1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Commit Graph

2271 Commits

Author SHA1 Message Date
Swen Schillig
b40bcb094d ctdb-server: Only talloc_set_destructor when required
The destructor is only needed once the state got added to the DLIST.
Therefore, move the setting of the destructor to after the addition
of state to the DLIST.

Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-31 00:07:18 +02:00
Swen Schillig
3269cd6707 ctdb-server: Cleanup ctdb_daemon_call_send_remote
Minor code cleanup and adding a temporary variable to improve readabilty.

Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-31 00:07:18 +02:00
Swen Schillig
22299f9898 ctdb: Fixing possible memory leak in ctdb_daemon_read_cb
In case of an error condition the further processing of the data is cancelled
and the callback returns. In such a scenario the data has to be free'd.

Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-31 00:07:18 +02:00
Martin Schwenke
db7e4aa3d8 ctdb-daemon: Drop ctdbd --nlist option
Tests now deviate from the compile-time default by setting CTDB_BASE.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:20 +01:00
Martin Schwenke
f6d6f2220b ctdb-daemon: Drop ctdbd --public-interface option
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
482ff4bdd3 ctdb-daemon: Drop ctdbd --public-addresses option
Use the default location.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:19 +01:00
Martin Schwenke
1dcc0adf1a ctdb-daemon: Provide a default location for public addresses file
If the specified file or the default does not exist then log a
warning.

This is done in the takeover code to localise the handling of the
public addresses file.  Soon the daemon command-line option will go
away and the takeover code will be replaced in the not too distant
future.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
4961711621 ctdb-daemon: Drop ctdbd --socket option
Use environment variables for test-only options.

The setenv() can be dropped because the socket location is either the
compile-time default or the already set environment variable.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
b05dc0bb84 ctdb-daemon: Allow CTDB_SOCKET environment variable to be used
Use environment variables for test-only options.

Switch to using a local variable.  This simplifies both the logic and
the ability to later drop the command-line option.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:18 +01:00
Martin Schwenke
aa961e8807 ctdb-tests: Drop ctdbd --event-script-dir option
Event scripts live in a standard place.

For testing, CTDB_BASE is modified.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Martin Schwenke
32fade2f13 ctdb-daemon: Drop ctdbd --pidfile option
Use environment variables for test-only options.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-19 02:23:17 +01:00
Martin Schwenke
b0d892b9ad ctdb-daemon: CTDB_PIDFILE environment variable overrides default
Use environment variables for test-only options.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-09 07:08:25 +01:00
Martin Schwenke
6a5473854f ctdb-daemon: Provide default location for ctdbd PID file
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2018-03-09 07:08:25 +01:00
Gary Lockyer
9ccf164550 ctdb/server/ctdb_daemon.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-12-18 04:38:20 +01:00
Amitay Isaacs
de3f0d889b ctdb-recovery-helper: Deregister message handler in error paths
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13188

If PULL_DB control times out but the remote node is still sending the
data, then the tevent_req for pull_database_send will be freed without
removing the message handler.  So when the data is received, srvid
handler will be called and it will try to access tevent_req which will
result in use-after-free and abort.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-12-13 08:48:18 +01:00
Amitay Isaacs
d7a5cd589b ctdb-daemon: Send STARTUP control after startup event
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154

STARTUP control is primarily used to synchronise tcp tickles from running
nodes to a node which has just started up.  Earlier STARTUP control was
sent (using BROADCAST_ALL) after setup event.  Once the other nodes in
the cluster connected to this node, the queued up messages would be sent
and the tcp tickles would get synchronised.

Recent fix to drop messages to disconnected or not-yet-connected nodes,
the STARTUP control was never sent to the remote nodes and the tcp
tickles did not get synchronised.

To fix this problem send the STARTUP control (using BROADCAST_CONNECTED)
after startup event.  By this time all the running nodes in the cluster
are connected.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Nov 30 15:29:48 CET 2017 on sn-devel-144
2017-11-30 15:29:48 +01:00
Amitay Isaacs
73e261b48c ctdb-takeover: Send tcp tickles immediately on STARTUP control
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-11-30 11:34:20 +01:00
Amitay Isaacs
2b253f6b1b ctdb-takeover: Refactor code to send tickle lists for all public IPs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13154

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-11-30 11:34:20 +01:00
Amitay Isaacs
f026314661 ctdb-eventd: Simplify eventd code
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Nov 24 15:49:46 CET 2017 on sn-devel-144
2017-11-24 15:49:46 +01:00
Amitay Isaacs
848f242598 ctdb-daemon: Allocate deferred calls off calling context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13152

This makes sure that if a client disconnects, all the deferred calls
from the client are correctly freed.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-11-21 05:03:16 +01:00
Amitay Isaacs
2cb5fdac42 ctdb-daemon: Add code to process ctdb_req_tunnel packets
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-10-10 11:45:19 +02:00
Amitay Isaacs
9c51535775 ctdb-daemon: Add implementation of tunnel controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-10-10 11:45:18 +02:00
Amitay Isaacs
70d306373e ctdb-daemon: Send broadcast to connected nodes, not configured nodes
https://bugzilla.samba.org/show_bug.cgi?id=13056

Database recovery takes care of attaching missing databases on all the nodes.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-10-05 05:19:21 +02:00
Volker Lendecke
e12ed08bd5 ctdb: Centralize ctdb_version_string
Whenever the current git hash changes, we recompile ctdb.c and
ctdb_daemon.c. As both have quite a few warnings with -Wall, this
makes it quite difficult to see the real warnings that pop up during
development. Centralize the ctdb_version_string to just a single file
without warnings.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-26 09:37:13 +02:00
Volker Lendecke
a919ded138 ctdbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-26 09:37:13 +02:00
Amitay Isaacs
e342f1f078 ctdb-daemon: Check all connections from a process in CHECK_PID_SRVID control
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13042

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
2017-09-22 16:59:06 +02:00
Amitay Isaacs
02ae3d9fab ctdb-daemon: Add implementation of control CHECK_PID_SRVID
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13042

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-09-21 08:53:26 +02:00
Martin Schwenke
93668f5026 ctdb-protocol: Optionally print port for address printing functions
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-19 13:30:26 +02:00
Martin Schwenke
3783b66fb3 ctdb-build: Split protocol-util as a separate subsystem
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-19 13:30:26 +02:00
Martin Schwenke
b0244d46b5 Revert "ctdb-daemon: Don't explicitly stop monitoring during shutdown"
This reverts commit 19318d2835.

With this commit, a shutdown that occurs while the startup event is
running can cause an abort because the startup callback will try to
decrease the run state from SHUTDOWN to RUNNING.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-19 01:28:13 +02:00
Martin Schwenke
d0d805977f Revert "ctdb-daemon: Remove unused function ctdb_stop_monitoring()"
This reverts commit b119104267.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-19 01:28:13 +02:00
Martin Schwenke
b119104267 ctdb-daemon: Remove unused function ctdb_stop_monitoring()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:16 +02:00
Martin Schwenke
64225c63dd ctdb-daemon: Drop monitoring mode
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:16 +02:00
Martin Schwenke
b00e360515 ctdb-daemon: Drop implementation of monitor controls
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:16 +02:00
Martin Schwenke
74f29a48db ctdb-daemon: Mark monitoring controls obsolete
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:15 +02:00
Martin Schwenke
19318d2835 ctdb-daemon: Don't explicitly stop monitoring during shutdown
Monitoring is skipped when not in run state RUNNING, so remove the
dependency on the monitoring code.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:15 +02:00
Martin Schwenke
4656b0816a ctdb-daemon: Don't explicitly disable monitoring around recovery
Monitoring can fail during recovery due to databases (e.g. registry)
being unavailable.  This has been avoided by explicitly disabling
monitoring around recovery via the START_RECOVERY and END_RECOVERY
controls.  With this approach only there is still a window between
enabling recovery mode and START_RECOVERY when monitoring could be
attempted.  However, explicitly disabling monitoring is unnecessary
because monitoring is not done when a node is in recovery.

So remove the explicit disable/enable of monitoring and rely on
monitoring being skipped when recovery mode is active.

The only possible change of behaviour with this change is that there
is now a window between setting recovery mode to normal and the
END_RECOVERY control where monitoring is enabled.  However, at this
point databases would be available and the "recovered" event will
cancel any in-progress monitoring.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:15 +02:00
Martin Schwenke
173aa683d5 ctdb-daemon: Don't explicitly disable monitoring when stopping a node
Monitoring is now avoided for inactive nodes anyway.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:15 +02:00
Martin Schwenke
12cf6640e4 ctdb-daemon: Skip monitoring when not in RUNNING runstate
Monitoring does not need to be done in other states.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:15 +02:00
Martin Schwenke
873db694c9 ctdb-daemon: Skip monitoring when node is inactive
This is currently handled by explicitly disabling monitoring in
various places.  However, those places shouldn't need to know about
monitoring but it is OK for monitoring to know about global node
states.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-14 14:49:15 +02:00
Amitay Isaacs
77c17b03cf ctdb-daemon: Free up record data if a call request is deferred
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13029

If a call request for a key (migration request) is in flight, then all
the subsequent call requests for the same key are deferred.  In that case,
the data corresponding to key read from the local tdb is useless and there
is no need to keep it around.  Once the deferred call is reprocessed,
the data corresponding to that key will be fetched again.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-09-14 14:49:15 +02:00
Martin Schwenke
bff8d410f9 ctdb-daemon: Don't release all IPs before "startup" event
This doesn't belong in the monitoring/startup code and it is already
done in the 10.interface "init" event.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-09-12 12:23:19 +02:00
Amitay Isaacs
6e588913dd ctdb-recoverd: Abort recovery/takeover if recmaster changes
Recovery and takeover are run via helper from recovery daemon.  While the
helpers are running, it's possible for the current node to lose election.
If that happens, abort the currently running recovery/takeover helper.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-09-12 12:23:19 +02:00
Amitay Isaacs
f57d379446 ctdb-daemon: GET_DB_SEQNUM should read database conditionally
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13021

Once the recovery starts and databases are frozen, then all the record
access is postponed till the recovery is complete except reading the
database sequence number.  Database access for reading sequence number
is done via a control which does not check if the databases are frozen
or not.

If the database is frozen and if the freeze transaction is not started
(this can happen when a node is inactive, or during recovery when the
database is frozen but the transaction has not yet started), then trying
to read sequence number will cause ctdb daemon to deadlock.

Before reading the sequence number, check if the database access is
allowed.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-09-12 12:23:18 +02:00
Amitay Isaacs
5d2f2677de ctdb-daemon: Add a function to check if db access is allowed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13021

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-09-12 12:23:18 +02:00
Amitay Isaacs
d0a20baf43 ctdb-daemon: Fix implementation of process_exists control
Only check processes that are CTDB clients.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13012

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-09-09 10:53:10 +02:00
Amitay Isaacs
164d65ace2 ctdb-protocol: Replace ctdb_event_header with sock_packet_header
This removes the static declaration and adds prototype declarations
of ctdb_event_header marshalling functions to avoid compiler warnings.
These functions will be removed.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-09-01 08:52:07 +02:00
Amitay Isaacs
676df8770b ctdb-protocol: Fix marshalling for ctdb_rec_buffer
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-08-30 14:59:23 +02:00
Martin Schwenke
94cc5eaddc ctdb-common: Allow sock_daemon to daemonise during startup
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-08-29 11:14:09 +02:00
Amitay Isaacs
b67cc00c93 ctdb-common: Move PID file creation to sock_daemon_run_send()
Only create PID file when actually starting the daemon, rather than
when setting up the context.  This will facilitate future changes.

Tweak test to confirm that PID file is no longer created during setup.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2017-08-29 11:14:09 +02:00