kai/samba-autobuild/.git
16 months agopython: bulk replace dict.iteritems to items for py3
Joe Guo [Tue, 10 Apr 2018 22:32:06 +0000 (10:32 +1200)]
python: bulk replace dict.iteritems to items for py3

In py3, iterxxx methods are removed.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agopython/wscript: build grouping library for py2/py3 (--extra-python)
Noel Power [Fri, 6 Apr 2018 15:35:49 +0000 (16:35 +0100)]
python/wscript: build grouping library for py2/py3 (--extra-python)

Grouping library is not used for any delivered libraries, however
it is used internally when building local libraries used when
"make test TESTS='blah'" is invoked. Failure to provide the grouping
library results in missing symbols (and cores) when running tests

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agos3/lib/policy/wscript_build: build samba_policy lib for extra-python/py3
Noel Power [Thu, 5 Apr 2018 16:05:10 +0000 (17:05 +0100)]
s3/lib/policy/wscript_build: build samba_policy lib for extra-python/py3

pypolicy module needs appropriate samba_policy library for
extra-python/py3 therefore we need to build it for it to be available

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agos3/libnet/wscript: build samba-net lib for extra-python/py3
Noel Power [Thu, 5 Apr 2018 15:58:33 +0000 (16:58 +0100)]
s3/libnet/wscript: build samba-net lib for extra-python/py3

python_net needs to link appropriate samba-net library for extra-py/py3
version so we need to build it for extra-python/py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agos3/param/wscript: build PROVISION subsytem for extra-python/py3
Noel Power [Thu, 5 Apr 2018 15:34:12 +0000 (16:34 +0100)]
s3/param/wscript: build PROVISION subsytem for extra-python/py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agowscript_build: make sure we link extra-python versions of libraries
Noel Power [Wed, 4 Apr 2018 08:53:14 +0000 (09:53 +0100)]
wscript_build: make sure we link extra-python versions of libraries

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agopython: create test for pysmb module.
David Mulder [Fri, 9 Feb 2018 15:42:18 +0000 (08:42 -0700)]
python: create test for pysmb module.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agos4/libcli: python3 port for smb module
Noel Power [Thu, 14 Dec 2017 11:32:23 +0000 (11:32 +0000)]
s4/libcli: python3 port for smb module

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodbwrap: Fix "use mmap = no"
Volker Lendecke [Wed, 11 Apr 2018 06:01:38 +0000 (08:01 +0200)]
dbwrap: Fix "use mmap = no"

Mutexes require mmap.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Apr 12 23:04:18 CEST 2018 on sn-devel-144

16 months agotorture: Test compound request request counters
Volker Lendecke [Wed, 11 Apr 2018 13:11:10 +0000 (15:11 +0200)]
torture: Test compound request request counters

This will send an unfixed smbd into the

SMB_ASSERT(op->request_count > 0);

in smbd_smb2_request_reply_update_counts

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Apr 12 14:38:39 CEST 2018 on sn-devel-144

16 months agos3:smb2_server: correctly maintain request counters for compound requests
Stefan Metzmacher [Wed, 11 Apr 2018 10:14:59 +0000 (12:14 +0200)]
s3:smb2_server: correctly maintain request counters for compound requests

If a session expires during a compound request chain,
we exit smbd_smb2_request_dispatch() with
'return smbd_smb2_request_error(req, ...)' before
calling smbd_smb2_request_dispatch_update_counts().

As req->request_counters_updated was only reset
within smbd_smb2_request_dispatch_update_counts(),
smbd_smb2_request_reply_update_counts() was called
twice on the same request, which triggers
SMB_ASSERT(op->request_count > 0);

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
16 months agogpo: python chardet is not a dep of samba
David Mulder [Wed, 11 Apr 2018 18:45:40 +0000 (12:45 -0600)]
gpo: python chardet is not a dep of samba

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Apr 12 11:27:03 CEST 2018 on sn-devel-144

16 months agolibgpo: gpo_copy_file() shouldn't explicitly call smb1
David Mulder [Wed, 11 Apr 2018 18:40:18 +0000 (12:40 -0600)]
libgpo: gpo_copy_file() shouldn't explicitly call smb1

Don't call cli_openx directly to open a file this
calls smb1 code explicitly, which fails if we did
a multi-protocol negotiate and negotiated smb2+.
Use the higher level cli_open() instead.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoparam: Add python binding for lpcfg_cache_path
David Mulder [Tue, 10 Apr 2018 21:07:34 +0000 (15:07 -0600)]
param: Add python binding for lpcfg_cache_path

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agogpo: Create a gp_sec_ext module
David Mulder [Mon, 12 Mar 2018 15:44:38 +0000 (09:44 -0600)]
gpo: Create a gp_sec_ext module

Move the gp_sec_ext into it's own module,
which is how new gp_ext's will be created.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agogpo: Move implementation from samba_gpoupdate
David Mulder [Thu, 29 Mar 2018 14:32:02 +0000 (08:32 -0600)]
gpo: Move implementation from samba_gpoupdate

The implementation of group policy apply should
not be in the application script. One reason is
to implement user apply, we can call these
functions via the python c-api, (passing creds
via the command line will expose them via ps).
Another reason for this is if some overrides
the smb.conf "gpo update command" option, it
would be useful to have these functions.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agogpo: Create base class gp_inf_ext
David Mulder [Thu, 29 Mar 2018 14:25:05 +0000 (08:25 -0600)]
gpo: Create base class gp_inf_ext

Abstract the process of reading from an ini file,
since other extensions will be reading gpos this
way.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agogpo: Move the file parse function to gp_ext
David Mulder [Thu, 29 Mar 2018 14:05:21 +0000 (08:05 -0600)]
gpo: Move the file parse function to gp_ext

A file will always be read from the sysvol the
same way, but the data will be read differently.
This patch moves the parse function to gp_ext,
and requires subclasses to implement the read()
function to interpret the data.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agogpo: Move gp_sec_ext __init__ to base class
David Mulder [Thu, 29 Mar 2018 15:07:53 +0000 (09:07 -0600)]
gpo: Move gp_sec_ext __init__ to base class

For this class to be extensible, the constructor
should be available to subclasses.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agogpo: Rename the inf_to class to gp_ext_setter
David Mulder [Thu, 29 Mar 2018 14:00:15 +0000 (08:00 -0600)]
gpo: Rename the inf_to class to gp_ext_setter

This class will be subclassed and used for more
than just inf settings application.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoCheck "auth event notification" param in log_json
Arvid Requate [Wed, 11 Apr 2018 19:46:25 +0000 (21:46 +0200)]
Check "auth event notification" param in log_json

When Samba is compiled with JSON support it logs an error message
at log level 3 by default for every authentication event:

get_auth_event_server: Failed to find 'auth_event' registered on the
message bus to send JSON authentication events to:
NT_STATUS_OBJECT_NAME_NOT_FOUND

This patch adjusts the log_json function to consider the smb.conf
parameter "auth event notification" before calling auth_message_send.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13381

Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Apr 12 08:12:39 CEST 2018 on sn-devel-144

16 months agoldb-samba: require pid match for cached ldb
Gary Lockyer [Tue, 13 Mar 2018 03:43:54 +0000 (16:43 +1300)]
ldb-samba: require pid match for cached ldb

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agoldb_wrap: Remove the magic cache of database handles except for sam.ldb
Andrew Bartlett [Thu, 15 Mar 2018 00:44:52 +0000 (13:44 +1300)]
ldb_wrap: Remove the magic cache of database handles except for sam.ldb

sam.ldb is handled in samdb_connect_url(), not this function.

This cache caused issues when "private dir" was changed in a testing script, but also
just generates many-owner shared mutable state that is frowned upon these days.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Use talloc_get_type_abort() in schema_load_{start,end}_transaction
Andrew Bartlett [Tue, 10 Apr 2018 01:34:56 +0000 (13:34 +1200)]
dsdb: Use talloc_get_type_abort() in schema_load_{start,end}_transaction

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: ensure we take out a read lock during the dsdb_init
Andrew Bartlett [Mon, 9 Apr 2018 06:13:59 +0000 (18:13 +1200)]
dsdb: ensure we take out a read lock during the dsdb_init

We have to also take it out in the partitions code when we load the
partition backends.

This ensures that the init handlers hold a whole-db lock just as the
search code does.

To ensure the locking count in schema_load is balanced, the
private data is now created in the first lock_read() call.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Rework schema reload during the read lock
Andrew Bartlett [Wed, 11 Apr 2018 00:29:18 +0000 (12:29 +1200)]
dsdb: Rework schema reload during the read lock

Rather than refusing the reload based on making cached sequence numbers match
just load it once at the time the DB is globally locked, if required.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Load schema during the read_lock() hook, not the search
Andrew Bartlett [Tue, 10 Apr 2018 23:58:22 +0000 (11:58 +1200)]
dsdb: Load schema during the read_lock() hook, not the search

This should trigger slightly less often and is the more correct place, as
we only load it during the first lock when not in a transaction.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Allow search before init() is called in extended_dn_out
Andrew Bartlett [Tue, 10 Apr 2018 04:34:21 +0000 (16:34 +1200)]
dsdb: Allow search before init() is called in extended_dn_out

This matches the earlier check of p && p->normalise.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Move ldb_set_default_dns() into rootdse_get_private_data()
Andrew Bartlett [Mon, 9 Apr 2018 19:54:20 +0000 (07:54 +1200)]
dsdb: Move ldb_set_default_dns() into rootdse_get_private_data()

This call needs to be done at the very first chance, in this case
during the first call to the lock_read() hook, otherwise the
schema_data module can't find the schema.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Create rootdse_get_private_data()
Andrew Bartlett [Mon, 9 Apr 2018 19:58:07 +0000 (07:58 +1200)]
dsdb: Create rootdse_get_private_data()

This will get the private data on the first call, allowing that not to be
the init() hook.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agoselftest: Make a transaction before @INDEXLIST etc is checked in dsdb_schema_attribut...
Andrew Bartlett [Wed, 11 Apr 2018 00:51:49 +0000 (12:51 +1200)]
selftest: Make a transaction before @INDEXLIST etc is checked in dsdb_schema_attributes.py

This helps us remove the write to the database from the (soon to be
read locked) init code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Wait until a transaction starts to call dsdb_schema_set_indices_and_attributes()
Andrew Bartlett [Mon, 9 Apr 2018 09:59:01 +0000 (21:59 +1200)]
dsdb: Wait until a transaction starts to call dsdb_schema_set_indices_and_attributes()

This avoids starting a transaction in schema_load_init() and allows it
to operate with a read lock held, which will avoid locking issues
(deadlock detected due to lock odering if we do not have a global
read lock).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Allow search before init() call in encrypted_secrets
Andrew Bartlett [Mon, 9 Apr 2018 09:15:25 +0000 (21:15 +1200)]
dsdb: Allow search before init() call in encrypted_secrets

Simply do not decrypt anything until the init call is run.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Do not create a transaction in partition_init()
Andrew Bartlett [Mon, 9 Apr 2018 05:51:57 +0000 (17:51 +1200)]
dsdb: Do not create a transaction in partition_init()

This will allow us to lock the databases for read during all of the Samba init
hooks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Ensure to cancel the transaction if we fail to save the prefixMap
Andrew Bartlett [Mon, 9 Apr 2018 02:52:47 +0000 (14:52 +1200)]
dsdb: Ensure to cancel the transaction if we fail to save the prefixMap

This rare error case forgot to call ldb_transaction_cancel()

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agoldb_wrap: Remove ldb_transaction_cancel_noerr from ldb_wrap_fork_hook()
Andrew Bartlett [Thu, 15 Mar 2018 00:42:17 +0000 (13:42 +1300)]
ldb_wrap: Remove ldb_transaction_cancel_noerr from ldb_wrap_fork_hook()

Writing to a TDB, without locks (these are per-process) in a forked child is never going to
end well, if a transaction is open at this point we have bigger problems.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: check for dSHeuristics more carefully
Andrew Bartlett [Wed, 11 Apr 2018 10:47:03 +0000 (22:47 +1200)]
dsdb: check for dSHeuristics more carefully

This check would pass if the dSHeuristics was treated as always being
000000000 for searches which is not enough, we must check for a value
of 000000001 (userPassword enabled).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13378

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodsdb: Check for userPassword support after loading the databases
Andrew Bartlett [Wed, 11 Apr 2018 10:49:31 +0000 (22:49 +1200)]
dsdb: Check for userPassword support after loading the databases

The net result of this is only that userPassword values (which were
world readable when set) would still be visible after userPassword
started setting the main DB password.

In AD, those values become hidden once the dSHeuristics bit is set,
but Samba lost that when fixing a performance issue with
f26a2845bd42e580ddeaf0eecc9b46b823a0c6bc

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13378

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agos3: tests: Regression test to ensure we can never return a DIRECTORY attribute on...
Jeremy Allison [Wed, 11 Apr 2018 17:33:22 +0000 (10:33 -0700)]
s3: tests: Regression test to ensure we can never return a DIRECTORY attribute on a stream.

Tests streams_xattr and also streams_depot.

Inspired from a real-world test case by Andrew Walker <awalker@ixsystems.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 12 02:04:28 CEST 2018 on sn-devel-144

16 months agos3: smbd. Generic fix for incorrect reporting of stream dos attributes on a directory
Jeremy Allison [Wed, 11 Apr 2018 18:05:14 +0000 (11:05 -0700)]
s3: smbd. Generic fix for incorrect reporting of stream dos attributes on a directory

According to MS-FSA a stream name does not have
separate DOS attribute metadata, so we must return
the DOS attribute from the base filename. With one caveat,
a non-default stream name can never be a directory.

As this is common to all streams data stores, we handle
it here instead of inside all stream VFS modules.

Otherwise identical logic would have to be added to
all streams modules in their [f]get_dos_attribute_fn()
VFS calls.

Found in real-world use case by Andrew Walker <awalker@ixsystems.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
16 months agos3: vfs: vfs_streams_xattr: Don't blindly re-use the base file mode bits.
Jeremy Allison [Wed, 11 Apr 2018 15:41:00 +0000 (08:41 -0700)]
s3: vfs: vfs_streams_xattr: Don't blindly re-use the base file mode bits.

When returning the stat struct for an xattr stream,
we originally base the st_ex_mode field on the value
from the base file containing the xattr. If the base
file is a directory, it will have S_IFDIR set in st_ex_mode,
but streams can never be directories, they must be reported
as regular files.

The original code OR'ed in S_IFREG, but neglected to
AND out S_IFDIR.

Note this is not a complete to fix bug 13380 as
it doesn't fix the generic case with all streams
modules. See later fix and regression test.

Found in real-world use case by Andrew Walker <awalker@ixsystems.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
16 months agocredentials: Fix CID 1414796 Explicit null dereferenced
Volker Lendecke [Wed, 11 Apr 2018 06:27:41 +0000 (08:27 +0200)]
credentials: Fix CID 1414796 Explicit null dereferenced

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 11 21:58:00 CEST 2018 on sn-devel-144

16 months agocredentials: Fix line length
Volker Lendecke [Wed, 11 Apr 2018 06:26:33 +0000 (08:26 +0200)]
credentials: Fix line length

... just because I'll modify that line in the next commit

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agocredentials: Revert "credentials: Fix CID 1414796 Explicit null dereferenced"
Volker Lendecke [Wed, 11 Apr 2018 06:21:23 +0000 (08:21 +0200)]
credentials: Revert "credentials: Fix CID 1414796 Explicit null dereferenced"

This reverts commit 90c02ec64d0e3c860f8d6906cf849bdd2c7bcc54.

We have code to take care of password==NULL, this CID must be fixed in a
different way

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agosmbd: Fix CID 1414783 Double unlock
Volker Lendecke [Tue, 10 Apr 2018 19:27:47 +0000 (21:27 +0200)]
smbd: Fix CID 1414783 Double unlock

The loop is unnecessary, both susv4 as well as the Linux manpage
explicitly say:

> These functions shall not return an error code of [EINTR].

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agodnsrpc: Use TALLOC_FREE instead of an explicit if-statement
Volker Lendecke [Tue, 10 Apr 2018 19:18:15 +0000 (21:18 +0200)]
dnsrpc: Use TALLOC_FREE instead of an explicit if-statement

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agowinbind: Fix CID 1427625 Calling risky function
Volker Lendecke [Tue, 10 Apr 2018 19:13:37 +0000 (21:13 +0200)]
winbind: Fix CID 1427625 Calling risky function

Probably not really a problem, but we have generate_random(), so why not
use it?

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agovfs_fruit: Fix CID 1416474 Dereference null return value
Volker Lendecke [Tue, 10 Apr 2018 19:05:09 +0000 (21:05 +0200)]
vfs_fruit: Fix CID 1416474 Dereference null return value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agotevent: Fix CID 1414792 Unchecked return value
Volker Lendecke [Tue, 10 Apr 2018 18:58:11 +0000 (20:58 +0200)]
tevent: Fix CID 1414792 Unchecked return value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agorpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair
Volker Lendecke [Wed, 11 Apr 2018 08:42:21 +0000 (10:42 +0200)]
rpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13370
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 11 15:19:19 CEST 2018 on sn-devel-144

16 months agolib/util: Call log_stack_trace() in smb_panic_default()
Andrew Bartlett [Tue, 10 Apr 2018 04:37:45 +0000 (16:37 +1200)]
lib/util: Call log_stack_trace() in smb_panic_default()

This matches the AD DC with the behaviour in smbd.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 11 04:03:07 CEST 2018 on sn-devel-144

16 months agolib/util: Move log_stack_trace() to common code
Andrew Bartlett [Tue, 10 Apr 2018 04:35:07 +0000 (16:35 +1200)]
lib/util: Move log_stack_trace() to common code

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agolib/util: Log PANIC before calling pacic action just like s3
Andrew Bartlett [Tue, 10 Apr 2018 04:06:12 +0000 (16:06 +1200)]
lib/util: Log PANIC before calling pacic action just like s3

This is like the changes made in s3 by
4fa555980070d78b39711ef21d77628d26055bc2

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agos3-lib: Remove support for libexc for IRIX backtraces
Andrew Bartlett [Tue, 10 Apr 2018 03:54:10 +0000 (15:54 +1200)]
s3-lib: Remove support for libexc for IRIX backtraces

IRIX is long dead, and this code needs become_root() which is not in
the top level code.

Additionally, the check for libexc never made it into waf, so this
has been dead code since Samba 4.1.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agolibsmb: Pass "account_name/flags" through nb_getdc
Volker Lendecke [Sat, 10 Mar 2018 17:06:03 +0000 (18:06 +0100)]
libsmb: Pass "account_name/flags" through nb_getdc

Don't hardcode values that we might want to change later

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agolibsmb: Pass "account_name/flags" through prep_getdc_request
Volker Lendecke [Sat, 10 Mar 2018 17:06:03 +0000 (18:06 +0100)]
libsmb: Pass "account_name/flags" through prep_getdc_request

Don't hardcode values that we might want to change later

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agolibsmb: Introduce a helper variable
Volker Lendecke [Sat, 10 Mar 2018 17:01:08 +0000 (18:01 +0100)]
libsmb: Introduce a helper variable

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agolibsmb: Give dsgetdcname.c its own header
Volker Lendecke [Fri, 5 Jan 2018 13:21:05 +0000 (14:21 +0100)]
libsmb: Give dsgetdcname.c its own header

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agolibsmb: Give namequery.c its own header
Volker Lendecke [Sat, 10 Mar 2018 14:31:11 +0000 (15:31 +0100)]
libsmb: Give namequery.c its own header

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agolibsmb: Remove unused trustdom_cache.c
Volker Lendecke [Sat, 10 Mar 2018 14:35:43 +0000 (15:35 +0100)]
libsmb: Remove unused trustdom_cache.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agonmbd: Fix a typo
Volker Lendecke [Thu, 25 Jan 2018 13:21:22 +0000 (14:21 +0100)]
nmbd: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agonmbd: Fix a typo
Volker Lendecke [Thu, 25 Jan 2018 13:07:53 +0000 (14:07 +0100)]
nmbd: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agotdbtool: Use tdb_wipe_all in "erase" command
Volker Lendecke [Tue, 10 Apr 2018 14:58:46 +0000 (16:58 +0200)]
tdbtool: Use tdb_wipe_all in "erase" command

This is a lot quicker on large, fragmented databases. tdb_delete can
leave the freelist in a fragmented mess.

Also, it's a lot more robust: I've got a 4GB tdb file that was affected
by the problem fixed with c7211882a79. These databases have large space
at the end that is not part of any record or freelist
entry. tdb_wipe_all converts this space into a freelist entry. One
downside is that with those broken databases (which should not happen
after c7211882a79) have unallocated blocks in their file range after
this operation.

I think the speed advantage outweighs this disadvantage.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agos4:ldb/password_hash.c: improve krb5 context error message
William Brown [Tue, 10 Apr 2018 04:51:06 +0000 (14:51 +1000)]
s4:ldb/password_hash.c: improve krb5 context error message

When heimdal encounters a MIT krb5.conf that it does not understand,
it would emit an "ldb operations error". Sadly this does not help
or communicate to the administrator the root cause of the issue.

Improve the error message for when krb init fails during password_hash.c

Signed-off-by: William Brown <william@blackhats.net.au>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agos3: smbd: Unix extensions attempts to change wrong field in fchown call.
Jeremy Allison [Mon, 9 Apr 2018 16:32:23 +0000 (09:32 -0700)]
s3: smbd: Unix extensions attempts to change wrong field in fchown call.

Cut and paste error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13375

Reported-by: Rungta, Vandana <vrungta@amazon.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Apr 10 00:45:56 CEST 2018 on sn-devel-144

16 months agos3: smbd: Fix memory leak in vfswrap_getwd()
Jeremy Allison [Fri, 6 Apr 2018 20:52:52 +0000 (13:52 -0700)]
s3: smbd: Fix memory leak in vfswrap_getwd()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13372

Signed-off-by: Andrew Walker <awalker@ixsystems.com>.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Apr  9 21:48:12 CEST 2018 on sn-devel-144

16 months agos3:smb2_tcon: Add check to prevent non-DFS clients from connecting to an msdfs proxy.
Ralph Wuerthner [Thu, 29 Mar 2018 08:00:41 +0000 (10:00 +0200)]
s3:smb2_tcon: Add check to prevent non-DFS clients from connecting to an msdfs proxy.

Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr  7 05:05:22 CEST 2018 on sn-devel-144

16 months agopdb_nds: Fix CID 1273401 Unused value
Volker Lendecke [Fri, 6 Apr 2018 13:57:36 +0000 (15:57 +0200)]
pdb_nds: Fix CID 1273401 Unused value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agoidmap: Fix CID 1363261 Resource leak
Volker Lendecke [Fri, 6 Apr 2018 09:04:24 +0000 (11:04 +0200)]
idmap: Fix CID 1363261 Resource leak

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agoidmap: Use TALLOC_FREE instead of explicit code
Volker Lendecke [Fri, 6 Apr 2018 09:02:48 +0000 (11:02 +0200)]
idmap: Use TALLOC_FREE instead of explicit code

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agos4/torture: spelling fix in vfs_fruit test
Ralph Boehme [Fri, 12 Jan 2018 11:29:17 +0000 (12:29 +0100)]
s4/torture: spelling fix in vfs_fruit test

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agos4/torture: spelling fix in vfs_fruit test
Ralph Boehme [Fri, 12 Jan 2018 11:28:18 +0000 (12:28 +0100)]
s4/torture: spelling fix in vfs_fruit test

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agos4/test: fix AAPL size check
Ralph Boehme [Thu, 11 Jan 2018 11:25:49 +0000 (12:25 +0100)]
s4/test: fix AAPL size check

A recent commit changed the ModelString from "Samba" to "MacSamba".

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
16 months agowinbindd: Do not ignore domain in the LOOKUPNAME request
Christof Schmitt [Wed, 28 Feb 2018 19:05:34 +0000 (12:05 -0700)]
winbindd: Do not ignore domain in the LOOKUPNAME request

A LOOKUPNAME request with a domain and a name containing a winbind
separator character would return the result for the joined domain,
instead of the specified domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr  6 21:03:31 CEST 2018 on sn-devel-144

16 months agoAdd test for wbinfo name lookup
Christof Schmitt [Wed, 28 Feb 2018 20:10:43 +0000 (13:10 -0700)]
Add test for wbinfo name lookup

This demonstrates that wbinfo -n / --name-to-sid returns information
instead of failing the request. More specifically the query for
INVALIDDOMAIN//user returns the user SID for the joined domain, instead
of failing the request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
16 months agonsswitch: Fix wbcListGroups test
Christof Schmitt [Fri, 30 Mar 2018 21:35:03 +0000 (14:35 -0700)]
nsswitch: Fix wbcListGroups test

With an AD DC, wbcListGroups returns the users in the DOMAIN SEPARATOR
GROUPNAME format.  The test then calls wbcLookupName with the domain
name and the previous string (including domain and separator) as
username. Fix this by passing the correct username and adding some
additional checks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
16 months agonsswitch: Fix wbcListUsers test
Christof Schmitt [Fri, 30 Mar 2018 21:28:46 +0000 (14:28 -0700)]
nsswitch: Fix wbcListUsers test

With an AD DC, wbcListUsers returns the users in the DOMAIN SEPARATOR
USERNAME format.  The test then calls wbcLookupName with the domain name
and the previous string (including domain and separator) as username.
Fix this by passing the correct username and adding some additional
checks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
16 months agotest_smbclient_s3.sh: Use correct separator in "list with backup privilege" test
Christof Schmitt [Fri, 16 Mar 2018 20:52:14 +0000 (13:52 -0700)]
test_smbclient_s3.sh: Use correct separator in "list with backup privilege" test

Samba selftest uses the forward slash as winbind separator and in the
USERNAME passed to the test. "net sam rights" expect the backslash. Map
the separator used in selftest to a backslash to avoid creating an
incorrect username DOMAIN\DOMAIN/USERNAME.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
16 months agoldb: Fix trailing whitespace
Volker Lendecke [Fri, 6 Apr 2018 11:42:35 +0000 (13:42 +0200)]
ldb: Fix trailing whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Apr  6 17:57:04 CEST 2018 on sn-devel-144

16 months agoldb/tests: remove lmdb.h include from test
Ralph Boehme [Fri, 6 Apr 2018 09:27:52 +0000 (11:27 +0200)]
ldb/tests: remove lmdb.h include from test

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Apr  6 14:58:48 CEST 2018 on sn-devel-144

16 months agosamba-tool: Use same method for removing trailing $ as elsewhere in the tool
Andrew Bartlett [Fri, 6 Apr 2018 04:21:15 +0000 (16:21 +1200)]
samba-tool: Use same method for removing trailing $ as elsewhere in the tool

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Apr  6 09:30:14 CEST 2018 on sn-devel-144

16 months agosamba-tool: Escape username and computername in ldb search filter
Andrew Bartlett [Fri, 6 Apr 2018 04:20:22 +0000 (16:20 +1200)]
samba-tool: Escape username and computername in ldb search filter

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agos3-mdssvc: allow build with --enable-spotlight and libtracker-sparql-2.0
Björn Baumbach [Thu, 5 Apr 2018 15:14:32 +0000 (17:14 +0200)]
s3-mdssvc: allow build with --enable-spotlight and libtracker-sparql-2.0

adds libtracker-sparql version 2.0 to configure check with pkg-config.

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodocs-xml:samba-tool.8: improve doc for computer management commands
Joe Guo [Fri, 16 Mar 2018 03:39:08 +0000 (16:39 +1300)]
docs-xml:samba-tool.8: improve doc for computer management commands

Add docs for new options:
1. --ip-address
2. --service-prinicipal-name

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agodocs-xml:samba-tool.8: document computer management commands
Björn Baumbach [Wed, 7 Mar 2018 09:15:06 +0000 (10:15 +0100)]
docs-xml:samba-tool.8: document computer management commands

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agosamba-tool: improve computer management commands
Joe Guo [Tue, 13 Mar 2018 03:47:58 +0000 (16:47 +1300)]
samba-tool: improve computer management commands

This pathch is based on Björn Baumbach's work:
1. Add `--ip-address` option for create subcommand, to allow user set DNS
A or AAAA records while creating the computer.
2. Delete above DNS records while deleting the computer.
3. Add `--service-principal-name` option for create command, to allow user
set `servicePrincipalName` while creating the computer.
4. Tests.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agotests/samba-tool: add tests for new computer management commands
Björn Baumbach [Tue, 6 Feb 2018 21:11:12 +0000 (22:11 +0100)]
tests/samba-tool: add tests for new computer management commands

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agosamba-tool: implement computer management commands
Björn Baumbach [Thu, 7 Dec 2017 20:38:28 +0000 (21:38 +0100)]
samba-tool: implement computer management commands

Usage: samba-tool computer <subcommand>

Computer management.

Available subcommands:
  create  - Create a new computer.
  delete  - Delete a computer.
  list    - List all computers.
  move    - Move a computer to an organizational unit/container.
  show    - Display a computer AD object

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
16 months agoupgradeprovision: detect and handle lmdb databases
Gary Lockyer [Wed, 21 Mar 2018 23:50:45 +0000 (12:50 +1300)]
upgradeprovision: detect and handle lmdb databases

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Apr  6 05:12:11 CEST 2018 on sn-devel-144

16 months agoldb: Unwind transaction counter if start_transaction fails
Gary Lockyer [Thu, 22 Mar 2018 22:23:39 +0000 (11:23 +1300)]
ldb: Unwind transaction counter if start_transaction fails

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
16 months agosource3: initilize_password_db after a fork.
Gary Lockyer [Tue, 20 Mar 2018 00:14:38 +0000 (13:14 +1300)]
source3: initilize_password_db after a fork.

This is required because we need a new pointer for LDB after the fork,
and with LMDB we can not longer rely on tdb_reopen_all() to do that
for us.

This can not be done in reinit_after_fork() due to the dependency loop
this would create.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agodsdb: add lmdbLevelOne as a required feature.
Gary Lockyer [Tue, 6 Feb 2018 22:10:34 +0000 (11:10 +1300)]
dsdb: add lmdbLevelOne as a required feature.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoprovision: Set @INDEXLIST first when building dummy sam.ldb
Andrew Bartlett [Thu, 22 Mar 2018 21:58:11 +0000 (10:58 +1300)]
provision: Set @INDEXLIST first when building dummy sam.ldb

The new LMDB backed will not allow normal records to be added before the @INDEXLIST
as this is what forces the GUID index mode.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
16 months agoprovision: allow provisioning of a different database backend
Gary Lockyer [Tue, 20 Mar 2018 01:38:19 +0000 (14:38 +1300)]
provision: allow provisioning of a different database backend

This sets the backendStore field in @PARTITION, depending on which
argument you set in the provision.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agopython: Add wrapper of mdb_copy that we can call from python
Gary Lockyer [Wed, 4 Apr 2018 04:17:51 +0000 (16:17 +1200)]
python: Add wrapper of mdb_copy that we can call from python

This is like the use of tdbbackup for tdb files.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoldb tests: add cmocka tests of kv operations
Gary Lockyer [Mon, 19 Mar 2018 23:15:12 +0000 (12:15 +1300)]
ldb tests: add cmocka tests of kv operations

Add tests for the behaviour the ldb layer expects the key value layer to
provide.  This should make it easier to add another KV store

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoldb_tdb: ltdb_tdb_delete require active transaction
Gary Lockyer [Wed, 14 Mar 2018 22:37:06 +0000 (11:37 +1300)]
ldb_tdb: ltdb_tdb_delete require active transaction

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoldb_tdb: ltdb_tdb_store require active transaction
Gary Lockyer [Wed, 14 Mar 2018 22:36:33 +0000 (11:36 +1300)]
ldb_tdb: ltdb_tdb_store require active transaction

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoldb_tdb: ltdb_tdb_parse_record map tdb error codes
Gary Lockyer [Wed, 14 Mar 2018 22:33:32 +0000 (11:33 +1300)]
ldb_tdb: ltdb_tdb_parse_record map tdb error codes

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
16 months agoldb tests: ldb_mod_op_test use correct ldb to create dn
Gary Lockyer [Mon, 19 Mar 2018 22:20:35 +0000 (11:20 +1300)]
ldb tests: ldb_mod_op_test use correct ldb to create dn

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>