diff options
| author | Ivo De Decker <ivo.dedecker@ugent.be> | 2014-01-11 21:53:19 +0100 |
|---|---|---|
| committer | Ivo De Decker <ivo.dedecker@ugent.be> | 2014-01-11 21:53:19 +0100 |
| commit | 275afd14f46e5e6bcc2a6f7d5c4d7aa8d0e2931f (patch) | |
| tree | d47c2e936ebf0499f2ff7afce75fda3450da6a10 | |
| parent | 4e177a23ade225bbadddc02d34876fb47548613b (diff) | |
| parent | b6d7caea3867a50333b5326883213f6ce58f5194 (diff) | |
| download | samba-275afd14f46e5e6bcc2a6f7d5c4d7aa8d0e2931f.tar.gz | |
Imported Upstream version 4.1.4+dfsgupstream/4.1.4+dfsg
179 files changed, 2727 insertions, 1273 deletions
@@ -25,7 +25,7 @@ ######################################################## SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=1 -SAMBA_VERSION_RELEASE=3 +SAMBA_VERSION_RELEASE=4 ######################################################## # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 75db2475d6..b864e8a364 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,106 @@ ============================= + Release Notes for Samba 4.1.4 + January 10, 2014 + ============================= + + +This is the latest stable release of Samba 4.1. + +Major enhancements in Samba 4.1.4 include: + +o Fix segfault in smbd (bug #10284). +o Fix SMB2 server panic when a smb2 brlock times out (bug #10311). + + +Changes since 4.1.3: +-------------------- + +o Jeremy Allison <jra@samba.org> + * BUG 9870: smbd: Allow updates on directory write times on open handles. + * BUG 10260: smbclient shows no error if deleting a directory with del + failed. + * BUG 10297: smbd: Fix writing to a directory with -wx permissions + on a share. + * BUG 10305: ldb: bad if test in ldb_comparison_fold(). + + +o Christian Ambach <ambi@samba.org> + * BUG 10276: Fix waf build error on AIX with IBM XL C/C++. + * BUG 10280: s3:winbindd fix use of uninitialized variables. + + +o Michele Baldessari <michele@acksyn.org> + * BUG 10281: Fix typos in man pages. + + +o Jan Brummer <jan.brummer@tabos.org> + * BUG 10285: s3-winbindd: Fix DEBUG statement in winbind_msg_offline(). + + +o Günther Deschner <gd@samba.org> + * BUG 10262: s3-libnetjoin: Use upper-case realm when composing default + upn. + * BUG 10281: Fix numerous typos in man pages. + + +o David Disseldorp <ddiss@samba.org> + * BUG 10271: Send correct job-ID in print job notifications. + + +o Poornima Gurusiddaiah <pgurusid@redhat.com> + * BUG 10337: vfs_glusterfs: Enable per client log file. + + +o Volker Lendecke <vl@samba.org> + * BUG 10250: smbd: Fix a talloc hierarchy problem in msg_channel. + * BUG 10284: smbd: Fix segfaults. + * BUG 10297: smbd: Fix writing to a directory with -wx permissions + on a share. + * BUG 10311: Fix SMB2 server panic when a smb2 brlock times out. + + +o Stefan Metzmacher <metze@samba.org> + * BUG 10298: Reduce smb2_server processing overhead. + + +o Arvid Requate <requate@univention.de> + * BUG 10267: Fix printing via local printer drivers with Windows 8. + + +o Christof Schmitt <cs@samba.org> + * BUG 10310: Fix AIO with SMB2 and locks. + + +o Andreas Schneider <asn@samba.org> + * BUG 2191: Fix %G/%g substitution in 'template homedir'. + * BUG 10274: Fix several issues and warnings from analyzer tools. + * BUG 10286: s3-lib: Fix %G substitution for domain users in smbd. + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.1 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================= Release Notes for Samba 4.1.3 December 9, 2013 ============================= @@ -88,8 +190,8 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- + ============================= Release Notes for Samba 4.1.2 diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities index c9c67446a4..1e852ec01c 100644 --- a/docs-xml/build/DTD/samba.entities +++ b/docs-xml/build/DTD/samba.entities @@ -464,13 +464,44 @@ Try to use the credentials cached by winbind. </varlistentry> '> +<!ENTITY stdarg.signing ' +<varlistentry> +<term>-S|--signing on|off|required</term> +<listitem><para>Set the client signing state. +</para></listitem> +</varlistentry> +'> -<!ENTITY stdarg.help ' +<!ENTITY stdarg.machinepass ' <varlistentry> -<term>-?|--help</term> -<listitem><para>Print a summary of command line options. +<term>-P|--machine-pass</term> +<listitem><para>Use stored machine account password. </para></listitem> -</varlistentry>'> +</varlistentry> +'> + +<!ENTITY stdarg.encrypt ' +<varlistentry> +<term>-e|--encrypt</term> +<listitem><para> +This command line parameter requires the remote +server support the UNIX extensions or that the SMB3 protocol has been selected. +Requests that the connection be encrypted. Negotiates SMB encryption using either +SMB3 or POSIX extensions via GSSAPI. Uses the given credentials for +the encryption negotiation (either kerberos or NTLMv1/v2 if given +domain/username/password triple. Fails the connection if encryption +cannot be negotiated. +</para></listitem> +</varlistentry> +'> + +<!ENTITY stdarg.pwnthash ' +<varlistentry> +<term>--pw-nt-hash</term> +<listitem><para>The supplied password is the NT hash. +</para></listitem> +</varlistentry> +'> <!ENTITY popt.common.credentials ' &stdarg.nopass; @@ -478,6 +509,31 @@ Try to use the credentials cached by winbind. &stdarg.useccache; &stdarg.authfile; &stdarg.username; +&stdarg.signing; +&stdarg.machinepass; +&stdarg.encrypt; +&stdarg.pwnthash; +'> + +<!ENTITY stdarg.help ' +<varlistentry> +<term>-?|--help</term> +<listitem><para>Print a summary of command line options. +</para></listitem> +</varlistentry> +'> + +<!ENTITY stdarg.usage ' +<varlistentry> +<term>--usage</term> +<listitem><para>Display brief usage message. +</para></listitem> +</varlistentry> +'> + +<!ENTITY popt.autohelp ' +&stdarg.help; +&stdarg.usage; '> <!-- Entities for the various programs --> diff --git a/docs-xml/manpages/dbwrap_tool.1.xml b/docs-xml/manpages/dbwrap_tool.1.xml index e2b2cee166..074d8198de 100644 --- a/docs-xml/manpages/dbwrap_tool.1.xml +++ b/docs-xml/manpages/dbwrap_tool.1.xml @@ -19,7 +19,7 @@ <refsynopsisdiv> <cmdsynopsis> <command>dbwrap_tool</command> - <arg choice="opt">--persistent</arg> + <arg choice="opt">-p|--persistent</arg> <arg choice="opt">-d <debug level></arg> <arg choice="opt">-s <config file></arg> <arg choice="opt">-l <log file base></arg> @@ -49,7 +49,7 @@ <listitem><para>fetch: fetch a record</para></listitem> <listitem><para>store: create or modify a record</para></listitem> <listitem><para>delete: remove a record</para></listitem> - <listitem><para>exists: test for existance of a record</para></listitem> + <listitem><para>exists: test for existence of a record</para></listitem> <listitem><para>erase: remove all records</para></listitem> <listitem><para>listkeys: list all available records</para></listitem> <listitem><para>listwatchers: list processes, which are waiting for changes in a record</para></listitem> @@ -70,14 +70,14 @@ <variablelist> <varlistentry> - <term>--persistent</term> + <term>-p|--persistent</term> <listitem><para>Open the database as a persistent database. If this option is not specified, the database is opened as non-persistent. </para></listitem> </varlistentry> &popt.common.samba.client; - &stdarg.help; + &popt.autohelp; </variablelist> </refsect1> diff --git a/docs-xml/manpages/idmap_ad.8.xml b/docs-xml/manpages/idmap_ad.8.xml index 0e33b772bb..87be2deed4 100644 --- a/docs-xml/manpages/idmap_ad.8.xml +++ b/docs-xml/manpages/idmap_ad.8.xml @@ -31,7 +31,7 @@ <para> Currently, the <parameter>ad</parameter> backend - does not work as the the default idmap backend, but one has + does not work as the default idmap backend, but one has to configure it separately for each domain for which one wants to use it, using disjoint ranges. One usually needs to configure a writeable default idmap range, using for example the diff --git a/docs-xml/manpages/idmap_autorid.8.xml b/docs-xml/manpages/idmap_autorid.8.xml index c35f903d54..7446d53cd7 100644 --- a/docs-xml/manpages/idmap_autorid.8.xml +++ b/docs-xml/manpages/idmap_autorid.8.xml @@ -109,7 +109,7 @@ <title>EXAMPLES</title> <para> This example shows you the minimal configuration that will - work for the principial domain and 19 trusted domains / range + work for the principal domain and 19 trusted domains / range extensions. </para> diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml index dd5b3ab1f2..541705444f 100644 --- a/docs-xml/manpages/net.8.xml +++ b/docs-xml/manpages/net.8.xml @@ -22,20 +22,25 @@ <cmdsynopsis> <command>net</command> <arg choice="req"><ads|rap|rpc></arg> - <arg choice="opt">-h</arg> - <arg choice="opt">-w workgroup</arg> - <arg choice="opt">-W myworkgroup</arg> - <arg choice="opt">-U user</arg> - <arg choice="opt">-I ip-address</arg> - <arg choice="opt">-p port</arg> + <arg choice="opt">-h|--help</arg> + <arg choice="opt">-w|--workgroup workgroup</arg> + <arg choice="opt">-W|--myworkgroup myworkgroup</arg> + <arg choice="opt">-U|--user user</arg> + <arg choice="opt">-I|--ipaddress ip-address</arg> + <arg choice="opt">-p|--port port</arg> <arg choice="opt">-n myname</arg> <arg choice="opt">-s conffile</arg> - <arg choice="opt">-S server</arg> - <arg choice="opt">-l</arg> - <arg choice="opt">-P</arg> + <arg choice="opt">-S|--server server</arg> + <arg choice="opt">-l|--long</arg> + <arg choice="opt">-v|--verbose</arg> + <arg choice="opt">-f|--force</arg> + <arg choice="opt">-P|--machine-pass</arg> <arg choice="opt">-d debuglevel</arg> <arg choice="opt">-V</arg> <arg choice="opt">--request-timeout seconds</arg> + <arg choice="opt">-t|--timeout seconds</arg> + <arg choice="opt">-i|--stdin</arg> + <arg choice="opt">--tallocreport</arg> </cmdsynopsis> </refsynopsisdiv> @@ -64,7 +69,7 @@ &stdarg.kerberos; <varlistentry> - <term>-w target-workgroup</term> + <term>-w|--workgroup target-workgroup</term> <listitem><para> Sets target workgroup or domain. You have to specify either this option or the IP address or the name of a server. @@ -72,21 +77,21 @@ </varlistentry> <varlistentry> - <term>-W workgroup</term> + <term>-W|--myworkgroup workgroup</term> <listitem><para> Sets client workgroup or domain </para></listitem> </varlistentry> <varlistentry> - <term>-U user</term> + <term>-U|--user user</term> <listitem><para> User name to use </para></listitem> </varlistentry> <varlistentry> - <term>-I ip-address</term> + <term>-I|--ipaddress ip-address</term> <listitem><para> IP address of target server to use. You have to specify either this option or a target workgroup or @@ -95,7 +100,7 @@ </varlistentry> <varlistentry> - <term>-p port</term> + <term>-p|--port port</term> <listitem><para> Port on the target server to connect to (usually 139 or 445). Defaults to trying 445 first, then 139. @@ -106,7 +111,7 @@ &stdarg.configfile; <varlistentry> - <term>-S server</term> + <term>-S|--server server</term> <listitem><para> Name of target server. You should specify either this option or a target workgroup or a target IP address. @@ -114,14 +119,28 @@ </varlistentry> <varlistentry> - <term>-l</term> + <term>-l|--long</term> <listitem><para> When listing data, give more information on each item. </para></listitem> </varlistentry> <varlistentry> - <term>-P</term> + <term>-v|--verbose</term> + <listitem><para> + When listing data, give more verbose information on each item. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-f|--force</term> + <listitem><para> + Enforcing a net command. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-P|--machine-pass</term> <listitem><para> Make queries to the external server using the machine account of the local server. </para></listitem> @@ -135,7 +154,226 @@ </para></listitem> </varlistentry> - &stdarg.server.debug; + <varlistentry> + <term>-t|--timeout 30</term> + <listitem><para> + Set timeout for client operations to 30 seconds. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--use-ccache</term> + <listitem><para> + Try to use the credentials cached by winbind. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-i|--stdin</term> + <listitem><para> + Take input for net commands from standard input. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--tallocreport</term> + <listitem><para> + Generate a talloc report while processing a net + command. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-T|--test</term> + <listitem><para>Only test command sequence, dry-run. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-F|--flags FLAGS</term> + <listitem><para>Pass down integer flags to a net subcommand. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-C|--comment COMMENT</term> + <listitem><para>Pass down a comment string to a net subcommand. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-n|--myname MYNAME</term> + <listitem><para>Use MYNAME as a requester name for a net subcommand. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-c|--container CONTAINER</term> + <listitem><para>Use a specific AD container for net ads operations. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-M|--maxusers MAXUSERS</term> + <listitem><para>Fill in the maxusers field in net rpc share operations. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-r|--reboot</term> + <listitem><para>Reboot a remote machine after a command has been successfully executed (e.g. in remote join operations). + </para></listitem> + </varlistentry> + + <!-- Options for net rpc vampire --> + + <varlistentry> + <term>--force-full-repl</term> + <listitem><para> + When calling "net rpc vampire keytab" this option + enforces a full re-creation of the generated keytab file. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--single-obj-repl</term> + <listitem><para> + When calling "net rpc vampire keytab" this option + allows to replicate just a single object to the generated keytab file. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--clean-old-entries</term> + <listitem><para> + When calling "net rpc vampire keytab" this option + allows to cleanup old entries from the generated keytab file. + </para></listitem> + </varlistentry> + + <!-- Options for net idmap --> + + <varlistentry> + <term>--db</term> + <listitem><para>Define dbfile for "net idmap" commands. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--lock</term> + <listitem><para>Activates locking of the dbfile for "net idmap check" command. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-a|--auto</term> + <listitem><para>Activates noninteractive mode in "net idmap check". + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--repair</term> + <listitem><para>Activates repair mode in "net idmap check". + </para></listitem> + </varlistentry> + + <!-- Options for net rpc share migrate --> + + <varlistentry> + <term>--acls</term> + <listitem><para>Includes ACLs to be copied in "net rpc share migrate". + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--attrs</term> + <listitem><para>Includes file attributes to be copied in "net rpc share migrate". + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--timestamps</term> + <listitem><para>Includes timestamps to be copied in "net rpc share migrate". + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-X|--exclude DIRECTORY</term> + <listitem><para>Allows to exclude directories when copying with "net rpc share migrate". + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--destination SERVERNAME</term> + <listitem><para>Defines the target servername of migration process (defaults to localhost). + </para></listitem> + </varlistentry> + + <!-- Options for net groupmap set --> + + <varlistentry> + <term>-L|--local</term> + <listitem><para>Sets the type of group mapping to local + (used in "net groupmap set"). + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-D|--domain</term> + <listitem><para>Sets the type of group mapping to domain + (used in "net groupmap set"). + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-N|--ntname NTNAME</term> + <listitem><para>Sets the ntname of a group mapping + (used in "net groupmap set"). + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-R|--rid RID</term> + <listitem><para>Sets the rid of a group mapping + (used in "net groupmap set"). + </para></listitem> + </varlistentry> + + <!-- Options for net registry check --> + + <varlistentry> + <term>--reg-version REG_VERSION</term> + <listitem><para>Assume database version {n|1,2,3} + (used in "net registry check"). + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-o|--output FILENAME</term> + <listitem><para>Output database file + (used in "net registry check"). + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--wipe</term> + <listitem><para>Createa a new database from scratch + (used in "net registry check"). + </para></listitem> + </varlistentry> + + <!-- Options for net registry import --> + + <varlistentry> + <term>--precheck PRECHECK_DB_FILENAME</term> + <listitem><para>Defines filename for database prechecking + (used in "net registry import"). + </para></listitem> + </varlistentry> + + &stdarg.encrypt; + &popt.common.samba.client; + </variablelist> </refsect1> @@ -877,7 +1115,7 @@ net rpc trust create \ <refsect3> <title>RPC TRUST DELETE</title> -<para>Delete a trust trust object by calling lsaDeleteTrustedDomain. +<para>Delete a trust object by calling lsaDeleteTrustedDomain. The can be done on a single server or on two servers at once.</para> <variablelist><title>Options:</title> @@ -1671,8 +1909,8 @@ shares created by other users. <para>Starting with version 3.2.0, a Samba server can be configured by data stored in registry. This configuration data can be edited with the new "net -conf" commands. There is also the possiblity to configure a remote Samba server -by enabling the RPC conf mode and specifying the the address of the remote server. +conf" commands. There is also the possibility to configure a remote Samba server +by enabling the RPC conf mode and specifying the address of the remote server. </para> <para> diff --git a/docs-xml/manpages/nmbd.8.xml b/docs-xml/manpages/nmbd.8.xml index 0599ba3fef..4a1b74aa47 100644 --- a/docs-xml/manpages/nmbd.8.xml +++ b/docs-xml/manpages/nmbd.8.xml @@ -20,19 +20,17 @@ <refsynopsisdiv> <cmdsynopsis> <command>nmbd</command> - <arg choice="opt">-D</arg> - <arg choice="opt">-F</arg> - <arg choice="opt">-S</arg> - <arg choice="opt">-a</arg> - <arg choice="opt">-i</arg> - <arg choice="opt">-o</arg> - <arg choice="opt">-h</arg> + <arg choice="opt">-D|--daemon</arg> + <arg choice="opt">-F|--foreground</arg> + <arg choice="opt">-S|--log-stdout</arg> + <arg choice="opt">-i|--interactive</arg> <arg choice="opt">-V</arg> <arg choice="opt">-d <debug level></arg> - <arg choice="opt">-H <lmhosts file></arg> + <arg choice="opt">-H|--hosts <lmhosts file></arg> <arg choice="opt">-l <log directory></arg> - <arg choice="opt">-p <port number></arg> + <arg choice="opt">-p|--port <port number></arg> <arg choice="opt">-s <configuration file></arg> + <arg choice="opt">--no-process-group</arg> </cmdsynopsis> </refsynopsisdiv> @@ -81,7 +79,7 @@ <variablelist> <varlistentry> - <term>-D</term> + <term>-D|--daemon</term> <listitem><para>If specified, this parameter causes <command>nmbd</command> to operate as a daemon. That is, it detaches itself and runs in the background, fielding @@ -93,7 +91,7 @@ </varlistentry> <varlistentry> - <term>-F</term> + <term>-F|--foreground</term> <listitem><para>If specified, this parameter causes the main <command>nmbd</command> process to not daemonize, i.e. double-fork and disassociate with the terminal. @@ -108,14 +106,14 @@ </varlistentry> <varlistentry> - <term>-S</term> + <term>-S|--log-stdout</term> <listitem><para>If specified, this parameter causes <command>nmbd</command> to log to standard output rather than a file.</para></listitem> </varlistentry> <varlistentry> - <term>-i</term> + <term>-i|--interactive</term> <listitem><para>If this parameter is specified it causes the server to run "interactively", not as a daemon, even if the server is executed on the command line of a shell. Setting this @@ -125,10 +123,10 @@ given. </para></listitem> </varlistentry> - &stdarg.help; + &popt.autohelp; <varlistentry> - <term>-H <filename></term> + <term>-H|--hosts <filename></term> <listitem><para>NetBIOS lmhosts file. The lmhosts file is a list of NetBIOS names to IP addresses that is loaded by the nmbd server and used via the name @@ -152,7 +150,7 @@ &popt.common.samba; <varlistentry> - <term>-p <UDP port number></term> + <term>-p|--port <UDP port number></term> <listitem><para>UDP port number is a positive integer value. This option changes the default UDP port number (normally 137) that <command>nmbd</command> responds to name queries on. Don't @@ -160,6 +158,12 @@ won't need help!</para></listitem> </varlistentry> + <varlistentry> + <term>--no-process-group</term> + <listitem><para>Do not create a new process group for nmbd. + </para></listitem> + </varlistentry> + </variablelist> </refsect1> diff --git a/docs-xml/manpages/nmblookup.1.xml b/docs-xml/manpages/nmblookup.1.xml index 6a8792bca7..b689baaf4e 100644 --- a/docs-xml/manpages/nmblookup.1.xml +++ b/docs-xml/manpages/nmblookup.1.xml @@ -20,19 +20,18 @@ <refsynopsisdiv> <cmdsynopsis> <command>nmblookup</command> - <arg choice="opt">-M</arg> - <arg choice="opt">-R</arg> - <arg choice="opt">-S</arg> - <arg choice="opt">-r</arg> - <arg choice="opt">-A</arg> - <arg choice="opt">-h</arg> - <arg choice="opt">-B <broadcast address></arg> - <arg choice="opt">-U <unicast address></arg> + <arg choice="opt">-M|--master-browser</arg> + <arg choice="opt">-R|--recursion</arg> + <arg choice="opt">-S|--status</arg> + <arg choice="opt">-r|--root-port</arg> + <arg choice="opt">-A|--lookup-by-ip</arg> + <arg choice="opt">-B|--broadcast <broadcast address></arg> + <arg choice="opt">-U|--unicast <unicast address></arg> <arg choice="opt">-d <debug level></arg> <arg choice="opt">-s <smb config file></arg> <arg choice="opt">-i <NetBIOS scope></arg> - <arg choice="opt">-T</arg> - <arg choice="opt">-f</arg> + <arg choice="opt">-T|--translate</arg> + <arg choice="opt">-f|--flags</arg> <arg choice="req">name</arg> </cmdsynopsis> </refsynopsisdiv> @@ -55,9 +54,9 @@ <variablelist> <varlistentry> - <term>-M</term> - <listitem><para>Searches for a master browser by looking - up the NetBIOS name <replaceable>name</replaceable> with a + <term>-M|--master-browser</term> + <listitem><para>Searches for a master browser by looking + up the NetBIOS <replaceable>name</replaceable> with a type of <constant>0x1d</constant>. If <replaceable> name</replaceable> is "-" then it does a lookup on the special name <constant>__MSBROWSE__</constant>. Please note that in order to @@ -67,7 +66,7 @@ </varlistentry> <varlistentry> - <term>-R</term> + <term>-R|--recursion</term> <listitem><para>Set the recursion desired bit in the packet to do a recursive lookup. This is used when sending a name query to a machine running a WINS server and the user wishes @@ -78,7 +77,7 @@ </varlistentry> <varlistentry> - <term>-S</term> + <term>-S|--status</term> <listitem><para>Once the name query has returned an IP address then do a node status query as well. A node status query returns the NetBIOS names registered by a host. @@ -87,7 +86,7 @@ <varlistentry> - <term>-r</term> + <term>-r|--root-port</term> <listitem><para>Try and bind to UDP port 137 to send and receive UDP datagrams. The reason for this option is a bug in Windows 95 where it ignores the source port of the requesting packet @@ -100,7 +99,7 @@ <varlistentry> - <term>-A</term> + <term>-A|--lookup-by-ip</term> <listitem><para>Interpret <replaceable>name</replaceable> as an IP Address and do a node status query on this address.</para> </listitem> @@ -109,10 +108,10 @@ &popt.common.connection; - &stdarg.help; + &popt.autohelp; <varlistentry> - <term>-B <broadcast address></term> + <term>-B|--broadcast <broadcast address></term> <listitem><para>Send the query to the given broadcast address. Without this option the default behavior of nmblookup is to send the query to the broadcast address of the network interfaces as @@ -126,7 +125,7 @@ <varlistentry> - <term>-U <unicast address></term> + <term>-U|--unicast <unicast address></term> <listitem><para>Do a unicast query to the specified address or host <replaceable>unicast address</replaceable>. This option (along with the <parameter>-R</parameter> option) is needed to @@ -137,7 +136,7 @@ &popt.common.samba; <varlistentry> - <term>-T</term> + <term>-T|--translate</term> <listitem><para>This causes any IP addresses found in the lookup to be looked up via a reverse DNS lookup into a DNS name, and printed out before each</para> @@ -148,7 +147,7 @@ </varlistentry> <varlistentry> - <term>-f</term> + <term>-f|--flags</term> <listitem><para> Show which flags apply to the name that has been looked up. Possible answers are zero or more of: Response, Authoritative, diff --git a/docs-xml/manpages/ntlm_auth.1.xml b/docs-xml/manpages/ntlm_auth.1.xml index 619e71352d..b67e8bdf57 100644 --- a/docs-xml/manpages/ntlm_auth.1.xml +++ b/docs-xml/manpages/ntlm_auth.1.xml @@ -19,9 +19,6 @@ <refsynopsisdiv> <cmdsynopsis> <command>ntlm_auth</command> - <arg choice="opt">-d debuglevel</arg> - <arg choice="opt">-l logdir</arg> - <arg choice="opt">-s <smb config file></arg> </cmdsynopsis> </refsynopsisdiv> @@ -363,10 +360,41 @@ </listitem> </varlistentry> - &stdarg.server.debug; - &popt.common.samba; - &stdarg.help; - + <varlistentry> + <term>--pam-winbind-conf=FILENAME</term> + <listitem><para>Define the path to the pam_winbind.conf file.</para></listitem> + </varlistentry> + + <varlistentry> + <term>--target-hostname=HOSTNAME</term> + <listitem><para>Define the target hostname.</para></listitem> + </varlistentry> + + <varlistentry> + <term>--target-service=SERVICE</term> + <listitem><para>Define the target service.</para></listitem> + </varlistentry> + + <varlistentry> + <term>--use-cached-creds</term> + <listitem><para>Whether to use credentials cached by winbindd.</para></listitem> + </varlistentry> + + <varlistentry> + <term>--configfile=<configuration file></term> + <listitem><para>The file specified contains the + configuration details required by the server. The + information in this file includes server-specific + information such as what printcap file to use, as well + as descriptions of all the services that the server is + to provide. See &smb.conf; for more information. + The default configuration file name is determined at + compile time.</para></listitem> + </varlistentry> + + &stdarg.version; + &popt.autohelp; + </variablelist> </refsect1> diff --git a/docs-xml/manpages/pdbedit.8.xml b/docs-xml/manpages/pdbedit.8.xml index 4bb3751701..9259dfa239 100644 --- a/docs-xml/manpages/pdbedit.8.xml +++ b/docs-xml/manpages/pdbedit.8.xml @@ -289,7 +289,7 @@ retype new password </programlisting> </para> - <note><para>pdbedit does not call the unix password syncronisation + <note><para>pdbedit does not call the unix password synchronization script if <smbconfoption name="unix password sync"/> has been set. It only updates the data in the Samba user database. @@ -503,7 +503,7 @@ account policy value for bad lockout attempt is now 3 </listitem> </varlistentry> - &stdarg.help; + &popt.autohelp; &stdarg.server.debug; &popt.common.samba; diff --git a/docs-xml/manpages/profiles.1.xml b/docs-xml/manpages/profiles.1.xml index d791fcfdcc..0dd1b3eb2c 100644 --- a/docs-xml/manpages/profiles.1.xml +++ b/docs-xml/manpages/profiles.1.xml @@ -21,8 +21,8 @@ <cmdsynopsis> <command>profiles</command> <arg choice="opt">-v</arg> - <arg choice="opt">-c SID</arg> - <arg choice="opt">-n SID</arg> + <arg choice="opt">-c|--change-sid SID</arg> + <arg choice="opt">-n|--new-sid SID</arg> <arg choice="req">file</arg> </cmdsynopsis> </refsynopsisdiv> @@ -58,12 +58,14 @@ <varlistentry> <term>-c SID1 -n SID2</term> + <term>--change-sid SID1 --new-sid SID2</term> <listitem><para>Change all occurrences of SID1 in <filename>file</filename> by SID2. </para></listitem> </varlistentry> - &stdarg.help; - + &popt.common.samba.client; + &popt.autohelp; + </variablelist> </refsect1> diff --git a/docs-xml/manpages/rpcclient.1.xml b/docs-xml/manpages/rpcclient.1.xml index fb71568acd..e46b20e3ff 100644 --- a/docs-xml/manpages/rpcclient.1.xml +++ b/docs-xml/manpages/rpcclient.1.xml @@ -23,7 +23,6 @@ <arg choice="opt">-A authfile</arg> <arg choice="opt">-c <command string></arg> <arg choice="opt">-d debuglevel</arg> - <arg choice="opt">-h</arg> <arg choice="opt">-l logdir</arg> <arg choice="opt">-N</arg> <arg choice="opt">-s <smb config file></arg> @@ -98,7 +97,7 @@ &popt.common.samba; &popt.common.credentials; &popt.common.connection; - &stdarg.help; + &popt.autohelp; </variablelist> </refsect1> diff --git a/docs-xml/manpages/samba-regedit.8.xml b/docs-xml/manpages/samba-regedit.8.xml index e7ec7616ab..acf8c53a07 100644 --- a/docs-xml/manpages/samba-regedit.8.xml +++ b/docs-xml/manpages/samba-regedit.8.xml @@ -56,39 +56,14 @@ <title>OPTIONS</title> <variablelist> &stdarg.help; + &stdarg.client.debug; <varlistentry> <term>--usage</term> <listitem><para>Display brief usage message.</para></listitem> </varlistentry> - <varlistentry> - <term>-d|--debuglevel=<debuglevel></term> - <listitem><para>Set debug level.</para></listitem> - </varlistentry> &popt.common.samba; - <varlistentry> - <term>--option=<parameter>=<value></term> - <listitem><para>Set smb.conf option from command line.</para></listitem> - </varlistentry> &popt.common.connection; - <varlistentry> - <term>-S|--signing</term> - <listitem><para>Set the client signing state.</para></listitem> - </varlistentry> - <varlistentry> - <term>-P|--machine-pass</term> - <listitem><para>Use stored machine account password.</para></listitem> - </varlistentry> &popt.common.credentials; - <varlistentry> - <term>-e|--encrypt</term> - <listitem><para>Encrypt SMB transport (UNIX extended servers only).</para> - </listitem> - </varlistentry> - <varlistentry> - <term>--pw-nt-hash</term> - <listitem><para>The supplied password is the NT hash.</para> - </listitem> - </varlistentry> </variablelist> </refsect1> diff --git a/docs-xml/manpages/samba.7.xml b/docs-xml/manpages/samba.7.xml index fd9297fded..89c62afb4b 100644 --- a/docs-xml/manpages/samba.7.xml +++ b/docs-xml/manpages/samba.7.xml @@ -91,7 +91,7 @@ <manvolnum>8</manvolnum></citerefentry></term> <listitem><para>The <command>samba-tool</command> is the main Samba Administration tool regarding - Acitive Directory services.</para> + Active Directory services.</para> </listitem> </varlistentry> diff --git a/docs-xml/manpages/samba.8.xml b/docs-xml/manpages/samba.8.xml index a7b14b251c..2e50711437 100644 --- a/docs-xml/manpages/samba.8.xml +++ b/docs-xml/manpages/samba.8.xml @@ -148,7 +148,7 @@ </varlistentry> &popt.common.samba.server; - &stdarg.help; + &popt.autohelp; </variablelist> </refsect1> diff --git a/docs-xml/manpages/sharesec.1.xml b/docs-xml/manpages/sharesec.1.xml index b98340816d..b7db9f43eb 100644 --- a/docs-xml/manpages/sharesec.1.xml +++ b/docs-xml/manpages/sharesec.1.xml @@ -32,9 +32,11 @@ <arg choice="opt">-d, --debuglevel=DEBUGLEVEL</arg> <arg choice="opt">-s, --configfile=CONFIGFILE</arg> <arg choice="opt">-l, --log-basename=LOGFILEBASE</arg> - <arg choice="opt">-V, --version</arg> + <arg choice="opt">--version</arg> <arg choice="opt">-?, --help</arg> <arg choice="opt">--usage</arg> + <arg choice="opt">-S, --setsddl=STRING</arg> + <arg choice="opt">-V, --viewsddl</arg> </cmdsynopsis> </refsynopsisdiv> @@ -113,6 +115,20 @@ </para></listitem> </varlistentry> + <varlistentry> + <term>-S|--setsddl=STRING</term> + <listitem><para> + Set security descriptor by providing ACL in SDDL format. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-V|--viewsddl</term> + <listitem><para> + List a share acl in SDDL format. + </para></listitem> + </varlistentry> + &stdarg.help; &stdarg.server.debug; &popt.common.samba; diff --git a/docs-xml/manpages/smbcacls.1.xml b/docs-xml/manpages/smbcacls.1.xml index 22b55ccc2a..e073b4c3e2 100644 --- a/docs-xml/manpages/smbcacls.1.xml +++ b/docs-xml/manpages/smbcacls.1.xml @@ -31,10 +31,13 @@ <arg choice="opt">--numeric</arg> <arg choice="opt">-t</arg> <arg choice="opt">-U username</arg> - <arg choice="opt">-h</arg> <arg choice="opt">-d</arg> <arg choice="opt">-e</arg> <arg choice="opt">-m|--max-protocol LEVEL</arg> + <arg choice="opt">--query-security-info FLAGS</arg> + <arg choice="opt">--set-security-info FLAGS</arg> + <arg choice="opt">--sddl</arg> + <arg choice="opt">--domain-sid SID</arg> </cmdsynopsis> </refsynopsisdiv> @@ -141,18 +144,6 @@ </varlistentry> <varlistentry> - <term>-e</term> - <listitem><para>This command line parameter requires the remote - server support the UNIX extensions or that the SMB3 protocol has been selected. - Requests that the connection be encrypted. Negotiates SMB encryption using either - SMB3 or POSIX extensions via GSSAPI. Uses the given credentials for - the encryption negotiation (either kerberos or NTLMv1/v2 if given - domain/username/password triple. Fails the connection if encryption - cannot be negotiated. - </para></listitem> - </varlistentry> - - <varlistentry> <term>-m|--max-protocol PROTOCOL_NAME</term> <listitem><para>This allows the user to select the highest SMB protocol level that smbcacls will use to @@ -172,11 +163,36 @@ the arguments. </para></listitem> </varlistentry> - - &stdarg.help; + + <varlistentry> + <term>--query-security-info FLAGS</term> + <listitem><para>The security-info flags for queries. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--set-security-info FLAGS</term> + <listitem><para>The security-info flags for queries. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--sddl</term> + <listitem><para>Output and input acls in sddl format. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--domain-sid SID</term> + <listitem><para>SID used for sddl processing. + </para></listitem> + </varlistentry> + &stdarg.server.debug; &popt.common.samba; &popt.common.credentials; + &popt.common.connection; + &popt.autohelp; </variablelist> </refsect1> diff --git a/docs-xml/manpages/smbclient.1.xml b/docs-xml/manpages/smbclient.1.xml index 425cc4b3ed..d531390dec 100644 --- a/docs-xml/manpages/smbclient.1.xml +++ b/docs-xml/manpages/smbclient.1.xml @@ -276,8 +276,6 @@ </para></listitem> </varlistentry> - &stdarg.help; - <varlistentry> <term>-I|--ip-address IP-address</term> <listitem><para><replaceable>IP address</replaceable> is the address of the server to connect to. @@ -332,22 +330,16 @@ </varlistentry> <varlistentry> - <term>-e|--encrypt</term> - <listitem><para> - This command line parameter requires the remote - server support the UNIX extensions or that the SMB3 protocol has been selected. - Requests that the connection be encrypted. Negotiates SMB encryption using either - SMB3 or POSIX extensions via GSSAPI. Uses the given credentials for - the encryption negotiation (either kerberos or NTLMv1/v2 if given - domain/username/password triple. Fails the connection if encryption - cannot be negotiated. - </para></listitem> + <term>-B|--browse</term> + <listitem><para>Browse SMB servers using DNS.</para> + </listitem> </varlistentry> - + &stdarg.client.debug; &popt.common.samba; &popt.common.credentials; &popt.common.connection; + &popt.autohelp; <varlistentry> <term>-t|--timeout <timeout-seconds></term> @@ -592,7 +584,7 @@ sent to the server on directory listings and file opens. If the "backup intent" flag is true, the server will try and bypass some file system checks if the user has been granted - SE_BACKUP or SE_RESTORE privilages. This state is useful when + SE_BACKUP or SE_RESTORE privileges. This state is useful when performing a backup or restore operation. </para></listitem> </varlistentry> diff --git a/docs-xml/manpages/smbcontrol.1.xml b/docs-xml/manpages/smbcontrol.1.xml index e9dc55c5b5..79ae62d70c 100644 --- a/docs-xml/manpages/smbcontrol.1.xml +++ b/docs-xml/manpages/smbcontrol.1.xml @@ -19,8 +19,8 @@ <refsynopsisdiv> <cmdsynopsis> <command>smbcontrol</command> - <arg>-i</arg> <arg>-s</arg> + <arg>-t|--timeout</arg> </cmdsynopsis> <cmdsynopsis> @@ -49,14 +49,14 @@ <title>OPTIONS</title> <variablelist> - &stdarg.help; + &popt.autohelp; &stdarg.configfile; + &popt.common.samba.client; <varlistentry> - <term>-i</term> - <listitem><para>Run interactively. Individual commands - of the form destination message-type parameters can be entered - on STDIN. An empty command line or a "q" will quit the - program.</para></listitem> + <term>-t|--timeout</term> + <listitem><para> + Set timeout to seconds. + </para></listitem> </varlistentry> <varlistentry> diff --git a/docs-xml/manpages/smbcquotas.1.xml b/docs-xml/manpages/smbcquotas.1.xml index 69185eb637..fa4c2dc25f 100644 --- a/docs-xml/manpages/smbcquotas.1.xml +++ b/docs-xml/manpages/smbcquotas.1.xml @@ -20,13 +20,13 @@ <cmdsynopsis> <command>smbcquotas</command> <arg choice="req">//server/share</arg> - <arg choice="opt">-u user</arg> - <arg choice="opt">-L</arg> - <arg choice="opt">-F</arg> - <arg choice="opt">-S QUOTA_SET_COMMAND</arg> - <arg choice="opt">-n</arg> - <arg choice="opt">-t</arg> - <arg choice="opt">-v</arg> + <arg choice="opt">-u|--user user</arg> + <arg choice="opt">-L|--list</arg> + <arg choice="opt">-F|--fs</arg> + <arg choice="opt">-S|--set QUOTA_SET_COMMAND</arg> + <arg choice="opt">-n|--numeric</arg> + <arg choice="opt">-t|--test-args</arg> + <arg choice="opt">-v|--verbose</arg> <arg choice="opt">-d debuglevel</arg> <arg choice="opt">-s configfile</arg> @@ -60,7 +60,7 @@ <variablelist> <varlistentry> - <term>-u user</term> + <term>-u|--user user</term> <listitem><para> Specifies the user of whom the quotas are get or set. By default the current user's username will be used.</para></listitem> </varlistentry> @@ -68,51 +68,53 @@ <varlistentry> - <term>-L</term> + <term>-L|--list</term> <listitem><para>Lists all quota records of the share.</para></listitem> </varlistentry> <varlistentry> - <term>-F</term> + <term>-F|--fs</term> <listitem><para>Show the share quota status and default limits.</para></listitem> </varlistentry> <varlistentry> - <term>-S QUOTA_SET_COMMAND</term> + <term>-S|--set QUOTA_SET_COMMAND</term> <listitem><para>This command sets/modifies quotas for a user or on the share, depending on the QUOTA_SET_COMMAND parameter which is described later.</para></listitem> </varlistentry> <varlistentry> - <term>-n</term> + <term>-n|--numeric</term> <listitem><para>This option displays all QUOTA information in numeric format. The default is to convert SIDs to names and QUOTA limits to a readable string format.</para></listitem> </varlistentry> <varlistentry> - <term>-t</term> + <term>-t|--test-args</term> <listitem><para> Don't actually do anything, only validate the correctness of the arguments. </para></listitem> </varlistentry> <varlistentry> - <term>-v</term> + <term>-v|--verbose</term> <listitem><para> Be verbose. </para></listitem> </varlistentry> - &stdarg.help; + &stdarg.server.debug; &popt.common.samba; &popt.common.credentials; + &popt.autohelp; + </variablelist> </refsect1> diff --git a/docs-xml/manpages/smbd.8.xml b/docs-xml/manpages/smbd.8.xml index 0d246cd811..dd9fa028f8 100644 --- a/docs-xml/manpages/smbd.8.xml +++ b/docs-xml/manpages/smbd.8.xml @@ -19,19 +19,18 @@ <refsynopsisdiv> <cmdsynopsis> <command>smbd</command> - <arg choice="opt">-D</arg> - <arg choice="opt">-F</arg> - <arg choice="opt">-S</arg> - <arg choice="opt">-i</arg> - <arg choice="opt">-h</arg> + <arg choice="opt">-D|--daemon</arg> + <arg choice="opt">-F|--foreground</arg> + <arg choice="opt">-S|--log-stdout</arg> + <arg choice="opt">-i|--interactive</arg> <arg choice="opt">-V</arg> - <arg choice="opt">-b</arg> + <arg choice="opt">-b|--build-options</arg> <arg choice="opt">-d <debug level></arg> - <arg choice="opt">-l <log directory></arg> + <arg choice="opt">-l|--log-basename <log directory></arg> <arg choice="opt">-p <port number(s)></arg> <arg choice="opt">-P <profiling level></arg> - <arg choice="opt">-O <socket option></arg> <arg choice="opt">-s <configuration file></arg> + <arg choice="opt">--no-process-group</arg> </cmdsynopsis> </refsynopsisdiv> @@ -81,7 +80,7 @@ <variablelist> <varlistentry> - <term>-D</term> + <term>-D|--daemon</term> <listitem><para>If specified, this parameter causes the server to operate as a daemon. That is, it detaches itself and runs in the background, fielding requests @@ -94,7 +93,7 @@ </varlistentry> <varlistentry> - <term>-F</term> + <term>-F|--foreground</term> <listitem><para>If specified, this parameter causes the main <command>smbd</command> process to not daemonize, i.e. double-fork and disassociate with the terminal. @@ -109,14 +108,14 @@ </varlistentry> <varlistentry> - <term>-S</term> + <term>-S|--log-stdout</term> <listitem><para>If specified, this parameter causes <command>smbd</command> to log to standard output rather than a file.</para></listitem> </varlistentry> <varlistentry> - <term>-i</term> + <term>-i|--interactive</term> <listitem><para>If this parameter is specified it causes the server to run "interactively", not as a daemon, even if the server is executed on the command line of a shell. Setting this @@ -129,10 +128,16 @@ &stdarg.server.debug; &popt.common.samba; - &stdarg.help; + &popt.autohelp; <varlistentry> - <term>-b</term> + <term>--no-process-group</term> + <listitem><para>Do not create a new process group for smbd. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-b|--build-options</term> <listitem><para>Prints information about how Samba was built.</para></listitem> </varlistentry> diff --git a/docs-xml/manpages/smbget.1.xml b/docs-xml/manpages/smbget.1.xml index c151db5eef..e8fe9ec8b2 100644 --- a/docs-xml/manpages/smbget.1.xml +++ b/docs-xml/manpages/smbget.1.xml @@ -35,6 +35,7 @@ <arg choice="opt">-v, --verbose</arg> <arg choice="opt">-b, --blocksize</arg> <arg choice="opt">-O, --stdout</arg> + <arg choice="opt">-U, --update</arg> <arg choice="opt">-?, --help</arg> <arg choice="opt">--usage</arg> <arg choice="req">smb://host/share/path/to/file</arg> @@ -150,6 +151,14 @@ <term>--usage</term> <listitem><para>Display brief usage message</para></listitem> </varlistentry> + + <varlistentry> + <term>-U, --update</term> + <listitem><para>Download only when remote file is newer than local file or local file is missing.</para></listitem> + </varlistentry> + + &stdarg.encrypt; + </refsect1> <refsect1> diff --git a/docs-xml/manpages/smbpasswd.5.xml b/docs-xml/manpages/smbpasswd.5.xml index fc512b8109..986dedbc1f 100644 --- a/docs-xml/manpages/smbpasswd.5.xml +++ b/docs-xml/manpages/smbpasswd.5.xml @@ -39,7 +39,7 @@ <para>The format of the smbpasswd file used by Samba 2.2 is very similar to the familiar Unix <filename>passwd(5)</filename> file. It is an ASCII file containing one line for each user. Each field - ithin each line is separated from the next by a colon. Any entry + within each line is separated from the next by a colon. Any entry beginning with '#' is ignored. The smbpasswd file contains the following information for each user: </para> diff --git a/docs-xml/manpages/smbstatus.1.xml b/docs-xml/manpages/smbstatus.1.xml index 6afa69321a..43a4653f22 100644 --- a/docs-xml/manpages/smbstatus.1.xml +++ b/docs-xml/manpages/smbstatus.1.xml @@ -31,6 +31,8 @@ <arg choice="opt">-f</arg> <arg choice="opt">-s <configuration file></arg> <arg choice="opt">-u <username></arg> + <arg choice="opt">-n|--numeric</arg> + <arg choice="opt">-R|--profile-rates</arg> </cmdsynopsis> </refsynopsisdiv> @@ -50,12 +52,19 @@ <variablelist> <varlistentry> <term>-P|--profile</term> - <listitem><para>If samba has been compiled with the - profiling option, print only the contents of the profiling + <listitem><para>If samba has been compiled with the + profiling option, print only the contents of the profiling shared memory area.</para></listitem> </varlistentry> <varlistentry> + <term>-R|--profile-rates</term> + <listitem><para>If samba has been compiled with the + profiling option, print the contents of the profiling + shared memory area and the call rates.</para></listitem> + </varlistentry> + + <varlistentry> <term>-b|--brief</term> <listitem><para>gives brief output.</para></listitem> </varlistentry> @@ -121,6 +130,13 @@ </listitem> </varlistentry> + <varlistentry> + <term>-n|--numeric</term> + <listitem><para>causes smbstatus to display numeric UIDs and GIDs instead of + resolving them to names.</para> + </listitem> + </varlistentry> + </variablelist> </refsect1> diff --git a/docs-xml/manpages/smbta-util.8.xml b/docs-xml/manpages/smbta-util.8.xml index fef45943f5..18e10e3272 100644 --- a/docs-xml/manpages/smbta-util.8.xml +++ b/docs-xml/manpages/smbta-util.8.xml @@ -20,10 +20,6 @@ <cmdsynopsis> <command>smbta-util</command> - </cmdsynopsis> - - <cmdsynopsis> - <command>smbta-util</command> <arg rep="repeat" choice="opt"> <replaceable>COMMANDS</replaceable> </arg> diff --git a/docs-xml/manpages/smbtree.1.xml b/docs-xml/manpages/smbtree.1.xml index 7d557bfd67..3abd0f9ad6 100644 --- a/docs-xml/manpages/smbtree.1.xml +++ b/docs-xml/manpages/smbtree.1.xml @@ -70,7 +70,7 @@ &stdarg.server.debug; &popt.common.samba; &popt.common.credentials; - &stdarg.help; + &popt.autohelp; </variablelist> </refsect1> diff --git a/docs-xml/manpages/testparm.1.xml b/docs-xml/manpages/testparm.1.xml index 5d4a6b96f2..b47a45fe57 100644 --- a/docs-xml/manpages/testparm.1.xml +++ b/docs-xml/manpages/testparm.1.xml @@ -20,10 +20,9 @@ <refsynopsisdiv> <cmdsynopsis> <command>testparm</command> - <arg choice="opt">-s</arg> - <arg choice="opt">-h</arg> - <arg choice="opt">-v</arg> - <arg choice="opt">-t <encoding></arg> + <arg choice="opt">-s|--suppress-prompt</arg> + <arg choice="opt">--help</arg> + <arg choice="opt">-v|--verbose</arg> <arg choice="req">config filename</arg> <arg choice="opt">hostname hostIP</arg> </cmdsynopsis> @@ -63,17 +62,19 @@ <variablelist> <varlistentry> - <term>-s</term> + <term>-s|--suppress-prompt</term> <listitem><para>Without this option, <command>testparm</command> will prompt for a carriage return after printing the service names and before dumping the service definitions.</para></listitem> </varlistentry> - &stdarg.help; &stdarg.version; - + &stdarg.option; + &popt.autohelp; + &stdarg.client.debug; + <varlistentry> - <term>-v</term> + <term>-v|--verbose</term> <listitem><para>If this option is specified, testparm will also output all options that were not used in <citerefentry> <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> @@ -81,13 +82,6 @@ </varlistentry> <varlistentry> - <term>-t encoding</term> - <listitem><para> - Output data in specified encoding. - </para></listitem> - </varlistentry> - - <varlistentry> <term>--parameter-name parametername</term> <listitem><para> Dumps the named parameter. If no section-name is set the view @@ -107,6 +101,20 @@ </varlistentry> <varlistentry> + <term>--show-all-parameters</term> + <listitem><para> + Show the parameters, type, possible values. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-l|--skip-logic-checks</term> + <listitem><para> + Skip the global checks. + </para></listitem> + </varlistentry> + + <varlistentry> <term>configfilename</term> <listitem><para>This is the name of the configuration file to check. If this parameter is not present then the diff --git a/docs-xml/manpages/vfs_cacheprime.8.xml b/docs-xml/manpages/vfs_cacheprime.8.xml index bf8e9b1954..96681b7e2c 100644 --- a/docs-xml/manpages/vfs_cacheprime.8.xml +++ b/docs-xml/manpages/vfs_cacheprime.8.xml @@ -84,7 +84,7 @@ <refsect1> <title>CAVEATS</title> - <para><command>cacheprime</command> is not a a substitute for + <para><command>cacheprime</command> is not a substitute for a general-purpose readahead mechanism. It is intended for use only in very specific environments where disk operations must be aligned and sized to known values (as much as that is possible). diff --git a/docs-xml/manpages/vfs_smb_traffic_analyzer.8.xml b/docs-xml/manpages/vfs_smb_traffic_analyzer.8.xml index 0daafc62a3..38644e7bc5 100644 --- a/docs-xml/manpages/vfs_smb_traffic_analyzer.8.xml +++ b/docs-xml/manpages/vfs_smb_traffic_analyzer.8.xml @@ -139,7 +139,7 @@ The module now can identify itself against the receiver with a sub-release number, where the receiver may run with a different sub-release number than the module. However, as long as both run on the V2.x protocol, the receiver will not crash, even if the module - uses features only implemented in the newer subrelease. Ultimatively, if the module uses + uses features only implemented in the newer subrelease. Ultimately, if the module uses a new feature from a newer subrelease, and the receiver runs an older protocol, it is just ignoring the functionality. Of course it is best to have both the receiver and the module running the same subrelease of the protocol. diff --git a/docs-xml/manpages/wbinfo.1.xml b/docs-xml/manpages/wbinfo.1.xml index d8860826ee..f63a65786b 100644 --- a/docs-xml/manpages/wbinfo.1.xml +++ b/docs-xml/manpages/wbinfo.1.xml @@ -27,6 +27,7 @@ <arg choice="opt">--ccache-save</arg> <arg choice="opt">--change-user-password</arg> <arg choice="opt">-D domain</arg> + <arg choice="opt">--dc-info domain</arg> <arg choice="opt">--domain domain</arg> <arg choice="opt">--dsgetdcname domain</arg> <arg choice="opt">-g</arg> @@ -39,7 +40,12 @@ <arg choice="opt">-i user</arg> <arg choice="opt">-I ip</arg> <arg choice="opt">-K user%password</arg> + <arg choice="opt">--krb5ccname cctype</arg> <arg choice="opt">--lanman</arg> + <arg choice="opt">--logoff</arg> + <arg choice="opt">--logoff-uid uid</arg> + <arg choice="opt">--logoff-user username</arg> + <arg choice="opt">--lookup-sids</arg> <arg choice="opt">-m</arg> <arg choice="opt">-n name</arg> <arg choice="opt">-N netbios-name</arg> @@ -48,14 +54,21 @@ <arg choice="opt">--own-domain</arg> <arg choice="opt">-p</arg> <arg choice="opt">-P|--ping-dc</arg> + <arg choice="opt">--pam-logon user%password</arg> <arg choice="opt">-r user</arg> <arg choice="opt">-R|--lookup-rids</arg> + <arg choice="opt">--remove-gid-mapping gid,sid</arg> + <arg choice="opt">--remove-uid-mapping uid,sid</arg> <arg choice="opt">-s sid</arg> <arg choice="opt">--separator</arg> + <arg choice="opt">--sequence</arg> <arg choice="opt">--set-auth-user user%password</arg> + <arg choice="opt">--set-gid-mapping gid,sid</arg> + <arg choice="opt">--set-uid-mapping uid,sid</arg> <arg choice="opt">-S sid</arg> <arg choice="opt">--sid-aliases sid</arg> <arg choice="opt">--sid-to-fullname sid</arg> + <arg choice="opt">--sids-to-unix-ids sidlist</arg> <arg choice="opt">-t</arg> <arg choice="opt">-u</arg> <arg choice="opt">--uid-info uid</arg> @@ -142,6 +155,12 @@ </varlistentry> <varlistentry> + <term>--dc-info <replaceable>domain</replaceable></term> + <listitem><para>Displays information about the current domain controller for a domain. + </para></listitem> + </varlistentry> + + <varlistentry> <term>--domain <replaceable>name</replaceable></term> <listitem><para>This parameter sets the domain on which any specified operations will performed. If special domain name '.' is used to represent @@ -238,12 +257,44 @@ </varlistentry> <varlistentry> + <term>--krb5ccname <replaceable>KRB5CCNAME</replaceable></term> + <listitem><para>Allows to request a sepcific kerberos credential + cache type used for authentication. + </para></listitem> + </varlistentry> + + <varlistentry> <term>--lanman</term> <listitem><para>Use lanman cryptography for user authentication. </para></listitem> </varlistentry> <varlistentry> + <term>--logoff</term> + <listitem><para>Logoff a user. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--logoff-uid <replaceable>UID</replaceable></term> + <listitem><para>Define user uid used during logoff request. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--logoff-user <replaceable>USERNAME</replaceable></term> + <listitem><para>Define username used during logoff request. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--lookup-sids <replaceable>SID1,SID2...</replaceable></term> + <listitem><para>Looks up SIDs. SIDs must be specified as ASCII strings in the traditional Microsoft + format. For example, S-1-5-21-1455342024-3071081365-2475485837-500. + </para></listitem> + </varlistentry> + + <varlistentry> <term>-m|--trusted-domains</term> <listitem><para>Produce a list of domains trusted by the Windows NT server <citerefentry><refentrytitle>winbindd</refentrytitle> @@ -298,6 +349,13 @@ </varlistentry> <varlistentry> + <term>--pam-logon <replaceable>username%password</replaceable></term> + <listitem><para>Attempt to authenticate a user in the same way + pam_winbind would do. + </para></listitem> + </varlistentry> + + <varlistentry> <term>-p|--ping</term> <listitem><para>Check whether <citerefentry><refentrytitle>winbindd</refentrytitle> <manvolnum>8</manvolnum></citerefentry> is still alive. @@ -330,6 +388,18 @@ </varlistentry> <varlistentry> + <term>--remove-gid-mapping <replaceable>GID,SID</replaceable></term> + <listitem><para>Removes an existing GID to SID mapping from the database. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--remove-uid-mapping <replaceable>UID,SID</replaceable></term> + <listitem><para>Removes an existing UID to SID mapping from the database. + </para></listitem> + </varlistentry> + + <varlistentry> <term>-s|--sid-to-name <replaceable>sid</replaceable></term> <listitem><para>Use <parameter>-s</parameter> to resolve a SID to a name. This is the inverse of the <parameter>-n @@ -345,6 +415,13 @@ </varlistentry> <varlistentry> + <term>--sequence</term> + <listitem><para>This command has been deprecated. Please use + the --online-status option instead. + </para></listitem> + </varlistentry> + + <varlistentry> <term>--set-auth-user <replaceable>username%password</replaceable></term> <listitem><para>Store username and password used by <citerefentry> <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum> @@ -356,6 +433,18 @@ </varlistentry> <varlistentry> + <term>--set-gid-mapping <replaceable>GID,SID</replaceable></term> + <listitem><para>Create a GID to SID mapping in the database. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--set-uid-mapping <replaceable>UID,SID</replaceable></term> + <listitem><para>Create a UID to SID mapping in the database. + </para></listitem> + </varlistentry> + + <varlistentry> <term>-S|--sid-to-uid <replaceable>sid</replaceable></term> <listitem><para>Convert a SID to a UNIX user id. If the SID does not correspond to a UNIX user mapped by <citerefentry> @@ -377,6 +466,14 @@ </varlistentry> <varlistentry> + <term>--sids-to-unix-ids <replaceable>sid1,sid2,sid3...</replaceable></term> + <listitem><para>Resolve SIDs to Unix IDs. + SIDs must be specified as ASCII strings + in the traditional Microsoft format. For example, + S-1-5-21-1455342024-3071081365-2475485837-500. </para></listitem> + </varlistentry> + + <varlistentry> <term>-t|--check-secret</term> <listitem><para>Verify that the workstation trust account created when the Samba server is added to the Windows NT diff --git a/docs-xml/manpages/winbindd.8.xml b/docs-xml/manpages/winbindd.8.xml index e224620473..1c93c1963e 100644 --- a/docs-xml/manpages/winbindd.8.xml +++ b/docs-xml/manpages/winbindd.8.xml @@ -20,13 +20,14 @@ <refsynopsisdiv> <cmdsynopsis> <command>winbindd</command> - <arg choice="opt">-D</arg> - <arg choice="opt">-F</arg> - <arg choice="opt">-S</arg> - <arg choice="opt">-i</arg> + <arg choice="opt">-D|--daemon</arg> + <arg choice="opt">-F|--foreground</arg> + <arg choice="opt">-S|--stdout</arg> + <arg choice="opt">-i|--interactive</arg> <arg choice="opt">-d <debug level></arg> <arg choice="opt">-s <smb config file></arg> - <arg choice="opt">-n</arg> + <arg choice="opt">-n|--no-caching</arg> + <arg choice="opt">--no-process-group</arg> </cmdsynopsis> </refsynopsisdiv> @@ -135,7 +136,7 @@ hosts: files wins <variablelist> <varlistentry> - <term>-D</term> + <term>-D|--daemon</term> <listitem><para>If specified, this parameter causes the server to operate as a daemon. That is, it detaches itself and runs in the background on the appropriate port. @@ -145,7 +146,7 @@ hosts: files wins </varlistentry> <varlistentry> - <term>-F</term> + <term>-F|--foreground</term> <listitem><para>If specified, this parameter causes the main <command>winbindd</command> process to not daemonize, i.e. double-fork and disassociate with the terminal. @@ -160,7 +161,7 @@ hosts: files wins </varlistentry> <varlistentry> - <term>-S</term> + <term>-S|--stdout</term> <listitem><para>If specified, this parameter causes <command>winbindd</command> to log to standard output rather than a file.</para></listitem> @@ -168,10 +169,10 @@ hosts: files wins &stdarg.server.debug; &popt.common.samba; - &stdarg.help; + &popt.autohelp; <varlistentry> - <term>-i</term> + <term>-i|--interactive</term> <listitem><para>Tells <command>winbindd</command> to not become a daemon and detach from the current terminal. This option is used by developers when interactive debugging @@ -182,7 +183,7 @@ hosts: files wins </varlistentry> <varlistentry> - <term>-n</term> + <term>-n|--no-caching</term> <listitem><para>Disable some caching. This means winbindd will often have to wait for a response from the domain controller before it can respond to a client and this thus makes things @@ -194,6 +195,12 @@ hosts: files wins </para></listitem> </varlistentry> + <varlistentry> + <term>--no-process-group</term> + <listitem><para>Do not create a new process group for winbindd. + </para></listitem> + </varlistentry> + </variablelist> </refsect1> @@ -364,7 +371,7 @@ auth required /lib/security/pam_unix.so \ be the same. The user and group ids will only be valid for the local machine, unless a shared <smbconfoption name="idmap config * : backend"/> is configured.</para> - <para>If the the Windows NT SID to UNIX user and group id mapping + <para>If the Windows NT SID to UNIX user and group id mapping file is damaged or destroyed then the mappings will be lost. </para> </refsect1> diff --git a/docs-xml/smbdotconf/filename/manglingmethod.xml b/docs-xml/smbdotconf/filename/manglingmethod.xml index f6e2edaac3..347dc56432 100644 --- a/docs-xml/smbdotconf/filename/manglingmethod.xml +++ b/docs-xml/smbdotconf/filename/manglingmethod.xml @@ -6,7 +6,7 @@ <description> <para> controls the algorithm used for the generating the mangled names. Can take two different values, "hash" and - "hash2". "hash" is the algorithm that was used + "hash2". "hash" is the algorithm that was used in Samba for many years and was the default in Samba 2.2.x "hash2" is now the default and is newer and considered a better algorithm (generates less collisions) in the names. Many Win32 applications store the mangled names and so diff --git a/docs-xml/smbdotconf/misc/directorynamecachesize.xml b/docs-xml/smbdotconf/misc/directorynamecachesize.xml index 1064b7e595..d02c4f575f 100644 --- a/docs-xml/smbdotconf/misc/directorynamecachesize.xml +++ b/docs-xml/smbdotconf/misc/directorynamecachesize.xml @@ -5,7 +5,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> <para> - This parameter specifies the the size of the directory name cache. + This parameter specifies the size of the directory name cache. It will be needed to turn this off for *BSD systems. </para> diff --git a/docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml b/docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml index 974b6f0f30..54e7b87989 100644 --- a/docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml +++ b/docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml @@ -20,7 +20,7 @@ timestamp than the object files it contains.</para> <para>However, Unix time semantics mean that the create time - reported by Samba will be updated whenever a file is created or + reported by Samba will be updated whenever a file is created or deleted in the directory. NMAKE finds all object files in the object directory. The timestamp of the last one built is then compared to the timestamp of the object directory. If the diff --git a/docs-xml/smbdotconf/misc/rpcserver.xml b/docs-xml/smbdotconf/misc/rpcserver.xml index 4372eea653..9a229396f9 100644 --- a/docs-xml/smbdotconf/misc/rpcserver.xml +++ b/docs-xml/smbdotconf/misc/rpcserver.xml @@ -59,7 +59,7 @@ Currently in Samba3 we support three daemons, spoolssd, epmd and lsasd. These daemons can be enabled using the <emphasis>rpc_daemon</emphasis> option. For spoolssd you have - to to enable the daemon and proxy the named pipe with: + to enable the daemon and proxy the named pipe with: </para> <para> diff --git a/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml b/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml index 49d2c489b9..0c9588ec49 100644 --- a/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml +++ b/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml @@ -17,7 +17,7 @@ If this parameter is set to "True", Samba does not check execute permissions on "open for execution", thus re-establishing the behaviour of Samba 3.6. This can be useful to smoothen upgrades from older Samba versions to 4.0 and newer. - This setting is not not meant to be used as a permanent setting, but as a temporary relief: + This setting is not meant to be used as a permanent setting, but as a temporary relief: It is recommended to fix the permissions in the ACLs and reset this parameter to the default after a certain transition period. </para> diff --git a/docs-xml/smbdotconf/protocol/ntaclsupport.xml b/docs-xml/smbdotconf/protocol/ntaclsupport.xml index 1e9cedf931..451d5d830e 100644 --- a/docs-xml/smbdotconf/protocol/ntaclsupport.xml +++ b/docs-xml/smbdotconf/protocol/ntaclsupport.xml @@ -7,7 +7,7 @@ <para>This boolean parameter controls whether <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry> will attempt to map UNIX permissions into Windows NT access control lists. The UNIX - permissions considered are the the traditional UNIX owner and + permissions considered are the traditional UNIX owner and group permissions, as well as POSIX ACLs set on any files or directories. This parameter was formally a global parameter in releases prior to 2.2.2.</para> diff --git a/docs-xml/smbdotconf/security/aclgroupcontrol.xml b/docs-xml/smbdotconf/security/aclgroupcontrol.xml index e62216a8ef..279a57bdf3 100644 --- a/docs-xml/smbdotconf/security/aclgroupcontrol.xml +++ b/docs-xml/smbdotconf/security/aclgroupcontrol.xml @@ -24,7 +24,7 @@ <para> This parameter is best used with the <smbconfoption name="inherit owner"/> option and also - on on a share containing directories with the UNIX <emphasis>setgid bit</emphasis> set + on a share containing directories with the UNIX <emphasis>setgid bit</emphasis> set on them, which causes new files and directories created within it to inherit the group ownership from the containing directory. </para> diff --git a/docs-xml/smbdotconf/security/smbencrypt.xml b/docs-xml/smbdotconf/security/smbencrypt.xml index d556166953..51079aee2d 100644 --- a/docs-xml/smbdotconf/security/smbencrypt.xml +++ b/docs-xml/smbdotconf/security/smbencrypt.xml @@ -21,7 +21,7 @@ and <emphasis>disabled</emphasis>. This may be set on a per-share basis, but clients may chose to encrypt the entire session, not just traffic to a specific share. If this is set to mandatory - then all traffic to a share <emphasis>must</emphasis> must + then all traffic to a share <emphasis>must</emphasis> be encrypted once the connection has been made to the share. The server would return "access denied" to all non-encrypted requests on such a share. Selecting encrypted traffic reduces diff --git a/docs-xml/smbdotconf/security/usernamemapscript.xml b/docs-xml/smbdotconf/security/usernamemapscript.xml index 6df134c257..9e2e1a5ea6 100644 --- a/docs-xml/smbdotconf/security/usernamemapscript.xml +++ b/docs-xml/smbdotconf/security/usernamemapscript.xml @@ -8,7 +8,7 @@ <smbconfoption name="username map"/> parameter. This parameter specifies and external program or script that must accept a single command line option (the username transmitted in the authentication - request) and return a line line on standard output (the name to which + request) and return a line on standard output (the name to which the account should mapped). In this way, it is possible to store username map tables in an LDAP or NIS directory services. </para> diff --git a/docs-xml/smbdotconf/winbind/idmapconfig.xml b/docs-xml/smbdotconf/winbind/idmapconfig.xml index 5d3605ab9e..30925a21ba 100644 --- a/docs-xml/smbdotconf/winbind/idmapconfig.xml +++ b/docs-xml/smbdotconf/winbind/idmapconfig.xml @@ -17,7 +17,7 @@ <para> The idmap configuration is hence divided into groups, one group - for each domain to be configured, and one group with the the + for each domain to be configured, and one group with the asterisk instead of a proper domain name, which specifies the default configuration that is used to catch all domains that do not have an explicit idmap configuration of their own. diff --git a/docs/manpages/dbwrap_tool.1 b/docs/manpages/dbwrap_tool.1 index e62e33bd2b..497205d643 100644 --- a/docs/manpages/dbwrap_tool.1 +++ b/docs/manpages/dbwrap_tool.1 @@ -2,12 +2,12 @@ .\" Title: dbwrap_tool .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "DBWRAP_TOOL" "1" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "DBWRAP_TOOL" "1" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ dbwrap_tool \- low level TDB/CTDB manipulation tool using the dbwrap interface .SH "SYNOPSIS" .HP \w'\ 'u -dbwrap_tool [\-\-persistent] [\-d\ <debug\ level>] [\-s\ <config\ file>] [\-l\ <log\ file\ base>] [\-V] [\-\-option=<name>=<value>] {<database>} {<operation>} [<key>\ [<type>\ [<value>]\ ]] +dbwrap_tool [\-p|\-\-persistent] [\-d\ <debug\ level>] [\-s\ <config\ file>] [\-l\ <log\ file\ base>] [\-V] [\-\-option=<name>=<value>] {<database>} {<operation>} [<key>\ [<type>\ [<value>]\ ]] .SH "DESCRIPTION" .PP This tool is part of the @@ -83,7 +83,7 @@ delete: remove a record .sp -1 .IP \(bu 2.3 .\} -exists: test for existance of a record +exists: test for existence of a record .RE .sp .RS 4 @@ -170,7 +170,7 @@ hex: hex strings like "68656C6C6F20776F726C6400" ("hello world") .RE .SH "OPTIONS" .PP -\-\-persistent +\-p|\-\-persistent .RS 4 Open the database as a persistent database\&. If this option is not specified, the database is opened as non\-persistent\&. .RE @@ -221,6 +221,11 @@ option "<name>" to value "<value>" from the command line\&. This overrides compi .RS 4 Print a summary of command line options\&. .RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE .SH "COMMANDS" .SS "fetch" .HP \w'\ 'u diff --git a/docs/manpages/eventlogadm.8 b/docs/manpages/eventlogadm.8 index febe4298b4..59d24cc47e 100644 --- a/docs/manpages/eventlogadm.8 +++ b/docs/manpages/eventlogadm.8 @@ -2,12 +2,12 @@ .\" Title: eventlogadm .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "EVENTLOGADM" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "EVENTLOGADM" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/findsmb.1 b/docs/manpages/findsmb.1 index 8615adaf43..b47039fa18 100644 --- a/docs/manpages/findsmb.1 +++ b/docs/manpages/findsmb.1 @@ -2,12 +2,12 @@ .\" Title: findsmb .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "FINDSMB" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "FINDSMB" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/idmap_ad.8 b/docs/manpages/idmap_ad.8 index 4fcf008c54..2e3176329a 100644 --- a/docs/manpages/idmap_ad.8 +++ b/docs/manpages/idmap_ad.8 @@ -2,12 +2,12 @@ .\" Title: idmap_ad .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_AD" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_AD" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -35,7 +35,7 @@ The idmap_ad plugin provides a way for Winbind to read id mappings from an AD se .PP Currently, the \fIad\fR -backend does not work as the the default idmap backend, but one has to configure it separately for each domain for which one wants to use it, using disjoint ranges\&. One usually needs to configure a writeable default idmap range, using for example the +backend does not work as the default idmap backend, but one has to configure it separately for each domain for which one wants to use it, using disjoint ranges\&. One usually needs to configure a writeable default idmap range, using for example the \fItdb\fR or \fIldap\fR diff --git a/docs/manpages/idmap_autorid.8 b/docs/manpages/idmap_autorid.8 index d1ffbcb671..dd8b5f0cf9 100644 --- a/docs/manpages/idmap_autorid.8 +++ b/docs/manpages/idmap_autorid.8 @@ -2,12 +2,12 @@ .\" Title: idmap_autorid .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_AUTORID" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_AUTORID" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -95,7 +95,7 @@ Correspondingly, the formula for calculating the RID for a given Unix ID is this Where the DOMAIN RANGE INDEX is retrieved from the database along with the domain sid by the RANGE NUMBER = (ID \- LOW ID) / RANGE SIZE \&. .SH "EXAMPLES" .PP -This example shows you the minimal configuration that will work for the principial domain and 19 trusted domains / range extensions\&. +This example shows you the minimal configuration that will work for the principal domain and 19 trusted domains / range extensions\&. .sp .if n \{\ .RS 4 diff --git a/docs/manpages/idmap_hash.8 b/docs/manpages/idmap_hash.8 index f9c68bd468..a218123b70 100644 --- a/docs/manpages/idmap_hash.8 +++ b/docs/manpages/idmap_hash.8 @@ -2,12 +2,12 @@ .\" Title: idmap_hash .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_HASH" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_HASH" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/idmap_ldap.8 b/docs/manpages/idmap_ldap.8 index b99c108421..c939f879a6 100644 --- a/docs/manpages/idmap_ldap.8 +++ b/docs/manpages/idmap_ldap.8 @@ -2,12 +2,12 @@ .\" Title: idmap_ldap .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_LDAP" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_LDAP" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/idmap_nss.8 b/docs/manpages/idmap_nss.8 index efe9c8861f..97ba724c8c 100644 --- a/docs/manpages/idmap_nss.8 +++ b/docs/manpages/idmap_nss.8 @@ -2,12 +2,12 @@ .\" Title: idmap_nss .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_NSS" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_NSS" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/idmap_rfc2307.8 b/docs/manpages/idmap_rfc2307.8 index 190962acaa..d3199da853 100644 --- a/docs/manpages/idmap_rfc2307.8 +++ b/docs/manpages/idmap_rfc2307.8 @@ -2,12 +2,12 @@ .\" Title: idmap_rfc2307 .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_RFC2307" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_RFC2307" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/idmap_rid.8 b/docs/manpages/idmap_rid.8 index 9e12eadd92..e4e5968393 100644 --- a/docs/manpages/idmap_rid.8 +++ b/docs/manpages/idmap_rid.8 @@ -2,12 +2,12 @@ .\" Title: idmap_rid .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_RID" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_RID" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/idmap_tdb.8 b/docs/manpages/idmap_tdb.8 index a3da5dc4b7..fa623e5555 100644 --- a/docs/manpages/idmap_tdb.8 +++ b/docs/manpages/idmap_tdb.8 @@ -2,12 +2,12 @@ .\" Title: idmap_tdb .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_TDB" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_TDB" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/idmap_tdb2.8 b/docs/manpages/idmap_tdb2.8 index aa0f47c009..efd8f86afa 100644 --- a/docs/manpages/idmap_tdb2.8 +++ b/docs/manpages/idmap_tdb2.8 @@ -2,12 +2,12 @@ .\" Title: idmap_tdb2 .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "IDMAP_TDB2" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "IDMAP_TDB2" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/libsmbclient.7 b/docs/manpages/libsmbclient.7 index 4541332d0a..d13b034f77 100644 --- a/docs/manpages/libsmbclient.7 +++ b/docs/manpages/libsmbclient.7 @@ -2,12 +2,12 @@ .\" Title: libsmbclient .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: 7 .\" Source: Samba 4.0 .\" Language: English .\" -.TH "LIBSMBCLIENT" "7" "12/06/2013" "Samba 4\&.0" "7" +.TH "LIBSMBCLIENT" "7" "01/10/2014" "Samba 4\&.0" "7" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/lmhosts.5 b/docs/manpages/lmhosts.5 index 50b100ef7f..c211fc37b4 100644 --- a/docs/manpages/lmhosts.5 +++ b/docs/manpages/lmhosts.5 @@ -2,12 +2,12 @@ .\" Title: lmhosts .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: File Formats and Conventions .\" Source: Samba 4.0 .\" Language: English .\" -.TH "LMHOSTS" "5" "12/06/2013" "Samba 4\&.0" "File Formats and Conventions" +.TH "LMHOSTS" "5" "01/10/2014" "Samba 4\&.0" "File Formats and Conventions" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/log2pcap.1 b/docs/manpages/log2pcap.1 index 61bc5dda04..fc303e3b6f 100644 --- a/docs/manpages/log2pcap.1 +++ b/docs/manpages/log2pcap.1 @@ -2,12 +2,12 @@ .\" Title: log2pcap .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "LOG2PCAP" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "LOG2PCAP" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/net.8 b/docs/manpages/net.8 index ee41818168..5cf30bb7d5 100644 --- a/docs/manpages/net.8 +++ b/docs/manpages/net.8 @@ -2,12 +2,12 @@ .\" Title: net .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "NET" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "NET" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ net \- Tool for administration of Samba and remote CIFS servers\&. .SH "SYNOPSIS" .HP \w'\ 'u -net {<ads|rap|rpc>} [\-h] [\-w\ workgroup] [\-W\ myworkgroup] [\-U\ user] [\-I\ ip\-address] [\-p\ port] [\-n\ myname] [\-s\ conffile] [\-S\ server] [\-l] [\-P] [\-d\ debuglevel] [\-V] [\-\-request\-timeout\ seconds] +net {<ads|rap|rpc>} [\-h|\-\-help] [\-w|\-\-workgroup\ workgroup] [\-W|\-\-myworkgroup\ myworkgroup] [\-U|\-\-user\ user] [\-I|\-\-ipaddress\ ip\-address] [\-p|\-\-port\ port] [\-n\ myname] [\-s\ conffile] [\-S|\-\-server\ server] [\-l|\-\-long] [\-v|\-\-verbose] [\-f|\-\-force] [\-P|\-\-machine\-pass] [\-d\ debuglevel] [\-V] [\-\-request\-timeout\ seconds] [\-t|\-\-timeout\ seconds] [\-i|\-\-stdin] [\-\-tallocreport] .SH "DESCRIPTION" .PP This tool is part of the @@ -51,27 +51,27 @@ Print a summary of command line options\&. Try to authenticate with kerberos\&. Only useful in an Active Directory environment\&. .RE .PP -\-w target\-workgroup +\-w|\-\-workgroup target\-workgroup .RS 4 Sets target workgroup or domain\&. You have to specify either this option or the IP address or the name of a server\&. .RE .PP -\-W workgroup +\-W|\-\-myworkgroup workgroup .RS 4 Sets client workgroup or domain .RE .PP -\-U user +\-U|\-\-user user .RS 4 User name to use .RE .PP -\-I ip\-address +\-I|\-\-ipaddress ip\-address .RS 4 IP address of target server to use\&. You have to specify either this option or a target workgroup or a target server\&. .RE .PP -\-p port +\-p|\-\-port port .RS 4 Port on the target server to connect to (usually 139 or 445)\&. Defaults to trying 445 first, then 139\&. .RE @@ -93,17 +93,27 @@ smb\&.conf for more information\&. The default configuration file name is determined at compile time\&. .RE .PP -\-S server +\-S|\-\-server server .RS 4 Name of target server\&. You should specify either this option or a target workgroup or a target IP address\&. .RE .PP -\-l +\-l|\-\-long .RS 4 When listing data, give more information on each item\&. .RE .PP -\-P +\-v|\-\-verbose +.RS 4 +When listing data, give more verbose information on each item\&. +.RE +.PP +\-f|\-\-force +.RS 4 +Enforcing a net command\&. +.RE +.PP +\-P|\-\-machine\-pass .RS 4 Make queries to the external server using the machine account of the local server\&. .RE @@ -113,10 +123,170 @@ Make queries to the external server using the machine account of the local serve Let client requests timeout after 30 seconds the default is 10 seconds\&. .RE .PP +\-t|\-\-timeout 30 +.RS 4 +Set timeout for client operations to 30 seconds\&. +.RE +.PP +\-\-use\-ccache +.RS 4 +Try to use the credentials cached by winbind\&. +.RE +.PP +\-i|\-\-stdin +.RS 4 +Take input for net commands from standard input\&. +.RE +.PP +\-\-tallocreport +.RS 4 +Generate a talloc report while processing a net command\&. +.RE +.PP +\-T|\-\-test +.RS 4 +Only test command sequence, dry\-run\&. +.RE +.PP +\-F|\-\-flags FLAGS +.RS 4 +Pass down integer flags to a net subcommand\&. +.RE +.PP +\-C|\-\-comment COMMENT +.RS 4 +Pass down a comment string to a net subcommand\&. +.RE +.PP +\-n|\-\-myname MYNAME +.RS 4 +Use MYNAME as a requester name for a net subcommand\&. +.RE +.PP +\-c|\-\-container CONTAINER +.RS 4 +Use a specific AD container for net ads operations\&. +.RE +.PP +\-M|\-\-maxusers MAXUSERS +.RS 4 +Fill in the maxusers field in net rpc share operations\&. +.RE +.PP +\-r|\-\-reboot +.RS 4 +Reboot a remote machine after a command has been successfully executed (e\&.g\&. in remote join operations)\&. +.RE +.PP +\-\-force\-full\-repl +.RS 4 +When calling "net rpc vampire keytab" this option enforces a full re\-creation of the generated keytab file\&. +.RE +.PP +\-\-single\-obj\-repl +.RS 4 +When calling "net rpc vampire keytab" this option allows to replicate just a single object to the generated keytab file\&. +.RE +.PP +\-\-clean\-old\-entries +.RS 4 +When calling "net rpc vampire keytab" this option allows to cleanup old entries from the generated keytab file\&. +.RE +.PP +\-\-db +.RS 4 +Define dbfile for "net idmap" commands\&. +.RE +.PP +\-\-lock +.RS 4 +Activates locking of the dbfile for "net idmap check" command\&. +.RE +.PP +\-a|\-\-auto +.RS 4 +Activates noninteractive mode in "net idmap check"\&. +.RE +.PP +\-\-repair +.RS 4 +Activates repair mode in "net idmap check"\&. +.RE +.PP +\-\-acls +.RS 4 +Includes ACLs to be copied in "net rpc share migrate"\&. +.RE +.PP +\-\-attrs +.RS 4 +Includes file attributes to be copied in "net rpc share migrate"\&. +.RE +.PP +\-\-timestamps +.RS 4 +Includes timestamps to be copied in "net rpc share migrate"\&. +.RE +.PP +\-X|\-\-exclude DIRECTORY +.RS 4 +Allows to exclude directories when copying with "net rpc share migrate"\&. +.RE +.PP +\-\-destination SERVERNAME +.RS 4 +Defines the target servername of migration process (defaults to localhost)\&. +.RE +.PP +\-L|\-\-local +.RS 4 +Sets the type of group mapping to local (used in "net groupmap set")\&. +.RE +.PP +\-D|\-\-domain +.RS 4 +Sets the type of group mapping to domain (used in "net groupmap set")\&. +.RE +.PP +\-N|\-\-ntname NTNAME +.RS 4 +Sets the ntname of a group mapping (used in "net groupmap set")\&. +.RE +.PP +\-R|\-\-rid RID +.RS 4 +Sets the rid of a group mapping (used in "net groupmap set")\&. +.RE +.PP +\-\-reg\-version REG_VERSION +.RS 4 +Assume database version {n|1,2,3} (used in "net registry check")\&. +.RE +.PP +\-o|\-\-output FILENAME +.RS 4 +Output database file (used in "net registry check")\&. +.RE +.PP +\-\-wipe +.RS 4 +Createa a new database from scratch (used in "net registry check")\&. +.RE +.PP +\-\-precheck PRECHECK_DB_FILENAME +.RS 4 +Defines filename for database prechecking (used in "net registry import")\&. +.RE +.PP +\-e|\-\-encrypt +.RS 4 +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +.RE +.PP \-d|\-\-debuglevel=level .RS 4 \fIlevel\fR -is an integer from 0 to 10\&. The default value if this parameter is not specified is 0\&. +is an integer from 0 to 10\&. The default value if this parameter is not specified is 1\&. .sp The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&. .sp @@ -128,6 +298,32 @@ parameter in the smb\&.conf file\&. .RE +.PP +\-V|\-\-version +.RS 4 +Prints the program version number\&. +.RE +.PP +\-s|\-\-configfile=<configuration file> +.RS 4 +The file specified contains the configuration details required by the server\&. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See +smb\&.conf +for more information\&. The default configuration file name is determined at compile time\&. +.RE +.PP +\-l|\-\-log\-basename=logdirectory +.RS 4 +Base directory name for log/debug files\&. The extension +\fB"\&.progname"\fR +will be appended (e\&.g\&. log\&.smbclient, log\&.smbd, etc\&.\&.\&.)\&. The log file is never removed by the client\&. +.RE +.PP +\-\-option=<name>=<value> +.RS 4 +Set the +\fBsmb.conf\fR(5) +option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. +.RE .SH "COMMANDS" .SS "CHANGESECRETPW" .PP @@ -644,7 +840,7 @@ net rpc trust create \e .RE .SS "RPC TRUST DELETE" .PP -Delete a trust trust object by calling lsaDeleteTrustedDomain\&. The can be done on a single server or on two servers at once\&. +Delete a trust object by calling lsaDeleteTrustedDomain\&. The can be done on a single server or on two servers at once\&. .PP \fBOptions:\fR .PP @@ -1005,7 +1201,7 @@ List all the user defined shares owned by the current user matching the given pa net usershare list on its own list out the names of the user defined shares that were created by the current user, or restricts the list to share names that match the given wildcard pattern (\*(Aq*\*(Aq matches one or more characters, \*(Aq?\*(Aq matches only one character)\&. If the \*(Aq\-l\*(Aq or \*(Aq\-\-long\*(Aq option is also given, it includes the names of user defined shares created by other users\&. .SS "[RPC] CONF" .PP -Starting with version 3\&.2\&.0, a Samba server can be configured by data stored in registry\&. This configuration data can be edited with the new "net conf" commands\&. There is also the possiblity to configure a remote Samba server by enabling the RPC conf mode and specifying the the address of the remote server\&. +Starting with version 3\&.2\&.0, a Samba server can be configured by data stored in registry\&. This configuration data can be edited with the new "net conf" commands\&. There is also the possibility to configure a remote Samba server by enabling the RPC conf mode and specifying the address of the remote server\&. .PP The deployment of this configuration data can be activated in two levels from the \fIsmb\&.conf\fR diff --git a/docs/manpages/nmbd.8 b/docs/manpages/nmbd.8 index a81603b300..593a337b7f 100644 --- a/docs/manpages/nmbd.8 +++ b/docs/manpages/nmbd.8 @@ -2,12 +2,12 @@ .\" Title: nmbd .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "NMBD" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "NMBD" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ nmbd \- NetBIOS name server to provide NetBIOS over IP naming services to clients .SH "SYNOPSIS" .HP \w'\ 'u -nmbd [\-D] [\-F] [\-S] [\-a] [\-i] [\-o] [\-h] [\-V] [\-d\ <debug\ level>] [\-H\ <lmhosts\ file>] [\-l\ <log\ directory>] [\-p\ <port\ number>] [\-s\ <configuration\ file>] +nmbd [\-D|\-\-daemon] [\-F|\-\-foreground] [\-S|\-\-log\-stdout] [\-i|\-\-interactive] [\-V] [\-d\ <debug\ level>] [\-H|\-\-hosts\ <lmhosts\ file>] [\-l\ <log\ directory>] [\-p|\-\-port\ <port\ number>] [\-s\ <configuration\ file>] [\-\-no\-process\-group] .SH "DESCRIPTION" .PP This program is part of the @@ -64,7 +64,7 @@ nmbd can act as a WINS proxy, relaying broadcast queries from clients that do not understand how to talk the WINS protocol to a WINS server\&. .SH "OPTIONS" .PP -\-D +\-D|\-\-daemon .RS 4 If specified, this parameter causes nmbd @@ -75,7 +75,7 @@ inetd meta\-daemon, although this is not recommended\&. .RE .PP -\-F +\-F|\-\-foreground .RS 4 If specified, this parameter causes the main nmbd @@ -90,14 +90,14 @@ daemontools package, or the AIX process monitor\&. .RE .PP -\-S +\-S|\-\-log\-stdout .RS 4 If specified, this parameter causes nmbd to log to standard output rather than a file\&. .RE .PP -\-i +\-i|\-\-interactive .RS 4 If this parameter is specified it causes the server to run "interactively", not as a daemon, even if the server is executed on the command line of a shell\&. Setting this parameter negates the implicit daemon mode when run from the command line\&. nmbd @@ -111,7 +111,12 @@ parameter had been given\&. Print a summary of command line options\&. .RE .PP -\-H <filename> +\-\-usage +.RS 4 +Display brief usage message\&. +.RE +.PP +\-H|\-\-hosts <filename> .RS 4 NetBIOS lmhosts file\&. The lmhosts file is a list of NetBIOS names to IP addresses that is loaded by the nmbd server and used via the name resolution mechanism \m[blue]\fBname resolve order\fR\m[] @@ -175,12 +180,17 @@ Set the option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. .RE .PP -\-p <UDP port number> +\-p|\-\-port <UDP port number> .RS 4 UDP port number is a positive integer value\&. This option changes the default UDP port number (normally 137) that nmbd responds to name queries on\&. Don\*(Aqt use this option unless you are an expert, in which case you won\*(Aqt need help! .RE +.PP +\-\-no\-process\-group +.RS 4 +Do not create a new process group for nmbd\&. +.RE .SH "FILES" .PP /etc/inetd\&.conf diff --git a/docs/manpages/nmblookup.1 b/docs/manpages/nmblookup.1 index d2ee51e8b2..b8c225cff6 100644 --- a/docs/manpages/nmblookup.1 +++ b/docs/manpages/nmblookup.1 @@ -2,12 +2,12 @@ .\" Title: nmblookup .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "NMBLOOKUP" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "NMBLOOKUP" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ nmblookup \- NetBIOS over TCP/IP client used to lookup NetBIOS names .SH "SYNOPSIS" .HP \w'\ 'u -nmblookup [\-M] [\-R] [\-S] [\-r] [\-A] [\-h] [\-B\ <broadcast\ address>] [\-U\ <unicast\ address>] [\-d\ <debug\ level>] [\-s\ <smb\ config\ file>] [\-i\ <NetBIOS\ scope>] [\-T] [\-f] {name} +nmblookup [\-M|\-\-master\-browser] [\-R|\-\-recursion] [\-S|\-\-status] [\-r|\-\-root\-port] [\-A|\-\-lookup\-by\-ip] [\-B|\-\-broadcast\ <broadcast\ address>] [\-U|\-\-unicast\ <unicast\ address>] [\-d\ <debug\ level>] [\-s\ <smb\ config\ file>] [\-i\ <NetBIOS\ scope>] [\-T|\-\-translate] [\-f|\-\-flags] {name} .SH "DESCRIPTION" .PP This tool is part of the @@ -42,9 +42,9 @@ nmblookup is used to query NetBIOS names and map them to IP addresses in a network using NetBIOS over TCP/IP queries\&. The options allow the name queries to be directed at a particular IP broadcast area or to a particular machine\&. All queries are done over UDP\&. .SH "OPTIONS" .PP -\-M +\-M|\-\-master\-browser .RS 4 -Searches for a master browser by looking up the NetBIOS name +Searches for a master browser by looking up the NetBIOS \fIname\fR with a type of \fB0x1d\fR\&. If @@ -54,24 +54,24 @@ is "\-" then it does a lookup on the special name \fBnmblookup \-M \-\- \-\fR\&. .RE .PP -\-R +\-R|\-\-recursion .RS 4 Set the recursion desired bit in the packet to do a recursive lookup\&. This is used when sending a name query to a machine running a WINS server and the user wishes to query the names in the WINS server\&. If this bit is unset the normal (broadcast responding) NetBIOS processing code on a machine is used instead\&. See RFC1001, RFC1002 for details\&. .RE .PP -\-S +\-S|\-\-status .RS 4 Once the name query has returned an IP address then do a node status query as well\&. A node status query returns the NetBIOS names registered by a host\&. .RE .PP -\-r +\-r|\-\-root\-port .RS 4 Try and bind to UDP port 137 to send and receive UDP datagrams\&. The reason for this option is a bug in Windows 95 where it ignores the source port of the requesting packet and only replies to UDP port 137\&. Unfortunately, on most UNIX systems root privilege is needed to bind to this port, and in addition, if the \fBnmbd\fR(8) daemon is running on this machine it also binds to this port\&. .RE .PP -\-A +\-A|\-\-lookup\-by\-ip .RS 4 Interpret \fIname\fR @@ -114,7 +114,12 @@ manual page for the list of valid options\&. Print a summary of command line options\&. .RE .PP -\-B <broadcast address> +\-\-usage +.RS 4 +Display brief usage message\&. +.RE +.PP +\-B|\-\-broadcast <broadcast address> .RS 4 Send the query to the given broadcast address\&. Without this option the default behavior of nmblookup is to send the query to the broadcast address of the network interfaces as either auto\-detected or defined in the \fIinterfaces\fR @@ -123,7 +128,7 @@ parameter of the file\&. .RE .PP -\-U <unicast address> +\-U|\-\-unicast <unicast address> .RS 4 Do a unicast query to the specified address or host \fIunicast address\fR\&. This option (along with the @@ -173,7 +178,7 @@ Set the option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. .RE .PP -\-T +\-T|\-\-translate .RS 4 This causes any IP addresses found in the lookup to be looked up via a reverse DNS lookup into a DNS name, and printed out before each .sp @@ -182,7 +187,7 @@ This causes any IP addresses found in the lookup to be looked up via a reverse D pair that is the normal output\&. .RE .PP -\-f +\-f|\-\-flags .RS 4 Show which flags apply to the name that has been looked up\&. Possible answers are zero or more of: Response, Authoritative, Truncated, Recursion_Desired, Recursion_Available, Broadcast\&. .RE diff --git a/docs/manpages/ntlm_auth.1 b/docs/manpages/ntlm_auth.1 index f7f48e60ee..f60d3efe5d 100644 --- a/docs/manpages/ntlm_auth.1 +++ b/docs/manpages/ntlm_auth.1 @@ -2,12 +2,12 @@ .\" Title: ntlm_auth .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "NTLM_AUTH" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "NTLM_AUTH" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ ntlm_auth \- tool to allow external access to Winbind\*(Aqs NTLM authentication function .SH "SYNOPSIS" .HP \w'\ 'u -ntlm_auth [\-d\ debuglevel] [\-l\ logdir] [\-s\ <smb\ config\ file>] +ntlm_auth .SH "DESCRIPTION" .PP This tool is part of the @@ -312,51 +312,46 @@ or prompts for one\&. Require that a user be a member of specified group (either name or SID) for authentication to succeed\&. .RE .PP -\-d|\-\-debuglevel=level +\-\-pam\-winbind\-conf=FILENAME .RS 4 -\fIlevel\fR -is an integer from 0 to 10\&. The default value if this parameter is not specified is 0\&. -.sp -The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&. -.sp -Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&. -.sp -Note that specifying this parameter here will override the -\m[blue]\fBlog level\fR\m[] -parameter in the -smb\&.conf -file\&. +Define the path to the pam_winbind\&.conf file\&. .RE .PP -\-V|\-\-version +\-\-target\-hostname=HOSTNAME .RS 4 -Prints the program version number\&. +Define the target hostname\&. +.RE +.PP +\-\-target\-service=SERVICE +.RS 4 +Define the target service\&. .RE .PP -\-s|\-\-configfile=<configuration file> +\-\-use\-cached\-creds +.RS 4 +Whether to use credentials cached by winbindd\&. +.RE +.PP +\-\-configfile=<configuration file> .RS 4 The file specified contains the configuration details required by the server\&. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See smb\&.conf for more information\&. The default configuration file name is determined at compile time\&. .RE .PP -\-l|\-\-log\-basename=logdirectory +\-V|\-\-version .RS 4 -Base directory name for log/debug files\&. The extension -\fB"\&.progname"\fR -will be appended (e\&.g\&. log\&.smbclient, log\&.smbd, etc\&.\&.\&.)\&. The log file is never removed by the client\&. +Prints the program version number\&. .RE .PP -\-\-option=<name>=<value> +\-?|\-\-help .RS 4 -Set the -\fBsmb.conf\fR(5) -option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. +Print a summary of command line options\&. .RE .PP -\-?|\-\-help +\-\-usage .RS 4 -Print a summary of command line options\&. +Display brief usage message\&. .RE .SH "EXAMPLE SETUP" .PP diff --git a/docs/manpages/pam_winbind.8 b/docs/manpages/pam_winbind.8 index 85924ed1a1..39126c64f5 100644 --- a/docs/manpages/pam_winbind.8 +++ b/docs/manpages/pam_winbind.8 @@ -2,12 +2,12 @@ .\" Title: pam_winbind .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: 8 .\" Source: Samba 4.0 .\" Language: English .\" -.TH "PAM_WINBIND" "8" "12/06/2013" "Samba 4\&.0" "8" +.TH "PAM_WINBIND" "8" "01/10/2014" "Samba 4\&.0" "8" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/pam_winbind.conf.5 b/docs/manpages/pam_winbind.conf.5 index a589144678..185f184d22 100644 --- a/docs/manpages/pam_winbind.conf.5 +++ b/docs/manpages/pam_winbind.conf.5 @@ -2,12 +2,12 @@ .\" Title: pam_winbind.conf .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: 5 .\" Source: Samba 4.0 .\" Language: English .\" -.TH "PAM_WINBIND\&.CONF" "5" "12/06/2013" "Samba 4\&.0" "5" +.TH "PAM_WINBIND\&.CONF" "5" "01/10/2014" "Samba 4\&.0" "5" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/pdbedit.8 b/docs/manpages/pdbedit.8 index 9a2bc6d9a1..fb3ff55434 100644 --- a/docs/manpages/pdbedit.8 +++ b/docs/manpages/pdbedit.8 @@ -2,12 +2,12 @@ .\" Title: pdbedit .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "PDBEDIT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "PDBEDIT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -371,7 +371,7 @@ retype new password \fBNote\fR .ps -1 .br -pdbedit does not call the unix password syncronisation script if +pdbedit does not call the unix password synchronization script if \m[blue]\fBunix password sync\fR\m[] has been set\&. It only updates the data in the Samba user database\&. .sp @@ -560,6 +560,11 @@ This option is currently not being used\&. Print a summary of command line options\&. .RE .PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE +.PP \-d|\-\-debuglevel=level .RS 4 \fIlevel\fR diff --git a/docs/manpages/profiles.1 b/docs/manpages/profiles.1 index eca5edc8f3..b4c42a2abe 100644 --- a/docs/manpages/profiles.1 +++ b/docs/manpages/profiles.1 @@ -2,12 +2,12 @@ .\" Title: profiles .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "PROFILES" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "PROFILES" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ profiles \- A utility to report and change SIDs in registry files .SH "SYNOPSIS" .HP \w'\ 'u -profiles [\-v] [\-c\ SID] [\-n\ SID] {file} +profiles [\-v] [\-c|\-\-change\-sid\ SID] [\-n|\-\-new\-sid\ SID] {file} .SH "DESCRIPTION" .PP This tool is part of the @@ -52,17 +52,64 @@ Registry file to view or edit\&. Increases verbosity of messages\&. .RE .PP -\-c SID1 \-n SID2 +\-c SID1 \-n SID2, \-\-change\-sid SID1 \-\-new\-sid SID2 .RS 4 Change all occurrences of SID1 in file by SID2\&. .RE .PP +\-d|\-\-debuglevel=level +.RS 4 +\fIlevel\fR +is an integer from 0 to 10\&. The default value if this parameter is not specified is 1\&. +.sp +The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&. +.sp +Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&. +.sp +Note that specifying this parameter here will override the +\m[blue]\fBlog level\fR\m[] +parameter in the +smb\&.conf +file\&. +.RE +.PP +\-V|\-\-version +.RS 4 +Prints the program version number\&. +.RE +.PP +\-s|\-\-configfile=<configuration file> +.RS 4 +The file specified contains the configuration details required by the server\&. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See +smb\&.conf +for more information\&. The default configuration file name is determined at compile time\&. +.RE +.PP +\-l|\-\-log\-basename=logdirectory +.RS 4 +Base directory name for log/debug files\&. The extension +\fB"\&.progname"\fR +will be appended (e\&.g\&. log\&.smbclient, log\&.smbd, etc\&.\&.\&.)\&. The log file is never removed by the client\&. +.RE +.PP +\-\-option=<name>=<value> +.RS 4 +Set the +\fBsmb.conf\fR(5) +option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. +.RE +.PP \-?|\-\-help .RS 4 Print a summary of command line options\&. .RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE .SH "VERSION" .PP This man page is correct for version 3 of the Samba suite\&. diff --git a/docs/manpages/rpcclient.1 b/docs/manpages/rpcclient.1 index 66e0d7b204..d8b51745f8 100644 --- a/docs/manpages/rpcclient.1 +++ b/docs/manpages/rpcclient.1 @@ -2,12 +2,12 @@ .\" Title: rpcclient .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "RPCCLIENT" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "RPCCLIENT" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ rpcclient \- tool for executing client side MS\-RPC functions .SH "SYNOPSIS" .HP \w'\ 'u -rpcclient [\-A\ authfile] [\-c\ <command\ string>] [\-d\ debuglevel] [\-h] [\-l\ logdir] [\-N] [\-s\ <smb\ config\ file>] [\-U\ username[%password]] [\-W\ workgroup] [\-I\ destinationIP] {server} +rpcclient [\-A\ authfile] [\-c\ <command\ string>] [\-d\ debuglevel] [\-l\ logdir] [\-N] [\-s\ <smb\ config\ file>] [\-U\ username[%password]] [\-W\ workgroup] [\-I\ destinationIP] {server} .SH "DESCRIPTION" .PP This tool is part of the @@ -175,6 +175,26 @@ rpcclient to prompt for a password and type it in directly\&. .RE .PP +\-S|\-\-signing on|off|required +.RS 4 +Set the client signing state\&. +.RE +.PP +\-P|\-\-machine\-pass +.RS 4 +Use stored machine account password\&. +.RE +.PP +\-e|\-\-encrypt +.RS 4 +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +.RE +.PP +\-\-pw\-nt\-hash +.RS 4 +The supplied password is the NT hash\&. +.RE +.PP \-n|\-\-netbiosname <primary NetBIOS name> .RS 4 This option allows you to override the NetBIOS name that Samba uses for itself\&. This is identical to setting the @@ -210,6 +230,11 @@ manual page for the list of valid options\&. .RS 4 Print a summary of command line options\&. .RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE .SH "COMMANDS" .SS "LSARPC" .PP diff --git a/docs/manpages/samba-regedit.8 b/docs/manpages/samba-regedit.8 index a0b4cbf6ce..5cc0048cda 100644 --- a/docs/manpages/samba-regedit.8 +++ b/docs/manpages/samba-regedit.8 @@ -2,12 +2,12 @@ .\" Title: samba-regedit .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.1 .\" Language: English .\" -.TH "SAMBA\-REGEDIT" "8" "12/06/2013" "Samba 4\&.1" "System Administration tools" +.TH "SAMBA\-REGEDIT" "8" "01/10/2014" "Samba 4\&.1" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -47,14 +47,25 @@ is a ncurses based tool to manage the Samba registry\&. It can be used to show/e Print a summary of command line options\&. .RE .PP -\-\-usage +\-d|\-\-debuglevel=level .RS 4 -Display brief usage message\&. +\fIlevel\fR +is an integer from 0 to 10\&. The default value if this parameter is not specified is 1\&. +.sp +The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&. +.sp +Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&. +.sp +Note that specifying this parameter here will override the +\m[blue]\fBlog level\fR\m[] +parameter in the +smb\&.conf +file\&. .RE .PP -\-d|\-\-debuglevel=<debuglevel> +\-\-usage .RS 4 -Set debug level\&. +Display brief usage message\&. .RE .PP \-V|\-\-version @@ -83,11 +94,6 @@ Set the option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. .RE .PP -\-\-option=<parameter>=<value> -.RS 4 -Set smb\&.conf option from command line\&. -.RE -.PP \-n|\-\-netbiosname <primary NetBIOS name> .RS 4 This option allows you to override the NetBIOS name that Samba uses for itself\&. This is identical to setting the @@ -119,16 +125,6 @@ smb\&.conf manual page for the list of valid options\&. .RE .PP -\-S|\-\-signing -.RS 4 -Set the client signing state\&. -.RE -.PP -\-P|\-\-machine\-pass -.RS 4 -Use stored machine account password\&. -.RE -.PP \-N|\-\-no\-pass .RS 4 If specified, this parameter suppresses the normal password prompt from the client to the user\&. This is useful when accessing a service that does not require a password\&. @@ -190,9 +186,19 @@ rpcclient to prompt for a password and type it in directly\&. .RE .PP +\-S|\-\-signing on|off|required +.RS 4 +Set the client signing state\&. +.RE +.PP +\-P|\-\-machine\-pass +.RS 4 +Use stored machine account password\&. +.RE +.PP \-e|\-\-encrypt .RS 4 -Encrypt SMB transport (UNIX extended servers only)\&. +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. .RE .PP \-\-pw\-nt\-hash diff --git a/docs/manpages/samba-tool.8 b/docs/manpages/samba-tool.8 index 6fbf950e76..51c95f5310 100644 --- a/docs/manpages/samba-tool.8 +++ b/docs/manpages/samba-tool.8 @@ -2,12 +2,12 @@ .\" Title: samba-tool .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SAMBA\-TOOL" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "SAMBA\-TOOL" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/samba.7 b/docs/manpages/samba.7 index 1539be6e03..c1a1553f81 100644 --- a/docs/manpages/samba.7 +++ b/docs/manpages/samba.7 @@ -2,12 +2,12 @@ .\" Title: samba .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: Miscellanea .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SAMBA" "7" "12/06/2013" "Samba 4\&.0" "Miscellanea" +.TH "SAMBA" "7" "01/10/2014" "Samba 4\&.0" "Miscellanea" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -78,7 +78,7 @@ program implements a simple ftp\-like client\&. This is useful for accessing SMB .RS 4 The samba\-tool -is the main Samba Administration tool regarding Acitive Directory services\&. +is the main Samba Administration tool regarding Active Directory services\&. .RE .PP \fBtestparm\fR(1) diff --git a/docs/manpages/samba.8 b/docs/manpages/samba.8 index 498fac5965..8a6d4c86b2 100644 --- a/docs/manpages/samba.8 +++ b/docs/manpages/samba.8 @@ -2,12 +2,12 @@ .\" Title: samba .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SAMBA" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "SAMBA" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -156,6 +156,11 @@ option "<name>" to value "<value>" from the command line\&. This overrides compi .RS 4 Print a summary of command line options\&. .RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE .SH "FILES" .PP /etc/rc diff --git a/docs/manpages/sharesec.1 b/docs/manpages/sharesec.1 index 878f112e40..0b608f75e2 100644 --- a/docs/manpages/sharesec.1 +++ b/docs/manpages/sharesec.1 @@ -2,12 +2,12 @@ .\" Title: sharesec .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SHARESEC" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SHARESEC" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ sharesec \- Set or get share ACLs .SH "SYNOPSIS" .HP \w'\ 'u -sharesec {sharename} [\-r,\ \-\-remove=ACL] [\-m,\ \-\-modify=ACL] [\-a,\ \-\-add=ACL] [\-R,\ \-\-replace=ACLs] [\-D,\ \-\-delete] [\-v,\ \-\-view] [\-\-view\-all] [\-M,\ \-\-machine\-sid] [\-F,\ \-\-force] [\-d,\ \-\-debuglevel=DEBUGLEVEL] [\-s,\ \-\-configfile=CONFIGFILE] [\-l,\ \-\-log\-basename=LOGFILEBASE] [\-V,\ \-\-version] [\-?,\ \-\-help] [\-\-usage] +sharesec {sharename} [\-r,\ \-\-remove=ACL] [\-m,\ \-\-modify=ACL] [\-a,\ \-\-add=ACL] [\-R,\ \-\-replace=ACLs] [\-D,\ \-\-delete] [\-v,\ \-\-view] [\-\-view\-all] [\-M,\ \-\-machine\-sid] [\-F,\ \-\-force] [\-d,\ \-\-debuglevel=DEBUGLEVEL] [\-s,\ \-\-configfile=CONFIGFILE] [\-l,\ \-\-log\-basename=LOGFILEBASE] [\-\-version] [\-?,\ \-\-help] [\-\-usage] [\-S,\ \-\-setsddl=STRING] [\-V,\ \-\-viewsddl] .SH "DESCRIPTION" .PP This tool is part of the @@ -92,6 +92,16 @@ List a share acl List all share acls .RE .PP +\-S|\-\-setsddl=STRING +.RS 4 +Set security descriptor by providing ACL in SDDL format\&. +.RE +.PP +\-V|\-\-viewsddl +.RS 4 +List a share acl in SDDL format\&. +.RE +.PP \-?|\-\-help .RS 4 Print a summary of command line options\&. diff --git a/docs/manpages/smb.conf.5 b/docs/manpages/smb.conf.5 index 414ae31fc2..5c6ab23dac 100644 --- a/docs/manpages/smb.conf.5 +++ b/docs/manpages/smb.conf.5 @@ -2,12 +2,12 @@ .\" Title: smb.conf .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: File Formats and Conventions .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMB\&.CONF" "5" "12/06/2013" "Samba 4\&.0" "File Formats and Conventions" +.TH "SMB\&.CONF" "5" "01/10/2014" "Samba 4\&.0" "File Formats and Conventions" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -706,7 +706,7 @@ This boolean parameter controls the behaviour of \fBsmbd\fR(8) when receiving a protocol request of "open for execution" from a Windows client\&. With Samba 3\&.6 and older, the execution right in the ACL was not checked, so a client could execute a file even if it did not have execute rights on the file\&. In Samba 4\&.0, this has been fixed, so that by default, i\&.e\&. when this parameter is set to "False", "open for execution" is now denied when execution permissions are not present\&. .sp -If this parameter is set to "True", Samba does not check execute permissions on "open for execution", thus re\-establishing the behaviour of Samba 3\&.6\&. This can be useful to smoothen upgrades from older Samba versions to 4\&.0 and newer\&. This setting is not not meant to be used as a permanent setting, but as a temporary relief: It is recommended to fix the permissions in the ACLs and reset this parameter to the default after a certain transition period\&. +If this parameter is set to "True", Samba does not check execute permissions on "open for execution", thus re\-establishing the behaviour of Samba 3\&.6\&. This can be useful to smoothen upgrades from older Samba versions to 4\&.0 and newer\&. This setting is not meant to be used as a permanent setting, but as a temporary relief: It is recommended to fix the permissions in the ACLs and reset this parameter to the default after a certain transition period\&. .sp Default: \fI\fIacl allow execute always\fR\fR\fI = \fR\fIFalse\fR\fI \fR @@ -741,7 +741,7 @@ This parameter allows Samba to also permit delegation of the control over a poin .sp This parameter is best used with the \m[blue]\fBinherit owner\fR\m[] -option and also on on a share containing directories with the UNIX +option and also on a share containing directories with the UNIX \fIsetgid bit\fR set on them, which causes new files and directories created within it to inherit the group ownership from the containing directory\&. .sp @@ -2882,7 +2882,7 @@ directory name cache size (S) .\" directory name cache size .PP .RS 4 -This parameter specifies the the size of the directory name cache\&. It will be needed to turn this off for *BSD systems\&. +This parameter specifies the size of the directory name cache\&. It will be needed to turn this off for *BSD systems\&. .sp Default: \fI\fIdirectory name cache size\fR\fR\fI = \fR\fI100\fR\fI \fR @@ -3282,7 +3282,7 @@ NTFS and Windows VFAT file systems keep a create time for all files and director .sp This option is mainly used as a compatibility option for Visual C++ when used against Samba shares\&. Visual C++ generated makefiles have the object directory as a dependency for each object file, and a make rule to create the directory\&. Also, when NMAKE compares timestamps it uses the creation time when examining a directory\&. Thus the object directory will be created if it does not exist, but once it does exist it will always have an earlier timestamp than the object files it contains\&. .sp -However, Unix time semantics mean that the create time reported by Samba will be updated whenever a file is created or or deleted in the directory\&. NMAKE finds all object files in the object directory\&. The timestamp of the last one built is then compared to the timestamp of the object directory\&. If the directory\*(Aqs timestamp if newer, then all object files will be rebuilt\&. Enabling this option ensures directories always predate their contents and an NMAKE build will proceed as expected\&. +However, Unix time semantics mean that the create time reported by Samba will be updated whenever a file is created or deleted in the directory\&. NMAKE finds all object files in the object directory\&. The timestamp of the last one built is then compared to the timestamp of the object directory\&. If the directory\*(Aqs timestamp if newer, then all object files will be rebuilt\&. Enabling this option ensures directories always predate their contents and an NMAKE build will proceed as expected\&. .sp Default: \fI\fIfake directory create times\fR\fR\fI = \fR\fIno\fR\fI \fR @@ -4070,7 +4070,7 @@ prefix\&. An idmap option consists of the \m[blue]\fBidmap config\fR\m[] prefix, followed by a domain name or the asterisk character (*), a colon, and the name of an idmap setting for the chosen domain\&. .sp -The idmap configuration is hence divided into groups, one group for each domain to be configured, and one group with the the asterisk instead of a proper domain name, which specifies the default configuration that is used to catch all domains that do not have an explicit idmap configuration of their own\&. +The idmap configuration is hence divided into groups, one group for each domain to be configured, and one group with the asterisk instead of a proper domain name, which specifies the default configuration that is used to catch all domains that do not have an explicit idmap configuration of their own\&. .sp There are three general options available: .PP @@ -6080,7 +6080,7 @@ mangling method (G) .\" mangling method .PP .RS 4 -controls the algorithm used for the generating the mangled names\&. Can take two different values, "hash" and "hash2"\&. "hash" is the algorithm that was used used in Samba for many years and was the default in Samba 2\&.2\&.x "hash2" is now the default and is newer and considered a better algorithm (generates less collisions) in the names\&. Many Win32 applications store the mangled names and so changing to algorithms must not be done lightly as these applications may break unless reinstalled\&. +controls the algorithm used for the generating the mangled names\&. Can take two different values, "hash" and "hash2"\&. "hash" is the algorithm that was used in Samba for many years and was the default in Samba 2\&.2\&.x "hash2" is now the default and is newer and considered a better algorithm (generates less collisions) in the names\&. Many Win32 applications store the mangled names and so changing to algorithms must not be done lightly as these applications may break unless reinstalled\&. .sp Default: \fI\fImangling method\fR\fR\fI = \fR\fIhash2\fR\fI \fR @@ -6937,7 +6937,7 @@ nt acl support (S) .RS 4 This boolean parameter controls whether \fBsmbd\fR(8) -will attempt to map UNIX permissions into Windows NT access control lists\&. The UNIX permissions considered are the the traditional UNIX owner and group permissions, as well as POSIX ACLs set on any files or directories\&. This parameter was formally a global parameter in releases prior to 2\&.2\&.2\&. +will attempt to map UNIX permissions into Windows NT access control lists\&. The UNIX permissions considered are the traditional UNIX owner and group permissions, as well as POSIX ACLs set on any files or directories\&. This parameter was formally a global parameter in releases prior to 2\&.2\&.2\&. .sp Default: \fI\fInt acl support\fR\fR\fI = \fR\fIyes\fR\fI \fR @@ -8748,7 +8748,7 @@ option allows to run a separate daemon or even a completely independent (3rd par .sp Currently in Samba3 we support three daemons, spoolssd, epmd and lsasd\&. These daemons can be enabled using the \fIrpc_daemon\fR -option\&. For spoolssd you have to to enable the daemon and proxy the named pipe with: +option\&. For spoolssd you have to enable the daemon and proxy the named pipe with: .sp Examples: .sp @@ -9698,7 +9698,7 @@ This controls whether the remote client is allowed or required to use SMB encryp and \fIdisabled\fR\&. This may be set on a per\-share basis, but clients may chose to encrypt the entire session, not just traffic to a specific share\&. If this is set to mandatory then all traffic to a share \fImust\fR -must be encrypted once the connection has been made to the share\&. The server would return "access denied" to all non\-encrypted requests on such a share\&. Selecting encrypted traffic reduces throughput as smaller packet sizes must be used (no huge UNIX style read/writes allowed) as well as the overhead of encrypting and signing all the data\&. +be encrypted once the connection has been made to the share\&. The server would return "access denied" to all non\-encrypted requests on such a share\&. Selecting encrypted traffic reduces throughput as smaller packet sizes must be used (no huge UNIX style read/writes allowed) as well as the overhead of encrypting and signing all the data\&. .sp If SMB encryption is selected, Windows style SMB signing (see the \m[blue]\fBserver signing\fR\m[] @@ -10367,7 +10367,7 @@ username map script (G) .RS 4 This script is a mutually exclusive alternative to the \m[blue]\fBusername map\fR\m[] -parameter\&. This parameter specifies and external program or script that must accept a single command line option (the username transmitted in the authentication request) and return a line line on standard output (the name to which the account should mapped)\&. In this way, it is possible to store username map tables in an LDAP or NIS directory services\&. +parameter\&. This parameter specifies and external program or script that must accept a single command line option (the username transmitted in the authentication request) and return a line on standard output (the name to which the account should mapped)\&. In this way, it is possible to store username map tables in an LDAP or NIS directory services\&. .sp Default: \fI\fIusername map script\fR\fR\fI = \fR\fI\fR\fI \fR diff --git a/docs/manpages/smbcacls.1 b/docs/manpages/smbcacls.1 index 5e878c5f9a..2c42fd7819 100644 --- a/docs/manpages/smbcacls.1 +++ b/docs/manpages/smbcacls.1 @@ -2,12 +2,12 @@ .\" Title: smbcacls .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBCACLS" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBCACLS" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ smbcacls \- Set or get ACLs on an NT file or directory names .SH "SYNOPSIS" .HP \w'\ 'u -smbcacls {//server/share} {/filename} [\-D|\-\-delete\ acls] [\-M|\-\-modify\ acls] [\-a|\-\-add\ acls] [\-S|\-\-set\ acls] [\-C|\-\-chown\ name] [\-G|\-\-chgrp\ name] [\-I\ allow|romove|copy] [\-\-numeric] [\-t] [\-U\ username] [\-h] [\-d] [\-e] [\-m|\-\-max\-protocol\ LEVEL] +smbcacls {//server/share} {/filename} [\-D|\-\-delete\ acls] [\-M|\-\-modify\ acls] [\-a|\-\-add\ acls] [\-S|\-\-set\ acls] [\-C|\-\-chown\ name] [\-G|\-\-chgrp\ name] [\-I\ allow|romove|copy] [\-\-numeric] [\-t] [\-U\ username] [\-d] [\-e] [\-m|\-\-max\-protocol\ LEVEL] [\-\-query\-security\-info\ FLAGS] [\-\-set\-security\-info\ FLAGS] [\-\-sddl] [\-\-domain\-sid\ SID] .SH "DESCRIPTION" .PP This tool is part of the @@ -97,11 +97,6 @@ option\&. To set the check box pass allow\&. To unset the check box pass either This option displays all ACL information in numeric format\&. The default is to convert SIDs to names and ACE types and masks to a readable string format\&. .RE .PP -\-e -.RS 4 -This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. -.RE -.PP \-m|\-\-max\-protocol PROTOCOL_NAME .RS 4 This allows the user to select the highest SMB protocol level that smbcacls will use to connect to the server\&. By default this is set to NT1, which is the highest available SMB1 protocol\&. To connect using SMB2 or SMB3 protocol, use the strings SMB2 or SMB3 respectively\&. Note that to connect to a Windows 2012 server with encrypted transport selecting a max\-protocol of SMB3 is required\&. @@ -112,9 +107,24 @@ This allows the user to select the highest SMB protocol level that smbcacls will Don\*(Aqt actually do anything, only validate the correctness of the arguments\&. .RE .PP -\-?|\-\-help +\-\-query\-security\-info FLAGS .RS 4 -Print a summary of command line options\&. +The security\-info flags for queries\&. +.RE +.PP +\-\-set\-security\-info FLAGS +.RS 4 +The security\-info flags for queries\&. +.RE +.PP +\-\-sddl +.RS 4 +Output and input acls in sddl format\&. +.RE +.PP +\-\-domain\-sid SID +.RS 4 +SID used for sddl processing\&. .RE .PP \-d|\-\-debuglevel=level @@ -219,6 +229,67 @@ command\&. To be safe always allow rpcclient to prompt for a password and type it in directly\&. .RE +.PP +\-S|\-\-signing on|off|required +.RS 4 +Set the client signing state\&. +.RE +.PP +\-P|\-\-machine\-pass +.RS 4 +Use stored machine account password\&. +.RE +.PP +\-e|\-\-encrypt +.RS 4 +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +.RE +.PP +\-\-pw\-nt\-hash +.RS 4 +The supplied password is the NT hash\&. +.RE +.PP +\-n|\-\-netbiosname <primary NetBIOS name> +.RS 4 +This option allows you to override the NetBIOS name that Samba uses for itself\&. This is identical to setting the +\m[blue]\fBnetbios name\fR\m[] +parameter in the +smb\&.conf +file\&. However, a command line setting will take precedence over settings in +smb\&.conf\&. +.RE +.PP +\-i|\-\-scope <scope> +.RS 4 +This specifies a NetBIOS scope that +nmblookup +will use to communicate with when generating NetBIOS names\&. For details on the use of NetBIOS scopes, see rfc1001\&.txt and rfc1002\&.txt\&. NetBIOS scopes are +\fIvery\fR +rarely used, only set this parameter if you are the system administrator in charge of all the NetBIOS systems you communicate with\&. +.RE +.PP +\-W|\-\-workgroup=domain +.RS 4 +Set the SMB domain of the username\&. This overrides the default domain which is the domain defined in smb\&.conf\&. If the domain specified is the same as the servers NetBIOS name, it causes the client to log on using the servers local SAM (as opposed to the Domain SAM)\&. +.RE +.PP +\-O|\-\-socket\-options socket options +.RS 4 +TCP socket options to set on the client socket\&. See the socket options parameter in the +smb\&.conf +manual page for the list of valid options\&. +.RE +.PP +\-?|\-\-help +.RS 4 +Print a summary of command line options\&. +.RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE .SH "ACL FORMAT" .PP The format of an ACL is one or more ACL entries separated by either commas or newlines\&. An ACL entry is one of the following: diff --git a/docs/manpages/smbclient.1 b/docs/manpages/smbclient.1 index 1fcb973314..223bd6e52d 100644 --- a/docs/manpages/smbclient.1 +++ b/docs/manpages/smbclient.1 @@ -2,12 +2,12 @@ .\" Title: smbclient .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBCLIENT" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBCLIENT" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -205,11 +205,6 @@ This allows the user to select the highest SMB protocol level that smbclient wil Make queries to the external server using the machine account of the local server\&. .RE .PP -\-?|\-\-help -.RS 4 -Print a summary of command line options\&. -.RE -.PP \-I|\-\-ip\-address IP\-address .RS 4 \fIIP address\fR @@ -245,9 +240,9 @@ iosize command inside smbclient\&. .RE .PP -\-e|\-\-encrypt +\-B|\-\-browse .RS 4 -This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +Browse SMB servers using DNS\&. .RE .PP \-d|\-\-debuglevel=level @@ -353,6 +348,26 @@ rpcclient to prompt for a password and type it in directly\&. .RE .PP +\-S|\-\-signing on|off|required +.RS 4 +Set the client signing state\&. +.RE +.PP +\-P|\-\-machine\-pass +.RS 4 +Use stored machine account password\&. +.RE +.PP +\-e|\-\-encrypt +.RS 4 +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +.RE +.PP +\-\-pw\-nt\-hash +.RS 4 +The supplied password is the NT hash\&. +.RE +.PP \-n|\-\-netbiosname <primary NetBIOS name> .RS 4 This option allows you to override the NetBIOS name that Samba uses for itself\&. This is identical to setting the @@ -384,6 +399,16 @@ smb\&.conf manual page for the list of valid options\&. .RE .PP +\-?|\-\-help +.RS 4 +Print a summary of command line options\&. +.RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE +.PP \-t|\-\-timeout <timeout\-seconds> .RS 4 This allows the user to tune the default timeout used for each SMB request\&. The default setting is 20 seconds\&. Increase it if requests to the server sometimes time out\&. This can happen when SMB3 encryption is selected and smbclient is overwhelming the server with requests\&. This can also be set using the @@ -655,7 +680,7 @@ Sets the archive level when operating on files\&. 0 means ignore the archive bit .PP backup .RS 4 -Toggle the state of the "backup intent" flag sent to the server on directory listings and file opens\&. If the "backup intent" flag is true, the server will try and bypass some file system checks if the user has been granted SE_BACKUP or SE_RESTORE privilages\&. This state is useful when performing a backup or restore operation\&. +Toggle the state of the "backup intent" flag sent to the server on directory listings and file opens\&. If the "backup intent" flag is true, the server will try and bypass some file system checks if the user has been granted SE_BACKUP or SE_RESTORE privileges\&. This state is useful when performing a backup or restore operation\&. .RE .PP blocksize <number> diff --git a/docs/manpages/smbcontrol.1 b/docs/manpages/smbcontrol.1 index 5adedc7f7f..546fb18f6e 100644 --- a/docs/manpages/smbcontrol.1 +++ b/docs/manpages/smbcontrol.1 @@ -2,12 +2,12 @@ .\" Title: smbcontrol .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBCONTROL" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBCONTROL" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ smbcontrol \- send messages to smbd, nmbd or winbindd processes .SH "SYNOPSIS" .HP \w'\ 'u -smbcontrol [\-i] [\-s] +smbcontrol [\-s] [\-t|\-\-timeout] .HP \w'\ 'u smbcontrol [destination] [message\-type] [parameter] .SH "DESCRIPTION" @@ -53,6 +53,11 @@ daemon running on the system\&. Print a summary of command line options\&. .RE .PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE +.PP \-s|\-\-configfile=<configuration file> .RS 4 The file specified contains the configuration details required by the server\&. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See @@ -60,9 +65,51 @@ smb\&.conf for more information\&. The default configuration file name is determined at compile time\&. .RE .PP -\-i +\-d|\-\-debuglevel=level +.RS 4 +\fIlevel\fR +is an integer from 0 to 10\&. The default value if this parameter is not specified is 1\&. +.sp +The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&. +.sp +Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&. +.sp +Note that specifying this parameter here will override the +\m[blue]\fBlog level\fR\m[] +parameter in the +smb\&.conf +file\&. +.RE +.PP +\-V|\-\-version +.RS 4 +Prints the program version number\&. +.RE +.PP +\-s|\-\-configfile=<configuration file> +.RS 4 +The file specified contains the configuration details required by the server\&. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See +smb\&.conf +for more information\&. The default configuration file name is determined at compile time\&. +.RE +.PP +\-l|\-\-log\-basename=logdirectory +.RS 4 +Base directory name for log/debug files\&. The extension +\fB"\&.progname"\fR +will be appended (e\&.g\&. log\&.smbclient, log\&.smbd, etc\&.\&.\&.)\&. The log file is never removed by the client\&. +.RE +.PP +\-\-option=<name>=<value> +.RS 4 +Set the +\fBsmb.conf\fR(5) +option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. +.RE +.PP +\-t|\-\-timeout .RS 4 -Run interactively\&. Individual commands of the form destination message\-type parameters can be entered on STDIN\&. An empty command line or a "q" will quit the program\&. +Set timeout to seconds\&. .RE .PP destination diff --git a/docs/manpages/smbcquotas.1 b/docs/manpages/smbcquotas.1 index c31b401f7b..2e4ad0143b 100644 --- a/docs/manpages/smbcquotas.1 +++ b/docs/manpages/smbcquotas.1 @@ -2,12 +2,12 @@ .\" Title: smbcquotas .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBCQUOTAS" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBCQUOTAS" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ smbcquotas \- Set or get QUOTAs of NTFS 5 shares .SH "SYNOPSIS" .HP \w'\ 'u -smbcquotas {//server/share} [\-u\ user] [\-L] [\-F] [\-S\ QUOTA_SET_COMMAND] [\-n] [\-t] [\-v] [\-d\ debuglevel] [\-s\ configfile] [\-l\ logdir] [\-V] [\-U\ username] [\-N] [\-k] [\-A] +smbcquotas {//server/share} [\-u|\-\-user\ user] [\-L|\-\-list] [\-F|\-\-fs] [\-S|\-\-set\ QUOTA_SET_COMMAND] [\-n|\-\-numeric] [\-t|\-\-test\-args] [\-v|\-\-verbose] [\-d\ debuglevel] [\-s\ configfile] [\-l\ logdir] [\-V] [\-U\ username] [\-N] [\-k] [\-A] .SH "DESCRIPTION" .PP This tool is part of the @@ -47,46 +47,41 @@ The following options are available to the smbcquotas program\&. .PP -\-u user +\-u|\-\-user user .RS 4 Specifies the user of whom the quotas are get or set\&. By default the current user\*(Aqs username will be used\&. .RE .PP -\-L +\-L|\-\-list .RS 4 Lists all quota records of the share\&. .RE .PP -\-F +\-F|\-\-fs .RS 4 Show the share quota status and default limits\&. .RE .PP -\-S QUOTA_SET_COMMAND +\-S|\-\-set QUOTA_SET_COMMAND .RS 4 This command sets/modifies quotas for a user or on the share, depending on the QUOTA_SET_COMMAND parameter which is described later\&. .RE .PP -\-n +\-n|\-\-numeric .RS 4 This option displays all QUOTA information in numeric format\&. The default is to convert SIDs to names and QUOTA limits to a readable string format\&. .RE .PP -\-t +\-t|\-\-test\-args .RS 4 Don\*(Aqt actually do anything, only validate the correctness of the arguments\&. .RE .PP -\-v +\-v|\-\-verbose .RS 4 Be verbose\&. .RE .PP -\-?|\-\-help -.RS 4 -Print a summary of command line options\&. -.RE -.PP \-d|\-\-debuglevel=level .RS 4 \fIlevel\fR @@ -189,6 +184,36 @@ command\&. To be safe always allow rpcclient to prompt for a password and type it in directly\&. .RE +.PP +\-S|\-\-signing on|off|required +.RS 4 +Set the client signing state\&. +.RE +.PP +\-P|\-\-machine\-pass +.RS 4 +Use stored machine account password\&. +.RE +.PP +\-e|\-\-encrypt +.RS 4 +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +.RE +.PP +\-\-pw\-nt\-hash +.RS 4 +The supplied password is the NT hash\&. +.RE +.PP +\-?|\-\-help +.RS 4 +Print a summary of command line options\&. +.RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE .SH "QUOTA_SET_COMMAND" .PP The format of an the QUOTA_SET_COMMAND is an operation name followed by a set of parameters specific to that operation\&. diff --git a/docs/manpages/smbd.8 b/docs/manpages/smbd.8 index 09bb506f58..77d6a98f18 100644 --- a/docs/manpages/smbd.8 +++ b/docs/manpages/smbd.8 @@ -2,12 +2,12 @@ .\" Title: smbd .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBD" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "SMBD" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ smbd \- server to provide SMB/CIFS services to clients .SH "SYNOPSIS" .HP \w'\ 'u -smbd [\-D] [\-F] [\-S] [\-i] [\-h] [\-V] [\-b] [\-d\ <debug\ level>] [\-l\ <log\ directory>] [\-p\ <port\ number(s)>] [\-P\ <profiling\ level>] [\-O\ <socket\ option>] [\-s\ <configuration\ file>] +smbd [\-D|\-\-daemon] [\-F|\-\-foreground] [\-S|\-\-log\-stdout] [\-i|\-\-interactive] [\-V] [\-b|\-\-build\-options] [\-d\ <debug\ level>] [\-l|\-\-log\-basename\ <log\ directory>] [\-p\ <port\ number(s)>] [\-P\ <profiling\ level>] [\-s\ <configuration\ file>] [\-\-no\-process\-group] .SH "DESCRIPTION" .PP This program is part of the @@ -55,7 +55,7 @@ smbd killed and restarted\&. .SH "OPTIONS" .PP -\-D +\-D|\-\-daemon .RS 4 If specified, this parameter causes the server to operate as a daemon\&. That is, it detaches itself and runs in the background, fielding requests on the appropriate port\&. Operating the server as a daemon is the recommended way of running smbd @@ -64,7 +64,7 @@ smbd is executed on the command line of a shell\&. .RE .PP -\-F +\-F|\-\-foreground .RS 4 If specified, this parameter causes the main smbd @@ -79,14 +79,14 @@ daemontools package, or the AIX process monitor\&. .RE .PP -\-S +\-S|\-\-log\-stdout .RS 4 If specified, this parameter causes smbd to log to standard output rather than a file\&. .RE .PP -\-i +\-i|\-\-interactive .RS 4 If this parameter is specified it causes the server to run "interactively", not as a daemon, even if the server is executed on the command line of a shell\&. Setting this parameter negates the implicit daemon mode when run from the command line\&. smbd @@ -142,7 +142,17 @@ option "<name>" to value "<value>" from the command line\&. This overrides compi Print a summary of command line options\&. .RE .PP -\-b +\-\-usage +.RS 4 +Display brief usage message\&. +.RE +.PP +\-\-no\-process\-group +.RS 4 +Do not create a new process group for smbd\&. +.RE +.PP +\-b|\-\-build\-options .RS 4 Prints information about how Samba was built\&. .RE diff --git a/docs/manpages/smbget.1 b/docs/manpages/smbget.1 index 7b4d3f932e..5deaf07a25 100644 --- a/docs/manpages/smbget.1 +++ b/docs/manpages/smbget.1 @@ -2,12 +2,12 @@ .\" Title: smbget .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBGET" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBGET" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ smbget \- wget\-like utility for download files over SMB .SH "SYNOPSIS" .HP \w'\ 'u -smbget [\-a,\ \-\-guest] [\-r,\ \-\-resume] [\-R,\ \-\-recursive] [\-u,\ \-\-username=STRING] [\-p,\ \-\-password=STRING] [\-w,\ \-\-workgroup=STRING] [\-n,\ \-\-nonprompt] [\-d,\ \-\-debuglevel=INT] [\-D,\ \-\-dots] [\-P,\ \-\-keep\-permissions] [\-o,\ \-\-outputfile] [\-f,\ \-\-rcfile] [\-q,\ \-\-quiet] [\-v,\ \-\-verbose] [\-b,\ \-\-blocksize] [\-O,\ \-\-stdout] [\-?,\ \-\-help] [\-\-usage] {smb://host/share/path/to/file} [smb://url2/] [\&.\&.\&.] +smbget [\-a,\ \-\-guest] [\-r,\ \-\-resume] [\-R,\ \-\-recursive] [\-u,\ \-\-username=STRING] [\-p,\ \-\-password=STRING] [\-w,\ \-\-workgroup=STRING] [\-n,\ \-\-nonprompt] [\-d,\ \-\-debuglevel=INT] [\-D,\ \-\-dots] [\-P,\ \-\-keep\-permissions] [\-o,\ \-\-outputfile] [\-f,\ \-\-rcfile] [\-q,\ \-\-quiet] [\-v,\ \-\-verbose] [\-b,\ \-\-blocksize] [\-O,\ \-\-stdout] [\-U,\ \-\-update] [\-?,\ \-\-help] [\-\-usage] {smb://host/share/path/to/file} [smb://url2/] [\&.\&.\&.] .SH "DESCRIPTION" .PP This tool is part of the @@ -133,6 +133,16 @@ Show help message .RS 4 Display brief usage message .RE +.PP +\-U, \-\-update +.RS 4 +Download only when remote file is newer than local file or local file is missing\&. +.RE +.PP +\-e|\-\-encrypt +.RS 4 +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +.RE .SH "SMB URLS" .PP SMB URL\*(Aqs should be specified in the following format: diff --git a/docs/manpages/smbgetrc.5 b/docs/manpages/smbgetrc.5 index facd8b5b17..794a8f0f8f 100644 --- a/docs/manpages/smbgetrc.5 +++ b/docs/manpages/smbgetrc.5 @@ -2,12 +2,12 @@ .\" Title: smbgetrc .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: File Formats and Conventions .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBGETRC" "5" "12/06/2013" "Samba 4\&.0" "File Formats and Conventions" +.TH "SMBGETRC" "5" "01/10/2014" "Samba 4\&.0" "File Formats and Conventions" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/smbpasswd.5 b/docs/manpages/smbpasswd.5 index f18361cee1..2447c015da 100644 --- a/docs/manpages/smbpasswd.5 +++ b/docs/manpages/smbpasswd.5 @@ -2,12 +2,12 @@ .\" Title: smbpasswd .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: File Formats and Conventions .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBPASSWD" "5" "12/06/2013" "Samba 4\&.0" "File Formats and Conventions" +.TH "SMBPASSWD" "5" "01/10/2014" "Samba 4\&.0" "File Formats and Conventions" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -43,7 +43,7 @@ smbpasswd is the Samba encrypted password file\&. It contains the username, Unix .PP The format of the smbpasswd file used by Samba 2\&.2 is very similar to the familiar Unix passwd(5) -file\&. It is an ASCII file containing one line for each user\&. Each field ithin each line is separated from the next by a colon\&. Any entry beginning with \*(Aq#\*(Aq is ignored\&. The smbpasswd file contains the following information for each user: +file\&. It is an ASCII file containing one line for each user\&. Each field within each line is separated from the next by a colon\&. Any entry beginning with \*(Aq#\*(Aq is ignored\&. The smbpasswd file contains the following information for each user: .PP name .RS 4 diff --git a/docs/manpages/smbpasswd.8 b/docs/manpages/smbpasswd.8 index b327d4e94e..0936e3218b 100644 --- a/docs/manpages/smbpasswd.8 +++ b/docs/manpages/smbpasswd.8 @@ -2,12 +2,12 @@ .\" Title: smbpasswd .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBPASSWD" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "SMBPASSWD" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/smbspool.8 b/docs/manpages/smbspool.8 index 301df79833..732b4c778b 100644 --- a/docs/manpages/smbspool.8 +++ b/docs/manpages/smbspool.8 @@ -2,12 +2,12 @@ .\" Title: smbspool .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBSPOOL" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "SMBSPOOL" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/smbstatus.1 b/docs/manpages/smbstatus.1 index 087d0e55fc..87e00c28ee 100644 --- a/docs/manpages/smbstatus.1 +++ b/docs/manpages/smbstatus.1 @@ -2,12 +2,12 @@ .\" Title: smbstatus .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBSTATUS" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBSTATUS" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ smbstatus \- report on current Samba connections .SH "SYNOPSIS" .HP \w'\ 'u -smbstatus [\-P] [\-b] [\-d\ <debug\ level>] [\-v] [\-L] [\-B] [\-p] [\-S] [\-N] [\-f] [\-s\ <configuration\ file>] [\-u\ <username>] +smbstatus [\-P] [\-b] [\-d\ <debug\ level>] [\-v] [\-L] [\-B] [\-p] [\-S] [\-N] [\-f] [\-s\ <configuration\ file>] [\-u\ <username>] [\-n|\-\-numeric] [\-R|\-\-profile\-rates] .SH "DESCRIPTION" .PP This tool is part of the @@ -47,6 +47,11 @@ is a very simple program to list the current Samba connections\&. If samba has been compiled with the profiling option, print only the contents of the profiling shared memory area\&. .RE .PP +\-R|\-\-profile\-rates +.RS 4 +If samba has been compiled with the profiling option, print the contents of the profiling shared memory area and the call rates\&. +.RE +.PP \-b|\-\-brief .RS 4 gives brief output\&. @@ -142,6 +147,11 @@ selects information relevant to \fIusername\fR only\&. .RE +.PP +\-n|\-\-numeric +.RS 4 +causes smbstatus to display numeric UIDs and GIDs instead of resolving them to names\&. +.RE .SH "VERSION" .PP This man page is correct for version 3 of the Samba suite\&. diff --git a/docs/manpages/smbta-util.8 b/docs/manpages/smbta-util.8 index cb12f9d2ad..3fa5c51e20 100644 --- a/docs/manpages/smbta-util.8 +++ b/docs/manpages/smbta-util.8 @@ -2,12 +2,12 @@ .\" Title: smbta-util .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBTA\-UTIL" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "SMBTA\-UTIL" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,8 +31,6 @@ smbta-util \- control encryption in VFS smb_traffic_analyzer .SH "SYNOPSIS" .HP \w'\ 'u -smbta\-util -.HP \w'\ 'u smbta\-util [\fICOMMANDS\fR...] .SH "DESCRIPTION" .PP diff --git a/docs/manpages/smbtar.1 b/docs/manpages/smbtar.1 index b48449e136..a6beabb1bd 100644 --- a/docs/manpages/smbtar.1 +++ b/docs/manpages/smbtar.1 @@ -2,12 +2,12 @@ .\" Title: smbtar .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBTAR" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBTAR" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/smbtree.1 b/docs/manpages/smbtree.1 index 8d5d7702a9..e8465675af 100644 --- a/docs/manpages/smbtree.1 +++ b/docs/manpages/smbtree.1 @@ -2,12 +2,12 @@ .\" Title: smbtree .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMBTREE" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "SMBTREE" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -160,10 +160,35 @@ rpcclient to prompt for a password and type it in directly\&. .RE .PP +\-S|\-\-signing on|off|required +.RS 4 +Set the client signing state\&. +.RE +.PP +\-P|\-\-machine\-pass +.RS 4 +Use stored machine account password\&. +.RE +.PP +\-e|\-\-encrypt +.RS 4 +This command line parameter requires the remote server support the UNIX extensions or that the SMB3 protocol has been selected\&. Requests that the connection be encrypted\&. Negotiates SMB encryption using either SMB3 or POSIX extensions via GSSAPI\&. Uses the given credentials for the encryption negotiation (either kerberos or NTLMv1/v2 if given domain/username/password triple\&. Fails the connection if encryption cannot be negotiated\&. +.RE +.PP +\-\-pw\-nt\-hash +.RS 4 +The supplied password is the NT hash\&. +.RE +.PP \-?|\-\-help .RS 4 Print a summary of command line options\&. .RE +.PP +\-\-usage +.RS 4 +Display brief usage message\&. +.RE .SH "VERSION" .PP This man page is correct for version 3 of the Samba suite\&. diff --git a/docs/manpages/testparm.1 b/docs/manpages/testparm.1 index 08246ca12e..fa57787e18 100644 --- a/docs/manpages/testparm.1 +++ b/docs/manpages/testparm.1 @@ -2,12 +2,12 @@ .\" Title: testparm .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "TESTPARM" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "TESTPARM" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ testparm \- check an smb\&.conf configuration file for internal correctness .SH "SYNOPSIS" .HP \w'\ 'u -testparm [\-s] [\-h] [\-v] [\-t\ <encoding>] {config\ filename} [hostname\ hostIP] +testparm [\-s|\-\-suppress\-prompt] [\-\-help] [\-v|\-\-verbose] {config\ filename} [hostname\ hostIP] .SH "DESCRIPTION" .PP This tool is part of the @@ -59,33 +59,56 @@ file it returns an exit code of 1 to the calling program, else it returns an exi testparm\&. .SH "OPTIONS" .PP -\-s +\-s|\-\-suppress\-prompt .RS 4 Without this option, testparm will prompt for a carriage return after printing the service names and before dumping the service definitions\&. .RE .PP +\-V|\-\-version +.RS 4 +Prints the program version number\&. +.RE +.PP +\-\-option=<name>=<value> +.RS 4 +Set the +\fBsmb.conf\fR(5) +option "<name>" to value "<value>" from the command line\&. This overrides compiled\-in defaults and options read from the configuration file\&. +.RE +.PP \-?|\-\-help .RS 4 Print a summary of command line options\&. .RE .PP -\-V|\-\-version +\-\-usage .RS 4 -Prints the program version number\&. +Display brief usage message\&. .RE .PP -\-v +\-d|\-\-debuglevel=level .RS 4 -If this option is specified, testparm will also output all options that were not used in -\fBsmb.conf\fR(5) -and are thus set to their defaults\&. +\fIlevel\fR +is an integer from 0 to 10\&. The default value if this parameter is not specified is 1\&. +.sp +The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&. +.sp +Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&. +.sp +Note that specifying this parameter here will override the +\m[blue]\fBlog level\fR\m[] +parameter in the +smb\&.conf +file\&. .RE .PP -\-t encoding +\-v|\-\-verbose .RS 4 -Output data in specified encoding\&. +If this option is specified, testparm will also output all options that were not used in +\fBsmb.conf\fR(5) +and are thus set to their defaults\&. .RE .PP \-\-parameter\-name parametername @@ -98,6 +121,16 @@ Dumps the named parameter\&. If no section\-name is set the view is limited by d Dumps the named section\&. .RE .PP +\-\-show\-all\-parameters +.RS 4 +Show the parameters, type, possible values\&. +.RE +.PP +\-l|\-\-skip\-logic\-checks +.RS 4 +Skip the global checks\&. +.RE +.PP configfilename .RS 4 This is the name of the configuration file to check\&. If this parameter is not present then the default diff --git a/docs/manpages/vfs_acl_tdb.8 b/docs/manpages/vfs_acl_tdb.8 index 97f2481d23..50b445e513 100644 --- a/docs/manpages/vfs_acl_tdb.8 +++ b/docs/manpages/vfs_acl_tdb.8 @@ -2,12 +2,12 @@ .\" Title: vfs_acl_tdb .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_ACL_TDB" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_ACL_TDB" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_acl_xattr.8 b/docs/manpages/vfs_acl_xattr.8 index 700fbe0dc8..47166b8213 100644 --- a/docs/manpages/vfs_acl_xattr.8 +++ b/docs/manpages/vfs_acl_xattr.8 @@ -2,12 +2,12 @@ .\" Title: vfs_acl_xattr .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_ACL_XATTR" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_ACL_XATTR" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_aio_fork.8 b/docs/manpages/vfs_aio_fork.8 index b283113601..9a28bfc106 100644 --- a/docs/manpages/vfs_aio_fork.8 +++ b/docs/manpages/vfs_aio_fork.8 @@ -2,12 +2,12 @@ .\" Title: vfs_aio_fork .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_AIO_FORK" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_AIO_FORK" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_aio_linux.8 b/docs/manpages/vfs_aio_linux.8 index 5bd742c502..eccfe94049 100644 --- a/docs/manpages/vfs_aio_linux.8 +++ b/docs/manpages/vfs_aio_linux.8 @@ -2,12 +2,12 @@ .\" Title: vfs_aio_linux .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_AIO_LINUX" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_AIO_LINUX" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_aio_pthread.8 b/docs/manpages/vfs_aio_pthread.8 index f05118429b..5bd6f884da 100644 --- a/docs/manpages/vfs_aio_pthread.8 +++ b/docs/manpages/vfs_aio_pthread.8 @@ -2,12 +2,12 @@ .\" Title: vfs_aio_pthread .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_AIO_PTHREAD" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_AIO_PTHREAD" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_audit.8 b/docs/manpages/vfs_audit.8 index 0c7e47d464..9d2c5b8920 100644 --- a/docs/manpages/vfs_audit.8 +++ b/docs/manpages/vfs_audit.8 @@ -2,12 +2,12 @@ .\" Title: vfs_audit .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_AUDIT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_AUDIT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_btrfs.8 b/docs/manpages/vfs_btrfs.8 index dfe7a5326e..7d668cd5af 100644 --- a/docs/manpages/vfs_btrfs.8 +++ b/docs/manpages/vfs_btrfs.8 @@ -2,12 +2,12 @@ .\" Title: vfs_btrfs .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_BTRFS" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_BTRFS" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_cacheprime.8 b/docs/manpages/vfs_cacheprime.8 index ca34e80f6e..685f526ac9 100644 --- a/docs/manpages/vfs_cacheprime.8 +++ b/docs/manpages/vfs_cacheprime.8 @@ -2,12 +2,12 @@ .\" Title: vfs_cacheprime .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_CACHEPRIME" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_CACHEPRIME" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -111,7 +111,7 @@ For a hypothetical disk array, it is necessary to ensure that all read operation .SH "CAVEATS" .PP cacheprime -is not a a substitute for a general\-purpose readahead mechanism\&. It is intended for use only in very specific environments where disk operations must be aligned and sized to known values (as much as that is possible)\&. +is not a substitute for a general\-purpose readahead mechanism\&. It is intended for use only in very specific environments where disk operations must be aligned and sized to known values (as much as that is possible)\&. .SH "VERSION" .PP This man page is correct for version 3\&.0\&.25 of the Samba suite\&. diff --git a/docs/manpages/vfs_cap.8 b/docs/manpages/vfs_cap.8 index 43f544ca9d..dbc7595cd5 100644 --- a/docs/manpages/vfs_cap.8 +++ b/docs/manpages/vfs_cap.8 @@ -2,12 +2,12 @@ .\" Title: vfs_cap .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_CAP" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_CAP" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_catia.8 b/docs/manpages/vfs_catia.8 index 74fcb791f5..5310b28981 100644 --- a/docs/manpages/vfs_catia.8 +++ b/docs/manpages/vfs_catia.8 @@ -2,12 +2,12 @@ .\" Title: vfs_catia .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_CATIA" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_CATIA" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_commit.8 b/docs/manpages/vfs_commit.8 index b1cdc7182e..c38d0e15f4 100644 --- a/docs/manpages/vfs_commit.8 +++ b/docs/manpages/vfs_commit.8 @@ -2,12 +2,12 @@ .\" Title: vfs_commit .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_COMMIT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_COMMIT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_crossrename.8 b/docs/manpages/vfs_crossrename.8 index 6b51224a9a..9f4a44ad14 100644 --- a/docs/manpages/vfs_crossrename.8 +++ b/docs/manpages/vfs_crossrename.8 @@ -2,12 +2,12 @@ .\" Title: vfs_crossrename .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_CROSSRENAME" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_CROSSRENAME" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_default_quota.8 b/docs/manpages/vfs_default_quota.8 index e6328bb0dc..ceb21424e6 100644 --- a/docs/manpages/vfs_default_quota.8 +++ b/docs/manpages/vfs_default_quota.8 @@ -2,12 +2,12 @@ .\" Title: vfs_default_quota .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_DEFAULT_QUOTA" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_DEFAULT_QUOTA" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_dirsort.8 b/docs/manpages/vfs_dirsort.8 index 94dcfb9a4a..c66c5b0d6c 100644 --- a/docs/manpages/vfs_dirsort.8 +++ b/docs/manpages/vfs_dirsort.8 @@ -2,12 +2,12 @@ .\" Title: vfs_dirsort .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_DIRSORT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_DIRSORT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_extd_audit.8 b/docs/manpages/vfs_extd_audit.8 index cec3a426b6..6d56227201 100644 --- a/docs/manpages/vfs_extd_audit.8 +++ b/docs/manpages/vfs_extd_audit.8 @@ -2,12 +2,12 @@ .\" Title: vfs_extd_audit .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_EXTD_AUDIT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_EXTD_AUDIT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_fake_perms.8 b/docs/manpages/vfs_fake_perms.8 index d443deb957..32e168bb48 100644 --- a/docs/manpages/vfs_fake_perms.8 +++ b/docs/manpages/vfs_fake_perms.8 @@ -2,12 +2,12 @@ .\" Title: vfs_fake_perms .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_FAKE_PERMS" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_FAKE_PERMS" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_fileid.8 b/docs/manpages/vfs_fileid.8 index 10751eb00b..bb8d45dcc2 100644 --- a/docs/manpages/vfs_fileid.8 +++ b/docs/manpages/vfs_fileid.8 @@ -2,12 +2,12 @@ .\" Title: vfs_fileid .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_FILEID" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_FILEID" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_full_audit.8 b/docs/manpages/vfs_full_audit.8 index e9b9eb2a77..3209c1c121 100644 --- a/docs/manpages/vfs_full_audit.8 +++ b/docs/manpages/vfs_full_audit.8 @@ -2,12 +2,12 @@ .\" Title: vfs_full_audit .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_FULL_AUDIT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_FULL_AUDIT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_gpfs.8 b/docs/manpages/vfs_gpfs.8 index e43dd5a1e2..add2b5892d 100644 --- a/docs/manpages/vfs_gpfs.8 +++ b/docs/manpages/vfs_gpfs.8 @@ -2,12 +2,12 @@ .\" Title: vfs_gpfs .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_GPFS" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_GPFS" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_linux_xfs_sgid.8 b/docs/manpages/vfs_linux_xfs_sgid.8 index af2aa71d58..c690ec416a 100644 --- a/docs/manpages/vfs_linux_xfs_sgid.8 +++ b/docs/manpages/vfs_linux_xfs_sgid.8 @@ -2,12 +2,12 @@ .\" Title: vfs_syncops .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.1 .\" Language: English .\" -.TH "VFS_SYNCOPS" "8" "12/06/2013" "Samba 4\&.1" "System Administration tools" +.TH "VFS_SYNCOPS" "8" "01/10/2014" "Samba 4\&.1" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_media_harmony.8 b/docs/manpages/vfs_media_harmony.8 index 0dc7dcfe81..47a335221f 100644 --- a/docs/manpages/vfs_media_harmony.8 +++ b/docs/manpages/vfs_media_harmony.8 @@ -2,12 +2,12 @@ .\" Title: vfs_media_harmony .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_MEDIA_HARMONY" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_MEDIA_HARMONY" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_netatalk.8 b/docs/manpages/vfs_netatalk.8 index 7469415dd9..d994da9964 100644 --- a/docs/manpages/vfs_netatalk.8 +++ b/docs/manpages/vfs_netatalk.8 @@ -2,12 +2,12 @@ .\" Title: vfs_netatalk .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_NETATALK" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_NETATALK" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_notify_fam.8 b/docs/manpages/vfs_notify_fam.8 index 227fa367e4..04a86b8adf 100644 --- a/docs/manpages/vfs_notify_fam.8 +++ b/docs/manpages/vfs_notify_fam.8 @@ -2,12 +2,12 @@ .\" Title: vfs_notify_fam .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_NOTIFY_FAM" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_NOTIFY_FAM" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_prealloc.8 b/docs/manpages/vfs_prealloc.8 index 5abba7cf70..51383b4037 100644 --- a/docs/manpages/vfs_prealloc.8 +++ b/docs/manpages/vfs_prealloc.8 @@ -2,12 +2,12 @@ .\" Title: vfs_prealloc .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_PREALLOC" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_PREALLOC" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_preopen.8 b/docs/manpages/vfs_preopen.8 index 1a5c60f63c..1ce843cfed 100644 --- a/docs/manpages/vfs_preopen.8 +++ b/docs/manpages/vfs_preopen.8 @@ -2,12 +2,12 @@ .\" Title: vfs_preopen .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_PREOPEN" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_PREOPEN" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_readahead.8 b/docs/manpages/vfs_readahead.8 index a6775efbed..53d423fd2d 100644 --- a/docs/manpages/vfs_readahead.8 +++ b/docs/manpages/vfs_readahead.8 @@ -2,12 +2,12 @@ .\" Title: vfs_readahead .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_READAHEAD" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_READAHEAD" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_readonly.8 b/docs/manpages/vfs_readonly.8 index a780a61125..27b2226112 100644 --- a/docs/manpages/vfs_readonly.8 +++ b/docs/manpages/vfs_readonly.8 @@ -2,12 +2,12 @@ .\" Title: vfs_readonly .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_READONLY" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_READONLY" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_recycle.8 b/docs/manpages/vfs_recycle.8 index fc849bc6aa..ef841940f1 100644 --- a/docs/manpages/vfs_recycle.8 +++ b/docs/manpages/vfs_recycle.8 @@ -2,12 +2,12 @@ .\" Title: vfs_recycle .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_RECYCLE" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_RECYCLE" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_scannedonly.8 b/docs/manpages/vfs_scannedonly.8 index e729fc1caf..0708de1fd9 100644 --- a/docs/manpages/vfs_scannedonly.8 +++ b/docs/manpages/vfs_scannedonly.8 @@ -2,12 +2,12 @@ .\" Title: vfs_scannedonly .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_SCANNEDONLY" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_SCANNEDONLY" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_shadow_copy.8 b/docs/manpages/vfs_shadow_copy.8 index c7b1343570..9c2e369538 100644 --- a/docs/manpages/vfs_shadow_copy.8 +++ b/docs/manpages/vfs_shadow_copy.8 @@ -2,12 +2,12 @@ .\" Title: vfs_shadow_copy .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_SHADOW_COPY" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_SHADOW_COPY" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_shadow_copy2.8 b/docs/manpages/vfs_shadow_copy2.8 index dabffcb832..1c6318f7a1 100644 --- a/docs/manpages/vfs_shadow_copy2.8 +++ b/docs/manpages/vfs_shadow_copy2.8 @@ -2,12 +2,12 @@ .\" Title: vfs_shadow_copy2 .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_SHADOW_COPY2" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_SHADOW_COPY2" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_smb_traffic_analyzer.8 b/docs/manpages/vfs_smb_traffic_analyzer.8 index e8cb51b143..a8833b9e15 100644 --- a/docs/manpages/vfs_smb_traffic_analyzer.8 +++ b/docs/manpages/vfs_smb_traffic_analyzer.8 @@ -2,12 +2,12 @@ .\" Title: smb_traffic_analyzer .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "SMB_TRAFFIC_ANALYZER" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "SMB_TRAFFIC_ANALYZER" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -251,7 +251,7 @@ The data from the module may be send encrypted, with a key stored in secrets\&.t .sp -1 .IP \(bu 2.3 .\} -The module now can identify itself against the receiver with a sub\-release number, where the receiver may run with a different sub\-release number than the module\&. However, as long as both run on the V2\&.x protocol, the receiver will not crash, even if the module uses features only implemented in the newer subrelease\&. Ultimatively, if the module uses a new feature from a newer subrelease, and the receiver runs an older protocol, it is just ignoring the functionality\&. Of course it is best to have both the receiver and the module running the same subrelease of the protocol\&. +The module now can identify itself against the receiver with a sub\-release number, where the receiver may run with a different sub\-release number than the module\&. However, as long as both run on the V2\&.x protocol, the receiver will not crash, even if the module uses features only implemented in the newer subrelease\&. Ultimately, if the module uses a new feature from a newer subrelease, and the receiver runs an older protocol, it is just ignoring the functionality\&. Of course it is best to have both the receiver and the module running the same subrelease of the protocol\&. .RE .sp .RS 4 diff --git a/docs/manpages/vfs_streams_depot.8 b/docs/manpages/vfs_streams_depot.8 index 9d29aa5cea..fdef144afa 100644 --- a/docs/manpages/vfs_streams_depot.8 +++ b/docs/manpages/vfs_streams_depot.8 @@ -2,12 +2,12 @@ .\" Title: vfs_streams_depot .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_STREAMS_DEPOT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_STREAMS_DEPOT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_streams_xattr.8 b/docs/manpages/vfs_streams_xattr.8 index 08bc8a4b53..08f5d72921 100644 --- a/docs/manpages/vfs_streams_xattr.8 +++ b/docs/manpages/vfs_streams_xattr.8 @@ -2,12 +2,12 @@ .\" Title: vfs_streams_xattr .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_STREAMS_XATTR" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_STREAMS_XATTR" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_syncops.8 b/docs/manpages/vfs_syncops.8 index 4bba156be2..e63901073a 100644 --- a/docs/manpages/vfs_syncops.8 +++ b/docs/manpages/vfs_syncops.8 @@ -2,12 +2,12 @@ .\" Title: vfs_syncops .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.1 .\" Language: English .\" -.TH "VFS_SYNCOPS" "8" "12/06/2013" "Samba 4\&.1" "System Administration tools" +.TH "VFS_SYNCOPS" "8" "01/10/2014" "Samba 4\&.1" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_time_audit.8 b/docs/manpages/vfs_time_audit.8 index 8a105279fb..40381b598b 100644 --- a/docs/manpages/vfs_time_audit.8 +++ b/docs/manpages/vfs_time_audit.8 @@ -2,12 +2,12 @@ .\" Title: vfs_time_audit .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_TIME_AUDIT" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_TIME_AUDIT" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_tsmsm.8 b/docs/manpages/vfs_tsmsm.8 index 3d9dbb10ce..d426bb0524 100644 --- a/docs/manpages/vfs_tsmsm.8 +++ b/docs/manpages/vfs_tsmsm.8 @@ -2,12 +2,12 @@ .\" Title: vfs_tsmsm .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_TSMSM" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_TSMSM" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_xattr_tdb.8 b/docs/manpages/vfs_xattr_tdb.8 index 4ab675f9d7..034446ef73 100644 --- a/docs/manpages/vfs_xattr_tdb.8 +++ b/docs/manpages/vfs_xattr_tdb.8 @@ -2,12 +2,12 @@ .\" Title: vfs_xattr_tdb .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_XATTR_TDB" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_XATTR_TDB" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfs_zfsacl.8 b/docs/manpages/vfs_zfsacl.8 index 0bea816298..f5106451fe 100644 --- a/docs/manpages/vfs_zfsacl.8 +++ b/docs/manpages/vfs_zfsacl.8 @@ -2,12 +2,12 @@ .\" Title: vfs_zfsacl .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFS_ZFSACL" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "VFS_ZFSACL" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/vfstest.1 b/docs/manpages/vfstest.1 index de17291f42..e621cf3ace 100644 --- a/docs/manpages/vfstest.1 +++ b/docs/manpages/vfstest.1 @@ -2,12 +2,12 @@ .\" Title: vfstest .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "VFSTEST" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "VFSTEST" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/wbinfo.1 b/docs/manpages/wbinfo.1 index 50d1aa0bf7..547c989c31 100644 --- a/docs/manpages/wbinfo.1 +++ b/docs/manpages/wbinfo.1 @@ -2,12 +2,12 @@ .\" Title: wbinfo .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: User Commands .\" Source: Samba 4.0 .\" Language: English .\" -.TH "WBINFO" "1" "12/06/2013" "Samba 4\&.0" "User Commands" +.TH "WBINFO" "1" "01/10/2014" "Samba 4\&.0" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ wbinfo \- Query information from winbind daemon .SH "SYNOPSIS" .HP \w'\ 'u -wbinfo [\-a\ user%password] [\-\-all\-domains] [\-\-allocate\-gid] [\-\-allocate\-uid] [\-c] [\-\-ccache\-save] [\-\-change\-user\-password] [\-D\ domain] [\-\-domain\ domain] [\-\-dsgetdcname\ domain] [\-g] [\-\-getdcname\ domain] [\-\-get\-auth\-user] [\-G\ gid] [\-\-gid\-info\ gid] [\-\-group\-info\ group] [\-\-help|\-?] [\-i\ user] [\-I\ ip] [\-K\ user%password] [\-\-lanman] [\-m] [\-n\ name] [\-N\ netbios\-name] [\-\-ntlmv2] [\-\-online\-status] [\-\-own\-domain] [\-p] [\-P|\-\-ping\-dc] [\-r\ user] [\-R|\-\-lookup\-rids] [\-s\ sid] [\-\-separator] [\-\-set\-auth\-user\ user%password] [\-S\ sid] [\-\-sid\-aliases\ sid] [\-\-sid\-to\-fullname\ sid] [\-t] [\-u] [\-\-uid\-info\ uid] [\-\-usage] [\-\-user\-domgroups\ sid] [\-\-user\-sidinfo\ sid] [\-\-user\-sids\ sid] [\-U\ uid] [\-V] [\-\-verbose] [\-Y\ sid] +wbinfo [\-a\ user%password] [\-\-all\-domains] [\-\-allocate\-gid] [\-\-allocate\-uid] [\-c] [\-\-ccache\-save] [\-\-change\-user\-password] [\-D\ domain] [\-\-dc\-info\ domain] [\-\-domain\ domain] [\-\-dsgetdcname\ domain] [\-g] [\-\-getdcname\ domain] [\-\-get\-auth\-user] [\-G\ gid] [\-\-gid\-info\ gid] [\-\-group\-info\ group] [\-\-help|\-?] [\-i\ user] [\-I\ ip] [\-K\ user%password] [\-\-krb5ccname\ cctype] [\-\-lanman] [\-\-logoff] [\-\-logoff\-uid\ uid] [\-\-logoff\-user\ username] [\-\-lookup\-sids] [\-m] [\-n\ name] [\-N\ netbios\-name] [\-\-ntlmv2] [\-\-online\-status] [\-\-own\-domain] [\-p] [\-P|\-\-ping\-dc] [\-\-pam\-logon\ user%password] [\-r\ user] [\-R|\-\-lookup\-rids] [\-\-remove\-gid\-mapping\ gid,sid] [\-\-remove\-uid\-mapping\ uid,sid] [\-s\ sid] [\-\-separator] [\-\-sequence] [\-\-set\-auth\-user\ user%password] [\-\-set\-gid\-mapping\ gid,sid] [\-\-set\-uid\-mapping\ uid,sid] [\-S\ sid] [\-\-sid\-aliases\ sid] [\-\-sid\-to\-fullname\ sid] [\-\-sids\-to\-unix\-ids\ sidlist] [\-t] [\-u] [\-\-uid\-info\ uid] [\-\-usage] [\-\-user\-domgroups\ sid] [\-\-user\-sidinfo\ sid] [\-\-user\-sids\ sid] [\-U\ uid] [\-V] [\-\-verbose] [\-Y\ sid] .SH "DESCRIPTION" .PP This tool is part of the @@ -105,6 +105,11 @@ Store user and password for ccache\&. Change the password of a user\&. The old and new password will be prompted\&. .RE .PP +\-\-dc\-info \fIdomain\fR +.RS 4 +Displays information about the current domain controller for a domain\&. +.RE +.PP \-\-domain \fIname\fR .RS 4 This parameter sets the domain on which any specified operations will performed\&. If special domain name \*(Aq\&.\*(Aq is used to represent the current domain to which @@ -187,11 +192,36 @@ parameter\&. Attempt to authenticate a user via Kerberos\&. .RE .PP +\-\-krb5ccname \fIKRB5CCNAME\fR +.RS 4 +Allows to request a sepcific kerberos credential cache type used for authentication\&. +.RE +.PP \-\-lanman .RS 4 Use lanman cryptography for user authentication\&. .RE .PP +\-\-logoff +.RS 4 +Logoff a user\&. +.RE +.PP +\-\-logoff\-uid \fIUID\fR +.RS 4 +Define user uid used during logoff request\&. +.RE +.PP +\-\-logoff\-user \fIUSERNAME\fR +.RS 4 +Define username used during logoff request\&. +.RE +.PP +\-\-lookup\-sids \fISID1,SID2\&.\&.\&.\fR +.RS 4 +Looks up SIDs\&. SIDs must be specified as ASCII strings in the traditional Microsoft format\&. For example, S\-1\-5\-21\-1455342024\-3071081365\-2475485837\-500\&. +.RE +.PP \-m|\-\-trusted\-domains .RS 4 Produce a list of domains trusted by the Windows NT server @@ -237,6 +267,11 @@ Show whether domains are marked as online or offline\&. An optional domain argum List own domain\&. .RE .PP +\-\-pam\-logon \fIusername%password\fR +.RS 4 +Attempt to authenticate a user in the same way pam_winbind would do\&. +.RE +.PP \-p|\-\-ping .RS 4 Check whether @@ -259,6 +294,16 @@ Try to obtain the list of UNIX group ids to which the user belongs\&. This only Converts RIDs to names\&. Uses a comma separated list of rids\&. .RE .PP +\-\-remove\-gid\-mapping \fIGID,SID\fR +.RS 4 +Removes an existing GID to SID mapping from the database\&. +.RE +.PP +\-\-remove\-uid\-mapping \fIUID,SID\fR +.RS 4 +Removes an existing UID to SID mapping from the database\&. +.RE +.PP \-s|\-\-sid\-to\-name \fIsid\fR .RS 4 Use @@ -273,6 +318,11 @@ option above\&. SIDs must be specified as ASCII strings in the traditional Micro Get the active winbind separator\&. .RE .PP +\-\-sequence +.RS 4 +This command has been deprecated\&. Please use the \-\-online\-status option instead\&. +.RE +.PP \-\-set\-auth\-user \fIusername%password\fR .RS 4 Store username and password used by @@ -280,6 +330,16 @@ Store username and password used by during session setup to a domain controller\&. This enables winbindd to operate in a Windows 2000 domain with Restrict Anonymous turned on (a\&.k\&.a\&. Permissions compatible with Windows 2000 servers only)\&. .RE .PP +\-\-set\-gid\-mapping \fIGID,SID\fR +.RS 4 +Create a GID to SID mapping in the database\&. +.RE +.PP +\-\-set\-uid\-mapping \fIUID,SID\fR +.RS 4 +Create a UID to SID mapping in the database\&. +.RE +.PP \-S|\-\-sid\-to\-uid \fIsid\fR .RS 4 Convert a SID to a UNIX user id\&. If the SID does not correspond to a UNIX user mapped by @@ -297,6 +357,11 @@ Get SID aliases for a given SID\&. Converts a SID to a full username (DOMAIN\eusername)\&. .RE .PP +\-\-sids\-to\-unix\-ids \fIsid1,sid2,sid3\&.\&.\&.\fR +.RS 4 +Resolve SIDs to Unix IDs\&. SIDs must be specified as ASCII strings in the traditional Microsoft format\&. For example, S\-1\-5\-21\-1455342024\-3071081365\-2475485837\-500\&. +.RE +.PP \-t|\-\-check\-secret .RS 4 Verify that the workstation trust account created when the Samba server is added to the Windows NT domain is working\&. May be used in conjunction with diff --git a/docs/manpages/winbind_krb5_locator.7 b/docs/manpages/winbind_krb5_locator.7 index 02b099537e..3fd1e54c64 100644 --- a/docs/manpages/winbind_krb5_locator.7 +++ b/docs/manpages/winbind_krb5_locator.7 @@ -2,12 +2,12 @@ .\" Title: winbind_krb5_locator .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: 7 .\" Source: Samba 4.0 .\" Language: English .\" -.TH "WINBIND_KRB5_LOCATOR" "7" "12/06/2013" "Samba 4\&.0" "7" +.TH "WINBIND_KRB5_LOCATOR" "7" "01/10/2014" "Samba 4\&.0" "7" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff --git a/docs/manpages/winbindd.8 b/docs/manpages/winbindd.8 index b85ad55039..f9326d9dac 100644 --- a/docs/manpages/winbindd.8 +++ b/docs/manpages/winbindd.8 @@ -2,12 +2,12 @@ .\" Title: winbindd .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 12/06/2013 +.\" Date: 01/10/2014 .\" Manual: System Administration tools .\" Source: Samba 4.0 .\" Language: English .\" -.TH "WINBINDD" "8" "12/06/2013" "Samba 4\&.0" "System Administration tools" +.TH "WINBINDD" "8" "01/10/2014" "Samba 4\&.0" "System Administration tools" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -31,7 +31,7 @@ winbindd \- Name Service Switch daemon for resolving names from NT servers .SH "SYNOPSIS" .HP \w'\ 'u -winbindd [\-D] [\-F] [\-S] [\-i] [\-d\ <debug\ level>] [\-s\ <smb\ config\ file>] [\-n] +winbindd [\-D|\-\-daemon] [\-F|\-\-foreground] [\-S|\-\-stdout] [\-i|\-\-interactive] [\-d\ <debug\ level>] [\-s\ <smb\ config\ file>] [\-n|\-\-no\-caching] [\-\-no\-process\-group] .SH "DESCRIPTION" .PP This program is part of the @@ -143,14 +143,14 @@ hosts: files wins .\} .SH "OPTIONS" .PP -\-D +\-D|\-\-daemon .RS 4 If specified, this parameter causes the server to operate as a daemon\&. That is, it detaches itself and runs in the background on the appropriate port\&. This switch is assumed if winbindd is executed on the command line of a shell\&. .RE .PP -\-F +\-F|\-\-foreground .RS 4 If specified, this parameter causes the main winbindd @@ -165,7 +165,7 @@ daemontools package, or the AIX process monitor\&. .RE .PP -\-S +\-S|\-\-stdout .RS 4 If specified, this parameter causes winbindd @@ -219,7 +219,12 @@ option "<name>" to value "<value>" from the command line\&. This overrides compi Print a summary of command line options\&. .RE .PP -\-i +\-\-usage +.RS 4 +Display brief usage message\&. +.RE +.PP +\-i|\-\-interactive .RS 4 Tells winbindd @@ -232,10 +237,15 @@ also logs to standard output, as if the parameter had been given\&. .RE .PP -\-n +\-n|\-\-no\-caching .RS 4 Disable some caching\&. This means winbindd will often have to wait for a response from the domain controller before it can respond to a client and this thus makes things slower\&. The results will however be more accurate, since results from the cache might not be up\-to\-date\&. This might also temporarily hang winbindd if the DC doesn\*(Aqt respond\&. This does not disable the samlogon cache, which is required for group membership tracking in trusted environments\&. .RE +.PP +\-\-no\-process\-group +.RS 4 +Do not create a new process group for winbindd\&. +.RE .SH "NAME AND ID RESOLUTION" .PP Users and groups on a Windows NT server are assigned a security id (SID) which is globally unique when the user or group is created\&. To convert the Windows NT user or group into a unix user or group, a mapping between SIDs and unix user and group ids is required\&. This is one of the jobs that @@ -506,7 +516,7 @@ winbindd, then in general the user and groups ids allocated by winbindd will not \m[blue]\fBidmap config * : backend\fR\m[] is configured\&. .PP -If the the Windows NT SID to UNIX user and group id mapping file is damaged or destroyed then the mappings will be lost\&. +If the Windows NT SID to UNIX user and group id mapping file is damaged or destroyed then the mappings will be lost\&. .SH "SIGNALS" .PP The following signals can be used to manipulate the diff --git a/examples/perfcounter/perf_writer_disk.c b/examples/perfcounter/perf_writer_disk.c index 15188d2531..18a63a4f47 100644 --- a/examples/perfcounter/perf_writer_disk.c +++ b/examples/perfcounter/perf_writer_disk.c @@ -132,7 +132,7 @@ void get_diskinfo(PERF_DATA_BLOCK *data) int status, num; char buf[LARGE_BUF], *start; FILE *diskstats; - long reads, writes, discard; + unsigned long reads, writes, discard; diskstats = fopen("/proc/diskstats", "r"); rewind(diskstats); @@ -147,10 +147,10 @@ void get_diskinfo(PERF_DATA_BLOCK *data) p->freeMegs = (statfsbuf.f_bfree*statfsbuf.f_bsize)/1048576; start = strstr(buf, data->diskInfo.mdata[i].name); start += strlen(data->diskInfo.mdata[i].name) + 1; - num = sscanf(start, "%u %u %u %u", + num = sscanf(start, "%lu %lu %lu %lu", &reads, - &discard, - &writes, + &discard, + &writes, &discard); p->writesPerSec = writes; p->readsPerSec = reads; diff --git a/lib/ldb/common/attrib_handlers.c b/lib/ldb/common/attrib_handlers.c index daeb422aca..4b94d392cc 100644 --- a/lib/ldb/common/attrib_handlers.c +++ b/lib/ldb/common/attrib_handlers.c @@ -254,7 +254,7 @@ int ldb_comparison_fold(struct ldb_context *ldb, void *mem_ctx, if (n2 == 0 && n1 != 0) { return (int)toupper(*s1); } - if (n2 == 0 && n2 == 0) { + if (n1 == 0 && n2 == 0) { return 0; } return (int)toupper(*s1) - (int)toupper(*s2); diff --git a/lib/ntdb/man/ntdbtool.8.xml b/lib/ntdb/man/ntdbtool.8.xml index a23a48e648..7e6530c4e3 100644 --- a/lib/ntdb/man/ntdbtool.8.xml +++ b/lib/ntdb/man/ntdbtool.8.xml @@ -20,10 +20,6 @@ <cmdsynopsis> <command>ntdbtool</command> - </cmdsynopsis> - - <cmdsynopsis> - <command>ntdbtool</command> <arg choice="plain"> <replaceable>NTDBFILE</replaceable> </arg> diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h index 243ed3e50d..f52347e536 100644 --- a/lib/util/samba_util.h +++ b/lib/util/samba_util.h @@ -27,6 +27,9 @@ /* for TALLOC_CTX */ #include <talloc.h> +/* for struct stat */ +#include <sys/stat.h> + /** * @file * @brief Helpful macros @@ -627,7 +630,6 @@ _PUBLIC_ bool directory_exist(const char *dname); /** Check file permissions. **/ -struct stat; _PUBLIC_ bool file_check_permissions(const char *fname, uid_t uid, mode_t file_perms, diff --git a/libcli/nbt/man/nmblookup4.1.xml b/libcli/nbt/man/nmblookup4.1.xml index 198afec47c..b6fe48c3ca 100644 --- a/libcli/nbt/man/nmblookup4.1.xml +++ b/libcli/nbt/man/nmblookup4.1.xml @@ -57,7 +57,7 @@ <varlistentry> <term>-M</term> <listitem><para>Searches for a master browser by looking - up the NetBIOS name <replaceable>name</replaceable> with a + up the NetBIOS <replaceable>name</replaceable> with a type of <constant>0x1d</constant>. If <replaceable> name</replaceable> is "-" then it does a lookup on the special name <constant>__MSBROWSE__</constant>. Please note that in order to diff --git a/selftest/flapping b/selftest/flapping index afeae65fe0..fd2e0c31d3 100644 --- a/selftest/flapping +++ b/selftest/flapping @@ -16,7 +16,6 @@ ^samba3.rap.printing # fails sometimes on sn-devel ^samba3.rpc.spoolss.printer.*addprinter.print_test # fails on some hosts due to timing issues ? ^samba3.rpc.lsa.privileges.lsa.Privileges\(s3dc\) # fails sometimes on sn-devel -^samba3.smb2.lock.*.rw-exclusive # another intermittent failure ^samba4.blackbox.gentest # is flakey due to timing ^samba3.smb2.acls.INHERITANCE\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 ^samba3.smb2.acls.DYNAMIC\(plugin_s4_dc\) # Seems to flap - succeeds on sn-devel, fails on Fedora 16 diff --git a/selftest/knownfail b/selftest/knownfail index 2586947672..54b74561ab 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -132,6 +132,7 @@ ^samba4.*base.delaywrite.*delayed update of write time 3c\(.*\)$ ^samba4.*base.delaywrite.*update of write time using SET_END_OF_FILE\(.*\)$ ^samba4.*base.delaywrite.*update of write time using SET_ALLOCATION_SIZE\(.*\)$ +^samba4.*base.delaywrite.*directory timestamp update test\(.*\)$ ^samba4.ldap.python \(dc\).Test add_ldif\(\) with BASE64 security descriptor input using WRONG domain SID\(.*\)$ # some operations don't work over the CIFS NTVFS backend yet (eg. root_fid) ^samba4.ntvfs.cifs.*.base.createx_sharemodes_dir diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 26f5e92898..9a6c86f967 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1105,6 +1105,10 @@ sub provision($$$$$$) directory mask = 0777 force directory mode = 0 vfs objects = xattr_tdb +[aio] + copy = tmp + aio read size = 1 + aio write size = 1 [print\$] copy = tmp diff --git a/source3/include/printing.h b/source3/include/printing.h index 391fb7ae82..ec5a53b7fd 100644 --- a/source3/include/printing.h +++ b/source3/include/printing.h @@ -193,6 +193,7 @@ uint16_t print_spool_rap_jobid(struct print_file_data *print_file); /* The following definitions come from printing/printing.c */ +uint32 sysjob_to_jobid_pdb(struct tdb_print_db *pdb, int sysjob); uint32 sysjob_to_jobid(int unix_jobid); bool print_notify_register_pid(int snum); bool print_notify_deregister_pid(int snum); diff --git a/source3/include/proto.h b/source3/include/proto.h index acf013b220..a42faf8148 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -222,6 +222,7 @@ char *talloc_sub_basic(TALLOC_CTX *mem_ctx, const char *smb_name, char *talloc_sub_specified(TALLOC_CTX *mem_ctx, const char *input_string, const char *username, + const char *grpname, const char *domain, uid_t uid, gid_t gid); @@ -480,6 +481,7 @@ bool map_open_params_to_ntcreate(const char *smb_base_fname, uint32 *pcreate_options, uint32_t *pprivate_flags); struct security_unix_token *copy_unix_token(TALLOC_CTX *ctx, const struct security_unix_token *tok); +bool dir_check_ftype(uint32_t mode, uint32_t dirtype); void init_modules(void); /* The following definitions come from lib/util_builtin.c */ diff --git a/source3/lib/msg_channel.c b/source3/lib/msg_channel.c index 537b162737..8e23fd44c4 100644 --- a/source3/lib/msg_channel.c +++ b/source3/lib/msg_channel.c @@ -41,9 +41,6 @@ static void msg_channel_init_got_ctdb(struct tevent_req *subreq); static void msg_channel_init_got_msg(struct messaging_context *msg, void *priv, uint32_t msg_type, struct server_id server_id, DATA_BLOB *data); -static void msg_channel_trigger(struct tevent_context *ev, - struct tevent_immediate *im, - void *priv); static int msg_channel_destructor(struct msg_channel *s); struct tevent_req *msg_channel_init_send(TALLOC_CTX *mem_ctx, @@ -157,6 +154,12 @@ fail: return err; } +struct msg_read_state { + struct tevent_context *ev; + struct msg_channel *channel; + struct messaging_rec *rec; +}; + static void msg_channel_init_got_msg(struct messaging_context *msg, void *priv, uint32_t msg_type, struct server_id server_id, @@ -167,7 +170,6 @@ static void msg_channel_init_got_msg(struct messaging_context *msg, struct messaging_rec *rec; struct messaging_rec **msgs; size_t num_msgs; - struct tevent_immediate *im; rec = talloc(s, struct messaging_rec); if (rec == NULL) { @@ -184,6 +186,19 @@ static void msg_channel_init_got_msg(struct messaging_context *msg, } rec->buf.length = data->length; + if (s->pending_req != NULL) { + struct tevent_req *req = s->pending_req; + struct msg_read_state *state = tevent_req_data( + req, struct msg_read_state); + + s->pending_req = NULL; + + state->rec = talloc_move(state, &rec); + tevent_req_defer_callback(req, s->ev); + tevent_req_done(req); + return; + } + num_msgs = talloc_array_length(s->msgs); msgs = talloc_realloc(s, s->msgs, struct messaging_rec *, num_msgs+1); if (msgs == NULL) { @@ -192,28 +207,11 @@ static void msg_channel_init_got_msg(struct messaging_context *msg, s->msgs = msgs; s->msgs[num_msgs] = talloc_move(s->msgs, &rec); - if (s->pending_req == NULL) { - return; - } - - im = tevent_create_immediate(s); - if (im == NULL) { - goto fail; - } - tevent_schedule_immediate(im, s->ev, msg_channel_trigger, s); return; fail: TALLOC_FREE(rec); } -struct msg_read_state { - struct tevent_context *ev; - struct tevent_req *req; - struct msg_channel *channel; - struct messaging_rec *rec; -}; - -static int msg_read_state_destructor(struct msg_read_state *s); static void msg_read_got_ctdb(struct tevent_req *subreq); struct tevent_req *msg_read_send(TALLOC_CTX *mem_ctx, @@ -221,7 +219,6 @@ struct tevent_req *msg_read_send(TALLOC_CTX *mem_ctx, struct msg_channel *channel) { struct tevent_req *req; - struct tevent_immediate *im; struct msg_read_state *state; void *msg_tdb_event; size_t num_msgs; @@ -231,28 +228,28 @@ struct tevent_req *msg_read_send(TALLOC_CTX *mem_ctx, return NULL; } state->ev = ev; - state->req = req; state->channel = channel; if (channel->pending_req != NULL) { tevent_req_error(req, EBUSY); return tevent_req_post(req, ev); } - channel->pending_req = req; - channel->ev = ev; - talloc_set_destructor(state, msg_read_state_destructor); num_msgs = talloc_array_length(channel->msgs); if (num_msgs != 0) { - im = tevent_create_immediate(channel->ev); - if (tevent_req_nomem(im, req)) { - return tevent_req_post(req, ev); - } - tevent_schedule_immediate(im, channel->ev, msg_channel_trigger, - channel); - return req; + state->rec = talloc_move(state, &channel->msgs[0]); + memmove(channel->msgs, channel->msgs+1, + sizeof(struct messaging_rec *) * (num_msgs-1)); + channel->msgs = talloc_realloc( + channel, channel->msgs, struct messaging_rec *, + num_msgs - 1); + tevent_req_done(req); + return tevent_req_post(req, ev); } + channel->pending_req = req; + channel->ev = ev; + msg_tdb_event = messaging_tdb_event(state, channel->msg, ev); if (tevent_req_nomem(msg_tdb_event, req)) { return tevent_req_post(req, ev); @@ -271,42 +268,6 @@ struct tevent_req *msg_read_send(TALLOC_CTX *mem_ctx, return req; } -static int msg_read_state_destructor(struct msg_read_state *s) -{ - assert(s->channel->pending_req == s->req); - s->channel->pending_req = NULL; - return 0; -} - -static void msg_channel_trigger(struct tevent_context *ev, - struct tevent_immediate *im, - void *priv) -{ - struct msg_channel *channel; - struct tevent_req *req; - struct msg_read_state *state; - size_t num_msgs; - - channel = talloc_get_type_abort(priv, struct msg_channel); - req = channel->pending_req; - state = tevent_req_data(req, struct msg_read_state); - - talloc_set_destructor(state, NULL); - msg_read_state_destructor(state); - - num_msgs = talloc_array_length(channel->msgs); - assert(num_msgs > 0); - - state->rec = talloc_move(state, &channel->msgs[0]); - - memmove(channel->msgs, channel->msgs+1, - sizeof(struct messaging_rec *) * (num_msgs-1)); - channel->msgs = talloc_realloc( - channel, channel->msgs, struct messaging_rec *, num_msgs - 1); - - tevent_req_done(req); -} - static void msg_read_got_ctdb(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data( @@ -368,5 +329,6 @@ int msg_read_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, return err; } *prec = talloc_move(mem_ctx, &state->rec); + tevent_req_received(req); return 0; } diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c index a254bcaa7d..937f02c499 100644 --- a/source3/lib/substitute.c +++ b/source3/lib/substitute.c @@ -499,10 +499,20 @@ char *talloc_sub_basic(TALLOC_CTX *mem_ctx, break; case 'G' : { struct passwd *pass; - r = talloc_strdup(tmp_ctx, smb_name); + + if (domain_name != NULL && domain_name[0] != '\0') { + r = talloc_asprintf(tmp_ctx, + "%s%c%s", + domain_name, + *lp_winbind_separator(), + smb_name); + } else { + r = talloc_strdup(tmp_ctx, smb_name); + } if (r == NULL) { goto error; } + pass = Get_Pwnam_alloc(tmp_ctx, r); if (pass != NULL) { a_string = realloc_string_sub( @@ -613,6 +623,7 @@ done: char *talloc_sub_specified(TALLOC_CTX *mem_ctx, const char *input_string, const char *username, + const char *grpname, const char *domain, uid_t uid, gid_t gid) @@ -648,9 +659,18 @@ char *talloc_sub_specified(TALLOC_CTX *mem_ctx, break; case 'G' : if (gid != -1) { - a_string = talloc_string_sub( - tmp_ctx, a_string, "%G", - gidtoname(gid)); + const char *name; + + if (grpname != NULL) { + name = grpname; + } else { + name = gidtoname(gid); + } + + a_string = talloc_string_sub(tmp_ctx, + a_string, + "%G", + name); } else { a_string = talloc_string_sub( tmp_ctx, a_string, @@ -659,9 +679,18 @@ char *talloc_sub_specified(TALLOC_CTX *mem_ctx, break; case 'g' : if (gid != -1) { - a_string = talloc_string_sub( - tmp_ctx, a_string, "%g", - gidtoname(gid)); + const char *name; + + if (grpname != NULL) { + name = grpname; + } else { + name = gidtoname(gid); + } + + a_string = talloc_string_sub(tmp_ctx, + a_string, + "%g", + name); } else { a_string = talloc_string_sub( tmp_ctx, a_string, "%g", "NO_GROUP"); diff --git a/source3/lib/util.c b/source3/lib/util.c index 51680923fd..551beab867 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -2393,3 +2393,45 @@ struct security_unix_token *copy_unix_token(TALLOC_CTX *ctx, const struct securi } return cpy; } + +/**************************************************************************** + Check that a file matches a particular file type. +****************************************************************************/ + +bool dir_check_ftype(uint32_t mode, uint32_t dirtype) +{ + uint32_t mask; + + /* Check the "may have" search bits. */ + if (((mode & ~dirtype) & + (FILE_ATTRIBUTE_HIDDEN | + FILE_ATTRIBUTE_SYSTEM | + FILE_ATTRIBUTE_DIRECTORY)) != 0) { + return false; + } + + /* Check the "must have" bits, + which are the may have bits shifted eight */ + /* If must have bit is set, the file/dir can + not be returned in search unless the matching + file attribute is set */ + mask = ((dirtype >> 8) & (FILE_ATTRIBUTE_DIRECTORY| + FILE_ATTRIBUTE_ARCHIVE| + FILE_ATTRIBUTE_READONLY| + FILE_ATTRIBUTE_HIDDEN| + FILE_ATTRIBUTE_SYSTEM)); /* & 0x37 */ + if(mask) { + if((mask & (mode & (FILE_ATTRIBUTE_DIRECTORY| + FILE_ATTRIBUTE_ARCHIVE| + FILE_ATTRIBUTE_READONLY| + FILE_ATTRIBUTE_HIDDEN| + FILE_ATTRIBUTE_SYSTEM))) == mask) { + /* check if matching attribute present */ + return true; + } else { + return false; + } + } + + return true; +} diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 29d19448c1..14183853bd 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -449,10 +449,25 @@ static ADS_STATUS libnet_join_set_machine_upn(TALLOC_CTX *mem_ctx, } if (!r->in.upn) { + const char *realm = r->out.dns_domain_name; + + /* in case we are about to generate a keytab during the join + * make sure the default upn we create is usable with kinit -k. + * gd */ + + if (USE_KERBEROS_KEYTAB) { + realm = talloc_strdup_upper(mem_ctx, + r->out.dns_domain_name); + } + + if (!realm) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + r->in.upn = talloc_asprintf(mem_ctx, "host/%s@%s", r->in.machine_name, - r->out.dns_domain_name); + realm); if (!r->in.upn) { return ADS_ERROR(LDAP_NO_MEMORY); } diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index 202000fbbf..1e2047ef67 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -486,6 +486,7 @@ static bool windows_parent_dirname(TALLOC_CTX *mem_ctx, NTSTATUS cli_smb2_list(struct cli_state *cli, const char *pathname, + uint16_t attribute, NTSTATUS (*fn)(const char *, struct file_info *, const char *, @@ -497,6 +498,7 @@ NTSTATUS cli_smb2_list(struct cli_state *cli, char *parent_dir = NULL; const char *mask = NULL; struct smb2_hnd *ph = NULL; + bool processed_file = false; TALLOC_CTX *frame = talloc_stackframe(); TALLOC_CTX *subframe = NULL; @@ -590,13 +592,26 @@ NTSTATUS cli_smb2_list(struct cli_state *cli, goto fail; } - status = fn(cli->dfs_mountpoint, + if (dir_check_ftype((uint32_t)finfo->mode, + (uint32_t)attribute)) { + /* + * Only process if attributes match. + * On SMB1 server does this, so on + * SMB2 we need to emulate in the + * client. + * + * https://bugzilla.samba.org/show_bug.cgi?id=10260 + */ + processed_file = true; + + status = fn(cli->dfs_mountpoint, finfo, pathname, state); - if (!NT_STATUS_IS_OK(status)) { - break; + if (!NT_STATUS_IS_OK(status)) { + break; + } } TALLOC_FREE(finfo); @@ -616,6 +631,14 @@ NTSTATUS cli_smb2_list(struct cli_state *cli, status = NT_STATUS_OK; } + if (NT_STATUS_IS_OK(status) && !processed_file) { + /* + * In SMB1 findfirst returns NT_STATUS_NO_SUCH_FILE + * if no files match. Emulate this in the client. + */ + status = NT_STATUS_NO_SUCH_FILE; + } + fail: if (fnum != 0xffff) { @@ -1290,7 +1313,7 @@ NTSTATUS cli_smb2_setatr(struct cli_state *cli, inbuf.length = sizeof(inbuf_store); data_blob_clear(&inbuf); - SIVAL(inbuf.data,32,attr); + SSVAL(inbuf.data, 32, attr); if (mtime != 0) { put_long_date((char *)inbuf.data + 16,mtime); } diff --git a/source3/libsmb/cli_smb2_fnum.h b/source3/libsmb/cli_smb2_fnum.h index 0068686636..a5cae25a2b 100644 --- a/source3/libsmb/cli_smb2_fnum.h +++ b/source3/libsmb/cli_smb2_fnum.h @@ -42,6 +42,7 @@ NTSTATUS cli_smb2_rmdir(struct cli_state *cli, const char *dirname); NTSTATUS cli_smb2_unlink(struct cli_state *cli,const char *fname); NTSTATUS cli_smb2_list(struct cli_state *cli, const char *pathname, + uint16_t attribute, NTSTATUS (*fn)(const char *, struct file_info *, const char *, diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index ed970cd896..3080fb883d 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -942,7 +942,7 @@ NTSTATUS cli_list(struct cli_state *cli, const char *mask, uint16 attribute, uint16_t info_level; if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) { - return cli_smb2_list(cli, mask, fn, state); + return cli_smb2_list(cli, mask, attribute, fn, state); } frame = talloc_stackframe(); diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index 22ffa8ff87..7d34290b65 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -303,7 +303,7 @@ parse_ace(struct cli_state *ipc_cli, p++; /* Try to parse numeric form */ - if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 && + if (sscanf(p, "%u/%u/%u", &atype, &aflags, &amask) == 3 && convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) { goto done; } @@ -333,7 +333,7 @@ parse_ace(struct cli_state *ipc_cli, /* Only numeric form accepted for flags at present */ if (!(next_token_talloc(frame, &cp, &tok, "/") && - sscanf(tok, "%i", &aflags))) { + sscanf(tok, "%u", &aflags))) { TALLOC_FREE(frame); return false; } @@ -344,7 +344,7 @@ parse_ace(struct cli_state *ipc_cli, } if (strncmp(tok, "0x", 2) == 0) { - if (sscanf(tok, "%i", &amask) != 1) { + if (sscanf(tok, "%u", &amask) != 1) { TALLOC_FREE(frame); return false; } diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index e5c691e1d9..3262f11992 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -145,7 +145,7 @@ static struct glfs_preopened { } *glfs_preopened; -int glfs_set_preopened(const char *volume, glfs_t *fs) +static int glfs_set_preopened(const char *volume, glfs_t *fs) { struct glfs_preopened *entry = NULL; @@ -209,12 +209,18 @@ static int vfs_gluster_connect(struct vfs_handle_struct *handle, { const char *volfile_server; const char *volume; - const char *logfile; + char *logfile; int loglevel; - glfs_t *fs; - int ret; + glfs_t *fs = NULL; + TALLOC_CTX *tmp_ctx; + int ret = 0; - logfile = lp_parm_const_string(SNUM(handle->conn), "glusterfs", + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + ret = -1; + goto done; + } + logfile = lp_parm_talloc_string(tmp_ctx, SNUM(handle->conn), "glusterfs", "logfile", NULL); loglevel = lp_parm_int(SNUM(handle->conn), "glusterfs", "loglevel", -1); @@ -233,57 +239,60 @@ static int vfs_gluster_connect(struct vfs_handle_struct *handle, fs = glfs_find_preopened(volume); if (fs) { - goto found; + goto done; } fs = glfs_new(volume); if (fs == NULL) { - return -1; + ret = -1; + goto done; } ret = glfs_set_volfile_server(fs, "tcp", volfile_server, 0); if (ret < 0) { DEBUG(0, ("Failed to set volfile_server %s\n", volfile_server)); - glfs_fini(fs); - return -1; + goto done; } ret = glfs_set_xlator_option(fs, "*-md-cache", "cache-posix-acl", "true"); if (ret < 0) { DEBUG(0, ("%s: Failed to set xlator options\n", volume)); - glfs_fini(fs); - return -1; + goto done; } ret = glfs_set_logging(fs, logfile, loglevel); if (ret < 0) { DEBUG(0, ("%s: Failed to set logfile %s loglevel %d\n", volume, logfile, loglevel)); - glfs_fini(fs); - return -1; + goto done; } ret = glfs_init(fs); if (ret < 0) { DEBUG(0, ("%s: Failed to initialize volume (%s)\n", volume, strerror(errno))); - glfs_fini(fs); - return -1; + goto done; } ret = glfs_set_preopened(volume, fs); if (ret < 0) { DEBUG(0, ("%s: Failed to register volume (%s)\n", volume, strerror(errno))); - glfs_fini(fs); + goto done; + } +done: + talloc_free(tmp_ctx); + if (ret < 0) { + if (fs) + glfs_fini(fs); return -1; + } else { + DEBUG(0, ("%s: Initialized volume from server %s\n", + volume, volfile_server)); + handle->data = fs; + return 0; } -found: - DEBUG(0, ("%s: Initialized volume from server %s\n", - volume, volfile_server)); - handle->data = fs; - return 0; } static void vfs_gluster_disconnect(struct vfs_handle_struct *handle) @@ -1397,7 +1406,6 @@ static int vfs_gluster_sys_acl_set_fd(struct vfs_handle_struct *handle, SMB_ACL_T theacl) { int ret; - char *key; char *buf; ssize_t size; diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 379d85803f..5a4620f6cb 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -228,16 +228,16 @@ static NTSTATUS samu_set_unix_internal(struct pdb_methods *methods, /* set some basic attributes */ pdb_set_profile_path(user, talloc_sub_specified(user, - lp_logon_path(), pwd->pw_name, domain, pwd->pw_uid, pwd->pw_gid), + lp_logon_path(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), PDB_DEFAULT); pdb_set_homedir(user, talloc_sub_specified(user, - lp_logon_home(), pwd->pw_name, domain, pwd->pw_uid, pwd->pw_gid), + lp_logon_home(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), PDB_DEFAULT); pdb_set_dir_drive(user, talloc_sub_specified(user, - lp_logon_drive(), pwd->pw_name, domain, pwd->pw_uid, pwd->pw_gid), + lp_logon_drive(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), PDB_DEFAULT); pdb_set_logon_script(user, talloc_sub_specified(user, - lp_logon_script(), pwd->pw_name, domain, pwd->pw_uid, pwd->pw_gid), + lp_logon_script(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), PDB_DEFAULT); } diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index d7db4d8051..bb0d3b3de9 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -5316,11 +5316,29 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, if (is_machine) { /* TODO: choose a more appropriate default for machines */ - homedir = talloc_sub_specified(tmp_ctx, lp_template_homedir(), "SMB_workstations_home", ldap_state->domain_name, uid, gid); + homedir = talloc_sub_specified(tmp_ctx, + lp_template_homedir(), + "SMB_workstations_home", + NULL, + ldap_state->domain_name, + uid, + gid); shell = talloc_strdup(tmp_ctx, "/bin/false"); } else { - homedir = talloc_sub_specified(tmp_ctx, lp_template_homedir(), name, ldap_state->domain_name, uid, gid); - shell = talloc_sub_specified(tmp_ctx, lp_template_shell(), name, ldap_state->domain_name, uid, gid); + homedir = talloc_sub_specified(tmp_ctx, + lp_template_homedir(), + name, + NULL, + ldap_state->domain_name, + uid, + gid); + shell = talloc_sub_specified(tmp_ctx, + lp_template_shell(), + name, + NULL, + ldap_state->domain_name, + uid, + gid); } uidstr = talloc_asprintf(tmp_ctx, "%u", (unsigned int)uid); gidstr = talloc_asprintf(tmp_ctx, "%u", (unsigned int)gid); diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 43f75e5c43..b126bd5cba 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -519,7 +519,7 @@ static int unixjob_traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA key, return 0; } -static uint32 sysjob_to_jobid_pdb(struct tdb_print_db *pdb, int sysjob) +uint32 sysjob_to_jobid_pdb(struct tdb_print_db *pdb, int sysjob) { struct unixjob_traverse_state state; @@ -3051,7 +3051,7 @@ static bool get_stored_queue_info(struct messaging_context *msg_ctx, size_t len = 0; uint32 i; int max_reported_jobs = lp_max_reported_jobs(snum); - bool ret = False; + bool ret = false; const char* sharename = lp_servicename(talloc_tos(), snum); TALLOC_CTX *tmp_ctx = talloc_new(msg_ctx); if (tmp_ctx == NULL) { @@ -3095,7 +3095,7 @@ static bool get_stored_queue_info(struct messaging_context *msg_ctx, /* Retrieve the linearised queue data. */ - for( i = 0; i < qcount; i++) { + for(i = 0; i < qcount; i++) { uint32 qjob, qsize, qpage_count, qstatus, qpriority, qtime; len += tdb_unpack(data.dptr + len, data.dsize - len, "ddddddff", &qjob, @@ -3117,7 +3117,7 @@ static bool get_stored_queue_info(struct messaging_context *msg_ctx, total_count = qcount; /* Add new jobids to the queue. */ - for( i = 0; i < extra_count; i++) { + for (i = 0; i < extra_count; i++) { uint32 jobid; struct printjob *pjob; @@ -3130,7 +3130,7 @@ static bool get_stored_queue_info(struct messaging_context *msg_ctx, continue; } - queue[total_count].sysjob = jobid; + queue[total_count].sysjob = pjob->sysjob; queue[total_count].size = pjob->size; queue[total_count].page_count = pjob->page_count; queue[total_count].status = pjob->status; @@ -3145,32 +3145,31 @@ static bool get_stored_queue_info(struct messaging_context *msg_ctx, /* Update the changed jobids. */ for (i = 0; i < changed_count; i++) { uint32_t jobid = IVAL(jcdata.dptr, i * 4); + struct printjob *pjob; uint32_t j; bool found = false; + pjob = print_job_find(tmp_ctx, sharename, jobid); + if (pjob == NULL) { + DEBUG(5,("get_stored_queue_info: failed to find " + "changed job = %u\n", + (unsigned int)jobid)); + remove_from_jobs_changed(sharename, jobid); + continue; + } + for (j = 0; j < total_count; j++) { - if (queue[j].sysjob == jobid) { + if (queue[j].sysjob == pjob->sysjob) { found = true; break; } } if (found) { - struct printjob *pjob; - DEBUG(5,("get_stored_queue_info: changed job: %u\n", - (unsigned int) jobid)); - - pjob = print_job_find(tmp_ctx, sharename, jobid); - if (pjob == NULL) { - DEBUG(5,("get_stored_queue_info: failed to find " - "changed job = %u\n", - (unsigned int) jobid)); - remove_from_jobs_changed(sharename, jobid); - continue; - } + (unsigned int)jobid)); - queue[j].sysjob = jobid; + queue[j].sysjob = pjob->sysjob; queue[j].size = pjob->size; queue[j].page_count = pjob->page_count; queue[j].status = pjob->status; @@ -3180,8 +3179,10 @@ static bool get_stored_queue_info(struct messaging_context *msg_ctx, fstrcpy(queue[j].fs_file, pjob->jobname); talloc_free(pjob); - DEBUG(5,("get_stored_queue_info: updated queue[%u], jobid: %u, jobname: %s\n", - (unsigned int) j, (unsigned int) jobid, pjob->jobname)); + DEBUG(5,("updated queue[%u], jobid: %u, sysjob: %u, " + "jobname: %s\n", + (unsigned int)j, (unsigned int)jobid, + (unsigned int)queue[j].sysjob, pjob->jobname)); } remove_from_jobs_changed(sharename, jobid); @@ -3200,7 +3201,7 @@ static bool get_stored_queue_info(struct messaging_context *msg_ctx, *ppqueue = queue; *pcount = total_count; - ret = True; + ret = true; out: diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index 4814e04b79..7359cb22b0 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -3611,6 +3611,7 @@ static WERROR printer_notify_info(struct pipes_struct *p, print_status_struct status; struct spoolss_PrinterInfo2 *pinfo2 = NULL; WERROR result; + struct tdb_print_db *pdb; DEBUG(4,("printer_notify_info\n")); @@ -3634,13 +3635,19 @@ static WERROR printer_notify_info(struct pipes_struct *p, return WERR_BADFID; } + pdb = get_print_db_byname(Printer->sharename); + if (pdb == NULL) { + return WERR_BADFID; + } + /* Maybe we should use the SYSTEM session_info here... */ result = winreg_get_printer_internal(mem_ctx, get_session_info_system(), p->msg_ctx, lp_servicename(talloc_tos(), snum), &pinfo2); if (!W_ERROR_IS_OK(result)) { - return WERR_BADFID; + result = WERR_BADFID; + goto err_pdb_drop; } /* @@ -3649,10 +3656,11 @@ static WERROR printer_notify_info(struct pipes_struct *p, */ pinfo2->servername = talloc_strdup(pinfo2, Printer->servername); if (pinfo2->servername == NULL) { - return WERR_NOMEM; + result = WERR_NOMEM; + goto err_pdb_drop; } - for (i=0; i<option->count; i++) { + for (i = 0; i < option->count; i++) { option_type = option->types[i]; switch (option_type.type) { @@ -3671,12 +3679,21 @@ static WERROR printer_notify_info(struct pipes_struct *p, count = print_queue_status(p->msg_ctx, snum, &queue, &status); - for (j=0; j<count; j++) { + for (j = 0; j < count; j++) { + uint32_t jobid; + jobid = sysjob_to_jobid_pdb(pdb, + queue[j].sysjob); + if (jobid == (uint32_t)-1) { + DEBUG(2, ("ignoring untracked job %d\n", + queue[j].sysjob)); + continue; + } + /* FIXME check return value */ construct_notify_jobs_info(p->msg_ctx, &queue[j], info, pinfo2, snum, &option_type, - queue[j].sysjob, + jobid, mem_ctx); } @@ -3701,7 +3718,10 @@ static WERROR printer_notify_info(struct pipes_struct *p, */ talloc_free(pinfo2); - return WERR_OK; + result = WERR_OK; +err_pdb_drop: + release_print_db(pdb); + return result; } /**************************************************************** @@ -5781,7 +5801,13 @@ WERROR _spoolss_StartDocPrinter(struct pipes_struct *p, */ if (info_1->datatype) { - if (strcmp(info_1->datatype, "RAW") != 0) { + /* + * The v4 driver model used in Windows 8 declares print jobs + * intended to bypass the XPS processing layer by setting + * datatype to "XPS_PASS" instead of "RAW". + */ + if ((strcmp(info_1->datatype, "RAW") != 0) + && (strcmp(info_1->datatype, "XPS_PASS") != 0)) { *r->out.job_id = 0; return WERR_INVALID_DATATYPE; } diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index e5ae63e668..31a1b67485 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -349,6 +349,10 @@ for t in tests: plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_simple -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-simple') plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_special -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-special') plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmpcase -U$USERNAME%$PASSWORD') + elif t == "smb2.lock": + plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/aio -U$USERNAME%$PASSWORD', 'aio') + plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') + plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') else: plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c index 24a822e3fd..eec29f664f 100644 --- a/source3/smbd/aio.c +++ b/source3/smbd/aio.c @@ -720,7 +720,7 @@ NTSTATUS schedule_smb2_aio_read(connection_struct *conn, return NT_STATUS_NO_MEMORY; } - init_strict_lock_struct(fsp, (uint64_t)smbreq->smbpid, + init_strict_lock_struct(fsp, fsp->op->global->open_persistent_id, (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK, &aio_ex->lock); @@ -872,7 +872,7 @@ NTSTATUS schedule_aio_smb2_write(connection_struct *conn, aio_ex->write_through = write_through; - init_strict_lock_struct(fsp, (uint64_t)smbreq->smbpid, + init_strict_lock_struct(fsp, fsp->op->global->open_persistent_id, in_offset, (uint64_t)in_data.length, WRITE_LOCK, &aio_ex->lock); diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index d99eec2154..8fa320b197 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -962,32 +962,6 @@ struct dptr_struct *dptr_fetch_lanman2(struct smbd_server_connection *sconn, return(dptr); } -/**************************************************************************** - Check that a file matches a particular file type. -****************************************************************************/ - -bool dir_check_ftype(connection_struct *conn, uint32 mode, uint32 dirtype) -{ - uint32 mask; - - /* Check the "may have" search bits. */ - if (((mode & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_DIRECTORY)) != 0) - return False; - - /* Check the "must have" bits, which are the may have bits shifted eight */ - /* If must have bit is set, the file/dir can not be returned in search unless the matching - file attribute is set */ - mask = ((dirtype >> 8) & (FILE_ATTRIBUTE_DIRECTORY|FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)); /* & 0x37 */ - if(mask) { - if((mask & (mode & (FILE_ATTRIBUTE_DIRECTORY|FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM))) == mask) /* check if matching attribute present */ - return True; - else - return False; - } - - return True; -} - static bool mangle_mask_match(connection_struct *conn, const char *filename, const char *mask) @@ -1106,7 +1080,7 @@ bool smbd_dirptr_get_entry(TALLOC_CTX *ctx, continue; } - if (!dir_check_ftype(conn, mode, dirtype)) { + if (!dir_check_ftype(mode, dirtype)) { DEBUG(5,("[%s] attribs 0x%x didn't match 0x%x\n", fname, (unsigned int)mode, (unsigned int)dirtype)); TALLOC_FREE(dname); diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 68321eebbb..eaec5b639e 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -722,7 +722,10 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (errno == EACCES) { - if (ucf_flags & UCF_CREATING_FILE) { + if ((ucf_flags & UCF_PREP_CREATEFILE) == 0) { + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } else { /* * This is the dropbox * behaviour. A dropbox is a @@ -734,11 +737,8 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, * nevertheless want to allow * users creating a file. */ - status = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } else { - status = NT_STATUS_ACCESS_DENIED; + errno = 0; } - goto fail; } if ((errno != 0) && (errno != ENOENT)) { diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index 9ea5e25bc0..df0e52488d 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -367,6 +367,7 @@ struct smbXsrv_connection { * this session_table is used for SMB1 and SMB2, */ struct smbXsrv_session_table *session_table; + uint64_t last_session_id; /* * this tcon_table is only used for SMB1. */ @@ -467,12 +468,23 @@ NTSTATUS smbXsrv_open_global_traverse( NTSTATUS smbXsrv_open_cleanup(uint64_t persistent_id); +struct smbd_smb2_send_queue { + struct smbd_smb2_send_queue *prev, *next; + + DATA_BLOB *sendfile_header; + struct iovec *vector; + int count; + + TALLOC_CTX *mem_ctx; +}; struct smbd_smb2_request { struct smbd_smb2_request *prev, *next; struct smbd_server_connection *sconn; + struct smbd_smb2_send_queue queue_entry; + /* the session the request operates on, maybe NULL */ struct smbXsrv_session *session; uint64_t last_session_id; @@ -720,7 +732,6 @@ struct smbd_server_connection { * Set by us for CORE protocol. */ int max_send; - uint64_t last_session_tag; } sessions; struct smb_signing_state *signing_state; @@ -740,9 +751,21 @@ struct smbd_server_connection { } locks; } smb1; struct { - struct tevent_queue *recv_queue; - struct tevent_queue *send_queue; - struct tstream_context *stream; + struct smbd_smb2_request_read_state { + struct smbd_smb2_request *req; + struct { + uint8_t nbt[NBT_HDR_SIZE]; + bool done; + } hdr; + struct iovec vector; + bool doing_receivefile; + size_t min_recv_size; + size_t pktlen; + uint8_t *pktbuf; + } request_read_state; + struct smbd_smb2_send_queue *send_queue; + size_t send_queue_len; + struct tevent_fd *fde; bool negprot_2ff; struct { /* The event that makes us process our blocking lock queue */ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 94be9f6d8d..5a0ac39e91 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -539,8 +539,7 @@ void reply_ntcreate_and_X(struct smb_request *req) conn, req->flags2 & FLAGS2_DFS_PATHNAMES, fname, - (create_disposition == FILE_CREATE) - ? UCF_CREATING_FILE : 0, + UCF_PREP_CREATEFILE, NULL, &smb_fname); @@ -1077,8 +1076,7 @@ static void call_nt_transact_create(connection_struct *conn, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, fname, - (create_disposition == FILE_CREATE) - ? UCF_CREATING_FILE : 0, + UCF_PREP_CREATEFILE, NULL, &smb_fname); diff --git a/source3/smbd/open.c b/source3/smbd/open.c index cd1bb72305..6e4f6904c0 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3171,7 +3171,14 @@ static NTSTATUS open_directory(connection_struct *conn, return status; } - mtimespec = smb_dname->st.st_ex_mtime; + /* Don't store old timestamps for directory + handles in the internal database. We don't + update them in there if new objects + are creaded in the directory. Currently + we only update timestamps on file writes. + See bug #9870. + */ + ZERO_STRUCT(mtimespec); #ifdef O_DIRECTORY status = fd_open(conn, fsp, O_RDONLY|O_DIRECTORY, 0); diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 5ef0fd335e..706d701e13 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1435,10 +1435,10 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req) } } - if (session_tag != sconn->smb1.sessions.last_session_tag) { + if (session_tag != sconn->conn->last_session_id) { struct user_struct *vuser = NULL; - sconn->smb1.sessions.last_session_tag = session_tag; + sconn->conn->last_session_id = session_tag; if (session) { vuser = session->compat; } @@ -3595,7 +3595,6 @@ void smbd_process(struct tevent_context *ev_ctx, sconn->smb1.sessions.done_sesssetup = false; sconn->smb1.sessions.max_send = BUFFER_SIZE; - sconn->smb1.sessions.last_session_tag = UID_FIELD_INVALID; if (!init_dptrs(sconn)) { exit_server("init_dptrs() failed"); diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index 9c766096ed..1e0d06dbab 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -218,7 +218,6 @@ struct dptr_struct *dptr_fetch(struct smbd_server_connection *sconn, char *buf,int *num); struct dptr_struct *dptr_fetch_lanman2(struct smbd_server_connection *sconn, int dptr_num); -bool dir_check_ftype(connection_struct *conn, uint32 mode, uint32 dirtype); bool get_dir_entry(TALLOC_CTX *ctx, struct dptr_struct *dirptr, const char *mask, diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2ae3ff4b1e..6b926fb111 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1918,8 +1918,7 @@ void reply_open(struct smb_request *req) conn, req->flags2 & FLAGS2_DFS_PATHNAMES, fname, - (create_disposition == FILE_CREATE) - ? UCF_CREATING_FILE : 0, + UCF_PREP_CREATEFILE, NULL, &smb_fname); if (!NT_STATUS_IS_OK(status)) { @@ -2096,8 +2095,7 @@ void reply_open_and_X(struct smb_request *req) conn, req->flags2 & FLAGS2_DFS_PATHNAMES, fname, - (create_disposition == FILE_CREATE) - ? UCF_CREATING_FILE : 0, + UCF_PREP_CREATEFILE, NULL, &smb_fname); if (!NT_STATUS_IS_OK(status)) { @@ -2330,7 +2328,7 @@ void reply_mknew(struct smb_request *req) conn, req->flags2 & FLAGS2_DFS_PATHNAMES, fname, - UCF_CREATING_FILE, + UCF_PREP_CREATEFILE, NULL, &smb_fname); if (!NT_STATUS_IS_OK(status)) { @@ -2471,7 +2469,7 @@ void reply_ctemp(struct smb_request *req) status = filename_convert(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, fname, - UCF_CREATING_FILE, + UCF_PREP_CREATEFILE, NULL, &smb_fname); if (!NT_STATUS_IS_OK(status)) { @@ -2655,7 +2653,7 @@ static NTSTATUS do_unlink(connection_struct *conn, return NT_STATUS_NO_SUCH_FILE; } - if (!dir_check_ftype(conn, fattr, dirtype)) { + if (!dir_check_ftype(fattr, dirtype)) { if (fattr & FILE_ATTRIBUTE_DIRECTORY) { return NT_STATUS_FILE_IS_A_DIRECTORY; } @@ -5830,7 +5828,7 @@ void reply_mkdir(struct smb_request *req) status = filename_convert(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, directory, - UCF_CREATING_FILE, + UCF_PREP_CREATEFILE, NULL, &smb_dname); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 4f2edfca2c..8430bd2893 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -846,8 +846,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, smb1req->conn, smb1req->flags2 & FLAGS2_DFS_PATHNAMES, fname, - (in_create_disposition == FILE_CREATE) ? - UCF_CREATING_FILE : 0, + UCF_PREP_CREATEFILE, NULL, /* ppath_contains_wcards */ &smb_fname); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/smbd/smb2_lock.c b/source3/smbd/smb2_lock.c index e2ea2512c6..671cd6f066 100644 --- a/source3/smbd/smb2_lock.c +++ b/source3/smbd/smb2_lock.c @@ -511,7 +511,7 @@ static bool recalc_smb2_brl_timeout(struct smbd_server_connection *sconn) NULL, next_timeout, brl_timeout_fn, - NULL); + sconn); if (!sconn->smb2.locks.brl_timeout) { return false; } diff --git a/source3/smbd/smb2_read.c b/source3/smbd/smb2_read.c index 41adb03408..6478326ac0 100644 --- a/source3/smbd/smb2_read.c +++ b/source3/smbd/smb2_read.c @@ -166,6 +166,7 @@ struct smbd_smb2_read_state { uint32_t in_length; uint64_t in_offset; uint32_t in_minimum; + DATA_BLOB out_headers; DATA_BLOB out_data; uint32_t out_remaining; }; @@ -180,10 +181,10 @@ static int smb2_sendfile_send_data(struct smbd_smb2_read_state *state) ssize_t nread; nread = SMB_VFS_SENDFILE(fsp->conn->sconn->sock, - fsp, - NULL, - in_offset, - in_length); + fsp, + state->smb2req->queue_entry.sendfile_header, + in_offset, + in_length); DEBUG(10,("smb2_sendfile_send_data: SMB_VFS_SENDFILE returned %d on file %s\n", (int)nread, fsp_str_dbg(fsp) )); @@ -301,6 +302,7 @@ static NTSTATUS schedule_smb2_sendfile_read(struct smbd_smb2_request *smb2req, } *state_copy = *state; talloc_set_destructor(state_copy, smb2_sendfile_send_data); + state->smb2req->queue_entry.sendfile_header = &state_copy->out_headers; return NT_STATUS_OK; } @@ -462,7 +464,7 @@ static struct tevent_req *smbd_smb2_read_send(TALLOC_CTX *mem_ctx, if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) { /* Real error in setting up aio. Fail. */ - tevent_req_nterror(req, NT_STATUS_FILE_CLOSED); + tevent_req_nterror(req, status); return tevent_req_post(req, ev); } diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index b031c6d153..e5f7de3382 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -30,6 +30,13 @@ #include "../librpc/gen_ndr/krb5pac.h" #include "auth.h" +static void smbd_smb2_connection_handler(struct tevent_context *ev, + struct tevent_fd *fde, + uint16_t flags, + void *private_data); +static NTSTATUS smbd_smb2_io_handler(struct smbd_server_connection *sconn, + uint16_t fde_flags); + #define OUTVEC_ALLOC_SIZE (SMB2_HDR_BODY + 9) static const struct smbd_smb2_dispatch_table { @@ -196,20 +203,9 @@ bool smbd_is_smb2_header(const uint8_t *inbuf, size_t size) static NTSTATUS smbd_initialize_smb2(struct smbd_server_connection *sconn) { - NTSTATUS status; - int ret; - TALLOC_FREE(sconn->smb1.fde); - sconn->smb2.recv_queue = tevent_queue_create(sconn, "smb2 recv queue"); - if (sconn->smb2.recv_queue == NULL) { - return NT_STATUS_NO_MEMORY; - } - - sconn->smb2.send_queue = tevent_queue_create(sconn, "smb2 send queue"); - if (sconn->smb2.send_queue == NULL) { - return NT_STATUS_NO_MEMORY; - } + sconn->smb2.send_queue = NULL; sconn->smb2.seqnum_low = 0; sconn->smb2.seqnum_range = 1; @@ -221,11 +217,14 @@ static NTSTATUS smbd_initialize_smb2(struct smbd_server_connection *sconn) return NT_STATUS_NO_MEMORY; } - ret = tstream_bsd_existing_socket(sconn, sconn->sock, - &sconn->smb2.stream); - if (ret == -1) { - status = map_nt_error_from_unix(errno); - return status; + sconn->smb2.fde = tevent_add_fd(sconn->ev_ctx, + sconn, + sconn->sock, + TEVENT_FD_READ, + smbd_smb2_connection_handler, + sconn); + if (sconn->smb2.fde == NULL) { + return NT_STATUS_NO_MEMORY; } /* Ensure child is set to non-blocking mode */ @@ -270,7 +269,7 @@ static struct smbd_smb2_request *smbd_smb2_request_allocate(TALLOC_CTX *mem_ctx) /* Enable this to find subtle valgrind errors. */ mem_pool = talloc_init("smbd_smb2_request_allocate"); #else - mem_pool = talloc_pool(mem_ctx, 8192); + mem_pool = talloc_tos(); #endif if (mem_pool == NULL) { return NULL; @@ -282,7 +281,9 @@ static struct smbd_smb2_request *smbd_smb2_request_allocate(TALLOC_CTX *mem_ctx) return NULL; } talloc_reparent(mem_pool, mem_ctx, req); +#if 0 TALLOC_FREE(mem_pool); +#endif req->last_session_id = UINT64_MAX; req->last_tid = UINT32_MAX; @@ -1151,10 +1152,9 @@ static struct smbd_smb2_request *dup_smb2_req(const struct smbd_smb2_request *re return newreq; } -static void smbd_smb2_request_writev_done(struct tevent_req *subreq); - static NTSTATUS smb2_send_async_interim_response(const struct smbd_smb2_request *req) { + struct smbd_server_connection *sconn = req->sconn; struct smbXsrv_connection *conn = req->sconn->conn; int first_idx = 1; struct iovec *firsttf = NULL; @@ -1218,50 +1218,27 @@ static NTSTATUS smb2_send_async_interim_response(const struct smbd_smb2_request } } - nreq->subreq = tstream_writev_queue_send(nreq, - nreq->sconn->ev_ctx, - nreq->sconn->smb2.stream, - nreq->sconn->smb2.send_queue, - nreq->out.vector, - nreq->out.vector_count); + nreq->queue_entry.mem_ctx = nreq; + nreq->queue_entry.vector = nreq->out.vector; + nreq->queue_entry.count = nreq->out.vector_count; + DLIST_ADD_END(nreq->sconn->smb2.send_queue, &nreq->queue_entry, NULL); + nreq->sconn->smb2.send_queue_len++; - if (nreq->subreq == NULL) { - return NT_STATUS_NO_MEMORY; + status = smbd_smb2_io_handler(sconn, TEVENT_FD_WRITE); + if (!NT_STATUS_IS_OK(status)) { + return status; } - tevent_req_set_callback(nreq->subreq, - smbd_smb2_request_writev_done, - nreq); - return NT_STATUS_OK; } struct smbd_smb2_request_pending_state { struct smbd_server_connection *sconn; + struct smbd_smb2_send_queue queue_entry; uint8_t buf[NBT_HDR_SIZE + SMB2_TF_HDR_SIZE + SMB2_HDR_BODY + 0x08 + 1]; struct iovec vector[1 + SMBD_SMB2_NUM_IOV_PER_REQ]; }; -static void smbd_smb2_request_pending_writev_done(struct tevent_req *subreq) -{ - struct smbd_smb2_request_pending_state *state = - tevent_req_callback_data(subreq, - struct smbd_smb2_request_pending_state); - struct smbd_server_connection *sconn = state->sconn; - int ret; - int sys_errno; - - ret = tstream_writev_queue_recv(subreq, &sys_errno); - TALLOC_FREE(subreq); - if (ret == -1) { - NTSTATUS status = map_nt_error_from_unix(sys_errno); - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; - } - - TALLOC_FREE(state); -} - static void smbd_smb2_request_pending_timer(struct tevent_context *ev, struct tevent_timer *te, struct timeval current_time, @@ -1277,6 +1254,13 @@ NTSTATUS smbd_smb2_request_pending_queue(struct smbd_smb2_request *req, uint32_t flags; if (!tevent_req_is_in_progress(subreq)) { + /* + * This is a performance optimization, + * it avoids one tevent_loop iteration, + * which means we avoid one + * talloc_stackframe_pool/talloc_free pair. + */ + tevent_req_notify_callback(subreq); return NT_STATUS_OK; } @@ -1393,6 +1377,7 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev, struct smbd_smb2_request *req = talloc_get_type_abort(private_data, struct smbd_smb2_request); + struct smbd_server_connection *sconn = req->sconn; struct smbd_smb2_request_pending_state *state = NULL; uint8_t *outhdr = NULL; const uint8_t *inhdr = NULL; @@ -1407,7 +1392,7 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev, uint64_t nonce_high = 0; uint64_t nonce_low = 0; uint64_t async_id = 0; - struct tevent_req *subreq = NULL; + NTSTATUS status; TALLOC_FREE(req->async_te); @@ -1533,7 +1518,6 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev, } if (req->do_encryption) { - NTSTATUS status; struct smbXsrv_session *x = req->session; struct smbXsrv_connection *conn = x->connection; DATA_BLOB encryption_key = x->global->encryption_key; @@ -1548,7 +1532,6 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev, return; } } else if (req->do_signing) { - NTSTATUS status; struct smbXsrv_session *x = req->session; struct smbXsrv_connection *conn = x->connection; DATA_BLOB signing_key = x->global->channels[0].signing_key; @@ -1564,20 +1547,18 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev, } } - subreq = tstream_writev_queue_send(state, - state->sconn->ev_ctx, - state->sconn->smb2.stream, - state->sconn->smb2.send_queue, - state->vector, - ARRAY_SIZE(state->vector)); - if (subreq == NULL) { - smbd_server_connection_terminate(state->sconn, - nt_errstr(NT_STATUS_NO_MEMORY)); + state->queue_entry.mem_ctx = state; + state->queue_entry.vector = state->vector; + state->queue_entry.count = ARRAY_SIZE(state->vector); + DLIST_ADD_END(sconn->smb2.send_queue, &state->queue_entry, NULL); + sconn->smb2.send_queue_len++; + + status = smbd_smb2_io_handler(sconn, TEVENT_FD_WRITE); + if (!NT_STATUS_IS_OK(status)) { + smbd_server_connection_terminate(sconn, + nt_errstr(status)); return; } - tevent_req_set_callback(subreq, - smbd_smb2_request_pending_writev_done, - state); } static NTSTATUS smbd_smb2_request_process_cancel(struct smbd_smb2_request *req) @@ -1768,9 +1749,12 @@ static NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req) return NT_STATUS_INVALID_HANDLE; } - set_current_user_info(session_info->unix_info->sanitized_username, - session_info->unix_info->unix_name, - session_info->info->domain_name); + if (in_session_id != req->sconn->conn->last_session_id) { + req->sconn->conn->last_session_id = in_session_id; + set_current_user_info(session_info->unix_info->sanitized_username, + session_info->unix_info->unix_name, + session_info->info->domain_name); + } return NT_STATUS_OK; } @@ -2277,12 +2261,13 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req) { + struct smbd_server_connection *sconn = req->sconn; struct smbXsrv_connection *conn = req->sconn->conn; - struct tevent_req *subreq; int first_idx = 1; struct iovec *firsttf = SMBD_SMB2_IDX_TF_IOV(req,out,first_idx); struct iovec *outhdr = SMBD_SMB2_OUT_HDR_IOV(req); struct iovec *outdyn = SMBD_SMB2_OUT_DYN_IOV(req); + NTSTATUS status; req->subreq = NULL; TALLOC_FREE(req->async_te); @@ -2346,7 +2331,6 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req) { int last_idx = req->current_idx - SMBD_SMB2_NUM_IOV_PER_REQ; struct iovec *lasthdr = SMBD_SMB2_IDX_HDR_IOV(req,out,last_idx); - NTSTATUS status; /* * As we are sure the header of the last request in the @@ -2416,8 +2400,6 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req) * now check if we need to sign the current response */ if (firsttf->iov_len == SMB2_TF_HDR_SIZE) { - NTSTATUS status; - status = smb2_signing_encrypt_pdu(req->first_key, conn->protocol, firsttf, @@ -2426,7 +2408,6 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req) return status; } } else if (req->do_signing) { - NTSTATUS status; struct smbXsrv_session *x = req->session; DATA_BLOB signing_key = x->global->channels[0].signing_key; @@ -2448,22 +2429,23 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req) req->out.vector_count -= 1; } - subreq = tstream_writev_queue_send(req, - req->sconn->ev_ctx, - req->sconn->smb2.stream, - req->sconn->smb2.send_queue, - req->out.vector, - req->out.vector_count); - if (subreq == NULL) { - return NT_STATUS_NO_MEMORY; - } - tevent_req_set_callback(subreq, smbd_smb2_request_writev_done, req); /* * We're done with this request - * move it off the "being processed" queue. */ DLIST_REMOVE(req->sconn->smb2.requests, req); + req->queue_entry.mem_ctx = req; + req->queue_entry.vector = req->out.vector; + req->queue_entry.count = req->out.vector_count; + DLIST_ADD_END(req->sconn->smb2.send_queue, &req->queue_entry, NULL); + req->sconn->smb2.send_queue_len++; + + status = smbd_smb2_io_handler(sconn, TEVENT_FD_WRITE); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + return NT_STATUS_OK; } @@ -2499,33 +2481,6 @@ void smbd_smb2_request_dispatch_immediate(struct tevent_context *ctx, } } -static void smbd_smb2_request_writev_done(struct tevent_req *subreq) -{ - struct smbd_smb2_request *req = tevent_req_callback_data(subreq, - struct smbd_smb2_request); - struct smbd_server_connection *sconn = req->sconn; - int ret; - int sys_errno; - NTSTATUS status; - - ret = tstream_writev_queue_recv(subreq, &sys_errno); - TALLOC_FREE(subreq); - TALLOC_FREE(req); - if (ret == -1) { - status = map_nt_error_from_unix(sys_errno); - DEBUG(2,("smbd_smb2_request_writev_done: client write error %s\n", - nt_errstr(status))); - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; - } - - status = smbd_smb2_request_next_incoming(sconn); - if (!NT_STATUS_IS_OK(status)) { - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; - } -} - NTSTATUS smbd_smb2_request_done_ex(struct smbd_smb2_request *req, NTSTATUS status, DATA_BLOB body, DATA_BLOB *dyn, @@ -2644,10 +2599,24 @@ NTSTATUS smbd_smb2_request_error_ex(struct smbd_smb2_request *req, if (unread_bytes) { /* Recvfile error. Drain incoming socket. */ - size_t ret = drain_socket(req->sconn->sock, unread_bytes); + size_t ret; + + errno = 0; + ret = drain_socket(req->sconn->sock, unread_bytes); if (ret != unread_bytes) { - smbd_server_connection_terminate(req->sconn, - "Failed to drain SMB2 socket\n"); + NTSTATUS error; + + if (errno == 0) { + error = NT_STATUS_IO_DEVICE_ERROR; + } else { + error = map_nt_error_from_unix_common(errno); + } + + DEBUG(2, ("Failed to drain %u bytes from SMB2 socket: " + "ret[%u] errno[%d] => %s\n", + (unsigned)unread_bytes, + (unsigned)ret, errno, nt_errstr(error))); + return error; } } @@ -2685,12 +2654,11 @@ NTSTATUS smbd_smb2_request_error_ex(struct smbd_smb2_request *req, struct smbd_smb2_send_oplock_break_state { struct smbd_server_connection *sconn; + struct smbd_smb2_send_queue queue_entry; uint8_t buf[NBT_HDR_SIZE + SMB2_TF_HDR_SIZE + SMB2_HDR_BODY + 0x18]; struct iovec vector[1+SMBD_SMB2_NUM_IOV_PER_REQ]; }; -static void smbd_smb2_oplock_break_writev_done(struct tevent_req *subreq); - NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, struct smbXsrv_session *session, struct smbXsrv_tcon *tcon, @@ -2699,7 +2667,6 @@ NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, { struct smbd_smb2_send_oplock_break_state *state; struct smbXsrv_connection *conn = sconn->conn; - struct tevent_req *subreq; uint8_t *tf; size_t tf_len; uint8_t *hdr; @@ -2710,12 +2677,13 @@ NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, bool do_encryption = session->global->encryption_required; uint64_t nonce_high = 0; uint64_t nonce_low = 0; + NTSTATUS status; if (tcon->global->encryption_required) { do_encryption = true; } - state = talloc(sconn, struct smbd_smb2_send_oplock_break_state); + state = talloc_zero(sconn, struct smbd_smb2_send_oplock_break_state); if (state == NULL) { return NT_STATUS_NO_MEMORY; } @@ -2790,7 +2758,6 @@ NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, smb2_setup_nbt_length(state->vector, 1 + SMBD_SMB2_NUM_IOV_PER_REQ); if (do_encryption) { - NTSTATUS status; DATA_BLOB encryption_key = session->global->encryption_key; status = smb2_signing_encrypt_pdu(encryption_key, @@ -2802,63 +2769,20 @@ NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, } } - subreq = tstream_writev_queue_send(state, - sconn->ev_ctx, - sconn->smb2.stream, - sconn->smb2.send_queue, - state->vector, - ARRAY_SIZE(state->vector)); - if (subreq == NULL) { - return NT_STATUS_NO_MEMORY; - } - tevent_req_set_callback(subreq, - smbd_smb2_oplock_break_writev_done, - state); - - return NT_STATUS_OK; -} + state->queue_entry.mem_ctx = state; + state->queue_entry.vector = state->vector; + state->queue_entry.count = ARRAY_SIZE(state->vector); + DLIST_ADD_END(state->sconn->smb2.send_queue, &state->queue_entry, NULL); + state->sconn->smb2.send_queue_len++; -static void smbd_smb2_oplock_break_writev_done(struct tevent_req *subreq) -{ - struct smbd_smb2_send_oplock_break_state *state = - tevent_req_callback_data(subreq, - struct smbd_smb2_send_oplock_break_state); - struct smbd_server_connection *sconn = state->sconn; - int ret; - int sys_errno; - - ret = tstream_writev_queue_recv(subreq, &sys_errno); - TALLOC_FREE(subreq); - if (ret == -1) { - NTSTATUS status = map_nt_error_from_unix(sys_errno); - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; + status = smbd_smb2_io_handler(sconn, TEVENT_FD_WRITE); + if (!NT_STATUS_IS_OK(status)) { + return status; } - TALLOC_FREE(state); + return NT_STATUS_OK; } -struct smbd_smb2_request_read_state { - struct tevent_context *ev; - struct smbd_server_connection *sconn; - struct smbd_smb2_request *smb2_req; - struct { - uint8_t nbt[NBT_HDR_SIZE]; - bool done; - } hdr; - bool doing_receivefile; - size_t min_recv_size; - size_t pktlen; - uint8_t *pktbuf; -}; - -static int smbd_smb2_request_next_vector(struct tstream_context *stream, - void *private_data, - TALLOC_CTX *mem_ctx, - struct iovec **_vector, - size_t *_count); -static void smbd_smb2_request_read_done(struct tevent_req *subreq); - static size_t get_min_receive_file_size(struct smbd_smb2_request *smb2_req) { if (smb2_req->do_signing) { @@ -2870,43 +2794,6 @@ static size_t get_min_receive_file_size(struct smbd_smb2_request *smb2_req) return (size_t)lp_min_receive_file_size(); } -static struct tevent_req *smbd_smb2_request_read_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - struct smbd_server_connection *sconn) -{ - struct tevent_req *req; - struct smbd_smb2_request_read_state *state; - struct tevent_req *subreq; - - req = tevent_req_create(mem_ctx, &state, - struct smbd_smb2_request_read_state); - if (req == NULL) { - return NULL; - } - state->ev = ev; - state->sconn = sconn; - - state->smb2_req = smbd_smb2_request_allocate(state); - if (tevent_req_nomem(state->smb2_req, req)) { - return tevent_req_post(req, ev); - } - state->smb2_req->sconn = sconn; - state->min_recv_size = get_min_receive_file_size(state->smb2_req); - - subreq = tstream_readv_pdu_queue_send(state->smb2_req, - state->ev, - state->sconn->smb2.stream, - state->sconn->smb2.recv_queue, - smbd_smb2_request_next_vector, - state); - if (tevent_req_nomem(subreq, req)) { - return tevent_req_post(req, ev); - } - tevent_req_set_callback(subreq, smbd_smb2_request_read_done, req); - - return req; -} - static bool is_smb2_recvfile_write(struct smbd_smb2_request_read_state *state) { uint32_t flags; @@ -2948,226 +2835,22 @@ static bool is_smb2_recvfile_write(struct smbd_smb2_request_read_state *state) return true; } -static int smbd_smb2_request_next_vector(struct tstream_context *stream, - void *private_data, - TALLOC_CTX *mem_ctx, - struct iovec **_vector, - size_t *_count) -{ - struct smbd_smb2_request_read_state *state = - talloc_get_type_abort(private_data, - struct smbd_smb2_request_read_state); - struct iovec *vector = NULL; - size_t min_recvfile_size = UINT32_MAX; - - if (state->pktlen > 0) { - if (state->doing_receivefile && !is_smb2_recvfile_write(state)) { - /* - * Not a possible receivefile write. - * Read the rest of the data. - */ - state->doing_receivefile = false; - vector = talloc_array(mem_ctx, struct iovec, 1); - if (vector == NULL) { - return -1; - } - vector[0].iov_base = (void *)(state->pktbuf + - SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN); - vector[0].iov_len = (state->pktlen - - SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN); - *_vector = vector; - *_count = 1; - } else { - /* - * Either this is a receivefile write so we've - * done a short read, or if not we have all the data. - * Either way, we're done and - * smbd_smb2_request_read_done() will handle - * and short read case by looking at the - * state->doing_receivefile value. - */ - *_vector = NULL; - *_count = 0; - } - return 0; - } - - if (!state->hdr.done) { - /* - * first we need to get the NBT header - */ - vector = talloc_array(mem_ctx, struct iovec, 1); - if (vector == NULL) { - return -1; - } - - vector[0].iov_base = (void *)state->hdr.nbt; - vector[0].iov_len = NBT_HDR_SIZE; - - *_vector = vector; - *_count = 1; - - state->hdr.done = true; - return 0; - } - - /* - * Now we analyze the NBT header - */ - state->pktlen = smb2_len(state->hdr.nbt); - - if (state->pktlen == 0) { - /* if there're no remaining bytes, we're done */ - *_vector = NULL; - *_count = 0; - return 0; - } - - state->pktbuf = talloc_array(state->smb2_req, uint8_t, state->pktlen); - if (state->pktbuf == NULL) { - return -1; - } - - vector = talloc_array(mem_ctx, struct iovec, 1); - if (vector == NULL) { - return -1; - } - - vector[0].iov_base = (void *)state->pktbuf; - - if (state->min_recv_size != 0) { - min_recvfile_size = SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN; - min_recvfile_size += state->min_recv_size; - } - - if (state->pktlen > min_recvfile_size) { - /* - * Might be a receivefile write. Read the SMB2 HEADER + - * SMB2_WRITE header first. Set 'doing_receivefile' - * as we're *attempting* receivefile write. If this - * turns out not to be a SMB2_WRITE request or otherwise - * not suitable then we'll just read the rest of the data - * the next time this function is called. - */ - vector[0].iov_len = SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN; - state->doing_receivefile = true; - } else { - vector[0].iov_len = state->pktlen; - } - - *_vector = vector; - *_count = 1; - return 0; -} - -static void smbd_smb2_request_read_done(struct tevent_req *subreq) -{ - struct tevent_req *req = - tevent_req_callback_data(subreq, - struct tevent_req); - struct smbd_smb2_request_read_state *state = - tevent_req_data(req, - struct smbd_smb2_request_read_state); - int ret; - int sys_errno; - NTSTATUS status; - NTTIME now; - - ret = tstream_readv_pdu_queue_recv(subreq, &sys_errno); - TALLOC_FREE(subreq); - if (ret == -1) { - status = map_nt_error_from_unix(sys_errno); - tevent_req_nterror(req, status); - return; - } - - if (state->hdr.nbt[0] != 0x00) { - DEBUG(1,("smbd_smb2_request_read_done: ignore NBT[0x%02X] msg\n", - state->hdr.nbt[0])); - - ZERO_STRUCT(state->hdr); - TALLOC_FREE(state->pktbuf); - state->pktlen = 0; - - subreq = tstream_readv_pdu_queue_send(state->smb2_req, - state->ev, - state->sconn->smb2.stream, - state->sconn->smb2.recv_queue, - smbd_smb2_request_next_vector, - state); - if (tevent_req_nomem(subreq, req)) { - return; - } - tevent_req_set_callback(subreq, smbd_smb2_request_read_done, req); - return; - } - - state->smb2_req->request_time = timeval_current(); - now = timeval_to_nttime(&state->smb2_req->request_time); - - status = smbd_smb2_inbuf_parse_compound(state->smb2_req->sconn->conn, - now, - state->pktbuf, - state->pktlen, - state->smb2_req, - &state->smb2_req->in.vector, - &state->smb2_req->in.vector_count); - if (tevent_req_nterror(req, status)) { - return; - } - - if (state->doing_receivefile) { - state->smb2_req->smb1req = talloc_zero(state->smb2_req, - struct smb_request); - if (tevent_req_nomem(state->smb2_req->smb1req, req)) { - return; - } - state->smb2_req->smb1req->unread_bytes = - state->pktlen - SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN; - } - - state->smb2_req->current_idx = 1; - - tevent_req_done(req); -} - -static NTSTATUS smbd_smb2_request_read_recv(struct tevent_req *req, - TALLOC_CTX *mem_ctx, - struct smbd_smb2_request **_smb2_req) -{ - struct smbd_smb2_request_read_state *state = - tevent_req_data(req, - struct smbd_smb2_request_read_state); - NTSTATUS status; - - if (tevent_req_is_nterror(req, &status)) { - tevent_req_received(req); - return status; - } - - *_smb2_req = talloc_move(mem_ctx, &state->smb2_req); - tevent_req_received(req); - return NT_STATUS_OK; -} - -static void smbd_smb2_request_incoming(struct tevent_req *subreq); - static NTSTATUS smbd_smb2_request_next_incoming(struct smbd_server_connection *sconn) { + struct smbd_smb2_request_read_state *state = &sconn->smb2.request_read_state; size_t max_send_queue_len; size_t cur_send_queue_len; - struct tevent_req *subreq; - if (tevent_queue_length(sconn->smb2.recv_queue) > 0) { + if (state->req != NULL) { /* - * if there is already a smbd_smb2_request_read + * if there is already a tstream_readv_pdu * pending, we are done. */ return NT_STATUS_OK; } max_send_queue_len = MAX(1, sconn->smb2.max_credits/16); - cur_send_queue_len = tevent_queue_length(sconn->smb2.send_queue); + cur_send_queue_len = sconn->smb2.send_queue_len; if (cur_send_queue_len > max_send_queue_len) { /* @@ -3179,11 +2862,15 @@ static NTSTATUS smbd_smb2_request_next_incoming(struct smbd_server_connection *s } /* ask for the next request */ - subreq = smbd_smb2_request_read_send(sconn, sconn->ev_ctx, sconn); - if (subreq == NULL) { + ZERO_STRUCTP(state); + state->req = smbd_smb2_request_allocate(sconn); + if (state->req == NULL) { return NT_STATUS_NO_MEMORY; } - tevent_req_set_callback(subreq, smbd_smb2_request_incoming, sconn); + state->req->sconn = sconn; + state->min_recv_size = get_min_receive_file_size(state->req); + + TEVENT_FD_READABLE(sconn->smb2.fde); return NT_STATUS_OK; } @@ -3236,47 +2923,336 @@ void smbd_smb2_first_negprot(struct smbd_server_connection *sconn, sconn->num_requests++; } -static void smbd_smb2_request_incoming(struct tevent_req *subreq) +static int socket_error_from_errno(int ret, + int sys_errno, + bool *retry) { - struct smbd_server_connection *sconn = tevent_req_callback_data(subreq, - struct smbd_server_connection); - NTSTATUS status; + *retry = false; + + if (ret >= 0) { + return 0; + } + + if (ret != -1) { + return EIO; + } + + if (sys_errno == 0) { + return EIO; + } + + if (sys_errno == EINTR) { + *retry = true; + return sys_errno; + } + + if (sys_errno == EINPROGRESS) { + *retry = true; + return sys_errno; + } + + if (sys_errno == EAGAIN) { + *retry = true; + return sys_errno; + } + + /* ENOMEM is retryable on Solaris/illumos, and possibly other systems. */ + if (sys_errno == ENOMEM) { + *retry = true; + return sys_errno; + } + +#ifdef EWOULDBLOCK + if (sys_errno == EWOULDBLOCK) { + *retry = true; + return sys_errno; + } +#endif + + return sys_errno; +} + +static NTSTATUS smbd_smb2_flush_send_queue(struct smbd_server_connection *sconn) +{ + int ret; + int err; + bool retry; + + if (sconn->smb2.send_queue == NULL) { + TEVENT_FD_NOT_WRITEABLE(sconn->smb2.fde); + return NT_STATUS_OK; + } + + while (sconn->smb2.send_queue != NULL) { + struct smbd_smb2_send_queue *e = sconn->smb2.send_queue; + + if (e->sendfile_header != NULL) { + size_t size = 0; + size_t i = 0; + uint8_t *buf; + + for (i=0; i < e->count; i++) { + size += e->vector[i].iov_len; + } + + buf = talloc_array(e->mem_ctx, uint8_t, size); + if (buf == NULL) { + return NT_STATUS_NO_MEMORY; + } + + size = 0; + for (i=0; i < e->count; i++) { + memcpy(buf+size, + e->vector[i].iov_base, + e->vector[i].iov_len); + size += e->vector[i].iov_len; + } + + e->sendfile_header->data = buf; + e->sendfile_header->length = size; + e->count = 0; + + sconn->smb2.send_queue_len--; + DLIST_REMOVE(sconn->smb2.send_queue, e); + talloc_free(e->mem_ctx); + continue; + } + + ret = writev(sconn->sock, e->vector, e->count); + if (ret == 0) { + /* propagate end of file */ + return NT_STATUS_INTERNAL_ERROR; + } + err = socket_error_from_errno(ret, errno, &retry); + if (retry) { + /* retry later */ + TEVENT_FD_WRITEABLE(sconn->smb2.fde); + return NT_STATUS_OK; + } + if (err != 0) { + return map_nt_error_from_unix_common(err); + } + while (ret > 0) { + if (ret < e->vector[0].iov_len) { + uint8_t *base; + base = (uint8_t *)e->vector[0].iov_base; + base += ret; + e->vector[0].iov_base = (void *)base; + e->vector[0].iov_len -= ret; + break; + } + ret -= e->vector[0].iov_len; + e->vector += 1; + e->count -= 1; + } + + /* + * there're maybe some empty vectors at the end + * which we need to skip, otherwise we would get + * ret == 0 from the readv() call and return EPIPE + */ + while (e->count > 0) { + if (e->vector[0].iov_len > 0) { + break; + } + e->vector += 1; + e->count -= 1; + } + + if (e->count > 0) { + /* we have more to write */ + TEVENT_FD_WRITEABLE(sconn->smb2.fde); + return NT_STATUS_OK; + } + + sconn->smb2.send_queue_len--; + DLIST_REMOVE(sconn->smb2.send_queue, e); + talloc_free(e->mem_ctx); + } + + return NT_STATUS_OK; +} + +static NTSTATUS smbd_smb2_io_handler(struct smbd_server_connection *sconn, + uint16_t fde_flags) +{ + struct smbd_smb2_request_read_state *state = &sconn->smb2.request_read_state; struct smbd_smb2_request *req = NULL; + size_t min_recvfile_size = UINT32_MAX; + int ret; + int err; + bool retry; + NTSTATUS status; + NTTIME now; - status = smbd_smb2_request_read_recv(subreq, sconn, &req); - TALLOC_FREE(subreq); + if (fde_flags & TEVENT_FD_WRITE) { + status = smbd_smb2_flush_send_queue(sconn); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + if (!(fde_flags & TEVENT_FD_READ)) { + return NT_STATUS_OK; + } + + if (state->req == NULL) { + TEVENT_FD_NOT_READABLE(sconn->smb2.fde); + return NT_STATUS_OK; + } + +again: + if (!state->hdr.done) { + state->hdr.done = true; + + state->vector.iov_base = (void *)state->hdr.nbt; + state->vector.iov_len = NBT_HDR_SIZE; + } + + ret = readv(sconn->sock, &state->vector, 1); + if (ret == 0) { + /* propagate end of file */ + return NT_STATUS_END_OF_FILE; + } + err = socket_error_from_errno(ret, errno, &retry); + if (retry) { + /* retry later */ + TEVENT_FD_READABLE(sconn->smb2.fde); + return NT_STATUS_OK; + } + if (err != 0) { + return map_nt_error_from_unix_common(err); + } + + if (ret < state->vector.iov_len) { + uint8_t *base; + base = (uint8_t *)state->vector.iov_base; + base += ret; + state->vector.iov_base = (void *)base; + state->vector.iov_len -= ret; + /* we have more to read */ + TEVENT_FD_READABLE(sconn->smb2.fde); + return NT_STATUS_OK; + } + + if (state->pktlen > 0) { + if (state->doing_receivefile && !is_smb2_recvfile_write(state)) { + /* + * Not a possible receivefile write. + * Read the rest of the data. + */ + state->doing_receivefile = false; + state->vector.iov_base = (void *)(state->pktbuf + + SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN); + state->vector.iov_len = (state->pktlen - + SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN); + goto again; + } + + /* + * Either this is a receivefile write so we've + * done a short read, or if not we have all the data. + */ + goto got_full; + } + + /* + * Now we analyze the NBT header + */ + state->pktlen = smb2_len(state->hdr.nbt); + if (state->pktlen == 0) { + goto got_full; + } + + state->pktbuf = talloc_array(state->req, uint8_t, state->pktlen); + if (state->pktbuf == NULL) { + return NT_STATUS_NO_MEMORY; + } + + state->vector.iov_base = (void *)state->pktbuf; + + if (state->min_recv_size != 0) { + min_recvfile_size = SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN; + min_recvfile_size += state->min_recv_size; + } + + if (state->pktlen > min_recvfile_size) { + /* + * Might be a receivefile write. Read the SMB2 HEADER + + * SMB2_WRITE header first. Set 'doing_receivefile' + * as we're *attempting* receivefile write. If this + * turns out not to be a SMB2_WRITE request or otherwise + * not suitable then we'll just read the rest of the data + * the next time this function is called. + */ + state->vector.iov_len = SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN; + state->doing_receivefile = true; + } else { + state->vector.iov_len = state->pktlen; + } + + goto again; + +got_full: + + if (state->hdr.nbt[0] != 0x00) { + DEBUG(1,("ignore NBT[0x%02X] msg\n", + state->hdr.nbt[0])); + + req = state->req; + ZERO_STRUCTP(state); + state->req = req; + state->min_recv_size = get_min_receive_file_size(state->req); + req = NULL; + goto again; + } + + req = state->req; + state->req = NULL; + + req->request_time = timeval_current(); + now = timeval_to_nttime(&req->request_time); + + status = smbd_smb2_inbuf_parse_compound(req->sconn->conn, + now, + state->pktbuf, + state->pktlen, + req, + &req->in.vector, + &req->in.vector_count); if (!NT_STATUS_IS_OK(status)) { - DEBUG(2,("smbd_smb2_request_incoming: client read error %s\n", - nt_errstr(status))); - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; + return status; + } + + if (state->doing_receivefile) { + req->smb1req = talloc_zero(req, struct smb_request); + if (req->smb1req == NULL) { + return NT_STATUS_NO_MEMORY; + } + req->smb1req->unread_bytes = + state->pktlen - SMBD_SMB2_SHORT_RECEIVEFILE_WRITE_LEN; } - DEBUG(10,("smbd_smb2_request_incoming: idx[%d] of %d vectors\n", + ZERO_STRUCTP(state); + + req->current_idx = 1; + + DEBUG(10,("smbd_smb2_request idx[%d] of %d vectors\n", req->current_idx, req->in.vector_count)); status = smbd_smb2_request_validate(req); if (!NT_STATUS_IS_OK(status)) { - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; + return status; } status = smbd_smb2_request_setup_out(req); if (!NT_STATUS_IS_OK(status)) { - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; + return status; } status = smbd_smb2_request_dispatch(req); if (!NT_STATUS_IS_OK(status)) { - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; - } - - status = smbd_smb2_request_next_incoming(sconn); - if (!NT_STATUS_IS_OK(status)) { - smbd_server_connection_terminate(sconn, nt_errstr(status)); - return; + return status; } sconn->num_requests++; @@ -3293,4 +3269,28 @@ static void smbd_smb2_request_incoming(struct tevent_req *subreq) change_to_root_user(); check_log_size(); } + + status = smbd_smb2_request_next_incoming(sconn); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return NT_STATUS_OK; +} + +static void smbd_smb2_connection_handler(struct tevent_context *ev, + struct tevent_fd *fde, + uint16_t flags, + void *private_data) +{ + struct smbd_server_connection *sconn = + talloc_get_type_abort(private_data, + struct smbd_server_connection); + NTSTATUS status; + + status = smbd_smb2_io_handler(sconn, flags); + if (!NT_STATUS_IS_OK(status)) { + smbd_server_connection_terminate(sconn, nt_errstr(status)); + return; + } } diff --git a/source3/smbd/smbd.h b/source3/smbd/smbd.h index e76915730d..5cf88bf0c6 100644 --- a/source3/smbd/smbd.h +++ b/source3/smbd/smbd.h @@ -73,6 +73,6 @@ struct trans_state { #define UCF_COND_ALLOW_WCARD_LCOMP 0x00000004 #define UCF_POSIX_PATHNAMES 0x00000008 #define UCF_UNIX_NAME_LOOKUP 0x00000010 -#define UCF_CREATING_FILE 0x00000020 +#define UCF_PREP_CREATEFILE 0x00000020 #endif /* _SMBD_SMBD_H */ diff --git a/source3/torture/torture.c b/source3/torture/torture.c index ee51a4d174..b7badc6d76 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -6553,7 +6553,7 @@ static bool subst_test(const char *str, const char *user, const char *domain, char *subst; bool result = true; - subst = talloc_sub_specified(talloc_tos(), str, user, domain, uid, gid); + subst = talloc_sub_specified(talloc_tos(), str, user, NULL, domain, uid, gid); if (strcmp(subst, expected) != 0) { printf("sub_specified(%s, %s, %s, %d, %d) returned [%s], expected " diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c index 3a752ce619..b7b76e8093 100644 --- a/source3/utils/net_sam.c +++ b/source3/utils/net_sam.c @@ -1873,10 +1873,12 @@ doma_done: gidstr = talloc_asprintf(tc, "%u", (unsigned int)domadmins_gid); dir = talloc_sub_specified(tc, lp_template_homedir(), "Administrator", + NULL, get_global_sam_name(), uid, domadmins_gid); shell = talloc_sub_specified(tc, lp_template_shell(), "Administrator", + NULL, get_global_sam_name(), uid, domadmins_gid); diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index 38c11e037a..2b1e435cdb 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -186,7 +186,7 @@ static bool parse_ace(struct security_ace *ace, const char *orig_str) p++; /* Try to parse numeric form */ - if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 && + if (sscanf(p, "%u/%u/%u", &atype, &aflags, &amask) == 3 && string_to_sid(&sid, str)) { goto done; } @@ -226,7 +226,7 @@ static bool parse_ace(struct security_ace *ace, const char *orig_str) /* no flags on share permissions */ if (!(next_token_talloc(frame, &cp, &tok, "/") && - sscanf(tok, "%i", &aflags) && aflags == 0)) { + sscanf(tok, "%u", &aflags) && aflags == 0)) { fprintf(stderr, "ACE '%s': bad integer flags entry at '%s'\n", orig_str, tok); SAFE_FREE(str); @@ -243,7 +243,7 @@ static bool parse_ace(struct security_ace *ace, const char *orig_str) } if (strncmp(tok, "0x", 2) == 0) { - if (sscanf(tok, "%i", &amask) != 1) { + if (sscanf(tok, "%u", &amask) != 1) { fprintf(stderr, "ACE '%s': bad hex number at '%s'\n", orig_str, tok); TALLOC_FREE(frame); diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 3ee7034af6..bb02aa0e34 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -490,7 +490,7 @@ static bool parse_ace(struct cli_state *cli, struct security_ace *ace, p++; /* Try to parse numeric form */ - if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 && + if (sscanf(p, "%u/%u/%u", &atype, &aflags, &amask) == 3 && StringToSid(cli, &sid, str)) { goto done; } @@ -553,7 +553,7 @@ static bool parse_ace(struct cli_state *cli, struct security_ace *ace, return False; } } else { - if (!sscanf(tok, "%i", &aflags)) { + if (!sscanf(tok, "%u", &aflags)) { printf("ACE '%s': bad integer flags entry at '%s'\n", orig_str, tok); SAFE_FREE(str); @@ -571,7 +571,7 @@ static bool parse_ace(struct cli_state *cli, struct security_ace *ace, } if (strncmp(tok, "0x", 2) == 0) { - if (sscanf(tok, "%i", &amask) != 1) { + if (sscanf(tok, "%u", &amask) != 1) { printf("ACE '%s': bad hex number at '%s'\n", orig_str, tok); SAFE_FREE(str); diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c index 688afc6271..9d0abbd9e3 100644 --- a/source3/winbindd/wb_fill_pwent.c +++ b/source3/winbindd/wb_fill_pwent.c @@ -29,6 +29,7 @@ struct wb_fill_pwent_state { static bool fillup_pw_field(const char *lp_template, const char *username, + const char *grpname, const char *domname, uid_t uid, gid_t gid, @@ -36,7 +37,7 @@ static bool fillup_pw_field(const char *lp_template, fstring out); static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq); -static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq); +static void wb_fill_pwent_getgrsid_done(struct tevent_req *subreq); struct tevent_req *wb_fill_pwent_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, @@ -90,47 +91,45 @@ static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq) state->pw->pw_uid = (uid_t)xid.id; - subreq = wb_sids2xids_send(state, state->ev, &state->info->group_sid, 1); + subreq = wb_getgrsid_send(state, state->ev, &state->info->group_sid, 1); if (tevent_req_nomem(subreq, req)) { return; } - tevent_req_set_callback(subreq, wb_fill_pwent_sid2gid_done, req); + tevent_req_set_callback(subreq, wb_fill_pwent_getgrsid_done, req); } -static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq) +static void wb_fill_pwent_getgrsid_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data( subreq, struct tevent_req); struct wb_fill_pwent_state *state = tevent_req_data( req, struct wb_fill_pwent_state); struct winbindd_domain *domain; - char *dom_name; + const char *dom_name; + const char *grp_name; fstring user_name, output_username; char *mapped_name = NULL; + struct talloc_dict *members; + TALLOC_CTX *tmp_ctx = talloc_stackframe(); NTSTATUS status; - struct unixid xid; - - status = wb_sids2xids_recv(subreq, &xid); + bool ok; + + /* xid handling is done in getgrsid() */ + status = wb_getgrsid_recv(subreq, + tmp_ctx, + &dom_name, + &grp_name, + &state->pw->pw_gid, + &members); TALLOC_FREE(subreq); if (tevent_req_nterror(req, status)) { + talloc_free(tmp_ctx); return; } - /* - * We are filtering further down in sids2xids, but that filtering - * depends on the actual type of the sid handed in (as determined - * by lookupsids). Here we need to filter for the type of object - * actually requested, in this case gid. - */ - if (!(xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH)) { - tevent_req_nterror(req, NT_STATUS_NONE_MAPPED); - return; - } - - state->pw->pw_gid = (gid_t)xid.id; - domain = find_domain_from_sid_noinit(&state->info->user_sid); if (domain == NULL) { + talloc_free(tmp_ctx); tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER); return; } @@ -166,17 +165,30 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq) fstrcpy(state->pw->pw_gecos, state->info->full_name); /* Home directory and shell */ - - if (!fillup_pw_field(lp_template_homedir(), user_name, dom_name, - state->pw->pw_uid, state->pw->pw_gid, - state->info->homedir, state->pw->pw_dir)) { + ok = fillup_pw_field(lp_template_homedir(), + user_name, + grp_name, + dom_name, + state->pw->pw_uid, + state->pw->pw_gid, + state->info->homedir, + state->pw->pw_dir); + if (!ok) { + talloc_free(tmp_ctx); tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER); return; } - if (!fillup_pw_field(lp_template_shell(), user_name, dom_name, - state->pw->pw_uid, state->pw->pw_gid, - state->info->shell, state->pw->pw_shell)) { + ok = fillup_pw_field(lp_template_shell(), + user_name, + grp_name, + dom_name, + state->pw->pw_uid, + state->pw->pw_gid, + state->info->shell, + state->pw->pw_shell); + talloc_free(tmp_ctx); + if (!ok) { tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER); return; } @@ -195,6 +207,7 @@ NTSTATUS wb_fill_pwent_recv(struct tevent_req *req) static bool fillup_pw_field(const char *lp_template, const char *username, + const char *grpname, const char *domname, uid_t uid, gid_t gid, @@ -214,11 +227,11 @@ static bool fillup_pw_field(const char *lp_template, if ((in != NULL) && (in[0] != '\0') && (lp_security() == SEC_ADS)) { templ = talloc_sub_specified(talloc_tos(), in, - username, domname, + username, grpname, domname, uid, gid); } else { templ = talloc_sub_specified(talloc_tos(), lp_template, - username, domname, + username, grpname, domname, uid, gid); } diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index fe05759131..ec7ddb7ed8 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -2124,6 +2124,19 @@ static NTSTATUS rids_to_names(struct winbindd_domain *domain, old_status) { have_mapped = have_unmapped = false; + *names = talloc_array(mem_ctx, char *, num_rids); + if (*names != NULL) { + result = NT_STATUS_NO_MEMORY; + goto error; + } + + *types = talloc_array(mem_ctx, enum lsa_SidType, + num_rids); + if (*types != NULL) { + result = NT_STATUS_NO_MEMORY; + goto error; + } + for (i=0; i<num_rids; i++) { struct dom_sid sid; struct cache_entry *centry; diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index 972924ccbe..64af571767 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -626,7 +626,7 @@ void winbind_msg_offline(struct messaging_context *msg_ctx, we only set it online / offline for that domain. */ DEBUG(10,("winbind_msg_offline: sending message to pid %u for domain %s.\n", - (unsigned int)child->pid, domain->name )); + (unsigned int)child->pid, child->domain->name )); messaging_send_buf(msg_ctx, pid_to_procid(child->pid), MSG_WINBIND_OFFLINE, diff --git a/source4/lib/registry/man/regdiff.1.xml b/source4/lib/registry/man/regdiff.1.xml index 3fe965ca5b..23aae3446d 100644 --- a/source4/lib/registry/man/regdiff.1.xml +++ b/source4/lib/registry/man/regdiff.1.xml @@ -21,11 +21,8 @@ <command>regdiff</command> <arg choice="opt">--help</arg> <arg choice="opt">--backend=BACKEND</arg> - <arg choice="opt">--backend=BACKEND</arg> - <arg choice="opt">--credentials=CREDENTIALS</arg> <arg choice="opt">--credentials=CREDENTIALS</arg> <arg choice="opt">location</arg> - <arg choice="opt">location</arg> </cmdsynopsis> </refsynopsisdiv> diff --git a/source4/torture/basic/delaywrite.c b/source4/torture/basic/delaywrite.c index 23a17d5a7a..da03b72d43 100644 --- a/source4/torture/basic/delaywrite.c +++ b/source4/torture/basic/delaywrite.c @@ -3059,6 +3059,100 @@ static bool test_delayed_write_update7(struct torture_context *tctx, struct smbc } /* + Test if creating a file in a directory with an open handle updates the + write timestamp (it should). +*/ +static bool test_directory_update8(struct torture_context *tctx, struct smbcli_state *cli) +{ + union smb_fileinfo dir_info1, dir_info2; + union smb_open open_parms; + const char *fname = BASEDIR "\\torture_file.txt"; + NTSTATUS status; + int fnum1 = -1; + int fnum2 = -1; + bool ret = true; + int used_delay = torture_setting_int(tctx, "writetimeupdatedelay", 2000000); + int normal_delay = 2000000; + double sec = ((double)used_delay) / ((double)normal_delay); + int msec = 1000 * sec; + TALLOC_CTX *mem_ctx = talloc_init("test_delayed_write_update8"); + + if (!mem_ctx) return false; + + torture_comment(tctx, "\nRunning test directory write update\n"); + + torture_assert(tctx, torture_setup_dir(cli, BASEDIR), "Failed to setup up test directory: " BASEDIR); + + /* Open a handle on the directory - and leave it open. */ + ZERO_STRUCT(open_parms); + open_parms.ntcreatex.level = RAW_OPEN_NTCREATEX; + open_parms.ntcreatex.in.flags = 0; + open_parms.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_READ; + open_parms.ntcreatex.in.file_attr = 0; + open_parms.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE| + NTCREATEX_SHARE_ACCESS_READ| + NTCREATEX_SHARE_ACCESS_WRITE; + open_parms.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + open_parms.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; + open_parms.ntcreatex.in.fname = BASEDIR; + + status = smb_raw_open(cli->tree, mem_ctx, &open_parms); + talloc_free(mem_ctx); + + if (!NT_STATUS_IS_OK(status)) { + torture_result(tctx, TORTURE_FAIL, + "failed to open directory handle"); + ret = false; + goto done; + } + + fnum1 = open_parms.ntcreatex.out.file.fnum; + + /* Store the returned write time. */ + ZERO_STRUCT(dir_info1); + dir_info1.basic_info.out.write_time = open_parms.ntcreatex.out.write_time; + + torture_comment(tctx, "Initial write time %s\n", + nt_time_string(tctx, dir_info1.basic_info.out.write_time)); + + /* sleep */ + smb_msleep(3 * msec); + + /* Now create a file within the directory. */ + fnum2 = smbcli_open(cli->tree, fname, O_RDWR|O_CREAT, DENY_NONE); + if (fnum2 == -1) { + torture_result(tctx, TORTURE_FAIL, "Failed to open %s", fname); + ret = false; + goto done; + } + smbcli_close(cli->tree, fnum2); + + /* Read the directory write time again. */ + ZERO_STRUCT(dir_info2); + dir_info2.basic_info.level = RAW_FILEINFO_BASIC_INFO; + dir_info2.basic_info.in.file.fnum = fnum1; + + status = smb_raw_fileinfo(cli->tree, tctx, &dir_info2); + + torture_assert_ntstatus_ok(tctx, status, "fileinfo failed"); + + /* Ensure it's been incremented. */ + COMPARE_WRITE_TIME_GREATER(dir_info2, dir_info1); + + torture_comment(tctx, "Updated write time %s\n", + nt_time_string(tctx, dir_info2.basic_info.out.write_time)); + + done: + + if (fnum1 != -1) + smbcli_close(cli->tree, fnum1); + smbcli_unlink(cli->tree, fname); + smbcli_deltree(cli->tree, BASEDIR); + + return ret; +} + +/* testing of delayed update of write_time */ struct torture_suite *torture_delay_write(void) @@ -3082,6 +3176,7 @@ struct torture_suite *torture_delay_write(void) torture_suite_add_2smb_test(suite, "delayed update of write time 6", test_delayed_write_update6); torture_suite_add_1smb_test(suite, "timestamp resolution test", test_delayed_write_update7); torture_suite_add_1smb_test(suite, "timestamp resolution test", test_delayed_write_update7); + torture_suite_add_1smb_test(suite, "directory timestamp update test", test_directory_update8); return suite; } diff --git a/source4/torture/man/smbtorture.1.xml b/source4/torture/man/smbtorture.1.xml index 9b70b9b275..09e19ed2f1 100644 --- a/source4/torture/man/smbtorture.1.xml +++ b/source4/torture/man/smbtorture.1.xml @@ -19,10 +19,6 @@ <refsynopsisdiv> <cmdsynopsis> <command>smbtorture</command> - </cmdsynopsis> - - <cmdsynopsis> - <command>smbtorture</command> <arg choice="req">//server/share</arg> <arg choice="opt">-d debuglevel</arg> <arg choice="opt">-U user%pass</arg> diff --git a/testsuite/nsswitch/getgrent_r.c b/testsuite/nsswitch/getgrent_r.c index 4f1f0ce8f5..883c897736 100644 --- a/testsuite/nsswitch/getgrent_r.c +++ b/testsuite/nsswitch/getgrent_r.c @@ -32,7 +32,7 @@ void dump_grent(char *id) setgrent(); while((gr = getgrent()) != NULL) { - fprintf(fptr,"%s:%s:%d:%d\n", gr->gr_name, gr->gr_passwd, + fprintf(fptr,"%s:%s:%d\n", gr->gr_name, gr->gr_passwd, gr->gr_gid); } |