[Pkg-samba-maint] [Git][samba-team/samba][master] 37 commits: VERSION: Bump version up to Samba 4.18.3...
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Wed May 31 20:45:08 BST 2023
Michael Tokarev pushed to branch master at Debian Samba Team / samba
Commits:
c4f24bac by Jule Anger at 2023-04-19T12:16:30+02:00
VERSION: Bump version up to Samba 4.18.3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
2a20fbdb by Stefan Metzmacher at 2023-04-28T14:16:11+00:00
libcli/security: rewrite calculate_inherited_from_parent()
This allows us to pass the new tests we just added.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15338
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit bb09c06d6d58a04e1d270a9f99d1179cfa9acbda)
- - - - -
a26cbb56 by Andreas Schneider at 2023-04-28T14:16:11+00:00
s3:tests: Create a temporary directory for test_veto_files.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b5a66840e3057cbff85fe6cd231310c4a9cfb34b)
- - - - -
c09c3f8e by Andreas Schneider at 2023-04-28T14:16:11+00:00
s3:tests: Add test that veto files works for hidden files
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a2acbd3f3cff8d1cac63acdead4b7be14a7092b2)
- - - - -
49777b08 by Andreas Schneider at 2023-04-28T15:17:25+00:00
s3:lib: Do not try to match '.' and '..' directories in is_in_path()
This fixes setting veto files to '.*' to not list hidden files and
directories starting with a dot.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 9eb44306623fc4897b373b04763e475f696ab92d)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Fri Apr 28 15:17:25 UTC 2023 on atb-devel-224
- - - - -
1ace31bc by Nathaniel W. Turner at 2023-05-08T10:17:16+00:00
dsgetdcname: do not assume local system uses IPv4
Return the first IPv4 and the first IPv6 address found for each DC.
This is slightly inelegant, but resolves an issue where IPv6-only
systems were unable to run "net ads join" against domain controllers
that have both A and AAAA records in DNS.
While this impacts performance due to the additional LDAP ping attempts,
in practice an attempt to connect to an IPv6 address on an IPv4-only
system (or vice versa) will fail immediately with
NT_STATUS_NETWORK_UNREACHABLE, and thus the performance impact should be
negligible.
The alternative approach, using an smb.conf setting to control whether
the logic prefers a single address of one family or the other ends up
being a bit awkward, as it pushes the problem onto admins and tools such
as "realm join" that want to dynamically synthesize an smb.conf on the
fly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15325
Signed-off-by: Nathaniel W. Turner <nturner at exagrid.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 9 19:12:15 UTC 2023 on atb-devel-224
(cherry picked from commit f55a357c6b9387883a7628a1b1083263a10121a6)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Mon May 8 10:17:16 UTC 2023 on atb-devel-224
- - - - -
128a8075 by Stefan Metzmacher at 2023-05-09T13:15:57+00:00
s3:locking: fix debug level for NT_STATUS_NOT_FOUND messanges in get_static_share_mode_data
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15362
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Apr 24 14:13:35 UTC 2023 on atb-devel-224
(cherry picked from commit eafcef18584c264dc68dd95fbd8aa39218199446)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Tue May 9 13:15:57 UTC 2023 on atb-devel-224
- - - - -
97c9f812 by Volker Lendecke at 2023-05-12T15:05:18+00:00
winbind: Test wbinfo -u with more than 1000 users
winbind asks dcerpc_samr_LookupRids in one batch, where samr.idl has
NTSTATUS samr_LookupRids(
[in,ref] policy_handle *domain_handle,
[in,range(0,1000)] uint32 num_rids,
[in,size_is(1000),length_is(num_rids)] uint32 rids[],
[out,ref] lsa_Strings *names,
[out,ref] samr_Ids *types
);
limiting num_rids to 1000 entries. Test this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f633389f36e79d3e772777ad7ca13012e3616273)
- - - - -
0f1dbe55 by Volker Lendecke at 2023-05-12T15:58:34+00:00
winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 users
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue May 9 02:58:45 UTC 2023 on atb-devel-224
(cherry picked from commit 6206e15b4de0ba67d713124c2be353dabf3878c8)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Fri May 12 15:58:34 UTC 2023 on atb-devel-224
- - - - -
cae050cf by Stefan Metzmacher at 2023-05-26T12:34:17+00:00
librpc/rpc: allow smb3_sid_parse() to accept modern encryption algorithms
We should not limit the possible encryption algorithms to the currently
known ones.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15374
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed May 17 07:34:28 UTC 2023 on atb-devel-224
(cherry picked from commit e03e738dfc96b3c8ce54e2d280143965713f4778)
- - - - -
74449f2a by Joseph Sutton at 2023-05-26T12:34:17+00:00
samba-tool domain: Run in interactive mode if no args are supplied
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15363
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(backported from commit f1281b80c1ad68d380ce91c13076f6a60fbc627e)
[jsutton at samba.org Adapted to provisioning code refactor in commit
5986937d12c237121d4e62fa6dfa0f5dadec263d]
- - - - -
8ed6bbcb by Volker Lendecke at 2023-05-26T12:34:17+00:00
libcli: Add security_token_count_flag_sids()
To be used in a few places when checking special-case Samba SIDs.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 5e8c7192ba5469547ba3101885dfbaba2f8181f4)
- - - - -
dc2606e1 by Volker Lendecke at 2023-05-26T12:34:17+00:00
smbd: Use security_token_count_flag_sids() in open_np_file()
Simpler logic in the caller
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 244ee8ad75c2c968997dfdd5eeb9e9cb97a191fb)
- - - - -
40378826 by Volker Lendecke at 2023-05-26T12:34:17+00:00
librpc: Simplify dcerpc_is_transport_encrypted()
Simplify logic by using security_token_count_flag_sids()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 1d11e0489b2c91fc05c6befc0463695d7102abcc)
- - - - -
5a09eaf0 by Volker Lendecke at 2023-05-26T12:34:17+00:00
rpc: Add global_sid_Samba_NPA_Flags SID
This will be used as a flexible way to pass per-RPC-connection flags
over ncalrpc to the RPC server without having to modify
named_pipe_auth_req_info6 every time something new needs to be
passed. It's modeled after global_sid_Samba_SMB3.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit ebbb93cc7a57a118b82b8f383d25f1eb022397d6)
- - - - -
e46af7b3 by Joseph Sutton at 2023-05-26T12:34:17+00:00
named_pipe_auth: Bump info5 to info6
In the next commit, we shall replace the 'authenticated' field of
named_pipe_auth_req_info.info5.session_info.session_info.info with a
more general 'user_flags' field.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 8aef16bbbc1e55f0a9f5a8ec87e5348688d93785)
- - - - -
e92fb837 by Volker Lendecke at 2023-05-26T12:34:17+00:00
rpc_server3: Use global_sid_Samba_NPA_Flags to pass "need_idle"
More code, but will be more flexible in the future.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 31180e0e6d9e43d54e7656a56ed3af129f578105)
- - - - -
ec0c9319 by Volker Lendecke at 2023-05-26T12:34:17+00:00
rpc: Remove named_pipe_auth_req_info6->need_idle_server
Involves bumping up the version number
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit bdba027a33e35aab7bb322bc3167cdd7babfc059)
- - - - -
faa50763 by Volker Lendecke at 2023-05-26T12:34:17+00:00
lib: Add security_token_del_npa_flags() helper function
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit bb3ea36e10079ad9c73c68d7ed8fce51ecb40ebe)
- - - - -
a22173a7 by Volker Lendecke at 2023-05-26T13:29:20+00:00
rpc_server3: Pass winbind_env_set() state through to rpcd_*
Winbind can ask rpcd_lsad for LookupNames etc. This can recurse back
into winbind for getpwnam. We have the "_NO_WINBINDD" environment
variable set in winbind itself for this case, but this is lost on the
way into rpcd_lsad. Use a flag in global_sid_Samba_NPA_Flags to pass
this information to dcerpc_core, where it sets the variable on every
call if requested.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Tue May 16 11:54:32 UTC 2023 on atb-devel-224
(cherry picked from commit 59694ad0a4cc489f1baa4c2c94c6322c0f22c1df)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Fri May 26 13:29:20 UTC 2023 on atb-devel-224
- - - - -
976b4955 by Ralph Boehme at 2023-05-31T09:47:11+00:00
CI: add a test for fruit AppleDouble conversion when deletion triggers conversion
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 59eadfe21aca6d563f86ea656517216036421bca)
- - - - -
051cd8f5 by Ralph Boehme at 2023-05-31T09:47:11+00:00
vfs_fruit: return ENOENT instead of EISDIR when trying to open AFP_Resource for a directory
Translates to NT_STATUS_OBJECT_NAME_NOT_FOUND which is the same error macOS
returns in this case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 9b91a8bad2ff8da9eb56f1f9d640bcea294a5a0a)
- - - - -
fe988c71 by Ralph Boehme at 2023-05-31T09:47:11+00:00
vfs_fruit: never return AFP_Resource stream for directories
The macOS client creates ._ AppleDouble files for directories that do contain
an (empty) resource fork AppleDouble entry. So when going from a Samba server
config without streams module (or when migrating data from another server
without streams support), to a Samba config with a streams module and vfs_fruit,
fruit_streaminfo() will wrongly return the AFP_Resource from the AppleDouble
file as stream to the client.
To address this, just never return an AFP_Resource stream for directories when
listing streams in fruit_streaminfo(). ad_convert(), when configured with
fruit:delete_empty_adfiles = true
fruit:wipe_intentionally_left_blank_rfork = true
will happily discard the AFP_Resource from the AppleDouble file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 06f0c070a0b18313f48362aa326e3e7e6a096492)
- - - - -
0db5f559 by Ralph Boehme at 2023-05-31T09:47:11+00:00
libadouble: allow FILE_SHARE_DELETE in ad_convert_xattr()
Not specifying FILE_SHARE_DELETE wasn't done intentionally. Not setting the flag
triggers the following problem:
* client sends a CREATE with delete access
* this triggers a call to open_streams_for_delete() where we check for
conflicting opens on any of the streams of the file or directory
* if the file (or directory) has a stream like ":com.apple.quarantine" the
stream is opened with DELETE_ACCESS and kept open when the next step might:
* if the file (or directory) has a Mac specific :AFP_AfpInfo stream, the
ad_convert() routine in fruit_create_file() is triggered
* ad_convert() checks if the file (or ...) has a sidecar ._ AppleDouble file, if
it has:
* in ad_convert_xattr() we unpack any set of xattrs encoded in the AppleDouble
file and recreate them as streams with the VFS. Now, if any of these xattrs
happens to be converted to a stream that we still have open in
open_streams_for_delete() (see above) we get a NT_STATUS_SHARING_VIOLATION
This error gets passed up the stack back to open_streams_for_delete() so the
client CREATE request fails and the client is unhappy.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 55bd10456486628cad2bd085618e873598401c3b)
- - - - -
5c5ab78d by Ralph Boehme at 2023-05-31T09:47:11+00:00
vfs_fruit: just log failing AppleDouble conversion
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 3bf97f19c36d26b4178f7cb6202bbdd44de0c1aa)
- - - - -
6dfa2252 by Ralph Boehme at 2023-05-31T09:47:11+00:00
vfs_fruit: add fruit:convert_adouble parameter
https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 26 00:52:29 UTC 2023 on atb-devel-224
(cherry picked from commit 035f6d914d133cf3248f15b1be06a9e1837238da)
- - - - -
5865388e by Ralph Boehme at 2023-05-31T09:47:11+00:00
CI: add a test that checks the dosmode of symlinks
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b4af281b2d7bfddbdb7289dadbed9db623bf0e84)
- - - - -
09ea170e by Ralph Boehme at 2023-05-31T09:47:11+00:00
smbd: zero intialize SMB_STRUCT_STAT in vfswrap_readdir()
Avoid returning an uninitialized st.cached_dos_attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0391120079b032077c3914c10189b85e61dc8498)
- - - - -
af9dc206 by Ralph Boehme at 2023-05-31T10:47:15+00:00
smbd: also reset struct stat_ex.cached_dos_attributes in SET_STAT_INVALID()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 24 21:42:50 UTC 2023 on atb-devel-224
(cherry picked from commit 412373984db6d0c20ba38076d06d0a87631890d0)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Wed May 31 10:47:15 UTC 2023 on atb-devel-224
- - - - -
f988fcf6 by Jule Anger at 2023-05-31T18:04:26+02:00
WHATSNEW: Add release notes for Samba 4.18.3.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
897e67a7 by Jule Anger at 2023-05-31T18:04:56+02:00
VERSION: Disable GIT_SNAPSHOT for the 4.18.3 release.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
4e87e89f by Michael Tokarev at 2023-05-31T19:54:30+03:00
d/copyright: strip manpages in ctdb/doc/ and docs/manpages/
- - - - -
56e11c5a by Michael Tokarev at 2023-05-31T19:56:46+03:00
New upstream version 4.18.3+dfsg
- - - - -
29a903e8 by Michael Tokarev at 2023-05-31T19:57:22+03:00
Update upstream source from tag 'upstream/4.18.3+dfsg'
Update to upstream version '4.18.3+dfsg'
with Debian dir cff6a9611d6c6998dbbcfb03b7826cb0c66f76de
- - - - -
d2e877a7 by Michael Tokarev at 2023-05-31T20:06:47+03:00
update changelog for 4.18.3
- - - - -
3802340d by Michael Tokarev at 2023-05-31T20:07:05+03:00
dnsserver-rename-dns_name_equal.patch (#1036587, #927747)
(forgotten) patch from upstream targetting next stable
- - - - -
752a70b1 by Michael Tokarev at 2023-05-31T21:21:38+03:00
update changelog; upload version 4.18.3+dfsg-1 to unstable
- - - - -
9 changed files:
- VERSION
- WHATSNEW.txt
- − ctdb/doc/ctdb-etcd.7
- − ctdb/doc/ctdb-script.options.5
- − ctdb/doc/ctdb-statistics.7
- − ctdb/doc/ctdb-tunables.7
- − ctdb/doc/ctdb.1
- − ctdb/doc/ctdb.7
- − ctdb/doc/ctdb.conf.5
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/4b435f003f7bb7c5fb569a683865964886e60e49...752a70b1bf460baaf86596e42eb04fdc3715a54a
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/4b435f003f7bb7c5fb569a683865964886e60e49...752a70b1bf460baaf86596e42eb04fdc3715a54a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230531/ca86a694/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list