Shachar Sharon [Thu, 6 Nov 2025 09:15:43 +0000 (11:15 +0200)]
vfs_ceph_new: do explicit 'ceph_init' call
Prefer an explicit call to 'ceph_init' for better debug handling in case
of failure. Without such call the init is done behind the scenes by
libcephfs upon first mount but we don't have have enough visibility in
case something went wrong.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Xavi Hernandez <xhernandez@redhat.com> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Sat Dec 13 19:40:01 UTC 2025 on atb-devel-224
docs-xml: fix manpage for "net offlinejoin requestodj"
One actually does *NOT* need to provide AD credentials to process a
requestodj operation. This is run as root and populates Samba's
databases based on the ODJ blob. Thanks John Mulligan for pointing this out.
Michael Tokarev [Tue, 3 Jun 2025 06:41:57 +0000 (09:41 +0300)]
s4/dlz: add support for bind 9.20
bind dlz interface does not change much, yet we build
dlz_bind9_NN for every bind9 version NN we support -
despite many of them differ only in soversion, with
the code being identical.
For bind9_20, use dlz_bind9_18.so which we already have.
It'd be nice to extract actual bind9 version string in
sambadns.py and use it in more direct way.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Dec 10 22:46:11 UTC 2025 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Dec 9 19:33:22 UTC 2025 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Dec 9 13:58:12 UTC 2025 on atb-devel-224
python:tests: Fix ProcessPoolExecutor with Python 3.14
REASON: Exception: Exception: Traceback (most recent call last):
File "/home/asn/workspace/prj/oss/samba/asn-fix/bin/python/samba/tests/krb5/lockout_tests.py", line 858, in test_lockout_transaction_bad_pwd_samr_aes
self.do_lockout_transaction(connect_samr_aes, correct_pw=False)
~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/asn/workspace/prj/oss/samba/asn-fix/bin/python/samba/tests/krb5/lockout_tests.py", line 990, in do_lockout_transaction
connect_future = executor.submit(
connect_fn,
...<7 lines>...
workstation=user_creds.get_workstation(),
dn=str(user_dn))
File "/usr/lib64/python3.14/concurrent/futures/process.py", line 816, in submit
self._adjust_process_count()
~~~~~~~~~~~~~~~~~~~~~~~~~~^^
File "/usr/lib64/python3.14/concurrent/futures/process.py", line 775, in _adjust_process_count
self._spawn_process()
~~~~~~~~~~~~~~~~~~~^^
File "/usr/lib64/python3.14/concurrent/futures/process.py", line 793, in _spawn_process
p.start()
~~~~~~~^^
File "/usr/lib64/python3.14/multiprocessing/process.py", line 121, in start
self._popen = self._Popen(self)
~~~~~~~~~~~^^^^^^
File "/usr/lib64/python3.14/multiprocessing/context.py", line 300, in _Popen
return Popen(process_obj)
File "/usr/lib64/python3.14/multiprocessing/popen_forkserver.py", line 35, in __init__
super().__init__(process_obj)
~~~~~~~~~~~~~~~~^^^^^^^^^^^^^
File "/usr/lib64/python3.14/multiprocessing/popen_fork.py", line 20, in __init__
self._launch(process_obj)
~~~~~~~~~~~~^^^^^^^^^^^^^
File "/usr/lib64/python3.14/multiprocessing/popen_forkserver.py", line 42, in _launch
prep_data = spawn.get_preparation_data(process_obj._name)
File "/usr/lib64/python3.14/multiprocessing/spawn.py", line 164, in get_preparation_data
_check_not_importing_main()
~~~~~~~~~~~~~~~~~~~~~~~~~^^
File "/usr/lib64/python3.14/multiprocessing/spawn.py", line 140, in _check_not_importing_main
raise RuntimeError('''
...<16 lines>...
''')
RuntimeError:
An attempt has been made to start a new process before the
current process has finished its bootstrapping phase.
This probably means that you are not using fork to start your
child processes and you have forgotten to use the proper idiom
in the main module:
if __name__ == '__main__':
freeze_support()
...
The "freeze_support()" line can be omitted if the program
is not going to be frozen to produce an executable.
To fix this issue, refer to the "Safe importing of main module"
section in https://docs.python.org/3/library/multiprocessing.html
In Python 3.14, the default multiprocessing start method changed from fork to
forkserver/spawn. When using ProcessPoolExecutor, the code needs to
either:
1. Explicitly set the start method to fork (the simplest fix for this case)
2. Or ensure proper if __name__ == '__main__': guards (not practical for test
code run by a test framework)
The fix is to explicitly use the fork start method when creating the
ProcessPoolExecutor. This can be done by passing a mp_context parameter:
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Pavel Filipenský [Wed, 26 Nov 2025 09:34:02 +0000 (10:34 +0100)]
libcli/auth: Zero out password in smbencrypt.c
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Mon Dec 8 18:21:45 UTC 2025 on atb-devel-224
Ralph Boehme [Sat, 6 Dec 2025 11:22:00 +0000 (12:22 +0100)]
smbtorture: add test "smb.lease.two-leases"
A test that shows that for redispatched deferred opens even though
delay_for_oplock_fn() might end up calling send_break_message(), the following
check in process_oplock_break_message() avoids sending break messages to the
client:
process_oplock_break_message():
....
if (breaking) {
break_to &= breaking_to_required;
if (breaking_to_required != break_to) {
/*
* Note we don't increment the epoch
* here, which might be a bug in
* Windows too...
*/
breaking_to_required = break_to;
}
break_needed = false;
}
...
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Dec 8 11:24:35 UTC 2025 on atb-devel-224
Ralph Boehme [Mon, 27 Oct 2025 14:53:46 +0000 (15:53 +0100)]
s3/locking: simplify reset_share_mode_entry()
Since 3df388b8f148c00a3ef331d393cea976fb9340b3 we're using the open global_id as
share_file_id in the share_mode_entry and we're also not changing it in
mark_share_mode_disconnected().
Iow, old_share_file_id is equal to new_share_file_id which and both are equal to
open_global_id.
Hence replace the two old_share_file_id and new_share_file_id arguments with the
single open_global_id argument.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec 8 09:59:58 UTC 2025 on atb-devel-224
All of winbindd's core caching relies on NDR entries. Those entries can
not be stored in winbindd_cache.tdb via wcache_store_ndr() as long as
there is no SEQNUM entry present in the cache.
Douglas Bagnall [Wed, 3 Dec 2025 02:07:03 +0000 (15:07 +1300)]
selftest: use common and simpler code to read config.h
This also removes some garbage variables from these module's namespaces.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Dec 4 23:54:18 UTC 2025 on atb-devel-224
Shachar Sharon [Wed, 3 Dec 2025 09:39:51 +0000 (11:39 +0200)]
vfs_ceph_new: proper failure-handling in chdir and getwd
In case of an unlikely failure of SMB_VFS_HANDLE_GET_DATA macro, bail
out using 'goto' in order to ensure that START_PROFILE_X is properly
matched by END_PROFILE_X.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: John Mulligan <jmulligan@redhat.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Dec 4 10:02:55 UTC 2025 on atb-devel-224
Signed-off-by: Ekaterine Papava <papava.e@gtu.ge> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec 3 10:54:19 UTC 2025 on atb-devel-224
Douglas Bagnall [Thu, 27 Nov 2025 02:42:22 +0000 (15:42 +1300)]
s4:selftest: move tests that want to be last, last
These tests want to run last because they do a dbcheck to ensure no
earlier test caused corruption. There are also some tests that want to
run second last.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Nov 27 22:40:02 UTC 2025 on atb-devel-224
Ralph Boehme [Mon, 24 Nov 2025 07:25:16 +0000 (08:25 +0100)]
net/serverid: initialize state->open_db
Fixes a crash that happens when smbXsrv_open_global.tdb contains only replay
records.
#0 0x00007ffff70a718a in dbwrap_exists (db=0x0, key=...) at ../../lib/dbwrap/dbwrap.c:347
#1 0x00000000002dc7f2 in wipedbs_traverse_replay_records (rec=0x7fffffffd180, wipedbs_state=0x362d70)
at ../../source3/utils/net_serverid.c:710
#2 0x00007ffff70aa932 in db_rbt_traverse_internal (db=0x37e940, f=0x2dc749 <wipedbs_traverse_replay_records>, private_data=0x362d70,
count=0x7fffffffd220, rw=false) at ../../lib/dbwrap/dbwrap_rbt.c:472
#3 0x00007ffff70aaa0e in db_rbt_traverse_read (db=0x37e940, f=0x2dc749 <wipedbs_traverse_replay_records>, private_data=0x362d70)
at ../../lib/dbwrap/dbwrap_rbt.c:499
#4 0x00007ffff70a7433 in dbwrap_traverse_read (db=0x37e940, f=0x2dc749 <wipedbs_traverse_replay_records>, private_data=0x362d70, count=0x0)
at ../../lib/dbwrap/dbwrap.c:437
#5 0x00000000002dcedf in net_serverid_wipedbs (c=0x34c0d0, argc=0, argv=0x365380) at ../../source3/utils/net_serverid.c:840
#6 0x00000000002c9675 in net_run_function (c=0x34c0d0, argc=1, argv=0x365378, whoami=0x258c96 "net tdb smbXsrv", table=0x7fffffffd360)
at ../../source3/utils/net_util.c:451
#7 0x00000000002e6e2c in net_tdb_smbXsrv (c=0x34c0d0, argc=1, argv=0x365378) at ../../source3/utils/net_tdb.c:105
#8 0x00000000002c9675 in net_run_function (c=0x34c0d0, argc=2, argv=0x365370, whoami=0x258d45 "net tdb", table=0x7fffffffd440)
at ../../source3/utils/net_util.c:451
#9 0x00000000002e6f04 in net_tdb (c=0x34c0d0, argc=2, argv=0x365370) at ../../source3/utils/net_tdb.c:128
#10 0x00000000002c9675 in net_run_function (c=0x34c0d0, argc=3, argv=0x365368, whoami=0x22ca4b "net", table=0x323640 <net_func>)
at ../../source3/utils/net_util.c:451
#11 0x0000000000277227 in main (argc=6, argv=0x7fffffffe2a8)
at ../../source3/utils/net.c:1481
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Anoop C S [Fri, 3 Oct 2025 05:57:29 +0000 (11:27 +0530)]
vfs_gpfs: Fix CID 1666430 Control flow issues (DEADCODE)
Restore the saved errno properly and record it with vfs_aio_state once
vfs_gpfs_get_winattrs_helper() returns for async code path.
Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Nov 26 16:48:00 UTC 2025 on atb-devel-224
Shweta Sodani [Thu, 20 Nov 2025 10:44:26 +0000 (16:14 +0530)]
vfs_ceph_new: use vfs_ceph_iget/vfs_ceph_iput in vfs_ceph_disk_free
Currently inode of root is using to report stats that works fine for share of root volume.
But for subvolume share it reports incorrect information. Hence choose the inode based on path,
so that it will report stats information correctly.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Nov 24 11:28:08 UTC 2025 on atb-devel-224
Lin Liu [Tue, 18 Nov 2025 05:50:55 +0000 (05:50 +0000)]
tdb: Fix parse_hex during `tdbtool storehex`
Fixes: fd0561279
During `tdbtool storehex`, tdbtool check whether the input
string in hex format.
However, during the check, the index is never moved forward,
resulting in checking beyond the valid input string.
This patch fix the issue by checking the valid string
Signed-off-by: Lin Liu <lin.liu01@citrix.com> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jennifer Sutton <jsutton@samba.org>
Autobuild-Date(master): Thu Nov 20 22:29:03 UTC 2025 on atb-devel-224
Douglas Bagnall [Wed, 12 Nov 2025 03:56:17 +0000 (16:56 +1300)]
s4:kdc: avoid reusing a variable name
fallback_principal was used for two different uses: a copy of the
original principal from which to derive values, and a new principal
which has the '$' appended on the account name. We might as well be
clear and an optimising compiler won't see the difference.
Whether we actually need a temporary principal as opposed to using the
one that was passed in is a separate question.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Douglas Bagnall [Thu, 2 Oct 2025 03:58:42 +0000 (16:58 +1300)]
s4:kdc: flatten samba_kdc_lookup_client dollar fallback
There is a single linear successful path through the 'num_comp == 1'
and various NULL checks, but it is written in a branchy fashion as if
you could skip some portion.
git diff -b is probably useful.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Douglas Bagnall [Thu, 6 Nov 2025 03:08:30 +0000 (16:08 +1300)]
s4:torture:kdc-canon: test each combination only once
These tests exhaustively combinations of binary options. With 492d9f083dc23aff2c1fa12e21765861df1c1b38 ("s4:torture: Remove netbios
realm and lowercase realm tests") we removed some test flags, reducing
the number of flags to 8, so there are 256 combinations. But we test
every bit combination of TEST_ALL which was 10 bits (0x3ff), and each
test was run 4 times ignoring the 0x4 and 0x10 bits.
So we compact the flags into 8 bits and run each one once.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Frediano Ziglio [Fri, 14 Nov 2025 14:11:04 +0000 (14:11 +0000)]
s3:ntlm_auth: Fix typo in error message (protools -> protocols)
Signed-off-by: Frediano Ziglio <freddy77@gmail.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Nov 19 19:38:52 UTC 2025 on atb-devel-224
Volker Lendecke [Tue, 18 Nov 2025 09:31:01 +0000 (10:31 +0100)]
ctdb: Fix ctdb startup with inconsistent cluster lock settings
ctdb_shutdown_sequence() normally exits. When we end up here, it is
because we have received a reclock callback twice. We can't handle
that, we have already removed "state", which would be referenced deep
in run_start_recovery_event() returning here another time.
The bug is triggered since b84fbd7b3fedc998 introduced a nested event
loop, making ctdb_shutdown_sequence() return into
start_recovery_reclock_callback() due to multiple reclock checks being
triggered somehow (not sure exactly how, but we should not crash under
any circumstance).
Reproducer: Run one ctdb daemon with cluster lock set, try to start
another one without cluster lock set.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15950 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Nov 19 03:04:13 UTC 2025 on atb-devel-224
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Nov 19 01:59:34 UTC 2025 on atb-devel-224
Jennifer Sutton [Tue, 18 Nov 2025 03:42:03 +0000 (16:42 +1300)]
tests/krb5: Construct signed_attrs correctly
signed_attrs is supposed to be a list of key‐value pairs, but we forgot the
values. Because the field was not constructed correctly, the pyasn1 encoder
simply stripped it out.
Also properly separate the signature algorithm and digest algorithms.
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Nov 19 00:32:31 UTC 2025 on atb-devel-224
Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Samuel Cabrero <scabrero@samba.org>
Autobuild-Date(master): Tue Nov 18 09:08:38 UTC 2025 on atb-devel-224
Samuel Cabrero [Wed, 8 Oct 2025 15:09:22 +0000 (17:09 +0200)]
smbd: Fix crossing direct automounter mount points
The workaround implemented in commit ac7a16f9cc4bd97ef546d1b7b02605991000d0f9
to trigger automounts does not work for direct automounts (either with
systemd-automount or autofs daemon).
In direct automounts the mount point is a real directory instead of a "ghost"
directory so when turning the O_PATH handle into a real one through
/proc/self/fd/<fdnum> openat() does not return ENOENT, it returs a fd referring
to the mount point without triggering the mount.
To trigger the mount first we have to know when we are crossing mount points
by using the RESOLVE_NO_XDEV flag in open_how.resolve, then we can check with
fstatfs() the .f_type and fallback to a path-based open for automounts or
retry without RESOLVE_NO_XDEV otherwise.
projects / thirdparty / samba.git / log
