Michael Tokarev [Mon, 18 Nov 2024 09:45:08 +0000 (12:45 +0300)]
libsamba-errors: eliminate dependency on samba-debug
libsamba-errors is a collection of error codes/descriptions
like strerror(), - it is a set of simple functions converting
error code to string or the like. However, in one single
place there's a DBG_DEBUG() "call" in errmap_unix.c, in
map_errno_from_nt_status(), which is here for a very long time
(since before samba3, initially with debug level 10).
Drop this debugging info, and eliminate extra dependency.
This makes libsamba-errors independent and self-contained,
with a well-known and stable ABI.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Michael Tokarev [Thu, 19 May 2022 17:37:21 +0000 (20:37 +0300)]
specify some deps on private libs actually used directly
Lots of samba libraries has incomplete dependencies listed
in wscript files. This usually is not a problem since the
link line includes dependencies of their dependencies of
their dependencies, and somewhere down that line all immediate
dependencies which are missing are actually present. But
sometimes this becomes a problem when a library does not
declare direct dependency on at least one private library
which it actually uses: in case no private library is
listed as direct dependency, private library directory is
not put into RUNPATH of the resulting binary, so the binary
can not find its own dependencies.
Fix a few such places, including some libraries which are
a part of public abi (libsmbldap, libndr).
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 1 19:16:03 UTC 2025 on atb-devel-224
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Dec 30 04:17:46 UTC 2024 on atb-devel-224
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec 20 07:59:51 UTC 2024 on atb-devel-224
Douglas Bagnall [Wed, 11 Dec 2024 02:56:20 +0000 (15:56 +1300)]
samba-tool user: hashlib.sha1 is always present
We maybe thought we were checking that sha1 was in hashlib, but we were
only checking that hashlib is in the Python library (`hashlib.sha1()`
would not raise ImportError).
The documentation says hashlib always contains sha1 -- if that
changes, it is better we know by failing noisily with the import error
at the top of the file.
Douglas Bagnall [Wed, 11 Dec 2024 01:30:15 +0000 (14:30 +1300)]
pyglue: add crypt() function
This wraps talloc_crypt_blob() from lib/util/util_crypt.c which in
turn wraps the system crypt[_r[n]].
We want this because the Python standard library crypt module is going
away. That one also wrapped the system crypt or crypt_r, so there
should be no change.
Douglas Bagnall [Mon, 29 Jul 2024 21:53:14 +0000 (09:53 +1200)]
samba-tool: no traceback for unauthenticated rootdse access
Under some circumstances rootdse returns an operations error with
"Operation unavailable without authentication" instead of insufficient
access rights.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Dec 20 00:00:02 UTC 2024 on atb-devel-224
The index code (lib/ldb_key_value/ldb_kv_index.c) recapitulates LDB
expression logic, and it seemed less than completely obvious that it
would never make a mistake and return a different result than an
unindexed search.
Here we run the same search on an unindexed database and on some that
have been indexed with a variety of options. We assert that the
results are identical over a number of searches.
By default, when run from the command line, that number is 495161,
which takes a couple of minutes. But if the SKIP_SLOW_TESTS
environment variable is set, the number is 33569, which takes 20
seconds or so. In selftest we set the variable and run the smaller
number.
The tests will print the cumulative search time for each database for
each testsuite, like this:
Like all benchmarks it is interesting but misleading. One caveat here
is that you have (probably) compiled tdb in developer mode without
optimisation, while lmdb is probably a system package compiled with -O2,
though perhaps not tuned to your exact architecture.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Pavel Filipenský [Mon, 16 Dec 2024 13:39:54 +0000 (14:39 +0100)]
s3:winbindd: Remove unused set_routing_domain()
Commit 9a613f4 winbindd: add routing_domain as parameter to add_trusted_domain
deleted all calls of set_routing_domain().
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Dec 17 13:30:25 UTC 2024 on atb-devel-224
Pavel Filipenský [Mon, 16 Dec 2024 13:12:22 +0000 (14:12 +0100)]
s4:torture: Remove test for deprecated WINBINDD_SHOW_SEQUENCE
torture_winbind_struct_show_sequence() is failing if run as:
make -j8 test TESTS="samba4.rpc.lsa.trusted.*ad_dc samba4.winbind.struct.ad_dc"
The reason is that the test constructs two lists of domains and assumes
that the list contain same domains in the same order.
However:
- the list based on DO_STRUCT_REQ_REP(WINBINDD_SHOW_SEQUENCE, &req, &rep) contains 51 domains
- the list based on DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep) contains 39 domains
and we got:
failure: show_sequence [ ../../source4/torture/winbind/struct_based.c:824: domlist[i].netbios_name was TORTURE201, expected TORTURE200: inconsistent order of domain lists
]
Both list are based on full domain list, however the smaller one filters
out domain without trust_type in winbindd_list_trusted_domains():
Volker Lendecke [Fri, 6 Dec 2024 08:19:08 +0000 (09:19 +0100)]
smbd: Streamline recursive_rmdir()
By factoring out recursive_rmdir_fsp() we can do the recursion using
openat_pathref_fsp_lcomp(). This makes strace for a recursive
directory removal look a *lot* cleaner.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Volker Lendecke [Thu, 5 Dec 2024 15:50:12 +0000 (16:50 +0100)]
smbd: Make can_delete_directory_fsp() look cleaner in strace
I'm not sure, but it might be that we don't have a full fd coming into
can_delete_directory_fsp() without O_PATH. We open a real fd for
readdir() in all cases, which we can use for sure in openat &
friends. Use that as dirfsp for openat.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Volker Lendecke [Wed, 4 Dec 2024 15:30:03 +0000 (16:30 +0100)]
printing: Remove a few obsolete openat_pathref_fsp() calls
driver_convert_unix calls filename_convert_dirfsp, which these days
fills smb_fname->fsp. So openat_pathref_fsp() will immediately return
success as it finds smb_fname->fsp != NULL.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Volker Lendecke [Wed, 4 Dec 2024 07:54:19 +0000 (08:54 +0100)]
smbd: Simplify smb_q_posix_acl()
Ensure it's called with a valid fsp. In the pathinfo case, use
get_posix_fsp() in the caller, in the fileinfo case the client has
sent us the fid. A client-visible fid is always a fsa fsp.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Volker Lendecke [Fri, 29 Nov 2024 12:06:03 +0000 (13:06 +0100)]
libcli: Make handling implicit_owner_rights bit easier to read
The first time I came across this I missed the "FALL_THROUGH" and had
to look closely at what happens. I had expected
IMPLICIT_OWNER_READ_CONTROL_AND_WRITE_DAC_RIGHTS to grant two rights,
which to me is now more obvious. It was correct before, but to me this
is now more obvious. YMMV.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Pavel Filipenský [Wed, 11 Dec 2024 21:33:17 +0000 (22:33 +0100)]
s3:open.c: Fix a typo
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Tue Dec 17 11:23:50 UTC 2024 on atb-devel-224
Jones Syue [Thu, 26 Sep 2024 09:17:14 +0000 (17:17 +0800)]
s3:vfs_crossrename: add back checking for errno ENOENT
strace gives a clue: samba try to remove 'file.txt' in the dst folder but
actually it is not existed yet, and got an errno = ENOENT,
renameat(32, "file.txt", 31, "file.txt") = -1 EXDEV (Invalid cross-device link)
unlinkat(31, "file.txt", 0) = -1 ENOENT (No such file or directory)
Commit 5c18f074be92 ("s3: VFS: crossrename. Use real dirfsp for
SMB_VFS_RENAMEAT()") seems unintentionally removed errno ENOENT checking,
so add it back could address 1st issue.
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Mon Dec 16 19:32:32 UTC 2024 on atb-devel-224
Martin Schwenke [Wed, 28 Jun 2023 04:01:44 +0000 (14:01 +1000)]
ctdb-scripts: Support storing statd-callout state in cluster filesystem
CTDB_STATD_CALLOUT_SHARED_STORAGE is a new configuration variable
indicating where statd-callout should store its NFS client locking
data. See the update to ctdb-script.options(5) for details.
This adds back functionality that was removed in commit 12cc82623150ca4a83482f1b7165401cbdecd3de. The commit message doesn't
say why this was changed but it was most likely due to a cluster
filesystem hanging at inopportune times. Hence, this is re-added as a
non-default option. There are 2 justifications for re-adding it:
* The existing method (persistent_db) relies on dequeuing data during
the monitor event, which loses any queued data on node crash.
* NFS-Ganesha writes NFSv4 client locking data to a cluster
filesystem, by default. Something similar might as well exist for
NFSv3.
Note that this could create the files for sm-notify in add-client.
However, this would require an alternate implementation of
send_notifies() (or a change to the implementation for persistent_db
too). It seems better to leave add-client lightweight and do the work
in notify, since add-client is a more frequent operation.
Unconditionally create the state directory on startup. This is
currently implicitly created for persistent_db when the queue
directory is created. However, it isn't created anywhere else for
shared_dir, so do it in a common place.
In test mode, the shared storage location has a prefix added so files
are created within the test environment.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 4 Jun 2024 23:32:21 +0000 (09:32 +1000)]
ctdb-scripts: Fix impending SM_NOTIFY versus record deletion race
SM_NOTIFYs are sent before client records are deleted. Theoretically,
this means new records resulting from lock reclaim can be deleted.
This doesn't actually happen at the moment because any new "records"
resulting from lock reclaim are entered into the queue directory and
only dequeued to the database during a later monitor event. Since a
monitor event can't collide with an ipreallocated event, no records
can be dequeeued into the database during the ipreallocated event, so
they can't be deleted by delete_records().
However, a subsequent commit will add direct writing of records into a
shared cluster filesystem directory. This means that add-client
events will cause records to be added directly to that directory so,
without a fix, the race will be able to occur.
So, delete records before sending SM_NOTIFYs. In theory, the script
could be killed before all SM_NOTIFYs are successfully sent, resulting
in loss of locks. However, given the overall lack of error checking,
there are other, more likely problems.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 27 Jun 2023 03:37:56 +0000 (13:37 +1000)]
ctdb-scripts: Factor out some statd-callout functions
This captures all of the persistent database (currently ctdb.tdb)
implementation-specific details in functions. Alternate
implementations can now be easily added.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
projects / thirdparty / samba.git / log
