Age | Commit message (Collapse) | Author | Files | Lines |
|
fetch_secrets() must free the result in order to not leak memory.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 5 22:20:45 CEST 2012 on sn-devel-104
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
The name samba_dsdb is not ideal, but it matches the primary ldb
module we use, and more importantly it avoids having '4' in the name.
We should slowly avoid using the term samba4 in long-term places like
the smb.conf because it is confusing to users given we are shipping
Samba 4.0 as an AD DC as well as all the other supported roles (domain
member/standalone server/classic DC)
Additionally, samba4 will be an odd name when we eventually release
Samba 5.0!
samba4 remains accepted as an alias to ensure existing smb.conf files
load, but to allow changes here in the future, we set the value during
the smb.conf load, and not during the provision when we are an AD DC.
This simplifies the default smb.conf for the vast majority of our
users and reduces the number of things listed in smb.conf files that
we later have to work around if we wish to change the
name/implementation of the passdb glue module again.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 4 04:45:16 CEST 2012 on sn-devel-104
|
|
|
|
This is then used in provision when the passdb backend is forced.
Andrew Bartlett
|
|
|
|
|
|
secrets_tdb_sync
secrets_tdb_sync will be a new ldb module designed to sync secrets.ldb
entries with the secrets.tdb file.
While not ideal to keep two copies of this data, this routine will
assist in allowing the samba-tool domain join code to operate
correctly in most cases where winbindd and smbd are used.
Andrew Bartlett
|
|
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Aug 23 18:22:13 CEST 2012 on sn-devel-104
|
|
This is needed so that pdb_samba4 can map any SID during a provision.
At runtime, winbindd will be asked first, but this shortcut direct to the
ldb file makes it possible to set the permissions on the sysvol share at
provision time.
Andrew Bartlett
|
|
When pdb_samba4 first opens this databse, this message is printed.
Andrew Bartlett
|
|
|
|
|
|
The source3 consumers of this API are now quite happy to be given an answer
of ID_TYPE_BOTH, so we do not need this extra code to try and force the
answer to UID or GID.
Andrew Bartlett
|
|
dns_{domain,forest}
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Guenther
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jul 24 14:49:42 CEST 2012 on sn-devel-104
|
|
This is in preperation for the parameter table being made common.
Andrew Bartlett
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
|
|
dbwrap needs it. Some calls were already wrapped, but they checked the
talloc_stackframe() return unnecessarily: it can never be NULL.
This is the coccinelle patch I used:
// Add in a stackframe to every function: be sure to free it on (every) return
@rule0@
identifier func;
@@
func(...) {
+TALLOC_CTX *frame = talloc_stackframe();
<...
+talloc_free(frame);
return ...;
...>
}
// Get rid of tframe allocation/frees, replace usage with frame.
@rule1@
identifier func;
identifier oldframe;
@@
func(...) {
...
-TALLOC_CTX *oldframe;
...
-if ((oldframe = talloc_stackframe()) == NULL) {
- ...
-}
<...
-talloc_free(oldframe);
...>
}
// Get rid of tframe (variant 2)
@rule2@
identifier func;
identifier oldframe;
@@
func(...) {
...
-TALLOC_CTX *oldframe;
...
-oldframe = talloc_stackframe();
-if (oldframe == NULL) {
- ...
-}
<...
-talloc_free(oldframe);
...>
}
// Change tframe to frame
@rule3@
identifier func;
@@
func(...) {
<...
-tframe
+frame
...>
}
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
If you want a stack-style allocation, use talloc_stackframe(). If you
don't, don't use it. In particular, talloc_stackframe() here is actually
inside a pool, and stealing from pools is a bad idea.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().
A simple patch, but hits a lot of files.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
|
|
This boolean was only set if the old machine account store (with an
MD4 hash in it) was returned. We have not set that password type for
years. If this call ever worked, it would store a plaintext password,
so we could only ever be here if we had set a password using a version
of Samba so old as not to store plaintext, and then never honered the
flag anyway.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 13 07:52:40 CEST 2012 on sn-devel-104
|
|
This does not check whether the given sid is in our domain, but
but whether it belongs to the local sam, which is a different
thing on a domain member server.
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
|
|
This does not check whether the given sid is the domain sid,
but whether it is the sid of the local sam, which is different
for a domain member server.
|
|
This code is lying there unused since more than five years now.
|
|
|
|
This helps clarify the role of this structure and wrapper function.
The purpose here is to provide helper functions to the lib/param
loadparm_context that point back at the s3 lp_ functions. This allows
a struct loadparm_context to be passed to any point in the code, and
always refer to the correct loadparm system. If this has not been
set, the variables loaded in the lib/param code will be returned.
As requested by Michael Adam.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 27 13:16:26 CEST 2012 on sn-devel-104
|
|
|
|
This matches 478d74fe1447c4588b14ef7040c8c13339d54026 which I failed to
merge from pdb_ads.
Andrew Bartlett
|
|
pdb_samba4_replace_by_sam()
|
|
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 19 21:17:51 CEST 2012 on sn-devel-104
|
|
pdb_ads was an important module in the development of the combined Samba 4.0, and
was the first module to show that standard samba3 tools such as smbpasswd can be
made to operate on the sam.ldb.
We now have pdb_samba4, which operates directly on the sam.ldb, rather than via
ldapi://, which uses transactions and which is supported and tested as part
of the official Samba 4.0 release configuration.
This module is not as complete (for example, it does not honour the idmap
configuration) and requires that the samba binary be running to operate.
Andrew Bartlett
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 15 14:20:04 CEST 2012 on sn-devel-104
|
|
dbwrap_trans_change_int32_atomic->dbwrap_trans_change_int32_atomic_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
dbwrap_trans_change_uint32_atomic->dbwrap_trans_change_uint32_atomic_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
-1 uid/gid/both signals a non existent uid/gid/both.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
System MIT krb5 build also enabled by specifying --without-ad-dc
When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.
Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
* Samba 4 client libraries and their Python bindings
* Samba 3 server (smbd, nmbd, winbindd from source3/)
* Samba 3 client libraries
In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
|
|
struct unixid is defined in idmap.idl and therefore to use it one
would need generated headers from librpc/gen_ndr. Not all of these
files are installed and available as public headers. Also, they
pull in some support headers which requires them to be available
via specific locations like <librpc/gen_ndr/*> or <libcli/util>.
Instead of pulling the headers to get structure and enum definitions,
introduce three simple helpers to fill in 'struct unixid' based on
the type of id. This is sufficient for PASSDB users and does not
require exposing generated headers or code.
|
|
Description: Avoid null dereference in initialize_password_db()
When initialize_password_db() is called with reload=True, it's assumed that
the free_private_data member of pdb_methods is non-null. This is not
necessarily the case, as the tdb backend has no private data and therefore
no free function. Check to see if we have private data that needs freed
before calling.
Author: Steve Langasek <steve.langasek@ubuntu.com>
Bug-Ubuntu: https://bugs.launchpad.net/bugs/829221
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Thu May 10 11:07:27 CEST 2012 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri May 4 20:32:37 CEST 2012 on sn-devel-104
|
|
|
|
this one could have caused crashes
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Thu May 3 23:22:05 CEST 2012 on sn-devel-104
|
|
This will be used in samba3upgrade to try and get the group memberships by instead asking
for the groups each user is in. This reverse lookup may be more reliable, as this
is used at login time.
Andrew Bartlett
|
|
|