Garming Sam [Fri, 16 Feb 2018 00:26:46 +0000 (13:26 +1300)]
ldb_tdb: Build a key value operation library
This allows sharing of the originally ldb_tdb operations to the new
ldb_mdb backend.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 6 01:39:16 CET 2018 on sn-devel-144
Garming Sam [Thu, 12 Jan 2017 22:32:14 +0000 (11:32 +1300)]
partition: Allow a different backend store from @PARTITION
By default, use tdb, but otherwise read the value from backendStore.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Fri, 16 Feb 2018 00:06:31 +0000 (13:06 +1300)]
ldb_tdb: Implement a traversal function in key value ops
This can handle both read-only and writable traverses.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 10 Jan 2017 07:43:38 +0000 (20:43 +1300)]
ldb_tdb: Use key value ops for fetch command
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 10 Jan 2017 22:36:48 +0000 (11:36 +1300)]
ldb_tdb: factor out the (to be) common init code
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 13 Feb 2018 02:21:34 +0000 (15:21 +1300)]
ldb_tdb: Add errorstr to the key value ops
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 10 Jan 2017 10:23:22 +0000 (23:23 +1300)]
ldb_tdb: Remove tdb_get_seqnum and use a generic 'has_changed'
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 10 Jan 2017 10:19:55 +0000 (23:19 +1300)]
ldb_tdb: Add lock_read and unlock_read to key value ops
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 10 Jan 2017 08:44:11 +0000 (21:44 +1300)]
ldb_tdb: Replace tdb transaction code with generic key value ones
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 10 Jan 2017 07:45:02 +0000 (20:45 +1300)]
ldb_tdb: Replace exists, name and error_map with key value ops
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 10 Jan 2017 06:05:40 +0000 (19:05 +1300)]
ldb_tdb: Begin abstracting out the base key value operations
This will allow us to change the backend from tdb to lmdb.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Mon, 20 Nov 2017 22:31:10 +0000 (11:31 +1300)]
dsdb: The schema should be reloaded during the transaction
Reload the schema just after getting the tranaction lock
but before the transaction counter is bumped.
This ensures we reload the schema exactly once but with
the DB locked.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Tue, 11 Jul 2017 04:40:14 +0000 (16:40 +1200)]
samdb/schema_load: do schema loading with one search
It appears that there was a race condition between searching for the
attribute & class definitions, and searching for the schema object, if
the schema was changed in-between the two searches.
This is likely the cause of ldap_schema being flapping.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12889
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Garming Sam [Tue, 21 Nov 2017 23:37:07 +0000 (12:37 +1300)]
schema_set: Add a missing newline between functions
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Thu, 18 Jan 2018 20:16:04 +0000 (09:16 +1300)]
remove_dc.py: Abort transaction before throwing an exception
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 22 Jan 2018 22:02:28 +0000 (11:02 +1300)]
ldb_mod_op_test: Fix core dump on ldb_case_attrs_index_test_teardown
With no schema syntax, this would occasionally crash as it dereferenced
some possibly NULL sequence of memory.
Note: Removing all tests except this one, made it crash reliably.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Wed, 7 Feb 2018 10:21:45 +0000 (23:21 +1300)]
partition: Leave metadata.tdb unlocking until last
With the lmdb patches, I have cleanly observed the database being read
in between the commit of the metadata.tdb and the eventual commits of
the individual partitions.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Thu, 1 Feb 2018 23:05:27 +0000 (12:05 +1300)]
schema: Do not read different schema sequence values during a read transaction
During a read lock, we find ourselves seeing an unchanged schema, but
reading any updates to the metadata.tdb (in the case of lmdb, where
reads do not block writes).
The alternative is to read-lock the entire metadata.tdb, however, this
allows more concurrency by allowing reads not to block writes.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 1 Feb 2018 04:16:13 +0000 (17:16 +1300)]
partition: Use a transaction to write and a read lock to read the LDB_METADATA_SEQ_NUM
This is critical as otherwise we can read a sequence number in advance
of the data that it represents and so have a false cache.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
David Disseldorp [Mon, 5 Mar 2018 14:08:55 +0000 (15:08 +0100)]
build: fix standalone ctdb build --with-systemd
For standalone ctdb builds, a samba-util-core dependency is added,
without corresponding systemd libraries, which are needed when
become_daemon.c is built --with-systemd. This results in:
default/lib/util/become_daemon_20.o: In function `daemon_status':
become_daemon.c:(.text+0x456): undefined reference to `sd_notifyf'
collect2: error: ld returned 1 exit status
Fix this by moving the systemd library dependencies from samba-util to
samba-util-core, the become_daemon.c base build target.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Mar 5 20:49:51 CET 2018 on sn-devel-144
David Disseldorp [Mon, 5 Mar 2018 10:55:00 +0000 (11:55 +0100)]
ctdb/pmda: fix num_recoveries metric store
The num_recoveries metric is declared as PM_TYPE_U32, so should be
used accordingly.
Suggested-by: Nathan Scott <nathans@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Mon, 5 Mar 2018 07:43:17 +0000 (08:43 +0100)]
ldb: Directly return an error and do not fall through
Detected by -Wimplicit-fallthrough.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Douglas Bagnall [Sun, 4 Mar 2018 00:50:51 +0000 (13:50 +1300)]
tests/smbcontrol: reduce ping test false positive rate
The ping test was failing when a transient ldap_server process died
between the time it was listed and the time it was pinged. We stop
treating that as failure.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 5 01:33:46 CET 2018 on sn-devel-144
Gary Lockyer [Wed, 21 Feb 2018 02:12:40 +0000 (15:12 +1300)]
ldb_tdb: Add tests for truncated index keys
Tests for the index truncation code as well as the GUID index
format in general.
Covers truncation of both the DN and equality search keys.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar 3 09:58:40 CET 2018 on sn-devel-144
Gary Lockyer [Mon, 26 Feb 2018 21:01:38 +0000 (10:01 +1300)]
ldb_tdb: Combine identical not GUID index and special DN cases
Fold together two identical cases to simplify the code.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 21 Feb 2018 02:19:37 +0000 (15:19 +1300)]
ldb_tdb: Refuse to store a value in a unique index that is too long
Rather than add many special cases, over-long unique values are simply banned.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 27 Feb 2018 22:47:58 +0000 (11:47 +1300)]
ldb_tdb: Do not give the warning of duplicate attributes in truncation
In the truncation case a duplicate is perfectly expected.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 21 Feb 2018 02:18:11 +0000 (15:18 +1300)]
ldb_tdb: Cope with key truncation
Modify the indexing code to handle a maximum key length, index keys
greater than the maximum length will be truncated to the maximum length.
And the unuque index code has been altered to handle multiple records
for the same index key.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 27 Feb 2018 22:47:22 +0000 (11:47 +1300)]
ldb_tdb: Do not fail in GUID index mode if there is a duplicate attribute
It is not the job of the index code to enforce this, but do give a
a warning given it has been detected.
However, now that we do allow it, we must never return the same
object twice to the caller, so filter for it in ltdb_index_filter().
The GUID list is sorted, which makes this cheap to handle, thankfully.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 21 Feb 2018 02:20:17 +0000 (15:20 +1300)]
ldb_tdb: Add support for an option to restrict the key length
Allow the setting of the maximum key length, this allows the testing of
index key truncation code. Index key truncation is required to allow
the samba indexing scheme to be used with backends that enforce a
maximum key length.
This will allow emulation of a length-limited key DB for testing.
This is a testing-only feature, as the index format changes
based on this value.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 2 Mar 2018 10:01:33 +0000 (11:01 +0100)]
selftest: Impove test names for samba.wbinfo_simple
This simplifies selecting a specific test to run.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Sat Mar 3 05:19:38 CET 2018 on sn-devel-144
Andreas Schneider [Thu, 1 Mar 2018 09:54:52 +0000 (10:54 +0100)]
testprogs: Return the correct error status code
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Andreas Schneider [Thu, 1 Mar 2018 09:26:56 +0000 (10:26 +0100)]
s3:tests: Skip smbd error test if we do not log to stdout
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Swen Schillig [Thu, 1 Feb 2018 08:39:02 +0000 (09:39 +0100)]
Replace NT_STATUS_HAVE_NO_MEMORY macro
Replaced NT_STATUS_HAVE_NO_MEMORY macro and fixed
memory leaking error-path.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Sat Mar 3 00:00:34 CET 2018 on sn-devel-144
Swen Schillig [Thu, 1 Feb 2018 08:02:25 +0000 (09:02 +0100)]
Minor cleanup of libnet_LookupName_recv
Reduce indentation level and comply with 80 column rule.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Swen Schillig [Fri, 26 Jan 2018 12:28:58 +0000 (13:28 +0100)]
Zero libnet_LookupName out struct before using
Zero libnet_LookupName out struct before setting results,
preventing false result interpretation.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Noel Power [Mon, 12 Feb 2018 16:38:56 +0000 (16:38 +0000)]
WHATSNEW: Add info for 'net ads keytab' and 'net ads setspn' changes
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 2 19:12:08 CET 2018 on sn-devel-144
Noel Power [Mon, 12 Feb 2018 13:53:19 +0000 (13:53 +0000)]
docs: Add manpage for new 'net ads setspn' subcommand
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Mon, 12 Feb 2018 12:13:02 +0000 (12:13 +0000)]
docs: Add manpage for 'net ads keytab' subcommand
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 16 Feb 2018 15:53:16 +0000 (15:53 +0000)]
testprogs: 'net ads keytab create' expected failures should now pass
Following the commit to change the behaviour of 'net ads keytab create'
some tests previously failing should now pass.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 9 Feb 2018 14:07:27 +0000 (14:07 +0000)]
s3:libads: 'net ads keytab create' shouldn't write SPN(s)
Modify default behaviour of 'net ads keytab create'
The change modifies the behaviour of 'net ads keytab create' such
that only the keytab file is modified. The current behaviour doesn't
make sense, existing SPN(s) pulled from the computer AD object have
the format 'serviceclass/host:port/servicename'.
'ads_keytab_create_default' calls ads_keytab_add_entry passing
'serviceclass' for each SPN retrieved from the AD. For each
serviceclass passed in a new pair of SPN(s) is generated as follows
i) long form 'param/full_qualified_dns'
ii) short form 'param/netbios_name'
This doesn't make sense as we are creating a new SPN(s) from an existing
one probably replacing the existing host with the 'client' machine.
If the keytab file exists then additionally each kerberos principal in the
keytab file is parsed to strip out the primary, then 'ads_keytab_add_entry'
is called which then tries by default to generate a SPN from any primary
that doesn't end in '$'. By default those SPNs are then added to the AD
computer account for the client running the command.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 16 Feb 2018 15:50:03 +0000 (15:50 +0000)]
testprogs: Switch expected failure tests to expected pass
Following the commit to change the behaviour of 'net ads keytab add' and
new 'keytab add_update_ads' some tests previously failing should now
pass.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 9 Feb 2018 14:03:33 +0000 (14:03 +0000)]
s3:utils: Modify default behaviour of 'net ads keytab add'
This change modifies the behaviour of 'net ads keytab add' such
that only the keytab file is modified.
A new command 'net ads keytab add_update_ads' has been added that
preserves the legacy behaviour which can update the AD computer
object with Winows SPN(s) as appropriate. Alternatively the new
command 'net ads setspn add' can be used to manually add the
windows SPN(s) that previously would have been added.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Thu, 8 Feb 2018 17:33:08 +0000 (17:33 +0000)]
s3:libads: add param to prevent writing spn(s) to ads
'net ads keytab add' currently in addition to adding to the
keytab file this command also can update AD computer objects
via ldap. This behaviour isn't very intuitive or expected given
the command name. By default we shouldn't write to the ADS.
Prepare to change the default behaviour by modifying the function
'ads_keytab_add_entry' to take a paramater to modify the existing
behaviour to optionally update the AD (or not).
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Wed, 17 Jan 2018 17:18:15 +0000 (17:18 +0000)]
testprogs:: Add blackbox tests for 'net ads keytab add'
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Mon, 29 Jan 2018 18:38:05 +0000 (18:38 +0000)]
s3:libads: Allow 'net ads keytab add' handle Windows SPN(s) part 2
This patch addresses how the windows SPN is written to the AD.
If a legacy service (e.g. cifs, http etc.) is passed as param to
'net ads keytab add param' then windows SPNs are generated from
'param' as follows
i) long form 'param/full_qualified_dns'
ii) short form 'param/netbios_name'
If the SPN is a is a Windows SPN (e.g. conforming to format
'serviceclass/host:port') then this is the SPN that is passed to
the AD.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Mon, 29 Jan 2018 18:30:33 +0000 (18:30 +0000)]
s3:libads: Allow 'net ads keytab add' handle Windows SPN(s) part 1
This patch addresses how the windows SPN is converted into a kerberos
priniciple to be written to the keytab file. A followup patch will
deal with writing Window SPN(s) to the AD.
Before this change 'net ads keytab add' handled three scenarios
a) 'net ads keytab add param' is passed a fully qualified kerberos principal
(identified by the presence of '@' in param) In this scenario the keytab
file alone is updated with the principal contained in 'param'.
b) 'net ads keytab add param'; is passed a machine name (identified by
the paramater ending with '$'). In this case the machine name
is converted to a kerberos principal with according to the recipe
'param@realm' where realm is determined by lp_realm().
c) 'net ads keytab add param' is passed a service (e.g. nfs, http etc.)
In this scenario the param containing the service is first converted to
into 2 kerberos principals (long and short forms) according to the
following recipe
i) long form: 'param/fully_qualified_dns@realm'
ii) short form: 'param/netbios_name@realm'
where 'fully_qualified_dns is retrieved from 'dNSHostName' attribute of
'this' machines computer account on the AD.
The principals are written to the keytab file
Secondly 2 windows SPNs are generated from 'param' as follows
i) long form 'param/full_qualified_dns'
ii) short form 'param/netbios_name'
These SPNs are written to the AD computer account object
After this change a) & b) & c) will retain legacy behaviour except
in the case of c) where if the 'param' passed to c) is a Windows SPN
(e.g. conforming to format 'serviceclass/host:port'
i) 'param' will get converted to a kerberos principal (just a single one)
with the following recipe: 'serviceclass/host@realm' which will
be written to the keytab file. The SPN written to the AD is created
as before and the legacy behaviour is preserved.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Thu, 18 Jan 2018 11:30:50 +0000 (11:30 +0000)]
testprocs/blackbox: Add tests for net ads setspn (add|delete|list)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Wed, 24 Jan 2018 14:51:03 +0000 (14:51 +0000)]
s3:utils: add new 'net ads setspn delete' subcommand
This patch adds 'delete' to the 'net ads setspn' subcommand
(see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/
cc731241(v=ws.11)
Usage:
net ads setspn delete <computer> <SPN>
Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Wed, 24 Jan 2018 14:41:06 +0000 (14:41 +0000)]
s3:utils: add new 'net ads setspn add' subcommand
This patch adds 'add' to the 'net ads setspn' subcommand
(see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/
cc731241(v=ws.11)
Usage:
net ads setspn add <computer> <SPN>
Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Wed, 24 Jan 2018 14:26:03 +0000 (14:26 +0000)]
s3:utils: add new 'net ads setspn list' subcommand
This patch adds basic functionality not unlike the setspn.exe
command that is provided by windows for adminsistering SPN on
the AD. (see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/
cc731241(v=ws.11)
Only the basic list operation (that corresponds to the -l
switch for setspn.exe is implemented)
Usage:
net ads setspn list <computer>
Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 16 Feb 2018 16:52:01 +0000 (16:52 +0000)]
s3:libads: change ads_add_service_principal_name implementation
Previously the function 'ads_add_service_principal_name' created
the SPNs based on the machine_name and dns name passed to the function.
In order to prepare for a future patch that will also need to write
SPN(s) to the AD computer account, the function implementation will
need to be changed. Instead of the function creating the SPN(s) it
will now take the list SPN(s) to write to the AD 'machine_name' account
as an input param instead.
The name of the function has been changed to
'ads_add_service_principal_names' to reflect this. Additionally client
code now needs to construct the SPNs to be passed into the function.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Mon, 29 Jan 2018 17:51:15 +0000 (17:51 +0000)]
s3:libads: Add a basic Windows SPN parser.
(see https://social.technet.microsoft.com/wiki/contents/articles/717.service-principal-names-spns-setspn-syntax-setspn-exe.aspx)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 12 Jan 2018 14:22:34 +0000 (14:22 +0000)]
s3:libads: Clean up code a little rename 'ads_get_samaccountname()'
Function 'ads_get_samaccountname()' basically returns the machine_name passed
as an input param (appended with '$') if it exists on the ad. The function
really is testing for the existence of the samaccountname and is not really
'getting' it. This is also the way it is used. Renaming this function to
'ads_has_samaccountname()' better reflects what it is actually doing and how
clients calling the code use it. It also makes the client code using calling
this function less confusing.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 12 Jan 2018 12:22:45 +0000 (12:22 +0000)]
s3:libads: ads_get_dnshostname & ads_get_samaccountname don't use param
Both ads_get_dnshostname() & ads_get_samaccountname() are passed
a param machinename as a argument. Instead of using 'machinename' these
functions are erroneously using lp_netbiosname() instead.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Tue, 20 Feb 2018 10:08:47 +0000 (11:08 +0100)]
tests: Add basic ms_fnmatch unit test
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Thu, 26 Oct 2017 07:47:57 +0000 (09:47 +0200)]
util: Fix the logic in ms_fnmatch_protocol()
Make sure we always pass a valid max_n pointer to ms_fnmatch_core().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Christof Schmitt [Mon, 26 Feb 2018 22:58:20 +0000 (23:58 +0100)]
Fix autobuild for user names starting with c
This is similar to the fix from commit
0b1ba00: Now commit
475a7616 introduced
tests that create user names in the form DOMAIN\USER and pass them through
shell functions. There "echo" is used to print he username, resulting in
/bin/dash on sn-devel to interpret e.g. \c which skips any further output. The
result are test exceptions like:
failure: samba4.blackbox.trust_ntlm.Test01 rpcclient lookupnames with LOCALADMEMBER\cs(ad_member:local) [
Exception: Exception: LOCALADMEMBER
]
time: 2018-02-26 23:00:46.688800Z
Fix this by replacing the echo with printf %s. This surfaced for
test_rpcclient_grep, but apply the same change to all functions in
common_test_fns.inc for consistency.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Mar 2 10:49:09 CET 2018 on sn-devel-144
Ralph Boehme [Thu, 1 Mar 2018 10:43:39 +0000 (11:43 +0100)]
nsswitch: fix wbinfo -m --verbose trust type "Local"
Remove wrong "Local" strcmp(), there's another one, the correct one, a few lines
below. Since commit
95e3307917b5731ab883ee5fce530c5b559b4934
WBC_DOMINFO_TRUSTTYPE_NONE, which corresponded to the string "None" in the
winbindd response, is not used anymore.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13313
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 2 05:49:18 CET 2018 on sn-devel-144
Andreas Schneider [Mon, 19 Feb 2018 17:07:50 +0000 (18:07 +0100)]
s3:smbd: Do not crash if we fail to init the session table
This should the following segfault with SMB1:
#6 sig_fault (sig=<optimized out>) at ../lib/util/fault.c:94
#7 <signal handler called>
#8 smbXsrv_session_create (conn=conn@entry=0x5654d3512af0, now=now@entry=
131594481900356690, _session=_session@entry=0x7ffc93a778e8)
at ../source3/smbd/smbXsrv_session.c:1212
#9 0x00007f7618aa21ef in reply_sesssetup_and_X (req=req@entry=0x5654d35174b0) at ../source3/smbd/sesssetup.c:961
#10 0x00007f7618ae17b0 in switch_message (type=<optimized out>, req=req@entry=0x5654d35174b0) at ../source3/smbd/process.c:1726
#11 0x00007f7618ae3550 in construct_reply (deferred_pcd=0x0, encrypted=false, seqnum=0, unread_bytes=0, size=140, inbuf=0x0, xconn=0x5654d35146d0)
at ../source3/smbd/process.c:1762
#12 process_smb (xconn=xconn@entry=0x5654d3512af0, inbuf=<optimized out>, nread=140, unread_bytes=0, seqnum=0, encrypted=<optimized out>,
deferred_pcd=deferred_pcd@entry=0x0) at ../source3/smbd/process.c:2008
#13 0x00007f7618ae4c41 in smbd_server_connection_read_handler (xconn=0x5654d3512af0, fd=40) at ../source3/smbd/process.c:2608
#14 0x00007f761587eedb in epoll_event_loop_once () from /lib64/libtevent.so.0
Inspection the core shows that:
conn->client-session_table is NULL
conn->protocol is PROTOCOL_NONE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13315
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Dan Robertson [Thu, 22 Feb 2018 20:47:11 +0000 (20:47 +0000)]
libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
When the connection protocol is SMB2 the tid from the smb1 member is
used instead of smb2 in cli_state_set_tid which often results in a null
deref.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13310
Signed-off-by: Dan Robertson <drobertson@tripwire.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Amitay Isaacs [Thu, 1 Mar 2018 01:32:26 +0000 (12:32 +1100)]
ctdb-pmda: Use modified API in pcp library 4.0
Support backward compatibility by checking for __pmID_int type, which
was previously in <pcp/impl.h>. In the new version, this type is not
defined anymore and there is no need to include <pcp/impl.h>.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Mar 2 00:38:52 CET 2018 on sn-devel-144
Martin Schwenke [Thu, 2 Mar 2017 10:55:54 +0000 (21:55 +1100)]
ctdb-tests: Generalise SM_NOTIFY output format in statd-callout tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 2 Mar 2017 05:43:51 +0000 (16:43 +1100)]
ctdb-scripts: Clean up statd-callout
This means there will be 2 loops reading the data but the code flow is
much more obvious.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 2 Mar 2017 10:35:03 +0000 (21:35 +1100)]
ctdb-tests: Exit on statd-callout sub-test failure
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 3 Jan 2017 22:53:54 +0000 (09:53 +1100)]
ctdb-scripts: Avoid no-op "ctdb ptrans" call
This causes unnecessary g_lock activity and overhead.
This could be optimised in ctdb.c:control_ptrans(). However, that
makes the code more complex. Let's only do that if we get more
potentially no-op uses.
Note no optimisation is needed in the "notify" case because there is
already an early exit if there are no items.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 27 Feb 2018 02:59:50 +0000 (13:59 +1100)]
ctdb-tools: Reindent parts of onnode
No functional changes. Best viewed with diff/show -w to avoid
whitespace differences.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 28 Feb 2018 04:11:56 +0000 (15:11 +1100)]
ctdb-tools: Remove test hooks from onnode
CTDB_NODES_SOCKETS is no longer used. The test code uses ONNODE_SSH
to run a fake ssh client.
Leave indenting sloppy and fix it in the next commit so that this
change is clear.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 27 Feb 2018 01:13:37 +0000 (12:13 +1100)]
ctdb-tests: Use fake ssh script for onnode in local daemons tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 27 Feb 2018 01:12:45 +0000 (12:12 +1100)]
ctdb-tests: Add fake ssh command for local daemons tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 27 Feb 2018 04:12:26 +0000 (15:12 +1100)]
ctdb-tools: Revisit stray file descriptor avoidance in onnode
Commit
635da189dccef6516d490c228407b9987986c578 fixed a problem where
a stray file descriptor leaked into a subshell.
Explicitly close the file descriptor at the outermost possible point
rather than relying on fakessh() to do it.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 28 Feb 2018 04:02:03 +0000 (15:02 +1100)]
ctdb-tools: Introduce a variable to hold the ssh command
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 27 Feb 2018 01:11:54 +0000 (12:11 +1100)]
ctdb-tools: Change onnode to use ONNODE_SSH and ONNODE_SSH_OPTS
Instead of more generic SSH and EXTRA_SSH_OPTS.
Quietly drop reference to rsh in case it gives anyone ideas.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 20 Feb 2018 07:32:04 +0000 (18:32 +1100)]
ctdb-common: Drop debugging variable CTDB_EXTERNAL_TRACE
This was an attempt to debug an unexpected situation. It never
triggered, so delete it and all supporting code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 13 Feb 2018 00:55:07 +0000 (11:55 +1100)]
ctdb-tests: Avoid creating files in /tmp.
Temporary test data should all go somewhere under TEST_VAR_DIR instead
of in the global /tmp. The existing mktemp could be changed so the
data goes into the test directory but mktemp is overkill in this case.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 7 Feb 2018 02:28:59 +0000 (13:28 +1100)]
ctdb-tests: Check for errors when adding stubs/ subdirectory to PATH
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Feb 2018 05:41:36 +0000 (16:41 +1100)]
ctdb-tests: Clean up PATH setting for stubs/ subdirectory
Drop unnecessary PATH setting in rc.local. The functions file no
longer sets PATH so setting it here is unnecessary. Fix a comment
referencing this PATH setting.
Given EVENTSCRIPTS_PATH is no longer used, use a more obvious variable
name and fail on missing stubs/ subdirectory.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 7 Feb 2018 02:25:58 +0000 (13:25 +1100)]
ctdb-tests: Drop unneccessary unset of variable
The comment is incorrect. This is only set when running simple tests
on local daemons.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 12 Feb 2018 00:34:57 +0000 (11:34 +1100)]
ctdb-tests: Use consistent NAT gateway nodes file
Using a different file each time causes the event script to believe
that the configuration has changed even though only the node states
have changed. Change this to stop the tests from doing something
unexpected.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 9 Feb 2018 10:18:03 +0000 (21:18 +1100)]
ctdb-tests: Fix a double-typo bug
Amazingly, the code actually works! Understanding why is homework for
real shell experts, who are not necessarily created ==!
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 22 Feb 2018 07:48:23 +0000 (18:48 +1100)]
ctdb-scripts: Add default for public addresses file where missing
This makes it consistent with the rest of the script code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Feb 2018 01:00:31 +0000 (12:00 +1100)]
ctdb-scripts: Do not use ctdb_service_reconfigure() for policy routing
This is an unconditional reconfiguration so skip the unnecessary
logic.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 16 Feb 2018 03:04:04 +0000 (14:04 +1100)]
ctdb-packaging: Package event scripts via a wildcard
This avoids churn as event scripts are renamed and moved about.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 16 Feb 2018 03:03:07 +0000 (14:03 +1100)]
ctdb-packaging: Make the ctdb package own more directories
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Andreas Schneider [Wed, 26 Jul 2017 14:29:06 +0000 (16:29 +0200)]
wafsamba: Build with -Wimplicit-fallthrough if supported
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Mar 1 19:38:12 CET 2018 on sn-devel-144
Andreas Schneider [Thu, 1 Mar 2018 10:04:49 +0000 (11:04 +0100)]
auth:credentials: Avoid an 'else' branch
This moves the 'return' statement to the end of the 'case' and makes clear
we leave here.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 26 Jul 2017 16:20:53 +0000 (18:20 +0200)]
auth:credentials: Add FALL_THROUGH statements in credentials.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 14:32:05 +0000 (15:32 +0100)]
winbind: Fix --ping-dc error handling
If the child dies at the wrong moment, we get an error in the "req" itself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Mar 1 14:48:19 CET 2018 on sn-devel-144
Volker Lendecke [Mon, 26 Feb 2018 14:12:14 +0000 (15:12 +0100)]
winbind: Fix a race between the sigchld and 0-sized socket read
Fix a bug when a child dies when a request is pending in the child. If the
signal handler fires before epoll finds out the other end of the parent-child
socket is closed, we close the socket on our side without taking care of the
pending request. This causes two problems: First, that one pending request
never is replied to properly, and secondly, we might end up with EPOLL_DEL on a
wrong file descriptor. This causes all sorts of trouble if we hit an active
one.
The fix for this problem is not to close the socket in winbind_child_died().
This however stops an idle child that dies hard from being properly cleaned up.
The fix for that is to add the child->monitor_fde that is set pending only when
no child request is active. This way we can remove the close(sock) in the
signal handler.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 12:48:24 +0000 (13:48 +0100)]
winbind: Remove the "winbindd_children" global
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 12:45:01 +0000 (13:45 +0100)]
winbind: Use forall_children in reinit_after_fork()
This removes the special handling for idmap_child() after the "This is
a little tricky" comment. I believe this was not required at all, the
idmap_child is part of the winbindd_children list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 12:37:05 +0000 (13:37 +0100)]
winbind: Use forall_children in winbind_msg_ip_dropped_parent()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 12:24:50 +0000 (13:24 +0100)]
winbind: Use forall_domain_children in winbind_msg_online
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 12:20:25 +0000 (13:20 +0100)]
winbind: Use forall_domain_children in winbind_msg_offline()
Note that we only walk the domain children, which all have
child->domain != NULL. So we don't need that check anymore.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 12:15:14 +0000 (13:15 +0100)]
winbind: Remove unused winbindd_internal_child()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 12:14:21 +0000 (13:14 +0100)]
winbind: "internal" children never have a domain set
Look at setup_domain_child(): There we always set child->domain. The only other
two children are the idmap and locator children, which don't have a domain set.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 11:59:06 +0000 (12:59 +0100)]
winbind: Use forall_children in winbind_child_died()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 26 Feb 2018 11:55:31 +0000 (12:55 +0100)]
winbind: Implement forall_children()
Step 0 in removing winbindd_children as a variable: We have access to
all children via our domain list and the two explicit children. There's
no need to separately maintain a list of winbind children. Maintaining
child->pid != 0 is sufficient to make sure we only walk active children.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Tue, 27 Feb 2018 08:18:36 +0000 (09:18 +0100)]
third_party: Add missing config.h in libpamtest
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Thu, 22 Feb 2018 16:00:14 +0000 (17:00 +0100)]
third_party: Update pam_wrapper to version 1.0.5
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
git.samba.org / samba.git / log