Michael Adam [Mon, 11 Jul 2016 09:08:22 +0000 (11:08 +0200)]
autobuild: Don't compare socket wrapper so_path for xc check
This uses the build-directory which, hence is not the same.
Achieve this by adding the path itself and the whole
defines dictionary to the exclude list.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 21 Jun 2016 07:50:53 +0000 (09:50 +0200)]
ctdb: fix autotest with socket-wrapper installed in the system
Signed-off-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Fri, 8 Jul 2016 13:37:18 +0000 (23:37 +1000)]
socket-wrapper: Build socket_wrapper path relative to blddir
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Michael Adam [Fri, 8 Jul 2016 23:17:24 +0000 (01:17 +0200)]
Revert "ctdb: fix autotest with socket-wrapper installed in the system"
This reverts commit
3c598cbee262b6f91bf736d22f11dc302af3decd.
Michael Adam [Tue, 21 Jun 2016 07:50:53 +0000 (09:50 +0200)]
ctdb: fix autotest with socket-wrapper installed in the system
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 7 Jul 2016 08:30:08 +0000 (10:30 +0200)]
Revert "TODO: ctdb: fix autotest with socket-wrapper installed in the system"
This reverts commit
aee6b25b722a2ebea5b7dac88eccb1ccadcb6648.
Michael Adam [Thu, 7 Jul 2016 08:30:05 +0000 (10:30 +0200)]
Michael Adam [Thu, 30 Jun 2016 23:45:22 +0000 (01:45 +0200)]
debug...
Michael Adam [Tue, 21 Jun 2016 07:50:53 +0000 (09:50 +0200)]
TODO: ctdb: fix autotest with socket-wrapper installed in the system
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Thu, 28 Apr 2016 00:24:52 +0000 (02:24 +0200)]
CVE-2016-2019: s3:selftest: add regression tests for guest logins and mandatory signing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jul 7 14:52:20 CEST 2016 on sn-devel-144
Stefan Metzmacher [Thu, 28 Apr 2016 00:36:35 +0000 (02:36 +0200)]
CVE-2016-2019: s3:libsmb: add comment regarding smbXcli_session_is_guest() with mandatory signing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 20 Apr 2016 09:26:57 +0000 (11:26 +0200)]
CVE-2016-2019: libcli/smb: don't allow guest sessions if we require signing
Note real anonymous sessions (with "" as username) don't hit this
as we don't even call smb2cli_session_set_session_key() in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 6 Jul 2016 12:24:25 +0000 (14:24 +0200)]
testprogs: Do not use the deprecated samba-tool user add
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 7 02:15:16 CEST 2016 on sn-devel-144
Stefan Metzmacher [Thu, 12 May 2016 15:31:47 +0000 (17:31 +0200)]
s3:libsmb/clirap: remove unused cli_get_server_*() functions
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 6 22:41:41 CEST 2016 on sn-devel-144
Stefan Metzmacher [Mon, 9 May 2016 14:14:04 +0000 (16:14 +0200)]
libcli/auth: remove unused variable in msrpc_parse()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 5 Jul 2016 09:40:15 +0000 (11:40 +0200)]
security.idl: add SID_NT_NFS S-1-5-88* sids
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Tue, 5 Jul 2016 08:53:08 +0000 (10:53 +0200)]
selftest: Do not use the deprecated samba-tool user add
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Tue, 5 Jul 2016 08:56:24 +0000 (10:56 +0200)]
s4-dsdb: Add missing header file for write() and close()
This fixes compilation with gcc 4.8.5.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Mon, 4 Jul 2016 11:18:03 +0000 (13:18 +0200)]
s4-torture: Add AES and RC4 enctype checks
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 6 19:06:19 CEST 2016 on sn-devel-144
Andreas Schneider [Mon, 4 Jul 2016 07:47:10 +0000 (09:47 +0200)]
s4-torture: Add torture_check_krb5_error() function
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Andrew Bartlett [Mon, 4 Jul 2016 02:06:10 +0000 (14:06 +1200)]
schema: Reorder dsdb_set_schema() to unlink the old schema last
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 4 May 2016 05:01:15 +0000 (17:01 +1200)]
dsdb: Remove 120 second delay and USN from schema refresh check
We now refresh it once the schema changes, so that replication can
proceed right away. We use the sequence number in the metadata.tdb.
The previous commit added a cache for this value, protected by
tdb_seqnum().
metadata.tdb is now opened at startup to provide this support.
Note that while still supported, schemaUpdateNow is essentially rudundent:
instead, to ensure we increment the sequence number correctly, we unify that check
into repl_meta_data at the transaction close.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 5 Jul 2016 23:38:28 +0000 (11:38 +1200)]
dsdb: Remove use of schema USN in samldb_add_handle_msDS_IntId
This is not a frequent enough operation to warrent a cache, and the USN will be removed
from the schema code shortly
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 4 Jul 2016 02:05:46 +0000 (14:05 +1200)]
schema: Make the fetch of the schema version fast
Use the tdb_seqnum() to avoid needing locks to check if the schema has not changed
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Tue, 5 Jul 2016 04:01:38 +0000 (16:01 +1200)]
ldb: Avoid use-after-free when one error message is printed into another
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Bob Campbell [Thu, 30 Jun 2016 03:03:39 +0000 (15:03 +1200)]
provision: Ignore duplicate attid and governsID check
During the provision this causes a huge performance hit as these two
attributes are unindexed.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Wed, 29 Jun 2016 22:40:51 +0000 (10:40 +1200)]
provision_fill: move GPO into transaction
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Bob Campbell [Wed, 29 Jun 2016 04:54:06 +0000 (16:54 +1200)]
provision_fill: move most db accesses into transactions
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Martin Schwenke [Wed, 29 Jun 2016 08:11:44 +0000 (18:11 +1000)]
ctdb-scripts: Quote some variable expansions
This avoids relevant shellcheck warnings. This is most of the
shellcheck low hanging fruit in the non-test code. Many of the other
warnings produced by shellcheck are either false positives, are
non-trivial to fix or a fix may result in worse code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Jul 6 08:15:49 CEST 2016 on sn-devel-144
Martin Schwenke [Wed, 29 Jun 2016 10:43:18 +0000 (20:43 +1000)]
ctdb-scripts: Fix incorrect variable reference
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 29 Jun 2016 07:54:00 +0000 (17:54 +1000)]
ctdb-scripts: Use globs instead of ls to list files
shellcheck reports that using ls is fragile.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 29 Jun 2016 07:49:13 +0000 (17:49 +1000)]
ctdb-scripts: Fix incorrect variable reference
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 29 Jun 2016 07:47:12 +0000 (17:47 +1000)]
ctdb-scripts: Fix incorrect variable reference
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 29 Jun 2016 07:36:05 +0000 (17:36 +1000)]
ctdb-scripts: Update script boilerplate to avoid shellcheck warnings
* Assign the output of dirname to temporary variable to avoid word
splitting when directory name contains whitespace
* Drop export of CTDB_BASE to avoid masking broken return value -
functions file does the export anyway
* Quote path when including functions file
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 29 Jun 2016 07:33:43 +0000 (17:33 +1000)]
ctdb-scripts: Export CTDB_BASE in functions file
This avoids having to export it in every file that includes the
functions file.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 29 Jun 2016 07:05:17 +0000 (17:05 +1000)]
ctdb-scripts: Drop optional argument to nfs_check_services()
Added so that nfs_check_services() could be run against an arbirary
directory. However, with the function moved to the event script, this
isn't useful. CTDB_NFS_CHECKS_DIR can be used for testing instead.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Christof Schmitt [Fri, 1 Jul 2016 18:52:15 +0000 (11:52 -0700)]
gensec: Change log level for message when obtaining PAC from gss_get_name_attribute failed
This is the second part for the issue from commit
8bb4fccd. A KDC that
does not return a PAC first triggers this message, then the "resorting
to local user lookup" one. Change the log level for the "obtaining PAC
via GSSAPI gss_get_name_attribute" message as well to avoid spamming the
logs during normal usage. While changing this message, also remove the
discard_const since it is no longer required.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 6 04:27:03 CEST 2016 on sn-devel-144
Uri Simchoni [Sun, 3 Jul 2016 19:50:22 +0000 (22:50 +0300)]
auth: fix a memory leak in gssapi_get_session_key()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12006
Signed-off-by: Uri Simchoni <uri@samba.org>
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Wed Jul 6 00:40:15 CEST 2016 on sn-devel-144
Uri Simchoni [Sun, 3 Jul 2016 19:51:56 +0000 (22:51 +0300)]
s3-libads: fix a memory leak in ads_sasl_spnego_bind()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12006
Signed-off-by: Uri Simchoni <uri@samba.org>
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Amitay Isaacs [Mon, 27 Jun 2016 08:26:34 +0000 (18:26 +1000)]
ctdb-build: Exit if requested feature cannot be built
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jul 5 14:38:30 CEST 2016 on sn-devel-144
Amitay Isaacs [Mon, 27 Jun 2016 08:17:38 +0000 (18:17 +1000)]
ctdb-daemon: Log ctdb socket in the main daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 27 Jun 2016 08:37:27 +0000 (18:37 +1000)]
ctdb-pmda: CTDB client code does not require ctdb->methods
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 27 Jun 2016 08:00:49 +0000 (18:00 +1000)]
ctdb-daemon: Check if method is initialized before calling
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 27 Jun 2016 07:28:59 +0000 (17:28 +1000)]
ctdb-ib: Include system/wait.h for signal
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 20 Apr 2016 04:18:55 +0000 (14:18 +1000)]
ctdb-client: Expose ctdb_ltdb_fetch in client API
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 18 Apr 2016 05:56:00 +0000 (15:56 +1000)]
ctdb-client: Add debug messages to client db api
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 1 Jul 2016 07:53:17 +0000 (17:53 +1000)]
ctdb-client: Fix implementation of transaction cancel
Wrap async transaction cancel to unlock g_lock lock and free transaction
handle.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 21 Apr 2016 07:47:43 +0000 (17:47 +1000)]
ctdb-client: Add async version of transaction cancel
Transaction cancel should get rid of g_lock lock.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 15 Apr 2016 07:44:14 +0000 (17:44 +1000)]
ctdb-client: Fix implementation of transaction commit
There is no need to explicitly check that recovery is not active before
sending TRANS33_COMMIT control. Just try TRANS3_COMMIT control and if
recovery occurs before the control is completed, the control will fail
and it can be retried.
Make sure g_lock lock is released after the transaction is complete.
Also, add timeout to the client api.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 15 Apr 2016 07:44:14 +0000 (17:44 +1000)]
ctdb-client: Fix implementation of transaction start
Since g_lock checks if the process exists in case of conflicting lock,
there is no need to register srvid.
Transaction start returns a transaction handle and transaction
commit/cancel will free that handle. Since we cannot call async code
in a talloc destructor, this avoids the use of talloc destructor for
cancelling the transaction.
If user frees the transaction handle instead of calling transaction
cancel, it will leave stale g_lock lock. This stale g_lock lock will
get cleaned up on next transaction attempt.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 19 Apr 2016 06:24:05 +0000 (16:24 +1000)]
ctdb-client: During transaction commit fetch seqnum locally
This avoids extra controls to the server.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 19 Apr 2016 05:35:55 +0000 (15:35 +1000)]
ctdb-client: Release the g_lock record once the update is done
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 16 Jun 2016 06:10:20 +0000 (16:10 +1000)]
ctdb-client: Remove commented old g_lock implemention code
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 16 Jun 2016 06:17:39 +0000 (16:17 +1000)]
ctdb-client: Release g_lock lock before retrying
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 20 Apr 2016 01:30:21 +0000 (11:30 +1000)]
ctdb-client: Fix g_lock implementation
If a conflicting g_lock entry is found, check if the process exists.
This matches Samba implementation.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 19 Apr 2016 07:37:46 +0000 (17:37 +1000)]
ctdb-client: If g_lock lock conflicts, try again sooner
Instead of delaying for 1 second, try to get g_lock lock again after
1 milli-second.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 19 Apr 2016 05:24:11 +0000 (15:24 +1000)]
ctdb-client: Factor out ctdb_client_get_server_id function
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 16 Jun 2016 06:22:43 +0000 (16:22 +1000)]
ctdb-client: Use async version of delete_record in g_lock unlock
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 16 Jun 2016 06:34:39 +0000 (16:34 +1000)]
ctdb-client: Fix implementation of delete_record
In delete_record, sync call to ctdb_ctrl_schedule_for_deletion will
cause nested event loops. Instead wrap the async version.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 18 Apr 2016 06:14:05 +0000 (16:14 +1000)]
ctdb-client: Add async version of delete_record
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 19 Apr 2016 06:01:05 +0000 (16:01 +1000)]
ctdb-client: Fix ctdb_rec_buffer traversal routine
In commit
1ee7053180057ea526870182b5619a206b4d103b, the
ctdb_rec_buffer_traverse always passes NULL for header. So explicitly
extract header from the data.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 1 Apr 2016 05:51:47 +0000 (16:51 +1100)]
ctdb-client: Add sync version of sending multiple messages
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 4 Jul 2016 04:38:28 +0000 (14:38 +1000)]
ctdb-daemon: Improve log message
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 4 Jul 2016 04:30:17 +0000 (14:30 +1000)]
ctdb-recoverd: Improve election win messages
Logging that node has lost election is less useful than knowing which
node has won the election.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Garming Sam [Mon, 9 May 2016 04:14:51 +0000 (16:14 +1200)]
kerberos: Return enc data on PREAUTH_FAILED
Without the enc data, Windows clients will perform two AS-REQ causing the password
lockout count to increase by two instead of one.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11539
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 5 10:52:32 CEST 2016 on sn-devel-144
Bob Campbell [Mon, 27 Jun 2016 22:34:04 +0000 (10:34 +1200)]
password_hash: Make an error message clearer
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Jul 5 03:47:52 CEST 2016 on sn-devel-144
Garming Sam [Mon, 13 Jun 2016 03:42:25 +0000 (15:42 +1200)]
typo: mandetory -> mandatory
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Mon, 30 May 2016 21:54:26 +0000 (09:54 +1200)]
typo: componemt => component
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Thu, 18 Feb 2016 01:17:01 +0000 (14:17 +1300)]
tevent: typo in documentation
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Fri, 22 Jan 2016 00:55:34 +0000 (13:55 +1300)]
param: fix a typo emtpy -> empty
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Mon, 27 Jun 2016 22:33:24 +0000 (10:33 +1200)]
check_password_script: Add a DEBUG message for timeouts
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Mon, 13 Jun 2016 03:42:46 +0000 (15:42 +1200)]
selftest: add check password script test
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Thu, 31 Mar 2016 21:10:57 +0000 (10:10 +1300)]
check-password-script: Allow AD to execute these scripts
In contrast to source3, this is run as root and without substitution.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Martin Schwenke [Thu, 26 May 2016 06:26:51 +0000 (16:26 +1000)]
ctdb-tests: Link to ctdb-ipalloc instead of using ctdbd_test.c
Less code, quicker build time, smaller binary...
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Jul 4 19:29:08 CEST 2016 on sn-devel-144
Martin Schwenke [Thu, 26 May 2016 05:31:47 +0000 (15:31 +1000)]
ctdb-ipalloc: Drop implicit dependency on ctdb-common
Use new functions from protocol API instead.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 26 May 2016 05:03:51 +0000 (15:03 +1000)]
ctdb-tests: Allow takeover tests to be run under valgrind
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 10:43:46 +0000 (20:43 +1000)]
ctdb-tests: Drop use of CTDB context from takeover test
The ipalloc code doesn't need a CTDB context so neither should the
code that tests it.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 22 Jun 2016 04:23:38 +0000 (14:23 +1000)]
ctdb-ipalloc: IP allocation state is now an opaque structure
It is private to the IP allocation module.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 22 Jun 2016 04:22:02 +0000 (14:22 +1000)]
ctdb-ipalloc: ipalloc() returns public IP list
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 22 Jun 2016 03:18:04 +0000 (13:18 +1000)]
ctdb-ipalloc: Move set_ipflags_internal() to ipalloc
Rename it ipalloc_set_node_flags().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 22 Jun 2016 01:37:52 +0000 (11:37 +1000)]
ctdb-ipalloc: Switch set_ipflags_internal() to use a new-style node map
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 04:28:33 +0000 (14:28 +1000)]
ctdb-ipalloc: Move ipalloc state initialisation to ipalloc.c
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 04:16:47 +0000 (14:16 +1000)]
ctdb-ipalloc: Pass extra data to IP allocation state initialisation
No longer require CTDB context but pass in number of nodes, algorithm,
no_ip_failback and force_rebalance_nodes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 21 Jun 2016 06:34:44 +0000 (16:34 +1000)]
ctdb-ipalloc: Make no_ip_failback a boolean
No need to expose tunable values that far down.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 29 Jun 2016 06:36:28 +0000 (16:36 +1000)]
ctdb-ipalloc: Fix buggy short-circuit when no IPs are available
At the moment IP is short-circuited when there are no available IP
addresses. However, if some IP addresses are already allocated then
"no available IP addresses" means that all the addresses should
(probably) be released. The current short-circuit means that no
already hosted IP addresses will be released.
The short-circuit exists to avoid lots of messages saying that all IP
addresses can not be assigned at startup time. So, add a check to
ipalloc_can_host_ips() so that it succeeds if IP addresses are already
allocated to nodes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 21 Jun 2016 11:16:27 +0000 (21:16 +1000)]
ctdb-ipalloc: New function ipalloc_can_host_ips()
Abstracts out code involving internals of IP allocation state.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 21 Jun 2016 11:09:39 +0000 (21:09 +1000)]
ctdb-ipalloc: Drop known public IPs from IP allocation state
This is never used in the allocation algorithms. It is only used when
building the merged IP list.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 10:23:18 +0000 (20:23 +1000)]
ctdb-ipalloc: Move create_merged_ip_list() into ipalloc
How the existing IP layout is constructed and how the merged IP list is
sorted are important aspects of the IP allocation algorithm. Construct the
merged IP list when known and available IPs are assigned.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 10:23:18 +0000 (20:23 +1000)]
ctdb-ipalloc: New function ipalloc_set_public_ips()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 21 Jun 2016 10:46:50 +0000 (20:46 +1000)]
ctdb-ipalloc: Remove function ctdb_reload_remote_public_ips()
Use ctdb_fetch_remote_public_ips() inline to fetch each list. Assign
them into the IP allocation state separately.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 20 Jun 2016 11:27:40 +0000 (21:27 +1000)]
ctdb-ipalloc: Clean up reloading of remote public IPs
Factor out new function ctdb_fetch_remote_public_ips() to fetch known
or available public IP addresses, according to flags.
This also drops the hack where the array from a
ctdb_public_ip_list_old was assigned to a pointer in a
ctdb_public_ip_list.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 20 Jun 2016 10:53:58 +0000 (20:53 +1000)]
ctdb-ipalloc: Don't build a global IP tree
It isn't used outside this function, so just use a local variable.
This makes create_merged_ip_list() independent of the CTDB context.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 20 Jun 2016 10:47:17 +0000 (20:47 +1000)]
ctdb-ipalloc: Drop code to update IP assignment tree
This code is not used.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 20 Jun 2016 20:25:17 +0000 (06:25 +1000)]
ctdb-tools: Don't bother sending CTDB_SRVID_RECD_UPDATE_IP
Nothing is listening.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 20 Jun 2016 10:45:28 +0000 (20:45 +1000)]
ctdb-recoverd: Drop code to change the IP assignment tree
The tree is no longer used in verification.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 20 Jun 2016 10:41:05 +0000 (20:41 +1000)]
ctdb-ipalloc: Drop remote IP verification
It is only run during a takeover run and only logs errors. It doesn't
actually do anything to fix potential errors. The takeover run should
fix any inconsistencies anyway.
Instead, leave a comment in the recovery daemon's monitoring loop to
add proper remote IP verification later.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 06:44:05 +0000 (16:44 +1000)]
ctdb-ipalloc: Drop a use of CTDB_NO_MEMORY_NULL()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 04:50:14 +0000 (14:50 +1000)]
ctdb-ipalloc: Do not use node count or PNNs from CTDB context
This is unnecessary. IP allocation state already has a node count and
"i" is already a PNN.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 04:46:18 +0000 (14:46 +1000)]
ctdb-ipalloc: Drop an unnecessary check
Deleted (and other inactive) nodes will have an empty list of known
IP addresses.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 04:41:43 +0000 (14:41 +1000)]
ctdb-ipalloc: Move if-statement with broken condition
This pointer is for an array that is always allocated. The check is
meant to skip a node that has no IP addresses. However, when there
are no IP addresses the loop below will not do anything anyway.
Add this as a check at the beginning of the function instead.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>