1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

112622 Commits

Author SHA1 Message Date
Bailey Berro
fe25bc793d libsmbclient: Initialize written in cli_splice_fallback()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13511

Signed-off-by: Bailey Berro <baileyberro@chromium.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul  9 21:29:48 CEST 2018 on sn-devel-144
2018-07-09 21:29:48 +02:00
Jeremy Allison
2e4878a69a libsmbclient: Initialize written value before use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13511

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2018-07-09 18:46:13 +02:00
Andreas Schneider
e8b7aecf46 winbind_krb5_localauth: Fix a compiler warning
This can't used uninitialized but some compiler complains about it.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Jul  7 16:24:30 CEST 2018 on sn-devel-144
2018-07-07 16:24:30 +02:00
Ralph Boehme
0a91ade527 s3: smbd/durable: remove dev and inode check from vfs_default_durable_reconnect_check_stat()
On a cluster filesystem the device numbers may differ on the cluster
nodes. We already verify the file_id in vfs_default_durable_reconnect(),
so we can safely remove the dev/inode checks.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13318

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-07 13:41:09 +02:00
Christof Schmitt via samba-technical
3430c9c3c2 lib:charset: Fix error messages from charset conversion
When e.g. trying to access a filename through Samba that does not adhere
to the encoding configured in 'unix charset', the log will show the
encoding problem, followed by "strstr_m: src malloc fail". The problem
is that strstr_m assumes that any failure from push/pull_ucs2_talloc is
a memory allocation problem, which is not correct.

Address this by removing the misleading messages and add a missing
message in convert_string_talloc_handle.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-07 13:41:09 +02:00
Ralph Boehme
4ad2a716fb s3: smbd: fix a check in stat_cache_add()
As the comment above the if condition says:

        /*
         * If we are in case insentive mode, we don't need to
         * store names that need no translation - else, it
         * would be a waste.
         */

Ie if stat_cache_add() is called as

        stat_cache_add("foo/bar", "foo/bar", false)

There's no need to cache the path, as a simple stat() on the client
supplied name (full_orig_name) matches the name used in the
filesystem (passed to stat_cache_add() as translated_path).

So fix the if condition to match the comment.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-07 13:41:09 +02:00
David Disseldorp
0cd44821f3 docs/vfs_ceph: add CTDB_SAMBA_SKIP_SHARE_CHECK=yes caveat
Mostly copied from the vfs_gluster manpage: the CephFS share path is not
locally mounted, which breaks the ctdb_check_directories_probe() check.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul  6 23:19:02 CEST 2018 on sn-devel-144
2018-07-06 23:19:02 +02:00
David Disseldorp
926ae50627 vfs_ceph: don't lie about flock support
Instead, match vfs_gluster behaviour and require that users explicitly
disable "kernel share modes".

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13506

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-06 20:37:20 +02:00
David Disseldorp
887f9147b4 s3/loadparm: fix a few talloc stackframe leaks
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-06 20:37:20 +02:00
David Disseldorp
c58194e3d2 s3/service: convert lp_force_user() to const
Avoid set_conn_force_user_group() talloc stackframe leaks in doing so.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-06 20:37:20 +02:00
David Disseldorp
c53646bccd s3/service: convert lp_force_group() to const
set_conn_force_user_group() and change_to_user_internal() leak onto
the callers' talloc stackframe. Drop the unnecessary heap allocations.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-06 20:37:20 +02:00
David Disseldorp
ce6c77d63a s3/uid: use lp_const_servicename() where possible
The majority of these lp_servicename(talloc_tos(), ...) callers leak
onto the talloc stackframe. Drop the unnecessary heap allocations.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-06 20:37:20 +02:00
David Disseldorp
20a837e877 s3/service: use lp_const_servicename() where possible
The majority of these lp_servicename(talloc_tos(), ...) callers leak
onto the talloc stackframe. Drop the unnecessary heap allocations.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-06 20:37:20 +02:00
Andreas Schneider
77be96379b nsswitch: Use a swtich in the wbinfo test to lookup users
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul  6 17:14:44 CEST 2018 on sn-devel-144
2018-07-06 17:14:44 +02:00
Amitay Isaacs
a30ac853ff ctdb-tests: Avoid segfault by initializing logging
This is in addition to af69700853.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Jul  5 15:22:16 CEST 2018 on sn-devel-144
2018-07-05 15:22:16 +02:00
Amitay Isaacs
b2d75c0108 ctdb-common: Fix CID 437606
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 12:30:41 +02:00
Andrew Bartlett
f03364570f selftest: Use a longer self.account_lockout_duration and self.lockout_observation_window
This matches the changes made in the PSO tests and slows down the
whole testsuite but may make it more reliable on slower build hosts.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul  5 12:29:31 CEST 2018 on sn-devel-144
2018-07-05 12:29:31 +02:00
Andrew Bartlett
9ff1fa56f6 selftest: Use self.account_lockout_duration in self.update_lockout_settings for password_lockout tests
This allows the account_lockout_duration and
lockout_observation_window to be updated with longer values to cope
with slower build servers.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-07-05 09:40:59 +02:00
Timur I. Bakeyev
9f38df8337 Document that vfs_full_audit defaults are "none" for the successful and failed operations.
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 09:40:59 +02:00
Timur I. Bakeyev
d63b24d5ae Make "none" the default setting for the successful and failed operations in the vfs_full_audit, so you don't blow up your server by just adding this module to the configuration.
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 09:40:59 +02:00
Timur I. Bakeyev
32e5b18d49 Make sure that vfs*audit modules recognize and accept all the syslog facilities.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13436

Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 09:40:59 +02:00
Amitay Isaacs
dda99e49e3 ctdb-tests: Switch to using new event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Jul  5 09:39:33 CEST 2018 on sn-devel-144
2018-07-05 09:39:33 +02:00
Amitay Isaacs
db548f4852 ctdb-daemon: Add client code to talk to new event daemon
This fixes the build and now new eventd is integrated completely in CTDB.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:44 +02:00
Amitay Isaacs
8250072a81 ctdb-protocol: Remove protocol for old event daemon
This breaks the build.  The new eventd protocol cannot be introduced without
removing the old eventd protocol.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:44 +02:00
Amitay Isaacs
0e444c961c ctdb-client: Remove client code for old event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:44 +02:00
Amitay Isaacs
b6938c0976 ctdb-tools: Remove old event daemon tool
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
ce3db0d469 ctdb-daemon: Remove old event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
99fa3a343f ctdb-tests: Remove tests for old event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
26b1940162 ctdb-tools: Switch to using new event daemon tool
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
efc5d3cadd ctdb-daemon: Switch to starting new event daemon
From this patch onwards, CTDB daemon is broken till the client code for
new eventd is integrated.  This requires getting rid of the old eventd
protocol and client code and then switching to the new eventd protocol
and client code.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
6eaef8491e ctdb-event: Add tests for event daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
f9104d4659 ctdb-tests: Rename eventd testsuite to ctdb_eventd
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
587a1e045e ctdb-event: Add event daemon client tool
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
99c33e6f98 ctdb-event: Add event daemon client code
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
24ba8e7c31 ctdb-event: Add event daemon implementation
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
281bc84912 ctdb-event: Add event daemon protocol
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
f42106fb49 ctdb-common: Add client pid to connect callback in sock_daemon
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
5586e035f2 ctdb-tests: Separate testing code for basic data types
This will be used for testing other daemons' protocol code.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
cbf7e2f0f2 ctdb-build: Add ctdb prefix to build target
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:43 +02:00
Amitay Isaacs
046d468823 ctdb-protocol: Separate protocol-basic subsystem
This includes marshalling code for basic data types.  This will be used
by other daemons.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2018-07-05 06:52:42 +02:00
Andrew Bartlett
9a7e9e527f autobuild: Fix random-sleep.sh invocation in autobuild.py
The scripts were not running with the correct path and this causes sn-devel to hit
a very high load as many of the compile jobs start at once.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Jul  5 06:51:26 CEST 2018 on sn-devel-144
2018-07-05 06:51:26 +02:00
Douglas Bagnall
41d86e5f2b samba_tool_showrepl_pull_summary_all_good is flapping
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:26 +02:00
Douglas Bagnall
64e3502198 samba-tool drs showrepl test: turn subprocess error into failure
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:26 +02:00
Tim Beale
2860bd0777 netcmd: Use dbcheck to fix DB problems introduced by restore itself
As part of the restore process, we remove all the old DCs from the DB.
However, this introduces some dbcheck errors - there are some DN
attributes and one-way links that reference the deleted objects that
need fixing up. To resolve this, we can run dbcheck as part of the
restore process. This problem affects both renames and plain restores.

The dbcheck.sh test didn't spot this problem because it fixes this type
of DB error first, before it checks the DB.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:26 +02:00
Tim Beale
62948a3099 tests: Add new tests for backup-rename command
Extend the existing 'backup online' tests to also test the domain
rename case. This mostly involves some extra assertions that the
restored DB has been modified appropriatelt (i.e. domain NetBIOS
name is updated, etc).

I've also added an extra test case that creates a few objects and
links and specifically asserts that they get renamed appropriately.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:26 +02:00
Tim Beale
20568e00e6 selftest: Add dedicated RENAMEDC testenv for 'backup rename'
Add a new testenv that's similar to the existing restoredc, except we
use 'backup rename' to rename the domain as we back it up.

Restoring this backup then proves that a valid DC can be started from a
renamed backup.

Run the same sub-set of RESTOREDC tests to prove that the new testenv is
sound.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:26 +02:00
Tim Beale
6681f904aa netcmd: Extend 'backup restore' command to handle renamed domains
When restoring a renamed domain backup, we need to register the new
realm's DNS zone. We do this in the restore step because we don't know
the new server's IP/hostname in the backup step.

Because we may have removed the old realm's DNS entries in the rename
step, the remove_dc() code may fail to find the expected DNS entries for
the DC's domain (the DCs' dnsHostname still maps to the old DNS realm).
We just needed to adjust remove_dns_references() as it was getting a
slightly different error code.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:25 +02:00
Tim Beale
ab65647a8b netcmd: Add 'samba-tool domain backup rename' command
Add a new command that takes a clone of the domain's DB, and renames the
domain as well. (We rename the domain during the clone because it's
easier to implement - the DRS code handles most of the renaming for us,
as it applies the received replication chunks).

The new option is similar to an online backup, except we also do the
following:
- use the new DCCloneAndRenameContext code to clone the DB
- run dbcheck to fix up any residual old DNs (mostly objectCategory
  references)
- rename the domain's netBIOSName
- add dnsRoot objects for the new DNS realm
- by default, remove the old realm's DNS objects (optional)
- add an extra backupRename marker to the backed-up DB. In the restore
  code, if the backup was renamed, then we need to register the new
  domain's DNS zone at that point (we only know the new DC's host IP
  at the restore stage).

Note that the backup will contain the old DC entries that still use the
old dnsHostname, but these DC entries will all be removed during the
restore, and a new DC will be added with the correct dnsHostname.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:25 +02:00
Tim Beale
cd727c95a2 tests: Tweak the backup online tests so they're generic
Update backup-online tests to be more generic. We can then re-use the
common framework for other types of backups (offline, rename), and just
change what's specific to those particular cases.

This change includes asserting the restored backup's domain/realm are
correct, which we weren't doing previously but makes sense.

The new 'return samdb' is for convenience, so that child classes can
easily extend the checks we run over the restored DB.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:25 +02:00
Tim Beale
850bba4d32 drs_utils: Always set the GET_TGT flag for clone renames
The DCCloneAndRenameContext replication was a little inefficient, in
that it would essentially replicate the entire DB twice. This was due to
resolving the link targets - it finds a target object it doesn't know
about, so retries the entire replication again with the GET_TGT flag set
this time.

Normally, the repl_meta_data code will use the target object's GUID,
however, it can't do this for cross-partition links (if it hasn't
replicated the target partition yet). The repl_md code can normally
detect that the link is a cross-parition link by checking the base-DN,
however, this doesn't work in the DCCloneAndRenameContext case because
we have renamed the base-DN.

This is not a big deal - it just means extra work. However, because the
domains being backed up could potentially be quite large, it probably
makes sense to just always set the GET_TGT in the rename case and skip
this extra work.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:25 +02:00