summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-10-11vfs: Implement a sys_acl_blob_get_{fd,file} for POSIX ACL backendsAndrew Bartlett3-1/+126
This simply linearlises the SMB_ACL_T (default and access acl for directories) and the file owner, group and mode into a blob. It will be useful for an improved vfs_acl_common.c that uses this sets that, rather than the hash of the NT ACL, in the xattr This will in turn insulate the stored hash from changes in the ACL mapping. Andrew Bartlett
2012-10-11vfs: Remove type parameter from sys_acl_blob_get_{fd,file}Andrew Bartlett7-17/+16
This interface actually needs to match the get_nt_acl interface in that the system ACL implmenetation may not be posix ACLs, and the blob is not meant to be enforced to be of a particular system ACL structure. Andrew Bartlett
2012-10-11smbd: Add mem_ctx to {f,}get_nt_acl VFS callAndrew Bartlett25-130/+245
This makes it clear which context the returned SD is allocated on, as a number of callers do not want it on talloc_tos(). As the ACL transformation allocates and then no longer needs a great deal of memory, a talloc_stackframe() call is used to contain the memory that is not returned further up the stack. Andrew Bartlett
2012-10-11smbd: Add mem_ctx to sys_acl_init() and all callersAndrew Bartlett27-146/+219
This changes from allocation on NULL to allocation on the supplied memory context. Currently that supplied context is talloc_tos() at the the final consumer of the ACL. Andrew Bartlett
2012-10-11build: Add vfs_media_harmony to the waf buildAndrew Bartlett1-0/+9
2012-10-11posixacls: Add IDL changes for vfs_acl_xattr using hash of the sys aclAndrew Bartlett2-1/+32
This will isolate the hash of the ACL from any intermediate mapping that the POSIX -> NT mapping subsystem might need to do, and which might change if we need to correct that mapping. Andrew Bartlett
2012-10-10s3-rpc_server: fix build warningDavid Disseldorp1-0/+2
enum dcerpc_transport_t is undeclared, include required headers. Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Oct 10 12:41:28 CEST 2012 on sn-devel-104
2012-10-09Make sure the returned sd is on the right context, and if not it's always freed.Jeremy Allison1-1/+3
Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 9 23:35:50 CEST 2012 on sn-devel-104
2012-10-09Move setting of psd->dacl->revision and protect against null SD's.Jeremy Allison1-2/+4
2012-10-09docs: Add '-V' to the list of options.Karolin Seeger1-1/+1
Karolin Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Tue Oct 9 18:53:12 CEST 2012 on sn-devel-104
2012-10-09samba-tool: Some more unifications...Karolin Seeger15-15/+15
in the usage message. Karolin
2012-10-09packaging: Add config for systemd-tmpfiles.Andreas Schneider2-0/+15
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Oct 9 17:10:53 CEST 2012 on sn-devel-104
2012-10-09samba-tool: skip chown in sysvolreset when it would fail on a GIDAndrew Bartlett2-13/+48
This skips the chown of the files if (for example) the domain Admins group were to own the file and not be able to because the group maps only to a GID. This essentially papers over the problem, but may be enough to get us past the Samba 4.0 release. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Oct 9 15:24:44 CEST 2012 on sn-devel-104
2012-10-09s3: Pass down smb_filename to smbacl4_fill_ace4Volker Lendecke1-6/+6
A full fsp is a bit overkill here Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Oct 9 13:38:49 CEST 2012 on sn-devel-104
2012-10-09s4-rpc: dnsserver: Ignore DNS zones that are not used by RPC dnsserverAmitay Isaacs1-0/+4
..TrustAnchors zone is not interpreted by RPC dnsserver code. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Tue Oct 9 03:21:07 CEST 2012 on sn-devel-104
2012-10-09s4-dns: dlz_bind9: Ignore zones that are not used by BIND9 DLZ pluginAmitay Isaacs1-0/+5
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
2012-10-08s4:scripting/python: add '-V' as alias for '--version'Stefan Metzmacher1-1/+1
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Oct 8 17:52:52 CEST 2012 on sn-devel-104
2012-10-08s4:samba-tool: allow 'samba-tool --version'Stefan Metzmacher1-0/+6
metze
2012-10-08s4:samba-tool: use normal option parsing in SuperCommandStefan Metzmacher1-10/+13
We use the epilog to print the subcommands. metze
2012-10-08s4:samba-tool: add optional epilog to _create_parser()Stefan Metzmacher1-2/+7
metze
2012-10-08s3fs-printing: Fix RAW printing for normal users.Andreas Schneider1-1/+1
This fixes bug #8769. Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Oct 8 16:11:51 CEST 2012 on sn-devel-104
2012-10-08samba-tool: Unify usage messages.Karolin Seeger13-60/+60
Karolin Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Oct 8 14:26:52 CEST 2012 on sn-devel-104
2012-10-08docs: Add man 8 samba-tool.Karolin Seeger1-0/+613
Addresses bug #8802 - Create missing manpages for new binaries. Please note that it's a very basic version. Please feel free to extend. Karolin
2012-10-08samba-tool: Clarify usage of --help.Karolin Seeger1-1/+1
Karolin
2012-10-08docs: fix opening and ending tag mismatch: paraBjörn Baumbach1-4/+4
in forcedirectorysecuritymode.xml.
2012-10-08docs: fix opening and ending tag mismatch: paraBjörn Baumbach1-4/+4
in directorysecuritymask.xml.
2012-10-08samba-tool: Fix typo in usage.Karolin Seeger1-1/+1
Karolin
2012-10-08s4-dns: fix a warningMatthieu Patou1-2/+1
Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
2012-10-07s4-dns: Ignore zones that shouldn't be returned currentlyMatthieu Patou1-1/+7
RootDNSServers should never be returned (Windows DNS server don't) ..TrustAnchors should never be returned as is, (Windows returns TrustAnchors) and for the moment we don't support DNSSEC so we'd better not return this zone.
2012-10-07s4-join: factorize code, add infoMatthieu Patou1-5/+9
2012-10-07s4-join: add some documentationMatthieu Patou1-1/+11
2012-10-07s4-repl: make dreplsrv_partition_find_for_nc return BAD_NC onlyMatthieu Patou1-2/+7
2012-10-07drsuapi: Validate the input parameters for the drsuapi_UpdateRefs functionMatthieu Patou1-0/+16
2012-10-07drsuapi: check more carefully the validity of the NCMatthieu Patou1-4/+11
Check that both the GUID and DN are the GUID/DN of a NC if not return WERR_DS_DRA_BAD_NC
2012-10-07drsuapi-idl: Fix the encoding of the source_dsa_dnsMatthieu Patou1-1/+1
astring is not aligned and is not conformant
2012-10-07drs-replica-info: level_not_supported is wrong when we do support (partialy ↵Matthieu Patou1-9/+13
the level)
2012-10-07lib-addns: ensure that allocated buffer are pre set to 0Matthieu Patou1-12/+12
It avoid bugs when one of the buffer is supposed to contain a string that is not null terminated (ie. label->label) and that we don't force the last byte to 0.
2012-10-07ldap-server: sscanf result was never used to mistyped varMatthieu Patou1-2/+1
2012-10-07ldap-server: remove warning for the ret not being usedMatthieu Patou1-2/+1
2012-10-07s4-drs: fix the logic to allow REPL_SECRET if the account has GET_ALL_CHANGESMatthieu Patou1-0/+24
2012-10-07s4-drs: EXOP_REPL_SECRETS can be called by RW DC as wellMatthieu Patou1-7/+15
2012-10-07drs-getncchanges: do not set the highestUsn to 0Matthieu Patou1-1/+0
Paragraph 4.1.10.5 says that if err = 0 then msgOut.pNC := msgIn.pNC msgOut.usnvecFrom := msgIn.usnvecFrom so no need to set the highestUsn to 0
2012-10-07kcc: return invalid parameter if the taskId is not 0Matthieu Patou1-1/+3
2012-10-07drs-crackname: if there is no sid do not return the domainMatthieu Patou1-0/+2
2012-10-07devel-crackname: Print if count > 0Matthieu Patou1-2/+5
2012-10-07Implement the LIST_INFO_FOR_SERVER input formatMatthieu Patou2-1/+109
2012-10-07getdcinfo: Check that the server object has a serverreference objects ↵Matthieu Patou1-2/+4
pointing to a DC object The problem was found by the DRSR testsuite where server objects were created in the Site container without serverrefrence attribute triggering error in the testsuite.
2012-10-08ntdb: remove unused local variable.Rusty Russell1-2/+0
Reported-by: Matthieu Patou <mat@samba.org> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Mon Oct 8 04:43:37 CEST 2012 on sn-devel-104
2012-10-06s3: Add two tests a CLEAR_IF_FIRST crashVolker Lendecke1-0/+56
Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sat Oct 6 17:16:39 CEST 2012 on sn-devel-104
2012-10-06tdb: Make tdb robust against improper CLEAR_IF_FIRST restartVolker Lendecke1-4/+28
When winbind is restarted, there is a potential crash in tdb. Following situation: We are in a cluster with ctdb. A winbind child hangs in a request to the DC. Cluster monitoring decides the node has a problem. Cluster monitoring decides to kill ctdbd. winbind child still hangs in a RPC request. winbind parent figures that ctdb is dead and immediately commits suicide. winbind parent is restarted by cluster management, overwriting gencache.tdb with CLEAR_IF_FIRST. The CLEAR_IF_FIRST logic as implemented now will not see that a child still has the tdb open, only the parent holds the ACTIVE_LOCK due to performance reasons. During the CLEAR_IF_FIRST logic is done, there is a very small window where we ftruncate(tfd, 0) the file and re-write a proper header without a lock. When during this small window the winbind child comes back, wanting to store something into gencache.tdb, that winbind child will crash with a SIGBUS. Sounds unlikely? See: [2012/09/29 07:02:31.871607, 0] lib/util.c:1183(smb_panic) PANIC (pid 1814517): internal error [2012/09/29 07:02:31.877596, 0] lib/util.c:1287(log_stack_trace) BACKTRACE: 35 stack frames: #0 winbindd(log_stack_trace+0x1a) [0x7feb7d4ca18a] #1 winbindd(smb_panic+0x2b) [0x7feb7d4ca25b] #2 winbindd(+0x1a3cc4) [0x7feb7d4bacc4] #3 /lib64/libc.so.6(+0x32900) [0x7feb7a929900] #4 /lib64/libc.so.6(memcpy+0x35) [0x7feb7a97f355] #5 /usr/lib64/libtdb.so.1(+0x6e76) [0x7feb7b0b0e76] #6 /usr/lib64/libtdb.so.1(+0x3d37) [0x7feb7b0add37] #7 /usr/lib64/libtdb.so.1(+0x863d) [0x7feb7b0b263d] #8 /usr/lib64/libtdb.so.1(+0x8700) [0x7feb7b0b2700] #9 /usr/lib64/libtdb.so.1(+0x2505) [0x7feb7b0ac505] #10 /usr/lib64/libtdb.so.1(+0x25b7) [0x7feb7b0ac5b7] #11 /usr/lib64/libtdb.so.1(tdb_fetch+0x13) [0x7feb7b0ac633] #12 winbindd(gencache_set_data_blob+0x259) [0x7feb7d4d8449] #13 winbindd(gencache_set+0x53) [0x7feb7d4d85b3] #14 winbindd(gencache_del+0x5e) [0x7feb7d4d879e] #15 winbindd(saf_delete+0x93) [0x7feb7d54b693] #16 winbindd(+0xe507e) [0x7feb7d3fc07e] #17 winbindd(+0xe85e5) [0x7feb7d3ff5e5] #18 winbindd(+0xe65be) [0x7feb7d3fd5be] #19 winbindd(+0xe7562) [0x7feb7d3fe562] #20 winbindd(init_dc_connection+0x2e) [0x7feb7d3fe5be] #21 winbindd(+0xe75d9) [0x7feb7d3fe5d9] #22 winbindd(cm_connect_netlogon+0x58) [0x7feb7d3fe658] #23 winbindd(_wbint_PingDc+0x61) [0x7feb7d410991] #24 winbindd(+0x103175) [0x7feb7d41a175] #25 winbindd(winbindd_dual_ndrcmd+0xb7) [0x7feb7d4107d7] #26 winbindd(+0xf8609) [0x7feb7d40f609] #27 winbindd(+0xf9075) [0x7feb7d410075] #28 winbindd(tevent_common_loop_immediate+0xe8) [0x7feb7d4db198] #29 winbindd(run_events_poll+0x3c) [0x7feb7d4d93fc] #30 winbindd(+0x1c2b52) [0x7feb7d4d9b52] #31 winbindd(_tevent_loop_once+0x90) [0x7feb7d4d9f60] #32 winbindd(main+0x7b3) [0x7feb7d3e7aa3] #33 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7feb7a915cdd] #34 winbindd(+0xce2a9) [0x7feb7d3e52a9] This is in a winbind child, logfiles surrounding indicate the parent was restarted. This patch takes all chain locks around the CLEAR_IF_FIRST introduced tdb_new_database.
generated by cgit (git 2.34.1) at 2024-07-04 11:43:31 +0000