s3-passdb: Keep caches coherent

When deleting a user send a message to all interested parties so they can
purge their caches. Otherwise some processes may positively respond with a
cached getpwnam, when the user have actully been removed.

Without this some tests that remove and then immediately create users are
flakey.

Signed-off-by: Simo Sorce <idra@samba.org>

diff --git a/source3/lib/id_cache.c b/source3/lib/id_cache.c
index f78064ea31dff2ddcda13267efbffefb97b4f238..71693c14643fcf76ea211e2ea435f0a47e46a481 100644 (file)
--- a/source3/lib/id_cache.c
+++ b/source3/lib/id_cache.c
@@ -56,6 +56,10 @@ bool id_cache_ref_parse(const char* str, struct id_cache_ref* id)
                id->id.sid = sid;
                id->type = SID;
                return true;
+       } else if (strncmp(str, "USER ", 5) == 0) {
+               id->id.name = str + 5;
+               id->type = USERNAME;
+               return true;
        }
        return false;
 }
@@ -112,6 +116,15 @@ static bool delete_sid_cache(const struct dom_sid* psid)
        return true;
 }
 
+static bool delete_getpwnam_cache(const char *username)
+{
+       DATA_BLOB name = data_blob_string_const_null(username);
+       DEBUG(6, ("Delete passwd struct for %s from memcache\n",
+                 username));
+       memcache_delete(NULL, GETPWNAM_CACHE, name);
+       return true;
+}
+
 static void flush_gid_cache(void)
 {
        DEBUG(3, ("Flush GID <-> SID memcache\n"));
@@ -140,6 +153,8 @@ static void delete_from_cache(const struct id_cache_ref* id)
                delete_sid_cache(&id->id.sid);
                idmap_cache_del_sid(&id->id.sid);
                break;
+       case USERNAME:
+               delete_getpwnam_cache(id->id.name);
        default:
                break;
        }

diff --git a/source3/lib/id_cache.h b/source3/lib/id_cache.h
index 9aa0e03586ad1fc3134427087598a5e09178cc7f..208ce60e96b36c229db475105f415640235e7c99 100644 (file)
--- a/source3/lib/id_cache.h
+++ b/source3/lib/id_cache.h
@@ -24,7 +24,7 @@ struct id_cache_ref {
                struct dom_sid sid;
                const char *name;
        } id;
-       enum {UID, GID, SID, NAME} type;
+       enum {UID, GID, SID, USERNAME} type;
 };
 
 bool id_cache_ref_parse(const char* str, struct id_cache_ref* id);

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 738b12fc2787261546e99bd4c6e5a0393857d29d..301fda6ffe27b2b71b7543e08a0c8b3adaf2a6e0 100644 (file)
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -24,6 +24,7 @@
 #include "system/passwd.h"
 #include "passdb.h"
 #include "secrets.h"
+#include "messages.h"
 #include "../librpc/gen_ndr/samr.h"
 #include "../librpc/gen_ndr/drsblobs.h"
 #include "../librpc/gen_ndr/ndr_drsblobs.h"
@@ -608,6 +609,8 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
 {
        struct pdb_methods *pdb = pdb_get_methods();
        uid_t uid = -1;
+       NTSTATUS status;
+       char *msg_data;
 
        /* sanity check to make sure we don't delete root */
 
@@ -619,7 +622,26 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
                return NT_STATUS_ACCESS_DENIED;
        }
 
-       return pdb->delete_user(pdb, mem_ctx, sam_acct);
+       status = pdb->delete_user(pdb, mem_ctx, sam_acct);
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       msg_data = talloc_asprintf(mem_ctx, "USER %s",
+                                  pdb_get_username(sam_acct));
+       if (!msg_data) {
+               /* not fatal, and too late to rollback,
+                * just return */
+               return status;
+       }
+       message_send_all(server_messaging_context(),
+                        ID_CACHE_DELETE,
+                        msg_data,
+                        strlen(msg_data) + 1,
+                        NULL);
+
+       TALLOC_FREE(msg_data);
+       return status;
 }
 
 NTSTATUS pdb_add_sam_account(struct samu *sam_acct) 

diff --git a/source3/rpc_server/lsasd.c b/source3/rpc_server/lsasd.c
index 1c6bde6082e932b67bf4b9cbbcdf75d9e925a93f..4469007308b950a74f4e1a77abb3413a0816404f 100644 (file)
--- a/source3/rpc_server/lsasd.c
+++ b/source3/rpc_server/lsasd.c
@@ -24,6 +24,8 @@
 #include "messages.h"
 #include "ntdomain.h"
 
+#include "lib/id_cache.h"
+
 #include "../lib/tsocket/tsocket.h"
 #include "lib/server_prefork.h"
 #include "lib/server_prefork_util.h"
@@ -267,6 +269,7 @@ static bool lsasd_child_init(struct tevent_context *ev_ctx,
                           MSG_SMB_CONF_UPDATED, lsasd_smb_conf_updated);
        messaging_register(msg_ctx, ev_ctx,
                           MSG_PREFORK_PARENT_EVENT, parent_ping);
+       id_cache_register_msgs(msg_ctx);
 
        status = rpc_lsarpc_init(NULL);
        if (!NT_STATUS_IS_OK(status)) {