summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-03-09s3-winbindd: Add new module idmap_rfc2307Christof Schmitt5-1/+886
This module allows querying id mappings from LDAP servers as described in RFC 2307. The LDAP records can be queried from an Active Directory Server or from a stand-alone LDAP server. Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09s3-winbindd: Move connection to AD server from idmap_adChristof Schmitt3-62/+52
Having this in a common place allows reuse by other idmap modules. Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09s3-winbindd: Use common helper function for connecting to ADSChristof Schmitt3-86/+87
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09s3-winbindd: Move code for verifying ADS connection to common helper functionChristof Schmitt3-45/+41
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09s3-winbindd: Move idmap_fetch_secret to idmap_utils.c for reuseChristof Schmitt3-24/+27
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09s3-winbindd: Move common code for LDAP id mapping to idmap_utilsChristof Schmitt4-83/+53
idmap_ad and idmap_ldap use the same helper functions and the same maximum query size. Move the code to idmap_utils so that it can be shared by every module issuing LDAP queries. Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09s4-dns: dlz_bind9: Check result to avoid segfaultStefan Gohmann1-1/+1
We saw this issue in a customer environment with many CNF objects. I wasn't able to reproduce it, but I got the following core dump: (gdb) directory samba4-4.0.0~rc6/source4/dns_server/ Source directories searched: /root/samba4-4.0.0~rc6/source4/dns_server:$cdir:$cwd (gdb) bt #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 #1 0xb4b0bdb8 in dlz_lookup (zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", dbdata=0x9648e48, lookup=0xb6db7588) at ../source4/dns_server/dlz_bind9.c:875 #2 0x080b43d8 in dlopen_dlz_lookup () #3 0xb7701755 in findnode () from /usr/lib/libdns.so.81 #4 0xb7701d22 in find () from /usr/lib/libdns.so.81 #5 0xb7639e5f in dns_db_find () from /usr/lib/libdns.so.81 #6 0x08075476 in query_find () #7 0x0807acb9 in ns_query_start () #8 0x08060712 in client_request () #9 0xb743022b in run () from /usr/lib/libisc.so.81 #10 0xb7216955 in start_thread () from /lib/i686/cmov/libpthread.so.0 #11 0xb706c1de in clone () from /lib/i686/cmov/libc.so.6 (gdb) f 0 #0 0xb4b0bc13 in dlz_lookup_types (state=0x9648e48, zone=0xb659b9a8 "xxxxxx.xxxxx.de", name=0xb659bda8 "client9173", lookup=0xb6db7588, types=0x0) at ../source4/dns_server/dlz_bind9.c:830 830 el = ldb_msg_find_element(res->msgs[0], "dnsRecord"); (gdb) p res->msgs $1 = (struct ldb_message **) 0x0 (gdb) p res->count $2 = 0 (gdb) Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09doc: add vfs_btrfs man pageDavid Disseldorp2-0/+86
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-09s3-vfs: add vfs_btrfs moduleDavid Disseldorp5-0/+224
Currently it only plumbs itself into the copy_chunk call path, translating such requests into BTRFS_IOC_CLONE_RANGE calls. Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-03-08Correct the name of the nss_winbind module for FreeBSD by creating a symlinkRichard Sharpe1-1/+1
from the FreeBSD required name to the built module. Signed-off-by: Timur Bakeyev <timur@FreeBSD.org> Reviewed-by: Andrew Bartlett <abartlett@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Autobuild-User(master): Richard Sharpe <sharpe@samba.org> Autobuild-Date(master): Fri Mar 8 05:04:04 CET 2013 on sn-devel-104
2013-03-08s3:idmap: fix a debug message and lower its levelMichael Adam1-1/+2
It is not an error to be logged at level 1 when a domain has no explicitly configured idmap backend. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 8 03:16:54 CET 2013 on sn-devel-104
2013-03-07vfs_catia: add my copyrightGuenter Kukkukk1-0/+1
Signed-off-by: Guenter Kukkukk <kukks@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Mar 7 22:24:47 CET 2013 on sn-devel-104
2013-03-07vfs_catia: add a sample for filename mapping to the manual pageGuenter Kukkukk1-3/+12
Signed-off-by: Guenter Kukkukk <kukks@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-07vfs_catia: fix the completely outdated manual pageGuenter Kukkukk1-2/+55
The complete rework around 3.5.0 was not even mentioned somewhere. (i was not able to find any info about that major change) Signed-off-by: Guenter Kukkukk <kukks@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-07vfs_catia: fix the translation to "vfs_translate_to_windows"Guenter Kukkukk1-4/+6
THANKS to an IRC user (Raimund ?) who asked for a char mapping possibility. I suggested vfs_catia - but it did not work! Hopefully now it will. :-) Signed-off-by: Guenter Kukkukk <kukks@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-07vfs_catia: add debug class for that moduleGuenter Kukkukk1-1/+23
Signed-off-by: Guenter Kukkukk <kukks@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-07docs: Add documentation for osName and osVerAndrew Bartlett1-1/+6
This was previously documented only in the online help. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Mar 7 01:36:01 CET 2013 on sn-devel-104
2013-03-06net ads join: Add support for specifying the machine account passwordAndrew Bartlett2-1/+17
This allows a predictable password to be specified, just like --machinepass does on samba-tool domain join. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-06selftest: Fix specification of --machinepass to actually set a unique passwordAndrew Bartlett1-6/+6
Because perl does not assert on dereferencing an invalid hash key we did not notice that the passwords were being set to machine, not machineloCalMemberPass. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-06waf: add -fstack-protector to LDFLAGS if detected.Ira Cooper1-0/+1
If we compile with -fstack-protector, we should link with it. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Mar 6 04:06:04 CET 2013 on sn-devel-104
2013-03-06Documentation: Add a warning to "socket options"Scott Lovenberg1-0/+17
Add a warning to the "socket options" section of the smb.conf man page that changing socket options can be dangerous to performance. Hopefully this will cut down on users reporting poor performance after changing socket options. Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-06Make sure to set umask() before calling mkstemp().Andreas Schneider13-3/+71
Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Mar 6 01:16:34 CET 2013 on sn-devel-104
2013-03-05s4-libregistry: Improve NULL handling of name.Andreas Schneider1-3/+4
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05dsdb: Check for pointers before we deference them.Andreas Schneider1-7/+7
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05gensec: recv_handler can't be NULL at that point.Andreas Schneider1-1/+1
We probably want to segfault here if it is NULL. Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05s4-libregistry: Fix path check and improve while loops.Andreas Schneider1-6/+6
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05s4-libregistry: Make sure we don't dereference a NULL pointer.Andreas Schneider1-1/+3
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05s4-client: Make sure entry is a valid string.Andreas Schneider1-2/+8
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05winbind: Fix no memory check in _wbint_PingDc().Andreas Schneider1-1/+1
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05krb5_wrap: Make sure we don't dereference a NULL pointer.Andreas Schneider1-1/+3
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05s3-daemons: Set the comment field of the daemons.Andreas Schneider4-0/+19
PR_SET_NAME sets the comm field of a process. This way we can give processes a name and they are easier to identify. $ ps afx -o pid,comm 29447 smbd 29452 \_ epmd 29453 \_ lsasd-master 29455 | \_ lsasd-child 29457 | \_ lsasd-child 29459 | \_ lsasd-child 29461 | \_ lsasd-child 29463 | \_ lsasd-child 29454 \_ spoolssd-master 29456 \_ lpqd 29458 \_ spoolssd-child 29460 \_ spoolssd-child 29462 \_ spoolssd-child 29465 \_ spoolssd-child 29466 \_ spoolssd-child 29467 \_ spoolssd-child 29468 \_ spoolssd-child 29469 \_ spoolssd-child 29470 \_ spoolssd-child 29471 \_ spoolssd-child Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05lib: Add prctl_set_comment to utils.Andreas Schneider4-2/+71
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05waf: Correctly check for prctl in just one place.Andreas Schneider2-10/+15
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05winbind: Fix samba3.winbind.struct test.Andreas Schneider1-1/+1
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05winbind: Correctly use names in the domain struct.Andreas Schneider7-20/+52
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05winbind: Use talloc for allocating domain, dns, forest and dc name.Andreas Schneider6-61/+142
Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-03-05Fix the build: net_serverid.c has 3 wrong format strings for 64bit varsGuenter Kukkukk1-5/+7
On two of my opensuse machines i get 3 errors, e.g.: ../source3/utils/net_serverid.c:333:3: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 5 has type ‘uint64_t’ [-Werror=format] cc1: some warnings being treated as errors Signed-off-by: Guenter Kukkukk <kukks@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Mar 5 22:49:03 CET 2013 on sn-devel-104
2013-03-05s3:lib/charcnv fix typo in pull_ascii_base_talloc()Ralph Wuerthner1-1/+1
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Tue Mar 5 15:56:56 CET 2013 on sn-devel-104
2013-03-05s3:libnet increase timeout for machine password changeChristian Ambach1-0/+9
DCs might run password filter modules that can delay the setting of the machine password for a significant amount of time use the same timeout as in the other paths of domain join (e.g. rpccli_netlogon_set_trust_password) Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-03-05tdb: Slightly simplify tdb_expand_fileVolker Lendecke1-2/+4
The "else" keywords are not necessary here, we return in the preceding if clause Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Mar 5 14:00:47 CET 2013 on sn-devel-104
2013-03-04tsocket_bsd: Attempt to increase the SO_SNDBUF if we get EMSGSIZE in sendto()Andrew Bartlett1-0/+26
This matches what was done for lib/socket/socket_unix.c in c692bb02b039ae8fef6ba968fd13b36ad7d62a72. (and is based on that patch by Landon Fuller <landonf@bikemonkey.org>) Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Mar 4 11:15:35 CET 2013 on sn-devel-104
2013-03-04s4-lib/socket: Return the original EMSGSIZE when sendto() and setsockopt() ↵Andrew Bartlett1-1/+1
both fail This ensures that should we be unable to increase the socket size, we return an error that the application layer above might expect and be able to make as reasonable response to (such as switching to a stream-based transport). This fixes up c692bb02b039ae8fef6ba968fd13b36ad7d62a72. As suggested by metze in https://bugzilla.samba.org/show_bug.cgi?id=9697#c4 Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04selftest: Remove output directories to save disk spaceAndrew Bartlett2-7/+23
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04samba_upgradeprovision: Do not reset every DN when changing an SDAndrew Bartlett1-22/+8
SD propogation is handled by an LDB module, we do not need to touch each and every DN to make it happen. Now that we do not need to put this via a hash, the dnToRecalculate list is changed to be a list of Dn objects, not strings so that: if dn in listWellknown is handled using a schema comparison (avoiding different case forms tripping it up). Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04samba_upgradeprovision: do not maintain dnNotToRecalculate as a listAndrew Bartlett1-5/+3
We only need a boolean indication, not the actual values. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04samba_upgradeprovision: only run rebuild_sd in --full modeAndrew Bartlett1-20/+17
This is a potentially destructive routine, and should not be run by default. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04samba_upgradeprovision: Remove alwaysRecalculate, this is too dangerousAndrew Bartlett1-4/+1
I am unclear on why this was added, but the idea that we ever always reset data in the directory is not reasonable to me, so I am removing it. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04samba_upgradeprovision: Remove unused checkKeepAttributeOldMtdAndrew Bartlett1-73/+6
lastProvisionUSNs is never None, instead the code requries the administrator to populate this attribute in the directory. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04samba_upgradeprovision: Remove inherited ACEs before comparing the SDsAndrew Bartlett2-17/+65
This avoids changing an SD when it is not really required. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04scripting: Rework samba.upgradehelpers.get_diff_sddls to be get_diff_sdsAndrew Bartlett3-20/+35
This moves the SDDL conversion inside the get_diff_sds function and prepares for removing inherited ACEs from the SD before comparison. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>