1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

139427 Commits

Author SHA1 Message Date
Martin Schwenke
4569c65288 ctdb-scripts: Add configuration variable CTDB_KILLTCP_USE_SS_KILL
This allows CTDB to be configured to use "ss -K" to reset TCP
connections on "releaseip".  This is only supported when the kernel is
configured with CONFIG_INET_DIAG_DESTROY enabled.

From the documentation:

   ss -K has been supported in ss since iproute 4.5 in March 2016 and
   in the Linux kernel since 4.4 in December 2015.  However, the
   required kernel configuration item CONFIG_INET_DIAG_DESTROY is
   disabled by default.  Although enabled in Debian kernels since
   ~2017 and in Ubuntu since at least 18.04,, this has only recently
   been enabled in distributions such as RHEL.  There seems to be no
   way, including running ss -K, to determine if this is supported, so
   use of this feature needs to be configurable.  When available, it
   should be the fastest, most reliable way of killing connections.

For RHEL and derivatives, this was enabled as follows:

* RHEL 8 via https://bugzilla.redhat.com/show_bug.cgi?id=2230213,
  arriving in version kernel-4.18.0-513.5.1.el8_9

* RHEL 9 via https://issues.redhat.com/browse/RHEL-212, arriving in
  kernel-5.14.0-360.el9

Enabling this option results in a small behaviour change because ss -K
always does a 2-way kill (i.e. it also sends a RST to the client).
Only a 1-way kill is done for SMB connections when ctdb_killtcp is
used - the reasons for this are shrouded in history and the 2-way kill
seems to work fine.

For the summary that is logged, when CTDB_KILLTCP_USE_SS_KILL is "yes"
or "try", always log the method used, even the fallback to
ctdb_killtcp.  However, when set to "no", maintain the existing
output.

The decision to use -K rather than --kill is because short options are
trivial to implement in test stubs.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Nov  7 00:12:34 UTC 2024 on atb-devel-224
2024-11-07 00:12:34 +00:00
Martin Schwenke
19e65f4012 ctdb-scripts: Factor out function kill_tcp_summarise()
This will be used in a slightly different context in a subsequent
commit.  In that case, the number of killed connections will be passed
instead of the total number of connections, so support this here via
different modes instead of churning later.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
590a86dbe4 ctdb-scripts: Track connections for all ports for public IPs
Currently TCP ports like NFS lock manager are not tracked.  It is
easier to track all connections than to add a configuration system to
try to track specified ports, so do that.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
c3695722b6 ctdb-scripts: Get connections after tickle list
Running ss to get current connections before running ctdb gettickles
means the ss output might be out of date when the 2 lists are
compared.  Some tickles might have been added after ss was run by some
other means (e.g. SMB tickles, added internally) and they would be
deleted according to the stale ss output.

This isn't currently a problem because update_tickles() is currently
only called with port 2049, so all tickles are managed by this code.
That will change in a subsequent commit.

Changing the order means the reverse problem can occur, where
update_tickles() attempts to delete an already deleted tickle.  That
may happen occasionally but is harmless because it doesn't result in
missing information.  It (currently) just causes a message to be
logged at DEBUG level.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
9683bb3ac2 ctdb-scripts: Move connection tracking to 10.interface
This should really be done for all connections to public IP addresses.
Leave the port number there for now - this is just the first step.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
d39a1cc1d4 ctdb-server: Use ctdb_connection_same() to simplify
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Volker Lendecke
1b1fd5c228 ctdb: Don't leak a pointer on talloc_realloc failure
We should not directly overwrite the pointer we are realloc'ing

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-11-06 23:03:42 +00:00
Volker Lendecke
e080add68a ctdb: Save a few lines with talloc_zero()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-11-06 23:03:42 +00:00
Martin Schwenke
762f5f5ca6 ctdb-server: Remove duplicate logic
Initialise the pointer to NULL and fall through to let
talloc_realloc() do the allocation.  talloc_realloc() does the right
thing with a NULL pointer...

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
5af8627feb ctdb-server: Handle pre-existing connection first
This is cheap when tcparray is NULL and let's the code that now
follows be simplified.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
9838b4d0d6 ctdb-server: Drop an unnecessary variable
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
f4a8f84328 ctdb-server: Drop a log message to DEBUG level
This is harmless, so it doesn't generally need to be logged.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
3c19c8df77 ctdb-server: Clean up connection tracking functions
Apply README.Coding, modernise logging, pre-render connection as a
string for logging, switch terminology from "tickle" to "connection",
tidy up comments.

No changes in functionality.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
0505d06b12 ctdb-scripts: Use ss -H option to simplify
This option has been available since ~2018 and has been implemented in
the stub since then.  I guess we didn't use it because CentOS 7?

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
32e4f78660 ctdb-scripts: Remove superseded compatibility code
Since commit 224e99804e, square brackets
have been parsed by daemon and tool code, so drop the compatibility
code from here.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
b3e2c69ad9 ctdb-scripts: update_tickles() should use the public IPs cache
This avoids duplicating logic.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
1a4a6c46f1 ctdb-scripts: Don't list connections when not hosting IPs
With an empty IP filter, all incoming connections to port 2049 will be
listed, not just those to public IP addresses.  This causes error
messages like the following to be logged:

  ctdb-eventd[...]: 60.nfs: Failed to add 1 tickles

since the connection being added seems to be for a random NFS mount
that doesn't use a public IP addresses.

This has been a problem for a long time (probably since commit
04fe9e2074 in 2015).  It isn't currently
a huge deal because it only affects NFS connections.  However, this
code will soon be used to track connections to public IP addresses on
all ports.  This would result in a constant stream of log messages,
since there will always be some active connections.

The theory behind the fix is that if a node hosts no public IPs then
it should have no relevant connections and has no business changing
the list of registered tickles.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
3410eddd93 ctdb-scripts: Reformat with "shfmt -w -p -i 0 -fn"
Massage a couple of lines manually so they're formatted sanely given
the new indentation.   Re-run shfmt to ensure no further changes.

Best reviewed with "git show -w".

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
025bd34dfc ctdb-doc: Improve 10.interface documentation and comments
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
60067e2a74 ctdb-tests: Fix ss -a not supported
This is currently just a series of typos.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
4817e32c1d ctdb-tests: Drop unsupported long options from ss stub usage
These have not been supported since commit
896c77df1c in 2018.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Martin Schwenke
557b034200 ctdb-tests: Ensure ss stub handles square brackets around addresses
It isn't unreasonable for unit test cases to use square brackets in
their input.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jerry Heyman <jheyman@ddn.com>
2024-11-06 23:03:42 +00:00
Douglas Bagnall
982042115b libndr: specialise ndr_token_find() for key pointer comparison
Usually we are doing a pointer comparison. Because we are doing it
in a tight loop, the cost of the comparison function call can be
noticeable.

There is a fuzz case that before f43ae1ab1a
took 3.957s, after that took 6.438s, and now again takes 3.960s.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Nov  6 12:06:04 UTC 2024 on atb-devel-224
2024-11-06 12:06:04 +00:00
Douglas Bagnall
a909db027f ldb:test:lmdb_free_list: s/the the/to the/ in comment
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
2b05eb22ba s4:reg: s/the there/there/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
26dd542928 s4: s/the the\b/the/ in miscellaneous comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
770df620be s4:ldb_mods:group_audit: s/the the/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
9ef582d0e9 s3:smbd:posix_acls: s/the the/that the/ in comment
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
367e58c321 s3:printing and spoolss: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
eaff8d28f0 s3:headers: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
33c966c3bc s3:client:clitar: s/the the/to the/ in comment
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
4b84821749 pytest: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
a42bff66d1 samba-tool:: s/the the\b/the/ in docstring
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
a784444c77 nsswitch:: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
e402708921 libcli:auth:msrpc_parse: s/the the/is the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
f914f53913 util:charset: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
153a14776d tevent docs: s/the the\b/the/
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
0bb729d613 pyldb: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:35 +00:00
Douglas Bagnall
296456407e ldb:pack: s/the the/in the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:34 +00:00
Douglas Bagnall
3c1e99f5d3 lib/afs: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:34 +00:00
Douglas Bagnall
076c284d6f ctdb:tests: s/the the\b/the/ in comments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-11-06 10:57:34 +00:00
Ralph Boehme
6f09b61f0b WHATSNEW: SMB3 Directory Leases
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov  5 15:51:27 UTC 2024 on atb-devel-224
2024-11-05 15:51:26 +00:00
Ralph Boehme
14f3f88a3c smbtorture: Directory Leases vs unlink
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00
Ralph Boehme
d805f6e22f smbtorture: Directory Leases vs hardlink
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00
Ralph Boehme
4ed15961d7 smbtorture: Directory Leases vs overwrite
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00
Ralph Boehme
b59a833107 smbtorture: Directory Leases vs renaming
Note that we must use defines for the DLEASE* values, as declaring them as const
int triggers a CI failure on one of the runners (opensuse155-samba-o3) likely
due to a bug in its gcc version:

  ../../source4/torture/smb2/lease.c:6242:22: error: initializer element is not constant
     .srcdir_leasekey = DLEASE1,
                        ^~~~~~~

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00
Ralph Boehme
f95867e8f5 smbtorture: Directory Leases vs setting access date
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00
Ralph Boehme
28e8aae6ad smbtorture: Directory Leases vs setting inode change date
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00
Ralph Boehme
b277c32dc1 smbtorture: Directory Leases vs setting modification date
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00
Ralph Boehme
1150efd21c smbtorture: Directory Leases vs setting creation date
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-11-05 14:39:31 +00:00