summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-09-03s4-docs: Remove empty s4 HOWTO Collection.Karolin Seeger22-490/+0
This change was proposed by Andrew Bartlett on the samba-technical mailing list. Karolin
2012-09-03build: skip shipping the alpha13 provision in the release tarballsAndrew Bartlett1-1/+1
This test is important, but it is not important enough to include this volume of data in every tarball. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Sep 3 13:01:58 CEST 2012 on sn-devel-104
2012-09-03s4-classicupgrade: Show more clearly what is wrong with the Adminstrator SIDAndrew Bartlett1-0/+1
2012-09-03build: Only make bin/ if it does not existAndrew Bartlett1-1/+2
2012-09-03selftest: skip tests if the tarball did not include the alpha13 provisionAndrew Bartlett1-6/+28
2012-09-02waf: add new quota header checks and sysquota_4B source fileBjörn Jacke2-1/+3
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Sun Sep 2 23:21:22 CEST 2012 on sn-devel-104
2012-09-02s3: remove some duplicate quota codeBjörn Jacke1-27/+12
2012-09-02s3: adopt the new sysquotas_4B support for BSDBjörn Jacke2-3/+28
most BSD systems have ufs/ufs/quota.h and they count the quota in blocks, not bytes and have slightly different dqblk struct members.
2012-09-02s3: add sysquotas_4B supportBjörn Jacke5-4/+227
this is from James Peach's darwin patch, that exists since a couple of years already. Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Sun Sep 2 01:00:41 CEST 2012 on sn-devel-104
2012-09-01s3: Make an if statement a bit easier to readVolker Lendecke1-2/+3
Fix indentation a bit Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Sep 1 07:07:12 CEST 2012 on sn-devel-104
2012-08-31Now SEC_RIGHTS_PRIV_RESTORE and SEC_RIGHTS_PRIV_BACKUP don't include any ↵Jeremy Allison2-4/+28
generic bits (they're used directly in the fileserver where the generic bits have already been mapped into file specific bits) we need to add the generic bits to the test when we have these privileges. Mark samba4.base.maximum_allowed knownfail until we implement NTCREATEX_OPTIONS_BACKUP_INTENT.
2012-08-31Rewrite torture_samba3_rpc_sharesec() to use a non-privileged user for share ↵Jeremy Allison2-15/+182
security descriptor testing.
2012-08-31Add a comment showing where to set log level in tests.Jeremy Allison1-0/+3
2012-08-31Change the S3 fileserver over to se_file_access_check().Jeremy Allison2-7/+10
Don't set the priv_open_requested yet until the open-for-backup request is correctly passed in.
2012-08-31Factor out privilege checking code into se_file_access_check() which takes a ↵Jeremy Allison2-10/+87
bool priv_open_requested parameter.
2012-08-31SEC_RIGHTS_DIR_PRIV_BACKUP and SEC_RIGHTS_DIR_PRIV_RESTORE aren't used ↵Jeremy Allison1-8/+7
anywhere. Remove (can re-add if needed). Ensure the privilege rights are always specific rights, not generic. By the time the privilege rights are examined, we've already mapped from generic to specific in the access_mask.
2012-09-01s4-dsdb: Remove unused variablesAndrew Bartlett1-3/+0
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Sep 1 05:10:47 CEST 2012 on sn-devel-104
2012-09-01s4-kdc: Improve grammer and clarity of password change failure messages.Andrew Bartlett1-4/+3
This can still be improved further, but avoid mentioning reasons that clearly do not apply in this case. Andrew Bartlett
2012-09-01s3: Fix warnings in aio_fork.cVolker Lendecke1-2/+4
2012-09-01s3: Remove a shadowing variable declarationVolker Lendecke1-2/+0
2012-09-01s4-dsdb: Remove unused tmp_ctx leaked onto long-term ldb_contextAndrew Bartlett1-2/+0
This was found based on a log provided by Ricky Nance <ricky.nance@weaubleau.k12.mo.us>. Thanks Ricky! Andrew Bartlett
2012-08-31s4 dns: Store TKEYs in a ringbufferKai Blin3-57/+106
This stops us from potentially being DoSed by tons of TKEYs Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 22:46:01 CEST 2012 on sn-devel-104
2012-08-31tdb: return unpack error on strdup failureDavid Disseldorp1-0/+3
Signed-off-by: Lars Müller <lars@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Aug 31 21:05:21 CEST 2012 on sn-devel-104
2012-08-31s3: Fix a few "warning: ISO C90 forbids mixed declarations and code"Volker Lendecke1-154/+234
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 31 19:24:47 CEST 2012 on sn-devel-104
2012-08-31s3:build fix autoconf build on RHEL5Christian Ambach1-0/+236
RHEL5 only has autoconf 2.59, so autogen.sh still needs to find autoconf-2.60.m4 somewhere, but it was removed with 5f58359 Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Fri Aug 31 12:50:03 CEST 2012 on sn-devel-104
2012-08-31s3:doc Fix name of timeout parameter in documentationChristof Schmitt1-3/+3
The name is time_audit:timeout, not time_audit:audit_timeout. Signed-off-by: Christian Ambach <ambi@samba.org>
2012-08-31s3:dbwrap_ctdb: Add DB name and key to warning messageChristof Schmitt1-1/+8
When a operation takes too long, it is useful for debugging to know the DB and the key. Signed-off-by: Christian Ambach <ambi@samba.org>
2012-08-31s4 dns: Negotiate GSSAPI-based TKEYsKai Blin4-1/+254
Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 10:38:35 CEST 2012 on sn-devel-104
2012-08-31s4-kdc: Give information on how long the password history isAndrew Bartlett1-1/+2
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Aug 31 08:06:17 CEST 2012 on sn-devel-104
2012-08-31s4-libnet: Fix memory leak of lsa_RefDomainList and lsa_String onto libnet_ctxAndrew Bartlett1-2/+2
These are only needed for as long as the call, and should be children of the private context. This was found based on a log provided by Ricky Nance <ricky.nance@weaubleau.k12.mo.us>. Thanks Ricky! Andrew Bartlett
2012-08-31auth/credentials: Do not print passwords in a talloc memory dumpAndrew Bartlett1-0/+8
The fact that a password was created here is enough information, so overwrite with the function name and line. Andrew Bartlett
2012-08-31VERSION: Move on to beta9Andrew Bartlett1-2/+2
We home beta8 will be the last beta, but to avoid confusion and allow more releases if required I won't mark it as rc1 until the actual release candidate. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Aug 31 02:07:23 CEST 2012 on sn-devel-104
2012-08-31VERSION: Mark as the beta8 releaseAndrew Bartlett1-1/+1
2012-08-31WHATSNEW: prepare for 4.0 beta8Andrew Bartlett1-35/+30
2012-08-30The NTVFS server doesn't pass the SMB1 INHERITFLAGS test.Jeremy Allison1-0/+1
Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 30 21:38:02 CEST 2012 on sn-devel-104
2012-08-30Now ACL inheritance flags are working, add test_inheritance_flags() back ↵Jeremy Allison1-5/+10
into raw.acls to ensure we don't regress.
2012-08-30With the inheritance ACL changes we now pass samba3.smb2.acls.INHERITFLAGS.Jeremy Allison1-1/+0
2012-08-30Fix bug #9124 - Samba fails to set "inherited" bit on inherited ACE's.Jeremy Allison1-3/+7
Change se_create_child_secdesc() to handle inheritance correctly.
2012-08-30Windows does canonicalization of inheritance bits. Do the same.Jeremy Allison1-0/+35
We need to filter out the SEC_DESC_DACL_AUTO_INHERITED|SEC_DESC_DACL_AUTO_INHERIT_REQ bits. If both are set we store SEC_DESC_DACL_AUTO_INHERITED as this alters whether SEC_ACE_FLAG_INHERITED_ACE is set when an ACE is inherited. Otherwise we zero these bits out. See: http://social.msdn.microsoft.com/Forums/eu/os_fileservices/thread/11f77b68-731e-407d-b1b3-064750716531 for details.
2012-08-30Change the other two places where we set a security descriptor given by the ↵Jeremy Allison2-25/+2
client to got through set_sd(), the canonicalize sd function.
2012-08-30Re-add set_sd(), called from set_sd_blob(). Allows us to centralize all ACL ↵Jeremy Allison2-14/+28
canonicalization.
2012-08-30Rename set_sd() to set_sd_blob() - this describes what it does.Jeremy Allison3-6/+6
2012-08-30s3:libsmb correctly set isFsctl for snapshot listChristian Ambach1-1/+1
FSCTL_GET_SHADOW_COPY_DATA is a FSCTL, so set the isFsctl marker otherwise smbclient allinfo will not report snapshots any more with the changes made for Bug #8311 Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Thu Aug 30 18:57:24 CEST 2012 on sn-devel-104
2012-08-30selftest: Remove spoolss tests from knownfail.Andreas Schneider1-66/+0
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Aug 30 17:17:55 CEST 2012 on sn-devel-104
2012-08-30selftest: Add missing printing options for plugin_s4_dc.Andreas Schneider1-0/+24
2012-08-30file_server: Fix spoolss support with s3fs.Andreas Schneider1-1/+1
2012-08-30selftest: Define the log directory for s3fs.Andreas Schneider1-0/+3
2012-08-30auth/credentials: Support match-by-key in cli_credentials_get_server_gss_creds()Andrew Bartlett3-3/+10
This allows a password alone to be used to accept kerberos tickets. Of course, we need to have got the salt right, but we do not need also the correct kvno. This allows gensec_gssapi to accept tickets based on a secrets.tdb entry. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Aug 30 01:26:12 CEST 2012 on sn-devel-104
2012-08-29s4-torture: Add start of a test to confirm winbindd PAC parsingAndrew Bartlett3-2/+157
So far this confirms that we can accept a ticket using the secrets.tdb entry. Andrew Bartlett
2012-08-29lib/krb4_wrap: Add const to kt_copy_one_principalAndrew Bartlett2-2/+2