Noel Power [Fri, 15 Jun 2018 13:29:42 +0000 (14:29 +0100)]
s4/torture/drs/python: long is not used in py3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Fri, 15 Jun 2018 12:06:13 +0000 (13:06 +0100)]
s4/torture/drs/python: use cmp_fn for cmp (for py2/py3 compat)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Fri, 15 Jun 2018 12:04:13 +0000 (13:04 +0100)]
s4/torture/drs/python: use cmp_fn and key=cmp_to_key_fn for py2/py3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Fri, 15 Jun 2018 12:00:15 +0000 (13:00 +0100)]
python/samba: Add cmp_fn and cmp_to_key_fn functions for py2/py3
the cmp function and the cmp paramater (e.g. to sort functions)
no longer exist in python3.
cmp_fn is provides the missing functionality of the py2 cmp builtin
function.
cmp_to_key_fn allows the key paramater (e.g. for sort) to use the
old py2 cmp function for sorting. Note: the cmp_to_key is present in
since 2.7 (hence the inclusion of the source code for this function pre
that version)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Noel Power [Fri, 15 Jun 2018 09:58:13 +0000 (10:58 +0100)]
s4/torture/drs/python: py2/py3 port map / ord usage
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Fri, 15 Jun 2018 09:18:30 +0000 (10:18 +0100)]
s4/torture/drs: ndr_upack needs bytes in py3 (samba4.drs.repl_move)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Thu, 31 May 2018 15:13:28 +0000 (16:13 +0100)]
s4/dsdb/tests/python: base64.b64encode returns bytes
adjust to unicode for py2/py3 compat needed as part of changes
to ensure samba4.ldap.password_settings will work with PY3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Fri, 18 May 2018 16:15:44 +0000 (17:15 +0100)]
s4/librpc/ndr: allow GUID to accept unicode also
This needed since _GUID_string method change
(in source4/torture/drs/python/drs_base.py) which makes use use
a unicode guid at times now
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Fri, 18 May 2018 11:12:44 +0000 (12:12 +0100)]
python/samba/netcmd: Fix relative module import
Part of future changes needed to enable samba4.drs.replica_sync_rodc
for PY3.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Thu, 17 May 2018 14:25:29 +0000 (15:25 +0100)]
python/samba/netcmd: Protect variable that can be None
In py3 None variable cannot be compared with '>' '<' etc operators
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Thu, 17 May 2018 14:23:38 +0000 (15:23 +0100)]
python/samba/netcmd: fix py2/py3 bytes usage for replace
base64.b64encode returns bytes in py3 make sure associated replace
uses 'b' for strings passed to replace
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Tue, 15 May 2018 14:32:35 +0000 (15:32 +0100)]
s4/torture/drs/python: Py2/Py2 fix tab/space also incorrect unicode usage
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Fri, 11 May 2018 12:48:29 +0000 (13:48 +0100)]
lib/ldb: Implement a bytes derived object for attributes py2/py3
ldb attributes are either bytes (py3) or str (py2)
Some places in the code do str(res[0]['attribute'][0])
which results in
'result' (py2)
b'result' (py3)
or more commonly the attribute is used to construct a string e.g.
"blah=" + res[0]['attribute'][0] + ",foo,bar=...."
giving
"blah=result,foo,bar=...." (py2)
and very unhelpfully
"blah=b'result',foo,bar=...." (py3)
lots of code already constructs various strings for passing to other
api using the above. To avoid many excessive
res[0]['attribute'][0].decode('utf8')
code like 'res[0]['attribute'][0]'
will now return LdbBytes (a new object subclassing 'bytes') in py3
instead of bytes. This object has a custom '__str__' method which
attempts to return a string decoded to uft8. In Py2 this will behave as
it did previously (this is the safer option at the moment)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Thu, 10 May 2018 12:14:22 +0000 (13:14 +0100)]
python/samba/tests: remove Py2 specific imports.
Remove some python2 specific import, probably this was due to
previous unavailability for some c-modules in python3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Wed, 9 May 2018 19:17:30 +0000 (20:17 +0100)]
python/samba/emulate: Fix some more missed exception tuple assignments
In python3 we need to change
except LdbError as e:
- (status, _) = e
to
except LdbError as e:
+ (status, _) = e.args
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Tue, 1 May 2018 18:58:36 +0000 (19:58 +0100)]
python/samba/tests: Py2/Py3 port for hexdump
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Mon, 30 Apr 2018 17:43:54 +0000 (18:43 +0100)]
python/samba/tests: Py2/Py3 allow import of ndr_(un)pack to work
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joe Guo [Thu, 12 Jul 2018 04:57:43 +0000 (16:57 +1200)]
samdb: use int for get and set methods instead of digit str
This will make the API work in a nature way.
Also, because of a defect in ldb API, code like `res[0]["maxPwdAge"][0]`
will return bytes even in Python3, which will cause trouble. By casting
the value to int, we avoid the str/bytes issue.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 16 May 2018 15:03:32 +0000 (09:03 -0600)]
gpo: Specify samba module when importing from gpclass
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 13 01:05:22 CEST 2018 on sn-devel-144
David Mulder [Tue, 15 May 2018 14:37:08 +0000 (08:37 -0600)]
gpo: Don't duplicate guids in the apply log
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Fri, 4 May 2018 19:25:25 +0000 (13:25 -0600)]
gpo: Add user policy extensions
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 9 May 2018 15:24:37 +0000 (09:24 -0600)]
gpo: Dynamically load gp_exts
This loads Group Policy Client Side Extensions
similar to the way that they are loaded on a
Windows client. Extensions are installed to a
configuration file in the samba cache path where
they receive a unique GUID matched with the path
to the python gp_ext file. Classes which inherit
from the gp_ext class (as defined in gpclass.py)
will be dynamically loaded.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 11 Jul 2018 05:09:26 +0000 (17:09 +1200)]
gpo: Tests for gp_ext register/unregister
Adds testing for the gp_ext register and
unregister functions, as well as testing
the list function.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 13 Jun 2018 20:46:30 +0000 (14:46 -0600)]
gpo: add list_gp_extensions for listing registered gp extensions
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 13 Jun 2018 20:46:05 +0000 (14:46 -0600)]
gpo: add unregister_gp_extension for unregistering gp extensions
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 13 Jun 2018 20:45:09 +0000 (14:45 -0600)]
gpo: add register_gp_extension for registering gp extensions
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Fri, 29 Jun 2018 20:08:34 +0000 (14:08 -0600)]
param: Add python binding for lpcfg_state_path
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 16 May 2018 16:37:09 +0000 (10:37 -0600)]
gpo: Offline policy application via cache
Read policy files from the cache, rather than
the sysvol. This enables offline policy apply.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Mon, 8 Jan 2018 14:17:29 +0000 (07:17 -0700)]
gpo: Read GPO versions locally, not from sysvol
Non-kdc clients cannot read directly from the
sysvol, so we need to store the GPT.INI file
locally to read each gpo version.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Thu, 28 Jun 2018 15:01:59 +0000 (09:01 -0600)]
python: Allow forced signing via smb.SMB()
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Wed, 13 Jun 2018 20:42:43 +0000 (14:42 -0600)]
gpo: Disable python3 testing
The gpo module doesn't work in python3 yet,
causing this test to fail on python3.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13525
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Mulder [Thu, 5 Jul 2018 15:02:57 +0000 (09:02 -0600)]
gpo: Fix asserts in gpo testing
These tests weren't using python's unit testing
asserts.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 22 Jun 2018 15:11:53 +0000 (17:11 +0200)]
pthreadpool: allocate glue->tctx on glue as memory context.
This means it will go aways together with glue and thte event context.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 12 17:18:01 CEST 2018 on sn-devel-144
Stefan Metzmacher [Wed, 20 Jun 2018 11:38:19 +0000 (13:38 +0200)]
pthreadpool: maintain a global list of orphaned pthreadpool_tevent_jobs
Instead of leaking the memory forever, we retry the cleanup,
if other pthreadpool_tevent_*() functions are used.
pthreadpool_tevent_cleanup_orphaned_jobs() could also be called
by external callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 25 Apr 2018 18:25:21 +0000 (20:25 +0200)]
pthreadpool: make use of pthreadpool_stop() in pthreadpool_tevent_destructor()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 25 Apr 2018 12:43:22 +0000 (14:43 +0200)]
pthreadpool: add pthreadpool_tevent_job_cancel()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 23:39:47 +0000 (01:39 +0200)]
pthreadpool: split out pthreadpool_tevent_job from pthreadpool_tevent_job_state
This makes it much easier to handle orphaned jobs,
we either wait for the immediate tevent to trigger
or we just keep leaking the memory.
The next commits will improve this further.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 20 Apr 2018 13:07:08 +0000 (15:07 +0200)]
pthreadpool: let pthreadpool_tevent_job_send() fail with an invalid pool
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 25 Apr 2018 12:03:30 +0000 (14:03 +0200)]
pthreadpool: split out a pthreadpool_stop() from pthreadpool_destroy()
This can be used in combination with pthreadpool_cancel_job() to
implement a multi step shutdown of the pool.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 20 Apr 2018 15:12:07 +0000 (17:12 +0200)]
pthreadpool: don't process further jobs when shutting down
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 20 Apr 2018 13:00:31 +0000 (15:00 +0200)]
pthreadpool: add pthreadpool_cancel_job()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 23:01:42 +0000 (01:01 +0200)]
pthreadpool: add pthreadpool_tevent_max_threads() and pthreadpool_tevent_queued_jobs()
These can be used to implement some kind of flow control in the caller.
E.g. unless pthreadpool_tevent_queued_jobs() is lower than
pthreadpool_tevent_max_threads() is good to prepare new jobs.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 22:49:33 +0000 (00:49 +0200)]
pthreadpool: add pthreadpool_max_threads() and pthreadpool_queued_jobs() helpers
These can be used to implement some kind of flow control in the caller.
E.g. unless pthreadpool_queued_jobs() is lower than
pthreadpool_max_threads() is good to prepare new jobs.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 22 Jun 2018 06:39:36 +0000 (08:39 +0200)]
pthreadpool: expand test_create() to check unlimited, sync and one thread pool
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 10:40:30 +0000 (12:40 +0200)]
pthreadpool: fix helgrind error in pthreadpool_free()
We need to pthread_mutex_lock/unlock the pool mutex
before we can destroy it.
The following test would trigger this.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 20 Jun 2018 13:38:08 +0000 (15:38 +0200)]
pthreadpool: use talloc_zero() in tests_cmocka.c setup_pthreadpool_tevent()
This was found with valgrind.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 22:29:53 +0000 (00:29 +0200)]
pthreadpool: use strict sync processing only with max_threads=0
Otherwise it's an error if not at least one thread is possible.
This gives a much saner behaviour and doesn't end up with
unexpected sync processing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 22:27:39 +0000 (00:27 +0200)]
pthreadpool: consitently use unlock_res for pthread_mutex_unlock() in pthreadpool_add_job()
This makes further restructuring easier to implement and understand.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 22:10:08 +0000 (00:10 +0200)]
s3:messages: explicitly use max_thread=unlimited for pthreadpool_tevent_init() in messaging_dgm_init()
Currently 0 also means unlimited, but that will change soon,
to force no thread and strict sync processing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 22:10:08 +0000 (00:10 +0200)]
pthreadpool: explicitly use max_thread=unlimited for pthreadpool_tevent_init() tests
Currently 0 also means unlimited, but that will change soon,
to force no thread and strict sync processing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 22:04:48 +0000 (00:04 +0200)]
pthreadpool: use unsigned for num_idle, num_threads and max_threads
These can't get negative.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 20 Apr 2018 13:05:44 +0000 (15:05 +0200)]
pthreadpool: correctly handle pthreadpool_tevent_register_ev() failures
It returns errno values instead of setting 'errno'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 23 May 2018 14:28:48 +0000 (16:28 +0200)]
smbd: remove unused change_to_root_user() from brl_timeout_fn()
This is handled by using the root_ev_ctx in order to register
the timer event.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 18 Apr 2018 12:29:52 +0000 (14:29 +0200)]
smbd: remove unused change_to_root_user() from smbd_sig_hup_handler()
This is handled by using the root_ev_ctx in order to register
the signal event.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 21 Jun 2018 17:20:53 +0000 (19:20 +0200)]
smbd: avoid explicit change_to_user() in defer_rename_done() already done by impersonation
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 11 May 2012 13:51:42 +0000 (15:51 +0200)]
smbd: implement smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers
This makes sure we're doing the correct impersonation for async
requests, which is a requirement to start adding path based
async SMB_VFS calls.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 22 Mar 2018 09:54:41 +0000 (10:54 +0100)]
smbd: make use of smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers
For now they just add debugging, but that will change shortly.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 22 Mar 2018 09:54:41 +0000 (10:54 +0100)]
smbd: add simple noop smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers
As a start these are just wrappers arround
smbd_impersonate_debug_create(), without any real impersonation.
But this will change shortly.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 23 Mar 2018 06:47:38 +0000 (07:47 +0100)]
smbd: add smbd_impersonate_debug_create() helper
This will be used to implement no-op impersonation
for the create_conn_struct_as_root() case were we
don't really have other unrelated events in the loop
and only need a valid tevent wrapper context to avoid
double free on the raw event context on teardown.
This also adds useful debugging instead of being
a full no-op wrapper.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 25 May 2018 14:22:33 +0000 (16:22 +0200)]
smbd: add [un]become_guest() helper functions
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Karolin Seeger [Thu, 12 Jul 2018 08:15:44 +0000 (10:15 +0200)]
WHATSNEW: Start release notes for Samba 4.10.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 12 Jul 2018 08:11:01 +0000 (10:11 +0200)]
VERSION: Bump version up to 4.10.0pre1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 12 Jul 2018 08:08:13 +0000 (10:08 +0200)]
VERSION: Bump version up to 4.9.0rc1...
and disable GIT_SNAPSHOT for the release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 12 Jul 2018 08:07:36 +0000 (10:07 +0200)]
WHATSNEW: Add release notes for Samba 4.9.0rc1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 12 Jul 2018 04:14:27 +0000 (16:14 +1200)]
WHATSNEW: Add information on new GPO features
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Martin Schwenke [Mon, 26 Mar 2018 04:37:25 +0000 (15:37 +1100)]
WHATSNEW.txt: CTDB updates for 4.9
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Stefan Metzmacher [Wed, 11 Jul 2018 20:21:32 +0000 (22:21 +0200)]
ldb: version 1.4.1
* add some missing return value checks
* Fix several mem leaks in ldb_index ldb_search ldb_tdb (bug#13475)
* ldb_tdb: Use mem_ctx and so avoid leak onto long-term memory
on duplicated add. (bug#13471)
* ldb: Fix memory leak on module context (bug#13459)
* Refused build of Samba 4.8 with ldb 1.4 (bug #13519)
* Prevent similar issues in the future at configure time (bug #13519)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul 12 07:43:22 CEST 2018 on sn-devel-144
Stefan Metzmacher [Wed, 11 Jul 2018 20:19:26 +0000 (22:19 +0200)]
talloc: version 2.1.14
* Fix some typos in the comments
* Remove extra 0x prefix for the "%p" format specifiers,
avoiding 0x0x0 strings in the output.
* make sure we link extra-python versions of libraries
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 11 Jul 2018 20:15:30 +0000 (22:15 +0200)]
tdb: version 1.3.16
* Fix build on AIX
* Python3 compatibility fixes
* Use tdb_wipe_all in "erase" command
* Harden allocating the tdb recovery area
* Make sure the hash size fits
* Harden tdb_check_used_record against overflow
* Harden tdb_rec_read
* Handle TDB_NEXT_LOCK_ERR in tdb_traverse_internal
* Fix build warnings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 12 Jul 2018 00:34:56 +0000 (12:34 +1200)]
ldb: Refuse to build Samba against a newer minor version of ldb
Samba is not compatible with new versions of ldb (except release versions)
Other users would not notice the breakages, but Samba makes many
more assuptions about the LDB internals than any other package.
(Specifically, LDB 1.2 and 1.4 broke builds against released
Samba versions)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13519
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 01:41:58 +0000 (13:41 +1200)]
ldb: Ban ldb 1.4.x with Samba 4.8 and earlier
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13519
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 23:56:40 +0000 (11:56 +1200)]
docs: Remove mention of --without-json-audit from the AD DC
This is no longer optional for the AD DC.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 23:54:56 +0000 (11:54 +1200)]
WHATSNEW: Explain that Jansson is requied for AD DC, mention --without-json-audit
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 04:12:53 +0000 (16:12 +1200)]
WHATSNEW: document sysvolreset improvement
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 05:08:34 +0000 (17:08 +1200)]
tests/posixacl: Test with and without filling in the unix_token
Sadly the unix token cannot be created without a running winbindd,
which is not available during provision and a domain restore.
(Internally in smbd a backup API via passdb is used, but this
is not connected to this function at this time)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 04:48:40 +0000 (16:48 +1200)]
python: Add samba.auth.session_info_fill_unix()
This fills in the unix portions of the token needed by smbd and the pysmbd bindings
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Joe Guo <joeg@catalyst.net.nz>
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 04:48:07 +0000 (16:48 +1200)]
selftest: Add tests for samba.auth.admin_session()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Pair-programmed-with: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Jul 2018 10:01:29 +0000 (22:01 +1200)]
WHATSNEW: Fix spelling
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andrew Bartlett [Fri, 6 Jul 2018 20:51:59 +0000 (08:51 +1200)]
docs: Explain that "max xmit" is SMB1 only
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Timur I. Bakeyev [Sun, 8 Jul 2018 14:09:59 +0000 (16:09 +0200)]
WHATSNEW: Add note about defaults changes for the vfs_full_audit and acceptance of all syslog facilities for all audit modules.
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joe Guo [Thu, 5 Jul 2018 22:36:54 +0000 (10:36 +1200)]
tests/posixacl: derive a new testcase to run same tests with session
1. existing tests still run with session_info=None
2. new class override `get_session_info` to return a session, so same
set of tests will run again, but with session.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Thu, 5 Jul 2018 22:32:17 +0000 (10:32 +1200)]
tests/posixacl: move setUp and tearDown to top
Make it clear to find out what we have in test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 03:50:40 +0000 (15:50 +1200)]
tests/posixacl: rm duplicated test
There are 2 copy of `test_setposixacl_getposixacl`, this patch removed
the first copy, which was overwritten by the second one.
They are 99% the same except in the last line a_perm is 6 vs 7, and 7 is
the correct number.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 03:35:14 +0000 (15:35 +1200)]
tests/posixacl: use assertRaises to simplify code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 03:28:16 +0000 (15:28 +1200)]
tests/posixacl: remove unused imports
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 03:25:56 +0000 (15:25 +1200)]
tests/posixacl: define global ACL to make code DRY
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 03:18:26 +0000 (15:18 +1200)]
tests/posixacl: define global DOM_SID to make code DRY
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 02:52:02 +0000 (14:52 +1200)]
tests/posixacl: rm commented code
The example is already in code, no need to keep it here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 01:03:44 +0000 (13:03 +1200)]
provision/setsysvolacl: create helper function to simplify code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Wed, 4 Jul 2018 00:07:25 +0000 (12:07 +1200)]
provision/setsysvolacl: build session_info and pass down to setntacl
Get the admin session info, and pass it down to setntacl.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Tue, 3 Jul 2018 22:27:23 +0000 (10:27 +1200)]
ntacls: add session_info arg to setntacl and pass down to set_nt_acl api
Then underneath code can reuse the authentication info in session to
improve performance.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Mon, 2 Jul 2018 22:20:39 +0000 (10:20 +1200)]
ntacls: reuse predefined SECURITY_SECINFO_FLAGS
Use predefined SECURITY_SECINFO_FLAGS to replace bitwise or operations
on flag list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Tue, 3 Jul 2018 23:09:50 +0000 (11:09 +1200)]
smbd/posix_acls: reuse secutiry token from session info if exist
If session info was passed down from upstream, then try to use it to get
security token, other then creating token every time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Tue, 3 Jul 2018 23:03:42 +0000 (11:03 +1200)]
smbd/msdfs: add null check for session_info.unix_info
When a session_info passed down to here, the unix_info could be NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Tue, 3 Jul 2018 22:18:30 +0000 (10:18 +1200)]
pysmbd: add session_info arg to py_smbd_set_nt_acl
Add session_info arg as optional and pass it down to get_conn_tos.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Joe Guo [Tue, 3 Jul 2018 22:05:50 +0000 (10:05 +1200)]
pysmbd: add session_info arg to get_conn_tos
Add session_info arg, so caller can pass it in to reuse authentication info
later. This will improve performance a lot while doing ntacl operations
on large amount of files, e.g.: sysvolreset.
Modification for upstream caller will come in following patches.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 10 Jul 2018 05:13:48 +0000 (17:13 +1200)]
WHATSNEW: Add entry for "Dynamic DNS record scavenging support"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Thu, 8 Dec 2016 20:13:11 +0000 (09:13 +1300)]
python/tests: check setting values on dnsRecord attributes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12451
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 3 Jul 2018 05:03:38 +0000 (17:03 +1200)]
tests dns: dns_base.py remove flake8 warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 2 Jul 2018 04:51:00 +0000 (16:51 +1200)]
tests dns: dns.py remove flake8 warnings
Remove flake8 warnings from the code, this highlighted the issue with
test_update_add_null_char_rpc_to_dns fixed in the preceding commit.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>