Andrew Bartlett [Sun, 17 Dec 2017 21:14:31 +0000 (10:14 +1300)]
ldb: Release 1.2.3
- Intersect the index from SCOPE_ONELEVEL with the index for the search expression
This helps ensure we do not have to scan all objects at this level
which could be very many (one per DNS zone entry).
However, due to the O(n*m) behaviour in the LDB index code
we only do this for small numbers of matches on the
filter tree.
This behaviour will only be for ldb 1.2 and will not be kept
long-term in LDB, versions 1.3.1 and above will instead only
intersect when the more efficient GUID index is in use.
Finally, disallowDNFilter now applies to SCOPE_ONELEVEL banning
dn= as a filter string when so configured.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 18 Dec 2017 03:22:01 +0000 (16:22 +1300)]
ldb: Intersect the index from SCOPE_ONELEVEL with the index for the search expression
This helps ensure we do not have to scan all objects at this level
which could be very many (one per DNS zone entry).
However, due to the O(n*m) behaviour in list_intersect() for ldb
1.2 and earlier, we only do this for small numbers of matches on the
filter tree.
This behaviour will only be for ldb 1.2 and will not be kept
long-term in LDB, versions 1.3.1 and above will instead only
intersect when the GUID index is in use.
NOTE WELL: the behaviour of disallowDNFilter is enforced
in the index code, so this fixes SCOPE_ONELEVEL to also
honour disallowDNFilter if there @IDXONE is enabled. Again,
this will change again in 1.3.1 and above.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(adapted from
ef240aaca0ef693a96726ac2366c454294b87b96 in master)
Andrew Bartlett [Thu, 10 Aug 2017 04:23:33 +0000 (16:23 +1200)]
ldb_tdb: Provide struct ltdb_private to index routines
This will make it easier to switch the GUID index mode on and off
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
3d952157d72b3a4635f3942449c1727c438c97c6)
Andrew Bartlett [Wed, 20 Dec 2017 01:55:04 +0000 (14:55 +1300)]
selftest: Do not use dn= filter string
This accidentially worked with SCOPE_ONELEVEL against Samba but dn= filters are
not valid in AD.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
44eee9ce9e9818df8387b2b3782504408112f12c)
Andrew Bartlett [Tue, 19 Dec 2017 03:30:08 +0000 (16:30 +1300)]
s4:samba: Fix default to be running samba as a deamon
Commit
8736013dc42c5755b75bbb2e843a290bcd545909 got the (confusing) sense of opt_fork
wrong.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13129
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec 19 11:24:29 CET 2017 on sn-devel-144
(cherry picked from commit
0806ff7dfd3f982226e4cd9b923a0e570b765f0c)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Thu Dec 21 00:55:29 CET 2017 on sn-devel-144
Volker Lendecke [Thu, 30 Nov 2017 20:06:53 +0000 (21:06 +0100)]
messaging: Always register the unique id
The winbind child does not call serverid_register, so the unique id is not
registered. ctdbd_process_exists now calls CTDB_CONTROL_CHECK_PID_SRVID, which
then fails.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13180
Signed-off-by: Volker Lendecke <vl@samba.org>
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Fri Dec 15 15:35:25 CET 2017 on sn-devel-144
Ralph Boehme [Mon, 9 Oct 2017 11:29:05 +0000 (13:29 +0200)]
winbindd: idmap_rid: error code for failing id-to-sid mapping request
NT_STATUS_NO_SUCH_DOMAIN triggers complete request failure in the parent
winbindd. By returning NT_STATUS_NONE_MAPPED winbindd lets the individual
mapping fail but keeps processing any remaining mapping requests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 10 19:57:37 CEST 2017 on sn-devel-144
(cherry picked from commit
490c35df35bad6c2f1c4acd2f056d6fdc480ec1f)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Thu Dec 14 16:32:49 CET 2017 on sn-devel-144
Ralph Boehme [Mon, 25 Sep 2017 13:42:08 +0000 (15:42 +0200)]
winbindd: idmap_rid: don't rely on the static domain list
The domain list in the idmap child is inherited from the parent winbindd
process and may not contain all domains in case enumerating trusted
domains didn't finish before the first winbind request that triggers the
idmap child fork comes along.
The previous commits added the domain SID as an additional argument to
the wbint_UnixIDs2Sids request, storing the domain SID in struct
idmap_domain.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
108675c4cf4c3d5bd29468255743423a56bd1471)
Ralph Boehme [Mon, 25 Sep 2017 13:39:39 +0000 (15:39 +0200)]
winbindd: pass domain SID to wbint_UnixIDs2Sids
This makes the domain SID available to the idmap child for
wbint_UnixIDs2Sids mapping request. It's not used yet anywhere, this
comes in the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
71f99cb132f4c26f9febac6cb7dcd79f4940216a)
Ralph Boehme [Mon, 25 Sep 2017 11:25:57 +0000 (13:25 +0200)]
winbindd: add domain SID to idmap mapping domains
Fetch the domain SID for every domain in the idmap-domain map. This is
in preperation of passing the domain SID as an additional argument to
xid2sid requests to the idmap child.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
59438bfd3d3551195582cf88bd1109c3cbc7e12a)
Volker Lendecke [Wed, 29 Nov 2017 17:55:21 +0000 (18:55 +0100)]
pthreadpool: Add a test for the race condition fixed in the last commit
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13179
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
53f7bbca0451e4f57cdbe8ab4f67f601fe8d40c1)
Volker Lendecke [Wed, 29 Nov 2017 15:45:40 +0000 (16:45 +0100)]
pthreadpool: Fix starvation after fork
After the race is before the race:
1) Create an idle thread
2) Add a job: This won't create a thread anymore
3) Immediately fork
The idle thread will be woken twice before it's actually woken up: Both
pthreadpool_add_job and pthreadpool_prepare_pool call cond_signal, for
different reasons. We must look at pool->prefork_cond first because otherwise
we will end up in a blocking job deep within a fork call, the helper thread
must take its fingers off the condvar as quickly as possible. This means that
after the fork there's no idle thread around anymore that would pick up the job
submitted in 2). So we must keep the idle threads around across the fork.
The quick solution to re-create one helper thread in pthreadpool_parent has a
fatal flaw: What do we do if that pthread_create call fails? We're deep in an
application calling fork(), and doing fancy signalling from there is really
something we must avoid.
This has one potential performance issue: If we have hundreds of idle threads
(do we ever have that) during the fork, the call to pthread_mutex_lock on the
fork_mutex from pthreadpool_server (the helper thread) will probably cause a
thundering herd when the _parent call unlocks the fork_mutex. The solution for
this to just keep one idle thread around. But this adds code that is not
strictly required functionally for now.
More detailed explanation from Jeremy:
First, understanding the problem the test reproduces:
add a job (num_jobs = 1) -> creates thread to run it.
job finishes, thread sticks around (num_idle = 1).
num_jobs is now zero (initial job finished).
a) Idle thread is now waiting on pool->condvar inside
pthreadpool_server() in pthread_cond_timedwait().
Now, add another job ->
pthreadpool_add_job()
-> pthreadpool_put_job()
This adds the job to the queue.
Oh, there is an idle thread so don't
create one, do:
pthread_cond_signal(&pool->condvar);
and return.
Now call fork *before* idle thread in (a) wakes from
the signaling of pool->condvar.
In the parent (child is irrelevent):
Go into: pthreadpool_prepare() ->
pthreadpool_prepare_pool()
Set the variable to tell idle threads to exit:
pool->prefork_cond = &prefork_cond;
then wake them up with:
pthread_cond_signal(&pool->condvar);
This does nothing as the idle thread
is already awoken.
b) Idle thread wakes up and does:
Reduce idle thread count (num_idle = 0)
pool->num_idle -= 1;
Check if we're in the middle of a fork.
if (pool->prefork_cond != NULL) {
Yes we are, tell pthreadpool_prepare()
we are exiting.
pthread_cond_signal(pool->prefork_cond);
And exit.
pthreadpool_server_exit(pool);
return NULL;
}
So we come back from the fork in the parent with num_jobs = 1,
a job on the queue but no idle threads - and the code that
creates a new thread on job submission was skipped because
an idle thread existed at point (a).
OK, assuming that the previous explaination is correct, the
fix is to create a new pthreadpool context mutex:
pool->fork_mutex
and in pthreadpool_server(), when an idle thread wakes up and
notices we're in the prepare fork state, it puts itself to
sleep by waiting on the new pool->fork_mutex.
And in pthreadpool_prepare_pool(), instead of waiting for
the idle threads to exit, hold the pool->fork_mutex and
signal each idle thread in turn, and wait for the pool->num_idle
to go to zero - which means they're all blocked waiting on
pool->fork_mutex.
When the parent continues, pthreadpool_parent()
unlocks the pool->fork_mutex and all the previously
'idle' threads wake up (and you mention the thundering
herd problem, which is as you say vanishingly small :-)
and pick up any remaining job.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13179
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
f6858505aec9f1004aeaffa83f21e58868749d65)
Andreas Schneider [Mon, 4 Dec 2017 10:00:10 +0000 (11:00 +0100)]
third_party: Fix a typo in the option name
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13174
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
e7e68958025937f97554cd956ca482dfe507f803)
Björn Baumbach [Mon, 4 Dec 2017 09:49:19 +0000 (10:49 +0100)]
third_party: Link th aesni-intel library with -z noexecstack
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13174
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
6015cfad6ebf46b9f311a069dd960ff5af5bdcd8)
Jeremy Allison [Wed, 29 Nov 2017 21:16:43 +0000 (13:16 -0800)]
s3: libsmb: Fix reversing of oldname/newname paths when creating a reparse point symlink on Windows from smbclient.
This happened as smbd doesn't support reparse points so we couldn't test.
This was the reverse of the (tested) symlink parameters in the unix extensions
symlink command.
Rename parameters to link_target instead of oldname so this is clearer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13172
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
abbc9b9ab793d22bca6a37828f4375ef38c56dd3)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Wed Dec 13 14:19:59 CET 2017 on sn-devel-144
Jeremy Allison [Wed, 29 Nov 2017 21:10:25 +0000 (13:10 -0800)]
s3: client: Rename <oldname> to <link_target> in cmd_symlink() and cli_posix_symlink().
Stops us from mixing up the old and new names. Only behavior change
is correcting the names printed in the error messages.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13172
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
8448dcaa8da78bcb84fca6a000c75e256bce1e77)
Volker Lendecke [Tue, 12 Dec 2017 22:07:39 +0000 (23:07 +0100)]
pthreadpool: Fix deadlock
Christof's idea from
https://lists.samba.org/archive/samba-technical/2017-December/124384.html
was that the thread already exited. It could also be that the thread is
not yet idle when the new pthreadpool_add_jobs comes around the corner.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Wed Dec 13 04:46:12 CET 2017 on sn-devel-144
(cherry picked from commit
dfc4670640341761b346065922a62a3e755e9e58)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170
Christof Schmitt [Wed, 6 Dec 2017 22:10:23 +0000 (15:10 -0700)]
pthreadpool: Add test for pthread_create failure
This is implemented using cmocka and the __wrap override for
pthread_create.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170
Signed-off-by: Christof Schmitt <cs@samba.org
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Dec 8 13:54:20 CET 2017 on sn-devel-144
(cherry picked from commit
8cdb3995caf7a21d0c27a56a0bf0c1efd5b491e4)
Christof Schmitt [Thu, 7 Dec 2017 17:42:30 +0000 (10:42 -0700)]
wscript: Add check for --wrap linker flag
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
8e17be1c3df09c238560c8a7e62c17e9f9ff9bc7)
Christof Schmitt [Tue, 28 Nov 2017 17:59:06 +0000 (10:59 -0700)]
pthreadpool: Undo put_job when returning error
When an error is returned to the caller of pthreadpool_add_job, the job
should not be kept in the internal job array. Otherwise the caller might
free the data structure and a later worker thread would still reference
it.
When it is not possible to create a single worker thread, the system
might be out of resources or hitting a configured limit. In this case
fall back to calling the job function synchronously instead of raising
the error to the caller and possibly back to the SMB client.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
065fb5d94d25d19fc85832bb85aa9e379e8551cc)
Christof Schmitt [Tue, 28 Nov 2017 17:49:36 +0000 (10:49 -0700)]
pthreadpool: Move creating of thread to new function
No functional change, but this simplifies error handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
949ccc3ea9073a3d38bff28345f644d39177256f)
Amitay Isaacs [Mon, 20 Nov 2017 04:27:52 +0000 (15:27 +1100)]
ctdb-daemon: Send STARTUP control after startup event
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154
STARTUP control is primarily used to synchronise tcp tickles from running
nodes to a node which has just started up. Earlier STARTUP control was
sent (using BROADCAST_ALL) after setup event. Once the other nodes in
the cluster connected to this node, the queued up messages would be sent
and the tcp tickles would get synchronised.
Recent fix to drop messages to disconnected or not-yet-connected nodes,
the STARTUP control was never sent to the remote nodes and the tcp
tickles did not get synchronised.
To fix this problem send the STARTUP control (using BROADCAST_CONNECTED)
after startup event. By this time all the running nodes in the cluster
are connected.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Nov 30 15:29:48 CET 2017 on sn-devel-144
(cherry picked from commit
d7a5cd589b7b16d625dbc64dac21a1384519e32b)
Amitay Isaacs [Mon, 20 Nov 2017 04:37:39 +0000 (15:37 +1100)]
ctdb-takeover: Send tcp tickles immediately on STARTUP control
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
73e261b48c4abc91e00775ac7437752c9640e5bd)
Amitay Isaacs [Mon, 20 Nov 2017 04:17:15 +0000 (15:17 +1100)]
ctdb-takeover: Refactor code to send tickle lists for all public IPs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
2b253f6b1bc4e765f3fcb614a3b67b14084a625d)
Ralph Boehme [Sat, 28 Oct 2017 14:13:16 +0000 (16:13 +0200)]
vfs_zfsacl: fix compilation error
Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 2 03:16:11 CET 2017 on sn-devel-144
(cherry picked from commit
11da1e5c056c92fd7f51ecce0285628cac65f174)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Thu Dec 7 14:19:57 CET 2017 on sn-devel-144
Ralph Boehme [Mon, 27 Nov 2017 11:42:44 +0000 (12:42 +0100)]
winbindd: let normalize_name_map() call find_domain_from_name_noinit()
Let normalize_name_map fetch the domain itself with
find_domain_from_name_noinit().
This removes two calls to find_domain_from_name_noinit() in the default
configuration of "winbind normalize names = no". The domain is only need
in normalize_name_map if "winbind normalize names" is enabled.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13173
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
1ce165a73350e802500c32435dbefe3639340435)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Dec 5 14:48:41 CET 2017 on sn-devel-144
Jeremy Allison [Wed, 29 Nov 2017 17:21:30 +0000 (09:21 -0800)]
s3: libsmb: Fix valgrind read-after-free error in cli_smb2_close_fnum_recv().
cli_smb2_close_fnum_recv() uses tevent_req_simple_recv_ntstatus(req), which
frees req, then uses the state pointer which was owned by req.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13171
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 30 05:47:12 CET 2017 on sn-devel-144
(cherry picked from commit
5c8032b6b8ce4439b3ef8f43a62a419f081eb787)
Noel Power [Fri, 24 Nov 2017 07:06:27 +0000 (07:06 +0000)]
testprogs: Test net ads keytab list
Test that correct keytab is picked up.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13166
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
4be05c835e9d8b8f13856d592aaf42b40ce397c2)
Noel Power [Thu, 23 Nov 2017 15:55:21 +0000 (15:55 +0000)]
s3:libads: net ads keytab list fails with "Key table name malformed"
When keytab_name is NULL don't call smb_krb5_kt_open use ads_keytab_open
instead, this function will determine the correct keytab to use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13166
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
3048ae318fc8b4d1b7663826972306372430a463)
Ralph Boehme [Wed, 15 Nov 2017 15:52:48 +0000 (16:52 +0100)]
vfs_fruit: proper VFS-stackable conversion of FinderInfo
This fixes the problem that conversion failed with
fruit:metadata=stream. Before we were calling ad_set() which stores the
metadata in the Netatalk compatible format.
Rewrite to fully go through the VFS by calling SMB_VFS_CREATE_FILE() and
SMB_VFS_PWRITE().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 29 08:38:06 CET 2017 on sn-devel-144
(cherry picked from commit
1da17204344a99a3bfa289355a996027a21814b8)
Ralph Boehme [Wed, 15 Nov 2017 15:52:16 +0000 (16:52 +0100)]
vfs_fruit: add AfpInfo prototypes
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
84976cb670847f199598995d48bd9c3f3dd0f035)
Ralph Boehme [Fri, 17 Nov 2017 11:57:14 +0000 (12:57 +0100)]
s4/torture: fruit: in test_adouble_conversion() also check stream list and AFPINFO_STREAM
This reveals that the conversion doesn't work properly with
fruit:metadata=stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7b00b558761b6564928289efcf835e9b9cc86a89)
Ralph Boehme [Fri, 17 Nov 2017 11:53:42 +0000 (12:53 +0100)]
s4/torture: fruit: remove use of localdir from test_adouble_conversion test
The previous use of localdir and torture_setup_local_file() was
motivated by the fact that by default vfs_fruit rejects access to files
with a "._" prefix.
Since a previous commit allowed SMB access to ._ files, rewrite the
test_adouble_conversion() test to create the ._ AppleDouble file over
SMB.
This also renders torture_setup_local_file() obsolete.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
ebbffd80862d7d7b025eca219bc0c8f818585ac9)
Ralph Boehme [Fri, 17 Nov 2017 12:52:25 +0000 (13:52 +0100)]
selftest: add "fruit:veto_appledouble = no" to fruit shares
This is needed for a subsequent commit that modifies an existing test to
write a ._ file over SMB instead of using the ugly local creation hack.
SMB acces of ._ files requires "fruit:veto_appledouble = no", so let's
set it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
3f9b45a410384904d64bdd0d68ff2a5bc25bd3e9)
Ralph Boehme [Fri, 17 Nov 2017 07:13:10 +0000 (08:13 +0100)]
s4/torture: let write_stream() deal with stream=NULL
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
ac880848a905a3840b69af2cb1d842d307401a07)
Ralph Boehme [Wed, 15 Nov 2017 17:39:53 +0000 (18:39 +0100)]
selftest: run AppleDouble sidecar-file conversion test runs against all fruit shares
This needs for work in all possible fruit configs, so test it.
This currently fails with stream_depot, as we don't propely copy over
the resourcefork data from the ._ file to the stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
e28dd6a0ce753a880b2512eb62661411b20f763b)
Ralph Boehme [Fri, 17 Nov 2017 11:41:49 +0000 (12:41 +0100)]
s4/torture: use torture_assert_goto in a vfs.fruit test
No change in behavior.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9af9c5c073d88b126aebd4a2d7a1a1971527fbf4)
Ralph Boehme [Thu, 16 Nov 2017 06:58:34 +0000 (07:58 +0100)]
s4/torture: rework stream names tests usage of local xattr call
Previously this test, that tests for correct conversion of ':' in stream
names, only worked with streams_xattr with "fruit:metadata" set to
"netatalk".
In order to have test coverage for fruit shares with other configs,
split the test into two:
one test creates the stream over SMB and run against all shares, the
other one is the unmodified existing test and is only run against the
share with streams_xattr and fruit:metadata=netatalk.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
75a3c0f3b1f843ba9a7838aa7a1c311fc262f8c7)
Ralph Boehme [Wed, 15 Nov 2017 17:38:41 +0000 (18:38 +0100)]
selftest: add localdir option to fruit subtests
A subsequent commits modifies an existing tests that needs $localdir to
also run against "vfs_fruit_metadata_stream" and
"vfs_fruit_stream_depot". This reveals test failures, those will be
fixed in a subsequent commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
3c1bdafde6419c266941624f57cf768e57e2bd98)
Ralph Boehme [Wed, 15 Nov 2017 17:36:54 +0000 (18:36 +0100)]
selftest: reorder arguments for fruit tests
This just puts the auth option first matching the first test with the
"vfs_fruit" share directly above the modified lines.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
06542b2c4c000e5397f0990713de7f7bb67cc0bd)
Ralph Boehme [Tue, 21 Nov 2017 13:34:28 +0000 (14:34 +0100)]
s3/loadparm: don't mark IPC$ as autoloaded
A related problem that affects configuration for the hidden IPC$
share. This share is marked a "autoloaded" and such shares are not
reloaded when requested. That resulted in the tcon to IPC$ still using
encrpytion after running the following sequence of changes:
1. stop Samba
2. set [global] smb encrypt = required
3. start Samba
4. remove [global] smb encrypt = required
5. smbcontrol smbd reload-config
6a bin/smbclient -U slow%x //localhost/raw -c quit, or
6b bin/smbclient -U slow%x -mNT1 //localhost/raw -c ls
In 6a the client simply encrypted packets on the IPC$ tcon. In 6b the
client got a tcon failure with NT_STATUS_ACCESS_DENIED, but silently
ignore the error.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 28 02:02:37 CET 2017 on sn-devel-144
(cherry picked from commit
deaaff6843159f02bb15aeaf457f8af305e40164)
Ralph Boehme [Tue, 21 Nov 2017 13:28:48 +0000 (14:28 +0100)]
s3/loadparm: ensure default service options are not changed
Rename sDefault to _sDefault and make it const. sDefault is make a copy
of _sDefault in in the initialisation function lp_load_ex().
As we may end up in setup_lp_context() without going through
lp_load_ex(), sDefault may still be uninitialized at that point, so I'm
initializing lp_ctx->sDefault from _sDefault.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
ea4e6f95ae5c97e8570b8090ee7e7a577b49a8c3)
Ralph Boehme [Wed, 22 Nov 2017 10:49:57 +0000 (11:49 +0100)]
s3/loadparm: allocate a fresh sDefault object per lp_ctx
This is in preperation of preventing direct access to sDefault in all
places that currently modify it.
As currently s3/loadparm is afaict not accessing lp_ctx->sDefault, but
changes sDefault indirectly through lp_parm_ptr() this change is just a
safety measure to prevent future breakage.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
1fc103547023aa1c880713e5b65ec164acb58b54)
Timur I. Bakeyev [Wed, 29 Nov 2017 05:35:37 +0000 (06:35 +0100)]
Add vfs_zfsacl manpage to the list of manpages if we have this module enabled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12934
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit
8034b88d4e771663c4b7b581fb6b1992c33d5d96)
Timur I. Bakeyev [Wed, 29 Nov 2017 04:48:52 +0000 (05:48 +0100)]
Fix typo in the "wide links" description for the getwd cache.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12934
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit
e9e4cd4d2b6ae376cba90fdb56b9c9684f2dc492)
Andreas Schneider [Fri, 10 Nov 2017 08:18:18 +0000 (09:18 +0100)]
s4:samba: Allow samba daemon to run in foreground
We are passing the no_process_group to become_daemon() that setsid() is
not called. In case we are double forking, we run in SysV daemon mode,
setsid() should be called!
See:
https://www.freedesktop.org/software/systemd/man/daemon.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13129
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
8736013dc42c5755b75bbb2e843a290bcd545909)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Thu Nov 30 14:11:02 CET 2017 on sn-devel-144
Andreas Schneider [Wed, 15 Nov 2017 09:00:52 +0000 (10:00 +0100)]
s4:samba: Do not segfault if we run into issues
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
bfafabfb942668328401a3c89fc55b50dc56c209)
Gary Lockyer [Mon, 21 Aug 2017 03:12:04 +0000 (15:12 +1200)]
s4/smbd: set the process group.
Set the process group in the samba daemon, the --no-process-group option
allows this to be disabled. The no-process-group option needs to be
disabled in self test.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Sep 18 04:39:50 CEST 2017 on sn-devel-144
Andrej Gessel [Thu, 19 Oct 2017 15:16:37 +0000 (17:16 +0200)]
repl_meta_data: Fix removing of backlink on deleted objects
USER is memberOf GROUP and they both were deleted on W2K8R2 AD. Domain join ends
with error below.
Failed to apply records: ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:421
8: Failed to remove backlink of memberOf when deleting CN=USER\0ADEL:
a1f2a2cc-1
179-4734-b753-
c121ed02a34c,CN=Deleted Objects,DC=samdom,DC=intern: dsdb_module_
search_dn: did not find base dn CN=GROUP\0ADEL:
030d0be1-3ada-4b93-8371-
927f2092
3116,CN=Deleted Objects,DC=samdom,DC=intern (0 results): Operations error
Failed to commit objects: WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13120
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
40bd7e145a68c9a58d6bc3c5526a12fdf0027729)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Wed Nov 29 13:43:37 CET 2017 on sn-devel-144
Andrew Bartlett [Tue, 31 Oct 2017 19:22:22 +0000 (08:22 +1300)]
repl_meta_data: Allow delete of an object with dangling backlinks
This should not happen, but stopping all replication because of it is a pain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 24 19:53:50 CET 2017 on sn-devel-144
(cherry picked from commit
6cf7abbcfdad84fee57852862ebe44aa6115ca25)
Andrew Bartlett [Tue, 31 Oct 2017 20:02:01 +0000 (09:02 +1300)]
selftest: Add more corruption cases for runtime and dbcheck
These tests now confirm we can handle these issues at runtime
as well as at dbcheck
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
4815efc0e3f89079e7c9b868b7514ea7c49a807c)
Stefan Metzmacher [Thu, 26 Oct 2017 12:42:23 +0000 (14:42 +0200)]
selftest: add dbcheck tests for duplicate links
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
70bf809e0cdf84029022ca95fb83d17a0d6e36c0)
Stefan Metzmacher [Fri, 27 Oct 2017 08:21:26 +0000 (10:21 +0200)]
dbcheck: detect and fix duplicate links
Check with git show -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
239fbeb163c24b0f08e1bd9d8f7a9f73443d4b90)
Stefan Metzmacher [Fri, 27 Oct 2017 08:21:26 +0000 (10:21 +0200)]
dbcheck: only calculate linked attribute helper variables once in check_dn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
9a631560c9358e4f28b96fecf23a545e1d04098c)
Stefan Metzmacher [Thu, 26 Oct 2017 14:30:28 +0000 (16:30 +0200)]
dbcheck: remove indentation level
Check with git show -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
eb6bd6511a98dafebaa0d3951fe78c77acf13e3a)
Stefan Metzmacher [Thu, 26 Oct 2017 05:47:48 +0000 (07:47 +0200)]
dsdb:extended_dn_store: implement DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS control
This will be used by dbcheck to fix duplicate link values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
83aa22260bd39ad0e6aab7764f9a7fc915d02a4b)
Stefan Metzmacher [Wed, 25 Oct 2017 14:48:44 +0000 (16:48 +0200)]
dsdb:repl_meta_data: implement DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS control
This will be used by dbcheck to fix duplicate link values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
9a1e23a1f67c38248e41e0d3aa2af8a682477364)
Stefan Metzmacher [Wed, 25 Oct 2017 14:47:36 +0000 (16:47 +0200)]
s4:dsdb: allocate DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS oid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
1eb8d8ec5a62baf1b8e3c7cb1856787de4a3ccb2)
Stefan Metzmacher [Wed, 25 Oct 2017 14:26:16 +0000 (16:26 +0200)]
s4:schema_samba4: mark DSDB_CONTROL_INVALID_NOT_IMPLEMENTED 1.3.6.1.4.1.7165.4.3.32 as allocated
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
126d28d0b58740a8abd4137562dda685a57449bb)
Andrew Bartlett [Mon, 30 Oct 2017 22:20:34 +0000 (11:20 +1300)]
selftest: Additional check for a backlink pointing at a deleted object
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
a784cc3a7f2043a5762d426e904a90e44b101ecd)
Andrew Bartlett [Mon, 30 Oct 2017 19:23:39 +0000 (08:23 +1300)]
selftest: Split out creation of complex (often invalid) links
This will allow us to test other run-time behaviour with broken
databases.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
25ae8d72d66cbe7342b50254ede7e5890bc23b73)
Andrew Bartlett [Mon, 30 Oct 2017 19:21:15 +0000 (08:21 +1300)]
selftest: Split out dbcheck runs from dangling_multi_valued test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
b99d2ee122991d0bf1742fa5665656bbbba44057)
Andrew Bartlett [Mon, 30 Oct 2017 02:29:36 +0000 (15:29 +1300)]
selftest: add more dbcheck tests
This validates some more combinations and ensures that the changes
in
962a1b32201fce0a49c6be55943d4fbb57ed781e are tested.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
7be38c605468786894a373e15068b8017323da78)
Andrew Bartlett [Sun, 29 Oct 2017 21:51:35 +0000 (10:51 +1300)]
dbcheck: Use the GUID as the DN to fix replPropertyMetaData
This allows this to still work after an object is renamed under the deleted objects container.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
527f2c95cfe24d29fa34ed19db3b073781d96d9a)
Andrew Bartlett [Sun, 29 Oct 2017 20:48:43 +0000 (09:48 +1300)]
dbcheck: Clarify error count bumping in deleted/gone DN handling
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
3b111fbdbed99d5d90c1120243200baae9867534)
Andrew Bartlett [Fri, 25 Aug 2017 05:37:05 +0000 (17:37 +1200)]
selftest: sort dbcheck output to avoid sort order impacting results
The GUID index code will change the returned results order
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
da575f01313673fedfc7d15ec11ba6818dbd30d8)
Andrew Bartlett [Tue, 17 Oct 2017 10:01:51 +0000 (23:01 +1300)]
dbcheck: Allow removal of one-way links to missing objects
If dbcheck is not run within the tombstone lifetime, these links can
persist in the database forever. The risk of unintentional information loss
is why these links are only removed within the same partition. A
replication may be in progress which has created only one end of
the link, so we must keep that.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Rowland Penny <rpenny@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 19 00:50:19 CEST 2017 on sn-devel-144
(cherry picked from commit
962a1b32201fce0a49c6be55943d4fbb57ed781e)
Andreas Schneider [Fri, 10 Nov 2017 08:32:27 +0000 (09:32 +0100)]
systemd: Start processes in forground and without a process group
We should not double fork in notify mode or systemd think something
during startup will be wrong and send SIGTERM to the process. So
sometimes the daemon will not start up correctly.
systemd will also handle the process group.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13129
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
8b6f58194da7e849cdb9d20712dff49b17a93a77)
Stefan Metzmacher [Thu, 16 Nov 2017 21:09:20 +0000 (21:09 +0000)]
libnet_join: fix "net rpc oldjoin"
We need to open the ncacn_np (smb) transport connection with
anonymous credentials.
In order to do netr_ServerPasswordSet*() we need to
establish a 2nd netlogon connection using dcerpc schannel
authentication.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13149
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(similar to commit
d27f38d35bf111a5c0a898a5ef8b7dd0b320da0d)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Nov 28 14:47:32 CET 2017 on sn-devel-144
Stefan Metzmacher [Fri, 17 Nov 2017 14:51:36 +0000 (15:51 +0100)]
s3:selftest: add samba3.blackbox.net_rpc_oldjoin test
This demonstrates that "net rpc oldjoin" is currently broken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13149
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9466796c87cc4ca8d32da553421cd8ecef1bb8e4)
Niels de Vos [Tue, 31 Oct 2017 14:52:49 +0000 (15:52 +0100)]
vfs_glusterfs: include glusterfs/api/glfs.h without relying on -I options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13125
The glfs.h header file has always resided under glusterfs/api/ in the
standard include directory. The glusterfs-api.pc file adds the unneeded
-I${includedir}/glusterfs compiler option. This option will be removed
from future versions of the pkg-config file.
This change can safely be backported to older versions if there is a
need to have them build against glusterfs-3.13 or newer.
URL: https://review.gluster.org/18576
CC: Andrea Bolognani <abologna@redhat.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Nov 9 22:37:30 CET 2017 on sn-devel-144
(cherry picked from commit
732ba3c84a2d40040550ea36b0478dd6af9a173a)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Fri Nov 24 16:23:43 CET 2017 on sn-devel-144
Amitay Isaacs [Fri, 10 Nov 2017 01:18:01 +0000 (12:18 +1100)]
ctdb-common: Call missing tevent_wakeup_recv() in sock_daemon
https://bugzilla.samba.org/show_bug.cgi?id=13153
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
49308f7f22f3d6fa05cc81fdef3db020e503fa9f)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Wed Nov 22 16:57:01 CET 2017 on sn-devel-144
Amitay Isaacs [Thu, 19 Oct 2017 03:58:18 +0000 (14:58 +1100)]
ctdb-daemon: Allocate deferred calls off calling context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13152
This makes sure that if a client disconnects, all the deferred calls
from the client are correctly freed.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
848f2425984667c243ccac847b8f48a66ce10178)
Volker Lendecke [Fri, 17 Nov 2017 10:47:37 +0000 (11:47 +0100)]
winbind: Remove winbind_messaging_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Nov 18 04:07:24 CET 2017 on sn-devel-144
(cherry picked from commit
050ca45dc7fc5bbab6e1c60b919ac0b1e9661e27)
Volker Lendecke [Fri, 17 Nov 2017 10:42:34 +0000 (11:42 +0100)]
winbind: winbind_messaging_context -> server_messaging_context
Don't use winbind_messaging_context anymore.
This fixes a bug analysed by Peter Somogyi <PSOMOGYI@hu.ibm.com>: If a
parent winbind forks, it only called reinit_after_fork on
winbind_messaging_context. On the other hand, deep in dbwrap_open we use
server_messaging_context(). This is not reinitialized by
winbind_reinit_after fork, so the parent and child share a ctdb
connection. This is invalid, because replies from ctdb end up in the
wrong process.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
d8a01d09c13728f36107f6eb94ecb7653706a4db)
Volker Lendecke [Fri, 17 Nov 2017 10:37:30 +0000 (11:37 +0100)]
winbind: Remove winbind_event_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
e1f12acc13a3cc004518ac3460c6000ea0b95115)
Volker Lendecke [Fri, 17 Nov 2017 10:35:19 +0000 (11:35 +0100)]
winbind: Replace winbind_event_context with server_event_context
There's no point in having two global event contexts
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7e83d1489406cd53d72097e40bf02295c88ea61e)
Jeremy Allison [Tue, 14 Nov 2017 23:54:19 +0000 (15:54 -0800)]
s3: smbclient: tests: Test "volume" command over SMB1 and SMB2+.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13140
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 15 19:50:54 CET 2017 on sn-devel-144
(cherry picked from commit
f8cd211acc3824e01d89a6f8b6666c39aa5cd54e)
Jeremy Allison [Tue, 14 Nov 2017 23:42:14 +0000 (15:42 -0800)]
s3: smbclient: Implement "volume" command over SMB2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13140
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
aaa52ab7b5ae711b80e3967ab1ecc91888c346f6)
Karolin Seeger [Wed, 22 Nov 2017 08:08:06 +0000 (09:08 +0100)]
VERSION: Bump version up to 4.7.4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 22 Nov 2017 08:07:45 +0000 (09:07 +0100)]
Merge tag 'samba-4.7.3' into v4-7-test
samba: tag release samba-4.7.3
Jeremy Allison [Tue, 14 Nov 2017 21:52:03 +0000 (13:52 -0800)]
s3: libsmb: smbc_statvfs is missing the supporting SMB2 calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13138
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
eefc7a27155b70d027b1193187dd435267d863ea)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Mon Nov 20 17:19:21 CET 2017 on sn-devel-144
Jeremy Allison [Fri, 8 Sep 2017 23:20:34 +0000 (16:20 -0700)]
libsmbclient: Allow server (NetApp) to return STATUS_INVALID_PARAMETER from an echo.
It does this if we send a session ID of zero. The server still replied.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13007
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Nov 11 08:44:37 CET 2017 on sn-devel-144
(cherry picked from commit
a0f6ea8dec1ab3d19bc93da12a9b0a1c0ccf6142)
Karolin Seeger [Mon, 20 Nov 2017 11:16:01 +0000 (12:16 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.7.3 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Mon, 20 Nov 2017 11:15:26 +0000 (12:15 +0100)]
WHATSNEW: Add release notes for Samba 4.7.3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Jeremy Allison [Wed, 20 Sep 2017 18:04:50 +0000 (11:04 -0700)]
s3: smbd: Chain code can return uninitialized memory when talloc buffer is grown.
Ensure we zero out unused grown area.
CVE-2017-15275
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13077
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 19 Sep 2017 23:11:33 +0000 (16:11 -0700)]
s3: smbd: Fix SMB1 use-after-free crash bug. CVE-2017-14746
When setting up the chain, always use 'next->' variables
not the 'req->' one.
Bug discovered by 连一汉 <lianyihan@360.cn>
CVE-2017-14746
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13041
Signed-off-by: Jeremy Allison <jra@samba.org>
Karolin Seeger [Tue, 14 Nov 2017 12:24:15 +0000 (13:24 +0100)]
VERSION: Bump version up to 4.7.3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 14 Nov 2017 12:23:27 +0000 (13:23 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.7.2 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 14 Nov 2017 12:22:52 +0000 (13:22 +0100)]
WHATSNEW: Add release notes for Samba 4.7.2.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Jeremy Allison [Thu, 9 Nov 2017 17:59:23 +0000 (09:59 -0800)]
s4: torture: kernel oplocks. Add smb2.kernel-oplocks.kernel_oplocks8
Test if the server blocks whilst waiting on a kernel lease held by
a non-smbd process.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13121
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Nov 11 20:12:26 CET 2017 on sn-devel-144
(cherry picked from commit
ad82557e1355107920ae80fd6a0df0f16d1bdb6c)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Nov 14 16:59:15 CET 2017 on sn-devel-144
Jeremy Allison [Thu, 9 Nov 2017 20:48:15 +0000 (12:48 -0800)]
s3: smbd: kernel oplocks. Replace retry_open() with setup_kernel_oplock_poll_open().
If a O_NONBLOCK open fails with EWOULDBLOCK, this code changes smbd to
do a retry open every second, until either the timeout or we get a successful
open. If we're opening a file that has a kernel lease set by a non-smbd
process, this is the best we can do.
Prior to this, smbd would block on the second open on such a leased file
(not using O_NONBLOCK) which freezes active clients.
Regression test to follow.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13121
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
47c13fc10a2c9709e9511b2ffcf0e1004497887d)
Joe Guo [Fri, 15 Sep 2017 04:13:26 +0000 (16:13 +1200)]
python: use communicate to fix Popen deadlock
`Popen.wait()` will deadlock when using stdout=PIPE and/or stderr=PIPE and the
child process generates large output to a pipe such that it blocks waiting for
the OS pipe buffer to accept more data. Use communicate() to avoid that.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 19 09:27:16 CEST 2017 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13127
(cherry picked from commit
5dc773a5b00834c7a53130a73a48f49048bd55e8)
Gary Lockyer [Wed, 16 Aug 2017 01:52:25 +0000 (13:52 +1200)]
blackbox tests: method to check specific exit codes
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit
74ebcf6dfc84b6aab6838fa99e12808eb6b913d9)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13127
Stefan Metzmacher [Mon, 13 Nov 2017 10:05:04 +0000 (11:05 +0100)]
tevent: version 0.9.34
* Remove unused select backend
* Fix a race condition in tevent_threaded_schedule_immediate()
(bug #13130)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 13 18:02:46 CET 2017 on sn-devel-144
(cherry picked from commit
2e573eead96b2e98dd8a15c9c8e470679e530392)
Jeremy Allison [Tue, 12 Sep 2017 19:08:38 +0000 (12:08 -0700)]
lib: tevent: Remove select backend.
select() is no longer useful on modern systems.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Sep 16 08:35:39 CEST 2017 on sn-devel-144
(cherry picked from commit
2a003b1a576dcbbba0d60bae90427776a5c27867)
Volker Lendecke [Fri, 10 Nov 2017 20:22:26 +0000 (21:22 +0100)]
tevent: Fix a race condition
We can't rely on tctx to exist after we unlocked the mutex. It took a
while, but this does lead to data corruption. If *tctx is replaced with
something where tctx->wakeup_fd points to a real, existing file
descriptor, we're screwed. And by screwed, this means file corruption
on disk.
Again. I am not tall enough for this business.
http://bholley.net/blog/2015/must-be-this-tall-to-write-multi-threaded-code.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13130
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Nov 11 03:20:09 CET 2017 on sn-devel-144
(cherry picked from commit
20cfcb7dbc5dd099384b76a76e3d35cf627100b6)
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Mon Nov 13 13:54:56 CET 2017 on sn-devel-144
Ralph Wuerthner [Fri, 27 Oct 2017 12:59:32 +0000 (14:59 +0200)]
s4: torture: Add smb2 FIND_and_set_DOC test case.
Regression tests doing an SMB2_find followed by
a set delete on close and then close on a directory.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13118
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Nov 5 12:31:12 CET 2017 on sn-devel-144
(cherry picked from commit
44c018bdcc2d81aaf667d11c0c8fae209419ddd7)
Ralph Wuerthner [Fri, 3 Nov 2017 22:33:28 +0000 (22:33 +0000)]
s3: smbd: Fix delete-on-close after smb2_find
Both dptr_create() and can_delete_directory_fsp() are calling OpenDir_fsp()
to get a directory handle. This causes an issue when delete-on-close is
set after smb2_find because both directory handle instances share the same
underlying file descriptor. In addition the SMB_ASSERT() in destructor
smb_Dir_destructor() gets triggered.
To avoid this use OpenDir() instead of OpenDir_fsp().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13118
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
c9e996d78df3ce326a5c13f8f4f1426918769ceb)
Jeremy Allison [Fri, 3 Nov 2017 19:02:17 +0000 (12:02 -0700)]
s4: torture: kernel_oplocks. Create a regression test case for bug #13058.
It implements the following test case:
1. client of smbd-1 opens the file and sets the oplock.
2. client of smbd-2 tries to open the file. open() fails(EAGAIN) and open is deferred.
3. client of smbd-1 sends oplock break request to the client.
4. client of smbd-1 closes the file.
5. client of smbd-1 opens the file and sets the oplock.
6. client of smbd-2 calls defer_open_done(), sees that the file lease was not changed
and does not reschedule open.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13058
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
(cherry picked from commit
15597a95ecd2d1c2b7edce4942d489c95796951f)