s3-spoolssd: Remove stale printers only on a valid pcap update.
load_printers() removes stale printers and we should only remove them if
we have a CUPS connection and talked to cups. Else we will remove every
configured printer if cups is not available.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Sep 5 11:18:23 CEST 2011 on sn-devel-104
Andrew Bartlett [Sun, 4 Sep 2011 01:58:34 +0000 (11:58 +1000)]
s4-provision cope with SID_NAME_WKN_GRP mappings in upgrade.py
Some incorrect LDAP backends have entries with this group type, but
due to the pdb_ldap code, we cannot read the group members, and we
already skip them in add_group_from_mapping_entry().
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Sep 3 02:58:42 CEST 2011 on sn-devel-104
Jeremy Allison [Fri, 2 Sep 2011 19:22:34 +0000 (12:22 -0700)]
Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and
AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately
inside ensure_canon_entry_valid().
s3-rpc_server: Add missing rng_fault_state in epmapper.
We need to raise an exception so we need to set the rng_fault_state for
epm_Insert and epm_Delete if someone connects over a transport other
than NCALRPC.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Sep 1 15:59:50 CEST 2011 on sn-devel-104
Andrew Tridgell [Thu, 1 Sep 2011 04:28:10 +0000 (14:28 +1000)]
ldb: make the 'spy' code more paranoid
the spy code in ldb_tdb was added a while ago to overcome a memory
hierarchy problem with async ldb errors. Recently we started to get
valgrind errors related to the order of free in the spy code. This
patch ensures that we don't try to use a freed spy pointer. This
prevents the valgrind errors, although I suspect that the memory
hierarchy we have here is more complex than it needs to be
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Sep 1 08:54:23 CEST 2011 on sn-devel-104
Andrew Tridgell [Thu, 1 Sep 2011 03:50:17 +0000 (13:50 +1000)]
s4-services: disable the web server by default
the web server is not being actively maintained, and is causing
problems with memory errors (as shown by valgrind). It is better to
disable this until it can get some TLC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Fri, 26 Aug 2011 21:23:26 +0000 (14:23 -0700)]
Based on metze's fix for Bug 8407 - SMB2 server can return requests out-of-order when processing a compound request. (cherry picked from commit 19db1c98c6ba3cb5e883e16e865c44900ce17444)
because from the echo responder we always read using the normal smb1 protocol
handling routine. If that is a bit down the smb2 stream, we get a non-negprot
packet and panic.
BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed
that it probes the server liveness using TCP keepalives and not smb2 echo
requests.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104
We need more testing in the real world. We need to be sure that if a
Windows client can access port 135 it doesn't require that a service is
available via ncacn_ip_tcp. If possible please enable it using the
following smb.conf options for testing:
Sumit Bose [Mon, 22 Aug 2011 10:34:36 +0000 (12:34 +0200)]
s4-smbtorture: Add trust password to CreateTrust test
Instead of using empty authinfo and authinfo_internal structures a trust
password is added to these structures. After creating the trust the trust
account is used to validate that the trust password is set correctly.
Christian Ambach [Mon, 29 Aug 2011 15:36:25 +0000 (17:36 +0200)]
s3:lib add new well-known SIDs for BUILTIN
Distributed COM Users, Cryptographic Operators, Event Log Readers
and Certificate Service DCOM Access were missing from the BUILTIN
well-known SID list
Rusty Russell [Wed, 31 Aug 2011 04:28:14 +0000 (13:58 +0930)]
MAINTAINERS.txt: ping me about CCAN changes
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Wed Aug 31 07:58:34 CEST 2011 on sn-devel-104
Rusty Russell [Wed, 31 Aug 2011 04:27:14 +0000 (13:57 +0930)]
ccan: fix likely redefinition warnings with --enable-tdb2
When we do --enable-tdb2, we start clashing with the replace.h
version:
In file included from ../lib/tdb2/tools/../private.h:25:0,
from ../lib/tdb2/tools/tdb2torture.c:60:
../lib/ccan/likely/likely.h:32:0: warning: "likely" redefined
../lib/replace/replace.h:762:0: note: this is the location of the previous definition
../lib/ccan/likely/likely.h:53:0: warning: "unlikely" redefined
../lib/replace/replace.h:765:0: note: this is the location of the previous definition
I don't like to #ifndef-protect them in general, since you don't want
different parts of the code to silently have different definitions,
but it's the simplest fix for now.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
According to [MS-SMB2] 3.3.5.9.7
(http://msdn.microsoft.com/en-us/library/cc246784%28v=PROT.13%29.aspx),
smbd must reply with NT_STATUS_OBJECT_NAME_NOT_FOUND as it does not
support durable file-handles yet.
I have seen w2k8r2 running xcopy /C ending up in an endless loop
trying to get back the original file handle from smbd sending the same
requests over and over.
Metze, Jeremy, please check!
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Aug 30 22:20:36 CEST 2011 on sn-devel-104
s3-rpc_server: Make sure we switch always the connecting user.
We always have a valid session info and if it is a anonymous connection
we have a session info of the guest user. This means we should always
call become_authenticated_pipe_user() else and anonymous user could do
things as root.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Aug 30 20:50:54 CEST 2011 on sn-devel-104
s3-lib: If we create a pipe socket, don't start to listen.
The create_pipe_sock() function should only create the socket as the
name states and not start to listen on it too. We should start to listen
on in the individual places as we need different backlog values.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Aug 29 13:21:43 CEST 2011 on sn-devel-104
Volker Lendecke [Fri, 26 Aug 2011 14:54:18 +0000 (16:54 +0200)]
s3: Fix a winbind race leading to 100% CPU
This fixes a race condition that leads to the winbindd_children list becoming
corrupted. It happens when on a busy winbind SIGCHLD is a bit late.
Imagine a winbind with multiple requests in the queue for a single child. Child
dies, and before the SIGCHLD handler is called we find the socket to be dead.
wb_child_request_done is called, receiving an error from wb_simple_trans_recv.
It closes the socket. Then immediately the wb_child_request_trigger will do
another fork_domain_child before the signal handler is called. This means that
we do another fork_domain_child, we have child->sock==-1 at this point.
fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time
where the child is already part of that list. This corrupts the list. Then the
signal handler kicks in, spinning in
projects / thirdparty / samba.git / log
