| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
fix the messaging code to call the efficient calls :
save_re_uid()
set_effective_uid(0);
messaging_op
restore_re_uid();
instead of using heavyweight become_root()/unbecome_root()
pairs around all messaging code. Fixup the messaging
code to ensure sec_init() is called (only once) so that non-root
processes still work when sending messages.
This is a lighter weight solution to become_root()/unbecome_root()
(which swaps all the supplemental groups) and should be more
efficient. I will migrate all server code over to using this
(a similar technique should be used in the passdb backend
where needed).
Jeremy.
(This used to be commit 4ace291278d9a44f5c577bdd3b282c1231e543df)
|
|
free in the infolevel2 case. Free both queue and
NT_PRINTER_INFO_LEVEL in the same place.
Jeremy.
(This used to be commit 6ac3a4ce78f42949013ae7bd675ff292fb0383ca)
|
|
wasn't being freed - also one enum jobs case where the
NT_PRINTER_INFO_LEVEL and queue weren't being freed.
Strange that Coverity or Klokwork didn't pick these up.
Hopefully will fix #3962.
Jeremy.
(This used to be commit bb264123872bfec42ad85ec0c8afa3a8c7d1811e)
|
|
when viewing or modifying local group membership.
(This used to be commit 41e30a9666e1fb736cd2ba8a5ad9285fcde50d47)
|
|
(This used to be commit 4c4ae01c671bd35687af686a34824a96828e6b25)
|
|
geteuid()==0. Adapt
it to other "Am I root?" checks.
Jerry, Jeremy, please check this!
Thanks,
Volker
(This used to be commit f777b2d294f7258e676976d7807adbb644c85a2f)
|
|
Maybe bzr is not such a bad idea, then you would probably see less spam on
samba-cvs, sorry for that... :-)
Volker
(This used to be commit 41456b498a181c70707ca1ea80288bd7bdcadcdf)
|
|
rpc-lsa test even considers NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED not to be an
error.
Before someone re-activates this, show me a working sniff please :-)
Volker
(This used to be commit b185fb9fa61d89b612870c2fdd9e112c9e7ae57c)
|
|
it cannot be mapped and not the hex of the RID. Who wrote that?
(This used to be commit 4e51cf34cf4cbe77957d754952369df3a180f974)
|
|
share_mode_forall().
Volker
(This used to be commit f97f6cedffdc4d10afcac90a163b93a801acf514)
|
|
* Make sure to lower case all usernames before
calling the create, delete, or rename hooks.
* Preserve case for usernames in passdb
* Flush the getpwnam cache after renaming a user
* Add become/unbecome root block in _samr_delete_dom_user()
when trying to verify the account's existence.
(This used to be commit bbe11b7a950e7d85001f042bbd1ea3bf33ecda7b)
|
|
lib/sharesec.c
(This used to be commit 220dd4333032aea238066e3fbec9fca51ed16ddf)
|
|
the snum,
and the decision which token to use (conn or vuser) does not really belong
here, it is better done in the two places where this is called.
Volker
(This used to be commit 0a138888adf7a0f04a38cd911e797e1a379e908b)
|
|
login.
Found that because I want to play around with setsharesecurity, for this I
need the "whoami" call figuring out the SID of the currently connected user.
Not activating this test yet until the build farm has picked up the new samba4
revision.
Volker
(This used to be commit 5cfe482841b77208b68376f9e2b8a4a62271f7c9)
|
|
pstrings.
Volker
(This used to be commit c5e393d5eda4e13a844171d9ff319d1f1bac3d84)
|
|
not a dozen
or so. Next step will be to eliminate the explicit snum reference.
Volker
(This used to be commit 6e98f8d6c6cc126b0d27ac574c128be96e50abf3)
|
|
> r16959 | vlendec | 2006-07-11 23:10:44 +0200 (Di, 11 Jul 2006) | 1 line
>
> get_share_security does not need snum, activate RPC-SAMBA3-SRVSVC
Volker
(This used to be commit c89471e15766fcdbfa4f40701e12c19f95c2d8ef)
|
|
Reuse can_create() to prevent renameing a group to
an existing user or group.
(This used to be commit ce7091fda1eb3c7ea0900f455cec48c3b95a17f6)
|
|
(This used to be commit 7d619f127ee70fdd486ffaab4546a53d76a2288c)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
dfs_Enum.
Guenther
(This used to be commit 4e5ea585c3482c38f2624e45f1268d3864a99faa)
|
|
password changes
Jeremy, please review.
(This used to be commit 154e4a281503f0cbc2e654640f1dfa4b4d35a3cd)
|
|
Jeremy.
(This used to be commit 5c5ea3152f8dbdfd7717b65e035191ffed3ec548)
|
|
Jeremy.
(This used to be commit 433d7a1bc91ff479934a256ff84e6866e16d1f85)
|
|
where we don't correctly check the return from memdup.
Jeremy.
(This used to be commit ce14daf51c7ee2f9c68c77f7f4674e6f0e35c9ca)
|
|
Jeremy.
(This used to be commit 16e42b446bea171c3ad848aefaa92c7404aade42)
|
|
Jeremy.
(This used to be commit cde8323fdc4d4ddaa30e8c59bec89dc130fe26a6)
|
|
I think). If a alloc fails just return NT_STATUS_NO_MEMORY,
don't go to "done" label and deref pointers.
Jeremy.
(This used to be commit 490c7c84674860ecd9daa24341edb427b9fe0aa5)
|
|
1177
In reg_perfcount.c: 1200 1202 1203 1204
In regfio.c: 1243 1245 1246 1247 1251
Jerry, the reg_perfcount and regfio.c ones, can you take a look please? This
is really your code, and I'm not sure I did the right thing to return an
error.
smbcacls.c: 1377
srv_eventlog_nt.c: 1415 1416 1417
srv_lsa_nt.c: 1420 1421
srv_netlog_nt.c: 1429
srv_samr_nt: 1458 1459 1460
Volker
Volker
(This used to be commit d6547d12b1c9f9454876665a5bdb010f46b9f5ff)
|
|
(This used to be commit 21aaede518503e6722ba5ccfdb2c77007d12ddee)
|
|
Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
(This used to be commit a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae)
|
|
reason but to increase fidelity with W2k3. Tom Bork has raised valid concerns
that Unix scripts might rely on the account names being lower-case, so keep
that. We might later decide to only lower-case the unix name passed to
'add [user|group] script' but keep the passdb entry upper-case. But there are
enough user-visible changes in 3_0 already so that we should push this off to
a later date.
Tom, waiting for more bug reports from you ;-))
Thanks for insisting!
Volker
(This used to be commit bc78cca290559c5ca7623b9f6d9933e32668b9c4)
|
|
enough of
SetUserInfo level 25 to survive the join method XP uses if the user did not
exist before. For good taste this contains way too much cut&paste, but for a
real fix there is just not enough time.
Up to 3.0.22 we completely ignored that a full level 21 is being sent together
with level 25, but we got away with that because on creation we did not set
the "disabled" flag on the workstation account. Now we correctly follow W2k3
in this regard, and we end up with a disabled workstation after join.
Man, I hate rpc_parse/. The correct fix would be to import PIDL generated samr
parsing, but this is would probably be a bit too much for .23...
Thanks to Tom Bork for finding this one.
Volker
(This used to be commit 5a37aba10551456042266443cc0a92f28f8c3d0d)
|
|
fix this in 3.0 ?
Jeremy.
We had no way to return NT_STATUS_OK from the netlogon serverpwset,
although
we successfully set the machine password...
One thing the samba3 join test found.
Volker
(This used to be commit e5b7acc9b5cb6e8cf3d03c9d392fad06e0d282d9)
|
|
(prevent a segv)
(This used to be commit a2ef525d9e3b4f050cb4e02fad67808d3e916373)
|
|
this one.
Volker
(This used to be commit c6bf2c8922e612278349fe53ca11f6be6c819009)
|
|
samr_query_domain_info(2) for consistency reasons.
Guenther
(This used to be commit 870495e2c8628deee0498e68cc1d93abfbc56da4)
|
|
difference between samr_query_domain_info and samr_query_domain_info2,
wrap the info2 call around the info call. There have been various "could
not access LDAP when not root" bugs lurking around in
samr_query_domain_info2 anyway.
Guenther
(This used to be commit 3e181b46bea87797d654d57a6c8231cba6ff5a7b)
|
|
Guenther
(This used to be commit 6ed7d7fa70e3f750f921192c0f75594d608875b7)
|
|
Also return the hostname for the level 6 call (to be consistent with the
server name in level 2).
Guenther
(This used to be commit 41b72e77ae70c96de4659af6b4b6bd842dd67981)
|
|
name eversince instead of the domain name when we are a DC.
Yes, there are applications relying on this call to be correct.
Guenther
(This used to be commit 26dd22c9af8caf3db236984e4683ba210376ca59)
|
|
BUILTIN\Administrators
(This used to be commit a02933c9589e34488f289cbc40f77f6864a58367)
|
|
check.
Jeremy.
(This used to be commit 9f676603aaf84829d52dc8d0e0872a058a4d3d4e)
|
|
(This used to be commit 037f9f831e001a12261419e37c725558dd717af9)
|
|
With this change (and setting lanman auth = no in smb.conf)
we have *identical* NTLMSSP flags to W2K3 in SPNEGO auth.
Jeremy
(This used to be commit 93ca3eee55297eb7fdd38fca38103ce129987e2a)
|
|
does not
have the timeout argument in Samba4. Add a new routine
tdb_lock_bystring_with_timeout.
Volker
(This used to be commit b9c6e3f55602fa505859a4b2cd137b74105d685f)
|
|
Guenther
(This used to be commit 3ff278b852b4085461127bc7ccb2c5dba81fb3c8)
|
|
servers. Also add a new "net rpc audit" tool. The lsa query infolevels
were taken from samb4 IDL, the lsa policy flags and categories are
partly documented on msdn. I need to cleanup the double
lsa_query_info_policy{2}{_new} calls next.
Guenther
(This used to be commit 0fed66926f4b72444abfc8ffb8c46cca8d0600aa)
|
|
Jeremy.
(This used to be commit 0217f7d7bf4c8b5b7de2433485fb6f78b62ac817)
|
|
Jeremy.
(This used to be commit 363d31c9ec2d2a4429ab4d26b3d7c78b76f60626)
|
