samba.git
10 hours agoWHATSNEW: document the removal of 'auth methods', 'map untrusted to domain' and ... master
Stefan Metzmacher [Mon, 7 Aug 2017 15:32:09 +0000 (17:32 +0200)]
WHATSNEW: document the removal of 'auth methods', 'map untrusted to domain' and 'profile acls'

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 14 00:40:31 CET 2017 on sn-devel-144

14 hours agodocs-xml: remove deprecated 'profile acls' option
Stefan Metzmacher [Mon, 7 Aug 2017 15:31:13 +0000 (17:31 +0200)]
docs-xml: remove deprecated 'profile acls' option

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
14 hours agos3:smbd: remove deprecated handling of "profile acls = yes"
Stefan Metzmacher [Mon, 7 Aug 2017 15:24:19 +0000 (17:24 +0200)]
s3:smbd: remove deprecated handling of "profile acls = yes"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
14 hours agotests/posixacl.py: remove useless 'profile acls' based test
Stefan Metzmacher [Mon, 7 Aug 2017 15:29:41 +0000 (17:29 +0200)]
tests/posixacl.py: remove useless 'profile acls' based test

test_setntacl_smbd_dont_invalidate_getntacl_smbd() is basically
the same as test_setntacl_smbd_getntacl_smbd()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
14 hours agos3:auth: is_trusted_domain() is now only useful (and used as DC)
Stefan Metzmacher [Mon, 19 Jun 2017 08:43:25 +0000 (10:43 +0200)]
s3:auth: is_trusted_domain() is now only useful (and used as DC)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agodocs-xml: remove unused "auth methods" option
Stefan Metzmacher [Mon, 19 Jun 2017 08:56:38 +0000 (10:56 +0200)]
docs-xml: remove unused "auth methods" option

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos4:auth_winbind: remove unused 'winbind_wbclient' backend
Stefan Metzmacher [Mon, 27 Nov 2017 12:48:34 +0000 (13:48 +0100)]
s4:auth_winbind: remove unused 'winbind_wbclient' backend

This is no longer useful as it doesn't support async requests.

It could be readded using pthreadpool_tevent_job_send()
and wbcCtxAuthenticateUserEx() if required.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos4:auth_winbind: remove unused 'winbind_rodc' backend
Stefan Metzmacher [Mon, 27 Nov 2017 12:48:34 +0000 (13:48 +0100)]
s4:auth_winbind: remove unused 'winbind_rodc' backend

This is no longer useful as the 'winbind' backend also
handles the rodc case now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos4:auth_sam: remove unused 'sam_failtrusts' backend
Stefan Metzmacher [Tue, 28 Nov 2017 06:40:09 +0000 (07:40 +0100)]
s4:auth_sam: remove unused 'sam_failtrusts' backend

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos4:auth/ntlm: remove lpcfg_auth_methods() handling
Stefan Metzmacher [Mon, 19 Jun 2017 08:56:00 +0000 (10:56 +0200)]
s4:auth/ntlm: remove lpcfg_auth_methods() handling

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos3:auth: remove lp_auth_methods() handling
Stefan Metzmacher [Mon, 19 Jun 2017 08:55:35 +0000 (10:55 +0200)]
s3:auth: remove lp_auth_methods() handling

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos4:selftest: remove samba.blackbox.pdbtest.s4winbind test
Stefan Metzmacher [Wed, 6 Dec 2017 12:28:27 +0000 (13:28 +0100)]
s4:selftest: remove samba.blackbox.pdbtest.s4winbind test

This is marked as knownfail for quite some time.

I don't think such a test is a reason to the 'auth methods' option.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos4:selftest: remove samba.blackbox.pdbtest.s4winbind_wbclient test
Stefan Metzmacher [Wed, 6 Dec 2017 12:25:19 +0000 (13:25 +0100)]
s4:selftest: remove samba.blackbox.pdbtest.s4winbind_wbclient test

The "winbind_wbclient" backend is unused and will be removed soon.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agopdbtest: also verify the authentication path for local users via winbindd
Stefan Metzmacher [Thu, 7 Dec 2017 12:03:55 +0000 (13:03 +0100)]
pdbtest: also verify the authentication path for local users via winbindd

This basically inlines the logic from the 'winbind_wbclient' backend,
which will be removed shortly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agodocs-xml: remove unused "map untrusted to domain" option
Stefan Metzmacher [Mon, 19 Jun 2017 08:48:49 +0000 (10:48 +0200)]
docs-xml: remove unused "map untrusted to domain" option

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos3:auth: remove "map untrusted to domain" handling
Stefan Metzmacher [Mon, 12 Jun 2017 13:35:41 +0000 (15:35 +0200)]
s3:auth: remove "map untrusted to domain" handling

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agoexamples/scripts: remove unused shares directory
Stefan Metzmacher [Thu, 7 Dec 2017 12:34:36 +0000 (13:34 +0100)]
examples/scripts: remove unused shares directory

These scripts are not that useful anymore, as they rely
on parameters to be defined in loadparm.c

It's confusing to get 'git grep' matches for parameters there...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agos4: remove ipv6:enabled parameteric option
Björn Jacke [Tue, 12 Dec 2017 21:32:09 +0000 (22:32 +0100)]
s4: remove ipv6:enabled parameteric option

this was never disabling ipv6, only v6-only interfaces. This can be achieved
with the interfaces parameter also if wanted.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agodoc: update and tidy up the main samba(7) man page
Bjoern Jacke [Fri, 8 Dec 2017 20:06:56 +0000 (21:06 +0100)]
doc: update and tidy up the main samba(7) man page

my favourite one here was "If you have access to a WWW viewer..." :)

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agodoc: remove section on ancient history of the docs
Bjoern Jacke [Fri, 8 Dec 2017 18:57:06 +0000 (19:57 +0100)]
doc: remove section on ancient history of the docs

This is quite historically, we should drop this.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
14 hours agodoc: move wins related man page to wins subdir
Bjoern Jacke [Fri, 8 Dec 2017 12:48:43 +0000 (13:48 +0100)]
doc: move wins related man page to wins subdir

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
17 hours agodocs-xml/manpages: Use new doc.version XML entity.
Karolin Seeger [Tue, 12 Dec 2017 08:08:06 +0000 (09:08 +0100)]
docs-xml/manpages: Use new doc.version XML entity.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9531

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec 13 17:22:01 CET 2017 on sn-devel-144

21 hours agodocs-xml: autogenerate a doc.version XML entity.
Stefan Metzmacher [Tue, 12 Dec 2017 10:01:51 +0000 (11:01 +0100)]
docs-xml: autogenerate a doc.version XML entity.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9531

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
21 hours agodocs-xml/Makefile.settings.in: make sure we don't require network access
Karolin Seeger [Tue, 12 Dec 2017 10:48:03 +0000 (11:48 +0100)]
docs-xml/Makefile.settings.in: make sure we don't require network access

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9531

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
21 hours agoselftest: Fix copyright header on samba.dsdb_lock
Andrew Bartlett [Wed, 6 Dec 2017 01:31:54 +0000 (14:31 +1300)]
selftest: Fix copyright header on samba.dsdb_lock

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13178

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Dec 13 13:03:16 CET 2017 on sn-devel-144

26 hours agoctdb-recovery-helper: Deregister message handler in error paths
Amitay Isaacs [Wed, 13 Dec 2017 05:12:09 +0000 (16:12 +1100)]
ctdb-recovery-helper: Deregister message handler in error paths

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13188

If PULL_DB control times out but the remote node is still sending the
data, then the tevent_req for pull_database_send will be freed without
removing the message handler.  So when the data is received, srvid
handler will be called and it will try to access tevent_req which will
result in use-after-free and abort.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
26 hours agoctdb-client: Add async version for ctdb_client_init()
Amitay Isaacs [Tue, 28 Nov 2017 10:17:37 +0000 (21:17 +1100)]
ctdb-client: Add async version for ctdb_client_init()

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
26 hours agoctdb-common: Avoid using void ** argument
Amitay Isaacs [Thu, 9 Nov 2017 05:37:15 +0000 (16:37 +1100)]
ctdb-common: Avoid using void ** argument

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
26 hours agoctdb-build: Apply dependency to correct subsystem
Amitay Isaacs [Thu, 2 Nov 2017 06:33:19 +0000 (17:33 +1100)]
ctdb-build: Apply dependency to correct subsystem

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
26 hours agoselftest: Add cleanup of ForeignSecurityPrincipal in samba.dsdb test
Andrew Bartlett [Wed, 13 Dec 2017 01:47:59 +0000 (14:47 +1300)]
selftest: Add cleanup of ForeignSecurityPrincipal in samba.dsdb test

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Dec 13 08:47:05 CET 2017 on sn-devel-144

30 hours agoselftest: Fix flapping samba.dsdb test
Andrew Bartlett [Wed, 13 Dec 2017 01:46:00 +0000 (14:46 +1300)]
selftest: Fix flapping samba.dsdb test

The check for the final digit in the SID was wrong, any domain SID
ending with a zero would fail the test.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
30 hours agopthreadpool: Fix deadlock
Volker Lendecke [Tue, 12 Dec 2017 22:07:39 +0000 (23:07 +0100)]
pthreadpool: Fix deadlock

Christof's idea from

https://lists.samba.org/archive/samba-technical/2017-December/124384.html

was that the thread already exited. It could also be that the thread is
not yet idle when the new pthreadpool_add_jobs comes around the corner.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Wed Dec 13 04:46:12 CET 2017 on sn-devel-144

34 hours agopthreadpool: Add some asserts
Volker Lendecke [Tue, 12 Dec 2017 12:58:48 +0000 (13:58 +0100)]
pthreadpool: Add some asserts

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 13 00:44:57 CET 2017 on sn-devel-144

38 hours agopthreadpool: Simplify the logic in add_job a bit
Volker Lendecke [Tue, 12 Dec 2017 12:52:56 +0000 (13:52 +0100)]
pthreadpool: Simplify the logic in add_job a bit

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
38 hours agosmbd: Enable async I/O by default
Volker Lendecke [Mon, 4 Dec 2017 14:39:10 +0000 (15:39 +0100)]
smbd: Enable async I/O by default

We've had this code in for long enough that we should enable it by default.
Modern clients do overlapping I/O, we should utilize that if possible.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
38 hours agovfs_aio_fork: Use a shorter random delay
Volker Lendecke [Mon, 11 Dec 2017 16:32:40 +0000 (17:32 +0100)]
vfs_aio_fork: Use a shorter random delay

Otherwise the rw2 test takes ages for no good reason

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
38 hours agovfs_aio_fork: Fix vfs_aio_pwrite
Volker Lendecke [Fri, 8 Dec 2017 13:07:47 +0000 (14:07 +0100)]
vfs_aio_fork: Fix vfs_aio_pwrite

Make the data to write available to the child

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
38 hours agovfs_aio_fork: Fix vfs_aio_pread
Volker Lendecke [Fri, 8 Dec 2017 13:07:06 +0000 (14:07 +0100)]
vfs_aio_fork: Fix vfs_aio_pread

Copy the data that the child read into the caller's buffer. This can't
have been used in half a decade at least...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
38 hours agovfs_aio_fork: Fix a crash in aio_fork
Volker Lendecke [Thu, 7 Dec 2017 19:53:18 +0000 (20:53 +0100)]
vfs_aio_fork: Fix a crash in aio_fork

Since the introduction of the vfs_aio_fork:erratic_testing_mode this
crashed reliably, as we had two different structs behind
SMB_VFS_HANDLE_SET_DATA. I had always believed that due to the fact that
we have specific aio_fork tests in our autobuild, this would have been
tested. But it was not, because the share definition missed the the "aio
read/write size = 1" to actually use the async code in vfs_aio_fork.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
38 hours agovfs_aio_fork: Drop "volatile" from the mmap area in aio_fork
Volker Lendecke [Fri, 8 Dec 2017 13:30:46 +0000 (14:30 +0100)]
vfs_aio_fork: Drop "volatile" from the mmap area in aio_fork

We don't do that in tdb either, and the mmap/memcpy prototypes don't
have it either

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
38 hours agosmbd: Fix async large read
Volker Lendecke [Thu, 7 Dec 2017 17:12:28 +0000 (18:12 +0100)]
smbd: Fix async large read

We also do the 128k reads asynchronously, just not the huge 24MB
ones. smb_setlen does not work well for >64k.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
38 hours agotorture: Check messaging_send_all
Volker Lendecke [Mon, 11 Dec 2017 14:58:26 +0000 (15:58 +0100)]
torture: Check messaging_send_all

We must make sure not to receive our own broadcast

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
38 hours agomessaging: Ignore messages from ourselves
Volker Lendecke [Fri, 8 Dec 2017 16:21:37 +0000 (17:21 +0100)]
messaging: Ignore messages from ourselves

For non-clustered messaging this should have never gone through the socket, we
should have caught it before in messaging_send_iov_from.

It can come in on a socket from ctdb when broadcasting in clustered mode. There
ctdb does the broadcasting.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
38 hours agomessaging: Don't do self-sends in messaging_send_all
Volker Lendecke [Fri, 8 Dec 2017 16:18:33 +0000 (17:18 +0100)]
messaging: Don't do self-sends in messaging_send_all

This leads to cleanupd doing endless MSG_SMB_UNLOCK calls, as it triggers
itself in the send_all. This worked correctly before the serverid.tdb removal
because cleanupd did not register in serverid.tdb (which was a bug, but it
helped us there).

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
38 hours agoRemove unsupported colon from configure msg.
Zentaro Kavanagh [Mon, 11 Dec 2017 20:41:16 +0000 (12:41 -0800)]
Remove unsupported colon from configure msg.

- When cross-compiling an answers file must be supplied via
  --cross-compile --cross-answers=<path to answers>.
- The lines in the answer file have the form;
    Config Msg: Answer
- The colon is used to delimit the msg and the answer when reading
  the answers file.
- WAF doesn't support the message containing a colon.
- It's not possible to override this variable so cross compile fails.

Signed-off-by: Zentaro Kavanagh <zentaro@google.com>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
4 days agoAdded smbc_SetLogCallback which lets third party code to capture libsmbclient logs
Puran Chand [Wed, 29 Nov 2017 08:11:05 +0000 (13:41 +0530)]
Added smbc_SetLogCallback which lets third party code to capture libsmbclient logs

Signed-off-by: Puran Chand <pchand@vmware.com>
Reviewed-by: Garming Sam <garming@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Dec 10 04:56:23 CET 2017 on sn-devel-144

4 days agotests: make password valid in openldap provision test
Jamie McClymont [Mon, 4 Dec 2017 21:35:59 +0000 (10:35 +1300)]
tests: make password valid in openldap provision test

Test was using an invalid password, which causes test failure with early
password validation patch

Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
4 days agosamba-tool: validate password early in `domain provision`
Jamie McClymont [Tue, 28 Nov 2017 02:45:30 +0000 (15:45 +1300)]
samba-tool: validate password early in `domain provision`

Checks password against default quality and length standards when it is entered,
allowing a second chance to enter one (if interactive), rather than running
through the provisioning process and bailing on an exception

Includes unit tests for the newly-added python wrapper of check_password_quality
plus black-box tests for the checks in samba-tool.

Breaks an openldap test which uses an invalid password.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9710
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12235

Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
4 days agosource4 dsdb: Allow duplicate non local objectSIDs
Gary Lockyer [Sun, 26 Nov 2017 22:11:19 +0000 (11:11 +1300)]
source4 dsdb: Allow duplicate non local objectSIDs

Remove the unique constraint on the objectSID index, and enable the
unique_object_sids module.

This allows duplicate objectSIDs on foreign security principals, and
disallows duplicates for local objectSIDs

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
4 days agosource4 dsdb modules: Add new module "unique_object_sids"
Gary Lockyer [Sun, 26 Nov 2017 22:09:49 +0000 (11:09 +1300)]
source4 dsdb modules: Add new module "unique_object_sids"

New module that sets the LDB_FLAG_INTERNAL_UNIQUE_VALUE on all local
objectSIDS and ensure it is cleared for any foreign security principals.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
4 days agoldb ldb_index: Add an attriubute flag to require a unique value.
Gary Lockyer [Mon, 20 Nov 2017 18:35:11 +0000 (07:35 +1300)]
ldb ldb_index: Add an attriubute flag to require a unique value.

Add attribute flag LDB_FLAG_INTERNAL_UNIQUE_VALUE, to request that the
added attribute is unique on the index.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
4 days agotests dsdb: Add tests for optionally unique objectSID's
Gary Lockyer [Sun, 26 Nov 2017 21:45:37 +0000 (10:45 +1300)]
tests dsdb: Add tests for optionally unique objectSID's

It is possible for foreign security principals to have duplicate object
sids, this can be the result of:
 a replication race condition generating conflict resolution objects
 or the foreign security principal being deleted and then re-added on a
 join.

Rather than remove unique check on all objectSIDs we wish to allow
duplicate objectSIDs for foreign security principals.  But enforce the
unique constraint for local objects.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
4 days agos3:glock: Move sanity check in g_lock_parse()
Andreas Schneider [Thu, 26 Oct 2017 07:43:56 +0000 (09:43 +0200)]
s3:glock: Move sanity check in g_lock_parse()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Dec 10 00:46:26 CET 2017 on sn-devel-144

4 days agopthreadpool: Add a test for the race condition fixed in the last commit
Volker Lendecke [Wed, 29 Nov 2017 17:55:21 +0000 (18:55 +0100)]
pthreadpool: Add a test for the race condition fixed in the last commit

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13179
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
4 days agopthreadpool: Fix starvation after fork
Volker Lendecke [Wed, 29 Nov 2017 15:45:40 +0000 (16:45 +0100)]
pthreadpool: Fix starvation after fork

After the race is before the race:

1) Create an idle thread
2) Add a job: This won't create a thread anymore
3) Immediately fork

The idle thread will be woken twice before it's actually woken up: Both
pthreadpool_add_job and pthreadpool_prepare_pool call cond_signal, for
different reasons. We must look at pool->prefork_cond first because otherwise
we will end up in a blocking job deep within a fork call, the helper thread
must take its fingers off the condvar as quickly as possible.  This means that
after the fork there's no idle thread around anymore that would pick up the job
submitted in 2). So we must keep the idle threads around across the fork.

The quick solution to re-create one helper thread in pthreadpool_parent has a
fatal flaw: What do we do if that pthread_create call fails? We're deep in an
application calling fork(), and doing fancy signalling from there is really
something we must avoid.

This has one potential performance issue: If we have hundreds of idle threads
(do we ever have that) during the fork, the call to pthread_mutex_lock on the
fork_mutex from pthreadpool_server (the helper thread) will probably cause a
thundering herd when the _parent call unlocks the fork_mutex. The solution for
this to just keep one idle thread around. But this adds code that is not
strictly required functionally for now.

More detailed explanation from Jeremy:

First, understanding the problem the test reproduces:

add a job (num_jobs = 1) -> creates thread to run it.
job finishes, thread sticks around (num_idle = 1).
num_jobs is now zero (initial job finished).

a) Idle thread is now waiting on pool->condvar inside
pthreadpool_server() in pthread_cond_timedwait().

Now, add another job ->

pthreadpool_add_job()
-> pthreadpool_put_job()
This adds the job to the queue.
Oh, there is an idle thread so don't
create one, do:

pthread_cond_signal(&pool->condvar);

and return.

Now call fork *before* idle thread in (a) wakes from
the signaling of pool->condvar.

In the parent (child is irrelevent):

Go into: pthreadpool_prepare() ->
pthreadpool_prepare_pool()

Set the variable to tell idle threads to exit:

pool->prefork_cond = &prefork_cond;

then wake them up with:

pthread_cond_signal(&pool->condvar);

This does nothing as the idle thread
is already awoken.

b) Idle thread wakes up and does:

Reduce idle thread count (num_idle = 0)

pool->num_idle -= 1;

Check if we're in the middle of a fork.

if (pool->prefork_cond != NULL) {

Yes we are, tell pthreadpool_prepare()
we are exiting.

pthread_cond_signal(pool->prefork_cond);

And exit.

pthreadpool_server_exit(pool);
return NULL;
}

So we come back from the fork in the parent with num_jobs = 1,
a job on the queue but no idle threads - and the code that
creates a new thread on job submission was skipped because
an idle thread existed at point (a).

OK, assuming that the previous explaination is correct, the
fix is to create a new pthreadpool context mutex:

pool->fork_mutex

and in pthreadpool_server(), when an idle thread wakes up and
notices we're in the prepare fork state, it puts itself to
sleep by waiting on the new pool->fork_mutex.

And in pthreadpool_prepare_pool(), instead of waiting for
the idle threads to exit, hold the pool->fork_mutex and
signal each idle thread in turn, and wait for the pool->num_idle
to go to zero - which means they're all blocked waiting on
pool->fork_mutex.

When the parent continues, pthreadpool_parent()
unlocks the pool->fork_mutex and all the previously
'idle' threads wake up (and you mention the thundering
herd problem, which is as you say vanishingly small :-)
and pick up any remaining job.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13179
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 days agos3-selftest: fix creation of large file
Jamie McClymont [Tue, 5 Dec 2017 01:51:07 +0000 (14:51 +1300)]
s3-selftest: fix creation of large file

The dd command was skipping the first 20MB of /dev/zero then writing only one,
while indending to create a 20MB sparse file.

Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec  9 02:56:18 CET 2017 on sn-devel-144

5 days agos3: test_smbclient_s3: Fix restore of TZ.
Jeremy Allison [Tue, 5 Dec 2017 16:58:24 +0000 (08:58 -0800)]
s3: test_smbclient_s3: Fix restore of TZ.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
5 days agos3:winbindd: Use a stackframe for memory management in _wbint_QueryGroupList
Andreas Schneider [Wed, 6 Dec 2017 17:48:47 +0000 (18:48 +0100)]
s3:winbindd: Use a stackframe for memory management in _wbint_QueryGroupList

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 days agoAdd mdns name configuration option
Kevin Anderson [Sun, 26 Nov 2017 04:03:59 +0000 (23:03 -0500)]
Add mdns name configuration option

Add the mdns name configuration variable to control the mdns hostname.
The default is to use the NETBIOS name of the system to match previous
versions which is typically the hostname in all capitals. A value of mdns
can be provided to defer the hostname to the mdns library.

With the recent patch to support time machine being merged this patch
allows for a user to configure the server name that is advertised to
be lower cased through Avahi advertisements.

Signed-off-by: Kevin Anderson <andersonkw2@gmail.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 days agoselftest: Rework samba.dsdb locking test to samba.dsdb_lock
Andrew Bartlett [Wed, 6 Dec 2017 01:31:54 +0000 (14:31 +1300)]
selftest: Rework samba.dsdb locking test to samba.dsdb_lock

This avoids running the test while samba is modifying and locking the same database,
as this can lead to a deadlock.

The deadlock is not seen in production as the LDB read lock is not held while
waiting for another process, but this test needs to do this to demonstrate
the locking safety.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec  8 21:47:55 CET 2017 on sn-devel-144

5 days agopthreadpool: Add test for pthread_create failure
Christof Schmitt [Wed, 6 Dec 2017 22:10:23 +0000 (15:10 -0700)]
pthreadpool: Add test for pthread_create failure

This is implemented using cmocka and the __wrap override for
pthread_create.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170

Signed-off-by: Christof Schmitt <cs@samba.org
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Dec  8 13:54:20 CET 2017 on sn-devel-144

6 days agowscript: Add check for --wrap linker flag
Christof Schmitt [Thu, 7 Dec 2017 17:42:30 +0000 (10:42 -0700)]
wscript: Add check for --wrap linker flag

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 days agopthreadpool: Undo put_job when returning error
Christof Schmitt [Tue, 28 Nov 2017 17:59:06 +0000 (10:59 -0700)]
pthreadpool: Undo put_job when returning error

When an error is returned to the caller of pthreadpool_add_job, the job
should not be kept in the internal job array. Otherwise the caller might
free the data structure and a later worker thread would still reference
it.

When it is not possible to create a single worker thread, the system
might be out of resources or hitting a configured limit. In this case
fall back to calling the job function synchronously instead of raising
the error to the caller and possibly back to the SMB client.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
6 days agopthreadpool: Move creating of thread to new function
Christof Schmitt [Tue, 28 Nov 2017 17:49:36 +0000 (10:49 -0700)]
pthreadpool: Move creating of thread to new function

No functional change, but this simplifies error handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13170

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
7 days agos4:kdc: only map SDB_ERR_NOT_FOUND_HERE to HDB_ERR_NOT_FOUND_HERE
Stefan Metzmacher [Thu, 21 Sep 2017 10:02:25 +0000 (12:02 +0200)]
s4:kdc: only map SDB_ERR_NOT_FOUND_HERE to HDB_ERR_NOT_FOUND_HERE

HDB_ERR_NOT_FOUND_HERE indicated a very specific error on an RODC.

We should not map any error to HDB_ERR_NOT_FOUND_HERE,
we should just pass errors along unmapped.

Otherwise we'll hit the logic bug in:

    if (ret == KDC_PROXY_REQUEST) {
        uint16_t port;

        if (!sock->kdc_socket->kdc->am_rodc) {
            DEBUG(0,("kdc_udp_call_loop: proxying requested when not RODC"));
                    talloc_free(call);
            goto done;
        }

And just don't send an error message to the client.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13132

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec  6 23:16:54 CET 2017 on sn-devel-144

7 days agoHEIMDAL:kdc: fix dh->q allocation check in get_dh_param()
Stefan Metzmacher [Tue, 29 Aug 2017 05:24:35 +0000 (07:24 +0200)]
HEIMDAL:kdc: fix dh->q allocation check in get_dh_param()

Thanks to Doug Nazar <nazard@nazar.ca> for spotting this!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12986

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from heimdal commit a79b59ba27070a015479e8d981b7e685dbe34310)
Reviewed-by: Andreas Schneider <asn@samba.org>
7 days agothird_party: Update socket_wrapper to version 1.1.9
Andreas Schneider [Tue, 7 Nov 2017 11:29:51 +0000 (12:29 +0100)]
third_party: Update socket_wrapper to version 1.1.9

* Fixed thread - signal deadlock issue
* Added support for openat()
* Added support for open64() and fopen64()
* Always turn on logging
* Increased maximum of wrapped interfaces to 64
* Improved fd duplication code
* Fixed strict-aliasing issues
* Fixed some use after free issues
* Fixed issues on ppc64le

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
7 days agothird_party: Fix a typo in the option name
Andreas Schneider [Mon, 4 Dec 2017 10:00:10 +0000 (11:00 +0100)]
third_party: Fix a typo in the option name

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13174

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
7 days agothird_party: Link th aesni-intel library with -z noexecstack
Björn Baumbach [Mon, 4 Dec 2017 09:49:19 +0000 (10:49 +0100)]
third_party: Link th aesni-intel library with -z noexecstack

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13174

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
7 days agos3: libsmb: Plumb in the new SMB2 get reparse point calls into the cli_readlink_XXXX...
Jeremy Allison [Wed, 29 Nov 2017 20:38:08 +0000 (12:38 -0800)]
s3: libsmb: Plumb in the new SMB2 get reparse point calls into the cli_readlink_XXXX() calls.

Reparse point symlinks can now be queried over SMB1 and SMB2 from smbclient.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Dec  6 19:05:34 CET 2017 on sn-devel-144

7 days agos3: libsmb: Add SMB2 calls cli_smb2_get_reparse_point_fnum_send()/cli_smb2_get_repars...
Jeremy Allison [Wed, 29 Nov 2017 20:37:36 +0000 (12:37 -0800)]
s3: libsmb: Add SMB2 calls cli_smb2_get_reparse_point_fnum_send()/cli_smb2_get_reparse_point_fnum_recv().

Allow reparse points to be queried over SMB2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
7 days agos3: libsmb: Do a naive response to SMB2 "stopped on symlink". Assume the last compone...
Jeremy Allison [Tue, 28 Nov 2017 23:46:40 +0000 (15:46 -0800)]
s3: libsmb: Do a naive response to SMB2 "stopped on symlink". Assume the last component was the reparse point.

Attempt re-open with FILE_OPEN_REPARSE_POINT. This matches the SMB1
behavior for smbclient.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
7 days agos3: libsmb: Plumb in the new SMB2 reparse point calls into the cli_symlink_create_XXX...
Jeremy Allison [Tue, 28 Nov 2017 22:10:26 +0000 (14:10 -0800)]
s3: libsmb: Plumb in the new SMB2 reparse point calls into the cli_symlink_create_XXX() calls.

Reparse point symlinks can now be created over SMB1 and SMB2 from
smbclient.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
7 days agos3: libsmb: Add SMB2 calls cli_smb2_set_reparse_point_fnum_send()/cli_smb2_set_repars...
Jeremy Allison [Tue, 28 Nov 2017 22:09:39 +0000 (14:09 -0800)]
s3: libsmb: Add SMB2 calls cli_smb2_set_reparse_point_fnum_send()/cli_smb2_set_reparse_point_fnum_recv().

Allow reparse points to be created over SMB2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
7 days agos3: libsmb: Make cli_close_send()/cli_close_recv() work for SMB1 and SMB2.
Jeremy Allison [Mon, 27 Nov 2017 22:38:49 +0000 (14:38 -0800)]
s3: libsmb: Make cli_close_send()/cli_close_recv() work for SMB1 and SMB2.

Remove the escape into synchronous smb2 code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
7 days agos3: libsmb: Rename cli_close_create() -> cli_smb1_close_create().
Jeremy Allison [Wed, 22 Nov 2017 00:47:48 +0000 (00:47 +0000)]
s3: libsmb: Rename cli_close_create() -> cli_smb1_close_create().

Move cli_smb1_close_done() next to its caller. This is SMB1 specific.
Prepare to wrap cli_close_send/cli_close_recv to handle SMB2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13159

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
8 days agovfs: drop casts for VFS_ADD_FSP_EXTENSION() callers
David Disseldorp [Tue, 5 Dec 2017 12:21:04 +0000 (13:21 +0100)]
vfs: drop casts for VFS_ADD_FSP_EXTENSION() callers

VFS_ADD_FSP_EXTENSION() now returns a properly typed pointer.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Dec  6 03:43:48 CET 2017 on sn-devel-144

8 days agovfs: return type via VFS_ADD_FSP_EXTENSION
David Disseldorp [Tue, 5 Dec 2017 12:16:31 +0000 (13:16 +0100)]
vfs: return type via VFS_ADD_FSP_EXTENSION

The type is passed in as a parameter, so should be used to properly type
the returned pointer, instead of using a void *.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 days agoWHATSNEW: Mention removed net serverid subcommands
Volker Lendecke [Tue, 5 Dec 2017 10:24:55 +0000 (11:24 +0100)]
WHATSNEW: Mention removed net serverid subcommands

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Dec  5 17:54:18 CET 2017 on sn-devel-144

9 days agos3: test_smbclient_s3: Correctly set and unset TZ variable for test.
Jeremy Allison [Tue, 5 Dec 2017 01:13:43 +0000 (17:13 -0800)]
s3: test_smbclient_s3: Correctly set and unset TZ variable for test.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec  5 08:55:44 CET 2017 on sn-devel-144

9 days agolib: Remove unused serverid.tdb
Volker Lendecke [Sun, 5 Nov 2017 11:58:09 +0000 (12:58 +0100)]
lib: Remove unused serverid.tdb

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec  5 04:58:26 CET 2017 on sn-devel-144

9 days agolib: Use messaging_send_all instead of message_send_all
Volker Lendecke [Sun, 5 Nov 2017 11:54:10 +0000 (12:54 +0100)]
lib: Use messaging_send_all instead of message_send_all

Just a global search&replace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agolib: Add messaging_send_all
Volker Lendecke [Sun, 5 Nov 2017 11:44:01 +0000 (12:44 +0100)]
lib: Add messaging_send_all

This will replace message_send_all. With messaging_dgm_forall we have
a local broadcast mechanism, and ctdb can also broadcast
everywhere. So there's no need for a separate traverse/send mechanism.

There's no good error reporting mechanism for broadcasting, so make
this function void.

This drops the message_type filtering. I believe that this does not matter in
practice, since messaging is a lot cheaper with dgm instead of the old tdb
based messaging. If someone presents a use case where this matters, nowadays
I'd much rather extend the messaging_dgm lock file format (where the unique id
lives right now) with the filter bits.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agomessaging: Always register CTDB_SRVID_SAMBA_PROCESS
Volker Lendecke [Tue, 25 Jul 2017 15:10:27 +0000 (17:10 +0200)]
messaging: Always register CTDB_SRVID_SAMBA_PROCESS

This will be used to broadcast to all processes, avoiding the costly
traverse of serverid.tdb.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agomessaging: Remove an unused #define
Volker Lendecke [Tue, 25 Jul 2017 14:24:04 +0000 (16:24 +0200)]
messaging: Remove an unused #define

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agonet: Remove "net serverid list"
Volker Lendecke [Sun, 5 Nov 2017 11:09:08 +0000 (12:09 +0100)]
net: Remove "net serverid list"

Traversing a clustered tdb is a pretty expensive operation. If someone
really needs this command-line interface, we can re-add it for the local
node using messaging_dgm_forall. If someone needs that globally, there's
the "onnode all" script that could be used. Alternatively, we could
implement an enhanced ping broadcast message also returning a processes
unique id.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agonet: Remove "net serverid wipe"
Volker Lendecke [Sun, 5 Nov 2017 11:02:26 +0000 (12:02 +0100)]
net: Remove "net serverid wipe"

This used to be a hygiene command for clustered node startup. In
clustered mode, CLEAR_IF_FIRST does not work, records can stay alive
by means of recovery. serverid.tdb will soon die, so remove this
command.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agosmbcontrol: Use messaging_dgm_forall
Volker Lendecke [Thu, 26 Oct 2017 15:18:36 +0000 (17:18 +0200)]
smbcontrol: Use messaging_dgm_forall

Doing stacktraces can be done locally only anyway

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agomessaging_dgm: Use messaging_dgm_forall in dgm_wipe
Volker Lendecke [Mon, 16 Oct 2017 19:52:35 +0000 (21:52 +0200)]
messaging_dgm: Use messaging_dgm_forall in dgm_wipe

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agomessaging: Add messaging_dgm_forall
Volker Lendecke [Fri, 21 Jul 2017 17:03:26 +0000 (19:03 +0200)]
messaging: Add messaging_dgm_forall

This factors out the traversal function from _wipe. It will be used to
replace message_send_all soon.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agomessaging: Remove the "n_sent" arg from message_send_all
Volker Lendecke [Fri, 21 Jul 2017 17:08:43 +0000 (19:08 +0200)]
messaging: Remove the "n_sent" arg from message_send_all

The only user of this is an informative message in smbcontrol. I don't think
that's worth the effort.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
9 days agomessaging_dgm: Protect against fork without reinit
Volker Lendecke [Sat, 25 Nov 2017 15:47:24 +0000 (16:47 +0100)]
messaging_dgm: Protect against fork without reinit

In the wake of bug 13150 we've discussed that this could happen even
without clustering. This adds code to make sure that whenever messaging
is used the pid and the files used match.

It's pretty heavy-weight, thus I made it DEVELOPER only. My gut feeling
is that the getsockname is cheap, but the stat call might be a bit too
expensive.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
12 days agoRevert "selftest: mark samba3.smb2.kernel-oplocks as flapping"
Jeremy Allison [Thu, 30 Nov 2017 20:28:03 +0000 (12:28 -0800)]
Revert "selftest: mark samba3.smb2.kernel-oplocks as flapping"

The correct fix is in the previous commit, to block the
RT_SIGNAL_LEASE until we're ready to receive it.

This reverts commit 27bb8814a526adbd22452ce58754d18e1b00d426.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec  2 03:50:39 CET 2017 on sn-devel-144

12 days agos4: torture: Fix race condition in test_smb2_kernel_oplocks8.
Jeremy Allison [Thu, 30 Nov 2017 20:25:02 +0000 (12:25 -0800)]
s4: torture: Fix race condition in test_smb2_kernel_oplocks8.

The child process gets the kernel lease and then notifies
the parent process to continue by writing a byte up a pipe.
It then sets the alarm and calls pause() to wait for the
parent process to contact the smbd and get it to trigger
the break request using an open call.

It is possible for the parent to run and trigger the break
request after the child has written to the pipe, but *before*
the child calls pause(). We then miss the signal notifying
the child to break the lease.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13121

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
12 days agoWHATSNEW: Add new smb.conf parameter
Karolin Seeger [Wed, 29 Nov 2017 10:45:42 +0000 (11:45 +0100)]
WHATSNEW: Add new smb.conf parameter

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
12 days agoWHATSNEW: Remove old entry about accelerated AES
Karolin Seeger [Wed, 29 Nov 2017 09:04:19 +0000 (10:04 +0100)]
WHATSNEW: Remove old entry about accelerated AES

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
13 days agoWHATSNEW: Explain reversal of smbclient symlink parameters against Windows server.
Jeremy Allison [Wed, 29 Nov 2017 21:22:25 +0000 (13:22 -0800)]
WHATSNEW: Explain reversal of smbclient symlink parameters against Windows server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13172

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 30 19:32:21 CET 2017 on sn-devel-144

13 days agos3: libsmb: Fix reversing of oldname/newname paths when creating a reparse point...
Jeremy Allison [Wed, 29 Nov 2017 21:16:43 +0000 (13:16 -0800)]
s3: libsmb: Fix reversing of oldname/newname paths when creating a reparse point symlink on Windows from smbclient.

This happened as smbd doesn't support reparse points so we couldn't test.
This was the reverse of the (tested) symlink parameters in the unix extensions
symlink command.

Rename parameters to link_target instead of oldname so this is clearer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13172

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
13 days agos3: client: Rename <oldname> to <link_target> in cmd_symlink() and cli_posix_symlink().
Jeremy Allison [Wed, 29 Nov 2017 21:10:25 +0000 (13:10 -0800)]
s3: client: Rename <oldname> to <link_target> in cmd_symlink() and cli_posix_symlink().

Stops us from mixing up the old and new names. Only behavior change
is correcting the names printed in the error messages.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13172

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
13 days agoctdb-daemon: Send STARTUP control after startup event
Amitay Isaacs [Mon, 20 Nov 2017 04:27:52 +0000 (15:27 +1100)]
ctdb-daemon: Send STARTUP control after startup event

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154

STARTUP control is primarily used to synchronise tcp tickles from running
nodes to a node which has just started up.  Earlier STARTUP control was
sent (using BROADCAST_ALL) after setup event.  Once the other nodes in
the cluster connected to this node, the queued up messages would be sent
and the tcp tickles would get synchronised.

Recent fix to drop messages to disconnected or not-yet-connected nodes,
the STARTUP control was never sent to the remote nodes and the tcp
tickles did not get synchronised.

To fix this problem send the STARTUP control (using BROADCAST_CONNECTED)
after startup event.  By this time all the running nodes in the cluster
are connected.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Nov 30 15:29:48 CET 2017 on sn-devel-144