* Remove unused select backend
* Fix a race condition in tevent_threaded_schedule_immediate()
(bug #13130)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Nov 13 18:02:46 CET 2017 on sn-devel-144
s3:passdb: Fix a memory leak in secrets_fetch_or_upgrade_domain_info()
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Nov 13 14:05:46 CET 2017 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Nov 11 20:12:26 CET 2017 on sn-devel-144
Jeremy Allison [Thu, 9 Nov 2017 20:48:15 +0000 (12:48 -0800)]
s3: smbd: kernel oplocks. Replace retry_open() with setup_kernel_oplock_poll_open().
If a O_NONBLOCK open fails with EWOULDBLOCK, this code changes smbd to
do a retry open every second, until either the timeout or we get a successful
open. If we're opening a file that has a kernel lease set by a non-smbd
process, this is the best we can do.
Prior to this, smbd would block on the second open on such a leased file
(not using O_NONBLOCK) which freezes active clients.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Nov 11 08:44:37 CET 2017 on sn-devel-144
Uri Simchoni [Fri, 10 Nov 2017 19:50:17 +0000 (21:50 +0200)]
vfs_unityed_media: remove handling of init_search_op
init_search_op is about to be removed from the VFS in
a following commit. In the meantime, removing it poses
no issue because he underlying impementation is a no-op.
Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Fri, 10 Nov 2017 19:48:26 +0000 (21:48 +0200)]
vfs_media_harmony: remove handling of init_search_op
This VFS function is about to be removed in a following commit.
In the meantime, not handling it by vfs_media_harmony poses no
issue because the underlying implenentation is a no-op.
Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Fri, 10 Nov 2017 19:39:54 +0000 (21:39 +0200)]
vfs_glusterfs: remove init_search_op handling
This VFS function is about to be removed. It can be
removed by a separate commit because both the glusterfs
and the default implementations are no-ops.
Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Fri, 10 Nov 2017 19:35:54 +0000 (21:35 +0200)]
smbd: remove calls to dptr_init_search_op() from TRANS2 search code
dptr_init_search_op() invokes VFS operations which are no-op in all
in-tree VFS modules. Furthermore, it's not being called by the SMB2
search code, so probably it's not being used by any out-of-tree VFS
module either.
Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Fri, 10 Nov 2017 19:32:49 +0000 (21:32 +0200)]
smbd: remove calls to dptr_init_search_op()
dptr_init_search_op() invokes a VFS operation which is
a no-op in all in-tree VFS modules. Furthermore,
dptr_init_search_op() is not being called from SMB2 search
code, which hints that no out-of-tree VFS module needs it.
Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 10 Nov 2017 11:09:36 +0000 (12:09 +0100)]
vfs: Remove aio_linux
Triggered by https://bugzilla.samba.org/show_bug.cgi?id=13128 I think
this module should go. Once Linux aio will do what Samba needs, this
might be worth another look.
What we should instead do soon is support Linux preadv2 and the
RWF_NOWAIT flag to avoid the thread context switch whenever possible.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 10 Nov 2017 20:22:26 +0000 (21:22 +0100)]
tevent: Fix a race condition
We can't rely on tctx to exist after we unlocked the mutex. It took a
while, but this does lead to data corruption. If *tctx is replaced with
something where tctx->wakeup_fd points to a real, existing file
descriptor, we're screwed. And by screwed, this means file corruption
on disk.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Nov 11 03:20:09 CET 2017 on sn-devel-144
Jeremy Allison [Fri, 3 Nov 2017 19:02:17 +0000 (12:02 -0700)]
s4: torture: kernel_oplocks. Create a regression test case for bug #13058.
It implements the following test case:
1. client of smbd-1 opens the file and sets the oplock.
2. client of smbd-2 tries to open the file. open() fails(EAGAIN) and open is deferred.
3. client of smbd-1 sends oplock break request to the client.
4. client of smbd-1 closes the file.
5. client of smbd-1 opens the file and sets the oplock.
6. client of smbd-2 calls defer_open_done(), sees that the file lease was not changed
and does not reschedule open.
1. client of smbd-1 opens the file and sets the oplock.
2. client of smbd-2 tries to open the file. open() fails(EAGAIN) and open is deferred.
3. client of smbd-1 sends oplock break request to the client.
4. client of smbd-1 closes the file.
5. client of smbd-1 opens the file and sets the oplock.
6. client of smbd-2 calls defer_open_done(), sees that the file lease was not changed
and does not reschedule open.
and is no longer needed now vfs_streams_xattr.c no longer opens
the base file internally.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
The glfs.h header file has always resided under glusterfs/api/ in the
standard include directory. The glusterfs-api.pc file adds the unneeded
-I${includedir}/glusterfs compiler option. This option will be removed
from future versions of the pkg-config file.
This change can safely be backported to older versions if there is a
need to have them build against glusterfs-3.13 or newer.
URL: https://review.gluster.org/18576 CC: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Nov 9 22:37:30 CET 2017 on sn-devel-144
David Mulder [Thu, 2 Nov 2017 14:25:11 +0000 (08:25 -0600)]
smbc_opendir should not return EEXIST with invalid login credentials
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jim McDonough <jmcd@samba.org>
Autobuild-User(master): Jim McDonough <jmcd@samba.org>
Autobuild-Date(master): Thu Nov 9 01:49:06 CET 2017 on sn-devel-144
Lumir Balhar [Tue, 24 Oct 2017 07:01:16 +0000 (09:01 +0200)]
python: tests: Add tests for samba.posix_eadb module
Signed-off-by: Lumir Balhar <lbalhar@redhat.com> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 8 21:54:59 CET 2017 on sn-devel-144
These are all in test code and constrained to the test environment, so
can't result in privilege escape. No backport necessary. However, we
might as well get them off the list.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Nov 8 11:28:40 CET 2017 on sn-devel-144
Ralph Boehme [Mon, 23 Oct 2017 16:56:37 +0000 (18:56 +0200)]
manpages: add vfs_nfs4acl_xattr.8
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 8 04:27:28 CET 2017 on sn-devel-144
Ralph Boehme [Wed, 18 Oct 2017 18:45:05 +0000 (20:45 +0200)]
vfs_nfs4acl_xattr: add POSIX mode check and reset
The vfs_nfs4acl_xattr VFS module is supposed to work the same as
vfs_acl_xattr|tdb with "ignore system acls" set to true. That is,
filesystem permissions should never restrict access and the actual
access checks are done by smbd in userspace.
To better cope with POSIX mode changes via other protocols (eg NFS) or
local filesystem access, add the following tweaks:
o validate ACL blob: if POSIX mode is not 0777/0666 discard the ACL blob
from the xattr and synthesize a default ACL based on the POSIX mode
o when setting an ACL, check and reset POSIX mode to 0777/0666
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 23 Oct 2017 12:15:12 +0000 (14:15 +0200)]
vfs_nfs4acl_xattr: do xattr ops as root
This ensures we can always fetch the ACL xattr blob when we wanted,
unrestricted of filesystem permissions or Linux xattr security namespace
restrictions.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 16 Oct 2017 16:05:51 +0000 (18:05 +0200)]
vfs_nfs4acl_xattr: modernize ACL inheritance
This changes the way ACL inheritance is achieved in this
module.
Previously the module recursed to the next parent directory until the
share root was reached or a directory with an ACL xattr. If the share
root didn't contain an ACL xattr either a default ACL would be used.
This commit removed this recursive scanning and replaces it with the
same mechanism used by vfs_acl_xattr: by setting "inherit acls = yes"
just let smbd do the heavy lefting and inheritance.
For any file without ACL xattr we still synthesize a default ACL,
leveraging the existing default ACL function used by vfs_acl_xattr.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 2 Nov 2017 11:17:48 +0000 (12:17 +0100)]
librpc/idl: rename NFS4 ACL xattr name
The "system" xattr namespace is reserved for the kernel. Any attempt to
use xattrs in that namesspace will fail with EOPNOTSUPP, regardless of
priveleges. In autobuild we're using the xattr_tdb VFS module, so it
works there.
Using the "security" namespace instead makes this module generally
usable with Linux filesystem xattrs as storage backend.
Additionally prefix the xattr name with "_ndr". This is in preperation
of later commits that add a ACL blob marshalling format based on XDR. To
avoid xattr name collision, both format will use distinct xattr names by
default.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 7 Sep 2017 15:26:58 +0000 (17:26 +0200)]
selftest: split out failing owner related subtest from samba3.raw.acls.create_file|dir
All the other subtests in samba3.raw.acls.create_file|dir pass with
nfs4acl_xattr, it's just the subtest that tries to set the owner which
fails with everything else then acl_xattr.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Martin Schwenke [Mon, 23 Oct 2017 00:50:51 +0000 (11:50 +1100)]
ctdb-scripts: Don't bother checking PID file when starting ctdbd
This is an optimisation that can cause incorrect results. If ctdbd
was killed and there is a stale PID file then this will often cause
"CTDB exited during initialisation". The wrapper reads the old PID
from the PID file, finds the PID gone, complains and exits.
It is better to drop this code and finally get this right. If ctdbd
does exit early then it will take CTDB_STARTUP_TIMEOUT (default 10)
seconds before the wrapper fails. That's not too bad...
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Nov 5 12:31:12 CET 2017 on sn-devel-144
Ralph Wuerthner [Fri, 3 Nov 2017 22:33:28 +0000 (22:33 +0000)]
s3: smbd: Fix delete-on-close after smb2_find
Both dptr_create() and can_delete_directory_fsp() are calling OpenDir_fsp()
to get a directory handle. This causes an issue when delete-on-close is
set after smb2_find because both directory handle instances share the same
underlying file descriptor. In addition the SMB_ASSERT() in destructor
smb_Dir_destructor() gets triggered.
To avoid this use OpenDir() instead of OpenDir_fsp().
Ralph Boehme [Fri, 3 Nov 2017 13:56:43 +0000 (14:56 +0100)]
vfs_fruit: avoid dereferencing a freed object in an error case
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Nov 3 19:05:05 CET 2017 on sn-devel-144
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 2 07:16:50 CET 2017 on sn-devel-144
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 2 03:16:11 CET 2017 on sn-devel-144
Joe Guo [Tue, 19 Sep 2017 21:33:27 +0000 (09:33 +1200)]
gitlab-ci: add .gitlab-ci.yml
Add .gitlab-ci.yml file, and define build jobs in groups.
Once gitlab-runner set up, builds and tests can be triggered
automatically in parallel when push to gitlab.
Also, with gitlab-runner autoscale mode, build instances
will be created and removed on demand.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 31 15:32:16 CET 2017 on sn-devel-144
Günther Deschner [Sat, 28 Oct 2017 09:10:07 +0000 (11:10 +0200)]
s4-torture: remove obsolete comment in libsmbclient torture suite.
Since smbc_setX calls now handle string allocation using malloc
themselves (since commit 2d41b1ab78639abe4ae030ff482573f464564dd7) we
indeed no longer need to provide malloced strings (the extra malloc
already got removed earlier).
Guenther
Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Oct 30 21:09:14 CET 2017 on sn-devel-144
Andrew Bartlett [Mon, 16 Oct 2017 23:00:27 +0000 (12:00 +1300)]
repl_meta_data: Initialise parent_dn to NULL
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Oct 30 04:16:42 CET 2017 on sn-devel-144
Volker Lendecke [Fri, 27 Oct 2017 12:01:41 +0000 (14:01 +0200)]
winbindd: Remove a misleading comment
The reality is a bit more complex than this comment indicates. We should never
suggest anywhere that we can connect to domains that we don't have a direct
trust account to. For the member case, it's "our" domain, and for the DC case,
it's the direct trusts. Everything else is pure luck.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 28 00:31:58 CEST 2017 on sn-devel-144
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 27 15:22:43 CEST 2017 on sn-devel-144
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 27 04:54:22 CEST 2017 on sn-devel-144
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 26 17:31:40 CEST 2017 on sn-devel-144
projects / thirdparty / samba.git / log
