[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Mon Sep 23 01:30:03 CEST 2013
The branch, master has been updated
via a3f25f2 selftst: add tests based on 4.1.0rc3 to check for zero invocationID in replPropertyMetaData
via 038a9a7 selftest: Add release-4-1-0rc3 saved provision
via 9c11ad2 selftest: Only run referenceprovision and ldapcmp for the 4.0.0 test
via 9b8e174 selftest: Add script to assist in writing out a tree undump.sh can restore
via 9e1dde1 dbcheck: Look for and fix the all-zero invocationID in replPropertyMetaData
via 25d4baf dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaData
via 274b899 smb.conf: Fill out the ntvfs handler smb.conf page from source4/NEWS
via 334d83e Remove NEWS file containing confusing information
via 8d9986a Remove confusing TODO file
via 53c06d0 dsdb: Use WERR_DS_ATT_NOT_DEF_IN_SCHEMA for failed schema lookups
from 096c962 Backport 0e97908 from WAF repository: symlink fix for OpenBSD
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a3f25f25113d83a605638fa2806014ad9972f919
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 22:06:54 2013 -0700
selftst: add tests based on 4.1.0rc3 to check for zero invocationID in replPropertyMetaData
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Sep 23 01:29:10 CEST 2013 on sn-devel-104
commit 038a9a7c5ec964e5b42e1329eab0573e50a9d3b0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 22:52:01 2013 -0700
selftest: Add release-4-1-0rc3 saved provision
This version has the regression where we would, on join, write an
all-zero invocationID in the replPropertyMetaData attribute, on
Deleted Objects in particular.
To demonstrate this regression, this is based on the promoted_dc
environment from make test, with the domain altered to match the
pattern used in these trees.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 9c11ad25b211242cbe526f280688640658c4a365
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 23:36:46 2013 -0700
selftest: Only run referenceprovision and ldapcmp for the 4.0.0 test
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 9b8e174fe8cac61cfcfa1c76e8cab2450e4a0af5
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 18:52:21 2013 -0700
selftest: Add script to assist in writing out a tree undump.sh can restore
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 9e1dde15f9d3a374747d163e37016b54f008bd9f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 18:03:43 2013 -0700
dbcheck: Look for and fix the all-zero invocationID in replPropertyMetaData
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 25d4bafca7245e3f8291e5f0f304b1b4f8ce5600
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 14:33:21 2013 -0700
dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaData
This matches Windows 2008R2.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 274b899095645550e263564ae4e03b4f0d6bdbea
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 14:32:27 2013 -0700
smb.conf: Fill out the ntvfs handler smb.conf page from source4/NEWS
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 334d83e4e7821b3f2ac54ef11f67aefaa564b00b
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 14:31:31 2013 -0700
Remove NEWS file containing confusing information
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 8d9986a6e9cb8c633c57c84c4d6aefd21e181c40
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 14:10:02 2013 -0700
Remove confusing TODO file
This makes no sense in the merged tree, and only confuses users.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 53c06d03a880319cf67a99250958cce16147f181
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Sep 21 13:55:00 2013 -0700
dsdb: Use WERR_DS_ATT_NOT_DEF_IN_SCHEMA for failed schema lookups
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/vfs/ntvfshandler.xml | 13 +
python/samba/dbchecker.py | 68 +
selftest/tests.py | 1 +
source4/NEWS | 496 -
source4/TODO | 276 -
source4/dsdb/repl/replicated_objects.c | 9 +
source4/dsdb/schema/schema_syntax.c | 56 +-
source4/selftest/provisions/dump.sh | 48 +
.../release-4-1-0rc3/etc/smb.conf.template | 17 +
.../provisions/release-4-1-0rc3/private/dns.keytab | Bin 0 -> 1037 bytes
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump |29028 +++++++++++++
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump |43468 +++++++++++++++++++
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump | 928 +
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump | 488 +
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump | 12 +
.../private/dns/sam.ldb.d/metadata.tdb.dump | 8 +
.../release-4-1-0rc3/private/dns/sam.ldb.dump | 36 +
.../private/dns_update_list | 0
.../release-4-1-0rc3/private/hklm.ldb.dump | 80 +
.../release-4-1-0rc3/private/idmap.ldb.dump | 48 +
.../provisions/release-4-1-0rc3/private/named.conf | 18 +
.../release-4-1-0rc3/private/named.conf.update | 7 +
.../provisions/release-4-1-0rc3/private/named.txt | 45 +
.../release-4-1-0rc3/private/privilege.ldb.dump | 156 +
.../release-4-1-0rc3/private/randseed.tdb.dump | 0
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump |29104 +++++++++++++
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump |43812 ++++++++++++++++++++
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump | 928 +
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump | 488 +
...DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump | 6600 +++
.../private/sam.ldb.d/metadata.tdb.dump | 8 +
.../release-4-1-0rc3/private/sam.ldb.dump | 36 +
.../private/schannel_store.tdb.dump | 0
.../release-4-1-0rc3/private/secrets.keytab | Bin 0 -> 1482 bytes
.../release-4-1-0rc3/private/secrets.ldb.dump | 48 +
.../release-4-1-0rc3/private/secrets.tdb.dump | 16 +
.../release-4-1-0rc3/private/share.ldb.dump | 32 +
.../private/smbd.tmp/msg/names.tdb.dump | 52 +
.../private/spn_update_list | 0
.../release-4-1-0rc3/private/wins_config.ldb.dump | 4 +
testprogs/blackbox/dbcheck-oldrelease.sh | 18 +-
41 files changed, 155648 insertions(+), 804 deletions(-)
delete mode 100644 source4/NEWS
delete mode 100644 source4/TODO
create mode 100755 source4/selftest/provisions/dump.sh
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/etc/smb.conf.template
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns.keytab
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns/sam.ldb.d/CN%3DCONFIGURATION,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns/sam.ldb.d/CN%3DSCHEMA,CN%3DCONFIGURATION,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns/sam.ldb.d/DC%3DDOMAINDNSZONES,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns/sam.ldb.d/DC%3DFORESTDNSZONES,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns/sam.ldb.d/DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns/sam.ldb.d/metadata.tdb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/dns/sam.ldb.dump
copy source4/selftest/provisions/{release-4-0-0 => release-4-1-0rc3}/private/dns_update_list (100%)
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/hklm.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/idmap.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/named.conf
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/named.conf.update
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/named.txt
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/privilege.ldb.dump
copy buildtools/wafsamba/__init__.py => source4/selftest/provisions/release-4-1-0rc3/private/randseed.tdb.dump (100%)
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/sam.ldb.d/CN%3DCONFIGURATION,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/sam.ldb.d/CN%3DSCHEMA,CN%3DCONFIGURATION,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/sam.ldb.d/DC%3DDOMAINDNSZONES,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/sam.ldb.d/DC%3DFORESTDNSZONES,DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/sam.ldb.d/DC%3DRELEASE-4-1-0RC3,DC%3DSAMBA,DC%3DCORP.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/sam.ldb.d/metadata.tdb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/sam.ldb.dump
copy buildtools/wafsamba/__init__.py => source4/selftest/provisions/release-4-1-0rc3/private/schannel_store.tdb.dump (100%)
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/secrets.keytab
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/secrets.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/secrets.tdb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/share.ldb.dump
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/smbd.tmp/msg/names.tdb.dump
copy source4/selftest/provisions/{release-4-0-0 => release-4-1-0rc3}/private/spn_update_list (100%)
create mode 100644 source4/selftest/provisions/release-4-1-0rc3/private/wins_config.ldb.dump
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/vfs/ntvfshandler.xml b/docs-xml/smbdotconf/vfs/ntvfshandler.xml
index aa3bce5..92b5c6d 100644
--- a/docs-xml/smbdotconf/vfs/ntvfshandler.xml
+++ b/docs-xml/smbdotconf/vfs/ntvfshandler.xml
@@ -6,6 +6,19 @@
<description>
<para>This specifies the NTVFS handlers for this share.</para>
+ <itemizedlist>
+ <listitem><para>posix: Maps POSIX FS semantics to NT semantics</para></listitem>
+ <listitem><para>unixuid: Sets up user credentials based on POSIX gid/uid.</para></listitem>
+ <listitem><para>cifs: Proxies a remote CIFS FS. Mainly useful for testing.</para></listitem>
+ <listitem><para>nbench: Filter module that saves data useful to the nbench benchmark suite.</para></listitem>
+ <listitem><para>ipc: Allows using SMB for inter process communication. Only used for the IPC$ share.</para></listitem>
+ <listitem><para>posix: Maps POSIX FS semantics to NT semantics</para></listitem>
+ <listitem><para>print: Allows printing over SMB. This is
+ LANMAN-style printing, not the be confused with the spoolss
+ DCE/RPC interface used by later versions of
+ Windows.</para></listitem>
+ </itemizedlist>
+
<para>Note that this option is only used when the NTVFS file server
is in use. It is not used with the (default)
s3fs file server.
diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py
index 8b175c2..ee8b5ae 100644
--- a/python/samba/dbchecker.py
+++ b/python/samba/dbchecker.py
@@ -18,6 +18,8 @@
#
import ldb
+import samba
+import time
from samba import dsdb
from samba import common
from samba.dcerpc import misc
@@ -59,6 +61,7 @@ class dbcheck(object):
self.seize_fsmo_role = False
self.move_to_lost_and_found = False
self.fix_instancetype = False
+ self.fix_replmetadata_zero_invocationid = False
self.reset_well_known_acls = reset_well_known_acls
self.reset_all_well_known_acls = False
self.in_transaction = in_transaction
@@ -816,6 +819,65 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
self.report("Fixed attribute '%s' of '%s'\n" % (sd_attr, dn))
self.samdb.set_session_info(self.system_session_info)
+
+ def has_replmetadata_zero_invocationid(self, dn, repl_meta_data):
+ repl = ndr_unpack(drsblobs.replPropertyMetaDataBlob,
+ str(repl_meta_data))
+ ctr = repl.ctr
+ found = False
+ for o in ctr.array:
+ # Search for a zero invocationID
+ if o.originating_invocation_id != misc.GUID("00000000-0000-0000-0000-000000000000"):
+ continue
+
+ found = True
+ self.report('''ERROR: on replPropertyMetaData of %s, the instanceType on attribute 0x%08x,
+ version %d changed at %s is 00000000-0000-0000-0000-000000000000,
+ but should be non-zero. Proposed fix is to set to our invocationID (%s).'''
+ % (dn, o.attid, o.version,
+ time.ctime(samba.nttime2unix(o.originating_change_time)),
+ self.samdb.get_invocation_id()))
+
+ return found
+
+
+ def err_replmetadata_zero_invocationid(self, dn, attr, repl_meta_data):
+ repl = ndr_unpack(drsblobs.replPropertyMetaDataBlob,
+ str(repl_meta_data))
+ ctr = repl.ctr
+ now = samba.unix2nttime(int(time.time()))
+ found = False
+ for o in ctr.array:
+ # Search for a zero invocationID
+ if o.originating_invocation_id != misc.GUID("00000000-0000-0000-0000-000000000000"):
+ continue
+
+ found = True
+ seq = self.samdb.sequence_number(ldb.SEQ_NEXT)
+ o.version = o.version + 1
+ o.originating_change_time = now
+ o.originating_invocation_id = misc.GUID(self.samdb.get_invocation_id())
+ o.originating_usn = seq
+ o.local_usn = seq
+
+ if found:
+ replBlob = ndr_pack(repl)
+ msg = ldb.Message()
+ msg.dn = dn
+
+ if not self.confirm_all('Fix %s on %s by setting originating_invocation_id on some elements to our invocationID %s?'
+ % (attr, dn, self.samdb.get_invocation_id()), 'fix_replmetadata_zero_invocationid'):
+ self.report('Not fixing %s on %s\n' % (attr, dn))
+ return
+
+ nmsg = ldb.Message()
+ nmsg.dn = dn
+ nmsg[attr] = ldb.MessageElement(replBlob, ldb.FLAG_MOD_REPLACE, attr)
+ if self.do_modify(nmsg, ["local_oid:1.3.6.1.4.1.7165.4.3.14:0"],
+ "Failed to fix attribute %s" % attr):
+ self.report("Fixed attribute '%s' of '%s'\n" % (attr, dn))
+
+
def is_fsmo_role(self, dn):
if dn == self.samdb.domain_dn:
return True
@@ -901,6 +963,12 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
continue
if str(attrname).lower() == 'replpropertymetadata':
+ if self.has_replmetadata_zero_invocationid(dn, obj[attrname]):
+ error_count += 1
+ self.err_replmetadata_zero_invocationid(dn, attrname, obj[attrname])
+ # We don't continue, as we may also have other fixes for this attribute
+ # based on what other attributes we see.
+
list_attrs_from_md = self.process_metadata(obj[attrname])
got_repl_property_meta_data = True
continue
diff --git a/selftest/tests.py b/selftest/tests.py
index aebfc57..7b37111 100644
--- a/selftest/tests.py
+++ b/selftest/tests.py
@@ -61,6 +61,7 @@ planpythontestsuite("none", "samba.tests.samba3sam")
planpythontestsuite("none", "wafsamba.tests.test_suite", extra_path=[os.path.join(samba4srcdir, "..", "buildtools"), os.path.join(samba4srcdir, "..", "buildtools", "wafadmin")])
plantestsuite("samba4.blackbox.dbcheck.alpha13", "none" , ["PYTHON=%s" % python, os.path.join(bbdir, "dbcheck-oldrelease.sh"), '$PREFIX_ABS/provision', 'alpha13', configuration])
plantestsuite("samba4.blackbox.dbcheck.release-4-0-0", "none" , ["PYTHON=%s" % python, os.path.join(bbdir, "dbcheck-oldrelease.sh"), '$PREFIX_ABS/provision', 'release-4-0-0', configuration])
+plantestsuite("samba4.blackbox.dbcheck.release-4-1-0rc3", "none" , ["PYTHON=%s" % python, os.path.join(bbdir, "dbcheck-oldrelease.sh"), '$PREFIX_ABS/provision', 'release-4-1-0rc3', configuration])
plantestsuite("samba4.blackbox.upgradeprovision.alpha13", "none" , ["PYTHON=%s" % python, os.path.join(bbdir, "upgradeprovision-oldrelease.sh"), '$PREFIX_ABS/provision', 'alpha13', configuration])
plantestsuite("samba4.blackbox.upgradeprovision.release-4-0-0", "none" , ["PYTHON=%s" % python, os.path.join(bbdir, "upgradeprovision-oldrelease.sh"), '$PREFIX_ABS/provision', 'release-4-0-0', configuration])
planpythontestsuite("none", "samba.tests.upgradeprovision")
diff --git a/source4/NEWS b/source4/NEWS
deleted file mode 100644
index f7c03c6..0000000
--- a/source4/NEWS
+++ /dev/null
@@ -1,496 +0,0 @@
-This file aims to document the major changes since the latest released version
-of Samba, 3.0. Samba 4.0 contains rewrites of several subsystems
-and uses a different internal format for most data. Since this
-file is an initial draft, please update missing items.
-
-One of the main goals of Samba 4 was Active Directory Domain Controller
-support. This means Samba now implements several protocols that are required
-by AD such as Kerberos and DNS.
-
-An (experimental) upgrade script that performs a one-way upgrade
-from Samba 3 is available in source/setup/upgrade.
-
-Removal of nmbd and introduction of process models
-==================================================
-smbd now implements several network protocols other than just CIFS and
-DCE/RPC. nmbd's functionality has been merged into smbd. smbd supports
-various 'process models' that specify how concurrent connections are
-handled (when to fork, use threads, etc).
-
-Introduction of LDB
-===================
-Samba now stores most of its persistent data in a LDAP-like database
-called LDB (see ldb(7) for more info).
-
-Removed SWAT
-==================
-Unlike previous versions, Samba4 does not provide a web interface at this time.
-
-Built-in KDC
-============
-Samba4 ships with an integrated KDC (Kerberos Key Distribution
-Center). Backed directly onto our main internal database, and
-integrated with custom code to handle the PAC, Samba4's KDC is an
-integral part of our support for AD logon protocols.
-
-Built-in LDAP Server
-====================
-Like the situation with the KDC, Samba4 ships with it's own LDAP
-server, included to provide simple, built-in LDAP services in an AD
-(rather than distinctly standards) matching manner. The database is
-LDB, and it shares that in common with the rest of Samba.
-
-Changed configuration options
-=============================
-Several configuration options have been removed in Samba4 while others have
-been introduced. This section contains a summary of changes to smb.conf and
-where these settings moved. Configuration options that have disappeared may be
-re-added later when the functionality that uses them gets reimplemented in
-Samba 4.
-
-The 'security' parameter has been split up. It is now only used to choose
-between the 'user' and 'share' security levels (the latter is not supported
-in Samba 4 yet). The other values of this option and the 'domain master' and
-'domain logons' parameters have been merged into a 'server role' parameter
-that can be either 'domain controller', 'member server' or 'standalone'. Note that
-member server support does not work yet.
-
-The following parameters have been removed:
-- passdb backend: accounts are now stored in a LDB-based SAM database
-- update encrypted
-- public
-- guest ok
-- client schannel
-- server schannel
-- allow trusted domains
-- hosts equiv
-- map to guest
-- smb passwd file
-- algorithmic rid base
-- root directory
-- root dir
-- root
-- guest account
-- enable privileges
-- pam password change
-- passwd program
-- passwd chat debug
-- passwd chat timeout
-- check password script
-- username map
-- username level
-- unix password sync
-- restrict anonymous
-- username
-- user
-- users
-- invalid users
-- valid users
-- admin users
-- read list
-- write list
-- printer admin
-- force user
-- force group
-- group
-- write ok
-- writeable
-- writable
-- acl check permissions
-- acl group control
-- acl map full control
-- create mask
-- create mode
-- force create mode
-- security mask
-- force security mode
-- directory mask
-- directory mode
-- force directory mode
-- directory security mask
-- force directory security mode
-- force unknown acl user
-- inherit permissions
-- inherit acls
-- inherit owner
-- guest only
-- only guest
-- only user
-- allow hosts
-- deny hosts
-- preload modules
-- use kerberos keytab
-- syslog
-- syslog only
-- max log size
-- debug timestamp
-- timestamp logs
-- debug hires timestamp
-- debug pid
-- debug uid
-- allocation roundup size
-- aio read size
-- aio write size
-- aio write behind
-- large readwrite
-- protocol
-- read bmpx
-- reset on zero vc
-- acl compatibility
-- defer sharing violations
-- ea support
-- nt acl support
-- nt pipe support
-- profile acls
-- map acl inherit
-- afs share
-- max ttl
-- client use spnego
-- enable asu support
-- svcctl list
-- block size
-- change notify timeout
-- deadtime
-- getwd cache
-- keepalive
-- kernel change notify
-- lpq cache time
-- max smbd processes
-- max disk size
-- max open files
-- min print space
-- strict allocate
-- sync always
-- use mmap
-- use sendfile
-- hostname lookups
-- write cache size
-- name cache timeout
-- max reported print jobs
-- load printers
-- printcap cache time
-- printcap name
-- printcap
-- printing
-- cups options
-- cups server
-- iprint server
-- print command
-- disable spoolss
-- enable spoolss
-- lpq command
-- lprm command
-- lppause command
-- lpresume command
-- queuepause command
-- queueresume command
-- enumports command
-- addprinter command
-- deleteprinter command
-- show add printer wizard
-- os2 driver map
-- use client driver
-- default devmode
-- force printername
-- mangling method
-- mangle prefix
-- default case
-- case sensitive
-- casesignames
-- preserve case
-- short preserve case
-- mangling char
-- hide dot files
-- hide special files
-- hide unreadable
-- hide unwriteable files
-- delete veto files
-- veto files
-- hide files
-- veto oplock files
-- map readonly
-- mangled names
-- mangled map
-- max stat cache size
-- stat cache
-- store dos attributes
-- machine password timeout
-- add user script
-- rename user script
-- delete user script
-- add group script
-- delete group script
-- add user to group script
-- delete user from group script
-- set primary group script
-- add machine script
-- shutdown script
-- abort shutdown script
-- username map script
-- logon script
-- logon path
-- logon drive
-- logon home
-- domain logons
-- os level
-- lm announce
-- lm interval
-- domain master
-- browse list
-- enhanced browsing
-- wins proxy
-- wins hook
-- wins partners
-- blocking locks
-- fake oplocks
-- kernel oplocks
-- locking
-- lock spin count
-- lock spin time
-- level2 oplocks
-- oplock break wait time
-- oplock contention limit
-- posix locking
-- share modes
-- ldap server
-- ldap port
-- ldap admin dn
-- ldap delete dn
-- ldap group suffix
-- ldap idmap suffix
-- ldap machine suffix
-- ldap passwd sync
-- ldap password sync
-- ldap replication sleep
-- ldap suffix
-- ldap ssl
-- ldap timeout
-- ldap page size
-- ldap user suffix
-- add share command
-- change share command
-- delete share command
-- eventlog list
-- utmp directory
-- wtmp directory
-- utmp
-- default service
-- default
-- message command
-- dfree cache time
-- dfree command
-- get quota command
-- set quota command
-- remote announce
-- remote browse sync
-- homedir map
-- afs username map
-- afs token lifetime
-- log nt token command
-- time offset
-- NIS homedir
-- preexec
-- exec
-- preexec close
-- postexec
-- root preexec
-- root preexec close
-- root postexec
-- set directory
-- wide links
-- follow symlinks
-- dont descend
-- magic script
-- magic output
-- delete readonly
-- dos filemode
-- dos filetimes
-- dos filetime resolution
-- fake directory create times
-- panic action
-- vfs objects
-- vfs object
-- msdfs root
-- msdfs proxy
-- host msdfs
-- enable rid algorithm
-- passdb expand explicit
-- idmap backend
-- idmap uid
-- winbind uid
-- idmap gid
-- winbind gid
-- template homedir
-- template shell
-- winbind separator
-- winbind cache time
-- winbind enum users
-- winbind enum groups
-- winbind use default domain
-- winbind trusted domains only
-- winbind nested groups
-- winbind max idle children
-- winbind nss info
-
-The following parameters have been added:
-+ rpc big endian (G)
- Make Samba fake it is running on a bigendian machine when using DCE/RPC.
- Useful for debugging.
-
- Default: no
-
-+ case insensitive filesystem (S)
- Set to true if this share is located on a case-insensitive filesystem.
- This disables looking for a filename by trying all possible combinations of
- uppercase/lowercase characters and thus speeds up operations when a
- file cannot be found.
-
- Default: no
-
-+ setup directory
- Path to data used by provisioning script.
-
- Default: Set at compile-time
-
-+ ncalrpc dir
- Directory to use for UNIX sockets used by the 'ncalrpc' DCE/RPC transport.
-
- Default: Set at compile-time
--
Samba Shared Repository
More information about the samba-cvs
mailing list