Volker Lendecke [Wed, 12 Jan 2022 11:09:51 +0000 (12:09 +0100)]
printing: Save a few lines with str_list_add_printf()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 11 Jan 2022 15:54:05 +0000 (10:54 -0500)]
profile3: remove an unused include
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 23 Dec 2021 21:44:10 +0000 (22:44 +0100)]
s4:kdc: improve DEBUG messages in samba_wdc_reget_pac2()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Joseph Sutton <jsutton@samba.org>
Autobuild-Date(master): Mon Jan 17 20:55:41 UTC 2022 on sn-devel-184
Stefan Metzmacher [Thu, 23 Dec 2021 21:53:13 +0000 (22:53 +0100)]
s4:auth: debug make_user_info_dc_pac() failures in kerberos_pac_to_user_info_dc()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Stefan Metzmacher [Fri, 24 Dec 2021 14:21:21 +0000 (15:21 +0100)]
s4:torture: check for pac_blob==NULL in test_generate_session_info_pac() functions
We should return an error instead of crashing for tickets without a PAC.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Stefan Metzmacher [Thu, 23 Dec 2021 18:29:06 +0000 (19:29 +0100)]
s4:heimdal_build: make version_script optional to HEIMDAL_LIBRARY()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Joseph Sutton [Thu, 30 Dec 2021 03:20:46 +0000 (16:20 +1300)]
kdc: Fix leak
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Thu, 23 Dec 2021 02:59:21 +0000 (15:59 +1300)]
tests/krb5: Update supported enctype checking
We now do not expect the claims or compound ID bits to be set unless
explicitly specified, nor the DES bits.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Wed, 29 Dec 2021 04:35:09 +0000 (17:35 +1300)]
tests/krb5: Add AS-REQ PAC tests
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Mon, 29 Nov 2021 20:45:13 +0000 (09:45 +1300)]
tests/krb5: Check encrypted-pa-data if present
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Mon, 29 Nov 2021 20:42:10 +0000 (09:42 +1300)]
tests/krb5: Add FAST enc-pa-rep tests
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Thu, 16 Dec 2021 01:21:18 +0000 (14:21 +1300)]
tests/krb5: Adjust expected error codes
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Wed, 15 Dec 2021 21:18:42 +0000 (10:18 +1300)]
tests/krb5: Generate unique UPNs for AS-REQ enterprise tests
This helps to avoid problems with account creation due to UPN uniqueness
constraints.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Wed, 22 Dec 2021 03:08:43 +0000 (16:08 +1300)]
s4:torture: Remove netbios realm and lowercase realm tests
Tests for these are already present in
samba.tests.krb5.as_canonicalization_tests. These tests cause problems
with an upgraded Heimdal version, and we want to stop supporting
non-canonical realm names, so this commit removes them.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Thu, 16 Dec 2021 08:06:55 +0000 (21:06 +1300)]
s4:torture: Make etype list variables static
If they are not made static, these variables end up being used by the
Kerberos libraries after they have gone out of scope.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
David Disseldorp [Fri, 14 Jan 2022 09:38:40 +0000 (10:38 +0100)]
build: reduce printf() calls in generated build_options.c
build_options.c is inefficient in multiple ways:
1) it's generated via one python fp.write() call per line
2) the generated code calls output() for each and every build option
This commit addresses (2), modifying write_build_options_header() and
write_build_options_footer(). write_build_options_section() could also
be collapsed into a single output() call, but this may lead to oversize
string literals, so has been left as is.
I observe no change in smbd --build-options output.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jan 17 13:17:53 UTC 2022 on sn-devel-184
David Disseldorp [Fri, 14 Jan 2022 09:38:40 +0000 (10:38 +0100)]
build: reduce fp.write calls for build_options.c generation
build_options.c is inefficient in multiple ways:
1) it's generated via one python fp.write() call per line
2) the generated code calls output() for each and every build option
This commit reduces fp.write() calls for (1). I observe no change in the
generated build_options.c .
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Thu, 13 Jan 2022 14:31:33 +0000 (15:31 +0100)]
s3:smbd: handle --build-options without parsing smb.conf
The smb.conf is parsed in post mode of a popt callback. The smbd
--build-options parameter should be handled when first encountered
to avoid requiring smb.conf presence.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14945
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Martin Schwenke [Fri, 14 Jan 2022 02:39:34 +0000 (13:39 +1100)]
WHATSNEW: Document CTDB leader and cluster lock changes
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jan 17 11:16:14 UTC 2022 on sn-devel-184
Martin Schwenke [Mon, 10 Jan 2022 02:41:31 +0000 (13:41 +1100)]
ctdb-doc: Remove documentation for recovery process
This is many years out of date and recent changes make it worse. It
is unlikely that anyone has the time to fix this in the near future,
so remove it because it is misleading.
Database recovery steps are well documented in comments in the
recovery helper. Cluster monitoring documentation can be re-added
when things stop changing.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 16 Jan 2022 22:16:17 +0000 (09:16 +1100)]
ctdb-doc: Update example configuration migration script
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 14 Jan 2022 12:09:38 +0000 (23:09 +1100)]
ctdb-tests: Improve test coverage for leader role yield and elections
Rename test, clean up node selection. Duplicate for for banning and
removing leader capability cases. Repeat all 3 tests without cluster
lock.
All of the standard election triggers are now tested, with and without
cluster lock. Due to test cluster configuration limitations, the
tests without cluster lock are skipped on a real cluster.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 14 Jan 2022 02:59:25 +0000 (13:59 +1100)]
ctdb-tests: Support commenting out local daemons configuration options
Can be used to disable default options, such as cluster lock.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 15 Jan 2022 02:02:02 +0000 (13:02 +1100)]
ctdb-config: Add configuration option [cluster] leader timeout
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 10 Jan 2022 03:15:25 +0000 (14:15 +1100)]
ctdb-config: [legacy] recmaster capability -> [cluster] leader capability
Rename this configuration item and move it into the [cluster]
configuration section.
Update documentation to match.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 10 Jan 2022 08:18:14 +0000 (19:18 +1100)]
ctdb-config: [cluster] recovery lock -> [cluster] cluster lock
Retain "recovery lock" and mark as deprecated for backward
compatibility.
Some documentation is still inconsistent.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 10 Jan 2022 03:18:32 +0000 (14:18 +1100)]
ctdb-doc: Update documentation for leader and cluster lock
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 18 Mar 2020 04:14:39 +0000 (15:14 +1100)]
ctdb-recoverd: Use race for cluster lock as election when lock is enabled
If the cluster is partitioned then nodes in one partition can not take
the lock anyway, so election is pointless. It just introduces
unnecessary corner cases.
Instead just race for the lock.
When a node notices a lack of leader and notifies other nodes of an
election via an unknown leader broadcast, the cluster lock election is
hooked into this broadcast.
The test needs to be updated because losing the cluster lock can now
result in a leadership change.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 14:19:38 +0000 (00:19 +1000)]
ctdb-protocol: Mark {GET,SET}_RECMASTER controls obsolete
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 14:10:22 +0000 (00:10 +1000)]
ctdb-protocol: Drop marshalling for {GET,SET}_RECMASTER controls
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 14:01:05 +0000 (00:01 +1000)]
ctdb-daemon: Drop implementation of {GET,SET}_RECMASTER controls
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 13:58:38 +0000 (23:58 +1000)]
ctdb-protocol: Drop protocol client functions for recmaster controls
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 13:56:10 +0000 (23:56 +1000)]
ctdb-client: Drop unused recmaster functions
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 13:52:05 +0000 (23:52 +1000)]
ctdb-daemon: Drop unused old client recmaster functions
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 13:26:41 +0000 (23:26 +1000)]
ctdb-recoverd: Drop calls to ctdb_ctrl_setrecmaster()
Nothing fetches this value anymore.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 13:25:34 +0000 (23:25 +1000)]
ctdb-recoverd: Drop recovery master verification
This doesn't make sense if leader broadcasts are used.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 10 Jan 2022 02:22:19 +0000 (13:22 +1100)]
ctdb-tools: recovery master -> leader
The following command names are changed:
recmaster -> leader
setrecmasterrole -> setleaderrole
Command output changed for the following commands:
status
getcapabilities
Documentation and tests are updated to reflect these changes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 19 Mar 2020 06:14:10 +0000 (17:14 +1100)]
ctdb-tools: Use leader broadcast in get_leader()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 19 Mar 2020 06:30:24 +0000 (17:30 +1100)]
ctdb-tools: Factor out get_leader()
This seems pointless but it localises a subsequent change and also
starts a terminology change in the tool code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 4 May 2020 07:56:22 +0000 (17:56 +1000)]
ctdb-tools: Handle leader broadcasts in ctdb tool
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 18 Mar 2020 23:46:25 +0000 (10:46 +1100)]
ctdb-tools: Print "UNKNOWN" when leader PNN is unknown
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 4 May 2020 09:01:09 +0000 (19:01 +1000)]
ctdb-client: Factor out function ctdb_client_wait_func_timeout()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 14 Jan 2022 10:47:52 +0000 (21:47 +1100)]
ctdb-tests: Factor out getting leader and waiting for leader change
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 May 2020 13:02:03 +0000 (23:02 +1000)]
ctdb-tests: Add leader broadcasts to fake_ctdbd
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Tue, 5 May 2020 06:53:39 +0000 (16:53 +1000)]
ctdb-tests: Implement srvid_handler for dispatching messages
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Tue, 17 Mar 2020 06:10:20 +0000 (17:10 +1100)]
ctdb-recoverd: Simplify some stopped/banned checks to inactive checks
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 4 May 2020 07:45:51 +0000 (17:45 +1000)]
ctdb-recoverd: No longer take cluster lock during recovery
Confirm instead that it is already held.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 10 Dec 2021 00:43:10 +0000 (11:43 +1100)]
ctdb-recoverd: Add and use function cluster_lock_enabled()
Now all references to ctdb->recovery_lock are encapsulated in the
cluster lock code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 10 Dec 2021 00:29:06 +0000 (11:29 +1100)]
ctdb-recoverd: Terminology change: recovery lock -> cluster lock
No functional changes, just name changes for clarity.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 20 Sep 2018 04:13:58 +0000 (14:13 +1000)]
ctdb-recoverd: Take cluster lock when election completes
It is no longer just a recovery lock but is always held by the cluster
leader.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 20 Sep 2018 02:30:58 +0000 (12:30 +1000)]
ctdb-recoverd: Factor out function cluster_lock_take()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 17 Mar 2020 06:58:02 +0000 (17:58 +1100)]
ctdb-tests: Avoid a race
See the comment in the code for details.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 7 Dec 2021 06:00:36 +0000 (17:00 +1100)]
ctdb-tests: Setup cluster with expected arguments
ctdb_test_init() doesn't actually pass arguments to local_daemons.sh.
This needs to be done using ctdb_nodes_start_custom().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 17 Dec 2021 01:54:23 +0000 (12:54 +1100)]
ctdb-recoverd: Drop leader validation
The introduction of the leader broadcast timeout provides an
alternative to the current leader validation. Using the leader
broadcast may not be as fast but it is more correct.
When the leader node is stopped or banned, the only way of triggering
an election is currently to fetch the leader's node map to check
whether the it is still active. This is because the leader will no
longer push the node map to other nodes. However, having all nodes
fetch the node map from an inactive leader may be unreliable.
Most of the other cases are also handled more reliably by the leader
broadcast timeout.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 6 Jan 2022 03:47:45 +0000 (14:47 +1100)]
ctdb-recoverd: Drop special case for elected-before-connected
This no longer occurs at startup due to the leader broadcast timeout.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 17 Dec 2021 03:42:47 +0000 (14:42 +1100)]
ctdb-recoverd: Handle leader broadcast timeout
If no leader broadcasts have been received from the leader for more
than 5s then trigger an election.
Apart from being sane behaviour, this avoids elected-before-connected
bugs at startup, where a node elects itself leader before it is
connected to other nodes.
When a node processes a leader broadcast timeout it sends an unknown
leader broadcast to all nodes. That causes cancellation of the leader
broadcast timeout across the cluster. This is particular important at
startup, since nodes may be started in a staggered fashion. Without
this cluster-wide cancellation, a node might notice the lack of
leader, win an election and complete a recovery before other nodes
notice the lack of leader. When the leader broadcast timeout finally
occurs on the other nodes then they'll put the cluster back into an
unnecessary recovery.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 16 Mar 2020 05:16:44 +0000 (16:16 +1100)]
ctdb-recoverd: Send leader broadcasts
These are triggered on 1 second timer, but are only sent if the node
is the current leader and there is no election underway.
If this node can not be the leader then ensure it releases the
recovery lock.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 16 Mar 2020 05:07:26 +0000 (16:07 +1100)]
ctdb-recoverd: Process leader broadcasts
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 16 Mar 2020 05:05:29 +0000 (16:05 +1100)]
ctdb-protocol: Add CTDB_SRVID_LEADER
CTDB_SRVID_LEADER will be regularly broadcast to all connected nodes
by the leader.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 18 Mar 2020 09:27:10 +0000 (20:27 +1100)]
ctdb-recoverd: Add an explicit flag for election in progress
An alternate election method will be added that doesn't use the
election timeout, so this provides a common way for recognising when
an election is in progress.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 7 Jan 2022 00:27:06 +0000 (11:27 +1100)]
ctdb-recoverd: Only start election if node can be leader
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 13 Dec 2021 23:57:03 +0000 (10:57 +1100)]
ctdb-recoverd: Add and use function this_node_can_be_leader()
This makes the code self-documenting.
In ctdb_election_data() there is a slight behaviour change. An
inactive node will now try to lose an election. This case should not happen
because:
* An inactive node can't win an election round and then send a reply.
* Any inactive node should never start an election. There are
currently places where this happens and they will be fixed later.
There is an instance where this could be used in
validate_recovery_master() but this involves a more serious logic
change. Overhaul this function later.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Dec 2021 00:07:25 +0000 (11:07 +1100)]
ctdb-recoverd: Logging/comments: recovery master -> leader
There are some remaining instances in this file but they will be
removed in subsequent commits.
Modernise debug macros as appropriate.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 14 Jul 2020 05:22:33 +0000 (15:22 +1000)]
ctdb-recoverd: Rename recmaster field to leader
Recovery master is being renamed to leader. This follows clustering
best practice (e.g. RAFT).
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Dec 2021 09:25:46 +0000 (20:25 +1100)]
ctdb-recoverd: Use rec->pnn everywhere
This is currently referenced in a number of inconsistent
ways, including:
* pnn
* rec->ctdb->pnn
* ctdb->pnn
* ctdb_get_pnn(ctdb)
* ctdb_get_pnn(rec->ctdb)
The first of these always requires some thought about the context - is
this the node PNN or some other PNN (e.g. argument to function)?
rec->pnn is now always used when referring to the recovery daemon's
PNN.
Doing this also reduces reliance on struct ctdb_context internals.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Dec 2021 10:28:05 +0000 (21:28 +1100)]
ctdb-recoverd: Change argument to srvid_disable_and_reply()
Reduce dependency on struct ctdb_context internals, enable a
subsequent change.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 9 Dec 2021 23:31:56 +0000 (10:31 +1100)]
ctdb-recoverd: Simplify arguments to ctdb_ban_node()
ban_time argument is always ctdb->tunable.recovery_ban_period, so
build this in and make the calling code more readable.
ctdb_ban_node() already logs how long a node is banned for, so don't
repeatedly log this.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 12 Dec 2021 22:51:36 +0000 (09:51 +1100)]
ctdb-recoverd: Simplify arguments to verify_local_ip_allocation()
All other arguments are available via rec, so simplify.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 16 Jan 2018 05:20:05 +0000 (16:20 +1100)]
ctdb-recoverd: Simplify arguments to do_recovery()
pnn and nodemap are both available via the rec context, so simplify.
vnnmap is unused.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Dec 2021 08:27:01 +0000 (19:27 +1100)]
ctdb-recoverd: Simplify arguments to some election functions
The pnn and nodemap arguments to force_election() and
send_election_request() are always effectively rec->pnn and
rec->nodemap, so simplify.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Dec 2021 23:33:17 +0000 (10:33 +1100)]
ctdb-recoverd: Add PNN to recovery daemon context
This is currently referenced in a number of inconsistent
ways, including:
* pnn
* rec->ctdb->pnn
* ctdb->pnn
* ctdb_get_pnn(ctdb)
* ctdb_get_pnn(rec->ctdb)
The first of these always requires some thought about the context - is
this the node PNN or some other PNN (e.g. argument to function)?
The intention is to always use rec->pnn when referring to the recovery
daemon's PNN.
Doing this also reduces reliance on struct ctdb_context internals.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 9 Dec 2021 00:47:54 +0000 (11:47 +1100)]
ctdb-recoverd: Use this_node_is_leader() in an extra context
This is arguably clearer.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Dec 2021 08:37:39 +0000 (19:37 +1100)]
ctdb-recoverd: Factor out and use function this_node_is_leader()
Make the code self-documenting.
This preempts an upcoming change to terminology but doing it now saves
a lot of churn.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 11:16:44 +0000 (21:16 +1000)]
ctdb-recoverd: Pass SIGHUP to running helper
The recovery and takeover helpers can run for a while and generate
non-trivial logs, so have them reopen their logs to support log
rotation.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Jan 17 04:36:30 UTC 2022 on sn-devel-184
Martin Schwenke [Thu, 30 Sep 2021 11:15:56 +0000 (21:15 +1000)]
ctdb-recoverd: Record helper PID in recovery daemon context
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 11:14:14 +0000 (21:14 +1000)]
ctdb-recoverd: Add log reopening on SIGHUP to helpers
Recovery and takeover helpers can run for a while and generate
non-trivial logs. They should support log reopening.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 11:10:33 +0000 (21:10 +1000)]
ctdb-daemon: Enable log reopening for event daemon
Add and call hook to pass on SIGHUP to eventd.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 11:11:44 +0000 (21:11 +1000)]
ctdb-event: Reopen logs on SIGHUP
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 11:08:25 +0000 (21:08 +1000)]
ctdb-daemon: Enable log reopening for recovery daemon
Pass on a SIGHUP to the recovery daemon, which will then reopen its
logs.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 11:03:15 +0000 (21:03 +1000)]
ctdb-recoverd: Add basic log reopening
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 11:06:16 +0000 (21:06 +1000)]
ctdb-daemon: Add basic top-level log reopening
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Sep 2021 10:55:27 +0000 (20:55 +1000)]
ctdb-common: Add support for reopening logs
Now that CTDB uses Samba's file logging it is possible to reopen the
logs, so that log rotation can be supported.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Nov 2021 10:17:39 +0000 (21:17 +1100)]
ctdb-common: Separate sock_daemon's SIGHUP and SIGUSR1 handling
SIGHUP is for reopening logs, SIGUSR1 is for reconfigure.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 23 Sep 2021 08:37:57 +0000 (18:37 +1000)]
ctdb-common: Use Samba's DEBUG_FILE logging
This has support for log rotation (or re-opening).
The log format is updated to use an RFC5424 timestamp and to include a
hostname. The addition of the hostname allows trivial merging of log
files from multiple cluster nodes.
The hostname is faked from the CTDB_BASE environment variable during
testing, as per the comment in the code. It is currently faked in a
similar manner in local_daemons.sh when printing logs, so drop this.
Unit tests need updating because stderr logging no longer produces a
"PROGNAME[PID]: " header.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 24 Sep 2021 12:17:53 +0000 (22:17 +1000)]
ctdb-common: Switch initial debug type to DEBUG_DEFAULT_STDERR
This can be overridden by DEBUG_FILE, whereas DEBUG_STDERR can not.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Jeremy Allison [Wed, 12 Jan 2022 18:42:48 +0000 (10:42 -0800)]
s3: smbd: Add missing pop_sec_ctx() in error code path of close_directory()
If delete_all_streams() fails.
Found by Andrew Walker <awalker@ixsystems.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14944
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 14 03:34:47 UTC 2022 on sn-devel-184
Martin Schwenke [Thu, 30 Dec 2021 01:29:58 +0000 (12:29 +1100)]
ctdb-protocol: Print IPv6 sockets with RFC5952 "[2001:db8::1]:80" notation
RFC5952 says the existing style is not recommended and the [] style
should be employed.
There are more optimised ways of adding the square brackets but they
tend to be uglier.
Parsing IPv6 sockets without [] is now tested indirectly by parsing
examples in both styles and comparing the results.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 13 17:02:21 UTC 2022 on sn-devel-184
Martin Schwenke [Wed, 5 Jan 2022 01:09:45 +0000 (12:09 +1100)]
ctdb-tests: Add extra IPv6 socket parsing tests
Add tests to confirm that square brackets are handled and that
IPv4-mapped IPv6 addresses are parsed as expected.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Thu, 23 Dec 2021 10:52:38 +0000 (11:52 +0100)]
ctdb-protocol: Allow rfc5952 "[2001:db8::1]:80" ipv6 notation
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14934
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Volker Lendecke [Wed, 29 Dec 2021 13:46:14 +0000 (14:46 +0100)]
ctdb-protocol: Save 50 bytes .text segment
Having this as a small static .text is simpler than having to create
this on the stack.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Volker Lendecke [Wed, 29 Dec 2021 14:10:28 +0000 (15:10 +0100)]
ctdb-protocol: rindex->strrchr
According to "man rindex" on debian bullseye rindex() was deprecated
in Posix.1-2001 and removed from Posix.1-2008.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Stefan Metzmacher [Mon, 20 Dec 2021 16:48:44 +0000 (17:48 +0100)]
dsdb/schema: let dsdb_syntax_DN_BINARY_drsuapi_to_ldb return WERR_DS_INVALID_ATTRIBUTE_SYNTAX
When Object(OR-Name) uses dsdb_syntax_DN_BINARY_drsuapi_to_ldb() it
should genrate WERR_DS_INVALID_ATTRIBUTE_SYNTAX if the binary part
is not empty.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 12 03:09:52 UTC 2022 on sn-devel-184
Stefan Metzmacher [Mon, 20 Dec 2021 16:46:47 +0000 (17:46 +0100)]
dsdb/schema: add no memory checks for {ldb,dsdb}_dn_get_extended_linearized()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 5 Jun 2021 21:12:50 +0000 (23:12 +0200)]
dsdb/common: dsdb_dn_construct_internal() more strict checking
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 20 Dec 2021 16:50:07 +0000 (17:50 +0100)]
dsdb/schema: fix Object(OR-Name) syntax definition
This is a strange one, it uses DN_BINARY in the drsuapi
representation, while the binary part must be 0 bytes.
and the LDAP/ldb representation is a plain DN (without 'B:').
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 5 Jun 2021 21:12:20 +0000 (23:12 +0200)]
dsdb/schema/tests: let samba4.local.dsdb.syntax call the validate_dn() hook
This demonstrates that our OR-Name syntax is wrong,
which wasn't noticed yet as it's not used in the AD-Schema.
I noticed it by installing the Exchange-Schema on a Samba DC.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 21 Dec 2021 13:00:34 +0000 (14:00 +0100)]
s4:rpc_server/netlogon: let CSDVersion="" wipe operatingSystemServicePack
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14936
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 11 22:03:03 UTC 2022 on sn-devel-184
Stefan Metzmacher [Tue, 21 Dec 2021 12:58:07 +0000 (13:58 +0100)]
s4:torture/rpc: test how CSDVersion="" wipes operatingSystemServicePack
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14936
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 7 Jan 2022 19:27:16 +0000 (11:27 -0800)]
lib: util: Make nt_time_to_full_timespec() call nt_time_to_unix_timespec_raw() for the conversion.
Cleanup to eliminate duplicate code.
The high check is now done against ret.tv_sec,
not 'd', as after calling nt_time_to_unix_timespec_raw()
this is identical to the previous intermediate 'd'
variable.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 11 01:36:51 UTC 2022 on sn-devel-184
Jeremy Allison [Fri, 7 Jan 2022 19:22:03 +0000 (11:22 -0800)]
lib: util: Make nt_time_to_unix_timespec() call nt_time_to_unix_timespec_raw() for the conversion.
Cleanup to eliminate duplicate code.
The low/high checks are now done against ret.tv_sec,
not 'd', as after calling nt_time_to_unix_timespec_raw()
this is identical to the previous intermediate 'd'
variable.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>