summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* VERSION: Disable git snapshots for the 4.1.0rc2 release.samba-4.1.0rc2Karolin Seeger2013-08-091-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.1.0rc2.Karolin Seeger2013-08-081-5/+64
| | | | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Thu Aug 8 13:45:41 CEST 2013 on sn-devel-104
* Ensure gpfs kernel leases are wrapped in a become_root()/unbecome_root() pair.Ralph Wuerthner2013-08-071-0/+6
| | | | | | | | | | | | | | | | | Ensures correct lease owner for signal delivery. Signed-off-by: Ralph Wuerthner <ralphw@de.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 1 03:57:11 CEST 2013 on sn-devel-104 The last 2 patches address bug #10064 - Linux kernel oplock breaks can miss signals. Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Wed Aug 7 14:56:04 CEST 2013 on sn-devel-104
* Wrap setting leases in become_root()/unbecome_root() to ensure correct ↵Jeremy Allison2013-08-071-13/+20
| | | | | | | | | | delivery of signals. Remove workaround for Linux kernel bug https://bugzilla.kernel.org/show_bug.cgi?id=43336 as we don't need to set capabilities when we're already root. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
* Add torture tests to raw.eas to check sending Windows invalid names in the ↵Jeremy Allison2013-08-072-0/+115
| | | | | | | | | | | middle of an EA list. Add torture tests to probe the set of invalid Windows EA names. Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Reply with correct trans2 message on a setpathinfo with a bad EA name.Jeremy Allison2013-08-071-1/+10
| | | | | | Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Ensure we do pathname processing before SD and EA processing in NTTRANS_CREATE.Jeremy Allison2013-08-071-37/+37
| | | | | | Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Ensure we can't create a file using NTTRANS with an invalid EA list.Jeremy Allison2013-08-071-0/+20
| | | | | | Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Ensure we can't create a file using TRANS2_OPEN with an invalid EA list.Jeremy Allison2013-08-071-0/+14
| | | | | | Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Add error map of STATUS_INVALID_EA_NAME -> ERRDOS, ERRbadfileJeremy Allison2013-08-071-0/+1
| | | | | | | | (from Windows2012 tests). Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Add the ability to send an NTSTATUS result back with a trans2 reply so we ↵Jeremy Allison2013-08-073-14/+32
| | | | | | | | | | | can return a parameter block with an error code. This is needed when returning a STATUS_INVALID_NAME result (tested from Windows 2012). Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Ensure we can't create a file using SMB2_CREATE with an invalid EA list.Jeremy Allison2013-08-071-0/+5
| | | | | | Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Ensure we never return an EA name to a Windows client it can't handle.Jeremy Allison2013-08-071-0/+9
| | | | | | Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Ensure set_ea cannot set invalid Windows EA names.Jeremy Allison2013-08-071-0/+9
| | | | | | Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* Add ea_list_has_invalid_name() function.Jeremy Allison2013-08-072-0/+36
| | | | | | | | Invalid character list probed from Windows Server 2012. Bug 9992: Windows error 0x800700FE when copying files with xattr names containing ":" Signed-off-by: Jeremy Allison <jra@samba.org>
* nsswitch: Add OPT_KRB5CCNAME to avoid an error message.Andreas Schneider2013-08-051-2/+4
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10048 Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jul 26 17:40:26 CEST 2013 on sn-devel-104 Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Mon Aug 5 22:14:36 CEST 2013 on sn-devel-104
* s3: Remove old mode special substitution.Alexander Werth2013-08-051-13/+2
| | | | | | | | | | | | | | The mode special substitution now happens in a separate function. The substitution at this point is unnecessary. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org> Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Tue Jul 16 00:52:26 CEST 2013 on sn-devel-104 (cherry picked from commit 9b2aa351ceb756d6ea63f3158f0e983ae7262da8) Fix bug #10045 - Remove a redundant inlined substitution of ACLs.
* s4:server: avoid calling into nss_winbind from within 'samba'Stefan Metzmacher2013-08-052-0/+16
| | | | | | | | | | | | | | | | | | | | The most important part is that the 'winbind_server' doesn't recurse into itself. This could happen if the krb5 libraries call getlogin(). As we may run in single process mode, we need to set _NO_WINBINDD=1 everywhere, the only exception is the forked 'smbd'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104 (cherry picked from commit 596b51c666e549fb518d92931d8837922154a2fe) The last 4 patches address bug #9820 - crash of winbind after "ls -l /usr/local/samba/var/locks/sysvol".
* s4:rpc_server: make sure we don't terminate a connection with pending ↵Stefan Metzmacher2013-08-052-3/+60
| | | | | | | | | | | | | | requests (bug #9820) Sadly we may have nested event loops, which won't work correctly with broken connections, that's why we have to do this... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104 (cherry picked from commit e6a58d370403e818bc2cfb8389751b78adcc14fd)
* s4-winbindd: Do not terminate a connection that is still pending (bug #9820)Andrew Bartlett2013-08-053-2/+64
| | | | | | | | | | | | | | | | Instead, wait until the call attempts to reply, and let it terminate then (often this happens in the attempt to then write to the broken pipe). Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 2505d48e4fbcd8a805a88ad0b05fb1a16a588197)
* service_stream: Log if the connection termination is deferred or not (bug #9820)Andrew Bartlett2013-08-051-1/+5
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit df929d6feb857668ad9da277213e9fae1480ff63)
* Fix bug 9678 - Windows 8 Roaming profiles failGregor Beck2013-08-051-7/+2
| | | | | | | | Windows 8 tries to set 'ATTRIBUTE_SECURITY_INFORMATION' on some dirs. Ignoring it makes roaming profiles work again. Just like w2k3 gracefully ignore all the other bits. Signed-off-by: Gregor Beck <gbeck@sernet.de>
* security.idl: add new security_secinfo bitsGregor Beck2013-08-051-0/+3
| | | | | | [MS-DTYP].pdf 2.4.7 Signed-off-by: Gregor Beck <gbeck@sernet.de>
* samba-tool dbcheck: Correctly remove deleted DNs in dbcheckAndrew Bartlett2013-08-051-1/+1
| | | | | | | | | | | | | | | | The previous pattern never matched, as it was a typo. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104 (cherry picked from commit 7615b2549d9549683978cb3e85b926e2ba63e294) The last 4 patches address bug #9029 - Replication with --domain-crictical-only fails to fill in backlinks.
* dsdb: Include MS-ADTS doc references on deleted object contstraintsAndrew Bartlett2013-08-051-0/+16
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit f2afdb61698c37389be286f9443471d4aeba49b8)
* dsdb tests: Add member/memberOf checking to delete_objects testingAndrew Bartlett2013-08-051-21/+257
| | | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a9e565a5a4478f7b923f35311e170de2044ff848)
* dsdb: Improve DRS deleted link source/target handing in repl_meta_dataAndrew Bartlett2013-08-052-9/+97
| | | | | | | | | | | | | | | We now correctly ignore the link updates if the source or target is deleted locally. This fixes the long-standing failure in the vampire_dc dbcheck test. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 0162be32ab4f9716a4300d1f1a0caae8b0133f7c)
* dsdb: Ensure we always force deleted objects back under the deleted objects DNAndrew Bartlett2013-08-051-26/+65
| | | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 32955a1dec3a97ab4550869dbeb5034247f3b1bc) The last 12 patches address bug #10056 - dsdb improvements from 4.1.
* dsdb/repl_meta_data: split out replmd_deletion_state()Stefan Metzmacher2013-08-051-31/+71
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit a796cad90f1028ccc54a3539e34dc0728b990a96)
* dsdb: Prune deleted objects of links and extra attributes of replicated deletesAndrew Bartlett2013-08-051-71/+199
| | | | | | | | | | | | | | | | | | | | When an object is deleted, the links to be removed are not propogated, you have to watch out for them manually! We do this by calling back into the originating update delete code (ie what is called if you ldb_delete() locally) so that any extra attribute found locally and not on the remote server becomes removed remotely too. We currently do the same with links, but that isn't strictly correct, but for now our getNCChanges server code filters these out, so only the usn is bumped. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit d3aad891c5759f66bd891cb47866d908a0562a8a)
* torture/drs: Expand an error message to aid debuggingAndrew Bartlett2013-08-051-1/+1
| | | | | | | | Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104 (cherry picked from commit a74c7d780cb6a1e8a5a63ebbbcf36fd7cf717ea1)
* dsdb/samdb: use RECYCLED it implies DELETED...Stefan Metzmacher2013-08-052-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 63c05e820f1449b2dfa6e4f096d8270284a60bbb)
* selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always testedAndrew Bartlett2013-08-051-1/+0
| | | | | | | | | | | This test should now be more reliable with the over-allocation of RID values now fixed. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 93b83151c9563f4c1f47b925fed079d275f8ec43)
* rpc_server-drsuapi: Improve comments and DEBUG linesAndrew Bartlett2013-08-051-4/+3
| | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 5e1f2795f28b0a213b4529e046edec68caa3bd41)
* dsdb: Add assert in drepl_take_FSMO_roleAndrew Bartlett2013-08-051-4/+3
| | | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit e9faf50ee123a8d1d647ebffa39107ca0dce756c)
* selftest: Ensure the DC has started and and got a RID set before we proceedAndrew Bartlett2013-08-051-1/+21
| | | | | | | | | | | This avoids errors when a busy DC has not yet fetched a RID set, showing up as flapping tests when users are created, such as the samr.large-dc test. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit ae0ba6bd833f71c4337ae3b6621bf797cb3c48c2)
* dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation ↵Andrew Bartlett2013-08-051-15/+41
| | | | | | | | | | | | | | | | | | | fails We now also only poke the RID manager once per request. This may help track down why RID allocation can fail, as while we never wait for the RID set to be created/updated, it may be the only clue the admin gets as to why the async allocations were failing. Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit db9c3c62c89e1328872e3fdedde22b78770728a9)
* dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searchesAndrew Bartlett2013-08-052-104/+99
| | | | | | | | | | | This should be more efficient, particularly in the leaf node case when renaming and deleting entries on large databases. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 31fb7f9c1b93b0f2114dec5096e43616ed317720)
* dsdb-descriptor: Do not do a subtree search unless we have child entriesAndrew Bartlett2013-08-051-1/+32
| | | | | | | | | | This avoids a subtree search here in most cases where an object is deleted. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 03b44d26fd17761675fe33ab29e8f325f59d8a5c)
* Fix bug #10010 - Missing integer wrap protection in EA list reading can ↵Jeremy Allison2013-08-051-2/+5
| | | | | | | | | | | | cause server to loop with DOS. Fix client-side parsing also. Found by David Disseldorp <ddiss@suse.de> Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Aug 5 14:39:04 CEST 2013 on sn-devel-104 (cherry picked from commit c4cba824d9e4bb31e1b6a901e994ffdfd3ad522e)
* Fix bug #10010 - Missing integer wrap protection in EA list reading can ↵Jeremy Allison2013-08-051-0/+12
| | | | | | | | | cause server to loop with DOS. Ensure we never wrap whilst adding client provided input. Signed-off-by: Jeremy Allison <jra@samba.org> (cherry picked from commit c8d8bb257ac390c89c4238ed86dfef02750b6049)
* s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in ↵Stefan Metzmacher2013-07-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | in unixdom_get_my_addr() This caused crashes in _tsocket_address_bsd_from_sockaddr() when we read past the end of the allocation. (similar to commit e9ae36e9683372b86f1efbd29904722a33fea083) Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104 (cherry picked from commit 077dfd0a89a854c21b91b0f871d034fd9fe82a9a) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Mon Jul 29 23:44:45 CEST 2013 on sn-devel-104
* s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in ↵Andrew Bartlett2013-07-291-2/+2
| | | | | | | | | | | | | in unixdom_get_peer_addr() This caused crashes in _tsocket_address_bsd_from_sockaddr() when we read past the end of the allocation. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit e9ae36e9683372b86f1efbd29904722a33fea083)
* docs-xml: Remove obsolete swat manpage and references.Andreas Schneider2013-07-295-263/+3
| | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10041 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Jul 24 12:42:29 CEST 2013 on sn-devel-104 (cherry picked from commit a7801db32afb25cc88f171d9b8896b2f663ba351) Signed-off-by: Andreas Schneider <asn@samba.org>
* pam_winbind: update documentation for "DIR" krb5ccname pragma.Günther Deschner2013-07-242-11/+31
| | | | | | | | | | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 24 02:43:10 CEST 2013 on sn-devel-104 (cherry picked from commit 9adfe82a1785aa6a7baefb435072a0a81dfb13cb) The last 3 patches address bug #10043 - Allow to change the default location for Kerberos credential caches. Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Wed Jul 24 22:37:49 CEST 2013 on sn-devel-104
* s3-winbindd: support the DIR pragma for raw kerberos user pam authentication.Günther Deschner2013-07-241-0/+23
| | | | | | | | | | | | | | It is currently only available in MIT. In addition, allow to define custom filepaths for FILE, WRFILE and DIR pragmas and substitute one occurence of the %u pattern. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Pair-Programmed-With: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 7ad3a367d52b1f123c318946d654e95639202130)
* wbinfo: allow to define a custom krb5ccname for kerberized pam auth.Günther Deschner2013-07-241-2/+4
| | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 73e6feff9b3f30e70d84fe256aff239fafdfdb95)
* s3-waf: Rename regedit to samba-regedit.Andreas Schneider2013-07-241-1/+1
| | | | | | | | | | | | | | | This is needed cause wine already provides a binary with the name regedit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10040 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jul 22 14:12:38 CEST 2013 on sn-devel-104 (cherry picked from commit b5051111d2fd3a9ae3b3aa028ccf013a98c20b38)
* lib/param: sync debug related options with source3/paramStefan Metzmacher2013-07-241-1/+17
| | | | | | | | | | | | | | The most important change is "debug hires timestamp = Yes" and "syslog = 1". Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bj@sernet.de> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Tue Jul 9 17:15:15 CEST 2013 on sn-devel-104 (cherry picked from commit cd36a3e902813c065e14059d325f7628b06595aa) The last 4 patches fix bug #10015 - Fix/Improve debug options.
* lib/ldb-samba: only debug LDB_DEBUG_TRACE at level 10Stefan Metzmacher2013-07-241-1/+1
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bj@sernet.de> (cherry picked from commit 5f93822ede7ec3dc79a8057174342b2c6bb94a3b)
View Lorry Controller Status