Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 9afcd5331ce567bd80d35175f8e4e21c506e9347)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 07a8326746f0c444eedf3860b178fc29d84e8d16)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 3e8a435d27da899d0e3dab7cbc0a1c738067eba3)
blackbox/dbcheck-links.sh: reproduce lost deleted object problem
When a parent object is removed during the tombstone garbage collection
before a child object and samba-tool dbcheck runs at the same time, the
following can happen:
- If the object child had DISALLOW_MOVE_ON_DELETE in systemFlags,
samba-tool dbcheck moves the object under the LostAndFound[Config]
object (as an originating update!)
- The lastKnownParent attribute is removed (as an originating update!)
These originating updates cause the object to have an extended time
as tombstone. And these changes are replicated to other DCs,
which very likely already removed the object completely!
This means the destination DC of replication has no chance to handle
the object it gets from the source DC with just 2 attributes (name, lastKnownParent).
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5357f591accffbf8c62335c308b985811b66f0b5)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 27 11:24:59 UTC 2019 on sn-devel-144
Noel Power [Fri, 7 Sep 2018 11:42:19 +0000 (12:42 +0100)]
python/samba: PY3 port for ridalloc_exop test to work
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit fc13a1268a4a9de94efd312a8309aa55d331ae19)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit bf469343f577e2d78df0e38d80e7976b351eaf0d)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Mar 26 12:30:35 UTC 2019 on sn-devel-144
Martin Schwenke [Thu, 14 Mar 2019 05:32:02 +0000 (16:32 +1100)]
ctdb-tests: Add some testing for IPv4-mapped IPv6 address parsing
ctdb_sock_addr values are hashed in some contexts. This means that
all of the memory used for the ctdb_sock_addr should be consistent
regardless of how parsing is done. The first 2 cases are just sanity
checks but the 3rd case involving an IPv4-mapped IPv6 address is the
real target of this test addition.
Zhu Shangzhong [Tue, 12 Mar 2019 12:49:48 +0000 (20:49 +0800)]
ctdb: Initialize addr struct to zero before reparsing as IPV4
Failed to kill the tcp connection that using IPv4-mapped IPv6 address
(e.g. ctdb_killtcp eth0 ::ffff:192.168.200.44:2049
::ffff:192.168.200.45:863).
When the ctdb_killtcp is used to kill the tcp connection, the IPs and
ports in the connection will be parsed to conn.client and conn.server
(call stack: main->ctdb_sock_addr_from_string->ip_from_string). In
the ip_from_string, as we are using IPv4-mapped IPv6 addresses, the
ipv6_from_string will be used to parse ip to addr.ip6 first. The next
step the ipv4_from_string will be used to reparse ip to addr.ip.
As a result, the data that dump from conn.server is "2 0 8 1 192 168
200 44 0 0 0 0 0 0 0 0 0 0 255 255 192 168 200 44 0 0 0 0", the data
from conn.client is "2 0 3 95 192 168 200 45 0 0 0 0 0 0 0 0 0 0 255 255
192 168 200 45 0 0 0 0". The connection will be add to conn_list by
ctdb_connection_list_add. Then the reset_connections_send uses conn_list
as parameter to start to reset connections in the conn_list.
In the reset_connections_send, the database "connections" will be
created. The connections from conn_list will be written to the
database(call db_hash_add), and use the data that dump from conn_client
and conn_server as key.
In the reset_connections_capture_tcp_handler, the
ctdb_sys_read_tcp_packet will receive data on the raw socket. And
extract the IPs and ports from the tcp packet. when extracting IP and
port, the tcp4_extract OR tcp6_extract will be used. Then we got the
new conn.client and conn.server. the data that dump from the
conn.server is "2 0 8 1 192 168 200 44 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0", the data from conn.client is "2 0 3 95 192 168 200 45 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0". Finally, we use the data as key to check
if this connection is one being reset(call db_hash_delete). The
db_hash_delete will return ENOENT. Because the two key that being used
by db_hash_delete and db_hash_add are different.
So, the TCP RST will be NOT sent for the connection forever. We should
initialize addr struct to zero before reparsing as IPV4 in the
ip_from_string.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 6da3664f8a11397fd3fb38e89c2432b8bf321e59)
Rearrange sd_notify() call in become_daemon() to only send status to systemd
in this mode (Type=notify is not designed to monitor forking). Drop READY=0
(it does nothing) and MAINPID= (unnecessary because the process spawned by
systemd is already the main PID).
Also remove STATUS= prefix from debug messages.
Signed-off-by: Marcos Mello <marcosfrm@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 440ddf8470b11a46066d282bf8945201d547c192)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit c71334ec0c92e791022a9b7c900aa0dd649226c2)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Mar 12 17:01:14 UTC 2019 on sn-devel-144
Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 6 01:53:16 UTC 2019 on sn-devel-144
This change is for the backport only. The change in master increased the
ABI version to 0.28.0 and removed some functions; this should not happen
in a backport.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c5874b9b68e0795e9dc23b04efa5959ac03ec8dc)
Volker Lendecke [Tue, 26 Feb 2019 14:10:21 +0000 (15:10 +0100)]
passdb: Introduce xid_to_sid
This explicitly avoids the legacy_[ug]id_to_sid calls, which create
long-term cache entries to S-1-22-x-y if anthing fails. We can't do
this, because this will turn temporary winbind communication failures
into long-term problems: A short hickup in winbind_uid_to_sid will
create a mapping to S-1-22-1-uid for a week. It should be up to the
lower layers to do the caching.
Volker Lendecke [Thu, 18 Oct 2018 03:46:37 +0000 (05:46 +0200)]
lib: Add dom_sid_str_buf
This is modeled after server_id_str_buf, which as an API to me is easier to
use: I can rely on the compiler to get the buffer size right.
It is designed to violate README.Coding's "Make use of helper variables", but
as this API is simple enough and the output should never be a surprise at all,
I think that's worth it.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 2 20:11:11 CET 2018 on sn-devel-144
Volker Lendecke [Tue, 26 Feb 2019 13:45:32 +0000 (14:45 +0100)]
lib: Introduce winbind_xid_to_sid
This does not merge a winbind communication error into
"global_sid_NULL" (S-1-0-0), which by the way non-intuitively does not
go along with is_null_sid(). Instead, this just touches the output sid
when winbind returned success. This success might well be a negative
mapping indicated by S-0-0, which *is* is_null_sid()...
Volker Lendecke [Tue, 26 Feb 2019 11:46:39 +0000 (12:46 +0100)]
idmap_cache: Only touch "sid" on success in find_xid_to_sid
Why? This makes the negative mapping condition (is_null_sid) more
explicit in the code.
The callers in lookup_sid initialized "psid" anyway before, and the ones
in wb_xids2sids now do as well. This is more in line with other APIs we
have: Only touch output parameters if you have something to say.
Ralph Boehme [Fri, 1 Mar 2019 17:20:35 +0000 (18:20 +0100)]
libcli/security: correct access check and maximum access calculation for Owner Rights ACEs
We basically must process the Owner Rights ACEs as any other ACE wrt to the
order of adding granted permissions and checking denied permissions. According
to MS-DTYP 2.5.3.2 Owner Rights ACEs must be evaluated in the main loop over
the ACEs in an ACL and the corresponding access_mask must be directly applied
to bits_remaining. We currently defer this to after the loop over the ACEs in
ACL, this is wrong.
We just have to do some initial magic to determine if an ACL contains and
Owner Rights ACEs, and in case it doesn't we grant SEC_STD_WRITE_DAC |
SEC_STD_READ_CONTROL at the *beginning*. MS-DTYP:
-- the owner of an object is always granted READ_CONTROL and WRITE_DAC.
CALL SidInToken(Token, SecurityDescriptor.Owner, PrincipalSelfSubst)
IF SidInToken returns True THEN
IF DACL does not contain ACEs from object owner THEN
Remove READ_CONTROL and WRITE_DAC from RemainingAccess
Set GrantedAccess to GrantedAccess or READ_CONTROL or WRITE_OWNER
END IF
END IF
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Feb 28 19:18:16 UTC 2019 on sn-devel-144
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit 3ca38d2cd1189a5040e13ddab016063280be2b4d)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit 9f4ee05295827c9a607e1f63694a17906f777176)
Björn Jacke [Wed, 23 Jan 2019 13:01:26 +0000 (14:01 +0100)]
sambaundoguididx: use the right escaped oder unescaped sam ldb files
the correct filename is taken from the partition database before, we should not
unescape that because this can result in a new unescaped ldb file being created
and the script not to work at all.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 155f1289ba7a4802fbb99fbc9ea90d8bc6cff0c9)
[ddiss@samba.org: rebase atop 48t without 532ff3a5b958]
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Mar 5 13:01:15 UTC 2019 on sn-devel-144
David Disseldorp [Tue, 26 Feb 2019 20:26:27 +0000 (21:26 +0100)]
vfs_ceph: add missing fallocate hook
SMB_VFS_FALLOCATE() calls atop a vfs_ceph share currently fall through
to vfs_default, which results in a local filesystem I/O attempt using a
libcephfs file-descriptor. Add the missing fallocate hook to vfs_ceph.
Jeremy Allison [Sun, 24 Feb 2019 16:03:32 +0000 (08:03 -0800)]
s3: torture: Add additional POSIX mkdir tests.
Ensure that if POSIX_foo exists as a file
we return the correct error code NT_STATUS_OBJECT_PATH_NOT_FOUND
if we try and traverse it as a directory.
Also ensure creation/deletion of POSIX_foo/foo fails
for directories and files with NT_STATUS_OBJECT_PATH_NOT_FOUND
if the directory POSIX_foo/ doesn't exist.
Jeremy Allison [Sat, 23 Feb 2019 20:24:31 +0000 (12:24 -0800)]
smbd: unix_convert: Ensure we don't call get_real_filename on POSIX paths.
For posix_pathnames don't blunder into the name_has_wildcard OR
get_real_filename() codepaths as they may be doing case insensitive lookups.
So when creating a new POSIX directory 'Foo' they might
match on name 'foo'.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Feb 24 14:04:14 CET 2019 on sn-devel-144
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Feb 23 09:23:22 CET 2019 on sn-devel-144
Ralph Boehme [Fri, 22 Feb 2019 10:00:00 +0000 (11:00 +0100)]
winbindd: track whether a result from xid2sid was coming from the cache
This is needed in preparation of moving the step to update the idmap
cache from the per-idmap-domain callback wb_xids2sids_dom_done() to the
top-level callback wb_xids2sids_done().
Currently the sequence of action is:
* check cache, if not found:
* ask backends
* cache result from backend
* return results
Iow, if we got something from the cache, we don't write the cache.
The next commit defers updating the cache to the top-level callback, so
the sequence becomes
* check cache, if not found:
* ask backends
* cache results
* return results
This has two problems:
* it needlessly writes to the cache what we just got from it
* it possibly overwrites the ID_TYPE_BOTH for a SID-to-xid mapping in
the following case:
- someone calls wb_xids2sids_send() with xid.id=3000000,xid.type=ID_TYPE_GID
- cache lookup with idmap_cache_find_gid2sid() succeeds
- when caching results we'd call idmap_cache_set_sid2unixid() with the
callers xid.type=ID_TYPE_GID, so idmap_cache_set_sid2unixid() will
overwrite the SID-to-xid mapping with ID_TYPE_GID
Ralph Boehme [Fri, 22 Feb 2019 15:29:07 +0000 (16:29 +0100)]
winbindd: make xids a const argument to wb_xids2sids_send()
The previous commit made an internal copy of xids, this commit makes it
more obvious that we must not mess with the xids argument but treat it as
an in-parameter and don't write to it.
Ralph Boehme [Thu, 21 Feb 2019 17:34:51 +0000 (18:34 +0100)]
winbindd: make a copy of xid's in wb_xids2sids_send()
This is in preparation of setting the result of the mapping in the top-
level callback wb_xids2sids_done(), not in the per-idmap-domain callback
wb_xids2sids_dom_done().
When caching the mapping we need the id-type from the backend, so we
need a way to pass up that information from wb_xids2sids_dom_done() up
to wb_xids2sids_done()
The xids array copy gets passed from wb_xids2sids_send() to
wb_xids2sids_dom_send(), so wb_xids2sids_dom_done() can then directly
update the top-level copy.
This only properly covers the small-message nonblocking case. Covering
the large-message and the blocking case is a much larger effort assuming
we want to re-send the failed message if parts of the message has gone
through properly. Don't do that for now.
This was found by sanba_dnsupdate constantly recreating its irpc handle to
winbindd in the RODC case.
The messaging_dgm code cached connected datagram sockets based on the
destination pid for 1 second. Which means the IRPC responses from
winbindd are never delivered to samba_dnsupdate,
which will then hit a timeout.
Volker Lendecke [Thu, 7 Feb 2019 14:57:06 +0000 (15:57 +0100)]
messages_dgm: Use saved errno value
In this case this is just a cleanup, the value has just been set by
messaging_dgm_sendmsg. But as that already saves errno into a local
variable, use that.
Jiří Šašek [Thu, 6 Dec 2018 13:10:53 +0000 (14:10 +0100)]
notifyd: Fix SIGBUS on sparc
Problem is the structure "struct notify_instance" can lay in message buffer on
address not dividable by 8 but this structure begins by uint_64 (secs in
time-stamp). Structure should be re-packed to standalone buffer before the use.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Tue Feb 26 12:58:03 CET 2019 on sn-devel-144
Gary Lockyer [Mon, 18 Feb 2019 21:26:25 +0000 (10:26 +1300)]
CVE-2019-3824 ldb: wildcard_match check tree operation
Check the operation type of the passed parse tree, and return
LDB_INAPPROPRIATE_MATCH if the operation is not LDB_OP_SUBSTRING.
A query of "attribute=*" gets parsed as LDB_OP_PRESENT, checking the
operation and failing ldb_wildcard_match should help prevent confusion
writing tests.
Gary Lockyer [Mon, 18 Feb 2019 21:25:24 +0000 (10:25 +1300)]
CVE-2019-3824 ldb: ldb_parse_tree use talloc_zero
Initialise the created ldb_parse_tree with talloc_zero, this ensures
that it is correctly initialised if inadvertently passed to a function
expecting a different operation type.
e.g.
==3098== Memcheck, a memory error detector
==3098== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==3098== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==3098== Command: ./bin/ldbsearch (cn=test*multi)
==3098==
==3098== Invalid read of size 1
==3098== at 0x483CEE7: memchr (vg_replace_strmem.c:890)
==3098== by 0x49A9073: memmem (in /usr/lib64/libc-2.28.9000.so)
==3098== by 0x485DFE9: ldb_wildcard_compare (ldb_match.c:313)
==3098== by 0x485DFE9: ldb_match_substring (ldb_match.c:360)
==3098== by 0x485DFE9: ldb_match_message (ldb_match.c:572)
==3098== by 0x558F8FA: search_func (ldb_kv_search.c:549)
==3098== by 0x48C78CA: ??? (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x48C7A60: tdb_traverse_read (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x557B7C4: ltdb_traverse_fn (ldb_tdb.c:274)
==3098== by 0x558FBFA: ldb_kv_search_full (ldb_kv_search.c:594)
==3098== by 0x558FBFA: ldb_kv_search (ldb_kv_search.c:854)
==3098== by 0x558E497: ldb_kv_callback (ldb_kv.c:1713)
==3098== by 0x48FCD58: tevent_common_invoke_timer_handler (in /usr/lib64/libtevent.so.0.9.38)
==3098== by 0x48FCEFD: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.38)
==3098== by 0x48FE14A: ??? (in /usr/lib64/libtevent.so.0.9.38)
==3098== Address 0x4b4ab81 is 0 bytes after a block of size 129 alloc'd
==3098== at 0x483880B: malloc (vg_replace_malloc.c:309)
==3098== by 0x491048B: talloc_strndup (in /usr/lib64/libtalloc.so.2.1.15)
==3098== by 0x48593CA: ldb_casefold_default (ldb_utf8.c:59)
==3098== by 0x485F68D: ldb_handler_fold (attrib_handlers.c:64)
==3098== by 0x485DB88: ldb_wildcard_compare (ldb_match.c:257)
==3098== by 0x485DB88: ldb_match_substring (ldb_match.c:360)
==3098== by 0x485DB88: ldb_match_message (ldb_match.c:572)
==3098== by 0x558F8FA: search_func (ldb_kv_search.c:549)
==3098== by 0x48C78CA: ??? (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x48C7A60: tdb_traverse_read (in /usr/lib64/libtdb.so.1.3.17)
==3098== by 0x557B7C4: ltdb_traverse_fn (ldb_tdb.c:274)
==3098== by 0x558FBFA: ldb_kv_search_full (ldb_kv_search.c:594)
==3098== by 0x558FBFA: ldb_kv_search (ldb_kv_search.c:854)
==3098== by 0x558E497: ldb_kv_callback (ldb_kv.c:1713)
==3098== by 0x48FCD58: tevent_common_invoke_timer_handler (in /usr/lib64/libtevent.so.0.9.38)
==3098==
# record 1
dn: cn=test_multi_test_multi_test_multi,o=University of Michigan,c=TEST
cn: test_multi_test_multi_test_multi
description: test multi wildcards matching
objectclass: person
sn: multi_test
name: test_multi_test_multi_test_multi
distinguishedName: cn=test_multi_test_multi_test_multi,o=University of Michiga
n,c=TEST
Christof Schmitt [Tue, 12 Feb 2019 19:28:32 +0000 (12:28 -0700)]
waf: Check for libnscd
The check was in the old autoconf, but not in waf. As the code is still
in source3/lib/util_nscd.c, add the check for libnscd to allow building
and using the code.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Feb 6 10:19:12 CET 2019 on sn-devel-144
Ralph Boehme [Tue, 5 Feb 2019 12:56:53 +0000 (13:56 +0100)]
tldap: avoid a use after free crash
I saw the following crash in tldap in the winbindd idmap child on a
member server after messing with the LDAP server on the DC:
0 0x00007f77ea9a307a in __GI___waitpid (pid=9815, stat_loc=stat_loc@entry=0x7ffe77569eb0, options=options@entry=0) at ../sysdeps/unix/sysv/linux/waitpid.c:29
1 0x00007f77ea91bfbb in do_system (line=<optimized out>) at ../sysdeps/posix/system.c:148
2 0x00007f77edd8c24b in smb_panic_s3 (why=0x7f77f08e6e88 "Bad talloc magic value - access after free") at ../source3/lib/util.c:828
3 0x00007f77f15afe85 in smb_panic (why=0x7f77f08e6e88 "Bad talloc magic value - access after free") at ../lib/util/fault.c:170
4 0x00007f77f08e2678 in talloc_abort (reason=0x7f77f08e6e88 "Bad talloc magic value - access after free") at ../lib/talloc/talloc.c:472
5 0x00007f77f08e268b in talloc_abort_access_after_free () at ../lib/talloc/talloc.c:477
6 0x00007f77f08e2710 in talloc_chunk_from_ptr (ptr=0x55da7605a020) at ../lib/talloc/talloc.c:494
7 0x00007f77f08e4a19 in _talloc_free (ptr=0x55da7605a020, location=0x7f77e181474d "../source3/lib/tldap.c:1918") at ../lib/talloc/talloc.c:1716
8 0x00007f77e180b65c in tldap_search_all_done (subreq=0x55da7605a020) at ../source3/lib/tldap.c:1918
9 0x00007f77f0af0fd0 in _tevent_req_notify_callback (req=0x55da7605a020, location=0x7f77e1813e50 "../source3/lib/tldap.c:47") at ../lib/tevent/tevent_req.c:125
10 0x00007f77f0af10a5 in tevent_req_finish (req=0x55da7605a020, state=TEVENT_REQ_USER_ERROR, location=0x7f77e1813e50 "../source3/lib/tldap.c:47") at ../lib/tevent/tevent_req.c:162
11 0x00007f77f0af1113 in _tevent_req_error (req=0x55da7605a020, error=9780923860630110289, location=0x7f77e1813e50 "../source3/lib/tldap.c:47") at ../lib/tevent/tevent_req.c:180
12 0x00007f77e180781a in tevent_req_ldap_error (req=0x55da7605a020, rc=...) at ../source3/lib/tldap.c:47
13 0x00007f77e180b2c4 in tldap_search_done (subreq=0x55da76058280) at ../source3/lib/tldap.c:1813
14 0x00007f77f0af0fd0 in _tevent_req_notify_callback (req=0x55da76058280, location=0x7f77e1813e50 "../source3/lib/tldap.c:47") at ../lib/tevent/tevent_req.c:125
15 0x00007f77f0af10a5 in tevent_req_finish (req=0x55da76058280, state=TEVENT_REQ_USER_ERROR, location=0x7f77e1813e50 "../source3/lib/tldap.c:47") at ../lib/tevent/tevent_req.c:162
16 0x00007f77f0af11cd in tevent_req_trigger (ev=0x55da760526c0, im=0x55da76058360, private_data=0x55da76058280) at ../lib/tevent/tevent_req.c:219
17 0x00007f77f0af0378 in tevent_common_loop_immediate (ev=0x55da760526c0) at ../lib/tevent/tevent_immediate.c:135
18 0x00007f77f0af8b8f in epoll_event_loop_once (ev=0x55da760526c0, location=0x7f77f0af92b0 "../lib/tevent/tevent_req.c:269") at ../lib/tevent/tevent_epoll.c:911
19 0x00007f77f0af5925 in std_event_loop_once (ev=0x55da760526c0, location=0x7f77f0af92b0 "../lib/tevent/tevent_req.c:269") at ../lib/tevent/tevent_standard.c:114
20 0x00007f77f0aef201 in _tevent_loop_once (ev=0x55da760526c0, location=0x7f77f0af92b0 "../lib/tevent/tevent_req.c:269") at ../lib/tevent/tevent.c:725
21 0x00007f77f0af1361 in tevent_req_poll (req=0x55da7605eed0, ev=0x55da760526c0) at ../lib/tevent/tevent_req.c:269
22 0x00007f77e180fec9 in tldap_gensec_bind (ctx=0x55da76051ec0, creds=0x55da76052250, target_service=0x7f77e18164b3 "ldap", target_hostname=0x55da7605d182 "dc1.sdom1.site", target_principal=0x0, lp_ctx=0x55da76052180, gensec_features=6) at ../source3/lib/tldap_gensec_bind.c:358
23 0x00007f77e1810d21 in idmap_ad_get_tldap_ctx (mem_ctx=0x55da76050510, domname=0x55da76051d50 "sdom1", pld=0x55da76050518) at ../source3/winbindd/idmap_ad.c:326
24 0x00007f77e1811056 in idmap_ad_context_create (mem_ctx=0x55da76059c00, dom=0x55da76059c00, domname=0x55da76051d50 "sdom1", pctx=0x7ffe7756a5f8) at ../source3/winbindd/idmap_ad.c:374
25 0x00007f77e18119c0 in idmap_ad_get_context (dom=0x55da76059c00, pctx=0x7ffe7756a640) at ../source3/winbindd/idmap_ad.c:554
26 0x00007f77e181275b in idmap_ad_sids_to_unixids (dom=0x55da76059c00, ids=0x55da760518a0) at ../source3/winbindd/idmap_ad.c:784
27 0x00007f77e1813217 in idmap_ad_sids_to_unixids_retry (dom=0x55da76059c00, ids=0x55da760518a0) at ../source3/winbindd/idmap_ad.c:947
28 0x000055da7459ce05 in _wbint_Sids2UnixIDs (p=0x7ffe7756a870, r=0x55da76050860) at ../source3/winbindd/winbindd_dual_srv.c:202
29 0x000055da7460aa5e in api_wbint_Sids2UnixIDs (p=0x7ffe7756a870) at default/librpc/gen_ndr/srv_winbind.c:391
30 0x000055da7459c7f4 in winbindd_dual_ndrcmd (domain=0x0, state=0x7ffe7756abb8) at ../source3/winbindd/winbindd_dual_ndr.c:369
31 0x000055da7459828c in child_process_request (child=0x55da74874bc0 <static_idmap_child>, state=0x7ffe7756abb8) at ../source3/winbindd/winbindd_dual.c:666
32 0x000055da7459ae58 in child_handler (ev=0x55da7602c2b0, fde=0x55da7603f8a0, flags=1, private_data=0x7ffe7756abb0) at ../source3/winbindd/winbindd_dual.c:1567
33 0x00007f77f0af85f1 in epoll_event_loop (epoll_ev=0x55da76048b00, tvalp=0x7ffe7756aab0) at ../lib/tevent/tevent_epoll.c:728
34 0x00007f77f0af8c29 in epoll_event_loop_once (ev=0x55da7602c2b0, location=0x55da74628b08 "../source3/winbindd/winbindd_dual.c:1766") at ../lib/tevent/tevent_epoll.c:930
35 0x00007f77f0af5925 in std_event_loop_once (ev=0x55da7602c2b0, location=0x55da74628b08 "../source3/winbindd/winbindd_dual.c:1766") at ../lib/tevent/tevent_standard.c:114
36 0x00007f77f0aef201 in _tevent_loop_once (ev=0x55da7602c2b0, location=0x55da74628b08 "../source3/winbindd/winbindd_dual.c:1766") at ../lib/tevent/tevent.c:725
37 0x000055da7459b9e9 in fork_domain_child (child=0x55da74874bc0 <static_idmap_child>) at ../source3/winbindd/winbindd_dual.c:1766
38 0x000055da74596e96 in wb_child_request_waited (subreq=0x0) at ../source3/winbindd/winbindd_dual.c:188
39 0x00007f77f0af0fd0 in _tevent_req_notify_callback (req=0x55da7604f820, location=0x7f77f0af90f8 "../lib/tevent/tevent_queue.c:355") at ../lib/tevent/tevent_req.c:125
40 0x00007f77f0af10a5 in tevent_req_finish (req=0x55da7604f820, state=TEVENT_REQ_DONE, location=0x7f77f0af90f8 "../lib/tevent/tevent_queue.c:355") at ../lib/tevent/tevent_req.c:162
41 0x00007f77f0af10cd in _tevent_req_done (req=0x55da7604f820, location=0x7f77f0af90f8 "../lib/tevent/tevent_queue.c:355") at ../lib/tevent/tevent_req.c:168
42 0x00007f77f0af0cc1 in tevent_queue_wait_trigger (req=0x55da7604f820, private_data=0x0) at ../lib/tevent/tevent_queue.c:355
43 0x00007f77f0af06f2 in tevent_queue_immediate_trigger (ev=0x55da7602c2b0, im=0x55da760466a0, private_data=0x55da76046580) at ../lib/tevent/tevent_queue.c:149
44 0x00007f77f0af0378 in tevent_common_loop_immediate (ev=0x55da7602c2b0) at ../lib/tevent/tevent_immediate.c:135
45 0x00007f77f0af8b8f in epoll_event_loop_once (ev=0x55da7602c2b0, location=0x55da74612630 "../source3/winbindd/winbindd.c:1803") at ../lib/tevent/tevent_epoll.c:911
46 0x00007f77f0af5925 in std_event_loop_once (ev=0x55da7602c2b0, location=0x55da74612630 "../source3/winbindd/winbindd.c:1803") at ../lib/tevent/tevent_standard.c:114
47 0x00007f77f0aef201 in _tevent_loop_once (ev=0x55da7602c2b0, location=0x55da74612630 "../source3/winbindd/winbindd.c:1803") at ../lib/tevent/tevent.c:725
48 0x000055da74561431 in main (argc=2, argv=0x7ffe7756c968) at ../source3/winbindd/winbindd.c:1803
subreq is a child of the state of req which will already be free by the
callback of req.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Feb 9 03:43:50 CET 2019 on sn-devel-144
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 2ff2594b2bd878928cec30bc72a95a6d38bee154)
Jeremy Allison [Thu, 7 Feb 2019 02:01:52 +0000 (18:01 -0800)]
s4: torture: vfs_fruit. Change test_fruit_locking_conflict() to match the vfs_fruit working server code.
Originally added for BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
to demonstrate a lock order violation, this test
exposed problems in the mapping of SMB1/2 share modes
and open modes to NetATalk modes once we moved to OFD locks.
Change the test slightly (and add comments)
so it demonstrates working NetATalk share modes
on an open file.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 8 23:26:46 CET 2019 on sn-devel-144
However, due to underlying bugs in the vfs_fruit
code the file locks were not being properly applied.
There are two problems in fruit_check_access().
Problem #1:
Inside fruit_check_access() we have:
flags = fcntl(fsp->fh->fd, F_GETFL);
..
if (flags & (O_RDONLY|O_RDWR)) {
We shouldn't be calling fcntl(fsp->fh->fd, ..) directly.
fsp->fh->fd may be a made up number from an underlying
VFS module that has no meaning to a system call.
Secondly, in all POSIX systems - O_RDONLY is defined as
*zero*. O_RDWR = 2.
Which means flags & (O_RDONLY|O_RDWR) becomes (flags & 2),
not what we actually thought.
Problem #2:
deny_mode is *not* a bitmask, it's a set of discrete values.
Inside fruit_check_access() we have:
if (deny_mode & DENY_READ) and also (deny_mode & DENY_WRITE)
so if deny_mode = DENY_WRITE, or if deny_mode = DENY_READ
then it's going to trigger both the if (deny_mode & DENY_READ)
*and* the (deny_mode & DENY_WRITE) conditions.
These problems allowed the original test test_netatalk_lock code to
pass (which was added for BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
to demonstrate the lock order violation).
This patch refactors the fruit_check_access()
code to be much simpler (IMHO) to understand.
Firstly, pass in the SMB1/2 share mode, not old
DOS deny modes.
Secondly, read all the possible NetAtalk locks
into local variables:
Then do the share mode/access mode checks
with the requested values against any stored
netatalk modes/access modes.
Finally add in NetATalk compatible locks
that represent our share modes/access modes
into the file, with an early return if we don't
have FILE_READ_DATA (in which case we can't
write locks anyway).
The patch is easier to understand by looking
at the completed patched fruit_check_access()
function, rather than trying to look at the
diff.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 84069c8a5476a47d45ab946d82abb0d6c04635c3)
Jeremy Allison [Fri, 18 Jan 2019 22:24:30 +0000 (14:24 -0800)]
smbd: uid: Don't crash if 'force group' is added to an existing share connection.
smbd could crash if "force group" is added to a
share definition whilst an existing connection
to that share exists. In that case, don't change
the existing credentials for force group, only
do so for new connections.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jan 25 16:31:27 CET 2019 on sn-devel-144
Signed-off-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Fri Feb 1 19:25:03 CET 2019 on sn-devel-144
David Disseldorp [Tue, 29 Jan 2019 00:50:15 +0000 (01:50 +0100)]
printing: drop pcap_cache_loaded() guard around load_printers()
Add the pcap_cache_loaded() check to load_printers() and return early
if it returns false. This simplifies callers in preparation for checking
lp_load_printers() in the printcap cache update code-path.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 0ae7c3144a30910adb1e54cf46d54d42a1036839)
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Wed Feb 13 17:56:32 CET 2019 on sn-devel-144
Tim Beale [Sun, 3 Feb 2019 21:49:03 +0000 (10:49 +1300)]
ldb: Avoid inefficient one-level searches
Commit 88ae60ed186c9 introduced a problem that made one-level
searches inefficient if there were a lot of child objects in the same
level, and the requested object didn't exist. Basically, it ignored the
case where ldb_kv_index_dn() returned LDB_ERR_NO_SUCH_OBJECT, i.e. the
indexed lookup was successful, but didn't find a match. At which point,
there was no more processing we needed to do.
The behaviour after 88ae60ed186c9 was to fall-through and run the
ldb_kv_index_filter() function over *all* the children. This still
returned the correct result, but could be costly if there were a lot of
children.
The case 88ae60ed186c9 was trying to fix was where we could not do
an indexed search (e.g. trying to match on a 'attribute=*' filter). In
which case we want to ignore the LDB_ERR_OPERATIONS_ERROR and just run
ldb_kv_index_filter() over all the children. This is still more
efficient than the fallback of doing a full database scan.
This patch adds in a short-circuit for the NO_SUCH_OBJECT case, so we
can skip the unnecessary ldb_kv_index_filter() work.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(Manual merge of commit 9a893f9613bd6440ab in master)
Anoop C S [Wed, 23 Jan 2019 10:10:43 +0000 (15:40 +0530)]
s3-vfs: Use ENOATTR in errno comparison for getxattr
* ENODATA is not defined in FreeBSD
* ENOATTR is defined to be a synonym for ENODATA in Linux
* In its absence Samba already defines ENOATTR to either
ENODATA or ENOENT
Thus it is safe and correct to compare with ENOATTR rather
than ENODATA.
Signed-off-by: Anoop C S <anoopcs@redhat.com> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 23 21:59:10 CET 2019 on sn-devel-144
Günther Deschner [Thu, 17 Jan 2019 14:21:07 +0000 (15:21 +0100)]
s3-vfs: add glusterfs_fuse vfs module.
This module only implements the get_real_filename function by accessing
a distinct extended attribute that is available over a glusterfs fuse
mount.
By implementing this vfs function users of a glusterfs fuse mount
achieve a much better performance in create based workloads where samba
then can avoid trying multiple case folding options to detect the real
filename.
Patch is based on an initial patch provided by
Poornima G <pgurusid@redhat.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jan 30 01:51:48 CET 2019 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
(cherry picked from commit 832776c0fcf7cc658c128765514755c2d15b06a6)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
(cherry picked from commit 5bd7a8e5685caa09067745b108ef7e53e3108e97)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
(cherry picked from commit 3a0c1da432c53de234b54bac90a3fb84534994eb)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
(cherry picked from commit 12b9adec3ff48f4356f9ff865891dc3c652ff86b)
Tim Beale [Wed, 16 Jan 2019 02:37:00 +0000 (15:37 +1300)]
join: Throw CommandError instead of Exception for simple errors
Throwing an exception here still dumps out the Python stack trace, which
can be a little disconcerting for users.
In this case, the stack trace isn't going to really help at all (the
problem is pretty obvious), and it obscures the useful message
explaining what went wrong.
Throw a CommandError instead, which samba-tool will catch and display
more nicely.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Rowland Penny <rpenny@samba.org> Reviewed-by: Jeremy Allison <rpenny@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 16 22:11:04 CET 2019 on sn-devel-144
projects / thirdparty / samba.git / log
