| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
Michael
|
|
|
|
Michael
|
|
Michael
|
|
This removes the use of libwbclient from "net idmap".
This detects the idmap backend from the current smb.conf
and stores the id mapping tables in the corresponding data bases.
Currently, only tdb and tdb2 backends are supported.
Support for the ldap backend may be implemented later.
|
|
This way, it will also work in a samba-ctdb cluster.
|
|
Michael
|
|
Michael
|
|
to make the flow more similar to ldapsam_create_user().
This prepares for calling winbind_sid_to_gid() instead of
winbind_allocate_gid(): we need the group_sid for this...
Michael
|
|
Michael
|
|
|
|
this runs the daemins in xterm under valgrind instead of in gdb
|
|
|
|
|
|
|
|
The macros NDR_PRINT_IN_DEBUG and NDR_PRINT_OUT_DEBUG are made for
the client side. For the server side, the NDR_SET_VALUES flag needs
to be added for the OUT struct and not for the IN struct, otherwise,
the OUT part can print uninitialized data and the IN part may
recalculate string lengths illegally.
|
|
|
|
Jeremy.
|
|
We saw tdb_lockall() take 71 seconds under heavy load; this is because Linux
(at least) doesn't prevent new small locks being obtained while we're waiting
for a big log.
The workaround is to do divide and conquer using non-blocking chainlocks: if
we get down to a single chain we block. Using a simple test program where
children did "hold lock for 100ms, sleep for 1 second" the time to do
tdb_lockall() dropped signifiantly. There are ln(hashsize) locks taken in
the contended case, but that's slow anyway.
More analysis is given in my blog at http://rusty.ozlabs.org/?p=120
This may also help transactions, though in that case it's the initial
read lock which uses this gradual locking routine; the update-to-write-lock
code is separate and still tries to update in one go.
Even though ABI doesn't change, minor version bumped so behavior change
can be easily detected.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
The old "make test" can be still called as "make oldtest".
Guenther
|
|
Thanks to Andreas for pointing this out.
Guenther
|
|
Reloading of the printers requires rpc services up and running! The
first call in reload_services will be skipped.
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
The move to the parent makes it possible to use an internal rpc pipe
really early and as we migrated serveral parts of samba to rpc function
this is required. This should speed up the fork of a smbd a bit cause
the rpc services are already running.
We still have several problems here which aren't solved. We don't have a
dependency tree here. For example we have to make sure that the registry
is initialized before we can use the winreg pipe. The spoolss server
requires winreg, so we have to start winreg before we can start the
spoolss server. I'm sure there are more dependencies.
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Guenther
|
|
Guenther
|
|
|
|
Guys, what are you doing here ? ;-)
Guenther
|
|
Guenther
|
|
"warning: assuming signed overflow does not occur when assuming that (X + c) < X is always false"
Guenther
|
|
Modern Kerberos implementations have either defines or enums for these
key types, which makes doing #ifdef difficult. This shows up in files
such as libnet_samsync_keytab.c, the bulk of which is not compiled on
current Fedora 12, for example.
The downside is that this makes Samba unconditionally depend on the
arcfour-hmac-md5 encryption type at build time. We will no longer
support libraries that only support the DES based encryption types.
However, the single-DES types that are supported in common with AD are
already painfully weak - so much so that they are disabled by default
in modern Kerberos libraries.
If not found, ADS support will not be compiled in.
This means that our 'net ads join' will no longer set the
ACB_USE_DES_KEY_ONLY flag, and we will always try to use
arcfour-hmac-md5.
A future improvement would be to remove the use of the DES encryption
types totally, but this would require that any ACB_USE_DES_KEY_ONLY
flag be removed from existing joins.
Andrew Bartlett
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Due to missing defines in modern kerberos libraries, this code was
not compiled and so this wasn't noticed.
Andrew Bartlett
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
This is required for Solaris, which needs to link in librt to make use of
fdatasync().
|
|
Guenther
|
|
Guenther
|
