The branch, v4-20-test has been updated via 22e56d9ea2d python: Remove ‘typing.Final’ via 9366f554862 python: do not make use of typing.Final for python 3.6 via 858090913e3 docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" via d8e056d8b0d smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used via 3a8a86adc66 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run via 87e56ada0db docs-xml: add details for 'net witness' via c4e4d41f0ac s3:utils: fix help string for 'net witness force-response' via f9c0968743d ctdb/events: add 47.samba-dcerpcd.script via bc89a069b3c ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script from d998b68af68 VERSION: Bump version up to Samba 4.20.0rc3...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-test - Log ----------------------------------------------------------------- commit 22e56d9ea2d4a58c2abec86a278cfa2c896ba096 Author: Jo Sutton <josut...@catalyst.net.nz> Date: Fri Feb 2 12:23:58 2024 +1300 python: Remove ‘typing.Final’ This is only present in Python 3.8 and above. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15575 Signed-off-by: Jo Sutton <josut...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> (cherry picked from commit d6fe66ddeeb99c550fa9a0f1abb845e6daf71f8a) Autobuild-User(v4-20-test): Jule Anger <jan...@samba.org> Autobuild-Date(v4-20-test): Mon Feb 19 15:35:39 UTC 2024 on atb-devel-224 commit 9366f55486254e1641a3ddc73c69e8ace774f6dc Author: Rob van der Linde <r...@catalyst.net.nz> Date: Fri Feb 2 12:54:41 2024 +1300 python: do not make use of typing.Final for python 3.6 Python 3.6 does not have typing.Final yet BUG: https://bugzilla.samba.org/show_bug.cgi?id=15575 Signed-off-by: Rob van der Linde <r...@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> (cherry picked from commit ecc84aa448a962f1a224144bbb65f0cef36a4279) commit 858090913e389c1de8525cefe753642e724c2ac7 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 8 15:43:39 2024 +0100 docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> Autobuild-User(master): Günther Deschner <g...@samba.org> Autobuild-Date(master): Tue Feb 13 21:06:24 UTC 2024 on atb-devel-224 (cherry picked from commit 7a674ee9ffeca047ceed7ac046db1b168d4025a6) commit d8e056d8b0d6dc5cbe465c1c55c83574d6296f5d Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 8 15:31:10 2024 +0100 smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> (cherry picked from commit 32b84c5bce00c4f91191596dc00d9824e82e0f24) commit 3a8a86adc6674e78927271f9809a74733c7ffb07 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 8 15:15:28 2024 +0100 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run rpcd_witness needs ncacn_ip_tcp support and that's only available if samba-dcerpcd is not started on demand. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> (cherry picked from commit d8bfdaaaa737032c6a8623512fcb2cd01850628a) commit 87e56ada0db353b06559cb8fdc6460a96a6ef204 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 8 14:25:05 2024 +0100 docs-xml: add details for 'net witness' BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> (cherry picked from commit 1d0938d6fe46c06432ae5fda9e7491b908a9ac56) commit c4e4d41f0ac0827587556ea17c1e54d7f760f1e3 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 8 15:07:42 2024 +0100 s3:utils: fix help string for 'net witness force-response' BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> (cherry picked from commit 7a23429ed6a04bb14509758492bfaee5db6dbd0d) commit f9c0968743dc526e8d26231a5e91a3419750540c Author: Stefan Metzmacher <me...@samba.org> Date: Fri Feb 2 13:54:20 2024 +0100 ctdb/events: add 47.samba-dcerpcd.script If someone wants to enable the witness service samba-dcerpcd needs to be started as standalone service BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> (cherry picked from commit f1f68108cc303b92b8a88728d12c2b699fdfc731) commit bc89a069b3cda1970ef1e2da9d998f45cbc567b4 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Feb 2 13:54:20 2024 +0100 ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script We can easily monitor if the service is running at all, that better than no monitoring at all... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> (cherry picked from commit ff8f778e39af563d97b1d38f89368a3c148532f2) ----------------------------------------------------------------------- Summary of changes: ctdb/config/events/legacy/47.samba-dcerpcd.script | 66 +++ ctdb/config/events/legacy/48.netbios.script | 11 + docs-xml/manpages/net.8.xml | 567 ++++++++++++++++++++++ docs-xml/smbdotconf/protocol/smb3sharecaps.xml | 202 ++++++++ python/samba/gkdi.py | 16 +- python/samba/nt_time.py | 8 +- python/samba/tests/gkdi.py | 4 +- source3/smbd/smb2_tcon.c | 20 +- source3/utils/net_witness.c | 2 +- 9 files changed, 874 insertions(+), 22 deletions(-) create mode 100755 ctdb/config/events/legacy/47.samba-dcerpcd.script create mode 100644 docs-xml/smbdotconf/protocol/smb3sharecaps.xml Changeset truncated at 500 lines: diff --git a/ctdb/config/events/legacy/47.samba-dcerpcd.script b/ctdb/config/events/legacy/47.samba-dcerpcd.script new file mode 100755 index 00000000000..9492d553a62 --- /dev/null +++ b/ctdb/config/events/legacy/47.samba-dcerpcd.script @@ -0,0 +1,66 @@ +#!/bin/sh +# ctdb event script for SAMBA DCERPCD Services + +[ -n "$CTDB_BASE" ] || \ + CTDB_BASE=$(d=$(dirname "$0") && cd -P "$d" && dirname "$PWD") + +. "${CTDB_BASE}/functions" + +detect_init_style + +case $CTDB_INIT_STYLE in + *) + # distributions don't have this yet, + # but assume samba-dcerpcd as service name + CTDB_SERVICE_SAMBA_DCERPCD=${CTDB_SERVICE_SAMBA_DCERPCD:-samba-dcerpcd} + ;; +esac + +load_script_options + +service_start () +{ + # make sure samba-dcerpcd is not already started + service "$CTDB_SERVICE_SAMBA_DCERPCD" stop > /dev/null 2>&1 + killall -0 -q samba-dcerpcd && { + sleep 1 + # make absolutely sure samba-dcerpcd is dead + killall -q -9 samba-dcerpcd + } + + # start Samba dcerpcd service. Start it reniced, as under very heavy load + # the number of smbd processes will mean that it leaves few cycles + # for anything else + nice_service "$CTDB_SERVICE_SAMBA_DCERPCD" start || die "Failed to start samba-dcerpcd" +} + +service_stop () +{ + service "$CTDB_SERVICE_SAMBA_DCERPCD" stop +} + +service_status () +{ + service "$CTDB_SERVICE_SAMBA_DCERPCD" status > /dev/null + test $? = 0 && return 0 + service "$CTDB_SERVICE_SAMBA_DCERPCD" status +} + +########################### + +case "$1" in +startup) + service_start + ;; + +shutdown) + service_stop + ;; + +monitor) + service_status + ;; + +esac + +exit 0 diff --git a/ctdb/config/events/legacy/48.netbios.script b/ctdb/config/events/legacy/48.netbios.script index 43204476d6b..1531e4919de 100755 --- a/ctdb/config/events/legacy/48.netbios.script +++ b/ctdb/config/events/legacy/48.netbios.script @@ -48,6 +48,13 @@ service_stop () service "$CTDB_SERVICE_NMB" stop } +service_status () +{ + service "$CTDB_SERVICE_NMB" status > /dev/null + test $? = 0 && return 0 + service "$CTDB_SERVICE_NMB" status +} + ########################### case "$1" in @@ -59,6 +66,10 @@ shutdown) service_stop ;; +monitor) + service_status + ;; + esac exit 0 diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml index 4ff99e238a2..c284cc25b49 100644 --- a/docs-xml/manpages/net.8.xml +++ b/docs-xml/manpages/net.8.xml @@ -61,6 +61,16 @@ <arg choice="opt">-t|--timeout seconds</arg> <arg choice="opt">--dns-ttl TTL-IN-SECONDS</arg> <arg choice="opt">-i|--stdin</arg> + <arg choice="opt">--witness-registration=REGISTRATION_UUID</arg> + <arg choice="opt">--witness-net-name=REGEX</arg> + <arg choice="opt">--witness-share-name=REGEX</arg> + <arg choice="opt">--witness-ip-address=REGEX</arg> + <arg choice="opt">--witness-client-computer-name=REGEX</arg> + <arg choice="opt">--witness-apply-to-all</arg> + <arg choice="opt">--witness-new-node=NODEID</arg> + <arg choice="opt">--witness-new-ip=IPADDRESS</arg> + <arg choice="opt">--witness-forced-response=JSON</arg> + </cmdsynopsis> </refsynopsisdiv> @@ -402,6 +412,86 @@ </para></listitem> </varlistentry> + <!-- Options for net witness subcommands --> + + <varlistentry> + <term>--witness-registration=REGISTRATION_UUID</term> + <listitem><para> + This does a direct lookup for REGISTRATION_UUID + instead of doing a database traversal. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-net-name=REGEX</term> + <listitem><para> + This specifies the 'server name' the client + registered for monitoring. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-share-name=REGEX</term> + <listitem><para> + This specifies the 'share name' the client + registered for monitoring. + Note that the share name is optional in the + registration, otherwise an empty string is + matched. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-ip-address=REGEX</term> + <listitem><para> + This specifies the ip address the client + registered for monitoring. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-client-computer-name=REGEX</term> + <listitem><para> + This specifies the client computer name the client + specified in the registration. + Note it is just a string chosen by the client itself. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-apply-to-all</term> + <listitem><para> + This selects all registrations. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-new-node=NODEID</term> + <listitem><para> + By specifying a NODEID all ip addresses + currently available on the given node are + included in the response. + By specifying '-1' as NODEID all ip addresses + of the cluster are included in the response. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-new-ip=IPADDRESS</term> + <listitem><para> + By specifying an IPADDRESS only the specified + ip address is included in the response. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--witness-forced-response=JSON</term> + <listitem><para> + This allows the generation of very complex + witness_notifyResponse structures. + </para></listitem> + </varlistentry> + &cmdline.common.samba.client; &cmdline.common.connection; &cmdline.common.credentials; @@ -3096,6 +3186,483 @@ Requests an offline domain join by providing file-based provisioning data. This </refsect2> +<refsect2> +<title>WITNESS</title> + +<para>Starting with version 4.20 Samba has support for the SMB Witness service in a cluster. +</para> + +<para>The following witness commands are implemented: +<simplelist> +<member> +net witness list List witness registrations from rpcd_witness_registration.tdb. +</member> +<member> +net witness client-move Generate client move notifications for witness registrations to a new ip or node. +</member> +<member> +net witness share-move Generate share move notifications for witness registrations to a new ip or node. +</member> +<member> +net witness force-unregister Force unregistrations for witness registrations. +</member> +<member> +net witness force-response Force an AsyncNotify response based on json input (mostly for testing). +</member> + +</simplelist> +</para> + +<refsect3> +<title>WITNESS LIST</title> +<para> + List witness registrations from rpcd_witness_registration.tdb +</para> +<para> + Note: Only supported with clustering=yes! +</para> +<para> + Machine readable output can be generated with the following option: +</para> +<para> + --json +</para> +<para> + The selection of registrations can be limited by the following options: +</para> +<para> + --witness-registration=REGISTRATION_UUID +</para> +<para> + This does a direct lookup for REGISTRATION_UUID + instead of doing a database traversal. +</para> +<para> + The following options all take a POSIX Extended Regular Expression, + which can further filter the selection of registrations. + These options are applied as logical AND, but each REGEX + allows specifying multiple strings using the pipe symbol. +</para> +<para> + --witness-net-name=REGEX +</para> +<para> + This specifies the 'server name' the client + registered for monitoring. +</para> +<para> + --witness-share-name=REGEX +</para> +<para> + This specifies the 'share name' the client + registered for monitoring. + Note that the share name is optional in the + registration, otherwise an empty string is + matched. +</para> +<para> + --witness-ip-address=REGEX +</para> +<para> + This specifies the ip address the client + registered for monitoring. +</para> +<para> + --witness-client-computer-name=REGEX +</para> +<para> + This specifies the client computer name the client + specified in the registration. + Note it is just a string chosen by the client itself. +</para> + +</refsect3> + +<refsect3> +<title>WITNESS CLIENT-MOVE</title> +<para> + Generate client move notifications for witness registrations to a new ip or node +</para> +<para> + Note: Only supported with clustering=yes! +</para> +<para> + Machine readable output can be generated with the following option: +</para> +<para> + --json +</para> +<para> + The selection of registrations can be limited by the following options: +</para> +<para> + --witness-registration=REGISTRATION_UUID +</para> +<para> + This does a direct lookup for REGISTRATION_UUID + instead of doing a database traversal. +</para> +<para> + The following options all take a POSIX Extended Regular Expression, + which can further filter the selection of registrations. + These options are applied as logical AND, but each REGEX + allows specifying multiple strings using the pipe symbol. +</para> +<para> + --witness-net-name=REGEX +</para> +<para> + This specifies the 'server name' the client + registered for monitoring. +</para> +<para> + --witness-share-name=REGEX +</para> +<para> + This specifies the 'share name' the client + registered for monitoring. + Note that the share name is optional in the + registration, otherwise an empty string is + matched. +</para> +<para> + --witness-ip-address=REGEX +</para> +<para> + This specifies the ip address the client + registered for monitoring. +</para> +<para> + --witness-client-computer-name=REGEX +</para> +<para> + This specifies the client computer name the client + specified in the registration. + Note it is just a string chosen by the client itself. +</para> +<para> + If the update should be applied to all registrations + it needs to be explicitly specified: +</para> +<para> + --witness-apply-to-all +</para> +<para> + This selects all registrations. + Note: This is mutual exclusive to the above options. +</para> +<para> + The content of the CLIENT_MOVE notification contains ip addresses + specified by (exactly one) of the following options: +</para> +<para> + --witness-new-node=NODEID +</para> +<para> + By specifying a NODEID all ip addresses + currently available on the given node are + included in the response. + By specifying '-1' as NODEID all ip addresses + of the cluster are included in the response. +</para> +<para> + --witness-new-ip=IPADDRESS +</para> +<para> + By specifying an IPADDRESS only the specified + ip address is included in the response. +</para> + +</refsect3> + +<refsect3> +<title>WITNESS SHARE-MOVE</title> +<para> + Generate share move notifications for witness registrations to a new ip or node +</para> +<para> + Note: Only supported with clustering=yes! +</para> +<para> + Machine readable output can be generated with the following option: +</para> +<para> + --json +</para> +<para> + The selection of registrations can be limited by the following options: +</para> +<para> + --witness-registration=REGISTRATION_UUID +</para> +<para> + This does a direct lookup for REGISTRATION_UUID + instead of doing a database traversal. +</para> +<para> + The following options all take a POSIX Extended Regular Expression, + which can further filter the selection of registrations. + These options are applied as logical AND, but each REGEX + allows specifying multiple strings using the pipe symbol. +</para> +<para> + --witness-net-name=REGEX +</para> +<para> + This specifies the 'server name' the client + registered for monitoring. +</para> +<para> + --witness-share-name=REGEX +</para> +<para> + This specifies the 'share name' the client + registered for monitoring. + Note that the share name is optional in the + registration, otherwise an empty string is + matched. +</para> +<para> + --witness-ip-address=REGEX +</para> +<para> + This specifies the ip address the client + registered for monitoring. +</para> +<para> + --witness-client-computer-name=REGEX +</para> +<para> + This specifies the client computer name the client + specified in the registration. + Note it is just a string chosen by the client itself. +</para> +<para> + If the update should be applied to all registrations + it needs to be explicitly specified: +</para> +<para> + --witness-apply-to-all +</para> +<para> + This selects all registrations. + Note: This is mutual exclusive to the above options. +</para> +<para> + Note: This only applies to registrations with a non empty share name! +</para> +<para> + The content of the SHARE_MOVE notification contains ip addresses + specified by (exactly one) of the following options: +</para> +<para> + --witness-new-node=NODEID +</para> +<para> + By specifying a NODEID all ip addresses + currently available on the given node are + included in the response. + By specifying '-1' as NODEID all ip addresses + of the cluster are included in the response. +</para> +<para> + --witness-new-ip=IPADDRESS +</para> +<para> + By specifying an IPADDRESS only the specified + ip address is included in the response. +</para> + -- Samba Shared Repository