Volker Lendecke [Tue, 22 May 2018 11:25:41 +0000 (13:25 +0200)]
ldap_server: Fix CID
1435731 Unchecked return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 May 2018 11:23:33 +0000 (13:23 +0200)]
ctdbd: Fix CID
1435732 Argument cannot be negative
setenv returns its error in "errno"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 May 2018 11:20:17 +0000 (13:20 +0200)]
audit_logging: Fix CID
1435739 Dereference null return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 May 2018 11:17:25 +0000 (13:17 +0200)]
ctdb: Fix CID
1435740 Unchecked return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Fri, 18 May 2018 03:57:39 +0000 (15:57 +1200)]
autobuild: Include information of disk free in system-info.txt
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu May 24 00:42:48 CEST 2018 on sn-devel-144
Andrew Bartlett [Fri, 18 May 2018 03:53:33 +0000 (15:53 +1200)]
gitlab-ci: Do not hide a possible out-of-space condition by cleaning up the tree
These are VMs anyway and will soon vanish, so a cleanup is totally wasted in any case.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Fri, 18 May 2018 03:51:34 +0000 (15:51 +1200)]
gitlab-ci: Include system-info.txt to give info on possible failures
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Tim Beale [Tue, 15 May 2018 21:45:32 +0000 (09:45 +1200)]
dsdb: Avoid calculating the PSO multiple times
In a typical user login query, the code tries to work out the PSO 2-3
times - once for the msDS-ResultantPSO attribute, and then again for the
msDS-User-Account-Control-Computed & msDS-UserPasswordExpiryTimeComputed
constructed attributes.
The PSO calculation is reasonably expensive, mostly due to the nested
groups calculation. If we've already constructed the msDS-ResultantPSO
attribute, then we can save ourselves extra work by just re-fetching the
result directly, rather than expanding the nested groups again from
scratch.
The previous patch improves efficiency when there are no PSOs in the
system. This should improve the case where there are PSOs that apply to
the users. (Unfortunately, it won't help where there are some PSOs in
the system, but no PSO applies to the user being queried).
Also updated sam.c so the msDS-ResultantPSO gets calculated first,
before the other constructed attributes.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed May 23 10:09:11 CEST 2018 on sn-devel-144
Tim Beale [Tue, 15 May 2018 02:02:32 +0000 (14:02 +1200)]
dsdb: Avoid performance hit if PSOs aren't actually used
The new PSO code adds some additional overhead in extra lookups. To
avoid penalizing existing setups, we can short-circuit the PSO
processing and return early if there are no actual PSO objects in the
DB. The one-level search should be very quick, and it avoids the need to
do more complicated PSO processing (i.e. expanding the nested groups).
The longer-term plan is to rework the tokenGroups lookup so that it only
gets done once, and the result can then be reused by the resultant-PSO
code (rather than computing the nested-groups again). However, in the
short-term, a slight decrease in performance is the price for any users
that want to deploy PSOs.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Thu, 10 May 2018 21:29:01 +0000 (09:29 +1200)]
tests: Add tests for domain pwdHistoryLength
This is not related to PSOs at all, but there's a minor discrepancy
between Windows and Samba password-history-length behaviour that I
noticed during PSO testing.
When the pwdHistoryLength changes from zero to non-zero, Windows
includes the user's current password as invalid immediately, whereas
Samba only includes it as invalid *after* it next changes. It's a
fairly obscure corner-case, and we might not care enough about it to
fix it. However, I've added a test case to highlight the difference and
marked it as a known-fail for now.
I also added a general pwdHistoryLength test case to show that the
basics work (this didn't seem to be tested anywhere else).
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Thu, 10 May 2018 23:49:23 +0000 (11:49 +1200)]
tests: Extend passwordsettings tests to cover PSO command options
Add test cases for the new PSO samba-tool command options.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Sun, 22 Apr 2018 22:47:21 +0000 (10:47 +1200)]
netcmd: Add samba-tool support for managing PSOs
Add a new command 'samba-tool domain passwordsettings pso', with the
sub-command options: create, delete, set, list, show, show-user, apply,
unapply. The apply and unapply options apply the PSO to a user or group.
The show-user option shows the actual PSO (and its settings) that will
take effect for a given user.
The new commands are pretty self-contained in a new pso.py file. We
decided to add these new commands under the existing 'samba-tool domain
passwordsettings' command, as that's what users would be already
familiar with.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Thu, 19 Apr 2018 01:51:36 +0000 (13:51 +1200)]
dsdb: Use PSO maxPwdAge for operational msDS-PasswordExpiryTimeComputed
When calculating the Password-Expiry-Time, we should use the PSO's
max-password-age setting, if one applies to the user.
This is code may be inefficient, as it may repeat the PSO-lookup work
several times (once for each constructed attribute that tries to use
it). For now, I've gone for the simplest code change, and efficiency can
be addressed in a subsequent patch (once we have a good test to measure
it).
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Wed, 18 Apr 2018 22:46:48 +0000 (10:46 +1200)]
dsdb: Update password_hash to use PSO settings for password changes
Honour the settings in the PSO when changing the password, i.e.
msDS-PasswordComplexityEnabled, msDS-PasswordHistoryLength, etc.
The password_hash code populates dsdb_control_password_change_status's
domain_data with the password settings to use - these are currently
based on the settings for the domain.
Now, if the password_hash code has worked out that a PSO applies to the
user, we override the domain settings with the PSO's values.
This change means the password_settings tests now pass.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Wed, 18 Apr 2018 21:47:42 +0000 (09:47 +1200)]
dsdb: Move anonymous domain_data struct
Anonymous structs and 80 character line-lengths don't mix well. Allow
the struct to be referenced directly.
With the introduction of PSOs, the password-settings are now calculated
per-user rather than per-domain. I've tried to reflect this in the
struct name.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Wed, 18 Apr 2018 02:21:46 +0000 (14:21 +1200)]
dsdb: Lookup PSO's lockout settings for password_hash modifies
When a user's password-hash is modified, we need the PSO settings for
that user, so that any lockout settings get applied correctly.
To do this, we query the msDS-ResultantPSO in the user search. Then, if
a PSO applies to the user, we add in a extra search to retrieve the
PSO's settings. Once the PSO search completes, we continue with the
modify operation.
In the event of error cases, I've tried to fallback to logging the
problem and continuing with the default domain settings. However,
unusual internal errors will still fail the operation.
We can pass the PSO result into dsdb_update_bad_pwd_count(), which means
the PSO's lockout-threshold and observation-window are now used. This is
enough to get the remaining lockout tests passing.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Tue, 8 May 2018 04:07:54 +0000 (16:07 +1200)]
rpc/samr: Fix PSO support in SAMR password_change RPC
To get the SAMR password_lockout test passing, we now just need to query
the msDS-ResultantPSO attribute for the user in the SAMR code. The
common code will then determine that a PSO applies to the user, and use
the PSO's lockout settings.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Tue, 10 Apr 2018 22:33:21 +0000 (10:33 +1200)]
dsdb/rpc: Update effective badPwdCount to use PSO settings
The lockOutObservationWindow is used to calculate the badPwdCount. When
a PSO applies to a user, we want to use the PSO's lockout-observation
window rather the the default domain setting.
This is finally enough to get some of the PSO password_lockout tests
to pass.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Tue, 8 May 2018 03:11:30 +0000 (15:11 +1200)]
dsdb: PSO support for msDS-User-Account-Control-Computed
msDS-User-Account-Control-Computed uses the effective-lockoutDuration to
determine if a user is locked out or not. If a PSO applies to the user,
then the effective-lockoutDuration is the PSO's msDS-LockoutDuration
setting. Otherwise it is the domain default lockoutDuration value.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Fri, 6 Apr 2018 04:42:50 +0000 (16:42 +1200)]
dsdb/auth: Use PSO settings for lockOutThreshold/Duration
If a PSO applies to a user, use its lockOutThreshold/Duration settings
instead of the domain setting. When we lookup a user, we now include the
msDS-ResultantPSO attribute. If the attribute is present for a user,
then we lookup the corresponding PSO object to get the lockOutThreshold/
Duration settings.
Note: This is not quite enough to make the PSO lockout tests pass, as
msDS-User-Account-Control-Computed is still constructed based on the
domain lockoutDuration setting rather than the PSO.
Updating the password_hash.c code properly will be done in a subsequent
commit.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Tue, 8 May 2018 02:45:17 +0000 (14:45 +1200)]
tests: Extend PSO tests to cover password-history/length/complexity
Unhobble the PSO test cases so that they not only check the
msDS-ResultantPSO constructed attribute, but also that the corresponding
PSO's password-history, minimum password length, and complexity settings
are actually used.
The tests now fail once more, as actually using the PSO's settings isn't
implemented yet.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Tim Beale [Tue, 20 Mar 2018 21:45:38 +0000 (10:45 +1300)]
dsdb: Add msDS-ResultantPSO constructed attribute support
Add support for the msDS-ResultantPSO constructed attribute, which
indicates the PSO (if any) that should apply to a given user. First we
consider any PSOs that apply directly to a user. If none apply directly,
we consider PSOs that apply to any groups the user is a member of. (PSO
lookups are done by finding any 'msDS-PSOAppliesTo' links that apply to
the user or group SIDs we're interested in.
Note: the PSO should be selected based on the RevMembGetAccountGroups
membership, which doesn't include builtin groups. Looking at the spec,
it appears that perhaps our tokenGroups implementation should also
exclude builtin groups. However, in the short-term, I've added a new
ACCOUNT_GROUPS option to the enum, which is only used internally for
PSOs.
The PSO test cases (which are currently only checking the constructed
attribute) now pass, showing that the correct msDS-ResultantPSO value is
being returned, even if the corresponding password-policy settings are
not yet being applied.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 14 May 2018 02:34:25 +0000 (14:34 +1200)]
autobuild: build ldb --without-ldb-lmdb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 23 05:11:13 CEST 2018 on sn-devel-144
Andrew Bartlett [Mon, 14 May 2018 00:14:06 +0000 (12:14 +1200)]
selftest: Run ad_dc and vampire_dc with --backend-store=mdb
This ensures the LMDB backend is tested in make test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Tue, 6 Mar 2018 00:40:21 +0000 (13:40 +1300)]
ldb-samba: Handle generic mdb:// url scheme in ldb_relative_path()
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 18 May 2018 19:10:15 +0000 (07:10 +1200)]
ldb: Reject a possible future ldb_mdb with the index in a sub-database
This ensures we do not corrupt such an index by making changes to the
main database without knowing that the index values are now in a
sub-database.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Tue, 6 Mar 2018 02:11:23 +0000 (15:11 +1300)]
ldb: Add MDB support to ldb://
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Gary Lockyer [Tue, 13 Mar 2018 02:08:10 +0000 (15:08 +1300)]
ldb_mdb/tests: add tests for multiple opens across forks
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Mon, 12 Mar 2018 19:14:09 +0000 (08:14 +1300)]
ldb_mdb/tests: test large index key value
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Thu, 22 Mar 2018 22:29:25 +0000 (11:29 +1300)]
ldb_mdb: Remove implicit read lock and remove transaction counter
The way to know if we are in a transaction is if there is a non-NULL
transaction handle.
This allows the ldb_mdb_kv_ops_test test to be run.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 8 May 2018 23:40:36 +0000 (11:40 +1200)]
ldb_mdb: Run the ldb_mdb_mod_op_test
ldb_mdb is now able to pass the full ldb_mod_op_test when compiled against lmdb.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Thu, 8 Mar 2018 03:47:59 +0000 (16:47 +1300)]
ldb_mdb/tests: Tests for wrap open
Tests to ensure that the mdb_env wrapping code correctly handles
multiple ldb's point to the same physical database file.
The test_ldb_close_with_multiple_connections tests are in
ldb_mod_op_test due to the utility code it uses from
elsewhere in that test.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 17 May 2018 01:10:25 +0000 (13:10 +1200)]
ldb_mdb: Use mdb_env_get_fd() to get the FD for fstat() and FD_CLOEXEC
This ensures we leave the FD behind if we exec() in a child process.
This deliberatly the same as TDB, as we want the same behaviour as
we have come to expect with that backend.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Tue, 13 Mar 2018 02:08:10 +0000 (15:08 +1300)]
ldb_mdb: prevent MDB_env reuse across forks
MDB_env's may not be reused accross forks. Check the pid that the lmdb
structure was created by, and return an error if it is being used by a
different process.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Tue, 20 Mar 2018 22:38:22 +0000 (11:38 +1300)]
ldb_mdb: handle EBADE from mdb_env_open
Under some circumstances mdb_env_open returns EBADE, we treat this as
indicating the file is not a valid lmdb format file.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Tue, 6 Mar 2018 23:05:34 +0000 (12:05 +1300)]
ldb_mdb: Wrap mdb_env_open
Wrap mdb_env_open to ensure that we only have one MDB_env opened per
database in each process
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Tue, 6 Mar 2018 02:27:51 +0000 (15:27 +1300)]
ldb_mdb: Apply LMDB key length restrictions at key-value layer
We need to enforce the GUID index mode so end-users do not get a
supprise in mid-operation and we enforce a max key length of 511 so
that the index key trunctation is done correctly.
Otherwise the DB will appear to work until a very long key (DN or
index) is used, after which it will be sad.
Because the previous ldb_lmdb_test confirmed the key length by
creating a large DN, those tests are re-worked to use the GUID index
mode. In turn, new tests are written that create a special DN around
the maximum key length.
Finally a test is included that demonstrates that adding entries to
the LMDB DB without GUID index mode fails.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Mon, 5 Mar 2018 20:13:31 +0000 (09:13 +1300)]
ldb_mdb/tests: Run api and index test also on lmdb
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Fri, 2 Feb 2018 02:30:53 +0000 (15:30 +1300)]
ldb_mdb/tests: Add tests to check for max key length and DB size
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Tue, 6 Mar 2018 23:05:34 +0000 (12:05 +1300)]
ldb_mdb: Don't allow modify operations on a read only db
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Garming Sam [Mon, 5 Mar 2018 03:04:03 +0000 (16:04 +1300)]
ldb_mdb: Store pid to change destructor on fork
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Thu, 1 Mar 2018 03:53:07 +0000 (16:53 +1300)]
ldb_mdb: Enable LDB_FLG_NOSYNC in ldb_mdb
This is used in selftest with 'ldb:nosync = true'.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Wed, 11 Jan 2017 04:10:19 +0000 (17:10 +1300)]
ldb_mdb: Implement the lmdb backend for ldb
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Sun, 20 May 2018 22:40:00 +0000 (10:40 +1200)]
selftest: Clean up ldb on tearDown from each packet in TrafficEmulatorPacketTests
Otherwise the LDB (and so the server resources) are in use until the end of the whole test
due to the way the objects are maintained in python for reporting.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 23 00:53:25 CEST 2018 on sn-devel-144
Amitay Isaacs [Mon, 14 May 2018 06:52:58 +0000 (16:52 +1000)]
socket_wrapper: Add missing dependency on tirpc
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue May 22 13:57:07 CEST 2018 on sn-devel-144
Andrew Bartlett [Mon, 21 May 2018 01:58:12 +0000 (13:58 +1200)]
auth: Use DBGC_AUTH as DBGC_CLASS for AD DC auth session code.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 22 02:42:32 CEST 2018 on sn-devel-144
Andrew Bartlett [Mon, 21 May 2018 01:53:01 +0000 (13:53 +1200)]
s4-drsuapi: Call security_token_debug() with DBGC_DRS_REPL and a proper log level
Selftest logs are full of calls to security_token_debug() with no context
and this is never a log level 0 event, so tidy it up.
The RODC would trigger this each time there is an attempted preload
of a user in the Denied RODC replication group.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Mon, 21 May 2018 01:51:16 +0000 (13:51 +1200)]
auth: Use DBGC_AUTH as DBGC_CLASS for AD DC NTLM auth code.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 5 Dec 2017 07:28:28 +0000 (08:28 +0100)]
vfs_zfsacl: return synthesized ACL when ZFS return ENOTSUP
This allows accessing the ZFS .snapshots directory where ZFS returns
ENOTSUP when calling acl(".snapshots").
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13175
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 18 22:03:21 CEST 2018 on sn-devel-144
Ralph Boehme [Fri, 18 May 2018 11:14:57 +0000 (13:14 +0200)]
s3:smbd: make psbuf arg to make_default_acl_posix() const
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13175
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 4 May 2018 11:20:36 +0000 (12:20 +0100)]
python/samba/netcmd: Py2/Py3 misc replace range with enumerate
Replace various instances of xrange with enumerate.
Signed-off-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Fri May 18 05:24:42 CEST 2018 on sn-devel-144
Jeremy Allison [Thu, 10 May 2018 18:30:24 +0000 (11:30 -0700)]
s3: smbtorture: Add new SMB2-DIR-FSYNC test to show behavior of FSYNC on directories.
Tests against a directory handle on the root of a share,
and a directory handle on a sub-directory in a share.
Check SEC_DIR_ADD_FILE and SEC_DIR_ADD_SUBDIR separately,
either allows flush to succeed.
Passes against Windows.
Regression test for:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13428
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 18 02:38:50 CEST 2018 on sn-devel-144
Jeremy Allison [Thu, 10 May 2018 17:26:52 +0000 (10:26 -0700)]
s3: smbd: Fix SMB2-FLUSH against directories.
Directories opened with either FILE_ADD_FILE or
FILE_ADD_SUBDIRECTORY can be flushed even if
they're not writable in the conventional sense.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13428
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 17 May 2018 19:35:06 +0000 (12:35 -0700)]
s3: profile: Cleanup - we no longer use read/write/fsync syscalls.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Wed, 16 May 2018 11:59:55 +0000 (13:59 +0200)]
lib: Fix array size in audit_logging
../lib/audit_logging/audit_logging.c: In function ‘json_add_timestamp’:
../lib/audit_logging/audit_logging.c:603:12: error: ‘%s’ directive
output may be truncated writing up to 9 bytes into a region of size
between 0 and 43 [-Werror=format-truncation=]
"%s.%06ld%s",
^~
../lib/audit_logging/audit_logging.c:606:3:
tz);
~~
../lib/audit_logging/audit_logging.c:600:2: note: ‘snprintf’ output
between 8 and 70 bytes into a destination of size 50
snprintf(
^~~~~~~~~
timestamp,
~~~~~~~~~~
sizeof(timestamp),
~~~~~~~~~~~~~~~~~~
"%s.%06ld%s",
~~~~~~~~~~~~~
buffer,
~~~~~~~
tv.tv_usec,
~~~~~~~~~~~
tz);
~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu May 17 20:17:35 CEST 2018 on sn-devel-144
Andreas Schneider [Tue, 15 May 2018 15:55:22 +0000 (17:55 +0200)]
s4:ntvfs: Fix string copy of share_name
../source4/ntvfs/ipc/rap_server.c:70:3: error: ‘strncpy’ specified bound 13 equals destination size [-Werror=stringop-truncation]
strncpy((char *)r->out.info[j].info1.share_name,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
snames[i],
~~~~~~~~~~
sizeof(r->out.info[0].info1.share_name));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Tue, 8 May 2018 07:31:51 +0000 (09:31 +0200)]
lib:util: Fix size types in debug.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 9 May 2018 15:52:19 +0000 (17:52 +0200)]
lib:util: Fix parameter aliasing in tfork test
../lib/util/tests/tfork.c:483:24: error: passing argument 1 to
restrict-qualified parameter aliases with argument 4 [-Werror=restrict]
ret = pthread_create(&threads[i],
^~~~~~~~~~~
../lib/util/tests/tfork.c:486:10:
(void *)&threads[i]);
~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 9 May 2018 16:07:47 +0000 (18:07 +0200)]
s3:winbind: Fix uninitialzed variable warning
Raised by GCC8.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 9 May 2018 16:05:01 +0000 (18:05 +0200)]
s3:passdb: Fix size of ascii_p16
../source3/passdb/pdb_smbpasswd.c: In function ‘mod_smbfilepwd_entry’:
../source3/passdb/pdb_smbpasswd.c:1015:7: error: ‘:LCT-’ directive
output may be truncated writing 5 bytes into a region of size between 0
and 255 [-Werror=format-truncat ion=]
"%s:LCT-%08X:",
^~~~~
../source3/passdb/pdb_smbpasswd.c:1015:4: note: using the range [0,
4294967295] for directive argument
"%s:LCT-%08X:",
^~~~~~~~~~~~~~
In file included from ../source3/include/includes.h:23,
from ../source3/passdb/pdb_smbpasswd.c:23:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output
between 15 and 270 bytes into a destination of size 255
#define slprintf snprintf
../source3/passdb/pdb_smbpasswd.c:1013:3: note: in expansion of macro ‘slprintf’
slprintf(&ascii_p16[strlen(ascii_p16)],
^~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 9 May 2018 15:29:39 +0000 (17:29 +0200)]
s3:lib: Use memcpy() in escape_ldap_string()
../source3/lib/ldap_escape.c: In function ‘escape_ldap_string’:
../source3/lib/ldap_escape.c:79:4: error: ‘strncpy’ output truncated
before terminating nul copying 3 bytes from a string of the same length
[-Werror=stringop-truncation]
strncpy (p, sub, 3);
^~~~~~~~~~~~~~~~~~~
We concatenat and do not care about NUL-termination till the loop has
finished.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 9 May 2018 15:35:45 +0000 (17:35 +0200)]
s4:torture: Use strlcpy() in gen_name()
../source4/torture/basic/mangle_test.c: In function ‘gen_name’:
../source4/torture/basic/mangle_test.c:148:3: error: ‘strncpy’ output
truncated before terminating nul copying 5 bytes from a string of the
same length [-Werror=stringop-truncation]
strncpy(p, "ABCDE", 5);
^~~~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Tue, 8 May 2018 07:22:00 +0000 (09:22 +0200)]
lib:util: Fix string check in mkdir_p()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Tue, 8 May 2018 12:13:56 +0000 (14:13 +0200)]
s3-utils: fix format-truncation in smbpasswd
../source3/utils/smbpasswd.c: In function ‘process_root’:
../source3/utils/smbpasswd.c:414:37: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:414:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^~~~~~~~
../source3/utils/smbpasswd.c:397:35: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:397:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Tue, 8 May 2018 11:54:53 +0000 (13:54 +0200)]
s4-torture: fix format-truncation warning in smb2 session tests.
../source4/torture/smb2/session.c: In function ‘test_session_reauth5’:
../source4/torture/smb2/session.c:645:36: error: ‘\file.dat’ directive output may be truncated writing 9 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~
../source4/torture/smb2/session.c:645:2: note: ‘snprintf’ output between 10 and 265 bytes into a destination of size 256
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/torture/smb2/session.c:696:38: error: ‘\file2.dat’ directive output may be truncated writing 10 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~
../source4/torture/smb2/session.c:696:2: note: ‘snprintf’ output between 11 and 266 bytes into a destination of size 256
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Tue, 8 May 2018 11:46:11 +0000 (13:46 +0200)]
s3-printing: fix format-truncation in print_queue_update()
../source3/printing/printing.c: In function ‘print_queue_update’:
../source3/printing/printing.c:1809:42: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 244 [-Werror=format-truncation=]
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
^~ ~~~~~~~~~
../source3/printing/printing.c:1809:2: note: ‘snprintf’ output between 13 and 268 bytes into a destination of size 256
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Tue, 8 May 2018 09:19:42 +0000 (11:19 +0200)]
s3-winbindd: remove unused fill_domain_username()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Tue, 8 May 2018 09:18:56 +0000 (11:18 +0200)]
s3-winbindd: use fill_domain_username_talloc() in winbind.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 16 May 2018 12:06:36 +0000 (14:06 +0200)]
s3:winbind: Check if we have an open file descriptor
Found by Coverity.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 16 May 2018 09:59:09 +0000 (11:59 +0200)]
s3:winbind: Add sanity check when closing fd
Found by Coverity.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Thu, 17 May 2018 09:53:18 +0000 (11:53 +0200)]
s3:utils: Do not segfault on error in DoDNSUpdate()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13440
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu May 17 17:28:28 CEST 2018 on sn-devel-144
Andrew Bartlett [Wed, 16 May 2018 18:37:28 +0000 (06:37 +1200)]
FIXUP: Improve memory handling on py_net_change_password
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Thu May 17 14:28:19 CEST 2018 on sn-devel-144
Noel Power [Wed, 16 May 2018 15:51:34 +0000 (16:51 +0100)]
python/samba/netcmd: net.change_password should be passed string
password param which in python2 (is str) is incorrectly encoded
before passing to net.change_password.
python2 - password is either unicode or str, if str we should
decode to get unicode (and then pass to net.change_password).
python3 - password is either str or bytes, if bytes then decode
(and pass as 'str' to net.change_password).
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Wed, 16 May 2018 15:46:41 +0000 (16:46 +0100)]
s4/libnet: Allow passwords containing non ascii characters to be passed
Although we can pass unicode to py_net_change_password unfortunately in
Python2 unicode strings are encoded with the default encoding (e.g. ascii)
when extracting the unicode string to buffer.
In Python3 the default encoding for "s" format is utf8. Use the "es"
format instead of "s" so we can specify the encoding so behaviour is
correct in py2/py3.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Tue, 15 May 2018 17:27:23 +0000 (18:27 +0100)]
testprogs/blackbox: Add test to set and use password with non-ascii
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Mon, 14 May 2018 12:38:20 +0000 (13:38 +0100)]
python/samba: Fix incorrect encode of password
In python2 you can encode a 'str' type which doesn't really make sense
since it is already bytes (as such). In python3 this isn't possible you
can't encode bytes or decode strings. Also because you can call encode
on 'str' in python2 it tries to to what you wanted and it implicity
calls decode('ascii') before performing the encode. This is why we get
mention of ascii codec in the error. This patch should future proof for
python3 also.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13435
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Mon, 14 May 2018 12:48:18 +0000 (13:48 +0100)]
s4/setup/tests: Add test for non ascii password setting samba-tool
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13435
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Wed, 2 May 2018 19:19:08 +0000 (21:19 +0200)]
winbindd: Remove an unused function prototype
This has been moved to async in 2009
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu May 17 11:30:18 CEST 2018 on sn-devel-144
Volker Lendecke [Wed, 2 May 2018 19:23:49 +0000 (21:23 +0200)]
winbindd: Make "request_error()" static to winbindd.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 19:22:45 +0000 (21:22 +0200)]
winbindd: Make "request_ok()" static to winbindd.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 19:20:58 +0000 (21:20 +0200)]
winbindd: Remove the "old" non-bool dispatch table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 18:47:49 +0000 (20:47 +0200)]
winbindd: Make DOMAIN_INFO a proper async request
This has an async code path hidden inside. Expose that properly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 4 May 2018 19:19:06 +0000 (21:19 +0200)]
winbindd: winbindd_list_trusted_domains() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 18:27:43 +0000 (20:27 +0200)]
winbindd: winbindd_priv_pipe_dir() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 18:26:19 +0000 (20:26 +0200)]
winbindd: winbindd_ccache_save() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 18:23:54 +0000 (20:23 +0200)]
winbindd: winbindd_ccache_ntlm_auth() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 16:27:23 +0000 (18:27 +0200)]
winbindd: winbindd_dc_info() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 16:25:00 +0000 (18:25 +0200)]
winbindd: winbindd_netbios_name() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 14:39:20 +0000 (16:39 +0200)]
winbindd: winbindd_domain_name() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 14:38:14 +0000 (16:38 +0200)]
winbindd: winbindd_ping() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 14:36:49 +0000 (16:36 +0200)]
winbindd: winbindd_info() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 13:26:55 +0000 (15:26 +0200)]
winbindd: winbindd_interface_version() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 2 May 2018 13:26:05 +0000 (15:26 +0200)]
winbindd: Introduce "bool_dispatch_table"
This is meant to replace the synchronous "dispatch_table".
The current dispatch_table assumes that every synchronous function does
the request_ok or request_error itself. This mixes two concerns: Doing
the work and shipping the reply to the winbind client. This new dispatch
table will make it possible to centralize shipping the reply to the
client. At a later stage this will enable easier statistics on how long
request processing took precisely.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Martin Schwenke [Tue, 24 Apr 2018 05:55:11 +0000 (15:55 +1000)]
ctdb: Drop configuration file ctdbd.conf
Drop function loadconfig(), replacing uses with "load_system_config
ctdb". Drop translation of old-style configuration to new
configuration file. Drop export of debugging variables. Drop
documentation and configuration examples.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu May 17 07:03:04 CEST 2018 on sn-devel-144
Martin Schwenke [Fri, 13 Apr 2018 09:25:56 +0000 (19:25 +1000)]
ctdb-tests: Switch local daemons to use new style configuration file
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 24 Apr 2018 09:58:23 +0000 (19:58 +1000)]
ctdb-config: Add default ctdb.conf file
Install it in RPM.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 13 May 2018 05:42:31 +0000 (15:42 +1000)]
ctdb-docs: Add example configuration files
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 21 Apr 2018 08:12:53 +0000 (18:12 +1000)]
ctdb-docs: Add ctdb.conf(5) cross references and documentation tweaks
Minor updates to other manual pages for compatibility.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 13 May 2018 05:41:38 +0000 (15:41 +1000)]
ctdb-docs: Add ctdb.conf(5)
This documents the new Samba-style configuration file.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 2 May 2018 08:38:41 +0000 (18:38 +1000)]
ctdb-tests: Clean up tests to not expose script options
The tests still use the script options but the event scripts no longer
see them exported from the test infrastructure. Testing now depends
on the event scripts successfully fetching the options from the
configuration file.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
git.samba.org / gd / samba-autobuild / .git / log