Age | Commit message (Collapse) | Author | Files | Lines |
|
This is the new revision with the hash of the posix or system ACL.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 25 15:04:39 CEST 2012 on sn-devel-104
|
|
|
|
This covers the case where we have a valid hash of the posix ACL (or the NT ACL from the
POSIX ACL) and we notice it no longer matches.
Andrew Bartlett
|
|
This tries to show the difference between the cases where we trap
the POSIX ACL change and where we actually detect an OS-level change.
Andrew Bartlett
|
|
This tests the mapping of posix ACLs to NT ACLs, the invalidation of
NT ACLs stored as an xattr and ensures this security-critical code
continues to work in the long term.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 25 10:05:16 CEST 2012 on sn-devel-104
|
|
If there is no SID for an object being mapped, then there is no NT4 name.
We need to return DRSUAPI_DS_NAME_STATUS_NO_MAPPING rather than
error out with anything other than WERR_OK as the return value.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 25 04:43:25 CEST 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 24 10:12:51 CEST 2012 on sn-devel-104
|
|
Otherwise, we will return un-initialised values to the caller, which will
attempt to push them onto the wire.
Found by Greg Dickie <greg@justaguy.ca>.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 24 05:12:04 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Sun Oct 21 21:26:01 CEST 2012 on sn-devel-104
|
|
|
|
and use SMBD_OBJ_BASE for a couple of targets where sessionid_tdb and conn_tdb
were used.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Fri Oct 19 11:37:44 CEST 2012 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
This includes spacing and casing.
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 18 09:51:35 CEST 2012 on sn-devel-104
|
|
Check if attributes are correctly set and read from SamDB
Test automatic creation of attributes from getpwent (NSS)
Check if overriding NSS attributes works
getpwent will be skipped if the current UID of the user running the
tests has no passwd entry (getpwuid(geteuid())).
If a user with the name of the current UID already exists in the
directory, the getpwent test will fail. If that should happen, the
test would need to be updated to use a nonexistent UID that is
visible to the Python 'pwd' module.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Optionally set RFC2307 (NIS Schema) attributes in samba-tool create.
Mainly needed for UID mapping to be usable.
Not all attributes are set-able, only harmless and non-overlapping
ones (uid, uidNumber, gidNumber, loginShell, gecos). Description and
homeDirectory should already be set, userPassword seems problematic.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
The issue here is that if we set S-1-5-32-544 (administrators) to a
GID only, then users cannot force a mandetory profile to be owned by
administrators (which is a requirement).
There is no particularly useful reason for us to enforce this matching
a system group.
Andrew Bartlett
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 17 12:55:44 CEST 2012 on sn-devel-104
|
|
|
|
This reverts commit c2d14747d608d406de6410556807d467cd0b85ef.
samba_upgradedns handles creates/removed the dns acount.
See
https://lists.samba.org/archive/samba-technical/2012-October/thread.html#87578
metze
|
|
Acked-By: Kai Blin <kai@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Fri Oct 12 02:06:42 CEST 2012 on sn-devel-104
|
|
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Thu Oct 11 20:30:43 CEST 2012 on sn-devel-104
|
|
|
|
|
|
The DNS user is currently only used by the bind9 plugin. This makes it
easier to later on switch between the builtin DNS server and bind
backend.
In addition, ideally the internal DNS server would use that (separate)
user too.
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Thu Oct 11 17:05:40 CEST 2012 on sn-devel-104
|
|
in the usage message.
Karolin
|
|
This skips the chown of the files if (for example) the domain Admins group
were to own the file and not be able to because the group maps only to a GID.
This essentially papers over the problem, but may be enough to get us past
the Samba 4.0 release.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Oct 9 15:24:44 CEST 2012 on sn-devel-104
|
|
..TrustAnchors zone is not interpreted by RPC dnsserver code.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Oct 9 03:21:07 CEST 2012 on sn-devel-104
|
|
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
|
|
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Oct 8 17:52:52 CEST 2012 on sn-devel-104
|
|
metze
|
|
We use the epilog to print the subcommands.
metze
|
|
metze
|
|
Karolin
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Oct 8 14:26:52 CEST 2012 on sn-devel-104
|
|
Karolin
|
|
Karolin
|
|
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Mon Oct 8 10:45:41 CEST 2012 on sn-devel-104
|
|
RootDNSServers should never be returned (Windows DNS server don't)
..TrustAnchors should never be returned as is, (Windows returns
TrustAnchors) and for the moment we don't support DNSSEC so we'd better
not return this zone.
|
|
|
|
|