For some users who are used to smbclient, it is not clear that
mount.cifs never uses smb.conf for configuring client specific
parameters. So, let's add this information to mount.cifs man page.
do not merge ACEs with different SMB_ACE4_INHERIT_ONLY_ACE flag, this leads to wrong inheritance flags in the ACL e.g. (on GPFS) user:10000036:rwxc:allow (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED
so the explicit right for the user on the parent directory will be gone (the InheritOnly flag only accounts to subdirectories)
thus leaving the user without access to the directory itself
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
Andrew Bartlett [Sun, 5 Jul 2009 23:24:18 +0000 (09:24 +1000)]
s4:ldb Fix talloc hirarchy in LDIF parsing code
The problem here was that some parts of the ldb_message were still
attached to the ldb_ldif structure, and when only the message was
taken (and the ldif free'ed to reclaim memory) we refereced free'ed
memory.
Björn Jacke [Sun, 5 Jul 2009 09:28:05 +0000 (11:28 +0200)]
s3:configure: honor CFLAGS in compile tests
When compilation is done for the architecture that's not the compiler's
default, for example by setting CFLAGS to -m64, then compile tests might fail
when they are done with the comiler's default arch. This should fix
bugzilla #6162.
Björn Jacke [Fri, 3 Jul 2009 23:07:15 +0000 (01:07 +0200)]
s3/s4:build: honor library path from environment
we may not throw away LD_LIBRARY_PATH and friends as they sometimes contain
important information. Some of the build farm machines for example have the
python lib path in there - we can't run make test when we suddenly forget how
to use python
Simo Sorce [Fri, 19 Jun 2009 00:06:00 +0000 (20:06 -0400)]
Expose functions need by backend writers
move publicly needed structures and functions in the public header.
Stop installing internal headers.
Update the signature and exports files with the new exposed
function.
Usually, I would extend is_default_dyn_XYZ() so that it returns true
when dyn_XYZ has not been set yet or when its value is equal to the
compiled in default value XZY. But this would have a change in effect
in popt_common and torture.c: is_default_dyn_CONFIGFILE() is used
there to check whether the config file should be overwritten by the
contents of the environment variable SMB_CONF_PATH. Currently this
is only done when set_dyn_CONFIGFILE() had _not_ previously been called
at all, not even with the same value as the compiled in default.
s3:smbd: push nttrans and trans2 responses with no data to the client
For sync replies it's not a problem, as construct_reply() will send
the response, but for async replies we would not send the reply to the client.
Currently the notify code works arround this manually, so I assume
we didn't have a bug here. But the next commits will simplify
the notify code.
Andrew Tridgell [Thu, 2 Jul 2009 05:57:30 +0000 (15:57 +1000)]
we can't use the unique index code for samAccountName
Using ldb unique indexes for samAccountName doesn't work with DRS as
the other DC may send us a deleted record (tombstone record), which
has the same samAccountName as an existing record. That would then
create two records in the same partition with the same samAccountName.
So we needed to put back the logic in samldb.c which explicitly
checked whether a samAccountName already exists on add
Andrew Tridgell [Thu, 2 Jul 2009 04:52:25 +0000 (14:52 +1000)]
Changed ldb.ERR_NO_SUCH_OBJECT to LDB_ERR_NO_SUCH_OBJECT.
The LDB_ERR_NO_SUCH_OBJECT varient is not a defined variable. This
should improve error handling in our python code on some
systems. Unfortunately it still doesn't work on mine. I need to trap
Jelmer somewhere where he can't escape some day and force him to
divulge the deep druid secrets of python exception handling ....
Andrew Tridgell [Thu, 2 Jul 2009 04:49:40 +0000 (14:49 +1000)]
fixed the pull of drs schema elements
The previous code incorrectly assumed that attributes such as
subClassOf come over the wire as strings. In fact they come over as 32
bit integers which refer to goversIDs. We have to post-process these
as it sometimes happens that a governsID comes over the wire before
the record that defines what it means.
[SAMBA 4 directory] Changes "forceLogoff" and corrects the "subRefs"
- This changes the attribute "forceLogoff" to its' default
values according to Windows Server 2003 R2
- Also this corrects the "subRefs" attribute of the base-DN which only refers
to direct child partitions (and therefore not to the complete transitive closure)
Jeremy Allison [Thu, 2 Jul 2009 00:39:10 +0000 (17:39 -0700)]
Ensure we don't use delayed writes on POSIX opened files.
Don't remove pending writetime changes if no time changes
are sent in UNIX_BASIC infolevel.
Jeremy
Jeremy Allison [Wed, 1 Jul 2009 23:58:14 +0000 (16:58 -0700)]
Fix bug #6520 time stamps - e.g. last mod time is not preserved when "unix extensions=yes" are set - and using latest cifs vfs client
Cancel out any pending "sticky" writes or "last write" changes when
doing a UNIX info level set.
Jeremy.