Age | Commit message (Collapse) | Author | Files | Lines |
|
The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().
As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
|
|
requests (bug #9820)
Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
|
|
Instead, wait until the call attempts to reply, and let it terminate then
(often this happens in the attempt to then write to the broken pipe).
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
A patch by Cove Schneider <cove_s@yahoo.com> who reports:
I noticed that the RID numbers seem to increase incrementally, then
will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't
RID pool allocations just be 500 at a time?
e.g. Adding accounts one after another on a single test instance here's how they're incrementing (from 4.0.6):
1596
1597
1598
1599
126100
126101
126102
...
126599
251100
...
251599
376100
...
The problem is that this complicates using sssd's AD integration, as
that it doesn't expect the RIDs to increase in a single domain so
quickly.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 4 20:13:05 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 3 23:17:57 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
As we compare string make sure we have the null terminator.
Found by valgrind.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Signed-off-by: Matthieu Patou <mat@matws.net>
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Mon Jul 1 11:22:57 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Jun 30 13:34:13 CEST 2013 on sn-devel-104
|
|
This started to fail on current Debian Sid with system Heimdal after a binutils update.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 25 02:30:59 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 24 23:55:07 CEST 2013 on sn-devel-104
|
|
Also insure that we exit immediately on any error.
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 24 12:17:52 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 21 17:32:16 CEST 2013 on sn-devel-104
|
|
This should mean that lookups for the BUILTIN domain cause less trouble
then they have in the past, because they will no longer go via the
trusted domain handler.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
|
|
"EOF on stdin"
Only install the stdin handler if it's a pipe or fifo.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5. I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.
This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
|
|
dsdb_get_sd_from_ldb_message()
Every object has a nTSecurityDescriptor attribute.
This also avoids potential segfaults in the callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
Also the result of this search not controlled by the client
nor is the result exposed to the client.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We should call irpc_add_name() when we start the smb_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We should call irpc_add_name() when we start the rpc_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We should call irpc_add_name() when we start the ldap_server task.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This makes the code easier to read.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 11:15:01 CEST 2013 on sn-devel-104
|
|
This probes when the usn is updated, and when it is not.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 12 11:54:01 CEST 2013 on sn-devel-104
|
|
While python didn't mind (oddly) it really confused my editor.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
This handles deletions and replacements with no value, or with an
exactly specified value, as well as modifies.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This helps us in the KCC as we need to return the deleted DN for the GUID
in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 11 11:40:39 CEST 2013 on sn-devel-104
|
|
schema->{classes,attributes} are the DLIST pointer not an array.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
replmd_ldb_message_element_attid_sort"
This reverts commit d799b25dd3ed0f72ee03949225ba241c5538d7d6.
Sometimes the schema just isn't right. A segfault is not the correct
answer in those cases.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
"UF_LOCKOUT" and "UF_PASSWORD_EXPIRED" are never stored but rather are
used for special semantics.
"UF_LOCKOUT" performs an account lockout and "UF_PASSWORD_EXPIRED"
forces password expiration.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 10 07:32:35 CEST 2013 on sn-devel-104
|
|
Also on level 26 this has to be handled the same as on levels 21, 23, 25.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
acct. type
Obviously this defaults to UF_NORMAL_ACCOUNT. Some background can be found in
MS-SAMR section 3.1.1.8.10.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 5 03:26:25 CEST 2013 on sn-devel-104
|
|
Windows Server 2008 has changed semantics in comparison to Server 2003.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This needs to be a talloc child of struct wbsrv_domain
otherwise the cleanup of a broken connection doesn't work.
The following command can trigger the leak on a domain controller.
root@dc:~/samba# ls -l /var/lib/samba/sysvol/samba.private/
total 16
drwxrwx---+ 5 root 3000000 4096 May 14 14:46 Policies
drwxrwx---+ 2 root 3000000 4096 May 14 11:45 scripts
gid 3000000 belongs to Builtin\Administrators.
The code triggers a ncacn_np: connection to the local smbd
and complains that domain BUILTIN is not available:
[2013/05/29 17:28:03, 2] ../source4/winbind/wb_init_domain.c:376(init_domain_recv_queryinfo)
Expected domain name BUILTIN, DC dc.samba.private said SAMBA
In that case the connection was not closed, which is fixed by this commit.
Using ncalrpc: for all local SIDs and serving the BUILTIN domain is
a project for another day...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 4 11:05:09 CEST 2013 on sn-devel-104
|
|
Windows (tested against 2k8r2) returns WERR_IO_PENDING and
DSPRINT_PENDING when a publish or unpublish is requested via
setprinter(level=7). Modify the AD printer publishing test to support
these responses.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jun 3 16:06:15 CEST 2013 on sn-devel-104
|
|
This test publishes and unpublishes a printer using setprinter(level=7).
Printer info2.attributes and info7.action flags are check at each point
to ensure MS-RPRN conformance.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
If an update leaves the dnsNode without any entries, the dnsNode object
should be deleted. Thanks to Günter Kukkukk for his excellent debugging
work on this one.
This should fix bug #9559
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
noticed this when using samba-tool to create a new zone
Signed-off-by: Guenter Kukkukk <kukks@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu May 30 09:41:20 CEST 2013 on sn-devel-104
|
|
This makes sure that when updating SOA record, the serial is set to the value
sent by client. For all other records, serial is incremented.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
|
|
Remove the remaining check for return value after strcmp() was changed to
dns_name_equal().
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This removes another incorrect AD_DC_BUILD_IS_ENABLED check ifdef check. The ndr
test is not at all heimdal specific.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed May 29 11:29:51 CEST 2013 on sn-devel-104
|