summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2012-10-11smbd: Add mem_ctx to {f,}get_nt_acl VFS callAndrew Bartlett2-9/+13
This makes it clear which context the returned SD is allocated on, as a number of callers do not want it on talloc_tos(). As the ACL transformation allocates and then no longer needs a great deal of memory, a talloc_stackframe() call is used to contain the memory that is not returned further up the stack. Andrew Bartlett
2012-10-11smbd: Add mem_ctx to sys_acl_init() and all callersAndrew Bartlett3-16/+25
This changes from allocation on NULL to allocation on the supplied memory context. Currently that supplied context is talloc_tos() at the the final consumer of the ACL. Andrew Bartlett
2012-10-04Remove the parameters:Jeremy Allison1-4/+0
security mask force security mode directory security mask force directory security mode and update the docs.
2012-10-04Revert "Add functions to programatically set the security mask and directory ↵Jeremy Allison1-2/+0
security mask parameters." This reverts commit 8f0ecbbbeebff0174579a78827d384067cd4cbb7. Not now needed as part of the move to remove security mask parameters.
2012-10-02Add functions to programatically set the security mask and directory ↵Jeremy Allison1-0/+2
security mask parameters.
2012-09-12Move cached cwd onto conn struct.Jeremy Allison1-0/+2
This enables us to make VFS modules safe for use in root called code when we've changed directory under conn->connectpath.
2012-09-12Avoid overriding default ccache for ads operations.Simo Sorce2-1/+2
Avoid overriding default ccache for ads operations. Nowadays various samba components may need to use GSSAPI and a default cred cache to perform their tasks. This code was completely overriding the whole process default ccache name, thus altering the current credentials and sometimes hijacking them (or getting preemptively hijaked). By using gss_krb5_import_cred we can instead use a private ccache (necessary sometimes to use a different set of credentials fromt he default cifs/fqdn@realm one, for example when contacting foreign DCs using trust credentials) that does not affect the rest of the process. For the kerberos versions which don't have gss_krb5_import_cred we fallback to temp override of KRB5CCNAME and gss_acquire_cred. Signed-off-by: Alexander Bokovoy <ab@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Wed Sep 12 21:18:09 CEST 2012 on sn-devel-104
2012-09-12smbd: Add extra VFS hooks to get the posix ACL as a blobAndrew Bartlett2-0/+28
This will allow us to hash this, rather than the NT ACL it maps to. This will in turn allow us to know if the NT ACL is valid even if we have to change the mapping code. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Sep 12 07:06:01 CEST 2012 on sn-devel-104
2012-09-12smbd: Remove pre-allocation of ACL array in sys_acl_init()Andrew Bartlett1-1/+1
Instead, this is just handled with realloc in sys_acl_create_entry() This allows us to remove the size element from the SMB_ACL_T. Andrew Bartlett
2012-09-10s3:smbd Bump the smbd vfs interface version to 30Christian Ambach1-1/+2
that is what Samba 4.0.0 will ship with Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Mon Sep 10 19:40:01 CEST 2012 on sn-devel-104
2012-09-08s3: introduce a new share config option "durable handles" defaulting to "yes"Michael Adam1-0/+1
This is in order to be able to turn durable handles off and on on a per share basis. Note: This is only used in combination with: kernel share modes = no kernel oplocks = no posix locking = no Which means CIFS/SMB2 only access. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-08s3: add an option "kernel share modes" to be able to switch off using kernel ↵Michael Adam1-0/+1
flocks Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-08s3:vfs: add durable VFS operationsMichael Adam2-0/+60
This allows a VFS module to implement durable handles in different ways. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2012-09-07s3-smbldap: use smbldap_ prefix for all functionsAlexander Bokovoy1-4/+4
2012-09-07s3-passdb: wrap secrets.tdb accessors used by PDB modulesAlexander Bokovoy1-0/+11
PDB modules store domain sid and guid in secrets.tdb to cooperate with other parts of smbd. If PDB module is built outside Samba source code it has to be linked against internal libsecrets. Wrap required secrets_* calls to avoid direct linking. libpdb is linked against libsecrets by itself and this is enough.
2012-09-05Add "backup_intent" bool to files_struct.Jeremy Allison1-0/+3
Not used right now but I need this in the VFS to implement open for backup/restore later and don't want to break the ABI once 4.0.0 ships.
2012-08-28s3-secrets: Add helper function to set machine account password from ↵Andrew Bartlett1-0/+6
secrets_tdb_sync secrets_tdb_sync will be a new ldb module designed to sync secrets.ldb entries with the secrets.tdb file. While not ideal to keep two copies of this data, this routine will assist in allowing the samba-tool domain join code to operate correctly in most cases where winbindd and smbd are used. Andrew Bartlett
2012-08-22Remove align_string(). No longer used.Jeremy Allison1-1/+0
Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Aug 22 20:38:50 CEST 2012 on sn-devel-104
2012-08-17s3:lib: implement serverid_equal() as macro of server_id_equal()Stefan Metzmacher2-3/+1
metze
2012-08-17s3:smbd: lp_smb_encrypt() returns SMB_SIGNING_* valuesStefan Metzmacher1-1/+1
metze
2012-08-15s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-opAndrew Bartlett1-1/+0
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 15 05:23:18 CEST 2012 on sn-devel-104
2012-08-15s3-sysacls: Remove sys_acl_free_acl() and replace with TALLOC_FREE()Andrew Bartlett1-1/+0
2012-08-15s3-smbd: Remove sys_acl_*() VFS wrapper functionsAndrew Bartlett2-143/+1
We no longer do struct smb_acl_t manipuations via the VFS layer, which is now reduced to handling the get/set functions. The only backend that implemented these functions (aside from audit) was the vfs_default module calling the sys_acl code. The various ACL implementation modules either worked on the fully initilaised smb_acl_t object or on NT ACLs. This not only makes the operation of the posix ACL code more efficient (as allocation and free is not put via the VFS), it makes it easier to test and removes the fantasy that a module could safely redefine this structure or the behaviour here. The smb_acls.idl now defines the structure, and it is now allocated with talloc. These operations were originally added to the VFS in commit 3bb219161a270f12c27c3bc7e1220829c6e9f284. Andrew Bartlett
2012-08-15s3-smbd: Move smb_acl_t declaration to smb_acl.idlAndrew Bartlett1-34/+3
This will allow us to marshall this into and from an NDR blob on disk, which will allow us to fake up ACL support during make test, and to test the NT ACL emulation using python bindings via the VFS. Andrew Bartlett
2012-08-15s3-smbd: Change allocation of smb_acl_t to talloc()Andrew Bartlett1-1/+1
The acl element is changed to be a talloc child, and is no longer one element longer than requested by virtue of the acl[1] base pointer. This also avoids one of the few remaining cases of over-allocation of a structure. Andrew Bartlett
2012-08-10Revert "s3:smb: include "smbXsrv.h" before "vfs.h""Stefan Metzmacher1-6/+0
This reverts commit db0c233624e633b3cc1a6e0e44dccc09aaa121f2.
2012-08-09Fix strlower_m() to return an error indication.Jeremy Allison1-1/+1
2012-08-09Check error returns on strnorm().Jeremy Allison1-1/+1
2012-08-09Change strupper_m() to return a value.Jeremy Allison1-1/+1
2012-08-07source3/loadparm.c: Move string_set/string_free inside.Rusty Russell1-2/+0
The only user, so make them static inside loadparm.c Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-01libcli/smb: move some TCON related defines to smb_constants.hStefan Metzmacher1-9/+0
metze
2012-08-01s3:libsmb: remove unused cli_state->user_session_keyStefan Metzmacher1-4/+0
metze
2012-08-01s3:ctdbd_conn: use unitX_t types consistently throughout the moduleMichael Adam1-9/+9
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-08-01Add two flags to allow for handling of Extended Signatures (Session Key ↵Richard Sharpe1-0/+2
Protection) on a TCON_AND_X request and response. Autobuild-User(master): Richard Sharpe <sharpe@samba.org> Autobuild-Date(master): Wed Aug 1 06:36:37 CEST 2012 on sn-devel-104
2012-07-27lib/param: Rename "socket address" to "nbt client socket address" to clarify ↵Andrew Bartlett1-1/+1
role This parameter is only used in our NBT client code and in nmbd as a fallback when we fail to select a better interface from "interfaces" to use directly. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 27 12:16:25 CEST 2012 on sn-devel-104
2012-07-25s3:libsmb: remove unused cli_state->smb2.pidStefan Metzmacher1-1/+0
metze
2012-07-25s3:libsmb: remove unused tcon specific elements from cli_state->smb2Stefan Metzmacher1-6/+0
metze
2012-07-25s3:libsmb: remove cli_state->smb2.tidStefan Metzmacher1-1/+0
metze
2012-07-24s3:libsmb: setup a smbXcli_tcon for SMB2Stefan Metzmacher1-0/+1
metze
2012-07-24s3:libsmb: use a smbXcli_tcon instead of uint16_t cli_state->smb1.tidStefan Metzmacher1-1/+1
metze
2012-07-24lib/param: Merge handling of security/domain master/domain logons/server roleAndrew Bartlett1-0/+4
This ensures that the same input parameters always gives the same output values in both loadparm systems. Andrew Bartlett
2012-07-24lib/param: Move all enum declarations to lib/paramAndrew Bartlett4-72/+3
This is in preperation for the parameter table being made common. Andrew Bartlett Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-24param: Make the 'unicode' parameter commonAndrew Bartlett1-0/+1
This parameter is most useful for interop testing, rather than production use. Andrew Bartlett
2012-07-23s3:libsmb: use cli_state_{g,s}et_uid instead of smb1.uid directlyLuk Claes1-1/+1
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-07-23s3-winbind: Fix bug #9052 resolving our own "Domain Local" groups.Andreas Schneider1-2/+1
We don't resolve our own "Domain Local" groups since bug #7843 has been fixed. So we need to add the add resource groups to the sid list too. Before bug #7843 the "Domain Local" groups were added with a lookupuseraliases call, but this isn't done anymore for our domain so we need to resolve resource groups here. When to use Resource Groups: http://technet.microsoft.com/en-us/library/cc753670%28v=WS.10%29.aspx Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jul 23 22:12:30 CEST 2012 on sn-devel-104
2012-07-20Remove source3/lib/pidfile.cJeremy Allison1-6/+0
Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jul 20 03:57:20 CEST 2012 on sn-devel-104
2012-07-19Make the s3 pidfile use the common code inside lib/util/pidfile.cJeremy Allison1-1/+1
2012-07-19Move source4/smbd/pidfile into lib/util in preparation for making it in common.Jeremy Allison1-3/+3
2012-07-19lib/param: bring lp_smb_ports() into common by making it a list everywhereAndrew Bartlett1-1/+1
2012-07-19s3-param: Make lp_name_resolve_order() return a listAndrew Bartlett1-3/+2
This allows this parameter, one of the few with differing declarations between the loadparm systems, to be brought into common. Andrew Bartlett Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>