[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-949-gb1b9be4

Michael Adam obnox at samba.org
Tue Feb 17 17:26:39 GMT 2009 

The branch, master has been updated
       via  b1b9be46ab84382e1017a157fc8b85a1a2d441eb (commit)
       via  74940606f715bfc9d99ded2fb1d1da02d037609a (commit)
       via  2feaaa885a485adb11096cdfc3db223f3b73e1a6 (commit)
       via  08bef5bba042843cbfc41f1ed701243140dcf298 (commit)
      from  64cec9984346ce1c8aeb170cd55be6e7e6784919 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit b1b9be46ab84382e1017a157fc8b85a1a2d441eb
Author: Michael Adam <obnox at samba.org>
Date:   Tue Feb 17 08:59:27 2009 +0100

    docs: extend the example in the idmp_rid manpage to configure 2 domains with rid
    
    Michael

commit 74940606f715bfc9d99ded2fb1d1da02d037609a
Author: Michael Adam <obnox at samba.org>
Date:   Tue Feb 17 08:51:39 2009 +0100

    docs: extend the idmap_rid manpage
    
    Michael

commit 2feaaa885a485adb11096cdfc3db223f3b73e1a6
Author: Michael Adam <obnox at samba.org>
Date:   Fri Feb 13 16:40:17 2009 +0100

    s3:winbindd: make do_async_domain() static.
    
    Michael

commit 08bef5bba042843cbfc41f1ed701243140dcf298
Author: Michael Adam <obnox at samba.org>
Date:   Fri Feb 13 13:02:23 2009 +0100

    s3:build: improve the check for a working krb5-config.
    
    Not only check if it exists and is executable, but also
    check whether it accepts the command line "krb5-config --libs gssapi".
    
    Chris Hoogendyk <hoogendyk at bio.umass.edu> has reported configure
    failing on a Solaris machine due to krb5-config raising errors on
    these options.
    
    Michael

-----------------------------------------------------------------------

Summary of changes:
 docs-xml/manpages-3/idmap_rid.8.xml |   43 ++++++++++++++++++++++++++++++-----
 source3/configure.in                |    2 +-
 source3/winbindd/winbindd_async.c   |   12 +++++-----
 source3/winbindd/winbindd_proto.h   |    6 -----
 4 files changed, 44 insertions(+), 19 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/manpages-3/idmap_rid.8.xml b/docs-xml/manpages-3/idmap_rid.8.xml
index 5eba356..146c4b9 100644
--- a/docs-xml/manpages-3/idmap_rid.8.xml
+++ b/docs-xml/manpages-3/idmap_rid.8.xml
@@ -42,11 +42,13 @@
 		<varlistentry>
 		<term>base_rid = INTEGER</term>
 		<listitem><para>
-			Defines the base integer used to build SIDs out of an UID or a GID,
-			and to rebase the UID or GID to be obtained from a SID. User RIDs
-			by default start at 1000 (512 hexadecimal), this means a good value
-			for base_rid can be 1000 as the resulting ID is calculated this way:
-			ID = RID - BASE_RID + LOW RANGE ID.
+			Defines the base integer used to build SIDs out of a UID or a GID,
+			and to rebase the UID or GID to be obtained from a SID.
+			This means SIDs with a RID less than the base rid are filtered.
+			The default is not to restrict the allowed rids at all,
+			i.e. a base_rid value of 0.
+			A good value for the base_rid can be 1000, since user
+			RIDs by default start at 1000 (512 hexadecimal).
 		</para>
 		<para>
 			Use of this parameter is deprecated.
@@ -56,17 +58,46 @@
 </refsect1>
 
 <refsect1>
+	<title>THE MAPPING FORMULAS</title>
+	<para>
+		The Unix ID for a RID is calculated this way:
+		<programlisting>
+			ID = RID - BASE_RID + LOW_RANGE_ID.
+		</programlisting>
+	</para>
+	<para>
+		Correspondingly, the formula for calculationg the RID for a
+		given Unix ID is this:
+		<programlisting>
+			RID = ID + BASE_RID - LOW_RANGE_ID.
+		</programlisting>
+	</para>
+</refsect1>
+
+<refsect1>
 	<title>EXAMPLES</title>
-	<para>This example shows how to configure a domain with idmap_rid</para>
+	<para>
+		This example shows how to configure two domains with idmap_rid,
+		the principal domain and a trusted domain, leaving the default
+		id mapping scheme at tdb. The example also demonstrates the use
+		of the base_rid parameter for the trusted domain.
+	</para>
 
 	<programlisting>
 	[global]
+	security = domain
+	workgroup = MAIN
+
 	idmap backend = tdb
 	idmap uid = 1000000-1999999
 	idmap gid = 1000000-1999999
 
+	idmap config MAIN : backend     = rid
+	idmap config MAIN : range       = 10000 - 49999
+
 	idmap config TRUSTED : backend  = rid
 	idmap config TRUSTED : range    = 50000 - 99999
+	idmap config TRUSTED : base_rid = 1000
 	</programlisting>
 </refsect1>
 
diff --git a/source3/configure.in b/source3/configure.in
index 4a8d594..691d0a8 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -3185,7 +3185,7 @@ if test x"$with_ads_support" != x"no"; then
   # check for krb5-config from recent MIT and Heimdal kerberos 5
   AC_PATH_PROG(KRB5CONFIG, krb5-config)
   AC_MSG_CHECKING(for working krb5-config)
-  if test -x "$KRB5CONFIG"; then
+  if test -x "$KRB5CONFIG" && $KRB5CONFIG --libs gssapi > /dev/null ; then
     ac_save_CFLAGS=$CFLAGS
     CFLAGS="";export CFLAGS
     ac_save_LDFLAGS=$LDFLAGS
diff --git a/source3/winbindd/winbindd_async.c b/source3/winbindd/winbindd_async.c
index 0271abb..b5c432f 100644
--- a/source3/winbindd/winbindd_async.c
+++ b/source3/winbindd/winbindd_async.c
@@ -84,12 +84,12 @@ void do_async(TALLOC_CTX *mem_ctx, struct winbindd_child *child,
 		      &state->response, do_async_recv, state);
 }
 
-void do_async_domain(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain,
-		     const struct winbindd_request *request,
-		     void (*cont)(TALLOC_CTX *mem_ctx, bool success,
-				  struct winbindd_response *response,
-				  void *c, void *private_data),
-		     void *c, void *private_data)
+static void do_async_domain(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain,
+			    const struct winbindd_request *request,
+			    void (*cont)(TALLOC_CTX *mem_ctx, bool success,
+					 struct winbindd_response *response,
+					 void *c, void *private_data),
+			    void *c, void *private_data)
 {
 	struct do_async_state *state;
 
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 5120402..c6e8803 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -78,12 +78,6 @@ void do_async(TALLOC_CTX *mem_ctx, struct winbindd_child *child,
 			   struct winbindd_response *response,
 			   void *c, void *private_data),
 	      void *c, void *private_data);
-void do_async_domain(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain,
-		     const struct winbindd_request *request,
-		     void (*cont)(TALLOC_CTX *mem_ctx, bool success,
-				  struct winbindd_response *response,
-				  void *c, void *private_data),
-		     void *c, void *private_data);
 void winbindd_lookupsid_async(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
 			      void (*cont)(void *private_data, bool success,
 					   const char *dom_name,


-- 
Samba Shared Repository

More information about the samba-cvs mailing list