1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

111179 Commits

Author SHA1 Message Date
Martin Schwenke
480c586c7d ctdb-tests: Simplify nodes file handling in tool tests
Instead of using an intermediate environment variable for nodes files,
just create "node" or "nodes.<pnn>" in CTDB_BASE.  This makes the
nodes file loading in fake_ctdb slightly repetitive but simplifies the
test scripts a lot.  It also remove several instance of the CTDB_NODES
variable from the code base, so it is no longer found by "git grep".

Use an empty nodes file to indicate that fake_ctdbd should fail to
read it.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:20 +01:00
Martin Schwenke
3a7c49dfbc ctdb-tests: Put configuration, socket and PID file in CTDB_BASE
setup_ctdb_base() makes this a convenient temporary directory.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
78248adad6 ctdb-tests: Improve setting of helper paths
Make use of variables provided by script_install_paths.sh instead of
reinventing the logic.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
10354438b8 ctdb-tests: Use setup_base() in tool unit tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
d55e7d8abc ctdb-tests: Drop an orphaned comment
The relevant code was removed long ago.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
16a93d7691 ctdb-tools: Drop onnode CTDB_NODES_FILE environment variable
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
c8c944d618 ctdb-tests: Use default location for nodes file
Create the file and then copy it to CTDB_BASE for each node.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
f6d6f2220b ctdb-daemon: Drop ctdbd --public-interface option
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
b1fcb0a129 ctdb-scripts: Drop CTDB_PUBLIC_INTERFACE configuration option
The interface must always be specified in the public addresses file.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
482ff4bdd3 ctdb-daemon: Drop ctdbd --public-addresses option
Use the default location.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
346c28d070 ctdb-tests: Remove unused function get_ctdbd_command_line_option()
This was a bad idea.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
6ecddd4f72 ctdb-scripts: Drop CTDB_PUBLIC_ADDRESSES configuration option
This option adds a lot of unnecessary complexity to scripts.
Configuration should go in $CTDB_BASE, either directly or via a
symlink, so simplify by using the default location.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
b6127a6384 ctdb-tests: Allow tests access to CTDB_BASE
On the node where the tests are run, CTDB_BASE is always set.  This
applies to local daemons too.  However, when tests are being run
against a real cluster, there may be a need to access configuration
files.  However, CTDB_BASE will not be set in this case.

So, provide a function to get CTDB_BASE, if set, or a real cluster
node's configuration directory, if CTDB_BASE is not set.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
a757182134 ctdb-scripts: Drop 10.external event script
This was added for a vendor who decided not to use it.  It is almost
certainly unused by anyone.  If anyone really needs it then it is in
the git history.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
a0aa735de1 ctdb-tests: Use default public addresses file for event script tests
Just use the default location in event script tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
3d85488e3a ctdb-tests: Use default public addresses file in local daemon tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
1dcc0adf1a ctdb-daemon: Provide a default location for public addresses file
If the specified file or the default does not exist then log a
warning.

This is done in the takeover code to localise the handling of the
public addresses file.  Soon the daemon command-line option will go
away and the takeover code will be replaced in the not too distant
future.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
e0ed9b307d ctdb-tests: Don't allow simple tests to use environment for config
This was a mistake.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
4328f4a59e ctdb-tests: Update some tests to use setup_ctdb() options
Don't use environment variables for test-local configuration
variations.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
5615bdf7ff ctdb_tests: Reconfigure the cluster when restarting CTDB
The previous test might have made configuration changes, so call
setup_ctdb() to cause the configuration to be rewritten.  This is only
really useful in local daemons tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
bdfc8b7e3e ctdb-tests: Add some options to setup_ctdb()
These provide special-purpose setups for particular testcases.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
7e08c1d24c ctdb-tools: Drop ctdb --socket option
Use environment variables for test-only options.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
0045a7cfee ctdb-tools: Move handling of CTDB_SOCKET to process_command()
options.socket will go away in future.  This moves processing of
CTDB_SOCKET close to where it is used.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
4961711621 ctdb-daemon: Drop ctdbd --socket option
Use environment variables for test-only options.

The setenv() can be dropped because the socket location is either the
compile-time default or the already set environment variable.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
81b57fa544 ctdb-scripts: Drop CTDB_SOCKET configuration option
Use environment variables for test-only options.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
de44df261b ctdb-tools: Drop a couple of unnecessary exports of CTDB_SOCKET
These were necessary because CTDB_SOCKET was not already exported via
test setup.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
1f4fd30882 ctdb-tests: Use environment variable for specifying socket
Use environment variables for test-only options.  Don't put them in
the configuration file.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
b05dc0bb84 ctdb-daemon: Allow CTDB_SOCKET environment variable to be used
Use environment variables for test-only options.

Switch to using a local variable.  This simplifies both the logic and
the ability to later drop the command-line option.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
70fb005db4 ctdb-tests: Use CTDB_SOCKET environment variable to specify socket
Use environment variables for test-only options.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Martin Schwenke
aa961e8807 ctdb-tests: Drop ctdbd --event-script-dir option
Event scripts live in a standard place.

For testing, CTDB_BASE is modified.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Martin Schwenke
3df3678101 ctdb-scripts: Drop CTDB_EVENT_SCRIPT_DIR configuration option
Event scripts live in a standard place.

For testing, CTDB_BASE is modified.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Martin Schwenke
32fade2f13 ctdb-daemon: Drop ctdbd --pidfile option
Use environment variables for test-only options.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Martin Schwenke
0ee7b8a669 ctdb-scripts: Drop CTDB_PIDFILE configuration option
Use environment variables for test-only options.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Martin Schwenke
689259be02 ctdb-ib: Drop a bit-rotted test example from the README
This hasn't worked as advertised for a long time.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Jeremy Allison
a6054c01c2 s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 17 04:04:32 CET 2018 on sn-devel-144
2018-03-17 04:04:32 +01:00
Ralph Boehme
49996ca932 selftest: vfs.fruit: add xattr_tdb where possible
This makes the tests indepent from fs xattr support.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-16 23:07:09 +01:00
Ralph Boehme
013aaffe7f selftest: run vfs.fruit_netatalk test against seperate share
These tests require a fs with xattr support. This allows adding
xattr_tdb to all other shares in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-16 23:07:09 +01:00
Jeremy Allison
875ff2575f s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-16 23:07:09 +01:00
Jeremy Allison
a3c925d804 s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-16 23:07:09 +01:00
Jeremy Allison
ef091e2cf8 s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
Not yet used, will be used to tidyup existing code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-16 23:07:09 +01:00
Stefan Metzmacher
da39e74c39 libcli/security: fix some SID values in comments
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 16 19:47:15 CET 2018 on sn-devel-144
2018-03-16 19:47:15 +01:00
Stefan Metzmacher
3056e24a4b test_smbclient_s3.sh: force LANG=C during test_utimes()
This makes the test independent from the developers environment.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-16 14:47:37 +01:00
Andreas Schneider
03617480d1 wbinfo: Improve the wording for --online-status
Currently it displays if a domain is online or offline which is wrong.
It tells us if we maintain an active connection to the domain or not.

Users are confused if they read offline because the think winbind is not
functional with that domain.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 16 14:46:43 CET 2018 on sn-devel-144
2018-03-16 14:46:43 +01:00
Björn Baumbach
a27db0b61e ms_schema: fix python2.6 incompatibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13337

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-16 09:46:16 +01:00
Ralph Boehme
26e75cf661 s3: gse: use "gensec_gssapi:requested_life_time"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 16 07:48:37 CET 2018 on sn-devel-144
2018-03-16 07:48:37 +01:00
Anton Nefedov via samba-technical
9862312944 s3:smbd: map nterror on smb2_flush errorpath
smbd_smb2_flush_recv() expects nterror in tevent_req, and otherwise
aborts in tevent_req_is_nterror()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13338

Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-16 03:04:58 +01:00
Stefan Metzmacher
1957bf11f1 s3:auth: make use of make_{server,session}_info_anonymous()
It's important to have them separated from make_{server,session}_info_guest(),
because there's a fundamental difference between anonymous (the client requested
no authentication) and guest (the server lies about the authentication failure).

When it's really an anonymous connection, we should reflect that in the
resulting session info.

This should fix a problem where Windows 10 tries to join
a Samba hosted NT4 domain and has SMB2/3 enabled.

We no longer return SMB_SETUP_GUEST or SMB2_SESSION_FLAG_IS_GUEST
for true anonymous connections.

The commit message from a few commit before shows the resulting
auth_session_info change.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Mar 16 03:03:31 CET 2018 on sn-devel-144
2018-03-16 03:03:31 +01:00
Stefan Metzmacher
0ee9a55094 s3:rpc_server: make use of make_session_info_anonymous()
For unauthenticated connections we should default to a
session info with an anonymous nt token.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-15 21:54:17 +01:00
Stefan Metzmacher
6afb6b67a1 s3:auth: add make_{server,session}_info_anonymous()
It's important to have them separated from make_{server,session}_info_guest(),
because there's a fundamental difference between anonymous (the client requested
no authentication) and guest (the server lies about the authentication failure).

The following is the difference between guest and anonymous token:

             security_token: struct security_token
-                num_sids                 : 0x0000000a (10)
-                sids: ARRAY(10)
-                    sids                     : S-1-5-21-3793881525-3372187982-3724979742-501
-                    sids                     : S-1-5-21-3793881525-3372187982-3724979742-514
-                    sids                     : S-1-22-2-65534
-                    sids                     : S-1-22-2-65533
+                num_sids                 : 0x00000009 (9)
+                sids: ARRAY(9)
+                    sids                     : S-1-5-7
                     sids                     : S-1-1-0
                     sids                     : S-1-5-2
-                    sids                     : S-1-5-32-546
                     sids                     : S-1-22-1-65533
+                    sids                     : S-1-22-2-65534
+                    sids                     : S-1-22-2-100004
                     sids                     : S-1-22-2-100002
                     sids                     : S-1-22-2-100003
+                    sids                     : S-1-22-2-65533
                 privilege_mask           : 0x0000000000000000 (0)

...

         unix_token               : *
             unix_token: struct security_unix_token
                 uid                      : 0x000000000000fffd (65533)
                 gid                      : 0x000000000000fffe (65534)
-                ngroups                  : 0x00000004 (4)
-                groups: ARRAY(4)
+                ngroups                  : 0x00000005 (5)
+                groups: ARRAY(5)
                     groups                   : 0x000000000000fffe (65534)
-                    groups                   : 0x000000000000fffd (65533)
+                    groups                   : 0x00000000000186a4 (100004)
                     groups                   : 0x00000000000186a2 (100002)
                     groups                   : 0x00000000000186a3 (100003)
+                    groups                   : 0x000000000000fffd (65533)

             info: struct auth_user_info
                 account_name             : *
-                    account_name             : 'nobody'
+                    account_name             : 'ANONYMOUS LOGON'
                 user_principal_name      : NULL
                 user_principal_constructed: 0x00 (0)
                 domain_name              : *
-                    domain_name              : 'SAMBA-TEST'
+                    domain_name              : 'NT AUTHORITY'
                 dns_domain_name          : NULL
-                full_name                : NULL
-                logon_script             : NULL
-                profile_path             : NULL
-                home_directory           : NULL
-                home_drive               : NULL
-                logon_server             : NULL
+                full_name                : *
+                    full_name                : 'Anonymous Logon'
+                logon_script             : *
+                    logon_script             : ''
+                profile_path             : *
+                    profile_path             : ''
+                home_directory           : *
+                    home_directory           : ''
+                home_drive               : *
+                    home_drive               : ''
+                logon_server             : *
+                    logon_server             : 'LOCALNT4DC2'
                 last_logon               : NTTIME(0)
                 last_logoff              : NTTIME(0)
                 acct_expiry              : NTTIME(0)
                 last_password_change     : NTTIME(0)
                 allow_password_change    : NTTIME(0)
                 force_password_change    : NTTIME(0)
                 logon_count              : 0x0000 (0)
                 bad_password_count       : 0x0000 (0)
-                acct_flags               : 0x00000000 (0)
+                acct_flags               : 0x00000010 (16)
                 authenticated            : 0x00 (0)
             security_token: struct security_token
                 num_sids                 : 0x00000006 (6)
                 sids: ARRAY(6)
+                    sids                     : S-1-5-7
+                    sids                     : S-1-1-0
+                    sids                     : S-1-5-2
                     sids                     : S-1-22-1-65533
                     sids                     : S-1-22-2-65534
                     sids                     : S-1-22-2-65533
-                    sids                     : S-1-1-0
-                    sids                     : S-1-5-2
-                    sids                     : S-1-5-32-546
                 privilege_mask           : 0x0000000000000000 (0)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-15 21:54:17 +01:00
Stefan Metzmacher
a2a289d044 s3:auth: pass the whole auth_session_info from copy_session_info_serverinfo_guest() to create_local_token()
We only need to adjust sanitized_username in order to keep the same behaviour.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-15 21:54:17 +01:00