[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Mon Jun 6 18:58:03 MDT 2011
The branch, master has been updated
via 776598a s3-docs Add documentation for ncalrpc dir
via a8d1d0c s3-auth Use loadparm_init_s3() to get an lp_ctx for auth_samba4
via 5197331 s4-auth Move default auth methods back into auth.c
from 56eab75 s3: Remove unused variables
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 776598a98103a20fc6a0bfafdebd105e448518ac
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jun 7 09:47:26 2011 +1000
s3-docs Add documentation for ncalrpc dir
Autobuild-User: Andrew Bartlett <abartlet at samba.org>
Autobuild-Date: Tue Jun 7 02:57:33 CEST 2011 on sn-devel-104
commit a8d1d0c94cf1bcc60d68d0385d8f092271d0145c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jun 7 09:09:16 2011 +1000
s3-auth Use loadparm_init_s3() to get an lp_ctx for auth_samba4
This avoids loading the smb.conf twice.
Andrew Bartlett
commit 5197331fe5af0a53e02e642c9e006b19ae92ba19
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jun 7 09:07:52 2011 +1000
s4-auth Move default auth methods back into auth.c
This changes auth_methods_from_lp to no longer use the parametric
options, and to cope with ROLE_DOMAIN_BDC and ROLE_DOMAIN_PDC. This
will assist in calling the source4 auth subsystem with a source3
derived lp_ctx.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/misc/ncalrpcdir.xml | 13 +++++++++++++
source3/auth/auth_samba4.c | 17 ++---------------
source4/auth/ntlm/auth.c | 10 ++++++----
source4/param/loadparm.c | 3 ---
4 files changed, 21 insertions(+), 22 deletions(-)
create mode 100644 docs-xml/smbdotconf/misc/ncalrpcdir.xml
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/misc/ncalrpcdir.xml b/docs-xml/smbdotconf/misc/ncalrpcdir.xml
new file mode 100644
index 0000000..b53acef
--- /dev/null
+++ b/docs-xml/smbdotconf/misc/ncalrpcdir.xml
@@ -0,0 +1,13 @@
+<samba:parameter name="ncalrpc dir"
+ context="G"
+ advanced="1" developer="1"
+ type="string"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>This directory will hold a series of named pipes to allow RPC over inter-process communication. </para>.
+ <para>This will allow Samba and other unix processes to interact over DCE/RPC without using TCP/IP. Additionally a sub-directory 'np' has restricted permissions, and allows a trusted communication channel between Samba processes</para>
+</description>
+
+<value type="default">${prefix}/var/ncalrpc</value>
+<value type="example">/var/run/samba/ncalrpc</value>
+</samba:parameter>
diff --git a/source3/auth/auth_samba4.c b/source3/auth/auth_samba4.c
index 57c07dd..a4673db 100644
--- a/source3/auth/auth_samba4.c
+++ b/source3/auth/auth_samba4.c
@@ -42,22 +42,9 @@ static NTSTATUS check_samba4_security(const struct auth_context *auth_context,
struct loadparm_context *lp_ctx;
const char *config_file;
- lp_ctx = loadparm_init(frame);
+ lp_ctx = loadparm_init_s3(frame, loadparm_s3_context());
if (lp_ctx == NULL) {
- DEBUG(10, ("loadparm_init failed\n"));
- talloc_free(frame);
- return NT_STATUS_INVALID_SERVER_STATE;
- }
-
- if (lp_loaded()) {
- config_file = lp_configfile();
- }
- if (!config_file || !config_file[0]) {
- config_file = get_dyn_CONFIGFILE();
- }
-
- if (!lpcfg_load(lp_ctx, config_file)) {
- DEBUG(1, ("s4 lpcfg_load() of s3 config file %s failed", config_file));
+ DEBUG(10, ("loadparm_init_s3 failed\n"));
talloc_free(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c
index 72338ac..2308b15 100644
--- a/source4/auth/ntlm/auth.c
+++ b/source4/auth/ntlm/auth.c
@@ -488,15 +488,17 @@ _PUBLIC_ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **
const char **auth_methods_from_lp(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
{
const char **auth_methods = NULL;
+
switch (lpcfg_server_role(lp_ctx)) {
case ROLE_STANDALONE:
- auth_methods = lpcfg_parm_string_list(mem_ctx, lp_ctx, NULL, "auth methods", "standalone", NULL);
+ auth_methods = str_list_make(mem_ctx, "anonymous sam_ignoredomain", NULL);
break;
case ROLE_DOMAIN_MEMBER:
- auth_methods = lpcfg_parm_string_list(mem_ctx, lp_ctx, NULL, "auth methods", "member server", NULL);
+ auth_methods = str_list_make(mem_ctx, "anonymous sam winbind", NULL);
break;
- case ROLE_DOMAIN_CONTROLLER:
- auth_methods = lpcfg_parm_string_list(mem_ctx, lp_ctx, NULL, "auth methods", "domain controller", NULL);
+ case ROLE_DOMAIN_BDC:
+ case ROLE_DOMAIN_PDC:
+ auth_methods = str_list_make(mem_ctx, "anonymous sam_ignoredomain winbind", NULL);
break;
}
return auth_methods;
diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index fba09fa..ae29f69 100644
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -2464,9 +2464,6 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "ntptr providor", "simple_ldb");
/* the winbind method for domain controllers is for both RODC
auth forwarding and for trusted domains */
- lpcfg_do_global_parameter(lp_ctx, "auth methods:domain controller", "anonymous sam_ignoredomain winbind");
- lpcfg_do_global_parameter(lp_ctx, "auth methods:member server", "anonymous sam winbind");
- lpcfg_do_global_parameter(lp_ctx, "auth methods:standalone", "anonymous sam_ignoredomain");
lpcfg_do_global_parameter(lp_ctx, "private dir", dyn_PRIVATE_DIR);
lpcfg_do_global_parameter(lp_ctx, "spoolss database", "spoolss.ldb");
lpcfg_do_global_parameter(lp_ctx, "wins config database", "wins_config.ldb");
--
Samba Shared Repository
More information about the samba-cvs
mailing list