Martin Schwenke [Mon, 23 Oct 2023 03:17:36 +0000 (14:17 +1100)]
ctdb-scripts: Track connections for all ports for public IPs
Currently TCP ports like NFS lock manager are not tracked. It is
easier to track all connections than to add a configuration system to
try to track specified ports, so do that.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jerry Heyman <jheyman@ddn.com>
Martin Schwenke [Mon, 30 Sep 2024 00:50:00 +0000 (10:50 +1000)]
ctdb-scripts: Get connections after tickle list
Running ss to get current connections before running ctdb gettickles
means the ss output might be out of date when the 2 lists are
compared. Some tickles might have been added after ss was run by some
other means (e.g. SMB tickles, added internally) and they would be
deleted according to the stale ss output.
This isn't currently a problem because update_tickles() is currently
only called with port 2049, so all tickles are managed by this code.
That will change in a subsequent commit.
Changing the order means the reverse problem can occur, where
update_tickles() attempts to delete an already deleted tickle. That
may happen occasionally but is harmless because it doesn't result in
missing information. It (currently) just causes a message to be
logged at DEBUG level.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jerry Heyman <jheyman@ddn.com>
Martin Schwenke [Mon, 30 Sep 2024 02:40:57 +0000 (12:40 +1000)]
ctdb-server: Remove duplicate logic
Initialise the pointer to NULL and fall through to let
talloc_realloc() do the allocation. talloc_realloc() does the right
thing with a NULL pointer...
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jerry Heyman <jheyman@ddn.com>
Martin Schwenke [Mon, 30 Sep 2024 02:22:46 +0000 (12:22 +1000)]
ctdb-server: Clean up connection tracking functions
Apply README.Coding, modernise logging, pre-render connection as a
string for logging, switch terminology from "tickle" to "connection",
tidy up comments.
No changes in functionality.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jerry Heyman <jheyman@ddn.com>
Martin Schwenke [Thu, 19 Sep 2024 03:52:48 +0000 (13:52 +1000)]
ctdb-scripts: Don't list connections when not hosting IPs
With an empty IP filter, all incoming connections to port 2049 will be
listed, not just those to public IP addresses. This causes error
messages like the following to be logged:
ctdb-eventd[...]: 60.nfs: Failed to add 1 tickles
since the connection being added seems to be for a random NFS mount
that doesn't use a public IP addresses.
This has been a problem for a long time (probably since commit 04fe9e20749985c71fef1bce7f6e4c439fe11c81 in 2015). It isn't currently
a huge deal because it only affects NFS connections. However, this
code will soon be used to track connections to public IP addresses on
all ports. This would result in a constant stream of log messages,
since there will always be some active connections.
The theory behind the fix is that if a node hosts no public IPs then
it should have no relevant connections and has no business changing
the list of registered tickles.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jerry Heyman <jheyman@ddn.com>
Ralph Boehme [Thu, 24 Oct 2024 19:32:49 +0000 (21:32 +0200)]
WHATSNEW: SMB3 Directory Leases
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 5 15:51:27 UTC 2024 on atb-devel-224
Ralph Boehme [Mon, 9 Sep 2024 14:03:59 +0000 (16:03 +0200)]
smbtorture: Directory Leases vs renaming
Note that we must use defines for the DLEASE* values, as declaring them as const
int triggers a CI failure on one of the runners (opensuse155-samba-o3) likely
due to a bug in its gcc version:
../../source4/torture/smb2/lease.c:6242:22: error: initializer element is not constant
.srcdir_leasekey = DLEASE1,
^~~~~~~
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 24 Oct 2024 17:35:00 +0000 (19:35 +0200)]
libcli/smb: only copy the parent lease key if SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET is set
MS-SMB2 3.3.5.9.11 Handling the SMB2_CREATE_REQUEST_LEASE_V2 Create Context:
If the SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET bit is set in the Flags field of
the request, Lease.ParentLeaseKey MUST be set to the ParentLeaseKey of the
request.
Found by MS-SMB2-Prototocol-Testsuite test "Compare_Zero_LeaseFlag_ParentLeaseKey".
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 6 Sep 2024 16:07:35 +0000 (18:07 +0200)]
smbtorture: simplify test_lease_v2_request()
- Add and use test_rearm_dirlease().
- Rename variable "ls2" to "dirlease".
- Simplify lease epoch tracking by using dirlease.lease_epoch as a counter.
- Add comments.
- Zero out a handle after closing it.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Wed, 12 May 2021 09:24:45 +0000 (11:24 +0200)]
smbd: add option "smb3 directory leases"
By default enabled on non-clustered Samba, disabled on clustered Samba, the
reason being the expected additional load caused by forcing strict rename to be
enabled.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 21 Oct 2024 10:48:19 +0000 (12:48 +0200)]
libcli/smb: rely on the caller zero-initializing "lease" in smb2_lease_pull()
Doing the zero initialization per struct member just feels like a way for bugs
to creep in, even when leasev1 is not going to change ever. The only caller has
already zero-initialized state->lease twice via 1) __tevent_req_create() and 2)
a struct initializer of "state".
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Wed, 4 Sep 2024 15:58:45 +0000 (17:58 +0200)]
smbd: add contend_dirleases()
Checks for Directory Lease breaks on the parent directory of smb_fname. Gets a
sharemode lock on the locking.tdb record of the directory, hence it mustn't be
called if the caller still has another sharmode lock.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 4 Nov 2024 17:48:14 +0000 (18:48 +0100)]
smbd: pass lease, if any, to notify_fname()
notify_fname() for NOTIFY_ACTION_DIRLEASE_BREAK will soon need the lease of the
current open and to implement "MS-FSA 2.1.4.12 Algorithm to Check for an Oplock
Break" with flags=PARENT_OBJECT.
No change in behaviour for now, all callers pass lease=NULL;
Also change path arg to struct smb_filename.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 9 Sep 2024 19:27:45 +0000 (21:27 +0200)]
smbd: trigger notification for file and directory creation will be sent a wee bit later after dropping the sharemode lock
This will be a common pattern in the upcoming code dealing with Directory Lease
breaks: when checking for Directory Lease breaks on the parent directory, we
take the sharemode lock on the parent and hence by then must have dropped the
sharemode lock on the object that performs the Directory Lease break check. That
functionality will be later added to notify_fname().
This means the notification will be sent a wee bit later, but that's something
the change notification protocol has to live with anyway.
For Directory Leases the sequence to check for Directory Lease breaks is to call
MS-FSA 2.1.4.12 "Algorithm to Check for an Oplock Break" with
flags=PARENT_OBJECT at the end of each relevant operation, eg creating a file
asf, when processing of the operation that will call 2.1.4.12 is already
completed.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Check for open files recursively when renaming a directory and wait for handle
lease breaks.
As delay_for_handle_lease_break_send() does the same check as
have_file_open_below(), remove have_file_open_below() from can_rename() so it is
not called twice for SMB2 renames, and add calls to have_file_open_below() to the
SMB1 entry rename entry points.
This is a bit ugly, but I don't see any other good way of doing this.
Ralph Boehme [Sun, 13 Oct 2024 15:44:18 +0000 (17:44 +0200)]
smbd: consolidate "have_file_open_below" logic in have_file_open_below()
Let have_file_open_below() be the single function to check if
"have_file_open_below" and let it check internally whether to just search the
fsp list in the process or traversing locking.tdb based on the setting of
"strict rename".
projects / thirdparty / samba.git / log
