1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

112556 Commits

Author SHA1 Message Date
Amitay Isaacs
e84b5020a4 ctdb-common: Correctly handle conf->reload()
Configuration reload should reset the values of configuration options
missing from the config file to default.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jun 29 15:12:37 CEST 2018 on sn-devel-144
2018-06-29 15:12:37 +02:00
Carlos O'Donell
b6b1226d39 ctdb: Improve robust mutex test
This avoids some of the undefined behaviour, like initializing the same mutex
twice which happens when the low and high priority processes start (both
do the initialization and that's dangerous.) Instead now we start an
"init" process to start the shared memory segment, and then everything
else just uses it without truncation or unlinking (same mutex).

Signed-off-by: Carlos O'Donell <codonell@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 29 06:47:00 CEST 2018 on sn-devel-144
2018-06-29 06:47:00 +02:00
Björn Baumbach
396f123121 README.Coding: Fix link to Python coding style guide (PEP 8)
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: David Mulder <dmulder@suse.com>

Autobuild-User(master): Björn Baumbach <bbaumbach@samba.org>
Autobuild-Date(master): Thu Jun 28 15:04:44 CEST 2018 on sn-devel-144
2018-06-28 15:04:44 +02:00
Joe Guo
975b751bb6 tests/ntacls: fix pep8 warnings
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 28 12:14:59 CEST 2018 on sn-devel-144
2018-06-28 12:14:59 +02:00
Joe Guo
3262f01d36 tests/ntacls: use global vars to make code DRY
Move acl and dommain_sid to global vars so we don't repeat them in every
test.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:09 +02:00
Joe Guo
178c7d4f2b tests/ntacls_backup: register test
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:09 +02:00
Joe Guo
b3346158c6 ntacls: add extra test file for ntacls backup
The ntacls backup tests have to run in ad_dc:local env, which is
different from existing ntacls tests. Add a separate file for backup
tests.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:09 +02:00
Joe Guo
132fa04c77 ntacls: add functions to backup and restore ntacls
1. backup a share online from a smb connection with ntacls using pysmb API.
2. backup a share offline from service path with ntacls using pysmbd API.
3. restore from tarfile with pysmdb API.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:09 +02:00
Joe Guo
1078c969ab pysmbd: add py_smbd_create_file
Add create_file function to smbd API.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:09 +02:00
Joe Guo
747c3f1fb3 pysmbd: extract init_files_struct function
Extract initialization code from set_nt_acl_conn for reuse.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:09 +02:00
Joe Guo
f1566c2ef9 pysmbd: add py_smbd_mkdir
Add mkdir for smbd API.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:09 +02:00
Joe Guo
4320dcc4bc pysmb: add py_smb_unlink and test
Add unlink api to delete a file with a smb connection.
Test added.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 09:25:08 +02:00
Douglas Bagnall
211275fae6 samba-tool showrepl tests: test all-good with --pull-summary
We test the all-good case with --pull-summary, which is the only one
we can be reasonably certain about.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Jun 28 09:23:10 CEST 2018 on sn-devel-144
2018-06-28 09:23:09 +02:00
Andrew Bartlett
2c9eeedc84 samba-tool drs showrepl: add --pull-summary and --notify-summary
These separate the two halves of --summary (which is still there),
allowing the repsto and repsfrom to be separately queried.

One motivation for this is testing: it is difficult to assert the
success of repsfrom (--notify-summary) in the test framework, because
we can't rely on the other end behaving properly and promptly.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 06:29:17 +02:00
Douglas Bagnall
5fcd374602 s4/torture/samba_tool_drs_showrepl: use assertRegexpMatches
rather than a local rewrite special to this file.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 06:29:17 +02:00
Douglas Bagnall
da30b37e68 s4/torture/drs/python: don't double-call enable/disable replication
This is repeating work done in setup/teardown or doubling up in place (self._enable_all_repl includes self._enable_inbound_repl)

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 06:29:17 +02:00
Douglas Bagnall
f08e3d6db5 samba-tool drs showrepl test: remove useless print
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 06:29:17 +02:00
Andrew Bartlett
79c1c0c914 samba-tool drs showrepl: Skip deleted DSAs when checking for success
The deleted DSAs are ignored by the server replication code, so ignore past failures
here also.

The repsFrom and repsTo entries will eventually be removed by the KCC.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-06-28 06:29:16 +02:00
Douglas Bagnall
3a1b710eac samba-tool drs show_repl: simplify the collection of DC lists
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 06:29:16 +02:00
Douglas Bagnall
b62b3da976 samba-tool drs showrepl --summary for a quick local check
The default output ("classic") gives you a lot of very uninteresting
detail when everything is fine. --summary shuts up about things that
are fine but shouts a little bit when things are broken. It doesn't
provide any new information, just tries to present it in a more useful
format.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 06:29:16 +02:00
Douglas Bagnall
2403b7c4fd samba-tool drs showrepl: add a --color flag
Nothing is using it yet, but the next commit will

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 06:29:16 +02:00
Tim Beale
8b07ddde47 provision: set 'binddns dir' when making new smb.conf
When creating a new smb.conf from scratch during a join/clone/etc, the
'binddns dir' setting still uses the source smb.conf/default setting,
instead of the targetdir sub-directory.

I noticed this problem when trying to create a new testenv - the
provision() was trying to create /usr/local/samba/bind-dns directory,
which would fail if samba hadn't already been installed on the host
machine.

Now that this is fixed, we also need to fix tests that were explicitly
asserting that no unexpected directories were left behind after the test
completes.

This change also breaks the upgradeprovision script. The upgrade-
provision calls newprovision() to create a reference provision in a
temporary directory. However, previously this temporary provision was
creating the bind-dns directory in the actual upgrade directory as a
side-effect, e.g. it did a provision() with
targetdir=alpha13_upgrade_full/private/referenceprovisionLBKBh2 and this
ended up creating alpha13_upgrade_full/bind-dns as a side-effect.
The provision() now creates bind-dns in the specified targetdir, but
this means check_for_DNS() fails (it tries to create bind-dns sub-
directories, but the upgrade's bind-dns doesn't exist). I've avoided
this problem by making sure bind-dns exists as part of the
check_for_DNS() processing.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 28 06:22:16 CEST 2018 on sn-devel-144
2018-06-28 06:22:16 +02:00
Tim Beale
c9cf62bd3a selftest: Update MAX_WRAPPED_INTERFACES comment to match code
Commit 19606e4dc6 updated the MAX_WRAPPED_INTERFACES define
in the C code from 40 to 64.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 03:34:27 +02:00
Tim Beale
66f8c86e9a tests: Add basic test for non-global LoadParm behaviour
Add a simple test to show that the new non-global LoadParm behaviour
works, i.e.
- by default all LoadParm objects are linked to the same underlying
  object
- using a non-global LoadParm creates a separate underlying object.
- using a non-global LoadParm with a bad filename fails.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 03:34:27 +02:00
Aaron Haslett
5728867ddc param: Add non-global smb.cfg option (support 2 different smb.confs)
The default behaviour is that there is only a single global underlying
LoadParm object. E.g. if you create 2 different LoadParm objects in
python, they both modify the same underlying object.

This patch adds a mechanism to override this and create a separate
non-global LoadParm object. The use-case is the backup tool, where we
want to manipulate 2 different smb.conf files (the one used to create
the backup, and the smb.conf in the backup itself).

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 03:34:27 +02:00
Aaron Haslett
f0aad4a187 samba: read backup date field on init and fail if present
This prevents a backup tar file, created with the new official
backup tools, from being extracted and replicated.

This is done here to ensure that samba-tool and ldbsearch can
still operate on the backup (eg for forensics) but starting
Samba as an AD DC will fail.

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 03:34:26 +02:00
Tim Beale
8e58954f2f tests: Add test that Samba cannot be started with a backup DB
We don't want users to take a backup file, and then simply untar it and
run Samba (Several modifications to the DB need to be made as part of
the restore process, so users should always run the 'backup restore'
command).

To enforce this, prime_ldb_databases() now refuses to start Samba if the
backupDate marker is present in the DB. This patch adds a test-case that
proves this basic behaviour works.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 03:34:26 +02:00
Andreas Schneider
e88d68c253 docs: Add manpage for winbind_krb5_localauth.8
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 27 18:45:56 CEST 2018 on sn-devel-144
2018-06-27 18:45:56 +02:00
Andreas Schneider
6b7fcec015 docs: Move winbind_krb5_locator manpage to volume 8
The vfs and idmap manpages are in volume 8 too.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2018-06-27 16:00:19 +02:00
Andreas Schneider
4a7e0f259b krb5_plugin: Move krb5 locator plugin to krb5_plugin subdir
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2018-06-27 16:00:19 +02:00
Andreas Schneider
eba2eb8a15 krb5_plugin: Install plugins to krb5 modules dir
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2018-06-27 16:00:19 +02:00
Andrew Bartlett
d9914b9b6a Update .travis.yml to match package list used in docker container and Catalyst Cloud builds
The package list has some "strange" things in them, but more important is
using the same list everywhere.  We can hopefully harmonise the package lists
to a single file in Samba git soom, merging the docker and packer image creation.

Additionally, Travis CI will probably need to move to Docker once we change
beyond Ubuntu 14.04, so it will simple reference the gitlab.com image then.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed Jun 27 07:51:14 CEST 2018 on sn-devel-144
2018-06-27 07:51:14 +02:00
Tim Beale
562ec950fc remove_dc: Fix removal of an old Windows DC
Windows has 'CN=DNS Settings' child object underneath the Server object.
This was causing the removal of the server object in remove_dc() to
fail.

Noticed this problem while testing the backup/restore tool manually
against a Windows VM.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13484

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Jun 26 23:32:51 CEST 2018 on sn-devel-144
2018-06-26 23:32:51 +02:00
Justin Stephenson
f90f434e04 s3:tests: Add test for smbclient --quiet
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Björn Baumbach <bb@sernet.de>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 26 20:29:19 CEST 2018 on sn-devel-144
2018-06-26 20:29:19 +02:00
Justin Stephenson
89a8b3ecd4 s3:client: Add --quiet option to smbclient
Add quiet command-line argument to allow suppressing the help log
message printed automatically after establishing a smbclient connection

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Björn Baumbach <bb@sernet.de>
2018-06-26 17:43:25 +02:00
Gary Lockyer
113da7ac67 dsdb audit: Fix timestamp tests
Fix flapping test:
  [242(3560)/242 at 25m3s] samba4.dsdb.samdb.ldb_modules.audit_log
UNEXPECTED(failure):
  samba4.dsdb.samdb.ldb_modules.audit_log.test_operation_json_empty(none)
REASON: Exception: Exception: difftime(after, actual) >= 0
../source4/dsdb/samdb/ldb_modules/tests/test_audit_log.c:74: error:

The tests truncate the microsecond portion of the time, so the
difference could be less than 0.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 26 06:09:46 CEST 2018 on sn-devel-144
2018-06-26 06:09:46 +02:00
Andrew Bartlett
120fe41073 dsdb-audit: Remove flapping part of the tests
Because we have tests for this in the auth audit code, we do not need to have
the complexity of checking that we got DCE/RPC over SMB as an authorization
message here.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
d18bae9169 dsdb: Use GUID_zero() rather than memset in dsdb audit code
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
2c883bd978 dsdb: Use customary variable names for the audit private context
The variable name "ac" typically implies the async context, and the long-life
private context is normally denoted private, not context.  This aligns better
with other modules.

talloc_get_type_abort() is now also used.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
d2468f732f dsdb: Use customary variable names for audit event contexts
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
d38160c968 dsdb: Use correct memory context for imessaging_client_init() in audit logging
This is only used for selftest, to send out the log messages for checking.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
4b077e07a0 audit_logging: Remove duplciate error printing
These errors are already logged at DBG_NOTICE in get_event_server()

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
dad73e0b68 audit_logging: Initialise event_server
It is better if this is a known zero value to start, even if we check the errors
correctly.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
4f50848680 audit_logging: Remove incorrect check for NT_STATUS_OBJECT_NAME_NOT_FOUND
NT_STATUS_OBJECT_NAME_NOT_FOUND is not a case we can ignore, it would mean that event_server
is not initialised.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
450210c39a audit_logging: Clarify debug messages
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-06-26 03:27:20 +02:00
Andrew Bartlett
f33749fc84 autobuild: Build samba-fileserver --without-json-audit
This build target is already --without-ad-dc and is the one we need to ensure is
compatible with a host without the Jansson JSON library.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jun 26 02:03:30 CEST 2018 on sn-devel-144
2018-06-26 02:03:30 +02:00
Andrew Bartlett
6b9a9a4d08 dsdb: Ensure a build --without-json-audit --without-ad-dc compiles
We still build some of the ldb_modules even when we are not a DC, so we must
split up the DSDB_MODULE_HELPERS.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-06-25 23:01:20 +02:00
Andrew Bartlett
b650ea5398 lib/audit_logging: Only build audit_logging_test for --enable-selftest on the AD DC
This allows a --without-ad-dc --enable-selftest build to compile, still testing some
fileserver-only features.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-06-25 23:01:20 +02:00
Andrew Bartlett
a2783fe1a3 lib/audit_logging: Require jansson JSON library for building the AD DC
This combination is untested and it is reasonable to require this
broadly available library for the AD DC build.

Doing so keeps the combinational complexity down and ensures we test
what we ship.  (It was failing to compile).

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-06-25 23:01:20 +02:00
Andrew Bartlett
5bb60e2dd7 build: Move --without-json-audit and json lib detection to lib/audit_logging
This is the common location of the audit logging code now

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-06-25 23:01:20 +02:00