The branch, v4-20-stable has been updated
via 17bab5c0774 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release.
via f3da62a2bba WHATSNEW: Add release notes for Samba 4.20.0rc3.
via 253c5585c91 s3/rpc_client: Fix array offset check
via 1ab3de6f46e s3/rpc_client: Ensure max possible row buffer size is
not exceeded
via 3e226dd1cd5 idl: Add constant for max rows buffer size
via c1016224041 s3/rpc_client: cleanup unmarshalling of variant types
from row columns
via 77cbdf342ca s3/utils: use full 64 bit address for getrows (with
64bit offsets)
via ec239d16a97 s3/rpc_client: Remove stray unnecessary comment
via 3d47cae71d9 s3/rpc_client: change type of offset to uint64_t
via 7107b233346 ctdb-protocol: Add missing push support for new controls
via 22e56d9ea2d python: Remove ‘typing.Final’
via 9366f554862 python: do not make use of typing.Final for python 3.6
via 858090913e3 docs-xml: document "smb3 share cap:{CONTINUOUS
AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}"
via d8e056d8b0d smb2_tcon: only announce SMB3 related share
capabilities if SMB3 is used
via 3a8a86adc66 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if
rpcd_witness can run
via 87e56ada0db docs-xml: add details for 'net witness'
via c4e4d41f0ac s3:utils: fix help string for 'net witness
force-response'
via f9c0968743d ctdb/events: add 47.samba-dcerpcd.script
via bc89a069b3c ctdb/events: use 'service "$CTDB_SERVICE_NMB" status'
in 48.netbios.script
via d998b68af68 VERSION: Bump version up to Samba 4.20.0rc3...
from 0167b75a5b2 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc2 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 23 +-
ctdb/config/events/legacy/47.samba-dcerpcd.script | 66 +++
ctdb/config/events/legacy/48.netbios.script | 11 +
ctdb/protocol/protocol_control.c | 8 +
ctdb/tests/src/protocol_common_ctdb.c | 33 ++
ctdb/tests/src/protocol_ctdb_test.c | 2 +-
docs-xml/manpages/net.8.xml | 567 ++++++++++++++++++++++
docs-xml/smbdotconf/protocol/smb3sharecaps.xml | 202 ++++++++
librpc/idl/wsp_data.idl | 5 +
python/samba/gkdi.py | 16 +-
python/samba/nt_time.py | 8 +-
python/samba/tests/gkdi.py | 4 +-
source3/rpc_client/wsp_cli.c | 127 +++--
source3/smbd/smb2_tcon.c | 20 +-
source3/utils/net_witness.c | 2 +-
source3/utils/wspsearch.c | 22 +-
17 files changed, 1059 insertions(+), 59 deletions(-)
create mode 100755 ctdb/config/events/legacy/47.samba-dcerpcd.script
create mode 100644 docs-xml/smbdotconf/protocol/smb3sharecaps.xml
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 12917e08428..efcf3f379e6 100644
--- a/VERSION
+++ b/VERSION
@@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE=
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
########################################################
-SAMBA_VERSION_RC_RELEASE=2
+SAMBA_VERSION_RC_RELEASE=3
########################################################
# To mark SVN snapshots this should be set to 'yes' #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index de3b0f03d49..f540dc555c0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
Release Announcements
=====================
-This is the second release candidate of Samba 4.20. This is *not*
+This is the third release candidate of Samba 4.20. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
@@ -214,6 +214,27 @@ smb.conf changes
acl claims evaluation new AD DC only
+CHANGES SINCE 4.20.0rc2
+=======================
+
+o Rob van der Linde <r...@catalyst.net.nz>
+ * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6.
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 15577: Additional witness backports for 4.20.0.
+
+o Noel Power <noel.po...@suse.com>
+ * BUG 15579: Error output with wspsearch.
+
+o Martin Schwenke <mschwe...@ddn.com>
+ * BUG 15580: Packet marshalling push support missing for
+ CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
+ CTDB_CONTROL_TCP_CLIENT_PASSED.
+
+o Jo Sutton <josut...@catalyst.net.nz>
+ * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6.
+
+
CHANGES SINCE 4.20.0rc1
=======================
diff --git a/ctdb/config/events/legacy/47.samba-dcerpcd.script
b/ctdb/config/events/legacy/47.samba-dcerpcd.script
new file mode 100755
index 00000000000..9492d553a62
--- /dev/null
+++ b/ctdb/config/events/legacy/47.samba-dcerpcd.script
@@ -0,0 +1,66 @@
+#!/bin/sh
+# ctdb event script for SAMBA DCERPCD Services
+
+[ -n "$CTDB_BASE" ] || \
+ CTDB_BASE=$(d=$(dirname "$0") && cd -P "$d" && dirname "$PWD")
+
+. "${CTDB_BASE}/functions"
+
+detect_init_style
+
+case $CTDB_INIT_STYLE in
+ *)
+ # distributions don't have this yet,
+ # but assume samba-dcerpcd as service name
+
CTDB_SERVICE_SAMBA_DCERPCD=${CTDB_SERVICE_SAMBA_DCERPCD:-samba-dcerpcd}
+ ;;
+esac
+
+load_script_options
+
+service_start ()
+{
+ # make sure samba-dcerpcd is not already started
+ service "$CTDB_SERVICE_SAMBA_DCERPCD" stop > /dev/null 2>&1
+ killall -0 -q samba-dcerpcd && {
+ sleep 1
+ # make absolutely sure samba-dcerpcd is dead
+ killall -q -9 samba-dcerpcd
+ }
+
+ # start Samba dcerpcd service. Start it reniced, as under very heavy load
+ # the number of smbd processes will mean that it leaves few cycles
+ # for anything else
+ nice_service "$CTDB_SERVICE_SAMBA_DCERPCD" start || die "Failed to start
samba-dcerpcd"
+}
+
+service_stop ()
+{
+ service "$CTDB_SERVICE_SAMBA_DCERPCD" stop
+}
+
+service_status ()
+{
+ service "$CTDB_SERVICE_SAMBA_DCERPCD" status > /dev/null
+ test $? = 0 && return 0
+ service "$CTDB_SERVICE_SAMBA_DCERPCD" status
+}
+
+###########################
+
+case "$1" in
+startup)
+ service_start
+ ;;
+
+shutdown)
+ service_stop
+ ;;
+
+monitor)
+ service_status
+ ;;
+
+esac
+
+exit 0
diff --git a/ctdb/config/events/legacy/48.netbios.script
b/ctdb/config/events/legacy/48.netbios.script
index 43204476d6b..1531e4919de 100755
--- a/ctdb/config/events/legacy/48.netbios.script
+++ b/ctdb/config/events/legacy/48.netbios.script
@@ -48,6 +48,13 @@ service_stop ()
service "$CTDB_SERVICE_NMB" stop
}
+service_status ()
+{
+ service "$CTDB_SERVICE_NMB" status > /dev/null
+ test $? = 0 && return 0
+ service "$CTDB_SERVICE_NMB" status
+}
+
###########################
case "$1" in
@@ -59,6 +66,10 @@ shutdown)
service_stop
;;
+monitor)
+ service_status
+ ;;
+
esac
exit 0
diff --git a/ctdb/protocol/protocol_control.c b/ctdb/protocol/protocol_control.c
index 83ed6cb4ee1..e4491159937 100644
--- a/ctdb/protocol/protocol_control.c
+++ b/ctdb/protocol/protocol_control.c
@@ -693,6 +693,14 @@ static void ctdb_req_control_data_push(struct
ctdb_req_control_data *cd,
case CTDB_CONTROL_ECHO_DATA:
ctdb_echo_data_push(cd->data.echo_data, buf, &np);
break;
+
+ case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+ ctdb_connection_push(cd->data.conn, buf, &np);
+ break;
+
+ case CTDB_CONTROL_TCP_CLIENT_PASSED:
+ ctdb_connection_push(cd->data.conn, buf, &np);
+ break;
}
*npush = np;
diff --git a/ctdb/tests/src/protocol_common_ctdb.c
b/ctdb/tests/src/protocol_common_ctdb.c
index 384076824a4..8a8e114f67a 100644
--- a/ctdb/tests/src/protocol_common_ctdb.c
+++ b/ctdb/tests/src/protocol_common_ctdb.c
@@ -593,6 +593,19 @@ void fill_ctdb_req_control_data(TALLOC_CTX *mem_ctx,
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+ case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+ cd->data.conn = talloc(mem_ctx, struct ctdb_connection);
+ assert(cd->data.conn != NULL);
+ fill_ctdb_connection(mem_ctx, cd->data.conn);
+ break;
+
+ case CTDB_CONTROL_TCP_CLIENT_PASSED:
+ cd->data.conn = talloc(mem_ctx, struct ctdb_connection);
+ assert(cd->data.conn != NULL);
+ fill_ctdb_connection(mem_ctx, cd->data.conn);
+ break;
+
}
}
@@ -982,6 +995,14 @@ void verify_ctdb_req_control_data(struct
ctdb_req_control_data *cd,
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+ case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+ verify_ctdb_connection(cd->data.conn, cd2->data.conn);
+ break;
+
+ case CTDB_CONTROL_TCP_CLIENT_PASSED:
+ verify_ctdb_connection(cd->data.conn, cd2->data.conn);
+ break;
}
}
@@ -1378,6 +1399,12 @@ void fill_ctdb_reply_control_data(TALLOC_CTX *mem_ctx,
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+ case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+ break;
+
+ case CTDB_CONTROL_TCP_CLIENT_PASSED:
+ break;
}
}
@@ -1715,6 +1742,12 @@ void verify_ctdb_reply_control_data(struct
ctdb_reply_control_data *cd,
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+ case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+ break;
+
+ case CTDB_CONTROL_TCP_CLIENT_PASSED:
+ break;
}
}
diff --git a/ctdb/tests/src/protocol_ctdb_test.c
b/ctdb/tests/src/protocol_ctdb_test.c
index f6fb5134a00..840d465ae30 100644
--- a/ctdb/tests/src/protocol_ctdb_test.c
+++ b/ctdb/tests/src/protocol_ctdb_test.c
@@ -277,7 +277,7 @@ PROTOCOL_CTDB4_TEST(struct ctdb_req_dmaster,
ctdb_req_dmaster,
PROTOCOL_CTDB4_TEST(struct ctdb_reply_dmaster, ctdb_reply_dmaster,
CTDB_REPLY_DMASTER);
-#define NUM_CONTROLS 159
+#define NUM_CONTROLS 161
PROTOCOL_CTDB2_TEST(struct ctdb_req_control_data, ctdb_req_control_data);
PROTOCOL_CTDB2_TEST(struct ctdb_reply_control_data, ctdb_reply_control_data);
diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml
index 4ff99e238a2..c284cc25b49 100644
--- a/docs-xml/manpages/net.8.xml
+++ b/docs-xml/manpages/net.8.xml
@@ -61,6 +61,16 @@
<arg choice="opt">-t|--timeout seconds</arg>
<arg choice="opt">--dns-ttl TTL-IN-SECONDS</arg>
<arg choice="opt">-i|--stdin</arg>
+ <arg choice="opt">--witness-registration=REGISTRATION_UUID</arg>
+ <arg choice="opt">--witness-net-name=REGEX</arg>
+ <arg choice="opt">--witness-share-name=REGEX</arg>
+ <arg choice="opt">--witness-ip-address=REGEX</arg>
+ <arg choice="opt">--witness-client-computer-name=REGEX</arg>
+ <arg choice="opt">--witness-apply-to-all</arg>
+ <arg choice="opt">--witness-new-node=NODEID</arg>
+ <arg choice="opt">--witness-new-ip=IPADDRESS</arg>
+ <arg choice="opt">--witness-forced-response=JSON</arg>
+
</cmdsynopsis>
</refsynopsisdiv>
@@ -402,6 +412,86 @@
</para></listitem>
</varlistentry>
+ <!-- Options for net witness subcommands -->
+
+ <varlistentry>
+ <term>--witness-registration=REGISTRATION_UUID</term>
+ <listitem><para>
+ This does a direct lookup for REGISTRATION_UUID
+ instead of doing a database traversal.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-net-name=REGEX</term>
+ <listitem><para>
+ This specifies the 'server name' the client
+ registered for monitoring.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-share-name=REGEX</term>
+ <listitem><para>
+ This specifies the 'share name' the client
+ registered for monitoring.
+ Note that the share name is optional in the
+ registration, otherwise an empty string is
+ matched.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-ip-address=REGEX</term>
+ <listitem><para>
+ This specifies the ip address the client
+ registered for monitoring.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-client-computer-name=REGEX</term>
+ <listitem><para>
+ This specifies the client computer name the client
+ specified in the registration.
+ Note it is just a string chosen by the client itself.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-apply-to-all</term>
+ <listitem><para>
+ This selects all registrations.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-new-node=NODEID</term>
+ <listitem><para>
+ By specifying a NODEID all ip addresses
+ currently available on the given node are
+ included in the response.
+ By specifying '-1' as NODEID all ip addresses
+ of the cluster are included in the response.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-new-ip=IPADDRESS</term>
+ <listitem><para>
+ By specifying an IPADDRESS only the specified
+ ip address is included in the response.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>--witness-forced-response=JSON</term>
+ <listitem><para>
+ This allows the generation of very complex
+ witness_notifyResponse structures.
+ </para></listitem>
+ </varlistentry>
+
&cmdline.common.samba.client;
&cmdline.common.connection;
&cmdline.common.credentials;
@@ -3096,6 +3186,483 @@ Requests an offline domain join by providing file-based
provisioning data. This
</refsect2>
+<refsect2>
+<title>WITNESS</title>
+
+<para>Starting with version 4.20 Samba has support for the SMB Witness service
in a cluster.
+</para>
+
+<para>The following witness commands are implemented:
+<simplelist>
+<member>
+net witness list List witness registrations from
rpcd_witness_registration.tdb.
+</member>
+<member>
+net witness client-move Generate client move notifications for witness
registrations to a new ip or node.
+</member>
+<member>
+net witness share-move Generate share move notifications for witness
registrations to a new ip or node.
+</member>
+<member>
+net witness force-unregister Force unregistrations for witness registrations.
+</member>
+<member>
+net witness force-response Force an AsyncNotify response based on json input
(mostly for testing).
+</member>
+
+</simplelist>
+</para>
+
+<refsect3>
+<title>WITNESS LIST</title>
+<para>
+ List witness registrations from rpcd_witness_registration.tdb
+</para>
+<para>
+ Note: Only supported with clustering=yes!
+</para>
+<para>
+ Machine readable output can be generated with the following option:
+</para>
+<para>
+ --json
+</para>
+<para>
+ The selection of registrations can be limited by the following options:
+</para>
+<para>
+ --witness-registration=REGISTRATION_UUID
+</para>
+<para>
+ This does a direct lookup for REGISTRATION_UUID
+ instead of doing a database traversal.
+</para>
+<para>
+ The following options all take a POSIX Extended Regular Expression,
+ which can further filter the selection of registrations.
+ These options are applied as logical AND, but each REGEX
+ allows specifying multiple strings using the pipe symbol.
+</para>
+<para>
+ --witness-net-name=REGEX
+</para>
+<para>
+ This specifies the 'server name' the client
+ registered for monitoring.
+</para>
+<para>
+ --witness-share-name=REGEX
+</para>
+<para>
+ This specifies the 'share name' the client
+ registered for monitoring.
+ Note that the share name is optional in the
+ registration, otherwise an empty string is
+ matched.
+</para>
+<para>
+ --witness-ip-address=REGEX
+</para>
+<para>
+ This specifies the ip address the client
+ registered for monitoring.
+</para>
+<para>
+ --witness-client-computer-name=REGEX
+</para>
+<para>
+ This specifies the client computer name the client
+ specified in the registration.
+ Note it is just a string chosen by the client itself.
+</para>
+
+</refsect3>
+
+<refsect3>
+<title>WITNESS CLIENT-MOVE</title>
+<para>
+ Generate client move notifications for witness registrations to a new ip
or node
+</para>
+<para>
+ Note: Only supported with clustering=yes!
+</para>
+<para>
+ Machine readable output can be generated with the following option:
+</para>
+<para>
+ --json
+</para>
+<para>
+ The selection of registrations can be limited by the following options:
+</para>
+<para>
+ --witness-registration=REGISTRATION_UUID
+</para>
+<para>
+ This does a direct lookup for REGISTRATION_UUID
+ instead of doing a database traversal.
+</para>
+<para>
+ The following options all take a POSIX Extended Regular Expression,
+ which can further filter the selection of registrations.
+ These options are applied as logical AND, but each REGEX
+ allows specifying multiple strings using the pipe symbol.
+</para>
+<para>
+ --witness-net-name=REGEX
+</para>
+<para>
+ This specifies the 'server name' the client
+ registered for monitoring.
+</para>
+<para>
+ --witness-share-name=REGEX
+</para>
+<para>
+ This specifies the 'share name' the client
+ registered for monitoring.
+ Note that the share name is optional in the
--
Samba Shared Repository
