Michael Adam [Tue, 29 Apr 2014 11:31:42 +0000 (13:31 +0200)]
s4:samr: allow builtin groups for samr_OpenGroup.
This fixes nsswitch getgrgid for builtins.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 28 Apr 2014 16:06:19 +0000 (18:06 +0200)]
Revert "autorid: Add allocation from above in alloc range for well known sids"
This reverts commit
2372bd7d0ce6bfe2ce2cc64c1b368b6cc876c70d.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 28 Apr 2014 16:05:30 +0000 (18:05 +0200)]
Revert "autorid: reserve 500 IDs at the top of the ALLOC range."
This reverts commit
a1adc881cf28643d1936b43c51e9a8839fc914d1.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 28 Apr 2014 16:07:22 +0000 (18:07 +0200)]
Revert "autorid: add high_id to range config and fill it where we also fill range->low_id."
This reverts commit
0df8988c086fb4d4ea4f683f3a2d399fd6e59f82.
Signed-off-by: Michael Adam <obnox@samba.org>
Andrew Bartlett [Fri, 28 Mar 2014 01:35:21 +0000 (14:35 +1300)]
winbind: Allow winbindd to be run from inside "samba"
Change-Id: I6b90a9b62ba5821e0feedb23cd20642078ba0ca6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Apr 29 05:28:39 CEST 2014 on sn-devel-104
Andrew Bartlett [Thu, 17 Apr 2014 10:35:33 +0000 (22:35 +1200)]
kerberos: Remove un-used event context argument from smb_krb5_init_context()
The event context here was only specified in the server or admin-tool
context, which does not do network communication, so this only caused
a talloc_reference() and never any useful result.
The actual network communication code sets an event context directly
before making the network call.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104
Andrew Bartlett [Thu, 17 Apr 2014 09:48:30 +0000 (21:48 +1200)]
dsdb: Specify no event context to smb_krb5_init_context() in dsdb
These routines parse principals and generate keys only, no network
communication is done.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Fri, 11 Apr 2014 17:14:41 +0000 (19:14 +0200)]
autorid: Add allocation from above in alloc range for well known sids
This way, we achieve a better determinism for the id mappings
of the well knowns without wasting a separate range.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Apr 25 17:52:10 CEST 2014 on sn-devel-104
Michael Adam [Thu, 24 Apr 2014 11:34:40 +0000 (13:34 +0200)]
autorid: use dbwrap_trans_do() in idmap_autorid_sid_to_id_alloc()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 19:31:48 +0000 (21:31 +0200)]
autorid: add high_id to range config and fill it where we also fill range->low_id.
This corresponds to low_id for convenience and allows
for computations without going back to the global config.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 7 Apr 2014 15:24:31 +0000 (17:24 +0200)]
autorid: reserve 500 IDs at the top of the ALLOC range.
The wellknowns are now allocated into this sub-range.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 19:06:26 +0000 (21:06 +0200)]
autorid: reverse order of arguments of idmap_autorid_sid_to_id_alloc()
for consistency
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 16:56:21 +0000 (18:56 +0200)]
autorid: introduce idmap_autorid_domsid_is_for_alloc()
Currently, this checks if the sid is a wellknown domain sid.
But the code reads more nicely and more domains might be added
in the future.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 16:43:58 +0000 (18:43 +0200)]
autorid: factor idmap_autorid_sid_to_id() out of idmap_autorid_sids_to_unixids()
- reduces indentation
- unifies error code paths and bumping counters
- makes the code more easy to read
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 16:25:44 +0000 (18:25 +0200)]
autorid: make the checks for bumping num_mapped identical for alloc and rid case
in idmap_autorid_sids_to_unixids()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 16:20:56 +0000 (18:20 +0200)]
autorid: explicitly return NTSTATUS_OK in idmap_autorid_sid_to_id_alloc().
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 16:20:01 +0000 (18:20 +0200)]
autorid: more explicitly and reasonably set map->state in idmap_autorid_sid_to_id_alloc
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 15:56:37 +0000 (17:56 +0200)]
autorid: rename idmap_autorid_sid_to_id() -> idmap_autorid_sid_to_id_rid()
For consistency. This is the function that does the calculation
if the sid is treated by a rid range.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 10 Apr 2014 16:33:20 +0000 (18:33 +0200)]
autorid: rename idmap_autorid_map_sid_to_id() -> idmap_autorid_sid_to_id_alloc()
for consistency. this is the sid->id function for the alloc range.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 10 Apr 2014 16:20:23 +0000 (18:20 +0200)]
autorid: rename idmap_autorid_map_id_to_sid() -> idmap_autorid_id_to_sid_alloc()
for consistency. This is the function that maps id to sid
for the alloc range.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 17 Mar 2014 11:49:59 +0000 (12:49 +0100)]
autorid: factor idmap_autorid_get_alloc_range() out of idmap_autorid_allocate_id()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 19:42:43 +0000 (21:42 +0200)]
autorid: fix discard-const warning in idmap_autorid_init_hwm()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 23 Apr 2014 16:19:09 +0000 (18:19 +0200)]
autorid: fix uninitialized return code for successful autorid.tdb creation/opening
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 17 Mar 2014 11:49:19 +0000 (12:49 +0100)]
autorid: improve a debug message in idmap_autorid_map_sid_to_id()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 17 Mar 2014 11:43:12 +0000 (12:43 +0100)]
autorid: add debug messages to idmap_autorid_get_domainrange()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 17 Mar 2014 11:42:41 +0000 (12:42 +0100)]
autorid: improve wording in a debug message
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 18:59:52 +0000 (20:59 +0200)]
autorid: remove a legacy comment from sid_to_id
With the introduction of the ID_TYPE_BOTH mapping
to idmap_autorid, it is not a deficiency but a
virtue of the autorid backend that it does not
care about the existence or type of the
sid to be mapped.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 19:03:06 +0000 (21:03 +0200)]
idmap_rid: remove a legacy comment from sid_to_id
With the introduction of the ID_TYPE_BOTH mapping
to idmap_rid, it is not a deficiency but a
virtue of the rid backend that it does not
care about the existence or type of the
sid to be mapped.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 11 Apr 2014 21:52:20 +0000 (23:52 +0200)]
idmap_tdb_common: remove legacy comment.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Thu, 24 Apr 2014 15:18:34 +0000 (17:18 +0200)]
idmap_tdb_common: fix a debug message in idmap_tdb_common_set_mapping()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 23 Apr 2014 19:52:07 +0000 (21:52 +0200)]
idmap_tdb_common: fix a debug message in idmap_tdb_common_unixid_to_sid()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 17 Apr 2014 12:25:48 +0000 (14:25 +0200)]
s3-rpc_server: Remove ncalrpc_as_system from make_server_pipes_struct().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 24 13:39:10 CEST 2014 on sn-devel-104
Andreas Schneider [Thu, 17 Apr 2014 12:22:17 +0000 (14:22 +0200)]
s3-rpc_server: Remove ncalrpc_as_system from pipes_struct.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 17 Apr 2014 11:46:07 +0000 (13:46 +0200)]
s3-rpc_server: Use gensec for NCALRPC_AS_SYSTEM.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 17 Apr 2014 09:00:54 +0000 (11:00 +0200)]
s3-rpc_server: Add special tsocket address for ncalrpc_as_system.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 12:45:45 +0000 (14:45 +0200)]
s3:rpc_client: Use gensec for NCALRPC_AS_SYSTEM.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Thu, 17 Apr 2014 10:02:45 +0000 (12:02 +0200)]
s3-auth: Register ncalrpc_as_system gensec module.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 16 Apr 2014 13:21:40 +0000 (15:21 +0200)]
gensec: add DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM backend
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 11:07:15 +0000 (13:07 +0200)]
s3:rpc_server: pass everything but AUTH_TYPE_{NONE,NCALRPC_AS_SYSTEM} to gensec
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 23 Apr 2014 08:42:12 +0000 (10:42 +0200)]
s3-rpc_server: Call pipe_auth_verify_final() if needed.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 23 Apr 2014 08:40:27 +0000 (10:40 +0200)]
s3-rpc_server: Return the status code from gensec.
We need to know the difference between NT_STATUS_OK
and NT_STATUS_MORE_PROCESSING_REQUIRED.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 11:02:35 +0000 (13:02 +0200)]
s3:rpc_server: let auth_generic_server_step() handle gensec_security == NULL
This simplifies the caller, we don't need to look at the auth_type anymore.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 16:13:04 +0000 (18:13 +0200)]
s3:rpc_server: make sure we have a unix token
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 11:01:00 +0000 (13:01 +0200)]
s3:rpc_server: handle everything but AUTH_TYPE_NONE as gensec in verify_final
The NCALRPC_AS_SYSTEM doesn't use pipe_auth_verify_final() yet,
so it's fine for now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 12:35:15 +0000 (14:35 +0200)]
s3:rpc_client: pass everything to gensec by default
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 16:59:52 +0000 (18:59 +0200)]
auth/gensec: use auth_ctx->generate_session_info() for schannel
This way we generate a correct session info for the s3 rpc_server,
including a unix token.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 23 Apr 2014 17:00:26 +0000 (19:00 +0200)]
s3:auth: allow special SYSTEM and ANONYMOUS handling in auth3_generate_session_info()
auth_ctx->generate_session_info() will be used by the SCHANNEL and
NCALRPC_AS_SYSTEM gensec modules in future.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 22 Apr 2014 23:07:18 +0000 (16:07 -0700)]
s3: torture - Fix racy assumption in original messaging test.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 24 00:50:55 CEST 2014 on sn-devel-104
Jeremy Allison [Tue, 22 Apr 2014 22:55:53 +0000 (15:55 -0700)]
s3: torture - Add required talloc frame for msgtest.c
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>
Jeremy Allison [Fri, 18 Apr 2014 22:09:28 +0000 (15:09 -0700)]
s3: winbindd: Call dgram cleanup init background setup.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Jeremy Allison [Fri, 18 Apr 2014 22:08:19 +0000 (15:08 -0700)]
s3: nmbd: Call dgram cleanup init background setup.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Jeremy Allison [Fri, 18 Apr 2014 22:06:05 +0000 (15:06 -0700)]
s3: smbd: Call dgram cleanup init background setup.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Fri, 11 Apr 2014 11:08:56 +0000 (11:08 +0000)]
s3: messaging: Add infrastructure to clean up orphaned sockets every 15 minutes as a background task.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 18 Apr 2014 21:47:39 +0000 (14:47 -0700)]
s3 : build system : Move lib/background.c from smbd_base to samba3core.
Allows background jobs to be run from winbindd and nmbd.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Fri, 11 Apr 2014 11:07:10 +0000 (11:07 +0000)]
smbd: Call the msg_ctx destructor for background jobs
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 10 Apr 2014 20:09:04 +0000 (22:09 +0200)]
smbcontrol: Add dgm-cleanup command
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 10 Apr 2014 20:07:11 +0000 (22:07 +0200)]
messaging_dgm: Add messaging_dgm_wipe
This walks all sockets and wipes the left-overs
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 11 Apr 2014 07:13:10 +0000 (09:13 +0200)]
smbd: Always clean up the child's msg_ctx
This is a bit lazy programming, we could and possibly should do this in
exit_server() in the child. But this way we make sure the cleanup works. If it
only was executed for unclean exits, we might not detect failure of this code
in the parent.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 11 Apr 2014 07:12:46 +0000 (09:12 +0200)]
smbcontrol: Clean up the msg_ctx
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 11 Apr 2014 07:09:49 +0000 (09:09 +0200)]
printing_cups: Call the msg_ctx destructor on exit
With the new messaging, if we don't do this, we'll leave sockets around. I'm
sure we will not catch everything, so a periodic cleanup will be required.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 4 Apr 2014 19:12:06 +0000 (21:12 +0200)]
smbd: Sort notify events by timestamp
This will fix the raw.notify test with the new messaging system. With the new
messaging system messages come in via yet another fd that has to line up in
poll next to the incoming client TCP socket. With the signal-based messaging
messages were always handled before client requests. The new scheme means that
notify messages might be deferred a bit (something which can happen in a
cluster already now), which then means that notify_marshall_changes() will
coalesce entries, which in turn makes raw.notify unhappy.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 4 Apr 2014 19:01:01 +0000 (21:01 +0200)]
smbd: Pass on a timestamp in MSG_PVFS_NOTIFY
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 25 Feb 2014 12:15:58 +0000 (12:15 +0000)]
messaging3: Add messaging_send_iov
This uses a copy, will be replaced by a direct iovec call through to
sendmsg on the unix domain socket
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 2 Mar 2014 18:33:08 +0000 (19:33 +0100)]
lib: Add iov_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 2 Mar 2014 17:34:53 +0000 (18:34 +0100)]
lib: Introduce iov_buflen
.. with overflow protection
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 4 Apr 2014 15:11:51 +0000 (15:11 +0000)]
smbd: Pass timespec_current through the notify_callback
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 4 Apr 2014 15:03:44 +0000 (15:03 +0000)]
smbd: Pass timespec_current to notify_fsp
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 4 Apr 2014 15:00:16 +0000 (15:00 +0000)]
smbd: Add a timestamp to queued notify events
In a cluster and with changed messaging it can happen that messages are
scheduled after new SMB requests. This re-ordering breaks a few notify tests.
This starts the infrastructure to add timestamps to notify events, so that they
can be sorted before they are sent out. The timestamp will be the current local
time of notify_fname, that's all we can do.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 24 Feb 2014 13:20:16 +0000 (13:20 +0000)]
lib: Remove messages_local
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 24 Feb 2014 12:23:49 +0000 (12:23 +0000)]
lib: Add messaging_dgm
Messaging based on unix domain datagram sockets
This makes every process participating in messaging bind on a unix domain
datagram socket, similar to the source4 based messaging. The details are a bit
different though:
Retry after EWOULDBLOCK is done with a blocking thread, not by polling. This
was the only way I could in experiments avoid a thundering herd or high load
under Linux in extreme overload situations like many thousands of processes
sending to one blocked process. If there are better ideas to do this in a
simple way, I'm more than happy to remove the pthreadpool dependency again.
There is only one socket per process, not per task. I don't think that per-task
sockets are really necessary, we can do filtering in user space. The message
contains the destination server_id, which contains the destination task_id. I
think we can rebase the source4 based imessaging on top of this, allowing
multiple imessaging contexts on top of one messaging_context. I had planned to
do this conversion before this goes in, but Jeremy convinced me that this has
value in itself :-)
Per socket we also create a fcntl-based lockfile to allow race-free cleanup of
orphaned sockets. This lockfile contains the unique_id, which in the future
will make the server_id.tdb obsolete.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 29 Dec 2013 12:56:44 +0000 (13:56 +0100)]
lib: Move full_path_tos to util_str.c
This can be useful elsewhere
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 24 Feb 2014 11:48:16 +0000 (11:48 +0000)]
lib: Add unix_msg
This is a messaging layer based on unix domain datagram sockets.
Sending to an idle socket is just one single nonblocking sendmsg call. If the
recv queue is full, we start a background thread to do a blocking call. The
source4 based imessaging uses a polling fallback. In a situation where
thousands of senders beat one single blocked socket, this will generate load on
the system due to the constant polling. This does not happen with a threaded
blocking send call.
The threaded approach has another advantage: We save become_root() calls on the
retries. The access checks are done when the blocking socket is connected, the
threaded blocking send call does not check permissions anymore.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 24 Feb 2014 11:43:51 +0000 (11:43 +0000)]
lib: Add poll_funcs
This is an abstraction for a tevent loop. It will be used in low-level
messaging with the goal to make low-leve our low-level messaging routines
usable also for other projects which are not based on tevent.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Amitay Isaacs [Tue, 22 Apr 2014 05:24:49 +0000 (15:24 +1000)]
ctdb-recoverd: Detach database from recovery daemon
As part of vacuuming, recoverd attaches to databases to migrate records.
When detaching a database from main daemon, it should be removed from
recovery daemon also.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Apr 23 17:05:45 CEST 2014 on sn-devel-104
Amitay Isaacs [Tue, 22 Apr 2014 02:19:08 +0000 (12:19 +1000)]
ctdb-tests: Add test for re-attaching detached database
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Wed, 23 Apr 2014 01:44:20 +0000 (11:44 +1000)]
ctdb-tools/ctdb: Unlock records before closing tdb database
Now freeing ctdb_db context will close the tdb database. So make sure
all the locks are released (by freeing record handles or memory context
from which record handles are allocated) before freeing ctdb_db context.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Tue, 22 Apr 2014 05:07:33 +0000 (15:07 +1000)]
ctdb-client: Talloc tdb_wrap off ctdb_db_context
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Sun, 20 Apr 2014 10:52:03 +0000 (20:52 +1000)]
ctdb-daemon: Talloc tdb_wrap off ctdb_db_context
This will ensure that when ctdb_db is freed, it will close the tdb
database.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Tue, 15 Apr 2014 03:53:09 +0000 (13:53 +1000)]
ctdb-tests: Update "ctdb detach" test
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Tue, 15 Apr 2014 02:27:44 +0000 (12:27 +1000)]
ctdb-tools/ctdb: Detach databases only if all nodes disallow client access
This makes sure that AllowClientDBAttach is set to 0 before detaching any
databases.
If someone enables the tunable between checking of tunable and actual
detaching of databases, then they deserve what they get. :-)
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Tue, 15 Apr 2014 02:23:42 +0000 (12:23 +1000)]
ctdb-daemon: Do not allow database detach if AllowClientDBAttach=1
This avoids the server detaching a database if clients are allowed to
connect to databases.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Alexander Bokovoy [Wed, 26 Mar 2014 10:30:30 +0000 (12:30 +0200)]
ad-dc: use exit_daemon() to communicate status of startup to systemd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 23 04:44:46 CEST 2014 on sn-devel-104
Alexander Bokovoy [Wed, 26 Mar 2014 09:45:21 +0000 (11:45 +0200)]
winbindd: use exit_daemon() to pass startup status to systemd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Alexander Bokovoy [Wed, 26 Mar 2014 09:34:56 +0000 (11:34 +0200)]
nmbd: use exit_daemon() to report status to systemd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Alexander Bokovoy [Wed, 26 Mar 2014 08:56:12 +0000 (10:56 +0200)]
smbd: use exit_daemon() to support reporting to systemd from smbd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Alexander Bokovoy [Tue, 25 Mar 2014 10:53:04 +0000 (12:53 +0200)]
add systemd integration
Add --with-systemd / --without-systemd options to check whether
libsystemd-daemon library is available and use it to report service
startup status to systemd for smbd/winbindd/nmbd and AD DC.
The problem it solves is correct reporting of the Samba services
at the point when they are ready to serve clients, important for
high availability software integration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Michael Adam [Tue, 22 Apr 2014 20:32:14 +0000 (22:32 +0200)]
s3:smbd: fix typo in comment for set_conn_force_user_group()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date(master): Wed Apr 23 01:49:09 CEST 2014 on sn-devel-104
Kamen Mazdrashki [Mon, 21 Apr 2014 15:51:09 +0000 (17:51 +0200)]
s4:samba_kcc: Use 'dburl' passed from command line rather than lp.samdb_url()
This patch makes '-H, --URL' param to actually work as expected
Change-Id: Ie7f4e9e3fc1f79a938473312e200f36de6886596
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Kamen Mazdrashki [Mon, 21 Apr 2014 15:39:21 +0000 (17:39 +0200)]
s4:kcc_util: fix loading connection transport object - used to refer to not defined object
Change-Id: If8dc8e8db85f1a882ec73dc83d28fa1b5156de84
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Kamen Mazdrashki [Mon, 21 Apr 2014 15:36:58 +0000 (17:36 +0200)]
s4:samba_kcc: fix reference to DSA object while building partial replica list
Change-Id: I33209dfd42d8c3af8d80b862ba0022d15385311b
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Kamen Mazdrashki [Mon, 21 Apr 2014 15:32:36 +0000 (17:32 +0200)]
s4:samba_kcc: Fix error handling opening export ldif file
Change-Id: If52440272513ef244e33481476da0e884969153c
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Kamen Mazdrashki [Mon, 21 Apr 2014 12:43:51 +0000 (14:43 +0200)]
s4:kcc_utils: Propagate 'samdb' into load_connection_transport() method
so it is actually able to make samdb.search-es
Change-Id: I8491fd215710a53fbb41d607381f89afb5267464
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Kamen Mazdrashki [Mon, 21 Apr 2014 12:32:48 +0000 (14:32 +0200)]
s4:KCC: Use dsdb.DS_DOMAIN_FUNCTION_2008 constant for DS-Behavior comparisons
DS_BEHAVIOR_WIN2008 was used so far which is a leftover from previous
KCC implementation in "C"
Change-Id: Id9b6551073c0b17cc27e086faa315b01305f39a5
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Kamen Mazdrashki [Mon, 21 Apr 2014 01:47:40 +0000 (03:47 +0200)]
samba-tool/upgrade: Fix exception thrown during upgrade from samba3
Change-Id: Ib486c0c7a68c53c61acdf270f966a43b1c61bace
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Jeremy Allison [Mon, 21 Apr 2014 20:58:49 +0000 (13:58 -0700)]
s3: srvsvc pipe - We should return WERR_BADFILE in _srvsvc_NetShareAdd if the path does not exist.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 22 22:19:18 CEST 2014 on sn-devel-104
Christof Schmitt [Thu, 17 Apr 2014 20:43:53 +0000 (13:43 -0700)]
vfs_gpfs: Avoid warnings in developer build
Remove an unused variable and use discard_const_p.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr 18 22:25:25 CEST 2014 on sn-devel-104
Andrew Bartlett [Thu, 27 Mar 2014 21:56:02 +0000 (10:56 +1300)]
s4-auth: Make the auth_winbind_wbclient use more correct code now in auth/wbc_auth_util.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 27 Mar 2014 21:41:46 +0000 (10:41 +1300)]
auth: Move wbcAuthUserInfo_to_netr_SamInfo3 to the top level
This allows auth_winbind in source4 to use this more correct conversion routine.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Wed, 16 Apr 2014 14:07:14 +0000 (16:07 +0200)]
s3-libads: allow ads_try_connect() to re-use a resolved ip address.
Pass down a struct sockaddr_storage to ads_try_connect.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Apr 17 19:56:16 CEST 2014 on sn-devel-104
Andreas Schneider [Thu, 13 Feb 2014 14:55:30 +0000 (15:55 +0100)]
lib: Remove socket wrapper python module.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 17 17:12:50 CEST 2014 on sn-devel-104