Age | Commit message (Collapse) | Author | Files | Lines |
|
Fix this by moving canonicalization into lib/sharesec.c. Update the
db version to 3. Ensures we always find share names with security
descriptors attached.
Jeremy.
|
|
This is mainly a debugging aid for post-mortem analysis in case a cluster file
system is slow.
|
|
This will enable an extra forked process that will reply
to SMBecho requests, while the main process is blocked by another
request.
metze
|
|
This boolean option controls whether at exit time the server dumps a list of
files with debug level 0 that were still open for write. This is an
administrative aid to find the files that were potentially corrupt if the
network connection died.
|
|
Volker.
Create widelinks_warning(int snum) to cover the message needed in make_connection.
Jeremy.
|
|
This way we avoid any chance that a configuration reload may turn
back on wide links when unix extensions are enabled.
|
|
This reverts commit 84fba3c1bc962804259f201d465acfdf0cd3c6a8.
Now we have a "processed packet queue" in nmbd we can go back
to doing this by default.
Jeremy.
|
|
until the double processing problem in bug #7118 is fixed.
Jeremy.
|
|
Fix a comment typo.
Jeremy.
|
|
broadcast"
metze
|
|
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
Jeremy.
|
|
That's an established value. Default is a bit confusing.
Karolin
|
|
there are too many naming clashes between different ldap libs and ldb libs.
Let's simply make our own defines. The numbers are well standarized. This also
makes the default for "ldap deref" be "default" which means we won't tell the
ldap library what to do. Ѕo by default it's all up to what the server and our
libs think they should to do.
|
|
Thanks to Dan Cox for initial patch for 3.0. This closes #2350.
|
|
alternative
|
|
files
from Windows 7. Original patch by me fixed up with the correct open files number
by jmaggard10@hotmail.com.
Jeremy.
|
|
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Step 0 to restore it as a per-share paramter
|
|
explicit"
This reverts commit 6a149022976fe6a5579ec9afc7a4d2dcb44dc8af.
|
|
|
|
|
|
|
|
in the "user.DOSATTRIB" EA. From the docs:
In Samba 3.5.0 and above the "user.DOSATTRIB" extended attribute has been extended to store
the create time for a file as well as the DOS attributes. This is done in a backwards compatible
way so files created by Samba 3.5.0 and above can still have the DOS attribute read from this
extended attribute by earlier versions of Samba, but they will not be able to read the create
time stored there. Storing the create time separately from the normal filesystem meta-data
allows Samba to faithfully reproduce NTFS semantics on top of a POSIX filesystem.
Passes make test but will need more testing.
Jeremy.
|
|
inherit acls = yes or xattrs are removed.
We also need dos filemode = true set as well.
Jeremy.
|
|
Jeremy, please check.
Guenther
|
|
xattrs are removed.
Jeremy.
|
|
When something in the cluster blocks, it can happen that we wait indefinitely
long for ctdb, just adding to the blocking condition. In theory, nothing should
block, but as someone said "In practice the difference between theory and
practice is larger than in theory". This adds a timeout parameter in seconds,
after which we stop waiting for ctdb and panic.
|
|
Jeremy.
|
|
It does not cost much and can help a lot when debugging
|
|
This parameter will be introduced with Samba 3.5.0.
Karolin
|
|
Members of struct should be initialized explictly.
Fixes bug #6804.
|
|
Fix bug #6717.
|
|
===========================================================
== Subject: Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#: CVE-2009-2813
==
== Versions: All versions of Samba later than 3.0.11
==
== Summary: If a user in /etc/passwd is misconfigured to have
== an empty home directory then connecting to the home
== share of this user will use the root of the filesystem
== as the home directory.
===========================================================
|
|
FreeBSD (and other BSDs, too) need sys/sysctl.h inclueded to use sysctlbyname().
Thanks to Timur Bakeyev for that.
|
|
This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of
transitive AD trusts. The workaround is to add a [capaths] directive to
/etc/krb5.conf, which we don't automatically put into the krb5.conf winbind
creates.
The alternative would have been something like a "krb5 conf include", but I
think if someone has to mess with /etc/krb5.conf at this level, it should be
easy to add the site-local KDCs as well.
Next alternative is to correctly figure out the [capaths] parameter for all
trusted domains, but for that I don't have the time right now. Sorry :-)
|
|
that stores the create time in the user.DosTimestamps EA.
Jeremy.
|
|
|
|
s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and
non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
For now. This is a feature request and I think we need
to design it a little differently so as not to touch
core change_to_user() code.
Jeremy.
|
|
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
relatively volatile and non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
|
|
Use common paths like for smbpasswd, so that all utilities
behave the same way. As for smbpasswd this changes the behavior
of pdbedit to create/delete unix users is the add/delete user
scripts are provided, or ldapsam:editposix is configured.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
This patch introduces
struct stat_ex {
dev_t st_ex_dev;
ino_t st_ex_ino;
mode_t st_ex_mode;
nlink_t st_ex_nlink;
uid_t st_ex_uid;
gid_t st_ex_gid;
dev_t st_ex_rdev;
off_t st_ex_size;
struct timespec st_ex_atime;
struct timespec st_ex_mtime;
struct timespec st_ex_ctime;
struct timespec st_ex_btime; /* birthtime */
blksize_t st_ex_blksize;
blkcnt_t st_ex_blocks;
};
typedef struct stat_ex SMB_STRUCT_STAT;
It is really large because due to the friendly libc headers playing macro
tricks with fields like st_ino, so I renamed them to st_ex_xxx.
Why this change? To support birthtime, we already have quite a few #ifdef's at
places where it does not really belong. With a stat struct that we control, we
can consolidate the nanosecond timestamps and the birthtime deep in the VFS
stat calls.
At this moment it is triggered by a request to support the birthtime field for
GPFS. GPFS does not extend the system level struct stat, but instead has a
separate call that gets us the additional information beyond posix. Without
being able to do that within the VFS stat calls, that support would have to be
scattered around the main smbd code.
It will very likely break all the onefs modules, but I think the changes will
be reasonably easy to do.
|