summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r1939: Ensure with my new change we set extended security in flags2 inJeremy Allison1-0/+3
the negprot reply. Jeremy. (This used to be commit 8b80b46b8b76ead72c17dc65f2de4c0cc0b263c7)
2007-10-10r1936: Fix bug noticed by Steve - ensure extended security bit is on onlyJeremy Allison2-1/+7
if we negotiated extended security. Do not merge for 3.0.6. Works with W2K but needs further testing. Jeremy. (This used to be commit 284689aa18d2711a9041598cdf490359466f7f77)
2007-10-10r1908: Bugzilla #1541. Fix recursive ls in smbclient. Fix by Josef Zlomek.Tim Potter1-1/+1
(This used to be commit e59af43f6b8f824447bd20efc08dd81f2774e99c)
2007-10-10r1906: Revert lukeh's change for primary uid/gid change. This creates a ↵Volker Lendecke1-19/+7
recursion loop between uid_to_sid -> getsampwnam -> uid_to_sid. It needs further inspection. Volker (This used to be commit 67d8bc48531dd1a7d9b5db93f7d71f920a27e8fb)
2007-10-10r1890: Cut down on debug messages from is_in_path. paulgPaul Green1-3/+2
(This used to be commit 8b1c2126af3f29a3708b6823616ecec43ce63b95)
2007-10-10r1888: Bring the same level of "required_membership"-functionality thatGünther Deschner2-5/+56
ntlm_auth uses, to pam_winbindd as well. This allows to make successfull authentication via PAM dependent on SID-membership. At the moment, both ntlm_auth and pam_winbindd.so accept user/group-names or sid-strings - as discussed, recursive membership (e.g. local aliases) will be added later. Guenther (This used to be commit 7494569655f8d112a0c883a2748a1012bb64ad3a)
2007-10-10r1887: Fix deadlock loop in winbind's required_membership_sid-verification.Günther Deschner1-1/+1
Guenther (This used to be commit a0a6d7d72f2a24c422db255acf6c439a9b0921df)
2007-10-10r1885: tighten the cache consistency with the ntprinters.tdb entry an the in ↵Gerald Carter8-18/+67
memory cache associated with open printer handles; also make sure that register_messages_flags() doesn't overwrite the originally registers flags (This used to be commit 540daf71d8ad189af5dd6d45aa1ce2b3d67da752)
2007-10-10r1871: Patch from Luke Howard <lukeh@PADL.COM> to correctly useJeremy Allison1-7/+19
uid_to_sid() and gid_to_sid() in pdb_set_sam_sids(). Jeremy. (This used to be commit dae084d7134ae3f532861210907cd252d0001c9b)
2007-10-10r1869: Rename "fallback_XXXX" mapping to "algorithmic_XXX" asJeremy Allison2-36/+29
that's what it actually does, and "fallback_" is just confusing. Jeremy. (This used to be commit f44b4ba38147e353716c02c899bd45beaf71e6ad)
2007-10-10r1866: Fix for bug #1602 reported by <m.proehl@science-computing.de>.Jeremy Allison1-2/+6
Access to a share with wide links = No follow symlinks = No Was failing with access denied. Jeremy. (This used to be commit c137accb25c928551ce666e8c7cfbbcaa60ad771)
2007-10-10r1863: Fix build of exp stuff on Solaris (#1474)Jelmer Vernooij1-4/+8
(This used to be commit d5c757d89b76bfe5cbd23e4a241971aaa32e4949)
2007-10-10r1853: Improved NT->AFS ACL mapping.Volker Lendecke1-54/+316
Jerry, this is a really localized patch that I've been using at a customer site for quite a while, I'd like to get that into 3.0.6. Thanks, Volker (This used to be commit e7d7dc94eb452467725fea7f1ebc941bdb07573d)
2007-10-10r1841: Fix for #1606, can't launch dos exe's.Jeremy Allison2-2/+7
2 related problems - 1). DOS uses chained commands - when we are replying with sendfile we neglect to send the chained header. 2). Win9x and DOS TCP stacks blow up when getting data back from a Linux sendfile - "The engines canna take the strain cap'n". Don't use sendfile for anything less than NT1. Jeremy. (This used to be commit 3cd88f48afa589a189bb728d2d2660d058203d4d)
2007-10-10r1834: prevent infinite recusion in reopen_logs() when expanding the ↵Gerald Carter1-1/+7
smb.conf variable %I (This used to be commit 08037bd4427a99150c1cc65770681ec3f92f4ad5)
2007-10-10r1833: patch from James Peach to get swat to look for index.html by default ↵Gerald Carter1-4/+24
when given a trailing directory/ (This used to be commit 980740da784ce00ad1b388872297b82d4d368044)
2007-10-10r1812: Fix from Richard Renard <rrenard@idealx.com> to be able to resetJeremy Allison1-3/+30
a users logon hours restrictions. Jeremy. (This used to be commit 887aa22dc90dd8653a6c9eedf91ce76830d93de6)
2007-10-10r1810: Patch from Richard Renard <rrenard@idealx.com> to storeJeremy Allison4-2/+74
logon hours attributes in an LDAP database. Jeremy. (This used to be commit dac72638fb3a05e805136698e0ad0612620ac8af)
2007-10-10r1789: compiler warnings from SuSEGerald Carter2-2/+6
(This used to be commit 7e44193be103fad273796218c8f5e5f9a1657c3c)
2007-10-10r1780: Remove the UTC comment as it isn't.Jeremy Allison1-2/+2
Jeremy. (This used to be commit f454821ff5545a34704b149514da9064f73ca3ad)
2007-10-10r1778: Fix based on code from Richard Renard <rrenard@idealx.com> toJeremy Allison1-0/+42
enforce logon hours. ldap fixes to follow. Jeremy. (This used to be commit 9ce273ed662bd34987eaeedeeeb7cb1c99cd50a4)
2007-10-10r1750: This patch allows net ads lookup to rely on command line arguments if ↵Jim McDonough2-2/+6
contacting an ADS server fails. This allows net ads lookup to work with clapd (very useful for testing). from aliguori@us.ibm.com (This used to be commit edb4e940b45cbb06a93004b15fc45a7a45a42498)
2007-10-10r1733: Fix hashed password history for LDAP backends.Jeremy Allison1-10/+26
Jeremy. (This used to be commit a1bb6fbbe4d1618b5e02a3e7ee456247364bac66)
2007-10-10r1721: Get rid of compiler-warning.Günther Deschner1-0/+1
Guenther (This used to be commit 153c813464eb54a06bf01146a0eb3d2c908f76bc)
2007-10-10r1720: Show correct help for net groupmap commands.Günther Deschner1-3/+3
Guenther (This used to be commit 3677c6a8f67628d5bea0764f84e624730d57b423)
2007-10-10r1716: Get rid of a compiler warning. "pipe" is a symbol that is defined as ↵Volker Lendecke1-2/+2
a system call, and gcc -Wall complains about a shadowed definition. Volker (This used to be commit 9a2fd67037769b5cbb10edd024f6d98c610bf875)
2007-10-10r1698: fix build.Günther Deschner1-2/+3
guenther (This used to be commit 925e28d0cbd9667bceb0762ef1e429735250c209)
2007-10-10r1692: first commit :)Günther Deschner12-27/+3053
* add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2007-10-10r1684: Patch for bug #1578 based on fix from Alexander E. Patrakov,Jeremy Allison1-12/+19
<patrakov@ums.usu.ru>. Main change, hardcode replacement char to '_' as I really don't want a new parameter. Jeremy. (This used to be commit db3dde026b84aa28c2d7a32249488f203e362497)
2007-10-10r1681: Ensure we return the same ACL revision on the wire that W2K3 does.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 31505acf033c7d76592bb5b4ef80b29a00658c49)
2007-10-10r1665: Patch from James Peach @ SGI to stop using sendfile if it isn'tJeremy Allison2-2/+18
supported by the underlying OS. Jeremy. (This used to be commit 1b0c70cf97aa45093fe5ef866a351b47ef1a5879)
2007-10-10r1661: Changed the password history format so that each history entryJeremy Allison5-22/+74
consists of a 16 byte salt, followed by the 16 byte MD5 hash of the concatination of the salt plus the NThash of the historical password. Allows these to be exposed in LDAP without security issues. Jeremy. (This used to be commit 82e4036aaa2d283534a5bd8149857320fcf0d0dc)
2007-10-10r1658: Expand aliases for getusersids as well.Volker Lendecke1-0/+56
Volker (This used to be commit d5060c30e38b46b322615f0e0b465fbf73ed5245)
2007-10-10r1656: Patch from James Peach:Vance Lankhaar1-0/+2
> This patch is (probably) needed for all systems that don't have a > C99/UNIX98 compliant vsnprintf by default. The builtin sm_*printf > were no being called, causing things like talloc_init to fail, with > predictable results. The should fix 6 (solaris/hpux/irix) builds on the build farm. Vance (This used to be commit 1a33999cf073ee18f846678357832ec7866bb467)
2007-10-10r1638: Dont always uppercase "afs username map"Volker Lendecke1-1/+1
(This used to be commit e9263a5204c42e8f3f1079cd535ce6fc091f3d6a)
2007-10-10r1616: Fix user unmount of shares mount with suid mount.cifsSteve French1-9/+33
(This used to be commit 2bd28007159a3ce4a1b8737218e7b75bc2286682)
2007-10-10r1613: Patch from Tom Shaw <tomisfaraway@gmail.com> to useJeremy Allison1-4/+4
winbindd_fill_pwent consistently. Jeremy. (This used to be commit 8d355b9b9ddd6edf15c70977f5a719b549a56378)
2007-10-10r1612: Fix bug #1571 found by Guenter Kukkukk <guenter.kukkukk@kukkukk.com>Andrew Bartlett1-2/+5
(Botched LANMAN2 session setup code) Andrew Bartlett (This used to be commit 3baa4ef6c58eb13bec1a8ddb1561a504f4a16107)
2007-10-10r1610: Patch from Richard Renard <rrenard@idealx.com>. Ensure weJeremy Allison1-10/+4
save the password as it is being changed into the password history list. Jeremy. (This used to be commit 4fd619d7e16b5f759e6dc8360ad192457b3c90b9)
2007-10-10r1608: Fix from Nick THOMPSON <nickthompson@agere.com> to protect smbdJeremy Allison1-3/+8
against broken filesystems which return zero blocksize. Jeremy. (This used to be commit 23d157a0bea16366f0361ab68193b479ed844291)
2007-10-10r1599: Use -Bsymbolic when creating shared libraries to avoid conflicts withTim Potter1-1/+1
identical symbols in the global namespace when loading libnss_wins.so. Bugzilla #1360. (This used to be commit 2063b8d9bcf0b2ad9f09d71b5c74ad3db070c6a3)
2007-10-10r1590: Small fixes from Günther DeschnerVolker Lendecke1-7/+3
(This used to be commit 2d68fdf06b3b027227ab77372b001b13fd2b494d)
2007-10-10r1588: This is one of the more pathetic patches I ever checked in. Many hours ofVolker Lendecke2-96/+73
coding have passed, but I could not find a way to get the OpenLDAP libraries to reliably time out on any of the queries we make, *and* get correct error returns. No, async calls and ldap_result does NOT work, or I was simply too stupid to correctly interpret the OpenLDAP manpage and source. We can not allow to hang indefinitely in an ldap query, especially not for winbindd. "ldap timeout" now specifies the overall timeout for the complete operation, that's why I increased that to 15 seconds. Volker (This used to be commit 269f0750872e5f8757e0a9667e007a0410319fcd)
2007-10-10r1583: Patch by Fabien Chevalier <fabien.chevalier@supelec.fr>Andrew Bartlett1-1/+1
We may not have any interfaces up at all, so initialise the return variable. Fixes Debian bug #252591 Andrew Bartlett (This used to be commit 35aabae9d9bf66ef2c8eb4e07a850c606d8236d2)
2007-10-10r1582: On failure, print the length of the right variable.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 5bd6abb54e12aee2031d48bc5b240bb4f127bf5a)
2007-10-10r1581: 'NULL' NTLMSSP is both a pain to get right, and compleatly and utterlyAndrew Bartlett1-0/+2
pointless. With a well-known session key, we may as well put the password change directly on the wire, with it's own 'crypted with old password' as the protection. This should fix some 'long password change' issues, against Samba in particular. Andrew Bartlett (This used to be commit 554a9132872187077a9c00abb18b9d809c59b7f1)
2007-10-10r1572: setting version to 3.0.7pre1; I will pull back changes into 3.0.6rc2 ↵Gerald Carter1-2/+2
manually (This used to be commit 11c6ca1c3c9d3b400f4cebcbf232899bcf4b613f)
2007-10-10r1570: merging changes from 3.0.5Gerald Carter7-22/+28
(This used to be commit 430cf63b9148441bce42bfb15a8045de5da108f4)
2007-10-10r1562: Make winbind for -S (sid->uid) and -Y (sid->gid) check whether the sidVolker Lendecke1-0/+41
requested actually is of type asked for. I've come across more than one installation where a group sid had ended up as a uid in idmap and vice versa. This just closes one possible for this misconfiguration, people are actually using wbinfo. Volker (This used to be commit acfbd34025c2fde3d6a3e582c120c2b9de8ed39b)
2007-10-10r1561: iconv detection fix from James Peach <jpeach@sgi.com>Gerald Carter1-13/+19
(This used to be commit 62bd60e4458f6e9bdaab7b5c81b040a0b3310f30)