Andreas Schneider [Thu, 7 Dec 2017 19:26:40 +0000 (20:26 +0100)]
heimdal: Fix size types
This fixes compilation with -Wstrict-overflow=2
Upstream pull request:
https://github.com/heimdal/heimdal/pull/354
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Swen Schillig [Tue, 6 Mar 2018 09:35:32 +0000 (10:35 +0100)]
s3: Fix possible mem leak
The call to full_path_tos() might allocate memory which needs to be free'd
once processign is done.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Thu, 15 Mar 2018 16:46:39 +0000 (16:46 +0000)]
lib:replace: Fix linking when libtirpc-devel overwrites system headers
Some systems (like SUSE currently) install the new tirpc headers by
overwritting the existing system location used by gcc. This patch will
detect if the headers in the system location belong to tirpc or not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13341
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 20 16:07:05 CET 2018 on sn-devel-144
Stefan Metzmacher [Thu, 25 Jan 2018 10:23:12 +0000 (11:23 +0100)]
pdb_samba_dsdb: make use of dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 20 01:29:40 CET 2018 on sn-devel-144
Stefan Metzmacher [Thu, 25 Jan 2018 10:23:12 +0000 (11:23 +0100)]
s4:rpc_server/lsa: make use of dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 25 Jan 2018 08:50:17 +0000 (09:50 +0100)]
libcli/security: add dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 3 Feb 2011 01:23:21 +0000 (02:23 +0100)]
s3:libsmb/samlogon_cache: zero session keys before storing the info3 structure
The samlogon_cache is only used to get group memberships of the account
without asking the dc.
But for authentication we always ask the dc.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 17:40:58 +0000 (18:40 +0100)]
s4:kdc: make sure we expand group memberships of the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 17:40:58 +0000 (18:40 +0100)]
s4:kdc: pass krbtgt and server to samba_kdc_update_pac_blob()
This will be used for SID expanding and filtering.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 10:44:21 +0000 (11:44 +0100)]
s4:kdc: remember is_krbtgt, is_rodc and is_trust samba_kdc_entry
This can later be used for sid filtering and similar things.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 2 Feb 2018 11:37:51 +0000 (12:37 +0100)]
s4:auth_winbind: make sure we expand group memberships of the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Tue, 9 Jan 2018 08:23:26 +0000 (09:23 +0100)]
s4:auth_winbind: only call authsam_logon_success_accounting() for local users
There's no need to do a crack_name_to_nt4_name(), as the authentication
already provides the nt4 domain and account names.
This should only happen on an RODC, that we use the winbind auth module
for local users. So we should make sure we only try to reset
the badPwdCount for users of our own domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 22:12:36 +0000 (23:12 +0100)]
s4:auth: add authsam_update_user_info_dc() that implements SID expanding for the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 2 Feb 2018 03:08:47 +0000 (04:08 +0100)]
s4:auth: split out a authsam_domain_group_filter() function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:46:55 +0000 (17:46 +0100)]
s4:selftest: run samba4.blackbox.trust_token against fl2003dc and fl2008r2dc
This fails currently as we don't expand groups on the trust boundary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:46:55 +0000 (17:46 +0100)]
testprogs/blackbox: add test_trust_token.sh
This demonstrates, which SID we expect in a token of
an user of a trusted domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:05:49 +0000 (17:05 +0100)]
selftest/Samba4: create add ${TRUST_DOMSID}-513 to a local group
This will allow testing expanding groups on the trust boundary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:04:00 +0000 (17:04 +0100)]
samba-tool: allow sid strings for 'group {add,remove}members'
This makes it possible to add foreign SIDS as group members.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 13:56:27 +0000 (14:56 +0100)]
selftest: generate a ramdon domain sid during provision and export as SAMSID/[TRUST_]DOMSID
This will be useful for future tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 13:19:39 +0000 (14:19 +0100)]
selftest/Samba4: use DOMAIN/REALM from the dcvars instead of using hardcoded values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 09:48:59 +0000 (10:48 +0100)]
dsdb:repl_meta_data: improve error message in get_parsed_dns()
We may have a dn in '<SID=...>' form and ldb_dn_get_linearized()
just gives in empty string.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 31 Jan 2018 17:00:24 +0000 (18:00 +0100)]
dsdb:extended_dn_store: add support for FPO (foreignSecurityPrincipal) enabled attributes
This implements the handling for FPO-enabled attributes, see
[MS-ADTS] 3.1.1.5.2.3 Special Classes and Attributes:
FPO-enabled attributes: member, msDS-MembersForAzRole,
msDS-NeverRevealGroup, msDS-NonMembers, msDS-RevealOnDemandGroup,
msDS-ServiceAccount.
Note there's no msDS-ServiceAccount in any schema (only
msDS-HostServiceAccount and that's not an FPO-enabled attribute
at least not in W2008R2)
msDS-NonMembers always generates NOT_SUPPORTED against W2008R2.
See also [MS-SAMR] 3.1.1.8.9 member.
We now create foreignSeurityPrincipal objects on the fly (as needed).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Sat, 24 Feb 2018 23:10:12 +0000 (00:10 +0100)]
tests/dsdb.py: test creation of foreignSecurityPrincipal via 'attr: <SID=...>'
[MS-ADTS] 3.1.1.5.2.3 Special Classes and Attributes claims:
FPO-enabled attributes:
member, msDS-MembersForAzRole, msDS-NeverRevealGroup,
msDS-NonMembers, msDS-RevealOnDemandGroup, msDS-ServiceAccount.
'msDS-NonMembers' always generates NOT_SUPPORTED.
'msDS-ServiceAccount' is not defined in any schema
(only msDS-HostServiceAccount).
'msDS-HostServiceAccount' is not an FPO-enabled attribute
and behaves as the 'manager' attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 22 Feb 2018 21:51:46 +0000 (22:51 +0100)]
dsdb:samldb: require as_system or provision control to create foreignSecurityPrincipal objects
Windows rejects creating foreignSecurityPrincipal objects directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 22 Feb 2018 21:51:19 +0000 (22:51 +0100)]
tests/dsdb.py: verify that foreignSecurityPrincipal objects require the provision control
Windows rejects creating foreignSecurityPrincipal objects directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 23 Feb 2018 15:04:57 +0000 (16:04 +0100)]
provision: use the provision control when adding foreignSecurityPrincipals
The next commits will require this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Sun, 25 Feb 2018 20:45:06 +0000 (21:45 +0100)]
dsdb:extended_dn_store: make sure reject storing references to deleted objects in linked attributes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Sat, 24 Feb 2018 23:10:12 +0000 (00:10 +0100)]
tests/dsdb.py: prove the difference between linked and non-linked DN references
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 09:31:21 +0000 (10:31 +0100)]
dsdb:extended_dn_store: split out a extended_replace_dn() function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 09:31:21 +0000 (10:31 +0100)]
dsdb:extended_dn_store: rename extended_replace_dn to extended_replace_callback
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 07:03:24 +0000 (08:03 +0100)]
dsdb:extended_dn_store: We need to ignore self references on add operation
We have several schema related tests, which already prove
that for the defaultObjectCategory attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 12:21:54 +0000 (13:21 +0100)]
dsdb:extended_dn_store: pass the full 'struct dsdb_attribute' to extended_store_replace()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 09:31:21 +0000 (10:31 +0100)]
dsdb:extended_dn_store: we need to pass down our altered request down on NO_SUCH_OBJECT
It's quite likely that there're more than one attribute and we may
already altered values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 07:04:58 +0000 (08:04 +0100)]
dsdb:extended_dn_store: ignore DRSUAPI_ATTID_distinguishedName attributes
We have several tests which already test that, we can avoid doing
searches at all in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 07:04:38 +0000 (08:04 +0100)]
drsuapi.idl: add DN/fpo-enabled attributes as DRSUAPI_ATTID_* values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Tue, 6 Mar 2018 22:42:54 +0000 (23:42 +0100)]
s3:auth: support AUTH_SESSION_INFO_NTLM in finalize_local_nt_token()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Tue, 6 Mar 2018 22:26:28 +0000 (23:26 +0100)]
s3:auth: make use of create_builtin_guests() in finalize_local_nt_token()
This makes the Builtin_Guests handling more dynamic,
by having a persistent storage for the memberships.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 7 Mar 2018 00:37:21 +0000 (01:37 +0100)]
s3:libnet_join: make use of create_builtin_guests()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Tue, 6 Mar 2018 21:47:42 +0000 (22:47 +0100)]
s3:passdb: add create_builtin_guests()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Mar 2018 14:04:17 +0000 (15:04 +0100)]
s3:auth: rename "guest" methods to "anonymous"
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Simo Sorce [Sun, 18 Mar 2018 18:15:30 +0000 (14:15 -0400)]
Remove dead code
Signed-off-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Mon Mar 19 20:29:28 CET 2018 on sn-devel-144
Simo Sorce [Sat, 17 Mar 2018 18:50:49 +0000 (14:50 -0400)]
Revert "Use "localhost" to be ipv6 only friendly"
This reverts commit
54548f6dde3cf74f0e90ef577a55fd720dca6d93.
Simo Sorce [Sat, 17 Mar 2018 18:07:37 +0000 (14:07 -0400)]
Use "localhost" to be ipv6 only friendly
Signed-off-by: Simo Sorce <idra@samba.org>
Jonathan Hunter [Mon, 19 Feb 2018 07:38:37 +0000 (07:38 +0000)]
Update help text for dbcheck
Update the help text for dbcheck, to make its behaviour clear (in
particular with reference to the difference between specifying "--yes"
on the command line, and answering "yes"/"all" to each individual
question)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 19 12:39:12 CET 2018 on sn-devel-144
Matt Selsky [Wed, 28 Feb 2018 06:00:04 +0000 (01:00 -0500)]
auth/kerberos: Fix typo in error message regarding fetching PAC using Heimdal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13311
Signed-off-by: Matt Selsky <matthew.selsky@twosigma.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrej Gessel [Wed, 12 Apr 2017 13:12:49 +0000 (15:12 +0200)]
bugfix memory leak. partition_dn is only used to search and compare and is not freed at the function end.
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Martin Schwenke [Thu, 15 Mar 2018 04:42:57 +0000 (15:42 +1100)]
ctdb-scripts: Drop CTDBD_CONF internal test variable
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Mar 19 07:32:22 CET 2018 on sn-devel-144
Martin Schwenke [Tue, 13 Mar 2018 05:43:44 +0000 (16:43 +1100)]
ctdb-tests: Drop unused functions
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 13 Mar 2018 05:56:44 +0000 (16:56 +1100)]
ctdb-tests: Construct values for CTDB_BASES by hand
setup_ctdb_base() and node_dir() duplicate the construction of
CTDB_BASE. Drop the use of node_dir() and construct the values for
CTDB_BASES by hand.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Mar 2018 01:32:30 +0000 (12:32 +1100)]
ctdb-tests: Use CTDB_BASE instead of node_dir
Simple test configuration is all relative to CTDB_BASE and node_dir is
redundant. Make this explicit by dropping most uses of node_dir.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Mar 2018 01:29:52 +0000 (12:29 +1100)]
ctdb-tests: Use onnode to start/stop local daemons
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:34:57 +0000 (15:34 +1100)]
ctdb-daemon: Drop ctdbd --nlist option
Tests now deviate from the compile-time default by setting CTDB_BASE.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:31:36 +0000 (15:31 +1100)]
ctdb-tools: No longer honour CTDB_NODES environment variable
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:30:37 +0000 (15:30 +1100)]
ctdb-scripts: Drop CTDB_NODES configuration option
Tests now deviate from the compile-time default by setting CTDB_BASE.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:25:34 +0000 (15:25 +1100)]
ctdb-tools: Drop testing hook from ctdb tool
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:10:45 +0000 (15:10 +1100)]
ctdb-tests: Simplify nodes file handling in tool tests
Instead of using an intermediate environment variable for nodes files,
just create "node" or "nodes.<pnn>" in CTDB_BASE. This makes the
nodes file loading in fake_ctdb slightly repetitive but simplifies the
test scripts a lot. It also remove several instance of the CTDB_NODES
variable from the code base, so it is no longer found by "git grep".
Use an empty nodes file to indicate that fake_ctdbd should fail to
read it.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:08:44 +0000 (15:08 +1100)]
ctdb-tests: Put configuration, socket and PID file in CTDB_BASE
setup_ctdb_base() makes this a convenient temporary directory.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:03:19 +0000 (15:03 +1100)]
ctdb-tests: Improve setting of helper paths
Make use of variables provided by script_install_paths.sh instead of
reinventing the logic.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 04:00:54 +0000 (15:00 +1100)]
ctdb-tests: Use setup_base() in tool unit tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 14 Mar 2018 03:00:29 +0000 (14:00 +1100)]
ctdb-tests: Drop an orphaned comment
The relevant code was removed long ago.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 9 Mar 2018 05:36:39 +0000 (16:36 +1100)]
ctdb-tools: Drop onnode CTDB_NODES_FILE environment variable
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Mar 2018 01:05:21 +0000 (12:05 +1100)]
ctdb-tests: Use default location for nodes file
Create the file and then copy it to CTDB_BASE for each node.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 20 Feb 2018 08:06:51 +0000 (19:06 +1100)]
ctdb-daemon: Drop ctdbd --public-interface option
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 20 Feb 2018 07:58:48 +0000 (18:58 +1100)]
ctdb-scripts: Drop CTDB_PUBLIC_INTERFACE configuration option
The interface must always be specified in the public addresses file.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 8 Mar 2018 04:32:52 +0000 (15:32 +1100)]
ctdb-daemon: Drop ctdbd --public-addresses option
Use the default location.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 8 Mar 2018 03:33:08 +0000 (14:33 +1100)]
ctdb-tests: Remove unused function get_ctdbd_command_line_option()
This was a bad idea.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 8 Mar 2018 04:11:51 +0000 (15:11 +1100)]
ctdb-scripts: Drop CTDB_PUBLIC_ADDRESSES configuration option
This option adds a lot of unnecessary complexity to scripts.
Configuration should go in $CTDB_BASE, either directly or via a
symlink, so simplify by using the default location.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 11 Mar 2018 21:22:57 +0000 (08:22 +1100)]
ctdb-tests: Allow tests access to CTDB_BASE
On the node where the tests are run, CTDB_BASE is always set. This
applies to local daemons too. However, when tests are being run
against a real cluster, there may be a need to access configuration
files. However, CTDB_BASE will not be set in this case.
So, provide a function to get CTDB_BASE, if set, or a real cluster
node's configuration directory, if CTDB_BASE is not set.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 23 Feb 2018 09:15:15 +0000 (20:15 +1100)]
ctdb-scripts: Drop 10.external event script
This was added for a vendor who decided not to use it. It is almost
certainly unused by anyone. If anyone really needs it then it is in
the git history.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 8 Mar 2018 04:02:38 +0000 (15:02 +1100)]
ctdb-tests: Use default public addresses file for event script tests
Just use the default location in event script tests.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Mar 2018 00:59:59 +0000 (11:59 +1100)]
ctdb-tests: Use default public addresses file in local daemon tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 6 Mar 2018 00:30:07 +0000 (11:30 +1100)]
ctdb-daemon: Provide a default location for public addresses file
If the specified file or the default does not exist then log a
warning.
This is done in the takeover code to localise the handling of the
public addresses file. Soon the daemon command-line option will go
away and the takeover code will be replaced in the not too distant
future.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 23 Feb 2018 03:54:51 +0000 (14:54 +1100)]
ctdb-tests: Don't allow simple tests to use environment for config
This was a mistake.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 23 Feb 2018 01:30:49 +0000 (12:30 +1100)]
ctdb-tests: Update some tests to use setup_ctdb() options
Don't use environment variables for test-local configuration
variations.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 23 Feb 2018 01:21:23 +0000 (12:21 +1100)]
ctdb_tests: Reconfigure the cluster when restarting CTDB
The previous test might have made configuration changes, so call
setup_ctdb() to cause the configuration to be rewritten. This is only
really useful in local daemons tests.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 23 Feb 2018 01:05:14 +0000 (12:05 +1100)]
ctdb-tests: Add some options to setup_ctdb()
These provide special-purpose setups for particular testcases.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 21 Feb 2018 10:33:49 +0000 (21:33 +1100)]
ctdb-tools: Drop ctdb --socket option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 21 Feb 2018 10:31:01 +0000 (21:31 +1100)]
ctdb-tools: Move handling of CTDB_SOCKET to process_command()
options.socket will go away in future. This moves processing of
CTDB_SOCKET close to where it is used.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 21 Feb 2018 03:58:04 +0000 (14:58 +1100)]
ctdb-daemon: Drop ctdbd --socket option
Use environment variables for test-only options.
The setenv() can be dropped because the socket location is either the
compile-time default or the already set environment variable.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 21 Feb 2018 03:57:07 +0000 (14:57 +1100)]
ctdb-scripts: Drop CTDB_SOCKET configuration option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 21 Feb 2018 03:36:52 +0000 (14:36 +1100)]
ctdb-tools: Drop a couple of unnecessary exports of CTDB_SOCKET
These were necessary because CTDB_SOCKET was not already exported via
test setup.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 21 Feb 2018 03:54:36 +0000 (14:54 +1100)]
ctdb-tests: Use environment variable for specifying socket
Use environment variables for test-only options. Don't put them in
the configuration file.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 21 Feb 2018 03:46:39 +0000 (14:46 +1100)]
ctdb-daemon: Allow CTDB_SOCKET environment variable to be used
Use environment variables for test-only options.
Switch to using a local variable. This simplifies both the logic and
the ability to later drop the command-line option.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 20 Feb 2018 11:27:04 +0000 (22:27 +1100)]
ctdb-tests: Use CTDB_SOCKET environment variable to specify socket
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 9 Mar 2018 05:27:32 +0000 (16:27 +1100)]
ctdb-tests: Drop ctdbd --event-script-dir option
Event scripts live in a standard place.
For testing, CTDB_BASE is modified.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 9 Mar 2018 05:22:33 +0000 (16:22 +1100)]
ctdb-scripts: Drop CTDB_EVENT_SCRIPT_DIR configuration option
Event scripts live in a standard place.
For testing, CTDB_BASE is modified.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Mar 2018 10:27:22 +0000 (21:27 +1100)]
ctdb-daemon: Drop ctdbd --pidfile option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Mar 2018 10:26:07 +0000 (21:26 +1100)]
ctdb-scripts: Drop CTDB_PIDFILE configuration option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 15 Mar 2018 05:28:17 +0000 (16:28 +1100)]
ctdb-ib: Drop a bit-rotted test example from the README
This hasn't worked as advertised for a long time.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Jeremy Allison [Thu, 15 Mar 2018 21:45:06 +0000 (14:45 -0700)]
s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 17 04:04:32 CET 2018 on sn-devel-144
Ralph Boehme [Fri, 16 Mar 2018 20:57:31 +0000 (21:57 +0100)]
selftest: vfs.fruit: add xattr_tdb where possible
This makes the tests indepent from fs xattr support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 16 Mar 2018 20:55:26 +0000 (21:55 +0100)]
selftest: run vfs.fruit_netatalk test against seperate share
These tests require a fs with xattr support. This allows adding
xattr_tdb to all other shares in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 15 Mar 2018 16:57:09 +0000 (09:57 -0700)]
s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 15 Mar 2018 16:54:41 +0000 (09:54 -0700)]
s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 15 Mar 2018 16:52:30 +0000 (09:52 -0700)]
s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
Not yet used, will be used to tidyup existing code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 6 Mar 2018 15:38:30 +0000 (16:38 +0100)]
libcli/security: fix some SID values in comments
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 16 19:47:15 CET 2018 on sn-devel-144
Stefan Metzmacher [Wed, 7 Mar 2018 10:19:54 +0000 (11:19 +0100)]
test_smbclient_s3.sh: force LANG=C during test_utimes()
This makes the test independent from the developers environment.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Thu, 8 Mar 2018 14:40:56 +0000 (15:40 +0100)]
wbinfo: Improve the wording for --online-status
Currently it displays if a domain is online or offline which is wrong.
It tells us if we maintain an active connection to the domain or not.
Users are confused if they read offline because the think winbind is not
functional with that domain.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 16 14:46:43 CET 2018 on sn-devel-144
Björn Baumbach [Thu, 15 Mar 2018 17:32:31 +0000 (18:32 +0100)]
ms_schema: fix python2.6 incompatibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13337
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Ralph Boehme [Wed, 7 Mar 2018 11:52:15 +0000 (12:52 +0100)]
s3: gse: use "gensec_gssapi:requested_life_time"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 16 07:48:37 CET 2018 on sn-devel-144
git.samba.org / kai / samba-autobuild / .git / log