Andrew Bartlett [Tue, 13 Dec 2016 20:38:28 +0000 (09:38 +1300)]
s4-rpc_server: Add comments explaining the control flow around dcesrv_bind()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 3 Nov 2016 14:11:29 +0000 (15:11 +0100)]
s3:utils: Use cli_cm_force_encryption() instead of cli_force_encryption()
This allows SMB3 encryption instead of returning NT_STATUS_NOT_SUPPORTED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec 19 13:41:15 CET 2016 on sn-devel-144
Stefan Metzmacher [Thu, 3 Nov 2016 14:11:29 +0000 (15:11 +0100)]
s3:libsmb: Use cli_cm_force_encryption() instead of cli_force_encryption()
This allows SMB3 encryption instead of returning NT_STATUS_NOT_SUPPORTED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 16 Dec 2016 00:26:29 +0000 (01:26 +0100)]
s3:libsmb: don't let cli_session_creds_init() overwrite the default domain with ""
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 8 Dec 2016 11:11:45 +0000 (12:11 +0100)]
s3:libsmb: split out a cli_session_creds_prepare_krb5() function
This can be used temporarily to do the required kinit if we use kerberos
and the password has been specified.
In future this should be done in the gensec layer on demand, but there's
more work attached to doing it in the gensec_gse module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 9 Dec 2016 08:49:17 +0000 (09:49 +0100)]
s3:torture/masktest: masktest only works with SMB1 currently
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 9 Dec 2016 08:49:17 +0000 (09:49 +0100)]
s3:torture/masktest: Use cli_tree_connect_creds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 9 Dec 2016 08:06:21 +0000 (09:06 +0100)]
s3:torture: Use cli_tree_connect_creds() where we may use share level auth
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 9 Dec 2016 08:48:06 +0000 (09:48 +0100)]
s3:lib/netapi: Use lp_client_ipc_max_protocol() in libnetapi_open_ipc_connection()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Martin Schwenke [Sat, 10 Dec 2016 22:09:44 +0000 (09:09 +1100)]
ctdb-tests: Remove the python LCP2 simulation
It isn't used anywhere and doesn't contain some of the optimisations
that have since gone into the C code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Dec 19 07:58:45 CET 2016 on sn-devel-144
Martin Schwenke [Fri, 9 Dec 2016 08:19:49 +0000 (19:19 +1100)]
ctdb-takeover: Drop unused ctdb_takeover_run() and related code
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 9 Dec 2016 05:21:39 +0000 (16:21 +1100)]
ctdb-recoverd: Integrate takeover helper
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 9 Dec 2016 04:04:03 +0000 (15:04 +1100)]
ctdb-recoverd: Generalise helper state, handler and launching
These can also be used for takeover handler.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Dec 2016 22:42:46 +0000 (09:42 +1100)]
ctdb-tests: Add tests for takeover helper
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 13 Dec 2016 20:18:57 +0000 (07:18 +1100)]
ctdb-tests: New function unit_test_notrace()
Avoids valgrind and such, so a function can be passed.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 10 Nov 2016 05:47:38 +0000 (16:47 +1100)]
ctdb-takeover: Add takeover helper
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 15 Dec 2016 03:09:16 +0000 (14:09 +1100)]
ctdb-takeover: IPAllocAlgorithm replaces LCP2PublicIPs, DeterministicIPs
Introduce a single new tunable IPAllocAlgorithm to set the IP
allocation algorithm. This defaults to 2 for LCP2 IP address
allocation.
Tunables LCP2PublicIPs and DeterministicIPs are obsolete.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 10 Dec 2016 09:03:38 +0000 (20:03 +1100)]
ctdb-takeover: NoIPHostOnAllDisabled is global across cluster
Instead of gathering the value from all nodes, just use the value on
the recovery master and have it affect all nodes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 10 Dec 2016 08:39:11 +0000 (19:39 +1100)]
ctdb-takeover: NoIPTakeover is global across cluster
Instead of gathering the value from all nodes, just use the value on
the recovery master and have it affect all nodes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 10 Dec 2016 03:50:21 +0000 (14:50 +1100)]
ctdb-docs: Document that tunables should be set the same on all nodes
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 7 Dec 2016 00:52:30 +0000 (11:52 +1100)]
ctdb-tests: Add faking of control failures/timeouts to fake_ctdbd
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Dec 2016 08:11:13 +0000 (19:11 +1100)]
ctdb-tests: Add IPREALLOCATED control to fake_ctdbd
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Dec 2016 01:58:08 +0000 (12:58 +1100)]
ctdb-tests: Add TAKEOVER_IP control to fake_ctdbd
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Dec 2016 01:53:53 +0000 (12:53 +1100)]
ctdb-tests: Add RELEASE_IP control to fake_ctdbd
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 3 Dec 2016 14:04:39 +0000 (01:04 +1100)]
ctdb-tests: Add tool tests for "ctdb ip"
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 3 Dec 2016 14:01:48 +0000 (01:01 +1100)]
ctdb-tests: Implement GET_PUBLIC_IPS control in fake_ctdbd
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Dec 2016 00:08:39 +0000 (11:08 +1100)]
ctdb-tests: Add tool tests for "ctdb ipinfo"
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 3 Dec 2016 14:02:24 +0000 (01:02 +1100)]
ctdb-tests: Implement GET_PUBLIC_IP_INFO control in fake_ctdbd
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 3 Dec 2016 13:59:29 +0000 (00:59 +1100)]
ctdb-tests: Factor out get_ctdb_iface_list()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 3 Dec 2016 06:11:25 +0000 (17:11 +1100)]
ctdb-tests: Add public IP state to fake_ctdbd
Read it via a PUBLICIPS section.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 3 Dec 2016 05:20:01 +0000 (16:20 +1100)]
ctdb-tests: Factor out reading of known public IP addresses
One change in behaviour is to actually copy the known IPs per node
instead of just assigning the pointer. When this is used by
fake_ctdbd the resulting structure will be used to keep state for
individual nodes, so data for nodes needs to be independent.
Also, drop some asserts in the factored code and do (slightly) better
error handling.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 8 Dec 2016 00:41:31 +0000 (11:41 +1100)]
ctdb-tests: Allow FAKE_CTDBD_DEBUGLEVEL to be specified
This is useful for debugging when doing developer testing.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 12 Dec 2016 05:43:43 +0000 (16:43 +1100)]
ctdb-tests: Make fake_ctdbd use logging_init()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 10 Nov 2016 05:11:12 +0000 (16:11 +1100)]
ctdb-client: Add available-only option public IP fetching
Update tool accordingly.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 10 Nov 2016 05:09:24 +0000 (16:09 +1100)]
ctdb-protocol: Move CTDB_PUBLIC_IP_FLAGS_ONLY_AVAILABLE to protocol.h
The protocol code needs it.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Sat, 17 Sep 2016 14:24:47 +0000 (00:24 +1000)]
ctdb-daemon: Remove ctdb_event_helper
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sun Dec 18 18:10:50 CET 2016 on sn-devel-144
Amitay Isaacs [Fri, 16 Sep 2016 10:06:07 +0000 (20:06 +1000)]
ctdb-daemon: Switch to using event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Sat, 27 Aug 2016 07:26:28 +0000 (17:26 +1000)]
ctdb-daemon: Add functions to talk to event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 16 Sep 2016 08:44:37 +0000 (18:44 +1000)]
ctdb-daemon: Refactor check for valid events during recovery
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 12 Sep 2016 01:33:02 +0000 (11:33 +1000)]
ctdb-protocol: Deprecate eventscript controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 23 Nov 2016 01:28:24 +0000 (12:28 +1100)]
ctdb-protocol: Drop marshaling for eventscript controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 12 Sep 2016 01:32:20 +0000 (11:32 +1000)]
ctdb-client: Drop client code for eventscript controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 12 Sep 2016 01:25:11 +0000 (11:25 +1000)]
ctdb-daemon: Drop implementation of eventscript controls
Following controls are now implemented by event daemon
- RUN_EVENTSCRIPTS
- GET_EVENT_SCRIPT_STATUS
- ENABLE_SCRIPT
- DISABLE_SCRIPT
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 12 Sep 2016 01:31:35 +0000 (11:31 +1000)]
ctdb-tool: Drop disablescript, enablescript and eventscript commands
These commands are now replaced with ctdb event ...
ctdb scriptstatus is maintained for backward compatibility.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 21 Nov 2016 03:52:41 +0000 (14:52 +1100)]
ctdb-tool: Add new command "event" to ctdb tool
This command covers all the commands to event daemon.
ctdb event run <event>
ctdb event status [<event>] [lastrun|lastfail|lastpass]
ctdb event script list
ctdb event script enable <script>
ctdb event script disable <script>
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 6 Sep 2016 08:53:02 +0000 (18:53 +1000)]
ctdb-tests: Add tests for event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 21 Nov 2016 06:39:02 +0000 (17:39 +1100)]
ctdb-tool: Add helper for talking to event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 31 Aug 2016 15:07:47 +0000 (01:07 +1000)]
ctdb-client: Add client api for eventd communication
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Sat, 27 Aug 2016 07:26:52 +0000 (17:26 +1000)]
ctdb-eventd: Add event script handling daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 31 Aug 2016 07:02:55 +0000 (17:02 +1000)]
ctdb-protocol: Add marshalling for eventd protocol
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 31 Aug 2016 05:49:27 +0000 (15:49 +1000)]
ctdb-protocol: Add data types for eventd communication
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Sat, 3 Sep 2016 13:27:23 +0000 (23:27 +1000)]
ctdb-common: Add sock_daemon abstraction
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 16 Sep 2016 06:13:18 +0000 (16:13 +1000)]
ctdb-common: Add generic socket I/O
This is a generic socket read/write to be used in the ctdb daemon.
It is based on ctdb_io.c and comm.c.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 30 Aug 2016 07:33:42 +0000 (17:33 +1000)]
ctdb-common: Add run_proc abstraction
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 31 Aug 2016 05:46:45 +0000 (15:46 +1000)]
ctdb-protocol: Add marshalling for int32_t
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 30 Aug 2016 15:33:38 +0000 (01:33 +1000)]
ctdb-protocol: Fix marshalling of string with length
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 21 Nov 2016 06:38:18 +0000 (17:38 +1100)]
ctdb-tool: Improve error reporting if helper execution fails
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 21 Nov 2016 03:36:04 +0000 (14:36 +1100)]
ctdb-tool: Allow passing multiple command-line arguments to helper
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Stefan Metzmacher [Fri, 16 Dec 2016 10:09:16 +0000 (11:09 +0100)]
selftest: make sure we always export KRB5CCNAME
We should not risk the usage of the users global ccache!
This results in unpredictable effects for the user and
selftest itself.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 17 22:58:28 CET 2016 on sn-devel-144
Stefan Metzmacher [Thu, 15 Dec 2016 09:31:50 +0000 (10:31 +0100)]
selftest: also export TMPDIR
This should hopefully avoid usage of /tmp.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 16 Dec 2016 12:35:36 +0000 (13:35 +0100)]
script/autobuild.py: create tmpdir for each try and export it as TMPDIR
This way the compiler and other tools hopefully don't use /tmp
anymore.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 16 Dec 2016 12:35:01 +0000 (13:35 +0100)]
script/autobuild.py: cleanup testbase/prefix before each retry
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 16 Dec 2016 12:33:42 +0000 (13:33 +0100)]
script/autobuild.py: remove pointless mkdir/rmdir commands
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 16 Dec 2016 12:30:57 +0000 (13:30 +0100)]
script/autobuild.py: don't add subdirs of testbase to cleanup_list
We already have testbase in there.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 15 Dec 2016 17:10:22 +0000 (18:10 +0100)]
vfs_gpfs: simplify stat_with_capability() ifdef
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Dec 17 12:58:07 CET 2016 on sn-devel-144
Ralph Boehme [Mon, 28 Nov 2016 11:22:04 +0000 (12:22 +0100)]
vfs_gpfs: remove updating btime from stat VFS calls
This is now handled by the vfs_gpfs_(f)get_dos_attributes. Getting rid
of this in the stat VFS functions is a huge performance saver. perf
report found that in a kernel copy workload smbd was spending
considerable CPU time in vfs_gpfs_(f|l)stat -> gpfs_get_winattrs.
Most of the time the VFS stat caller is not interested in the btime. The
SMB frontend processing around btime is designed to fetch btime together
with DOS attributes via dos_mode() in all places that need these
attributes. That's the way it is implemented in the default VFS module
and that's what vfs_gpfs now does as well for performance reasons.
This makes vfs_gpfs_fstat a null op and I'm therefor removing it.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Ralph Boehme [Thu, 15 Dec 2016 06:09:58 +0000 (07:09 +0100)]
vfs_gpfs: update btime in vfs_gpfs_(f)get_dos_attributes
This paves the way for removing btime updates from the stat VFS
functions.
This way we behave like the default VFS module where DOS attributes and
btime are fetched from the same backing store and the frontend is
designed around using dos_mode() -> SMB_VFS_GET_ATTRIBUTES to update
both attributes as necessary in the SMB processing.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Volker Lendecke [Mon, 5 Dec 2016 15:31:56 +0000 (15:31 +0000)]
idmap_autorid: Simplify idmap_autorid_loadconfig
autorid_global_config is a fixed small structure that can be stack-allocated.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Dec 16 21:30:28 CET 2016 on sn-devel-144
Volker Lendecke [Mon, 5 Dec 2016 15:29:06 +0000 (15:29 +0000)]
idmap_autorid: Fix a small memleak
Not long-term, all callers free our "mem_ctx" immediately
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 15:37:49 +0000 (15:37 +0000)]
idmap_autorid: Fix a race condition when acquiring ranges
Here we are in a transaction to create a range, but we already found
one to exist. We need to return the information about this range to the
caller, just as we do when actually allocating the range. This does not
hit us with current code, as we just have one idmap child. However, if
we parallelize that, two children might have found a domain to not exist
and call idmap_autorid_acquire_range simultaneously. One will create
the range, the other one will find it to already exist. The second child
will also have to pass the info up.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 15:25:10 +0000 (15:25 +0000)]
idmap_autorid: Use acquire_range directly
idmap_autorid_get_domainrange is reading again for an existing mapping. We
know we need to allocate here, so avoid passing down that r/o boolean :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 15:11:24 +0000 (15:11 +0000)]
idmap_autorid: Make idmap_autorid_acquire_range public
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 14:10:34 +0000 (14:10 +0000)]
idmap_autorid: Fix checks for valid domains to allocate ranges for
The tdc cache is not reliable. The main dynamic check is
netsamlogon_cache_have: The only reliable way to see a domain as valid
for allocating a range for is a successful login. With a recent addition
to netsamlogon_cache_store, we can now reliably tell from there whether
a domain is trusted.
This also adds a few heuristic checks, such as allocation for the local
domains and additional ranges where we already have a mapping for range
index 0 for.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 14:10:00 +0000 (14:10 +0000)]
idmap_autorid: Add ntstatus to a debug message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 12:18:06 +0000 (12:18 +0000)]
idmap_autorid: Only look at the tdc cache when allocating ranges
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 12:14:17 +0000 (12:14 +0000)]
idmap_autorid: Do a readonly attempt before looking at the tdc cache
If autorid.tdb already has a mapping for a domain range, we can just
return that. Even if the volatile tdc cache at this point does not have
the domain, we should return a correct mapping.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 10:58:35 +0000 (10:58 +0000)]
idmap_autorid: idmap_autorid_sid_to_id_rid only uses rangesize from "global"
Simplification -- from the callers perspective looks like a complex
routine which it is not
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 2 Dec 2016 10:58:35 +0000 (10:58 +0000)]
idmap_autorid: idmap_autorid_sid_to_id_rid only uses low_id from "range"
Simplification -- from the callers perspective looks like a complex
routine which it is not
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 16:24:51 +0000 (16:24 +0000)]
idmap_autorid: Tighten idmap_autorid_id_to_sid a bit
We should only allow '#' as a sid/range-number separator in autorid.tdb.
The logic might be a bit clumsy. But the switch statement with failure
fall thru was the clearest I could come up with.
Signed-off-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 13:29:29 +0000 (13:29 +0000)]
idmap_autorid: Fix a comment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 13:28:01 +0000 (13:28 +0000)]
idmap_autorid: Protect against dsize==0
Not sure it can happen, but you never know...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Wed, 30 Nov 2016 17:43:44 +0000 (18:43 +0100)]
idmap_tdb: Harden idmap_tdb_common_unixid_to_sid
A non-null terminated record would make string_to_sid read beyond the
end of allocated data.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Wed, 30 Nov 2016 17:35:55 +0000 (18:35 +0100)]
idmap_autorid: Slightly simplify idmap_autorid_unixids_to_sids
Avoid an else branch where it's not necessary
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 5 Dec 2016 14:38:14 +0000 (14:38 +0000)]
samlogon_cache: Rename "user_sid" to "sid"
This is no longer just a user, we can also check for domains
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 20:46:47 +0000 (20:46 +0000)]
samlogon_cache: Add the user's domain sid into the samlogon_cache
This will be used by autorid and possibly others instead of the tdc
cache. The only reliable way to find a domain to be trusted is via a
successful login. We indicate successful login via a netsamlogon_cache.tdb
entry. This patch also adds the user's domain sid with an entry, so we
can check for that existence without traversing the cache.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 20:45:35 +0000 (20:45 +0000)]
samlogon_cache: Simplify netsamlogon_cache_have
We're interested in existence only, we should be able to trust the data
format consistency for this type of query.
netsamlogon_cache_get calls netsamlogon_cache_init for us, now we have
to do it directly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Björn Jacke [Fri, 16 Dec 2016 10:16:56 +0000 (11:16 +0100)]
pam_winbind: Fix compiler warnings
Thanks to Stef Walter <stefw@gnome.org>
BUG: http://bugzilla.samba.org/show_bug.cgi?id=8888
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Fri Dec 16 16:22:32 CET 2016 on sn-devel-144
Martin Schwenke [Tue, 13 Dec 2016 00:16:05 +0000 (11:16 +1100)]
ctdb-tools: Don't trust non-hosting nodes in "ctdb ip all"
Redundant RELEASE_IPs gives nodes a preview of where an IP address
will move to. However, if the associated TAKEOVER_IP fails then the
node will actually be unhosted.
This is similar to commit
77a29b37334b9df62b755b6f538fb975e105e1ff.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Dec 16 12:32:02 CET 2016 on sn-devel-144
Martin Schwenke [Thu, 8 Dec 2016 00:37:06 +0000 (11:37 +1100)]
ctdb-tools: Print PNN as int in "ctdb ip -v"
Otherwise it prints
4294967295 for the PNN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 8 Dec 2016 00:35:23 +0000 (11:35 +1100)]
ctdb-tools: Skip GET_PUBLIC_IP_INFO for unassigned addresses
The GET_PUBLIC_IP_INFO control fails for unassigned addresses because
PNN is CTDB_UNKNOWN_PNN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 8 Dec 2016 00:29:13 +0000 (11:29 +1100)]
ctdb-tools: Fix memory corruption in "ctdb ip -v"
First argument to talloc_asprintf_append() is the string being
appended to, not a talloc context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Dec 2016 22:23:02 +0000 (09:23 +1100)]
ctdb-tools: Fix sort order of "ctdb ip" output
The new hash-table-based method of merging the IP information does not
sort, whereas the RB-tree method implicitly sorted. This probably
only really matters for the "all" case, but sort regardless to ensure
consistent output format.
Sorting has to be done here instead of when printing to ensure
consistency between ip[] and ipinfo[].
No longer reverse the sort order.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 01:53:26 +0000 (11:53 +1000)]
ctdb-tests: Add unit test for protocol utilities
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 May 2016 00:35:10 +0000 (10:35 +1000)]
ctdb-protocol: Add generalised socket address comparison
Add new function ctdb_sock_addr_cmp(), which returns a 3-way result
useful for qsort(3). Reimplent ctdb_sock_addr_same() using this.
In the process, make arguments const so that ctdb_sock_addr_cmp() can
be used with qsort().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Dec 2016 23:17:25 +0000 (10:17 +1100)]
ctdb-tests: Fix "ctdb reloadips" simple test
The name of the addresses file to modify is based on the original
selection of a test node at the top of the test. Repeating the
selection a test node can result in a mismatch between the new test
node and the addresses file. This occurs on local daemons, because
the addresses file name has the original node number in it but the
test is being performed on the the newly selected node number.
For some reason this test has only occasionally failed. An upcoming
commit that stops the output of "ctdb ip" from being reversed causes
this test to fail (nearly?) every time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12470
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Tue, 30 Aug 2016 07:27:47 +0000 (17:27 +1000)]
ctdb-build: Remove unnecessary intermediate build target
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 9 Dec 2016 03:38:38 +0000 (14:38 +1100)]
ctdb-tests: Do not remove event script dir before shutting down ctdb
When the test is over, the exit_hook will remove the temporary event
script directory and then CTDB is restarted. Explicitly shutting down
CTDB ensures that event script directory is not removed while CTDB is
still running.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 23 Nov 2016 00:46:18 +0000 (11:46 +1100)]
ctdb-tests: Display filtered output when the test fails
This simplifies comparing the output to the expected output.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 13 Sep 2016 02:50:13 +0000 (12:50 +1000)]
ctdb-daemon: Move function typedef to where it's used
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 14 Dec 2016 04:09:24 +0000 (15:09 +1100)]
ctdb-scripts: Drop ctdb_check_service_reconfigure
This gets rid of implicit check if a service needs to configured. As a
side effect, we also get rid of the monitor "replay" which was
introduced to avoid a collision between a script executed via event and
manually. Event scripts are not expected to be run by hand.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>