Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 7fc61f5a63c982cfd0fbe1838979ba7be8f69fca)
|
|
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
(This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
|
|
specified once in an ACL, so it can be allocated a second time,
overwriting the first
(This used to be commit 1804a8a01ebf3353574a2c5b26a1746b34715737)
|
|
(This used to be commit 1899d8ea283845141b24d91d230248009744fe1a)
|
|
(This used to be commit 32364d8f01c75bd00ee1bef49c687d6dd3299d1f)
|
|
(This used to be commit 655fb66b289bdd19c4432eea00fac935184f25c9)
|
|
(This used to be commit a197b8c5cb02c8a5fac3882e7b76bcd7abb0279c)
|
|
(This used to be commit dbc0ff5544f2d15b1d1bc41319c76274b79d92b4)
|
|
(This used to be commit cf36f5949f8ac5ea020fcaa796ad92852df25ae7)
|
|
sstring_sub().
(This used to be commit 6ff849f35ae3394d6557f79c73b0fe54fbb86d0f)
|
|
Need to go back and correct the assumption that an "ldap xxx suffix"
parm must have an OU.
(This used to be commit 2d7ba11ffbe17af12257a91638be95d09c0c34c5)
|
|
Guenther
(This used to be commit ade86cc787e266850fee982b008a9caf2c8ed7e7)
|
|
make it cleaner. There's still more to do on this...
(This used to be commit f75dad0325aec93cc604ddfbef40d29979d07275)
|
|
(This used to be commit 1df58c7a00b00242ee3eda09de92335d5dabe9c4)
|
|
(This used to be commit db00570535c03360bb2833f070878a33e94306b0)
|
|
(This used to be commit 121a350b92dafec8f171a54f4b897c7f81757dd1)
|
|
Jeremy.
(This used to be commit 88dd4ab48127bb08fdeb0b5c236020e0b910f0d8)
|
|
(This used to be commit d8e69c18e0d34c99525080b3afaf2778be3a5ec2)
|
|
Guenther
(This used to be commit 0167b6cca80492d8a076da0497d24089f78587dc)
|
|
users/workstations
(This used to be commit 2690f015be1f7eb9802f652810e73ff5f5688304)
|
|
net rpc vampire is ugly....
Volker
(This used to be commit c1ea48949d2692c839f6ced68165cabd76b580ea)
|
|
(This used to be commit 9fe21fd0326e67a4b1006d2b4a24e39e2d57d796)
|
|
Jeremy, you might want to take a look here.
Volker
(This used to be commit e6e29937e8ccfc84afca0ee440bd3f10a7d10e8a)
|
|
(This used to be commit bb6d678575faac050376607a5c778b8a10805061)
|
|
(This used to be commit 217d3fbe7923115ae610a39e586ceb93df7683f5)
|
|
Fix machine accounts (should not have valid shells) and users with no
home directory (were getting previous user's directory).
(This used to be commit f629f8a7b972f09fe959c68843b9cd5a03abfc76)
|
|
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
|
|
Guenther
(This used to be commit 0ae3fddf95a95ec8a2f4d52e1276c1721b33ddfd)
|
|
affinity cache.
Guenther
(This used to be commit b8c07babbd22832132da8f70026aa1816983bc38)
|
|
(This used to be commit ab62c8d93acb432678e301e57aeb86887913ebe6)
|
|
(This used to be commit 705d8118081784e9907648fd1daaaa5ec0285972)
|
|
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
|
|
smbcontrol was sending messages designated for nmbd and winbindd to smbd. Thus, nmbd and winbindd
were "unshutdownable".
(This used to be commit 52e9b5f89f4889ad97a049eade4957fb15f7b8a5)
|
|
* ignore the primary group SID attribute from struct samu*
* generate the primary group SID strictlky from the Unix
primary group when dealing with passdb users
* Fix memory leak in original patch caused by failing to free a
talloc *
* add wrapper around samu_set_unix() to prevent exposing the create
BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix()
(This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84)
|
|
(This used to be commit 48cd81074e5a7cbba5892eedd62fff4ce0d826b5)
|
|
not to, cope with a server that doesn't offer schannel also.
Jeremy
(This used to be commit 68005f6bdb70883eace0d9067c76c3360a803023)
|
|
against server with schannel disabled. Second part
will come tomorrow (fixing net_rpc_join_ok()).
Jeremy.
(This used to be commit 7de1ee18619bf99c5db45692e085d0646e52378f)
|
|
Fix from Richard Bollinger <rabollinger@gmail.com>.
Jeremy.
(This used to be commit 02da5189f1c2a07a7ac02cf51e23782f70829f34)
|
|
Jeremy.
(This used to be commit cd821079893dc6ff486d0c5f0bd756e78caa4e89)
|
|
* replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix()
(This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f)
|
|
Volker
(This used to be commit 4cf5109c7a1355f0adb42891ff490f03ae677347)
|
|
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
|
|
macro which sets the freed pointer to NULL.
(This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
|
|
Jeremy.
(This used to be commit ea82958349a57ef4b7ce9638eec5f1388b0fba2a)
|
|
a node status on all IP's when requested.
Jeremy.
(This used to be commit 1fcac478cb5ba432282612fbb785caaed4d2f9b8)
|
|
(This used to be commit 5db7e9a42ab27871891be8a1314c32e13620da36)
|
|
(This used to be commit e00505cc942dd5cf755aa6b5d2f565eeff95629e)
|
|
time in the code.
Even if we now have an additional if statement after the free I prefer
this solution in opposite to the duplicated code we had before.
(This used to be commit 4272419b1146b1c03e070655f3a31d027c00ad20)
|
|
This fixes bug #1386.
The initial changes had been made by Carsten Höger <choeger at
open-xhange dot com> for Samba 2.2 while being at SuSE. *sigh*
To not duplicate code from smbpasswd in pdbedit stdin_new_passwd() and
get_pass() are moved from smbpasswd to utils/passwd_util.c.
(This used to be commit dbdc5ba497c6010dbad47c9d77fc8bec5557a328)
|
|
(This used to be commit d0efb435e51ee4d5454b55aee1596355ecc4a2c6)
|