1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Commit Graph

6098 Commits

Author SHA1 Message Date
David Mulder
e60f49783e gpo: Apply kerberos settings
Add kdc kerberos settings to gpo.tdb, then retrieve those settings in
lpcfg_default_kdc_policy.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-11-20 21:41:15 +01:00
Garming Sam
5662e49b49 gpo: Create the gpo update service
Split from "Initial commit for GPO work done by Luke Morrison" by David Mulder

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Luke Morrison <luke@hubtrek.com>
Signed-off-by: David Mulder <dmulder@suse.com>

Then adapted to current master

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-11-20 21:41:14 +01:00
David Mulder
6159b8eb6a gpo: move mkdir_p to lib/util
Move the mkdir_p function to lib/util so it can be used elsewhere

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-11-20 21:41:14 +01:00
Volker Lendecke
e83f3891b2 lib: Save a few bytes of .text
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:16 +01:00
Volker Lendecke
73533b90cc lib: Fix a false/NULL hickup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:16 +01:00
Volker Lendecke
98dd651f8d lib: Simplify is_ipaddress_v6
Do an early return, avoid an "else", avoid an indentation level

Review with git show -b

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:16 +01:00
Volker Lendecke
2a86876c22 lib: Avoid a pointless static variable
Saves a few bytes of .text

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:15 +01:00
Volker Lendecke
c19b49bad8 tevent: Fix typos
While there, fix comment formatting

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:15 +01:00
Jeremy Allison
993fa5793f lib: tevent: Minor cleanup. wakeup_fd can always be gotten from the event context.
We don't need to store it. I prefer this as it shows that we must always
get wakeup_fd from the event context at time of use, rather than possibly
storing an out-of-date variable.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Nov 17 12:43:01 CET 2017 on sn-devel-144
2017-11-17 12:43:01 +01:00
Ralph Boehme
3b16bfe483 pthreadpool: create a tevent_threaded_context per registered event context
We just need one tevent_threaded_context per unique combintation of
tevent event contexts and pthreadpool_tevent pools, not multiple copies
for identical combinations of a tevent contexts and a pthreadpool_tevent
pools.

With this commit we register tevent contexts in a list in the
pthreadpool_tevent structure and will only have one
tevent_threaded_context object per tevent context per pool.

With many pthreadpool_tevent_job_send reqs this pays off, I've seen a
small decrease in cpu-ticks with valgrind callgrind and a modified
local.messaging.ping-speed torture test. The test modification ensured
messages we never directly send, but always submitted via
pthreadpool_tevent_job_send.

Pair-Programmed-With: Jeremy Allison <jra@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Nov 17 02:35:52 CET 2017 on sn-devel-144
2017-11-17 02:35:52 +01:00
Volker Lendecke
cd5d726c89 util_tdb: Make a few functions static
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-13 23:54:46 +01:00
Stefan Metzmacher
2e573eead9 tevent: version 0.9.34
* Remove unused select backend
* Fix a race condition in tevent_threaded_schedule_immediate()
  (bug #13130)

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 13 18:02:46 CET 2017 on sn-devel-144
2017-11-13 18:02:46 +01:00
Volker Lendecke
20cfcb7dbc tevent: Fix a race condition
We can't rely on tctx to exist after we unlocked the mutex. It took a
while, but this does lead to data corruption. If *tctx is replaced with
something where tctx->wakeup_fd points to a real, existing file
descriptor, we're screwed. And by screwed, this means file corruption
on disk.

Again. I am not tall enough for this business.

http://bholley.net/blog/2015/must-be-this-tall-to-write-multi-threaded-code.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13130

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Nov 11 03:20:09 CET 2017 on sn-devel-144
2017-11-11 03:20:09 +01:00
Volker Lendecke
7e4908d72b lib: Use all_zero where appropriate
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-10-27 20:33:25 +02:00
Andrew Bartlett
593dacd274 replace: Link to -lbsd when building replace.c by hand
This ensures that we correctly detect HAVE_IFACE_GETIFADDRS
et al, which are based on a "build the source" style test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13087

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2017-10-20 04:05:20 +02:00
Douglas Bagnall
42e7671226 nwrap: Fix strotoul checks for NSS_WRAPPER_MAX_HOSTENTS
The env and endptr pointers need to be dereferenced, but that is not
enough: we don't really want to regard an empty string (*env == '\0')
as a valid number.

Found by GCC 8.0.0 20170705 (experimental).

[2095/4103] Compiling lib/nss_wrapper/nss_wrapper.c
../lib/nss_wrapper/nss_wrapper.c: In function "nwrap_init":
../lib/nss_wrapper/nss_wrapper.c:1571:13: warning: comparison between pointer and zero character constant [-Wpointer-compare]
   if (((env != '\0') && (endptr == '\0')) ||
                ^~
                ../lib/nss_wrapper/nss_wrapper.c:1571:9: note: did you mean to dereference the pointer?
   if (((env != '\0') && (endptr == '\0')) ||
            ^
            ../lib/nss_wrapper/nss_wrapper.c:1571:33: warning: comparison between pointer and zero character constant [-Wpointer-compare]
   if (((env != '\0') && (endptr == '\0')) ||
                                    ^~
                                    ../lib/nss_wrapper/nss_wrapper.c:1571:26: note: did you mean to dereference the pointer?
   if (((env != '\0') && (endptr == '\0')) ||

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Oct 19 16:42:17 CEST 2017 on sn-devel-144
2017-10-19 16:42:17 +02:00
Gary Lockyer
123042c2e3 source4/smbd: add a prefork process model.
Add a pre fork process model to bound the number processes forked by
samba.  Currently workers are only pre-forked for the ldap server,  all
the other services have pre-fork support disabled.

When pre-fork support is disabled a new process is started for each
service, and requests are processed by that process.

This commit partially reverts commit
b5be45c453.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-10-19 05:33:10 +02:00
Christof Schmitt
267cd25290 Removed unused 'oplock contention limit' config parameter
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-10-19 00:55:24 +02:00
Lumir Balhar
01e89ada25 python: Fix Python 2.6 compatibility
PyErr_NewExceptionWithDoc() isn't available in Python 2.6 so it can
be used only in higher versions of Python.

Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-10-18 10:20:26 +02:00
Stefan Metzmacher
96e471eecc krb5_wrap: ADDRTYPE_INET6 is available in all supported MIT versions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13079

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
2017-10-11 08:30:13 +02:00
Stefan Metzmacher
7014684127 krb5_wrap: KRB5_ADDRESS_INET6 is not a define in Heimdal
All supported versions of Heimal already have KRB5_ADDRESS_INET6,
so there's no need for an explicit check.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13079

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
2017-10-11 08:30:13 +02:00
Ralph Boehme
6539cc8a24 lib/util/run_cmd: use a cleanup function instead of a destructor
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Sep 30 12:14:57 CEST 2017 on sn-devel-144
2017-09-30 12:14:56 +02:00
Ralph Boehme
94a8331e54 lib/util/run_cmd: remove a printf
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
2017-09-30 08:01:25 +02:00
Ralph Boehme
4aaf072d1f lib/util/run_cmd: ensure fd_stdin gets set to -1 in the destructor
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
2017-09-30 08:01:24 +02:00
Ralph Boehme
9a8eeabd95 lib/util/run_cmd: prevent zombies in samba_runcmd_send on timeout
Ensure the state desctructor calls tfork_destroy to reap the waiter and
worker processes. Otherwise we leave the waiter process as a zombie
behind us as we never call waitpid on it in case of a timeout
or talloc_free() from the caller.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13062

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
2017-09-30 08:01:24 +02:00
Volker Lendecke
ac521c2d7d lib: Fix a signed/unsigned hickup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-09-30 08:01:24 +02:00
Christof Schmitt
575f1e2bf5 lib/util: Fix build for lttng libraries that does not support tracef
On a system that has older lttng-ust development headers installed that
do not yet provide the tracef api, configure fails with:

Checking for library lttng-ust : yes
ERROR: Target 'lttng-ust' in directory /samba/lib/util re-defined as EMPTY - was SYSLIB

Fix the initialization order in waf, to not redefine the lttng-ust
target

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-09-27 22:11:11 +02:00
Gary Lockyer
3982b774f4 tfork: set waiter process title
Display a meaningful process title for the waiter process, now that smbd is
calling setproctitle_init() and this value will be displayed in ps
output.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 26 04:38:59 CEST 2017 on sn-devel-144
2017-09-26 04:38:59 +02:00
Gary Lockyer
4f84b6dfa8 s4:smbd: call setproctitle_init
Call setproctitle_init() in main which suppresses the
  "samba: setproctitle not initialized, please either call
   setproctitle_init() or link against libbsd-ctor."
messages, but more importantly it displays meaningful details in ps
output.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9816

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2017-09-26 00:41:16 +02:00
Andrew Bartlett
c40531d9b9 ldb: Release ldb 1.3.0
* GUID Index support.

  NOTE: When activated by setting @IDXGUID in the @INDEXLIST dn, all
  entries in the DB are re-keyed in a way that is NOT visible to
  ldb 1.2.2 and earlier.  To re-key back to the previous format, remove
  the @IDXGUID attribute from @INDEXLIST using ldb 1.2.2 or later.

  (ldb 1.2.2 can re-key, but not otherwise read, the new DB format).

* Give LDB_ERR_CONSTRAINT_VIOLATION, not LDB_ERR_ENTRY_ALREADY_EXISTS
  when a duplicate value is detected in a unique index

* Print status information during a > 10,000 entry re-index
  (as this can be slow)

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Sep 23 01:24:19 CEST 2017 on sn-devel-144
2017-09-23 01:24:19 +02:00
Andrew Bartlett
303739e801 ldb_tdb: Treat distinguishedName and objectGUID (in Samba) as unique
This avoids loading any second index for these cases.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2017-09-22 21:20:25 +02:00
Andrew Bartlett
644b3ffb14 ldb: Ensure we do not run out of File descriptors in autobuild
The python TestCase API will keep a reference to the test object until the end
of the tests, long after we need the actual LDB or the fd.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2017-09-22 21:20:25 +02:00
Andrew Bartlett
a0b46ecdd2 ldb: Do not make an ldb file for API tests
An ldb context is valid without a backing file for tests of ldb.Message and ldb.MessageElement

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2017-09-22 21:20:25 +02:00
Andrew Bartlett
8565ca1c6d ldb: Add test showing a search against the index is not possible
This is not actually a great test, as the filter would
fail to match these anyway, but it at least checks the
codepath is safe.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:25 +02:00
Andrew Bartlett
f0624d3890 ldb_tdb: Also ban a (indexed) search against like @IDXDN=foo
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:25 +02:00
Andrew Bartlett
f4f9acf781 ldb_tdb: Update comments for the delete_index() pass of ltdb_reindex()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:25 +02:00
Andrew Bartlett
61b66b8d0a ldb_tdb: Print progress messages on re-index
A re-index of 10,000 entries is slow enough and rare enought that we can
justify the message being at LDB_DEBUG_WARNING as otherwise the administrator
will be sure the "lockup" was one.

The default for ldb is to print LDB_DEBUG_WARNING in comand-line tools
and the default for Samba is to log it at level 2.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
c71ddab974 ldb_tdb: Remove incorrect early return from re-index
The ltdb->cache->attribute_indexes test is not correct with the GUID index mode
so for consistency remove it.  This will make re-index on a large un-indexed
database slower, but that is better than making the wrong choice on a large
GUID-indexed database.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
0503f0984a ldb: Add more tests covering in-transaction GUID index and unique index behaviour
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
00410ba99f ldb_tdb: Add UNIQUE_INDEX as a possible flag
This allows easy testing of our unique index code and behaivour from python

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
561ef20634 ldb_tdb: Remove LTDB_FLAG_HIDDEN and ignore "HIDDEN" in @ATTRIBUTES
This was (unintentionally) disabled by
6ef6182554 in 2006.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
29c303f21b ldb_tdb: Clean up index records on ltdb_index_add_new() failure.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
83bc607463 ldb_tdb: Describe index format and control points
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
3113d871bd ldb_tdb: Give a good error message on add without an objectGUID
(or whatever the @IDX_GUID value is)

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
b9d561b023 ldb_tdb: Avoid canonicalise and base64 work for DN values, these are already OK
This is important with the GUID index, as a DN lookup is much more common now.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
3e60f02753 ldb_tdb: Clean up list in after use in ltdb_key_dn_from_idx()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
d198a43b55 ldb_tdb: Avoid allocation of a DN between the GUID index and the DB lookup
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
4e9978506a ldb_tdb: Move constants into ldb_tdb.h
This helps ensure we keep these all in sync.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
b0a6b5ab51 ldb_tdb: Optimise ltdb_search_and_return_base() to re-use casefolding
The casefolding of a DN is one of the more expensive and pointless things in LDB
operation.  The ldb_dn abstraction works hard to avoid duplicating this work, but
we can work harder to save that information.

Here we copy in the DN, that has been casefolded already for the index,
and keep that as the returned DN, after stripping any extended components.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00
Andrew Bartlett
f14370d471 ldb: Add tests for base DN of a different case
This ensures we cover the case where the DN does not match the DB exactly

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-09-22 21:20:24 +02:00