Age | Commit message (Collapse) | Author | Files | Lines |
|
(should fix the mb service name problem, can't remember the bugid).
Jeremy.
(This used to be commit 94a272b9a881ec0004c5da2a7242b0a818da5630)
|
|
Jeremy.
(This used to be commit 92c3ae3458177ec7f721598311a8ad04b2db5138)
|
|
Jeremy.
(This used to be commit f0f7a48327ba1808088bc8c4e5d48b5cbeaeb4e3)
|
|
postexec script
(This used to be commit 497e14ba19f4f637e1203d73981ea1c401a19542)
|
|
Jeremy.
(This used to be commit 7d7096fc3a899349b46691dcc30b86b04964fe52)
|
|
afs share -- this is an AFS share, do AFS magic things
afs username map -- We need a way to specify the cell and possibly
weird username codings for several windows domains
in the afs cell
Volker
(This used to be commit 4a3f7a9356cd5068d9ed4fd6e2336d9bf7923fbd)
|
|
(This used to be commit 52bea54d35e7fb32c7ed7b067c13afe53761affb)
|
|
This implements some kind of improved AFS support for Samba on Linux with
OpenAFS 1.2.10. ./configure --with-fake-kaserver assumes that you have
OpenAFS on your machine. To use this, you have to put the AFS server's KeyFile
into secrets.tdb with 'net afskey'. If this is done, on each tree connect
smbd creates a Kerberos V4 ticket suitable for use by the AFS client and
gives it to the kernel via the AFS syscall. This is meant to be very
light-weight, so I did not link in a whole lot of libraries to be more
platform-independent using the ka_SetToken function call.
Volker
(This used to be commit 5775690ee8e17d3e98355b5147e4aed47e8dc213)
|
|
is active.
Jeremy.
(This used to be commit c6674fa62865b64aa788a1903db118e4d773bcae)
|
|
(This used to be commit 8409cf3e470df79f219f9a21c0cb780e9257186c)
|
|
properly handle iconv on FreeBSD ...
It works on Linux and FreeBSD ...
(This used to be commit 9302401f543bd3684657b38f046dc52a5a732035)
|
|
Samba will now use the user's UNIX primary group, as the primary group when
dealing with the filesystem. The NT primary group is ignored in unix.
For the NT_TOKEN, the primary group is the NT priamry group, and the unix
primary group is added to the NT_TOKEN as a supplementary group.
This should fix bug #109, but will need to be revisited when we get a full
NT group database.
Also in this commit:
- Fix debug statements in service.c
- Make idmap_ldap show if it's adding, or modifying an existing DN
- Make idmap_ldap show both the error message and error string
(This used to be commit 32e455a714b2090fcfd1f6d73daccf600c15d51b)
|
|
strupper_m/strlower_m.
I really want people to think about when they're using multibyte strings.
Jeremy.
(This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
|
|
(This used to be commit 75081860af5ace873f53c361ec34d029b7864ff7)
|
|
VFS_ macros at system side. We currently have one clash with AIX and its VFS_LOCK. Compiled and tested -- no new functionality or code, just plain rename of macros for yet-unreleased VFS API version. Needs to be done before a24 is out
(This used to be commit c2689ed118b490e49497a76ed6a2251262018769)
|
|
(This used to be commit 865c11275685c85124b506c9bbd2a8bde2e760b9)
|
|
1. Finally work with cascaded modules with private data storage per module
2. Convert VFS API to macro calls to simplify cascading
3. Add quota support to VFS layer (prepare to NT quota support)
Patch by Stefan (metze) Metzemacher, with review of Jelmer and me
Tested in past few weeks. Documentation to new VFS API for third-party developers to follow
(This used to be commit 91984ef5caa2d13c5d52e1f535bd3bbbae1ec978)
|
|
a pstrcpy/fstrcpy or at most a safe_strcpy().
These have the advantage of being compiler-verifiable.
Get these out of the way, along with a rewrite of 'get_short_archi' in the
spoolss client and server. (This pushes around const string pointers, rather
than copied strings).
Andrew Bartlett
(This used to be commit 32fb801ddc035e8971e9911ed4b6e51892e9d1cc)
|
|
(This used to be commit 8fe5bab565cdcf498e4d0f5cca31f799d249e3b3)
|
|
(This used to be commit 36d62e5667f3b9e39362fb3907bf69697fca3ea6)
|
|
Jeremy.
(This used to be commit cfbd02b170ab7d9c5c9cc9dbab0a094faa15c518)
|
|
client requested on tconx. We now return the same error
code like NT4SP6 and W2kSP3 return.
TCONDEV is a little test for this.
Volker
(This used to be commit 6f94ab8ed50ad171f25e9538417c5074feba164d)
|
|
Jeremy.
(This used to be commit e619c50834a06b3026dc6b8603d1f88268bbdbc1)
|
|
Jeremy.
(This used to be commit 1c6ea31b8f48b93606f4c5b6a0472571dc8a471e)
|
|
- user_ok() and user_in_group() now take a list of groups, instead of
looking for the user in the members of all groups.
- The 'server_info' returned from the authentication is now kept around
- in future we won't copy the sesion key, username etc, we will just
referece them directly.
- rhosts upgraded to use the SAM if possible, otherwise fake up based on
getpwnam().
- auth_util code to deal with groups upgraded to deal with non-winbind domain
members again.
Andrew Bartlett
(This used to be commit 74b5436c75114170ce7c780c19226103d0df9060)
|
|
*sync up configure.in
*don't build torture tools in make all
*make sure to remove torture tools as part of make clean
(This used to be commit 0fb724b3216eeeb97e61ff12755ca3a31bcad6ef)
|
|
avoid sending NT_STATUS_UNSUCCESSFUL.
Andrew Bartlett
(This used to be commit 7b95151ddcb1e4abd592e72d509ec24c5d160511)
|
|
(This used to be commit 2a665ab60a07fd64665cb791e6616479f3239cbb)
|
|
(This used to be commit 58fa6bfee8ba35cc182c18c980e0a4040ddd7d09)
|
|
message :
the change in the way %U is handled to use current_user has broken
some basic usages like 'include = smb.conf.%U'
This changes fixes things again, by checking for reload after we setup
current_user in tconx.
(This used to be commit 64b2243ccd984e0d69d8bb7421d43f1f1f84b017)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
(This used to be commit 42615b945e2e48e53a21ea47f2e45407913a6a1e)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
<a.bokovoy@sam-solutions.net>.
This patch is designed to remove the 'special cases' required for this support.
In particular this now kills off winbind_initgroups, as it appears no longer to
be required.
Andrew Bartlett
(This used to be commit f1d8d509766e9169d39332559162cfec249bfc70)
|
|
Andrew Bartlett
(This used to be commit 8cac618174365825e8b1824f70cb42afbce5e500)
|
|
Jeremy.
(This used to be commit c1b97226db63daf64359e79083a4754e7c7f8054)
|
|
and constness changes.
(This used to be commit cee0ec72746122c962e6c5278a736266a7f2c424)
|
|
of the connections db on smbd startup. This should fix the Solaris large
load bug.... (fingers crossed).
Jeremy.
(This used to be commit 5b2b9c25af28543e67762805d1387524cbb6c39d)
|
|
(This used to be commit 490d3aaf20f04d04c91c4748896d7a021581a229)
|
|
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
(This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
|
|
code.
In particular this assists tpot in some of his work, becouse it provides the
connection between the authenticaion and the vuid generation.
Major Changes:
- Fully malloc'ed structures.
- Massive rework of the code so that all structures are made and destroyed
using malloc and free, rather than hanging around on the stack.
- SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them
to be declared 'invalid' without the chance that people might get ROOT by
default.
- kill off some of the "DOMAIN\user" lookups. These can be readded at a more
appropriate place (probably domain_client_validate.c) in the future. They
don't belong in session setups.
- Massive introduction of DATA_BLOB structures, particularly for passwords.
- Use NTLMSSP flags to tell the backend what its getting, rather than magic
lenghths.
- Fix winbind back up again, but tpot is redoing this soon anyway.
- Abstract much of the work in srv_netlog_nt back into auth helper functions.
This is a LARGE change, and any assistance is testing it is appriciated.
Domain logons are still broken (as far as I can tell) but other functionality
seems
intact.
Needs testing with a wide variety of MS clients.
Andrew Bartlett
(This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
|
|
In particular this commit focuses on:
Changing the Get_Pwnam code so that it can work in a const-enforced
environment.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes allow for 'const' in the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
(This used to be commit e7634f81c5116ff4addfb7e495f54b6bb78e8f77)
|
|
(This used to be commit 96f910bae510fb45e2f1181c1e3ad607a50a64d7)
|
|
Ensure make_conection() can only be called as root.
Jeremy.
(This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
|
|
(This used to be commit 7c3542ba8764be48b88255dd7f73ea6d87be10ac)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
some sainity, avoiding things like 'root preexec' when the connection would
otherwise already be denied (max connections).
This does change behaviour, but I think its for the best.
Andrew Bartlett
(This used to be commit 99e8a263ada41de2662a0290fda3dd9df3ac0cd4)
|
|
(This used to be commit 0deae6c407faa86ea871a219ad52fdd285166274)
|