Compare commits
29 Commits
Author | SHA1 | Date |
---|---|---|
Anoop C S | 2f7081c791 | |
Rex Dieter | 46ed8b0901 | |
Anoop C S | 2ca117dce3 | |
Günther Deschner | 988a75746d | |
Günther Deschner | e6cde530ad | |
Günther Deschner | 3fe38fb635 | |
Günther Deschner | b93dadf435 | |
Günther Deschner | ac34461c5e | |
Günther Deschner | b758896b72 | |
Günther Deschner | dfc5bbd974 | |
Günther Deschner | 1d9b1faceb | |
Günther Deschner | 6c80ac25fc | |
Günther Deschner | b63b68e4e4 | |
Günther Deschner | a483fb81f7 | |
Alexander Bokovoy | 196c353d92 | |
Günther Deschner | ba253b85dc | |
Jose A. Rivera | 2162e97fbc | |
Günther Deschner | ce707ecdaf | |
Günther Deschner | 65a044b456 | |
Günther Deschner | 26be169cca | |
Günther Deschner | aebb79dafe | |
Günther Deschner | c2b693aee4 | |
Günther Deschner | 0394ec0742 | |
Günther Deschner | 33f752743b | |
Günther Deschner | ec1aedd2ec | |
Günther Deschner | 646d7da75f | |
Günther Deschner | af6309e034 | |
Günther Deschner | def8c4a7a5 | |
Günther Deschner | ec656a8533 |
|
@ -57,157 +57,10 @@ samba-3.6.0pre1.tar.gz
|
|||
/samba-4.3.2.tar.xz
|
||||
/samba-4.3.3.tar.xz
|
||||
/samba-4.3.4.tar.xz
|
||||
/samba-4.4.0rc1.tar.xz
|
||||
/samba-4.4.0rc2.tar.xz
|
||||
/samba-4.4.0rc3.tar.xz
|
||||
/samba-4.4.0rc4.tar.xz
|
||||
/samba-4.4.0rc5.tar.xz
|
||||
/samba-4.4.0.tar.xz
|
||||
/samba-4.4.2.tar.xz
|
||||
/samba-4.4.3.tar.xz
|
||||
/samba-4.4.4.tar.xz
|
||||
/samba-4.4.5.tar.xz
|
||||
/samba-4.5.0rc1.tar.xz
|
||||
/samba-4.5.0rc2.tar.xz
|
||||
/samba-4.5.0rc3.tar.xz
|
||||
/samba-4.5.0.tar.xz
|
||||
/samba-4.5.1.tar.xz
|
||||
/samba-4.5.2.tar.xz
|
||||
/samba-4.5.3.tar.xz
|
||||
/samba-4.6.0rc1.tar.xz
|
||||
/samba-4.6.0rc2.tar.xz
|
||||
/samba-4.6.0rc2.tar.asc
|
||||
/samba-4.6.0rc3.tar.asc
|
||||
/samba-4.6.0rc3.tar.xz
|
||||
/samba-4.6.0rc4.tar.xz
|
||||
/samba-4.6.0rc4.tar.asc
|
||||
/samba-4.6.0.tar.asc
|
||||
/samba-4.6.0.tar.xz
|
||||
/samba-4.6.1.tar.xz
|
||||
/samba-4.6.1.tar.asc
|
||||
/samba-4.6.2.tar.xz
|
||||
/samba-4.6.2.tar.asc
|
||||
/samba-4.6.3.tar.xz
|
||||
/samba-4.6.3.tar.asc
|
||||
/samba-4.6.4.tar.xz
|
||||
/samba-4.6.4.tar.asc
|
||||
/samba-4.6.5.tar.xz
|
||||
/samba-4.6.5.tar.asc
|
||||
/samba-4.7.0rc1.tar.xz
|
||||
/samba-4.7.0rc1.tar.asc
|
||||
/samba-4.7.0rc3.tar.xz
|
||||
/samba-4.7.0rc3.tar.asc
|
||||
/samba-4.7.0rc5.tar.xz
|
||||
/samba-4.7.0rc5.tar.asc
|
||||
/samba-4.7.0rc6.tar.xz
|
||||
/samba-4.7.0rc6.tar.asc
|
||||
/samba-4.7.0.tar.xz
|
||||
/samba-4.7.0.tar.asc
|
||||
/samba-4.7.1.tar.xz
|
||||
/samba-4.7.1.tar.asc
|
||||
/samba-4.7.2.tar.xz
|
||||
/samba-4.7.2.tar.asc
|
||||
/samba-4.7.3.tar.xz
|
||||
/samba-4.7.3.tar.asc
|
||||
/samba-4.7.4.tar.xz
|
||||
/samba-4.7.4.tar.asc
|
||||
/samba-4.8.0rc1.tar.xz
|
||||
/samba-4.8.0rc1.tar.asc
|
||||
/samba-4.8.0rc2.tar.xz
|
||||
/samba-4.8.0rc2.tar.asc
|
||||
/samba-4.8.0rc3.tar.xz
|
||||
/samba-4.8.0rc3.tar.asc
|
||||
/samba-4.8.0rc4.tar.xz
|
||||
/samba-4.8.0rc4.tar.asc
|
||||
/samba-4.8.0.tar.xz
|
||||
/samba-4.8.0.tar.asc
|
||||
/samba-4.8.1.tar.xz
|
||||
/samba-4.8.1.tar.asc
|
||||
/samba-4.8.2.tar.xz
|
||||
/samba-4.8.2.tar.asc
|
||||
/samba-4.8.3.tar.asc
|
||||
/samba-4.8.3.tar.xz
|
||||
/samba-4.9.0rc1.tar.xz
|
||||
/samba-4.9.0rc1.tar.asc
|
||||
/samba-4.9.0rc2.tar.xz
|
||||
/samba-4.9.0rc2.tar.asc
|
||||
/samba-4.9.0rc3.tar.xz
|
||||
/samba-4.9.0rc3.tar.asc
|
||||
/samba-4.9.0rc4.tar.xz
|
||||
/samba-4.9.0rc4.tar.asc
|
||||
/samba-4.9.0rc5.tar.asc
|
||||
/samba-4.9.0rc5.tar.xz
|
||||
/samba-4.9.0.tar.xz
|
||||
/samba-4.9.0.tar.asc
|
||||
/samba-4.9.1.tar.asc
|
||||
/samba-4.9.1.tar.xz
|
||||
/samba-4.9.2.tar.xz
|
||||
/samba-4.9.2.tar.asc
|
||||
/samba-4.9.3.tar.xz
|
||||
/samba-4.9.3.tar.asc
|
||||
/samba-4.9.4.tar.xz
|
||||
/samba-4.9.4.tar.asc
|
||||
/samba-4.10.0rc1.tar.xz
|
||||
/samba-4.10.0rc1.tar.asc
|
||||
/samba-4.10.0rc2.tar.xz
|
||||
/samba-4.10.0rc2.tar.asc
|
||||
/samba-4.10.0rc3.tar.xz
|
||||
/samba-4.10.0rc3.tar.asc
|
||||
/samba-4.10.0rc4.tar.xz
|
||||
/samba-4.10.0rc4.tar.asc
|
||||
/samba-4.10.0.tar.xz
|
||||
/samba-4.10.0.tar.asc
|
||||
/samba-4.10.1.tar.xz
|
||||
/samba-4.10.1.tar.asc
|
||||
/samba-4.10.2.tar.xz
|
||||
/samba-4.10.2.tar.asc
|
||||
/samba-4.10.3.tar.xz
|
||||
/samba-4.10.3.tar.asc
|
||||
/samba-4.10.4.tar.xz
|
||||
/samba-4.10.4.tar.asc
|
||||
/samba-4.10.5.tar.xz
|
||||
/samba-4.10.5.tar.asc
|
||||
/samba-4.10.6.tar.xz
|
||||
/samba-4.10.6.tar.asc
|
||||
/samba-4.11.0rc1.tar.xz
|
||||
/samba-4.11.0rc1.tar.asc
|
||||
/samba-4.11.0rc2.tar.xz
|
||||
/samba-4.11.0rc2.tar.asc
|
||||
/samba-4.11.0rc3.tar.xz
|
||||
/samba-4.11.0rc3.tar.asc
|
||||
/samba-4.11.0rc4.tar.xz
|
||||
/samba-4.11.0rc4.tar.asc
|
||||
/samba-4.11.0.tar.xz
|
||||
/samba-4.11.0.tar.asc
|
||||
/samba-4.11.1.tar.xz
|
||||
/samba-4.11.1.tar.asc
|
||||
/samba-4.11.2.tar.xz
|
||||
/samba-4.11.2.tar.asc
|
||||
/samba-4.11.3.tar.xz
|
||||
/samba-4.11.3.tar.asc
|
||||
/samba-4.11.4.tar.xz
|
||||
/samba-4.11.4.tar.asc
|
||||
/samba-4.11.5.tar.xz
|
||||
/samba-4.11.5.tar.asc
|
||||
/samba-4.12.0rc1.tar.xz
|
||||
/samba-4.12.0rc1.tar.asc
|
||||
/samba-4.12.0rc2.tar.xz
|
||||
/samba-4.12.0rc2.tar.asc
|
||||
/samba-4.12.0rc3.tar.xz
|
||||
/samba-4.12.0rc3.tar.asc
|
||||
/samba-4.12.0rc4.tar.xz
|
||||
/samba-4.12.0rc4.tar.asc
|
||||
/samba-4.12.0.tar.xz
|
||||
/samba-4.12.0.tar.asc
|
||||
/samba-4.12.1.tar.xz
|
||||
/samba-4.12.1.tar.asc
|
||||
/samba-4.12.2.tar.xz
|
||||
/samba-4.12.2.tar.asc
|
||||
/samba-4.12.3.tar.xz
|
||||
/samba-4.12.3.tar.asc
|
||||
/samba-4.12.4.tar.xz
|
||||
/samba-4.12.4.tar.asc
|
||||
/samba-4.12.5.tar.xz
|
||||
/samba-4.12.5.tar.asc
|
||||
/samba-4.13.0rc1.tar.xz
|
||||
/samba-4.13.0rc1.tar.asc
|
||||
/samba-4.3.5.tar.xz
|
||||
/samba-4.3.6.tar.xz
|
||||
/samba-4.3.8.tar.xz
|
||||
/samba-4.3.9.tar.xz
|
||||
/samba-4.3.10.tar.xz
|
||||
/samba-4.3.11.tar.xz
|
||||
/samba-4.3.12.tar.xz
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
MIT Kerberos 5 Support
|
||||
=======================
|
||||
|
||||
Fedora is using MIT Kerberos implementation as its Kerberos infrastructure of
|
||||
choice. The Samba build in Fedora is using MIT Kerberos implementation in order
|
||||
to allow system-wide interoperability between both desktop and server
|
||||
applications running on the same machine.
|
||||
|
||||
At the moment the Samba Active Directory Domain Controller implementation is
|
||||
not available with MIT Kereberos. FreeIPA and Samba Team members are currently
|
||||
working on Samba MIT Kerberos support as this is a requirement for a GNU/Linux
|
||||
distribution integration of Samba AD DC features.
|
||||
|
||||
We have just finished migrating the file server and all client utilities to MIT
|
||||
Kerberos. The result of this work is available in samba-* packages in Fedora.
|
||||
We'll provide Samba AD DC functionality as soon as its support of MIT Kerberos
|
||||
KDC will be ready.
|
||||
|
||||
In case of further questions do not hesitate to send your inquiries to
|
||||
samba-owner@fedoraproject.org
|
186
README.md
186
README.md
|
@ -1,186 +0,0 @@
|
|||
Samba is a free SMB and CIFS client and server and Domain Controller for UNIX
|
||||
and other operating systems. It is maintained by the Samba Team, who support the
|
||||
original author, Andrew Tridgell.
|
||||
|
||||
This software is freely distributable under the GNU public license, a copy of
|
||||
which you should have received with this software (in a file called COPYING).
|
||||
|
||||
# WHAT IS SMB/CIFS?
|
||||
This is a big question.
|
||||
|
||||
The very short answer is that it is the protocol by which a lot of PC-related
|
||||
machines share files and printers and other information such as lists of
|
||||
available files and printers. Operating systems that support this natively
|
||||
include Windows 9x, Windows NT (and derivatives), OS/2, Mac OS X and Linux. Add
|
||||
on packages that achieve the same thing are available for DOS, Windows 3.1, VMS,
|
||||
Unix of all kinds, MVS, and more. Some Web Browsers can speak this protocol as
|
||||
well (smb://). Alternatives to SMB include Netware, NFS, Appletalk, Banyan
|
||||
Vines, Decnet etc; many of these have advantages but none are both public
|
||||
specifications and widely implemented in desktop machines by default.
|
||||
|
||||
The Common Internet File system (CIFS) is what the new SMB initiative is called.
|
||||
For details watch [here](https://samba.org/cifs)
|
||||
|
||||
# WHY DO PEOPLE WANT TO USE SMB?
|
||||
* Many people want to integrate their Microsoft desktop clients with their Unix
|
||||
servers.
|
||||
|
||||
* Others want to integrate their Microsoft (etc) servers with Unix servers. This
|
||||
is a different problem to integrating desktop clients.
|
||||
|
||||
* Others want to replace protocols like NFS, DecNet and Novell NCP, especially
|
||||
when used with PCs.
|
||||
|
||||
# WHAT CAN SAMBA DO?
|
||||
Please refer to the WHATSNEW.txt included with this README for a list of
|
||||
features in the latest Samba release.
|
||||
|
||||
Here is a very short list of what samba includes, and what it does. For many
|
||||
networks this can be simply summarized by "Samba provides a complete replacement
|
||||
for Windows NT, Warp, NFS or Netware servers."
|
||||
* a SMB server, to provide Windows NT and LAN Manager-style file and print
|
||||
services to SMB clients such as Windows 95, Warp Server, smbfs and others.
|
||||
|
||||
* a Windows Domain Controller (NT4 and AD) replacement.
|
||||
|
||||
* a file/print server that can act as a member of a Windows NT 4.0 or Active
|
||||
Directory domain.
|
||||
|
||||
* a NetBIOS (rfc1001/1002) nameserver, which amongst other things gives browsing
|
||||
support. Samba can be the master browser on your LAN if you wish.
|
||||
|
||||
* a ftp-like SMB client so you can access PC resources (disks and printers) from
|
||||
UNIX, Netware, and other operating systems
|
||||
|
||||
* a tar extension to the client for backing up PCs
|
||||
|
||||
* limited command-line tool that supports some of the NT administrative
|
||||
functionality, which can be used on Samba, NT workstation and NT server.
|
||||
|
||||
For a much better overview have a look at the [web site](http://samba.org/samba)
|
||||
and browse the user survey.
|
||||
|
||||
#### Related packages include:
|
||||
* cifsvfs, an advanced Linux-only filesystem allowing you to mount remote SMB
|
||||
filesystems from PCs on your Linux box. This is included as standard with Linux
|
||||
2.5 and later.
|
||||
|
||||
* smbfs, the previous Linux-only filesystem allowing you to mount remote SMB
|
||||
filesystems from PCs on your Linux box. This is included as standard with Linux
|
||||
2.0 and later.
|
||||
|
||||
# CONTRIBUTIONS
|
||||
|
||||
### To contribute via GitHub
|
||||
* fork the official Samba team repository on GitHub
|
||||
-- see [GitHub](https://github.com/samba-team/samba)
|
||||
|
||||
* become familiar with the coding standards as described in README.Coding
|
||||
|
||||
* make sure you read the Samba copyright policy
|
||||
-- see [Copyright Policy](https://www.samba.org/samba/devel/copyright-policy.html)
|
||||
|
||||
* create a feature branch
|
||||
|
||||
* make changes
|
||||
|
||||
* when committing, be sure to add signed-off-by tags
|
||||
-- see [Commit message tags](https://wiki.samba.org/index.php/CodeReview#commit_message_tags)
|
||||
|
||||
* send a pull request for your branch through GitHub
|
||||
|
||||
* this will trigger an email to the samba-technical mailing list
|
||||
|
||||
* discussion happens on the samba-technical mailing list as described below
|
||||
|
||||
* more info on using Git for Samba development can be found on Samba Wiki
|
||||
-- see [Using Git for Samba](https://wiki.samba.org/index.php/Using_Git_for_Samba_Development)
|
||||
|
||||
### To contribute via mailing lists
|
||||
Join the mailing list. The Samba team accepts patches (preferably in "diff -u"
|
||||
format, see [here](https://samba.org/samba/devel) for more details) and are
|
||||
always glad to receive feedback or suggestions to the address
|
||||
samba@lists.samba.org. More information on the various Samba mailing lists can
|
||||
be found at [mailman](http://lists.samba.org).
|
||||
|
||||
You can also get the Samba sourcecode straight from the [git repository](http://wiki.samba.org/index.php/Using_Git_for_Samba_Development).
|
||||
|
||||
If you like a particular feature then look through the git change-log on the
|
||||
[web](https://git.samba.org/?p=samba.git;a=summary) and see who added it, then
|
||||
send them an email.
|
||||
|
||||
Remember that free software of this kind lives or dies by the response we get.
|
||||
If no one tells us they like it then we'll probably move onto something else.
|
||||
|
||||
|
||||
# MORE INFO
|
||||
|
||||
### DOCUMENTATION
|
||||
There is quite a bit of documentation included with the package, including man
|
||||
pages, and lots of .html files with hints and useful info. This is also
|
||||
available from the web page. There is a growing collection of information under
|
||||
docs/.
|
||||
|
||||
A list of Samba documentation in languages other than English is available on
|
||||
the web page.
|
||||
|
||||
If you would like to help with the documentation, please coordinate on the
|
||||
samba@lists.samba.org mailing list. See the next section for details on
|
||||
subscribing to samba mailing lists.
|
||||
|
||||
### MAILING LIST
|
||||
Please do NOT send subscription/unsubscription requests to the lists!
|
||||
|
||||
There is a mailing list for discussion of Samba. For details go to [mailman](https://lists.samba.org)
|
||||
or send mail to <samba-subscribe@lists.samba.org>.
|
||||
|
||||
There is also an announcement mailing list where new versions are announced. To
|
||||
subscribe go to [mailman](http://lists.samba.org) or send mail to
|
||||
<samba-announce-subscribe@lists.samba.org>. All announcements also go to the
|
||||
samba list, so you only need to be on one.
|
||||
|
||||
For details of other Samba mailing lists and for access to archives, see
|
||||
[mailman](http://lists.samba.org)
|
||||
|
||||
### MAILING LIST ETIQUETTE
|
||||
|
||||
A few tips when submitting to this or any mailing list.
|
||||
- Make your subject short and descriptive. Avoid the words "help" or "Samba" in
|
||||
the subject. The readers of this list already know that a) you need help, and b)
|
||||
you are writing about samba (of course, you may need to distinguish between
|
||||
Samba PDC and other file sharing software). Avoid phrases such as "what is" and
|
||||
"how do i". Some good subject lines might look like "Slow response with Excel
|
||||
files" or "Migrating from Samba PDC to NT PDC".
|
||||
|
||||
- If you include the original message in your reply, trim it so that only the
|
||||
relevant lines, enough to establish context, are included. Chances are (since
|
||||
this is a mailing list) we've already read the original message.
|
||||
|
||||
- Trim irrelevant headers from the original message in your reply. All we need
|
||||
to see is a) From, b) Date, and c) Subject. We don't even really need the
|
||||
Subject, if you haven't changed it. Better yet is to just preface the original
|
||||
message with "On [date] [someone] wrote:".
|
||||
|
||||
- Please don't reply to or argue about spam, spam filters or viruses on any
|
||||
Samba lists. We do have a spam filtering system that is working quite well thank
|
||||
you very much but occasionally unwanted messages slip through. Deal with it.
|
||||
|
||||
- Never say "Me too." It doesn't help anyone solve the problem. Instead, if you
|
||||
ARE having the same problem, give more information. Have you seen something that
|
||||
the other writer hasn't mentioned, which may be helpful?
|
||||
|
||||
- If you ask about a problem, then come up with the solution on your own or
|
||||
through another source, by all means post it. Someone else may have the same
|
||||
problem and is waiting for an answer, but never hears of it.
|
||||
|
||||
- Give as much *relevant* information as possible such as Samba release number,
|
||||
OS, kernel version, etc...
|
||||
|
||||
- RTFM. Google.
|
||||
|
||||
### WEB SITE
|
||||
A Samba WWW [site](https://samba.org) has been setup with lots of useful info.
|
||||
|
||||
As well as general information and documentation, this also has searchable
|
||||
archives of the mailing list and a user survey that shows who else is using this
|
||||
package.
|
Binary file not shown.
|
@ -0,0 +1,35 @@
|
|||
From 97d7bc19bb463cfbb9d45b69cec1e668eb15b4a1 Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Bokovoy <ab@samba.org>
|
||||
Date: Thu, 7 May 2015 14:12:03 +0000
|
||||
Subject: [PATCH] auth/credentials: if credentials have principal set, they are
|
||||
not anonymous anymore
|
||||
|
||||
When dealing with Kerberos, we cannot consider credentials anonymous
|
||||
if credentials were obtained properly.
|
||||
|
||||
Signed-off: Alexander Bokovoy <ab@samba.org>
|
||||
---
|
||||
auth/credentials/credentials.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
|
||||
index 78b5955..b1ccc5a 100644
|
||||
--- a/auth/credentials/credentials.c
|
||||
+++ b/auth/credentials/credentials.c
|
||||
@@ -921,6 +921,13 @@ _PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred)
|
||||
cred->machine_account_pending_lp_ctx);
|
||||
}
|
||||
|
||||
+ if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
|
||||
+ /* if principal is set, it's not anonymous */
|
||||
+ if (cred->principal && cred->principal_obtained >= cred->username_obtained) {
|
||||
+ return false;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
username = cli_credentials_get_username(cred);
|
||||
|
||||
/* Yes, it is deliberate that we die if we have a NULL pointer
|
||||
--
|
||||
2.4.0
|
||||
|
|
@ -0,0 +1,60 @@
|
|||
From b89f28556ad0d1caf9cf41c56a0d67440098358f Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Bokovoy <abokovoy@redhat.com>
|
||||
Date: Tue, 12 Apr 2016 09:36:12 +0300
|
||||
Subject: [PATCH] s3-winbind: make sure domain member can talk to trusted
|
||||
domains DCs
|
||||
|
||||
Allow cm_connect_netlogon() to talk to trusted domains' DCs when
|
||||
running in a domain member configuration.
|
||||
|
||||
Signed-off-by: Alexander Bokovoy <ab@samba.org>
|
||||
---
|
||||
source3/winbindd/winbindd_cm.c | 15 +++++++++------
|
||||
1 file changed, 9 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
|
||||
index 63175e5..1ef3d17 100644
|
||||
--- a/source3/winbindd/winbindd_cm.c
|
||||
+++ b/source3/winbindd/winbindd_cm.c
|
||||
@@ -2578,9 +2578,10 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
|
||||
anonymous:
|
||||
|
||||
/* Finally fall back to anonymous. */
|
||||
- if (lp_winbind_sealed_pipes() || lp_require_strong_key()) {
|
||||
+ if ((lp_winbind_sealed_pipes() || lp_require_strong_key()) &&
|
||||
+ (IS_DC || domain->primary)) {
|
||||
status = NT_STATUS_DOWNGRADE_DETECTED;
|
||||
- DEBUG(1, ("Unwilling to make SAMR connection to domain %s"
|
||||
+ DEBUG(1, ("Unwilling to make SAMR connection to domain %s "
|
||||
"without connection level security, "
|
||||
"must set 'winbind sealed pipes = false' and "
|
||||
"'require strong key = false' to proceed: %s\n",
|
||||
@@ -2811,9 +2812,10 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
|
||||
|
||||
anonymous:
|
||||
|
||||
- if (lp_winbind_sealed_pipes() || lp_require_strong_key()) {
|
||||
+ if ((lp_winbind_sealed_pipes() || lp_require_strong_key()) &&
|
||||
+ (IS_DC || domain->primary)) {
|
||||
result = NT_STATUS_DOWNGRADE_DETECTED;
|
||||
- DEBUG(1, ("Unwilling to make LSA connection to domain %s"
|
||||
+ DEBUG(1, ("Unwilling to make LSA connection to domain %s "
|
||||
"without connection level security, "
|
||||
"must set 'winbind sealed pipes = false' and "
|
||||
"'require strong key = false' to proceed: %s\n",
|
||||
@@ -2978,9 +2980,10 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
|
||||
|
||||
no_schannel:
|
||||
if (!(conn->netlogon_flags & NETLOGON_NEG_AUTHENTICATED_RPC)) {
|
||||
- if (lp_winbind_sealed_pipes() || lp_require_strong_key()) {
|
||||
+ if ((lp_winbind_sealed_pipes() || lp_require_strong_key()) &&
|
||||
+ (IS_DC || domain->primary)) {
|
||||
result = NT_STATUS_DOWNGRADE_DETECTED;
|
||||
- DEBUG(1, ("Unwilling to make connection to domain %s"
|
||||
+ DEBUG(1, ("Unwilling to make connection to domain %s "
|
||||
"without connection level security, "
|
||||
"must set 'winbind sealed pipes = false' and "
|
||||
"'require strong key = false' to proceed: %s\n",
|
||||
--
|
||||
2.5.5
|
||||
|
|
@ -0,0 +1,49 @@
|
|||
From 730c0a2fab4b0c494122f29355068cc2bbf0f672 Mon Sep 17 00:00:00 2001
|
||||
From: Michael Adam <obnox@samba.org>
|
||||
Date: Fri, 21 Oct 2016 00:15:06 +0200
|
||||
Subject: [PATCH] vfs:glusterfs: preallocate result for glfs_realpath
|
||||
|
||||
https://bugzilla.samba.org/show_bug.cgi?id=12404
|
||||
|
||||
This makes us independent of the allocation
|
||||
method used inside glfs_realpath.
|
||||
|
||||
Signed-off-by: Michael Adam <obnox@samba.org>
|
||||
Reviewed-by: Ira Cooper <ira@samba.org>
|
||||
|
||||
Autobuild-User(master): Jeremy Allison <jra@samba.org>
|
||||
Autobuild-Date(master): Sat Oct 22 00:28:41 CEST 2016 on sn-devel-144
|
||||
|
||||
(cherry picked from commit 92a0a56c3852726e0812d260e043957c879aefa4)
|
||||
---
|
||||
source3/modules/vfs_glusterfs.c | 15 ++++++++++++++-
|
||||
1 file changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c
|
||||
index 732ca51..fc40a90 100644
|
||||
--- a/source3/modules/vfs_glusterfs.c
|
||||
+++ b/source3/modules/vfs_glusterfs.c
|
||||
@@ -1036,7 +1036,20 @@ static int vfs_gluster_fallocate(struct vfs_handle_struct *handle,
|
||||
static char *vfs_gluster_realpath(struct vfs_handle_struct *handle,
|
||||
const char *path)
|
||||
{
|
||||
- return glfs_realpath(handle->data, path, 0);
|
||||
+ char *result = NULL;
|
||||
+ char *resolved_path = SMB_MALLOC_ARRAY(char, PATH_MAX+1);
|
||||
+
|
||||
+ if (resolved_path == NULL) {
|
||||
+ errno = ENOMEM;
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ result = glfs_realpath(handle->data, path, resolved_path);
|
||||
+ if (result == NULL) {
|
||||
+ SAFE_FREE(resolved_path);
|
||||
+ }
|
||||
+
|
||||
+ return result;
|
||||
}
|
||||
|
||||
static bool vfs_gluster_lock(struct vfs_handle_struct *handle,
|
||||
--
|
||||
2.7.4
|
|
@ -1,10 +1,7 @@
|
|||
/var/log/samba/log.* {
|
||||
compress
|
||||
dateext
|
||||
maxage 365
|
||||
rotate 99
|
||||
/var/log/samba/* {
|
||||
notifempty
|
||||
olddir /var/log/samba/old
|
||||
missingok
|
||||
sharedscripts
|
||||
copytruncate
|
||||
}
|
3498
samba.spec
3498
samba.spec
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,15 @@
|
|||
# default: off
|
||||
# description: SWAT is the Samba Web Admin Tool. Use swat \
|
||||
# to configure your Samba server. To use SWAT, \
|
||||
# connect to port 901 with your favorite web browser.
|
||||
service swat
|
||||
{
|
||||
port = 901
|
||||
socket_type = stream
|
||||
wait = no
|
||||
only_from = 127.0.0.1
|
||||
user = root
|
||||
server = /usr/sbin/swat
|
||||
log_on_failure += USERID
|
||||
disable = yes
|
||||
}
|
|
@ -2,23 +2,26 @@
|
|||
# options listed here, refer to the smb.conf(5) manual page. Samba has a huge
|
||||
# number of configurable options, most of which are not shown in this example.
|
||||
#
|
||||
# The Samba Wiki contains a lot of step-by-step guides installing, configuring,
|
||||
# and using Samba:
|
||||
# https://wiki.samba.org/index.php/User_Documentation
|
||||
# The Official Samba 3.2.x HOWTO and Reference Guide contains step-by-step
|
||||
# guides for installing, configuring, and using Samba:
|
||||
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
|
||||
#
|
||||
# The Samba-3 by Example guide has working examples for smb.conf. This guide is
|
||||
# generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
|
||||
#
|
||||
# In this file, lines starting with a semicolon (;) or a hash (#) are
|
||||
# comments and are ignored. This file uses hashes to denote commentary and
|
||||
# semicolons for parts of the file you may wish to configure.
|
||||
#
|
||||
# NOTE: Run the "testparm" command after modifying this file to check for basic
|
||||
# Note: Run the "testparm" command after modifying this file to check for basic
|
||||
# syntax errors.
|
||||
#
|
||||
#---------------
|
||||
# Security-Enhanced Linux (SELinux) Notes:
|
||||
#
|
||||
# Turn the samba_domain_controller Boolean on to allow a Samba PDC to use the
|
||||
# useradd and groupadd family of binaries. Run the following command as the
|
||||
# root user to turn this Boolean on:
|
||||
# Turn the samba_domain_controller Boolean on to allow Samba to use the useradd
|
||||
# and groupadd family of binaries. Run the following command as the root user to
|
||||
# turn this Boolean on:
|
||||
# setsebool -P samba_domain_controller on
|
||||
#
|
||||
# Turn the samba_enable_home_dirs Boolean on if you want to share home
|
||||
|
@ -67,8 +70,7 @@
|
|||
#
|
||||
# server string = the equivalent of the Windows NT Description field.
|
||||
#
|
||||
# netbios name = used to specify a server name that is not tied to the hostname,
|
||||
# maximum is 15 characters.
|
||||
# netbios name = used to specify a server name that is not tied to the hostname.
|
||||
#
|
||||
# interfaces = used to configure Samba to listen on multiple network interfaces.
|
||||
# If you have multiple interfaces, you can use the "interfaces =" option to
|
||||
|
@ -80,6 +82,9 @@
|
|||
#
|
||||
# hosts deny = the hosts not allowed to connect. This option can also be used on
|
||||
# a per-share basis.
|
||||
#
|
||||
# max protocol = used to define the supported protocol. The default is NT1. You
|
||||
# can set it to SMB2 if you want experimental SMB2 support.
|
||||
#
|
||||
workgroup = MYGROUP
|
||||
server string = Samba Server Version %v
|
||||
|
@ -89,6 +94,8 @@
|
|||
; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
|
||||
; hosts allow = 127. 192.168.12. 192.168.13.
|
||||
|
||||
; max protocol = SMB2
|
||||
|
||||
# --------------------------- Logging Options -----------------------------
|
||||
#
|
||||
# log file = specify where log files are written to and how they are split.
|
||||
|
@ -295,7 +302,7 @@
|
|||
; writable = no
|
||||
; share modes = no
|
||||
|
||||
# Un-comment the following to provide a specific roaming profile share.
|
||||
# Un-comment the following to provide a specific roving profile share.
|
||||
# The default is to use the user's home directory:
|
||||
; [Profiles]
|
||||
; path = /var/lib/samba/profiles
|
||||
|
@ -308,6 +315,6 @@
|
|||
; comment = Public Stuff
|
||||
; path = /home/samba
|
||||
; public = yes
|
||||
; writable = no
|
||||
; writable = yes
|
||||
; printable = no
|
||||
; write list = +staff
|
|
@ -1,37 +0,0 @@
|
|||
# See smb.conf.example for a more detailed config file or
|
||||
# read the smb.conf manpage.
|
||||
# Run 'testparm' to verify the config is correct after
|
||||
# you modified it.
|
||||
|
||||
[global]
|
||||
workgroup = SAMBA
|
||||
security = user
|
||||
|
||||
passdb backend = tdbsam
|
||||
|
||||
printing = cups
|
||||
printcap name = cups
|
||||
load printers = yes
|
||||
cups options = raw
|
||||
|
||||
[homes]
|
||||
comment = Home Directories
|
||||
valid users = %S, %D%w%S
|
||||
browseable = No
|
||||
read only = No
|
||||
inherit acls = Yes
|
||||
|
||||
[printers]
|
||||
comment = All Printers
|
||||
path = /var/tmp
|
||||
printable = Yes
|
||||
create mask = 0600
|
||||
browseable = No
|
||||
|
||||
[print$]
|
||||
comment = Printer Drivers
|
||||
path = /var/lib/samba/drivers
|
||||
write list = @printadmin root
|
||||
force group = @printadmin
|
||||
create mask = 0664
|
||||
directory mask = 0775
|
3
sources
3
sources
|
@ -1,2 +1 @@
|
|||
SHA512 (samba-4.13.0rc1.tar.xz) = 3e6d431998907ad8c81f488ddf78dcef5fd6a4cdf8ca684e5ad0ce9bf7217d82fcca7501155446c83d804f939bea7012f1d37c1f738d8ec7bc769a9148a6592a
|
||||
SHA512 (samba-4.13.0rc1.tar.asc) = 6dfe9467fd7fd28db91ae15fa3314a7707cfeb88c8ecd2af532d57614bec311119546a2fd4ced71063df9b7d6879a62f9ba512ae05d494323e0362a5492d33fa
|
||||
4b84415bea4b8a0d2085e51d1f9cc4c6 samba-4.3.12.tar.xz
|
||||
|
|
Loading…
Reference in New Issue