Age | Commit message (Collapse) | Author | Files | Lines |
|
RPC-SAMR-USERS-PRIVILEGES test.
Guenther
|
|
This change brings ntvfs_connect into compliance with other ntvfs functions
which take an ntvfs module, an ntvfs request and an smb io union.
It now becomes the responsibility of ntvfs modules to examine
tcon->generic.level themselves and derive the share name and any other
options
directly; e.g.
const char *sharename;
switch (tcon->generic.level) {
case RAW_TCON_TCON:
sharename = tcon->tcon.in.service;
break;
case RAW_TCON_TCONX:
sharename = tcon->tconx.in.path;
break;
case RAW_TCON_SMB2:
default:
return NT_STATUS_INVALID_LEVEL;
}
if (strncmp(sharename, "\\\\", 2) == 0) {
char *p = strchr(sharename+2, '\\');
if (p) {
sharename = p + 1;
}
}
service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in
some of the tcon->..out values.
For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and
tcon->tconx.out.options
For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and
tcon->tcon.out.max_xmit
Thus the ntvfs_connect function for vfs modules may override these values
if desired, but are not required to.
ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type
fields, for RAW_TCON_TCONX, perhaps something like:
if (tcon->generic.level == RAW_TCON_TCONX) {
tcon->tconx.out.fs_type = ntvfs->ctx->fs_type;
tcon->tconx.out.dev_type = ntvfs->ctx->dev_type;
}
Signed-off-by: Sam Liddicott <sam@liddicott.com>
(I fixed the ntvfs_connect() in the smb_server/smb2/
and the RAW_TCON_SMB2 switch case in the modules)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Stop packet_recv getting greedy and reading the whole socket
and then dispatching te extra packets in a timer loop
Signed-off-by: Sam Liddicott <sam@liddicott.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
|
|
Jelmer, you might want to take a look at Andrew B's problem with
--enable-developer --disable-shared --disable-shared-libs
|
|
|
|
tevent_add_fd does not properly set that. At least in epoll and select this is
the only error condition.
Metze, please check!
|
|
Jeremy.
|
|
Remove two indentation levels by returning early on error.
Metze, please check!
|
|
targets
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Tim Prouty <tprouty@samba.org>
|
|
|
|
This fixes bug #5897. Thanks to TAKAHASHI Motonobu
<monyo [at] samba.gr.jp> for reporting and providing the example!
Karolin
|
|
This is a follow up to 69d61453df6019caef4e7960fa78c6a3c51f3d2a to
adjust the API to allow the lower layers allocate memory. Now the
memory can explicitly be freed rather than relying on talloc_tos().
Signed-off-by: Tim Prouty <tprouty@samba.org>
|
|
|
|
These were found interally via code inspection.
1) fake_sendfile was incorrectly writing zeros over real data on a
short read.
2) sendfile_short_send was doing 4 byte writes instead of 1024 byte
writes due to an incorrect sizeof usage.
Jermey, Vl please check
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Make map_max_allowed_access global. Change lsa_get_generic_sd
to add Everyone:LSA_POLICY_READ|LSA_POLICY_EXECUTE, not just
LSA_POLICY_EXECUTE.
Jeremy.
|
|
Guenther
|
|
Guenther
|
|
MAX_ACCESS to be mapped to what we're giving Everyone.
Jeremy.
|
|
Inspired by lsa server from Samba 4.
Just removing a user in SAMR does not remove a user in LSA. If you use
usermanager from windows, the "User Rights" management gui gets unaccessable as
soon as you delete a user that had privileges granted. With this fix, that
no longer existing user would properly appear as an unknown account in the GUI
(as it does while using usermanager with windows domains).
This almost makes Samba3 pass the RPC-SAMR-USERS-PRIVILEGES test.
Guenther
|
|
Certainly not the full story but this gets us closer to pass the
RPC-SAMR-USERS-PRIVILEGES test.
Guenther
|
|
This test demonstrates the independence of the lsa and samr accounts while
remove a samr users that still has privileges granted.
Guenther
|
|
The aio_fork module does not need this, as it does not communicate via signals
but with pipes. Watching a strace log with those become_root() calls in aio.c
is absolutely awful, and it does affect performance.
|
|
Jeremy as far as I can see there is no real technical reason to limit the
number of interfaces. If you like this patch, can you please merge it to 3.4?
If you don't please tell me :-)
Thanks,
Volker
|
|
Keeping such an fd open prohibits another open of that same file.
|
|
|
|
|
|
Metze is right: If we have *any* error at the socket level, we just can
not continue.
Also, apply some defensive programming: With this async stuff someone else
might already have closed the socket.
|
|
|
|
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
Wrap creation of share and setting of parameter into a transaction.
Michael
|
|
|
|
It is not used anywhere else, so make it also static and remove
it from proto.h
|
|
with released versions of talloc.
|
|
|
|
|
|
|
|
|