samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-03-05	s4-pvfs_sys: talloc_free should be before errno restore	Andrew Tridgell	1	-13/+13
	talloc can potentially change the errno
2010-03-05	s4-pvfs: use pvfs_sys_fchmod()	Andrew Tridgell	3	-4/+4

2010-03-05	s4-pvfs: set default for perm override based on system features	Andrew Tridgell	1	-1/+9
	If the system has O_NOFOLLOW and O_DIRECTORY then we allow for overrides by default. If not, then we disable by default, as we will be more vulnerable to symlink attacks
2010-03-05	s4-pvfs: use O_FOLLOW one level at a time for security overrides	Andrew Tridgell	1	-37/+357
	To prevent symlink attacks we need to use O_NOFOLLOW one level at a time when processing a root security override
2010-03-05	replace: added get_current_dir_name()	Andrew Tridgell	3	-0/+18

2010-03-05	s4-pvfs: use pvfs_sys_*() functions to wrap posix calls	Andrew Tridgell	5	-20/+20
	This allows for root override, which fixes many problems with mismatches between NT ACL permissions and unix permissions. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s4-pvfs: new pvfs_sys module	Andrew Tridgell	2	-0/+301
	The pvfs_sys_*() calls provide wrapper functions for posix file functions which use root privileges to override EACCES failures if PVFS_FLAG_PERM_OVERRIDE is set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s4-pvfs: added new pvfs flag PVFS_FLAG_PERM_OVERRIDE	Andrew Tridgell	2	-0/+4
	This flag indicates that we should use root privileges to override unix permissions when the NT ACLs indicate that access should be granted Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s4-privs: add root_privileges_original_uid()	Andrew Tridgell	1	-0/+6
	This can be used to get the uid we changed away from when we gained root privileges Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s3-selftest: enable RPC-WINREG against Samba 3.	Günther Deschner	1	-1/+1
	Guenther
2010-03-05	s4-smbtorture: skip NotifyChangeKeyValue test against s3 for now.	Günther Deschner	1	-0/+4
	Guenther
2010-03-05	s4:torture/rpc/samr.c - add some decision possibility constants to some switch	Matthias Dieter Wallnöfer	1	-0/+3
	At the moment nothing is done when the enumeration variable is set to one of those constants as before. This is only to quite nasty warnings.
2010-03-05	s4:torture/rpc/samr.c - make some argument of function ↵	Matthias Dieter Wallnöfer	1	-1/+1
	"test_SamLogon_with_creds" constant This to quiet warnings.
2010-03-05	s4:torture/winbind/struct_based.c - fix up (un)signedness of a function argument	Matthias Dieter Wallnöfer	1	-1/+2
	Otherwise always a warning is generated.
2010-03-05	s4-pvfs: log more error conditions in NTVFS backend	Andrew Tridgell	3	-0/+31
	This should make is easier to track down some bug reports Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s4-pvfs: move the private ntcreatex flags to private_flags	Andrew Tridgell	7	-20/+21
	Re-using two of the create_options bits was bound to eventually cause problems, and indeed, Windows7 now uses one of those bits when opening text files. Fixes bug 7189
2010-03-05	s4-rpc: don't use s->credentials after it is freed	Andrew Tridgell	1	-2/+1

2010-03-05	s4-torture: fixed commas separating C statements	Andrew Tridgell	1	-4/+3

2010-03-06	s3: Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler.	Bo Yang	1	-0/+6
	Signed-off-by: Bo Yang <boyang@samba.org>
2010-03-05	s4-python: only install external python libs that are missing	Andrew Tridgell	2	-1/+19

2010-03-05	s4-python: import a copy of the python dns library	Andrew Tridgell	114	-0/+16829
	This library is not installed on enough systems for us to rely on it being available. We use the system copy if possible, and fallback to this local copy Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s4-dns: use samba.external to pull in the dns.resolver library	Andrew Tridgell	1	-3/+5

2010-03-05	s4-python: allow us to have samba copies of python libraries we depend on	Andrew Tridgell	2	-0/+54
	For python libraries like dns.resolver it is useful to be able to install a copy of the library with Samba. This set of functions allows us to do that while using the locally installed version if it is available Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s4-dns-ex: use autoclose on the dns child pipe	Andrew Tridgell	1	-2/+1
	I'm hoping this will fix an occasional segfault I've noticed where epoll still calls events on a closed fde Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-05	s4-messaging: use auto-close on the socket	Andrew Tridgell	1	-0/+1

2010-03-04	srv_pipe.c doesn't reference current_user anymore. Remove it.	Jeremy Allison	1	-2/+0
	Jeremy.
2010-03-04	s4:auth/sam.c - change base context for the "tmp_ctx" context in ↵	Matthias Dieter Wallnöfer	1	-1/+1
	"authsam_expand_nested_groups" Better use the "res_sids_ctx" as base context for the "tmp_ctx" and not the long-living "sam_ctx"/"ldb" context to prevent memory leaks.
2010-03-04	s4:ldap.py - give the "primaryGroupToken" test a better name	Matthias Dieter Wallnöfer	1	-3/+3
	It tests also some other constructed attributes in a basic way.
2010-03-04	s4:ldap.py - add test for "tokenGroups"	Matthias Dieter Wallnöfer	1	-0/+44

2010-03-04	s4:operational LDB - don't accidentally "ate" search helper attributes if we ↵	Matthias Dieter Wallnöfer	1	-6/+14
	need them for more constructed attributes With this patch we delete the helper attributes at the end where all constructed attributes have already been computed.
2010-03-04	s4:operational LDB module - make the counters unsigned	Matthias Dieter Wallnöfer	1	-2/+2
	No need to have signed counters here.
2010-03-04	s4:operational LDB - implement the "tokenGroups" constructed attribute	Matthias Dieter Wallnöfer	2	-1/+96
	It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19.
2010-03-04	s4:sam.c - make "authsam_expand_nested_groups" public	Matthias Dieter Wallnöfer	2	-1/+7
	This is needed by the "tokenGroups" work in the operational LDB module.
2010-03-04	s4:sam.c - cosmetic indentation fix	Matthias Dieter Wallnöfer	1	-2/+1

2010-03-04	s4:sam.c - change variable types to unsigned in "sids_contains_sid"	Matthias Dieter Wallnöfer	1	-3/+4
	Should also be unsigned - no need for a signed "i" and "num_sids" here.
2010-03-04	s4:operational LDB module - use right memory context int ↵	Matthias Dieter Wallnöfer	1	-2/+2
	"construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer.
2010-03-04	Revert "s3:configure: add --enable-as-needed"	Karolin Seeger	1	-8/+2
	This reverts commit 22d316926b9589608d332143c1fa134229b75b3c. Please see bug #7209 for details.
2010-03-04	Refactored ACL python tests	Nadezhda Ivanova	1	-441/+256
	Made each type into a separate class to be easily run individually, removed code duplication
2010-03-04	s3:configure: add --enable-as-needed	Stefan Metzmacher	1	-2/+8
	On some broken systems like RHEL5, we need to be able to disable --as-needed. metze
2010-03-04	s4:provision - use the new "interface_ips" python call to detect the right ↵	Matthias Dieter Wallnöfer	1	-8/+8
	host IPv4 address Inform the user when there are more possibilities (so he can check for the right address and otherwise he is able to do an immediate reprovision) and no possibility at all (then we fall back to the loopback address "127.0.0.1" - this is thought for testing purposes). I think this should be enough for closing bug #5484.
2010-03-04	s4:ldif_handlers - Use "unsigned int" for counting purposes	Matthias Dieter Wallnöfer	1	-4/+4
	I changed "uint32_t" to "unsigned int" since the LDB specification prescrives "unsigned (int)" for counter variables (number of attributes, number of values...).
2010-03-04	testprogs: add test_PrinterDataW.	Günther Deschner	1	-0/+81
	Guenther
2010-03-04	testprogs: use dump_data in dump_printer_data.	Günther Deschner	1	-12/+4
	Guenther
2010-03-04	testprogs: add print_printer_dataw and dump_data to printlib.	Günther Deschner	2	-11/+94
	Guenther
2010-03-04	testprogs: add some multibyte versions of PrinterData calls.	Günther Deschner	1	-0/+130
	Guenther
2010-03-06	s3: Rerun genmsg after adding more strings.	Bo Yang	20	-799/+8390
	Signed-off-by: Bo Yang <boyang@samba.org>
2010-03-06	s3: Add i18n/l10n strings in pam_winbind.c coming from winbindd.	Bo Yang	2	-92/+96
	Signed-off-by: Bo Yang <boyang@samba.org>
2010-03-03	s4:samdb.c - Make it signed-safe	Matthias Dieter Wallnöfer	1	-2/+2
	Use an unsigned argument for the numbers of groups and the counter "i" since the function is called only by "auth_generate_session_info" with an unsigned number of groups argument.
2010-03-03	s4:srvsvc RPC - "srvsvc_create_ntvfs_connect"	Matthias Dieter Wallnöfer	1	-1/+1
	Previous commit was incomplete. The "service" parameter in the "tcon" structure should point to "scfg->name". I'm not sure if "share" is right but the first was used before commit f390daef475126b4ff5a3d0ffd2babbd87d4c22b.
2010-03-03	s4:srvsvc RPC - fix up the "ntvfs_connect" in "srvsvc_create_ntvfs_connect"	Matthias Dieter Wallnöfer	1	-3/+5
	This should be the right fix (set the service name in the tcon union to the share name/path). That should be the solution for bug #6784.