1. 19 Oct, 2021 8 commits
  2. 18 Oct, 2021 2 commits
    • Waqar Ahmed's avatar
      Add proftpd-mod-crypto as depedency for scale · ca921980
      Waqar Ahmed authored
      This commit adds changes to have proftpd-mod-crypto as a dependency for scale as modules required for TLS are not available in proftpd package and this package provides the relevant modules for TLS with proftpd to function.
      ca921980
    • Andrew's avatar
      Prevent users from disabling mDNS if time machine is enabled (#7710) · 6706cb81
      Andrew authored
      Time machine uses _adisk._tcp. mDNS SRV record to determine
      whether the target server is capable of serving as a time
      machine backup target. Users should not be able to disable
      mDNS if a timemachine SMB share is configured, and likewise
      users should not be able to enable or create a time machine
      target if mDNS is disabled.
      6706cb81
  3. 16 Oct, 2021 1 commit
  4. 15 Oct, 2021 4 commits
    • Andrew's avatar
      Reset idmap backend to rid after tests (#7704) · 6e5ecdc0
      Andrew authored
      6e5ecdc0
    • Andrew's avatar
      NAS-112810 / 22.02-RC.2 / Fix issue with RID collision on creating new passdb users (#7695) · a7d2f8d3
      Andrew authored
      * Fix issue with RID collision on creating new passdb users
      
      When pdb_default_create_user() in souce3/passdb in samba
      creates a new passdb entry, it automatically allocates
      generates a new SID for user based on nex_rid counter in
      passdb.tdb. Middleware keeps its own RID counter to
      ensure consistency between user and group RIDs across
      updates. Unfortunately, the passdb's next_rid function
      is not aware of manually allocated SIDs and so it's
      possible to generate a collision during new RID allocation
      and have it fail with STATUS_OBJECT_NAME_COLLISION even
      if `pdbedit` command specifies exact RID to use for
      new entry. This is because in this case the new passdb
      entry is generated with an auto-incremented RID and then
      updated to have the specified SID/RID.
      
      To address this issue, this PR introduces the following
      changes:
      1) passdb.tdb is shifted to a tmpfs filesystem, which
         will reset the next_rid counter and also provide
         performance improvement compared to potentially slow
         boot medium. The information used to populate the
         passdb entry is already stored in our sqlite database.
      
      2) bump up low end of middleware's next_rid so that new
         RIDs allocated will be a minimum of 10000, which will
         avoid passdb-allocated RIDs (start at 1000).
      
      * Fix omitted tdbsam prefix
      a7d2f8d3
    • Andrew's avatar
      Add validation to internal kerberos.get_cred method (#7700) · 38cd9f17
      Andrew authored
      This validation should never fail, but it will potentially
      catch edge-case bugs where partially configured directory
      services try to get kerberos tickets.
      
      Allow kerberos principal from LDAP plugin
      38cd9f17
    • Andrew's avatar
      Add check for permissions on /var/db/system/samba4/winbindd_privilege (#7699) · b9b5b871
      Andrew authored
      Incorrect permissions on this directory will prevent winbindd
      from starting.
      b9b5b871
  5. 14 Oct, 2021 10 commits
  6. 13 Oct, 2021 14 commits
  7. 12 Oct, 2021 1 commit