| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This was only added to prevent problems with the fixes for
CVE-2016-2118.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
This adds a new global parameter "automount fs types" that allows
administrators to configure additional filesystem types that should
trigger automounting, beyond the always-supported autofs filesystem.
To enable 'samba unaware FS' automounting, add:
automount fs types = 0x12345678
This allows e.g. ZFS snapshots in <dataset root>/.zfs/snapshot to be
mounted. To find out the magic number that is not listed
in /usr/include/linux/magic.h, run:
stat -f -c '0x%t' /path/to/mountpoint
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15991
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Mon Apr 20 19:57:42 UTC 2026 on atb-devel-224
|
|
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Mar 26 10:59:47 UTC 2026 on atb-devel-224
|
|
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
This will use the ccache_type defined in the krb5.conf.
Pair-Programmed-With: Pavel Filipenský <pfilipen@samba.org>
Signed-off-by: Pavel Filipenský <pfilipen@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
Pair-Programmed-With: Pavel Filipenský <pfilipen@redhat.com>
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Mar 1 21:22:24 UTC 2026 on atb-devel-224
|
|
No longer needed
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=16000
Signed-off-by: Avan Thakkar <athakkar@redhat.com>
Reviewed-by: Shweta Sodani <ssodani@redhat.com>
Reviewed-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
|
|
This patch corrects several issues in the smbget documentation:
- Removed duplicate '-O' from the synopsis (it conflicted with socket
options).
- Clarified that '-o' conflicts with '--recursive', not '-R' (which is
name resolve order).
- Fixed malformed example syntax (changed '-resume' to '--resume').
- Fixed spelling typo of 'recursive' in the BUGS section.
RN: Fixed misleading documentation for smbget options (-O vs --stdout)
and corrected typos.
Signed-off-by: Hugo Chia <hugochiaxyz.nus@gmail.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: John Mulligan <jmulligan@redhat.com>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Sun Feb 22 06:10:46 UTC 2026 on atb-devel-224
|
|
If AES keys are available in the domain, assume that service accounts support
AES by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15998
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Thu Feb 5 21:11:13 UTC 2026 on atb-devel-224
|
|
This has been wrong for a very long time. I only noticed it just
now... :-(
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15977
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Jan 22 23:06:20 UTC 2026 on atb-devel-224
|
|
Document the option used to enable fscrypt-style subvolume encryption
on cephfs. Document the options used to get key material for fscrypt
using the varlink-based keybridge local RPC protocol.
Signed-off-by: John Mulligan <jmulligan@redhat.com>
Reviewed-by: Gunther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Tue Jan 20 06:52:32 UTC 2026 on atb-devel-224
|
|
Documentation for newly introduced async-I/O rate-limiting module.
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Avan Thakkar <athakkar@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Gunther Deschner <gd@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Sun Jan 18 07:23:19 UTC 2026 on atb-devel-224
|
|
Has no effect yet.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
It is enabled by default, and does nothing as of yet.
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15840
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Jan 5 15:49:04 UTC 2026 on atb-devel-224
|
|
One actually does *NOT* need to provide AD credentials to process a
requestodj operation. This is run as root and populates Samba's
databases based on the ODJ blob. Thanks John Mulligan for pointing this out.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15964
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: John Mulligan <jmulligan@redhat.com>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Dec 11 15:19:13 UTC 2025 on atb-devel-224
|
|
This does nothing yet.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15809
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 14 15:05:11 UTC 2025 on atb-devel-224
|
|
This option over-rides the PA-PAC-REQUEST received from the client. When
enabled (the default) a PAC will always be included in the response.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
Added in 2012 with 0dc3f423d25d3a, but I could not find any user of
that call.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
|
|
Nobody called this
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
|
|
Requests
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Nov 5 05:13:01 UTC 2025 on atb-devel-224
|
|
This was a project attempting to integrate
Himmelblau into Samba, but it has been
abandoned.
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Tue Nov 4 09:09:40 UTC 2025 on atb-devel-224
|
|
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Jennifer Sutton <jsutton@samba.org>
Autobuild-Date(master): Thu Oct 23 01:03:36 UTC 2025 on atb-devel-224
|
|
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15927
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Workaround for a new behaviour in latest macOS versions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15926
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Tags alls opens as POSIX by setting fsp_flags.posix_open to true.
POSIX handles have different behaviour compared to Windows:
Behaviour | POSIX | Windows | macOS |fruit:posix_opens = yes
-----------------------------------+------------+----------------------------------------
Deleting files with open handles | yes | no | yes | yes
Moving directories with open files | yes | no | yes | yes
Byterange locks behaviour | POSIX-ish | Window-ish | POSIX-ish | POSIX-ish
Sticky writetime | no | yes | no | no
Case sensitive | no | yes | yes | yes
Streams allowed | no | yes | yes | yes
macOS follows POSIX for the first four, but needs case insensitive behaviour
and needs streams.
By carefully setting fsp_flags.posix_open to true *after* going through the path
resolution logic, but before opens are added to locking.tdb, with
"fruit:posix_opens = yes" we get closest to macOS semantics.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15926
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
When preforming certificate based kerberos authentication (PKINIT) with
"strong certificate binding enforcement = compatibility"", for WEAK mappings
the certificate issue date must be after the date the user record was created.
This parameter relaxes that constraint by allowing the certificate to have been
issued up to the specified number of minutes before the user record was created.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
This parameter controls the enforcement of Windows Certificate bindings as
outlined in "KB5014754: Certificate-based authentication changes on Windows
domain controllers",
when preforming certificate based kerberos authentication (PKINIT)
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
This was pretty much a stub anyway
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Sep 11 15:16:17 UTC 2025 on atb-devel-224
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
We'll modify the value of "server smb encrypt" when we have a trusted
quic transport
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
This documentation anticipates changes that will occur over the next
~20 commits.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
This new boolean option allows to automatically treat ".localized" as
vetoed files. Any attempts to access a ".localized" file or directory
will result in an access failure. MacOS tries to check for the presence
of such a file to check for the need of localized name display in
directory listings or checks for .localized directories containing name
translations). In large directory listings, typically half of the
compound SMB2 queries are done for ".localized", causing a significant
performance impact in particular with clustered filesystems.
More information can be found here:
https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/FileSystemAdvancedPT/LocalizingtheNameofaDirectory/LocalizingtheNameofaDirectory.html
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Aug 14 11:08:11 UTC 2025 on atb-devel-224
|
|
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Aug 5 16:03:56 UTC 2025 on atb-devel-224
|
