summaryrefslogtreecommitdiff
path: root/source3/smbd/service.c
AgeCommit message (Collapse)AuthorFilesLines
2001-10-29This commit is number 3 of 4.Andrew Bartlett1-1/+1
In particular this commit focuses on: Changing the Get_Pwnam code so that it can work in a const-enforced environment. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for 'const' in the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username (This used to be commit e7634f81c5116ff4addfb7e495f54b6bb78e8f77)
2001-10-20add non_root_mode() checkAndrew Tridgell1-1/+1
(This used to be commit 96f910bae510fb45e2f1181c1e3ad607a50a64d7)
2001-10-18Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.Jeremy Allison1-28/+30
Ensure make_conection() can only be called as root. Jeremy. (This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
2001-10-18Renamed vfs_init() to smbd_vfs_init() to allow vfs modules to compile.Tim Potter1-1/+1
(This used to be commit 7c3542ba8764be48b88255dd7f73ea6d87be10ac)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-4/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-20Rearrange the ordering of the checks in make_connection(). The new order hasAndrew Bartlett1-37/+56
some sainity, avoiding things like 'root preexec' when the connection would otherwise already be denied (max connections). This does change behaviour, but I think its for the best. Andrew Bartlett (This used to be commit 99e8a263ada41de2662a0290fda3dd9df3ac0cd4)
2001-09-19got rid of bogus write list substitution error messagesAndrew Tridgell1-15/+18
(This used to be commit 0deae6c407faa86ea871a219ad52fdd285166274)
2001-09-15Kill off the //server/share%user hack in share level security.Andrew Bartlett1-20/+13
This should help make much of this code simpiler. Andrew Bartlett (This used to be commit fb0c3629c360fd0c57129500474960e6da6f9ef0)
2001-09-15Actually fill in the status for sainity checksAndrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit d47016de52e9e5c468edf4c87dc60535a9796b99)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-22/+22
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-17OK, so not freeing these was a mistake. I'll try to be less exuberent nextAndrew Bartlett1-0/+2
time :-) (This used to be commit 8c3cf2db95a0fcf48b21274cac93f13abb42d4bf)
2001-08-17Move the claim_connection stuff till a little later in the process.Andrew Bartlett1-16/+14
(You don't have to clean up somthing you haven't done yet...) (This used to be commit ba76564c2a06bf7feefdaf9ef06cbf77c776b6e6)
2001-08-17Move admin user check into a helper function.Andrew Bartlett1-18/+35
Formatting fixes. (This used to be commit 6fd8eb08c12d0446ab639becf8825d26bce8eb8a)
2001-08-17Move read only check into a helper funcion. Ensure conn->service is setAndrew Bartlett1-40/+50
before we use it to find a share's details. (This used to be commit 7dc716f174c38e73b8e6d07130a1bc39f4499ce3)
2001-08-17smbd/auth_server: Doco, we want to use cli_nt_error here soonAndrew Bartlett1-30/+43
smbd/password.c: We don't use globals here anymore smbd/reply.c: Tidyness, global_myworkgroup must die! smbd/service.c: Move some of the make_connection code into a helper function. (This used to be commit 15c87e404fcaff9e360a40b8b673938c6e611daf)
2001-07-26better debug messages + fix typo in debug messageSimo Sorce1-2/+2
(This used to be commit b377f06fd90f607fa9e0e2e61981e835527b568c)
2001-07-25- don't try to print pointersAndrew Tridgell1-2/+2
- removed some unused mangling code (This used to be commit 36af1c0dc41f72ec6a5c671fd6b4f6eb2590b8b4)
2001-07-24Convert other parameters (read list, write list, valid users...) to the ↵Simo Sorce1-12/+17
P_LIST format. changed functions to use list instead of strings addedd lp_list_substitute function (This used to be commit 7257d07563ba21bd88733d5d2b4ec4829fab2507)
2001-07-17Tidied up calling yield_connection on connection allocation fail.Jeremy Allison1-0/+4
Restore debug message to level zero. Jeremy. (This used to be commit 0b13f495b31887d526b46a48a812fa3fd418ce8e)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-1/+1
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-07-04The big character set handling changeover!Andrew Tridgell1-3/+0
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-06-29Ensured all the system calls in msdfs.c go through the vfs layer.Jeremy Allison1-22/+4
Added vfs calls to symlink() and readlink() with appropriate configure checks. Jeremy. (This used to be commit c24e6b41ea60ab4bac2fcd19da947851d6df3c7c)
2001-06-20added a close-share smbcontrol message that forcibly closes a share in smbd ↵Andrew Tridgell1-0/+2
(to allow unmount) (This used to be commit 15b17a80db605a55f667c95fb7e316877a441887)
2001-05-12Now we're doing the substituion in the lp_string code remove the erroneousJeremy Allison1-5/+0
debug 0 warning. Jeremy. (This used to be commit be7e1d0f2c078bd07c7087e1e36636dcd6d0a5d8)
2001-04-13Merge of Andrew's changes in 2.2.Jeremy Allison1-4/+4
Jeremy. (This used to be commit fc76681812b1469208ad6c8847afdfc68bc6db49)
2001-04-13As Andrew suggested, make smbrun return a fd for a deleted file which can thenJeremy Allison1-4/+4
be read. Jeremy. (This used to be commit e7d59d6de89a5fdd201e4b5c6072dab08b1519db)
2001-04-11Fix for core dump in security = share code with new share security db.Jeremy Allison1-22/+22
Jeremy. (This used to be commit 20b13bafdff2fd7be9219ed164e7fe91b597298d)
2001-04-09Added set/get SD's on shares. Check before tcon.Jeremy Allison1-0/+23
Jeremy. (This used to be commit 036b1a8b09fe6a7cca83d631624145574acad7f2)
2001-04-06Fix from Ed Boraas for not core dumping when out of connection structs.Jeremy Allison1-1/+0
Jeremy. (This used to be commit f50ea32dd0deb07c626c211caedd86dc1ccd5427)
2001-03-26Patch from Massimo Sivilotti <mass@tanner.com> to log remote machine/ip onJeremy Allison1-1/+2
connection fail. Jeremy. (This used to be commit 07cee46d1de1caaf6f9f1b6139dd21bcc5d67e8e)
2001-03-13Added ADMIN$ share as alias for IPC$ except no guest connect. AS/U wantsJeremy Allison1-3/+3
to do RPC calls down this treeid. Jeremy. (This used to be commit 83133bab0ed59e303a183fd91812165f08e88484)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-4/+0
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2001-01-24smbd/process.c: & type with 0xff for paranioa sake...Jeremy Allison1-30/+42
smbd/reply.c smbd/service.c: cause all "add home service" calls to go through a winbindd aware function. Jeremy. (This used to be commit a72d12e992e2755e925032aef1aa99be74bf6652)
2001-01-23only add the service name and client machine name to list of users namesGerald Carter1-2/+5
for a session when in share mode security --jerry (This used to be commit 22d6c2c163dd578365bff85ef95abfa59fe356ea)
2001-01-23include/vfs.h:Jeremy Allison1-6/+26
smbd/vfs-wrap.c: smbd/vfs.c: Added fchmod_acl and chmod_acl. lib/substitute.c: smbd/lanman.c: smbd/open.c: smbd/process.c: smbd/reply.c: smbd/service.c: Removed sessetup_user variable. Added current_user_info struct which conatins domain info etc. Added '%D' for client domain parameter. Jeremy. (This used to be commit 2844ec3d511680609d6794b8718001a1bda9e89f)
2001-01-17Changes from APPLIANCE_HEAD:David O'Neill1-1/+1
source/rpc_server/srv_spoolss_nt.c - Unrolled construct_notify_jobs_info() loop to only fetch printer info_2 structure once rather than num_print_jobs times. - convert command to unix codepage. - remove lp_remove_service() call as it prevents lp_killservice() from working. - Modified some DEBUG and DEBUGADD statements. source/param/loadparm.c source/param/params.c - change printer, preload, auto services to FLAG_DOS_STRING, reverted earlier changes to szPrintername et al, add comments. source/printing/load.c - fix bug with lp_auto_services() and strtok() source/printing/nt_printing.c source/printing/printing.c - remove redundant test that used SERVICE(snum) source/printing/pcap.c - add unix_to_dos() calls, add notes wrt FIXMEs for xxx_printer_fn() functions. source/web/swat.c - added FIXME comment. source/smbd/service.c - added comment re: dos codepage (This used to be commit 7b774b72c2857af9519012106714a9e2cb099da3)
2001-01-04Changes from APPLIANCE_HEAD:David O'Neill1-1/+1
source/Makefile.in - changes to ctags and etags rules that somehow got lost along the way. source/include/proto.h - make proto source/smbd/sec_ctx.c source/smbd/password.c - merge debugs for debugging user groups and NT token stuff. source/lib/util_str.c - capitalise domain name returned from parse_domain_user() source/nsswitch/wb_client.c - fix broken conditional in debug statement. source/include/rpc_secdes.h source/include/rpc_spoolss.h source/printing/nt_printing.c source/lib/util_seaccess.c - fix printer permission bugs related to ACE masks for printers. This adds mapping of generic access rights to object specific rights for NT printers. Still need to work out whether or not to ignore ACEs with certain flags set, though. See comments in util_seaccess.c:check_ace() for details. source/printing/nt_printing.c source/printing/printing.c - use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER until we sort out printer/printjob permission stuff. (This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
2000-12-12Compile fix for new arg to create_nt_token()Tim Potter1-1/+3
(This used to be commit 806185ca8cc8d28f16745a1db9427f52eb8d22e4)
2000-11-17we don't need the separate lp_status() connection records any moreAndrew Tridgell1-12/+0
(This used to be commit 209e20365e562371aafafea301b4ffecc3d4c3ed)
2000-11-17fixed the problem with messages not getting throughAndrew Tridgell1-33/+27
the problem had nothing to do with being your own pid, it was instead a problem with IPC$ connections not being registered in the connections database and an incorrect test for -1 in the messaging code. These changes also mean that IPC$ shares now show up in smbstatus. That is probably a good thing. (This used to be commit 3575ad10985a18f897e38179ca69fa9a49a7ea02)
2000-11-06Added a VFS version return to init call. Allows smbd to fail an init ifJeremy Allison1-0/+2
versions don't match. Jeremy. (This used to be commit d0fbb4f5d999abade8930cc6fff231a2af6cccfb)
2000-10-13Fix to allow smbd to call winbindd if it is running for all group enumeration,Jeremy Allison1-10/+6
falling back to the UNIX calls on error. This should fix all problems with smbd enumerating all users in all groups in all trusted domains via winbindd. Also changed GETDC to query 1C name rather than 1b name as only the PDC registers 1b. Jeremy. (This used to be commit 5b0038a2afd8abbd6fd4a58f5477a40d1926d498)
2000-10-11Don't initialise groups twice.Tim Potter1-1/+0
(This used to be commit 15d7f16bdc2ff4f2ae82871eb9f318ba45cf4d1c)
2000-10-06Restructuring of vfs layer to include a "this" pointer - can be an fsp orJeremy Allison1-42/+2
a conn struct depending on the call. We need this to have a clean NT ACL call interface. This will break any existing VFS libraries (that's why this is pre-release code). Andrew gets credit for this one :-) :-). In addition - added Herb's WITH_PROFILE changes - Herb - please examine the changes I've made to the smbd/reply.c code you added. The original code was very ugly and I have replaced it with a START_PROFILE(x)/END_PROFILE(x) pair using the preprocessor. Please check this compiles ok with the --with-profile switch. Jeremy. (This used to be commit b07611f8159b0b3f42e7e02611be9f4d56de96f5)
2000-09-27Restructuring of the code to remove dos_ChDir/dos_GetWd and re-vector themJeremy Allison1-5/+5
through the VFS. All file access/directory access code in smbd should now go via the vfs. Added vfs_chown/vfs_chmod calls. Still looking at vfs_get_nt_acl() vfs_set_nt_acl() call API design. Jeremy. (This used to be commit f96625ec124adb6e110dc54632e006b3620a962b)
2000-08-31fixed "admin users" option with new security codeAndrew Tridgell1-0/+5
(This used to be commit b69c5de6bad9fad3aed1280e7d12fbfed276a16f)
2000-08-28Merge from appliance branch.Tim Potter1-0/+1
(This used to be commit 567b0095b1b8393b3b1e32533aa2860ab3dbfa47)
2000-08-03Added an NT_USER_TOKEN structure that is copied/passed around associatedJeremy Allison1-65/+73
with the current user. This will allow se_access_check() to quickly do a SD check without having to translate uid/gid's to SIDs. Still needs work on pipe calls. Jeremy. (This used to be commit e28d01b744b3dbd33e0e54af4e7f426fa8c082b8)
2000-08-02Started to canonicalize our handling of uid -> sid code in order toJeremy Allison1-2/+2
get ready and fix se_access_check(). Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid() functions that look via winbind first the fall back on local lookup. All Samba should use these rather than trying to call winbindd code directly. Added NT_USER_TOKEN struct in user_struct, contains list of NT sids associated with this user. se_access_check() should use this (cached) value rather than attempting to do the same thing itself when given a uid/gid pair. More work needs to be done to preserve these things accross security context changes (especially with the tricky pipe problem) but I'm beginning to see how this will be done..... probably by registering a new vuid for an authenticated RPC pipe and not treating the pipe calls specially. More thoughts needed - but we're almost there... Jeremy. (This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
2000-07-25Fix for mounting a printer as a share. Not that there's anythingTim Potter1-0/+5
specifically wrong with this, but Samba is fooled by the client into thinking the printer is a file share. Files copied to the share gather dust in the spool directory and aren't printed. This patch has the effect of not allowing printers to be mounted as file shares. Not sure whether this is the correct solution or not. {Jeremy,JF,Tridge} please check! (This used to be commit dcf3249bb9fef2a05b376e9c8c1a0a7d602d8a2e)