summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-11-23web_server: Load SWAT if it is available.Jelmer Vernooij1-3/+31
Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Fri Nov 23 01:39:38 CET 2012 on sn-devel-104
2012-11-22web_server: the web server is not multi-process, indicate so in WSGI.Jelmer Vernooij1-1/+1
This is a requirement for some of the paster middleware used by SWAT2. Reviewed-by: Matthieu Patou <mat@matws.net>
2012-11-22web_server: Properly decrement reference counters for python objects in wsgi.Jelmer Vernooij1-29/+81
Reviewed-by: Matthieu Patou <mat@matws.net>
2012-11-22web_server: Properly set SCRIPT_NAME and PATH_INFO.Jelmer Vernooij1-2/+5
Reviewed-by: Matthieu Patou <mat@matws.net>
2012-11-22web_server: Create a string object for SERVER_PORT variable.Jelmer Vernooij1-1/+1
This matches the behaviour of other wsgi server implementations. Reviewed-by: Matthieu Patou <mat@matws.net>
2012-11-22web_server/wsgi: Don't segfault when wsgi app doesn't return iterable.Jelmer Vernooij1-0/+5
There is a bug in the application if this happens, but invalid Python code shouldn't cause segfaults. Reviewed-by: Matthieu Patou <mat@matws.net>
2012-11-22build: Do not install testing binariesAndrew Bartlett4-5/+24
These binaries are for developer or selftest use, and are not supported for installation onto the system. The autoconf build does not install these binaries, and so neither should the waf build. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Nov 22 12:00:36 CET 2012 on sn-devel-104
2012-11-22packaging: Remove long-gone --disable-merged-build from RHEL-CTDB packagingAndrew Bartlett2-2/+0
Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-22build: Remove --enable-smbtorture, require bin/smbtorture (from waf) for ↵Andrew Bartlett5-22/+11
make test This simply moves this to being a side-effect of --enable-selftest. The flag was renamed from --enable-smbtorture4 in a recent patch. Make test now relies on smbtorture4, and so this code to make the dependency optional for the tests is not required any more. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-22build: Be consistent with the name of smbtorture binariesAndrew Bartlett7-37/+28
This ensures that in both build systems, smbtorture3 is the source3 binary, and smbtoture is our main smbtorture binary, built with waf. Also included in this is the removal of bin/ndrdump4 as a special case. This removes the last cases of binaries with different names in each build system. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-22torture: remove source3 locktest and masktestAndrew Bartlett3-722/+0
We now just build these in waf, using the source4/torture code. The source4 versions of these are tested in make test. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-22build: Use ntlm_auth from source3 as the only ntlm_auth installed on the systemAndrew Bartlett3-8/+10
The ntlm_auth4 binary is untested, and is missing major features compared with the source3 binary. The two are being slowly merged, but I have not finished that. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-22lib/replace: Do not use STRERROR_R_PROTO_COMPATIBLE as only roken.h sets thisAndrew Bartlett2-4/+2
Currently, we put strerror_r into libreplace even on systems with strerror_r. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-22s4/web_server: Fix typo in URL.Jelmer Vernooij1-1/+1
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Thu Nov 22 01:37:02 CET 2012 on sn-devel-104
2012-11-20s3:smbd/aio do not mark file modified during readsChristian Ambach1-2/+0
this causes each file that is potentially just opened for reading to be marked as modified and lots of file change notifications will be send Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Tue Nov 20 21:02:34 CET 2012 on sn-devel-104
2012-11-20s3: Fix some blank line endingsVolker Lendecke1-10/+10
Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Nov 20 19:18:33 CET 2012 on sn-devel-104
2012-11-20librpc/idl: teach ndrdump about dumping security.idl structuresStefan Metzmacher1-0/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-20s3:librpc: add support for PFC_FLAG_OBJECT_UUID when parsing packets (bug #9382)Stefan Metzmacher1-0/+4
Now the logic matches the one in dcerpc_read_ncacn_packet_done(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-20s4:torture/rpc/handles: try to make the assoc_group test less flakeyStefan Metzmacher1-1/+5
Just incrementing the assoc_group_id makes it too likely to hit a number that is already in use. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-20s4:torture/rpc/handles: move a torture_comment()Stefan Metzmacher1-2/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-20s3:param: set "map archive = no" in ROLE_ACTIVE_DIRECTORY_DCStefan Metzmacher1-0/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-20examples: fix build on AIX6Christian Ambach2-0/+4
Signed-off-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Nov 20 16:06:59 CET 2012 on sn-devel-104
2012-11-20build(waf): fix a typoChristian Ambach1-1/+1
Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Nov 20 11:54:51 CET 2012 on sn-devel-104
2012-11-20More for #9374 - Allow smb2.acls torture test to pass against smbd with a ↵Jeremy Allison3-9/+11
POSIX ACLs backend. Change can_delete_directory() to can_delete_directory_fsp(), as we only ever call this from an open directory file handle. This allows us to use OpenDir_fsp() instead of OpenDir(). OpenDir() re-checks the ACL on the directory, which may refuse DIR_LIST permissions. OpenDir_fsp() does not. As this is a file-server internal check to see if the directory actually contains any files before setting delete on close, we can ignore the ACL here (Windows does). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Nov 20 01:46:28 CET 2012 on sn-devel-104
2012-11-19Add comments explaining exactly *why* we don't check FILE_READ_ATTRIBUTES ↵Jeremy Allison1-3/+21
when evaluating file/directory ACE's. If we can access the path to this file, by default we have FILE_READ_ATTRIBUTES from the containing directory. See the section. "Algorithm to Check Access to an Existing File" in MS-FSA.pdf. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-17s3:modules:nfs4_acls remove unused mem_ctx parameter to smbacl4_fill_ace4Christian Ambach1-3/+1
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Nov 17 01:11:07 CET 2012 on sn-devel-104
2012-11-16s3:modules:nfs4_acls fix memory hierarchy in smb_create_smb4aclChristian Ambach1-2/+1
the ACEs should be talloc children of the ACL itself and not be placed on talloc_tos() Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-16s3:vfs_gpfs fix a memory leak in gpfsacl_get_posix_aclChristian Ambach1-0/+3
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-16s3:vfs_gpfs fix memory corruption in gpfs2smb_aclChristian Ambach1-0/+2
sys_acl_init returns a SMB_ACL_T with zero entries in the acl array reallocate the array to proper size before filling it, otherwise we overwrite memory This one is a result of a improper fixing in 7a6182962966e5edb42728c8 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-16s3:vfs_gpfs fix memory leak in gpfs_get_nfs4_aclChristian Ambach1-0/+1
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-16s3:vfs_gpfs fix memory leaks in gpfs_getacl_allocChristian Ambach1-2/+4
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-16samba-tool dns: Don't use "localhost" to connect to local hostKai Blin1-0/+2
Calling "samba-tool dns <cmd> localhost" provokes a stacktrace. This just makes 'samba-tool dns <cmd> localhost' work and doesn't fix the underlying issue, but I don't see it causing any harm (unless you don't have an ipv4 localhost, I guess). Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Nov 16 13:18:14 CET 2012 on sn-devel-104
2012-11-16utils: Remove unused samba-dig toolKai Blin3-168/+0
Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-16dsdb: Make secrets_tdb_sync cope with -H secrets.ldbAndrew Bartlett1-2/+3
The issue was, without a / in the path, we did not cope. Andrew Bartlett Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-16s3:param: make init_locals() static.Michael Adam2-2/+1
it is only used in loadparm.c Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Nov 16 03:33:34 CET 2012 on sn-devel-104
2012-11-16s3-param: Handle setting default AD DC per-share settings in init_locals()Andrew Bartlett1-19/+37
This function is helpfully called between when we finish processing the globals and when we start processing the individual shares. This means that the "vfs objects" and other per-share settings we specify here become the defaults for (eg) [netlogon] and [sysvol] but the admin can override these on a per-share basis or (as we must in make test) for the whole server. This broke setting and fetching of group policy objects from Windows clients, since this setting was moved from fileserver.conf in 8518dd6406c0132dfd8c44e084c2b39792974f2c, and wasn't found in 'make test' because we have to override the vfs objects to insert the xattr_tdb and fake_acl modules. Andrew Bartlett Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-16s4:samba-tool: Fix samba-tool fsmo --role=schemaArvid Requate1-1/+1
Fix traceback: samba-tool fsmo --role=schema --force ERROR(<type 'exceptions.TypeError'>): uncaught exception - argument 2 must be string, not ldb.Dn File "/usr/lib/python2.6/dist-packages/samba/netcmd/__init__.py", line 168, in _run return self.run(*args, **kwargs) File "/usr/lib/python2.6/dist-packages/samba/netcmd/fsmo.py", line 160, in run self.seize_role(role, samdb, force) File "/usr/lib/python2.6/dist-packages/samba/netcmd/fsmo.py", line 119, in seize_role m.dn = ldb.Dn(samdb, self.schema_dn) Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 16 00:40:24 CET 2012 on sn-devel-104
2012-11-16samba-tool: Add new samba-tool gpo aclcheck and testAndrew Bartlett2-0/+73
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-11-15Another fix needed for bug #9236 - ACL masks incorrectly applied when ↵Jeremy Allison1-7/+10
setting ACLs. Not caught by make test as it's an extreme edge case for strange incoming ACLs. I only found this as I'm making raw.acls and smb2.acls pass against 3.6.x and 4.0.0 with acl_xattr mapped onto a POSIX backend. An incoming inheritable ACE entry containing only one permission, WRITE_DATA maps into a POSIX owner perm of "-w-", which violates the principle that the owner of a file/directory can always read. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Nov 15 19:52:52 CET 2012 on sn-devel-104
2012-11-15popt_common: Fix typos.Karolin Seeger1-2/+2
Karolin Signed-off-by: Karolin Seeger <kseeger@samba.org> Reviewed by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Nov 15 01:31:50 CET 2012 on sn-devel-104
2012-11-14lib/replace: replace all *printf function if we replace snprintf (bug #9390)Stefan Metzmacher3-17/+34
This fixes segfaults in log level = 10 on Solaris. Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Björn Jacke <bj@sernet.de> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Wed Nov 14 19:41:14 CET 2012 on sn-devel-104
2012-11-14subunit: Update to latest upstream version.Jelmer Vernooij21-318/+1143
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Wed Nov 14 12:11:58 CET 2012 on sn-devel-104
2012-11-14testtools: Update to latest version.Jelmer Vernooij58-2931/+5207
2012-11-14smbd_open_one_socket does not use the messaging_context variable so why pass ↵Richard Sharpe1-3/+0
it in? Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Nov 14 02:19:46 CET 2012 on sn-devel-104
2012-11-14A small error message fix in source3/smbd/server.cRichard Sharpe1-1/+1
Removes some incorrect info from an error message (probably from its old place when it was copied). Reviewed by: Jeremy Allison <jra@samba.org>
2012-11-14scripting ntacls: Do not place a SACL in the GPO filesystem ACLAndrew Bartlett1-1/+0
On a new GPO created on windows, the SACL is not used. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Nov 14 00:34:50 CET 2012 on sn-devel-104
2012-11-13ntvfs: Fill in sd->type based on the new ACL being addedAndrew Bartlett1-0/+21
Previously we would not change the type field, and just relied on what was in the original ACL based on the default SD. This is required to ensure the SEC_DESC_DACL_PROTECTED is set which is in turn required for GPOs to be set correctly to match what windows does. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
2012-11-13smbd: Remove NT4 compatability handling in posix -> NT ACL conversionAndrew Bartlett8-155/+11
NT4 is long dead, and we should not change which ACL we return based on what we think the client is. The reason we should not do this, is that if we are using vfs_acl_xattr then the hash will break if we do. Additionally, it would require that the python VFS interface set the global remote_arch to fake up being a modern client. This instead seems cleaner and removes untested code (the tests are updated to then handle the results of the modern codepath). The supporting 'acl compatability' parameter is also removed. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
2012-11-13Change get_nt_acl_no_snum() to return an NTSTATUS, not a struct ↵Andrew Bartlett4-46/+34
security_descriptor *. Internally change the implementation to use SMB_VFS_GET_NT_ACL() instead of SMB_VFS_FGET_NT_ACL() with a faked-up file struct. Andrew Bartlett Reviewed by: Jeremy Allison <jra@samba.org>
2012-11-13smbd: Correctly set fsp->is_directory before dealing with ACLsAndrew Bartlett1-1/+24
Change set_nt_acl_no_snum() to correctly set up the fsp. This does a stat on a real fsp in set_nt_acl_no_snum. Reviewed by: Jeremy Allison <jra@samba.org>