| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Apr 17 11:54:35 CEST 2012 on sn-devel-104
|
|
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.
The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok. This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server
At the same time, this closes the door on one of the most arcane areas
of Samba authentication.
Naturally, full user-name/password authentication remain available in
security=user and above.
This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.
Andrew Bartlett
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| SEC_SHARE |
| security=share |
| |
| |
| 5 March |
| |
| 2012 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
|
|
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
All callers to messaging_[re]init only used procid_self()
|
|
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
|
|
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
|
|
|
|
TDB2 returns a negative error number on failure. This is compatible
if we always check for < 0 instead of == -1.
Also, there's no tdb_traverse_read in TDB2: we don't try to make
traverse reliable any more, so there are no write locks anyway.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Guenther
|
|
Will later become part of locking.h
Guenther
|
|
Guenther
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Mar 2 12:58:12 CET 2011 on sn-devel-104
|
|
This change improves the setup_logging() API so that callers which
wish to set up logging to stderr can simply ask for it, rather than
directly modify the dbf global variable.
Andrew Bartlett
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open
without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt
this is still safe to use as if opening an existing tdb the new
hash will be ignored - it's only used on creating a new tdb not
opening an old one.
Jeremy.
|
|
Guenther
|
|
|
|
|
|
In a cluster, this makes a large difference: For r/w traverse, we have to do a
fetch_locked on every record which for most users of connections_forall is just
overkill.
|
|
We only require a ctdb connection when clustering is enabled. This limits the
restriction for only-root smbstatus to the clustering case.
|
|
|
|
|
|
Should make Solaris 10 builds look cleaner.
Jeremy.
|
|
|
|
version.h changes rather frequently. Since it is included via includes.h,
this means each C file will be a cache miss. This applies to the following
situations:
* When building a new package with a new Samba version
* building in a git branch after calling mkversion.sh
after a new commit (i.e. virtually always)
This patch improves the situation in the following way:
* remove inlude "version.h" from includes.h
* Use samba_version_string() instead of SAMBA_VERSION_STRING
in files that use no other macro from version.h instead of
SAMBA_VERSION_STRING.
* explicitly include "version.h" in those files that use more
macros from "version.h" than just SAMBA_VERSION_STRING.
Michael
|
|
(This used to be commit f91a3e0f7b7737c1d0667cd961ea950e2b93e592)
|
|
(This used to be commit 5fd51833a31b326d83ac2f76d06560920547f657)
|
|
(This used to be commit c4f7bee9238db536a7d5215cebb0bf37f757dfad)
|
|
This is needed to inform ctdb that it's not a persistent database, with the
O_RDONLY the tdb backend ignores this.
Merge from 491f902098d33f in 3-0-ctdb
(This used to be commit 065938ccb7bb0052746267c433637f0e05b95d85)
|
|
them with malloc'ing accessor functions. Should save a
lot of static space :-).
Jeremy.
(This used to be commit 52dc5eaef2106015b3a8b659e818bdb15ad94b05)
|
|
locking.c:open_read_only was unused
don't export the silly boolean flag locking_init(bool read_only)
(This used to be commit 2f3c865707010bc7c463a02782dbee3dc2479da1)
|
|
Thanks to Steve Langasek <vorlon@debian.org>
(This used to be commit 67328bd27b1e881a4bcdd5160133afa9a267eaac)
|
|
where we meant int. Fix this. Thanks to metze for
pointing this out.
Jeremy.
(This used to be commit 793a9d24a163cb6cf5a3a0aa5ae30e9f8cf4744a)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
This removes file_id_string_static and file_id_string_static2
(This used to be commit 638c848c9afe374feb30e34c494f89b2a6c64f7b)
|
|
Rewrite main() so as to exit only at a single point
where the stack frame is freed, too.
Michael
(This used to be commit dbe38995ec6d2251562a3b10e750bbd681008e16)
|
|
metze
(This used to be commit 4c21ebae95f7c07bdde55a9d686af044f2effba4)
|
|
brlocks from the share_mode db, as the same fileid
is used.
metze
(This used to be commit 8cccf470cbce87618753bc205a0c9cac1edf4d9c)
|
|
don't display dead share mode entries in smbstatus
metze
(This used to be commit b52bb1e1556d2f4c2bfbd21e12782420bc26a029)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
I'm 100% certain I've forgotten to merge something, but the main code
should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and
messages_ctdbd.c.
There should be no changes to the non-cluster case, it does survive make
test on my laptop.
It survives some very basic tests with ctdbd enables, I did not do the
full test suite for clusters yet.
Phew...
Volker
(This used to be commit 15553d6327a3aecdd2b0b94a3656d04bf4106323)
|
|
(This used to be commit 201c8952a812fe0c9be95a71fbc55c12ba8daa55)
|
|
(This used to be commit c91b2bdc160d76bf0b0770fe7f92cbc7124d6c3c)
|
|
This replaces the internal explicit dev/ino file id representation by a
"struct file_id". This is necessary as cluster file systems and NFS
don't necessarily assign the same device number to the shared file
system. With this structure in place we can now easily add different
schemes to map a file to a unique 64-bit device node.
Jeremy, you might note that I did not change the external interface of
smb_share_modes.c.
Volker
(This used to be commit 9b10dbbd5de8813fc15ebbb6be9b18010ffe8139)
|
|
(This used to be commit 80a1f43825063bbbda896175d99700ede5a4757a)
|
|
connections_traverse
and connections_forall. This centralizes all the routines that did individual
tdb_open("connections.tdb") and direct tdb_traverse.
Volker
(This used to be commit e43e94cda1ad8876b3cb5d1129080b57fa6ec214)
|
|
server_id' instead of a 'uint32 pid'
(This used to be commit be7bac55c37676a8137c59a22dfb2e4c4821ac21)
|
