Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit ad74885e4730da2a15ff00e13f490f3f0b1be10d)
|
|
any user in that list can do anything to a printer
(This used to be commit 7b5912be150dd590d6195be40b0976305b8716ba)
|
|
(This used to be commit 74074072cf244d221f8f9b09302d0cbc85d689d4)
|
|
(This used to be commit dfd6b51bc7fb61d25af3074c386ce51cf3bc86f4)
|
|
(This used to be commit 6bdb7d5c9787bd16e851f5c751d952c4df8ccc5b)
|
|
Added a become_root()/unbecome_root() (push/pop security context)
around the initgroups() call to ensure it would succeed. Hmmm - I
wonder if this call being done as non-root might explain any "group access"
bugs we've had in the past....
Jeremy.
(This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0)
|
|
with the current user. This will allow se_access_check() to quickly do
a SD check without having to translate uid/gid's to SIDs.
Still needs work on pipe calls.
Jeremy.
(This used to be commit e28d01b744b3dbd33e0e54af4e7f426fa8c082b8)
|
|
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
(This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
|
|
from the NT printer tdb.
Also added checks for time restrictions before allowing a job to print.
Jeremy.
(This used to be commit 8cfb55e81abebf0354e6d470ed68bbac1d6560ad)
|
|
fix for the Win9x printer drivers.
Changed command names to add "command" string on the end for some consistancy
with the other scripting commands.
Added '%P' option to tdbpack/unpack to store long comment string.
Made port name be "Samba Printer Port" if no enum port script given.
Fixed prs_uint32_pre code to cope with null args.
Jeremy.
(This used to be commit 902ada63799cf27924c72e24e7593a8c9fb5eba9)
|
|
(This used to be commit 38b07395566a2c114ccda173fb0fe88cf7683588)
|
|
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.
The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.
A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.
This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().
This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.
The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.
Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.
Jeremy.
(This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
|
|
--jerry
(This used to be commit 1f65b13dd56fbe41320f6c4e8f391ce739509e45)
|
|
Jeremy.
(This used to be commit 0bd88d304cd773e0bbf3e6f7fedcb3b544d41cbe)
|
|
- changed the default forms flag to 2
- all short architecture name are uppercased
- get_short_archi() is now case unsensitive
- the drivers TDB is indexed by archi/version/name
- implemented code to move drivers from the upload area to the download
area. Someone else need to look at that code.
- don't return anymore a default driver if it doesn't exist in the TDB.
Instead return an error.
- cleaned prs_unistr.
- #ifdef out jeremy's new SD parsing in printer_info_2
- removed the unused MANGLE_CODE
- #ifdef out the security checking in update_printer() as it doesn't work
for me.
Zap your ntdrivers.tdb, it won't work anymore.
J.F.
(This used to be commit ac0a145acc0953a6f362497abbf4dfe70aa522a6)
|
|
in order - moved them into open_printer_hnd().
Added saving of comment field.
Jeremy.
(This used to be commit a0ee774fe92e5d0bc84d1d6729e8c538c67e8aba)
|
|
(This used to be commit e4af400ed6580c04bcaf3a28fe8aeaa0cdbd4dcf)
|
|
(This used to be commit 1246728eb9013948d17ad44263501d1e1bb49e8f)
|
|
printer driver download if looking for the default driver files fail.
Jeremy.
(This used to be commit 1192d867c4e863471f9bc12afceb68a23ba2142e)
|
|
string), the wins_srv module now hands back a struct in_addr when it's
called. It caches the IP address once it has been looked up. The IP
is cleared (and must be looked up again) if the 'wins server' parameter
is reread, or if the node is marked 'dead'. A dead node will not be
re-tried for 10 minutes (per a #define in wins_srv.c).
As it was, the code was reading the WINS server name or IP directly from
lp_wins_server. That's okay, except that if the value was expressed as
a name, then a DNS lookup would be done every time the client wanted to
talk to the server.
I still need to work out the implications of failover regarding the
'unicast subnet' list.
Chris -)-----
(This used to be commit 73aa188320fd3bf10b5dfc057323f40aff2c13bd)
|
|
*Note: failover doesn't actually work yet!* It's just that the code I'm
adding provides all of the pieces necessary.
I do have one big question. Something that I'll have to ask Jeremy, I'm
thinkin'. In nmbd/nmbd_subnetdb.c the IP of the WINS server is used to
set up the Unicast subnet.
...so what happens if the WINS server changes?
My guess is either:
a) nothing.
b) I'd have to change the unicast subnet entry whenever the WINS server
changes.
Urq.
BTW, the lp_wins_server() function no longer returns the WINS server name
or IP. It returns the list of WINS servers entered in smb.conf. To get
the currently 'live' WINS server, use the wins_srv() function.
Fun, eh?
Chris -)-----
(This used to be commit cc08bdc74f4cd111fdc582ee7babef47ed8a950d)
|
|
functions work now:
- spoolenum
- spoolopen
- spoolgetprinter
- spoolgetprinterdriver
Items todo:
- track down memory bug with spoolenumdata
- fix spoolgetprinterdriverdir
- fix spoolgetdata
- fix display_job_info_ctr in spooljobs
All part of the ongoing rpcclient work.
Also included a new generic list ADT. Cleaner and simplier
than the stuff in util_array.c i think (but then that's why I wrote it).
--jerry
(This used to be commit 381aba2c9a63faa53728f0520ac316478bc7a1c3)
|
|
(This used to be commit 4443a8b6e698a6572152e575c41dfb760b9888a9)
|
|
and a few changes to ntdomain for rpcclient printing functions
--jerry
(This used to be commit eb3f545f54eabb8b2b9a735808ebf49808ea85eb)
|
|
(This used to be commit ae85cc43fec26be6184e863569a94cab0afc425a)
|
|
nsswitch/wb_client.c
Merge of nsswitch/common.c rename to nsswitch/wb_common.c from TNG.
(This used to be commit f866c18f6be65db67d9d2a6c0b42e1af3b421e6c)
|
|
(This used to be commit 5f355a24430dcb260de52e8a0ca21e80cae53089)
|
|
* fixes some readline bugs from the merge
* first attempt at commands (spoolenum almost works)
* no changes to existing functions in HEAD; only additions
of new functions. I'll weed out what I can as I go.
--jerry
(This used to be commit 61d2aad5dc2b212b11c981f1eca47efa627e9fc8)
|
|
printing/printing.c: priority needs to be 1 not zero (found by checked build).
rpc_server/srv_spoolss_nt.c: Log invalid handle access, also print out if this is a different
pid handle. This will help track down client access after a connection
is closed.
Jeremy.
(This used to be commit 4ff949228c40b6abb2008df8db985562ac2895d2)
|
|
(This used to be commit bd323fa503b1ad7ab9ca35b2f93774541b02e8e3)
|
|
semi-connection and a rpcclient prompt, but no functionality there yet.
Will be a few more days on that.
The changes to the header files were minor. A few struct's and a few
additional fields to existing ones. No deletions. **minimal change
necessary** :-) Well, maybe not minimal, but I tried.
All other programs compile, link and run ok from what I can tell so
I don;t think I broke anything.
--jerry
(This used to be commit cd7f0b0b91afd3331c0607ba2fcb3ccdd41ecebf)
|
|
security descriptors is disabled (as it is in this code).
If get/set sd's is enabled spooler.exe crashes on NT.
I'll investigate and fix that issue next.
Jeremy.
(This used to be commit 8c9ed874363e6a710bc0fe521bb8c4f7ee219587)
|
|
(This used to be commit 927b7772a1246d60bccdf79cdb1f054c449c6bb6)
|
|
(This used to be commit 2d3312249b3755e46d913dd40325b85db4aae62e)
|
|
plan' :-)
Gerald & I discussed with HP. More changes to follow.
Jeremy.
(This used to be commit 193a248beda99103c73a0b0ea5e2fbcbb516ce8e)
|
|
Removed unistr_to_ascii() as it was never used.
printing/nt_printing.c: Removed "DUMMY.XX" files.
rpc_server/srv_spoolss_nt.c: Use dos_PutUniCode() instead of ascii_to_unistr().
Attempted to fix the "return value" size code based on J.F's
comments. This needs looking at.
Jeremy.
(This used to be commit de99011bf3b2a23bd1854a047382a107aaeb9c68)
|
|
(This used to be commit 87cd080441a924afd57d03e86c926a60c4416967)
|
|
(This used to be commit b3f2946d3958ef92ad7d30a52d00bcfd50229388)
|
|
(This used to be commit b1441d9622609af5ef598c5e1e1f5af438dc0731)
|
|
(This used to be commit 7d0f9258589c2856dbc54a10ee35c26201d16f41)
|
|
handling in Samba. This was needed due to several limitations and
races in the previous code - as a side effect the new code is much
cleaner :)
in summary:
- changed sys_select() to avoid a signal/select race condition. It is a
rare race but once we have signals doing notification and oplocks it
is important.
- changed our main processing loop to take advantage of the new
sys_select semantics
- split the notify code into implementaion dependent and general
parts. Added the following structure that defines an implementation:
struct cnotify_fns {
void * (*register_notify)(connection_struct *conn, char *path, uint32 flags);
BOOL (*check_notify)(connection_struct *conn, uint16 vuid, char *path, uint32 flags, void *data, time_t t);
void (*remove_notify)(void *data);
};
then I wrote two implementations, one using hash/poll (like our old
code) and the other using the new Linux kernel change notify. It
should be easy to add other change notify implementations by creating
a sructure of the above type.
- fixed a bug in change notify where we were returning the wrong error
code.
- rewrote the core change notify code to be much simpler
- moved to real-time signals for leases and change notify
Amazingly, it all seems to work. I was very surprised!
(This used to be commit 44766c39e0027c762bee8b33b12c621c109a3267)
|
|
smbd/notify.c. All the data structures are now private to that
module.
this is in preparation for Linux kernel support for change notify
(coming soon to a CVS tree near you)
(This used to be commit 1bb0aad4f66dbfa2d0f767ea90f926affff20b17)
|
|
I had to modify sys_select() to not loop on EINTR. I added a wrapper
called sys_select_intr() which gives the old behaviour.
(This used to be commit b28cc4163bc2faaa80c5782fc02c8f03c410cdeb)
|
|
stuff.
J.F.
(This used to be commit 1871d4a3f64401f9a6f749ce26d1715e3bcdeac3)
|
|
modular form. In this pass I added oplock_irix.c and added a "struct
kernel_oplocks" that describes a kernel oplock implementation.
(This used to be commit b5ceab810292602ea9a81696c20a781c16b706c2)
|
|
sincerely hope :-). Thanks elrond !
Jeremy.
(This used to be commit 0d59e8c6bf49e06f11b386f9d805474771365f52)
|
|
place to do this, not in smbd/passwd.c
Please don't change this without asking first, I have run this past
Andrew so talk to him (I'm on vacation next week).
I also removed the g_newXXX macros. There are essentially a private C extension,
not used anywhere else in the code, and add no functionality over malloc(XX)
and make the code harder to understand (everyone knows what malloc does).
Jeremy.
(This used to be commit e1b1b6fb6794ba02e1fea510a981fa0ce0d12b58)
|
|
and if you have unix realname=yes, you get the gecos name when locking the
station.
J.F.
(This used to be commit b5ad24ae0b15643df5832e2369fb4e43c98a1359)
|
|
(This used to be commit 70dcc791b45ac64fc536ef449e4e6b53b2b68fd4)
|
|
not just undercut work in progress, thank you.
(This used to be commit 86d440a88c948727bfcfedc694c52c58f9687d8b)
|