Amitay Isaacs [Fri, 27 May 2016 02:52:12 +0000 (12:52 +1000)]
ctdb-tests: Re-use set_blocking instead of re-definition
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 27 May 2016 02:38:20 +0000 (12:38 +1000)]
ctdb-tests: Re-use async accept wrapper from async_req
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Mon, 6 Jun 2016 04:03:47 +0000 (14:03 +1000)]
ctdb-scripts: Add eventscript 06.nfs
This generates takeip-pre and releaseip-pre call-out events.
One use is to put NFS into grace before an IP is assigned to an
interface.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 6 Jun 2016 03:56:55 +0000 (13:56 +1000)]
ctdb-scripts: Move NFS callout-related code to functions file
A second NFS eventscript may be required, so make this code available
to it.
The initialisation code can't be evaluated in the functions file
because service_state_dir isn't yet setup, so put it in a function and
call it with other initialisation code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Andrew Bartlett [Thu, 2 Jun 2016 21:53:29 +0000 (09:53 +1200)]
build: Address may be used uninitialized in this function on Ubuntu 10.04
This is not found by modern compilers, but prevents the -Werror -O3 build on Ubuntu 10.04
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 8 08:48:57 CEST 2016 on sn-devel-144
Andrew Bartlett [Thu, 2 Jun 2016 21:23:12 +0000 (09:23 +1200)]
build: Try to work around strict aliasing rules on Ubuntu 10.04
We get cc1: warnings being treated as errors
../lib/util/util_net.c: In function get_socket_port:
../lib/util/util_net.c:921: error: dereferencing pointer sa.106 does break strict-aliasing rules
../lib/util/util_net.c:921: note: initialized from here
../lib/util/util_net.c:925: error: dereferencing pointer sa.107 does break strict-aliasing rules
../lib/util/util_net.c:925: note: initialized from here
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Mon, 6 Jun 2016 05:04:08 +0000 (15:04 +1000)]
ctdb-cluster-mutex: Fix #endif decoration
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Jun 8 04:52:18 CEST 2016 on sn-devel-144
Martin Schwenke [Wed, 1 Jun 2016 23:26:40 +0000 (09:26 +1000)]
ctdb-recoverd: Release recovery lock on exit
The recovery lock helper must exit when it notices its parent is gone.
However, that can take a few seconds.
The usual way of terminating the recovery daemon is for the main ctdbd
to send it a SIGTERM. Installing a handler is nice and simple.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 28 May 2016 21:25:05 +0000 (07:25 +1000)]
ctdb-recoverd: Add handler for lost recovery lock
If the process holding the recovery lock terminates unexpectedly then
the recovery daemon needs to know that the lock is no longer held.
While here, rename hold_reclock_handler() to take_reclock_handler() so
there is a clear difference between the two handler names.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 1 Jun 2016 09:05:47 +0000 (19:05 +1000)]
ctdb-cluster-mutex: Register an extra handler for when mutex is lost
Pass NULL if not needed.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 1 Jun 2016 08:56:33 +0000 (18:56 +1000)]
ctdb-cluster-mutex: ctdb_cluster_mutex() registers handler and private data
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 1 Jun 2016 07:10:26 +0000 (17:10 +1000)]
ctdb-cluster-mutex: Drop cluster_mutex_handler() ctdb and handle arguments
This makes the API more general. If they are needed in a handler then
they can be in the private data.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 1 Jun 2016 07:45:36 +0000 (17:45 +1000)]
ctdb-recovery: Wrap private data for reclock test callback
This will allow a simplification of the cluster mutex API, so the
private data can be registered when calling ctdb_cluster_mutex().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 1 Jun 2016 07:32:42 +0000 (17:32 +1000)]
ctdb-recoverd: Simplify reclock handler
Do the interesting work outside the handler.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 24 May 2016 04:54:39 +0000 (14:54 +1000)]
ctdb-recoverd: Recovery lock handle should be in recovery deamon context
This shouldn't be in the CTDB context.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 29 May 2016 09:27:23 +0000 (19:27 +1000)]
ctdb-cluster-mutex: Pass a talloc context to allocate the handle off
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 30 May 2016 02:18:50 +0000 (12:18 +1000)]
ctdb-recoverd: No need to reset reclock handler
It won't be called more than once by the cluster mutex code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 1 Jun 2016 08:46:41 +0000 (18:46 +1000)]
ctdb-cluster-mutex: Don't call the supplied hander more than once
After the first activity on the file descriptor, ignore any subsequent
activity. Single-shot handlers are easier to write.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 1 Jun 2016 05:56:42 +0000 (15:56 +1000)]
ctdb-recoverd: Fix buggy function return on memory allocation failure
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 31 May 2016 08:37:30 +0000 (18:37 +1000)]
ctdb-recoverd: Don't expose internal cluster mutex status
Just expose whether the lock was taken.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 17 May 2016 08:28:56 +0000 (18:28 +1000)]
ctdb-daemon: Rename recovery lock file to just recovery lock
It isn't necessarily a file.
Don't bother changing the control, since it doesn't pervade the code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 17 May 2016 08:24:53 +0000 (18:24 +1000)]
ctdb-daemon: Drop function ctdb_set_recovery_lock_file()
Setting the recovery lock file at startup can be done more simply.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 Apr 2016 06:13:43 +0000 (16:13 +1000)]
ctdb-protocol: CTDB_CONTROL_SET_RECLOCK_FILE is obsolete
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 Apr 2016 06:12:00 +0000 (16:12 +1000)]
ctdb-protocol: Drop support for SET_RECLOCK
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 Apr 2016 06:05:47 +0000 (16:05 +1000)]
ctdb-client: Remove support for SET_RECLOCK
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 Apr 2016 05:34:13 +0000 (15:34 +1000)]
ctdb-recovery: Don't update recovery lock from daemon
It can't change after startup.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 Apr 2016 05:31:55 +0000 (15:31 +1000)]
ctdb-recovery: Don't sync recovery lock across cluster
Support for updating the recovery lock is being removed because it
isn't possible to recover from failure.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 5 Apr 2016 05:26:22 +0000 (15:26 +1000)]
ctdb-recovery: Consistency check reclock in start recovery control
If the recovery lock setting is not consistent with that of the
recovery master then abort.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 1 Mar 2016 01:32:48 +0000 (12:32 +1100)]
ctdb-tool: Drop support for "ctdb setreclock" command
The recovery lock can not be reliably updated at run-time. If it
fails to update on some nodes then split-brain protection is gone and
there is no reasonable way to repair the situation. CTDB will have to
be restarted on all nodes. So, if this feature is being used to avoid
scheduling an outage then an outage will have to be scheduled just in
case!
To update the recovery lock, shut down CTDB on all nodes, reconfigure
the recovery lock and start CTDB again.
Those that *really* want to be able to change the recovery lock at
run-time can still do so. Set CTDB_RECOVERY_LOCK to point to a script
and this script can then be modified at run-time. However, please
don't report bugs if bad things happen...
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 10 May 2016 09:54:09 +0000 (19:54 +1000)]
ctdb-tests: Replace "ctdb setrelock" test with "ctdb getreclock" test
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Tue, 7 Jun 2016 08:07:21 +0000 (10:07 +0200)]
libsmb: Fix two CIDs for NULL dereference
This whole area is a known-to-be-broken mess, but this patch should fix
the immediate crash
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jun 7 18:31:30 CEST 2016 on sn-devel-144
Volker Lendecke [Tue, 7 Jun 2016 08:01:32 +0000 (10:01 +0200)]
rpc_server: Fix CID
1362565 Improper use of negative value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Tue, 7 Jun 2016 07:58:24 +0000 (09:58 +0200)]
lib: Fix CID
1362566 Dereference null return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Sun, 30 Nov 2014 15:10:32 +0000 (16:10 +0100)]
lib: Add accept_send/recv
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 14 May 2016 08:07:24 +0000 (10:07 +0200)]
lib: Move poll_funcs to lib/
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Sun, 15 May 2016 11:44:22 +0000 (21:44 +1000)]
lib/util: Expose few more subsystems for standalone ctdb build
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Sat, 14 May 2016 07:45:49 +0000 (09:45 +0200)]
lib: Move msghdr to lib/util/
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Sun, 15 May 2016 11:43:57 +0000 (21:43 +1000)]
lib/poll_funcs: Build as SAMBA_SUBSYSTEM
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andrew Bartlett [Tue, 7 Jun 2016 04:41:15 +0000 (16:41 +1200)]
repl: Avoid use-after-free when working with the working_schema
The original schema must live as long as the working_schema
as the working_schema starts as a shallow-copy of schema.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11953
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 7 14:33:39 CEST 2016 on sn-devel-144
Andrew Bartlett [Thu, 2 Jun 2016 03:31:15 +0000 (15:31 +1200)]
selftest: Add a reverse variation to ReplicateMoveObject3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Samba <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 12 May 2016 23:41:53 +0000 (11:41 +1200)]
selftest: Assert replPropertyMetaData values before and after replication
This covers renames, addition of attributes, and the delete.
We also confirm the results via DRS.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 25 May 2016 02:49:31 +0000 (14:49 +1200)]
dsdb: Fix rename and RDN handling for replPropertyMetaData
This matches Windows 2012R2, which both has the RDN not sorted last and has it updated with the local
invocation_id and a local version.
The RDN attribute, unlike name, is not replicated over DRS, so the impact for interopability extends only to
the incorrect RDN values that we were finding with dbcheck (values that did not match the name values).
Finally, we always force the RDN to match the name attribute, which avoids issues
in dbcheck where these diverge. As such, we can finally remove dbcheck as a
flapping test, last re-added in
e4bab3a8282d263eb2391bc7e8a6fd64ae068935
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 13 May 2016 11:12:47 +0000 (23:12 +1200)]
dsdb: Fix incorrect sorting of replPropertyMetaData with RDN last
Per tests against Windows 2012R2 the RDN is not sorted last and is
instead sorted normally with all the other elements.
The RDN attribute, unlike name, is not replicated over DRS, so this
has no interopability impact.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Thu, 12 May 2016 23:40:55 +0000 (11:40 +1200)]
dsdb: Show initial replicated modify as well as resolved modify in repl_meta_data
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Tue, 10 May 2016 04:40:51 +0000 (16:40 +1200)]
selftest: Add more tests to cover attribute changes vs DN renames
This covers a bug where unrelated attribute changes would reverse a rename
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Tue, 3 May 2016 22:42:41 +0000 (10:42 +1200)]
dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_replicated_apply_search_callback()
This is the primary handler for renames
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Tue, 3 May 2016 22:42:05 +0000 (10:42 +1200)]
dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_replicated_apply_merge()
This is the main handler for attribute conflicts
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Tue, 3 May 2016 22:41:48 +0000 (10:41 +1200)]
dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_replicated_handle_rename()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 3 May 2016 22:41:15 +0000 (10:41 +1200)]
dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_op_possible_conflict_callback()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 3 May 2016 22:00:21 +0000 (10:00 +1200)]
dsdb: Add new helper function replmd_replPropertyMetaData1_new_should_be_taken()
This will allow the test for "name" and the actual DN to be consistent,
and so avoids dbcheck errors when CN and name do not match the DN
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Tue, 7 Jun 2016 01:54:28 +0000 (13:54 +1200)]
selftest: Do not scan the full DB to confirm a specific DN in dbcheck
This avoids a full DB scan and therefore reduces the test time taken
when we just modified the cn=administrator record.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 7 Jun 2016 01:51:09 +0000 (13:51 +1200)]
selftest: Run the krb5.kdc test on a more selective basis
The previous tests would take 20mins, the new set of tests take around 7 mins and still cover
the important combinations, given that it is the same KDC code in each environment
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 19 Apr 2016 05:28:59 +0000 (17:28 +1200)]
selftest: These replication tests are now OK after we fixed all the replication bugs
We have run this test a number of times, and these tests do not flap
in those tests
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 7 01:45:08 CEST 2016 on sn-devel-144
Andrew Bartlett [Tue, 19 Apr 2016 01:37:19 +0000 (13:37 +1200)]
selftest: Add tests to show that we can not create duplicate schema entries
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 6 20:32:54 CEST 2016 on sn-devel-144
Andrew Bartlett [Tue, 19 Apr 2016 05:22:35 +0000 (17:22 +1200)]
samldb: Make checks for schema attributes much more strict
This avoids corrupting Samba when invalid schema is imported
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 18 Apr 2016 02:59:21 +0000 (14:59 +1200)]
Remove the try/catch from urgent_replication.py
This meant that for ages, the duplicate OID was unnoticed, and when the syntax
was corrected recently, this caused the test to run, and so cause trouble
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Sun, 27 Mar 2016 01:43:32 +0000 (14:43 +1300)]
selftest: Assert that name, the RDN attribute and actual RDN are in sync
This allows us to catch such errors here, rather than just on dbcheck later
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Thu, 24 Mar 2016 01:06:12 +0000 (14:06 +1300)]
selftest: Add another test case to replica_sync test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Mon, 21 Mar 2016 02:51:12 +0000 (15:51 +1300)]
repl: Do not report all replication failures at level 0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 4 Mar 2016 00:12:42 +0000 (13:12 +1300)]
selftest/drs: Show we return the correct 3 objects for DRSUAPI_EXOP_FSMO_RID_ALLOC
This does not depend on DRSUAPI_DRS_GET_ANC.
This test is not new, but it was not previously being run.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 9 Dec 2015 01:00:10 +0000 (14:00 +1300)]
selftest: initial version of new repl_move test
This tests complex rename and modify combinations in a way that
demonstrated a number of replication failures, due to incorrect
handling in Samba when the parent of the record changes.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Mon, 21 Mar 2016 01:06:21 +0000 (14:06 +1300)]
dsdb: Give the objectGUID ahead of LDIF dump of replicated changes
This can help isolate which object this is when the object is involved
in a rename.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Sun, 27 Mar 2016 02:39:03 +0000 (15:39 +1300)]
dsdb: Simplify replmd_op_possible_conflict_callback behaviour
The previous behaviour of this code was to overwrite the req->callback of the original, failed request.
This is a problem for many reasons - including that ldb_module_done() may already have been
called on that pointer.
The correct pattern is to create a new request, and to call ldb_module_done() on the parent
request (the one in ar->req) not in this one, in the error case.
We use the passed in new callback either as the callback to call on success, or
as the callback to the ADD request. We overwrite it with replmd_op_name_modify_callback
in the rename remote case, as before, but no longer modify req->callback as
this will not be used again.
This is less tricky and a little simpler to follow, as we also remove the
now unused handling for RENAME, which is in a separate routine now
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 21 Mar 2016 00:32:55 +0000 (13:32 +1300)]
dsdb: Split rename case out of replmd_op_possible_conflict_callback
This avoids running this code path, originally written for the add case, in
a semi-async manner in the rename case, which caused both bugs and complexity.
This does create a deal of duplicated code, but it is easier to follow because
there are no longer special cases for ADD and RENAME in the "common" code and
the behaviour of ldb_module_done() and the callbacks is well defined and expected
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Andrew Bartlett [Tue, 15 Mar 2016 02:19:21 +0000 (15:19 +1300)]
repl_meta_data: Give more information on replication rename behaviour
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 15 Mar 2016 02:15:07 +0000 (15:15 +1300)]
repl_meta_data: Fail to replicate over local objects not NC_HEAD with a all-zero parentGUID
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 15 Mar 2016 02:11:54 +0000 (15:11 +1300)]
dsdb: Give more errors in operational module when building the parentGUID
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 15 Mar 2016 02:09:50 +0000 (15:09 +1300)]
dsdb: Clearly fail to replicate objects not NC_HEAD with a all-zero parentGUID
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 9 Dec 2015 04:05:56 +0000 (17:05 +1300)]
repl: Enforce that we have parent objects for all replicated objects
The creating of replicated objects without their parent object allows database corruption as they can end up under
the wrong object. We need to re-try the replication with the DRSUAPI_DRS_GET_ANC flag
set to get the objects in tree order.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 15 Mar 2016 02:11:30 +0000 (15:11 +1300)]
dsdb: Move operational below repl_meta_data so we can query parentGUID
This avoids re-adding the same code in repl_meta_data or making a shared subroutine
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Peter Somogyi [Wed, 1 Jun 2016 16:30:08 +0000 (18:30 +0200)]
Add yet another error code when forking an smbd and ctdb is not there. We can see NT_STATUS_CONNECTION_REFUSED in the logs upon such a rare case.
Signed-off-by: Peter Somogyi <psomogyi@hu.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 6 16:10:19 CEST 2016 on sn-devel-144
Amitay Isaacs [Thu, 2 Jun 2016 07:59:16 +0000 (17:59 +1000)]
ctdb-packaging: Remove tevent-unix-util public library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11946
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Amitay Isaacs [Thu, 2 Jun 2016 07:17:19 +0000 (17:17 +1000)]
lib/util: Avoid splitting tevent-unix-util as public library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11946
Commit
670db6ac1d678babd25dd82c4467c0f094cfabc5 split tevent-util public
library to create tevent-unix-util public library for standalone ctdb
use. This created a public library dependency between samba and ctdb
for packaging.
Bundle tevent_unix.c in public library tevent-util as before. However,
to avoid the dependencies for packaging, standalone ctdb build will
build tevent-util as a private library with only tevent_unix.c
This simplifies any new subsystems (or libraries) which need tevent-util
and are linked in both samba and ctdb.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andrew Bartlett [Thu, 26 May 2016 22:22:15 +0000 (10:22 +1200)]
dsdb: Cache our local invocation_id at the start of each request
This avoids fetching it over and over again
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 6 12:25:14 CEST 2016 on sn-devel-144
Andrew Bartlett [Wed, 4 May 2016 04:19:09 +0000 (16:19 +1200)]
repl: Retry replication of the schema on WERR_DS_DRA_SCHEMA_MISMATCH
This makes us replicate the schema, and then go back to what we asked to replicate
originally, when the schema changes. This should make the replication much more
robust after schema changes
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 24 Mar 2016 07:12:55 +0000 (20:12 +1300)]
dbcheck: Find and fix a missing Deleted Objects container
Older Samba versions could delete this. This patch tries very hard
to put back the original object, with the original GUID, so that
if another replica has the correct container, that we just merge
rather than conflict.
The existing "wrong dn" check can then put any deleted objects
under this container correctly.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 30 May 2016 02:22:23 +0000 (14:22 +1200)]
selftest: Only mark runtime dbcheck as flapping
The dbcheck-oldrelease.sh based tests do not flap
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 25 May 2016 00:41:35 +0000 (12:41 +1200)]
repl: Remove duplicated delete of sAMAccountType
This causes the version number in replPropertyMetaData to be
incorrectly bumped twice, because it is implied by not being in the
list of attributes to be preserved.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 26 May 2016 22:28:26 +0000 (10:28 +1200)]
dsdb: Allow "cn" to be missing on schema import
This avoids a segfault when we remove the duplication of this value from dsdb_convert_object_ex()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 23 Mar 2016 22:30:04 +0000 (11:30 +1300)]
selftest: Make replica_sync test pass against Windows 2012R2
The tests that invoke --local will not pass, naturally, but otherwise it works
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 9 Dec 2015 04:04:14 +0000 (17:04 +1300)]
samba-tool domain join: Set drsuapi.DRSUAPI_DRS_GET_ANC during initial repl
This is needed so that we get parents before children.
We need this to ensure that we always know the correct parent for a
new child object, rather than just trusting the DN string
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 24 Mar 2016 07:18:19 +0000 (20:18 +1300)]
dsdb: Only search the provided partition for the object GUID
We know which NC this is in, so save searching all the backends.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 21 Mar 2016 02:49:33 +0000 (15:49 +1300)]
repl: Pass in the full partition DN to dsdb_replicated_objects_convert()
When we were processing an EXOP, we would pass in a DN specific to that
operation, but this stopped repl_meta_data from finding the parent object
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 25 May 2016 00:36:59 +0000 (12:36 +1200)]
repl: Allow GetNCChanges DRSUAPI_EXOP_REPL_OBJ to succeed against a deleted object
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Sun, 15 May 2016 09:31:27 +0000 (21:31 +1200)]
dsdb: Remove incorrect RDN attid check in replmd_replPropertyMetaDataCtr1_verify
On windows, the RDN is not sorted last. Additionally, the check should have been
against dsdb_attribute_get_attid(), not just ->attributeID_id
By including this in earlier versions of Samba, we allow a backport of Samba
databases from Samba 4.5, where this will be sorted in the same way
as Windows 2012R2.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11842
Andrew Bartlett [Mon, 18 Apr 2016 02:58:10 +0000 (14:58 +1200)]
selftest: Use random OIDs from under the Samba OID arc
The urgent_replication.py test used the OID of uid, and this caused
other tests to fail
The other random OIDs should have been from under our arc, not under
iso.member-body.us
We split up the range a little to avoid some of the birthday paradox,
in the tests that create multiple OIDs.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Amitay Isaacs [Thu, 2 Jun 2016 08:27:29 +0000 (18:27 +1000)]
ctdb-recovery: Update timeout and number of retries during recovery
The timeout RecoverTimeout (default 120) is used for control messages
sent during the recovery. If any of the nodes does not respond to any
of the recovery control messages for RecoverTimeout seconds, then it
will cause a failure of recovery of a database. Recovery helper will
retry the recovery for a database 5 times.
In the worst case, if a database could not be recovered within 5 attempts,
a total of 600 seconds would have passed. During this time period other
timeouts will be triggered causing unnecessary failures as follows:
1. During the recovery, even though recoverd is processing events,
it does not send a ping message to ctdb daemon. If a ping message is
not received for RecdPingTimeout (default 60) seconds, then ctdb will
count it as unresponsive recovery daemon. If the recovery daemon
fails for RecdFailCount (default 10) times, then ctdb daemon will
restart recovery daemon. So after 600 seconds, ctdb daemon will
restart recovery daemon.
2. If ctdb daemon stays in recovery for RecoveryDropAllIPs (default 120),
then it will drop all the public addresses. This will cause all
SMB client to be disconnected unnecessarily. The released public
addresses will not be taken over till the recovery is complete.
To avoid dropping of IPs and restarting recovery daemon during a delayed
recovery, adjust RecoverTimeout to 30 seconds and limit number of
retries for recovering a database to 3. If we don't hear from a node
for more than 25 seconds, then the node is considered disconnected.
So 30 seconds is sufficient timeout for controls during recovery.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jun 6 08:49:15 CEST 2016 on sn-devel-144
Bob Campbell [Fri, 3 Jun 2016 02:32:10 +0000 (14:32 +1200)]
samba_spnupdate: do not interpret failure count as unix error code
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Jun 3 11:02:26 CEST 2016 on sn-devel-144
Bob Campbell [Fri, 3 Jun 2016 01:56:23 +0000 (13:56 +1200)]
samba_dnsupdate: do not interpret failure count as unix error code
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Abhidnya Joshi [Thu, 2 Jun 2016 06:38:31 +0000 (23:38 -0700)]
Efficient xattr handling for VxFS Signed-off-by: Abhidnya Joshi <Abhidnya.Joshi@veritas.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 3 07:26:34 CEST 2016 on sn-devel-144
Lorinczy Zsigmond [Thu, 2 Jun 2016 21:54:05 +0000 (14:54 -0700)]
lib: replace: snprintf - Fix length calculation for hex/octal 64-bit values.
Prevents truncation due to buffer size being too small.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11947
Signed-off-by: Lorinczy Zsigmond <lzsiga@freemail.c3.hu>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 3 03:48:58 CEST 2016 on sn-devel-144
Peter C. Kelly [Wed, 4 May 2016 08:13:37 +0000 (20:13 +1200)]
Improve help wording for samba-tool domain provision as per https://lists.samba.org/archive/samba-technical/2016-April/113740.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11894
Signed-off-by: Peter C. Kelly <peter+sambabugzilla@pck.co.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 2 20:07:22 CEST 2016 on sn-devel-144
Andrew Bartlett [Tue, 10 May 2016 17:33:17 +0000 (05:33 +1200)]
build: Build less of Samba when building --without-ntvfs-fileserver
We would build, but not use, many components of the NTVFS file server
even when we asked not to. They would then consume disk, but not be
of any use
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 30 May 2016 01:57:26 +0000 (13:57 +1200)]
repl: Do not consider userPassword differences to matter in rpc.dssync
userPassword is also not shown over LDAP
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 13 May 2016 04:06:29 +0000 (16:06 +1200)]
torture: Only walk over objects actually converted in drs.dssync
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 20 Apr 2016 20:16:19 +0000 (08:16 +1200)]
samba-tool domain demote: Fix error handling and error messages
Due to an error in a previous patch, e was undefined
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 23 Mar 2016 03:56:17 +0000 (16:56 +1300)]
selftest: Mark LDAPNotificationTest.test_max_search flapping
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 15 Mar 2016 02:09:14 +0000 (15:09 +1300)]
dsdb: Improve syntax clarity
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 12 May 2016 23:39:19 +0000 (11:39 +1200)]
dsdb: Use DRSUAPI_ATTID_isDeleted constant in repl_meta_data
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andreas Schneider [Tue, 26 Apr 2016 14:37:29 +0000 (16:37 +0200)]
mit_samba: Allow to use SPNs for AS-REQ
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Thu Jun 2 16:35:35 CEST 2016 on sn-devel-144