1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Commit Graph

98627 Commits

Author SHA1 Message Date
Martin Schwenke
dd52d82c73 ctdb-daemon: Factor out new function ctdb_node_list_to_map()
Change ctdb_control_getnodemap() to use this.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
ffbe0a6def ctdb-tools: Drop the recovery from "reloadnodes"
A recovery is not required: when deleting a node it should already be
disconnected and when adding a node it will also be disconnected.  The
new sanity checks in "reloadnodes" ensure that these assumptions are
met.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
d340f308e7 ctdb-daemon: Don't delay reloading the nodes file
Presumably this was done to minimise the chance of a recovery
occurring while the nodemaps are inconsistent across nodes.

Another potential theory is that the forced recovery in the
ctdb.c:control_reload_nodes_file() stops another recovery occurring
for ReRecoveryTimeout seconds, so this delay causes the reloads to
occur during that period.

This is no longer necessary because recoveries are now explicitly
disabled while node files are reloaded.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
85bd9a33eb ctdb-recoverd: Avoid nodemap-related checks when recoveries are disabled
The potential resulting recovery won't run anyway.  Also recoveries
may have been disabled by "reloadnodes" and if the nodemaps are
inconsistent between nodes then avoid triggering an unnecessary
recovery.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
13dc4a9842 ctdb-tool: Update "reloadnodes" to disable recoveries
If a recovery occurs when some nodes have reloaded and others haven't
then the nodemaps with be inconsistent so bad things will happen.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
ee9619c28b ctdb-recoverd: New message ID CTDB_SRVID_DISABLE_RECOVERIES
Also add test stub support.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
2ca484cd50 ctdb-recoverd: Simplify disable_ip_check_handler() using ctdb_op_disable()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
108db3396f ctdb-recoverd: Add slightly more abstraction for disabling takeover runs
Factor out new function srvid_disable_and_reply(), which can be
re-used.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:13 +02:00
Martin Schwenke
ec32d9bea8 ctdb-recoverd: Reimplement ReRecoveryTimeout using ctdb_op_disable()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:12 +02:00
Martin Schwenke
281f7e8152 ctdb-recoverd: Use a goto for do_recovery() failures
This will allow extra things to be done on failure.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:12 +02:00
Martin Schwenke
a2044c65bc ctdb-recoverd: Reimplement disabling takeover runs using ctdb_op_disable()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:12 +02:00
Martin Schwenke
55b246195b ctdb-recoverd: Add a new abstraction ctdb_op_disable()
This can be used to disable and re-enable an operation, and do all the
relevant sanity checking.

Most of this is from existing functions
disable_takeover_runs_handler(), clear_takeover_runs_disable() and
reenable_takeover_runs().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:12 +02:00
Martin Schwenke
ae9cd037ee ctdb-daemon: Pass on consistent flag information to recovery daemon
Signed-off-by: Martin Schwenke <martin@meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:12 +02:00
Martin Schwenke
4b972bbdb3 ctdb-tests: Add "ctdb reloadnodes" test for "node remains deleted"
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:12 +02:00
Martin Schwenke
181658f5bb ctdb-tools: Fix spurious messages about deleted nodes being disconnected
The code was too "clever".  The 4 different cases should be separate.
The "node remains deleted" case doesn't need the IP address comparison
(always 0.0.0.0) or the disconnected check.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-04-07 07:43:12 +02:00
Rajesh Joseph
b57c77849a rpc_server: Coverity fix for CID 1273079
leaked_storage: Variable pk going out of scope leaks the storage it points to.

On failure get_pk_from_raw_keypair_params function should free up
the private key (pk) it allocates internally.

Signed-off-by: Rajesh Joseph <rjoseph@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Apr  2 19:38:22 CEST 2015 on sn-devel-104
2015-04-02 19:38:22 +02:00
Michael Adam
b542d1c83f build:wafsamba: fix a typo
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Apr  2 16:39:01 CEST 2015 on sn-devel-104
2015-04-02 16:39:00 +02:00
Yan, Zheng
8a19314132 vfs_ceph: add empty ACL callbacks
If a vfs module has no ACL callbacks, smbd will use its default ACL
callbacks. These default ACL callbacks operate on local filesytem,
it's clearly wrong for ceph case.

libcephfs does not support ACL yet, so this patch adds ACL callbacks
that do nothing.

Signed-off-by: Yan, Zheng <zyan@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-04-02 14:02:18 +02:00
Yan, Zheng
628fa5bc00 vfs_ceph: use 'file descriptor' version xattr functions when possible
libcephfs version 0.94 adds 'file descriptor' version xattr functions.
This patch makes corresponding samba VFS callbacks use these new
functions.

Signed-off-by: Yan, Zheng <zyan@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-04-02 14:02:18 +02:00
David Disseldorp
12309f8bfb ctdb: check for talloc_asprintf() failure
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Apr  1 15:36:03 CEST 2015 on sn-devel-104
2015-04-01 15:36:03 +02:00
Rajesh Joseph
801bdcde6a ctdb: Coverity fix for CID 1291643
CID 1291643: Resource leak: leaked_handle: Handle
variable lock_fd going out of scope leaks the handle.

Fix: on failure case release handle variable lock_fd

Signed-off-by: Rajesh Joseph <rjoseph@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-04-01 12:54:11 +02:00
Andreas Schneider
cd4442c7ac s3-passdb: Fix 'force user' with winbind default domain
If we set 'winbind use default domain' and specify 'force user = user'
without a domain name we fail to log in. In this case we need to try a
lookup with the domain name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11185

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 31 21:17:23 CEST 2015 on sn-devel-104
2015-03-31 21:17:23 +02:00
David Disseldorp
5c166d5cdb selftest: run the FSRVP test suite against s3fs
With FSRVP server support now present along with suitable mock-up test
infrastructure, run the FSRVP test suite against s3fs.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
2e9ea9f195 selftest: add snapshot share configuration
Define a share that uses both vfs_shell_snap and fake_snap.pl to create,
delete and expose fake snapshots in response to FSRVP requests.
Additionally test snapshot enumeration and access via the shadow_copy2
module.

Allow for simple testing of FSRVP message sequence timeouts, by
specifying an artificially small interval.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
7a96325baa doc: add vfs_shell_snap manpage
Document usage of the shell_snap VFS module, explaining when and how
each of the shell script commands are called.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
9d29f7ea17 vfs: add vfs_shell_snap module
The shell_snap VFS module plumbs into the snapshot (aka shadow-copy)
management paths used by Samba's File Server Remote VSS Protocol (FSRVP)
server.
The following shell callouts may be configured in smb.conf:

shell_snap: check path command
	- Called when an FSRVP client wishes to check whether a given
	  share supports snapshot create/delete requests.
	- The command is called with a single <share path> argument.
	- The command must return 0 if <share path> is capable of being
	  snapshotted.

shell_snap: create command
	- Called when an FSRVP client wishes to create a snapshot.
	- The command is called with a single <share path> argument.
	- The command must return 0 status if the snapshot was
	  successfully taken.
	- The command must output the path of the newly created snapshot
	  to stdout.

shell_snap: delete command
	- Called when an FSRVP client wishes to delete a snapshot.
	- The command is called with <base share path> and
	  <snapshot share path> arguments.
	- The command must return 0 status if the snapshot was
	  successfully removed.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
5056c5a727 doc: explain vfs_btrfs remote snapshot configuration
This extends the vfs_btrfs man page to also cover FSRVP remote snapshot
behaviour and configuration.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
f64c2fe68a doc: explain vfs_snapper remote snapshot configuration
This extends the vfs_snapper man page to also cover FSRVP remote
snapshot behaviour and configuration.
The permissions section is also extended to describe specific Samba and
Snapper requirements for remote snapshot creation and deletion using
DiskShadow.exe.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
9af9b436ed doc: "prune stale" and "sequence timeout" fssd parameters
This change adds smb.conf documentation for the "fss: prune stale" and
"fss: sequence timeout" parameters accepted by Samba's FSRVP server.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
Noel Power
7a38f148ac fsrvp: prune shadow copies if associated path doesn't exist
This patch implements some simple FSRVP server housekeeping. On startup
the server scans the cached entries, any entries where the underlying
system paths associated with shadow copies no longer exist are removed
from the cache and from the registry.

This behaviour is disabled by default, but can be enabled via the new
"fss: prune stale" smb.conf parameter.

Signed-off-by: Noel Power <noel.power@suse.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
b6e034069f fsrvp: add remote snapshot RPC server
The Samba fss_agent RPC server is an implementation of the File Server
Remote VSS (Volume Shadow Copy Service) Protocol, or FSRVP for short.

FSRVP is new with Windows Server 2012, and allows authenticated clients
to remotely request the creation, exposure and deletion of share
snapshots.

The fss_agent RPC server processes requests on the FssAgentRpc named
pipe, and dispatches relevant snapshot creation and deletion requests
through to the VFS.
The registry smb.conf back-end is used to expose snapshot shares, with
configuration parameters and share ACLs cloned from the base share.

There are three FSRVP client implementations that I'm aware of:
- Samba rpcclient includes fss_X commands.
- Windows Server 2012 includes diskshadow.exe.
- System Center 2012.

FSRVP operations are only processed for users with:
- Built-in Administrators group membership, or
- Built-in Backup Operators group membership, or
- Backup Operator privileges, or
- Security token matches the initial process UID

MS-FSRVP specifies that server state should be stored persistently
during operation and retrieved on startup. Use the existing fss_srv.tdb
FSRVP state storage back-end to satisfy this requirement.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
9f7dd07d26 vfs_snapper: create/delete snapshot support
Extend vfs_snapper to support the new remote snapshot creation and
deletion hooks added for FSRVP.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
9b5b46a092 vfs_btrfs: add snapshot create/delete calls
The "btrfs: manipulate snapshots" smb.conf parameter is disabled by
default, to encourage use of, and pass requests through to, the
vfs_snapper module.
When enabled, issue BTRFS_IOC_SNAP_CREATE_V2 and BTRFS_IOC_SNAP_DESTROY
ioctls accordingly. The ioctls are issued as root, so rely on permission
checks in the calling FSRVP server process.

Base share paths must exist as btrfs subvolumes in order to
be supported for snapshot operations.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
9f95038f9b replace: check for dirname() and basename()
These functions are provided by libgen.h, and conform to POSIX.1-2001.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
67ee428467 vfs: add snapshot create/delete hooks
This change adds three new VFS hooks covering snapshot manipulation:
- snap_check_path
  Check whether a path supports snapshots.
- snap_create
  Request the creation of a snapshot of the provided path.
- snap_delete
  Request the deletion of a snapshot.

These VFS call-outs will be used in future by Samba's File Server Remote
VSS Protocol (FSRVP) server.

MS-FSVRP states:
  At any given time, Windows servers allow only one shadow copy set to
  be going through the creation process.
Therefore, only provide synchronous hooks for now, which can be
converted to asynchronous _send/_recv functions when the corresponding
DCE/RPC server infrastructure is in place.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:24 +02:00
David Disseldorp
13fa1b8776 torture: add local FSRVP server state tests
Test the storage and retrieval of FSRVP server state, with varying
shadow-copy set, shadow copy and share map hierarchies.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:24 +02:00
David Disseldorp
9c8ae4454c fsrvp: add server state storage back-end
MS-FSRVP specifies:
  the server MUST persist all state information into an implementation-
  specific configuration store.

This change adds a fss_srv TDB database to preserve FSRVP server state,
with the following keys used to track shadow copy state and hierarchy:
- sc_set/<shadow copy set GUID>
  A shadow copy set tracks a collection of zero or more shadow copies,
  as initiated by a StartShadowCopySet FSRVP client request.
- sc_set/<shadow copy set GUID>/sc/<shadow copy GUID>
  A shadow copy defines information about a snapshot base volume, the
  snapshot path, and a collection of share maps. It is initiated by an
  AddToShadowCopySet client request.
- sc_set/<shadow copy set GUID>/sc/<shadow copy GUID>/smap/<smap GUID>
  A share map tracks new shares that are created to expose shadow
  copies.

All structures are marshalled into on-disk format using the previously
added fsrvp_state IDL library.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:24 +02:00
David Disseldorp
b773136f9e librpc: add FSRVP server state idl
FSRVP server state must be retained persistently. This change adds IDL
definitions for the share map, shadow-copy and shadow-copy set types,
which will be used for marshalling and unmarshalling state alongside
database storage or retrieval.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:24 +02:00
Jeremy Allison
bdf0a81006 waf: Remove 'linkflags.remove(x)' line added in error.
Fixes bug #11165 - Bug in configure scripts when system-mitkrb5 is used

https://bugzilla.samba.org/show_bug.cgi?id=11165

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Mar 31 04:32:52 CEST 2015 on sn-devel-104
2015-03-31 04:32:52 +02:00
Amitay Isaacs
48e90ba062 tdb: Do not build test binaries if it's not a standalone build
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 31 01:56:02 CEST 2015 on sn-devel-104
2015-03-31 01:56:02 +02:00
Günther Deschner
9bcd27df5d s4-torture: add test to verify nbt_name with "." ending handling.
Windows uses a username of 'domain.example.com.' and we need to return it that
way in the NETLOGON_SAM_LOGON_RESPONSE_EX.

See e6e2ec0001 for further details.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Mar 30 16:18:04 CEST 2015 on sn-devel-104
2015-03-30 16:18:04 +02:00
Günther Deschner
9842a5d1d2 s4-torture: use torture_comment instead of printf in raw notify test.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-03-30 13:41:26 +02:00
Günther Deschner
c6f18b9535 s4-torture: use tctx variable name in raw notify test consistently.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-03-30 13:41:26 +02:00
Michael Adam
b3a688c1b7 s4:torture:raw:notify: torture_assert on creation of secondary tcon
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:26 +02:00
Michael Adam
65504bc8e4 s4:torture:raw:notify: use torture_assert instead of printf in test_notify_tree
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:26 +02:00
Michael Adam
8e4d1463cb s4:torture:raw:notify: let NOTIFY_MASK_TEST use torture_assert macros
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:26 +02:00
Michael Adam
cf2f75ca4a s4:torture:raw:notify: remove extra do-loop in NOTIFY_MASK_TEST macro.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:26 +02:00
Michael Adam
0aebd5f0fe s4:torture:raw:notify: use torture_assert instead of printf in failure case
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:26 +02:00
Michael Adam
60b7a6057d s4:torture:raw:notify: remove superfluous conditional goto
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:26 +02:00
Michael Adam
967a0cdbeb s4:torture:raw:notify: treat torture_open_connection calls with torture_assert
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-30 13:41:26 +02:00