Volker Lendecke [Fri, 24 May 2019 13:58:09 +0000 (15:58 +0200)]
smbd: Simplify fsp_lease_update()
We don't need a share mode lock from a data dependency point of view
anymore, the leases data moved to leases.tdb. However, from a
coherency point of view it's probably wise to do this under a share
mode lock.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Looks like the dirty redefine trick doesn't work anymore with newer flex
versions. According to the flex manual the right thing to do is to provide own
functions for yyalloc and yyrealloc when passing the options "noyyalloc
noyyrealloc".
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue May 28 11:49:06 UTC 2019 on sn-devel-184
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 28 08:32:10 UTC 2019 on sn-devel-184
python/ntacls: we only need security.SEC_STD_READ_CONTROL in order to get the ACL
We should avoid security.SEC_FLAG_MAXIMUM_ALLOWED otherwise
we may get NT_STATUS_SHARING_VIOLATION when we run
'samba-tool domain backup online' against a Windows DC.
Windows DCs have hidden folders for the NtFrs or Dfsr services,
which are locked by the running service.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon May 27 14:29:36 UTC 2019 on sn-devel-184
Jeremy Allison [Thu, 23 May 2019 20:33:21 +0000 (13:33 -0700)]
s3: winbind: Fix crash when invoking winbind idmap scripts.
Previously the private context was caching a pointer to
a string returned from lp_XXX(). This string can change
on config file reload. Ensure the string is talloc_strup'ed
onto the owning context instead.
Reported by Heinrich Mislik <Heinrich.Mislik@univie.ac.at>
Gary Lockyer [Thu, 23 May 2019 23:00:05 +0000 (11:00 +1200)]
Fix ubsan null pointer passed as argument 2
Fix ubsan warning null pointer passed as argument 2 when the source
pointer is NULL. The calls to memcpy are now guarded by an
if (len > 0)
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May 27 01:29:48 UTC 2019 on sn-devel-184
Volker Lendecke [Thu, 23 May 2019 09:11:11 +0000 (11:11 +0200)]
lib: Only compile resolvconftest if fmemopen exists
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13961 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat May 25 00:05:25 UTC 2019 on sn-devel-184
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 24 20:12:02 UTC 2019 on sn-devel-184
Jeremy Allison [Fri, 17 May 2019 04:45:21 +0000 (21:45 -0700)]
lib: popen: Prepare to remove sys_popen().
Add sys_popenv(char * const argl[]) that uses a NULL
terminated vector array of args. Change sys_popen() to
split up its command string and call sys_popenv().
Once all callers are converted to sys_popenv() we
can remove sys_popen().
Karolin Seeger [Tue, 21 May 2019 08:41:22 +0000 (10:41 +0200)]
docs: Add another dns forwarder in the example.
Clarify how to list several dns forwarders.
Signed-off-by: Karolin Seeger <kseeger@samba.org> Reviewed-by: Björn Baumbach <bb@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Fri May 24 11:02:18 UTC 2019 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Gary Lockyer <gary@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri May 24 07:23:42 UTC 2019 on sn-devel-184
Gary Lockyer [Tue, 21 May 2019 01:17:22 +0000 (13:17 +1200)]
ldap server: generate correct referral schemes
Ensure that the referrals returned in a search request use the same
scheme as the request, i.e. referrals recieved via ldap are prefixed
with "ldap://" and those over ldaps are prefixed with "ldaps://"
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 24 05:12:14 UTC 2019 on sn-devel-184
Gary Lockyer [Tue, 21 May 2019 01:14:08 +0000 (13:14 +1200)]
ldap tests: test scheme for referrals
Ensure that the referrals returned in a search request use the same
scheme as the request, i.e. referrals recieved via ldap are prefixed
with "ldap://" and those over ldaps are prefixed with "ldaps://"
Tim Beale [Thu, 23 May 2019 04:58:20 +0000 (16:58 +1200)]
selftest: Use scalar variable for new daemon_ctx hashmap
The selftest code typically stores hashmaps as scalar variables (i.e.
it only ever uses references to hashmaps). So much so that using a regular
hashmap (and passing it by reference via \%daemon_ctx) looks out of
place.
Using the hashmap directly made more sense when it was only being used
locally, but now the hashmap is being passed by reference into a function
anyway, so storing it as a scalar doesn't make much difference.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Thu, 23 May 2019 04:35:07 +0000 (16:35 +1200)]
selftest: Add common fork_and_exec() function
Now the code has been refactored, we can move it into a common function.
This reduces code duplication and means we have a common place where we
start samba daemons from.
Note that some daemons behave slightly different, but the $daemon_ctx
allows us to customize their behaviour a bit.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Thu, 23 May 2019 03:47:46 +0000 (15:47 +1200)]
selftest: Rework setting env variables for other forked binaries
Final refactor to merge the fork-and-exec code into a common function.
We can now use $daemon_ctx{ENV_VARS} to customize differences between
the forked binaries:
- samba: add in extra env variables on top of the defaults.
- dns_hub: there are no ENV variables we need to export.
- winbindd/smbd: these use the defaults, so they pass through an
undefined $daemon_ctx{ENV_VARS} (purely to make the code common across
all 5 places).
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Thu, 23 May 2019 03:47:46 +0000 (15:47 +1200)]
selftest: Rework setting env variables for nmbd
Instead of having a special $skip_resolv_conf parameter just for nmbd,
use the get_env_for_process() API and customize the hashmap returned.
Pass the customized hashmap in as an optional part of the daemon_ctx.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Thu, 23 May 2019 01:45:49 +0000 (13:45 +1200)]
selftest: Store fork-and-exec daemon info in a hashmap
This intermediary refactor adds a hashmap that stores the values needed
to run each samba daemon. This adds a bit more code in the short term,
but it basically means the code in 5 different places now becomes
identical, and we can extract it out to a common function.
The converting FULL_CMD from an array reference back to an array is a
bit ugly, but we can clean this up a bit once the code is all in one
place.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Thu, 23 May 2019 00:12:44 +0000 (12:12 +1200)]
selftest: Move fork cmd args up a level
This is a fairly simple move of code and is the first step in a larger
refactor.
It doesn't matter if we build up the command args prior to the fork (we
only use them in the forked child). But moving the code means the code
to handle the fork-and-exec becomes common code that is repeated in
several places throughout Samba3.pm and Samba4.pm.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Mon, 20 May 2019 23:27:45 +0000 (11:27 +1200)]
selftest: Refactor duplicated code to set ENV vars
Whenever we started a process, we basically used the same code to setup
the ENV variables.
The s4 ENVNAME may now be slightly different in the child process that
runs samba (i.e. '$testenv.samba'), but that ENV var did not appeared to
be used much.
I'm not sure if the current difference in $skip_resolv_wrapper logic for
nmbd was deliberate or accidental, but I've preserved the logic for now.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 22 May 2019 23:19:10 +0000 (11:19 +1200)]
selftest: Add more testing of wkssvc in source3
The samba3.wkssvc test is not as comprehensive, but rpc.wkssvc needs to run against the
ad_member environment to get past a builtin administrators check.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Mon, 20 May 2019 14:01:03 +0000 (16:01 +0200)]
ctdb: Make TDB_SEQNUM work synchronously with ctdb
Old war story completely from memory, I could not find the commit that
introduced TDB_SEQNUM so far...:
Back in the days when ctdb was initially developed, TDB_SEQNUM's only
user was the notify.tdb that held one huge record for all notify
records. With that use case in mind it made perfect sense to keep the
SEQNUM stable locally, sacrificing precision. By now notify.tdb is
long gone, an the only user of TDB_SEQNUM right now is brlock.tdb,
which contains special case code for the imprecise ctdb implementation
of TDB_SEQNUM.
With this commit, that special code can go: The TDB_SEQNUM will also
increment when just the DMASTER header field changes, indicating to
smbd that someone else might have changed the record. This will of
course increase the SEQNUM frequency, but it should not increase the
load on ctdb: If you look at the brlock.c workaround, it just does not
do the caching that is possible with precise TDB_SEQNUMs working.
How did I get here? I want to move brl_num_read_oplocks() from
brlock.tdb into locking.tdb, and for that I need precise TDB_SEQNUMs
for locking.tdb.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 24 00:42:17 UTC 2019 on sn-devel-184
Ralph Boehme [Tue, 21 May 2019 14:00:53 +0000 (16:00 +0200)]
vfs_fruit: change trigger points of AppleDouble conversion
This moves the trigger points where AppleDouble file conversion is run by
ad_convert() from deep down the callchain in ad_read_rsrc_adouble() to high
level VFS entry points.
Currently ad_convert() will be triggered as part of open_file_ntcreate(...,
"file:AFP_AfpResource", ...): after SMB_VFS_OPEN() has been called with O_CREAT,
what created the file, we call SMB_VFS_FSTAT() on the just created
filehandle. This ends up in ad_convert(), finds the resource fork empty and thus
deletes the file.
This commit moves calling of the conversion funtion to the high level VFS entry
points where the converted metadata is needed:
o for directory enumerations SMB_VFS_READDIR_ATTR() is called to fill in the
repurposed fields in the directory entry metadata
o obviously for SMB_VFS_CREATE_FILE() on an macOS stream
Ralph Boehme [Tue, 21 May 2019 12:05:04 +0000 (14:05 +0200)]
selftest: run vfs.fruit test against a share that deletes empty resource forks
This reveals a bug in the AppleDouble conversion code: the conversion code that
unlinks an empty resource fork AppleDouble sidecar file ("._file") gets
triggered as part of open_file_ntcreate(..., "file:AFP_AfpResource", ...):
after SMB_VFS_OPEN() has been called with O_CREAT, what created the file, we
call SMB_VFS_FSTAT() on the just created filehandle. This ends up in
ad_convert(), finds the resource fork empty and thus deletes the file.
Ralph Boehme [Tue, 21 May 2019 16:39:52 +0000 (18:39 +0200)]
s4:torture/vfs/fruit: ensure test_adouble_conversion_wo_xattr() uses a non-emtpy resourcefork
This ensures the resource fork is not deleted as part of the AppleDouble file
conversion for the option fruit:wipe_intentionally_left_blank_rfork=yes.
This is currently not a problem in selftest, as we don't enable the option, but
a subsequent commit will run all vfs.fruit tests against a share with this
option enabled.
Ralph Boehme [Tue, 21 May 2019 16:39:52 +0000 (18:39 +0200)]
s4:torture/vfs/fruit: ensure test_adouble_conversion() uses a non-emtpy resourcefork
This ensures the resource fork is not deleted as part of the AppleDouble file
conversion for the option fruit:wipe_intentionally_left_blank_rfork=yes.
This is currently not a problem in selftest, as we don't enable the option, but
a subsequent commit will run all vfs.fruit tests against a share with this
option enabled.
Christof Schmitt [Wed, 15 May 2019 23:05:26 +0000 (16:05 -0700)]
libsmbconf:registry: Return correct case for get_share
get_share (called from 'net conf showshare') does a lookup of the share
name case-insensitively. As the registry stores the share name in the
correct case and 'net conf list' prints the correct case, also lookup
the correct case for get_share.
Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 20 May 2019 13:12:56 +0000 (15:12 +0200)]
ctdb: Remove unused ctdb_ltdb_fetch_with_header()
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 23 18:08:36 UTC 2019 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Gary Lockyer <gary@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu May 23 11:10:28 UTC 2019 on sn-devel-184
s3:smbspool: Always try to authenticate using Kerberos
If username and password is given, then fallback to NTLM. However try
kinit first. Also we correctly handle NULL passwords in the meantime and
this makes it easier to deal with issues.
trigger the immediate leading to do_break_to_none. This goes through
because fsp->oplock_type is not initialized yet, thus 0. Also,
file_has_read_oplocks is still valid, because the smbd that has died
could not clean up the brlock.tdb entry.
Later in the code the exclusive oplock is granted, which is then found
by do_break_to_none, making it panic.
This patch just runs the direct FTRUNCATE instead of vfs_set_filelen.
This means the contend_level2_oplock code is skipped.
The relevant break (LEVEL_II to NONE) is now done in delay_for_oplock()
with the nice effect of removing a comment that was very confusing to
me.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13957 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed May 22 20:09:29 UTC 2019 on sn-devel-184
Volker Lendecke [Tue, 21 May 2019 12:52:22 +0000 (14:52 +0200)]
smbd: Enable "smbd:suicide mode" for smb2
The next commit needs an smbd to just exit and leave data behind in the
locking.tdb file. Don't make it harder to eventually phase out SMB1: Do
the test in SMB2.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13957 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Andrew Bartlett [Tue, 21 May 2019 01:57:57 +0000 (13:57 +1200)]
s4-ntvfs: Remove untested ntvfs_cifsposix backend
It had a note:
WARNING: All file access is done as user root!!!
Only use this module for testing, with only test data!!!
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed May 22 07:15:43 UTC 2019 on sn-devel-184
Andrew Bartlett [Mon, 6 May 2019 03:12:56 +0000 (15:12 +1200)]
ntvfs: Remove unused and untested SMB1 -> SMB2 proxy module
While this could have been a very interesting idea (particularly
if it allowed our main SMB server to disable SMB1), it has never
been enabled in our testsuite so relying on it would be quite
brave.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
projects / thirdparty / samba.git / log
