Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-13 | tdb: fix tdb_check() on read-only TDBs to actually work. | Rusty Russell | 1 | -5/+17 | |
Commit bc1c82ea137 "Fix tdb_check() to work with read-only tdb databases." claimed to do this, but tdb_lockall_read() fails on read-only databases. Also make sure we can still do tdb_check() inside a transaction (weird, but we previously allowed it so don't break the API). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> | |||||
2010-09-13 | tdb: make check more robust against recovery failures. | Rusty Russell | 1 | -5/+36 | |
We can end up with dead areas when we die during transaction commit; tdb_check() fails on such a (valid) database. This is particularly noticable now we no longer truncate on recovery; if the recovery area was at the end of the file we used to remove it that way. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> | |||||
2010-09-13 | Revert "s4:samldb LDB module - simplify the message handling on add and ↵ | Matthias Dieter Wallnöfer | 1 | -26/+33 | |
modify operations" This reverts commit 1d94bb3ad4d9c6de3b77ed4690a54ebf2399cc0d. This commit causes unconditional behaviour (sometimes it works, sometimes not) -sorry for introducing this. I will rework this further. | |||||
2010-09-12 | s4:samldb LDB module - remove a disastrous "talloc_free" | Matthias Dieter Wallnöfer | 1 | -2/+0 | |
This completely destroys the program logic (async callbacks). Sorry for introducing this. | |||||
2010-09-12 | Revert "s4:util_samr.c - also here we've now the default primaryGroupID ↵ | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
detection working" This reverts commit 7e9e35db4126f953e8a2579d992c63b274011119. Sorry, the logic is working differently here. We do still need this. | |||||
2010-09-12 | s4:torture/rpc/samr.c - fix typos in outputs | Matthias Dieter Wallnöfer | 1 | -7/+7 | |
2010-09-12 | s4:util_samr.c - also here we've now the default primaryGroupID detection ↵ | Matthias Dieter Wallnöfer | 1 | -4/+1 | |
working | |||||
2010-09-12 | s4:ldap.py - tests the primary group detection by the "userAccountControl" | Matthias Dieter Wallnöfer | 1 | -2/+47 | |
2010-09-12 | s4:setup/provision_self_join.ldif - now the samldb LDB module detects ↵ | Matthias Dieter Wallnöfer | 1 | -1/+0 | |
automatically that this is a DC account | |||||
2010-09-12 | s4:samldb LDB module - "samldb_check_primaryGroupID" - support RID ↵ | Matthias Dieter Wallnöfer | 1 | -1/+5 | |
derivation from "userAccountControl" Specified in MS-SAMR 3.1.1.8.1 and probably fixes also bug #7441. | |||||
2010-09-12 | libds:flag_mapping.c - introduce a call which maps the "userAccountControl" ↵ | Matthias Dieter Wallnöfer | 1 | -0/+13 | |
to the default primary group RID | |||||
2010-09-12 | libds:flag_mapping.c - fix counter variable types | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
2010-09-12 | s4:samldb LDB module - free the "ac" context after the delete checks | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
2010-09-12 | s4:samldb LDB module - simplify the message handling on add and modify ↵ | Matthias Dieter Wallnöfer | 1 | -33/+28 | |
operations We perform always only one shallow copy operation of the message on the "req" context. This allows to free the "ac" context when we've prepared all our changes. | |||||
2010-09-12 | s4:samldb LDB module - move "samldb_prim_group_users_check" more down to see ↵ | Matthias Dieter Wallnöfer | 1 | -41/+41 | |
that it is only in use by the delete operation add and modify helpers will stay on the top of the add and modify operation since they will likely be shared as much as possible. | |||||
2010-09-12 | s4:samldb LDB module - add a comment to mark the beginning of the extended ↵ | Matthias Dieter Wallnöfer | 1 | -0/+2 | |
operation handler | |||||
2010-09-12 | s4:samldb LDB module - refactor "samldb_find_for_defaultObjectCategory" to ↵ | Matthias Dieter Wallnöfer | 1 | -94/+22 | |
be again synchronous Also to make it easier to comprehend | |||||
2010-09-12 | s4:samldb LDB module - refactor the "primaryGroupID" check on user creation | Matthias Dieter Wallnöfer | 1 | -137/+39 | |
This looks more straight-forward now. | |||||
2010-09-12 | s4:samldb LDB module - get rid of the SID context variable | Matthias Dieter Wallnöfer | 1 | -20/+17 | |
Since we get more and more rid of async stuff we don't need this in the context anymore. | |||||
2010-09-12 | s4:samldb LDB module - use also here the real attribute denomination ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
"sAMAccountName" Purely cosmetic - but nicer to read | |||||
2010-09-12 | s4:samldb LDB module - rename "check_SamAccountType" into "check_sAMAccountType" | Matthias Dieter Wallnöfer | 1 | -5/+4 | |
And a small cosmetic change. I like to have the real attribute names in the function denominations | |||||
2010-09-12 | s4:samldb LDB module - make "samldb_check_sAMAccountName" synchronous again | Matthias Dieter Wallnöfer | 1 | -71/+19 | |
To make it more understandable | |||||
2010-09-12 | s4:fsmo.py - fix an obvious typo | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-09-12 | s3: Remove a nesting level in winbindd_dual_pam_chauthtok | Volker Lendecke | 1 | -18/+19 | |
2010-09-11 | s4:unittest: Test wbinfo --group-info and --gid-info | Matthieu Patou | 1 | -3/+11 | |
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> | |||||
2010-09-11 | test_wbinfo.c - count more possible failures | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-09-11 | ldb:tools/cmdline.c - reorganise imports | Matthias Dieter Wallnöfer | 1 | -6/+2 | |
2010-09-11 | s4:param/secrets.c - reorganise imports | Matthias Dieter Wallnöfer | 1 | -4/+0 | |
2010-09-11 | s4:rpc_server/common/common.h - introduce two forward declarations to ↵ | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
suppress parameter declaration warnings Always Tru64 in file "param/loadparm.c" and possibly others. | |||||
2010-09-11 | ldb:tools/cmdline.c - make a counter unsigned where appropriate | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-09-11 | s4:ldb_register_samba_handlers - fix up and convert result codes to LDB/LDAP ↵ | Matthias Dieter Wallnöfer | 6 | -12/+12 | |
results | |||||
2010-09-11 | lib/replace/wscript:Tru64 build - Better use version 600 for _XOPEN_SOURCE | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
This means we request the "Single UNIX Specification, Version 3" with C99 compatibility as the Python 2.5 release on the system. This prevents redefinitions with different values. > [ 451/1918] Compiling scripting/python/pyglue.c > cc: Warning: /usr/local/include/python2.5/pyconfig.h, line 951: The redefinition of the macro "_XOPEN_SOURCE" conflicts with a current definition because the replacement lists differ. The redefinition is now in effect. (macroredef) > #define _XOPEN_SOURCE 600 > ----------------------^ > cc: Warning: default/source4/include/config.h, line 54: The redefinition of the macro "_XOPEN_SOURCE" conflicts with a current definition because the replacement lists differ. The redefinition is now in effect. (macroredef) > #define _XOPEN_SOURCE 500 > ----------------------^ | |||||
2010-09-11 | s4:dcesrv_samr_GetGroupsForUser - also universal group memberships are ↵ | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
returned here Tested using User Manager for Domains against Windows Server 2008. MS-SAMR 3.1.5.9.1 is wrong in this case therefore I've informed the dochelp team. | |||||
2010-09-11 | s4-privs Fix enum privileges in LSARPC server | Andrew Bartlett | 1 | -1/+1 | |
We were returning the index, not the LUID value Andrew Bartlett | |||||
2010-09-11 | s3-auth Fix typo in comment | Andrew Bartlett | 1 | -1/+1 | |
2010-09-11 | nss-waf: use the right winbind pipe path | Andrew Tridgell | 1 | -0/+1 | |
s4 uses a different location for the winbind pipe to s3 | |||||
2010-09-11 | winbind-waf: the installed name is libnss_winbind.so.2 | Andrew Tridgell | 1 | -1/+1 | |
the .2 is what libc adds to the name for this version of the nss API | |||||
2010-09-11 | s4:gensec Put the "NTLM" string for NTLMSSP's SASL name in a header | Andrew Bartlett | 2 | -1/+3 | |
2010-09-11 | s4-param: removed the lp_ varients of the functions | Andrew Tridgell | 1 | -18/+9 | |
these made debugging much harder. We should replace these with generated macros | |||||
2010-09-11 | s4-param: move back to auto-generation of loadparm prototypes | Andrew Tridgell | 3 | -161/+7 | |
2010-09-11 | s4-credentials: get all attributes in cli_credentials_set_secrets() | Andrew Tridgell | 1 | -17/+1 | |
This ensures we get whenChanged, which is needed by the s3 winbind code to ensure we don't repeatedly try to change the password | |||||
2010-09-11 | security.idl Clarify that this is not a network structure | Andrew Bartlett | 1 | -0/+1 | |
2010-09-11 | libcli/auth/schannel_state_tdb.c - fix includes | Matthias Dieter Wallnöfer | 1 | -3/+1 | |
Otherwise we get a "declared inside parameter list" warning. | |||||
2010-09-11 | lib/replace:wscript - additional attempt to fix the build on Tru64 | Matthias Dieter Wallnöfer | 1 | -1/+3 | |
Obviously we really need both definitions ("socklen_t" has been found by "_XOPEN_SOURCE"=500). But now FIONREAD wasn't accessible. | |||||
2010-09-11 | libcli/security Use talloc_zero when making a struct security_token | Andrew Bartlett | 2 | -7/+1 | |
2010-09-11 | libcli/privileges Fix comment | Andrew Bartlett | 1 | -1/+1 | |
2010-09-11 | s4-privs Seperate rights and privileges | Andrew Bartlett | 6 | -82/+137 | |
These are related, but slightly different concepts. The biggest difference is that rights are not enumerated as a system-wide list. This moves the rights to security.idl due to dependencies. Andrew Bartlett | |||||
2010-09-11 | s3-krb5 Fix Kerberos on FreeBSD with Samba4 DCs | Andrew Bartlett | 1 | -3/+1 | |
The idea of this patch is: Don't support a mix of different kerberos features. Either we should prepare a GSSAPI (8003) checksum and mark the request as such, or we should use the old behaviour (a normal kerberos checksum of 0 data). Sending the GSSAPI checksum data, but without marking it as GSSAPI broke Samba4, and seems well outside the expected behaviour, even if Windows accepts it. Andrew Bartlett | |||||
2010-09-11 | libcli/security Remove unused SE_NONE define | Andrew Bartlett | 1 | -1/+0 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | libcli/security Move 'private' privileges functions to another header | Andrew Bartlett | 4 | -24/+43 | |
These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> |