1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00

104434 Commits

Author SHA1 Message Date
Martin Schwenke
abe5445c24 ctdb-recoverd: Don't directly release rogue IP addresses
This is inconsistent with the rest of the local IP verification.  It
should notice problems but not try to fix them directly.  Like other
cases, it should use an IP takeover run to try to fix the problem.  In
this case the address might have just been added and an out-of-band
RELEASE_IP might cause conflicts (i.e. "another change is in flight")
with a scheduled IP takeover run.

This effectively reverts commit
694c1b269edc95df446b2e171919be0c266383c4.  Not sure why this was
needed after c7e648c2d11f9785f2493a3dd67567a635633489.  More recently
commit 6471541d6d2bc9f2af0ff92b280abbd1d933cf88 moves responsibility
for determining interface/netmask to 10.interface so this should
continue to work just fine.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
12f9e332e9 ctdb-daemon: Fix takeover of incorrectly assigned public IP address
Cause an "updateip" instead of just logging a message.

This may reset existing connections.  However, CTDB doesn't think the
address should already be hosted on the node so there should be no
connections.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
2210337ce8 ctdb-daemon: Avoid referencing NULL pointer due to unknown old interface
This doesn't currently happen but it will in a subsequent commit.
That commit and this one could be squashed but then the functional
change gets lost in amongst this one.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
81cba9054e Revert "When adding an ip at runtime, it might not yet have an iface assigned to it, so ensure that the next takover_ip call will fall through to accept the ip and add it."
This reverts commit 4136f2714578a9bc0e5632a21d287a50f9ec137a.

If the IP address is on an interface then it won't help to pretend
that it isn't.  This will simply cause a takeip event, which will fail
because the address can't be added.  Note that the IP address isn't
necessarily new - something unexpected may have happened.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
162857eff1 ctdb-scripts: Add early exit for redundant updateip
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
a10545ab6b ctdb-daemon: Drop special case handling for new IP already on interface
The address may already be assigned to another node, so this is wrong.
It also leaves the interface unknown.

This is better left to code that handles rogue IP addresses.  A
takeover run should correctly takeover the address if it is assigned
to this node or release it if it is assigned to another node.  Coming
soon...

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
d2a91394f5 ctdb-daemon: Use release_ip_post() when releasing all IP addresses
This has the advantage of using common code.  Also, if there was
previously a failed attempt to release the IP address as part of a
delete, then this will finish processing the delete.

Extra care needs to be taken when a VNN is actually deleted.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
46c5136e4e ctdb-daemon: Factor out new function release_ip_post()
This contains the cleanup that needs to be done after an IP address is
released from an interface.

state->vnn is set to the return value from release_ip_post(), which is
either the original VNN, or NULL if it was deleted.  This allows
correct handling of the in-flight flag in the destructor for state.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
e653c8bb4a ctdb-daemon: Do not copy address for RELEASE_IP message
If there's an allocation failure then the implicit early return in
CTDB_NO_MEMORY_VOID() means that no reply is sent to the control.
ctdb_daemon_send_message() makes a copy of the data, so don't copy it
here and remove an unnecessary chance of failure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
ca22373231 ctdb-daemon: Do not update the VNN state on RELEASE_IP failure
If RELEASE_IP fails then updating the VNN makes it inconsistent with
reality.  Instead, log the failure and move on to the next IP
address.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
509491a868 ctdb-daemon: Try to release IP address even if interface is unknown
The "releaseip" event in 10.interface will determine the interface and
do the right thing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
225575e7e7 ctdb-common: Save errno before closing file to keep debug accurate
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

In the AIX case, also add the close of the file.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
24001891dd ctdb-tools: Consistently use db_name
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

CID 1364703: Resource leak (RESOURCE_LEAK)

However, this would already be fixed by the fix for CID 1125618, so
this is probably just a minor bug fix.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:26 +02:00
Martin Schwenke
af502fade1 ctdb-tools: Fix CID 1125618 String not null terminated (STRING_NULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
254d5545f4 ctdb-logging: Fix CID 1272823 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
1de8948cb5 ctdb-daemon: Fix CID 1362723 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
bacf57c065 ctdb-tcp: Fix CID 1362724 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
1710b14a3c ctdb-client: Print error message before next syscall to avoid losing errno
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
94018302fd ctdb-client: Fix CID 1362725 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
0de52420b8 ctdb-daemon: Fix CID 1362726 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
0e73734822 ctdb-tcp: Set file descriptor to -1 after close.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
ce451c7cc6 ctdb-tcp: Fix CID 1362727 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
4bc934f132 ctdb-common: Fix CID 1362728 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
6d1099a522 ctdb-common: Fix CID 1362729 Unchecked return value from library
Drop setting socket non-blocking and close-on-exec.  The socket is
closed soon after.  Only a single packet is sent, making it almost
impossible for it to block.  Also, note that sockets aren't setup this
way for IPv6.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
198ca88391 ctdb-tests: Update porting test to be more flexible about line numbers
This way the test doesn't need to be changed every time the code is
moved around.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
518683abfe ctdb-daemon: Fix CID 1125574 Operands don't affect result
Interfaces going up or down are always interesting, so log these at
error level.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
1be2cd9dd2 ctdb-daemon: Fix CID 1125575 Operands don't affect result
This is related to an error, so repeatedly log at error level instead
of trying to avoid repetition.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:24 +02:00
Martin Schwenke
b92c78a043 ctdb-daemon: Fix CID 1272855 Operands don't affect result
Failures are already logged at alert/error level above, so just log
the summary at notice level.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:24 +02:00
Amitay Isaacs
47e6c37dca ctdb-tools: Drop "ctdb rebalancenode"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12151

This was already dropped in commit d67868469521341aa92c589a0bb6df90b150d555.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Aug 17 09:22:13 CEST 2016 on sn-devel-144
2016-08-17 09:22:13 +02:00
Amitay Isaacs
f376f346f2 ctdb-tools: Drop "ctdb rebalanceip"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12151

This was already dropped in commit aaa57fbcb392061f8fbb5a12fd0e6a7be934ab66.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-17 05:28:19 +02:00
Amitay Isaacs
f635bd8997 ctdb-tools: Addition of IPs is deferred until the next takeover run
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12152

This makes the behaviour of "ctdb addip" similar to "ctdb delip".

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-17 05:28:19 +02:00
Jeremy Allison
639063da8c s3: vfs: shadow_copy2. Remove any trailing slash when stripping @GMT-YYYY... from the end of a path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 17 05:25:30 CEST 2016 on sn-devel-144
2016-08-17 05:25:30 +02:00
Jeremy Allison
6245f2c042 s3: vfs: shadow_copy2: Re-use an existing variable already set to the right value (p - name).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2016-08-17 01:22:38 +02:00
Michael Adam
b2bf61307c idmap: centrally check that unix IDs returned by the idmap backends are in range
Note: in the long run, it might be good to move this kind of
exit check (before handing the result back to the client)
to the parent winbindd code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Aug 17 01:21:39 CEST 2016 on sn-devel-144
2016-08-17 01:21:39 +02:00
Michael Adam
c21976d4b1 idmap: don't generally forbid id==0 from idmap_unix_id_is_in_range()
If the range allows it, then id==0 should not be forbidden.
This seems to have been taken in from idmap_ldap when the
function was originally created.

See 634cd2e0451d4388c3e3f78239495cf595368b15 .
The other backends don't seem to have had that
extra check for id == 0.

The reasoning for this change is that the range check should
apply to all cases. If the range includes the 0, then it
should be possible to get it as result. In particular,
this way, the function becomes applicable also to the
passdb backend case, e.g. in a samba4-ad-dc setup where
the Admin gets uid == 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-08-16 21:27:22 +02:00
Stefan Metzmacher
5066a6db4b s3:lib/pthreadpool: fix the build on older systems
Some systems required an explicit <signal.h>, which comes
via "system/wait.h"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 16 19:09:55 CEST 2016 on sn-devel-144
2016-08-16 19:09:55 +02:00
Uri Simchoni
3e42b69d5e smbd: look only at handle readability for COPYCHUNK dest
This commits sets the stage for a change of behavior
in a later commit.

When checking FILE_READ_DATA on the COPYCHUNK dest handle,
only check the handle readability and not the extra right
that may have been added due to the FILE_EXECUTE right.

The check for FILE_READ_DATA always seemed strange for the
dest handle, which is not read. It turns out that in Windows,
this check is not done at the SMB layer, but at a lower layer
that processes the IOCTL request - the IOCTL code has bits
that specify what type of access check needs to be done.

Therefore, this lower layer is unaware of the SMB layer's
practice of granting READ access based on the FILE_EXECUTE
right, and it only checks the handle's readability.

This subtle difference has observable behavior - the
COPYCHUNK source handle can have FILE_EXECUTE right instead
of FILE_READ_DATA, but the dest handle cannot.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Aug 16 15:21:03 CEST 2016 on sn-devel-144
2016-08-16 15:21:03 +02:00
Uri Simchoni
5bf11f6f5b s4-smbtorture: pin copychunk exec right behavior
Add tests that show copychunk behavior when the
source and dest handles have execute right instead
of read-data right.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
6ce0304eda seltest: allow opening files with arbitrary rights in smb2.ioctl tests
Separate file creation (which requires write access) from the
opening of the file for the test (which might be without write
access).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
7dc9f58206 seltest: implicit FILE_READ_DATA non-reporting
This test (passes against Windows Server 2012R2) shows
that the implicit FILE_READ_DATA that is added whenever
FILE_EXECUTE is granted, is not reported back when querying
the handle.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
55a9d35cab s4-selftest: add test for read access check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
1b06acafa4 s4-selftest: add functions which create with desired access
Add functions which create a file or a directory with
specific desired access.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Uri Simchoni
20b9a5bd74 s4-smbtorture: use standard macros in smb2.read test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2016-08-16 11:31:27 +02:00
Christof Schmitt
f1b42ec778 smbd: Fix snapshot query on shares with DFS enabled
When DFS is enabled (host msdfs = yes and msdfs root = yes), then SMB
clients send create requests in the format \hostname\service\path.
Putting the GMT tag as first element breaks the DFS parsing and results
in OBJECT_NOT_FOUND for snapshotted files.  Fix this by appending the
GMT tag to the end of the path.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12150

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 13 05:44:39 CEST 2016 on sn-devel-144
2016-08-13 05:44:38 +02:00
Uri Simchoni
b6931d5edc selftest: add tests for dfree with inherit owner enabled
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-13 01:53:15 +02:00
Uri Simchoni
f20d57ecea selftest: refactor test_dfree_quota.sh - add share parameter
Add a share parameter to individual disk-free tests. This will
allow running tests on shares other than dfq share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-13 01:53:15 +02:00
Uri Simchoni
ea73bcd87b smbd: use owner uid for free disk calculation if owner is inherited
If "inherit owner" is enabled, then new files created under a
directory shall consume the quota of the directory's owner, so
the free disk calculation should take that quota into account,
not the quota of the user creating the file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-13 01:53:15 +02:00
Uri Simchoni
bd2ec88dca smbd: get a valid file stat to disk_quotas
Most calls to disk_quotas originate at a state with an
open file descriptor. Pass the file's stat info down to
disk_quota, so that we can avoid extra stat's and the related
error handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-13 01:53:15 +02:00
Uri Simchoni
3e6ea02d42 quotas: small cleanup
Remove an internal function from proto.h

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-13 01:53:15 +02:00
Volker Lendecke
1c10c85939 ctdb: Fix the O3 developer build on RHEL7
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 13 00:55:02 CEST 2016 on sn-devel-144
2016-08-13 00:55:02 +02:00