1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-31 17:18:04 +03:00
Commit Graph

104443 Commits

Author SHA1 Message Date
Amitay Isaacs
23b4fb681a s3-libnet: Add missing format element
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12163

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 18 23:49:42 CEST 2016 on sn-devel-144
2016-08-18 23:49:42 +02:00
Amitay Isaacs
a37048f8d4 s3-lib: Pass missing argument for format string
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12163

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2016-08-18 19:51:10 +02:00
Uri Simchoni
a6073e6130 smbd: allow reading files based on FILE_EXECUTE access right
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug 18 18:58:22 CEST 2016 on sn-devel-144
2016-08-18 18:58:22 +02:00
Martin Schwenke
626dcc9e49 ctdb-ipalloc: Fix cumulative takeover timeout
Commit c40fc62642 runs the IP allocation
algorithm after calculating the timeout offset.  If the algorithm
takes a long time then there may be no attempt to release or take over
IPs.

Instead, reset the timeout just before the RELEASE_IP stage if an
early jump to IPREALLOCATED was not taken.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12161

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Aug 18 12:36:37 CEST 2016 on sn-devel-144
2016-08-18 12:36:37 +02:00
Jeremy Allison
b21308252e s3: vfs: snapper: Fix snapper_gmt_strip_snapshot() function to strip @GMT token identically to shadow_copy2.c:shadow_copy2_strip_snapshot()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug 18 06:43:02 CEST 2016 on sn-devel-144
2016-08-18 06:43:02 +02:00
Jeremy Allison
3e3b9be948 s3: vfs: snapper: Add and use len_before_gmt, calculated as (p-name).
Make the code closer to the same functionality in shadow_copy2.c:shadow_copy2_strip_snapshot().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-18 02:51:15 +02:00
Jeremy Allison
abf18f42dc s3: vfs: shadow_copy2: Replace all uses of (p-name) with len_before_gmt.
p and name don't change, and we've already calculated this length.
Part of the effort to make the code inside vfs_snapper.c that does
the same thing more similar (we can't make these functions identical
due to the 'snapdir' use case).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-18 02:51:15 +02:00
Martin Schwenke
2fd20cfd85 ctdb-tests: Validate that TAKE_IP works with IP already on an interface
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Aug 18 02:50:16 CEST 2016 on sn-devel-144
2016-08-18 02:50:15 +02:00
Martin Schwenke
59b6f8f139 ctdb-tests: Validate that unexpected IP on interface is properly released
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
abe5445c24 ctdb-recoverd: Don't directly release rogue IP addresses
This is inconsistent with the rest of the local IP verification.  It
should notice problems but not try to fix them directly.  Like other
cases, it should use an IP takeover run to try to fix the problem.  In
this case the address might have just been added and an out-of-band
RELEASE_IP might cause conflicts (i.e. "another change is in flight")
with a scheduled IP takeover run.

This effectively reverts commit
694c1b269e.  Not sure why this was
needed after c7e648c2d1.  More recently
commit 6471541d6d moves responsibility
for determining interface/netmask to 10.interface so this should
continue to work just fine.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
12f9e332e9 ctdb-daemon: Fix takeover of incorrectly assigned public IP address
Cause an "updateip" instead of just logging a message.

This may reset existing connections.  However, CTDB doesn't think the
address should already be hosted on the node so there should be no
connections.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
2210337ce8 ctdb-daemon: Avoid referencing NULL pointer due to unknown old interface
This doesn't currently happen but it will in a subsequent commit.
That commit and this one could be squashed but then the functional
change gets lost in amongst this one.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
81cba9054e Revert "When adding an ip at runtime, it might not yet have an iface assigned to it, so ensure that the next takover_ip call will fall through to accept the ip and add it."
This reverts commit 4136f27145.

If the IP address is on an interface then it won't help to pretend
that it isn't.  This will simply cause a takeip event, which will fail
because the address can't be added.  Note that the IP address isn't
necessarily new - something unexpected may have happened.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
162857eff1 ctdb-scripts: Add early exit for redundant updateip
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
a10545ab6b ctdb-daemon: Drop special case handling for new IP already on interface
The address may already be assigned to another node, so this is wrong.
It also leaves the interface unknown.

This is better left to code that handles rogue IP addresses.  A
takeover run should correctly takeover the address if it is assigned
to this node or release it if it is assigned to another node.  Coming
soon...

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
d2a91394f5 ctdb-daemon: Use release_ip_post() when releasing all IP addresses
This has the advantage of using common code.  Also, if there was
previously a failed attempt to release the IP address as part of a
delete, then this will finish processing the delete.

Extra care needs to be taken when a VNN is actually deleted.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
46c5136e4e ctdb-daemon: Factor out new function release_ip_post()
This contains the cleanup that needs to be done after an IP address is
released from an interface.

state->vnn is set to the return value from release_ip_post(), which is
either the original VNN, or NULL if it was deleted.  This allows
correct handling of the in-flight flag in the destructor for state.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
e653c8bb4a ctdb-daemon: Do not copy address for RELEASE_IP message
If there's an allocation failure then the implicit early return in
CTDB_NO_MEMORY_VOID() means that no reply is sent to the control.
ctdb_daemon_send_message() makes a copy of the data, so don't copy it
here and remove an unnecessary chance of failure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
ca22373231 ctdb-daemon: Do not update the VNN state on RELEASE_IP failure
If RELEASE_IP fails then updating the VNN makes it inconsistent with
reality.  Instead, log the failure and move on to the next IP
address.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
509491a868 ctdb-daemon: Try to release IP address even if interface is unknown
The "releaseip" event in 10.interface will determine the interface and
do the right thing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
225575e7e7 ctdb-common: Save errno before closing file to keep debug accurate
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

In the AIX case, also add the close of the file.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
24001891dd ctdb-tools: Consistently use db_name
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

CID 1364703: Resource leak (RESOURCE_LEAK)

However, this would already be fixed by the fix for CID 1125618, so
this is probably just a minor bug fix.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
af502fade1 ctdb-tools: Fix CID 1125618 String not null terminated (STRING_NULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
254d5545f4 ctdb-logging: Fix CID 1272823 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
1de8948cb5 ctdb-daemon: Fix CID 1362723 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
bacf57c065 ctdb-tcp: Fix CID 1362724 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
1710b14a3c ctdb-client: Print error message before next syscall to avoid losing errno
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
94018302fd ctdb-client: Fix CID 1362725 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
0de52420b8 ctdb-daemon: Fix CID 1362726 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
0e73734822 ctdb-tcp: Set file descriptor to -1 after close.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
ce451c7cc6 ctdb-tcp: Fix CID 1362727 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
4bc934f132 ctdb-common: Fix CID 1362728 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
6d1099a522 ctdb-common: Fix CID 1362729 Unchecked return value from library
Drop setting socket non-blocking and close-on-exec.  The socket is
closed soon after.  Only a single packet is sent, making it almost
impossible for it to block.  Also, note that sockets aren't setup this
way for IPv6.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
198ca88391 ctdb-tests: Update porting test to be more flexible about line numbers
This way the test doesn't need to be changed every time the code is
moved around.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
518683abfe ctdb-daemon: Fix CID 1125574 Operands don't affect result
Interfaces going up or down are always interesting, so log these at
error level.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
1be2cd9dd2 ctdb-daemon: Fix CID 1125575 Operands don't affect result
This is related to an error, so repeatedly log at error level instead
of trying to avoid repetition.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:24 +02:00
Martin Schwenke
b92c78a043 ctdb-daemon: Fix CID 1272855 Operands don't affect result
Failures are already logged at alert/error level above, so just log
the summary at notice level.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:24 +02:00
Amitay Isaacs
47e6c37dca ctdb-tools: Drop "ctdb rebalancenode"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12151

This was already dropped in commit d678684695.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Aug 17 09:22:13 CEST 2016 on sn-devel-144
2016-08-17 09:22:13 +02:00
Amitay Isaacs
f376f346f2 ctdb-tools: Drop "ctdb rebalanceip"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12151

This was already dropped in commit aaa57fbcb3.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-17 05:28:19 +02:00
Amitay Isaacs
f635bd8997 ctdb-tools: Addition of IPs is deferred until the next takeover run
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12152

This makes the behaviour of "ctdb addip" similar to "ctdb delip".

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-17 05:28:19 +02:00
Jeremy Allison
639063da8c s3: vfs: shadow_copy2. Remove any trailing slash when stripping @GMT-YYYY... from the end of a path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 17 05:25:30 CEST 2016 on sn-devel-144
2016-08-17 05:25:30 +02:00
Jeremy Allison
6245f2c042 s3: vfs: shadow_copy2: Re-use an existing variable already set to the right value (p - name).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2016-08-17 01:22:38 +02:00
Michael Adam
b2bf61307c idmap: centrally check that unix IDs returned by the idmap backends are in range
Note: in the long run, it might be good to move this kind of
exit check (before handing the result back to the client)
to the parent winbindd code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Aug 17 01:21:39 CEST 2016 on sn-devel-144
2016-08-17 01:21:39 +02:00
Michael Adam
c21976d4b1 idmap: don't generally forbid id==0 from idmap_unix_id_is_in_range()
If the range allows it, then id==0 should not be forbidden.
This seems to have been taken in from idmap_ldap when the
function was originally created.

See 634cd2e045 .
The other backends don't seem to have had that
extra check for id == 0.

The reasoning for this change is that the range check should
apply to all cases. If the range includes the 0, then it
should be possible to get it as result. In particular,
this way, the function becomes applicable also to the
passdb backend case, e.g. in a samba4-ad-dc setup where
the Admin gets uid == 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-08-16 21:27:22 +02:00
Stefan Metzmacher
5066a6db4b s3:lib/pthreadpool: fix the build on older systems
Some systems required an explicit <signal.h>, which comes
via "system/wait.h"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 16 19:09:55 CEST 2016 on sn-devel-144
2016-08-16 19:09:55 +02:00
Uri Simchoni
3e42b69d5e smbd: look only at handle readability for COPYCHUNK dest
This commits sets the stage for a change of behavior
in a later commit.

When checking FILE_READ_DATA on the COPYCHUNK dest handle,
only check the handle readability and not the extra right
that may have been added due to the FILE_EXECUTE right.

The check for FILE_READ_DATA always seemed strange for the
dest handle, which is not read. It turns out that in Windows,
this check is not done at the SMB layer, but at a lower layer
that processes the IOCTL request - the IOCTL code has bits
that specify what type of access check needs to be done.

Therefore, this lower layer is unaware of the SMB layer's
practice of granting READ access based on the FILE_EXECUTE
right, and it only checks the handle's readability.

This subtle difference has observable behavior - the
COPYCHUNK source handle can have FILE_EXECUTE right instead
of FILE_READ_DATA, but the dest handle cannot.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Aug 16 15:21:03 CEST 2016 on sn-devel-144
2016-08-16 15:21:03 +02:00
Uri Simchoni
5bf11f6f5b s4-smbtorture: pin copychunk exec right behavior
Add tests that show copychunk behavior when the
source and dest handles have execute right instead
of read-data right.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
6ce0304eda seltest: allow opening files with arbitrary rights in smb2.ioctl tests
Separate file creation (which requires write access) from the
opening of the file for the test (which might be without write
access).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
7dc9f58206 seltest: implicit FILE_READ_DATA non-reporting
This test (passes against Windows Server 2012R2) shows
that the implicit FILE_READ_DATA that is added whenever
FILE_EXECUTE is granted, is not reported back when querying
the handle.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
55a9d35cab s4-selftest: add test for read access check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00