Michael Adam [Wed, 6 Aug 2008 20:43:27 +0000 (22:43 +0200)]
idmap tdb2: fix broken logic in tdb2_delete_bystring().
1. use the return value that idmap_tdb2_open_perm_db() gives us
2. don't delete frep the local db if deleting from the perm db failed.
3. fix wrong interpretation of return value of the local delete
Michael Adam [Wed, 6 Aug 2008 20:33:58 +0000 (22:33 +0200)]
idmap tdb2: fix broken logic in tdb2_store_bystring().
1. use the return value that idmap_tdb2_open_perm_db() gives us
2. don't write to the local db if writing to the perm db failed.
3. fix wrong interpretation of return value of the local store
Michael Adam [Tue, 5 Aug 2008 09:32:20 +0000 (11:32 +0200)]
dbwrap ctdb: add a retry loop to the persistent store operation.
This is because ctdbd can fail in performing the persistent_store
due to race conditions, and this does not mean it can't succeed
the next time.
To not loop infinitely, this makes use of a new parametric option:
"dbwrap ctdb:max store retries" (integer) which defaults to 5
and sets the upper limit for the number or repeats of the
fetch/store cycle.
Michael Adam [Tue, 5 Aug 2008 16:42:07 +0000 (18:42 +0200)]
dbwrap ctdb: release the lock before calling ctdbd_persistent_store()
in the persistent db_ctdb_store operation.
This is to prevent deadlocks in db_ctdb_persistent_store().
There is a tradeoff: Usually, the record is still locked
after db->store operation. This lock is usually released
via the talloc destructor with the TALLOC_FREE to
the record. So we have two choices:
- Either re-lock the record after the call to persistent_store
or cancel_persistent update and this way not changing any
assumptions callers may have about the state, but possibly
introducing new race conditions.
- Or don't lock the record again but just remove the
talloc_destructor. This is less racy but assumes that
the lock is always released via TALLOC_FREE of the record.
I choose the first variant for now since it seems less racy.
We can't guarantee that we succeed in getting the lock
anyways. The only real danger here is that a caller
performs multiple store operations after a fetch_locked()
which is currently not the case.
This can not go upstream yet because it uses the non-GPL libgpfs. So it will
not be compiled by default and will not be included in the SOFS RPMs. But upon
Sven's request, we include it in the git tree and the source RPMs, so that it
can be built for in-house tests.
Michael Adam [Fri, 23 May 2008 13:12:01 +0000 (15:12 +0200)]
packaging(RHEL-CTDB): fix placement and link direction of new shared libs
libwbclient, libtalloc, libtdb, and libnetapi are now installed
into /usr/lib{,64} by their SONAME. The symlink is made from
the .so files to point to the SONAME files (e.g., libtdb.so.1).
Volker Lendecke [Mon, 19 May 2008 16:15:06 +0000 (18:15 +0200)]
Add winbind:online check timeout parameter
This is a band-aid for the rather convoluted offline/online mess in winbind
right now. Winbind re-uses the offline functionality that is targeted at domain
client installations on laptops to not overload disfunctional DCs. It uses the
winbind cache timeout as the retry timeout after a DC reboot.
I am using a parametric options because when this mess is cleaned up, that
parameter needs to go away again.
I'd recommend to use something like
winbind:online check timeout = 30
in typical LAN environments. This means a reconnect is attempted every 30
seconds.
Volker Lendecke [Tue, 12 Aug 2008 20:31:52 +0000 (22:31 +0200)]
Attempt to fix bug 5684
With the ctdb checkin dde9f3f006 tdb optimized out write lock checks for
write-enabled transaction. Sadly, this also removed the possibility to ever
remove dead records left over from tdb_delete calls within a transaction.
Tridge, please check this! Did dde9f3f006 have any reason beyond performance
optimizations?
Jeremy Allison [Tue, 12 Aug 2008 20:35:15 +0000 (13:35 -0700)]
Fix bug 5686 - libsmbclient segfaults with more than one SMBCCTX.
Here is a patch to allow many subsystems to be re-initialized. The only
functional change I made was to remove the null context tracking, as the memory
allocated here is designed to be left for the complete lifetime of the program.
Freeing this early (when all smb contexts are destroyed) could crash other
users of talloc.
Jeremy.
Michael Adam [Tue, 12 Aug 2008 12:59:59 +0000 (14:59 +0200)]
Fix unix_convert() for "*" after changing map_nt_error_from_unix().
map_nt_error_from_unix() now assumes that it is called in
an error path and returns an error even for a given errno == 0.
The original behaviour of unix_convert() used the mapping
of errno == 0 ==> NT_STATUS_OK to return success through
an error path.
I think this must have been an oversight, and unix_convert() worked
only by coincidence (or because explicitly using the knowledge
of the conceptually wrong working of map_nt_error_from_unix().
This patch puts this straight by not interpreting errno == 0
as an error condition and proceeding in that case.
Andrew Tridgell [Sun, 10 Aug 2008 00:43:36 +0000 (10:43 +1000)]
I found lots of places where we assume error will be set when calling
one of our virtualised functions, such as db_open(), but error is only
set when a system call fails, and it is not uncommon for us to fail a
function internally without ever making a system call. That led to us
passing back success when a function had in fact failed.
I found two places where we relied on map_nt_error_from_unix()
returning success when errno==0, but lots and lots of places where we
relied on the reverse, so I fixed those two places.
map_nt_error_from_unix() will now always return an error, returning
NT_STATUS_UNSUCCESSFUL if errno is 0
(cherry picked from commit 69d40ca4c1af925d4b0e59ddc69ef8c26e6501d1)
Jeff Layton [Tue, 12 Aug 2008 18:32:54 +0000 (14:32 -0400)]
cifs.upcall: negatively instantiate keys on error
When a request-key upcall exits without instantiating a key, the kernel
will negatively instantiate the key with a 60s timeout. Older kernels,
however seem to also link that key into the session keyring. This
behavior can interefere with subsequent mount attempts until the
key times out. The next request_key() call will get this negative key
even if the upcall would have worked the second time.
Fix this by having cifs.upcall negatively instantiate the key itself
with a 1s timeout and don't attach it to the session keyring.
Michael Adam [Fri, 8 Aug 2008 23:04:55 +0000 (01:04 +0200)]
nmbd: add support for delayed initial samlogon packages.
The hosts or networks configured with "init logon delayed hosts"
have their initial samlogon packages (empty username) delayed
by the value configured with "init logon delay" (defaulting
to 100 milliseconds).
This gives the administrator some control over what clients would
consider the preferred logon server: they choose the server that
repsonds most quickly.
Michael Adam [Fri, 8 Aug 2008 22:31:48 +0000 (00:31 +0200)]
loadparm: add two parameters "init logon delay hosts" and "init logon delay"
"init logon delays hosts" takes a list of hosts names or addresses
or networks for which the initial SAMLOGON reply should be delayed
(so other DCs get preferred by XP workstations if there are any).
This option takes the same type of list as "hosts allow" does.
"init logon delay" allows one to configure the delay for the hosts
configured for delayed initial samlogon with "init logon delayed hosts".
The value is interpreted as milliseconds. The default value is 100.
This commit only introduces the parameters.
They will be activated in a subsequent commit.
projects / thirdparty / samba.git / log
