Age | Commit message (Collapse) | Author | Files | Lines |
|
session setup, it would not correctly pick up the [homes] share on a subsequent
session setup.
The new rules are: If you want to connect to [homes], then it must have been
available at session setup time, or you must be in security=share. At each
session setup, the user's copy of [homes] is updated to ensure it has the right
path etc.
Andrew Bartlett
(This used to be commit 5d2c7816a3ea02a67c5b501626d91d43557e9dd9)
|
|
add also hide unwriteable as per user request
(This used to be commit e6b38a881b67af5365f84e52f9cd6dcfec82bf2f)
|
|
patches:
Andrew Bartlett
From his e-mail:
Below I attach the following patches as a result of my work
on trusted domains support:
1) srv_samr_nt.c.diff
This fixes a bug which caused to return null string as
the first entry of enumerated accounts list (no matter what
entry, it was always null string and rid) and possibly
spoiled further names, depeding on their length.
I found that while testing my 'net rpc trustdom list'
against nt servers and samba server.
2) libsmb.diff
Now, fallback to anonymous connection works correctly.
3) smbpasswd.c.diff
Just a little fix which actually allows one to create
a trusting domain account using smbpasswd
4) typos.diff
As the name suggests, it's just a few typos fix :)
(This used to be commit 888d595fab4f6b28318b743f47378cb7ca35d479)
|
|
Andrew Bartlett
(This used to be commit 2febc7ce1aa6b01ec68bd007ce0286813dff301d)
|
|
have become_root()/unbecome_root() wrappers.
(this should be the last of them, the rest were done ages ago).
Andrew Bartlett
(This used to be commit 83360b211a7e834306d3e549c18bc41576534417)
|
|
(This used to be commit 0229f610a8cf9e82618cc6850a431ac89ffc7630)
|
|
(This used to be commit 993ee671cc11a95d0d0aa6d60883e03bb473290d)
|
|
Andrew Bartlett
(This used to be commit 6465c6727be15cd2e915710bdc3e2f4244ad2083)
|
|
I don't like the idea of muliple netprots - becouse I see potential problems
with people being able to maniplate internal samba variables.
This applies in particular to remote names, so don't allow muliple session
requests either.
Also remove a pstrcpy() from the tcon code, we really don't need it.
Andrew Bartlett
(This used to be commit 2afa291404cfd8dae11120e5e470c38ba067c4b2)
|
|
I'm not sure that we need that "dummy" talloc init, but anyway...
Also, add some 'const' to the table of smb reply functions.
Andrew Bartlett
(This used to be commit 790b7c9ab82f930da66426e7a932d7365bd27725)
|
|
This is for two things: To allow panic actions etc to pump out backtraces to
stderr and to allow vangrind to put its stuff in a logfile - making it possible
to debug smbd when launched from inetd.
I've also cleaned up some of the duplicate names in procedures between smbd and
nmbd.
Andrew Bartlett
(This used to be commit 4bcb32731984b4aef1d4911a168a4e7a10d32fd4)
|
|
As noticed by Lev Iserovich <lev@ciprico.com> this seems to fix a problem
with oplock breaks and Win2k, and we are protected from problems by existing
code in trans2.c and nttrans.c
Jeremy.
(This used to be commit e3f7d6c03f100962395763a5066313d60b4761d0)
|
|
Jeremy.
(This used to be commit beb298898d5700dcd775ee3b1f1965e67214e9e5)
|
|
Jeremy.
(This used to be commit 3a9ceb6b3b915d3153d9cb107f447b13002c0f57)
|
|
(This used to be commit e3b3c148208792ac2ccbfd468ad580b1264f9876)
|
|
may be shorter than 6 chars. Caught by valgrind.
Jeremy.
(This used to be commit b846bbfa831922b0be52e54804a46d7870895bfc)
|
|
Jeremy.
(This used to be commit 44410af397c386f58067679012856150b07b47e8)
|
|
queueid in job number. This means we must have an internal tdb to store
mapping from 16 bit RAP jobid's to 32 bit RPC jobids.
Jeremy.
(This used to be commit 4ff64f69706cc94d5dba7762754d00790c476963)
|
|
Jeremy.
(This used to be commit 2b06fd305be10fa8a8629adb4a99ccd3960786da)
|
|
(This used to be commit 67a3ca2f235e011472dbe505ce7c34b26f92c44c)
|
|
(This used to be commit 61c524e8102d4f5cdcf7c949b55b5dc67a320c74)
|
|
effective gid which could mean that the user gets group 0 in their
group list for acl interpretation
this is a replacement fix for the one richard did in 2.2 (which didn't
cope wiith variable behaviour depending on which nss module was in
use)
(This used to be commit cfc5ca3416cea5ea5d2ac34f5521cb6367e42cd2)
|
|
This could do with another eye looking over it, but it seems to work.
Andrew Bartlett
(This used to be commit e6746db60daa4a61a3ed4302e4105345984af6ac)
|
|
* DeletePrinterDriverEx() now has the ability to delete
driver files. I need to do some more testing
tro veriofy that we are in fact not deleting a file out from
under another driver, but it looks ok so far.
* DeletePrinterDriver() noiw deletes all versions of the
specified driver (cversion == 0, 1, 2, 3)
(This used to be commit 17bb780e1327663fa2fcd6a3cb25dd461a29c537)
|
|
a separate tdb per printer, but only keeps (currently one) tdb open at
a time (although this is easily changed by changing a #define). Needs
scalability testing with large numbers of printers now....
Jeremy.
(This used to be commit b0909cfa14fc7ef29d2b98b56d52723570da782a)
|
|
(This used to be commit 1de04ec4735c19ec21cdef6e679cea17c734c5f6)
|
|
(This used to be commit 3d2f0635ed060fca0fa97c97ef850e57641aef19)
|
|
Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a
function to make the SID types appear as text strings in logs/rpcclient.
Also, remove a silly case that would cause 'failure' to be 'success'. (Might
look at this a bit more in future).
Andrew Bartlett
(This used to be commit c20d057f8821d13d3de61b319de44db23773516b)
|
|
Jeremy.
(This used to be commit aad40894404d000b925024e2f63977f87ecb5a6b)
|
|
(This used to be commit 06529c0433bf75790aad27dd3cecf7005612c694)
|
|
via regedt32.exe. The regsitry.tdb is only a framework. It is not
intended to store values, only key/subkey structure. The data
will be retrieved from nt*tdb (for printers) creating a virtual view
of the data.
You can currently connect to a Samba box using regedt32.exe (haven't
tried regedit.exe). Some basic keys are created in registry.tdb
for use.
There are two problems....
* something is getting freed in the winreg code that causes heap
corruption later on. As long as you don't play with the winreg
server functionality, I don't think you'll be bitten by this.
* no access controls are currently implemented
* I can't browse HKLM because regedt32 greys out the SYSTEM subkey.
ok so that was three....
(This used to be commit 542d3c93a998083c07b2afa91a7c927c376caf54)
|
|
Went through and checked all string_subs I could to ensure they're being
used correctly.
Jeremy.
(This used to be commit 17cae0d683be404be69554cd0e84117bdcc56c87)
|
|
code
(This used to be commit 91ad9041e9507d36eb3f40c23c5d4df61f139ef0)
|
|
to a tdb per-queue for scalability.
Jeremy.
(This used to be commit e808eb2758ff4ad1eed7b50a02865b87ba0c068e)
|
|
to a Samba print server running HEAD in a while. This has been broken
since tridge's changes to make_connection() to not do the chdir()
to the connect_path. Sorry it took me so long to get around to fixing it.
The problem occured with our internal use of make_connection().
jerry
(This used to be commit b5bc8aa0f68ceebfb5c0ec15ff93b0172cec36d8)
|
|
(This used to be commit 4a7813711130625598e0ffe92e7938890b818d2f)
|
|
few more places to use it.
Andrew Bartlett
(This used to be commit 23689b0746d5ab030d8693abf71dd2e80ec1d7c7)
|
|
now supported in HEAD.
Jeremy.
(This used to be commit 082c5c084ef870709d3046f580eef597bb2aeef3)
|
|
Andrew Bartlett
(This used to be commit 5c0e4ecfaf9bf7e6e799dceeb275b5db2d4142dd)
|
|
Replaced with "unsigned int".
Jeremy.
(This used to be commit 5841ca54b6a8c36f3d76c12570ff8f2211ed2363)
|
|
(This used to be commit a905b5f49db6a12c9a562e1d5e3981dc3525fd27)
|
|
Added an auth_user field which denotes whether the api call can be made
anonymously. In combination with lp_restrict_anonymous() this can
decrease the amount of information that can be retrieved anonymously.
So far NetShareEnum, NetSessionEnum, NetGroupEnum, NetGroupGetUsers,
NetUserEnum, PrintQEnum, NetFileEnum cannot be called anonymously.
SamOEMChangePassword and NetServerEnum can be called anonymously.
All other functions can be called anonymously until it can be proven
that they can't to avoid breaking anything.
(This used to be commit ead6ab9602640aca5d1d8ac336f3a129f9466159)
|
|
(This used to be commit 29874f4b8fecdc7cbd84d656dafce54cca49e0b1)
|
|
and we seem to have eliminated the segfault.
Unfortunetly I'm still at a bit of a loss as to why it did segfault, but
the patch is correct in any case.
Andrew Bartlett
(This used to be commit 70c16188c7a267f9f3f8de0b6830f66c9e68a2c7)
|
|
The aim of this execise is to give the 'security>=user' code a straight paper
path. Security=share will sill call authorise_login(), but otherwise we avoid
that mess.
This allow *much* more accurate error code reporting, beocuse we don't start
pretending that we can use the (nonexistant) password etc.
Also in this patch is code to create the 'homes' share at session setup time
(as we have done in the past - been broken recently) and to record this on
the user's vuser struct for later reference. The changes here should also
allow for much better use of %H (some more changes to come here).
The service.c changes move a lot of code around, but are not as drastric
as they look...
(Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not
'*total_entries' was compared).
This code is needs testing, but passes my basic tests.
I expect we have lost some functionality, but the stuff I had expected
to loose was already broken before I started. In particular, we don't 'fall
back' to guest if the user cannot access a share (for security=user). If you
want this kind of stuff then you really want security=share anyway.
Andrew Bartlett
(This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
|
|
and renamed to str_list_* as it is a better name.
Elrond should be satisfied now :)
(This used to be commit 4ae260adb9505384fcccfb4c9929cb60a45f2e84)
|
|
Jeremy.
(This used to be commit 1712a7b34a73ad89965961c0db4dd198d6b257c6)
|
|
Jeremy.
(This used to be commit 5e2571f424a40df4d67fe279517a9b21184b78e1)
|
|
we leave the gid alone.
Jeremy.
(This used to be commit 3f72910cf954b127c0cc06d6616ca2b8cd0d41ad)
|
|
initialising function. This patch thanks to the work of
"Stefan (metze) Metzmacher" <metze@metzemix.de>
This is partly to enable the transition to SIDs in the the passdb.
Andrew Bartlett
(This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
|