Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-03-05 | s4:samdb_privilege.c - Change two counter variables to unsigned | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
Also here in both cases the unsigned counter fits better than the signed one. | |||||
2010-03-05 | s4:cracknames - Change two counter variables to unsigned | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
In both cases the unsigned counter fits better: - in the first one since we are counting LDB objects starting from 0 - in the second since we are counting an array starting from 0 | |||||
2010-03-05 | s4-pvfs_sys: build on systems without O_NOFOLLOW or O_DIRECTORY | Andrew Tridgell | 1 | -4/+22 | |
2010-03-05 | s4-pvfs_sys: talloc_free should be before errno restore | Andrew Tridgell | 1 | -13/+13 | |
talloc can potentially change the errno | |||||
2010-03-05 | s4-pvfs: use pvfs_sys_fchmod() | Andrew Tridgell | 3 | -4/+4 | |
2010-03-05 | s4-pvfs: set default for perm override based on system features | Andrew Tridgell | 1 | -1/+9 | |
If the system has O_NOFOLLOW and O_DIRECTORY then we allow for overrides by default. If not, then we disable by default, as we will be more vulnerable to symlink attacks | |||||
2010-03-05 | s4-pvfs: use O_FOLLOW one level at a time for security overrides | Andrew Tridgell | 1 | -37/+357 | |
To prevent symlink attacks we need to use O_NOFOLLOW one level at a time when processing a root security override | |||||
2010-03-05 | replace: added get_current_dir_name() | Andrew Tridgell | 3 | -0/+18 | |
2010-03-05 | s4-pvfs: use pvfs_sys_*() functions to wrap posix calls | Andrew Tridgell | 5 | -20/+20 | |
This allows for root override, which fixes many problems with mismatches between NT ACL permissions and unix permissions. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s4-pvfs: new pvfs_sys module | Andrew Tridgell | 2 | -0/+301 | |
The pvfs_sys_*() calls provide wrapper functions for posix file functions which use root privileges to override EACCES failures if PVFS_FLAG_PERM_OVERRIDE is set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s4-pvfs: added new pvfs flag PVFS_FLAG_PERM_OVERRIDE | Andrew Tridgell | 2 | -0/+4 | |
This flag indicates that we should use root privileges to override unix permissions when the NT ACLs indicate that access should be granted Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s4-privs: add root_privileges_original_uid() | Andrew Tridgell | 1 | -0/+6 | |
This can be used to get the uid we changed away from when we gained root privileges Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s3-selftest: enable RPC-WINREG against Samba 3. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-03-05 | s4-smbtorture: skip NotifyChangeKeyValue test against s3 for now. | Günther Deschner | 1 | -0/+4 | |
Guenther | |||||
2010-03-05 | s4:torture/rpc/samr.c - add some decision possibility constants to some switch | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
At the moment nothing is done when the enumeration variable is set to one of those constants as before. This is only to quite nasty warnings. | |||||
2010-03-05 | s4:torture/rpc/samr.c - make some argument of function ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
"test_SamLogon_with_creds" constant This to quiet warnings. | |||||
2010-03-05 | s4:torture/winbind/struct_based.c - fix up (un)signedness of a function argument | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
Otherwise always a warning is generated. | |||||
2010-03-05 | s4-pvfs: log more error conditions in NTVFS backend | Andrew Tridgell | 3 | -0/+31 | |
This should make is easier to track down some bug reports Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s4-pvfs: move the private ntcreatex flags to private_flags | Andrew Tridgell | 7 | -20/+21 | |
Re-using two of the create_options bits was bound to eventually cause problems, and indeed, Windows7 now uses one of those bits when opening text files. Fixes bug 7189 | |||||
2010-03-05 | s4-rpc: don't use s->credentials after it is freed | Andrew Tridgell | 1 | -2/+1 | |
2010-03-05 | s4-torture: fixed commas separating C statements | Andrew Tridgell | 1 | -4/+3 | |
2010-03-06 | s3: Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler. | Bo Yang | 1 | -0/+6 | |
Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2010-03-05 | s4-python: only install external python libs that are missing | Andrew Tridgell | 2 | -1/+19 | |
2010-03-05 | s4-python: import a copy of the python dns library | Andrew Tridgell | 114 | -0/+16829 | |
This library is not installed on enough systems for us to rely on it being available. We use the system copy if possible, and fallback to this local copy Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s4-dns: use samba.external to pull in the dns.resolver library | Andrew Tridgell | 1 | -3/+5 | |
2010-03-05 | s4-python: allow us to have samba copies of python libraries we depend on | Andrew Tridgell | 2 | -0/+54 | |
For python libraries like dns.resolver it is useful to be able to install a copy of the library with Samba. This set of functions allows us to do that while using the locally installed version if it is available Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s4-dns-ex: use autoclose on the dns child pipe | Andrew Tridgell | 1 | -2/+1 | |
I'm hoping this will fix an occasional segfault I've noticed where epoll still calls events on a closed fde Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-05 | s4-messaging: use auto-close on the socket | Andrew Tridgell | 1 | -0/+1 | |
2010-03-04 | srv_pipe.c doesn't reference current_user anymore. Remove it. | Jeremy Allison | 1 | -2/+0 | |
Jeremy. | |||||
2010-03-04 | s4:auth/sam.c - change base context for the "tmp_ctx" context in ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
"authsam_expand_nested_groups" Better use the "res_sids_ctx" as base context for the "tmp_ctx" and not the long-living "sam_ctx"/"ldb" context to prevent memory leaks. | |||||
2010-03-04 | s4:ldap.py - give the "primaryGroupToken" test a better name | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
It tests also some other constructed attributes in a basic way. | |||||
2010-03-04 | s4:ldap.py - add test for "tokenGroups" | Matthias Dieter Wallnöfer | 1 | -0/+44 | |
2010-03-04 | s4:operational LDB - don't accidentally "ate" search helper attributes if we ↵ | Matthias Dieter Wallnöfer | 1 | -6/+14 | |
need them for more constructed attributes With this patch we delete the helper attributes at the end where all constructed attributes have already been computed. | |||||
2010-03-04 | s4:operational LDB module - make the counters unsigned | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
No need to have signed counters here. | |||||
2010-03-04 | s4:operational LDB - implement the "tokenGroups" constructed attribute | Matthias Dieter Wallnöfer | 2 | -1/+96 | |
It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19. | |||||
2010-03-04 | s4:sam.c - make "authsam_expand_nested_groups" public | Matthias Dieter Wallnöfer | 2 | -1/+7 | |
This is needed by the "tokenGroups" work in the operational LDB module. | |||||
2010-03-04 | s4:sam.c - cosmetic indentation fix | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-03-04 | s4:sam.c - change variable types to unsigned in "sids_contains_sid" | Matthias Dieter Wallnöfer | 1 | -3/+4 | |
Should also be unsigned - no need for a signed "i" and "num_sids" here. | |||||
2010-03-04 | s4:operational LDB module - use right memory context int ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
"construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer. | |||||
2010-03-04 | Revert "s3:configure: add --enable-as-needed" | Karolin Seeger | 1 | -8/+2 | |
This reverts commit 22d316926b9589608d332143c1fa134229b75b3c. Please see bug #7209 for details. | |||||
2010-03-04 | Refactored ACL python tests | Nadezhda Ivanova | 1 | -441/+256 | |
Made each type into a separate class to be easily run individually, removed code duplication | |||||
2010-03-04 | s3:configure: add --enable-as-needed | Stefan Metzmacher | 1 | -2/+8 | |
On some broken systems like RHEL5, we need to be able to disable --as-needed. metze | |||||
2010-03-04 | s4:provision - use the new "interface_ips" python call to detect the right ↵ | Matthias Dieter Wallnöfer | 1 | -8/+8 | |
host IPv4 address Inform the user when there are more possibilities (so he can check for the right address and otherwise he is able to do an immediate reprovision) and no possibility at all (then we fall back to the loopback address "127.0.0.1" - this is thought for testing purposes). I think this should be enough for closing bug #5484. | |||||
2010-03-04 | s4:ldif_handlers - Use "unsigned int" for counting purposes | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
I changed "uint32_t" to "unsigned int" since the LDB specification prescrives "unsigned (int)" for counter variables (number of attributes, number of values...). | |||||
2010-03-04 | testprogs: add test_PrinterDataW. | Günther Deschner | 1 | -0/+81 | |
Guenther | |||||
2010-03-04 | testprogs: use dump_data in dump_printer_data. | Günther Deschner | 1 | -12/+4 | |
Guenther | |||||
2010-03-04 | testprogs: add print_printer_dataw and dump_data to printlib. | Günther Deschner | 2 | -11/+94 | |
Guenther | |||||
2010-03-04 | testprogs: add some multibyte versions of PrinterData calls. | Günther Deschner | 1 | -0/+130 | |
Guenther | |||||
2010-03-06 | s3: Rerun genmsg after adding more strings. | Bo Yang | 20 | -799/+8390 | |
Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2010-03-06 | s3: Add i18n/l10n strings in pam_winbind.c coming from winbindd. | Bo Yang | 2 | -92/+96 | |
Signed-off-by: Bo Yang <boyang@samba.org> |