Douglas Bagnall [Fri, 16 Aug 2024 02:06:53 +0000 (14:06 +1200)]
ldb:pytest:api: remove pass-though tearDowns
The result is exactly the same, unless we previously had the wrong
class name in the pass-through, in which case the result is *probably*
the same, only more correct.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
ctdb: Use str_list_add_printf() in lock_helper_args()
Saves lines, str_list_add_printf takes care of NULL checks
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sun Sep 22 10:44:59 UTC 2024 on atb-devel-224
All the existing calls are right before returns, so they don't really
matter. But you never know when the code will change, and any compiler
will wipe the NULL assignment.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Sep 20 05:54:43 UTC 2024 on atb-devel-224
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Sep 19 21:27:07 UTC 2024 on atb-devel-224
s3:tests: let test_durable_handle_reconnect.sh run smb2.durable-v2-regressions.durable_v2_reconnect_bug15624
This demonstrates the dead lock after a durable reconnect failed
because the stat info changed, the file can't be accessed anymore
as we leak the incomplete share mode entry in a still running
process.
Can be used to enable printing an error message if tevent event handlers ran
longer then three seconds. Also logs a message with a loglevel of 3 if there
were no events at hall.
Enabled by default with 'log level = 10' or
'smbd profiling level = on'...
Ralph Boehme [Wed, 20 Mar 2024 13:27:27 +0000 (14:27 +0100)]
smbd: move trace_state variable behind tv variable
Next commit adds timestamp variables to trace_state that want to be initialized
with the current time, so moving behind tv we can then just reuse tv for that.
By enabling this a process sending a lease break message to another process
holding a lease will start watching that process and if that process didn't
process the lease break within 10 seconds (cf server_id_watch_waited()), we log
a kernel stack backtrace of that process.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Sep 18 19:45:56 UTC 2024 on atb-devel-224
Jeremy Allison [Tue, 17 Sep 2024 18:47:31 +0000 (11:47 -0700)]
s4: torture: Add a new test lease_rename_with_overwrite.
Creates and opens two files with leases, then tries
rename-with-overwrite on file_src -> file_dst.
Ensures we get a lease break on file_dst before
getting the access denied response.
Passes against Windows, fails against Samba.
Add knownfail.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Sep 18 05:42:15 UTC 2024 on atb-devel-224
sync machine password to keytab: handle FreeIPA use case
FreeIPA uses own procedure to retrieve keytabs and during the setup of
Samba on FreeIPA client the keytab is already present, only machine
account needs to be set in the secrets database.
'sync machine password to keytab' option handling broke this use case by
always attempting to contact a domain controller and failing to do so
(Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=2309199).
The original synchronizing machine account password to keytab feature
did not have a mechanism to disable its logic at all.
Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Sep 13 13:16:09 UTC 2024 on atb-devel-224
Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Sep 12 16:51:14 UTC 2024 on atb-devel-224
Anoop C S [Thu, 5 Sep 2024 09:46:54 +0000 (15:16 +0530)]
vfs_ceph_new: Pass module config to userperm helpers
userperm helpers will switch to function references instead of direct
invocation of APIs. This would mean the matching config structure is
passed to those helpers.
Anoop C S [Thu, 5 Sep 2024 08:31:37 +0000 (14:01 +0530)]
vfs_ceph_new: Hold a config reference in vfs_ceph_fh
This is required to perform the cleanup when fsp extension destructor is
called as part of VFS_REMOVE_FSP_EXTENSION where mount information and
function references are to be used in upcoming changes.
Anoop C S [Thu, 5 Sep 2024 09:20:48 +0000 (14:50 +0530)]
vfs_ceph_new: Call vfs_ceph_userperm_new with handle->conn
vfs_ceph_userperm_new() only need connection structure from handle
for fetching the current unix token. Therefore modify the signature
to accept just handle->conn.
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
vfs_ceph_new: Dynamically open library for 'proxy' mode
Use dlopen() to load either of the shared libraries(libcephfs.so or
libcephfs_proxy.so) based on the configuration for 'proxy' module
parameter. Further down the line we will define the required APIs
as function pointers within the config structure.
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
vfs_ceph_new: Introduce new parametric option 'proxy'
Provide early support for consuming yet to come libcephfs proxy[1] for
optimized resource utilization. For better control we make use of an
additional module specific option 'proxy' to specify the intent to load
proxy library. With the default value 'no' a regular cephfs connection
is established. There is also an 'auto' mode which can fall back to the
regular connection if proxy requirements are not met.
vfs_ceph_new: Add a new struct to hold ceph module config
Consolidate all required configuration related data under a dedicated
structure named vfs_ceph_config. As of now it includes the location of
configuration file, file system name, ceph client user id and mount
related information. This is expected to grow in future with more
details as and when required. Apart from that small cleanups are also
done to make code more robust.
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Shachar Sharon [Mon, 12 Aug 2024 11:45:53 +0000 (14:45 +0300)]
vfs_ceph_new: implement DFS hooks using libcephfs low-level APIs
Refactor the VFS hooks 'create_dfs_pathat_fn' and 'read_dfs_pathat_fn'
in 'vfs_ceph_new.c' to use libcephfs low-level APIs: instead of using
path-based operations (as done in legacy 'vfs_ceph.c') use inode based
operations to create and read msdfs symbolic-links values.
Volker Lendecke [Fri, 30 Aug 2024 15:03:38 +0000 (17:03 +0200)]
libndr: Apply endianness flags to subndr
We're creating a fresh subcontext for a "[MS-RPCE] 2.2.6 Type
Serialization Version 1". Probably nobody has tested a big endian
subcontext yet.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Sep 10 23:04:19 UTC 2024 on atb-devel-224
tests: Improve the error message for bad format chars
Print the faulty character for easier finding it.
I did not find out how to split the format string into two lines such
that self.fail would properly print the whole thing in its exception,
so we have a long line here.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Mon, 9 Sep 2024 13:58:26 +0000 (14:58 +0100)]
librpc/ndr: Fix fuzz CI on latest tumbleweed
running samba-fuzz CI job on latest tumbleweed docker image results in;
../../librpc/ndr/ndr_orpc.c: In function ‘ndr_print_DUALSTRINGARRAY’:
../../librpc/ndr/ndr_orpc.c:97:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
97 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^
../../librpc/ndr/ndr_orpc.c:97:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
97 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../librpc/ndr/ndr_orpc.c:105:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
105 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^
../../librpc/ndr/ndr_orpc.c:105:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
105 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../librpc/ndr/ndr_orpc.c: In function ‘ndr_print_STRINGARRAY’:
../../librpc/ndr/ndr_orpc.c:159:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
159 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^
../../librpc/ndr/ndr_orpc.c:159:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
159 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue Sep 10 01:22:28 UTC 2024 on atb-devel-224
netcmd: user: Fix typo in samba-tool error message
Fix typo in "samba-tool user add" error message when adding a user with
NIS features : the argument for the uid number is --uid-number and not
--uidNumber.
RN: Fix typo in samba-tool error message.
Signed-off-by: Lyanis Souidi <lyanis.souidi@u-pec.fr> Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
reinit_after_fork() may panic or return an error on failure. When smbd
is started in interactive mode, it ignores the reinit_after_fork()
return status and unconditionally proceeds to smbd_process().
Similarly, if messaging_reinit() fails within reinit_after_fork() then
it will subsequently call ctdb_async_ctx_reinit() if clustering is
enabled.
There's no reason why these errors shouldn't be handled immediately, so
add appropriate error handling.
Found by code inspection; not seen in the wild.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Sep 4 09:53:01 UTC 2024 on atb-devel-224
Ralph Boehme [Fri, 5 Jul 2024 14:22:18 +0000 (16:22 +0200)]
smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.
Just passing the base fsp to the VFS fixes this.
vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.
If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.
Shachar Sharon [Tue, 20 Aug 2024 09:45:07 +0000 (12:45 +0300)]
vfs_ceph_new: handle case of readlinkat with empty name string
Commit 53c9269b (vfs_ceph_new: use low-level APIs for symlink/readlink)
introduced readlinkat using libcephfs low-level APIs. However, it does
not handle properly the case where readlinkat operates on empty name
string (see man readlinkat(2)), such as:
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Aug 30 10:42:27 UTC 2024 on atb-devel-224
Martin Schwenke [Wed, 10 Apr 2024 06:55:01 +0000 (16:55 +1000)]
ctdb-tests: Add persistent TDB backup tests
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Aug 30 00:08:41 UTC 2024 on atb-devel-224
Martin Schwenke [Wed, 10 May 2023 02:21:07 +0000 (12:21 +1000)]
ctdb-failover: Add ctdb_smnotify_helper
statd callout will shortly be updated to use NFS utils' sm-notify.
This tiny helper will be used to create on-disk state files used by
sm-notify. These state files contain endian-specific fields, so
better to write a simple C implementation than to do crazy things in a
shell script (or call out to Python).
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Wed, 28 Aug 2024 10:32:45 +0000 (12:32 +0200)]
libndr: Streamline ndr_token_retrieve_cmp_fn
Rename the public function to ndr_token_peek_cmp_fn, the only user
does not remove the token. Factor out ndr_token_find to move the
token-removing logic to ndr_token_retrieve, the only caller that does
remove the token.
Keep libndr at 6.0.0, this has not been released yet.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 29 08:40:52 UTC 2024 on atb-devel-224
Noel Power [Wed, 28 Aug 2024 15:19:27 +0000 (16:19 +0100)]
libcli/smb: Fix failure of Smb3UnixTests.test_create_context_reparse
On tumbleweed at least the definition in py_reparse_put of 'reserved' as
'unsigned' causes the tag value to be overwritten. Note: ParseTuple is
given a format of 'Kk' where
K = unsigned long long (for tag)
k = unsigned long (for reserved)
The problem is 'reserved' is defined as 'unsigned' which on a
64 bit linux system has size 4. The size however of the 'unsigned long' type
on the same 64 bit system is 8. This causes 'tag' to be overwritten by
the value of 'reserved' because it's destination size is smaller than
expected.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15702 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Aug 28 18:38:01 UTC 2024 on atb-devel-224
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.
Reported-by: David Howells <dhowells@redhat.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
David Disseldorp [Fri, 23 Aug 2024 13:01:24 +0000 (13:01 +0000)]
s4:torture/smb2: test FSCTL_QUERY_ALLOCATED_RANGES truncation
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.
Flag the new test knownfail; fix in subsequent commit.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Douglas Bagnall [Wed, 31 Jul 2024 01:39:46 +0000 (13:39 +1200)]
dsdb:cracknames: free more on error (CID 240724)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Aug 28 05:39:36 UTC 2024 on atb-devel-224
Douglas Bagnall [Tue, 30 Jul 2024 21:20:50 +0000 (09:20 +1200)]
ldb:kv_index: help static analysers to not worry (CID 1615192)
The point of this realloc is that we are not using this array, but
keeping it around to remain a node the talloc tree. We'd prefer to
reduce it to nothing.
Coverity rightly spotted that it was reallocing an array of `struct
ldb_val` to an array of `struct ldb_val *`, which has a different size
and all. But it doesn't matter in this case, because we will never use
it.
Douglas Bagnall [Thu, 8 Aug 2024 23:29:11 +0000 (11:29 +1200)]
s4:drs:test:getncchanges: remove timeout failure
We don't need a timeout failure any more, since replication should
always work. Leaving the timeout in might sometimes cause a flapping
test if replication is being slow for some reason.
projects / thirdparty / samba.git / log
