Martin Schwenke [Wed, 11 Oct 2017 08:16:25 +0000 (19:16 +1100)]
ctdb-tests: Check an unchecked return value
This can't fail but check it for completeness... just in case Coverity
decides to notice it.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Oct 16 09:27:17 CEST 2017 on sn-devel-144
Martin Schwenke [Wed, 11 Oct 2017 08:04:28 +0000 (19:04 +1100)]
ctdb-test: Fix CID
1419118 (Error handling issues)
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Tue, 10 Oct 2017 03:51:40 +0000 (14:51 +1100)]
ctdb-client: Fix a typo
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Mon, 9 Oct 2017 03:56:00 +0000 (14:56 +1100)]
ctdb-tests: Strengthen some tests
Check for the expected result instead of just any failure.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Mon, 9 Oct 2017 03:52:30 +0000 (14:52 +1100)]
ctdb-protocol: Fix typo in type of return variable
This causes failures to be folded down to 1, which is incorrect.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Alexander Bokovoy [Fri, 6 Oct 2017 19:52:36 +0000 (22:52 +0300)]
man pages: properly ident lists
It took me some time (original bug was filed in 2013!) but now
lists in smb.conf.5 are properly idented.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9613
Signed-Off-By: Alexander Bokovoy <ab@samba.org>
Reviewed-By: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Oct 14 11:31:07 CEST 2017 on sn-devel-144
Alexander Bokovoy [Fri, 6 Oct 2017 19:49:11 +0000 (22:49 +0300)]
smb.conf.5: sort parameters alphabetically
Content of each separate parameter description file is added
into a parameters.all.xml file before compiling smb.conf.5.
The issue is that POSIX file systems generally don't give any
promises over how glob-produced files are sorted. Thus, we need to sort
them in a predictable way.
This patch adds sorting based on a file name as a string. Since all
parameter files named after the parameter itself (plus .xml), we can
use file name sorting.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13081
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-By: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 2 Oct 2017 01:33:47 +0000 (14:33 +1300)]
selftest: Add sanity-check RODC can't use cache to reveal secrets
Bug 12977 highlighted that Samba only checks exop GetNcChanges requests
once, when they're first received. This makes sense because valid exop
requests should only ever involve a single request. For regular
(non-exop) GetNcChanges requests, the server stores a cache of the
object GUIDs to return.
What we don't want to happen is for a malicious/compromised RODC to use
this cache to circumvent privilege checks, and receive secrets that it's
normally not permitted to access (e.g. the administrator's password).
The specific scenario we're concerned about is:
- The RODC sends a regular GetNcChanges request for all objects (without
secrets). (This causes the server to build its GUID array cache).
- The RODC then sends a follow-on request for the next chunk, but sets
the REPL_SECRET exop this time.
The only thing inadvertently preventing Samba from leaking secrets in
this case is updating msDS-RevealedUsers for auditing. It's possible
that a future code change may alter the codepath and open up a
security-hole without realizing. This patch adds a test case so if that
ever did happen, the selftests would detect the problem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12977
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Fri, 13 Oct 2017 12:32:58 +0000 (14:32 +0200)]
selftest: prevent interpretation of escape sequences in test_give_owner.sh
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Oct 14 06:02:50 CEST 2017 on sn-devel-144
Ralph Boehme [Wed, 11 Oct 2017 14:04:58 +0000 (16:04 +0200)]
s4/torture: vfs_fruit: test xattr unpacking
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 13 21:44:02 CEST 2017 on sn-devel-144
Ralph Boehme [Mon, 9 Oct 2017 14:18:18 +0000 (16:18 +0200)]
s4/torture: vfs_fruit: replace AppleDouble data blob with xattr data
The osx_adouble_w_xattr datablob is used to test conversion from sidecar
._ file metdata to Samba compatible ._ file.
The previous data blob didn't contain xattr data, the new one does.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Wed, 11 Oct 2017 10:58:59 +0000 (12:58 +0200)]
vfs_fruit: on-access conversion of AppleDouble xattr data
This finally adds on-access conversion of xattr data stored in sidecar
AppleDouble files.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Tue, 10 Oct 2017 17:13:36 +0000 (19:13 +0200)]
vfs_fruit: static string fruit_catia_maps
In a later commit these will be used somewhere else too.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Tue, 10 Oct 2017 14:15:49 +0000 (16:15 +0200)]
vfs_fruit: pass smb_fname to ad_convert
This will be needed in a later commit when converting xattrs in sidecar
AppleDouble files.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Tue, 10 Oct 2017 14:06:33 +0000 (16:06 +0200)]
vfs_fruit: unpack AppleDouble xattr header if present
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Tue, 10 Oct 2017 14:04:29 +0000 (16:04 +0200)]
vfs_fruit: allocate ad_data buffer up to AD_XATTR_MAX_HDR_SIZE bytes
This is in preperation of reading potential xattr header data from the
AppleDouble file, not just reading a fixed amount of bytes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Tue, 10 Oct 2017 14:03:13 +0000 (16:03 +0200)]
vfs_fruit: add AppleDouble xattr structure definitions
Reference:
https://opensource.apple.com/source/xnu/xnu-4570.1.46/bsd/vfs/vfs_xattr.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Wed, 11 Oct 2017 16:11:12 +0000 (18:11 +0200)]
vfs_fruit: fix ftruncating resource fork
fruit_ftruncate_rsrc_adouble() is called to effectively ftruncate() the
._ AppleDouble file to the requested size.
The VFS function SMB_VFS_NEXT_FTRUNCATE() otoh would attempt to truncate
to fsp *stream* in any way the next VFS module seems fit. As we know
we're stacked with a streams module, the module will attempt to truncate
the stream. So we're not truncating the ._ file.
This went unnoticed as the AppleDouble file header contains the
authorative resource fork size that was updated correctly.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Wed, 11 Oct 2017 09:35:15 +0000 (11:35 +0200)]
vfs_catia: factor out mapping functions
This moves the core mapping functions to a seperate file and makes them
global.
string_replace_init_map() is called to parse a mapping in string and
produce a mapping object that can then be passed to
string_replace_allocate() to do the actual mapping of a string.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 12 Oct 2017 15:07:15 +0000 (17:07 +0200)]
selftest: add some debugging to test_give_owner.sh
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 13 01:22:05 CEST 2017 on sn-devel-144
Marc Muehlfeld [Wed, 11 Oct 2017 07:49:45 +0000 (09:49 +0200)]
Updated error message text and reduced its debug level
Previously, "net rpc share add|remove" commands failed if no
"add|delete share command" parameter was set in smb.conf. However,
the error was only logged at level 10 and not very clear.
This patch updates the error message text and sets the log level of this
error to 1 to make it more obvious what is missing.
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 9 Oct 2017 10:39:52 +0000 (12:39 +0200)]
s4:heimdal_build: there's no need to define HAVE_KRB5_ADDRESSES twice
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 11 12:33:42 CEST 2017 on sn-devel-144
Stefan Metzmacher [Mon, 9 Oct 2017 10:50:35 +0000 (12:50 +0200)]
krb5_wrap: ADDRTYPE_INET6 is available in all supported MIT versions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13079
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Stefan Metzmacher [Mon, 9 Oct 2017 10:50:35 +0000 (12:50 +0200)]
krb5_wrap: KRB5_ADDRESS_INET6 is not a define in Heimdal
All supported versions of Heimal already have KRB5_ADDRESS_INET6,
so there's no need for an explicit check.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13079
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Samuel Cabrero [Thu, 5 Oct 2017 17:22:29 +0000 (19:22 +0200)]
s3: spoolss: Extend publish_toggle test to check returned GUID string format
Extend the rpc.spoolss.printer.addprinter.publish_toggle test to
check the format of the returned GUID string in GetPrinter info
level 7 structure.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12993
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 11 06:39:00 CEST 2017 on sn-devel-144
Ralph Boehme [Mon, 9 Oct 2017 11:29:05 +0000 (13:29 +0200)]
winbindd: idmap_rid: error code for failing id-to-sid mapping request
NT_STATUS_NO_SUCH_DOMAIN triggers complete request failure in the parent
winbindd. By returning NT_STATUS_NONE_MAPPED winbindd lets the individual
mapping fail but keeps processing any remaining mapping requests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 10 19:57:37 CEST 2017 on sn-devel-144
Ralph Boehme [Mon, 25 Sep 2017 13:42:08 +0000 (15:42 +0200)]
winbindd: idmap_rid: don't rely on the static domain list
The domain list in the idmap child is inherited from the parent winbindd
process and may not contain all domains in case enumerating trusted
domains didn't finish before the first winbind request that triggers the
idmap child fork comes along.
The previous commits added the domain SID as an additional argument to
the wbint_UnixIDs2Sids request, storing the domain SID in struct
idmap_domain.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Mon, 25 Sep 2017 13:39:39 +0000 (15:39 +0200)]
winbindd: pass domain SID to wbint_UnixIDs2Sids
This makes the domain SID available to the idmap child for
wbint_UnixIDs2Sids mapping request. It's not used yet anywhere, this
comes in the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Mon, 25 Sep 2017 11:25:57 +0000 (13:25 +0200)]
winbindd: add domain SID to idmap mapping domains
Fetch the domain SID for every domain in the idmap-domain map. This is
in preperation of passing the domain SID as an additional argument to
xid2sid requests to the idmap child.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Amitay Isaacs [Fri, 11 Aug 2017 05:53:28 +0000 (15:53 +1000)]
ctdb-tests: Add interactive test for tunnels
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Oct 10 15:50:04 CEST 2017 on sn-devel-144
Amitay Isaacs [Mon, 26 Jun 2017 08:06:18 +0000 (18:06 +1000)]
ctdb-tests: Add test for tunnels
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 29 Sep 2017 02:16:21 +0000 (12:16 +1000)]
ctdb-protocol: Add tunnel id prefix for testing
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 6 Apr 2017 09:33:47 +0000 (19:33 +1000)]
ctdb-client: Add client api for using tunnels
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 5 Apr 2017 06:25:42 +0000 (16:25 +1000)]
ctdb-protocol: Add protocol marshalling for CTDB_REQ_TUNNEL
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 6 Apr 2017 08:58:18 +0000 (18:58 +1000)]
ctdb-client: Add client code for tunnel controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 6 Apr 2017 08:58:01 +0000 (18:58 +1000)]
ctdb-protocol: Add protocol marshalling for tunnel controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 6 Apr 2017 09:09:58 +0000 (19:09 +1000)]
ctdb-daemon: Add code to process ctdb_req_tunnel packets
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 6 Apr 2017 07:50:38 +0000 (17:50 +1000)]
ctdb-protocol: Add req_tunnel counts to ctdb statistics
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 6 Apr 2017 09:03:51 +0000 (19:03 +1000)]
ctdb-daemon: Add implementation of tunnel controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 6 Apr 2017 08:31:10 +0000 (18:31 +1000)]
ctdb-protocol: Add controls to register/deregister tunnels
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 5 Apr 2017 06:07:10 +0000 (16:07 +1000)]
ctdb-protocol: Add REQ_TUNNEL packet type
This allows to tunnel new protocols using ctdb transport.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Ralph Boehme [Mon, 9 Oct 2017 11:25:21 +0000 (13:25 +0200)]
wbinfo: return "NOT MAPPED" instead of "S-0-0" for unmapped id-to-sid
Currently wbinfo --unix-ids-to-sids prints "S-0-0" for failed
mappings. Let it print "NOT MAPPED" instead.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 10 02:57:40 CEST 2017 on sn-devel-144
Ralph Boehme [Fri, 6 Oct 2017 13:25:54 +0000 (15:25 +0200)]
vfs_fake_acls: deny give-ownership
Windows doesn't allow giving ownership away unless the user has
SEC_PRIV_RESTORE privilege.
This follows from MS-FSA 2.1.5.1, so it's a property of the filesystem
layer, not the SMB layer. By implementing this restriction here, we can
now have test for this restriction.
Other filesystems may want to deliberately allow this behaviour --
although I'm not aware of any that does -- therefor I'm putting in this
restriction in the implementation of the chmod VFS function and not into
the caller.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 4 Oct 2017 20:27:24 +0000 (22:27 +0200)]
vfs_acl_common: fix take ownership vs give ownership
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 4 Oct 2017 10:51:29 +0000 (12:51 +0200)]
vfs_acl_common: factor out a variable declaration
Just some refactoring, no change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 4 Oct 2017 13:45:54 +0000 (15:45 +0200)]
s3/smbd/posix_acls: return correct status in try_chown
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 6 Oct 2017 13:31:20 +0000 (15:31 +0200)]
selftest: tests for change ownership on a file
This test verifies that SEC_STD_WRITE_OWNER only effectively grants
take-ownership permissions but NOT give-ownership. The latter requires
SeRestorePrivilege privilege.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 7 Oct 2017 07:11:56 +0000 (09:11 +0200)]
selftest: fix samba3.blackbox.inherit_owner.default test script test_inherit_owner.sh
Grant the test-user SeRestorePrivilege, this is needed for
give-ownership operations. And then granting SeRestorePrivilege requires
`net`, so add that as an additional argument to the script.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 8 Oct 2017 09:17:12 +0000 (11:17 +0200)]
selftest: fix acl_xattr test script test_acl_xattr.sh
The two "nt_affects_chgrp" tests called the wrong function so the
function nt_affects_chgrp() was never run.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 8 Oct 2017 06:51:05 +0000 (08:51 +0200)]
selftest: fix acl_xattr test: sn-devel unreliable gid
The "nt_affects_chgrp" kept failing in a full autobuild on sn-devel
because the actual gid of the created file as returned by smbclient -c
getfacl was reliably the unix gid of my account. It should have been the
mapped domusers group for the primary users "Domain Users"
group. Running the test individually or even the full set of
"samba3.blackbox" tests didn't trigger the error.
Looks like an issue with vfs_fake_acls and vfs_xattr_tdb, but I wasn't
able to track it down. As the test only really want to ensure that
smbcacls -G set the gid to the requested value, just remove the check
for the actual initial gid.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 8 Oct 2017 09:16:27 +0000 (11:16 +0200)]
selftest: fix acl_xattr test: grep ouput before munging
The check of the smbclient getfacl output for presence of a "^# group:"
line must be done before munging the saved output with a sed filter.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 8 Oct 2017 09:13:46 +0000 (11:13 +0200)]
selftest: fix acl_xattr test: group, not user
In nt_affects_chgrp() check for domadmins *group*, not user. This didn't
trigger an error as nt_affects_chgrp() isn't actually called, see next
commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 8 Oct 2017 09:12:48 +0000 (11:12 +0200)]
selftest: fix acl_xattr test: changing owner
Don't give ownership to user "force_user" as user "$USERNAME", this
would fail with NT_STATUS_INVALID_OWNER, instead just take ownership as
user "force_user". Adding a corresponding ACE for "force_user" with FULL
rights ensures this works.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 4 Oct 2017 19:43:22 +0000 (12:43 -0700)]
s3: smbd: Currently if getwd() fails after a chdir(), we panic.
Change this to return to the previous $cwd, and return -1 for the chdir().
If the return to the previous $cwd fails, still panic as we
can't return an unknown state.
Also do early return from failing SMB_VFS_CHDIR, reducing indentation level
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13027
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Böhme <slow@samba.org>
Ralph Boehme [Fri, 6 Oct 2017 06:01:46 +0000 (08:01 +0200)]
smbcacls: no need to fetch the sd when changing ownership
Reading the SD may be denied but changing ownership could be allowed. As
we don't really need the server SD for the change ownership request,
don't fetch it.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 7 00:04:54 CEST 2017 on sn-devel-144
Samuel Cabrero [Thu, 21 Sep 2017 07:53:35 +0000 (09:53 +0200)]
s3: spoolss: Fix GUID string format on GetPrinter info
Fix regression introduced by commit
a4157e7c5d75 which removed the braces
around the printer GUID in the printer info level 7 structure.
MS-RPRN section 2.2 says this protocol uses curly-braced GUIDs so printers
are deleted from the directory by the domain controller's pruning service.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12993
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 6 05:21:25 CEST 2017 on sn-devel-144
Martin Schwenke [Tue, 19 Sep 2017 13:51:21 +0000 (23:51 +1000)]
ctdb-common: Make parse_ip() and parse_ipv4() static
parse_ip() has interface checking for IPv6 that is still used
indirectly by the IP takeover code via parse_ip_mask(). This will be
removed eventually.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Oct 5 09:19:31 CEST 2017 on sn-devel-144
Martin Schwenke [Tue, 19 Sep 2017 13:44:31 +0000 (23:44 +1000)]
ctdb-common: Replace parse_ip() -> ctdb_sock_addr_from_string()
... and ctdb_sock_addr_set_port().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 19 Sep 2017 13:38:31 +0000 (23:38 +1000)]
ctdb-tests: Replace parse_ip() -> ctdb_sock_addr_from_string()
... and ctdb_sock_addr_set_port() where required.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 19 Sep 2017 13:28:45 +0000 (23:28 +1000)]
ctdb-tools: Replace parse_ip() -> ctdb_sock_addr_from_string()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 19 Sep 2017 13:19:00 +0000 (23:19 +1000)]
ctdb-common: Remove unused function parse_ip_port()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 19 Sep 2017 13:17:36 +0000 (23:17 +1000)]
ctdb-tools: Replace parse_ip_port() -> ctdb_sock_addr_from_string()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 19 Sep 2017 13:12:15 +0000 (23:12 +1000)]
ctdb-common: Remove unused function ctdb_parse_connections()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 19 Sep 2017 13:10:55 +0000 (23:10 +1000)]
ctdb-tools: Use ctdb_connection_list_read()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Fri, 29 Sep 2017 04:23:24 +0000 (14:23 +1000)]
ctdb-common: Do not queue a packet if queue does not have valid fd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13056
The only time a ctdb_queue is created without valid fd is when CTDB
is trying to establish connections with other nodes in the cluster.
All the other uses always create a ctdb_queue with valid fd.
This avoids queueing up packets for dead nodes or nodes that are not
running in the cluster and stops consuming memory.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 28 Sep 2017 01:47:24 +0000 (11:47 +1000)]
ctdb-tests: Send broadcast to connected nodes, not configured nodes
https://bugzilla.samba.org/show_bug.cgi?id=13056
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 28 Sep 2017 01:47:00 +0000 (11:47 +1000)]
ctdb-daemon: Send broadcast to connected nodes, not configured nodes
https://bugzilla.samba.org/show_bug.cgi?id=13056
Database recovery takes care of attaching missing databases on all the nodes.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Jeremy Allison [Tue, 3 Oct 2017 00:36:51 +0000 (17:36 -0700)]
s3: VFS: Ensure default SMB_VFS_GETWD() call can't return a partially completed struct smb_filename.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13068
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 4 14:05:33 CEST 2017 on sn-devel-144
Jeremy Allison [Tue, 3 Oct 2017 17:58:00 +0000 (10:58 -0700)]
s3: VFS: Protect errno if sys_getwd() fails across free() call.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13069
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 3 Oct 2017 17:37:55 +0000 (10:37 -0700)]
s3: VFS: Ensure sys_getwd() doesn't leak memory on error on really old systems.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13069
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jorge Schrauwen via samba-technical [Tue, 3 Oct 2017 17:55:28 +0000 (19:55 +0200)]
vfs_solarisacl: fix build for samba 4.7 and up
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13049
Signed-off-by: Jorge Schrauwen <sjorge@blackdot.be>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Omri Mor [Mon, 2 Oct 2017 02:39:47 +0000 (21:39 -0500)]
s3/smbd: register Time Machine shares with Avahi
Adds support for automatically registering the required _adisk._tcp
mDNS record based on the setting of "fruit:time machine".
Signed-off-by: Omri Mor <omri50@gmail.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Kevin Anderson [Mon, 24 Oct 2016 00:32:27 +0000 (20:32 -0400)]
docs/vfs_fruit: Add Time Machine support
Add the capability to advertise FULLSYNC volume capabilities
to clients that request them. This is mainly used for supporting
Mac OS Time Machine backups from clients. The capability does
not perform any additional action.
Signed-off-by: Kevin Anderson <andersonkw2@gmail.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Kevin Anderson [Mon, 14 Nov 2016 18:14:44 +0000 (19:14 +0100)]
vfs_fruit: Add Time Machine support
Add a configuration option to disable/enable Time Machine support via
the FULLSYNC AAPL flag.
Signed-off-by: Kevin Anderson <andersonkw2@gmail.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 30 Sep 2017 06:45:41 +0000 (08:45 +0200)]
net: groupmap cleanup should not delete BUILTIN mappings
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13065
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct 2 15:17:00 CEST 2017 on sn-devel-144
Ralph Boehme [Fri, 29 Sep 2017 11:07:53 +0000 (13:07 +0200)]
lib/util/run_cmd: use a cleanup function instead of a destructor
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Sep 30 12:14:57 CEST 2017 on sn-devel-144
Ralph Boehme [Fri, 29 Sep 2017 11:07:26 +0000 (13:07 +0200)]
lib/util/run_cmd: remove a printf
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Fri, 29 Sep 2017 11:06:08 +0000 (13:06 +0200)]
lib/util/run_cmd: ensure fd_stdin gets set to -1 in the destructor
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Fri, 29 Sep 2017 10:45:24 +0000 (12:45 +0200)]
lib/util/run_cmd: prevent zombies in samba_runcmd_send on timeout
Ensure the state desctructor calls tfork_destroy to reap the waiter and
worker processes. Otherwise we leave the waiter process as a zombie
behind us as we never call waitpid on it in case of a timeout
or talloc_free() from the caller.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 30 Aug 2017 11:53:02 +0000 (13:53 +0200)]
lib: Fix a signed/unsigned hickup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 6 Aug 2017 13:51:49 +0000 (15:51 +0200)]
lib: Remove talloc_dict
Looked like a good idea at its time, but its only user did not need
it anyway
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 6 Aug 2017 13:49:01 +0000 (15:49 +0200)]
winbind: Remove the use of "talloc_dict"
As members we only collect names, indexed by sids. This is served
well by just a simple dbwrap_rbt.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Pooja Mahadik [Sun, 27 Aug 2017 11:54:32 +0000 (17:24 +0530)]
Changes in samba vxfs plugin.
Implemented two VFS operations(set/fset dos attribute) for vxfs plugin.
Trapping set/clear of read-only attribute.
Signed-off-by: Pooja Mahadik <pooja.mahadik@veritas.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 30 06:42:10 CEST 2017 on sn-devel-144
Marc Muehlfeld [Fri, 29 Sep 2017 16:34:25 +0000 (18:34 +0200)]
vfs_snapper man page: Fixed typo
This commit corrects a small typo in vfs_snapper manpage.
Signed-off-by: Yvan Masson <yvan@masson-informatique.fr>
Reviewed-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Autobuild-User(master): Marc Muehlfeld <mmuehlfeld@samba.org>
Autobuild-Date(master): Sat Sep 30 02:41:46 CEST 2017 on sn-devel-144
Noel Power [Thu, 28 Sep 2017 11:28:46 +0000 (12:28 +0100)]
docs: Improve wording around 'winbind expand groups' param
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jim McDonough <jmcd@samba.org>
Autobuild-User(master): Jim McDonough <jmcd@samba.org>
Autobuild-Date(master): Fri Sep 29 22:37:08 CEST 2017 on sn-devel-144
Ralph Wuerthner [Tue, 26 Sep 2017 13:57:53 +0000 (15:57 +0200)]
s3:winbind: unmapped Unix users must be resolved locally
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Sep 29 18:33:21 CEST 2017 on sn-devel-144
Ralph Wuerthner [Tue, 26 Sep 2017 13:56:56 +0000 (15:56 +0200)]
s3:winbind: unmapped Unix groups in getgrgid must be resolved locally
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Amitay Isaacs [Thu, 28 Sep 2017 01:44:50 +0000 (11:44 +1000)]
notifyd: Broadcast to all connected nodes
CTDB_BROADCAST_VNNMAP includes only the nodes with lmaster roles.
CTDB_BROADCAST_CONNECTED includes all the running nodes.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Sep 29 08:38:10 CEST 2017 on sn-devel-144
Gary Lockyer [Mon, 21 Aug 2017 19:58:14 +0000 (07:58 +1200)]
source4 smbd: remove global control pipe from process_standard.
The standard model uses a pipe to signal the worker processes spawned on
accept that the controlling process has terminated and that they should
shut down. This pipe is currently a static global variable in
process_standard.c.
This patch replaces that global pipe with a file descriptor passed into
the process model init functions, giving a single mechanism across all process
models. This paves the way for the addition of a pre-fork process model.
Ensuring that the correct file descriptors are closed, is difficult so
it is best do this only once rather than require the process models to
do this individually.
Notes on debugging pipe ownership:
Add code to log the process id and the file descriptor of the writeable
pipe.
run:
lsof | grep FIFO | grep samba | grep <process id>
this will produce lines like:
samba 25624 him 4w FIFO 0,10 0t0 472206 pipe
where: 4w is the file descriptor and mode and the number to the left
of "pipe" is the pipe id.
then:
lsof | grep FIFO | grep samba | grep <pipe id>
This will display all the processes with the pipe open and the mode
only the smbd master process should have it open in write mode.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Sep 28 02:08:34 CEST 2017 on sn-devel-144
Christof Schmitt [Thu, 8 Sep 2016 21:03:02 +0000 (14:03 -0700)]
lib/util: Fix build for lttng libraries that does not support tracef
On a system that has older lttng-ust development headers installed that
do not yet provide the tracef api, configure fails with:
Checking for library lttng-ust : yes
ERROR: Target 'lttng-ust' in directory /samba/lib/util re-defined as EMPTY - was SYSLIB
Fix the initialization order in waf, to not redefine the lttng-ust
target
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Justin Maggard via samba-technical [Thu, 7 Sep 2017 18:04:55 +0000 (11:04 -0700)]
smb.conf: Update multi-channel warning text
Since Samba 4.4.x is going EOL soon, update the server multi channel
support warning text to reflect the fact that it's still experimental in
4.7, and it won't be getting fixed in a future 4.4.x version.
Signed-off-by: Justin Maggard <jmaggard@netgear.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Yvan Masson [Tue, 26 Sep 2017 13:37:38 +0000 (15:37 +0200)]
docs/ntvfshandler: remove duplicate value
The "posix" value of option "ntvfs handler" was written two times. This commit
deletes the first occurrence so that the default value is the first seen by
reader.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13053
Signed-off-by: Yvan Masson <yvan@masson-informatique.fr>
Reviewed-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Sep 27 18:44:45 CEST 2017 on sn-devel-144
Volker Lendecke [Tue, 29 Aug 2017 11:31:07 +0000 (13:31 +0200)]
lib: Use CTDB_CONTROL_CHECK_PID_SRVID
Also check the unique ID for remote server ids, just like we do for
local server ids
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13042
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Sep 26 13:47:31 CEST 2017 on sn-devel-144
Volker Lendecke [Tue, 29 Aug 2017 11:26:20 +0000 (13:26 +0200)]
lib: Add "unique_id" to ctdbd_process_exists
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13042
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Thu, 21 Sep 2017 18:51:09 +0000 (11:51 -0700)]
ctdb: Centralize ctdb_version_string
Whenever the current git hash changes, we recompile ctdb.c and
ctdb_daemon.c. As both have quite a few warnings with -Wall, this
makes it quite difficult to see the real warnings that pop up during
development. Centralize the ctdb_version_string to just a single file
without warnings.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Tue, 29 Aug 2017 08:38:14 +0000 (10:38 +0200)]
ctdbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Tim Beale [Thu, 14 Sep 2017 04:34:59 +0000 (16:34 +1200)]
replmd: RMD_VERSION incorrectly incremented for link conflicts
This problem was noticed when 2 DCs added the same linked attribute at
roughly the same time. One DC would have a later timestamp than the
other, so it would re-apply the same link information. However, when it
did this, replmd_update_la_val() would incorrectly increment the
RMD_VERSION for the attribute. We then end up with one DC having a
higher RMD_VERSION than the others (and it doesn't replicate the new
RMD_VERSION out).
During replication RMD_VERSION is used to determine whether a linked
attribute is old (and should be ignored), or whether the information is
new and should be applied to the DB. This RMD_VERSION discrepancy could
potentially cause a subsequent linked attribute update to be ignored.
Normally when a local DB operation is performed, we just pass in a
version of zero and get replmd_update_la_val() to increment what's
already in the DB. However, we *never* want this to happen during
replication - we should always use the version we receive from the peer
DC.
This patch fixes the problem by separating the API into two:
- replmd_update_la_val(): we're updating a linked attribute in the DB,
and so as part of this operation we always want to increment the
version number (the version no longer need to be passed in because
we can work it out from the existing DB entry).
- replmd_set_la_val(): we want to set a linked attribute to use the
exact values we're telling it, including the version. This is what
replication needs to use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13038
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 26 09:36:48 CEST 2017 on sn-devel-144
Tim Beale [Wed, 20 Sep 2017 05:29:46 +0000 (17:29 +1200)]
selftest: Add test for a re-animated object conflict
Added a test to simulate a user accidentally being deleted and 2
different admins trying to resolve the problem simultaneously - one by
re-animating the object and one by just creating a new object with
the same name.
Currently this test fails on Samba because it chooses the higher
version
number as the winner instead of the latest change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13039
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Tim Beale [Tue, 26 Sep 2017 00:11:47 +0000 (13:11 +1300)]
selftest: Windows resolves object conflicts differently to Samba
While testing link conflicts I noticed that Windows resolves conflicts
differently to Samba. Samba considers the version number first when
resolving the conflict, whereas Windows always takes the latest change.
The existing object conflict test cases didn't detect this problem
because they were both modifying the object the same number of times (so
they had the same version number).
I've added new tests that highlight the problem. They are basically the
same as the existing rename tests, except that only one DC does the
rename. Samba will always pick the renamed object as the winner, whereas
Windows picks the most recent change.
I've marked this test as a known fail for now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13039
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Tim Beale [Mon, 18 Sep 2017 00:39:21 +0000 (12:39 +1200)]
selftest: replica_sync did not fully cleanup if test failed
Normally the replica_sync tests do the cleanup at the end of the test
case, rather than in the tearDown(). However, if the tests don't run to
completion (because they fail), then the objects may not get cleaned up
properly, which causes the tests to fail on the 2nd test-env.
The problem is the object deletion only occurs on DC2 and it relies on
replication to propagate the deletion to DC1. Presumably this
propagation could be missed because the tests are repeatedly turning off
inbound replication on both DCs.
This patch changes the tearDown() so it tries to delete the objects off
both DCs, which appears to fix the problem.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>