1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Commit Graph

118 Commits

Author SHA1 Message Date
Volker Lendecke
808ceac9f5 s3: messaging_ctdbd_init potentially modifies my_vnn
If we call messaging_ctdbd_connection() we end up with the wrong vnn in our
messaging context.

This is a bit of a hack, get_my_vnn() needs to go eventually along with
procid_self()
2010-08-31 17:07:41 +02:00
Volker Lendecke
5e58156654 s3: Fix a typo 2010-08-28 13:10:58 +02:00
Günther Deschner
7a05ca2c9c s3-build: use dbwrap.h only where needed.
Guenther
2010-08-26 00:25:55 +02:00
Volker Lendecke
0220246c26 s3: Add messaging_server_id 2010-07-05 11:06:24 +02:00
Volker Lendecke
5a3c64668a s3: Re-initialize the server_id in messaging_reinit 2010-07-04 17:29:23 +02:00
Volker Lendecke
89c785c47a s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.

For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.

This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.

I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.

CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.

While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().

Volker
2010-03-10 16:07:10 +01:00
Andrew Tridgell
6f1f9f6d8d fixed a bug in message handling for code the change notify code
The change notify code registered a separate message handler for each
tree connect. This registration uses the global messaging context.

The messaging code would consider a 2nd registration for the same
messaging type as being an 'update' of the handler, rather than a new
handler. It also would only call the first handler in the linked list
for a given message type when dispatching messages.

This patch changes the messaging code to allow for multiple
registrations of the same message type, and allow for multiple calls
to different messaging handler for one incoming message.

This fixes the problem with the test_notify_tcon() test that I
recently committed to the S4 smbtorture
2009-03-10 16:45:45 +11:00
Stefan Metzmacher
930b3c15da s3:messaging: also recreate the local messaging backend in messaging_reinit()
This prepares the change to use signal events in the tdb backend.

metze
2009-01-20 00:41:45 +01:00
Michael Adam
0412c20386 messages: bump debug level to 1 for "messaging_ctdb_init failed".
Leave level 0 messages to higher level callers.

Michael
(This used to be commit 7bbf29137b)
2008-06-26 12:31:11 +02:00
Stefan Metzmacher
c316c7ab73 messaging: add FLAG_MSG_DBWRAP message class flag
metze
(This used to be commit ee6325495f)
2008-04-12 09:14:08 +02:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
2007-10-18 17:40:25 -07:00
Volker Lendecke
33c57437a4 r24032: It helps testing tremendously if the cluster messaging actually sends
and receives messages to other nodes... :-)
(This used to be commit 3e9e9a3f28)
2007-10-10 12:28:58 -05:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text
(This used to be commit b0132e94fc)
2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later.
Jeremy.
(This used to be commit 407e6e695b)
2007-10-10 12:28:20 -05:00
Volker Lendecke
de565785f5 r23410: Merge the core of the cluster code.
I'm 100% certain I've forgotten to merge something, but the main code
should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and
messages_ctdbd.c.

There should be no changes to the non-cluster case, it does survive make
test on my laptop.

It survives some very basic tests with ctdbd enables, I did not do the
full test suite for clusters yet.

Phew...

Volker
(This used to be commit 15553d6327)
2007-10-10 12:23:14 -05:00
Volker Lendecke
f96193a2cb r23343: Fix error return
(This used to be commit 0014ee44b8)
2007-10-10 12:23:07 -05:00
Volker Lendecke
3f5742e20b r23204: Add MSG_SMB_BRL_VALIDATE. Tridge, this is a bit different from your bzr
branch, please check if it fulfils your needs.

Two changes: The validation is not done inside the brlock.c traverse_fn,
it's done as a separate routine.

Secondly, this patch does not call the checker routines in smbcontrol
directly but depends on a running smbd.
(This used to be commit 7e39d77c1f)
2007-10-10 12:22:53 -05:00
Volker Lendecke
054bf2fc8b r23171: Convert connections.tdb to dbwrap
(This used to be commit 80a1f43825)
2007-10-10 12:22:52 -05:00
Volker Lendecke
f260b45d64 r23117: Factor out local messaging.
This removes message_block / message_unblock. I've talked to Jeremy and
Günther, giving them my reasons why I believe they have no effect.
Neither could come up with a counter-argument, so they go :-)
(This used to be commit a925e0991f)
2007-10-10 12:22:47 -05:00
Volker Lendecke
ff0ac5b0e7 r23112: Trim down the message.c API slightly: The messages_pending_for_pid is now
replaced by MSG_FLAG_LOWPRIORITY or'ed into the msg_type. To enable this,
changed the msg_type definitions to hexadecimal.

This way we could theoretically add the MSG_FLAG_NODUPLICATES again, but I
would rather not do this, because that one is racy and can't be guaranteed at
all.
(This used to be commit 3f5eb8a960)
2007-10-10 12:22:47 -05:00
Volker Lendecke
2991d3416b r23077: Minor cleanup
(This used to be commit 72ed838825)
2007-10-10 12:22:43 -05:00
Volker Lendecke
ac3f08ddbe r23055: Rewrite messages.c to use auto-generated marshalling in the tdb. I'm
doing this because for the clustering the marshalling is needed in more
than one place, so I wanted a decent routine to marshall a message_rec
struct which was not there before.

Tridge, this seems about the same speed as it used to be before, the
librpc/ndr overhead in my tests was under the noise.

Volker
(This used to be commit eaefd00563)
2007-10-10 12:22:17 -05:00
Volker Lendecke
772d8b0cd3 r23025: Some logic simplifications
(This used to be commit d3f16722b2)
2007-10-10 12:22:16 -05:00
Volker Lendecke
9e5dbf3fd1 r23024: Ok, neither the duplicates_allowed nor the timeout argument to
message_send_pid is used anymore. Two users of duplicates_allowed: winbind and
the printer notify system.

I don't thing this really changes semantics: duplicates_allowed is hell racy
anyway, we can't guarantee that we don't send the same message in sequence
twice, and I think the only thing we can harm with the print notify is
performance.

For winbind I talked to Günther, and he did not seem too worried.

Volker
(This used to be commit 75b3ae6a76)
2007-10-10 12:22:16 -05:00
Volker Lendecke
e0ebb46cff r23023: Get rid of the only caller of message_send_pid_with_timeout(). This replaces
the timeouts on the individual message send calls with an overall timeout on
all the calls.

The timeout in message_send_pid_with_timeout() did not make much sense IMO
anyway, because the tdb_fetch() for the messages_pending_for_pid was blocking
in a readlock anyway, we "just" did the timeout for the write lock.

This new code goes through the full wait for the write lock once and then
breaks out of sending the notifies instead of running into the timeout per
target.

Jerry, please check this!

Thanks,

Volker
(This used to be commit 697099f06e)
2007-10-10 12:22:16 -05:00
Volker Lendecke
23c0e27b6c r23022: Reformatting
(This used to be commit 782ee72916)
2007-10-10 12:22:15 -05:00
Volker Lendecke
4d5f58c2b9 r23015: Make message_(de)register static to messages.c
(This used to be commit a8082a3c7c)
2007-10-10 12:22:15 -05:00
Volker Lendecke
56e6e5b8ca r22934: Change smbcontrol to use messaging_register instead of message_register
(This used to be commit e3d985c581)
2007-10-10 12:22:10 -05:00
Volker Lendecke
8c3f8e5697 r22911: Pass a messaging_context to message_send_all
(This used to be commit cc92ce665d)
2007-10-10 12:22:07 -05:00
Volker Lendecke
6669aa051e r22910: Make message_send_pid static to messages.c
(This used to be commit 27224922cf)
2007-10-10 12:22:07 -05:00
Volker Lendecke
84758bd1f8 r22908: All callers of message_init now also call messaging_init. Unify those.
(This used to be commit 330946ad23)
2007-10-10 12:22:07 -05:00
Volker Lendecke
fad7dd8a60 r22868: Replace some message_send_pid calls with messaging_send_pid calls. More
tomorrow.
(This used to be commit 74fa57ca5d)
2007-10-10 12:22:04 -05:00
Volker Lendecke
b92064fcfd r22846: Chunk one to replace message_send_pid with messaging_send: Deep inside
locking/locking.c we have to send retry messages to timed lock holders.
The majority of this patch passes a "struct messaging_context" down
there. No functional change, survives make test.
(This used to be commit bbb5084146)
2007-10-10 12:22:02 -05:00
Volker Lendecke
4aa44f7475 r22761: This introduces lib/conn_tdb.c with two main functions: connections_traverse
and connections_forall. This centralizes all the routines that did individual
tdb_open("connections.tdb") and direct tdb_traverse.

Volker
(This used to be commit e43e94cda1)
2007-10-10 12:21:55 -05:00
Volker Lendecke
e6383f4762 r22736: Start to merge the low-hanging fruit from the now 7000-line cluster patch.
This changes "struct process_id" to "struct server_id", keeping both is
just too much hassle. No functional change (I hope ;-))

Volker
(This used to be commit 0ad4b1226c)
2007-10-10 12:21:52 -05:00
Jeremy Allison
8e4945bc15 r22276: Fix name -> servicename in messages.c
Jeremy.
(This used to be commit cc4face3bc)
2007-10-10 12:19:23 -05:00
Jeremy Allison
bc45c82904 r22096: become_root_uid_only() is unneeded - it's only used in
messages.c. Refactor to use become_root() instead and
make it local to messages.c
Jeremy.
(This used to be commit f3ffb3f984)
2007-10-10 12:19:11 -05:00
Stefan Metzmacher
bc2b6436d0 r22009: change TDB_DATA from char * to unsigned char *
and fix all compiler warnings in the users

metze
(This used to be commit 3a28443079)
2007-10-10 12:19:00 -05:00
Volker Lendecke
94a1b230f3 r21723: Make use of the per-hashchain "freelists"
(This used to be commit f3421ae4cf)
2007-10-10 12:18:25 -05:00
Volker Lendecke
69d8c5ae5f r21115: notify_internal.c needs to remove the table entry if a process has crashed. So
it needs the specific error message.

Make messages.c return NTSTATUS and specificially NT_STATUS_INVALID_HANDLE if
sending to a non-existent process.

Volker
(This used to be commit 3f620d181d)
2007-10-10 12:17:39 -05:00
Volker Lendecke
6490e114b8 r21081: Add forgotten function
(This used to be commit 4a99fa2666)
2007-10-10 12:17:34 -05:00
Volker Lendecke
032bd8eea8 r21076: Two pieces of infrastructure from Samba4: An API-compatible messaging wrapper
and tdb_wrap_open.

Volker
(This used to be commit c01f164dca)
2007-10-10 12:17:33 -05:00
Volker Lendecke
caf8c6a76b r21064: The core of this patch is
void message_register(int msg_type,
                      void (*fn)(int msg_type, struct process_id pid,
-                                void *buf, size_t len))
+                                void *buf, size_t len,
+                                void *private_data),
+                     void *private_data)
 {
        struct dispatch_fns *dfn;

So this adds a (so far unused) private pointer that is passed from
message_register to the message handler. A prerequisite to implement a tiny
samba4-API compatible wrapper around our messaging system. That itself is
necessary for the Samba4 notify system.

Yes, I know, I could import the whole Samba4 messaging system, but I want to
do it step by step and I think getting notify in is more important in this
step.

Volker
(This used to be commit c8ae60ed65)
2007-10-10 12:17:32 -05:00
Jeremy Allison
806daad510 r20174: If we're only going to call one handler per message
then terminate the traversal once we've done that.
Jeremy.
(This used to be commit da3d0b6234)
2007-10-10 12:16:29 -05:00
Jeremy Allison
7f5fefb7bb r20165: Change messaging subsystem to only allow one message
per type - this is all we use right now and makes
re-entrancy problems with deleting handlers with
a message dispatch loop go away.
Jeremy.
(This used to be commit 2e9b6faeae)
2007-10-10 12:16:28 -05:00
Jeremy Allison
25f8970539 r20160: Fix long-standing (ie. from initial code I think) bug
in tdb message processing. If we're inside a dispatch
function and we delete our own handler we'd walk onto
the next pointer from a deleted memory block. Fixes
crash bug in winbindd (and goodness knows where else).
Jeremy.
(This used to be commit 27a4c11214)
2007-10-10 12:16:28 -05:00
Volker Lendecke
e23781b3b3 r17316: More C++ warnings -- 456 left
(This used to be commit 1e4ee728df)
2007-10-10 11:38:25 -05:00
Jeremy Allison
e4e2be0d8b r17294: Make the code a little cleaner. Instead of using the two
calls make it :

become_root_uid_only()
operation
unbecome_root_uid_only()

saving errno across the second call. Most of our internal
change calls can be replaced with these simple calls.

Jeremy
(This used to be commit 4143aa83c0)
2007-10-10 11:38:24 -05:00
Jeremy Allison
a093a76dc1 r17293: After the results from the cluster tests in Germany,
fix the messaging code to call the efficient calls :

save_re_uid()
set_effective_uid(0);

messaging_op

restore_re_uid();

instead of using heavyweight become_root()/unbecome_root()
pairs around all messaging code. Fixup the messaging
code to ensure sec_init() is called (only once) so that non-root
processes still work when sending messages.

This is a lighter weight solution to become_root()/unbecome_root()
(which swaps all the supplemental groups) and should be more
efficient. I will migrate all server code over to using this
(a similar technique should be used in the passdb backend
where needed).

Jeremy.
(This used to be commit 4ace291278)
2007-10-10 11:38:24 -05:00
Volker Lendecke
7ad912c264 r17231: Some patch cosmetics
(This used to be commit 736e55101b)
2007-10-10 11:38:21 -05:00