The branch, master has been updated
via 9152c08955c .github: CodeQL triggers on current branches
via 0887c0358e4 .gitlab: CodeQL runner runs a bootstrap.sh
via c8435d71dd4 .github: add CodeQL workflow
via 0eaf4601d07 ctdb-scripts: Reformat with "shfmt -w -p -i 0 -fn"
via f1cb1b1fc39 ctdb-scripts: Add ctdb_diagnostics -l option
from a65a9e2e34c samba-tool backup restore: cope with no sysvol
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9152c08955cf49a20a09dec349ac20066897b0e7
Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Date: Fri Mar 14 16:53:42 2025 +1300
.github: CodeQL triggers on current branches
Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Reviewed-by: Martin Schwenke <mar...@meltin.net>
Autobuild-User(master): Ralph Böhme <s...@samba.org>
Autobuild-Date(master): Sat Mar 29 12:38:10 UTC 2025 on atb-devel-224
commit 0887c0358e4f297c95e4e40aecb3cbd1f5ab89f1
Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Date: Fri Mar 14 16:45:18 2025 +1300
.gitlab: CodeQL runner runs a bootstrap.sh
Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Reviewed-by: Martin Schwenke <mar...@meltin.net>
commit c8435d71dd4ddc2e7347d43c9b784da440d5f660
Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Date: Fri Mar 14 16:21:41 2025 +1300
.github: add CodeQL workflow
This is the automatically generated config file for CodeQL, a code
query language, which can be used to run bespoke static analysis
tasks.
It is currently set to "autobuild" mode, which in Github's terminology
means it tries `./configure && make`, which fails because configure
looks for packages that aren't installed.
In another commit or two we'll add the necessary bootstrap lines, and
perhaps remove some of the unneeded bits.
Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Reviewed-by: Martin Schwenke <mar...@meltin.net>
commit 0eaf4601d073a6e4d5a026d4a4a9d613aff6a696
Author: Martin Schwenke <mschwe...@ddn.com>
Date: Fri Mar 14 17:28:43 2025 +1100
ctdb-scripts: Reformat with "shfmt -w -p -i 0 -fn"
Best reviewed with "git show -w".
Signed-off-by: Martin Schwenke <mschwe...@ddn.com>
Reviewed-by: Ralph Boehme <s...@samba.org>
commit f1cb1b1fc3984b22f7bf241511e79b1732f2b215
Author: yogita72 <yogita.bij...@gmail.com>
Date: Tue Mar 11 23:55:19 2025 +0000
ctdb-scripts: Add ctdb_diagnostics -l option
Allows ctdb_diagnostics to be run on the local node without onnode.
Signed-off-by: yogita72 <yogita.bij...@gmail.com>
Reviewed-by: Martin Schwenke <mar...@meltin.net>
Reviewed-by: Ralph Boehme <s...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
.github/workflows/codeql.yml | 97 +++++++++++++
ctdb/tools/ctdb_diagnostics | 328 +++++++++++++++++++++++++------------------
2 files changed, 285 insertions(+), 140 deletions(-)
create mode 100644 .github/workflows/codeql.yml
Changeset truncated at 500 lines:
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 00000000000..3f0a1d742ef
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,97 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL Advanced"
+
+on:
+ push:
+ branches: [ "master", "v4-21-test", "v4-22-test", "v4-23-test",
"v4-24-test", "v4-25-test" ]
+ pull_request:
+ branches: [ "master" ]
+ schedule:
+ - cron: '31 18 * * 6'
+
+jobs:
+ analyze:
+ name: Analyze (${{ matrix.language }})
+ # Runner size impacts CodeQL analysis time. To learn more, please see:
+ # - https://gh.io/recommended-hardware-resources-for-running-codeql
+ # - https://gh.io/supported-runners-and-hardware-resources
+ # - https://gh.io/using-larger-runners (GitHub.com only)
+ # Consider using larger runners or machines with greater resources for
possible analysis time improvements.
+ runs-on: ubuntu-22.04
+ permissions:
+ # required for all workflows
+ security-events: write
+
+ # required to fetch internal or private CodeQL packs
+ packages: read
+
+ # only required for workflows in private repositories
+ actions: read
+ contents: read
+
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ - language: c-cpp
+ build-mode: manual
+ - language: python
+ build-mode: none
+ # CodeQL supports the following values keywords for 'language':
'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript',
'python', 'ruby', 'swift'
+ # Use `c-cpp` to analyze code written in C, C++ or both
+ # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
+ # Use 'javascript-typescript' to analyze code written in JavaScript,
TypeScript or both
+ # To learn more about changing the languages that are analyzed or
customizing the build mode for your analysis,
+ # see
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
+ # If you are analyzing a compiled language, you can modify the
'build-mode' for that language to customize how
+ # your codebase is analyzed, see
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+
+ # Add any setup steps before running the `github/codeql-action/init`
action.
+ # This includes steps like installing compilers or runtimes
(`actions/setup-node`
+ # or others). This is typically only required for manual builds.
+ # - name: Setup runtime (example)
+ # uses: actions/setup-example@v1
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v3
+ with:
+ languages: ${{ matrix.language }}
+ build-mode: ${{ matrix.build-mode }}
+ # If you wish to specify custom queries, you can do so here or in a
config file.
+ # By default, queries listed here will override any specified in a
config file.
+ # Prefix the list here with "+" to use these queries and those in the
config file.
+
+ # For more details on CodeQL's query packs, refer to:
https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+ # queries: security-extended,security-and-quality
+
+ # If the analyze step fails for one of the languages you are analyzing with
+ # "We were unable to automatically build your code", modify the matrix
above
+ # to set the build mode to "manual" for that language. Then modify this
step
+ # to build your code.
+ # ℹ️ Command-line programs to run using the OS shell.
+ # 📚 See
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+ - if: matrix.build-mode == 'manual'
+ shell: bash
+ run: |
+ bash bootstrap/generated-dists/ubuntu2204/bootstrap.sh
+ ./configure
+ make -j4
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v3
+ with:
+ category: "/language:${{matrix.language}}"
diff --git a/ctdb/tools/ctdb_diagnostics b/ctdb/tools/ctdb_diagnostics
index d16a71c8f30..d3f7a3588f2 100755
--- a/ctdb/tools/ctdb_diagnostics
+++ b/ctdb/tools/ctdb_diagnostics
@@ -1,82 +1,108 @@
#!/bin/sh
-# a script to test the basic setup of a CTDB/Samba install
+# a script to test the basic setup of a CTDB/Samba install
# tri...@samba.org September 2007
# mar...@meltin.net August 2010
-usage ()
+usage()
{
- cat >&2 <<EOF
+ cat >&2 <<EOF
Usage: ctdb_diagnostics [OPTION] ...
options:
-n <nodes> Comma separated list of nodes to operate on
-c Ignore comment lines (starting with '#') in file comparisons
+ -l Run in local mode
-w Ignore whitespace in file comparisons
--no-ads Do not use commands that assume an Active Directory Server
EOF
- exit 1
+ exit 1
}
nodes=$(ctdb listnodes -X | cut -d'|' -f2)
+local_mode=false
bad_nodes=""
diff_opts=
no_ads=false
-parse_options ()
+parse_options()
{
- temp=$(getopt -n "ctdb_diagnostics" -o "n:cwh" -l no-ads,help -- "$@")
-
- # No! Checking the exit code afterwards is actually clearer...
- # shellcheck disable=SC2181
- [ $? -eq 0 ] || usage
-
- eval set -- "$temp"
-
- while true ; do
- case "$1" in
- -n) nodes=$(echo "$2" | sed -e 's@,@ @g') ; shift 2 ;;
- -c) diff_opts="${diff_opts} -I ^#.*" ; shift ;;
- -w) diff_opts="${diff_opts} -w" ; shift ;;
- --no-ads) no_ads=true ; shift ;;
- --) shift ; break ;;
- -h|--help|*) usage ;;
- esac
- done
-
- [ $# -ne 0 ] && usage
+ temp=$(getopt -n "ctdb_diagnostics" -o "n:clwh" -l no-ads,help -- "$@")
+
+ # No! Checking the exit code afterwards is actually clearer...
+ # shellcheck disable=SC2181
+ [ $? -eq 0 ] || usage
+
+ eval set -- "$temp"
+
+ while true; do
+ case "$1" in
+ -n)
+ nodes=$(echo "$2" | sed -e 's@,@ @g')
+ shift 2
+ ;;
+ -c)
+ diff_opts="${diff_opts} -I ^#.*"
+ shift
+ ;;
+ -l)
+ local_mode=true
+ shift
+ ;;
+ -w)
+ diff_opts="${diff_opts} -w"
+ shift
+ ;;
+ --no-ads)
+ no_ads=true
+ shift
+ ;;
+ --)
+ shift
+ break
+ ;;
+ -h | --help | *) usage ;;
+ esac
+ done
+
+ [ $# -ne 0 ] && usage
}
parse_options "$@"
# Use 5s ssh timeout if EXTRA_SSH_OPTS doesn't set a timeout.
case "$EXTRA_SSH_OPTS" in
- *ConnectTimeout=*) : ;;
- *)
+*ConnectTimeout=*) : ;;
+*)
export EXTRA_SSH_OPTS="${EXTRA_SSH_OPTS} -o ConnectTimeout=5"
+ ;;
esac
# Filter nodes. Remove any nodes we can't contact from $node and add
# them to $bad_nodes.
+
_nodes=""
-for _i in $nodes ; do
- if onnode "$_i" true >/dev/null 2>&1 ; then
- _nodes="${_nodes}${_nodes:+ }${_i}"
- else
- bad_nodes="${bad_nodes}${bad_nodes:+,}${_i}"
- fi
-done
+if ! $local_mode; then
+ for _i in $nodes; do
+ if onnode "$_i" true >/dev/null 2>&1; then
+ _nodes="${_nodes}${_nodes:+ }${_i}"
+ else
+ bad_nodes="${bad_nodes}${bad_nodes:+,}${_i}"
+ fi
+ done
+fi
+
nodes="$_nodes"
nodes_comma=$(echo "$nodes" | sed -e 's@[[:space:]]@,@g')
PATH="$PATH:/sbin:/usr/sbin:/usr/lpp/mmfs/bin"
-# list of config files that must exist and that we check are the same
+# list of config files that must exist and that we check are the same
# on the nodes
-if [ -d /etc/sysconfig ] ; then
- CONFIG_FILES_MUST="/etc/krb5.conf /etc/hosts /usr/local/etc/ctdb/nodes
/etc/sysconfig/ctdb /etc/resolv.conf /etc/nsswitch.conf /etc/sysctl.conf
/etc/samba/smb.conf /etc/fstab /etc/multipath.conf /etc/pam.d/system-auth
/etc/sysconfig/nfs /etc/exports /etc/vsftpd/vsftpd.conf"
+if [ -d /etc/sysconfig ]; then
+ CONFIG_FILES_MUST="/etc/krb5.conf /etc/hosts /usr/local/etc/ctdb/nodes
/etc/sysconfig/ctdb /etc/resolv.conf /etc/nsswitch.conf /etc/sysctl.conf
/etc/samba/smb.conf /etc/fstab /etc/multipath.conf /etc/pam.d/system-auth
/etc/sysconfig/nfs /etc/exports /etc/vsftpd/vsftpd.conf"
else
- CONFIG_FILES_MUST="/etc/krb5.conf /etc/hosts /usr/local/etc/ctdb/nodes
/etc/default/ctdb /etc/resolv.conf /etc/nsswitch.conf /etc/sysctl.conf
/etc/samba/smb.conf /etc/fstab /etc/multipath.conf /etc/pam.d/system-auth
/etc/default/nfs /etc/exports /etc/vsftpd/vsftpd.conf"
+ CONFIG_FILES_MUST="/etc/krb5.conf /etc/hosts /usr/local/etc/ctdb/nodes
/etc/default/ctdb /etc/resolv.conf /etc/nsswitch.conf /etc/sysctl.conf
/etc/samba/smb.conf /etc/fstab /etc/multipath.conf /etc/pam.d/system-auth
/etc/default/nfs /etc/exports /etc/vsftpd/vsftpd.conf"
fi
# list of config files that may exist and should be checked that they
@@ -95,78 +121,90 @@ EOF
date
-error() {
- msg="$1"
- echo "ERROR: $msg"
- NUM_ERRORS=$((NUM_ERRORS + 1))
- echo " ERROR[$NUM_ERRORS]: $msg" >> "$ERRORS"
+error()
+{
+ msg="$1"
+ echo "ERROR: $msg"
+ NUM_ERRORS=$((NUM_ERRORS + 1))
+ echo " ERROR[$NUM_ERRORS]: $msg" >>"$ERRORS"
}
-show_file() {
- fname="$1"
- _fdetails=$(ls -l "$fname" 2>&1)
- echo " ================================"
- echo " File: $fname"
- echo " $_fdetails"
- sed 's/^/ /' "$fname" 2>&1
- echo " ================================"
+show_file()
+{
+ fname="$1"
+ _fdetails=$(ls -l "$fname" 2>&1)
+ echo " ================================"
+ echo " File: $fname"
+ echo " $_fdetails"
+ sed 's/^/ /' "$fname" 2>&1
+ echo " ================================"
}
-show_all() {
- echo "running $1 on nodes $nodes_comma"
- onnode "$nodes_comma" "hostname; date; $1 2>&1 | sed 's/^/ /'" 2>&1
+show_all()
+{
+ if $local_mode; then
+ echo "running on local node"
+ hostname
+ date
+ $1 2>&1 | sed 's/^/ /' 2>&1
+ else
+ echo "running $1 on nodes $nodes_comma"
+ onnode "$nodes_comma" "hostname; date; $1 2>&1 | sed 's/^/ /'"
2>&1
+ fi
}
-show_and_compare_files () {
-
- fmt="$1" ; shift
-
- for f ; do
- _bf=$(basename "$f")
- first=true
-
- for n in $nodes ; do
-
- if $first ; then
- onnode "$n" [ -r "$f" ] || {
- # This function takes a format string
- # shellcheck disable=SC2059
- msg=$(printf "$fmt" "$f" "$n")
- error "$msg"
- continue 2;
- }
-
- fstf="${tmpdir}/${_bf}.node${n}"
- onnode "$n" cat "$f" >"$fstf" 2>&1
-
- _fdetails=$(onnode "$n" ls -l "$f" 2>&1)
- echo " ================================"
- echo " File (on node $n): $f"
- echo " $_fdetails"
- sed 's/^/ /' "$fstf"
- echo " ================================"
- first=false
- else
- echo "Testing for same config file $f on node $n"
- tmpf="${tmpdir}/${_bf}.node${n}"
- onnode "$n" cat "$f" >"$tmpf" 2>&1
- # Intentional multi-word splitting on diff_opts
- # shellcheck disable=SC2086
- diff $diff_opts "$fstf" "$tmpf" >/dev/null 2>&1 || {
- error "File $f is different on node $n"
- diff -u $diff_opts "$fstf" "$tmpf"
- }
- rm -f "$tmpf"
- fi
- done
+show_and_compare_files()
+{
- rm -f "$fstf"
- done
+ fmt="$1"
+ shift
+
+ for f; do
+ _bf=$(basename "$f")
+ first=true
+
+ for n in $nodes; do
+
+ if $first; then
+ onnode "$n" [ -r "$f" ] || {
+ # This function takes a format string
+ # shellcheck disable=SC2059
+ msg=$(printf "$fmt" "$f" "$n")
+ error "$msg"
+ continue 2
+ }
+
+ fstf="${tmpdir}/${_bf}.node${n}"
+ onnode "$n" cat "$f" >"$fstf" 2>&1
+
+ _fdetails=$(onnode "$n" ls -l "$f" 2>&1)
+ echo " ================================"
+ echo " File (on node $n): $f"
+ echo " $_fdetails"
+ sed 's/^/ /' "$fstf"
+ echo " ================================"
+ first=false
+ else
+ echo "Testing for same config file $f on node
$n"
+ tmpf="${tmpdir}/${_bf}.node${n}"
+ onnode "$n" cat "$f" >"$tmpf" 2>&1
+ # Intentional multi-word splitting on diff_opts
+ # shellcheck disable=SC2086
+ diff $diff_opts "$fstf" "$tmpf" >/dev/null 2>&1
|| {
+ error "File $f is different on node $n"
+ diff -u $diff_opts "$fstf" "$tmpf"
+ }
+ rm -f "$tmpf"
+ fi
+ done
+
+ rm -f "$fstf"
+ done
}
-if ! tmpdir=$(mktemp -d) ; then
- echo "Unable to create a temporary directory"
- exit 1
+if ! tmpdir=$(mktemp -d); then
+ echo "Unable to create a temporary directory"
+ exit 1
fi
ERRORS="${tmpdir}/diag_err"
NUM_ERRORS=0
@@ -176,8 +214,8 @@ Diagnosis started on these nodes:
$nodes_comma
EOF
-if [ -n "$bad_nodes" ] ; then
- cat <<EOF
+if [ -n "$bad_nodes" ]; then
+ cat <<EOF
NOT RUNNING DIAGNOSTICS on these uncontactable nodes:
$bad_nodes
@@ -199,15 +237,28 @@ EOF
# Intentional multi-word splitting on CONFIG_FILES_MUST
# shellcheck disable=SC2086
-show_and_compare_files \
- "%s is missing on node %d" \
- $CONFIG_FILES_MUST
+
+if ! $local_mode; then
+ show_and_compare_files \
+ "%s is missing on node %d" \
+ $CONFIG_FILES_MUST
+else
+ for f in $CONFIG_FILES_MUST; do
+ show_file $f
+ done
+fi
# Intentional multi-word splitting on CONFIG_FILES_MAY
# shellcheck disable=SC2086
-show_and_compare_files \
- "Optional file %s is not present on node %d" \
- $CONFIG_FILES_MAY
+if ! $local_mode; then
+ show_and_compare_files \
+ "Optional file %s is not present on node %d" \
+ $CONFIG_FILES_MAY
+else
+ for f in $CONFIG_FILES_MAY; do
+ show_file $f
+ done
+fi
cat <<EOF
--------------------------------------------------------------------
@@ -215,11 +266,11 @@ Checking for clock drift
EOF
t=$(date +%s)
for i in $nodes; do
- t2=$(onnode "$i" date +%s)
- d=$((t2 - t))
- if [ "$d" -gt 30 ] || [ "$d" -lt -30 ]; then
- error "time on node $i differs by $d seconds"
- fi
+ t2=$(onnode "$i" date +%s)
+ d=$((t2 - t))
+ if [ "$d" -gt 30 ] || [ "$d" -lt -30 ]; then
+ error "time on node $i differs by $d seconds"
+ fi
done
cat <<EOF
@@ -228,15 +279,14 @@ Showing software versions
EOF
show_all "uname -a"
[ -x /bin/rpm ] && {
- show_all "rpm -qa | grep -E 'samba|ctdb|gpfs'"
+ show_all "rpm -qa | grep -E 'samba|ctdb|gpfs'"
}
[ -x /usr/bin/dpkg-query ] && {
- show_all "/usr/bin/dpkg-query --show 'ctdb'"
- show_all "/usr/bin/dpkg-query --show 'samba'"
- #show_all "/usr/bin/dpkg-query --show 'gpfs'"
+ show_all "/usr/bin/dpkg-query --show 'ctdb'"
+ show_all "/usr/bin/dpkg-query --show 'samba'"
+ #show_all "/usr/bin/dpkg-query --show 'gpfs'"
}
-
cat <<EOF
--------------------------------------------------------------------
Showing ctdb status and recent log entries
@@ -255,7 +305,6 @@ show_all "tail -200 /var/log/messages"
show_all "ls -lRs /usr/local/var/lib/ctdb"
show_all "ls -lRs /usr/local/etc/ctdb"
-
cat <<EOF
--------------------------------------------------------------------
Showing system and process status
@@ -287,18 +336,18 @@ show_all "/usr/sbin/showmount -a"
--
Samba Shared Repository
