[SCM] Samba Shared Repository - branch v4-0-stable updated
Karolin Seeger
kseeger at samba.org
Tue Oct 8 02:02:41 MDT 2013
The branch, v4-0-stable has been updated
via 55c51b8 VERSION: Disable git snapshots for the 4.0.10 release.
via 6b120a5 WHATSNEW: Update release date.
via 825aadb WHATSNEW: Add latest changes since 4.0.9.
via 8303c26 smbd: Fix crash bug in notify_deferred_opens
via 76952d4 torture3: Trigger a nasty cleanup bug in smbd
via 73166e5 smbd: Fix flawed share_mode_stale_pid API
via 65c8909 smbd: Rename parameter "i" to "idx"
via e3e0f59 smbd: Don't store in-memory only flags in locking.tdb
via a321024 smbd: Simplify find_oplock_types
via c02af3e WHATSNEW: Add hint on the new "acl allow execute always" parameter.
via 5f3c623 WHATSNEW: Satrt release notes for Samba 4.0.10.
via ac049b9 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs
via 51822a5 s3:smbd:smb2:scavenger: fix format error for debugging open_persistent_id in scavenger_timer()
via 22b48b3 python-samba-tool fsmo: Do not give an error on a successful role transfer
via fffa771 Fix bug 10162 - POSIX ACL mapping failing when setting DENY ACE's from Windows.
via c62c56c docs: point out side-effects of global "valid users" setting.
via 43e5b94 libcli: continue to read from the socket even if the size is 0
via f7a9cb0 Fix is_legal_name() to not emit character conversion error messages.
via 5f3fa21 s3:smb2_find: Return that timestamps do not exist as directories
via 71e2a9a docs: Fix typos.
via 56fb38c Raise the level of a debug.
via 4dd30fa docs: document "acl allow execute always"
via 4101896 s3:smbd: ease file server upgrades from 3.6 and earlier with "acl allow execute aways"
via 13be13f loadparm: add new parameter "acl allow execute always"
via dab5a79 samba-tool/dns: Pass on additional flags when creating zones
via e4e9464 samba-tool/dns: Set secure zone update flag after creating new zone
via f9c157c Optimization. Don't do the retry logic if sitename_fetch() returned NULL, we already did a NULL query.
via 70be15b Move the retry logic when site_name is passed in a NULL or "" to the wrapper function.
via 9930f28 Move the manipulation of site_name into the caller function dsgetdcname().
via 6ddc9a5 Refactor dsgetdcname to be called via a wrapper function.
via 8943d97 dsgetdcname_cache_fetch() doesn't use the site_name parameter so don't pass it.
via e0beb5a smbd: Correctly return INFO_LENGTH_MISMATCH for smb1
via df9fd7f smbd: Fix error return for STREAM_INFO
via d594876 smbd: Revert a93f9c3
via aadd02d smbd: Correctly return BUFFER_OVERFLOW in smb2_getinfo
via cedcde9 smbd: Correctly return INFO_LENGTH_MISMATCH in smb2_getinfo
via ef717ef smbd: qfsinfo has fixed/variable buffers
via 4220369 smbd: qfilepathinfo has fixed/variable buffers
via 12c77c7 smbd: Use #defines in smb2_getinfo_send
via 6dc2f7f s3:smbd: allow info class SMB_QUERY_FS_ATTRIBUTE_INFO to return partial data
via cc100f0 s3:smbd: allow info class SMB_QUERY_FS_VOLUME_INFO to return partial data
via 235342b s3:smbd: allow status code in smbd_do_qfsinfo() to be set by information class handler
via 2c608aa s3:smbd: allow GetInfo responses with STATUS_BUFFER_OVERFLOW to return partial, but valid data
via 71c00f1 s3:smbd: return NT_STATUS_INFO_LENGTH_MISMATCH for GetInfo in case output_buffer_length is too small
via 067ce71 torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9
via cf1ae22 selftest: Add a basic test of samba_upgradedns
via 8424ea2 selftest: Start internal DNS server on domain provisioned for BIND9_DLZ
via e94d37c selftest: Test creation of the dns-SERVER account during selftest
via 8e618de scripting/samba_upgradedns: Tighten up exception and attribute list handling
via d17713f scripting/join.py: Handle creating the dns-NAME account during a DC join
via 6bed1b2 selftest: Fix specification of --machinepass to actually set a unique password
via 8749a30 s3:lib/gencache: place gencache.tdb into /var/cache/samba
via 825d273 python/provision: remove unused linklocal=False argument from interface_ips_v6()
via 1cfb0ae s4:samba_upgradedns: don't pass linklocal=False to interface_ips_v6()
via ad2dc0f python/pyglue: filter out loopback and linklocal addresses unless all_interfaces is given
via 25ded36 Fix the UNIX extensions CHOWN calls to use FCHOWN if available, else LCHOWN.
via ac3c32d Allow UNIX extensions client to act on open fsp instead of pathname if available.
via 335e417 Fix the erroneous masking of chmod requests via the UNIX extensions.
via 9891d98 Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in "EOF on stdin"
via d63a5e5 s3: Fix some blank line endings
via c65a4e8 smbd: Simplify dropbox special case in unix_convert
via c72c00c smbd: Fix a profile problem
via 1787174 Fix bug #10063 - source3/lib/util.c:1493 leaking memory w/ pam_winbind.so / winbind
via 16e6631 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
via 232fd8b waf: replace dependency to libintl with samba_intl
via 202f7b9 waf: consolidate libintl related checks
via 9a19757 waf: add --without-gettext option
via 32dbdbe waf: fix build on AIX7
via af09311 s3:lib/system fix build on AIX 7
via 0d8f04a smbd: Fix async echo handler forking (Bug 10086)
via 830eae7 Fix bug #10097 - MacOSX 10.9 will not follow path-based DFS referrals handed out by Samba.
via ec6b02d docs: Fix variable list in man vfs_crossrename.
via ead7d80 VERSION: Bump version number up to 4.0.10...
from c0bc3a3 VERSION: Disable git snapshots for the 4.0.9 release.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 135 +++++++++++++++++++-
buildtools/wafsamba/wscript | 5 +-
docs-xml/manpages/vfs_crossrename.8.xml | 20 ++--
.../smbdotconf/protocol/aclallowexecutealways.xml | 26 ++++
docs-xml/smbdotconf/security/validusers.xml | 10 ++
lib/param/param_functions.c | 1 +
lib/param/param_table.c | 10 ++
lib/replace/wscript | 46 +++++--
nsswitch/wscript_build | 2 +-
python/pyglue.c | 45 ++++++-
python/samba/join.py | 73 ++++++++++-
python/samba/netcmd/dns.py | 18 ++-
python/samba/netcmd/fsmo.py | 14 +-
python/samba/provision/__init__.py | 6 +-
python/samba/provision/sambadns.py | 11 +-
selftest/target/Samba4.pm | 14 +-
source3/include/ntioctl.h | 1 +
source3/include/proto.h | 1 +
source3/include/smb.h | 3 +
source3/lib/gencache.c | 2 +-
source3/lib/system.c | 15 ++-
source3/lib/util.c | 6 +-
source3/librpc/idl/open_files.idl | 10 +-
source3/libsmb/dsgetdcname.c | 85 ++++++++++---
source3/locking/locking.c | 47 +++++--
source3/locking/proto.h | 2 +-
source3/locking/share_mode_lock.c | 24 ++++
source3/modules/vfs_shadow_copy2.c | 3 -
source3/nmbd/nmbd.c | 14 ++-
source3/param/loadparm.c | 1 +
source3/rpc_server/spoolss/srv_spoolss_nt.c | 2 +-
source3/selftest/tests.py | 1 +
source3/smbd/close.c | 10 +-
source3/smbd/dosmode.c | 5 +
source3/smbd/filename.c | 28 ++++-
source3/smbd/globals.h | 2 +
source3/smbd/mangle_hash2.c | 20 +--
source3/smbd/negprot.c | 9 +-
source3/smbd/nttrans.c | 6 +-
source3/smbd/open.c | 35 ++++--
source3/smbd/posix_acls.c | 2 +-
source3/smbd/reply.c | 48 ++++----
source3/smbd/scavenger.c | 9 +-
source3/smbd/server.c | 14 ++-
source3/smbd/smb2_create.c | 3 +-
source3/smbd/smb2_find.c | 13 ++
source3/smbd/smb2_getinfo.c | 47 ++++++-
source3/smbd/smbd.h | 1 +
source3/smbd/trans2.c | 127 +++++++++++++++---
source3/torture/proto.h | 1 +
source3/torture/test_cleanup.c | 70 ++++++++++
source3/torture/torture.c | 1 +
source3/winbindd/winbindd.c | 23 +++-
source3/winbindd/winbindd_cm.c | 9 +-
source3/wscript | 9 +-
source3/wscript_build | 2 +-
source4/dsdb/schema/schema_syntax.c | 2 +-
source4/heimdal_build/wscript_build | 4 +-
source4/heimdal_build/wscript_configure | 4 +-
source4/libcli/dgram/dgramsocket.c | 2 +-
source4/scripting/bin/samba_upgradedns | 32 +++--
source4/selftest/tests.py | 3 +-
source4/setup/secrets_dns.ldif | 2 +-
source4/smbd/server.c | 13 ++-
source4/torture/dns/dlz_bind9.c | 78 +++++++++++
source4/torture/winbind/winbind.c | 1 +
testprogs/blackbox/test_samba_upgradedns.sh | 37 ++++++
68 files changed, 1095 insertions(+), 232 deletions(-)
create mode 100644 docs-xml/smbdotconf/protocol/aclallowexecutealways.xml
create mode 100755 testprogs/blackbox/test_samba_upgradedns.sh
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index be37c35..5f5ae18 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=9
+SAMBA_VERSION_RELEASE=10
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8847406..3b9462b 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,134 @@
+ ==============================
+ Release Notes for Samba 4.0.10
+ October 8, 2013
+ ==============================
+
+
+This is is the latest stable release of Samba 4.0.
+
+Major enhancements in Samba 4.0.10 include:
+
+o NetBIOS related samba process consumes 100% CPU (bug #10158).
+o smbd: Clean up share modes after hard crash (bug #10138).
+o Fix POSIX ACL mapping when setting DENY ACE's from Windows (bug #10162).
+
+To ease upgrades from Samba 3.6 and older, a new parameter called "acl allow
+execute always" has been introduced as a temporary workaround. Please see the
+smb.conf man page for details.
+
+
+Changes since 4.0.9:
+--------------------
+
+o Michael Adam <obnox at samba.org>
+ * BUG 10134: Ease file server upgrades from 3.6 and earlier with "acl allow
+ execute always".
+ * BUG 10169: Fix build error in scavenger.c.
+
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 5917: Make Samba work on site with Read Only Domain Controller.
+ * BUG 9166: Starting smbd or nmbd with stdin from /dev/null results in
+ "EOF on stdin".
+ * BUG 10063: source3/lib/util.c:1493 leaking memory w/ pam_winbind.so /
+ winbind.
+ * BUG 10121: Masks incorrectly applied to UNIX extension permission changes.
+ * BUG 10139: Valid utf8 filenames cause "invalid conversion error"
+ messages.
+
+
+o Christian Ambach <ambi at samba.org>
+ * BUG #9911 - Build Samba 4.0.x on AIX with IBM XL C/C++.
+
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 8077: dsdb: Convert the full string from UTF16 to UTF8, including
+ embedded NULLs.
+ * BUG 9091: When replicating DNS for bind9_dlz we need to create the
+ server-DNS account remotely.
+ * BUG 9461: python-samba-tool fsmo: Do not give an error on a successful
+ role transfer.
+
+
+o Günther Deschner <gd at samba.org>
+ * BUG 9615: s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
+ * BUG 9899: s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
+ * BUG 10147: Better document potential implications of a globally used
+ "valid users".
+
+
+o Korobkin <korobkin+samba at gmail.com>
+ * BUG 10118: Samba is chatty about being unable to open a printer.
+
+
+o Amitay Isaacs <amitay at gmail.com>
+ * BUG 9599: samba-tool/dns: Pass on additional flags when creating zones.
+
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 10086: smbd: Fix async echo handler forking.
+ * BUG 10106: Honour output buffer length set by the client for SMB2
+ GetInfo requests.
+ * BUG 10114: Dropbox (write-only-directory) case isn't handled correctly in
+ pathname lookup.
+ * BUG 10138: smbd: Clean up share modes after hard crash.
+
+
+o Daniel Liberman <danielvl at gmail.com>
+ * BUG 10162: Fix POSIX ACL mapping when setting DENY ACE's from Windows.
+
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 9802: Move gencache.tdb to /var/cache/samba.
+ * BUG 10030: ::1 added to nameserver on join.
+
+
+o Matthieu Patou <mat at matws.net>
+ * BUG 10158: NetBIOS related samba process consumes 100% CPU.
+
+
+o Christof Schmitt <christof.schmitt at us.ibm.com>
+ * BUG 10137: vfs_shadow_copy2 does not display previous versions correctly
+ over SMB2.
+
+
+o Karolin Seeger <kseeger at samba.org>
+ * BUG 10076: docs: Fix variable list in man vfs_crossrename.
+
+
+o Richard Sharpe <realrichardsharpe at gmail.com>
+ * BUG 10097 - MacOSX 10.9 will not follow path-based DFS referrals handed
+ out by Samba.
+
+
+o Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
+ * BUG 10106: Honour output buffer length set by the client for SMB2
+ GetInfo requests.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.0 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
=============================
Release Notes for Samba 4.0.9
August 20, 2013
@@ -105,8 +236,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.0.8
diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript
index 17aef27..fe2e515 100755
--- a/buildtools/wafsamba/wscript
+++ b/buildtools/wafsamba/wscript
@@ -82,6 +82,9 @@ def set_options(opt):
help='additional directory to search for gettext',
action='store', dest='gettext_location', default='/usr/local',
match = ['Checking for library intl', 'Checking for header libintl.h'])
+ opt.add_option('--without-gettext',
+ help=("Disable use of gettext"),
+ action="store_true", dest='disable_gettext', default=False)
gr = opt.option_group('developer options')
@@ -322,7 +325,7 @@ def configure(conf):
else:
conf.env.HAVE_LD_VERSION_SCRIPT = False
- if sys.platform == "aix5" or sys.platform == "aix6":
+ if sys.platform.startswith('aix'):
conf.DEFINE('_ALL_SOURCE', 1, add_to_cflags=True)
# Might not be needed if ALL_SOURCE is defined
# conf.DEFINE('_XOPEN_SOURCE', 600, add_to_cflags=True)
diff --git a/docs-xml/manpages/vfs_crossrename.8.xml b/docs-xml/manpages/vfs_crossrename.8.xml
index 898c2b3..3913596 100644
--- a/docs-xml/manpages/vfs_crossrename.8.xml
+++ b/docs-xml/manpages/vfs_crossrename.8.xml
@@ -37,28 +37,30 @@
NT_STATUS_NOT_SAME_DEVICE and the client has to move the file by
manual copy and delete operations. If the rename by copy is done by the
server this can be much more efficient. vfs_crossrename tries to do
- this server-side cross-device rename operation. There are however
- limitations that this module currently does not solve:
+ this server-side cross-device rename operation.
+ </para>
+
+ <para>There are however limitations that this module currently does not
+ solve:</para>
<variablelist>
<varlistentry>
- the ACLs of files are not preserved
+ <para>The ACLs of files are not preserved,</para>
</varlistentry>
<varlistentry>
- meta data in EAs are not preserved
+ <para>meta data in EAs are not preserved,</para>
</varlistentry>
<varlistentry>
- renames of whole subdirectories cannot be done recursively,
+ <para>renames of whole subdirectories cannot be done recursively,
in that case we still return STATUS_NOT_SAME_DEVICE and
- let the client decide what to do
+ let the client decide what to do,</para>
</varlistentry>
<varlistentry>
- rename operations of huge files can cause hangs on the
+ <para>rename operations of huge files can cause hangs on the
client because clients expect a rename operation to
- return fast
+ return fast.</para>
</varlistentry>
</variablelist>
- </para>
<para>This module is stackable.</para>
diff --git a/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml b/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml
new file mode 100644
index 0000000..49d2c48
--- /dev/null
+++ b/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml
@@ -0,0 +1,26 @@
+<samba:parameter name="acl allow execute always"
+ context="S"
+ type="boolean"
+ advanced="1" wizard="1"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>
+ This boolean parameter controls the behaviour of <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> when receiving a protocol request of "open for execution"
+ from a Windows client.
+ With Samba 3.6 and older, the execution right in the ACL was not checked, so a client
+ could execute a file even if it did not have execute rights on the file. In Samba 4.0,
+ this has been fixed, so that by default, i.e. when this parameter is set to "False",
+ "open for execution" is now denied when execution permissions are not present.
+ </para>
+ <para>
+ If this parameter is set to "True", Samba does not check execute permissions on
+ "open for execution", thus re-establishing the behaviour of Samba 3.6.
+ This can be useful to smoothen upgrades from older Samba versions to 4.0 and newer.
+ This setting is not not meant to be used as a permanent setting, but as a temporary relief:
+ It is recommended to fix the permissions in the ACLs and reset this parameter to the
+ default after a certain transition period.
+ </para>
+</description>
+<value type="default">False</value>
+</samba:parameter>
diff --git a/docs-xml/smbdotconf/security/validusers.xml b/docs-xml/smbdotconf/security/validusers.xml
index 313739d..ec3e11e 100644
--- a/docs-xml/smbdotconf/security/validusers.xml
+++ b/docs-xml/smbdotconf/security/validusers.xml
@@ -19,6 +19,16 @@
The current servicename is substituted for <parameter moreinfo="none">%S</parameter>.
This is useful in the [homes] section.
</para>
+
+ <para><emphasis>Note: </emphasis>When used in the [global] section this
+ parameter may have unwanted side effects. For example: If samba is configured as a MASTER BROWSER (see
+ <parameter moreinfo="none">local master</parameter>,
+ <parameter moreinfo="none">os level</parameter>,
+ <parameter moreinfo="none">domain master</parameter>,
+ <parameter moreinfo="none">preferred master</parameter>) this option
+ will prevent workstations from being able to browse the network.
+ </para>
+
</description>
<related>invalid users</related>
diff --git a/lib/param/param_functions.c b/lib/param/param_functions.c
index 94652fa..35e199f 100644
--- a/lib/param/param_functions.c
+++ b/lib/param/param_functions.c
@@ -134,6 +134,7 @@ FN_LOCAL_BOOL(afs_share, bAfs_Share)
FN_LOCAL_BOOL(acl_check_permissions, bAclCheckPermissions)
FN_LOCAL_BOOL(acl_group_control, bAclGroupControl)
FN_LOCAL_BOOL(acl_map_full_control, bAclMapFullControl)
+FN_LOCAL_BOOL(acl_allow_execute_always, bAclAllowExecuteAlways)
FN_LOCAL_INTEGER(defaultcase, iDefaultCase)
FN_LOCAL_INTEGER(minprintspace, iMinPrintSpace)
FN_LOCAL_INTEGER(printing, iPrinting)
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index a73cd96..5b78eae 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -920,6 +920,16 @@ static struct parm_struct parm_table[] = {
.flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
},
{
+ .label = "acl allow execute always",
+ .type = P_BOOL,
+ .p_class = P_LOCAL,
+ .offset = LOCAL_VAR(bAclAllowExecuteAlways),
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
+ },
+
+ {
.label = "create mask",
.type = P_OCTAL,
.p_class = P_LOCAL,
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 951b791..e4d8b6b 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -85,7 +85,7 @@ struct foo bar = { .y = 'X', .x = 1 };
sys/sockio.h sys/un.h''', together=True)
conf.CHECK_HEADERS('sys/uio.h ifaddrs.h direct.h dirent.h')
conf.CHECK_HEADERS('windows.h winsock2.h ws2tcpip.h')
- conf.CHECK_HEADERS('libintl.h errno.h')
+ conf.CHECK_HEADERS('errno.h')
conf.CHECK_HEADERS('gcrypt.h getopt.h iconv.h')
conf.CHECK_HEADERS('sys/inotify.h memory.h nss.h sasl/sasl.h')
conf.CHECK_HEADERS('security/pam_appl.h zlib.h asm/unistd.h')
@@ -346,17 +346,41 @@ removeea setea
headers='netinet/in.h arpa/nameser.h resolv.h')
- if not conf.CHECK_FUNCS_IN('gettext', 'intl', checklibc=True, headers='libintl.h'):
- # Some hosts need lib iconv for linking with lib intl
- # So we try with flags just in case it helps.
- oldflags = conf.env['LDFLAGS_INTL']
- conf.env['LDFLAGS_INTL'] = "-liconv"
- if not conf.CHECK_LIB('intl'):
- conf.env['LDFLAGS_INTL'] = oldflags
+ conf.env.intl_libs=''
+ if not Options.options.disable_gettext:
+ conf.CHECK_HEADERS('libintl.h')
+ conf.CHECK_LIB('intl')
+ # *textdomain functions are not strictly necessary
+ conf.CHECK_FUNCS_IN('bindtextdomain textdomain bind_textdomain_codeset',
+ '', checklibc=True, headers='libintl.h')
+ # gettext and dgettext must exist
+ # on some systems (the ones with glibc, those are in libc)
+ if conf.CHECK_FUNCS_IN('dgettext gettext', '', checklibc=True, headers='libintl.h'):
+ # save for dependency definitions
+ conf.env.intl_libs=''
+ # others (e.g. FreeBSD) have seperate libintl
+ elif conf.CHECK_FUNCS_IN('dgettext gettext', 'intl', checklibc=False, headers='libintl.h'):
+ # save for dependency definitions
+ conf.env.intl_libs='intl'
+ # recheck with libintl
+ conf.CHECK_FUNCS_IN('bindtextdomain textdomain bind_textdomain_codeset',
+ 'intl', checklibc=False, headers='libintl.h')
else:
- conf.CHECK_FUNCS_IN('gettext', 'intl', checklibc=True, headers='libintl.h')
+ # Some hosts need lib iconv for linking with lib intl
+ # So we try with flags just in case it helps.
+ oldflags = conf.env['EXTRA_LDFLAGS'];
+ conf.env['EXTRA_LDFLAGS'].extend("-liconv")
+ conf.CHECK_FUNCS_IN('dgettext gettext bindtextdomain textdomain bind_textdomain_codeset',
+ 'intl', checklibc=False, headers='libintl.h')
+ conf.env['EXTRA_LDFLAGS'] = oldflags
+ if conf.env['HAVE_GETTEXT'] and conf.env['HAVE_DGETTEXT']:
+ # save for dependency definitions
+ conf.env.intl_libs='iconv intl'
+ else:
+ conf.fatal('library gettext not found, try specifying the path to ' +
+ 'it with --with-gettext=</path/to/gettext> or ' +
+ '--without-gettext to build without''')
- conf.CHECK_FUNCS_IN('dgettext gettext', 'intl', headers='libintl.h')
conf.CHECK_FUNCS_IN('pthread_create', 'pthread', checklibc=True, headers='pthread.h')
conf.CHECK_FUNCS_IN('crypt', 'crypt', checklibc=True)
@@ -622,6 +646,8 @@ def build(bld):
target='stdbool.h',
enabled = not bld.CONFIG_SET('HAVE_STDBOOL_H'))
+ bld.SAMBA_SUBSYSTEM('samba_intl', source='', use_global_deps=False,deps=bld.env.intl_libs)
+
def dist():
'''makes a tarball for distribution'''
samba_dist.dist()
diff --git a/nsswitch/wscript_build b/nsswitch/wscript_build
index a7d6489..55ba776 100644
--- a/nsswitch/wscript_build
+++ b/nsswitch/wscript_build
@@ -81,7 +81,7 @@ elif (host_os.rfind('aix') > -1):
if bld.CONFIG_SET('WITH_PAM_MODULES') and bld.CONFIG_SET('HAVE_PAM_START'):
bld.SAMBA_LIBRARY('pamwinbind',
source='pam_winbind.c',
- deps='intl talloc wbclient winbind-client iniparser pam',
+ deps='talloc wbclient winbind-client iniparser pam samba_intl',
cflags='-DLOCALEDIR=\"%s/locale\"' % bld.env.DATADIR,
realname='pam_winbind.so',
install_path='${PAMMODULESDIR}'
diff --git a/python/pyglue.c b/python/pyglue.c
index c21de46..802153a 100644
--- a/python/pyglue.c
+++ b/python/pyglue.c
@@ -164,18 +164,59 @@ static PyObject *py_interface_ips(PyObject *self, PyObject *args)
/* first count how many are not loopback addresses */
for (ifcount = i = 0; i<count; i++) {
const char *ip = iface_list_n_ip(ifaces, i);
- if (!(!all_interfaces && iface_list_same_net(ip, "127.0.0.1", "255.0.0.0"))) {
+
+ if (all_interfaces) {
ifcount++;
+ continue;
+ }
+
+ if (iface_list_same_net(ip, "127.0.0.1", "255.0.0.0")) {
+ continue;
+ }
+
+ if (iface_list_same_net(ip, "169.254.0.0", "255.255.0.0")) {
+ continue;
}
+
+ if (iface_list_same_net(ip, "::1", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff")) {
+ continue;
+ }
+
+ if (iface_list_same_net(ip, "fe80::", "ffff:ffff:ffff:ffff::")) {
+ continue;
+ }
+
+ ifcount++;
}
pylist = PyList_New(ifcount);
for (ifcount = i = 0; i<count; i++) {
const char *ip = iface_list_n_ip(ifaces, i);
- if (!(!all_interfaces && iface_list_same_net(ip, "127.0.0.1", "255.0.0.0"))) {
+
+ if (all_interfaces) {
PyList_SetItem(pylist, ifcount, PyString_FromString(ip));
ifcount++;
+ continue;
+ }
+
+ if (iface_list_same_net(ip, "127.0.0.1", "255.0.0.0")) {
+ continue;
+ }
+
+ if (iface_list_same_net(ip, "169.254.0.0", "255.255.0.0")) {
+ continue;
}
+
+ if (iface_list_same_net(ip, "::1", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff")) {
+ continue;
+ }
+
+ if (iface_list_same_net(ip, "fe80::", "ffff:ffff:ffff:ffff::")) {
+ continue;
+ }
+
+ PyList_SetItem(pylist, ifcount, PyString_FromString(ip));
+ ifcount++;
}
talloc_free(tmp_ctx);
return pylist;
diff --git a/python/samba/join.py b/python/samba/join.py
index c55c22c..b2f4da4 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -26,9 +26,12 @@ from samba.ndr import ndr_pack
from samba.dcerpc import security, drsuapi, misc, nbt, lsa, drsblobs
from samba.credentials import Credentials, DONT_USE_KERBEROS
from samba.provision import secretsdb_self_join, provision, provision_fill, FILL_DRS, FILL_SUBDOMAIN
+from samba.provision.common import setup_path
from samba.schema import Schema
from samba.net import Net
from samba.provision.sambadns import setup_bind9_dns
+from samba import read_and_sub_file
+from base64 import b64encode
import logging
import talloc
import random
@@ -179,6 +182,19 @@ class dc_join(object):
attrs=["msDS-krbTgtLink"])
if res:
ctx.del_noerror(res[0].dn, recursive=True)
+
+ res = ctx.samdb.search(base=ctx.samdb.get_default_basedn(),
+ expression='(&(sAMAccountName=%s)(servicePrincipalName=%s))' % (ldb.binary_encode("dns-%s" % ctx.myname), ldb.binary_encode("dns/%s" % ctx.dnshostname)),
+ attrs=[])
+ if res:
+ ctx.del_noerror(res[0].dn, recursive=True)
+
+ res = ctx.samdb.search(base=ctx.samdb.get_default_basedn(),
+ expression='(sAMAccountName=%s)' % ldb.binary_encode("dns-%s" % ctx.myname),
+ attrs=[])
+ if res:
--
Samba Shared Repository
More information about the samba-cvs
mailing list