2 Unix SMB/CIFS mplementation.
4 The module that handles the Schema FSMO Role Owner
5 checkings, it also loads the dsdb_schema.
7 Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009-2010
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "ldb_module.h"
27 #include "dsdb/samdb/samdb.h"
28 #include "librpc/gen_ndr/ndr_misc.h"
29 #include "librpc/gen_ndr/ndr_drsuapi.h"
30 #include "librpc/gen_ndr/ndr_drsblobs.h"
31 #include "param/param.h"
33 #include "lib/tdb_wrap/tdb_wrap.h"
34 #include "dsdb/samdb/ldb_modules/util.h"
36 #include "system/filesys.h"
37 struct schema_load_private_data {
38 struct ldb_module *module;
39 uint64_t in_transaction;
40 uint64_t in_read_transaction;
41 struct tdb_wrap *metadata;
42 uint64_t schema_seq_num_cache;
46 * Please write out the updated schema on the next transaction
52 static int dsdb_schema_from_db(struct ldb_module *module,
54 uint64_t schema_seq_num,
55 struct dsdb_schema **schema);
58 * Open sam.ldb.d/metadata.tdb.
60 static int schema_metadata_open(struct ldb_module *module)
62 struct schema_load_private_data *data = talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
63 struct ldb_context *ldb = ldb_module_get_ctx(module);
65 struct loadparm_context *lp_ctx;
72 return ldb_module_error(module, LDB_ERR_OPERATIONS_ERROR,
73 "schema_load: metadata not initialized");
75 data->metadata = NULL;
77 tmp_ctx = talloc_new(NULL);
78 if (tmp_ctx == NULL) {
79 return ldb_module_oom(module);
82 sam_name = (const char *)ldb_get_opaque(ldb, "ldb_url");
85 return ldb_operr(ldb);
87 if (strncmp("tdb://", sam_name, 6) == 0) {
90 filename = talloc_asprintf(tmp_ctx, "%s.d/metadata.tdb", sam_name);
97 if (stat(filename, &statbuf) != 0) {
99 return LDB_ERR_OPERATIONS_ERROR;
102 lp_ctx = talloc_get_type_abort(ldb_get_opaque(ldb, "loadparm"),
103 struct loadparm_context);
105 data->metadata = tdb_wrap_open(data, filename, 10,
106 lpcfg_tdb_flags(lp_ctx, TDB_DEFAULT|TDB_SEQNUM),
108 if (data->metadata == NULL) {
109 talloc_free(tmp_ctx);
110 return LDB_ERR_OPERATIONS_ERROR;
113 talloc_free(tmp_ctx);
117 static int schema_metadata_get_uint64(struct schema_load_private_data *data,
118 const char *key, uint64_t *value,
119 uint64_t default_value)
121 struct tdb_context *tdb;
122 TDB_DATA tdb_key, tdb_data;
128 *value = default_value;
132 if (!data->metadata) {
133 return LDB_ERR_OPERATIONS_ERROR;
136 tdb_seqnum = tdb_get_seqnum(data->metadata->tdb);
137 if (tdb_seqnum == data->tdb_seqnum) {
138 *value = data->schema_seq_num_cache;
142 tmp_ctx = talloc_new(NULL);
143 if (tmp_ctx == NULL) {
144 return ldb_module_oom(data->module);
147 tdb = data->metadata->tdb;
149 tdb_key.dptr = (uint8_t *)discard_const_p(char, key);
150 tdb_key.dsize = strlen(key);
152 tdb_data = tdb_fetch(tdb, tdb_key);
153 if (!tdb_data.dptr) {
154 if (tdb_error(tdb) == TDB_ERR_NOEXIST) {
155 *value = default_value;
156 talloc_free(tmp_ctx);
159 talloc_free(tmp_ctx);
160 return ldb_module_error(data->module, LDB_ERR_OPERATIONS_ERROR,
165 value_str = talloc_strndup(tmp_ctx, (char *)tdb_data.dptr, tdb_data.dsize);
166 if (value_str == NULL) {
167 SAFE_FREE(tdb_data.dptr);
168 talloc_free(tmp_ctx);
169 return ldb_module_oom(data->module);
173 * Now store it in the cache. We don't mind that tdb_seqnum
174 * may be stale now, that just means the cache won't be used
177 data->tdb_seqnum = tdb_seqnum;
178 data->schema_seq_num_cache = strtoull(value_str, NULL, 10);
180 *value = data->schema_seq_num_cache;
182 SAFE_FREE(tdb_data.dptr);
183 talloc_free(tmp_ctx);
188 static struct dsdb_schema *dsdb_schema_refresh(struct ldb_module *module, struct tevent_context *ev,
189 struct dsdb_schema *schema, bool is_global_schema)
192 uint64_t schema_seq_num = 0;
194 struct ldb_context *ldb = ldb_module_get_ctx(module);
195 struct dsdb_schema *new_schema;
197 struct schema_load_private_data *private_data = talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
199 /* We can't refresh until the init function has run */
203 if (schema != NULL) {
205 * If we have a schema already (not in the startup)
206 * and we are in a read or write transaction, then
207 * avoid a schema reload, it can't have changed
209 if (private_data->in_transaction > 0
210 || private_data->in_read_transaction > 0 ) {
212 * If the refresh is not an expected part of a
213 * larger transaction, then we don't allow a
214 * schema reload during a transaction. This
215 * stops others from modifying our schema
218 if (ldb_get_opaque(ldb,
219 "dsdb_schema_refresh_expected")
226 SMB_ASSERT(ev == ldb_get_event_context(ldb));
228 mem_ctx = talloc_new(module);
229 if (mem_ctx == NULL) {
234 * We update right now the last refresh timestamp so that if
235 * the schema partition hasn't change we don't keep on retrying.
236 * Otherwise if the timestamp was update only when the schema has
237 * actually changed (and therefor completely reloaded) we would
238 * continue to hit the database to get the highest USN.
241 ret = schema_metadata_get_uint64(private_data,
242 DSDB_METADATA_SCHEMA_SEQ_NUM,
245 if (schema != NULL) {
246 if (ret == LDB_SUCCESS) {
247 if (schema->metadata_usn == schema_seq_num) {
248 TALLOC_FREE(mem_ctx);
251 DEBUG(3, ("Schema refresh needed %lld != %lld\n",
252 (unsigned long long)schema->metadata_usn,
253 (unsigned long long)schema_seq_num));
256 /* From an old provision it can happen that the tdb didn't exists yet */
257 DEBUG(0, ("Error while searching for the schema usn in the metadata ignoring: %d:%s:%s\n",
258 ret, ldb_strerror(ret), ldb_errstring(ldb)));
259 TALLOC_FREE(mem_ctx);
263 DEBUG(10, ("Initial schema load needed, as we have no existing schema, seq_num: %lld\n",
264 (unsigned long long)schema_seq_num));
267 ret = dsdb_schema_from_db(module, mem_ctx, schema_seq_num, &new_schema);
268 if (ret != LDB_SUCCESS) {
269 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
270 "dsdb_schema_from_db() failed: %d:%s: %s",
271 ret, ldb_strerror(ret), ldb_errstring(ldb));
272 TALLOC_FREE(mem_ctx);
276 ret = dsdb_set_schema(ldb, new_schema, SCHEMA_MEMORY_ONLY);
277 if (ret != LDB_SUCCESS) {
278 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
279 "dsdb_set_schema() failed: %d:%s: %s",
280 ret, ldb_strerror(ret), ldb_errstring(ldb));
281 TALLOC_FREE(mem_ctx);
284 if (is_global_schema) {
285 dsdb_make_schema_global(ldb, new_schema);
287 TALLOC_FREE(mem_ctx);
293 Given an LDB module (pointing at the schema DB), and the DN, set the populated schema
296 static int dsdb_schema_from_db(struct ldb_module *module,
298 uint64_t schema_seq_num,
299 struct dsdb_schema **schema)
301 struct ldb_context *ldb = ldb_module_get_ctx(module);
305 struct ldb_dn *schema_dn = ldb_get_schema_basedn(ldb);
306 struct ldb_result *res;
307 struct ldb_message *schema_msg = NULL;
308 static const char *schema_attrs[] = {
309 DSDB_SCHEMA_COMMON_ATTRS,
310 DSDB_SCHEMA_ATTR_ATTRS,
311 DSDB_SCHEMA_CLASS_ATTRS,
319 tmp_ctx = talloc_new(module);
324 /* we don't want to trace the schema load */
325 flags = ldb_get_flags(ldb);
326 ldb_set_flags(ldb, flags & ~LDB_FLG_ENABLE_TRACING);
329 * Load the attribute and class definitions, as well as
330 * the schema object. We do this in one search and then
331 * split it so that there isn't a race condition when
332 * the schema is changed between two searches.
334 ret = dsdb_module_search(module, tmp_ctx, &res,
335 schema_dn, LDB_SCOPE_SUBTREE,
337 DSDB_FLAG_NEXT_MODULE |
338 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT,
340 "(|(objectClass=attributeSchema)"
341 "(objectClass=classSchema)"
342 "(objectClass=dMD))");
343 if (ret != LDB_SUCCESS) {
344 ldb_asprintf_errstring(ldb,
345 "dsdb_schema: failed to search attributeSchema and classSchema objects: %s",
351 * Separate the schema object from the attribute and
354 for (i = 0; i < res->count; i++) {
355 if (ldb_msg_find_element(res->msgs[i], "prefixMap")) {
356 schema_msg = res->msgs[i];
361 if (schema_msg == NULL) {
362 ldb_asprintf_errstring(ldb,
363 "dsdb_schema load failed: failed to find prefixMap");
364 ret = LDB_ERR_NO_SUCH_ATTRIBUTE;
368 ret = dsdb_schema_from_ldb_results(tmp_ctx, ldb,
369 schema_msg, res, schema, &error_string);
370 if (ret != LDB_SUCCESS) {
371 ldb_asprintf_errstring(ldb,
372 "dsdb_schema load failed: %s",
377 (*schema)->metadata_usn = schema_seq_num;
379 talloc_steal(mem_ctx, *schema);
382 if (flags & LDB_FLG_ENABLE_TRACING) {
383 flags = ldb_get_flags(ldb);
384 ldb_set_flags(ldb, flags | LDB_FLG_ENABLE_TRACING);
386 talloc_free(tmp_ctx);
390 static int schema_load(struct ldb_context *ldb,
391 struct ldb_module *module,
394 struct dsdb_schema *schema;
395 void *readOnlySchema;
396 int ret, metadata_ret;
397 TALLOC_CTX *frame = talloc_stackframe();
399 schema = dsdb_get_schema(ldb, frame);
401 metadata_ret = schema_metadata_open(module);
403 /* We might already have a schema */
404 if (schema != NULL) {
405 /* If we have the metadata.tdb, then hook up the refresh function */
406 if (metadata_ret == LDB_SUCCESS && dsdb_uses_global_schema(ldb)) {
407 ret = dsdb_set_schema_refresh_function(ldb, dsdb_schema_refresh, module);
409 if (ret != LDB_SUCCESS) {
410 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
411 "schema_load_init: dsdb_set_schema_refresh_fns() failed: %d:%s: %s",
412 ret, ldb_strerror(ret), ldb_errstring(ldb));
422 readOnlySchema = ldb_get_opaque(ldb, "readOnlySchema");
424 /* If we have the readOnlySchema opaque, then don't check for
425 * runtime schema updates, as they are not permitted (we would
426 * have to update the backend server schema too */
427 if (readOnlySchema != NULL) {
428 struct dsdb_schema *new_schema;
429 ret = dsdb_schema_from_db(module, frame, 0, &new_schema);
430 if (ret != LDB_SUCCESS) {
431 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
432 "schema_load_init: dsdb_schema_from_db() failed: %d:%s: %s",
433 ret, ldb_strerror(ret), ldb_errstring(ldb));
438 /* "dsdb_set_schema()" steals schema into the ldb_context */
439 ret = dsdb_set_schema(ldb, new_schema, SCHEMA_MEMORY_ONLY);
440 if (ret != LDB_SUCCESS) {
441 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
442 "schema_load_init: dsdb_set_schema() failed: %d:%s: %s",
443 ret, ldb_strerror(ret), ldb_errstring(ldb));
448 } else if (metadata_ret == LDB_SUCCESS) {
449 ret = dsdb_set_schema_refresh_function(ldb, dsdb_schema_refresh, module);
451 if (ret != LDB_SUCCESS) {
452 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
453 "schema_load_init: dsdb_set_schema_refresh_fns() failed: %d:%s: %s",
454 ret, ldb_strerror(ret), ldb_errstring(ldb));
459 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
460 "schema_load_init: failed to open metadata.tdb");
465 schema = dsdb_get_schema(ldb, frame);
467 /* We do this, invoking the refresh handler, so we know that it works */
468 if (schema == NULL) {
469 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
470 "schema_load_init: dsdb_get_schema failed");
472 return LDB_ERR_OPERATIONS_ERROR;
475 /* Now check the @INDEXLIST is correct, or fix it up */
476 ret = dsdb_schema_set_indices_and_attributes(ldb, schema,
478 if (ret == LDB_ERR_BUSY) {
485 if (ret != LDB_SUCCESS) {
486 ldb_asprintf_errstring(ldb, "Failed to update "
487 "@INDEXLIST and @ATTRIBUTES "
488 "records to match database schema: %s",
498 static int schema_load_init(struct ldb_module *module)
500 struct ldb_context *ldb = ldb_module_get_ctx(module);
501 struct schema_load_private_data *private_data;
504 private_data = talloc_zero(module, struct schema_load_private_data);
505 if (private_data == NULL) {
508 private_data->module = module;
510 ldb_module_set_private(module, private_data);
512 ret = ldb_next_init(module);
513 if (ret != LDB_SUCCESS) {
517 return schema_load(ldb, module, &private_data->need_write);
520 static int schema_load_start_transaction(struct ldb_module *module)
522 struct schema_load_private_data *private_data =
523 talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
524 struct ldb_context *ldb = ldb_module_get_ctx(module);
525 struct dsdb_schema *schema;
528 ret = ldb_next_start_trans(module);
529 if (ret != LDB_SUCCESS) {
533 /* Try the schema refresh now */
534 schema = dsdb_get_schema(ldb, NULL);
535 if (schema == NULL) {
536 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
537 "schema_load_init: dsdb_get_schema failed");
538 return LDB_ERR_OPERATIONS_ERROR;
541 if (private_data->need_write) {
542 ret = dsdb_schema_set_indices_and_attributes(ldb,
545 private_data->need_write = false;
548 private_data->in_transaction++;
553 static int schema_load_end_transaction(struct ldb_module *module)
555 struct schema_load_private_data *private_data =
556 talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
557 struct ldb_context *ldb = ldb_module_get_ctx(module);
559 if (private_data->in_transaction == 0) {
560 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
561 "schema_load_end_transaction: transaction mismatch");
562 return LDB_ERR_OPERATIONS_ERROR;
564 private_data->in_transaction--;
566 return ldb_next_end_trans(module);
569 static int schema_load_del_transaction(struct ldb_module *module)
571 struct schema_load_private_data *private_data =
572 talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
573 struct ldb_context *ldb = ldb_module_get_ctx(module);
575 if (private_data->in_transaction == 0) {
576 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
577 "schema_load_del_transaction: transaction mismatch");
578 return LDB_ERR_OPERATIONS_ERROR;
580 private_data->in_transaction--;
582 return ldb_next_del_trans(module);
585 /* This is called in a transaction held by the callers */
586 static int schema_load_extended(struct ldb_module *module, struct ldb_request *req)
588 struct ldb_context *ldb = ldb_module_get_ctx(module);
589 struct dsdb_schema *schema;
592 if (strcmp(req->op.extended.oid, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID) != 0) {
593 return ldb_next_request(module, req);
595 /* Force a refresh */
596 schema = dsdb_get_schema(ldb, NULL);
598 ret = dsdb_schema_set_indices_and_attributes(ldb,
602 if (ret != LDB_SUCCESS) {
603 ldb_asprintf_errstring(ldb, "Failed to write new "
604 "@INDEXLIST and @ATTRIBUTES "
605 "records for updated schema: %s",
610 /* Pass to next module, the partition one should finish the chain */
611 return ldb_next_request(module, req);
614 static int schema_read_lock(struct ldb_module *module)
616 struct schema_load_private_data *private_data =
617 talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
620 if (private_data == NULL) {
621 return ldb_next_read_lock(module);
624 ret = ldb_next_read_lock(module);
625 if (ret != LDB_SUCCESS) {
629 if (private_data->in_transaction == 0 &&
630 private_data->in_read_transaction == 0) {
631 /* Try the schema refresh now */
632 dsdb_get_schema(ldb_module_get_ctx(module), NULL);
635 private_data->in_read_transaction++;
640 static int schema_read_unlock(struct ldb_module *module)
642 struct schema_load_private_data *private_data =
643 talloc_get_type(ldb_module_get_private(module), struct schema_load_private_data);
645 if (private_data == NULL) {
646 return ldb_next_read_unlock(module);
649 private_data->in_read_transaction--;
651 return ldb_next_read_unlock(module);
655 static const struct ldb_module_ops ldb_schema_load_module_ops = {
656 .name = "schema_load",
657 .init_context = schema_load_init,
658 .extended = schema_load_extended,
659 .start_transaction = schema_load_start_transaction,
660 .end_transaction = schema_load_end_transaction,
661 .del_transaction = schema_load_del_transaction,
662 .read_lock = schema_read_lock,
663 .read_unlock = schema_read_unlock,
666 int ldb_schema_load_module_init(const char *version)
668 LDB_MODULE_CHECK_VERSION(version);
669 return ldb_register_module(&ldb_schema_load_module_ops);
git.samba.org / metze / samba / wip.git / blob