summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-06-27winbindd and nmbd don't set their umask to zero on startup like smbd does.Jeremy Allison2-0/+12
Fix this - we already control tightly what permissions are on the files we create. Ensure we don't get surprised. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jun 27 02:02:24 CEST 2013 on sn-devel-104
2013-06-26sharesec: Document --view-allVolker Lendecke1-0/+8
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jun 26 18:43:45 CEST 2013 on sn-devel-104
2013-06-26sharesec: Document -v/--viewVolker Lendecke1-0/+7
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-26sharesec: Implement --view-allVolker Lendecke1-1/+34
Listing individual shares can be quite slow when you have a lot of shares. This implements a --view-all option that prints something like [share1] REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/FULL [share2] REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/FULL Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-25s3:smbd/close remove filesystem lock before removing sharemodeChristian Ambach1-0/+9
otherwise we are open for a race condition: opener 1 opens file and closes it - during the close, the share mode entry will be removed from locking.tdb, but share mode in the file system will be dropped later after delete_on_close and write time updates have been done opener 2 requests open of same file with file overwrite - locking.tdb does not list original entry, but file system share mode is still around - VFS_FTRUNCATE will fail and error was converted to STATUS_ACCESS_DENIED Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Tue Jun 25 14:48:44 CEST 2013 on sn-devel-104
2013-06-25s3:smbd/close use common exit pathChristian Ambach1-9/+2
do not return early here, but use the common exit path that will remove the share mode from the record Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25s3:lib add mapping for ETXTBSYChristian Ambach1-0/+3
add ETXTBSY to the errno->STATUS conversion table. It will be mapped to STATUS_SHARING_VIOLATION Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25s3-ctdb: Fix auto-enabling of CTDB readonly supportDaniel Gan-Levi1-0/+28
This fixes Bug 9957 Bug: https://bugzilla.samba.org/show_bug.cgi?id=9957 Signed-off-by: Daniel Gan-Levi <danielg@il.ibm.com> Reviewed-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25s3:smbd/aio mark file as modified in the SMB2 caseChristian Ambach1-0/+2
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25nsswitch: fix a commentChristian Ambach1-1/+1
the beginning if is only ifdef LINUX now, not the long list this comment refers to Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-06-25heimdal_build: Add missing dep on samba4kgetcredAndrew Bartlett1-1/+1
This started to fail on current Debian Sid with system Heimdal after a binutils update. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Jun 25 02:30:59 CEST 2013 on sn-devel-104
2013-06-24torture: Add tests for LDAP substring search with no strings providedAndrew Bartlett1-0/+110
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jun 24 23:55:07 CEST 2013 on sn-devel-104
2013-06-24libcli/ldap: Cope with substring match with no chunks in ldap_push_filterAndrew Bartlett1-18/+21
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-24ldb: bump version to allow a depencency on the substring crash fixAndrew Bartlett3-1/+265
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-24ldb: Cope with substring match with no chunks in ldb_filter_from_treeAndrew Bartlett1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-24Note how vfs_gpfs uses the "acl map full control" parameter.Jeremy Allison1-0/+10
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jun 24 21:24:38 CEST 2013 on sn-devel-104
2013-06-24Add missing documentation for vfs_zfsacl.Jeremy Allison1-0/+160
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-24Use existing "acl map full control" parameter to control the adding of the ↵Jeremy Allison1-2/+17
DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's. Windows maps an open request of GENERIC_ALL on files to 0x1FF specific bits, which includes DELETE_CHILD even though this has no meaning on file ACE's. If a returned NFSv4 ACE entry for a file has all other specific bits set except for DELETE (which comes from the containing directory) and DELETE_CHILD (which has no meaning) then optionally add it into the returned ACE entry. This is using the same parameter in the same way as it is currently used in smbd/posix_acls.c. Note that as this parameter is on by default, it is already being tested in the existing raw.acl tests. Fixes issue with Microsoft SMB2 torture test suite found at the interop event in Redmond, WA. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
2013-06-24s3/smbclient: fix incorrect command tab completionsDavid Disseldorp1-8/+8
smbclient commands can offer tab-completion for local and remote paths. This behaviour is specified for the first two arguments using the compl_args entry in the commands struct. This change fixes a number of incorrectly specified compl_args values. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Aurélien Aptel <aurelien.aptel@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Mon Jun 24 19:32:54 CEST 2013 on sn-devel-104
2013-06-24build: Remove the struct MD5Context conf file check.Andrew Bartlett1-1/+0
Fix the build. Reviewed-by: Jeremy Allison <jra@samba.org> Tested-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Mon Jun 24 14:11:09 CEST 2013 on sn-devel-104
2013-06-24lsa4: Fix a set but unused variable warningSimo Sorce1-2/+12
Also insure that we exit immediately on any error. Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jun 24 12:17:52 CEST 2013 on sn-devel-104
2013-06-22ldb: Ensure not to segfault on a filter such as (mail=)Andrew Bartlett1-0/+5
As reported by Robin McCorkell <xenopathic@gmail.com> triggered by Mozilla Thunderbird as an LDAP client. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Jun 22 09:33:14 CEST 2013 on sn-devel-104
2013-06-21Add missing SMB2/SMB3 share capability flag defineSteve French1-0/+1
SMB3.02 adds SHARE_CAP_ASYMMETRIC Signed-off-by: Steve French <smfrench@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jun 21 22:57:16 CEST 2013 on sn-devel-104
2013-06-21lsa4: Fix a set but unused variable warningVolker Lendecke1-2/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21lsa4: Remove an unused variableVolker Lendecke1-3/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21lsa4: Remove an unused variableVolker Lendecke1-3/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21lsa4: Remove an unused variableVolker Lendecke1-3/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21Fix glusterfs backend crash found at the Microsoft interop event.Jeremy Allison1-2/+4
Based on a fix originally from Raghavendra Talur <rtalur@redhat.com>. When a new document is created in explorer, a check for file_exist is made. vfs_gluster_get_real_filename was returning 0 even when the file did not exist. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: "Christopher R. Hertel" <crh@ubiqx.mn.org>
2013-06-21Fix some blank line endingsVolker Lendecke14-533/+527
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
2013-06-21dns: Fix CID 1034969 Uninitialized scalar variableVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Fri Jun 21 17:32:16 CEST 2013 on sn-devel-104
2013-06-21s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals ↵Christian Ambach1-4/+33
with BUILTIN when creating a BUILTIN group, make the strategy dependent on passdb backend behavior 1. if passdb is responsible for BUILTIN (normal case), call pdb_create_builtin_alias with gid=0 argument so it asks winbindd for a gid to be used 2. if passdb is not responsible, ask for a mapping for the group first and let pdb_create_builtin_alias create the mapping based on the gid that was determined in the mapping request Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Jun 21 12:49:10 CEST 2013 on sn-devel-104
2013-06-21s3:passdb add a gid argument to pdb_create_builtin_aliasChristian Ambach4-15/+25
make it possible to skip the allocation of a new gid from winbind by specifying the gid to be used Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:utils/net_sam make use of pdb_create_builtin helper functionChristian Ambach1-1/+1
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb expose pdb_create_builtin functionChristian Ambach3-3/+5
this one first tries to map the principal before allocating a new gid Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb/pdb_tdb add parameter to control handling of BUILTINChristian Ambach1-0/+10
with tdbsam:map builtin, one can control if tdbsam should be used to map entries from BUILTIN or not. By default, they will be mapped (as in older releases) Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb/pdb_ldap remove an unnecessary checkChristian Ambach1-4/+0
as general passdb code already verifies for which idmap domains the module is responsible, requests for other domains should not come in here any more Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb/pdb_ldap make the module handle well-knownChristian Ambach1-0/+7
overwrite the passdb defaults and let this module handle well-knowns Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb make pdb_sid_to_id honor backend responsibilitiesChristian Ambach1-0/+7
only ask passdb backend for mapping if it is responsible Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb/pdb_samba_dsdb make the module handle well-knownChristian Ambach1-0/+7
overwrite the passdb defaults and let this module handle well-knowns Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functionsChristian Ambach1-15/+34
ask passdb to determine if sid/object should be handled by passdb or not Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb add pdb_*_is_responsible_for* functionsChristian Ambach3-0/+84
allows PDB modules to specify for which special domains they are responsible when it comes to SID->xid conversion By default, passdb modules will be responsible for local BUILTIN, local SAM and Unix Users/Groups Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb add idmap control functionsChristian Ambach1-1/+8
make it possible for each backend to specify for which domains it should be asked for SID->xid mappings Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb/samba_dsdb fix some compiler warningsChristian Ambach1-2/+2
about gids and group_sids being potentially uninitialized Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:passdb/samba_dsdb fix a compiler warningChristian Ambach1-1/+1
about discarding const modifier Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21s3:utils/net_lookup fix a format-errorChristian Ambach1-1/+1
clang complains about short being used for unsigned as format-error Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-20s4-winbind: Add special case for BUILTIN domainAndrew Bartlett3-20/+37
This should mean that lookups for the BUILTIN domain cause less trouble then they have in the past, because they will no longer go via the trusted domain handler. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
2013-06-20Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in ↵Jeremy Allison4-6/+54
"EOF on stdin" Only install the stdin handler if it's a pipe or fifo. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-19build: Build with system md5.h on OpenIndianaAndrew Bartlett26-37/+38
This changes (again...) our system md5 detection to cope with how OpenIndiana does md5. I'm becoming increasingly convinced this isn't worth our while (we should have just done samba_md5...), but for now this change seems to work on FreeBSD, OpenIndiana and Linux with libbsd. This needs us to rename struct MD5Context -> MD5_CTX, but we provide a config.h define to rename the type bad if MD5_CTX does not exist (it does however exist in the md5.h from libbsd). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-18Re-add umask(0) code removed by commit 3a7c2777ee0de37d758fe81d67d6836a8354825eJeremy Allison1-2/+7
Without the umask code the pipe permissions are affected by the umask of the calling process. As only smbd currently sets its umask to zero (nmbd and winbindd should do the same) this causes the winbindd pipe to be unavailable to the nss library code unless winbindd is run from an init process that explicitly sets umask to zero. When testing from the command line this can be hard to track down :-). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jun 18 04:31:27 CEST 2013 on sn-devel-104
2013-06-18Fix xx_path() - return check from mkdir() is incorrect.Jeremy Allison1-3/+8
This is very old code, but mkdir() fails with -1, not 0. Only print the error message is mkdir failed with anything other than EEXIST. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>