 | -6/+0 | |
for now This will be readded... metze | |||||
2012-08-24 | lib/param: fix usage of 'write list = +Group' | Stefan Metzmacher | 1 | -2/+8 | |
metze Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 24 11:28:17 CEST 2012 on sn-devel-104 | |||||
2012-08-23 | s3: fix compile warning on openindiana | Björn Jacke | 1 | -5/+5 | |
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Thu Aug 23 18:22:13 CEST 2012 on sn-devel-104 | |||||
2012-08-23 | crypto/aes_ccm_128: fix compile warning on openindiana | Björn Jacke | 1 | -1/+1 | |
2012-08-23 | s3/registry: fix compile warning on openindiana | Björn Jacke | 1 | -1/+1 | |
2012-08-23 | s4-selftest: Always set vfs objects in selftest smb.conf | Andrew Bartlett | 1 | -2/+2 | |
This sets it for all enviornments, as it is harmless if ntvfs is used and critical if the provision script runs in s3fs mode. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Aug 23 16:42:41 CEST 2012 on sn-devel-104 | |||||
2012-08-23 | s4-selftest: Add test for samba-tool ntacl sysvolcheck | Andrew Bartlett | 1 | -0/+26 | |
2012-08-23 | s4-samba-tool: Add samba-tool ntacl sysvolcheck command | Andrew Bartlett | 2 | -1/+143 | |
This command verifies that the current on-disk ACLs match the directory and the defaults from provision. Unlike sysvolreset, this does not change any of the permissions. Andrew Bartlett | |||||
2012-08-23 | s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snum | Andrew Bartlett | 5 | -8/+8 | |
I need to get at the owner, group, DACL and SACL when testing correct ACL storage. Andrew Bartlett | |||||
2012-08-23 | s3-pysmbd: Fix return type of smbd.get_nt_acl | Andrew Bartlett | 1 | -1/+1 | |
The security_ prefix is stripped off in the python bindings. Andrew Bartlett | |||||
2012-08-23 | s3-smbd: Add talloc_stackframe() to get_nt_acl_no_snum() | Andrew Bartlett | 1 | -3/+8 | |
This is required because the functions it calls use talloc_tos(). Andrew Bartlett | |||||
2012-08-23 | s4-selftest: Add testing of samba-tool ntacl sysvolreset | Andrew Bartlett | 2 | -0/+45 | |
2012-08-23 | param: Add startup checks for valid server role/binary combinations | Andrew Bartlett | 5 | -0/+35 | |
This should eliminate confusion from our users about what they can expect to successfully run. Andrew Bartlett | |||||
2012-08-23 | s3-pysmbd: Fix error message | Andrew Bartlett | 1 | -2/+2 | |
2012-08-23 | s4-provision: Fix internal documentation | Andrew Bartlett | 1 | -0/+1 | |
2012-08-23 | s3-pysmbd: Allow a mode to be specified for the simple ACL | Andrew Bartlett | 2 | -28/+33 | |
The additional group for the ACL is now optional. Andrew Bartlett | |||||
2012-08-23 | s4-samba-tool: Add 'samba-tool ntacl sysvolreset' tool | Andrew Bartlett | 1 | -1/+73 | |
This will reset the NT ACL on the sysvol share to the default from provision, with GPO objects matching the LDAP ACL (as required). Andrew Bartlett | |||||
2012-08-23 | selftest: Add a test of the NT ACL -> posix ACL mapping layer to selftest | Andrew Bartlett | 1 | -0/+1 | |
2012-08-23 | selftest: Cope with the multiple possible representations of -1 in posixacl.py | Andrew Bartlett | 1 | -28/+29 | |
2012-08-23 | selftest: Extend posixacl test to check the actual ACL | Andrew Bartlett | 1 | -2/+274 | |
Needing to be able to write this test is the primary reason I have been reworking the VFS and posix ACL layer over the past few weeks. By exposing the POSIX ACL as a IDL object we can eaisly manipulate it in python, and then verify that the ACL was handled correctly. This ensures the when we write an ACL in provision, that it will indeed allow that access at the FS layer. We need to extend this beyond just the critical two ACLs set during provision, to also include some special (hard) cases involving the merging of ACE entries, as this is the most delicate part of the ACL transfomation. A similar test should also be written to read the posix ACL and the mapped NT ACL on a file that has never had an NT ACL set. Andrew Bartlett | |||||
2012-08-23 | selftest: Add a test of the NT ACL -> posix ACL mapping layer | Andrew Bartlett | 1 | -0/+131 | |
This is the start of what will be a series of tests confirming exactly how some NT ACLs are mapped to posix ACLs. Andrew Bartlett | |||||
2012-08-23 | s4-scripting: Redefine getntacl() as accessing via the smbd VFS or directly | Andrew Bartlett | 2 | -6/+11 | |
This allows us to write tests that compare the smbd vfs with what is in the DB or xattr. Andrew Bartlett | |||||
2012-08-23 | s4-provision: set POSIX ACLs to for use with the smbd file server (s3fs) | Andrew Bartlett | 3 | -53/+94 | |
This handles the fact that smbd will rarely override the POSIX ACL enforced by the kernel. This has caused issues with the creation of group policies by other members of the Domain Admins group. Andrew Bartlett | |||||
2012-08-23 | file_server: Move default VFS module settings to loadparm.c | Andrew Bartlett | 3 | -13/+14 | |
This means that any utility that calls into the VFS layer will get the right modules. Because we use the fake_acls backend we need to override this whole list in Samba4.pm however. Andrew Bartlett | |||||
2012-08-23 | s4-dsdb: Remove unused variables | Andrew Bartlett | 1 | -5/+0 | |
2012-08-23 | s4-dsdb: Do not use a possibly-old loadparm context in schema reload | Andrew Bartlett | 3 | -19/+18 | |
The loadparm context on the schema DB might have gone away already. Pre-cache the schema refresh interval at load time to avoid worrying about this. Andrew Bartlett | |||||
2012-08-23 | s4-upgradeprovision: Use ntvfs in reference provision | Andrew Bartlett | 1 | -1/+1 | |
We do not need filesystem ACLs set when creating the reference provision, so it is easier to use the NTVFS backend as it does not cause trouble with make test. Andrew Bartlett | |||||
2012-08-23 | selftest: Set --use-ntvfs for rodc, vampire_dc, promoted_vampire_dc and ↵ | Andrew Bartlett | 1 | -4/+4 | |
subdom_dc | |||||
2012-08-23 | selftest: Specify --use-ntvfs when testing the group code | Andrew Bartlett | 1 | -1/+1 | |
We do not need to set filesystem ACLs in this case. Andrew Bartlett |