| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
|
|
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.
The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok. This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server
At the same time, this closes the door on one of the most arcane areas
of Samba authentication.
Naturally, full user-name/password authentication remain available in
security=user and above.
This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.
Andrew Bartlett
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| SEC_SHARE |
| security=share |
| |
| |
| 5 March |
| |
| 2012 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
|
|
This adds an alisas to ensure that both our loadparm systems know all
the names.
I would like to move to the 'server ..' name as canonical, and this
will be raised on the list.
Andrew Bartlett
|
|
|
|
|
|
The memory reduction compared of talloc_reference() over talloc_strdup()
is typically very low. As the strings are typically short compared
to the talloc header overhead.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 11 16:13:50 CET 2012 on sn-devel-104
|
|
This will allow s3 to specify modules to use as a list, rather than
needing to start the individual module with gensec_start_mech_by_ops()
Andrew Bartlett
|
|
metze
|
|
These parameters should be defined as int and not bool. This fixes
the test failures on big endian machines.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Thu Dec 22 10:37:42 CET 2011 on sn-devel-104
|
|
This causes the copy_service() to not copy bAvailable boolean on
big endian machines causing tests to fail.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Thu Dec 22 05:30:49 CET 2011 on sn-devel-104
|
|
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Sat Dec 17 04:19:40 CET 2011 on sn-devel-104
|
|
This matches the s3 loadparm, and makes this feature available
by default for our users in a DC environment. (This is needed
for the correct operation of GPOs).
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Dec 16 01:08:34 CET 2011 on sn-devel-104
|
|
when you have:
server services = +smb -s3fs
and 'smb' is already in the list, then this should not be an
error. This ensures that a config that specifically sets the services
it wants doesn't generate an error if the service list being set
happens to be the default
|
|
Configures parameter to enumerate name of python KCC
topology generator for subsequent use by samba_runcmd_send()
invocation from kcc task
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
metze
|
|
The pdc/bdc split is only in smb.conf for Samba3 DCs, and so is
too confusing to document in this paramter. It will be clearer
to sort out "domain master" into a "pdc emulator" paramter
to conver this distinction.
Andrew Bartlett
|
|
This also permits a few more valid combinations, due to the layer at which this is
being used.
Andrew Bartlett
|
|
|
|
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
|
|
This #include hack is required as it is not possible to declare a
compile-time sized array in a header file.
Andrew Bartlett
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
|
|
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
|
|
This allows smb.conf files from either the samba3 or samba4 tradition
to come to the same value of server role, using the information in the
smb.conf file.
This is important so that tools like 'net getlocalsid' work against a
Samba4 AD installation (yes, users have tried this).
Andrew Bartlett
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
|
|
This makes the code internally consistant.
Andrew Bartlett
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
|
|
Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>
|
|
This makes parsing of config files with s3 loadparm code and s4 loadparm
code consistent.
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
dnsserver.h - typedefs and prototypes
dnsserver.c - RPC API and implementation methods
dnsdb.c - samdb operations
dnsdata.c - functions to manipulate dns structures
dnsutils.c - function for serverinfo and zoneinfo structures
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This removes the smb.conf parameters per-database, replacing these
with hard-coded database names in well known (and configurable)
directories.
The wins.ldb is now always in the "state dir", rather than being in
both state and lock dir (ie, a bug).
Less smb.conf parameters means less parameters to try and sync up
between the loadparm subsystems.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 18 05:39:54 CEST 2011 on sn-devel-104
|
|
smb.conf
If a user specified -W or --realm on the command line, then this is
of level SPECIFIED, not UNINITIALISED, despite it going via the
loadparm system.
This helps us to ensure that -W server -Ulocaluser is parsed the
same as -Userver\localuser. This matters as otherwise we might
instead attempt to use kerberos to the realm from the smb.conf.
Andrew Bartlett
|
|
The parameter redirection covers most things now, so this should be safe.
Andrew Bartlett
|
|
This matches the s3 code for lock_path().
Andrew Bartlett
|
|
|
|
required by winexe.
|
|
|
|
If lpcfg_dns_update_command() returns NULL 'samba' segfaults on startup.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Oct 11 17:25:19 CEST 2011 on sn-devel-104
|
|
The autoconf build will never use these parameters or load the
smb.conf with these defaults, so the defaults are not important.
Andrew Bartlett
|
|
s3 includes.h
|
|
includes.h
|
|
|
|
param code
|
|
|
|
This removes the duplicate definition between smb.h and lib/param/loadparm.c
which in turn allows this file to be compiled with the s3 includes.h
Andrew Bartlett
|
|
This is done so that the lpcfg_ functions are available across the whole
build, either with the struct loadparm_context loaded from an smb.conf directly
or as a wrapper around the source3 param code.
This is not the final, merged loadparm, but simply one step to make
it easier to solve other problems while we make our slow progress
on this difficult problem.
Andrew Bartlett
|
|
This is handled by a common header and a .c file that is included into
both loadparm.c files.
In the process, _lp functions were renamed to lp__ to allow the common
function definition declarations to be used by source3 and source4
(which have different macro definitions).
The only parameter to change type is 'strict_locking' which was a
bool, and is now an int, to accommodate the 'Auto' value from source3.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jul 8 12:35:56 CEST 2011 on sn-devel-104
|
|
This will allow struct loadparm_service to be shared in future.
Andrew Bartlett
|
