Martin Schwenke [Wed, 1 May 2019 05:10:28 +0000 (15:10 +1000)]
ctdb-tests: Fix usage message
Since commit 0e9ead8f28fced3ebfa888786a1dc5bb59e734a3 daemons have
been shut down after each test, so this option no longer has anything
to do with killing daemons.
Martin Schwenke [Sat, 27 Apr 2019 04:54:09 +0000 (14:54 +1000)]
ctdb-tests: Wait to allow database attach/detach to take effect
Sometimes the detach test fails:
Check detaching single test database detach_test1.tdb
BAD: database detach_test1.tdb is still attached
Number of databases:4
dbid:0x5ae995ee name:detach_test4.tdb path:tests/var/simple/node.0/db/volatile/detach_test4.tdb.0
dbid:0xd84cc13c name:detach_test3.tdb path:tests/var/simple/node.0/db/volatile/detach_test3.tdb.0
dbid:0x8e8e8cef name:detach_test2.tdb path:tests/var/simple/node.0/db/volatile/detach_test2.tdb.0
dbid:0xc62491f4 name:detach_test1.tdb path:tests/var/simple/node.0/db/volatile/detach_test1.tdb.0
Number of databases:3
dbid:0x5ae995ee name:detach_test4.tdb path:tests/var/simple/node.1/db/volatile/detach_test4.tdb.1
dbid:0xd84cc13c name:detach_test3.tdb path:tests/var/simple/node.1/db/volatile/detach_test3.tdb.1
dbid:0x8e8e8cef name:detach_test2.tdb path:tests/var/simple/node.1/db/volatile/detach_test2.tdb.1
Number of databases:4
dbid:0x5ae995ee name:detach_test4.tdb path:tests/var/simple/node.2/db/volatile/detach_test4.tdb.2
dbid:0xd84cc13c name:detach_test3.tdb path:tests/var/simple/node.2/db/volatile/detach_test3.tdb.2
dbid:0x8e8e8cef name:detach_test2.tdb path:tests/var/simple/node.2/db/volatile/detach_test2.tdb.2
dbid:0xc62491f4 name:detach_test1.tdb path:tests/var/simple/node.2/db/volatile/detach_test1.tdb.2
*** TEST COMPLETED (RC=1) AT 2019-04-27 03:35:40, CLEANING UP...
When issued from a client, the detach control re-broadcasts itself
asynchronously to all nodes and then returns success. The controls to
some nodes to do the actual detach may still be in flight when success
is returned to the client. Therefore, the test should wait for a few
seconds to allow the asynchronous controls to complete.
The same is true for the attach control, so workaround the problem in
the attach test too.
An alternative is to make the attach and detach controls synchronous
by avoiding the broadcast and waiting for the results of the
individual controls sent to the nodes. However, a simple
implementation would involve adding new nested event loops.
Martin Schwenke [Thu, 28 Mar 2019 03:26:52 +0000 (14:26 +1100)]
ctdb-tests: Make try_command_on_node less error-prone
This sometimes fails, apparently due to a cat process in onnode
getting EAGAIN. The conclusion is that tests that process large
amounts of output should not depend on a sub-shell delivering that
output into a shell variable.
Change try_command_on_node() to leave all of the output in file
$outfile and just put the first 1KB into $out. $outfile is removed
after each test completes.
Change the implementation of sanity_check_output() to use $outfile
instead of $out.
Martin Schwenke [Tue, 30 Apr 2019 02:09:26 +0000 (12:09 +1000)]
ctdb-tests: Change sanity_check_output() to internally use $out
All callers are currently passed $out. Global variable $out is used
in many other places so use it here to simplify the interface and make
future changes simpler.
Martin Schwenke [Fri, 29 Mar 2019 00:19:55 +0000 (11:19 +1100)]
ctdb-scripts: Drop script configuration variable CTDB_MONITOR_SWAP_USAGE
CTDB's system memory monitoring in 05.system.script monitors both main
memory and swap. The swap monitoring was originally based on
the (possibly incorrect, see below) idea that swap space stacks on top
of main memory, so that when a system starts filling swap space then
this is supposed to be a good sign that the system is running out of
memory. Additionally, performance on a Linux system tends to be
destroyed by the I/O associated with a lot of swapping to spinning
disks.
However, some platforms default to creating only 4GB of swap space
even when there is 128GB of main memory. With such a small swap to
main memory ratio, memory pressure can force swap to be nearly full
even when a significant amount of main memory is still available and
the system is performing well. This suggests that checking swap
utilisation might be less than useful in many circumstances.
So, remove the separate swap space checking and change the memory
check to cover the total of main memory and swap space.
Test function set_mem_usage() still takes an argument for each of main
memory and swap space utilisation. For simplicity, the same number is
now passed twice to make the intended results comprehensible. This
could be changed later.
A couple of tests are cleaned up to no longer use hard-coded
/proc/meminfo and ps output.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Gary Lockyer [Thu, 4 Apr 2019 22:13:15 +0000 (11:13 +1300)]
s4 dns_server Bind9: Log opertion durations
Add duration debug logging to the samba bind9 dlz driver and the
dnsserver_common routines. This should aid future diagnosis of
performance issues, and could be used to monitor DNS performance.
The logs are currently Human readable text only, i.e. no JSON formatted
output.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue May 7 05:03:26 UTC 2019 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue May 7 01:45:37 UTC 2019 on sn-devel-184
Gary Lockyer [Wed, 17 Apr 2019 21:29:28 +0000 (09:29 +1200)]
nsswitch pam_winbind: Fix Asan use after free
Fix use after free condition detected by Address Sanitizer triggered by
wbcLogonUserInfoDestructor, wbcFreeMemory has code to detect and prevent a
double free. This patch prevents the Address Sanitizer error, allowing
tests to be run with Address Sanitizer enabled.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon May 6 08:55:22 UTC 2019 on sn-devel-184
This was a tool to dump a genine NT4 DC (never Samba) into smbpasswd file.
It did work against Windows AD, but DRS replication is much
more comprehensive.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May 6 07:11:51 UTC 2019 on sn-devel-184
The last caller was removed in s4-drs: GetNCChanges() to return correct (in AD-way) ATTIDs
(6a51afcfdbcbce7813fb59c0655e4178268ca70e) by Kamen Mazdrashki in 2010
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Aaron Haslett [Thu, 28 Mar 2019 02:54:06 +0000 (15:54 +1300)]
selftest: correcting empty attribute usage in requests
Many parts of Samba use an empty attribute list in requests expecting
all attributes to be returned in the response, which is incorrect. This
patch corrects the instances found by current CI tests. Static analysis
and debugging will need to be done before changing ildap to the correct
semantics.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon May 6 05:45:55 UTC 2019 on sn-devel-184
Aaron Haslett [Wed, 20 Mar 2019 06:17:07 +0000 (19:17 +1300)]
ldap: test for empty attributes list
Test for LDAP request with an empty attribute list. LDB responds with
no attributes, but LDAP responds with all attributes. Fix is attached
to the bug below but we can't push it upstream until we've found all
instances of incorrect empty attribute list usage in Samba.
Gary Lockyer [Wed, 17 Apr 2019 22:23:22 +0000 (10:23 +1200)]
lib util debug: Increase format buffer to 4KiB
Increase the debug line buffer to 4KiB, the existing size of 1KiB is too
small for dsdbChange JSON audit messages. These messages were then
split across multipe lines causing issues in log ingestion tools
expecting single line messages.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May 6 01:18:22 UTC 2019 on sn-devel-184
Joe Guo [Wed, 1 May 2019 23:04:05 +0000 (11:04 +1200)]
.gitlab-ci.yml: add docker tag back for private jobs
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun May 5 23:22:54 UTC 2019 on sn-devel-184
Joe Guo [Wed, 1 May 2019 23:05:23 +0000 (11:05 +1200)]
.gitlab-ci.yml: rm abs path in artifacts
According to doc: https://docs.gitlab.com/ee/user/project/pipelines/job_artifacts.html#defining-artifacts-in-gitlab-ciyml
all paths in artifacts must be relative to the cloned repo, so this line
actually never worked.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Fri, 3 May 2019 02:21:24 +0000 (14:21 +1200)]
bootstrap: add lcov to generate code coverage report
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 3 23:45:55 UTC 2019 on sn-devel-184
smbd: Use smbd_check_access_rights in reply_setatr()
That was the only caller of check_access outside of trans2.c, and it
passed an explicit NULL for fsp. Use the lower-level call, so we can
make check_access() static to trans2.c
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Robert Sander <r.sander@heinlein-support.de> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Bƶhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 2 19:34:11 UTC 2019 on sn-devel-184
Windows 10 (1803 and higher) support and use
SMB_FILE_NORMALIZED_NAME_INFORMATION calls over the network. As a
fallback (in case the server don't support it) the client traverses all
path components, which is very expensive.
Implementing SMB_FILE_NORMALIZED_NAME_INFORMATION is very cheap for us
as the open already went through unix_convert() and we have the
information the client is asking for.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 1 18:33:00 UTC 2019 on sn-devel-184
Douglas Bagnall [Sun, 31 Mar 2019 03:07:57 +0000 (16:07 +1300)]
script/attr_count_read: load and correlate all data
This changes script/attr_count_read to take the samba private directory
as an argument and load all the databases at once, printing them as
one big table. It isn't extremely clear what it all means, but it
*tries* to tell you.
With --plot, it will attempt to load matplotlib and plot the number of
requested attributes against the number returned, with colour
of each point indicating its relative frequency. It is a scatterplot
that wants to be a heatmap.
With --no-casefold, you can get an extra confusing table where,
for instance, something repeatedly asks for "attributeId" which is not
accounted for, while in a completely different row an unrequested
"attributeID" is found many times over.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 1 06:46:36 UTC 2019 on sn-devel-184
Douglas Bagnall [Thu, 28 Mar 2019 03:07:48 +0000 (16:07 +1300)]
dsdb/modules: a module to count attribute searches and results
The dsdb module stack can turn a simple search request into a
complicated tree of sub-queries that include attributes not originally
asked for and excluding those that were. The corresponding replies
might contain unrequested attributes or (for good reasons, according
to some module) hide requested ones. The entire stack is there to
meddle and that is what is does. Except *this* module. It just counts.
To understand dsdb performance it helps to have some idea what
requests and replies are flying too and fro. This module, when
inserted anywhere in the stack, counts the requests and replies
passing through and the attributes they contain. This data is stored
in on-disk tdbs in the private/debug directory.
The module is not loaded by default. To load it you need to patch the
source4/dsdb/samdb/ldb_modules/samba_dsdb.c and put "count_attrs"
somewhere in the module lists in the samba_dsdb_init() function. For
example, to examine the traffic between repl_meta_data and
group_audit_log, you would do something like this around line 316:
and recompile. Samba will then write to a number of tdb files in the
debug directory as requests and replies pass through. A simple script
is included to read these files. Doing this:
will print a table showing how often various attritbutes were
requested but not found (from the point of view of the module).
A more sophisticated version of the script is coming in the next
commit, but this one is included first because in its simplicity it
documents the storage format reasonably well. The tdb keys are
attribute names, and the values are uint32_t in machine native order.
When the module is included in the stack there will be a very small
decrease in performance.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 18 Apr 2019 01:39:58 +0000 (13:39 +1200)]
pytests: try ldap.modify_order with normal user
We run the tests again, trying to modify as a normal user rather than
Administrator.
It turns out that we do not always return the same error code as
Windows, but in all these tests both Windows and Samba always return
some kind of error (as you might hope).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 12 Apr 2019 04:09:55 +0000 (16:09 +1200)]
dsdb/pytest/ldap: revive commented out test for attr size range
The test was presumably commented out because we fail it, and
known-failing it would have hidden the attr-too-short tests that it
was bundled with. If we disentangle them we can knwn-fail it, which
serves as a TODO list.
(passes against WIN2012R2).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Wed, 1 May 2019 03:18:31 +0000 (15:18 +1200)]
.gitlab-ci.yml: keep samba-ci-private tag only for private jobs
This will help us give the legacy 'private' tag, used in branches
under maintenance, more resources without those jobs running on the
normal production runners (therefore avoiding the additional cost for
the 90% of builds that are for master).
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 1 05:02:22 UTC 2019 on sn-devel-184
Douglas Bagnall [Tue, 30 Apr 2019 22:41:41 +0000 (10:41 +1200)]
s4/replmd delete: optimise attribute preservation with binary search
When we get here it is very likely that the attribute will not be
preserved, as the preserved ones should have had the flag set, but we
still end up loking through the whole list to confirm. With a binary
search, we end up looking at ~5 attributes to confirm.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 30 Apr 2019 22:35:46 +0000 (10:35 +1200)]
s4/replmd: delete checks flag before laborious search
Most (perhaps all) attributes that are in the "must not remove" list also
have the PRESERVEONDELETE bit set, and checking bits is much cheaper
than a linear search involving strcasecmp. If we check the bit first
we save work.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
smbd: Move deadtime default to parameter definition and man page
The code has a default of one week (10080 minutes) if the parameter is
set to 0. Make this the public default of the parameter, instead of
hiding it in the code. This change also has the code match the
documentation that setting this parameter to 0 disables the check.
Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Tue, 26 Mar 2019 04:48:39 +0000 (17:48 +1300)]
traffic: load dns query from file and write stats to file
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 1 01:10:42 UTC 2019 on sn-devel-184
Tim Beale [Wed, 10 Apr 2019 01:12:30 +0000 (13:12 +1200)]
traffic_replay: Avoid Exception if no packet rate is specified
traffic_replay would throw an exception if you didn't specify some sort
of packet rate. We can avoid this by using --scale-traffic=1.0 as the
default if nothing else was specified.
script/traffic_replay model.txt $SERVER.$REALM --duration=10
--fixed-password=blahblah12# -U$USERNAME%$PASSWORD
INFO 2019-04-10 01:03:01,809 pid:47755 script/traffic_replay #280: Using
the specified model file to generate conversations
Traceback (most recent call last):
File "script/traffic_replay", line 438, in <module>
main()
File "script/traffic_replay", line 293, in main
opts.conversation_persistence)
File "bin/python/samba/emulate/traffic.py", line 1295, in
generate_conversation_sequences
target_packets = int(packet_rate * duration)
TypeError: unsupported operand type(s) for *: 'NoneType' and 'float'
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Tim Beale [Wed, 10 Apr 2019 00:55:26 +0000 (12:55 +1200)]
traffic_replay: Assign users to groups by default
The traffic_replay script has a myriad of options, but by default when
it creates user accounts it does not assign these users to any groups
(you have to specify extra options to do that). This isn't really a fair
test of samba performance, because it's unlikely that real world setups
will have users that are in no groups (other than the default ones).
This patch changes the default behaviour so that it will assign the new
users to groups automatically, if no other group options were
specified.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
projects / thirdparty / samba.git / log
