Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 156e17dea48962bca98a3f7d1e876eb6047ebc8a)
|
|
Jeremy.
(This used to be commit 81c5380f91839b6416c8a42739dadf00e7388528)
|
|
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
(This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
|
|
string), the wins_srv module now hands back a struct in_addr when it's
called. It caches the IP address once it has been looked up. The IP
is cleared (and must be looked up again) if the 'wins server' parameter
is reread, or if the node is marked 'dead'. A dead node will not be
re-tried for 10 minutes (per a #define in wins_srv.c).
As it was, the code was reading the WINS server name or IP directly from
lp_wins_server. That's okay, except that if the value was expressed as
a name, then a DNS lookup would be done every time the client wanted to
talk to the server.
I still need to work out the implications of failover regarding the
'unicast subnet' list.
Chris -)-----
(This used to be commit 73aa188320fd3bf10b5dfc057323f40aff2c13bd)
|
|
*Note: failover doesn't actually work yet!* It's just that the code I'm
adding provides all of the pieces necessary.
I do have one big question. Something that I'll have to ask Jeremy, I'm
thinkin'. In nmbd/nmbd_subnetdb.c the IP of the WINS server is used to
set up the Unicast subnet.
...so what happens if the WINS server changes?
My guess is either:
a) nothing.
b) I'd have to change the unicast subnet entry whenever the WINS server
changes.
Urq.
BTW, the lp_wins_server() function no longer returns the WINS server name
or IP. It returns the list of WINS servers entered in smb.conf. To get
the currently 'live' WINS server, use the wins_srv() function.
Fun, eh?
Chris -)-----
(This used to be commit cc08bdc74f4cd111fdc582ee7babef47ed8a950d)
|
|
Initialise response structure correctly.
(This used to be commit 587c8e58fdd79dce47fb59ce702596ea58c8b4a6)
|
|
Jeremy.
(This used to be commit d85deb9e4e9c9784006292d3cb5a6b7b408ff972)
|
|
nsswitch/wb_client.c
Merge of nsswitch/common.c rename to nsswitch/wb_common.c from TNG.
(This used to be commit f866c18f6be65db67d9d2a6c0b42e1af3b421e6c)
|
|
(This used to be commit 659e4d88ff9dbf1fa9cd8904470c4a8d02d8674b)
|
|
(This used to be commit d9041958558fc8e3c7b0491eb0f7e45bee9d19c5)
|
|
(This used to be commit b46fc0ed040ff24bb4e348904fdb0e9788364837)
|
|
Jeremy.
(This used to be commit 711f15ac230092bac000e63f99e8dfaa4a644847)
|
|
(This used to be commit e5cb97dda89fe23612b75861232591e4831733e0)
|
|
(This used to be commit e49550b975dd407a1a8538c9885e036e400b7714)
|
|
of tdb_{store,get}_int() to store the length of the string key + 1 so the
stored key contains the trailing NULL character. This allows normal
string library routines to manipulate keys.
Also renamed tdb_get_int() to tdb_fetch_int() to keep the set of verbs
consistent.
(This used to be commit a423c7c5f21dc4046530b85482dee88dcfcbf070)
|
|
(This used to be commit 0189af544244d7d20e4042cd1238f370968cb7a9)
|
|
- finished ntdom -> winbind rename in head
(This used to be commit ada483cb56453afc6df4ec4be18bfe5e943c7150)
|
|
renamed ntdom to winbind
I think that using winbind in /etc/nsswitch.conf is better than ntdom
(This used to be commit 80f85b5359c26dc26f8f88b984f27cfa4ac34e61)
|
|
(This used to be commit 5a617c013cce65434d315dc33279a4bc28dc63de)
|
|
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic -
this isn't permanent, it should go after another few merge steps have
been done
(This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
|
|
it is now at the stage that winbindd can compile in the head branch,
but not link
(This used to be commit d178c00aae77710ae6ff20a7f54a30e3bd8232bb)
|
|
(This used to be commit 3cac3ccf047ce9a5c28916f9a2b1b3d38741e373)
|
|
this does not yet compile, but I'm working on that.
(This used to be commit 3fb862531a4e78dca13d16d958517b16e5bdd4e2)
|
|
(This used to be commit c78deb1d229bd301be483a256f1fd2047cec6120)
|
|
in a /etc/nsswitch.conf hosts line.
Only tested on RH6.1, but should work on a broad range of Linux
distributions. It could probably be made to work with Solaris pretty
easily.
It does not build by default. Build it with "make nsswitch"
(This used to be commit 4058eb5bffeec539f71786580376419ea5749351)
|