summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2012-09-20winbind: Extend wbcAuthenticateUserEx to provide PACChristof Schmitt3-6/+153
With this new interface, external applications that have authenticated to an ADS can pass the PAC from the Kerberos ticket to wbcAuthenticateUserEx. winbindd decodes and extracts the info3 information for the external application. If winbindd can verify the PAC signature, the info3 from the PACis also added to the netsamlogon_cache. The info3 data can be used by the external application to get the uid and primary gid. The data in netsamlogon_cache allows to retrieve the complete group list through the NSS function getgrouplist. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-09-20vfs: fix acl_blob_get* in vfs_full_auditDavid Disseldorp1-9/+11
Plumb-in functions and use correct return types. Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Thu Sep 20 20:42:09 CEST 2012 on sn-devel-104
2012-09-20vfs: fix lock logging in vfs_full_auditDavid Disseldorp1-4/+4
2012-09-20s3-printing: Increase debug level for info that the db is empty.Andreas Schneider1-1/+2
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Sep 20 12:01:48 CEST 2012 on sn-devel-104
2012-09-20s3:smb2_server: fix usage of invalid memory in smb2_signing_check_pdu()Stefan Metzmacher1-1/+1
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Sep 20 07:18:31 CEST 2012 on sn-devel-104
2012-09-20s3:winbind:idmap_tdb_common: improve readability of assignment by adding an "if"Michael Adam1-3/+5
in idmap_tdb_common_sids_to_unixids()
2012-09-20s3:winbind:idmap_tdb_common: improve readability of assignment by adding an "if"Michael Adam1-3/+5
in idmap_tdb_common_unixids_to_sids()
2012-09-20s3: Fix idmap_hashVolker Lendecke1-1/+1
Calling be_init with NULL safely crashes, because we dereference NULL. We don't need to call it here, this is called in all workers anyway. Thanks to Jiri Sasek <jiri.sasek@oracle.com> for finding this. Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Sep 20 05:03:54 CEST 2012 on sn-devel-104
2012-09-19s3: Use SBVAL in put_long_date_timespecVolker Lendecke1-2/+1
Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Sep 19 01:16:25 CEST 2012 on sn-devel-104
2012-09-18s3: Fix some nonempty line endingsVolker Lendecke1-12/+12
Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Sep 18 22:39:07 CEST 2012 on sn-devel-104
2012-09-18quota: add supprt for gfs2Björn Jacke1-0/+2
gfs2 uses the same generic quota interface as xfs and it has the same base block/quota block size ratio and seems to work nice with the xfs quota module. (People using gfs should be aware that quota reporting is lagging quite a bit on gfs. If you copy a file on a gfs volume the quota values are being updated with a delay of 30s here with kernel 3.5. This reporting can lead to data corruption if a client thinks he can write but actually he suddently can't.)
2012-09-18panic action is defined as GLOBAL_VAR(szPanicAction) not ↵Matthieu Patou1-1/+0
GLOBAL_VAR(panic_action) Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 18 06:12:00 CEST 2012 on sn-devel-104
2012-09-18source3/script: fix installman.sh after the last build-manpages-nogit changeMichael Adam1-2/+2
commit cfdab79729e8507a7504b0224c60454d3bc40ffc Author: Michael Adam <obnox@samba.org> Date: Wed Sep 12 15:46:35 2012 +0200 release-scripts: let build-manpages-nogit store generated docs under ./bin/docs not under ./docs Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-18Fix service control for non-internal services.Vladimir Marek1-4/+0
Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Sep 18 01:42:23 CEST 2012 on sn-devel-104
2012-09-17s3:libsmb fix a double free errorChristian Ambach1-1/+0
t refers to self->thread_state that is freed a few lines below Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Mon Sep 17 22:04:13 CEST 2012 on sn-devel-104
2012-09-16s3:libsmb fix a potential crashChristian Ambach1-9/+12
Signed-off-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Sun Sep 16 22:31:38 CEST 2012 on sn-devel-104
2012-09-16s3:vfs_gpfs: fix buildChristian Ambach1-5/+5
after recent VFS changes
2012-09-16s3:auth fix a compiler warningChristian Ambach1-3/+2
2012-09-15quota: also log which fs type we foundBjörn Jacke1-1/+1
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Sat Sep 15 02:18:16 CEST 2012 on sn-devel-104
2012-09-15autoconf: check for dn_expand also in libinetBjörn Jacke1-0/+1
see bug #7472
2012-09-15wafbuild: check for dn_expand also in libinetBjörn Jacke1-0/+1
see bug #7472
2012-09-15Add 'bool use_privs' to smbd_calculate_access_mask().Jeremy Allison4-5/+10
Replaces blanket root allow if set. Set to 'false' for all current callers. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Sep 15 00:37:49 CEST 2012 on sn-devel-104
2012-09-14Fix bad string in debug message (remove it).Jeremy Allison1-4/+2
2012-09-14Add bool use_privs parameter to smbd_check_access_rights()Jeremy Allison5-4/+18
If this is set we should use it in preference to blindly assuming root can do anything. Currently set to 'false' in (most) callers.
2012-09-14Add "backup_intent" bool.Jeremy Allison1-1/+2
2012-09-14Don't call can_write_to_file() if we already have 'fsp->can_write' set.Jeremy Allison1-0/+2
2012-09-14build: Fix build on systems without ldap development headersAndrew Bartlett1-0/+1
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Sep 14 22:53:30 CEST 2012 on sn-devel-104
2012-09-14s3: fix the hpux acl moduleBjörn Jacke1-5/+5
This was not adopted to the recent VFS acl structure changes. Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Sep 14 12:23:23 CEST 2012 on sn-devel-104
2012-09-14s3: fix the tru64 acl moduleBjörn Jacke1-5/+5
This was not adopted to the recent VFS acl structure changes.
2012-09-14s3: fix the aix acl moduleBjörn Jacke1-9/+9
This was not adopted to the recent VFS acl structure changes.
2012-09-14s3: Fix the vfs_solarisacl module to compile.Ira Cooper1-5/+5
This got broken with the recent VFS acl structure changes. Autobuild-User(master): Ira Cooper <ira@samba.org> Autobuild-Date(master): Fri Sep 14 05:21:29 CEST 2012 on sn-devel-104
2012-09-14autoconf: fix --with(out)-sendfile-support option handlingBjörn Jacke1-15/+20
this fixes bug #8344
2012-09-14s3: make smbldaphelper subsystem an internal libraryAlexander Bokovoy3-11/+10
Break pdb_ldap -> smbldaphelper -> pdb -> pdb_ldap loop by making smbldaphelp intentionally underlinked internal library. It means that libsmbldaphelp is not usable unless its user is also linked to libpdb (that is the case for both its users, idmap_ldap and pdb_ldap, already) but gives us a break of the circular dependency in case pdb_ldap statically linked into pdb (default). This should solve case when idmap_ldap and pdb_ldap are dynamically loaded modules Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Fri Sep 14 01:02:21 CEST 2012 on sn-devel-104
2012-09-13Sigh :-(. Removing optimization prematurely is the root of all evil :-(.Jeremy Allison3-0/+15
Sorry for the mistake, but the LastDir singleton cache in vfs_ChDir() actually plays an important role. When we're processing a stream of SMB1/SMB2/SMB3 requests we don't want to add a chdir()/getcwd() system call pair on every request if they're all on the same connection and dealing with the same base path. I did some testing with a program that times 1,000,000 chdir() requests vs. 1,000,000 strcmp requests and it's a penalty of 10x doing the system calls. Just because it's old code, doesn't mean it's bad :-(. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 13 21:31:42 CEST 2012 on sn-devel-104
2012-09-13s3: make ldapsam-related functions a smbldaphelper subsystemAlexander Bokovoy3-4/+7
Since these functions are used in pdb_ldap and idmap_ldap, and pdb_ldap might be statically linked to libpdb (default), it is better to keep them as separate subsystem to avoid polluting libpdb namespace. This is first step in refactoring libpdb. Right now I cannot move these functions into proper libsmbldaphelper as it uses more of libpdb-included functions and linking pdb_ldap against libsmbldaphelper library would have created a loop if pdb_ldap is included into libpdb. Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Thu Sep 13 17:36:07 CEST 2012 on sn-devel-104
2012-09-12s3:build: rewrite autogen.sh to be called from any directoryMichael Adam1-5/+20
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-09-12In vfs modules, don't use 'conn->origpath' when we really mean 'conn->cwd'.Jeremy Allison4-10/+10
This allows VFS modules to work even when we've changed directory under the connect path in order to do root-safe calls. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Sep 12 23:45:23 CEST 2012 on sn-devel-104
2012-09-12Move cached cwd onto conn struct.Jeremy Allison3-1/+17
This enables us to make VFS modules safe for use in root called code when we've changed directory under conn->connectpath.
2012-09-12Remove ancient "optimization" global LastDir.Jeremy Allison3-18/+3
2012-09-12Avoid overriding default ccache for ads operations.Simo Sorce8-14/+102
Avoid overriding default ccache for ads operations. Nowadays various samba components may need to use GSSAPI and a default cred cache to perform their tasks. This code was completely overriding the whole process default ccache name, thus altering the current credentials and sometimes hijacking them (or getting preemptively hijaked). By using gss_krb5_import_cred we can instead use a private ccache (necessary sometimes to use a different set of credentials fromt he default cifs/fqdn@realm one, for example when contacting foreign DCs using trust credentials) that does not affect the rest of the process. For the kerberos versions which don't have gss_krb5_import_cred we fallback to temp override of KRB5CCNAME and gss_acquire_cred. Signed-off-by: Alexander Bokovoy <ab@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Wed Sep 12 21:18:09 CEST 2012 on sn-devel-104
2012-09-12s3: remove unneeded noquota.c fileBjörn Jacke1-38/+0
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Wed Sep 12 16:50:50 CEST 2012 on sn-devel-104
2012-09-12s3-rap: Open printers with the right access mask.Andreas Schneider1-3/+3
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Sep 12 14:05:42 CEST 2012 on sn-devel-104
2012-09-12s3-pdb: filter out more symbols only used in ldapsam internalsAlexander Bokovoy2-2/+1
2012-09-12smbd: Add extra VFS hooks to get the posix ACL as a blobAndrew Bartlett6-0/+202
This will allow us to hash this, rather than the NT ACL it maps to. This will in turn allow us to know if the NT ACL is valid even if we have to change the mapping code. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Sep 12 07:06:01 CEST 2012 on sn-devel-104
2012-09-12smbd: Remove pre-allocation of ACL array in sys_acl_init()Andrew Bartlett5-18/+15
Instead, this is just handled with realloc in sys_acl_create_entry() This allows us to remove the size element from the SMB_ACL_T. Andrew Bartlett
2012-09-12smbd-posix_acls: Use a IDL union to store the ACL entryAndrew Bartlett2-13/+11
This is a clearer, long-term-stable structure we can hash without risking it changing. Andrew Bartlett
2012-09-12Make metze happy and the code clearer :-).Jeremy Allison1-0/+6
Ensure we know after the destructor fires we're never going to look at this again. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Sep 12 03:00:21 CEST 2012 on sn-devel-104
2012-09-11smbd: Print ACL used to create hash in vfs_xattr_commonAndrew Bartlett1-0/+10
This should help us understand why sometimes an ACL set won't stick. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Sep 11 18:19:53 CEST 2012 on sn-devel-104
2012-09-11docs: Move idmap manpage to there old location.Andreas Schneider8-891/+0
This wasn't planned and slipped trough, sorry. Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Sep 11 14:28:53 CEST 2012 on sn-devel-104
2012-09-11quota: move function again to its belonging ifdef blockBjörn Jacke1-11/+9
Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Tue Sep 11 04:44:28 CEST 2012 on sn-devel-104
generated by cgit (git 2.34.1) at 2024-06-28 06:08:21 +0000