similar to: file rights tls key files.

Am 15.04.2016 um 11:02 schrieb Björn JACKE: > On 2016-04-15 at 10:09 +0200 L.P.H. van Belle sent off: >> It there anyway to override this setting? I do need 0440 here. ( or 0400 ) >> >> 0600 is not needed imo. > > can you say, why you need 440 here? I can't think of a valid use case for that. > If another service should use a SSL certificate on that server, you

On 15/04/16 10:12, L.P.H. van Belle wrote: > Yes, i can understand what your saying. > > But i have a "server" certificate, which i use for multple services. > And since some of these services "run as" other user/group i have a special group for that. So logical i set 0440 on my key file and 444 on my cert files. > And why does the key file ( any certficicate

Yes, i can understand what your saying. But i have a "server" certificate, which i use for multple services. And since some of these services "run as" other user/group i have a special group for that. So logical i set 0440 on my key file and 444 on my cert files. And why does the key file ( any certficicate file ) a 6, 4 is sufficient. Its just not logical make copies of

https://bugzilla.samba.org/show_bug.cgi?id=5324 Summary: with option --xattrs the process rsync is more long time Product: rsync Version: 3.0.0 Platform: x86 OS/Version: Other Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy: fauthier@free.fr

https://bugzilla.samba.org/show_bug.cgi?id=8001 Summary: buffer overflow in recv_file_entry (maxpathlen doesn't works) Product: rsync Version: 3.0.8 Platform: All OS/Version: FreeBSD Status: NEW Severity: normal Priority: P5 Component: core AssignedTo: wayned at samba.org

Release Announcements ===================== This is the first preview release of Samba 3.5. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Major enhancements in Samba 3.5.0 include: General changes: o Add support for full Windows timestamp resolution

Release Announcements ===================== This is the first preview release of Samba 3.5. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Major enhancements in Samba 3.5.0 include: General changes: o Add support for full Windows timestamp resolution

https://bugzilla.samba.org/show_bug.cgi?id=5109 Summary: poor performance on large drives with big bandwidth Product: rsync Version: 2.6.6 Platform: x86 OS/Version: Windows XP Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy:

Hi, When there is a blank in the name scp doesn't work correctly: bjacke at lamarr:~ > scp -v telefon.cgi lamarr:a\ directory/ Executing: program /usr/bin/ssh host lamarr, user (unspecified), command scp -v -t ein directory/ Enter passphrase for RSA key 'unon at rzstud1': scp: ambiguous target bjacke at lamarr:~ > By the way ... -v seems to be broken for scp in openssh 2.3. I

https://bugzilla.samba.org/show_bug.cgi?id=14163 Bug ID: 14163 Summary: RSYNC_SSL_PORT env should be set for invocation of --rsh command Product: rsync Version: 3.1.3 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core Assignee:

On Tue, 7 Mar 2017 10:26:03 -0800 Kris Lou via samba <samba at lists.samba.org> wrote: > Hang on, can you explain this a little further? I thought that Domain > Admins was issued gidNumber 512 by default. In addition, sysvolreset > is not recommended to fix potential SysVol replication problems with > GPO perms? > No Domain Admins doesn't get gidNumber 512 by default,

On 2018-01-12 at 16:56 +0000 Rowland Penny sent off: > Surely the authentication of choice would be kerberos and this wouldn't > require a posix account. Rowland, you sound very confident, but still that doesn't make it right. The posix account needs to exist for smbd to be able to switch to the context of the connecting (computer) user. This is not a matter of the authentication

On 2018-01-12 at 16:24 +0000 Rowland Penny via samba sent off: > > Clearly, also 'Domain Computers' group have to get assigned an GID, > > right? > > Yes. > > The question is, do you need to do this ? Will a computer own anything > on a Unix machine ? it's not the question if he owns anything. It's enough that the machine uses the machine account

On 2019-02-25 at 11:32 +0000 Rowland Penny via samba sent off: > > (I take it xid stands for both uid and gid?) > > No, I think it was chosen to differentiate them from uidNumber & > gidNumber attributes, they are similar but not the same. They also only > exist on DC's in Windows the owner of a file can be a group. In the unix world the main owner is always a user.

Mandi! Björn JACKE via samba In chel di` si favelave... > machine account instead of the connecting user account. One option is to assign > rfc2307 attributes also for all the machine accounts, too. The other option is Some drawbacks on that? Clearly, apart the management cost of assigning an UID to machine accounts? Clearly, also 'Domain Computers' group have to get assigned an

https://bugzilla.samba.org/show_bug.cgi?id=7854 Summary: Abysmal sparse file performance Product: rsync Version: 3.0.7 Platform: x86 OS/Version: FreeBSD Status: NEW Severity: major Priority: P3 Component: core AssignedTo: wayned at samba.org ReportedBy: grarpamp at gmail.com

I have an Ubuntu 14.04 member server which runs winbind, krb5, and samba. Without encryption, I am able to use winbind to get all the info I neeed. i.e. winbind -g works winbind -u works I am trying to now get LDAPS working, but when I run a command nothing happens winbind -g does nothing (no errors) winbind -u does nothing (no errors). On the Windows DC, I can see TLS traffic happening

On Tue, 26 Feb 2019 12:49:42 +0100 Ralph Böhme via samba <samba at lists.samba.org> wrote: > On Tue, Feb 26, 2019 at 12:45:45PM +0100, Björn JACKE via samba wrote: > >On 2019-02-25 at 11:32 +0000 Rowland Penny via samba sent off: > >> > (I take it xid stands for both uid and gid?) > >> > >> No, I think it was chosen to differentiate them from uidNumber

Hi, in r176827 the optimization that turns invokes with empty landing pads into plain calls was disabled for invocations of function with the "uwtable" attribute. But given this code: struct S { ~S() {}; }; void blackbox(); __attribute__((__noinline__)) void inner() { blackbox(); } int foo() { S s; inner(); return 0; } int bar() {

Well, do you have a patch that enables the new pass manager that we can land then? To be more serious: 1) I don't even know how to run those passes using the new pass manager even if it where enabled by default. I guess that I'm supposed to use -passes. Is there a syntax description for that option somewhere? How do I for example run -die? 2) "Use the new pass manager" does