Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 409fb69ecbf1849b5c92ea018eaed126a4f8a24d)
|
|
(This used to be commit e809e6c20f08658f0d087c30767f9e38e53507fc)
|
|
Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem. In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.
This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime. The 'passdb backend' paramater
has been created (and documented!) to support this.
As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.
This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.
While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly). Most of this was
to do with % macro expansion on stored data. It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them. tdbsam needs
to use a similar system to pdb_ldap in this regard.
This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these. I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.
Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.
The non-unix-account support in this patch has been proven! It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!
Other changes:
Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.
pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend). Extra checks have been added in
some places.
Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.
pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.
The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly. This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.
Doco:
I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
|
|
(This used to be commit af37a86917c969118a46cff7574487dbe1c75a2f)
|
|
(This used to be commit 12dcb55a3a89ce4b7daa5d41c41ebaf9e15b3de0)
|
|
backtrace. Will break on many machines, but we're already crashed in
this case.
(This used to be commit f0878f19eb729d70cc96f450b4b0d2c180498a35)
|
|
(This used to be commit 75ad6df18454022372526332dcde51bcb4285b97)
|
|
segvs in the build farm
(This used to be commit 228d4fc47b8adbcbda81bffaea09b616b5d89992)
|
|
(This used to be commit 067a4f87ac5dc2b5cf902c42f56923d0c5e29bc2)
|
|
This should get us 'green' for once...
Andrew Bartlett
(This used to be commit 042b9e3a6332473dc88c36dd7f99428644324ac4)
|
|
(This used to be commit 751ea8cfb931e1de6df447ed05e051262cdeb304)
|
|
Made test names more verbose.
(This used to be commit 87955fcf303d82d38ae543e7986c59fd086dc2db)
|
|
(This used to be commit fa7367a9731bc139ff4611f2781f3ca9bc7f89a7)
|
|
for the build farm this is actually the root directory for building,
or something like that. Thanks a.b.
(This used to be commit 309b718842dc36cd0b74c4c735684cd4613fff01)
|
|
(This used to be commit af65a01d0d80a86f405439ed5c46cf71026a5eb8)
|
|
farm but not present in Make.
(This used to be commit 0d6d0c31f9aecf1e35487ad26cc2f2c4c7d732f0)
|
|
(This used to be commit b6745ccd33544cfae5811ecdff7c1aea9d454eed)
|
|
Try not to run tests if the user specified --prefix=/usr* or something
similar, because it would not be nice(!) to clobber their
configuration file and passwords. Eventually I think we want to run
the installed versions, but specify different paths for everything.
(This used to be commit b18703fc8e15244dd840d1a1e9455a114e3f0408)
|
|
the rhosts and hostsequiv stuff with.
Andrew Bartlett
(This used to be commit 3a2a96772304bbf04a2bdb2d3a8f9d92df62fc5f)
|
|
previously disabled sub-test.
(This used to be commit 4df974527c7dbe88e7cbe9feb8e87f7ce89012b2)
|
|
little while. This should give us a bit more coverage.
Andrew Bartlett
(This used to be commit 9e5a1d1623872a598c936e596270abe519c36e97)
|
|
(This used to be commit 2138c4461921b8ac3141231169af1eaa6e85f9ba)
|
|
(This used to be commit 6f388502622fe77ae13ac2b0ae8f39b2e77ba455)
|
|
(This used to be commit 99071c45d05231e5683b37823bcca90542f4e332)
|
|
(This used to be commit 9bfc480bda8ee3478d17d657cf2fc1a846707130)
|
|
know what it does...
Andrew Bartlett
(This used to be commit 51903dbfee2fa2b5d94b1d16ebdbb3356e13884d)
|
|
and push it to 10 when we fail (we redo the test).
Also disable the server-level security testing till it know what it does
Andrew Bartlett
(This used to be commit 805c20452e98c5e3d3fb24537ce722d4318ffa90)
|
|
(This used to be commit fe5d38780fe2998576ed0ddbec6996d32cbda4a1)
|
|
as its logsfiles are BIG!
(This used to be commit bc6160a48282f026845476e632fe365ff2fd63d2)
|
|
Andrew Bartlett
(This used to be commit d04ea88b5d4b010d77dec45104dcf6a2b5a071f2)
|
|
Andrew Bartlett
(This used to be commit 584a14a2163a22d6a532c926040f4f9bcc34463d)
|
|
are used, but these ones should pass.
Andrew Bartlett
(This used to be commit eee251f71071034b6d1a74d192cdabe8e24dc08b)
|
|
(This used to be commit 0d112d7960353b33e9c5015c39a107a47e6f690d)
|
|
We now test security=share, security=user, security=server for both the
positive and negitive case (good/bad pw) and check that guest shares work for
share level security.
The server level security stuff seems to test positive without actualy
contating a server (another LIBSMB_PROG based smbd) - I will need to look into that...
Andrew Bartlett
(This used to be commit 19fdc553d6ab06e53c21425468f86da56f4d9153)
|
|
Andrew Bartlett
(This used to be commit b28baf71a7d947cfe8bda546f4e70194da0781da)
|
|
Andrew Bartlett
(This used to be commit 56a881b2b4957912055fdf053ef37ca2ea3606b8)
|
|
This works with the new build farm system
Andrew Bartlett
(This used to be commit 542977bc4323e041512e91d7a38422e7abc4e5ae)
|
|
(This used to be commit 4c2b915ed12584037731d8ccd246ad54986a7564)
|
|
(This used to be commit b208d74e0524514fdb48f80c76192df12238a64e)
|
|
branch.
(This used to be commit acef477383e5739292e764c17cef87822a09f13b)
|
|
(This used to be commit adef47b5173b9a028224307490960ce89762709b)
|
|
testsuite/printing/psec.c
- Use lock directory from smb.conf parameter when peeking at the
ntdrivers.tdb file.
source/rpc_parse/parse_sec.c
- fix typo in debug message
source/script/installbin.sh
- create private directory as part of 'make install'.
source/nsswitch/winbindd_cache.c
source/nsswitch/winbindd_idmap.c
source/passdb/secrets.c
source/smbd/connection.c
- always convert tdb key to unix code-page when generating.
source/printing/nt_printing.c
- always convert tdb key to unix code-page when generating.
- don't prepend path to a filename that is NULL in
add_a_printer_driver_3().
source/rpc_server/srv_spoolss_nt.c
- always convert tdb key to unix code-page when generating.
- don't prepend server name to a path/filename that is NULL in the
fill_printer_driver_info functions.
source/printing/printing.c
- always convert tdb key to unix code-page when generating.
- move access check for print_queue_purge() outside of job delete
loop.
source/smbd/unix_acls.c
- fix for setting ACLs (this got missed earlier)
source/lib/messages.c
- trivial sync with appliance_head
(This used to be commit 376601d17d53ef7bfaafa576bd770e554516e808)
|
|
(This used to be commit 03dd90ab923ec88cdada8c5d725d9482bd9826f2)
|
|
(This used to be commit 73b237e639717019c596954c745b7e4d038ddc8c)
|
|
(This used to be commit 7b896697d134eb4fad1ceef5cdd2dab2b5980187)
|
|
(This used to be commit 369a378b3390b060a676c67950f020c4d147fe6d)
|
|
- add empty README file for vlp. Blame Tim. =)
(This used to be commit 0ee469f566dbfdac1769fefbb5e61ce39d267872)
|
|
- merged Tim's vlp (virtual lp) test program. Enable it with
-DDEVELOPER or by using ./configure.developer
(source/include/smb.h source/configure.developer
source/printing/lpq_parse.c source/param/loadparm.c
testsuite/printing/.cvsignore testsuite/printing/Makefile.vlp
testsuite/printing/vlp.c)
(This used to be commit fbcf83140da1823e74f63227f0a95d07c6e76764)
|
|
- make proto
- addition of function to convert from errno values to NT status codes
(source/lib/error.c)
- purge queue done without full access permission will purge only the
jobs owned by that user, rather than failing.
- unlock job database tdb before sending job to printer
- in print_job_start(), ensure that we don't pick a jobid with an existing
temporary file that may be owned by another user, as it causes silent
failures.
- fixes for printer permission checking for NT5 clients
(source/include/rpc_spoolss.h, source/printing/nt_printing.c,
source/printing/printing.c, source/rpc_server/srv_spoolss_nt.c)
- change from uint8 to 'enum SID_NAME_USE' (source/rpc_server/srv_lsa.c)
- fixed memory leaks for win95 driver download process
(source/smbd/lanman.c)
- properly free prs_structs and dacl in testsuite/printing/psec.c
(This used to be commit 74af3e2caec7197e5d1ca389e2f78054a4197502)
|
|
(This used to be commit 604f6a34effb8aeed7701345a4219749a6a97892)
|