2 Unix SMB/CIFS Implementation.
4 The module that handles the Schema FSMO Role Owner
5 checkings, it also loads the dsdb_schema.
7 Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009-2010
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "ldb_module.h"
27 #include "dsdb/samdb/samdb.h"
28 #include "librpc/gen_ndr/ndr_misc.h"
29 #include "librpc/gen_ndr/ndr_drsuapi.h"
30 #include "librpc/gen_ndr/ndr_drsblobs.h"
31 #include "param/param.h"
33 #include "lib/tdb_wrap/tdb_wrap.h"
34 #include "dsdb/samdb/ldb_modules/util.h"
35 #include "lib/ldb-samba/ldb_wrap.h"
36 #include "lib/util/smb_strtox.h"
38 #include "system/filesys.h"
39 struct schema_load_private_data {
40 struct ldb_module *module;
41 uint64_t in_transaction;
42 uint64_t in_read_transaction;
43 struct tdb_wrap *metadata;
44 uint64_t schema_seq_num_cache;
48 * Please write out the updated schema on the next transaction
54 static int dsdb_schema_from_db(struct ldb_module *module,
56 uint64_t schema_seq_num,
57 struct dsdb_schema **schema);
60 * Open sam.ldb.d/metadata.tdb.
62 static int schema_metadata_open(struct ldb_module *module)
64 struct schema_load_private_data *data = talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
65 struct ldb_context *ldb = ldb_module_get_ctx(module);
67 struct loadparm_context *lp_ctx;
73 return ldb_module_error(module, LDB_ERR_OPERATIONS_ERROR,
74 "schema_load: metadata not initialized");
76 data->metadata = NULL;
78 tmp_ctx = talloc_new(NULL);
79 if (tmp_ctx == NULL) {
80 return ldb_module_oom(module);
83 filename = ldb_relative_path(ldb,
85 "sam.ldb.d/metadata.tdb");
86 if (filename == NULL) {
88 return ldb_module_oom(module);
92 if (stat(filename, &statbuf) != 0) {
94 return LDB_ERR_OPERATIONS_ERROR;
97 lp_ctx = talloc_get_type_abort(ldb_get_opaque(ldb, "loadparm"),
98 struct loadparm_context);
100 data->metadata = tdb_wrap_open(data, filename, 10,
101 lpcfg_tdb_flags(lp_ctx, TDB_DEFAULT|TDB_SEQNUM),
103 if (data->metadata == NULL) {
104 talloc_free(tmp_ctx);
105 return LDB_ERR_OPERATIONS_ERROR;
108 talloc_free(tmp_ctx);
112 static int schema_metadata_get_uint64(struct schema_load_private_data *data,
113 const char *key, uint64_t *value,
114 uint64_t default_value)
116 struct tdb_context *tdb;
117 TDB_DATA tdb_key, tdb_data;
124 *value = default_value;
128 if (!data->metadata) {
129 return LDB_ERR_OPERATIONS_ERROR;
132 tdb_seqnum = tdb_get_seqnum(data->metadata->tdb);
133 if (tdb_seqnum == data->tdb_seqnum) {
134 *value = data->schema_seq_num_cache;
138 tmp_ctx = talloc_new(NULL);
139 if (tmp_ctx == NULL) {
140 return ldb_module_oom(data->module);
143 tdb = data->metadata->tdb;
145 tdb_key.dptr = (uint8_t *)discard_const_p(char, key);
146 tdb_key.dsize = strlen(key);
148 tdb_data = tdb_fetch(tdb, tdb_key);
149 if (!tdb_data.dptr) {
150 if (tdb_error(tdb) == TDB_ERR_NOEXIST) {
151 *value = default_value;
152 talloc_free(tmp_ctx);
155 talloc_free(tmp_ctx);
156 return ldb_module_error(data->module, LDB_ERR_OPERATIONS_ERROR,
161 value_str = talloc_strndup(tmp_ctx, (char *)tdb_data.dptr, tdb_data.dsize);
162 if (value_str == NULL) {
163 SAFE_FREE(tdb_data.dptr);
164 talloc_free(tmp_ctx);
165 return ldb_module_oom(data->module);
169 * Now store it in the cache. We don't mind that tdb_seqnum
170 * may be stale now, that just means the cache won't be used
173 data->tdb_seqnum = tdb_seqnum;
174 data->schema_seq_num_cache = smb_strtoull(value_str,
180 talloc_free(tmp_ctx);
181 return ldb_module_error(data->module, LDB_ERR_OPERATIONS_ERROR,
182 "Failed to convert value");
185 *value = data->schema_seq_num_cache;
187 SAFE_FREE(tdb_data.dptr);
188 talloc_free(tmp_ctx);
193 static struct dsdb_schema *dsdb_schema_refresh(struct ldb_module *module, struct tevent_context *ev,
194 struct dsdb_schema *schema, bool is_global_schema)
197 uint64_t schema_seq_num = 0;
199 struct ldb_context *ldb = ldb_module_get_ctx(module);
200 struct dsdb_schema *new_schema;
202 struct schema_load_private_data *private_data = talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
204 /* We can't refresh until the init function has run */
208 if (schema != NULL) {
210 * If we have a schema already (not in the startup)
211 * and we are in a read or write transaction, then
212 * avoid a schema reload, it can't have changed
214 if (private_data->in_transaction > 0
215 || private_data->in_read_transaction > 0 ) {
217 * If the refresh is not an expected part of a
218 * larger transaction, then we don't allow a
219 * schema reload during a transaction. This
220 * stops others from modifying our schema
223 if (ldb_get_opaque(ldb,
224 "dsdb_schema_refresh_expected")
231 SMB_ASSERT(ev == ldb_get_event_context(ldb));
233 mem_ctx = talloc_new(module);
234 if (mem_ctx == NULL) {
239 * We update right now the last refresh timestamp so that if
240 * the schema partition hasn't change we don't keep on retrying.
241 * Otherwise if the timestamp was update only when the schema has
242 * actually changed (and therefore completely reloaded) we would
243 * continue to hit the database to get the highest USN.
246 ret = schema_metadata_get_uint64(private_data,
247 DSDB_METADATA_SCHEMA_SEQ_NUM,
250 if (schema != NULL) {
251 if (ret == LDB_SUCCESS) {
252 if (schema->metadata_usn == schema_seq_num) {
253 TALLOC_FREE(mem_ctx);
256 DEBUG(3, ("Schema refresh needed %lld != %lld\n",
257 (unsigned long long)schema->metadata_usn,
258 (unsigned long long)schema_seq_num));
261 /* From an old provision it can happen that the tdb didn't exists yet */
262 DEBUG(0, ("Error while searching for the schema usn in the metadata ignoring: %d:%s:%s\n",
263 ret, ldb_strerror(ret), ldb_errstring(ldb)));
264 TALLOC_FREE(mem_ctx);
268 DEBUG(10, ("Initial schema load needed, as we have no existing schema, seq_num: %lld\n",
269 (unsigned long long)schema_seq_num));
272 ret = dsdb_schema_from_db(module, mem_ctx, schema_seq_num, &new_schema);
273 if (ret != LDB_SUCCESS) {
274 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
275 "dsdb_schema_from_db() failed: %d:%s: %s",
276 ret, ldb_strerror(ret), ldb_errstring(ldb));
277 TALLOC_FREE(mem_ctx);
281 ret = dsdb_set_schema(ldb, new_schema, SCHEMA_MEMORY_ONLY);
282 if (ret != LDB_SUCCESS) {
283 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
284 "dsdb_set_schema() failed: %d:%s: %s",
285 ret, ldb_strerror(ret), ldb_errstring(ldb));
286 TALLOC_FREE(mem_ctx);
289 if (is_global_schema) {
290 dsdb_make_schema_global(ldb, new_schema);
292 TALLOC_FREE(mem_ctx);
298 Given an LDB module (pointing at the schema DB), and the DN, set the populated schema
301 static int dsdb_schema_from_db(struct ldb_module *module,
303 uint64_t schema_seq_num,
304 struct dsdb_schema **schema)
306 struct ldb_context *ldb = ldb_module_get_ctx(module);
310 struct ldb_dn *schema_dn = ldb_get_schema_basedn(ldb);
311 struct ldb_result *res;
312 struct ldb_message *schema_msg = NULL;
313 static const char *schema_attrs[] = {
314 DSDB_SCHEMA_COMMON_ATTRS,
315 DSDB_SCHEMA_ATTR_ATTRS,
316 DSDB_SCHEMA_CLASS_ATTRS,
324 tmp_ctx = talloc_new(module);
329 /* we don't want to trace the schema load */
330 flags = ldb_get_flags(ldb);
331 ldb_set_flags(ldb, flags & ~LDB_FLG_ENABLE_TRACING);
334 * Load the attribute and class definitions, as well as
335 * the schema object. We do this in one search and then
336 * split it so that there isn't a race condition when
337 * the schema is changed between two searches.
339 ret = dsdb_module_search(module, tmp_ctx, &res,
340 schema_dn, LDB_SCOPE_SUBTREE,
342 DSDB_FLAG_NEXT_MODULE |
343 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT,
345 "(|(objectClass=attributeSchema)"
346 "(objectClass=classSchema)"
347 "(objectClass=dMD))");
348 if (ret != LDB_SUCCESS) {
349 ldb_asprintf_errstring(ldb,
350 "dsdb_schema: failed to search attributeSchema and classSchema objects: %s",
356 * Separate the schema object from the attribute and
359 for (i = 0; i < res->count; i++) {
360 if (ldb_msg_find_element(res->msgs[i], "prefixMap")) {
361 schema_msg = res->msgs[i];
366 if (schema_msg == NULL) {
367 ldb_asprintf_errstring(ldb,
368 "dsdb_schema load failed: failed to find prefixMap");
369 ret = LDB_ERR_NO_SUCH_ATTRIBUTE;
373 ret = dsdb_schema_from_ldb_results(tmp_ctx, ldb,
374 schema_msg, res, schema, &error_string);
375 if (ret != LDB_SUCCESS) {
376 ldb_asprintf_errstring(ldb,
377 "dsdb_schema load failed: %s",
382 (*schema)->metadata_usn = schema_seq_num;
384 talloc_steal(mem_ctx, *schema);
387 if (flags & LDB_FLG_ENABLE_TRACING) {
388 flags = ldb_get_flags(ldb);
389 ldb_set_flags(ldb, flags | LDB_FLG_ENABLE_TRACING);
391 talloc_free(tmp_ctx);
395 static int schema_load(struct ldb_context *ldb,
396 struct ldb_module *module,
399 struct dsdb_schema *schema;
400 int ret, metadata_ret;
401 TALLOC_CTX *frame = talloc_stackframe();
403 schema = dsdb_get_schema(ldb, frame);
405 metadata_ret = schema_metadata_open(module);
407 /* We might already have a schema */
408 if (schema != NULL) {
409 /* If we have the metadata.tdb, then hook up the refresh function */
410 if (metadata_ret == LDB_SUCCESS && dsdb_uses_global_schema(ldb)) {
411 ret = dsdb_set_schema_refresh_function(ldb, dsdb_schema_refresh, module);
413 if (ret != LDB_SUCCESS) {
414 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
415 "schema_load_init: dsdb_set_schema_refresh_fns() failed: %d:%s: %s",
416 ret, ldb_strerror(ret), ldb_errstring(ldb));
426 if (metadata_ret == LDB_SUCCESS) {
427 ret = dsdb_set_schema_refresh_function(ldb, dsdb_schema_refresh, module);
429 if (ret != LDB_SUCCESS) {
430 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
431 "schema_load_init: dsdb_set_schema_refresh_fns() failed: %d:%s: %s",
432 ret, ldb_strerror(ret), ldb_errstring(ldb));
437 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
438 "schema_load_init: failed to open metadata.tdb");
443 schema = dsdb_get_schema(ldb, frame);
445 /* We do this, invoking the refresh handler, so we know that it works */
446 if (schema == NULL) {
447 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
448 "schema_load_init: dsdb_get_schema failed");
450 return LDB_ERR_OPERATIONS_ERROR;
453 /* Now check the @INDEXLIST is correct, or fix it up */
454 ret = dsdb_schema_set_indices_and_attributes(ldb, schema,
456 if (ret == LDB_ERR_BUSY) {
463 if (ret != LDB_SUCCESS) {
464 ldb_asprintf_errstring(ldb, "Failed to update "
465 "@INDEXLIST and @ATTRIBUTES "
466 "records to match database schema: %s",
476 static int schema_load_init(struct ldb_module *module)
478 struct ldb_context *ldb = ldb_module_get_ctx(module);
479 struct schema_load_private_data *private_data =
480 talloc_get_type_abort(ldb_module_get_private(module),
481 struct schema_load_private_data);
484 ret = ldb_next_init(module);
485 if (ret != LDB_SUCCESS) {
489 return schema_load(ldb, module, &private_data->need_write);
492 static int schema_load_start_transaction(struct ldb_module *module)
494 struct schema_load_private_data *private_data =
495 talloc_get_type_abort(ldb_module_get_private(module),
496 struct schema_load_private_data);
497 struct ldb_context *ldb = ldb_module_get_ctx(module);
498 struct dsdb_schema *schema;
501 ret = ldb_next_start_trans(module);
502 if (ret != LDB_SUCCESS) {
506 /* Try the schema refresh now */
507 schema = dsdb_get_schema(ldb, NULL);
508 if (schema == NULL) {
509 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
510 "schema_load_init: dsdb_get_schema failed");
511 return LDB_ERR_OPERATIONS_ERROR;
514 if (private_data->need_write) {
515 ret = dsdb_schema_set_indices_and_attributes(ldb,
518 private_data->need_write = false;
521 private_data->in_transaction++;
526 static int schema_load_end_transaction(struct ldb_module *module)
528 struct schema_load_private_data *private_data =
529 talloc_get_type_abort(ldb_module_get_private(module),
530 struct schema_load_private_data);
531 struct ldb_context *ldb = ldb_module_get_ctx(module);
533 if (private_data->in_transaction == 0) {
534 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
535 "schema_load_end_transaction: transaction mismatch");
536 return LDB_ERR_OPERATIONS_ERROR;
538 private_data->in_transaction--;
540 return ldb_next_end_trans(module);
543 static int schema_load_del_transaction(struct ldb_module *module)
545 struct schema_load_private_data *private_data =
546 talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
547 struct ldb_context *ldb = ldb_module_get_ctx(module);
549 if (private_data->in_transaction == 0) {
550 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
551 "schema_load_del_transaction: transaction mismatch");
552 return LDB_ERR_OPERATIONS_ERROR;
554 private_data->in_transaction--;
556 return ldb_next_del_trans(module);
559 /* This is called in a transaction held by the callers */
560 static int schema_load_extended(struct ldb_module *module, struct ldb_request *req)
562 struct ldb_context *ldb = ldb_module_get_ctx(module);
563 struct dsdb_schema *schema;
566 if (strcmp(req->op.extended.oid, DSDB_EXTENDED_SCHEMA_LOAD) == 0) {
568 ret = dsdb_schema_from_db(module, req, 0, &schema);
569 if (ret == LDB_SUCCESS) {
570 return ldb_module_done(req, NULL, NULL, LDB_SUCCESS);
574 } else if (strcmp(req->op.extended.oid, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID) == 0) {
575 /* Force a refresh */
576 schema = dsdb_get_schema(ldb, NULL);
578 ret = dsdb_schema_set_indices_and_attributes(ldb,
582 if (ret != LDB_SUCCESS) {
583 ldb_asprintf_errstring(ldb, "Failed to write new "
584 "@INDEXLIST and @ATTRIBUTES "
585 "records for updated schema: %s",
590 return ldb_next_request(module, req);
592 /* Pass to next module, the partition one should finish the chain */
593 return ldb_next_request(module, req);
597 static int schema_read_lock(struct ldb_module *module)
599 struct schema_load_private_data *private_data =
600 talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
603 if (private_data == NULL) {
604 private_data = talloc_zero(module, struct schema_load_private_data);
605 if (private_data == NULL) {
606 return ldb_module_oom(module);
609 private_data->module = module;
611 ldb_module_set_private(module, private_data);
614 ret = ldb_next_read_lock(module);
615 if (ret != LDB_SUCCESS) {
619 if (private_data->in_transaction == 0 &&
620 private_data->in_read_transaction == 0) {
621 /* Try the schema refresh now */
622 dsdb_get_schema(ldb_module_get_ctx(module), NULL);
625 private_data->in_read_transaction++;
630 static int schema_read_unlock(struct ldb_module *module)
632 struct schema_load_private_data *private_data =
633 talloc_get_type_abort(ldb_module_get_private(module),
634 struct schema_load_private_data);
636 private_data->in_read_transaction--;
638 return ldb_next_read_unlock(module);
642 static const struct ldb_module_ops ldb_schema_load_module_ops = {
643 .name = "schema_load",
644 .init_context = schema_load_init,
645 .extended = schema_load_extended,
646 .start_transaction = schema_load_start_transaction,
647 .end_transaction = schema_load_end_transaction,
648 .del_transaction = schema_load_del_transaction,
649 .read_lock = schema_read_lock,
650 .read_unlock = schema_read_unlock,
653 int ldb_schema_load_module_init(const char *version)
655 LDB_MODULE_CHECK_VERSION(version);
656 return ldb_register_module(&ldb_schema_load_module_ops);