Jeremy Allison [Sun, 17 Aug 2008 02:23:38 +0000 (19:23 -0700)]
Fix bug 5696. The problem was when smbd
was asking for a winbindd name to SID lookup of
"Unix Group\name" where "name" was also a valid username,
the winbindd passdb lookup of that name was losing the
domain string info before calling lookup name (ie. lookup_name()
was being called with just the string "name", not the
full string "Unix Group\name").
The passdb backend of winbindd has to cope with
not only names from it's own global SAM domain,
but it does lookups for BUILTIN and "Unix User"
and "Unix Group" also, so making it guess by
losing the domain string is "A Bad Idea" (tm) :-).
Note that as winbind globally calls winbind_off()
at startup, it's safe for winbind to call sys_getgrnam()
to do the "Unix Group" lookup from inside lookup_name().
Herb Lewis [Fri, 15 Aug 2008 22:28:23 +0000 (15:28 -0700)]
I think the problem with these functions is that lookup_usergroups
should never include the user SID.
The comment for the function in winbindd/winbindd_ads.c says
/* Lookup groups a user is a member of. */
The following patch makes the wbinfo calls return the correct data
before and after a login.
wbinfo --user-domgroups and --user-sids
Michael Adam [Fri, 15 Aug 2008 12:38:41 +0000 (14:38 +0200)]
configure: use ${libdir} instead of \${LIBDIR}.
Now after removing --with-libdir, the value of ${libdir} won't change
anymore at that stage, so there is no need to have the variable expansion
deferred to "make".
Michael Adam [Thu, 14 Aug 2008 22:36:49 +0000 (00:36 +0200)]
configure: Add --with-modulesdir to accompany --with-libdir.
This starts the seplitting of libdir in to libdir and modulesdir.
Our shared libs should go into libdir, the internal shared modules,
codepages, and other stuff that was originally in libdir, should
go into modulesdir.
The idea behind this is, that in a typical installation,
the shared (and static) libraries (as libtalloc, libsmbclient,
libwbclient and others) should be put into /usr/lib, while
the e.g. the vfs modules should reside in /usr/lib/samba.
This is meant to ease the work of packagers and reduce
the needs for manual interaction and workarounds.
Jeremy Allison [Fri, 15 Aug 2008 04:52:11 +0000 (21:52 -0700)]
Fix show-stopper for 3.2. Smbd depends on group SID
position zero being the primary group sid. Authenicating
via winbindd call returned a non-sorted sid list. This
fixes is for both a winbindd call and a pac list from
an info3 struct. Without this we mess up the
primary group associated with created files. Found by
Herb.
Jeremy.
Jeremy Allison [Thu, 14 Aug 2008 17:58:50 +0000 (10:58 -0700)]
Fix bug #5692 - Core dump in full_audit.so.
There were some function mismatches in the various GET_NT_ACL modules (some places the fsp parameter has not been removed).
Jeremy.
Jeremy Allison [Wed, 13 Aug 2008 23:45:34 +0000 (16:45 -0700)]
Fix for bug #5688 from SATOH Fumiyasu <fumiyas@osstech.co.jp>. LPQ process is orphaned if socket address parameter is invalid.
If the "socket address" parameter is a null string that is an invalid value for Samba 3.2 but valid for Samba 3.0.
Jeremy.
Jeremy Allison [Wed, 13 Aug 2008 22:46:35 +0000 (15:46 -0700)]
Fix for bug #5617, reported and patched by Bartosz Antosik antosik@gmail.com.
xp/2003 explorer freezes browsing shares on samba ipv6 hosts. Caused by missing
reply packet to SMB printclose packet.
Jeremy
Jim McDonough [Wed, 13 Aug 2008 22:03:51 +0000 (18:03 -0400)]
Prevent NT_STATUS 0xF1000000 errors from appearing when
dos errors are used and there is no error. It should
be mapped directly to NT_STATUS_OK. smbclient to older
servers didn't work.
Michael Adam [Tue, 12 Aug 2008 19:48:00 +0000 (21:48 +0200)]
packaging(RHEL-CTDB): install the right libraries for 3.3.0.
The library creation and installation has been fixed in that
now the libfoo.so.VERSION is created and libfoo.so is correclty
installed as a link.
Since we do not have a separation of lib dir and modules dir,
we do still install to /usr/lib/samba/, though. Therefore we
still need the workaround in the spec file to install the
libs to /usr/lib/ manually.
Andrew Tridgell [Thu, 7 Aug 2008 23:58:15 +0000 (09:58 +1000)]
handle two special cases
1) when all nodes write the same value to the record, or when writing
a value that is already there, we can skip the write and save
ourselves a network transactions
2) when all remote nodes fail an update, and we then fail a replay, we
don't need to trigger a recovery. This solves a corner case where
we could get into a recovery loop
Michael Adam [Wed, 6 Aug 2008 20:43:27 +0000 (22:43 +0200)]
idmap tdb2: fix broken logic in tdb2_delete_bystring().
1. use the return value that idmap_tdb2_open_perm_db() gives us
2. don't delete frep the local db if deleting from the perm db failed.
3. fix wrong interpretation of return value of the local delete
Michael Adam [Wed, 6 Aug 2008 20:33:58 +0000 (22:33 +0200)]
idmap tdb2: fix broken logic in tdb2_store_bystring().
1. use the return value that idmap_tdb2_open_perm_db() gives us
2. don't write to the local db if writing to the perm db failed.
3. fix wrong interpretation of return value of the local store
Michael Adam [Tue, 5 Aug 2008 09:32:20 +0000 (11:32 +0200)]
dbwrap ctdb: add a retry loop to the persistent store operation.
This is because ctdbd can fail in performing the persistent_store
due to race conditions, and this does not mean it can't succeed
the next time.
To not loop infinitely, this makes use of a new parametric option:
"dbwrap ctdb:max store retries" (integer) which defaults to 5
and sets the upper limit for the number or repeats of the
fetch/store cycle.
projects / thirdparty / samba.git / log
