HEIMDAL:kdc: reset e_text after successful pre-auth verification

This is already fixed in upstream heimdal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

HEIMDAL:lib/krb5: allow predefined PAC_{LOGON_NAME,PRIVSVR_CHECKSUM,SERVER_CHECKSUM} elements in _krb5_pac_sign()

A caller may want to specify an explicit order of PAC elements,
e.g. the PAC_UPN_DNS_INFO element should be placed after the PAC_LOGON_NAME
element.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is commit 7cd40a610569d5e54ebe323672794fb6415b5dac in heimdal master.

s4:torture/remote_pac: verify the order of PAC elements

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

auth/credentials: also do a shallow copy of the krb5_ccache.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tevent: Add overflow protection to tevent_req_create

This adds 40 bytes, but they are needed for correctness :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jul 22 23:33:57 CEST 2016 on sn-devel-144

tevent: Save 140 bytes of .text in tevent_req_create

This is one of or hottest code paths, I think every bit counts here.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

tevent: Save 32 bytes of .text in tevent_req_create

This is one of or hottest code paths, I think every bit counts here.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

build: Add hints on what libraries to install for gpgme support on failure

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 22 19:51:09 CEST 2016 on sn-devel-144

WHATSNEW: recomment python-crypto and python-m2crypto

They're used for some samba-tool commands.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

WHATSNEW: add 'Password sync as active directory domain controller'

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

s4:torture/ndr: Add supplementalCredentials blob from Samba with the new SambaGPG blob

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

python:samba/tests: use 'samba-tool user {getpassword,syncpasswords}' with --decrypt-samba-gpg

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

selftest:Samba4: configure "password hash gpg key ids" for ad_dc (if available)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

s4:selftest: run samba.tests.samba_tool.user also against ad_dc:local

In future ad_dc_ntvfs and ad_dc will differ regarding the Primary:SambaGPG
password feature. So we should test both.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

selftest:gnupg: add a gpg key for Samba Selftest <selftest@samba.example.com>

This key doesn't have a passphrase and allows automatic testing
of decryption.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

samba-tool: add --decrypt-samba-gpg support to 'user getpasswords' and 'user syncpasswords'

This get's the cleartext passwords by decrypting
the 'Primary:SambaGPG' value in order to provide the
virtual attributes: virtualClearTextUTF16, virtualClearTextUTF8,
virtualCryptSHA256, virtualCryptSHA512, virtualSSHA

The virtual attribute virtualSambaGPG provides the raw
(encrypted) value of the 'Primary:SambaGPG' value.

See the "password hash gpg key ids" option for the encryption part
of this feature.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

s4:dsdb/samdb: optionally store package_PrimarySambaGPGBlob in supplementalCredentials

It's important that Primary:SambaGPG is added as the last element.
This is the indication that it matches the current password.
When a password change happens on a Windows DC,
it will keep the old Primary:SambaGPG value, but as the first element.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

drsblobs.idl: add package_PrimarySambaGPGBlob

This will be used to store the cleartext utf16 password
GPG encrypted in the supplementalCredentials attribute.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

s4:dsdb/samdb: add configure checks for libgpgme

This will be used to store the cleartext utf16 password
GPG encrypted as 'Primary:SambaGPG' in the
supplementalCredentials attribute.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

docs-xml/smbdotconf: reference "unix password sync" with "password hash gpg key ids"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

docs-xml/smbdotconf: add "password hash gpg key ids" option

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

.travis.yml: install libgpgme11-dev python[3]-gpgme

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

docs-xml/smbdotconf: reference "unix password sync" with "samba-tool user syncpasswords"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

docs-xml:samba-tool.8: document "user syncpasswords" command

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

python:samba/tests: add simple 'samba-tool user syncpasswords' test

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

samba-tool: add 'user syncpasswords' command

This provides an easy way to keep passwords in sync with
another account database, e.g. an OpenLDAP server.

It provides a functionality like the "passwd program"
for the "unix password sync" feature of a standalone, member
and classic (NT4) server, but for an active directory domain
controller.

The provided script is called for each account/password related
change.

Like the 'user getpassword' command it allows virtual attributes like:
virtualClearTextUTF16, virtualClearTextUTF8,
virtualCryptSHA256, virtualCryptSHA512, virtualSSHA

Note that this command should just run on a single domain controller
(typically the PDC-emulator).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

docs-xml:samba-tool.8: document "user getpassword" command

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

python:samba/tests: verify the packages order in supplementalCredentials

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

python:samba/tests: add simple 'samba-tool user getpassword' test

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

samba-tool: add 'user getpassword' command

This provides an easy way to get the passwords of a user
including the cleartext passwords (if stored) and derived
hashes. This is done by providing virtual attributes like:
virtualClearTextUTF16, virtualClearTextUTF8,
virtualCryptSHA256, virtualCryptSHA512, virtualSSHA

This is much easier than using ldbsearch and manually parsing
the supplementalCredentials attribute.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

pycredentials: add set_utf16_[old_]password()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

pycredentials: add {get,set}_old_password()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

WHATNEW: the default for "ntlm auth" is "no"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

selftest: don't allow ntlmv1 for 'nt4_member' and 'ad_member'

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

docs-xml:smbdotconf: default "ntlm auth" to "no"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

selftest: set "ntlm auth = yes" for now as a lot of tests rely on it

In future we should use a mix of environments some which support ntlmv1
and some without.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:selftest: run smbclient_auth with a few more combinations

E.g. we try lanman, ntlmv1 and ntlmv2 authentication.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: add 'as user' to the test names in test_smbclient_auth.sh

We already have 'as anon', having an indication for each case makes it
easier to mark some as knownfail.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:ntlm_auth: call fault_setup() in order to get usefull backtraces

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

WHATSNEW. Add text for Open File Description (OFD) locks.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jul 22 14:13:52 CEST 2016 on sn-devel-144

WHATSNEW: SMB 2.1 leases enabled by default

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: Enable leases by default

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4: torture: Don't crash if connections fail and treeXX variables are left as NULL.

Correctly log as torture fail.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

ctdb-pcp-pmda: Reimplement using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jul 22 10:31:57 CEST 2016 on sn-devel-144

ctdb-tests: Add torture test for fetch functions

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Remove unused tests code

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Rename ctdb_porting_tests to porting_tests

and create unit test for it.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Rename ctdb_lock_tdb to lock_tdb

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Convert rb_test into a unit test

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_update_record_persistent with update_record_persistent

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_update_record with update_record using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_transaction with transaction_loop using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_fetch_readonly_loop with fetch_readonly_loop using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_fetch_readonly_once with fetch_readonly using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_fetch_one with fetch_loop using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_fetch with fetch_ring using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Replace ctdb_bench with message_ring using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Add torture test for g_lock functions

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Common code to process commandline options

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Common code to wait for synchronization across cluster

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

WHATSNEW: Add the update for the samba kcc

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Jul 21 10:17:52 CEST 2016 on sn-devel-144

samba_kcc: Enable the python samba_kcc

For any reasonably large domain, the old KCC is impractical as the dense
mesh topology causes replication pulses.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

kcc: correct a typo in the debug messages

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dbcheck: Add a rule regarding replica locations

This fixes any RW DCs with repsFrom without the corresponding link. On
any RODC, this just reports an error (and doesn't fix it).

(the knownfail entry is also now removed)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dbcheck/release-4-1-0rc3: Add a check regarding replica locations

This DC has repsFrom for the DNS partitions, but not the corresponding
link. This ensures that dbcheck has fixed them up. This will currently
fail without the actual changes to dbcheck coming in the following
commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

join.py: Don't add replica locations without the backend

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

join.py: Add Replica-Locations for DomainDNS and ForestDNS

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

join.py: Ensure that all expressions are escaped

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dbcheck: Replica locations can now be leftover

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

kcc: Make more fault tolerant on DC demotion

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

samba_kcc: match translate connection from old KCC for RWDC

This makes it so that repsTo are always regenerated on the target DCs.
This also happens elsewhere in drepl_out, but is to be removed.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

samba_kcc: match translate connection from old KCC for RODC

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

kcc: Prevent the KCC from doing work on the RODC

This should never have done any real work, new code or not. This just removes
the initial KCC calls and bails out in the KCC if we actually ran it.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

selftest: Add more information when KCC fails

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

kcc: Make debug more scarce

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

drepl: Fix a typo

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

WHATSNEW: Samba-tool speed-up

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

ctdb-tests: Add shellcheck test suite

CTDB has a lot of scripts and shellcheck can be useful to find dubious
scripting practices.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Jul 21 06:06:49 CEST 2016 on sn-devel-144

ctdb-tests: Add new test support script for script install paths

This helps unit tests locate CTDB's scripts.  It is being created to
support some new shellcheck unit tests.

Hopefully, it can also be used to simplify some of the symlink
complexity in some other unit tests suites, such as eventscripts.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2006 (legacy `..`)

SC2006: Use $(..) instead of legacy `..`.

Make the obvious changes to $(...) but convert some to $((...)).

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2124 (string=array)

SC2124: Assigning an array to a string!
        Assign as array, or use * instead of @ to concatenate.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2155 (declare, assign)

SC2155: Declare and assign separately to avoid masking return values.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2059 ($ in printf format)

SC2059: Don't use variables in the printf format string.
        Use printf "..%s.." "$foo".

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid chellcheck warning SC2012 (ls for file list)

SC2012: Use find instead of ls to better handle non-alphanumeric filenames.

Make this cope better with unexpected whitespace.

Unfortunately, this results in shellcheck warning:

  SC2035: Use ./*.tdb.* so names with dashes won't become options.

No!  Then stat(1) will print ./file.tdb.X.  We want the basenames and
we know the filenames don't start with dashes.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2012 (ls for file list)

SC2012: Use find instead of ls to better handle non-alphanumeric filenames.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2038 (find without -print0)

SC2038: Use -print0/-0 or -exec + to allow for non-alphanumeric filenames.

The suggested options aren't POSIX-compliant.  This is more portable.

Base filenames can't have whitespace so rework to avoid problems with
whitespace in directory name.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2039 (non-portable ulimit options)

SC2039: In POSIX sh, ulimit -c/-n is not supported.

Have shellcheck suppress the warnings.  If -n is not supported then
don't set CTDB_MAX_OPEN_FILES.  If packaging for a platform where -c
is not supported then remove this code and associated documentation.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2039 (test -nt operator)

SC2039: In POSIX sh, -nt is not supported.

This script is specific to the Linux NFS implementation.  The -nt
operator is well supported in Linux shells (e.g. dash, bash, ksh).
The alternatives (e.g. using stat(1)) would result in less readable
code.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2094 (read/write same file)

SC2094: Make sure not to read and write the same file in the same pipeline.

The semantics here are unclear, so use a separate flock file in each
case for clarity.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2039 (echo -n)

SC2039: In POSIX sh, echo flags are not supported.

echo -n is well supported but the changes are simple.

Improve some logic, replace some instances with printf.  Who knew
printf was in POSIX?

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2039 (type command)

SC2039: In POSIX sh, 'type' is not supported.

type is commonly supported and is more portable than which(1).

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2015 (A && B || C)

SC2015: Note that A && B || C is not if-then-else. C may run when A is
true.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warnings SC2119, SC2120 (function arguments)

SC2119: Use FUNC "$@" if function's $1 should meanscript's $1.
SC2120: FUNC references arguments, but none are ever passed.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2002 (useless cat)

SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2017 (arithmetic precision)

SC2017: Increase precision by replacing a/b*c with a*c/b.

This code intentionally rounds to an even value.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC1004 (backslash in quotes)

SC1004: You don't break lines with \ in single quotes, it results in
literal backslash-linefeed.

These don't hurt, since awk can cope with the continuations.  However,
they don't add anything.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2154 (unassigned variables)

SC2154: VAR is referenced but not assigned.

Change ctdb_setup_service_state_dir(), ctdb_get_pnn() and
ctdb_get_ip_address() to print the value so it can be assigned to a
variable.  The performance gain from avoiding the sub-shells when
calling these functions is close to zero.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warnings SC2046, SC2086 (double-quoting)

SC2046: Quote this to prevent word splitting.
SC2086: Double quote to prevent globbing and word splitting.

Add some quoting where it makes sense.  Use shellcheck directives for
false-positives.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2034 (unused variables)

SC2034: VAR appears unused. Verify it or export it.

Drop some variables that are unnecessarily used.  Use shellcheck
directive for false-positives.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Avoid shellcheck warning SC2004 ($ in arithmetic)

SC2004: $/${} is unnecessary on arithmetic variables.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>