Volker Lendecke [Mon, 16 Feb 2026 15:55:58 +0000 (16:55 +0100)]
vfs: Significantly simplify vfs_ChDir_shareroot()
Now that we are sure we don't chdir to arbitrary paths, and nobody
except vfs_ChDir_shareroot() calls vfs_GetWd() anymore, we can get rid
of the getwd cache and replace the LastDir-check with a simple
if (conn == chdir_lastconn_cache) {
return 0;
}
The places where we reset LastDir to NULL, forcing a real chdir, are
replaced by a call to reset_chdir_lastconn_cache().
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 14:19:49 +0000 (15:19 +0100)]
smbd: Avoid the VFS' chdir() call in close_cnum()
The purpose of this call here is to make a file system
unmountable. For shares backed by a local file system, a direct
chdir(2) syscall to "/" will achieve the same, and shares like cephfs
backed by libraries without a local mount will not be affected
anyway. For them, a VFS level chdir("/") relative to a connection does
not make much sense anyway.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 14:12:59 +0000 (15:12 +0100)]
fss_srv: Use create_conn_struct_chdir()
This is the last user of the non-chdir create_conn_struct_tos(). While
I don't fully understand the code, this is an RPC server that *should*
not care about the current working directory. There are some tests for
this in the rpc.fsrvp group of tests, so I don't think this breaks too
badly.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 13:16:46 +0000 (14:16 +0100)]
smbd: Call create_conn_struct_chdir() in get_referred_path()
create_conn_struct_tos_cwd() provides an attempt to chdir() back to
where we came from. This is flawed, because SMB_VFS_CHDIR() is always
relative to a connection, and conn_struct_tos_destructor() calls
vfs_ChDir() on the fake connection, not the one we came from.
Remove the flawed attempt to chdir() back in get_referred_path(). The
one caller in vfswrap_get_dfs_referrals() changes back to the "real"
connection that issued the dfs call from SMB, and the RPC server
callers don't care. They rely on the chdir("/") in
conn_wrap_destructor().
This adds one chdir("/") in smbd's "get referral" calls, but those
should be rare enough not to cause performance problems.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 13:11:57 +0000 (14:11 +0100)]
dfssrv: Call create_conn_struct_chdir()
This is inside an rpc server, where we don't depend on an implicit
current working directory. We don't need the "jump back to old cwd"
that create_conn_struct_tos_cwd() provided.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 13:03:57 +0000 (14:03 +0100)]
srvsvc: Call create_conn_struct_chdir()
This is inside an rpc server, where we don't depend on an implicit
current working directory. We don't need the "jump back to old cwd"
that create_conn_struct_tos_cwd() provided.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 12:57:08 +0000 (13:57 +0100)]
eventlog: Use create_conn_struct_chdir()
I did not find any use of cwd-dependent calls in this code, the
eventlog tdb's are all relative to state_path(), which is absolute. As
this is in a rpc server we don't have to preserve any cwd.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 12:48:54 +0000 (13:48 +0100)]
printing: Call create_conn_struct_chdir()
This is only linked from rpcd_spoolss, where we don't depend on an
implicit current working directory. We don't need the "jump back to
old cwd" that create_conn_struct_tos_cwd() provided.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 12:14:24 +0000 (13:14 +0100)]
pysmbd: Use create_conn_struct_chdir()
pysmbd is the one user of fake connection_structs that depends on
not changing to "/" after the connection has been torn down. Add
special handling here.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Thu, 12 Feb 2026 19:54:54 +0000 (20:54 +0100)]
smbd: Leave sconn->ev_ctx as NULL for internal fake connections
These connection_structs are only there to access files like msdfs
symlinks or printer driver files. They will never participate in async
processing like sending out events or getting delayed for oplocks. Any
such use is a bug, because if you look at create_conn_struct_tos() we
create an event context that we will never poll on, so events posted
there will never finish. Leave the ev_ctx NULL so that we get an early
crash instead of running into problems later.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Wed, 11 Feb 2026 17:25:30 +0000 (18:25 +0100)]
rpc_server: Move dfs helper routines to srv_dfs_nt.c
This makes it clear that these callers of create_conn_struct_tos_cwd()
don't really need to chdir() back to whatever cwd the process was in
before. RPC servers don't really have a concept of "implicit" current
working directory that is assumed to be the root dir of the current
share.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Anoop C S [Sun, 1 Mar 2026 05:55:09 +0000 (11:25 +0530)]
s3/include: Remove unused BIG_UINT
Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sun Mar 1 11:18:37 UTC 2026 on atb-devel-224
Avan Thakkar [Tue, 2 Dec 2025 08:50:42 +0000 (14:20 +0530)]
vfs_aio_ratelimit: Add per-share TDB persistence for local rate limiter state
Introduce local TDB storage for saving and restoring ratelimiter state
(iops_tokens, bytes_tokens, last timestamp). Each share now persists
its read/write limiter state under aio_ratelimit.tdb.
Added VERSION pseudo-key for schema versioning
On disconnect, save the latest state and close TDB.
Avan Thakkar [Mon, 1 Dec 2025 12:34:54 +0000 (18:04 +0530)]
vfs_aio_ratelimit: introduce burst-aware token bucket model
Refactor the rate limiter to use a continuous token-bucket model with
configurable burst multiplier. This replaces the older time-window and
delay_max logic.
Use path_helperdir() to help construct the path and then cache the
result in the existing static buffer (with length adjusted because
POSIX says the +1 is not necessary). Given the way this is used by
cluster_mutex_test, there is no (other) sane place to cache it.
path_helperdir_append() could be used to construct the path, but then
there would be an unnecessary talloc() result to free.
The flexibility in unit test cluster_mutex_003.sh was never used, so
remove this test. If other cluster mutex helpers are added then they
can be tested by separate tests.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Martin Schwenke [Wed, 29 Oct 2025 04:22:22 +0000 (15:22 +1100)]
ctdb-tests: Add CTDB_TEST_HELPER_BINDIR
Now that generated scripts are linked into bin/, nothing needs to be
run from the tools/ directory anymore during self-test. So, introduce
CTDB_TEST_HELPER_BINDIR to replace both CTDB_SCRIPTS_TOOLS_HELPER_DIR
and CTDB_SCRIPTS_HELPER_BINDIR. Add this directory to PATH.
CTDB_TEST_HELPER_BINDIR will also be used in combination with
CTDB_TEST_MODE to allow helpers to be found via a single mechanism
that uses this single variable. This will replace the multiple
mechanisms and variables currently used.
For simplicity, leave the old variables alone for now. Replacing them
in a comprehensible way will take a few steps.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Martin Schwenke [Mon, 27 Oct 2025 06:32:47 +0000 (17:32 +1100)]
ctdb-build: Ensure generated scripts are executable and symlinked
Ensure that all generated scripts are executable. All of the
generated scripts (except test harnesses ctdb_run_tests,
ctdb_local_daemons) also need to be linked into the bin/ directory so
they can be more easily run during self-test.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Jennifer Sutton <jsutton@samba.org>
Autobuild-Date(master): Mon Feb 23 21:18:57 UTC 2026 on atb-devel-224
Gary Lockyer [Wed, 18 Feb 2026 23:18:38 +0000 (12:18 +1300)]
s4:kdc:db-glue altSecurityIdentities DN and serial reversed
When altSecurityIdentities is set by RSAT / ADUC they store the
Issuer and Subject DN in last to first order i.e.
CN=Common Name, O=Organization, C=Country
Need to reverse that to first to last order, i.e.
C=Country, O=Organization, CN=Common name
Which is how they're stored on the X509 certificates.
Also the serial number is stored in reverse order.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Feb 23 12:37:28 UTC 2026 on atb-devel-224
Martin Schwenke [Mon, 23 Feb 2026 03:42:17 +0000 (14:42 +1100)]
ctdb-tools: Fix CID 1681637 - Drop unnecessary if-statements
The first was found by Coverity:
>>> CID 1681637: Incorrect expression (IDENTICAL_BRANCHES)
>>> The same code is executed when the condition "ret != 0" is
true or false, because the code in the if-then branch and
after the if statement is identical. Should the if statement
be removed?
The second and third are also obvious.
Sorry, missed these in review.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Signed-off-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Mon Feb 23 08:43:29 UTC 2026 on atb-devel-224
docs: smbget: Fix typos and misleading options in manpage
This patch corrects several issues in the smbget documentation:
- Removed duplicate '-O' from the synopsis (it conflicted with socket
options).
- Clarified that '-o' conflicts with '--recursive', not '-R' (which is
name resolve order).
- Fixed malformed example syntax (changed '-resume' to '--resume').
- Fixed spelling typo of 'recursive' in the BUGS section.
RN: Fixed misleading documentation for smbget options (-O vs --stdout)
and corrected typos.
Signed-off-by: Hugo Chia <hugochiaxyz.nus@gmail.com> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: John Mulligan <jmulligan@redhat.com>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Sun Feb 22 06:10:46 UTC 2026 on atb-devel-224
Ralph Boehme [Mon, 26 Jan 2026 14:59:44 +0000 (15:59 +0100)]
s3/passdb: add parameter to control handling of wellknown SIDs in pdb_tdb
With "tdbsam:map wellknown", one can control if pdb_tdb should be used
to map entries of wellknown SIDs or not. By default, they will not be
mapped, as in previous releases.
Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Feb 20 08:37:17 UTC 2026 on atb-devel-224
John Mulligan [Mon, 9 Feb 2026 18:02:01 +0000 (13:02 -0500)]
ctdb-doc: add section to manpage for -j/--json option
Signed-off-by: John Mulligan <jmulligan@redhat.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Feb 20 01:50:20 UTC 2026 on atb-devel-224
Shachar Sharon [Sun, 8 Feb 2026 11:15:02 +0000 (13:15 +0200)]
ctdb-tools: add --json support to 'version' sub-command
When building ctdb with json-outpuit support, enable json output when
running 'ctdb version --json'. This may be used as indication to json
support in other sub-commands.
Pair-Programmed-With: John Mulligan <jmulligan@redhat.com> Signed-off-by: Shachar Sharon <ssharon@redhat.com> Signed-off-by: John Mulligan <jmulligan@redhat.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Anoop C S <anoopcs@samba.org>
projects / thirdparty / samba.git / log
