Gerald Carter [Wed, 13 Jun 2007 20:40:54 +0000 (20:40 +0000)]
r23471: Here's a rough patch for expanding domain group membership
in the winbindd_getgrnam() call. Couple of comments:
* Adds "winbind expand groups" parameter which defines the
max depth winbindd will expand group members. The default
is the current behavior of one level of expansion.
* The entire getrgnam() interface should be async. I
haven't done that.
* Refactors the domain users hack in fill_grent_mem() into
its own function.
(This used to be commit 3d3a8130351753dc5caa2a270d130e2150da6b54)
James Peach [Wed, 13 Jun 2007 20:40:50 +0000 (20:40 +0000)]
r23470: Fix supplementary group list truncation for *BSD. We need to pass
the correct group list length and only truncate to NGROUPS_MAX if
it is too long.
(This used to be commit 07f562be7a64a2ded7ec0e6f5910447dc5b8b85f)
Volker Lendecke [Wed, 13 Jun 2007 12:52:36 +0000 (12:52 +0000)]
r23467: Next little simplification: In rename_internals it's a bit pointless to
first ask for existence of a file when we do the open_file_ntcreate in
can_rename later on anyway. That also gets us the right error message in
case the file is not there automatically.
(This used to be commit f3d582cb908f95c1b557bda5d41b5a8aff75b124)
Volker Lendecke [Wed, 13 Jun 2007 11:32:46 +0000 (11:32 +0000)]
r23466: Fix RAW-NOTIFY: by using delete on close the notify is triggered deep
inside close_file() already.
(This used to be commit 0b29e3ad0f2b1759eb195fb37f1f8667d87f5670)
Michael Adam [Wed, 13 Jun 2007 11:04:31 +0000 (11:04 +0000)]
r23465: There was this diff between reg_printing in 3_0 and 3_0_26:
before writing to secdesc_buf->sd,
3_0 checked secdesc_buf->sd while 3_0_26 checked secdesc_buf->sd_size.
This patch makes both revisions check _both_ befor writing.
Volker Lendecke [Wed, 13 Jun 2007 09:55:13 +0000 (09:55 +0000)]
r23457: After Jeremy's ack:
The attached patch removes a little race condition for
people with real kernel oplock support, and reduces some
code paths. It changes reply_unlink to open_file_ntcreate,
set_delete_on_close and close_file.
The race condition happens if we break the oplock in
can_delete via open_file_ntcreate, we close the file,
someone else gets a batch oplock and we try to unlink.
Jeremy Allison [Tue, 12 Jun 2007 19:59:38 +0000 (19:59 +0000)]
r23450: max_params_return is complete fiction when getting a changenotify
request. Ignore it. Should fix bug #4689 but more tests and
valgrinding will follow.
Jeremy.
(This used to be commit c23e08cc09b8de860ab9c7ac9d0e7c2502dfccd9)
Jeremy Allison [Tue, 12 Jun 2007 19:53:51 +0000 (19:53 +0000)]
r23448: Doh ! Don't call winbind_child_died() *before* the
kill call as that sets pid = 0 ! :-).
Jeremy.
(This used to be commit bcfce39094ef30a1d1ae4dba5a90738e2678bcbf)
Jeremy Allison [Tue, 12 Jun 2007 18:14:16 +0000 (18:14 +0000)]
r23445: Fix suggested by Volker. Don't call rename_open_files
if the name wasn't changed.
Jeremy.
(This used to be commit 7a9629365eb4eb2829982fe2b2bfffd840648e6f)
Volker Lendecke [Tue, 12 Jun 2007 08:02:32 +0000 (08:02 +0000)]
r23426: Correct a comment. The default timeout is not 1min, but 30s. While
there, do some reformatting.
Jeremy, I think we should also kill the child. It might hang in
something (an fcntl lock for example) that the next child might run into
immediately again.
(This used to be commit 6729a4df4b57f638161ec55f9b1edd0bc8bb947e)
Jeremy Allison [Mon, 11 Jun 2007 22:28:27 +0000 (22:28 +0000)]
r23424: Thanks to Jerry, we finally tracked down the :
winbindd: Exceeding 200 client connections, no idle connection found"
bug #3204. This fixes it in Jerry's testing !
Jeremy.
(This used to be commit 0c7ce6a68286fa98258828545fc869aaac19a028)
James Peach [Mon, 11 Jun 2007 20:56:17 +0000 (20:56 +0000)]
r23423: Use the correct structure types in the NT_ACL operations. It's not
clear to my why the catia module feels it's necessary to implement
these operations, but at least they're now the right type.
(This used to be commit b5be0c7403195d2bd503fb1512cb46e65587adc4)
Simo Sorce [Mon, 11 Jun 2007 00:05:48 +0000 (00:05 +0000)]
r23411: We were missing displayName and that was preventing us
from successfully deleting an entry when "account" is
the STRUCTURAL objectclass used for users and machines.
"account" is used each time the user entry is in /etc/passwd
and we have only the samba attributes in ldap, as well
as for rfc2307(bis) standard based directories.
(This used to be commit e6399f1aa1c98d2d6e700245bb95c84f7e173236)
Simo Sorce [Sat, 9 Jun 2007 22:45:21 +0000 (22:45 +0000)]
r23407: While verifying a bug I found out that for some reason
the code to add a machine was different then the one used
to add a user, the old code led to the machine SID not being
built out correctly allocationg a new RID out of the passdb
but instead by using the old algorithmic method.
This may easily end up in creating duplicated SID when the
RID counter get close to the values built by the algorithmic method.
Simo Sorce [Sat, 9 Jun 2007 19:29:35 +0000 (19:29 +0000)]
r23406: Evn if not strictly currently necessary do check for correct
init also in idmap_nss and idmap_passdb for coherency and to
prevent errors in future if we change the init functions to
actually do something and not just return NT_STATUS_OK
(This used to be commit 86f532c1b0cf7961b8331bb212c3ed2084fda3fc)
Simo Sorce [Sat, 9 Jun 2007 18:18:24 +0000 (18:18 +0000)]
r23404: Fix wrong (and missing) action on error condition in ldap reply evaluation loop
Fixes one of the segfaults in bug #4667
(This used to be commit 176e1c0b692b9509a29bbbb2b35ad821dfb0d5aa)
Jeremy Allison [Sat, 9 Jun 2007 00:27:28 +0000 (00:27 +0000)]
r23402: Got bitten by a talloc hierarchy. Make sure we alloc
off the pipe ctx now ->names is part of the containing
struct.
Jeremy.
(This used to be commit 02fd43490212e9ff8f784ce4d33d64566d58fd82)
Jeremy Allison [Sat, 9 Jun 2007 00:13:07 +0000 (00:13 +0000)]
r23400: Fix lsa crash bug #4683. The "names" enum struct
in a lookup_sidX reply isn't optional - like the
lookup_sidX query it needs to be defined in the
struct.
All this will go away with PIDL (thank goodness....).
Jerry - I think this is a showstopper to be merged
for 3.0.25b.
I'll be watching the build farm to see if anything broke.
Jeremy.
(This used to be commit 9300b92f7a51eb80fdc039d8dad23ea9ce82aa8f)
James Peach [Sat, 9 Jun 2007 00:10:26 +0000 (00:10 +0000)]
r23398: Support membership of >16 groups on Darwin by making sure we opt in to the
dynamic group resolution mechanism when switching UNIX credentials.
(This used to be commit b5cb21e951550fe836b0ef5febc037af9a7f51ec)
James Peach [Fri, 8 Jun 2007 23:08:41 +0000 (23:08 +0000)]
r23396: Make VFS callbacks static. Mark operations as OPAQUE because they
do not pass through.
(This used to be commit b9d6eee5d4d0894ded88455675a470cbf04d8f45)
James Peach [Fri, 8 Jun 2007 22:25:55 +0000 (22:25 +0000)]
r23393: Support BSD group semantics by making sure that the effective GID is always
passed as the first GID when calling setgroups(2).
(This used to be commit 6ebaf856c1d27f2fbfa0444a5c6c17c4331d2780)
Jeremy Allison [Fri, 8 Jun 2007 19:52:18 +0000 (19:52 +0000)]
r23390: First part of the patch to make Apple's life easier.
Doing this in two stages to make it very easy to
review. Context switching must look like :
Michael Adam [Fri, 8 Jun 2007 14:37:29 +0000 (14:37 +0000)]
r23389: Disabling ACL support on Darwin/Mac OS X for now.
Current configure check detects posix ACL support
but compile of modules/vfs_posixacl.c fails due
to missing defines in sys/acl.h:
ACL_USER, ACL_USER_OBJ, ACL_GROUP, ACL_GROUP_OBJ, ACL_OTHER,
ACL_MASK, ACL_WRITE, ACL_READ
It has to be investigated, if this can be fixed within
the posixacl vfs module or if we need a darwinacl module.
Michael Adam [Fri, 8 Jun 2007 12:32:13 +0000 (12:32 +0000)]
r23387: 1. This unifies the POSIX ACL detection code:
Linux, FreeBSD and other (which?) ACL implementations
are now checked in the same block instead of in three
separate blocks. This was inspired by Timur Bakeyev
in Bug #4543. Since bugzilla is currently unavailable
this patch is probably slightly different from Timurs
original patch. This should finally fix Bug #4543.
2. The default of the --with-acl-support configure
option is changed to "auto" (which is actually the
same as "yes"). So configure tries to detect acl
support by default. This had been discussed with
Metze and others.
Gerald Carter [Thu, 7 Jun 2007 13:35:39 +0000 (13:35 +0000)]
r23377: Patch from Bjoern Jacke <bjoern@j3e.de> to deal
with non-GNU implementations of tr in autogen.sh
(This used to be commit ccc466c56a93906ef5dfa1079796b1a8a44b43c0)
Jeremy Allison [Thu, 7 Jun 2007 00:14:06 +0000 (00:14 +0000)]
r23371: Fix the misleading comment I added - it really *should*
say "locks chain and returned record", not
"and returns record"
Jeremy.
(This used to be commit bf951e3d7f0310cc624abab11a7fb04c50770425)
Jeremy Allison [Thu, 7 Jun 2007 00:00:45 +0000 (00:00 +0000)]
r23370: Traverse in tdb wasn't consistently using the
travlocks.lock_rw for lock read/write types, it
was sometimes using it (tdb_next_lock) and
sometimes explicitly using F_WRLCK instead.
Change this to consistently use travlocks.lock_rw
only.
I'm pretty sure about this fix (else I woudn't
be checking this in :-) but tridge and Volker
please review.
Jeremy.
(This used to be commit d0b64567630ec02eb437aa713847bb23a8be8a60)
Volker Lendecke [Wed, 6 Jun 2007 07:46:38 +0000 (07:46 +0000)]
r23362: Respect "use mmap" in tdb_wrap_open(). Tridge, you might want to merge
this in your tree.
(This used to be commit c0f40eb5846f617d9c421136b0e1ea593c8d8458)
Jeremy Allison [Tue, 5 Jun 2007 23:35:39 +0000 (23:35 +0000)]
r23358: Fix from Justin Maggard <jmaggard@infrant.com> - ensure we don't
expire a password if it's explicitly set as ACB_PWNOTREQ.
Jeremy.
(This used to be commit 2ea5a6bd334e31201aa6f93f5c51e42924d36ebd)
Jeremy Allison [Tue, 5 Jun 2007 19:17:05 +0000 (19:17 +0000)]
r23357: timespec_current() was returning the wrong ns time
(multiplying tv_sec, not tv_usec).
Jeremy.
(This used to be commit bafd3b93f9ce74d7a8e2d6b36735f0977a22882c)
Jeremy Allison [Tue, 5 Jun 2007 01:59:37 +0000 (01:59 +0000)]
r23349: Fix from Steve Langasek <vorlon@debian.org> to
allow SIGTERM to cause nmbd to exit on awaiting
an interface to come up. Debian bug #168079
Jeremy.
(This used to be commit 9ee310f3d68426da552f084ebcffef6b8ebbf612)
Jeremy Allison [Mon, 4 Jun 2007 22:29:23 +0000 (22:29 +0000)]
r23346: Fix offline caching with XP/Vista. It was an off-by-one
in storing the access mask. I shouldn't have made this
mistake. Damn. Fixes bug #4673.
Jeremy
(This used to be commit 84801d4e83786b9de3d0875a317ca9ed8ff5b3e4)
Jeremy Allison [Mon, 4 Jun 2007 19:03:33 +0000 (19:03 +0000)]
r23341: pdb interfaces should be versioned. As SAMBA_3_0 and SAMBA_3_0_26
are now identical, use the same version number (16) for both.
Jeremy.
(This used to be commit f2ac311ed408e1f17f468945b34289d4c6b915cc)
r23337: fix a crash bug...I wonder why only HP-UX 11.00 ans 11.11 noticed
it via a SIGBUS...
I missed to remove the samba3 specifc code path to tdb_open_ex()
when I synced lib/tdb/ with samba4. The explicit cast in on tdb_open_ex()
dropped the compiler warning :-(
r23335: as not all source files include replace.h/config.h
before unistd.h we need to pass -D_FILE_OFFSET_BITS=64
together with -Dpread=pread64 -Dpwrite=pwrite64
Michael Adam [Sun, 3 Jun 2007 20:24:25 +0000 (20:24 +0000)]
r23317: Fix the build: r23315 was a little overeager in removing the
INIPARSER_OBJ from the bin/net target altogether. I re-add it
in the guise of @BUILD_INIPARSER@ (to NET_OBJ). This also
eliminates the need to have @BUILD_INIPARSER@ in the deps for
the bin/net target.
Same procedure for the pam_winbindd module.
r23315: - don't use the builtin and -liniparser together in bin/net
- unify handling on @BUILD_INIPARSER@
btw: nsswitch/pam_winbind.c doesn't compile anymore on SuSE 10.2!
I think we should build pam modules by default to notice things
like this in the build-farm...
r23314: For some systems it's needed to inject replace.h into
the iniparser source code, I do it in a way we can still have
a unmodified copy of iniparser in source/iniparser/
and have the wrapper stuff in source/iniparser_build/.
If the build-farm is happy with this I'll merge it to 3_0_26
tomorrow...
Volker Lendecke [Sun, 3 Jun 2007 06:54:51 +0000 (06:54 +0000)]
r23313: Janitor for tridge:
we need to use tdb_wrap_open in both these backends to allow for
multiple opens. This is done for notify.tdb. Otherwise we die when a
2nd share with notify is setup
(This used to be commit 40dcccfcf91737ba658fd9e733a431001649d255)
r23307: move readahead stuff out of libreplace and make it samba3 specific
as we can't replace this function in libreplace and we do
the some stuff for other function in the same way.
James Peach [Fri, 1 Jun 2007 19:42:23 +0000 (19:42 +0000)]
r23300: AFAICT these are not needed. Jerry, can you please review and revert
if this is not correct.
(This used to be commit 7aa40efd28edcd4d6a5a3a2d790df0af1f5f3fea)
Volker Lendecke [Fri, 1 Jun 2007 18:39:50 +0000 (18:39 +0000)]
r23297: This introduces the winbind:ads parameter which defaults to True. Setting it
to False makes winbind use RPC and not LDAP methods to connect to the DCs,
even when it figured out they are AD.
(This used to be commit 1c1f710e3e2e222c9d91a5650844c1db5ebd5a3a)
James Peach [Fri, 1 Jun 2007 16:06:40 +0000 (16:06 +0000)]
r23295: Apply proto_exists and bin/.dummy dependencies consistently for all
binaries. Fix vfs_zfsacl build rule in SAMBA_3_0.
(This used to be commit 07fa76c6c7f54a95889415e27ce6d7c199a6a12c)
Michael Adam [Fri, 1 Jun 2007 12:24:57 +0000 (12:24 +0000)]
r23291: Undo the somewhat naive change of r23279:
The clear text presentaion of the sid in the ldap expression
does work with w2k3 but not with w2k....
Michael Adam [Thu, 31 May 2007 23:55:37 +0000 (23:55 +0000)]
r23283: Use a temporary talloc context in ads:lookup_groupmem.
And clean up unused stuff at the end.
Daringly, I use talloc_steal at some point, where it
appears natural to me.
Gerald Carter [Thu, 31 May 2007 17:59:04 +0000 (17:59 +0000)]
r23274: merge CloseEventlog() pidl conversion from 3.0.26 && fix a few init call renames for svcctl in the previous commit
(This used to be commit ebcae48ec10fefa74efcc3563cff50e3b9c2388c)
Gerald Carter [Thu, 31 May 2007 15:43:40 +0000 (15:43 +0000)]
r23268: Rename some variables in the svcctl.idl to prevent
redeclaration compile failures in the generated client
code.
(This used to be commit 87b37de8ad4e91e75530996dde0900b6e1fed622)
projects / thirdparty / samba.git / log
