Jeff Layton [Fri, 6 Feb 2009 13:31:45 +0000 (08:31 -0500)]
mount.cifs: initialize rc to 0 in main
The value of rc in main() isn't initialized in the declaration. This
wasn't a problem before, but Shirish's fakemount patch can make it so
that we return the uninitialized variable if the -n flag is used.
Have nmbd check all available interfaces for WINS before failing
When nmbd is acting as WINS, it picks the first interface's IP as WINS
server's IP. If the first interface's IP is zero, we will just quit
(even though we might have other interfaces with valid IPs).
This patch makes nmbd look at all interfaces and pick the first interface
with a valid IP as the WINS server's IP.
Jeremy Allison [Wed, 4 Feb 2009 23:35:02 +0000 (15:35 -0800)]
Fix bug #Bug 6090 renaming or deleting a "not matching/resolving" symlink is failing.
Reported by Kukks. Make sure we correctly use LSTAT in all cases where
POSIX pathnames are being used. This matters when dealing with symlinks
pointing to invalid paths being renamed or deleted not all deletes and
renames are done via an nt_create open.
Jeremy.
Jeremy Allison [Tue, 3 Feb 2009 01:11:15 +0000 (17:11 -0800)]
Fix bug #6082 - smbd_gpfs_getacl failed: Windows client can´t rename or delete file
This fixes the generic rename/delete problem for 3.3.0 and above.
Fixed slightly differently to discussions, user viewable modified
ACLs are not a good idea :-).
Jeremy.
Michael Adam [Sun, 1 Feb 2009 23:46:57 +0000 (00:46 +0100)]
s3:winbind_group: fix "getent group" to allocate new gids.
"getent group" used to fill the idmap cache with negative
cache entries for unmapped group sids.
Don't pass domain name unconditionally to idmap_sid_to_gid().
idmap_sid_to_gid() only creates new mappings (allocating
idmap backends tdb, tdb2, ldap...) when the domain name passed
in is "".
Note that it is _wrong_ to directly call the idmap_sid_to_gid()
functions here, in the main winbindd. The correct fix would be
to send a sid_to_gid request to winbindd itself, but this needs
more work to prepare the async mechanisms, and we nee a quick
fix for getent passwd now.
Michael Adam [Sun, 1 Feb 2009 23:36:59 +0000 (00:36 +0100)]
s3:winbind_user: fix "getent passwd" to allocate new uids.
"getent passwd" used to fill the idmap cache with negative
cache entries for unmapped user sids.
Don't pass domain name unconditionally to idmap_sid_to_[ug]id().
idmap_sid_to_[ug]id() only creates new mappings (allocating
idmap backends tdb, tdb2, ldap...) when the domain name passed
in is "".
Note that it is _wrong_ to directly call the idmap_sid_to_[ug]id()
functions here, in the main winbindd. The correct fix would be
to send a sid_to_[ug]id request to winbindd itself, but this needs
more work to prepare the async mechanisms, and we nee a quick
fix for getent passwd now.
Michael Adam [Thu, 29 Jan 2009 12:17:46 +0000 (13:17 +0100)]
fix bug #6073: prevent ads_connect() from using SSL unless explicitly requested
This fixes "net ads join".
It copes with the changed default "ldap ssl = start tls".
A new boolean option "ldap ssl : ads" is added to allow for
explicitly requesting ssl with ads.
Volker Lendecke [Wed, 28 Jan 2009 09:35:35 +0000 (10:35 +0100)]
Avoid valgrind errors
In event handlers, we might destroy other events that are pending in the lists.
We can only run one event safely per select call.
Yes, I've seen these valgrind errors :-)
Jeremy, with ccdd921e61 you had checked in the change to run multiple events.
Do you remember why it was necessary and could not be solved in a different
way?
Jeremy Allison [Thu, 22 Jan 2009 22:32:32 +0000 (14:32 -0800)]
Second part of the attemt to fix #4308 - Excel save operation corrupts file ACLs.
If the chown succeeds then the ACL set should also. Ensure this is the case
(refactor some of this code to make it simpler to read also).
Jeremy.
Jeremy Allison [Thu, 22 Jan 2009 18:59:14 +0000 (10:59 -0800)]
Another attempt to fix bug #4308 - Excel save operation corrupts file ACLs.
Simo is completely correct. We should be doing the chown *first*, and fail the
ACL set if this fails. The long standing assumption I made when writing the
initial POSIX ACL code was that Windows didn't control who could chown a file
in the same was as POSIX. In POSIX only root can do this whereas I wasn't sure
who could do this in Windows at the time (I didn't understand the privilege
model). So the assumption was that setting the ACL was more important (early
tests showed many failed ACL set's due to inability to chown). But now we have
privileges in smbd, and we must always fail an ACL set when we can't chown
first. The key that Simo noticed is that the CREATOR_OWNER bits in the ACL
incoming are relative to the *new* owner, not the old one. This is why the old
user owner disappears on ACL set - their access was set via the USER_OBJ in the
creator POSIX ACL and when the ownership changes they lose their access.
Patch is simple - just ensure we do the chown first before evaluating the
incoming ACL re-read the owners. We already have code to do this it just wasn't
rigorously being applied.
Jeremy.
Derrell Lipman [Sat, 17 Jan 2009 18:21:54 +0000 (13:21 -0500)]
Determine case sensitivity based on file system attributes.
- Most of the time, we can determine from the file system we're connecting to
whether it supports case sensitivity. In those cases, we now set the
internal case sensitivity flag automatically. For those cases where the
request to retrieve file system attributes fails, we'll use the
user-specified option value.
We need to use CTDB_CONTROL_TCP_CLIENT instead of CTDB_CONTROL_TCP_ADD.
CTDB_CONTROL_TCP_CLIENT has support for 2 modes in newer ctdb versions:
- with struct ctdb_control_tcp it only supports ipv4.
- with struct ctdb_control_tcp_addr it supports ipv4 and ipv6.
You need new header files which defines struct ctdb_control_tcp_addr,
but at runtime it should be fine to work against older
ctdb versions (<= 1.0.68).
Derrell Lipman [Sat, 17 Jan 2009 01:30:11 +0000 (20:30 -0500)]
[Bug 6022] smbc_urlencode and smbc_urldecode were not exported
- Since the revamp of libsmbclient, there has still been an external
declaration for smbc_urlencode and smbc_urldecode in libsmbclient.h, yet
those functions were renamed and made private. The two choices were to
remove the function names from libsmbclient.h or to make them public
again. The reported requested that they be public. This commit makes it so.
Derrell Lipman [Fri, 16 Jan 2009 20:55:08 +0000 (15:55 -0500)]
Treat file names in POSIX-like case-sensitive fashion by default
*** THIS COMMIT CAUSES A CHANGE OF DEFAULT BEHAVIOR IN libsmbclient!!! ***
- libsmbclient now calls cli_set_case_sensitive() for a new CLI. By default,
it requests case-sensitive, but the old behavior of case-insensitive can be
requested with smbc_setOptionCaseSensitive(context, False);
The change of behavior is considered a bug fix, as it was previously
possible to accidentally overwrite a file that had the same case-insensitive
name but a different case-sensitive name as a previously-existing file,
while creating a new file.
ads_connect: Return immediately on a failed GC connection.
ads_connect_gc() feeds an explicit server to ads_connect(). However, if the
resulting connection fails, the latter function was attempting to find a DC
on its own and continuing the connection. This resulting in GC searches being
sent over a connection using port 389 which would fail when using the base
search suffix outside of the domain naming context.
The fix is to fail immediately in ads_connect() since the GC lookup ordering
is handled already in ads_connect_gc().
Jeremy Allison [Thu, 15 Jan 2009 23:50:50 +0000 (15:50 -0800)]
Allow reinit_after_fork to be called safely from within swat and other binaries that don't have
an event context or a msg context. Fixes crash bug in swat.
Jeremy.
projects / thirdparty / samba.git / log
