Age | Commit message (Collapse) | Author | Files | Lines |
|
Michael
|
|
Michael
|
|
instead of reading the registry directly with tdb and activating the
configure options by hand.
This eliminates the need for repeating checks done in loadparm.
For instance it disables registry shares without path in the server
as is the case with text based shares.
Michael
|
|
Michael
|
|
This introduces a hard coded MAX_INCLUDE_DEPTH of 100.
When this is exceeded, handle_include (and hence lp_load) fails.
One could of course implement a more intelligent loop detection
in the include-tree, but this would require some restructuring
of the internal loadparm housekeeping. Maybe as a second improvement
step.
Michael
|
|
This prevents users from getting access to "/" in misconfigured setups.
Michael
|
|
Guenther
|
|
Karolin
|
|
|
|
|
|
We keep the seqnum/mid mapping in the smb_request structure.
This also moves one global variable into the
smbd_server_connection struct.
metze
|
|
|
|
|
|
After the discussion on samba-technical, it was decided that the best
answer for now was to revert this change. The right way to do this is
to rewrite the token api to use opaque tokens with pluggable modules.
This reverts commit 8e19a288052bca5efdb0277a40c1e0fdd099cc2b.
|
|
|
|
- Attempt to use syscalls to determine max-open-files value.
- Add in periodic logging when max file limit reached
|
|
When set to yes, "force username map" forces every user, even AD
users, through an NSS lookup. This allows the token to be overridden
with information from NSS in certain broken environments.
|
|
parameter name
|
|
When enabled this reverts smbd to the legacy domain remapping behavior when
a user provides an untrusted domain
This partially reverts d8c54fdd
|
|
This changelist allows for the addition of custom performance
monitoring modules through smb.conf. Entrypoints in the main message
processing code have been added to capture the command, subop, ioctl,
identity and message size statistics.
|
|
Karolin
|
|
lp_use_kerberos_keytab parameter.
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum. Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab
For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only
The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.
The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode. This keytab is only used in
ads_verify_ticket.
|
|
version.h changes rather frequently. Since it is included via includes.h,
this means each C file will be a cache miss. This applies to the following
situations:
* When building a new package with a new Samba version
* building in a git branch after calling mkversion.sh
after a new commit (i.e. virtually always)
This patch improves the situation in the following way:
* remove inlude "version.h" from includes.h
* Use samba_version_string() instead of SAMBA_VERSION_STRING
in files that use no other macro from version.h instead of
SAMBA_VERSION_STRING.
* explicitly include "version.h" in those files that use more
macros from "version.h" than just SAMBA_VERSION_STRING.
Michael
|
|
with smbstatus as to share mode with share modes = No set in samba.
Jeremy.
|
|
If they are not explicitely set in either place both will default to LOCKDIR.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
|
|
it again :-)
|
|
This has been discussed on samba-technical before.
3.3 and newer only!
Karolin
|
|
We don't need to list several combinations of lowercase and uppercase here.
Karolin
|
|
LDAP_SSL_ON is not defined at all. That's why the actual default value
was "" for a long time. Set a more sensible default value without chnging the
default behaviour.
-----8<------------------snip--------------8<--------------
user@host:/data/git/samba/v3-0-test/source> git grep LDAP_SSL_ON | cat
include/smb.h:enum ldap_ssl_types {LDAP_SSL_ON, LDAP_SSL_OFF,
LDAP_SSL_START_TLS};
param/loadparm.c: Globals.ldap_ssl = LDAP_SSL_ON;
----->8------------------snap-------------->8--------------
It's the same in 3.2 and 3.3 series.
Karolin
|
|
this was introduced by commit 3358a139d2dc77eb4c842d41722b1acc24bd2cb2.
Michael
|
|
and use the abstracted free_one_parameter_common() in old
free_one_parameter_by_snum() as well as in new free_one_parameter()
Michael
|
|
Michael
|
|
Michael
|
|
and use this in lp_local_ptr_by_snum().
Michael
|
|
Michael
|
|
Michael
|
|
|
|
|
|
talloc_autofree_context() instead of NULL.
Remove the code in memcache that does a TALLOC_FREE on stored pointers. That's a disaster waiting
to happen. If you're storing talloc'ed pointers, you can't know their lifecycle and they should
be deleted when their parent context is deleted, so freeing them at some arbitrary point later
will be a double-free.
Jeremy.
|
|
str_list_make(). From Dan Sledz <dan.sledz@isilon.com>:
In samba 3.2 passing NULL or an empty string returned NULL.
In master, it now returns a list of length 1 with the first string set
to NULL (an empty list).
Jeremy.
|
|
|
|
|
|
|
|
Michael
|
|
gfree_loadparm() and TALLOC_FREE(frame) were in the wron order.
Michael
|
|
|
|
|
|
|
|
can cause a client to timeout
(it takes longer than 30 seconds to enumerate them). Make scanning for printers async with a callback
from the main loop. This fixes a bug that was irritating *me* :-).
Jeremy.
|