Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This prints the security token including the privileges as strings
instead of just a bitmap.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The all UPPER case typedef is no longer the preferred Samba style
and this makes it easier to see that this is the IDL-derivied structure
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This common structure is defined in security.idl
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Guenther
|
|
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
|
|
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
|
|
This is the basis to implement global locks in ctdb without depending on a
shared file system. The initial goal is to make ctdb persistent transactions
deterministic without too many timeouts.
|
|
This reverts commit 53f2a1595e76db9fe1b42db65b51895b73365993.
|
|
|
|
Guenther
|
|
This was meant to support async winbind. But as the hairy parts of async
winbind (getgrent) are done without it, it can go again.
|
|
This reverts commit fb262f79fab00374023e59476e8d05a1015a7041
and related commits c36031778e1983ddb11d3e1fcab35e738dbf94bc
72fd5fa6bb78a054fad5e5ebe19a0c0387a7d45b and
38cd0e086f50ce54d88a19aa5a6803469af90489
This change caused more trouble than it solved. We need to do this differently.
Reverting so we don't accidently release this.
|
|
Attention:
The meaning of the -N flag changed.
To get the old meaning for net groupmap set, use the long option --ntname
The long option for using kerberos changed from --kerberos to --use-kerberos
net rpc commands will now prompt for a password if none is given.
As a benefit, net will now accept an authentication file like other samba
command line tools. So no need to specify the password on the command line in
scripts anymore.
This should fix bug #6357
Signed-off-by: Kai Blin <kai@samba.org>
|
|
This allows to dump a native (non-wrapped) win32 *.evt eventlog file.
Guenther
|
|
This adds a lua command line interpreter with some sample code how to build
your own data types based on our internal data types.
Not meant as the final word, but as a playground for experiments for people.
Might be removed later when we find this turns out to be too awkward.
|
|
Guenther
|
|
Guenther
|
|
|
|
(This used to be commit 0f77746f36b98acc5171727fa3fc236af9fd2000)
|
|
(This used to be commit 850166ec0d17eb85a0c921dc3b966fac0677af4a)
|
|
Guenther
(This used to be commit ee6e422c0e035aa4779fa718bb6f142827cc2de0)
|
|
Guenther
(This used to be commit bcc6d3a0ebdcb904b5a2a4de63d9ed7415e9bb33)
|
|
(This used to be commit bb7c5fc4ec77db4073d3beccf12af12910b6bd07)
|
|
(This used to be commit 428b56863c3963ecd041b8398d5683c92fa64307)
|
|
(This used to be commit 7a2364518c4200befb419f2bcbf3afd425fd7a6f)
|
|
(This used to be commit 64e3dc63966ecf216b354263e4bd5dfd1491abcc)
|
|
(This used to be commit de0e15b35ea46cfcdd82f45eb3329c44d7aacb90)
|
|
(This used to be commit ba1108f06ae5860c8f418dc383b027068780abf9)
|
|
(This used to be commit 73fb5f392dbc1966ec34217e39d565200e071aaf)
|
|
(This used to be commit f7d0903a58b0b0fc248a613937a101f15baa5311)
|
|
(This used to be commit d26681b169a533f838f74d48af072b57afc9f8df)
|
|
(This used to be commit 2ee3d1aefab8dada5bd05a92b72776554617b7f9)
|
|
(This used to be commit 25d4c6f692cf50d675a1de7c6eaeed271f349289)
|
|
(This used to be commit 3f10527f79dddff703d31588cad3e9f37176565b)
|
|
(This used to be commit 0f5ebdf0bc5610bf93a4db67c9f9513683306c66)
|
|
(This used to be commit 84a116be9c849900678e6e0a4b012e819e697c78)
|
|
(This used to be commit 3ddd9c09e3b51df01ac34a9a1537e8954d2b1167)
|
|
(This used to be commit 4ca08a5acc90c77d56f8f3e38443f23f43f034e8)
|
|
(This used to be commit d0237a736858a48494583ce7f960ea980768aa6c)
|
|
(This used to be commit efc863e3758501a4c62dc9762eb0aded2dad01ff)
|
|
Michael
(This used to be commit 673b24052a6864579683e9adb56522a12447abca)
|