The branch, v4-2-stable has been updated via f312bf9 VERSION: Disable git snapshot for the 4.2.2 release. via 0ce6ad8 WHATSNEW: Add release notes for Samba 4.2.2. via c78585f s4: libcli/finddcs_cldap: continue processing CLDAP until all addresses are used via c7e4454 torture: Add smb2.notify.rmdir via b3e3e41 smbd: Cancel pending notifies if the directory goes away via bd09b15 smbd: Remove bool arg from set_delete_on_close_lck via e41c7a7 smbd: Use reset_delete_on_close_lck directly via d754099 smbd: Introduce reset_delete_on_close_lck via fa55c75 s3:winbindd: make sure we remove pending io requests before closing client sockets via 60f1f76 libads: record service ticket endtime for sealed ldap connections via 6db3de7 gencache: don't fail gencache_stabilize if there were records to delete. via 691a887 s3: torture: Add regression test for bug #11249. via 80db448 s3: smbd: VFS: fake_acl module called get_full_smb_filename() with a stream path, then used the result to call XATTR functions directly. via 177d620 s3: smbd: VFS: For all EA and ACL calls use synthetic_smb_fname(), not synthetic_smb_fname_split(). via cf8235a s3: smbd: VFS: All the places that are currently calling vfs_stat_smb_fname() and vfs_lstat_smb_fname() should be calling vfs_stat_smb_basename(). via 87f2dd8 s3: smbd: VFS: Add vfs_stat_smb_basename() - to be called when we *know* stream name parsing has already been done. via 86ed62a vfs_gpfs: move failure label before END_PROFILE via 08a72cb vfp_gpfs: ensure END_PROFILE is always called via c071f95 vfs_fruit: comment fix: the options are documented via 37e5d67 vfs_fruit: add option "nfs_aces" that controls the NFS ACEs stuff via ea27c56 s3:smbXsrv: refactor duplicate code into smbXsrv_session_clear_and_logoff() via 688352c s3:selftest: run smb2.notify with --signing=required via f8e64d7 s3:smb2_tcon: cancel pending requests on all connections on tdis via abe61f4 s3:smb2_sesssetup: remove unused smbd_smb2_session_setup_* destructors via 3a2b5ec s3:smb2_sesssetup: add smbd_smb2_session_setup_wrap_send/recv() via 7a56711 s3:smb2_sesssetup: always assign smb2req->session when a session was created. via b653861 s3:smb2_sesssetup: let smbd_smb2_logoff_* use smbXsrv_session_shutdown_* via 6233772 s3:smbXsrv_session: cancel pending requests when we logoff a previous session via 03263c7 s3:smbXsrv_session: add smb2srv_session_shutdown_send/recv helper functions via 1340130 s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_logoff_all_callback() via 72ceb73 s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_destructor() via 09a5282 s4:torture/smb2: add smb2.notify.session-reconnect test via 398400b s4:torture/smb2: add smb2.notify.invalid-reauth test via e3bb691 s4:torture/smb2: add smb2.notify.close test via ef5a649 s4:torture/smb2: verify STATUS_NOTIFY_CLEANUP return value via 06a7050 s3:smbd: use STATUS_NOTIFY_CLEANUP on smb2 logoff (explicit and implicit) and tdis via 26496f9 s3:smbd: use STATUS_NOTIFY_CLEANUP when closing a smb2 directory handle via a4f1a49 s3:smbd: add a smbd_notify_cancel_by_map() helper function via bd7bc99 s3: nmbd: Don't set work_changed = True inside update_server_ttl(). via c79abc9 s3: nmbd: Ensure we only set work_changed = true if we modify the record. via 82f7a0c vfs: kernel_flock and named streams via 509f2bb s4: torture: Test for incorrect file size returned in the response of "FILE_SUPERSEDE Create". via 251accf s3: smbd: Incorrect file size returned in the response of "FILE_SUPERSEDE Create" via 794cc5d s4: rpc: Refactor dcesrv_alter() function into setup and send steps. via e0aead2 sharesec: Use common parse_ace function via d79a504 sharesec: Print ACEs in similar format as expected in input via 667b3a3 util_sd: Make server conncection optional via af26539 smbcacls: Move sec_desc_print to common file via f4ac982 smbcacls: Move print_ace and parse_ace to common file via 5bad1a2 smbcacls: Move StringToSid to common file via 989ec37 smbcacls: Move SidToString to common file via cb564bf smbcacls: Use defines for security flags via 2d2702a smbcacls: Make 'numeric' a local variable via f330a2e Add DCERPC flag to call unbind hooks without destroying the connection itself upon termination of a connection with outstanding pending calls. via 69d632d Add multiplex state to dcerpc flags and control over multiplex PFC flag in bind_ack and and dcesrv_alter replies via 967679c Make sure we initialize conn to NULL, because a routine we call may give an error and not touch conn, and then we get an error when trying to TALLOC_FREE it. via b5ff650 s3:smbd: update comment to correctly reflect MS-SMB2 via 9423985 s3:smbd: missing tevent_req_nterror via 8478c00 ctdb-build: Specify absolute path to libsocket-wrapper.so via e9c498b vfs_fruit: also map characters below 0x20 via 8e034d4 ctdb-scripts: Add a 'rm' stub so statd-callout tests work correctly via 189ed91 ctdb-scripts: Remove unused function nfs_statd_update() via fa53179 ctdb-scripts: Change statd-callout to be more scalable via bb6497e ctdb-scripts: Fix a regression in statd-callout via bc1e3a8 ctdb-tests: Unit tests for statd-callout via c955fe8 ctdb-tests: Make setup of public addresses more obvious via cb5cd84 ctdb-tests: Extend eventscript unit test infrastructure for other scripts via 59f2aef ctdb-tests: Support testing scripts that change directory via cb1e82d ctdb-tests: Extend ctdb stub to support "ip" with and without -X via 3d74950 ctdb-tests: Extend ctdb stub to support "ptrans", "pdelete", "catdb" via 6135c95 lib/util: Include DEBUG macro in internal header files before samba_util.h via 6352ce7 waf: Fix systemd detection via 65c7bc5 build: Move systemd checks to lib/util via 9b721b9 spoolss: purge the printer name cache on name change via 1d1db40 s3: libsmbclient: After getting attribute server, ensure main srv pointer is still valid. via ec1a40d ctdb-scripts: Fix bashism in ctdbd_wrapper script via 9c54ea8 ctdb-scripts: Call iptables/ip6tables directly from iptables_wrapper via 4adb57c ctdb-tests: Fix tickle sniffing for IPv4 via 74db853 ctdb-scripts: Fix tunable setup code by making it shell-agnostic via 3aecf28 ctdb-scripts: Don't use the GNU awk gensub() function via 6cbfa35 ctdb-scripts: Try to deal with Ubuntu having /usr/sbin/service via e3d3ffd ctdb: check for talloc_asprintf() failure via 014c3d9 ctdb: Coverity fix for CID 1291643 via b006b7e ctdb: Fix CID 1125615 Copy into fixed size buffer via dd44ac4 ctdb: Fix CID 1125634 Out-of-bounds write via 47deea0 ctdb: Fix CID 1125613 Destination buffer too small via 265ab2e ctdb: Introduce a helper var in ctdb_get_script_list via 9b79fa1 ctdb: Fix memleak in ctdb_get_script_list via a0698ef ctdb: Make for-loop in ctdb_get_script_list more idiomatic via 4b2663d ctdb: Fix CID 1288201 Array compared against 0 via b2db194 ctdb: Fix 1125553 Buffer not null terminated via 663cedd ctdb-tools: Fix heap-use-after-free problem via 8acd3c8 VERSION: Bump version up to 4.2.2... from c2633a9 VERSION: Disable git snapshot for the 4.2.1 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-stable - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 142 ++++- ctdb/common/system_linux.c | 2 +- ctdb/config/ctdbd_wrapper | 2 +- ctdb/config/events.d/00.ctdb | 6 +- ctdb/config/events.d/60.ganesha | 1 + ctdb/config/events.d/60.nfs | 1 + ctdb/config/functions | 52 +- ctdb/config/statd-callout | 144 +++-- ctdb/server/eventscript.c | 32 +- ctdb/tcp/tcp_connect.c | 24 +- ctdb/tests/complex/18_ctdb_reloadips.sh | 2 +- ctdb/tests/complex/scripts/local.bash | 2 +- ctdb/tests/eventscripts/etc-ctdb/rc.local | 4 +- ctdb/tests/eventscripts/etc-ctdb/statd-callout | 6 +- ctdb/tests/eventscripts/scripts/local.sh | 148 ++++- ctdb/tests/eventscripts/statd-callout.001.sh | 15 + ctdb/tests/eventscripts/statd-callout.002.sh | 16 + ctdb/tests/eventscripts/statd-callout.003.sh | 18 + ctdb/tests/eventscripts/statd-callout.004.sh | 19 + ctdb/tests/eventscripts/statd-callout.005.sh | 27 + ctdb/tests/eventscripts/statd-callout.006.sh | 29 + ctdb/tests/eventscripts/statd-callout.007.sh | 16 + ctdb/tests/eventscripts/stubs/ctdb | 130 ++++- ctdb/tests/eventscripts/stubs/id | 3 + ctdb/tests/eventscripts/stubs/rm | 6 + .../stubs/ssh => eventscripts/stubs/smnotify} | 1 + ctdb/tests/scripts/common.sh | 4 + ctdb/tests/scripts/integration.bash | 5 +- ctdb/tests/src/ctdb_takeover_tests.c | 2 +- ctdb/tests/src/ctdb_test_stubs.c | 7 +- ctdb/tools/ctdb.c | 8 +- ctdb/wscript | 8 +- docs-xml/manpages/vfs_fruit.8.xml | 9 + lib/util/become_daemon.c | 12 +- lib/util/fault.h | 4 +- lib/util/memcache.c | 2 +- lib/util/wscript | 8 + lib/util/wscript_build | 2 +- lib/util/wscript_configure | 17 + selftest/knownfail | 2 +- selftest/target/Samba3.pm | 13 + source3/include/includes.h | 4 +- source3/include/util_sd.h | 37 ++ source3/lib/gencache.c | 2 +- source3/lib/util_sd.c | 614 +++++++++++++++++++++ source3/libads/sasl.c | 23 + source3/librpc/idl/messaging.idl | 3 + source3/libsmb/libsmb_xattr.c | 41 ++ source3/locking/locking.c | 101 ++-- source3/locking/proto.h | 3 +- source3/modules/nfs4_acls.c | 4 +- source3/modules/non_posix_acls.c | 2 +- source3/modules/vfs_acl_common.c | 19 +- source3/modules/vfs_acl_tdb.c | 16 +- source3/modules/vfs_default.c | 8 +- source3/modules/vfs_fake_acls.c | 22 +- source3/modules/vfs_fruit.c | 19 +- source3/modules/vfs_gpfs.c | 25 +- source3/modules/vfs_recycle.c | 2 +- source3/modules/vfs_solarisacl.c | 2 +- source3/modules/vfs_xattr_tdb.c | 4 +- source3/nmbd/nmbd_incomingdgrams.c | 22 +- source3/nmbd/nmbd_serverlistdb.c | 5 - source3/rpc_server/spoolss/srv_spoolss_nt.c | 6 + source3/script/tests/test_smbclient_s3.sh | 38 ++ source3/selftest/tests.py | 3 + source3/smbd/aio.c | 12 +- source3/smbd/close.c | 21 +- source3/smbd/globals.h | 5 + source3/smbd/notify.c | 76 ++- source3/smbd/open.c | 9 + source3/smbd/posix_acls.c | 2 +- source3/smbd/proto.h | 5 + source3/smbd/service.c | 4 + source3/smbd/smb2_server.c | 11 +- source3/smbd/smb2_sesssetup.c | 361 ++++++------ source3/smbd/smb2_tcon.c | 66 +-- source3/smbd/smbXsrv_session.c | 202 ++++++- source3/smbd/vfs.c | 26 + source3/utils/net_dns.c | 2 +- source3/utils/sharesec.c | 193 +------ source3/utils/smbcacls.c | 603 +------------------- source3/winbindd/winbindd.c | 26 + source3/winbindd/winbindd.h | 1 + source3/wscript_build | 6 +- source4/include/includes.h | 2 + source4/libcli/finddcs_cldap.c | 42 +- source4/rpc_server/dcerpc_server.c | 128 +++-- source4/rpc_server/dcerpc_server.h | 2 + source4/torture/raw/open.c | 102 ++++ source4/torture/smb2/notify.c | 345 ++++++++++++ wscript | 22 - 93 files changed, 2881 insertions(+), 1371 deletions(-) mode change 100755 => 120000 ctdb/tests/eventscripts/etc-ctdb/statd-callout create mode 100755 ctdb/tests/eventscripts/statd-callout.001.sh create mode 100755 ctdb/tests/eventscripts/statd-callout.002.sh create mode 100755 ctdb/tests/eventscripts/statd-callout.003.sh create mode 100755 ctdb/tests/eventscripts/statd-callout.004.sh create mode 100755 ctdb/tests/eventscripts/statd-callout.005.sh create mode 100755 ctdb/tests/eventscripts/statd-callout.006.sh create mode 100755 ctdb/tests/eventscripts/statd-callout.007.sh create mode 100755 ctdb/tests/eventscripts/stubs/id create mode 100755 ctdb/tests/eventscripts/stubs/rm copy ctdb/tests/{onnode/stubs/ssh => eventscripts/stubs/smnotify} (62%) create mode 100644 source3/include/util_sd.h create mode 100644 source3/lib/util_sd.c Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 0461c8c..c425ebc 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ ######################################################## SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=2 -SAMBA_VERSION_RELEASE=1 +SAMBA_VERSION_RELEASE=2 ######################################################## # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 3f96dcd..a626fd2 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,141 @@ ============================= + Release Notes for Samba 4.2.2 + May 27, 2015 + ============================= + + +This is the latest stable release of Samba 4.2. + + +Changes since 4.2.1: +-------------------- + +o Michael Adam <ob...@samba.org> + * BUG 11182: s3:smbXsrv: refactor duplicate code into + smbXsrv_session_clear_and_logoff(). + * BUG 11260: gencache: don't fail gencache_stabilize if there were records + to delete. + + +o Jeremy Allison <j...@samba.org> + * BUG 11186: s3: libsmbclient: After getting attribute server, ensure main + srv pointer is still valid. + * BUG 11236: s4: rpc: Refactor dcesrv_alter() function into setup and send + steps. + * BUG 11240: s3: smbd: Incorrect file size returned in the response of + "FILE_SUPERSEDE Create". + * BUG 11249: Mangled names do not work with acl_xattr. + * BUG 11254: nmbd rewrites browse.dat when not required. + + +o Ralph Boehme <s...@samba.org> + * BUG 11213: vfs_fruit: add option "nfs_aces" that controls the NFS ACEs + stuff. + * BUG 11224: s3:smbd: Add missing tevent_req_nterror. + * BUG 11243: vfs: kernel_flock and named streams. + * BUG 11244: vfs_gpfs: Error code path doesn't call END_PROFILE. + + +o Alexander Bokovoy <a...@samba.org> + * BUG 11284: s4: libcli/finddcs_cldap: continue processing CLDAP until all + addresses are used. + + +o David Disseldorp <dd...@samba.org> + * BUG 11201: ctdb: check for talloc_asprintf() failure.:w + * BUG 11210: spoolss: purge the printer name cache on name change. + + +o Amitay Isaacs <ami...@gmail.com> + * BUG 11204: CTDB statd-callout does not scale. + + +o Björn Jacke <b...@sernet.de> + * BUG 11221: vfs_fruit: also map characters below 0x20. + + +o Rajesh Joseph <rjos...@redhat.com> + * BUG 11201: ctdb: Coverity fix for CID 1291643. + + +o Julien Kerihuel <j.kerih...@openchange.org> + * BUG 11225: Multiplexed RPC connections are not handled by DCERPC server. + * BUG 11226: Fix terminate connection behavior for asynchronous endpoint + with PUSH notification flavors. + + +o Led <led...@gmail.com> + * BUG 11007: ctdb-scripts: Fix bashism in ctdbd_wrapper script. + + +o Volker Lendecke <v...@samba.org> + * BUG 11201: ctdb: Fix CIDs 1125615, 1125634, 1125613, 1288201 and 1125553. + * BUG 11257: SMB2 should cancel pending NOTIFY calls with DELETE_PENDING if + the directory is deleted. + + +o Stefan Metzmacher <me...@samba.org> + * BUG 11141: s3:winbindd: make sure we remove pending io requests before + closing client sockets. + * BUG 11182: Fix panic triggered by smbd_smb2_request_notify_done() -> + smbXsrv_session_find_channel() in smbd. + + +o Christof Schmitt <c...@samba.org> + * BUG 11237: 'sharesec' output no longer matches input format. + + +o Andreas Schneider <a...@samba.org> + * BUG 11200: waf: Fix systemd detection. + + +o Martin Schwenke <mar...@meltin.net> + * BUG 11202: CTDB: Fix portability issues. + * BUG 11203: CTDB: Fix some IPv6-related issues. + * BUG 11204: CTDB statd-callout does not scale. + + +o Richard Sharpe <rsha...@nutanix.com> + * BUG 11234: 'net ads dns gethostbyname' crashes with an error in TALLOC_FREE + if you enter invalid values. + + +o Uri Simchoni <urisimch...@gmail.com> + * BUG 11267: libads: record service ticket endtime for sealed ldap + connections. + + +o Lukas Slebodnik <lsleb...@redhat.com> + * BUG 11033: lib/util: Include DEBUG macro in internal header files before + samba_util.h. + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.2 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + +====================================================================== + + ============================= Release Notes for Samba 4.2.1 April 15, 2015 ============================= @@ -102,10 +239,7 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- - -====================================================================== +---------------------------------------------------------------------- ============================= diff --git a/ctdb/common/system_linux.c b/ctdb/common/system_linux.c index 97a57ac..fdb8d12 100644 --- a/ctdb/common/system_linux.c +++ b/ctdb/common/system_linux.c @@ -100,7 +100,7 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface) } DEBUG(DEBUG_DEBUG, (__location__ " Created SOCKET FD:%d for sending arp\n", s)); - strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)-1); + strlcpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)); if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) { DEBUG(DEBUG_CRIT,(__location__ " interface '%s' not found\n", iface)); close(s); diff --git a/ctdb/config/ctdbd_wrapper b/ctdb/config/ctdbd_wrapper index c2c5c1a..c35a4a8 100755 --- a/ctdb/config/ctdbd_wrapper +++ b/ctdb/config/ctdbd_wrapper @@ -155,7 +155,7 @@ kill_ctdbd () start() { if _session=$(ctdbd_is_running) ; then - echo $"CTDB is already running" + echo "CTDB is already running" return 0 fi diff --git a/ctdb/config/events.d/00.ctdb b/ctdb/config/events.d/00.ctdb index a0f4102..c3754ae 100755 --- a/ctdb/config/events.d/00.ctdb +++ b/ctdb/config/events.d/00.ctdb @@ -121,10 +121,10 @@ update_config_from_tdb() { set_ctdb_variables () { # set any tunables from the config file - set | grep ^CTDB_SET_ | cut -d_ -f3- | + set | sed -n '/^CTDB_SET_/s/=.*//p' | while read v; do - varname=`echo $v | cut -d= -f1` - value=`echo $v | cut -d= -f2` + varname="${v#CTDB_SET_}" + value=$(eval echo "\$$v") ctdb setvar $varname $value || return 1 echo "Set $varname to $value" done diff --git a/ctdb/config/events.d/60.ganesha b/ctdb/config/events.d/60.ganesha index df0912d..46edb0a 100755 --- a/ctdb/config/events.d/60.ganesha +++ b/ctdb/config/events.d/60.ganesha @@ -221,6 +221,7 @@ case "$1" in } || exit $? update_tickles 2049 + nfs_update_lock_info # check that statd responds to rpc requests # if statd is not running we try to restart it diff --git a/ctdb/config/events.d/60.nfs b/ctdb/config/events.d/60.nfs index c4e798e..d570cd7 100755 --- a/ctdb/config/events.d/60.nfs +++ b/ctdb/config/events.d/60.nfs @@ -91,6 +91,7 @@ case "$1" in } || exit $? update_tickles 2049 + nfs_update_lock_info nfs_check_rpc_services diff --git a/ctdb/config/functions b/ctdb/config/functions index 1583bfc..e0270a3 100755 --- a/ctdb/config/functions +++ b/ctdb/config/functions @@ -161,6 +161,8 @@ _service () if [ -x /sbin/service ]; then $_nice /sbin/service "$_service_name" "$_op" + elif [ -x /usr/sbin/service ]; then + $_nice /usr/sbin/service "$_service_name" "$_op" elif [ -x $CTDB_ETCDIR/init.d/$_service_name ]; then $_nice $CTDB_ETCDIR/init.d/$_service_name "$_op" elif [ -x $CTDB_ETCDIR/rc.d/init.d/$_service_name ]; then @@ -654,6 +656,16 @@ get_tcp_connections_for_ip () {print $4" "$5}' } +################################################################## +# use statd-callout to update NFS lock info +################################################################## +nfs_update_lock_info () +{ + if [ -x "$CTDB_BASE/statd-callout" ] ; then + "$CTDB_BASE/statd-callout" update + fi +} + ######################################################## # start/stop the Ganesha nfs service ######################################################## @@ -805,23 +817,6 @@ startstop_nfslock() { esac } -# Periodically update the statd database -nfs_statd_update () -{ - _update_period="$1" - - _statd_update_trigger="$service_state_dir/update-trigger" - [ -f "$_statd_update_trigger" ] || touch "$_statd_update_trigger" - - _last_update=$(stat --printf="%Y" "$_statd_update_trigger") - _current_time=$(date +"%s") - if [ $(( $_current_time - $_last_update)) -ge $_update_period ] ; then - touch "$_statd_update_trigger" - $CTDB_BASE/statd-callout updatelocal & - $CTDB_BASE/statd-callout updateremote & - fi -} - ######################################################## add_ip_to_iface () @@ -888,7 +883,7 @@ delete_ip_from_iface() } } -# If the given IP is hosted then print 2 items: maskbits and iface +# If the given IP is hosted then print 2 items: maskbits and iface ip_maskbits_iface () { _addr="$1" @@ -900,8 +895,9 @@ ip_maskbits_iface () ip addr show to "${_addr}/${_bits}" 2>/dev/null | \ awk -v family="${_family}" \ - 'NR == 1 { iface = gensub(":$", "", 1, $2) } \ - $1 ~ /inet/ { print gensub(".*/", "", 1, $2), iface, family }' + 'NR == 1 { iface = $2; sub(":$", "", iface) } \ + $1 ~ /inet/ { mask = $2; sub(".*/", "", mask); \ + print mask, iface, family }' } drop_ip () @@ -1365,23 +1361,17 @@ ctdb_standard_event_handler () esac } -# iptables doesn't like being re-entered, so flock-wrap it. -iptables () -{ - flock -w 30 $CTDB_VARDIR/iptables-ctdb.flock /sbin/iptables "$@" -} -ip6tables () -{ - flock -w 30 $CTDB_VARDIR/iptables-ctdb.flock /sbin/ip6tables "$@" -} iptables_wrapper () { _family="$1" ; shift if [ "$_family" = "inet6" ] ; then - ip6tables "$@" + _iptables_cmd="ip6tables" else - iptables "$@" + _iptables_cmd="iptables" fi + + # iptables doesn't like being re-entered, so flock-wrap it. + flock -w 30 "${CTDB_VARDIR}/iptables-ctdb.flock" "$_iptables_cmd" "$@" } # AIX (and perhaps others?) doesn't have mktemp diff --git a/ctdb/config/statd-callout b/ctdb/config/statd-callout index 5e8eb0e..4a331ac 100755 --- a/ctdb/config/statd-callout +++ b/ctdb/config/statd-callout @@ -30,7 +30,19 @@ loadconfig nfs nl=" " +ctdb_setup_service_state_dir "statd-callout" + +cd "$service_state_dir" || \ + die "Failed to change directory to \"${service_state_dir}\"" + case "$1" in + # Keep a single file to keep track of the last "add-client" or + # "del-client'. These get pushed to ctdb.tdb during "update", + # which will generally be run once each "monitor" cycle. In this + # way we avoid scalability problems with flood of persistent + # transactions after a "notify" when all the clients re-take their + # locks. + add-client) # statd does not tell us to which IP the client connected so # we must add it to all the IPs that we serve @@ -38,42 +50,47 @@ case "$1" in pnn=$(ctdb xpnn | sed -e 's/.*://') date=$(date '+%s') ctdb ip -X | - tail -n +2 | { - # This all needs to be in the end of the pipe so it - # doesn't get lost - items="" - while IFS="|" read x sip node x ; do - [ "$node" = "$pnn" ] || continue # not us - key="statd-state@${sip}@${cip}" - item="\"${key}\" \"${date}\"" - items="${items}${items:+${nl}}${item}" - done - if ! echo "$items" | ctdb ptrans "ctdb.tdb" ; then - die "Failed to add clients" - fi - } + tail -n +2 | + while IFS="|" read x sip node x ; do + [ "$node" = "$pnn" ] || continue # not us + key="statd-state@${sip}@${cip}" + echo "\"${key}\" \"${date}\"" >"$key" + done ;; - del-client) + + del-client) # statd does not tell us from which IP the client disconnected # so we must add it to all the IPs that we serve cip="$2" pnn=$(ctdb xpnn | sed -e 's/.*://') ctdb ip -X | - tail -n +2 | { - # This all needs to be in the end of the pipe so it - # doesn't get lost - items="" - while IFS="|" read x sip node x ; do - [ "$node" = "$pnn" ] || continue # not us - key="statd-state@${sip}@${cip}" - item="\"${key}\" \"\"" - items="${items}${items:+${nl}}${item}" - done - if ! echo "$items" | ctdb ptrans "ctdb.tdb" ; then - die "Failed to delete clients" - fi - } + tail -n +2 | + while IFS="|" read x sip node x ; do + [ "$node" = "$pnn" ] || continue # not us + key="statd-state@${sip}@${cip}" + echo "\"${key}\" \"\"" >"$key" + done ;; + + update) + files=$(echo statd-state@*) + if [ "$files" = "statd-state@*" ] ; then + # No files! + exit 0 + fi + # Filter out lines for any IP addresses that are not currently + # hosted public IP addresses. + pnn=$(ctdb xpnn | sed -e 's/.*://') + ctdb_ips=$(ctdb ip | tail -n +2) + sed_expr=$(echo "$ctdb_ips" | + awk -v pnn=$pnn 'pnn == $2 { \ + ip = $1; gsub(/\./, "\\.", ip); \ + printf "/statd-state@%s@/p\n", ip }') + if cat $files | sed -n "$sed_expr" | ctdb ptrans "ctdb.tdb" ; then + rm $files + fi + ;; + notify) # we must restart the lockmanager (on all nodes) so that we get # a clusterwide grace period (so other clients dont take out @@ -144,40 +161,51 @@ case "$1" in # Construct a sed expression to take catdb output and produce pairs of: # server-IP client-IP # but only for the server-IPs that are hosted on this node. - sed_expr=$(ctdb ip | tail -n +2 | - awk -v pnn=$pnn 'pnn == $2 { printf "s/^key.*=.*statd-state@\\(%s\\)@\\([^\"]*\\).*/\\1 \\2/p\n", gensub(/\./, "\\\\.", "g", $1) }') + ctdb_all_ips=$(ctdb ip -n all | tail -n +2) + sed_expr=$(echo "$ctdb_all_ips" | + awk -v pnn=$pnn 'pnn == $2 { \ + ip = $1; gsub(/\./, "\\.", ip); \ + printf "s/^key.*=.*statd-state@\\(%s\\)@\\([^\"]*\\).*/\\1 \\2/p\n", ip }') statd_state=$(ctdb catdb ctdb.tdb | sed -n "$sed_expr" | sort) [ -n "$statd_state" ] || exit 0 - # The following is dangerous if this script times out before - # all of the smnotify commands are run. Revert to individual - # pdelete commands for now and consider optimising smnotify to - # read all the data from stdin and then run it in the - # background. - # - # Delete all the items from the TDB - #if ! echo "$statd_state" | \ - # awk '{ printf "\"statd-state@%s@%s\" \"\"\n", $1, $2 }') | \ - # ctdb ptrans ctdb.tdb ; then + prev="" + echo "$statd_state" | { + # This all needs to be in the same command group at the + # end of the pipe so it doesn't get lost when the loop + # completes. + items="" + while read sip cip ; do + # Collect item to delete from the DB + key="statd-state@${sip}@${cip}" + item="\"${key}\" \"\"" + items="${items}${items:+${nl}}${item}" - # die "Yikes!" - #fi + # NOTE: Consider optimising smnotify to read all the + # data from stdin and then run it in the background. + + # Reset stateval for each serverip + [ "$sip" = "$prev" ] || stateval="$state_even" + # Send notifies for server shutdown + smnotify --client=$cip --ip=$sip --server=$sip --stateval=$stateval + smnotify --client=$cip --ip=$sip --server=$NFS_HOSTNAME --stateval=$stateval + # Send notifies for server startup + stateval=$(($stateval + 1)) + smnotify --client=$cip --ip=$sip --server=$sip --stateval=$stateval + smnotify --client=$cip --ip=$sip --server=$NFS_HOSTNAME --stateval=$stateval + done - prev="" - echo "$statd_state" | - while read sip cip ; do -- Samba Shared Repository