bbaumbach/samba-autobuild/.git
8 months agolibcli/smb: use require_signed_response in smb2cli_conn_dispatch_incoming()
Ralph Boehme [Sat, 10 Nov 2018 21:00:04 +0000 (22:00 +0100)]
libcli/smb: use require_signed_response in smb2cli_conn_dispatch_incoming()

This can be used by the upper layers to force checking a response is
signed. It will be used to implement verification of session setup
reauth responses in a torture test. That comes next.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 months agolibcli/smb: defer singing check a little bit
Ralph Boehme [Sat, 10 Nov 2018 20:56:28 +0000 (21:56 +0100)]
libcli/smb: defer singing check a little bit

This allows adding an additional condition to the if check where the
condition state may be modified in the "if (opcode ==
SMB2_OP_SESSSETUP)" case directly above.

No change in behaviour.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 months agolibcli/smb: maintain require_signed_response in smbXcli_req_state
Ralph Boehme [Fri, 9 Nov 2018 14:26:44 +0000 (15:26 +0100)]
libcli/smb: maintain require_signed_response in smbXcli_req_state

Not used for now, that comes next.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 months agolibcli/smb: add smb2cli_session_require_signed_response()
Ralph Boehme [Fri, 9 Nov 2018 14:17:19 +0000 (15:17 +0100)]
libcli/smb: add smb2cli_session_require_signed_response()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 months agos3:selftest: also run smb2.session torture testsuite against ad_member
Ralph Boehme [Fri, 9 Nov 2018 11:33:29 +0000 (12:33 +0100)]
s3:selftest: also run smb2.session torture testsuite against ad_member

The next commit adds a subtest to the smb2.session testsuite that
requires Kerberos (ad_dc would work), but where neither SMB2 server or
client must require signing (ad_dc, being an AD DC, requires signing).

The ad_member environment supports Kerberos with the SMB2 server not
mandating signing, that'll do.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 months agos3:selftest: split "raw.session" and "smb2.session"
Ralph Boehme [Thu, 8 Nov 2018 15:24:45 +0000 (16:24 +0100)]
s3:selftest: split "raw.session" and "smb2.session"

The next commit is going to add a testsuite to "smb2.session".

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 months agoreplace: Add check for variable program_invocation_short_name
Martin Schwenke [Mon, 12 Nov 2018 23:05:21 +0000 (10:05 +1100)]
replace: Add check for variable program_invocation_short_name

It appears that wafsamba's configure() defines _GNU_SOURCE
unconditionally, so checking _GNU_SOURCE isn't enough to know if this
variable is available.

For example, it isn't available on AIX with the xlc compiler:

  [ 6/10] Compiling lib/replace/replace.c
  ...
  "../../lib/replace/replace.c", line 991.16: 1506-045 (S) Undeclared identifier program_invocation_short_name.

Instead, add a configure check for program_invocation_short_name and
use it.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Nov 13 11:11:11 CET 2018 on sn-devel-144

8 months agonsswitch: Handle possible NULL return value of getprogname()
Andreas Schneider [Mon, 12 Nov 2018 14:47:46 +0000 (15:47 +0100)]
nsswitch: Handle possible NULL return value of getprogname()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agolib:replace: Do not leak the file pointer in rep_getprogname()
Andreas Schneider [Mon, 12 Nov 2018 14:31:09 +0000 (15:31 +0100)]
lib:replace: Do not leak the file pointer in rep_getprogname()

And return NULL on error.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Use wire_perms_to_unix in unix_perms_from_wire
Volker Lendecke [Fri, 9 Nov 2018 06:55:40 +0000 (07:55 +0100)]
smbd: Use wire_perms_to_unix in unix_perms_from_wire

Same code, less lines

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 13 04:10:54 CET 2018 on sn-devel-144

8 months agowinbindd: Fix crash when taking profiles
Volker Lendecke [Mon, 12 Nov 2018 15:21:55 +0000 (16:21 +0100)]
winbindd: Fix crash when taking profiles

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13629
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Nov 12 20:20:52 CET 2018 on sn-devel-144

8 months agopam_winbind: Set the request type as client name
Andreas Schneider [Fri, 2 Nov 2018 17:58:25 +0000 (18:58 +0100)]
pam_winbind: Set the request type as client name

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Nov 12 13:44:09 CET 2018 on sn-devel-144

8 months agonss_wins: Set client process name
Andreas Schneider [Mon, 5 Nov 2018 07:16:23 +0000 (08:16 +0100)]
nss_wins: Set client process name

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agonss_winbind: Set the client process name
Andreas Schneider [Mon, 5 Nov 2018 07:14:48 +0000 (08:14 +0100)]
nss_winbind: Set the client process name

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agokrb5_plugin: Set the wbclient process name
Andreas Schneider [Mon, 5 Nov 2018 07:11:27 +0000 (08:11 +0100)]
krb5_plugin: Set the wbclient process name

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agowbclient: Add wbcSetClientProcessName()
Andreas Schneider [Fri, 2 Nov 2018 17:57:05 +0000 (18:57 +0100)]
wbclient: Add wbcSetClientProcessName()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agos3:winbind: Log client process name for PAM auth
Andreas Schneider [Mon, 5 Nov 2018 10:56:21 +0000 (11:56 +0100)]
s3:winbind: Log client process name for PAM auth

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agos3:winbind: Log client process name in winbind_misc
Andreas Schneider [Mon, 5 Nov 2018 10:55:46 +0000 (11:55 +0100)]
s3:winbind: Log client process name in winbind_misc

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agos3:winbind: Log client process name
Andreas Schneider [Fri, 2 Nov 2018 17:56:29 +0000 (18:56 +0100)]
s3:winbind: Log client process name

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agos3:winbindd: Also log the process name in winbindd
Andreas Schneider [Fri, 2 Nov 2018 17:45:26 +0000 (18:45 +0100)]
s3:winbindd: Also log the process name in winbindd

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agowbclient: Send the client process name talking to winbind
Andreas Schneider [Fri, 2 Nov 2018 17:39:26 +0000 (18:39 +0100)]
wbclient: Send the client process name talking to winbind

This is for better debugging messages.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agolib:replace: Add getprogname()
Andreas Schneider [Fri, 2 Nov 2018 17:04:28 +0000 (18:04 +0100)]
lib:replace: Add getprogname()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agos4-auth-tests: Fix test_kerberos with MIT krb
Justin Stephenson [Thu, 8 Nov 2018 15:57:48 +0000 (10:57 -0500)]
s4-auth-tests: Fix test_kerberos with MIT krb

When a keytab of type MEMORY is used, the MIT kerberos krb5_kt_add_entry()
library function adds a keytab entry to the beginning of the keytab table,
instead of the end.

This adds a MIT kerberos conditional to reverse iterate through
the keytable entries to address this.

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Sat Nov 10 12:48:02 CET 2018 on sn-devel-144

8 months agolib: Use dom_sid_str_buf
Volker Lendecke [Fri, 2 Nov 2018 19:48:07 +0000 (20:48 +0100)]
lib: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Nov 10 02:19:29 CET 2018 on sn-devel-144

8 months agolibgpo: Use dom_sid_str_buf
Volker Lendecke [Fri, 2 Nov 2018 20:28:59 +0000 (21:28 +0100)]
libgpo: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agoidmap: Use dom_sid_str_buf
Volker Lendecke [Sat, 27 Oct 2018 19:50:34 +0000 (21:50 +0200)]
idmap: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agoidmap: Use dom_sid_str_buf
Volker Lendecke [Fri, 2 Nov 2018 19:54:37 +0000 (20:54 +0100)]
idmap: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agoidmap: Use dom_sid_str_buf
Volker Lendecke [Fri, 26 Oct 2018 13:43:30 +0000 (15:43 +0200)]
idmap: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agopassdb: Use dom_sid_str_buf
Volker Lendecke [Fri, 2 Nov 2018 19:58:59 +0000 (20:58 +0100)]
passdb: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agopassdb: Use dom_sid_str_buf
Volker Lendecke [Fri, 2 Nov 2018 19:58:59 +0000 (20:58 +0100)]
passdb: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agopassdb: Use dom_sid_str_buf
Volker Lendecke [Fri, 26 Oct 2018 13:43:30 +0000 (15:43 +0200)]
passdb: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agopassdb: Use dom_sid_str_buf
Volker Lendecke [Fri, 26 Oct 2018 13:43:30 +0000 (15:43 +0200)]
passdb: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agolibcli: Use dom_sid_str_buf
Volker Lendecke [Fri, 26 Oct 2018 12:15:43 +0000 (14:15 +0200)]
libcli: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agowinbind: Use dom_sid_str_buf
Volker Lendecke [Sat, 27 Oct 2018 20:01:03 +0000 (22:01 +0200)]
winbind: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agowinbind: Use dom_sid_str_buf
Volker Lendecke [Fri, 26 Oct 2018 06:25:14 +0000 (08:25 +0200)]
winbind: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agowinbind: Use dom_sid_str_buf
Volker Lendecke [Fri, 26 Oct 2018 06:25:14 +0000 (08:25 +0200)]
winbind: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agovfs_fruit: validation of writes on AFP_AfpInfo stream
Ralph Boehme [Tue, 6 Nov 2018 12:24:14 +0000 (13:24 +0100)]
vfs_fruit: validation of writes on AFP_AfpInfo stream

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13677

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agovfs_fruit: move a comment to the right place
Ralph Boehme [Tue, 6 Nov 2018 11:34:17 +0000 (12:34 +0100)]
vfs_fruit: move a comment to the right place

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13677

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agos4:torture/vfs/fruit: torture writing AFP_AfpInfo stream
Ralph Boehme [Tue, 6 Nov 2018 11:24:54 +0000 (12:24 +0100)]
s4:torture/vfs/fruit: torture writing AFP_AfpInfo stream

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13677

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agonsswitch: Fix CID 1441070 Error handling issues (CHECKED_RETURN)
Ralph Wuerthner [Fri, 9 Nov 2018 08:01:29 +0000 (09:01 +0100)]
nsswitch: Fix CID 1441070 Error handling issues (CHECKED_RETURN)

Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agonsswitch: Fix CID 1441072 Error handling issues (CHECKED_RETURN)
Ralph Wuerthner [Fri, 9 Nov 2018 07:58:31 +0000 (08:58 +0100)]
nsswitch: Fix CID 1441072 Error handling issues (CHECKED_RETURN)

Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agomdb_util: Better error message if lmdb-utils not installed
Tim Beale [Thu, 8 Nov 2018 23:17:40 +0000 (12:17 +1300)]
mdb_util: Better error message if lmdb-utils not installed

mdb_copy() was dutifully checking the PATH for the mdb_copy executable,
then, if it didn't find it, blindly proceeding anyway and trying to run
a non-existent executable. This resulted in a cryptic error:

  ERROR(<type 'exceptions.OSError'>): uncaught exception - [Errno 2] No
    such file or directory

Add in an extra check that we actually find the executable and raise a
better human-readable exception if we don't.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov  9 21:07:47 CET 2018 on sn-devel-144

8 months agoselftest: Fix backup testenv creation on certain host machines
Tim Beale [Thu, 8 Nov 2018 22:49:12 +0000 (11:49 +1300)]
selftest: Fix backup testenv creation on certain host machines

When we created the backup-file for the restoredc/renamedc/labdc
testenvs we weren't explicitly a --configfile on the samba-tool command.
This meant the command tried to use the smb.conf form the default
install location, i.e. /usr/local/samba/etc/smb.conf. On the gitlab CI
runner, there's no samba installed, so it ends up using the default
settings, which is fine. However, if the host machine had an invalid
smb.conf installed there, creating the testenv would fail with an error
like:

ERROR(runtime): uncaught exception - Unable to load default file
File "bin/python/samba/netcmd/__init__.py", line 184, in _run
return self.run(*args, **kwargs)
File "bin/python/samba/netcmd/domain_backup.py", line 222, in run
lp = sambaopts.get_loadparm()
  File "bin/python/samba/getopt.py", line 94, in get_loadparm
    self._lp.load_default()

We can avoid this by always explictly specifying the backupfromdc's
smb.conf when creating the backup file.

Likewise, labdc/customdc also need the config specified when the admin
password is reset.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
8 months agoselftest: Add README note: always use --configfile in testenv creation
Tim Beale [Thu, 8 Nov 2018 22:44:18 +0000 (11:44 +1300)]
selftest: Add README note: always use --configfile in testenv creation

We always need to specify "env->{CONFIGURATION}" when running a samba-tool
command to setup a testenv. Add a note to the README as this wasn't at
all clear.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
8 months agos4-kdc: restore MIT KDC backend
Philipp Gesang [Mon, 5 Nov 2018 14:54:35 +0000 (15:54 +0100)]
s4-kdc: restore MIT KDC backend

Fix fallout from the KDC prefork patchset (99aea42520fc..).

GCC warns when Samba is being built with --with-system-mitkrb5.
Fix this by adapting the signature of mitkdc_task_init() to match
task_init which has been extended to return a status code.

Status codes try to mimick those of kdc-heimdal.c:kdc_task_init()
as closely as possible.

Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
8 months agoselftest: Test hide new files timeout
Volker Lendecke [Thu, 8 Nov 2018 12:27:58 +0000 (13:27 +0100)]
selftest: Test hide new files timeout

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov  9 03:49:55 CET 2018 on sn-devel-144

8 months agosmbd: Add "hide new files" option
Volker Lendecke [Thu, 23 Aug 2018 11:51:26 +0000 (13:51 +0200)]
smbd: Add "hide new files" option

See the manpage for the description

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agodebug: Use debuglevel_(get|set) function
Andreas Schneider [Wed, 7 Nov 2018 13:14:05 +0000 (14:14 +0100)]
debug: Use debuglevel_(get|set) function

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov  8 11:03:11 CET 2018 on sn-devel-144

8 months agolib:util: Fix DEBUGCLASS pointer initializiation
Andreas Schneider [Wed, 7 Nov 2018 13:32:29 +0000 (14:32 +0100)]
lib:util: Fix DEBUGCLASS pointer initializiation

This fixes a segfault in pyglue:

==10142== Process terminating with default action of signal 11 (SIGSEGV)
==10142==  Bad permissions for mapped region at address 0x6F00A20
==10142==    at 0x6F1074B: py_set_debug_level (pyglue.c:165)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13679

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agonsswitch:tests: Pass the envname to the script
Andreas Schneider [Wed, 7 Nov 2018 10:35:59 +0000 (11:35 +0100)]
nsswitch:tests: Pass the envname to the script

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agoWHATSNEW: NETLOGON prefork support
Gary Lockyer [Wed, 19 Sep 2018 03:04:35 +0000 (15:04 +1200)]
WHATSNEW: NETLOGON prefork support

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov  7 21:17:59 CET 2018 on sn-devel-144

8 months agosource4 smdb rpc_server: Support prefork process model.
Gary Lockyer [Wed, 29 Aug 2018 03:07:32 +0000 (15:07 +1200)]
source4 smdb rpc_server: Support prefork process model.

Allow the rpc_server to run in the prefork process model. Due to the use
of shared handles and resources all of the rpc end points are serviced
in the first worker process. Those end points that can be run in
multiple processes (currently only Netlogon and management) are serviced in
the first and any subsequent workers.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosource4 smbd: pass instance number to post_fork
Gary Lockyer [Wed, 29 Aug 2018 01:16:08 +0000 (13:16 +1200)]
source4 smbd: pass instance number to post_fork

Pass the instance number to the post_fork hook. This is required to
allow the rpc_server to support the prefork process model.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoWHATSNEW: 'prefork children' default
Gary Lockyer [Wed, 19 Sep 2018 03:13:49 +0000 (15:13 +1200)]
WHATSNEW: 'prefork children' default

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosource4 smbd prefork: Increase default worklers to 4
Gary Lockyer [Wed, 5 Sep 2018 01:59:34 +0000 (13:59 +1200)]
source4 smbd prefork: Increase default worklers to 4

Increase the default number of worker processes started by the pre-fork
process model from 1 to 4.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoautobuild: make ad_dc use prefork process model
Gary Lockyer [Tue, 28 Aug 2018 03:26:03 +0000 (15:26 +1200)]
autobuild: make ad_dc use prefork process model

Convert the ad_dc environment from single process model to the prefork
process model.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotraffic_replay: Rework machine accounts to remove redundant code
Tim Beale [Mon, 5 Nov 2018 22:27:42 +0000 (11:27 +1300)]
traffic_replay: Rework machine accounts to remove redundant code

generate_users_and_groups() now generates the machine acounts as well as
the user accounts, so it seems there's no need to also have
generate_traffic_accounts(), which does the same job.

Instead, we can just pass through the number of machine acounts to
generate_users_and_groups() and delete the other function.

Also updated generate_users_and_groups() so that machine_accounts is
no longer optional (we want to create machine accounts in all cases).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotraffic_replay: Make packet generation work on a pre-populated DB again
Tim Beale [Mon, 5 Nov 2018 22:14:41 +0000 (11:14 +1300)]
traffic_replay: Make packet generation work on a pre-populated DB again

Generate separate machine accounts for populating a large DB vs
replaying network traffic.

We want to use different userAccountControl flags in each of the above
cases (i.e. commit 3338a3e257fa9f28). However, this means that once you
use the --generate-users-only option, you can't replay network packets
against the machine accounts.

We can avoid this problem by creating separate machine accounts for each
of 2 different cases, e.g. STGM-0-x machines for traffic-replay, and
PC-0-x machines for padding out the database.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotraffic_replay: Make sure naming assumptions are in a single place
Tim Beale [Mon, 5 Nov 2018 20:35:41 +0000 (09:35 +1300)]
traffic_replay: Make sure naming assumptions are in a single place

The traffic_replay group/user/machine account names follow a standard
format. This adds a function to generate the machine-name. It also makes
sure the existing user_name() function gets called in all applicable
places.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotraffic_replay: Move 'traffic account' flag up a level
Tim Beale [Mon, 5 Nov 2018 21:58:56 +0000 (10:58 +1300)]
traffic_replay: Move 'traffic account' flag up a level

We create machine accounts for 2 different purposes:
1). For traffic generation, i.e. testing realistic network packets.
2). For generating a realistic large DB.

Unfortunately, we want to use different userAccountControl flags for
the 2 different cases. Commit 3338a3e257fa9f28 changed the flags used
for case #2, but this breaks case #1.

The problem is generate_users_and_groups() is called in both cases,
so we want the 'traffic account' flag passed into that function.
This ensures that the machine accounts get created with the appropriate
userAccountControl flags for the particular case you want to test.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotraffic_replay: Move machine account creation
Tim Beale [Mon, 5 Nov 2018 21:52:38 +0000 (10:52 +1300)]
traffic_replay: Move machine account creation

I was assuming that generate_users_and_groups() only gets called in the
--generate-users-only case. However, it also gets called in the default
traffic replay case.

This patch reworks the code so that the number of machine accounts to
create gets passed in, and the 'create 25% more computers than users'
assumption only applies to the --generate-users-only case.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool gpo: convert pseudo-method into method
Douglas Bagnall [Tue, 6 Nov 2018 23:15:12 +0000 (12:15 +1300)]
samba-tool gpo: convert pseudo-method into method

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool gpo: add helper method for tmpdir construction
Douglas Bagnall [Tue, 6 Nov 2018 22:57:13 +0000 (11:57 +1300)]
samba-tool gpo: add helper method for tmpdir construction

A few of the gpo commands use an identical temporary directory structure
that can be constructed using shared code.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool gpo: do not use predictable temp directory
Douglas Bagnall [Tue, 6 Nov 2018 22:43:26 +0000 (11:43 +1300)]
samba-tool gpo: do not use predictable temp directory

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agopython/upgradehelpers: use mkstemp, not mktemp
Douglas Bagnall [Thu, 1 Nov 2018 20:02:15 +0000 (09:02 +1300)]
python/upgradehelpers: use mkstemp, not mktemp

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoselftest: Add some more testenv descriptions
Tim Beale [Mon, 5 Nov 2018 01:45:34 +0000 (14:45 +1300)]
selftest: Add some more testenv descriptions

This still doesn't cover all the testenvs comprehensively, but it
pretty much exhausts my knowledge of what the various testenvs do.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Nov  7 04:39:05 CET 2018 on sn-devel-144

8 months agoselftest: Add README documenting the customdc testenv
Tim Beale [Mon, 5 Nov 2018 00:41:08 +0000 (13:41 +1300)]
selftest: Add README documenting the customdc testenv

Also documented the other backup/restore testenvs as well.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
8 months agotdb: Align integer types
Volker Lendecke [Sat, 3 Nov 2018 09:11:26 +0000 (10:11 +0100)]
tdb: Align integer types

tdb->max_dead_records is "int", as is the corresponding parameter to
tdb_set_max_dead(). Not that a signed variable makes any sense, but
this is old code and tdb_set_max_dead() is a public API which we
should not change for this.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov  6 21:52:32 CET 2018 on sn-devel-144

8 months agogencache: Prune expired entries
Volker Lendecke [Wed, 24 Oct 2018 08:51:40 +0000 (10:51 +0200)]
gencache: Prune expired entries

This solves the problem that gencache never shrinks right
now. Whenever we write an entry, we now walk that entry's chain and
delete expired entries. This should be a good balance between
performance and cleanup actions: Reading is still unaffected, and
those who write pay a small penalty while keeping gencache size under
control.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agogencache: Wipe corrupt databases
Volker Lendecke [Fri, 2 Nov 2018 15:58:53 +0000 (16:58 +0100)]
gencache: Wipe corrupt databases

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agogencache: Remove transaction-based tdb
Volker Lendecke [Thu, 11 Oct 2018 10:52:40 +0000 (12:52 +0200)]
gencache: Remove transaction-based tdb

At more than one large site I've seen significant problems due to
gencache_stabilize. gencache_stabilize was mainly introduced to
survive machine crashes with the cache still being in place. Given
that most installations crash rarely and this is still a cache, this
safety is overkill and causes real problems.

With the recent changes to tdb, we should be safe enough to run on
completely corrupted databases and properly detect errors. A further
commit will introduce code that wipes the gencache.tdb if such a
corruption is detected.

There is one kind of corruption that we don't properly handle:
Orphaned space in the database. I don't have a good idea yet how to
handle this in a graceful and efficient way during normal operations,
but maybe this idea pops up at some point.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agogencache: Add crc check
Volker Lendecke [Wed, 10 Oct 2018 14:53:10 +0000 (16:53 +0200)]
gencache: Add crc check

This covers key, timestamp and data. This will detect silent
corruption of gencache data after a system crash

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agogencache: Convert to a binary timestamp
Volker Lendecke [Wed, 10 Oct 2018 14:12:28 +0000 (16:12 +0200)]
gencache: Convert to a binary timestamp

Two reasons:

The ascii conversion shows up on profiles.

In a further commit we will get checksums for gencache entries to
protect at hidden corruption due to a crash on the non-transactioned
gencache.tdb. Next to the timestamp this is a second field that is
gencache metadata, and I don't want to deal with a second ascii number
when at least some of the gencache values are binary already.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agotdb: Allow !CLEAR_IF_FIRST & MUTEX_LOCKING
Volker Lendecke [Mon, 22 Oct 2018 06:57:00 +0000 (08:57 +0200)]
tdb: Allow !CLEAR_IF_FIRST & MUTEX_LOCKING

This is a prerequisite to allow gencache to run on a non-transactioned
database with mutexes.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agotdb: Version 1.3.17 for tdb_traverse_chain
Volker Lendecke [Mon, 29 Oct 2018 06:43:43 +0000 (07:43 +0100)]
tdb: Version 1.3.17 for tdb_traverse_chain

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agotdb: Add test for tdb_traverse_chain
Volker Lendecke [Sun, 7 Oct 2018 20:03:09 +0000 (22:03 +0200)]
tdb: Add test for tdb_traverse_chain

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agotdb: Add tdb_traverse_chain
Volker Lendecke [Sun, 28 Oct 2018 08:06:39 +0000 (09:06 +0100)]
tdb: Add tdb_traverse_chain

This is a lightweight readonly traverse of a single chain, see the
comment in the header file.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agoctdb-daemon: Do not fork when CTDB_TEST_MODE is set
Martin Schwenke [Thu, 18 Oct 2018 07:02:13 +0000 (18:02 +1100)]
ctdb-daemon: Do not fork when CTDB_TEST_MODE is set

Explicitly background ctdbd instead.

This has the advantage of leaving stdin open.  ctdbd can then be
enhanced to exit when stdin closes, allowing better cleanup in a test
environment.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Nov  6 10:30:14 CET 2018 on sn-devel-144

8 months agoctdb-daemon: Switch interactive variable to a bool
Martin Schwenke [Tue, 6 Nov 2018 03:06:14 +0000 (14:06 +1100)]
ctdb-daemon: Switch interactive variable to a bool

popt uses an int in place of a bool, so declare an extra int and make
the conversion explicit.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Add local_daemons.sh onnode and socket commands
Martin Schwenke [Fri, 12 Oct 2018 02:49:58 +0000 (13:49 +1100)]
ctdb-tests: Add local_daemons.sh onnode and socket commands

These aren't used by simple tests but they will be useful for
integrating ctdbd local daemons into other test suites and for
debugging.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Use local_daemons.sh in local_daemons.bash
Martin Schwenke [Thu, 11 Oct 2018 10:55:10 +0000 (21:55 +1100)]
ctdb-tests: Use local_daemons.sh in local_daemons.bash

The etc-ctdb/ subdirectory containing the event script moves into the
top-level tests/ directory because the subdirectory is really now
owned by local_daemons.sh instead of simple/.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Add local_daemons.sh
Martin Schwenke [Thu, 11 Oct 2018 08:32:09 +0000 (19:32 +1100)]
ctdb-tests: Add local_daemons.sh

This provides a separate script for handling local daemons.  It can be
used for testing outside of the CTDB simple test suite.  It is
installed as ctdb_local_daemons.

The logic is copied from ctdb/tests/simple/scripts/local_daemons.bash.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Allow use of setup_ctdb_base() outside of test cases
Martin Schwenke [Thu, 11 Oct 2018 09:23:07 +0000 (20:23 +1100)]
ctdb-tests: Allow use of setup_ctdb_base() outside of test cases

Always create an empty event script directory.  If $TEST_SUBDIR is
unset then don't use it to look for etc-ctdb/.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-build: Don't set unused variable TEST_BIN_DIR
Martin Schwenke [Tue, 9 Oct 2018 05:43:12 +0000 (16:43 +1100)]
ctdb-build: Don't set unused variable TEST_BIN_DIR

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Move setting of ctdb_dir and top_dir
Martin Schwenke [Tue, 9 Oct 2018 05:37:11 +0000 (16:37 +1100)]
ctdb-tests: Move setting of ctdb_dir and top_dir

These are only used in script_install_paths.sh.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Use $CTDB_SCRIPTS_TOOLS_BIN_DIR
Martin Schwenke [Tue, 9 Oct 2018 05:33:51 +0000 (16:33 +1100)]
ctdb-tests: Use $CTDB_SCRIPTS_TOOLS_BIN_DIR

Don't calculate this locally as _tools_dir.  Add it to PATH
unconditionally - this may result in duplicate entries in PATH but the
resulting code is simpler.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Use $CTDB_SCRIPTS_TESTS_BINDIR
Martin Schwenke [Tue, 9 Oct 2018 05:30:15 +0000 (16:30 +1100)]
ctdb-tests: Use $CTDB_SCRIPTS_TESTS_BINDIR

Don't calculate this locally as _test_bin_dir.  Just calculate
top_dir, source script_install_paths.sh and use
$CTDB_SCRIPT_TESTS_BINDIR.

Don't bother sanity checking if TEST_BIN_DIR is set.  It will go away
soon.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Add new variable CTDB_SCRIPTS_TESTS_BINDIR
Martin Schwenke [Tue, 9 Oct 2018 05:18:49 +0000 (16:18 +1100)]
ctdb-tests: Add new variable CTDB_SCRIPTS_TESTS_BINDIR

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Change all cluster setup to use ctdb_test_init()
Martin Schwenke [Mon, 8 Oct 2018 06:25:48 +0000 (17:25 +1100)]
ctdb-tests: Change all cluster setup to use ctdb_test_init()

ctdb_test_init() now passes any arguments to setup_ctdb().

Update tests that have custom local daemon configuration to call
ctdb_test_init() directly.  Remove the redundant, initial call to
ctdb_test_init() to avoid starting the cluster an extra time.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Drop passing of test arguments to ctdb_test_init()
Martin Schwenke [Mon, 8 Oct 2018 04:04:24 +0000 (15:04 +1100)]
ctdb-tests: Drop passing of test arguments to ctdb_test_init()

Arguments are currently ignored anyway.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Drop ctdb_restart_when_done()
Martin Schwenke [Mon, 8 Oct 2018 02:51:01 +0000 (13:51 +1100)]
ctdb-tests: Drop ctdb_restart_when_done()

This no longer does anything.  Integration test cases now start and
shut down the cluster.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Drop dependency on variable ctdb_test_restart_scheduled
Martin Schwenke [Mon, 8 Oct 2018 02:53:16 +0000 (13:53 +1100)]
ctdb-tests: Drop dependency on variable ctdb_test_restart_scheduled

The remainder of the scheduled restart logic is about to be removed,
so produce debugging information any time the cluster is not healthy.

While here, reindent and drop the else since there is already an early
return before it.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Drop tests that only start and stop daemons
Martin Schwenke [Mon, 8 Oct 2018 02:41:39 +0000 (13:41 +1100)]
ctdb-tests: Drop tests that only start and stop daemons

Integration test cases now start and shut down the cluster.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Move enabling of event scripts to setup_ctdb()
Martin Schwenke [Tue, 9 Oct 2018 04:09:38 +0000 (15:09 +1100)]
ctdb-tests: Move enabling of event scripts to setup_ctdb()

This is for the real cluster case.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Improve signal handling trap
Martin Schwenke [Mon, 8 Oct 2018 02:39:30 +0000 (13:39 +1100)]
ctdb-tests: Improve signal handling trap

Interrupting a test run currently moves on to the next test.  It
should exit.

Follow the practice of exiting with 128 + signal number.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Drop cleanup_handler()
Martin Schwenke [Mon, 8 Oct 2018 02:38:10 +0000 (13:38 +1100)]
ctdb-tests: Drop cleanup_handler()

Running testsuite-specific code here isn't a good option.

Daemons are now shut down in ctdb_test_exit(), even when testing is
interrupted.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Start daemons in ctdb_test_init(), stop them in ctdb_test_exit()
Martin Schwenke [Mon, 8 Oct 2018 02:30:55 +0000 (13:30 +1100)]
ctdb-tests: Start daemons in ctdb_test_init(), stop them in ctdb_test_exit()

This makes tests self-contained.  They can also now be individually
looped, if necessary.

Most tests (all but 1 complex, more than 50% of simple) restart the
daemons anyway, so this simplification is worth it.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Ignore SIGPIPE during simple test cleanup
Martin Schwenke [Fri, 2 Nov 2018 05:21:26 +0000 (16:21 +1100)]
ctdb-tests: Ignore SIGPIPE during simple test cleanup

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Drop setting of unused variable scriptname
Martin Schwenke [Mon, 8 Oct 2018 02:55:08 +0000 (13:55 +1100)]
ctdb-tests: Drop setting of unused variable scriptname

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tests: Drop use of confusing testfailures variable
Martin Schwenke [Mon, 8 Oct 2018 01:59:33 +0000 (12:59 +1100)]
ctdb-tests: Drop use of confusing testfailures variable

Exit on first test failure instead of setting a variable.  The bizarre
logic in ctdb_test_exit() makes this worth dropping.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>