Age | Commit message (Collapse) | Author | Files | Lines |
|
with BUILTIN
when creating a BUILTIN group, make the strategy dependent on passdb backend behavior
1. if passdb is responsible for BUILTIN (normal case), call pdb_create_builtin_alias with gid=0 argument
so it asks winbindd for a gid to be used
2. if passdb is not responsible, ask for a mapping for the group first and let pdb_create_builtin_alias
create the mapping based on the gid that was determined in the mapping request
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 21 12:49:10 CEST 2013 on sn-devel-104
|
|
make it possible to skip the allocation of a new gid from winbind
by specifying the gid to be used
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
this one first tries to map the principal before
allocating a new gid
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
with tdbsam:map builtin, one can control if tdbsam should
be used to map entries from BUILTIN or not.
By default, they will be mapped (as in older releases)
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
as general passdb code already verifies for which
idmap domains the module is responsible, requests for
other domains should not come in here any more
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
overwrite the passdb defaults and let this module handle well-knowns
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
only ask passdb backend for mapping if it is responsible
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
overwrite the passdb defaults and let this module handle well-knowns
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
ask passdb to determine if sid/object should be handled by passdb or not
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
allows PDB modules to specify for which special domains they
are responsible when it comes to SID->xid conversion
By default, passdb modules will be responsible for local BUILTIN,
local SAM and Unix Users/Groups
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
make it possible for each backend to specify for which domains
it should be asked for SID->xid mappings
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
about gids and group_sids being potentially uninitialized
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
about discarding const modifier
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
clang complains about short being used for unsigned as format-error
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
This should mean that lookups for the BUILTIN domain cause less trouble
then they have in the past, because they will no longer go via the
trusted domain handler.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
|
|
"EOF on stdin"
Only install the stdin handler if it's a pipe or fifo.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5. I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.
This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
|
|
Without the umask code the pipe permissions are affected by the
umask of the calling process. As only smbd currently sets its
umask to zero (nmbd and winbindd should do the same) this causes
the winbindd pipe to be unavailable to the nss library code unless
winbindd is run from an init process that explicitly sets umask
to zero. When testing from the command line this can be hard to
track down :-).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 18 04:31:27 CEST 2013 on sn-devel-104
|
|
This is very old code, but mkdir() fails with -1, not 0.
Only print the error message is mkdir failed with anything
other than EEXIST.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
The vfs_catia man page refers to two configuration variants, one
applying to Samba <= 3.4.x and one referring to Samba >= 3.5.x.
This change removes all information specific to Samba <= 3.4.x, as such
versions have been discontinued.
This change also improves formatting and nomenclature: configuration
parameters, examples and caveats are split into separate sections, and
server-side/client-side terms replace the ambiguous use of Unix and
Windows.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 17 23:23:57 CEST 2013 on sn-devel-104
|
|
The vfs_catia man page currently recommends the mapping of server-side
space-characters (0x20) to client-side plus-minus characters (0xb1).
This recommendation should not be made, as 0x20 is a valid filename
component on both system character sets.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
The create disposition FILE_OVERWRITE_IF is mapped to the flags
O_CREAT|O_TRUNC. In vfs_streams_xattr, this triggers two calls to
SMB_VFS_SETXATTR. The second can fail if O_EXCL is also set, resulting
in an unnecessary error.
Merge the identical code to handle O_CREAT and O_TRUNC to avoid setting
an empty attribute twice. Also add the flags parameter to the debug
message.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
... saves 200 bytes on 64 bit Linux with -O3
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 14 22:27:43 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Use the implicit cleanup facility CLEAR_IF_FIRST provides
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
The only caller set "use_fd" to "true".
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 14 20:29:56 CEST 2013 on sn-devel-104
|
|
"unsigned" could be less than uint64_t, so idx==UINT64_MAX is always false.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
|
|
dsdb_get_sd_from_ldb_message()
Every object has a nTSecurityDescriptor attribute.
This also avoids potential segfaults in the callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
Also the result of this search not controlled by the client
nor is the result exposed to the client.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We should call irpc_add_name() when we start the smb_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We should call irpc_add_name() when we start the rpc_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We should call irpc_add_name() when we start the ldap_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This makes the code easier to read.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 11:15:01 CEST 2013 on sn-devel-104
|
|
it. Otherwise, if one of the SETXATTR calls had failed, the close() call will return EBADF.
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <rsharpe@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 13 01:43:18 CEST 2013 on sn-devel-104
|
|
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 12 19:54:30 CEST 2013 on sn-devel-104
|
|
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 12 13:46:57 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This probes when the usn is updated, and when it is not.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 12 11:54:01 CEST 2013 on sn-devel-104
|
|
While python didn't mind (oddly) it really confused my editor.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
This handles deletions and replacements with no value, or with an
exactly specified value, as well as modifies.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This helps us in the KCC as we need to return the deleted DN for the GUID
in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Tested against Windows 2008R2, presumably before the KCC ran.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
1000, but Microsoft supports around 1800.
Issue description: I was trying to add maximum number of aces on Microsoft
share, where I was able to add nearly 1800 aces on a file/folder SD. But Samba
does not support adding 1800 aces to SD instead it limited to 1000.
Expected behavior: Ideally SAMBA should also support as like Windows to compare
with Windows standard. Set to 2000 until we add EA limits in the server.
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 12 02:52:36 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 12 01:00:44 CEST 2013 on sn-devel-104
|