Age | Commit message (Collapse) | Author | Files | Lines |
|
Based on Volker's original code.
(cherry picked from commit 5b5ef7f20d34f4c6c1d3d02530ac7b13e051c960)
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Sep 8 21:29:53 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Sep 8 15:08:43 CEST 2011 on sn-devel-104
|
|
|
|
metze
|
|
Despite the name, in winbind offline logon mode, this is a database
that contains valuable information and should not be cleared.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Sep 7 21:17:37 CEST 2011 on sn-devel-104
|
|
this is needed to allocate gids for BUILTIN\Users and
BUILTIN\Administrators
gids are stored at the start of the first domain
as RIDs start with values over 500, we have some room there
so we do not need to allocate a range
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Sep 7 15:15:09 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Sep 6 20:03:56 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Aug 31 14:27:31 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
|
|
The create_pipe_sock() function should only create the socket as the
name states and not start to listen on it too. We should start to listen
on in the individual places as we need different backlog values.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Aug 29 13:21:43 CEST 2011 on sn-devel-104
|
|
This fixes a race condition that leads to the winbindd_children list becoming
corrupted. It happens when on a busy winbind SIGCHLD is a bit late.
Imagine a winbind with multiple requests in the queue for a single child. Child
dies, and before the SIGCHLD handler is called we find the socket to be dead.
wb_child_request_done is called, receiving an error from wb_simple_trans_recv.
It closes the socket. Then immediately the wb_child_request_trigger will do
another fork_domain_child before the signal handler is called. This means that
we do another fork_domain_child, we have child->sock==-1 at this point.
fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time
where the child is already part of that list. This corrupts the list. Then the
signal handler kicks in, spinning in
for (child = winbindd_children; child != NULL; child = child->next) {
forever. Not good. This patch makes sure that both conditions (sock==-1 and not
part of the list) for a winbindd_child struct match up.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 26 18:51:24 CEST 2011 on sn-devel-104
|
|
|
|
Counterpart for last checkin. A lot less likely, but not impossible in a child.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 26 13:14:27 CEST 2011 on sn-devel-104
|
|
I've seen
[2011/08/26 01:44:10.872057, 1] winbindd/winbindd_dual.c:1336(fork_domain_child)
fork_domain_child: Could not read child status: nread=-1, error=Interrupted system call
on a customer box. Not good.
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Aug 25 15:15:57 CEST 2011 on sn-devel-104
|
|
talloc_traverse_dict will return with -1 in case of an error and
might return positive values that indicate the count of found
entries
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Aug 24 18:09:11 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
aa3f10c was not complete in the sense that it did not fully cover some
conditions that led to invalid domains in the winbind parent
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 17 13:59:06 CEST 2011 on sn-devel-104
|
|
|
|
This has been broken since ff0ac5b0 (May 2007).
Basically all messages were belonging to the General class except for CTDB
messages.
This fixed the message_send_all() function to correctly compute the class, and
fixes registrations to include all they need to cope with the fact not all
messages are of calss general (registrations rotted a bit because as long as
FLAG_MSG_GENERAL was defined the process woould receive all messages).
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
with NULL
this fixes the fallback to the deprecated spelling idmap:script
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Aug 10 14:59:32 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
|
|
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
|
|
|
|
the 'pdb' name is builtin to the passdb module loading code as a fixed
string. We need to call the subsystem pdb so that external passdb
modules end up in bin/modules/pdb/ where they can be found by the
Samba3 module loader
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
In ancient times, when ctdb had not support for persistent databases and
tdb2 was introduced as a two-layer solution and it was more important than
today to be able to change the location of the permanent database file
because it had to reside on shared storage.
But these were times when idmap_tdb2 was not even officially released.
Nowadays, with ctdb handling the persistent idmap2.tdb database, the path
is stripped anyways, so this undocumented option has become unnecessary
and is hence removed.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Jul 27 05:37:57 CEST 2011 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
: script" instead
With this patch, "idmap config * : script" will override "idmap : script".
If "idmap : script" is present, a deprecation warning will be printed in any
case. If "idmap config * : script" is not set, then the value of "idmap :script"
will be used for backwards compatibility.
|
|
Winbind can't really cope with trusts that don't have a SID associated. This
happens with external MIT trusts for example. This filters them out when
sending the trust list from child to parent.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Jul 26 11:39:53 CEST 2011 on sn-devel-104
|
|
The should have the same value.
metze
|
|
metze
|
|
If we got a connection, we don't need to check what
address family it uses.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jul 21 23:33:48 CEST 2011 on sn-devel-104
|
|
This makes sure cli_state->src_ss and cli_state->dest_ss are always
initialized.
metze
|
|
fixes a compiler warning
|
|
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The --log-stdout option was compromised by the log file descriptors being
closed once the file process forked.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jul 11 19:31:14 CEST 2011 on sn-devel-104
|
|
metze
|