[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Fri Feb 22 03:07:02 MST 2013
The branch, master has been updated
via e4d85fa dsdb-descriptor: Avoid segfault copying an SD without an owner or group
via 87db233 dsdb-descriptor: Spell out security descriptor flags as constants
via a166a34 torture-drs: Fix comment in replica_sync test
via 59e8321 torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure
via c89df54 ldb: Add missing dependency on replace for ldb
via 613f49a build: Remove includes.h dep in winbind client libraries
via f2c7f2c build: Remove unused includes.h reference to avoid build-time talloc dep
from 46ab33d build:autoconf: fix output of syslog-facility check
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit e4d85fa73d3ce1f397fdd416af6b8c903a473824
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Feb 11 14:46:43 2013 +1100
dsdb-descriptor: Avoid segfault copying an SD without an owner or group
This is an unusual SD, but it does exist is some very old upgraded databases.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Feb 22 11:06:17 CET 2013 on sn-devel-104
commit 87db2331fc855473d8b3cad1c4149807823aa3c4
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Feb 11 14:45:57 2013 +1100
dsdb-descriptor: Spell out security descriptor flags as constants
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit a166a3484a68dc5328ee1d3e65221c30c081204b
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Jan 16 08:52:41 2013 +1100
torture-drs: Fix comment in replica_sync test
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 59e8321324fe6b652724e71ba1df9da80f30cc67
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Feb 7 19:35:15 2013 +1100
torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure
This then allows this particular failure to be masked with a knownfail.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit c89df544239dbaedbb7f231f4556aff8e4a3f288
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Feb 15 13:32:06 2013 +1100
ldb: Add missing dependency on replace for ldb
This brings in rep_timegm() on Solaris for example.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 613f49ab8bf0bdcc7cd1e2c39bd624586a87cff3
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Feb 19 11:44:19 2013 +1100
build: Remove includes.h dep in winbind client libraries
Our LGPL winbind client libs do not link against our server-side code, and
should not use the server-side includes.h.
This removes a build-time dep on talloc that was brought in via includes.h as
this code also does not use talloc.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit f2c7f2c93d54c77753e2a1b0663813e9778172a4
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Feb 19 11:15:20 2013 +1100
build: Remove unused includes.h reference to avoid build-time talloc dep
talloc is not a dependency of this library, but is required by includes.h.
By not including includes.h, we avoid needing to add an otherwise false talloc dep.
(this comes up if talloc.h is not installed as a system package).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/ldb/wscript | 2 +-
lib/util/setid.c | 1 -
nsswitch/winbind_nss_solaris.c | 1 -
source4/dsdb/samdb/ldb_modules/acl_util.c | 2 +-
source4/dsdb/samdb/ldb_modules/descriptor.c | 18 +++++++++++++-----
source4/torture/drs/python/repl_schema.py | 6 +++++-
source4/torture/drs/python/replica_sync.py | 2 +-
7 files changed, 21 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 1ae5438..fbed6fd 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -133,7 +133,7 @@ def build(bld):
bld.SAMBA_LIBRARY('ldb',
COMMON_SRC + ' ' + LDB_MAP_SRC,
- deps='tevent LIBLDB_MAIN',
+ deps='tevent LIBLDB_MAIN replace',
includes='include',
public_headers='include/ldb.h include/ldb_errors.h '\
'include/ldb_module.h include/ldb_handlers.h',
diff --git a/lib/util/setid.c b/lib/util/setid.c
index ed86155..c5ee644 100644
--- a/lib/util/setid.c
+++ b/lib/util/setid.c
@@ -20,7 +20,6 @@
#ifndef AUTOCONF_TEST
#include "replace.h"
#include "system/passwd.h"
-#include "include/includes.h"
#ifdef UID_WRAPPER_REPLACE
diff --git a/nsswitch/winbind_nss_solaris.c b/nsswitch/winbind_nss_solaris.c
index 92da859..6d3c8a9 100644
--- a/nsswitch/winbind_nss_solaris.c
+++ b/nsswitch/winbind_nss_solaris.c
@@ -33,7 +33,6 @@
#include <sys/param.h>
#include <string.h>
#include <pwd.h>
-#include "includes.h"
#include <syslog.h>
#if !defined(HPUX)
diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c
index 9be376d..1f64ab1 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -272,7 +272,7 @@ uint32_t dsdb_request_sd_flags(struct ldb_request *req, bool *explicit)
* equals all 4 bits
*/
if (sd_flags == 0) {
- sd_flags = 0xF;
+ sd_flags = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL | SECINFO_SACL;
}
return sd_flags;
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index d9bc89f..7743baa 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -181,20 +181,28 @@ static struct security_descriptor *descr_handle_sd_flags(TALLOC_CTX *mem_ctx,
final_sd->type = SEC_DESC_SELF_RELATIVE;
if (sd_flags & (SECINFO_OWNER)) {
- final_sd->owner_sid = talloc_memdup(mem_ctx, new_sd->owner_sid, sizeof(struct dom_sid));
+ if (new_sd->owner_sid) {
+ final_sd->owner_sid = talloc_memdup(mem_ctx, new_sd->owner_sid, sizeof(struct dom_sid));
+ }
final_sd->type |= new_sd->type & SEC_DESC_OWNER_DEFAULTED;
}
else if (old_sd) {
- final_sd->owner_sid = talloc_memdup(mem_ctx, old_sd->owner_sid, sizeof(struct dom_sid));
+ if (old_sd->owner_sid) {
+ final_sd->owner_sid = talloc_memdup(mem_ctx, old_sd->owner_sid, sizeof(struct dom_sid));
+ }
final_sd->type |= old_sd->type & SEC_DESC_OWNER_DEFAULTED;
}
if (sd_flags & (SECINFO_GROUP)) {
- final_sd->group_sid = talloc_memdup(mem_ctx, new_sd->group_sid, sizeof(struct dom_sid));
+ if (new_sd->group_sid) {
+ final_sd->group_sid = talloc_memdup(mem_ctx, new_sd->group_sid, sizeof(struct dom_sid));
+ }
final_sd->type |= new_sd->type & SEC_DESC_GROUP_DEFAULTED;
}
else if (old_sd) {
- final_sd->group_sid = talloc_memdup(mem_ctx, old_sd->group_sid, sizeof(struct dom_sid));
+ if (old_sd->group_sid) {
+ final_sd->group_sid = talloc_memdup(mem_ctx, old_sd->group_sid, sizeof(struct dom_sid));
+ }
final_sd->type |= old_sd->type & SEC_DESC_GROUP_DEFAULTED;
}
@@ -643,7 +651,7 @@ static int descriptor_add(struct ldb_module *module, struct ldb_request *req)
* The SD_FLAG control is ignored on add
* and we default to all bits set.
*/
- sd_flags = 0xF;
+ sd_flags = SECINFO_OWNER|SECINFO_GROUP|SECINFO_SACL|SECINFO_DACL;
sd = get_new_descriptor(module, dn, req,
objectclass, parent_sd,
diff --git a/source4/torture/drs/python/repl_schema.py b/source4/torture/drs/python/repl_schema.py
index 166a0eb..cbed640 100644
--- a/source4/torture/drs/python/repl_schema.py
+++ b/source4/torture/drs/python/repl_schema.py
@@ -84,7 +84,11 @@ class DrsReplSchemaTestCase(drs_base.DrsBaseTestCase):
if not attrs is None:
rec.update(attrs)
# add it to the Schema
- ldb_ctx.add(rec)
+ try:
+ ldb_ctx.add(rec)
+ except LdbError, (enum, estr):
+ self.fail("Adding record failed with %d/%s" % (enum, estr))
+
self._ldap_schemaUpdateNow(ldb_ctx)
return (rec["lDAPDisplayName"], rec["dn"])
diff --git a/source4/torture/drs/python/replica_sync.py b/source4/torture/drs/python/replica_sync.py
index 89834a3..8839421 100644
--- a/source4/torture/drs/python/replica_sync.py
+++ b/source4/torture/drs/python/replica_sync.py
@@ -63,7 +63,7 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase):
self.fail("'drs replicate' command should have failed!")
def test_ReplDisabledForced(self):
- """Tests we cann't replicate when replication is disabled"""
+ """Tests we can force replicate when replication is disabled"""
self._disable_inbound_repl(self.dnsname_dc1)
out = self._net_drs_replicate(DC=self.dnsname_dc1, fromDC=self.dnsname_dc2, forced=True)
--
Samba Shared Repository
More information about the samba-cvs
mailing list