IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This one is subtle. There is a race condition where a signal can be
queued for oplock break, and then the file can be closed by the client
before the signal can be processed. Currently if this occurs we panic
(we can't match an incoming signal fd with a fsp pointer). Simply log
the error (at debug level 10 right now, might be too much) and then
return without processing the break request. It looks like there is
another race condition with this fix, but here's why it won't happen.
If the signal was pending (caused by a kernel oplock break from a
local file open), and the client closed the file and then re-opened
another file which happened to use the same file descriptor as the
file just closed, then theoretically the oplock break requests could
be processed on the wrong fd. Here's why this should be very rare..
Processing a pending signal always take precedence over an incoming
network request, so as long as the client close request is non-chained
then the break signal should always be harmlessly processed *before*
the open can be called. If the open is chained onto the close, and
the fd on the new open is the same as the old closed fd, then it's
possible this race will occur. However, all that will happen is that
we'll lose the oplock on this file. A shame, but not a fatal event.
Jeremy.
This replaces release_level2_oplocks_on_change with
contend_level2_oplock_begin/end in order to contend level2 oplocks
throughout an operation rather than just at the begining. This is
necessary for some kernel oplock implementations, and also lays the
groundwork for better correctness in Samba's standard level2 oplock
handling. The next step for non-kernel oplocks is to add additional
state to the share mode lock struct that prevents any new opens from
granting oplocks while a contending operation is in progress.
All operations that contend level 2 oplocks are now correctly spanned
except for aio and synchronous writes. The two write paths both have
non-trivial error paths that need extra care to get right.
RAW-OPLOCK and the rest of 'make test' are still passing with this
change.
Can someone with gpfs available test this ? The only codepath using this
function is the modules/gpfs.c module. The fix resolves at least the build
issues Samba has with recent kernel / libcap versions by using the portable
cap_get_proc()/cap_set_proc() interface (instead of using capget/capset).
Guenther
(This used to be commit 1779551412)
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
This replaces the internal explicit dev/ino file id representation by a
"struct file_id". This is necessary as cluster file systems and NFS
don't necessarily assign the same device number to the shared file
system. With this structure in place we can now easily add different
schemes to map a file to a unique 64-bit device node.
Jeremy, you might note that I did not change the external interface of
smb_share_modes.c.
Volker
(This used to be commit 9b10dbbd5d)
it should be abstracted a little higher up so other os'es can have an
entry, but it will take a bit more work. Thanks to Chetan Shringarpure
and Mathias Dietz.
I didn't increment the vfs number again because the kernel change notify
stuff hasn't been released yet anyway.
(This used to be commit 9463211bf3)
fsp pointers. Ensure we cope with this to pass Samba4
DENY tests (we used to pass these, there must have been
a regression with newer code). We now pass them.
Jeremy
(This used to be commit fd6fa1d4ea)
oplocks across the cluster. Adapt Samba to it.
The gpfs API is called via libgpfs.so. This code is written with dlopen(), so
that you can compile on a system with gpfs installed and later on run on
systems without gpfs available.
So to actually make Samba call gpfs share mode calls you need to compile with
gpfs.h and libgpfs.so around and set 'gpfs share = yes' on the shares you
export from GPFS.
Volker
(This used to be commit 2253b17a1a)
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d7)
tests on this as it's very late NY time (just wanted to get this work
into the tree). I'll test this over the weekend....
Jerry - in looking at the difference between the two trees there
seem to be some printing/ntprinting.c and registry changes we might
want to examine to try keep in sync.
Jeremy.
(This used to be commit c7fe18761e)
printmig.exe work
* merge the sys_select_signal(char c) change from trunk
in order to keeo the winbind code in sync
(This used to be commit a112c5570a)
1. using smbc_getxattr() et al, one may now request all access control
entities in the ACL without getting all other NT attributes.
2. added the ability to exclude specified attributes from the result set
provided by smbc_getxattr() et al, when requesting all attributes,
all NT attributes, or all DOS attributes.
3. eliminated all compiler warnings, including when --enable-developer
compiler flags are in use. removed -Wcast-qual flag from list, as that
is specifically to force warnings in the case of casting away qualifiers.
Note: In the process of eliminating compiler warnings, a few nasties were
discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces
are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED
kerberos interfaces are being used. Someone who knows kerberos
should look at these and determine if there is an alternate method
of accomplishing the task.
(This used to be commit 994694f7f2)
handling in Samba. This was needed due to several limitations and
races in the previous code - as a side effect the new code is much
cleaner :)
in summary:
- changed sys_select() to avoid a signal/select race condition. It is a
rare race but once we have signals doing notification and oplocks it
is important.
- changed our main processing loop to take advantage of the new
sys_select semantics
- split the notify code into implementaion dependent and general
parts. Added the following structure that defines an implementation:
struct cnotify_fns {
void * (*register_notify)(connection_struct *conn, char *path, uint32 flags);
BOOL (*check_notify)(connection_struct *conn, uint16 vuid, char *path, uint32 flags, void *data, time_t t);
void (*remove_notify)(void *data);
};
then I wrote two implementations, one using hash/poll (like our old
code) and the other using the new Linux kernel change notify. It
should be easy to add other change notify implementations by creating
a sructure of the above type.
- fixed a bug in change notify where we were returning the wrong error
code.
- rewrote the core change notify code to be much simpler
- moved to real-time signals for leases and change notify
Amazingly, it all seems to work. I was very surprised!
(This used to be commit 44766c39e0)
I used a trick where CAP_LEASE isn't claimed until it is needed. This
means we avoid a system call per setreuid(), and never call capset()
unless a user tries to get a oplock on a file that they don't own
(This used to be commit afa98d511f)
I had to modify sys_select() to not loop on EINTR. I added a wrapper
called sys_select_intr() which gives the old behaviour.
(This used to be commit b28cc4163b)