Aaron Haslett [Thu, 28 Feb 2019 03:55:31 +0000 (16:55 +1300)]
tests: Reduce likelihood of auth_log test locking up during CI
We would sometimes see the auth_log test hang during a CI run. The CI
job would eventually fail after consuming a costly 10 hours of CI
runtime.
We believe the problem is around the test creating multiple instances of
the Messaging() context. This is a similar race condition to what was
seen in 19f34b2161dee26.
Currently a new Messaging() context is created for every test case. By
using classmethods instead, the Messaging context is only created once
per python test file execution (i.e. creation of the python class,
rather than initialization of the python object, which happens for every
test-case).
This means the test will only create one Messaging() context, which
should avoid any race conditions.
Changes:
+ removed msg_ctxs - this wasn't actually used for anything.
+ use classmethods to setup and tear-down the Messaging() context (and
tweak lp initialization accordingly).
+ fix discardMessages() - the loop wasn't actually discarding any
messages previously (this may also have been the cause of the test
hanging).
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Mar 5 13:10:43 UTC 2019 on sn-devel-144
Douglas Bagnall [Sun, 24 Feb 2019 06:31:07 +0000 (19:31 +1300)]
pidl/Python: initialise a datablob
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 4 22:41:01 UTC 2019 on sn-devel-144
Douglas Bagnall [Thu, 21 Feb 2019 03:47:55 +0000 (16:47 +1300)]
dsdb pytsts: reduce scale of subtree rename speed test
The speed test, when it was introduced a few patches ago, was
deliberately slow so that we could see how much better the changes
were. It used 500 users, 50 groups, and 27 computers.
Before the changes, it took this long:
rename ou took 64.373s
rename group took 0.160s
rename user took 0.004s
rename computer took 0.123s
After using the sorted links, it took this long:
rename ou took 12.984s
rename group took 0.161s
rename user took 0.004s
rename computer took 0.122s
And with the final patch to stop the linear search early on success:
rename ou took 11.680s
rename group took 0.089s
rename user took 0.004s
rename computer took 0.128s
"rename ou" is the one we were aiming at. Now that we have done that,
we reduce the size of the test so as not to slow down everyone's
autobuilds.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 9 Jan 2019 04:57:15 +0000 (17:57 +1300)]
dsdb linked attributes: fix forward links faster
Rename operations can be very slow in large database with many group
memberships, because the linked attributes need to be found and
rewritten for each moved object and the way we did that was naive.
For a while now Samba has kept forward links in sorted order, so
finding group memberships can be an O(log n) rather than O(n)
operation. This patch makes use of that.
The backlinks are not sorted, nor are forward links in old databases,
so we have to use a linear search in those cases.
There is a little bit of extra work to handle the few kinds of forward
links (e.g. msDS-RevealedUsers) that have DN+Binary values.
Tim and Garming came up with the basic idea and a prototype.
Pair-programmed-with: Tim Beale <timbeale@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 14 Feb 2019 21:27:14 +0000 (10:27 +1300)]
dsdb: linked_attributes module knows about sorted links
Until now the linked attrbutes module has allocated its private data
on a per transaction basis, but we prefer to check the sorted links
feature less often than that. So the private data struct is given
module life time and a transaction member to carry out the old role.
In coming patches, the sorted links flag will be used.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 14 Feb 2019 21:29:33 +0000 (10:29 +1300)]
dsdb:replmd: add compatible feature helper function
repl_meta_data.c uses the compatible features attribute of the
"@SAMBA_DSDB" special object to record that linked attributes are
being stored in the database in a sorted order. Soon the
linked_attributes module is going to want to know the same thing, and
in time other modules will want to know about other compatible
features, so we introduce a helper function.
Error checking is slightly improved.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 30 Jan 2019 23:18:59 +0000 (12:18 +1300)]
dsdb/pytests: sanity checks for links under subtree renames
These tests will ensure that linked attributes continue to be handled
correctly under forthcoming changes. The la_move_ou_tree_big() test
will show that the changes make this much faster, after which it can
perhaps be removed.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 25 Feb 2019 22:10:46 +0000 (11:10 +1300)]
tests: Work auth_log CLIENT_IP out from config instead of env var
Instead of passing the CLIENT_IP to the auth_log tests, we can just
work out the source-IP that the client will use from its smb.conf file.
This only works for auth_log_pass_change, but not auth_log.py - the
latter still needs to be run on the :local testenv for other reasons, so
it doesn't use the client.conf. However, we can still update the base
code to use the client.conf IP, as auth_log.py overrides
self.remoteAddress anyway.
The main advantage of this change is it avoids having hardcoded IP
addresses in the selftest framework.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 25 Feb 2019 22:06:52 +0000 (11:06 +1300)]
tests: Work audit_log CLIENT_IP out from config instead of env var
Instead of passing the CLIENT_IP to the audit_log tests, we can just
work out the source-IP that the client will use from its smb.conf file.
Because the audit_log tests are all run on the non-local testenv,
they'll already use the client.conf and the 127.0.0.11 address.
The main advantage of this change is it avoids having hardcoded IP
addresses in the selftest framework.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 25 Feb 2019 21:53:43 +0000 (10:53 +1300)]
tests: Remove explicit SOCKET_WRAPPER usage from auth_log tests
The auth-logging tests are an odd combination of server and client
behaviour. On the one hand we want a IRPC connection to see the auth
events being logged on the server. On the other hand, we want the auth
events to appear to be happening on a client. Currently we hardcode in
the use of a SOCKET_WRAPPER interface to make this happen.
We can avoid this explicit socket wrapper usage by using the server
smb.conf instead in the one place we actually want to act like the
server (creating the IRPC connection). Then we can switch from using
the 'ad_dc*:local' testenvs to use 'ad_dc*', in order to act like a
client by default. The SERVERCONFFILE environment variable has already
been added for the few cases where a test needs explicit access to the
server's smb.conf.
However, for samba.tests.auth_log, the samlogon test cases are still
reliant on being run on the :local testenv, and so we can't switch them
over just yet. This is because the samlogon is using the DC's machine
creds underneath, which will fail on the non-local testenv. We could
create separate machine creds for the client and use those, but this is
a non-trivial rework of the test code.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 25 Feb 2019 21:17:21 +0000 (10:17 +1300)]
s4:tests: Avoid passing unnecessary env variables to auth_log tests
These tests all use the ncalrpc connection, so they're always testing a
connection that's local to the server-side. Therefore passing in the
CLIENT_IP and SOCKET_WRAPPER_DEFAULT_IFACE variables (in order to try to
simulate a client connecting) is unnecessary.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 28 Jan 2019 01:11:09 +0000 (14:11 +1300)]
tests: Remove redundant credentials from auth_log tests
The LDB connection in these tests is to the direct sam.ldb file on disk,
so the credentials are not actually needed (and in fact, weren't event
initialized correctly). These tests always need to run on the DC itself
(i.e. :local testenv) because they use ncalrpc connections.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Sat, 2 Mar 2019 14:37:38 +0000 (15:37 +0100)]
tests: add a simple test for smbcacls -x
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar 4 19:11:06 UTC 2019 on sn-devel-144
Ralph Boehme [Fri, 1 Mar 2019 17:06:48 +0000 (18:06 +0100)]
s4:torture: add a test with additional bits in SEC_FLAG_MAXIMUM_ALLOWED
When access_mask contains SEC_FLAG_MAXIMUM_ALLOWED, the server must still
proces other bits from access_mask. Eg if access_mask contains a right that
the requester doesn't have, the function must validate that against the
effective permissions.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 1 Mar 2019 17:20:35 +0000 (18:20 +0100)]
libcli/security: correct access check and maximum access calculation for Owner Rights ACEs
We basically must process the Owner Rights ACEs as any other ACE wrt to the
order of adding granted permissions and checking denied permissions. According
to MS-DTYP 2.5.3.2 Owner Rights ACEs must be evaluated in the main loop over
the ACEs in an ACL and the corresponding access_mask must be directly applied
to bits_remaining. We currently defer this to after the loop over the ACEs in
ACL, this is wrong.
We just have to do some initial magic to determine if an ACL contains and
Owner Rights ACEs, and in case it doesn't we grant SEC_STD_WRITE_DAC |
SEC_STD_READ_CONTROL at the *beginning*. MS-DTYP:
-- the owner of an object is always granted READ_CONTROL and WRITE_DAC.
CALL SidInToken(Token, SecurityDescriptor.Owner, PrincipalSelfSubst)
IF SidInToken returns True THEN
IF DACL does not contain ACEs from object owner THEN
Remove READ_CONTROL and WRITE_DAC from RemainingAccess
Set GrantedAccess to GrantedAccess or READ_CONTROL or WRITE_OWNER
END IF
END IF
b9e91d2a8e41a43d7ebb7d7eed807a7d8de9b329 added fd==-1 checks to the
lseek() path to handle "stat opens". Current reply.c and
smb2_ioctl_filesys.c callers do not invoke SMB_VFS_LSEEK() with
stat-open fsp structs, so the fd==-1 checks can be removed from the
VFS.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 3 Mar 2019 21:09:26 +0000 (22:09 +0100)]
CI: don't use swap
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Mar 4 13:59:42 UTC 2019 on sn-devel-144
Volker Lendecke [Thu, 28 Feb 2019 20:47:51 +0000 (21:47 +0100)]
libsmb: Make cli_posix_unlink/rmdir proper tevent_req/subreq pairs
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 2 00:55:56 UTC 2019 on sn-devel-144
Compilation currently fails, as ctdb_mutex_ceph_rados_helper doesn't
include or link against the samba-util library. Revert back to the
previous strtoull() behaviour, which works fine.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 1 18:34:18 UTC 2019 on sn-devel-144
Amitay Isaacs [Fri, 1 Mar 2019 03:18:31 +0000 (14:18 +1100)]
ctdb-daemon: Fix maybe-uninitialized error with picky developer
263/386] Compiling ctdb/server/ctdb_recovery_helper.c
In file included from ../../server/ctdb_recovery_helper.c:24:0:
../../server/ctdb_recovery_helper.c: In function ‘main’:
../../../lib/talloc/talloc.h:911:34: error: ‘mem_ctx’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
#define TALLOC_FREE(ctx) do { if (ctx != NULL) { talloc_free(ctx); ctx=NULL; } } while(0)
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Fri Mar 1 17:05:19 UTC 2019 on sn-devel-144
Volker Lendecke [Thu, 28 Feb 2019 12:47:22 +0000 (13:47 +0100)]
libsmb: Make cli_smb2_rmdir asynchronous
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 1 01:30:35 UTC 2019 on sn-devel-144
Swen Schillig [Tue, 5 Feb 2019 07:39:14 +0000 (08:39 +0100)]
lib: modify string conversion wrapper to handle signed input
The standard string conversion routines convert a "signed string"
into the positive representation of the resulting value.
This is not wanted and therefore now detected and flag'ed as an error.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Wed, 30 Jan 2019 09:28:52 +0000 (10:28 +0100)]
ctdb-utils: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Wed, 30 Jan 2019 08:31:34 +0000 (09:31 +0100)]
source4: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Wed, 30 Jan 2019 07:39:15 +0000 (08:39 +0100)]
libcli: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Wed, 30 Jan 2019 07:33:02 +0000 (08:33 +0100)]
common-lib: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Tue, 29 Jan 2019 13:36:44 +0000 (14:36 +0100)]
wbinfo: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Tue, 29 Jan 2019 13:21:25 +0000 (14:21 +0100)]
libwbclient: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Tue, 29 Jan 2019 12:27:28 +0000 (13:27 +0100)]
ctdb-tools: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Tue, 29 Jan 2019 12:07:56 +0000 (13:07 +0100)]
ctdb-server: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Tue, 29 Jan 2019 12:03:20 +0000 (13:03 +0100)]
ctdb-protocol: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Mon, 28 Jan 2019 13:35:30 +0000 (14:35 +0100)]
rpcclient: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Mon, 28 Jan 2019 13:30:15 +0000 (14:30 +0100)]
modules: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Mon, 28 Jan 2019 13:07:39 +0000 (14:07 +0100)]
winbindd: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Mon, 28 Jan 2019 12:57:15 +0000 (13:57 +0100)]
passdb: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Mon, 28 Jan 2019 12:36:45 +0000 (13:36 +0100)]
utils: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Mon, 28 Jan 2019 12:12:09 +0000 (13:12 +0100)]
groupdb: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Swen Schillig [Mon, 28 Jan 2019 11:54:07 +0000 (12:54 +0100)]
lib: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Ralph Böhme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Feb 28 19:18:16 UTC 2019 on sn-devel-144
Volker Lendecke [Tue, 26 Feb 2019 14:10:21 +0000 (15:10 +0100)]
passdb: Introduce xid_to_sid
This explicitly avoids the legacy_[ug]id_to_sid calls, which create
long-term cache entries to S-1-22-x-y if anthing fails. We can't do
this, because this will turn temporary winbind communication failures
into long-term problems: A short hickup in winbind_uid_to_sid will
create a mapping to S-1-22-1-uid for a week. It should be up to the
lower layers to do the caching.
Volker Lendecke [Tue, 26 Feb 2019 13:45:32 +0000 (14:45 +0100)]
lib: Introduce winbind_xid_to_sid
This does not merge a winbind communication error into
"global_sid_NULL" (S-1-0-0), which by the way non-intuitively does not
go along with is_null_sid(). Instead, this just touches the output sid
when winbind returned success. This success might well be a negative
mapping indicated by S-0-0, which *is* is_null_sid()...
Volker Lendecke [Tue, 26 Feb 2019 11:46:39 +0000 (12:46 +0100)]
idmap_cache: Only touch "sid" on success in find_xid_to_sid
Why? This makes the negative mapping condition (is_null_sid) more
explicit in the code.
The callers in lookup_sid initialized "psid" anyway before, and the ones
in wb_xids2sids now do as well. This is more in line with other APIs we
have: Only touch output parameters if you have something to say.
David Disseldorp [Wed, 27 Feb 2019 11:09:52 +0000 (12:09 +0100)]
docs: fix minor typo in smb.conf "log level" section
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Feb 27 16:22:27 UTC 2019 on sn-devel-144
David Disseldorp [Tue, 26 Feb 2019 12:54:21 +0000 (13:54 +0100)]
vfs_ceph: drop ifdef HAVE_FCHOWN/_FCHMOD
The cephwrap_fchown() and cephwrap_fchmod() wrappers call the
corresponding libcephfs functions. It doesn't make sense to make this
logic dependent on regular fchown()/fchmod() function presence, so remove
the ifdefs.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
David Disseldorp [Tue, 26 Feb 2019 20:26:27 +0000 (21:26 +0100)]
vfs_ceph: add missing fallocate hook
SMB_VFS_FALLOCATE() calls atop a vfs_ceph share currently fall through
to vfs_default, which results in a local filesystem I/O attempt using a
libcephfs file-descriptor. Add the missing fallocate hook to vfs_ceph.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 27 11:24:59 UTC 2019 on sn-devel-144
projects / thirdparty / samba.git / log
