Age | Commit message (Collapse) | Author | Files | Lines |
|
This fixes bug #8608.
If you join samba with idmap_ad backend to an AD. When you try to
enumerate users with 'getent passwd' and the user doesn't have a uid
set, then getent is aborted cause of NT_STATUS_NONE_MAPPED. If we can't
map a user we should not stop but continue enumerating users.
This normally happens with the default user 'krbtgt' with idmap_ad but
could also happen with other backends.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Nov 15 16:52:04 CET 2011 on sn-devel-104
|
|
|
|
Guenther
|
|
metze
|
|
Fix confirmed by reporter.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 28 23:04:47 CEST 2011 on sn-devel-104
|
|
This is to provide a cleaner namespace in the public samba plugin
functions.
Andrew Bartlett
|
|
Change some misleading variable names to reflect the actual function.
Add missing field name/types previously marked as unkown.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
|
|
this is needed to allocate gids for BUILTIN\Users and
BUILTIN\Administrators and for local users/group that
admins might want to create
autorid will now allocate one range for this purpose
and can so give out as many uids and gids as the
configured rangesize allows
|
|
we will need some more HWM soon, so move out initialization and
optimize the logic using the new interface of dbwrap_fetch_uint32
|
|
this prepares for allocation of non-domain ranges that cannot be
expressed by a SID (e.g. an allocation pool)
|
|
commit 355b5e3a831415d9bef97 changed the module system to
expect 'samba_init_module' as fixed initializer function
|
|
This reverts commit 0aa558718ad7427ee8b02046da73eea1838a5a32.
just having 500 uid/gids values is not good enough for
users using local users and groups in the order of thousands
better solution which will use a complete range for allocated
uids/gids will come next.
|
|
This interface needs to be publicly available, unid_t here is not really useful
and makes it harder to use it as unid_t is not a public union.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104
|
|
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Found and fix reported by Micha Lenk <micha@lenk.info>. Thanks !
|
|
for consistency and better error propagation
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Oct 11 15:51:00 CEST 2011 on sn-devel-104
|
|
for consistency and better error propagation
|
|
bool)
for consistency and better error propagation
|
|
Return the int32 value retrieved from the db by reference.
Before this, return value "-1" was used as a error indication,
but it could also be a valid value from the database.
|
|
The initialization code user int32, later writes used uint32...
|
|
The initialization code user int32, later writes used uint32...
|
|
|
|
idmap_autorid_db_init()
|
|
Avoid direct use of the db_record and db_context structs.
|
|
dbwrap_fetch_bystring_upper() to NTSTATUS
|
|
this allows the s3 code to understand and cache responses from the s4
winbindd which may include a single SID mapped to both a uid and a gid
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Sep 23 01:47:54 CEST 2011 on sn-devel-104
|
|
metze
|
|
If you're going to move winbindd_cache.tdb to the state_path, do it *everywhere*.
Found by Ira Cooper <ira@wakeful.net>.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Sep 15 00:43:04 CEST 2011 on sn-devel-104
|
|
We should return the same in all places.
metze
|
|
metze
|
|
Based on Volker's original code.
(cherry picked from commit 5b5ef7f20d34f4c6c1d3d02530ac7b13e051c960)
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Sep 8 21:29:53 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Sep 8 15:08:43 CEST 2011 on sn-devel-104
|
|
|
|
metze
|
|
Despite the name, in winbind offline logon mode, this is a database
that contains valuable information and should not be cleared.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Sep 7 21:17:37 CEST 2011 on sn-devel-104
|
|
this is needed to allocate gids for BUILTIN\Users and
BUILTIN\Administrators
gids are stored at the start of the first domain
as RIDs start with values over 500, we have some room there
so we do not need to allocate a range
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Sep 7 15:15:09 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Sep 6 20:03:56 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Aug 31 14:27:31 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
|
|
The create_pipe_sock() function should only create the socket as the
name states and not start to listen on it too. We should start to listen
on in the individual places as we need different backlog values.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Aug 29 13:21:43 CEST 2011 on sn-devel-104
|
|
This fixes a race condition that leads to the winbindd_children list becoming
corrupted. It happens when on a busy winbind SIGCHLD is a bit late.
Imagine a winbind with multiple requests in the queue for a single child. Child
dies, and before the SIGCHLD handler is called we find the socket to be dead.
wb_child_request_done is called, receiving an error from wb_simple_trans_recv.
It closes the socket. Then immediately the wb_child_request_trigger will do
another fork_domain_child before the signal handler is called. This means that
we do another fork_domain_child, we have child->sock==-1 at this point.
fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time
where the child is already part of that list. This corrupts the list. Then the
signal handler kicks in, spinning in
for (child = winbindd_children; child != NULL; child = child->next) {
forever. Not good. This patch makes sure that both conditions (sock==-1 and not
part of the list) for a winbindd_child struct match up.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 26 18:51:24 CEST 2011 on sn-devel-104
|
|
|
|
Counterpart for last checkin. A lot less likely, but not impossible in a child.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 26 13:14:27 CEST 2011 on sn-devel-104
|
|
I've seen
[2011/08/26 01:44:10.872057, 1] winbindd/winbindd_dual.c:1336(fork_domain_child)
fork_domain_child: Could not read child status: nread=-1, error=Interrupted system call
on a customer box. Not good.
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Aug 25 15:15:57 CEST 2011 on sn-devel-104
|
|
talloc_traverse_dict will return with -1 in case of an error and
might return positive values that indicate the count of found
entries
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Aug 24 18:09:11 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|