summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-10-18s4-pvfs: more fixes for ACLs on file creationAndrew Tridgell1-11/+12
The passed in SD is not used to limit the access mask allowed on file create.
2009-10-18s4-smb2: fixed SMB2 find commandsAndrew Tridgell1-2/+2
The change to check for invalid \ prefix on SMB2 paths broke the internal SMB2 code.
2009-10-18s4-pvfs: change the handling of access checking on createAndrew Tridgell4-60/+124
Previously when a file was created, we produces the resulting access mask based on an ACL check against the parent. This change means we now calculate the inherited ACL much earlier, and produce the resulting access mask from that ACL, or the user supplied ACL.
2009-10-18smb2-torture: samba4 allows SEC_FLAG_SECURITY to be used with privilegesAndrew Tridgell1-0/+2
2009-10-17Fix the smbtorture4 build. root_fid is a "union smb_handle". tridgeJeremy Allison1-1/+1
please check. Jeremy.
2009-10-17Merge branch 'master' of ssh://jra@git.samba.org/data/git/sambaJeremy Allison225-3001/+21457
2009-10-17s4-smbserver: removed bogus initialisation of two union armsAndrew Tridgell2-2/+0
Thanks to Metze for spotting this.
2009-10-17s4-pvfs: when uwrap is enabled, ignore chown errorsAndrew Tridgell1-0/+3
chown is expected to fail under uwrap
2009-10-17s4-torture: fixed the default ACL for s4Andrew Tridgell1-13/+41
s4 returns group and world ACEs in the default acl, based on unix permissions
2009-10-17s4-torture: minor debugging enhancementsAndrew Tridgell1-3/+3
2009-10-17s4-schema: We should not need Samba4TopExtra nowAndrew Tridgell1-23/+0
The last attribute this contained was 'privilege' which is now gone
2009-10-17s4-pvfs: don't auto-apply privilege bits in unix acl handling eitherAndrew Tridgell1-7/+11
2009-10-17s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masksAndrew Tridgell1-6/+2
2009-10-17s4-torture: the BASE-CREATEX_ACCESS test is broken for non-administratorsAndrew Tridgell1-0/+1
See my msg to samba-technical about this test and privilege testing.
2009-10-17s4-torture: cleanup after the MAXIMUM_ALLOWED testAndrew Tridgell1-0/+1
2009-10-17s4-pvfs: use privileges rather than "uid == 0" in unix access checkAndrew Tridgell1-6/+12
This makes the unix access check much closer to the full ACL check
2009-10-17s4-security: honor more of the privilege access bitsAndrew Tridgell1-4/+12
2009-10-17s4-torture: add a special check for administrators and privilegesAndrew Tridgell4-18/+57
lsa privileges calls don't expand groups. darn.
2009-10-17s4-lsasrv: make sure only admins can alter privilegesAndrew Tridgell1-0/+6
2009-10-17s4-provision: added the default privileges dbAndrew Tridgell2-0/+99
privileges are now stored in a separate database
2009-10-17s4-provision: removed the old privilege attributesAndrew Tridgell2-53/+14
Our schema is getting a bit cleaner :-)
2009-10-17s4-torture: show the sid we are basing privilege tests onAndrew Tridgell1-2/+6
2009-10-17s4-privileges: moved privileges to private/privilege.ldbAndrew Tridgell4-38/+70
We were storing privileges in the sam, which was OK when we were a standalone DC, but is no good when we replicate with a windows DC. This moves the privileges to a separate (local) database
2009-10-16s4-smbtorture: extend netr_LogonControl test in RPC-NETLOGON.Günther Deschner1-3/+109
Guenther
2009-10-16s4:provision - fixed invalid creationTime formatEndi S. Dewata1-2/+2
2009-10-16s4:ldb - fixed dangling pointer in ldb_request_add_control()Endi S. Dewata1-2/+7
2009-10-16s4:auth - fixed problem reading bind DN from secrets databaseEndi S. Dewata2-0/+8
2009-10-16s4:provision - replaced linked_attributes with FDS pluginsEndi S. Dewata7-3/+100
When FDS is used as a backend, Samba should not use the linked_attributes LDB module, but instead use the built-in DS plugins for attribute linking, indexing, and referential integrity.
2009-10-16s4:auth_sam: Restructure tail in "authsam_get_server_info_principal" and fix ↵Matthias Dieter Wallnöfer1-3/+8
a memory leak
2009-10-16s4:winsdb - Substitute LDB result numbers with constantsMatthias Dieter Wallnöfer1-19/+20
2009-10-16s4/drs(tort): prefixMap unit test initial implementatoinKamen Mazdrashki3-1/+84
2009-10-16s4/drs: prefixMap module initial definitionKamen Mazdrashki3-1/+69
2009-10-16s4/drs(tort): fix compile time warningKamen Mazdrashki1-0/+1
2009-10-16s4/drs(tort): _drs_util_verify_attids() to verify ATTIDs in objects receivedKamen Mazdrashki1-0/+50
2009-10-16s4/drs(tort): drs_util_DsAttributeId_to_string() functionKamen Mazdrashki1-0/+74
2009-10-16s4/drs(tort): _drs_ldap_attr_by_oid() implementationKamen Mazdrashki1-0/+49
Utility function to be used to fetch Attribute name and DN giving attribute OID
2009-10-16s4/drs(tort): oid_from_attid() reference implementationKamen Mazdrashki2-1/+96
Decode Attribute OID using prefixMap and ATTID received during replication Based on MS documentation. See MS-DRSR.pdf - 5.16.4
2009-10-16s4/drs(tort): TORTURE_DRS torture module - initial implementationKamen Mazdrashki4-0/+95
Drsuapi tests module registers two suites: - DRS-RPC - tests to be executed against remote machine - DRS-UNIT - unit test for internal testing
2009-10-16s4/drs: Propagate redefinition of drsuapi_DsReplicaOID into code baseKamen Mazdrashki2-69/+134
The biggest change is that 'oid' field is transmited in binary format. Also the field name is changed to 'binary_oid' so that field format to be clear for callers. After those changes, Samba4 should work the way it works before - i.e. no added value here but we should not fail when partial-oid is part of prefixMap transmited from Win server. Also, thre is a bug in this patch - partial-binary-OIDs are not handled correctly. Partial-binary-OIDs received during replication will be encoded, but not handled correctly.
2009-10-16s4-winsrepl: don't put in attributes with no elementsAndrew Tridgell1-2/+2
Empty attributes are no longer allowed by ldb. This also fixes the error checking in winsdb_message() This fixes the samba4.nbt.winsreplication test
2009-10-16s4-smbtorture: add very basic libwbclient testsuite.Günther Deschner2-2/+3
Guenther
2009-10-16s4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell1-2/+2
This matches the sec_access_check() code
2009-10-16s4-torture: take privileges into account in BASE-MAXIMUM_ALLOWEDAndrew Tridgell1-10/+48
The correct answer depends on the users privileges.
2009-10-15s4:dcerpc_server - Read the generic session key out from ↵Matthias Dieter Wallnöfer1-5/+2
"dcerpc_generic_session_key" I don't think that this code needs to exist identically on the server and on the client side. This patch leaves it on the client side (dcerpc lib) and calls it from the server.
2009-10-15s4:w32err_code.py script - put it under "scripting/bin"Matthias Dieter Wallnöfer1-0/+0
I think this is a better location for this script. Since the subdirectory "script" of "source4" contains only scripts for "make install" and "make uninstall".
2009-10-15s4-smb: fill in fnum as well for root_fidAndrew Tridgell2-1/+3
This helps with the CIFS NTVFS backend, but doesn't solve all problems
2009-10-15s4-selftest: mark some CIFS backend tests as known failAndrew Tridgell1-0/+4
The CIFS passthru NTVFS doesn't handle some options yet (eg. root_fid)
2009-10-15s4-smbserver: fixed root_fid in nttrans createAndrew Tridgell1-1/+1
2009-10-15s4-libcli: fixed structure element bug in ntcreatexreadxAndrew Tridgell1-1/+1
This one didn't matter until the root_fid changed the alignment of the two structures.
2009-10-15s4-torture: catch bad command line optionsAndrew Tridgell1-0/+3
It is annoying when you mistype a command line option and aren't told.