IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Introduce find_delete_on_close_token. Thus is_delete_on_close_set
does not have to call get_delete_on_close_token anymore.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jun 1 18:58:30 CEST 2012 on sn-devel-104
If a process died, the share mode entry might be bogus. Ignore those entries.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is a helper routine that prunes a dead share mode entry on demand. This
prepares for removing the serverids_exist call in parse_share_modes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is a helper routine that prunes a dead share mode entry on demand. This
prepares for removing the serverids_exist call in parse_share_modes.
Signed-off-by: Jeremy Allison <jra@samba.org>
The delete tokens are unique to each name hash representing a pathname,
if we don't correctly return here we'll add duplicate tokens for a
given pasname hash.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Apr 7 02:13:58 CEST 2012 on sn-devel-104
Now that we always require a 64 bit off_t, we no longer need SMB_OFF_T.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Apr 6 01:47:43 CEST 2012 on sn-devel-104
get_share_mode_lock_fresh is just a confusing name
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sun Feb 19 19:16:41 CET 2012 on sn-devel-104
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
This forces us to only do one real get_share_mode_lock call and
share the data between the nested get_share_mode_lock calls.
Signed-off-by: Jeremy Allison <jra@samba.org>
This slightly simplifies the code path for all callers which assume
that a share mode exists already. Only the callers in open_file_ntcreate
and open_directory will ever create new share modes.
Signed-off-by: Jeremy Allison <jra@samba.org>
This replaces fill_share_mode_lock() with the two routines
fresh_share_mode_lock() and parse_share_modes(). This lifts the
decision whether a share mode already existed on level up.
Signed-off-by: Jeremy Allison <jra@samba.org>
SMB_ASSERT is useless, since in non-developer build it does not actually
fail after the log message, but usual flow just continues.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Nov 25 14:59:53 CET 2011 on sn-devel-104
This will make it easier to convert locking.tdb to IDL, and I don't think there
will be enough entries to justify a linked list over an array.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Nov 23 09:02:12 CET 2011 on sn-devel-104
This is the main reason for the preceding commits. We need to reduce the number
of round-trips to ctdb when checking the locking record entries for existence.
Using the plural version of process_exists gets the number of round-trips to
ctdb for process_exists down to 1.
Disallow "." in can_set_delete_on_close().
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 12 21:07:27 CEST 2011 on sn-devel-104
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
Reported by herb@samba.org. Remove the (premature) optimization
on file close.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Jul 16 02:32:02 CEST 2011 on sn-devel-104
My previous patches fixed up all direct TDB callers, but there are a
few utility functions and the db_context functions which are still
using the old -1 / 0 return codes.
It's clearer to fix up all the callers of these too, so everywhere is
consistent: non-zero means an error.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Pair-Programmed-With: Michael Adam <obnox@samba.org>
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Mar 18 13:00:51 CET 2011 on sn-devel-104
this value when searching for specific share mode entries.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Mar 17 19:59:51 CET 2011 on sn-devel-104
Do this by keeping a linked list of delete on close tokens, one for
each filename that identifies a path to the dev/inode. Use the
jenkins hash of the pathname to identify the correct token.
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open
without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt
this is still safe to use as if opening an existing tdb the new
hash will be ignored - it's only used on creating a new tdb not
opening an old one.
Jeremy.
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:
ccache build w/o patch
real 4m21.529s
ccache build with patch
real 3m6.402s
pch build w/o patch
real 4m26.318s
pch build with patch
real 3m6.932s
Guenther
Use accessor functions to get to this value. Tidies up much of
the user context code. Volker, please look at the changes in smbd/uid.c
to familiarize yourself with these changes as I think they make the
logic in there cleaner.
Cause smbd/posix_acls.c code to look at current user context, not
stored context on the conn struct - allows correct use of these
function calls under a become_root()/unbecome_root() pair.
Jeremy.
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.
Jeremy.
smbd just crashed on me: In a debug message I called a routine preparing a
string that itself used debug_ctx. The outer routine also used it after the
inner routine had returned. It was still referencing the talloc context
that the outer debug_ctx() had given us, which the inner DEBUG had already
freed.
To me "fill_share_mode_lock failed" is a "can't happen" alert. There is
however a perfectly valid case in get_file_infos() when the file is not open.
Change the corresponding debug message to level 10 and explain more.
This extends the file_id struct to add an additional generic uint64_t
field: extid. For backwards compatibility with dev/inodes stored in
xattr_tdbs and acl_tdbs, the ext id is ignored for these databases.
This patch should cause no functional change on systems that don't use
SMB_VFS_FILE_ID_CREATE to set the extid.
Existing code that uses the smb_share_mode library will need to be
updated to be compatibile with the new extid.
This patch adds 3 new VFS OPs for Windows byte range locking: BRL_LOCK_WINDOWS,
BRL_UNLOCK_WINDOWS and BRL_CANCEL_WINDOWS. Specifically:
* I renamed brl_lock_windows, brl_unlock_windows and brl_lock_cancel to
*_default as the default implementations of the VFS ops.
* The blocking_lock_record (BLR) is now passed into the brl_lock_windows and
brl_cancel_windows paths. The Onefs implementation uses it - future
implementations may find it useful too.
* Created brl_lock_cancel to do what brl_lock/brl_unlock do: set up a
lock_struct and call either the Posix or Windows lock function. These happen
to be the same for the default implementation.
* Added helper functions: increment_current_lock_count() and
decrement_current_lock_count().
* Minor spelling correction in brl_timeout_fn: brl -> blr.
* Changed blocking_lock_cancel() to return the BLR that it has cancelled. This
allows us to assert its the lock that we wanted to cancel. If this assert ever
fires, this path will need to take in the BLR to cancel, rather than choosing
on its own.
* Adds a small helper function: find_blocking_lock_record_by_id(). Used by the
OneFS implementation, but could be useful for others.
This replaces release_level2_oplocks_on_change with
contend_level2_oplock_begin/end in order to contend level2 oplocks
throughout an operation rather than just at the begining. This is
necessary for some kernel oplock implementations, and also lays the
groundwork for better correctness in Samba's standard level2 oplock
handling. The next step for non-kernel oplocks is to add additional
state to the share mode lock struct that prevents any new opens from
granting oplocks while a contending operation is in progress.
All operations that contend level 2 oplocks are now correctly spanned
except for aio and synchronous writes. The two write paths both have
non-trivial error paths that need extra care to get right.
RAW-OPLOCK and the rest of 'make test' are still passing with this
change.
Ok, here's the fix for the write times breakage
with the new tests in S4 smbtorture.
The key is keeping in the share mode struct
the "old_file_time" as the real write time,
set by all the write and allocation calls,
and the "changed_write_time" as the "sticky"
write time - set by the SET_FILE_TIME calls.
We can set them independently (although I
kept the optimization of not setting the
"old_file_time" is a "changed_write_time"
was already set, as we'll never see it.
This allows us to update the write time
immediately on the SMBwrite truncate case,
SET_END_OF_FILE and SET_ALLOCATION_SIZE calls,
whilst still have the 2 second delay on the
"normal" SMBwrite, SMBwriteX calls.
I think in a subsequent patch I'd like to
change the name of these from "old_file_time"
to "write_time" and "changed_write_time" to
"sticky_write_time" to make this clearer.
I think I also fixed a bug in Metze's original
code in that once a write timestamp had been
set from a "normal" SMBwriteX call the fsp->update_write_time_triggered
variable was set and then never reset - thus
meaning the write timestamp would never get
updated again on subsequent SMBwriteX's.
The new code checks the update_write_time_event
event instead, and doesn't update is there's
an event already scheduled.
Metze especially, please check this over for
your understanding.
Jeremy.
(This used to be commit 6f20585419)
being (correctly) used in the can_read/can_write checks for hide unreadable/unwritable
and this is more properly done using the functions in smbd/file_access.c.
Preparing to do NT access checks on all file access.
Jeremy.
(This used to be commit 6bfb06ad95)
Now that it is inside the vfs layer, this function should
not alter the fsp (i.e. set fsp->fh->fd = -1) anymore.
That belongs above the vfs layer.
Michael
(This used to be commit df264bf3e0)
This hides the pending close fds from the outside. Call order
of SMB_VFS_CLOSE is reversed. Originally, it was:
fd_close -> fd_close_posix -> SMB_VFS_CLOSE -> close
And now it is:
fd_close -> SMB_VFS_CLOSE -> fd_close_posix -> close
This is in preparation of removing the fd parameter
from the SMB_VFS_CLOSE function. But it is also the right
place for the pending close calls anyways.
Michael
(This used to be commit 3cf56b124a)
This is needed to implement the strange write time update
logic later. We need to store 2 time timestamps to
distinguish between the time the file system had before
the first client opened the file and a forced timestamp update.
metze
(This used to be commit 6aaa2ce0ee)
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
- when cleaning up invalid locks make sure we mark the lck
struct as modified so it'll get saved back correctly (that
was the original intent).
Jeremy.
(This used to be commit cbf0829abc)
branch, please check if it fulfils your needs.
Two changes: The validation is not done inside the brlock.c traverse_fn,
it's done as a separate routine.
Secondly, this patch does not call the checker routines in smbcontrol
directly but depends on a running smbd.
(This used to be commit 7e39d77c1f)
This replaces the internal explicit dev/ino file id representation by a
"struct file_id". This is necessary as cluster file systems and NFS
don't necessarily assign the same device number to the shared file
system. With this structure in place we can now easily add different
schemes to map a file to a unique 64-bit device node.
Jeremy, you might note that I did not change the external interface of
smb_share_modes.c.
Volker
(This used to be commit 9b10dbbd5d)
lock we know nothing about that we retry the lock every
10 seconds instead of waiting for the standard select
timeout. This is how we used to (and are supposed to)
work.
Jeremy.
(This used to be commit fa18fc25a5)
