Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
(This used to be commit 6c4fe819c69f281915ad0f4c3bde4dfb194aa33a)
|
|
Guenther
(This used to be commit d45b9abb0ec7d943e9fb374d64385d6c540fffe2)
|
|
Might need to rework prs_dcerpc_status().
Guenther
(This used to be commit 38b18f428ba941f4d9a14fa2de45cb0cd793a754)
|
|
* Finally fix parsing idmap uid/gid ranges not to break with spaces
surrounding the '-'
* Allow local groups to renamed by adding info level 2 to
_samr_set_aliasinfo()
* Fix parsing bug in _samr_del_dom_alias() reply
* Prevent root from being deleted via Samba
* Prevent builting groups from being renamed or deleted
* Fix bug in pdb_tdb that broke renaming user accounts
* Make sure winbindd is running when trying to create the Administrators
and Users BUILTIN groups automatically from smbd (and not just check the
winbind nexted groups parameter value).
* Have the top level rid allocator verify that the RID it is about to
grant is not already assigned in our own SAM (retries up to 250 times).
This fixes passdb with existing SIDs assigned to users from the RID algorithm
but not monotonically allocating the RIDs from passdb.
(This used to be commit db1162241f79c2af8afb7d8c26e8ed1c4a4b476f)
|
|
I'll try to add some tests using samba3's smbtorture and smbclient
later.
can someone check if this would be save to run on the build-farm
without leaking child processes...
metze
(This used to be commit 899fd6808ebd04d039caf7199c60d34a4987b43a)
|
|
Nothing happens if PAM_MODULES is empty which is our default.
The default destination dir is "${LIBDIR}/security". It's possible to
overwrite the default with --with-pammodulesdir while calling configure.
(This used to be commit 7163c6860549378fa63907048c4eb34fe81835cc)
|
|
metze
(This used to be commit 1b6a64378553008127a85131fa4139842de4128b)
|
|
(This used to be commit 160626195bf44b94109ddb7a15da703344d8163f)
|
|
or --mandir to set them already. Till now we overwrrote a setting made
with --libdir or --mandir.
(This used to be commit 94980a15be5eae2820c340d3d33b6c9df7053b24)
|
|
- add configure tests --with-selftest-prefix=/tmp/samba-test
this is needed because the path name of unix socket can only be 108 chars long
- add configure test --with-smbtorture4-path=/home/foo/prefix/samba4/bin/smbtorture
this will be used to run samba4's smbtorture inside samba3's make test later
metze
(This used to be commit d9df1853b947c70f747ea30a353162f2985ef250)
|
|
to make the following possible:
timelimit 20000 bin/nmbd -F -S --no-process-group
timelimit 20000 bin/smbd -F -S --no-process-group
this is needed to 'make test' working without losing child processes
metze
(This used to be commit c3a9f30e2a12cc852c9fa3a7d161f5c6ee0694ce)
|
|
(This used to be commit df6d69e78fb0f604a7bfc34fc9ac8f391252520d)
|
|
We were using a far too short renewable_time in the request; newer MIT
releases take care interally that the renewable time is never shorter
then the default ticket lifetime.
Guenther
(This used to be commit bde4a4018e26bc9aab4b928ec9811c05b21574f3)
|
|
because lck->num_share_modes != 0 doesn't mean that
there *are* other valid share modes. They may be
all marked "UNUSED" or be deferred open entries.
In that case don't downgrade the granted oplock to
level2 needlessly - a client can have an exclusive
oplock in this case. The original code handled this
correctly in the lck->num_share_modes == 0 case but
not in the case where there were no valid share modes
but lck->num_share_modes != 0. I'll clean up my
Samba4 torture tester for this and commit it tomorrow.
Jeremy.
(This used to be commit 306061c93d9181262298516fefd83444f5a65ce5)
|
|
the POSIX interface. Note that this removes support for inherited
capabilities. This wasn't used, and probably should not be.
(This used to be commit 763f4c01488a96aec000c18bca313da37ed1df1b)
|
|
Guenther
(This used to be commit 3f195f8248c88ec8bf8ceb195575ce6bb49d7fc4)
|
|
The sad thing is the core of this bug fix is just
removing a paranoia "exit_server" call, as the
rest of the logic was already correct :-).
Lots of comments to explain the logic added.
I will look at adding tests to exercise this,
might be possible.
Jeremy.
(This used to be commit c2488db727e1a00f112be7b169de9e6208e311f3)
|
|
kerberos_kinit_password_ext provides access to more options.
Guenther
(This used to be commit afc519530f94b420b305fc28f83c16db671d0d7f)
|
|
(This used to be commit 1829d22720612b0e61cec7e66d7cba46c04160b9)
|
|
(This used to be commit 3137fe5068e4b0c1724b92f49ca8e1d254324801)
|
|
Guenther
(This used to be commit 9de3e9e6b26bebc580b771f9020fc7934e44d51c)
|
|
called from multiple places now (krb5, winbindd auth and domain_client_validate()
(This used to be commit ddad66ec58d09f89105ceb822b7bea534dafd9e6)
|
|
* Add back in the import/export support to pdbedit
* Fix segv in pam_smbpass
* Cleanup some error paths in pdb_tdb and pdb_interface
(This used to be commit df53d64910fbb96eb810102e986b3c337d54c463)
|
|
krb5_rd_req could decrypt the ticket but that ticket is just not valid
at the moment (either not yet valid or already expired). (This also
prevents an MIT kerberos related crash)
Guenther
(This used to be commit 8a0c1933d3f354a8aff67482b8c7d0d1083e0c8f)
|
|
on the particular file we are performing I/O on, irrespective of whether
the write cache is globally enabled
(This used to be commit 0809e2cb1dfff1cd0e8631b23b415cb2d8a67312)
|
|
(This used to be commit 19e9bc03f81d8d000b683cf5c5f478ba25ddeb0d)
|
|
(This used to be commit 0e789b7e43388b0e7155708981b4ab52ec6d3961)
|
|
metze
(This used to be commit 7cf4ad8899d2109ff30d3168fd5028f8548ec34f)
|
|
a AC variable)
(This used to be commit 7d92cff7a3327cc9da5a4723bd62e68e0402acb8)
|
|
Guenther
(This used to be commit 345d2ab5d399a99f271148cf308271cb7fc2c0ca)
|
|
supported.
Is there a better way to check for the 0x1c010002 status code?
Guenther
(This used to be commit c7268dc9ac304e1b6dac80762087a57484906103)
|
|
I'm disabling it for now until we have en effective
means of dealing with the ticket request flags for users
and computers.
(This used to be commit 635f0c9c01c2e389ca916e9004e9ea064bf69cbb)
|
|
(This used to be commit 6704859950eb93d86906d4916cf6842d9a970d2f)
|
|
environment.
Guenther
(This used to be commit 1f1402e45db8d80a7c19208fae934e1b0f3da134)
|
|
offline logons work again with NT4 and older Samba3 DCs.
Guenther
(This used to be commit 0892077fcec913ef76b017b5bfe058d20a322915)
|
|
Guenther
(This used to be commit aae8f8ae7a79d06c74151186f3c2470bdec5687d)
|
|
Guenther
(This used to be commit 3e607aa69ae2d43fb6ec170d03221a6b22d3f35d)
|
|
Guenther
(This used to be commit 7b1fcb75dadd5ff232d60f93206867cf13322f2e)
|
|
policies when requested.
No panic, the flags is uint32 so we are not running out of WBFLAG bits.
Guenther
(This used to be commit 2155bb0535656f294bd054d6a0a7d16a9a71c31b)
|
|
Guenther
(This used to be commit 52d721b6384cf6f94e1ebb59d21bf09737a539b5)
|
|
failed with a clear error indication. This prevents the bad logon count
beeing increased on the DC.
Guenther
(This used to be commit 5fdddffba5cf05ccac23a64fbe404a34e73fa73c)
|
|
but make the intent clearer.
Jeremy.
(This used to be commit 2703df7a8f26a315ae6ab53de8f7814fa66a1c54)
|
|
client sends a NULL RPC_BUFFER*
(This used to be commit 69f816e9f885bdeb6e8c67222b6fdca76d9d1025)
|
|
(This used to be commit d9b85e3b287c24d2a3e2076da331fe06192b0eef)
|
|
Guenther
(This used to be commit c81eb71834dc827db63c8adb3f816bbbe916473c)
|
|
and want to just shutdown and exit.
Guenther
(This used to be commit 0aa6328ed6ba6d0d24169ffdff0099405c9bfb00)
|
|
Guenther
(This used to be commit 4157bfe9cfe79ff78e7e527a50058cf9103cab61)
|
|
printing purposes.
Jeremy.
(This used to be commit 3c33eda430426e40e179799e7341db10c4b2e98e)
|
|
Jeremy.
(This used to be commit 71e81580421225d5b35a25d46a7b6064a826685c)
|
|
Now that I know what all the requirements for this group are
I can generalize the code some more and make it cleaner.
But at least this is working with lusrmgr.msc on XP and 2k now.
(This used to be commit d2c1842978cd50485849bfc4fb6d94767d96cab0)
|