Rusty Russell [Thu, 4 Feb 2010 13:29:54 +0000 (23:59 +1030)]
tdb: fix recovery reuse after crash
If a process (or the machine) dies after just after writing the
recovery head (pointing at the end of file), the recovery record will filled
with 0x42. This will not invoke a recovery on open, since rec.magic
!= TDB_RECOVERY_MAGIC.
Unfortunately, the first transaction commit will happily reuse that
area: tdb_recovery_allocate() doesn't check the magic. The recovery
record has length 0x42424242, and it writes that back into the
now-valid-looking transaction header) for the next comer (which
happens to be tdb_wipe_all in my tests).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Andrew Bartlett [Wed, 10 Feb 2010 02:56:24 +0000 (13:56 +1100)]
s4:provision Just 'do the right thing' with empty smb.conf files
For some reason, JHT keeps on creating an empty smb.conf file,
expecting it to be the same as a non-existant one. It is easier to
just realise what he meant.
Jeremy Allison [Tue, 9 Feb 2010 23:14:38 +0000 (15:14 -0800)]
Fix bug #7122 - Reading a large browselist fails (server returns invalid values in subsequent SMBtrans replies)
There are two problems:
1). The server is off-by-one in the end of buffer space test.
2). The server returns 0 in the totaldata (smb_vwv1) and totalparams (smb_vwv0)
fields in the second and subsequent SMBtrans replies.
Jeremy Allison [Tue, 9 Feb 2010 22:48:15 +0000 (14:48 -0800)]
Second part of fix for bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps.
Ensure we have no naked memcpy calls. This isn't a crash bug (it's
already checked in the data_blob_talloc_zero() above, but I want to
get into the pattern of having all memcpy's covered by safety checks.
check_python.m4 - Raise the minimum python version up to 2.4
This is needed since we at the s4 side have some code which requires this. I
think everybody should be fine since we got no complaints on the mailing list
about this change.
s3: shortcut gid_to_sid when "ldapsam:trusted = yes"
The normal gid_to_sid behaviour is to call sys_getgrgid()
to get the name for the given gid and then call the
getsamgrnam passdb method for the resulting name.
In the ldapsam:trusted case we can reduce the gid_to_sid
operation to one simple search for the gidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.
Andrew Tridgell [Sat, 6 Feb 2010 03:14:45 +0000 (19:14 -0800)]
s3-events: make the old timed events compatible with tevent
tevent ensures that a timed event is only called once. The old events
code relied on the called handler removing the event itself. If the
handler removed the event after calling a function which invoked the
event loop then the timed event could loop forever.
This change makes the two timed event systems more compatible, by
allowing the handler to free the te if it wants to, but ensuring it is
off the linked list of events before the handler is called, and
ensuring it is freed even if the handler doesn't free it.
Andrew Tridgell [Sat, 6 Feb 2010 05:08:56 +0000 (21:08 -0800)]
s3-smbd: add a rate limited cleanup of brl, connections and locking db
On unclean shutdown we can end up with stale entries in the brlock,
connections and locking db. Previously we would do the cleanup on
every unclean exit, but that can cause smbd to be completely
unavailable for several minutes when a large number of child smbd
processes exit.
This adds a rate limited cleanup of the databases, with the default
that cleanup happens at most every 20s
Andrew Tridgell [Sat, 6 Feb 2010 04:59:43 +0000 (20:59 -0800)]
s3-brlock: add a minimim retry time for pending blocking locks
When we are waiting on a pending byte range lock, another smbd might
exit uncleanly, and therefore not notify us of the removal of the
lock, and thus not trigger the lock to be retried.
We coped with this up to now by adding a message_send_all() in the
SIGCHLD and cluster reconfigure handlers to send a MSG_SMB_UNLOCK to
all smbd processes. That would generate O(N^2) work when a large
number of clients disconnected at once (such as on a network outage),
which could leave the whole system unusable for a very long time (many
minutes, or even longer).
By adding a minimum re-check time for pending byte range locks we
avoid this problem by ensuring that pending locks are retried at a
more regular interval.
Jeremy Allison [Fri, 5 Feb 2010 23:20:18 +0000 (15:20 -0800)]
Fix bug 7104 - "wide links" and "unix extensions" are incompatible.
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
s4:UID wrapper - Make it work on older distributions
On my older CentOS 4 installation I had the problem with the missing
substitution prototypes ("uwrap_*"). So I added them to "uid_wrapper.h".
Also, I made the head of the "uid_wrapper.c" file more like the one of
"nss_wrapper.c" - it shouldn't change that much, I did it only to be consistent.
This patch should fix the build on older distributions while keep it running on
newer ones.
The includes of the UID wrapper headers werent't really efficient according
to metze's post on the technical mailing list (http://lists.samba.org/archive/samba-technical/2010-February/069165.html).
To achieve this move the "uid_wrapper.h" includes into "lib/util/unix_privs.c",
"lib/util/util.c", "ntvfs/posix/pvfs_acl.c" and "ntvfs/unixuid/vfs_unixuid.c".
The code part makes use of the "NSS wrapper" if it is enabled. Surprisingly
the build process doesn't break with the missing dependency on more recent
systems. But with an older CentOS 4 installation it has been broken.
This patch should fix the problem on older distributions while keep the build
running on newer ones.
projects / thirdparty / samba.git / log
