Age | Commit message (Collapse) | Author | Files | Lines |
|
Configuring force user/group settings for the print$ share currently has
unexpected results, this is explained by how the driver upload/add
process takes place. Consider the following example:
[print$]
path = /print-drv
write list = $DRIVER_UPLOAD_USER
force group = ntadmin
- the client connects to the [print$] share and uploads all driver
files to the /print-drv/W32X86 directory.
- This is permitted, as /print-drv/W32X86 is owned by group ntadmin, and
the "force group = ntadmin" takes effect for the [print$] session.
- Once all files are uploaded, the client connects to the [ipc$]
share and issues an AddPrinterDriverEx spoolss request.
- In handling this request move_driver_to_download_area() is called,
which attempts to create the directory /print-drv/W32X86/3
- The create directory fails, as it is done as the user connected to
the [ipc$] share which does not have permission to write to the driver
directory. The [print$] "force group = ntadmin" has no effect.
This is a regression from previous behaviour prior to the commit:
783ab04 Convert move_driver_to_download_area to use create_conn_struct.
https://bugzilla.samba.org/show_bug.cgi?id=7921
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
already used).
Bjoern, Metze, please check.
Guenther
|
|
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Mar 2 23:06:17 CET 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
|
|
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Mar 2 12:58:12 CET 2011 on sn-devel-104
|
|
Guenther
|
|
WERR_ACCESS_DENIED errors are mapped to WERR_UNKNOWN_PRINTER_DRIVER,
resulting in incorrect error messages on Windows clients.
move_driver_to_download_area() returns the same error status values
to the caller via the *perr argument as well as the return value.
The create_directory() call is not checked for error.
|
|
|
|
This is the s3 debug system, with a number of changes to tidy it up
for common use. The debug class system is simplified by the removal of the
ISSET table, the system no longer attempts to cope with assignment of
DEBUGLEVEL, and the full class table is always available (rather than
just DEBUGLEVEL_CLASS[DBCG_ALL]) from startup. It is also no longer
confusingly described as a hack, but as the initial table.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Mar 1 04:32:12 CET 2011 on sn-devel-104
|
|
This avoids duplication between FUNCTION_NAME and __FUNCTION__
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Feb 28 14:07:23 CET 2011 on sn-devel-104
|
|
|
|
|
|
All callers had to cast this anyway
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 27 11:02:53 CET 2011 on sn-devel-104
|
|
|
|
Guenther
|
|
Guenther
|
|
We need to revalidate the pathname once re-constructed from a root fsp.
Jeremy.
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Feb 23 15:42:35 CET 2011 on sn-devel-104
|
|
are used.
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
This will help with the change from UNIX_USER_TOKEN to security_unix_token
metze
|
|
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
This file is always installed, and is only even required for the old,
depricated mangle hash method.
Andrew Bartlett
|
|
The two files were very similar already, the only change required was
to adopt the s3 module registration fucntion name.
(NTSTATUS wasn't used as the charset code does not otherwise use that
type).
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
These now call the common _m functions that consider UTF16 code points.
This removes the code which will make up a 'lame' table in memory, as
this can just as correctly be handled by running the algorithm at runtime (which is to call toupper() and tolower() on characters < 128).
When used, a top level waf build will always locate the correct table
- in the build tree or outside - due to relinking the installed
binary.
Andrew Bartlett
|
|
this allows a common set of cflags for a top level combined build
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Guenther
|
|
|
|
Volker, Tridge and other clustering gurus, please check.
It is ok to get rid of ifdef CLUSTER_SUPPORT here, right ?
Why was unique_id not marshalled at all ?
Guenther
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Feb 16 15:20:14 CET 2011 on sn-devel-104
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|