Andrew Tridgell [Fri, 7 Aug 2009 07:21:54 +0000 (17:21 +1000)]
ensure that child tasks die when the parent dies
Previously we relied on process groups and SIGTERM to ensure that
child tasks died in the standard process model when the parent task
died. This doesn't work when the server is run in interactive mode, as
in that case we don't call become_daemon() and don't get a separate
process group.
The fix is to have a pipe held open by the parent server process, and
inherited by child tasks. If the parent exits then the write side of
the pipe is implicitly closed, which causes an event in the child
tasks that causes them to exit
Andrew Tridgell [Fri, 7 Aug 2009 07:19:39 +0000 (17:19 +1000)]
prime the sam ldb schema in the parent samba process
While testing the use of the standard process model with 'make test' I
found that testing was much slower (by several times) with the
standard model than with the single model. The primary problem was
that each SMB connection would open a new sam ldb context, and all of
those would reload the full AD schema.
The fix is to pre-open the SAM during server startup, before any child
processes are forked. This sets up the global schema context which is
inherited by all connections.
The standard model is still slower at make test than the single model,
but not by nearly as much. I am working on further reducing the gap.
Andrew Tridgell [Fri, 7 Aug 2009 07:16:26 +0000 (17:16 +1000)]
use talloc with the global schema consistently
Before this change, the first opener of the sam ldb context would
become the owner of the global schema, then the autofree context got a
reference to the schema. Any subsequent opens of the sam ldb also got
a reference. This meant that the talloc hierarchy was inconsistent
between the first sam ldb open and subsequent opens. With this change
the autofree context becomes the owner of the global schema, and all
ldb contexts get a reference.
Andrew Tridgell [Fri, 7 Aug 2009 07:14:13 +0000 (17:14 +1000)]
fixed several places that unnecessarily take a reference to the event context
These references were triggering the ambiguous talloc_free errors from
the recent talloc changes when the server is run using the 'standard'
process model instead of the 'single' process model. I am aiming to
move the build farm to use the 'standard' process model soon, as part
of an effort to make our test environment better match the real
deployment of Samba4.
The references are not needed as the way that the event context is
used is as the 'top parent', so when the event context is freed then
all of the structures that were taking a reference to the event
context were actually freed as well, thus making the references
redundent.
Tim Prouty [Thu, 6 Aug 2009 22:53:33 +0000 (15:53 -0700)]
s3: Fix a bug in renames of directories
Recently code was added to match windows semantics of denying the
rename of a directory if there are open files underneath it. This
does partly match windows semantics, but it turns out the rename
should be allowed if the open file handle is for the directory being
renamed, or for a stream on the directory being renamed. This patch
refines the check to better follow these rename semantics.
Tim Prouty [Thu, 6 Aug 2009 18:23:23 +0000 (11:23 -0700)]
s4 torture: Extend the RAW-RENAME test to more fully test directory renames.
The existing test was only covering files opened underneath the
directory that was being renamed. It is not uncommon for windows
clients to actually hold a read-only handle to a directory open across
the rename, which it turns out doesn't return NT_STATUS_ACCESS_DENIED.
Additionally, holding a handle open to a stream on the directory is
also allowed.
Rusty Russell [Thu, 6 Aug 2009 03:13:42 +0000 (13:13 +1000)]
There is one signedness issue in tdb which prevents traverses of TDB records
over the 2G offset on systems which support 64 bit file offsets. This fixes
that case.
On systems with 32 bit offsets, expansion and fcntl locking on these records
will fail anyway. SAMBA already does '#define _FILE_OFFSET_BITS 64' in
config.h (on my 32-bit x86 Linux system at least) to get 64 bit file offsets.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Andrew Tridgell [Wed, 5 Aug 2009 10:23:12 +0000 (20:23 +1000)]
changed BCC handling for SMBwriteX to handle broken MacOSX client
see bug #6610
The MacOSX SMB client sets the BCC value in SMBwriteX calls to zero
instead of the correct size. Checking against WindowsXP, I've found
that Windows uses the maximum of the computed buffer size and the
given BCC value. I've changed Samba4 to do the same to allow MacOSX to
work.
I've limited this change to non-chained packets to ensure we don't get
the possibility of exploits based on overlapping chained requests
Andrew Tridgell [Wed, 5 Aug 2009 07:51:21 +0000 (17:51 +1000)]
fixed a problem with group policy writes causing policy corruption
This bug was caused by two things:
1) in the unix ACL mapping, we were not taking into account group
write permssions for the SEC_STD_DELETE flag
2) when a file is created using OVERWRITE mode, a fchmod() would
fail if the user is not the file owner. We resolve that by only
doing the fchmod() if the mapped file attribute does not match the
desired file attribute
Andrew Tridgell [Wed, 5 Aug 2009 01:21:06 +0000 (11:21 +1000)]
make the UID_WRAPPER skip checks at runtime
This fixes two issues pointed out by Andrew. It adds a runtime
uwrap_enabled() call that wraps the skips needed for uid emulation. It
also makes the skip in the directory_create_or_exist() function only
change the uid checking code, not the permissions code
Andrew Tridgell [Wed, 5 Aug 2009 00:50:03 +0000 (10:50 +1000)]
added a uid_wrapper library
This library intercepts seteuid and related calls, and simulates them
in a manner similar to the nss_wrapper and socket_wrapper
libraries. This allows us to enable the vfs_unixuid NTVFS module in
the build farm, which means we are more likely to catch errors in the
token manipulation.
The simulation is not complete, but it is enough for Samba4 for
now. The major areas of incompleteness are:
- no emulation of setreuid, setresuid or saved uids. These would be
needed for use in Samba3
- no emulation of ruid changing. That would also be needed for Samba3
- no attempt to emulate file ownership changing, so code that (for
example) tests whether st.st_uid matches geteuid() needs special
handling
Andrew Bartlett [Tue, 4 Aug 2009 22:53:11 +0000 (08:53 +1000)]
s4:dsdb Don't cast an ldb_val into a const char * for schema lookups
This removes a number of cases where we did a cast into a const char *
of an ldb_val. While convention is to alway have an extra \0 at
data[length] in the ldb_val, this is not required, and does not occour
at least on build farm host 'svart'.
Gerald Carter [Mon, 3 Aug 2009 21:18:10 +0000 (16:18 -0500)]
idmap_adex: Fix usage of talloc_stackframe().
Pass an explicit TALLOC_CTX* to build_id_filter() and build_alias_filter()
rather than relying upon the talloc_stackframe() behavior that
allows a caller access to stackframe ctx for called functions.
We should always return a local path so that users are not forced to setup a
[prnproc$] share on the server. This restores pre-3.4.0 spoolss behaviour.
Andrew Bartlett [Tue, 4 Aug 2009 08:24:37 +0000 (18:24 +1000)]
s4:torture Make RPC-NETLOGON pass against ncaclrpc servers
The original patch didn't cope with a NULL target server name - we now key off that to decide it isn't worth checking against LDAP for this host.
I still can't get this to pass against Windows 2008, but mdw was
testing against Windows 2008R2. at least 'make test' is happy, and
the rest should not be too hard...
Andrew Bartlett [Tue, 4 Aug 2009 02:52:11 +0000 (12:52 +1000)]
s4:torture rework LDAP sort test
This reworks the test to be part of the LDAP tests, to make better use
of the torture API and the ldb API (in particular around adding
controls), and a general cleanup.
projects / thirdparty / samba.git / log
