| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
by ensuring we return the correct enum for sid
type, not a uint32.
Jeremy.
(This used to be commit 98a5e20ff4ceacda65dcc0ce5498ed4ffde520f8)
|
|
Jeremy.
(This used to be commit 1f52b8b40619679242da663f5e5e7836d547f0a2)
|
|
Jeremy.
(This used to be commit 720a9172050beb158a25fbb826676ba19cdcef20)
|
|
where we don't correctly check the return from memdup.
Jeremy.
(This used to be commit ce14daf51c7ee2f9c68c77f7f4674e6f0e35c9ca)
|
|
candidate!
Volker
(This used to be commit adf2dcce09ae29a8c1677b25e1cd5f022b804d01)
|
|
Jeremy.
(This used to be commit 7b68a2acfc583d1559c02461cab13419185bcd74)
|
|
related fix.
Jeremy.
(This used to be commit 2e5a88147826113f78ee0d8845c704692942cebf)
|
|
in net_rpc.c: 715 716 732 734 735 736 737 738 739 749
in net_rpc_audit.c: 754 755 756
in net_rpc_join.c: 757
in net_rpc_registry: 766 767
in net_rpc_samsync.c: 771 773
in net_sam.c: 797 798
Volker
(This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
|
|
GUenther
(This used to be commit 3203ce3b49e6f21ed690e9d7393e98419de54c27)
|
|
1107, 1109,
1111
Volker
(This used to be commit d3f5acb16e14ec394f1af41fa2f9e27fdca937db)
|
|
Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
(This used to be commit a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae)
|
|
(This used to be commit 963ae5bd144b90e71331a88029698a1a6dc52190)
|
|
Fix typo in DEBUG()
Jeremy.
(This used to be commit da768bf9c2761884cc97f690133d6897ed353e15)
|
|
Guenther
(This used to be commit 322f1664df553d95fcdfc24f19bd7f34ce9b834b)
|
|
<Shlomi@exanet.com>.
Jeremy.
(This used to be commit 5cd234a1fff1e9d025eea6600649e56c997eafc2)
|
|
'valid users = +unixgroup' failed with smbpasswd if 'unixgroup' has a
(non-algorithmic) group mapping.
Thanks a lot!
People out there listening, please test current code, this release is
**BIG**
:-)
Volker
(This used to be commit 8f9ba5f96c9b506623ef97b7ed3d84f39d914a3c)
|
|
cache.
Jeremy.
(This used to be commit da26565a2e85dc36b283f6b81378a706f3ae5f26)
|
|
BIG THANKS to Tom Bork for reporting that Bug!
Volker
(This used to be commit 40339fdcced67d62e449ba6f19329d89c808e139)
|
|
the same function (deals with races).
Jeremy.
(This used to be commit 4962548dfe8ec2854e209217066556f339d3186e)
|
|
Invalid comparisons.
Jeremy.
(This used to be commit 9890a31c5f4a8911b0f56eee67cfbcc46f15ee43)
|
|
Windows). Fixes bug #1914.
Guenther
(This used to be commit b5a5d0b24ea5320cb2f28dbefe81ddf5c58baf77)
|
|
Guenther
(This used to be commit 1b5a712467ab8f35211b59bb703a42bdc5e0dfc0)
|
|
Volker
(This used to be commit ea7cced6bcb3cb7d817e4cb072774692e4afedb0)
|
|
(This used to be commit 2cf503d7da08319f318217f6fe8f85c18bf0dffb)
|
|
backend still exists
(This used to be commit 7d99e05ee8f60b2b4d18405dc8be6f9ff822c3ad)
|
|
simple bind operation was successful or not.
Guenther
(This used to be commit e4734cb99cae189edf49c4d8f4e4324f5c51f443)
|
|
starting with the global SAM sid, not an exact search.
Jeremy.
(This used to be commit 755c272ebf5d0f4de15178814f998d1ec5ecb718)
|
|
to stay.
Volker
(This used to be commit 898948d65409e5b63937fbd8050be04ac81df05d)
|
|
(This used to be commit b6904e0950a5e70ebb2ea8aa9e9afc220adbe211)
|
|
patch to SAMBA_3_0 to declare prototypes for the initialization functions. These are the same changes I just made to head. --paulg
(This used to be commit 17774387ad879b6a72dd1cf406326318add31b04)
|
|
does not
have the timeout argument in Samba4. Add a new routine
tdb_lock_bystring_with_timeout.
Volker
(This used to be commit b9c6e3f55602fa505859a4b2cd137b74105d685f)
|
|
(This used to be commit 0a7d4f1ab109f57f5b5f4c1e83ad346b13b50778)
|
|
I will not write code when changing to Daylight Savings Time.
I will not write code when changing to Daylight Savings Time.
I will not write code when changing to Daylight Savings Time.
I will not write code when changing to Daylight Savings Time.
I will not write code when changing to Daylight Savings Time.
I will not write code when changing to Daylight Savings Time.
I will not write code when changing to Daylight Savings Time.
I will not write code when changing to Daylight Savings Time.
...
Fix my brain dead inverted logic for turning winbindd on and off
when run on a DC or when calling pdb functions from within winbindd.
(This used to be commit 021b3dc2db9fb422ede4657a1f27ef7ef2d22cee)
|
|
* depreacte 'acl group control' after discussion with Jeremy
and implement functionality as part of 'dos filemode'
* fix winbindd on a non-member server to expand local groups
* prevent code previously only used by smbd from blindly
turning _NO_WINBINDD back on
(This used to be commit 4ab372f4cab22225716b5c9a9a08f0c1dbc9928d)
|
|
Jeremy.
(This used to be commit 1588ce8efe7fafd89561b55a98c498f947f4ada9)
|
|
Guenther
(This used to be commit 25970a54298f2888b5c3cd64496dbd0c9d627a05)
|
|
structural objectclass.
Guenther
(This used to be commit 7eefeaad352597b6f97160b1abc0dc032c0b46b2)
|
|
pdb backend)
(This used to be commit c149421ef7aca8763e21e6c7d467e94944c30e8b)
|
|
* Finally fix parsing idmap uid/gid ranges not to break with spaces
surrounding the '-'
* Allow local groups to renamed by adding info level 2 to
_samr_set_aliasinfo()
* Fix parsing bug in _samr_del_dom_alias() reply
* Prevent root from being deleted via Samba
* Prevent builting groups from being renamed or deleted
* Fix bug in pdb_tdb that broke renaming user accounts
* Make sure winbindd is running when trying to create the Administrators
and Users BUILTIN groups automatically from smbd (and not just check the
winbind nexted groups parameter value).
* Have the top level rid allocator verify that the RID it is about to
grant is not already assigned in our own SAM (retries up to 250 times).
This fixes passdb with existing SIDs assigned to users from the RID algorithm
but not monotonically allocating the RIDs from passdb.
(This used to be commit db1162241f79c2af8afb7d8c26e8ed1c4a4b476f)
|
|
* Add back in the import/export support to pdbedit
* Fix segv in pam_smbpass
* Cleanup some error paths in pdb_tdb and pdb_interface
(This used to be commit df53d64910fbb96eb810102e986b3c337d54c463)
|
|
Now that I know what all the requirements for this group are
I can generalize the code some more and make it cleaner.
But at least this is working with lusrmgr.msc on XP and 2k now.
(This used to be commit d2c1842978cd50485849bfc4fb6d94767d96cab0)
|
|
* Fix sprintf() args when createing the group search filter.
(This used to be commit 0b7549997a3739b2c1500e7838ebaaa249dbfaf4)
|
|
groups in the ${MACHINESID} and S_1-5-32 domains correctly,
I had to add a substr search on sambaSID.
* add substr matching rule to OpenLDAP schema
(we need to update the other schema as will since this
is a pretty important change). Sites will need to
- install the new schema
- add 'indea sambaSID sub' to slapd.conf
- run slapindex
* remove uses of SID_NAME_WKN_GRP in pdb_ldap.c
(This used to be commit 2c0a46d73122e9000a900f7e16f9b010ad4b78e3)
|
|
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
(This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
|
|
(This used to be commit b880602c4c1b13fbb5931b8e00c22209a722e0d5)
|
|
(This used to be commit 56dc19879c6514cbdd0b1fd186c8bdeb61bf151a)
|
|
Jeremy.
(This used to be commit 7f3ace5481e55ef845da28b9c0613a2ea0de0de4)
|
|
checking for
!= NULL. Coverity #149.
Volker
(This used to be commit d38e05329a77650d8fbb8611ca148964f62c9ba4)
|
|
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
|
|
(This used to be commit 705d8118081784e9907648fd1daaaa5ec0285972)
|
