Amitay Isaacs [Mon, 20 Nov 2017 04:37:39 +0000 (15:37 +1100)]
ctdb-takeover: Send tcp tickles immediately on STARTUP control
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 20 Nov 2017 04:17:15 +0000 (15:17 +1100)]
ctdb-takeover: Refactor code to send tickle lists for all public IPs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Andrew Bartlett [Wed, 29 Nov 2017 20:38:13 +0000 (09:38 +1300)]
selftest: mark samba3.smb2.kernel-oplocks as flapping
This flaps on sn-devel occaionally, and more often elsewhere
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 30 09:47:22 CET 2017 on sn-devel-144
Andrew Bartlett [Wed, 29 Nov 2017 20:35:20 +0000 (09:35 +1300)]
torture: Use torture_assert{,_int_equal}_goto() in smb2.kernel-oplocks
This allows this test to be added as flapping.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Jeremy Allison [Wed, 29 Nov 2017 17:21:30 +0000 (09:21 -0800)]
s3: libsmb: Fix valgrind read-after-free error in cli_smb2_close_fnum_recv().
cli_smb2_close_fnum_recv() uses tevent_req_simple_recv_ntstatus(req), which
frees req, then uses the state pointer which was owned by req.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13171
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 30 05:47:12 CET 2017 on sn-devel-144
Noel Power [Wed, 29 Nov 2017 12:52:32 +0000 (13:52 +0100)]
testprogs: Fix a typo in the net ads test
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov 30 01:47:24 CET 2017 on sn-devel-144
Noel Power [Fri, 24 Nov 2017 07:06:27 +0000 (07:06 +0000)]
testprogs: Test net ads keytab list
Test that correct keytab is picked up.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13166
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Noel Power [Thu, 23 Nov 2017 15:55:21 +0000 (15:55 +0000)]
s3:libads: net ads keytab list fails with "Key table name malformed"
When keytab_name is NULL don't call smb_krb5_kt_open use ads_keytab_open
instead, this function will determine the correct keytab to use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13166
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 8 Aug 2017 12:24:27 +0000 (14:24 +0200)]
winbindd: Name<->SID cache is not sequence number based anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 29 20:57:25 CET 2017 on sn-devel-144
Volker Lendecke [Sun, 6 Aug 2017 16:13:10 +0000 (18:13 +0200)]
winbindd: Move name<->sid cache to gencache
The mapping from name to sid and vice versa has nothing to
do with a specific domain. It is publically available. Thus put
it into gencache without referring to the domain this was
retrieved from
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 6 Aug 2017 16:11:02 +0000 (18:11 +0200)]
winbindd: Factor out winbindd_domain_init_backend from get_cache()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 3 Aug 2017 14:26:25 +0000 (16:26 +0200)]
torture3: Test namemap_cache
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 3 Aug 2017 14:26:04 +0000 (16:26 +0200)]
net: Parse namemap_cache in "net cache list"
namemap_cache.c saves these as strv lists: An array of 0-terminated strings.
"net cache list" only printfs the values, so they would be cut off.
We might want to do this with other gencache values too in the future.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 2 Aug 2017 16:11:49 +0000 (18:11 +0200)]
lib: Add namemap_cache
A few functions to maintain lookupname and lookupsid cache in gencache.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 2 Aug 2017 15:52:40 +0000 (17:52 +0200)]
lib: Pass blob instead of &blob to gencache_set_data_blob
Passing a whole DATA_BLOB is cheap enough to simplify the callers: A caller
does not have to create a separate variable.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 2 Aug 2017 15:34:25 +0000 (17:34 +0200)]
lib: Allow parsing a strv from a non-talloc const buf
This will allow parsing a tdb record without having to talloc_memdup it
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 2 Aug 2017 15:32:50 +0000 (17:32 +0200)]
lib: Only call strlen if necessary in strv
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 2 Aug 2017 15:22:34 +0000 (17:22 +0200)]
lib: Pass in "strv_len" to strv_valid_entry
Preparation for a later commit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sat, 1 Jul 2017 06:27:57 +0000 (08:27 +0200)]
dbwrap_watch: Remove the "prec" parameter from watch_recv
The initial idea was to have some "atomicity" in this API. Every
caller interested in a record would have to do something with
it once it changes. However, only one caller really used this
feature, and that is easily changed to not use it. So
remove the complexity.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sat, 1 Jul 2017 06:20:23 +0000 (08:20 +0200)]
smbd: Avoid using dbwrap_watched_watch_recv's prec argument
This is the only user of the "prec" argument of
dbwrap_watched_watch_recv. The next patch will remove this
functionality, as it's easily replaced here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Mon, 27 Nov 2017 11:42:44 +0000 (12:42 +0100)]
winbindd: let normalize_name_map() call find_domain_from_name_noinit()
Let normalize_name_map fetch the domain itself with
find_domain_from_name_noinit().
This removes two calls to find_domain_from_name_noinit() in the default
configuration of "winbind normalize names = no". The domain is only need
in normalize_name_map if "winbind normalize names" is enabled.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sun, 26 Nov 2017 18:04:19 +0000 (19:04 +0100)]
s3/cli_netlogon: remove SEC_CHAN_NULL fallback from rpccli_connect_netlogon()
The caller should handle secure-channel-type SEC_CHAN_NULL. The previous
commit already added handling of SEC_CHAN_NULL to
cm_connect_netlogon_transport.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13167
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 27 Nov 2017 14:28:38 +0000 (15:28 +0100)]
winbindd: restore SEC_CHAN_NULL fallback in cm_connect_netlogon_transport
This partially reverts commit
d7e31d9f4d9ce7395e458ac341dd83ac06255a20
"winbindd: Use rpccli_connect_netlogon" and restores handling of SEC_CHAN_NULL.
Without this we fail to enumerate domains in trusted forests so users
from any child-domain (or tree-root) in the trusted forest can't login
via eg SMB.
This is a temporary hack that will go away once we get rid of the trusted domain
list.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13167
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Timur I. Bakeyev [Wed, 29 Nov 2017 05:40:10 +0000 (06:40 +0100)]
Replace tabs with spaces to comply with PEP8, reorder list of manpages in the alphanumeric sort order.
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Wed Nov 29 16:58:32 CET 2017 on sn-devel-144
Timur I. Bakeyev [Wed, 29 Nov 2017 05:35:37 +0000 (06:35 +0100)]
Add vfs_zfsacl manpage to the list of manpages if we have this module enabled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12934
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Timur I. Bakeyev [Wed, 29 Nov 2017 04:48:52 +0000 (05:48 +0100)]
Fix typo in the "wide links" description for the getwd cache.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12934
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 13:14:14 +0000 (13:14 +0000)]
pam_winbind: avoid non-literal-format warning
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 29 12:50:49 CET 2017 on sn-devel-144
Ralph Boehme [Wed, 15 Nov 2017 15:52:48 +0000 (16:52 +0100)]
vfs_fruit: proper VFS-stackable conversion of FinderInfo
This fixes the problem that conversion failed with
fruit:metadata=stream. Before we were calling ad_set() which stores the
metadata in the Netatalk compatible format.
Rewrite to fully go through the VFS by calling SMB_VFS_CREATE_FILE() and
SMB_VFS_PWRITE().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 29 08:38:06 CET 2017 on sn-devel-144
Ralph Boehme [Wed, 15 Nov 2017 15:52:16 +0000 (16:52 +0100)]
vfs_fruit: add AfpInfo prototypes
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 17 Nov 2017 11:57:14 +0000 (12:57 +0100)]
s4/torture: fruit: in test_adouble_conversion() also check stream list and AFPINFO_STREAM
This reveals that the conversion doesn't work properly with
fruit:metadata=stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 17 Nov 2017 11:53:42 +0000 (12:53 +0100)]
s4/torture: fruit: remove use of localdir from test_adouble_conversion test
The previous use of localdir and torture_setup_local_file() was
motivated by the fact that by default vfs_fruit rejects access to files
with a "._" prefix.
Since a previous commit allowed SMB access to ._ files, rewrite the
test_adouble_conversion() test to create the ._ AppleDouble file over
SMB.
This also renders torture_setup_local_file() obsolete.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 17 Nov 2017 12:52:25 +0000 (13:52 +0100)]
selftest: add "fruit:veto_appledouble = no" to fruit shares
This is needed for a subsequent commit that modifies an existing test to
write a ._ file over SMB instead of using the ugly local creation hack.
SMB acces of ._ files requires "fruit:veto_appledouble = no", so let's
set it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 17 Nov 2017 07:13:10 +0000 (08:13 +0100)]
s4/torture: let write_stream() deal with stream=NULL
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 15 Nov 2017 17:39:53 +0000 (18:39 +0100)]
selftest: run AppleDouble sidecar-file conversion test runs against all fruit shares
This needs for work in all possible fruit configs, so test it.
This currently fails with stream_depot, as we don't propely copy over
the resourcefork data from the ._ file to the stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 17 Nov 2017 11:41:49 +0000 (12:41 +0100)]
s4/torture: use torture_assert_goto in a vfs.fruit test
No change in behavior.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 16 Nov 2017 06:58:34 +0000 (07:58 +0100)]
s4/torture: rework stream names tests usage of local xattr call
Previously this test, that tests for correct conversion of ':' in stream
names, only worked with streams_xattr with "fruit:metadata" set to
"netatalk".
In order to have test coverage for fruit shares with other configs,
split the test into two:
one test creates the stream over SMB and run against all shares, the
other one is the unmodified existing test and is only run against the
share with streams_xattr and fruit:metadata=netatalk.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 15 Nov 2017 17:38:41 +0000 (18:38 +0100)]
selftest: add localdir option to fruit subtests
A subsequent commits modifies an existing tests that needs $localdir to
also run against "vfs_fruit_metadata_stream" and
"vfs_fruit_stream_depot". This reveals test failures, those will be
fixed in a subsequent commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 15 Nov 2017 17:36:54 +0000 (18:36 +0100)]
selftest: reorder arguments for fruit tests
This just puts the auth option first matching the first test with the
"vfs_fruit" share directly above the modified lines.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 10 Nov 2017 08:32:27 +0000 (09:32 +0100)]
systemd: Start processes in forground and without a process group
We should not double fork in notify mode or systemd think something
during startup will be wrong and send SIGTERM to the process. So
sometimes the daemon will not start up correctly.
systemd will also handle the process group.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13129
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 28 15:31:27 CET 2017 on sn-devel-144
Andreas Schneider [Fri, 10 Nov 2017 08:18:18 +0000 (09:18 +0100)]
s4:samba: Allow samba daemon to run in foreground
We are passing the no_process_group to become_daemon() that setsid() is
not called. In case we are double forking, we run in SysV daemon mode,
setsid() should be called!
See:
https://www.freedesktop.org/software/systemd/man/daemon.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13129
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 15 Nov 2017 09:00:52 +0000 (10:00 +0100)]
s4:samba: Do not segfault if we run into issues
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Tue, 21 Nov 2017 13:34:28 +0000 (14:34 +0100)]
s3/loadparm: don't mark IPC$ as autoloaded
A related problem that affects configuration for the hidden IPC$
share. This share is marked a "autoloaded" and such shares are not
reloaded when requested. That resulted in the tcon to IPC$ still using
encrpytion after running the following sequence of changes:
1. stop Samba
2. set [global] smb encrypt = required
3. start Samba
4. remove [global] smb encrypt = required
5. smbcontrol smbd reload-config
6a bin/smbclient -U slow%x //localhost/raw -c quit, or
6b bin/smbclient -U slow%x -mNT1 //localhost/raw -c ls
In 6a the client simply encrypted packets on the IPC$ tcon. In 6b the
client got a tcon failure with NT_STATUS_ACCESS_DENIED, but silently
ignore the error.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 28 02:02:37 CET 2017 on sn-devel-144
Ralph Boehme [Tue, 21 Nov 2017 13:28:48 +0000 (14:28 +0100)]
s3/loadparm: ensure default service options are not changed
Rename sDefault to _sDefault and make it const. sDefault is make a copy
of _sDefault in in the initialisation function lp_load_ex().
As we may end up in setup_lp_context() without going through
lp_load_ex(), sDefault may still be uninitialized at that point, so I'm
initializing lp_ctx->sDefault from _sDefault.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 22 Nov 2017 10:49:57 +0000 (11:49 +0100)]
s3/loadparm: allocate a fresh sDefault object per lp_ctx
This is in preperation of preventing direct access to sDefault in all
places that currently modify it.
As currently s3/loadparm is afaict not accessing lp_ctx->sDefault, but
changes sDefault indirectly through lp_parm_ptr() this change is just a
safety measure to prevent future breakage.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 4 Jul 2017 10:22:00 +0000 (12:22 +0200)]
smbstatus: correctly denote not fully authenticated sessions
Currently for sessions where authentication is still in progress we
print uid and gid as -1.
With this change we nicely list them like this:
PID Username Group Machine Protocol Version ....
6604 (auth in progress) 127.0.0.1 (ipv4:127.0.0.1:47930) SMB3_11 ....
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 22 Nov 2017 09:43:19 +0000 (10:43 +0100)]
s3/smbstatus: add a NULL check
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 24 Nov 2017 16:00:05 +0000 (17:00 +0100)]
lib: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Nov 27 04:51:59 CET 2017 on sn-devel-144
Andreas Schneider [Fri, 24 Nov 2017 12:13:55 +0000 (13:13 +0100)]
python:tests: Create a test user for the dsdb test
We should never taint the Administrator account as we don't shut down
target envionments!
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Sat Nov 25 14:13:24 CET 2017 on sn-devel-144
Andreas Schneider [Fri, 24 Nov 2017 12:34:25 +0000 (13:34 +0100)]
build: Move pam_wrapper to third_party
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Tue, 7 Nov 2017 11:02:19 +0000 (12:02 +0100)]
build: Move uid_wrapper to third_party
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Tue, 7 Nov 2017 10:55:04 +0000 (11:55 +0100)]
build: Move resolv_wrapper to third_party
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Tue, 7 Nov 2017 10:40:11 +0000 (11:40 +0100)]
build: Move nss_wrapper to third_party
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Tue, 7 Nov 2017 09:51:11 +0000 (10:51 +0100)]
build: Move socket_wrapper to third_party
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andrew Bartlett [Tue, 31 Oct 2017 19:22:22 +0000 (08:22 +1300)]
repl_meta_data: Allow delete of an object with dangling backlinks
This should not happen, but stopping all replication because of it is a pain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 24 19:53:50 CET 2017 on sn-devel-144
Andrej Gessel [Thu, 19 Oct 2017 15:16:37 +0000 (17:16 +0200)]
repl_meta_data: Fix removing of backlink on deleted objects
USER is memberOf GROUP and they both were deleted on W2K8R2 AD. Domain join ends
with error below.
Failed to apply records: ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:421
8: Failed to remove backlink of memberOf when deleting CN=USER\0ADEL:
a1f2a2cc-1
179-4734-b753-
c121ed02a34c,CN=Deleted Objects,DC=samdom,DC=intern: dsdb_module_
search_dn: did not find base dn CN=GROUP\0ADEL:
030d0be1-3ada-4b93-8371-
927f2092
3116,CN=Deleted Objects,DC=samdom,DC=intern (0 results): Operations error
Failed to commit objects: WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13120
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 31 Oct 2017 20:02:01 +0000 (09:02 +1300)]
selftest: Add more corruption cases for runtime and dbcheck
These tests now confirm we can handle these issues at runtime
as well as at dbcheck
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 26 Oct 2017 12:42:23 +0000 (14:42 +0200)]
selftest: add dbcheck tests for duplicate links
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 27 Oct 2017 08:21:26 +0000 (10:21 +0200)]
dbcheck: detect and fix duplicate links
Check with git show -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 27 Oct 2017 08:21:26 +0000 (10:21 +0200)]
dbcheck: only calculate linked attribute helper variables once in check_dn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 26 Oct 2017 14:30:28 +0000 (16:30 +0200)]
dbcheck: remove indentation level
Check with git show -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 26 Oct 2017 05:47:48 +0000 (07:47 +0200)]
dsdb:extended_dn_store: implement DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS control
This will be used by dbcheck to fix duplicate link values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 25 Oct 2017 14:48:44 +0000 (16:48 +0200)]
dsdb:repl_meta_data: implement DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS control
This will be used by dbcheck to fix duplicate link values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 25 Oct 2017 14:47:36 +0000 (16:47 +0200)]
s4:dsdb: allocate DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS oid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 25 Oct 2017 14:26:16 +0000 (16:26 +0200)]
s4:schema_samba4: mark DSDB_CONTROL_INVALID_NOT_IMPLEMENTED 1.3.6.1.4.1.7165.4.3.32 as allocated
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 30 Oct 2017 22:20:34 +0000 (11:20 +1300)]
selftest: Additional check for a backlink pointing at a deleted object
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 30 Oct 2017 19:23:39 +0000 (08:23 +1300)]
selftest: Split out creation of complex (often invalid) links
This will allow us to test other run-time behaviour with broken
databases.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 30 Oct 2017 19:21:15 +0000 (08:21 +1300)]
selftest: Split out dbcheck runs from dangling_multi_valued test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 30 Oct 2017 02:29:36 +0000 (15:29 +1300)]
selftest: add more dbcheck tests
This validates some more combinations and ensures that the changes
in
962a1b32201fce0a49c6be55943d4fbb57ed781e are tested.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 29 Oct 2017 21:51:35 +0000 (10:51 +1300)]
dbcheck: Use the GUID as the DN to fix replPropertyMetaData
This allows this to still work after an object is renamed under the deleted objects container.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 29 Oct 2017 20:48:43 +0000 (09:48 +1300)]
dbcheck: Clarify error count bumping in deleted/gone DN handling
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Amitay Isaacs [Wed, 8 Nov 2017 09:09:59 +0000 (20:09 +1100)]
ctdb-eventd: Simplify eventd code
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Nov 24 15:49:46 CET 2017 on sn-devel-144
Amitay Isaacs [Wed, 8 Nov 2017 08:31:05 +0000 (19:31 +1100)]
ctdb-common: Add special monitor handling to run_event abstraction
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 22 Nov 2017 00:08:14 +0000 (11:08 +1100)]
ctdb-tests: Make sure child processes are waited on after termination
Looks like the if a process holding fcntl lock (on pid file) is killed,
then the lock is not released till the process is reaped using either
wait() or waitpid().
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Uri Simchoni [Sun, 19 Nov 2017 20:22:33 +0000 (20:22 +0000)]
lib/replace: apply readline -Wstrict-prototypes workaround
clang -Wstrict-prototypes has issues with readline > 6.3.
Fix suggested by Timur I. Bakeyev <timur@freebsd.org>
cf. https://lists.gnu.org/archive/html/bug-readline/2014-04/msg00018.html
cf. https://lists.samba.org/archive/samba-technical/2017-November/123923.html
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov 24 05:16:10 CET 2017 on sn-devel-144
Uri Simchoni [Thu, 23 Nov 2017 20:20:52 +0000 (22:20 +0200)]
lib/smbreadline: detect picky compile issue with readline.h
readline.h has build issues with clang if -Wstrict-prototypes
is enabled. Detect this and also detect whether the known
workaround works.
Fix suggested by Timur I. Bakeyev <timur@freebsd.org>
cf. https://lists.gnu.org/archive/html/bug-readline/2014-04/msg00018.html
cf. https://lists.samba.org/archive/samba-technical/2017-November/123923.html
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Wed, 22 Nov 2017 20:48:23 +0000 (20:48 +0000)]
pam_wrapper: Use a constant string format specifier in test
This fixes a warning about non-constant format specifier.
clang 4.0.0 warns against non-constant format specifier since
it cannot validate the format against the parameters.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(ported from pam_wrapper
9265da3857e9cfa7a00d1ab35aae1e0b0286efad)
Uri Simchoni [Sun, 19 Nov 2017 13:08:30 +0000 (13:08 +0000)]
pam_wrapper: use uintptr_t as base for const-discarding
Seems like HAVE_INTPTR_T is not available on FreeBSD. Use
the uintptr_t-base const discarding to avoid picky compiler
warnings (other places in Samba also use uintptr_t).
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(ported from pam_wrapper
c611121eec7b5f2c39cab7b1c0295eddefdddb1d)
Uri Simchoni [Sun, 19 Nov 2017 18:44:06 +0000 (18:44 +0000)]
vfs_full_audit: make do_log() printf-aware
Add PRINTF_ATTRIBUTE() to do_log(). This removes
picky compiler warning about printf with variable
format string, and adds compiler checks for the format
strings supplied to do_log. This in turn spurred some
warnings which are fixed.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 17:54:32 +0000 (17:54 +0000)]
s4-torture: fix type of enum in various places
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 17:11:28 +0000 (17:11 +0000)]
s4-torture: fix truncation warnings
Fix various places where there is potential truncation
while doing time / size calculations.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Mon, 20 Nov 2017 19:18:01 +0000 (21:18 +0200)]
winbind_nss_freebsd: fix const discard warning
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 13:15:12 +0000 (13:15 +0000)]
pam_winbind: fix const discard warnings
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 23 Nov 2017 16:10:42 +0000 (17:10 +0100)]
s3:torture: Fix building with -O3 and gcc 7
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 21 Nov 2017 23:46:31 +0000 (12:46 +1300)]
schema_set: Add comment about set schema from ldif in a transaction
This is normally called with a transaction or before access is shared.
The python code and some tests may also cause an issue, but as these are
fixed at runtime, this is only a temporary issue that resolves itself.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Tue, 21 Nov 2017 23:34:01 +0000 (12:34 +1300)]
schema: Make writing indices flag an enum for a new state
In schema_load_init, we find that the writing of indices is not locked
in any way. This leads to race conditions. To resolve this, we need to
have a new state (SCHEMA_COMPARE) which can report to the caller that we
need to open a transaction to write the indices.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 22 Nov 2017 15:53:52 +0000 (16:53 +0100)]
python:tests: Use bin/tdbdump only if built
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Mon, 20 Nov 2017 20:53:12 +0000 (20:53 +0000)]
build: ensure compiler flags are properly detected
While checking for compiler flag availability, treat warnings
as errors. Thus if the compiler only warns about unsupported flag,
it will fail the test and the flag shall be marked as unsupported.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 22 14:19:20 CET 2017 on sn-devel-144
Uri Simchoni [Tue, 21 Nov 2017 18:55:16 +0000 (20:55 +0200)]
build: specify -Wformat as a prerequisite of -Wformat-security
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Tue, 21 Nov 2017 18:53:30 +0000 (20:53 +0200)]
build: allow specifying prerequisite flags when checking flags
In gcc, "-Wformat-security" is ignored unless "-Wformat" is also
specified. This patch allow adding a "prerequisite flag" to a flag
we're testing during configuration.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 13:04:58 +0000 (13:04 +0000)]
pam_wrapper: #ifdef-out unused functions
When pam_vsyslog is not available, avoid building functions
that are being used to wrap it, in order to avoid picky
compiler warnings.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Mon, 20 Nov 2017 08:17:16 +0000 (10:17 +0200)]
build: disable format-zero-length warning
format-zero-length warns against printf-style calls with
zero-length format string. vfs_full_audit module has such
calls, and up until now there was no warning against it because
the do_log in vfs_full_audit is not recognized as printf-style
function. In a following commit the do_log will be converted to
a printf-style function, hence the need to disable this warning.
(an alternative would be to disable only for vfs_full_audit, but that
would complicate things needlessly).
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 18:38:28 +0000 (18:38 +0000)]
s3-torture: fix an always-true comparison
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 18:37:49 +0000 (18:37 +0000)]
s3-torture: fix some truncation warnings
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 18:34:58 +0000 (18:34 +0000)]
smbspool_krb5_wrapper: fix some error messages
Make cups_smb_debug declaration printf-aware to
avoid picky warning about printf with variable
format string. This in turn revealed some formatting
errors.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 17:57:29 +0000 (17:57 +0000)]
s3-rpc-server: fix type of enum in lsa server
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 16:51:30 +0000 (16:51 +0000)]
s2-rpc-server: fix enum type in assignment
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 17:56:50 +0000 (17:56 +0000)]
s4-lib-policy: fix type of enum
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 17:55:14 +0000 (17:55 +0000)]
s4-torture: get rid of extra parentheses
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 17:13:26 +0000 (17:13 +0000)]
s4-torture: fix file time checks
NTTIME is an unsigned quantity. When comparing two
of them, first calculate a signed difference, then
take absolute value.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Sun, 19 Nov 2017 16:49:46 +0000 (16:49 +0000)]
dns server: fix warning about enum mismatch
Fix picky developer clang warning about assignment
of an enum value to a variable of a different enum type.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>