summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* ctdb-daemon: Add implementation of tunnel controlsAmitay Isaacs2017-10-106-1/+153
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-protocol: Add controls to register/deregister tunnelsAmitay Isaacs2017-10-101-0/+2
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-protocol: Add REQ_TUNNEL packet typeAmitay Isaacs2017-10-101-0/+11
| | | | | | | This allows to tunnel new protocols using ctdb transport. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* wbinfo: return "NOT MAPPED" instead of "S-0-0" for unmapped id-to-sidRalph Boehme2017-10-102-1/+7
| | | | | | | | | | | Currently wbinfo --unix-ids-to-sids prints "S-0-0" for failed mappings. Let it print "NOT MAPPED" instead. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 10 02:57:40 CEST 2017 on sn-devel-144
* vfs_fake_acls: deny give-ownershipRalph Boehme2017-10-092-1/+18
| | | | | | | | | | | | | | | | | | | Windows doesn't allow giving ownership away unless the user has SEC_PRIV_RESTORE privilege. This follows from MS-FSA 2.1.5.1, so it's a property of the filesystem layer, not the SMB layer. By implementing this restriction here, we can now have test for this restriction. Other filesystems may want to deliberately allow this behaviour -- although I'm not aware of any that does -- therefor I'm putting in this restriction in the implementation of the chmod VFS function and not into the caller. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs_acl_common: fix take ownership vs give ownershipRalph Boehme2017-10-091-0/+13
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs_acl_common: factor out a variable declarationRalph Boehme2017-10-091-2/+3
| | | | | | | | | Just some refactoring, no change in behaviour. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3/smbd/posix_acls: return correct status in try_chownRalph Boehme2017-10-091-1/+1
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: tests for change ownership on a fileRalph Boehme2017-10-093-0/+123
| | | | | | | | | | | This test verifies that SEC_STD_WRITE_OWNER only effectively grants take-ownership permissions but NOT give-ownership. The latter requires SeRestorePrivilege privilege. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: fix samba3.blackbox.inherit_owner.default test script ↵Ralph Boehme2017-10-092-12/+17
| | | | | | | | | | | | | test_inherit_owner.sh Grant the test-user SeRestorePrivilege, this is needed for give-ownership operations. And then granting SeRestorePrivilege requires `net`, so add that as an additional argument to the script. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: fix acl_xattr test script test_acl_xattr.shRalph Boehme2017-10-091-2/+2
| | | | | | | | | | The two "nt_affects_chgrp" tests called the wrong function so the function nt_affects_chgrp() was never run. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: fix acl_xattr test: sn-devel unreliable gidRalph Boehme2017-10-091-1/+1
| | | | | | | | | | | | | | | | | | | The "nt_affects_chgrp" kept failing in a full autobuild on sn-devel because the actual gid of the created file as returned by smbclient -c getfacl was reliably the unix gid of my account. It should have been the mapped domusers group for the primary users "Domain Users" group. Running the test individually or even the full set of "samba3.blackbox" tests didn't trigger the error. Looks like an issue with vfs_fake_acls and vfs_xattr_tdb, but I wasn't able to track it down. As the test only really want to ensure that smbcacls -G set the gid to the requested value, just remove the check for the actual initial gid. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: fix acl_xattr test: grep ouput before mungingRalph Boehme2017-10-091-1/+1
| | | | | | | | | | The check of the smbclient getfacl output for presence of a "^# group:" line must be done before munging the saved output with a sed filter. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: fix acl_xattr test: group, not userRalph Boehme2017-10-091-2/+2
| | | | | | | | | | | In nt_affects_chgrp() check for domadmins *group*, not user. This didn't trigger an error as nt_affects_chgrp() isn't actually called, see next commit. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: fix acl_xattr test: changing ownerRalph Boehme2017-10-091-1/+2
| | | | | | | | | | | | Don't give ownership to user "force_user" as user "$USERNAME", this would fail with NT_STATUS_INVALID_OWNER, instead just take ownership as user "force_user". Adding a corresponding ACE for "force_user" with FULL rights ensures this works. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smbd: Currently if getwd() fails after a chdir(), we panic.Jeremy Allison2017-10-091-11/+70
| | | | | | | | | | | | | | Change this to return to the previous $cwd, and return -1 for the chdir(). If the return to the previous $cwd fails, still panic as we can't return an unknown state. Also do early return from failing SMB_VFS_CHDIR, reducing indentation level BUG: https://bugzilla.samba.org/show_bug.cgi?id=13027 Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Ralph Böhme <slow@samba.org>
* smbcacls: no need to fetch the sd when changing ownershipRalph Boehme2017-10-071-10/+6
| | | | | | | | | | | | Reading the SD may be denied but changing ownership could be allowed. As we don't really need the server SD for the change ownership request, don't fetch it. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Oct 7 00:04:54 CEST 2017 on sn-devel-144
* s3: spoolss: Fix GUID string format on GetPrinter infoSamuel Cabrero2017-10-061-3/+13
| | | | | | | | | | | | | | | | | Fix regression introduced by commit a4157e7c5d75 which removed the braces around the printer GUID in the printer info level 7 structure. MS-RPRN section 2.2 says this protocol uses curly-braced GUIDs so printers are deleted from the directory by the domain controller's pruning service. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12993 Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Oct 6 05:21:25 CEST 2017 on sn-devel-144
* ctdb-common: Make parse_ip() and parse_ipv4() staticMartin Schwenke2017-10-052-5/+3
| | | | | | | | | | | | parse_ip() has interface checking for IPv6 that is still used indirectly by the IP takeover code via parse_ip_mask(). This will be removed eventually. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Thu Oct 5 09:19:31 CEST 2017 on sn-devel-144
* ctdb-common: Replace parse_ip() -> ctdb_sock_addr_from_string()Martin Schwenke2017-10-052-2/+8
| | | | | | | ... and ctdb_sock_addr_set_port(). Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-tests: Replace parse_ip() -> ctdb_sock_addr_from_string()Martin Schwenke2017-10-052-7/+16
| | | | | | | ... and ctdb_sock_addr_set_port() where required. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-tools: Replace parse_ip() -> ctdb_sock_addr_from_string()Martin Schwenke2017-10-051-7/+17
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-common: Remove unused function parse_ip_port()Martin Schwenke2017-10-052-41/+0
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-tools: Replace parse_ip_port() -> ctdb_sock_addr_from_string()Martin Schwenke2017-10-051-6/+12
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-common: Remove unused function ctdb_parse_connections()Martin Schwenke2017-10-052-60/+0
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-tools: Use ctdb_connection_list_read()Martin Schwenke2017-10-051-23/+21
| | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* ctdb-common: Do not queue a packet if queue does not have valid fdAmitay Isaacs2017-10-051-0/+5
| | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13056 The only time a ctdb_queue is created without valid fd is when CTDB is trying to establish connections with other nodes in the cluster. All the other uses always create a ctdb_queue with valid fd. This avoids queueing up packets for dead nodes or nodes that are not running in the cluster and stops consuming memory. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-tests: Send broadcast to connected nodes, not configured nodesAmitay Isaacs2017-10-051-1/+1
| | | | | | | https://bugzilla.samba.org/show_bug.cgi?id=13056 Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* ctdb-daemon: Send broadcast to connected nodes, not configured nodesAmitay Isaacs2017-10-051-2/+3
| | | | | | | | | https://bugzilla.samba.org/show_bug.cgi?id=13056 Database recovery takes care of attaching missing databases on all the nodes. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
* s3: VFS: Ensure default SMB_VFS_GETWD() call can't return a partially ↵Jeremy Allison2017-10-041-0/+4
| | | | | | | | | | | | completed struct smb_filename. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13068 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Oct 4 14:05:33 CEST 2017 on sn-devel-144
* s3: VFS: Protect errno if sys_getwd() fails across free() call.Jeremy Allison2017-10-041-0/+4
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13069 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3: VFS: Ensure sys_getwd() doesn't leak memory on error on really old systems.Jeremy Allison2017-10-041-1/+6
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13069 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* vfs_solarisacl: fix build for samba 4.7 and upJorge Schrauwen via samba-technical2017-10-042-2/+2
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13049 Signed-off-by: Jorge Schrauwen <sjorge@blackdot.be> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3/smbd: register Time Machine shares with AvahiOmri Mor2017-10-041-1/+96
| | | | | | | | | Adds support for automatically registering the required _adisk._tcp mDNS record based on the setting of "fruit:time machine". Signed-off-by: Omri Mor <omri50@gmail.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* docs/vfs_fruit: Add Time Machine supportKevin Anderson2017-10-041-0/+28
| | | | | | | | | | | Add the capability to advertise FULLSYNC volume capabilities to clients that request them. This is mainly used for supporting Mac OS Time Machine backups from clients. The capability does not perform any additional action. Signed-off-by: Kevin Anderson <andersonkw2@gmail.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs_fruit: Add Time Machine supportKevin Anderson2017-10-042-0/+22
| | | | | | | | | Add a configuration option to disable/enable Time Machine support via the FULLSYNC AAPL flag. Signed-off-by: Kevin Anderson <andersonkw2@gmail.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* net: groupmap cleanup should not delete BUILTIN mappingsRalph Boehme2017-10-021-1/+3
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13065 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Oct 2 15:17:00 CEST 2017 on sn-devel-144
* lib/util/run_cmd: use a cleanup function instead of a destructorRalph Boehme2017-09-301-3/+6
| | | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062 Pair-programmed-with: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Sat Sep 30 12:14:57 CEST 2017 on sn-devel-144
* lib/util/run_cmd: remove a printfRalph Boehme2017-09-301-1/+0
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062 Pair-programmed-with: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org>
* lib/util/run_cmd: ensure fd_stdin gets set to -1 in the destructorRalph Boehme2017-09-301-0/+1
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062 Pair-programmed-with: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org>
* lib/util/run_cmd: prevent zombies in samba_runcmd_send on timeoutRalph Boehme2017-09-301-4/+4
| | | | | | | | | | | | | | Ensure the state desctructor calls tfork_destroy to reap the waiter and worker processes. Otherwise we leave the waiter process as a zombie behind us as we never call waitpid on it in case of a timeout or talloc_free() from the caller. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062 Pair-programmed-with: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org>
* lib: Fix a signed/unsigned hickupVolker Lendecke2017-09-301-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: Remove talloc_dictVolker Lendecke2017-09-305-296/+0
| | | | | | | | Looked like a good idea at its time, but its only user did not need it anyway Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* winbind: Remove the use of "talloc_dict"Volker Lendecke2017-09-309-87/+65
| | | | | | | | As members we only collect names, indexed by sids. This is served well by just a simple dbwrap_rbt. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* Changes in samba vxfs plugin.Pooja Mahadik2017-09-303-0/+211
| | | | | | | | | | | | | Implemented two VFS operations(set/fset dos attribute) for vxfs plugin. Trapping set/clear of read-only attribute. Signed-off-by: Pooja Mahadik <pooja.mahadik@veritas.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Sep 30 06:42:10 CEST 2017 on sn-devel-144
* vfs_snapper man page: Fixed typoMarc Muehlfeld2017-09-301-1/+1
| | | | | | | | | | This commit corrects a small typo in vfs_snapper manpage. Signed-off-by: Yvan Masson <yvan@masson-informatique.fr> Reviewed-by: Marc Muehlfeld <mmuehlfeld@samba.org> Autobuild-User(master): Marc Muehlfeld <mmuehlfeld@samba.org> Autobuild-Date(master): Sat Sep 30 02:41:46 CEST 2017 on sn-devel-144
* docs: Improve wording around 'winbind expand groups' paramNoel Power2017-09-291-3/+10
| | | | | | | | | | Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jim McDonough <jmcd@samba.org> Autobuild-User(master): Jim McDonough <jmcd@samba.org> Autobuild-Date(master): Fri Sep 29 22:37:08 CEST 2017 on sn-devel-144
* s3:winbind: unmapped Unix users must be resolved locallyRalph Wuerthner2017-09-291-0/+6
| | | | | | | | | Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Sep 29 18:33:21 CEST 2017 on sn-devel-144
* s3:winbind: unmapped Unix groups in getgrgid must be resolved locallyRalph Wuerthner2017-09-291-0/+6
| | | | | | Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* notifyd: Broadcast to all connected nodesAmitay Isaacs2017-09-291-2/+2
| | | | | | | | | | | CTDB_BROADCAST_VNNMAP includes only the nodes with lmaster roles. CTDB_BROADCAST_CONNECTED includes all the running nodes. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Fri Sep 29 08:38:10 CEST 2017 on sn-devel-144
View Lorry Controller Status