Björn Jacke [Wed, 25 Nov 2015 13:04:24 +0000 (14:04 +0100)]
pam: map more NT password errors to PAM errors
NT_STATUS_ACCOUNT_DISABLED,
NT_STATUS_PASSWORD_RESTRICTION,
NT_STATUS_PWD_HISTORY_CONFLICT,
NT_STATUS_PWD_TOO_RECENT,
NT_STATUS_PWD_TOO_SHORT
now map to PAM_AUTHTOK_ERR (Authentication token manipulation error), which is
the closest match.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=2210
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 24 Nov 2016 00:57:54 +0000 (13:57 +1300)]
talloc: Add tests for talloc destructor behaviour after talloc_realloc()
That this behaved correctly was not clear, so I added tests to prove
it to myself.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec 13 06:47:58 CET 2016 on sn-devel-144
Andrew Bartlett [Tue, 13 Dec 2016 01:21:29 +0000 (14:21 +1300)]
selftest: Print the POSIX ACL we got when the posixacl test fails
Knowing we have 11 of 15 ACEs is not very helpful
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Alexander Bokovoy [Thu, 8 Dec 2016 08:21:53 +0000 (10:21 +0200)]
smb.conf: add identity mapping section
Add a generic identity mapping section that points out to the other
resources in Samba documentation about idmap modules and their
configuration.
This should help users to discover corresponding documentation easily.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrea Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 13 00:14:04 CET 2016 on sn-devel-144
Andreas Schneider [Mon, 12 Dec 2016 09:05:39 +0000 (10:05 +0100)]
s3:winbind: Do not start with an invalid default idmap backend
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Wed, 7 Dec 2016 17:19:53 +0000 (18:19 +0100)]
s3-testparm: Print an error if we have overlapping idmap config
Except if both backends are 'ad'.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Wed, 7 Dec 2016 16:44:25 +0000 (17:44 +0100)]
s3-testparm: Print error if the default backend is incorrect
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Wed, 7 Dec 2016 16:03:22 +0000 (17:03 +0100)]
s3-testparm: Fix trailing whitespaces
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 12 Dec 2016 15:20:29 +0000 (16:20 +0100)]
libsmb: Correctly report error for rename failure
This prevents renaming a file over an existing one with SMB2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12468
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Garming Sam [Wed, 7 Dec 2016 03:42:38 +0000 (16:42 +1300)]
tests/dns: Check you cannot add empty CNAME
This exercises the dns_check_name case in the DNS server. Directly
attempting to add an invalid name with leading . or double .. cannot be
done due to ndr_pull_component forcing the check on the client side
(leading to a CNAME name of NUL and unexpected data of the actual name).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Dec 12 08:46:26 CET 2016 on sn-devel-144
Bob Campbell [Wed, 7 Dec 2016 02:33:06 +0000 (15:33 +1300)]
dnsserver_common: Add name check in name2dn
Fills in the missing TODO. Note that this may also prevent deletion of
existing corrupted records, but should be resolvable through RPC, or at
worst LDAP.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bob Campbell [Wed, 7 Dec 2016 02:00:25 +0000 (15:00 +1300)]
python/tests: expand samba-tool dns tests
These new tests concern collisions and lock in current Samba behaviour.
They do not pass against Windows Server 2012R2. See dnsserver.py tests
for the tests consistent with Windows behaviour.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Wed, 7 Dec 2016 01:25:35 +0000 (14:25 +1300)]
python/tests: fix typo to use correct var
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Tue, 6 Dec 2016 02:34:23 +0000 (15:34 +1300)]
dnsserver: add dns name checking
This may also prevent deletion of existing corrupted records through
DNS, but should be resolvable through RPC, or at worst LDAP.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Garming Sam [Mon, 5 Dec 2016 22:00:17 +0000 (11:00 +1300)]
tests/dnsserver: Check security descriptors
These tests discover that there are some discrepancies between Windows and Samba.
Although there are failures, they do not appear to be critical, however
some of the SD differences will be important for 2012 support.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Sun, 27 Nov 2016 22:12:18 +0000 (11:12 +1300)]
samba-tool/dns: remove use of dns_record_match from add and delete
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Fri, 25 Nov 2016 03:29:31 +0000 (16:29 +1300)]
samba-tool/dns: reword error messages and make error catching specific
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Tue, 29 Nov 2016 20:19:31 +0000 (09:19 +1300)]
python/tests: expand tests for dns server over rpc
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Mon, 21 Nov 2016 03:22:46 +0000 (16:22 +1300)]
python/tests: add tests for samba-tool dns
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bob Campbell [Mon, 28 Nov 2016 01:30:43 +0000 (14:30 +1300)]
python/netcmd: print traceback through self.errf
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Sat, 26 Nov 2016 14:42:42 +0000 (15:42 +0100)]
lib: Remove xfile
The days of operating systems with a 255 file
descriptor limit on FILE (I'm looking at you
Solaris - Solaris 10 finally fixed this) are
long gone.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Dec 11 15:01:12 CET 2016 on sn-devel-144
Volker Lendecke [Sat, 26 Nov 2016 08:50:33 +0000 (09:50 +0100)]
nmbd: xfile->stdio
Unfortunately this is a larger patch. Doing it in small pieces would
have been pretty difficult, as everybody calls everybody else.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 23 Nov 2016 09:07:48 +0000 (10:07 +0100)]
lib: smbreadline xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 23 Nov 2016 07:55:16 +0000 (08:55 +0100)]
libnbt: lmhosts xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 26 Nov 2016 14:33:06 +0000 (15:33 +0100)]
printing: Convert aix_cache_reload to stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 26 Nov 2016 08:27:19 +0000 (09:27 +0100)]
printing: std_pcap_cache_reload xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 Nov 2016 00:44:48 +0000 (01:44 +0100)]
rpc_server: svcctl xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 Nov 2016 00:42:36 +0000 (01:42 +0100)]
vfs: expand_msdfs xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 19 Nov 2016 09:25:12 +0000 (09:25 +0000)]
ntlm_auth3: xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 25 Nov 2016 21:01:38 +0000 (22:01 +0100)]
torture: upload_printer_driver_file xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 Nov 2016 00:38:16 +0000 (01:38 +0100)]
smbd: username map file handling xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 21 Nov 2016 18:20:10 +0000 (19:20 +0100)]
lib: Add fgets_slash
Copy x_fgets_slash with conversion to stdio and talloc.
Probably I'd do this functionality a bit differently, but for simplicity I
chose to make it the same as what is there.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 Nov 2016 00:26:08 +0000 (01:26 +0100)]
lib: popt_common xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 Nov 2016 00:30:29 +0000 (01:30 +0100)]
idmap_hash: xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 22 Nov 2016 00:59:22 +0000 (01:59 +0100)]
smbclient: xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 23 Nov 2016 09:11:13 +0000 (10:11 +0100)]
smbclient4: xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Sat, 10 Dec 2016 21:56:18 +0000 (13:56 -0800)]
s3: ntlm_auth: Don't corrupt the output stream with debug messages.
Calling programs expect to cleanly read from STDOUT.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12467
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Thu, 8 Dec 2016 18:40:27 +0000 (10:40 -0800)]
s3: torture: Adds regression test case for se_access_check() owner rights issue.
This test passes against Win2K12 but fails against smbd
without the previous commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12466
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 10 10:11:10 CET 2016 on sn-devel-144
Jeremy Allison [Thu, 8 Dec 2016 18:40:18 +0000 (10:40 -0800)]
lib: security: se_access_check() incorrectly processes owner rights (S-1-3-4) DENY ace entries
Reported and proposed fix by Shilpa K <shilpa.krishnareddy@gmail.com>.
When processing DENY ACE entries for owner rights SIDs (S-1-3-4) the
code OR's in the deny access mask bits without taking into account if
they were being requested in the requested access mask.
E.g. The current logic has:
An ACL containining:
[0] SID: S-1-3-4
TYPE: DENY
MASK: WRITE_DATA
[1] SID: S-1-3-4
TYPE: ALLOW
MASK: ALLOW_ALL
prohibits an open request by the owner for READ_DATA - even though this
is explicitly allowed.
Furthermore a non-canonical ACL containing:
[0] SID: User SID 1-5-21-something
TYPE: ALLOW
MASK: READ_DATA
[1] SID: S-1-3-4
TYPE: DENY
MASK: READ_DATA
[2] SID: User SID 1-5-21-something
TYPE: ALLOW
MASK: WRITE_DATA
prohibits an open request by the owner for READ_DATA|WRITE_DATA - even
though READ_DATA is explicitly allowed in ACE no 0 and is thus already
filtered out of the "access-still-needed" mask when the deny ACE no 1 is
evaluated.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12466
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Björn Jacke [Thu, 8 Dec 2016 16:53:43 +0000 (17:53 +0100)]
util: use SCOPE_DELIMITER for the IPv6 scope delimiter
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Fri Dec 9 20:45:15 CET 2016 on sn-devel-144
Björn Jacke [Thu, 8 Dec 2016 16:56:24 +0000 (17:56 +0100)]
replace: make sure we have a SCOPE_DELIMITER define
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Jacke [Thu, 8 Dec 2016 17:45:26 +0000 (18:45 +0100)]
ad/provision: change samba.org to https://samba.org
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Fri Dec 9 16:57:31 CET 2016 on sn-devel-144
Björn Jacke [Thu, 8 Dec 2016 17:45:25 +0000 (18:45 +0100)]
man pages: change samba.org to https://samba.org
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Björn Jacke [Thu, 8 Dec 2016 17:45:24 +0000 (18:45 +0100)]
docs-xml: change samba.org to https://samba.org
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Stefan Metzmacher [Thu, 8 Dec 2016 06:13:57 +0000 (07:13 +0100)]
s3:libsmb: don't pass 'passlen' to cli_tree_connect[_send]() and allow pass=NULL
There're no callers which try to pass a raw lm_response directly anymore.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec 9 13:09:37 CET 2016 on sn-devel-144
Stefan Metzmacher [Sun, 30 Oct 2016 15:10:03 +0000 (16:10 +0100)]
s3:libsmb: avoid using cli->{use_kerberos,...} in remote_password_change()
As we pass flags=0 to cli_connect_nb() all values can only be false,
so we can use false directly.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Sun, 30 Oct 2016 15:21:31 +0000 (16:21 +0100)]
s3:client: avoid using cli->{use_kerberos,...} for cli_session_creds_init() in smbspool.c
CLI_FULL_CONNECTION_USE_KERBEROS is the only possible flag the
caller of smb_complete_connection() will pass, so we can avoid
use it directly instead of going via cli_start_connection()
to use cli->use_kerberos.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 8 Dec 2016 05:54:29 +0000 (06:54 +0100)]
s3:client: make use of cli_tree_connect_creds() in smbspool.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 7 Dec 2016 16:32:58 +0000 (17:32 +0100)]
s3:libsmb: add cli_tree_connect_creds()
This can be used with a valid creds structure in order
to do a share level authentication or with NULL in the cases
we assume a modern server already.
Later we can change the ordering and implement
cli_tree_connect() on top of cli_tree_connect_creds().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 7 Dec 2016 16:18:01 +0000 (17:18 +0100)]
s3:libsmb: fix 'client lanman auth = no' DEBUG message in cli_session_setup_creds_send()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 3 Nov 2016 12:49:43 +0000 (13:49 +0100)]
s3:libsmb: fix memory leak in cli_raw_ntlm_smb_encryption_start()
smb_trans_enc_state is a talloc pointer now, so we can talloc_move()
the gensec_security to the correct talloc parent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12408
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 28 Oct 2016 10:44:51 +0000 (12:44 +0200)]
s3:torture: make use of cli_full_connection_creds() in torture.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 7 Dec 2016 16:17:44 +0000 (17:17 +0100)]
auth/credentials: clear all unused blobs in cli_credentials_get_ntlm_response()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Tue, 8 Nov 2016 06:19:11 +0000 (07:19 +0100)]
auth/credentials: fix cut'n'paste error in cli_credentials_get_principal_and_obtained()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 28 Oct 2016 13:55:48 +0000 (15:55 +0200)]
auth/credentials: let cli_credentials_parse_string() handle the "winbind separator"
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
David Disseldorp [Tue, 6 Dec 2016 12:03:27 +0000 (13:03 +0100)]
ctdb: add test script for ctdb_mutex_ceph_rados_helper
This standalone test script performs the following:
- using ctdb_mutex_ceph_rados_helper, take a lock on the Ceph RADOS
object a CLUSTER/$POOL/$OBJECT using the Ceph keyring for $USER
+ confirm that lock is obtained, via ctdb_mutex_ceph_rados_helper "0"
output
- check RADOS object lock state, using the "rados lock info" command
- attempt to obtain the lock again, using ctdb_mutex_ceph_rados_helper
+ confirm that the lock is not successfully taken
- tell the first locker to drop the lock and exit, via SIGTERM
- once the first locker has exited, attempt to get the lock again
+ confirm that this attempt succeeds
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Dec 9 07:59:33 CET 2016 on sn-devel-144
David Disseldorp [Thu, 1 Dec 2016 13:22:45 +0000 (14:22 +0100)]
ctdb/doc: man page for Ceph RADOS cluster mutex helper
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
David Disseldorp [Thu, 1 Dec 2016 12:33:22 +0000 (13:33 +0100)]
ctdb: cluster mutex helper using Ceph RADOS
ctdb_mutex_ceph_rados_helper implements the cluster mutex helper API
atop Ceph using the librados rados_lock_exclusive()/rados_unlock()
functionality.
Once configured, split brain avoidance during CTDB recovery will be
handled using locks against an object located in a Ceph RADOS pool.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
David Disseldorp [Tue, 6 Dec 2016 12:52:47 +0000 (13:52 +0100)]
ctdb-build: configure time switch for etcd support
Disable generation/installation of the etcd cluster mutex helper by
default. Support can be explicitly enabled at configure time with
--enable-etcd-reclock.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
David Disseldorp [Tue, 6 Dec 2016 12:38:45 +0000 (13:38 +0100)]
ctdb-build: move ctdb_etcd_lock to utils/etcd
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 8 Dec 2016 05:47:16 +0000 (16:47 +1100)]
ctdb-build: Generate pre-built documentation in wscript itself
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Amitay Isaacs [Thu, 8 Dec 2016 04:38:36 +0000 (15:38 +1100)]
ctdb-build: Avoid duplicate list of man pages
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Anoop C S [Tue, 6 Dec 2016 09:55:46 +0000 (15:25 +0530)]
lib/util: Fix indentation within routine description for dbghdrclass
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Dec 9 02:02:36 CET 2016 on sn-devel-144
Anoop C S [Tue, 6 Dec 2016 09:50:51 +0000 (15:20 +0530)]
lib/util: Fix input arguments description for dbghdrclass() routine
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Lukas Slebodnik [Mon, 5 Dec 2016 13:23:40 +0000 (14:23 +0100)]
tevent: remove shebang from tevent.py
The tevent.py is not a executable python script.
And rpmlint consider it as an error if module file
contians shebang
python2-tevent.x86_64: E: non-executable-script
/usr/lib64/python2.7/site-packages/tevent.py 644 /usr/bin/python
python3-tevent.x86_64: E: non-executable-script
/usr/lib64/python3.5/site-packages/tevent.py 644 /usr/bin/python
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Sun, 30 Oct 2016 22:54:44 +0000 (23:54 +0100)]
s4:repl_meta_data: normalize rdn attribute name via the schema
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12399
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 8 17:16:47 CET 2016 on sn-devel-144
Andrew Bartlett [Sun, 20 Nov 2016 22:21:50 +0000 (11:21 +1300)]
pidl: Make dcesrv\_$name\_interface "static const"
This moves it out of the global namespace
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Dec 8 13:25:57 CET 2016 on sn-devel-144
Andrew Bartlett [Sun, 20 Nov 2016 22:31:27 +0000 (11:31 +1300)]
s4-rpc_server: Avoid extern reference to dcesrv_mgmt_interface and memcpy()
Use a typesafe struct-returning function instead
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Mon, 5 Dec 2016 22:34:18 +0000 (14:34 -0800)]
s3: torture: Regression test case for permissions check on rename.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12460
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Dec 7 11:52:03 CET 2016 on sn-devel-144
Jeremy Allison [Mon, 5 Dec 2016 22:32:55 +0000 (14:32 -0800)]
s3: smbd: Add missing permissions check on destination folder.
Based on code from Michael Zeis <mzeis.quantum@gmail.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12460
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 5 Dec 2016 22:32:03 +0000 (14:32 -0800)]
s3: smbd: Make check_parent_access() available to rename code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12460
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 5 Dec 2016 22:13:14 +0000 (14:13 -0800)]
s3: smbd: rename - missing early error exit if source and destination prefixes are different.
Noticed by Michael Zeis <mzeis.quantum@gmail.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12460
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 16:16:14 +0000 (16:16 +0000)]
winbind: dom_sid_parse_endp always initializes "endp" when ok
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 7 00:11:03 CET 2016 on sn-devel-144
Volker Lendecke [Thu, 1 Dec 2016 16:16:14 +0000 (16:16 +0000)]
idmap_autorid: dom_sid_parse_endp always initializes "endp" when ok
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 16:15:29 +0000 (16:15 +0000)]
lib: Make dom_sid_parse_endp init "endp" on all "ok" paths
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 1 Dec 2016 16:11:38 +0000 (16:11 +0000)]
idmap_autorid: Add a {} pair in an if-statement
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Tue, 6 Dec 2016 08:44:28 +0000 (09:44 +0100)]
printing: Fix building with CUPS version older than 1.7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12183
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Dec 6 13:54:28 CET 2016 on sn-devel-144
Jose A. Rivera [Mon, 25 Jul 2016 19:58:16 +0000 (14:58 -0500)]
ctdb: Add new helper ctdb_etcd_lock
This introduces a mutex helper called ctdb_etcd_lock, which allows CTDB to
use an existing etcd cluster to provide the functionality of a recovery lock
using the API outlined in ctdb/doc/cluster_mutex_helper.txt.
Signed-off-by: Jose A. Rivera <jarrpa@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): José A. Rivera <jarrpa@samba.org>
Autobuild-Date(master): Mon Dec 5 19:39:10 CET 2016 on sn-devel-144
Amitay Isaacs [Wed, 30 Nov 2016 01:23:04 +0000 (12:23 +1100)]
ctdb-recovery: Start recovery helper with ctdb_vfork_exec
The recovery helper does it's own logging, so there is no need to
pass logfd.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Dec 5 11:59:42 CET 2016 on sn-devel-144
Amitay Isaacs [Wed, 30 Nov 2016 01:22:02 +0000 (12:22 +1100)]
ctdb-locking: Start locking helper using ctdb_vfork_exec
This avoids the extra argument of logfd to ctdb_lock_helper. The log
messages from lock helper are captured by ctdbd.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 30 Nov 2016 01:15:11 +0000 (12:15 +1100)]
ctdb-daemon: Add ctdb_vfork_exec()
This will replace ctdb_vfork_with_logging().
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 29 Nov 2016 06:52:00 +0000 (17:52 +1100)]
ctdb-daemon: Log to stderr when running in interactive mode
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 29 Nov 2016 05:49:41 +0000 (16:49 +1100)]
ctdb-daemon: Initialize logging in recovery daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 25 Nov 2016 03:57:30 +0000 (14:57 +1100)]
ctdb-recoverd: Log a message when terminating
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 29 Nov 2016 06:59:32 +0000 (17:59 +1100)]
ctdb-logging: Get rid of debug_extra
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 25 Nov 2016 03:50:01 +0000 (14:50 +1100)]
ctdb-daemon: Remove setting of debug_extra
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 25 Nov 2016 03:44:10 +0000 (14:44 +1100)]
ctdb-daemon: Remove setting of debug_extra from switch_from_server_to_client()
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 25 Nov 2016 03:37:17 +0000 (14:37 +1100)]
ctdb-daemon: Remove setting of debug_extra via ctdb_set_child_info()
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 25 Nov 2016 03:54:07 +0000 (14:54 +1100)]
ctdb-daemon: Don't depend on debug_extra in exit handler
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 30 Nov 2016 06:04:54 +0000 (17:04 +1100)]
ctdb-daemon: Fix debug messages
- Use fprintf() before logging is initialized
- replace DEBUG_ALERT with DEBUG_ERR
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 30 Nov 2016 05:46:19 +0000 (16:46 +1100)]
ctdb-daemon: Consolidate initialization of logging and debug level
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 29 Nov 2016 05:36:57 +0000 (16:36 +1100)]
ctdb-logging: Remove duplicate logging code
ctdb_logging_init() now uses logging_init().
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 29 Nov 2016 05:17:23 +0000 (16:17 +1100)]
ctdb-logging: Refactor logging code
This extracts the code from following files:
- server/ctdb_logging.c
- server/ctdb_logging_file.c
- server/ctdb_logging_syslog.c
This is in preparation for each daemon (and some processes) doing
their own loging instead of relying on CTDB.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Wed, 23 Nov 2016 08:03:23 +0000 (19:03 +1100)]
ctdb-logging: Use Samba's debug levels
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 23 Nov 2016 10:36:36 +0000 (21:36 +1100)]
ctdb-scripts: Update CTDB_SCRIPT_DEBUGLEVEL to be symbolic
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 23 Nov 2016 10:38:14 +0000 (21:38 +1100)]
ctdb-tests: Use symbolic debug levels in tool tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 23 Nov 2016 10:37:45 +0000 (21:37 +1100)]
ctdb-tests: Use symbolic debug levels in eventscript tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 23 Nov 2016 06:01:54 +0000 (17:01 +1100)]
ctdb-tests: Use symbolic debug level for local daemons
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 23 Nov 2016 09:40:50 +0000 (20:40 +1100)]
ctdb-tests: Use symbolic debug levels in takeover tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 23 Nov 2016 08:16:56 +0000 (19:16 +1100)]
ctdb-tests: Support symbolic debug level in takeover tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
git.samba.org / vlendec / samba-autobuild / .git / log