Günther Deschner [Mon, 12 Sep 2016 15:55:37 +0000 (17:55 +0200)]
s3-spoolss: fix winreg_printer_ver_to_qword
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12285
We were reporting the OS minor number as the driver version number in all
GetDriver/EnumDriver calls.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a9a1a16cc8b87a84cdfa049ebd26bf4eac1b3618)
Andreas Schneider [Tue, 20 Sep 2016 11:26:52 +0000 (13:26 +0200)]
nsswitch: Also set h_errnop for nss_wins functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12269
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jim McDonough <jmcd@samba.org>
(cherry picked from commit
382345126c56e26d3dbc319f1c7c1dae3c4fafc9)
Andreas Schneider [Mon, 19 Sep 2016 14:17:11 +0000 (16:17 +0200)]
nsswitch: Add missing arguments to wins gethostbyname*
The errno pointer argument is missing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12269
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Jim McDonough <jmcd@samba.org>
(cherry picked from commit
124ae4e861f048fe015bff32ace4abff4d3e6c62)
Ralph Boehme [Wed, 14 Sep 2016 10:52:48 +0000 (12:52 +0200)]
s3/smbd: set FILE_ATTRIBUTE_DIRECTORY as necessary
Some VFS modules like GPFS will always return success from
SMB_VFS_GET_DOS_ATTRIBUTES() but only set a subset of the attributes. It
neither sets FILE_ATTRIBUTE_NORMAL nor FILE_ATTRIBUTE_DIRECTORY.
We already handle the case that the VFS stack returns with result==0 and
then add the FILE_ATTRIBUTE_NORMAL, regardless of the type of the
filesystem object. If we want to handle result==0 situation in the
SMB_VFS_GET_DOS_ATTRIBUTES() caller, then do it right by either setting
FILE_ATTRIBUTE_NORMAL or FILE_ATTRIBUTE_DIRECTORY.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12261
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 16 00:34:43 CEST 2016 on sn-devel-144
(cherry picked from commit
2a2ac63975b8ff41ede8e93ef2b33148c89f185f)
Volker Lendecke [Mon, 19 Sep 2016 21:29:21 +0000 (14:29 -0700)]
gencache: Bail out of stabilize if we can not get the allrecord lock
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12045
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Sep 20 04:09:33 CEST 2016 on sn-devel-144
(cherry picked from commit
b208499960eefef02d305a3bd59b03a7c2aafcac)
Karolin Seeger [Thu, 22 Sep 2016 06:47:21 +0000 (08:47 +0200)]
Revert "script/release.sh: use 8 byte gpg key ids"
This reverts commit
28d82306b720487ab93474171d91d318afff7b78.
Karolin Seeger [Wed, 21 Sep 2016 10:07:18 +0000 (12:07 +0200)]
VERSION: VERSION: Bump version up to 4.4.7...
and re-enable git snapshots.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 21 Sep 2016 10:06:07 +0000 (12:06 +0200)]
VERSION: Disable git snapshots for the 4.4.6 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 21 Sep 2016 10:04:28 +0000 (12:04 +0200)]
WHATSNEW: Add release notes for Samba 4.4.6.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Amitay Isaacs [Mon, 19 Sep 2016 04:59:06 +0000 (14:59 +1000)]
ctdb-recovery-helper: Add missing initialisation of ban_credits
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12275
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
6b93b57921fad40cb3601888154c2f73a75fd590)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Wed Sep 21 14:45:44 CEST 2016 on sn-devel-144
Jeremy Allison [Mon, 19 Sep 2016 18:47:22 +0000 (11:47 -0700)]
lib: poll_funcs : poll_funcs_context_slot_find can select the wrong slot to replace.
Look for an exact match first, before a free slot.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12272
Back-port from
085542fc93b3c603e8cda6e481e94d5fe2dfc669
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 19 Sep 2016 18:42:05 +0000 (11:42 -0700)]
lib/poll_funcs: free contexts in poll_funcs_state_destructor()
This ensures the destructors get called in the proper order.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12272
Back-port from
c132b78c484c14d255a98567e90b934b73ebf8c2
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 26 Aug 2016 08:04:53 +0000 (10:04 +0200)]
vfs_acl_xattr|tdb: enforced settings when ignore system acls=yes
When "ignore system acls" is set to "yes, we need to ensure filesystem
permission always grant access so that when doing our own access checks
we don't run into situations where we grant access but the filesystem
doesn't.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 31 18:41:20 CEST 2016 on sn-devel-144
(cherry picked from commit
b72287514cc78c9019db7385af4c9b9d94f60894)
Ralph Boehme [Fri, 26 Aug 2016 08:22:37 +0000 (10:22 +0200)]
docs: document vfs_acl_xattr|tdb enforced settings
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
cbe8f0d63b90e4380da35e9f9f5a05d8ccc2058b)
Ralph Boehme [Sat, 27 Aug 2016 08:11:14 +0000 (10:11 +0200)]
vfs_acl_common: use DBG_LEVEL and remove function prefixes in DEBUG statements
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
11dddd59aa01195152199443bc26e3141f162c8f)
Ralph Boehme [Thu, 25 Aug 2016 14:30:24 +0000 (16:30 +0200)]
s4/torture: tests for vfs_acl_xattr default ACL styles
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
946b93d0e3f6f23fa2325d7aaba4dc6f4cc17cb6)
Ralph Boehme [Thu, 25 Aug 2016 05:45:34 +0000 (07:45 +0200)]
vfs_acl_common: Windows style default ACL
Reintroduce Windows style default ACL, but this time as an optional
feature, not changing default behaviour.
Original bugreport that got reverted because it changed the default
behaviour: https://bugzilla.samba.org/show_bug.cgi?id=12028
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
0730cb7e1ce33dbc5fc48a7363204c1220400c68)
Ralph Boehme [Wed, 24 Aug 2016 18:31:00 +0000 (20:31 +0200)]
vfs_acl_xattr|tdb: add option to control default ACL style
Existing behaviour is "posix" style. Next commit will (re)add the
"windows" style. This commit doesn't change behaviour in any way.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
26a9867ae1a9c69659252ce03c280c7c18a6c58f)
Ralph Boehme [Wed, 24 Aug 2016 08:43:47 +0000 (10:43 +0200)]
vfs_acl_common: check for ignore_system_acls before fetching filesystem ACL
If ignore_system_acls is set and we're synthesizing a default ACL, we
were fetching the filesystem ACL just to free it again. This change
avoids this.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
f46179ef7310959af095b0ea6234df7523d15457)
Ralph Boehme [Wed, 24 Aug 2016 08:30:15 +0000 (10:30 +0200)]
vfs_acl_common: move stat stuff to a helper function
Will be reused in the next commit when moving the
make_default_filesystem_acl() stuff to a different place.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
10959698e20de381beec7ab532c8bdc32fa6401c)
Ralph Boehme [Wed, 24 Aug 2016 08:01:17 +0000 (10:01 +0200)]
vfs_acl_tdb|xattr: use a config handle
Better for performance and a subsequent commit will add one more option
where this will pay off.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
61c3d2124fb1a180fae4c8c0b5ab5b32bd56c8ad)
Ralph Boehme [Tue, 23 Aug 2016 20:32:57 +0000 (22:32 +0200)]
vfs_acl_common: move the ACL blob validation to a helper function
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
0de5a128cee90694979d074c2590ddbca0071e82)
Ralph Boehme [Tue, 23 Aug 2016 15:07:20 +0000 (17:07 +0200)]
vfs_acl_common: simplify ACL logic, cleanup and talloc hierarchy
No change in behaviour (hopefully! :-). This paves the way for moving
the ACL blob validation to a helper function in the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
335527c647331148927feea2a7ae2f2c88986bc6)
Ralph Boehme [Tue, 23 Aug 2016 11:14:50 +0000 (13:14 +0200)]
vfs_acl_common: remove redundant NULL assignment
The variables are already set to NULL by TALLOC_FREE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
e6f1254a00a6bf85b8d95bfbafef7d3e39ce1dde)
Ralph Boehme [Tue, 23 Aug 2016 11:11:24 +0000 (13:11 +0200)]
vfs_acl_common: rename pdesc_next to psd_fs
In most realistic cases the "next" VFS op will return the permissions
from the filesystem. This rename makes it explicit where the SD is
originating from. No change in behaviour.
This just paves the way for a later change that will simplify the whole
logic and talloc hierarchy.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
9f79084f166208820f586c8e43e1e315d32cd5ce)
Ralph Boehme [Tue, 23 Aug 2016 11:08:12 +0000 (13:08 +0200)]
vfs_acl_common: rename psd to psd_blob in get_nt_acl_internal()
This makes it explicit where the SD is originating from. No change in
behaviour.
This just paves the way for a later change that will simplify the whole
logic and talloc hierarchy, therefor this also strictly renames the
occurences after the out label.
Logically, behind the out label, we're dealing with a variable that
points to what we're going to return, so the name psd_blob is
misleading, but I'm desperately trying to avoid logic changes in this
commit and therefor I'm just strictly renaming.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
2367eea928593f12f8914f7e7ba613b1b15516de)
Ralph Boehme [Wed, 24 Aug 2016 08:04:24 +0000 (10:04 +0200)]
Revert "vfs_acl_xattr: objects without NT ACL xattr"
This reverts commit
961c4b591bb102751079d9cc92d7aa1c37f1958c.
Subsequent commits will add the same functionality as an optional
feature.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
590b80490c00587b5a4035856891e10defb654f6)
Uri Simchoni [Wed, 24 Aug 2016 11:42:23 +0000 (14:42 +0300)]
vfs_shadow_copy: handle non-existant files and wildcards
During path checking, the vfs connectpath_fn is called to
determine the share's root, relative to the file being
queried (for example, in snapshot file this may be other
than the share's "usual" root directory). connectpath_fn
must be able to answer this question even if the path does
not exist and its parent does exist. The convention in this
case is that this refers to a yet-uncreated file under the parent
and all queries are relative to the parent.
This also serves as a workaround for the case where connectpath_fn
has to handle wildcards, as with the case of SMB1 trans2 findfirst.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 25 05:35:29 CEST 2016 on sn-devel-144
(cherry picked from commit
f41f439335efb352d03a842c370212a0af77262a)
Uri Simchoni [Tue, 23 Aug 2016 11:29:39 +0000 (14:29 +0300)]
selftest: test listing directories inside snapshots
Verify that directories are also listable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
22c3982100a1d6bf67979a0659604942ef6f11f0)
Uri Simchoni [Tue, 23 Aug 2016 11:03:30 +0000 (14:03 +0300)]
selftest: check file readability in shadow_copy2 test
Add tests which verify that a snapshot file is readable
if and only if it its metadata can be retrieved. Also
verify (in most tests) that file is retrieved from the
correct snapshot.
Together with the existing test for number of previous
versions we can stat, this test checks that we can read
those files, and also that we cannot break out of a snapshot
if wide links are not allowed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
495b8177363bf1930f3afb373ad73caac022f353)
Uri Simchoni [Tue, 23 Aug 2016 08:33:52 +0000 (11:33 +0300)]
selftest: add content to files created during shadow_copy2 test
This will allow reading them and verifying we got the right version
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
523046080dd65607eacb901d58ee3b6e54de865e)
Martin Schwenke [Thu, 18 Aug 2016 02:57:33 +0000 (12:57 +1000)]
ctdb-ipalloc: Fix cumulative takeover timeout
Commit
c40fc62642ff5ac49b75e9af49c299e33dbc9073 runs the IP allocation
algorithm after calculating the timeout offset. If the algorithm
takes a long time then there may be no attempt to release or take over
IPs.
Instead, reset the timeout just before the RELEASE_IP stage if an
early jump to IPREALLOCATED was not taken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12161
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Aug 18 12:36:37 CEST 2016 on sn-devel-144
(cherry picked from commit
626dcc9e493e2ac4fd502f75c7cb4d29f686f017)
Martin Schwenke [Fri, 27 May 2016 05:22:27 +0000 (15:22 +1000)]
ctdb-ipalloc: Use a cumulative timeout for takeover run stages
RELEASE_IP sometimes times out because killing TCP connections can
take a long time.
The aim of the takeover timeout is actually to limit the total amount
of time for an IP takeover run. So, calculate a combined timeout
offset once and use it for each of the RELEASE_IP, TAKEOVER_IP,
IPREALLOCATED stages. This gives RELEASE_IP more time to kill TCP
connections but still limits the total time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12161
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
c40fc62642ff5ac49b75e9af49c299e33dbc9073)
Volker Lendecke [Mon, 29 Aug 2016 07:58:45 +0000 (09:58 +0200)]
smbd: Reset O_NONBLOCK on open files
See the comment inline :-)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12268
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Simo <simo@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Sep 15 20:21:41 CEST 2016 on sn-devel-144
(cherry picked from commit
e69b17d603e5f09ac1e7ee05fc1f5ad67288c484)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Mon Sep 19 13:44:01 CEST 2016 on sn-devel-144
Amitay Isaacs [Thu, 23 Jun 2016 11:07:37 +0000 (21:07 +1000)]
ctdb-recovery: Terminate if recovery fails without any banning credits
In case of database recovery failure, if there are no banning credits
assigned, then the async computation is never terminated. The else
condition is missing in (max_credits >= NUM_RETRIES) check.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jun 24 09:56:23 CEST 2016 on sn-devel-144
(cherry picked from commit
600cec4d44a01391230a81efeece5155a97c8298)
Amitay Isaacs [Tue, 13 Sep 2016 06:05:14 +0000 (16:05 +1000)]
ctdb-protocol: Fix marshalling for GET_DB_SEQNUM control request
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12259
Even though database id is 32-bit, it's sent on wire as 64-bits.
The database id is the first 32-bits on the wire. This needs fixing
eventually, but for now keep the same wire format.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
bdff6255af113827340adc3da609e127503d9ba5)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Fri Sep 16 12:39:00 CEST 2016 on sn-devel-144
Ralph Boehme [Sun, 11 Sep 2016 13:35:37 +0000 (15:35 +0200)]
s3/smbd: in call_trans2qfilepathinfo call lstat when dealing with posix pathnames
This might be an info level SMB_INFO_QUERY_ALL_EAS which is not covered
by INFO_LEVEL_IS_UNIX(). If smb_fname is a symlink we would then stat it
in POSIX context.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12256
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b13b3c11054f918f18841186a6efc5dedd2ffd66)
Martin Schwenke [Thu, 8 Sep 2016 02:28:00 +0000 (12:28 +1000)]
ctdb-packaging: Fix systemd network dependency
https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ says:
network.target has very little meaning during start-up. [...]
Whether any network interfaces are already configured when it is
reached is undefined. [...]
network-online.target is a target that actively waits until the
ne[t]work is "up",
CTDB expects to be able to bind a socket to a node address and expects
interfaces for public IP addresses to exist. CTDB also doesn't expect
time to jump, so also wait until time is synchronised.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12255
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Steve French <sfrench@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Tested-by: Steve French <sfrench@samba.org>
(cherry picked from commit
35dcaadc8ebc9ec80e04f1d2eee694ebc6914a31)
Martin Schwenke [Tue, 30 Aug 2016 22:29:13 +0000 (08:29 +1000)]
ctdb-daemon: Don't steal control structure before synchronous reply
If *async_reply isn't set then the calling code will reply to the
control and free the control structure. In some places the control
structure pointer is stolen onto state before a synchronous exit due
to an error condition. The error handling then frees state and
returns an error. The calling code will access-after-free when trying
to reply to the control.
To make this easier to understand, the convention is that any
(immediate) error results in a synchronous reply to the control via an
error return code AND *async_reply not being set. In this case the
control structure pointer should never be stolen onto state. State is
never used for a synchronous reply, it is only ever used by a
callback.
Also initialise state->c to NULL so that any premature call to a
callback (e.g. in an immediate error path) is more obvious.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12180
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
9d975b860d52030a702723c70791c6a2829107c0)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Tue Sep 13 16:04:10 CEST 2016 on sn-devel-144
Martin Schwenke [Fri, 26 Aug 2016 06:38:56 +0000 (16:38 +1000)]
ctdb-daemon: Handle failure immediately, do housekeeping later
The callback should never be called before an immediate return. The
callback might reply to a control and the caller of
ctdb_event_script_callback_v() may not have assigned/stolen the
pointer to control structure into the private data. Therefore,
calling the callback can dereference an uninitialised pointer to the
control structure when attempting to reply.
An event script isn't being run until the child has been forked. So
update relevant state and set the destructor after this.
If the child can't be forked then free the state and return with an
error. The callback will not be called and the caller will process
the error correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12180
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
582518c7e89b279e34147bdb0b04b73056fac048)
Martin Schwenke [Fri, 26 Aug 2016 06:29:47 +0000 (16:29 +1000)]
ctdb-daemon: Schedule running of callback if there are no event scripts
The callback should never be called before an immediate return. The
callback might reply to a control and the caller of
ctdb_event_script_callback_v() may not have assigned/stolen the
pointer to control structure into the private data. Therefore,
calling the callback can dereference an uninitialised pointer to the
control structure when attempting to reply.
ctdb_event_script_callback_v() must succeed when there are no event
scripts. On success the caller will mark the call as asynchronous and
expect the callback to be called. Given that it can't be called
before return then it needs to be scheduled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12180
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
9076c44f35bf309b9e183bae98829f7154b93f33)
Andreas Schneider [Thu, 25 Aug 2016 12:24:08 +0000 (14:24 +0200)]
s3-util: Fix asking for username and password in smbget.
If the user specified the username in the URI with with:
smb://DOMAIN;user:secret@server/share
the tool should not prompt for the username nor the password.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12175
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
f5401ff3146aabc5fb2dac25e4856c6c3756c8f7)
Martin Schwenke [Fri, 19 Aug 2016 06:38:50 +0000 (16:38 +1000)]
ctdb-daemon: When releasing an IP, update PNN in callback
When an error occurs so an IP address is not released then the PNN in
the VNN is currently incorrectly updated.
Instead, update the PNN in the callback when the release is
successful. Also, explicitly update the PNN on redundant releases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sun Aug 21 22:45:33 CEST 2016 on sn-devel-144
(cherry picked from commit
6dc75c7d24325d2070eb7feab5399dbfda50da96)
Martin Schwenke [Fri, 19 Aug 2016 06:30:46 +0000 (16:30 +1000)]
ctdb-daemon: Rename takeover_callback_state -> release_ip_callback_state
Many years ago takeover_callback_state was used for both IP takeover
and release. Now it is only used when releasing an IP so rename it to
improve clarity.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
976a50af6f045765c7bf1961e26efc3cba17f3ba)
Martin Schwenke [Thu, 11 Aug 2016 04:07:44 +0000 (14:07 +1000)]
ctdb-daemon: Use release_ip_post() when releasing all IP addresses
This has the advantage of using common code. Also, if there was
previously a failed attempt to release the IP address as part of a
delete, then this will finish processing the delete.
Extra care needs to be taken when a VNN is actually deleted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
d2a91394f55a2e0152bf470dac2608618db13b1f)
Martin Schwenke [Thu, 11 Aug 2016 03:57:43 +0000 (13:57 +1000)]
ctdb-daemon: Factor out new function release_ip_post()
This contains the cleanup that needs to be done after an IP address is
released from an interface.
state->vnn is set to the return value from release_ip_post(), which is
either the original VNN, or NULL if it was deleted. This allows
correct handling of the in-flight flag in the destructor for state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
46c5136e4e4bd291cbb96395374c9b133f5d8ad8)
Martin Schwenke [Thu, 11 Aug 2016 03:41:12 +0000 (13:41 +1000)]
ctdb-daemon: Do not copy address for RELEASE_IP message
If there's an allocation failure then the implicit early return in
CTDB_NO_MEMORY_VOID() means that no reply is sent to the control.
ctdb_daemon_send_message() makes a copy of the data, so don't copy it
here and remove an unnecessary chance of failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
e653c8bb4a7bd712351a4ead3997c61b22c46f8d)
Martin Schwenke [Sat, 30 Jul 2016 01:12:19 +0000 (11:12 +1000)]
ctdb-daemon: Do not update the VNN state on RELEASE_IP failure
If RELEASE_IP fails then updating the VNN makes it inconsistent with
reality. Instead, log the failure and move on to the next IP
address.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
ca22373231918dab4e94cf1bab03253aadd61993)
Martin Schwenke [Sun, 7 Aug 2016 21:09:38 +0000 (07:09 +1000)]
ctdb-daemon: Try to release IP address even if interface is unknown
The "releaseip" event in 10.interface will determine the interface and
do the right thing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
509491a868ed01bfc5a970bd36eea4b01130853a)
Amitay Isaacs [Sat, 5 Mar 2016 03:05:21 +0000 (14:05 +1100)]
ctdb-takeover: Inform clients when dropping all IP addresses
CTDB releases all IPs in following cases: starting up, shutting down,
node gets banned, node does not come out of recovery for a long time.
Always inform samba when CTDB releases IP addresses.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
00b9e76904bb1108e0f06d0dba4df89394d58252)
Amitay Isaacs [Fri, 4 Mar 2016 04:04:13 +0000 (15:04 +1100)]
ctdb-takeover: Do not kill smbd processes on releasing IP
CTDB already notifies Samba with RELEASE_IP message. Samba can take
appropriate action based on that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
b8272d835d6e5186568237cd8b7a2105884c0515)
Michael Adam [Tue, 9 Aug 2016 16:25:12 +0000 (18:25 +0200)]
idmap: centrally check that unix IDs returned by the idmap backends are in range
Note: in the long run, it might be good to move this kind of
exit check (before handing the result back to the client)
to the parent winbindd code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155
Signed-off-by: Michael Adam <obnox@samba.org>
(Backported from master commit
b2bf61307cffd8ff7b6fb9852c107ab763653119.)
Michael Adam [Mon, 15 Aug 2016 21:07:33 +0000 (23:07 +0200)]
idmap: don't generally forbid id==0 from idmap_unix_id_is_in_range()
If the range allows it, then id==0 should not be forbidden.
This seems to have been taken in from idmap_ldap when the
function was originally created.
See
634cd2e0451d4388c3e3f78239495cf595368b15 .
The other backends don't seem to have had that
extra check for id == 0.
The reasoning for this change is that the range check should
apply to all cases. If the range includes the 0, then it
should be possible to get it as result. In particular,
this way, the function becomes applicable also to the
passdb backend case, e.g. in a samba4-ad-dc setup where
the Admin gets uid == 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
c21976d4b1c604699299f2c0f768c1add93b349d)
Uri Simchoni [Thu, 4 Aug 2016 11:59:23 +0000 (14:59 +0300)]
smbd: allow reading files based on FILE_EXECUTE access right
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug 18 18:58:22 CEST 2016 on sn-devel-144
(backported from commit
a6073e6130d39dac58f1e6ea9f41ec4ab34c3e29)
Uri Simchoni [Fri, 12 Aug 2016 21:19:33 +0000 (00:19 +0300)]
smbd: look only at handle readability for COPYCHUNK dest
This commits sets the stage for a change of behavior
in a later commit.
When checking FILE_READ_DATA on the COPYCHUNK dest handle,
only check the handle readability and not the extra right
that may have been added due to the FILE_EXECUTE right.
The check for FILE_READ_DATA always seemed strange for the
dest handle, which is not read. It turns out that in Windows,
this check is not done at the SMB layer, but at a lower layer
that processes the IOCTL request - the IOCTL code has bits
that specify what type of access check needs to be done.
Therefore, this lower layer is unaware of the SMB layer's
practice of granting READ access based on the FILE_EXECUTE
right, and it only checks the handle's readability.
This subtle difference has observable behavior - the
COPYCHUNK source handle can have FILE_EXECUTE right instead
of FILE_READ_DATA, but the dest handle cannot.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Aug 16 15:21:03 CEST 2016 on sn-devel-144
(cherry picked from commit
3e42b69d5e1216b6af570a09d58040d281bbbf17)
Uri Simchoni [Thu, 4 Aug 2016 10:12:58 +0000 (13:12 +0300)]
s4-smbtorture: pin copychunk exec right behavior
Add tests that show copychunk behavior when the
source and dest handles have execute right instead
of read-data right.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
5bf11f6f5b4dab4cba4b00674bcb76138fb55974)
Uri Simchoni [Mon, 15 Aug 2016 20:39:50 +0000 (23:39 +0300)]
seltest: allow opening files with arbitrary rights in smb2.ioctl tests
Separate file creation (which requires write access) from the
opening of the file for the test (which might be without write
access).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
6ce0304eda4b464972defcecd591fab03428bd03)
Uri Simchoni [Sat, 13 Aug 2016 18:23:34 +0000 (21:23 +0300)]
seltest: implicit FILE_READ_DATA non-reporting
This test (passes against Windows Server 2012R2) shows
that the implicit FILE_READ_DATA that is added whenever
FILE_EXECUTE is granted, is not reported back when querying
the handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
7dc9f582066d500bf57000891560610e8d2e208c)
Uri Simchoni [Sun, 31 Jul 2016 11:29:37 +0000 (14:29 +0300)]
s4-selftest: add test for read access check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(backported from commit
55a9d35cabaea6e98211fc058b788cedf9b7b22a)
Uri Simchoni [Sun, 31 Jul 2016 11:26:24 +0000 (14:26 +0300)]
s4-selftest: add functions which create with desired access
Add functions which create a file or a directory with
specific desired access.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
1b06acafa4e9ea91a50e5ed85da881187057da6e)
Uri Simchoni [Thu, 4 Aug 2016 09:59:38 +0000 (12:59 +0300)]
s4-smbtorture: use standard macros in smb2.read test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
20b9a5bd74fafbca4b7cc7952c27033edcf0eeb8)
Uri Simchoni [Thu, 11 Aug 2016 20:54:22 +0000 (23:54 +0300)]
selftest: add tests for dfree with inherit owner enabled
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b6931d5edc381d64ba0fbcd85538cd65e90a2560)
Uri Simchoni [Sun, 14 Aug 2016 11:54:11 +0000 (14:54 +0300)]
selftest: add definition of smbcacls to selftesthelpers.py
This facilitates cherry-picking of the next patch.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Wed, 20 Jan 2016 19:54:24 +0000 (21:54 +0200)]
selftest: refactor test_dfree_quota.sh - add share parameter
Add a share parameter to individual disk-free tests. This will
allow running tests on shares other than dfq share.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
f20d57eceacccb365892dec816cbe57e2ddda8b9)
Uri Simchoni [Thu, 11 Aug 2016 20:37:42 +0000 (23:37 +0300)]
smbd: use owner uid for free disk calculation if owner is inherited
If "inherit owner" is enabled, then new files created under a
directory shall consume the quota of the directory's owner, so
the free disk calculation should take that quota into account,
not the quota of the user creating the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
ea73bcd87b6113f77ccda683d15b5a39003b8eaa)
Uri Simchoni [Wed, 13 Jan 2016 22:09:36 +0000 (00:09 +0200)]
smbd: get a valid file stat to disk_quotas
Most calls to disk_quotas originate at a state with an
open file descriptor. Pass the file's stat info down to
disk_quota, so that we can avoid extra stat's and the related
error handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
bd2ec88dca692c239397891bd35c9fa6b8e7b51a)
Uri Simchoni [Wed, 27 Jan 2016 06:12:20 +0000 (08:12 +0200)]
quotas: small cleanup
Remove an internal function from proto.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
3e6ea02d4258a782482eee9f9124c6a39b74a965)
Jeremy Allison [Wed, 10 Aug 2016 21:42:07 +0000 (14:42 -0700)]
s3: oplock: Fix race condition when closing an oplocked file.
We must send the 'oplock released' message whilst the lock
is held in the close path. Otherwise the messaged smbd can
race with the share mode delete.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12139
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
df83b17c60a08a27a7ddd1d88dc125e15b3ee06d)
Jeremy Allison [Wed, 10 Aug 2016 21:39:52 +0000 (14:39 -0700)]
smbd: oplock: Factor out internals of remove_oplock() into new remove_oplock_under_lock().
Allows this to be called elsewhere.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12139
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
cb394abe5206dd8ad8a68f157427991b259129a7)
Jeremy Allison [Wed, 10 Aug 2016 21:35:42 +0000 (14:35 -0700)]
smbd: oplock: Fixup debug messages inside remove_oplock().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12139
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
de7180151fc99893c4763882fecd9d2a623cd061)
Stefan Metzmacher [Thu, 1 Sep 2016 06:08:23 +0000 (08:08 +0200)]
gensec/spnego: work around missing server mechListMIC in SMB servers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11994
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Fri Sep 2 18:10:44 CEST 2016 on sn-devel-144
(cherry picked from commit
9b45ba5cd53bd513eb777590815a0b8408af64e2)
Andrew Bartlett [Fri, 26 Aug 2016 03:53:19 +0000 (15:53 +1200)]
dbcheck: Abandon dbcheck if we get an error during a transaction
Otherwise, anything that the transaction has already done to the DB will be left in the DB
even despite the failure. For example, if a fix wrote to the DB, but then failed a post-write
check, then the fix will not be unrolled.
This is because we do not have nested transactions in TDB.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12178
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Aug 29 12:46:21 CEST 2016 on sn-devel-144
(cherry picked from commit
db32a0e5ea8f652857e45480cc31ecb1ef884c1a)
Andrew Bartlett [Fri, 26 Aug 2016 03:54:35 +0000 (15:54 +1200)]
dsdb: Allow missing a mandatory attribute from a dbcheck fix
dbcheck of the rid pool (CN=RID Set) for another server will otherwise fail because
rIDNextRid is not replicated, and so it not present
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12178
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9d0c869e36ba2f43fd2ed4cd090b48102d499bc8)
Stefan Metzmacher [Fri, 2 Sep 2016 06:47:56 +0000 (08:47 +0200)]
script/release.sh: use 8 byte gpg key ids
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 2 22:05:33 CEST 2016 on sn-devel-144
(cherry picked from commit
e0ef054fa94b0dd56ec7bf92ffea0a6d7609da56)
Autobuild-User(v4-4-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-4-test): Mon Sep 5 14:59:12 CEST 2016 on sn-devel-144
Jeremy Allison [Tue, 9 Aug 2016 18:57:20 +0000 (11:57 -0700)]
libgpo: Correctly use the 'server' parameter after parsing it out of the GPO path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12135
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit
2a8ccc0841184c2df9fc19f8452009b92071c115)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Tue Aug 16 16:26:28 CEST 2016 on sn-devel-144
Jeremy Allison [Mon, 8 Aug 2016 23:53:21 +0000 (16:53 -0700)]
s3: libsmb: Protect cli_connect_nb_send() from being passed a NULL hostname and dest_ss.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12135
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit
27ebf64b347a770e0d1ad4f1db645cb1b8dd5861)
Andrew Bartlett [Sat, 2 Jan 2016 07:58:39 +0000 (20:58 +1300)]
ldb-samba: Add "secret" as a value to hide in LDIF files
This is not secret or encrypted in LDAP, but is sensitive in secrets.ldb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed May 11 07:17:38 CEST 2016 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12154
(cherry picked from commit
15f191a2329d08b92111f71e22f8a28c8a39c193)
Autobuild-User(v4-4-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-4-test): Tue Aug 16 09:53:00 CEST 2016 on sn-devel-144
Stefan Metzmacher [Mon, 8 Aug 2016 10:53:26 +0000 (12:53 +0200)]
samba-tool/ldapcmp: ignore differences of whenChanged
This is implicitly replicated, but may diverge on updates of non-replicated
attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12129
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Aug 8 17:34:24 CEST 2016 on sn-devel-144
(cherry picked from commit
a0e60e96aa38407ded8d63650dcf8f39304c958a)
Stefan Metzmacher [Wed, 10 Aug 2016 10:44:26 +0000 (12:44 +0200)]
script/autobuild.py: include the branch name in the output
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Aug 11 08:38:47 CEST 2016 on sn-devel-144
(cherry picked from commit
98d289d2e5162a23d15562b009d0edf20a55a56b)
Garming Sam [Wed, 4 May 2016 22:37:08 +0000 (10:37 +1200)]
autobuild: fix typo in autobuild success subject line
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu May 5 04:15:16 CEST 2016 on sn-devel-144
(cherry picked from commit
2fe2e662dba080536a0f6c5485514097dd74a65a)
Garming Sam [Mon, 14 Mar 2016 01:18:54 +0000 (14:18 +1300)]
autobuild: Return the last 50 log lines
This means that you don't have to deal with tars for quickly determining
the cause of a failure.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
3751ffbbe75524984a822d65f623a040ca79c8f7)
Ralph Boehme [Mon, 8 Aug 2016 14:58:51 +0000 (16:58 +0200)]
dbwrap_ctdb: treat empty records in ltdb as non-existing
When fetching records from remote ctdb nodes via ctdbd_parse() or in
db_ctdb_traverse(), we already check for tombstone records and skip
them. This was originally also done for the ltdb checks.
See also bug: https://bugzilla.samba.org/show_bug.cgi?id=10008
(commit
1cae59ce112ccb51b45357a52b902f80fce1eef1).
Commit
925625b52886d40b50fc631bad8bdc81970f7598 reverted part of the
patch of bug 10008 due to a deadlock it introduced.
This patch re-introduces the consistent treatment of empty records in
the ltdb but avoids the deadlock by correctly signalling
NT_STATUS_NOT_FOUND if an empty record is found authoritatively in
the ltdb and not calling ctdb in this case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12005
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Aug 9 04:38:44 CEST 2016 on sn-devel-144
(backported from commit
25df582739918b7afd4e5497eaffe279e2d92cd1)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Wed Aug 10 12:42:51 CEST 2016 on sn-devel-144
Ralph Boehme [Sat, 23 Jul 2016 09:08:13 +0000 (11:08 +0200)]
s4/torture: add a test for ctdb-tombstrone-record deadlock
This tests for a possible deadlock between smbd and ctdb dealing with
ctdb tombstone records.
Commit
925625b52886d40b50fc631bad8bdc81970f7598 explains the deadlock in
more details and contains the fix. It's a fix for a regression
introduced by the patch for bug 10008 (
1cae59ce112c).
If you ever want to use this test against that specific commit:
$ git checkout
925625b52886d40b50fc631bad8bdc81970f7598
$ git cherry-pick THIS_COMMIT
This should not deadlock on a ctdb cluster.
$ git revert
925625b52886d40b50fc631bad8bdc81970f7598
This will deadlock.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12005
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit
b17e2f5c740fb081c007ed2e1c23138ffcba1469)
Ralph Boehme [Wed, 20 Jul 2016 10:36:24 +0000 (12:36 +0200)]
smbd: ignore ctdb tombstone records in fetch_share_mode_unlocked_parser()
dbwrap_parse_record() can return ctdb tombstone records from the lctdb,
ignore them.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12005
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
7147859c7afc1344e76485e2cbc286679110d96e)
Martin Schwenke [Fri, 5 Aug 2016 06:50:58 +0000 (16:50 +1000)]
ctdb-daemon: Fix CID
1125627 Resource leak (RESOURCE_LEAK)
Also fixes CID
1125628.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
940272d215049f5f5079aa926e69eae1985a4bfa)
Martin Schwenke [Fri, 5 Aug 2016 06:39:50 +0000 (16:39 +1000)]
ctdb-common: Fix CID
1125585 Dereference after null check (FORWARD_NULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
b4f23a7e95cd9c8fc4a6324d4ec5a2881eaec207)
Martin Schwenke [Fri, 5 Aug 2016 06:38:45 +0000 (16:38 +1000)]
ctdb-common: Fix CID
1125583 Dereference after null check (FORWARD_NULL)
This also fixes CID
1125584.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
bbf0b907cb04184515d0f5f09f14824df1c2e59f)
Martin Schwenke [Fri, 5 Aug 2016 06:37:00 +0000 (16:37 +1000)]
ctdb-common: Fix CID
1125581 Dereference after null check (FORWARD_NULL)
This also fixes CID
1125582.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
7ae3699831427725f12e0a26a0681e59f2fbb2d9)
Martin Schwenke [Thu, 28 Jul 2016 02:06:23 +0000 (12:06 +1000)]
ctdb-daemon: Fix CID
1363067 Resource leak (RESOURCE_LEAK)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
c6a7f680ce74d4a630fa9305d0a926cc1a4b3d2c)
Martin Schwenke [Thu, 28 Jul 2016 02:00:27 +0000 (12:00 +1000)]
ctdb-daemon: Fix CID
1363233 Resource leak (RESOURCE_LEAK)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
74aca5f4c671d9f15ae6c3a901978a1cf247dd6f)
Martin Schwenke [Wed, 27 Jul 2016 07:43:34 +0000 (17:43 +1000)]
ctdb-utils: Fix CID
1297451 Explicit null dereferenced (FORWARD_NULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
d46960f20e795cd4abc1c727705f77b2f0e0e564)
Martin Schwenke [Mon, 1 Aug 2016 05:03:56 +0000 (15:03 +1000)]
ctdb-common: Consistently use strlcpy() on interface names
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
aff33a59479cafcb1f24a07ff76383d47bb196b3)
Martin Schwenke [Wed, 27 Jul 2016 06:22:36 +0000 (16:22 +1000)]
ctdb-common: Fix CID
1125553 Buffer not null terminated (BUFFER_SIZE_WARNING)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
763f9c13f2998a8858e8a3ec013d166a3d429835)
Martin Schwenke [Wed, 27 Jul 2016 01:45:49 +0000 (11:45 +1000)]
ctdb-daemon: Fix CID
1364527/8/9: Null pointer dereferences (NULL_RETURNS)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
ed81e51cc1633cecfef05b84c0595418db8a384b)
Martin Schwenke [Thu, 4 Aug 2016 03:36:28 +0000 (13:36 +1000)]
ctdb-packaging: Move ctdb tests to libexec directory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12104
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
87c38d5d741f5e58f643ad4f797c523c67bbab00)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Mon Aug 8 12:45:56 CEST 2016 on sn-devel-144
Andreas Schneider [Wed, 3 Aug 2016 11:23:31 +0000 (13:23 +0200)]
ctdb-waf: Move ctdb tests to libexec directory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
f9c85d04e9edb3af9479e9c83d5b1ec77b9c2ee2)
Marc Muehlfeld [Sat, 16 Jul 2016 18:14:15 +0000 (20:14 +0200)]
man: Wrong option for parameter ldap ssl in smb.conf man page
- "ldap ssl" does not accept the value "yes"
- Replaced "start_tls" with "start tls".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12023
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
976be8fe39c78acfd3c2a23302d26cc262be0ae0)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Fri Aug 5 13:37:41 CEST 2016 on sn-devel-144
Ralph Boehme [Wed, 3 Aug 2016 13:00:45 +0000 (15:00 +0200)]
async_req: make async_connect_send() "reentrant"
Allow callers to pass in socket fds that where already passed to an
earlier call of async_connect_send(). Callers expect this behaviour and
it was working until
05d4dbda8357712cb81008e0d611fdb0e7239587 broke it.
The proper fix would be to change callers to close the fd and start from
scratch with a fresh socket.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12105
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Aug 4 05:03:21 CEST 2016 on sn-devel-144
(cherry picked from commit
9c6a4ea2788808bdcc7bfea798d838ea56c3b5ec)
Ralph Boehme [Fri, 15 Jul 2016 15:48:19 +0000 (17:48 +0200)]
vfs_acl_xattr: objects without NT ACL xattr
Even with "ignore system acls" set to "yes", for objects without NT ACL
xattr we use the underlying filesystem permissions to construct an NT
ACL. This can result in *very* unexpected permissions, eg:
- a directory with the following ACL:
$ ./bin/smbcacls -Uslow%pass //localhost/normal ""
REVISION:1
CONTROL:SR|DP
OWNER:SLOW\slow
GROUP:Unix Group\root
ACL:SLOW\slow:ALLOWED/0x0/FULL
So only one non-inheritable(!) ACE.
- creating a subdirectory:
$ ./bin/smbclient -Uslow%pass //localhost/normal -c "mkdir dir1"
- checking whether there's an ACL xattr:
$ getfattr -m "" /Volumes/normal/dir1
getfattr: Removing leading '/' from absolute path names
system.posix_acl_access
system.posix_acl_default
user.DOSATTRIB
So there isn't an ACL xattr, because there where no inheritable ACEs on
the parent folder.
- reading the new subdirectories ACL:
$ ./bin/smbcacls -Uslow%pass //localhost/normal "dir1"
REVISION:1
CONTROL:SR|DP
OWNER:SLOW\slow
GROUP:Unix Group\slow
ACL:SLOW\slow:ALLOWED/0x0/FULL
ACL:Unix Group\slow:ALLOWED/0x0/READ
ACL:Everyone:ALLOWED/0x0/READ
ACL:NT Authority\SYSTEM:ALLOWED/0x0/FULL
The ACES for "SLOW\slow", "Unix Group\slow" and "Everyone" are coming
from the underlying filesystem. This is the problem.
- Windows assigns the following ACL in this situation:
$ ./bin/smbcacls -UAdministrator%Passw0rd //10.10.10.14/data "dir"
REVISION:1
CONTROL:SR|PD|DI|DP
OWNER:VORDEFINIERT\Administratoren
GROUP:WIN2008R2\Domänen-Benutzer
ACL:WIN2008R2\Administrator:ALLOWED/0x0/FULL
$ ./bin/smbclient -UAdministrator%Passw0rd //10.10.10.14/data -c "mkdir dir\dir1"
$ ./bin/smbcacls -UAdministrator%Passw0rd //10.10.10.14/data "dir\dir1"
REVISION:1
CONTROL:SR|DI|DP
OWNER:VORDEFINIERT\Administratoren
GROUP:WIN2008R2\Domänen-Benutzer
ACL:VORDEFINIERT\Administratoren:ALLOWED/0x0/FULL
ACL:NT-AUTORITÄT\SYSTEM:ALLOWED/0x0/FULL
By changing make_default_filesystem_acl() to only adds user and system
ACE to the ACL of objects that lack an ACL xattr, we match Windows
behaviour:
$ ./bin/smbclient -Uslow%pass //localhost/normal -c "mkdir dir2"
$ ./bin/smbcacls -Uslow%pass //localhost/normal "dir2"
REVISION:1
CONTROL:SR|DP
OWNER:SLOW\slow
GROUP:Unix Group\slow
ACL:SLOW\slow:ALLOWED/0x0/FULL
ACL:NT Authority\SYSTEM:ALLOWED/0x0/FULL
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12028
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 19 10:22:05 CEST 2016 on sn-devel-144
(cherry picked from commit
961c4b591bb102751079d9cc92d7aa1c37f1958c)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-4-test): Thu Aug 4 14:49:18 CEST 2016 on sn-devel-144
Ralph Boehme [Fri, 15 Jul 2016 15:56:02 +0000 (17:56 +0200)]
s3/smbd: move make_default_filesystem_acl() to vfs_acl_common.c
This function is only used in vfs_acl_common.c and will be modified in
the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12028
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
afc2417b107af572081974ff9d013ddec890d31f)