IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This currently causes monitor failure.
Log a warning instead. If there is a transient issue, such as NFS
being restarted in the background, then the thread count file should
be there the next time around so the count can be adjusted if
necessary.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
The main reason for this is to do proper connection management. I tried hard,
but I failed trying to slowly migrate the ads_struct based code to something
saner. So I polished tldap, which thanks to metze does proper sasl.
This patch is pretty much a complete rewrite, so looking at it in diff -u
format does not really make sense. Look at the final output.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Apr 15 19:13:39 CEST 2016 on sn-devel-144
The idmap_ad child is designed to connect to domain controllers on
its own. Finding a DC is a nontrivial task that the child should not
do on its own, in particular it should not have to connect to "our"
DC's NETLOGON pipe separately. So when idmap_ad finds that it needs to
connect to a DC, it returns NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND. The
parent then asynchronously does the lookup and stores the DC info in
gencache. After that the parent re-does the idmap child call, during
which the child will find the DC-info in gencache.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The idmap_ad child is designed to connect to domain controllers on
its own. Finding a DC is a nontrivial task that the child should not
do on its own, in particular it should not have to connect to "our"
DC's NETLOGON pipe separately. So when idmap_ad finds that it needs to
connect to a DC, it returns NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND. The
parent then asynchronously does the lookup and stores the DC info in
gencache. After that the parent re-does the idmap child call, during
which the child will find the DC-info in gencache.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is a sneaky way to pass the DC info from the parent winbind to children
and other users.
Not sure where exactly to put these routines. For now, put them into the parent
code to find the dcinfo from "our" dc.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This will be used to replace a nonencrypted socket with a sasl sealed one.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The nss functions technically right now are part of the idmap modules. However,
there is no intrinsic reason for this mixture of concerns. I would like to
heavily modify the idmap_ad idmapping functions without modifying the nss
functions (yet!!). So as a first step this patch moves the nss functions
textually out of the way.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Currently there is no signal handling available for notify daemon.
Signals like SIGHUP and SIGUSR1 can lead to terminate the notify
daemon. Masking these signals for notifyd as we are not handling them.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11840
Signed-off-by: Hemanth Thummala <hemanth.thummala@nutanix.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Apr 15 15:31:19 CEST 2016 on sn-devel-144
For "master", if there is a master then print the PNN, otherwise print
nothing.
For "list", print the PNN and IP addresses without a colon in between.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
This simply calls out to the wrapper, so that commands are changed as
follows:
ctdb lvsmaster -> ctdb lvs master
ctdb lvs -> ctdb lvs list
This provides a simple, extensible interface and means that "ctdb lvs
status" is also available.
Unit tests are streamlined so that there is a single test for each
CTDB state. Each test does "master", "list" and "status" sub-tests.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
To keep this commit comprehensible, 91.lvs and the CTDB CLI tool are
temporarily inconsistent. The tool will be made consistent in a
subsequent commit.
LVS now uses a configuration file specified by CTDB_LVS_NODES and
supports the same slave-only syntax as CTDB_NATGW_NODES. LVS also
uses new variable CTDB_LVS_PUBLIC_IFACE instead of
CTDB_PUBLIC_INTERFACE.
Update unit tests and documentation.
Note that the --lvs and --single-public-ip daemon options are no
longer used. These will be removed and relevant documentation
updated in a subsequent commit.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
This will replace the ctdb CLI tool "lvs" and "lvsmaster" options. It
also makes LVS daemon support unnecessary.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Having both "recovered" and "ipreallocated" means that everything
happens twice when there is a recovery. No need for that.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Basic error redirection improvements before writing tests.
Deleting the service during "startup" will usually fail because the
service has never been setup, so redirect output to avoid logging an
error.
Similarly, deleting the service in "ipreallocated" will always fail
the first time, which would cause an error to be logged. Given the
simplicity of the script, there's no sane way to avoid the error
sometimes and log it if it actually matters. This could potentially
be tidied up in the future by making 91.lvs stateful, in a similar way
to 11.natgw.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
smbtorture with the libsmbclient test suite produces the following valgrind
trace
==31432== Invalid read of size 8
==31432== at 0x99B8858: smbc_free_context (libsmb_context.c:260)
==31432== by 0x5E6401: torture_libsmbclient_opendir (libsmbclient.c:136)
==31432== by 0x9553F42: wrap_simple_test (torture.c:632)
==31432== by 0x955366F: internal_torture_run_test (torture.c:442)
==31432== by 0x95538C3: torture_run_tcase_restricted (torture.c:506)
==31432== by 0x9553278: torture_run_suite_restricted (torture.c:357)
==31432== by 0x95531D7: torture_run_suite (torture.c:339)
==31432== by 0x25FEFF: run_matching (smbtorture.c:93)
==31432== by 0x260195: torture_run_named_tests (smbtorture.c:143)
==31432== by 0x261E14: main (smbtorture.c:665)
==31432== Address 0x18864a70 is 80 bytes inside a block of size 96 free'd
==31432== at 0x4C2A37C: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==31432== by 0x99BCC46: SMBC_closedir_ctx (libsmb_dir.c:922)
==31432== by 0x99C06CA: SMBC_close_ctx (libsmb_file.c:370)
==31432== by 0x99B8853: smbc_free_context (libsmb_context.c:259)
==31432== by 0x5E6401: torture_libsmbclient_opendir (libsmbclient.c:136)
==31432== by 0x9553F42: wrap_simple_test (torture.c:632)
==31432== by 0x955366F: internal_torture_run_test (torture.c:442)
==31432== by 0x95538C3: torture_run_tcase_restricted (torture.c:506)
==31432== by 0x9553278: torture_run_suite_restricted (torture.c:357)
==31432== by 0x95531D7: torture_run_suite (torture.c:339)
==31432== by 0x25FEFF: run_matching (smbtorture.c:93)
==31432== by 0x260195: torture_run_named_tests (smbtorture.c:143)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11836
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 14 13:24:10 CEST 2016 on sn-devel-144
This fixes a regression in commit 2cb07ba50decdfd6d08271cd2b3d893ff95f5af9
(s3:libads: make use of ads_sasl_spnego_gensec_bind() for GSS-SPNEGO with Kerberos)
that prevents things like 'net ads join' from working against a Windows 2003 domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11804
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Apr 12 23:02:56 CEST 2016 on sn-devel-144
These are independent from our client library and allow
testing of invalid pdus.
It can be used like this in standalone mode:
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py
or
SMB_CONF_PATH=/dev/null SERVER=172.31.9.188 python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND.test_invalid_auth_noctx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This is better than using hardcoded values.
We need to use the value the client used in the BIND request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This is better than using hardcoded values.
We need to use auth_context_id = 1 for authenticated
connections, as old Samba server (before this patchset)
will use a hardcoded value of 1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
An alter context can't change the syntax of an existing context,
a new context_id will be used for that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
