Age | Commit message (Collapse) | Author | Files | Lines |
|
change chain was broken.
Guenther
|
|
This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75.
Ooops, this should not have been committed.
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
This shrinks the memory footprint of an idle client by 5592 bytes to 60 bytes
on my 32-bit box.
|
|
Same comment as in baa6084378e530b: This is just a preparatory checkin.
Volker
|
|
|
|
|
|
|
|
|
|
|
|
In itself, this is pretty pointless. But in the next steps I'll convert the
winbind internal communication to wb_reqtrans which allocates the request
properly. This minimizes the later diff.
Volker
|
|
When we run out of file descriptors for some reason, every new
connection forks a child that immediately panics causing smbd to
coredump. This seems unnecessarily harsh; with this code change we
now catch that error and merely log a message about it and exit
without the core dump.
Signed-off-by: Tim Prouty <tprouty@samba.org>
|
|
trusted domains
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
|
|
|
|
Jeremy.
|
|
lp_use_kerberos_keytab parameter.
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum. Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab
For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only
The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.
The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode. This keytab is only used in
ads_verify_ticket.
|
|
metze
|
|
triggered now
metze
|
|
And always setup the fd events.
metze
|
|
Jeremy.
|
|
Signed-off-by: Bo Yang <boyang@novell.com>
|
|
Jeremy.
|
|
|
|
Jeremy.
|
|
in a forked child.
Jeremy.
|
|
metze
|
|
cancel_named_event() is stupid by design and also only cancels
one single event.
metze
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
reinit_after_fork() already calls messaging_reinit()
metze
|
|
keytab.
Guenther
|
|
Jeremy.
|
|
|
|
"rescan_trusted_domain".
From analysis by hargagan <shargagan@novell.com> :
"The winbindd_child_died() is also getting called from process_loop() in case of
SIGCHLD signal. In this case it doesn't make the timeout_handler to NULL for
the first request. It then initiate a new request using
schedule_async_request() which installs a new timeout handler for the same
request. In such a case, for a badly unresponsive system both the timeout
handler can be called. For the first call the "private_data" will be cleared
and for another call the timeout handler will be detecting the double free. So,
for such a case as well, the winbindd_child_died() should make the
timeout_handler to NULL."
Jeremy.
|
|
|
|
patch from shargagan@novell.com
Jeremy.
|
|
The scanner did not figure out that we always have a primary domain, so it
complained about us potentially passing a NULL pointer down to
set_domain_online_request() where it is dereferenced.
Make the code a bit clearer.
(This used to be commit e6e8d108f95ed974f98f3f57adcfbbde4e00fad9)
|
|
Guenther
(This used to be commit 543dfdc1cf6baf60bffc23c6aebc542fd58d2d2e)
|
|
(This used to be commit 79103000b13c95325534db749a0da638a3eb1807)
|
|
(This used to be commit 5314f06dcdf14ce5e038a03a3e4dfded227bd00c)
|
|
Guenther
(This used to be commit 15b72d44cbde0b8a375d8ed3d045c40ae97ec05a)
|
|
(This used to be commit 30a180f2fce8cf6a3e5548f6bba453272ba70b33)
|
|
When SIGCHLD handling is delayed for some reason, sending a request to a child
can fail early because the child has died already. In this case
async_main_request_sent() directly called the continuation function without
properly removing the malfunctioning child process and the requests in the
queue. The next request would then crash in the DLIST_ADD_END() in
async_request() because the request pending for the child had been
talloc_free()'ed and yet still was referenced in the list.
This one is *old*...
Volker
(cherry picked from commit 8691709626b0d461de91b8fc9d10c730d1f183dd)
(This used to be commit c70e2b6476d2d99c79624e15a4a3cfcdc850fc7c)
|
|
In reloading the smb.conf, if a "log file" is specified in smb.conf,
winbind children will overwrite the logfile name to be the same as the
parent.
Jeremy.
(This used to be commit 62d319cc1a2ef891866b2ddbd22f3ed0944356af)
|