[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 632f672 s4-cldap: fixed the CLDAP response for IPv6 clients via 285293c s4-ipv6: fixed a crash in the IPv6 DNS code via a58e69a s4-dns: fixed samba_tool - samba-tool via 6ea8db1 s4-build: install a build link bin/provision from 78a0195 selftest: Fix 'make quicktest' on systems without LDAP development support http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 632f672b0859cee995788a00ecd464a0a8d5c74a Author: Andrew Tridgell tri...@samba.org Date: Tue Jun 7 15:46:17 2011 +1000 s4-cldap: fixed the CLDAP response for IPv6 clients Autobuild-User: Andrew Tridgell tri...@samba.org Autobuild-Date: Tue Jun 7 08:57:48 CEST 2011 on sn-devel-104 commit 285293c8b5d85383aa5af9968dc73fba5beb9de0 Author: Andrew Tridgell tri...@samba.org Date: Tue Jun 7 14:10:38 2011 +1000 s4-ipv6: fixed a crash in the IPv6 DNS code commit a58e69a734085f9963b60042be3d9a33a90616a7 Author: Andrew Tridgell tri...@samba.org Date: Tue Jun 7 13:46:24 2011 +1000 s4-dns: fixed samba_tool - samba-tool commit 6ea8db1bd418aa5308a042d59e3288b68312739b Author: Andrew Tridgell tri...@samba.org Date: Tue Jun 7 13:15:15 2011 +1000 s4-build: install a build link bin/provision --- Summary of changes: source4/cldap_server/netlogon.c| 14 -- source4/libcli/resolve/dns_ex.c|2 +- source4/scripting/bin/setup_dns.sh |2 +- source4/setup/wscript_build|2 ++ 4 files changed, 12 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c index 92f7a4a..77f50ff 100644 --- a/source4/cldap_server/netlogon.c +++ b/source4/cldap_server/netlogon.c @@ -37,6 +37,7 @@ #include param/param.h #include ../lib/tsocket/tsocket.h #include libds/common/flag_mapping.h +#include lib/util/util_net.h /* fill in the cldap netlogon union for a given version @@ -292,16 +293,17 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, src_address, NULL); NT_STATUS_HAVE_NO_MEMORY(client_site); load_interface_list(mem_ctx, lp_ctx, ifaces); - /* -* TODO: the caller should pass the address which the client -* used to trigger this call, as the client is able to reach -* this ip. -*/ + if (src_address) { pdc_ip = iface_list_best_ip(ifaces, src_address); } else { pdc_ip = iface_list_first_v4(ifaces); } + if (pdc_ip == NULL || !is_ipaddress_v4(pdc_ip)) { + /* this matches windows behaviour */ + pdc_ip = 127.0.0.1; + } + ZERO_STRUCTP(netlogon); /* check if either of these bits is present */ @@ -325,7 +327,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, netlogon-data.nt5_ex.server_site = server_site; netlogon-data.nt5_ex.client_site = client_site; if (version NETLOGON_NT_VERSION_5EX_WITH_IP) { - /* Clearly this needs to be fixed up for IPv6 */ + /* note that this is always a IPV4 address */ extra_flags = NETLOGON_NT_VERSION_5EX_WITH_IP; netlogon-data.nt5_ex.sockaddr.sockaddr_family= 2; netlogon-data.nt5_ex.sockaddr.pdc_ip = pdc_ip; diff --git a/source4/libcli/resolve/dns_ex.c b/source4/libcli/resolve/dns_ex.c index cb2d2c3..1d56a4b 100644 --- a/source4/libcli/resolve/dns_ex.c +++ b/source4/libcli/resolve/dns_ex.c @@ -267,7 +267,7 @@ static void run_child_dns_lookup(struct dns_ex_state *state, int fd) port = state-port; } - switch (rr-type) { + switch (addrs_rr[i]-type) { case rk_ns_t_a: if (inet_ntop(AF_INET, addrs_rr[i]-u.a, addrstr, sizeof(addrstr)) == NULL) { diff --git a/source4/scripting/bin/setup_dns.sh b/source4/scripting/bin/setup_dns.sh index 646ee81..bc2ae96 100755 --- a/source4/scripting/bin/setup_dns.sh +++ b/source4/scripting/bin/setup_dns.sh @@ -13,7 +13,7 @@ IP=$3 RSUFFIX=$(echo $DOMAIN | sed s/[\.]/,DC=/g) [ -z $PRIVATEDIR ] { -PRIVATEDIR=$(bin/samba_tool testparm --section-name=global --parameter-name='private dir' --suppress-prompt 2 /dev/null) +PRIVATEDIR=$(bin/samba-tool testparm --section-name=global --parameter-name='private dir' --suppress-prompt 2 /dev/null) } OBJECTGUID=$(bin/ldbsearch -s base -H $PRIVATEDIR/sam.ldb -b CN=NTDS Settings,CN=$HOSTNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=$RSUFFIX objectguid|grep ^objectGUID| cut -d:
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 13eb6f4 WHATSNEW: Add another change since rc1. via 92248f6 Fix bug #8197 - winbind does not properly detect when a DC connection is dead. via 017f84a Add the same fix to the S3 event backend as the previous commit added to the tevent poll backend. via 4da2f8a Fix the poll() backend to correctly respond to POLLHUP|POLLERR returns on a fd selected for TEVENT_FD_WRITE only. from df4a86e WHATSNEW: Update changes since 3.6.0rc1. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 13eb6f4cd91d0be1208523b47a4ac7c8d9bd91d5 Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 7 09:15:38 2011 +0200 WHATSNEW: Add another change since rc1. Karolin commit 92248f6e51f1e46de8c1a1304b2d48914f21e841 Author: Jeremy Allison j...@samba.org Date: Fri Jun 3 10:22:44 2011 -0700 Fix bug #8197 - winbind does not properly detect when a DC connection is dead. Only waiting for writability doesn't get fd errors back with poll. So always begin by selecting for readability, and if we get it then see if bytes were available to read or it really is an error condition. If bytes were available, remove the select on read as we know we will retrieve the error when we've finished writing and start reading the reply (or the write will timeout or fail). Metze and Volker please check. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Mon Jun 6 21:53:16 CEST 2011 on sn-devel-104 (cherry picked from commit 0efcc94fb834aeb03e8edc3034aa0cdeefdc0985) commit 017f84a07dedf700c25da253ac7247633b616056 Author: Jeremy Allison j...@samba.org Date: Fri Jun 3 12:55:19 2011 -0700 Add the same fix to the S3 event backend as the previous commit added to the tevent poll backend. Metze please check ! Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Sat Jun 4 00:27:37 CEST 2011 on sn-devel-104 (cherry picked from commit 3c9b3b2befc524f21c59f46ea9be1602b4b1bfe8) commit 4da2f8a8c578568d1e9a4770166c46240fce6664 Author: Jeremy Allison j...@samba.org Date: Fri Jun 3 12:31:11 2011 -0700 Fix the poll() backend to correctly respond to POLLHUP|POLLERR returns on a fd selected for TEVENT_FD_WRITE only. Don't trigger the write handler and remove the POLLOUT flag for this fd. Report errors on TEVENT_FD_READ requests only. Metze please check ! Jeremy. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Fri Jun 3 22:53:52 CEST 2011 on sn-devel-104 (cherry picked from commit dbcdf3e39c359241b743a9455ae695e14a30caa9) --- Summary of changes: WHATSNEW.txt |1 + lib/async_req/async_sock.c | 38 -- lib/tevent/tevent_poll.c | 14 +- source3/lib/events.c | 15 ++- 4 files changed, 60 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 2827bbe..ec1d3fa 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -268,6 +268,7 @@ o Jeremy Allison j...@samba.org * BUG 8163: Fix our asn.1 parser to handle negative numbers. * BUG 8191: Split the ACE flag mapping between nfs4 and Windows into two separate functions. +* BUG 8197: Winbind does not properly detect when a DC connection is dead. o Christian Ambach a...@samba.org diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c index 7ea66f5..2c90b6d 100644 --- a/lib/async_req/async_sock.c +++ b/lib/async_req/async_sock.c @@ -385,6 +385,7 @@ struct writev_state { int count; size_t total_size; uint16_t flags; + bool err_on_readability; }; static void writev_trigger(struct tevent_req *req, void *private_data); @@ -412,10 +413,8 @@ struct tevent_req *writev_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, if (state-iov == NULL) { goto fail; } - state-flags = TEVENT_FD_WRITE; - if (err_on_readability) { - state-flags |= TEVENT_FD_READ; - } + state-flags = TEVENT_FD_WRITE|TEVENT_FD_READ; + state-err_on_readability = err_on_readability; if (queue == NULL) { struct tevent_fd *fde; @@ -461,8 +460,35 @@ static void writev_handler(struct tevent_context *ev, struct tevent_fd *fde, to_write = 0; if ((state-flags TEVENT_FD_READ) (flags TEVENT_FD_READ)) { - tevent_req_error(req, EPIPE); - return; + int ret, value; + + if (state-err_on_readability) { + /* Readable and the caller wants an error on read. */ + tevent_req_error(req, EPIPE); + return; +
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 838d69b s3-docs Add documentation for ncalrpc dir from 13eb6f4 WHATSNEW: Add another change since rc1. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 838d69be074dab8ba9626b50916c7d14f7c4954e Author: Andrew Bartlett abart...@samba.org Date: Tue Jun 7 09:47:26 2011 +1000 s3-docs Add documentation for ncalrpc dir --- Summary of changes: docs-xml/smbdotconf/misc/ncalrpcdir.xml | 13 + 1 files changed, 13 insertions(+), 0 deletions(-) create mode 100644 docs-xml/smbdotconf/misc/ncalrpcdir.xml Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/misc/ncalrpcdir.xml b/docs-xml/smbdotconf/misc/ncalrpcdir.xml new file mode 100644 index 000..6ef3957 --- /dev/null +++ b/docs-xml/smbdotconf/misc/ncalrpcdir.xml @@ -0,0 +1,13 @@ +samba:parameter name=ncalrpc dir + context=G + advanced=1 developer=1 +type=string + xmlns:samba=http://www.samba.org/samba/DTD/samba-doc; +description + paraThis directory will hold a series of named pipes to allow RPC over inter-process communication. /para. + paraThis will allow Samba and other unix processes to interact over DCE/RPC without using TCP/IP. Additionally a sub-directory 'np' has restricted permissions, and allows a trusted communication channel between Samba processes/para +/description + +value type=default${prefix}/var/ncalrpc/value +value type=example/var/run/samba/ncalrpc/value +/samba:parameter -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 6df3ff2 Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. from 838d69b s3-docs Add documentation for ncalrpc dir http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 6df3ff20620b3262ff232a478312c61a207ed4ff Author: Jeremy Allison j...@samba.org Date: Mon Jun 6 16:25:08 2011 -0700 Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. Add missing GPL headers and (C) statements. --- Summary of changes: auth/auth_sam_reply.h | 19 examples/libsmbclient/get_auth_data_fn.h |3 + lib/compression/mszip.h |3 + lib/crypto/arcfour.h | 19 lib/crypto/crc32.h| 22 + lib/crypto/md4.h | 22 + lib/crypto/md5.h | 19 lib/replace/hdr_replace.h | 25 +++ lib/replace/replace-test.h| 19 lib/replace/system/readline.h |2 + lib/replace/win32_replace.h | 19 lib/talloc/talloc_testsuite.h | 19 lib/util/data_blob.h |2 + lib/util/time.h |2 + lib/util/util_ldb.h | 18 lib/util/util_tdb.h | 19 lib/util/wrap_xattr.h | 19 libcli/auth/libcli_auth.h |2 + libcli/auth/msrpc_parse.h | 19 libcli/auth/proto.h | 19 libcli/ldap/ldap_ndr.h| 19 libcli/nbt/nbt_proto.h| 19 libcli/netlogon/ndr_netlogon_proto.h | 19 libcli/netlogon/netlogon_proto.h | 19 libcli/smbreadline/smbreadline.h | 19 libcli/util/error.h |2 + libds/common/flag_mapping.h | 19 librpc/idl/idl_types.h| 23 ++ librpc/ndr/ndr_backupkey.h| 22 + librpc/ndr/ndr_compression.h | 19 librpc/ndr/ndr_dns.h | 23 ++ librpc/ndr/ndr_spoolss_buf.h | 19 librpc/ndr/ndr_table.h| 19 nsswitch/pam_winbind.h| 22 +- nsswitch/winbind_client.h | 22 + source3/auth/proto.h | 35 +++ source3/groupdb/proto.h | 26 +++ source3/include/ads.h | 20 + source3/include/krb5_env.h| 23 ++ source3/include/krb5_protos.h | 23 ++ source3/include/mangle.h | 20 + source3/include/smb_krb5.h| 19 source3/include/smb_ldap.h| 19 source3/intl/lang_tdb.h | 22 + source3/lib/eventlog/proto.h | 26 +++ source3/lib/idmap_cache.h | 24 ++ source3/lib/netapi/examples/common.h | 23 +- source3/lib/netapi/libnetapi.h| 19 source3/lib/privileges.h | 23 ++ source3/libads/ads_ldap_protos.h | 23 ++ source3/libads/ads_proto.h| 35 +++ source3/libads/ads_status.h | 19 source3/libads/cldap.h| 23 ++ source3/libads/kerberos_proto.h | 33 ++ source3/libads/ldap_schema.h | 23 ++ source3/libgpo/gpo_proto.h| 23 ++ source3/libnet/libnet_join.h | 23 ++ source3/librpc/ndr/util.h | 21 + source3/libsmb/clidgram.h | 23 ++ source3/libsmb/errormap_wbc.h | 23 ++ source3/libsmb/libsmb.h |2 + source3/libsmb/nmblib.h | 23 ++ source3/libsmb/proto.h|2 + source3/locking/proto.h | 25
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via f8e1eea Fix bug #8175 - smbd deadlock. from 6df3ff2 Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit f8e1eea238a332ce503c40108d59862b32f83fee Author: Jeremy Allison j...@samba.org Date: Wed Jun 1 12:11:53 2011 -0700 Fix bug #8175 - smbd deadlock. Force the open operation (which is the expensive one anyway) to acquire and release locks in a way compatible with the more common do_lock check. Jeremy. --- Summary of changes: source3/smbd/open.c | 98 +-- 1 files changed, 71 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/open.c b/source3/smbd/open.c index e537d0f..aea25fe 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1056,18 +1056,8 @@ static bool delay_for_exclusive_oplocks(files_struct *fsp, return false; } -static bool file_has_brlocks(files_struct *fsp) -{ - struct byte_range_lock *br_lck; - - br_lck = brl_get_locks_readonly(fsp); - if (!br_lck) - return false; - - return br_lck-num_locks 0 ? true : false; -} - static void grant_fsp_oplock_type(files_struct *fsp, + const struct byte_range_lock *br_lck, int oplock_request, bool got_level2_oplock, bool got_a_none_oplock) @@ -1085,7 +1075,7 @@ static void grant_fsp_oplock_type(files_struct *fsp, DEBUG(10,(grant_fsp_oplock_type: oplock type 0x%x on file %s\n, fsp-oplock_type, fsp_str_dbg(fsp))); return; - } else if (lp_locking(fsp-conn-params) file_has_brlocks(fsp)) { + } else if (br_lck br_lck-num_locks 0) { DEBUG(10,(grant_fsp_oplock_type: file %s has byte range locks\n, fsp_str_dbg(fsp))); fsp-oplock_type = NO_OPLOCK; @@ -1563,6 +1553,55 @@ void remove_deferred_open_entry(struct file_id id, uint64_t mid, } } +/ + Ensure we get the brlock lock followed by the share mode lock + in the correct order to prevent deadlocks if other smbd's are + using the brlock database on this file simultaneously with this open + (that code also gets the locks in brlock - share mode lock order). +/ + +static bool acquire_ordered_locks(TALLOC_CTX *mem_ctx, + files_struct *fsp, + const struct file_id id, + const char *connectpath, + const struct smb_filename *smb_fname, + const struct timespec *p_old_write_time, + struct share_mode_lock **p_lck, + struct byte_range_lock **p_br_lck) +{ + /* Ordering - we must get the br_lck for this + file before the share mode. */ + if (lp_locking(fsp-conn-params)) { + *p_br_lck = brl_get_locks_readonly(fsp); + if (*p_br_lck == NULL) { + DEBUG(0, (Could not get br_lock\n)); + return false; + } + /* Note - we don't need to free the returned + br_lck explicitly as it was allocated on talloc_tos() + and so will be autofreed (and release the lock) + once the frame context disappears. + + If it was set to fsp-brlock_rec then it was + talloc_move'd to hang off the fsp pointer and + in this case is guarenteed to not be holding the + lock on the brlock database. */ + } + + *p_lck = get_share_mode_lock(mem_ctx, + id, + connectpath, + smb_fname, + p_old_write_time); + + if (*p_lck == NULL) { + DEBUG(0, (Could not get share mode lock\n)); + TALLOC_FREE(*p_br_lck); + return false; + } + return true; +} + / Open a file with a share mode. Passed in an already created files_struct *. / @@ -1907,6 +1946,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } if (file_existed) { + struct byte_range_lock *br_lck = NULL; struct
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 5b5ef7f Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out. from f8e1eea Fix bug #8175 - smbd deadlock. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 5b5ef7f20d34f4c6c1d3d02530ac7b13e051c960 Author: Jeremy Allison j...@samba.org Date: Fri Jun 3 14:28:33 2011 -0700 Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out. Based on Volker's original code. --- Summary of changes: source3/winbindd/winbindd_dual_srv.c | 81 +++-- 1 files changed, 66 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index f42682e..f8316ce 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -35,6 +35,17 @@ void _wbint_Ping(struct pipes_struct *p, struct wbint_Ping *r) *r-out.out_data = r-in.in_data; } +static bool reset_cm_connection_on_error(struct winbindd_domain *domain, + NTSTATUS status) +{ + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + invalidate_cm_connection(domain-conn); + /* We invalidated the connection. */ + return true; + } + return false; +} + NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct wbint_LookupSid *r) { struct winbindd_domain *domain = wb_child_domain(); @@ -49,6 +60,7 @@ NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct wbint_LookupSid *r) status = domain-methods-sid_to_name(domain, p-mem_ctx, r-in.sid, dom_name, name, type); + reset_cm_connection_on_error(domain, status); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -62,6 +74,7 @@ NTSTATUS _wbint_LookupSid(struct pipes_struct *p, struct wbint_LookupSid *r) NTSTATUS _wbint_LookupSids(struct pipes_struct *p, struct wbint_LookupSids *r) { struct winbindd_domain *domain = wb_child_domain(); + NTSTATUS status; if (domain == NULL) { return NT_STATUS_REQUEST_NOT_ACCEPTED; @@ -73,21 +86,26 @@ NTSTATUS _wbint_LookupSids(struct pipes_struct *p, struct wbint_LookupSids *r) * and winbindd_ad call into lsa_lookupsids anyway. Caching is * done at the wbint RPC layer. */ - return rpc_lookup_sids(p-mem_ctx, domain, r-in.sids, - r-out.domains, r-out.names); + status = rpc_lookup_sids(p-mem_ctx, domain, r-in.sids, +r-out.domains, r-out.names); + reset_cm_connection_on_error(domain, status); + return status; } NTSTATUS _wbint_LookupName(struct pipes_struct *p, struct wbint_LookupName *r) { struct winbindd_domain *domain = wb_child_domain(); + NTSTATUS status; if (domain == NULL) { return NT_STATUS_REQUEST_NOT_ACCEPTED; } - return domain-methods-name_to_sid( + status = domain-methods-name_to_sid( domain, p-mem_ctx, r-in.domain, r-in.name, r-in.flags, r-out.sid, r-out.type); + reset_cm_connection_on_error(domain, status); + return status; } NTSTATUS _wbint_Sid2Uid(struct pipes_struct *p, struct wbint_Sid2Uid *r) @@ -251,53 +269,65 @@ NTSTATUS _wbint_AllocateGid(struct pipes_struct *p, struct wbint_AllocateGid *r) NTSTATUS _wbint_QueryUser(struct pipes_struct *p, struct wbint_QueryUser *r) { struct winbindd_domain *domain = wb_child_domain(); + NTSTATUS status; if (domain == NULL) { return NT_STATUS_REQUEST_NOT_ACCEPTED; } - return domain-methods-query_user(domain, p-mem_ctx, r-in.sid, - r-out.info); + status = domain-methods-query_user(domain, p-mem_ctx, r-in.sid, +r-out.info); + reset_cm_connection_on_error(domain, status); + return status; } NTSTATUS _wbint_LookupUserAliases(struct pipes_struct *p, struct wbint_LookupUserAliases *r) { struct winbindd_domain *domain = wb_child_domain(); + NTSTATUS status; if (domain == NULL) { return NT_STATUS_REQUEST_NOT_ACCEPTED; } - return domain-methods-lookup_useraliases( + status = domain-methods-lookup_useraliases( domain, p-mem_ctx, r-in.sids-num_sids, r-in.sids-sids, r-out.rids-num_rids, r-out.rids-rids); + reset_cm_connection_on_error(domain, status); + return status; } NTSTATUS _wbint_LookupUserGroups(struct pipes_struct *p,
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated via d9ea6a1 s3:lib/access: normalize IPv4 mapped IPv6 addresses in both directions (bug #7383) from 7e307ac WHATSNEW: Add more changes since 3.5.8. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log - commit d9ea6a10a8ba84e8a5a5a65c903ed96f9aa59aa5 Author: Stefan Metzmacher me...@samba.org Date: Sun Apr 24 21:20:19 2011 +0200 s3:lib/access: normalize IPv4 mapped IPv6 addresses in both directions (bug #7383) metze (cherry picked from commit 4bfe2d5655d97fbc7e65744425b5a098e77f5ba1) (cherry picked from commit 62b2083c627abeb8a2fb7e5adc793c630d0d561c) Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/lib/access.c | 31 +-- 1 files changed, 17 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/access.c b/source3/lib/access.c index 0b09e83..8fd0fbf 100644 --- a/source3/lib/access.c +++ b/source3/lib/access.c @@ -178,29 +178,32 @@ static bool string_match(const char *tok,const char *s) bool client_match(const char *tok, const void *item) { const char **client = (const char **)item; + const char *tok_addr = tok; + const char *cli_addr = client[ADDR_INDEX]; + + /* +* tok and client[ADDR_INDEX] can be an IPv4 mapped to IPv6, +* we try and match the IPv4 part of address only. +* Bug #5311 and #7383. +*/ + + if (strnequal(tok_addr, :::,7)) { + tok_addr += 7; + } + + if (strnequal(cli_addr,:::,7)) { + cli_addr += 7; + } /* * Try to match the address first. If that fails, try to match the host * name if available. */ - if (string_match(tok, client[ADDR_INDEX])) { + if (string_match(tok_addr, cli_addr)) { return true; } - if (strnequal(client[ADDR_INDEX],:::,7) - !strnequal(tok, :::,7)) { - /* client[ADDR_INDEX] is an IPv4 mapped to IPv6, but -* the list item is not. Try and match the IPv4 part of -* address only. This will happen a lot on IPv6 enabled -* systems with IPv4 allow/deny lists in smb.conf. -* Bug #5311. JRA. -*/ - if (string_match(tok, (client[ADDR_INDEX])+7)) { - return true; - } - } - if (client[NAME_INDEX][0] != 0) { if (string_match(tok, client[NAME_INDEX])) { return true; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 5c19b41 s3:idmap_ldap: allow creation of ldap stored mappings for explicitly configured domains. via 4a40ad0 s3:idmap_ldap: rename idmap_ldap_get_new_id to idmap_ldap_allocate_id via bf75cac s3:idmap_ldap: rename idmap_ldap_allocate_id to idmap_ldap_allocate_id_internal from 5b5ef7f Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 5c19b41e2b844fddbb88fea8b7cd16bc0e830cfd Author: Michael Adam ob...@samba.org Date: Wed Jun 1 00:30:11 2011 +0200 s3:idmap_ldap: allow creation of ldap stored mappings for explicitly configured domains. After the preparations, this is achieved by using idmap_ldap_allocate_id_internal() as get_new_id rw method instead of idmap_ldap_allocate_id(). (cherry picked from commit 74cd06b3dff42bda4dd0a0f3fd250a975d0258ed) The last 3 patches address bug #8200 (Add Support for multiple writable ldap idmap domains). commit 4a40ad004896ce30a997b5142fa73b50ab2762f3 Author: Michael Adam ob...@samba.org Date: Wed Jun 1 00:25:23 2011 +0200 s3:idmap_ldap: rename idmap_ldap_get_new_id to idmap_ldap_allocate_id This is in preparation of allowing allocating ldap based domain-specific configs. (cherry picked from commit dea3ef1ab689a3d01846147d2a83377b09335f8f) commit bf75cacae075a503c08d60f04e2a858271d8b923 Author: Michael Adam ob...@samba.org Date: Wed Jun 1 00:25:23 2011 +0200 s3:idmap_ldap: rename idmap_ldap_allocate_id to idmap_ldap_allocate_id_internal This is in preparation of allowing allocating ldap based domain-specific configs. (cherry picked from commit 2de65b97b98e2c8cc218b60da749ac17195d8413) --- Summary of changes: source3/winbindd/idmap_ldap.c | 18 +- 1 files changed, 9 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/idmap_ldap.c b/source3/winbindd/idmap_ldap.c index 7195912..a9cb4fc 100644 --- a/source3/winbindd/idmap_ldap.c +++ b/source3/winbindd/idmap_ldap.c @@ -232,8 +232,8 @@ done: Allocate a new uid or gid / -static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom, - struct unixid *xid) +static NTSTATUS idmap_ldap_allocate_id_internal(struct idmap_domain *dom, + struct unixid *xid) { TALLOC_CTX *mem_ctx; NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; @@ -391,21 +391,21 @@ done: * For now this is for the default idmap domain only. * Should be extended later on. */ -static NTSTATUS idmap_ldap_get_new_id(struct idmap_domain *dom, - struct unixid *id) +static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom, + struct unixid *id) { NTSTATUS ret; if (!strequal(dom-name, *)) { - DEBUG(3, (idmap_ldap_get_new_id: + DEBUG(3, (idmap_ldap_allocate_id: Refusing allocation of a new unixid for domain'%s'. - Currently only supported for the default + This is only supported for the default domain \*\.\n, dom-name)); return NT_STATUS_NOT_IMPLEMENTED; } - ret = idmap_ldap_allocate_id(dom, id); + ret = idmap_ldap_allocate_id_internal(dom, id); return ret; } @@ -484,7 +484,7 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom) ctx-rw_ops = talloc_zero(ctx, struct idmap_rw_ops); CHECK_ALLOC_DONE(ctx-rw_ops); - ctx-rw_ops-get_new_id = idmap_ldap_get_new_id; + ctx-rw_ops-get_new_id = idmap_ldap_allocate_id_internal; ctx-rw_ops-set_mapping = idmap_ldap_set_mapping; ret = smbldap_init(ctx, winbind_event_context(), ctx-url, @@ -1144,7 +1144,7 @@ static struct idmap_methods idmap_ldap_methods = { .init = idmap_ldap_db_init, .unixids_to_sids = idmap_ldap_unixids_to_sids, .sids_to_unixids = idmap_ldap_sids_to_unixids, - .allocate_id = idmap_ldap_get_new_id, + .allocate_id = idmap_ldap_allocate_id, }; NTSTATUS idmap_ldap_init(void); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cd8dc47 s3:idmap_autorid: fail initialization if the domain is not * via 95d35dd s3:docs: fix the example in the idmap_autorid manpage to use idmap config * : rangesize via b0b0b62 s3:idmap_autorid: use idmap config DOMAIN : rangesize instead of autorid:rangesize via 65490ea s3:idmap_autorid: add a talloc_stackframe() to idmap_autorid_initialize() from 632f672 s4-cldap: fixed the CLDAP response for IPv6 clients http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cd8dc47bf17d2cdb1558dc6ab49320ba12af8f34 Author: Michael Adam ob...@samba.org Date: Tue Jun 7 15:53:49 2011 +0200 s3:idmap_autorid: fail initialization if the domain is not * autorid can only be used as a backend for the default idmap configuration. Autobuild-User: Michael Adam ob...@samba.org Autobuild-Date: Tue Jun 7 19:13:18 CEST 2011 on sn-devel-104 commit 95d35dde9cecac120c0a9bcd06957cd3748b15a0 Author: Michael Adam ob...@samba.org Date: Tue Jun 7 15:21:34 2011 +0200 s3:docs: fix the example in the idmap_autorid manpage to use idmap config * : rangesize commit b0b0b625b588057c8c97371934bf21eb1fd985d8 Author: Michael Adam ob...@samba.org Date: Tue Jun 7 13:02:04 2011 +0200 s3:idmap_autorid: use idmap config DOMAIN : rangesize instead of autorid:rangesize commit 65490ea4e67bf82cf8fb0b8e4e74047c3f63c509 Author: Michael Adam ob...@samba.org Date: Tue Jun 7 15:16:24 2011 +0200 s3:idmap_autorid: add a talloc_stackframe() to idmap_autorid_initialize() --- Summary of changes: docs-xml/manpages-3/idmap_autorid.8.xml |2 +- source3/winbindd/idmap_autorid.c| 29 +++-- 2 files changed, 24 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages-3/idmap_autorid.8.xml b/docs-xml/manpages-3/idmap_autorid.8.xml index ac66384..b5a9bde 100644 --- a/docs-xml/manpages-3/idmap_autorid.8.xml +++ b/docs-xml/manpages-3/idmap_autorid.8.xml @@ -109,7 +109,7 @@ idmap config * : backend = autorid idmap config * : range = 100-1999 - autorid:rangesize = 100 + idmap config * : rangesize = 100 idmap config TRUSTED : backend = ad idmap config TRUSTED : range= 5 - 9 diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index 1f4af33..80d8ed1 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -435,11 +435,22 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) struct autorid_global_config *storedconfig = NULL; NTSTATUS status; uint32_t hwm; + TALLOC_CTX *frame = talloc_stackframe(); + char *config_option = NULL; - config = TALLOC_ZERO_P(dom, struct autorid_global_config); + if (!strequal(dom-name, *)) { + DEBUG(0, (idmap_autorid_initialize: Error: autorid configured + for domain '%s'. But autorid can only be used for + the default idmap configuration.\n, dom-name)); + status = NT_STATUS_INVALID_PARAMETER; + goto error; + } + + config = TALLOC_ZERO_P(frame, struct autorid_global_config); if (!config) { DEBUG(0, (Out of memory!\n)); - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto error; } status = idmap_autorid_db_init(); @@ -447,8 +458,15 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) goto error; } + config_option = talloc_asprintf(frame, idmap config %s, dom-name); + if (config_option == NULL) { + DEBUG(0, (Out of memory!\n)); + status = NT_STATUS_NO_MEMORY; + goto error; + } + config-minvalue = dom-low_id; - config-rangesize = lp_parm_int(-1, autorid, rangesize, 10); + config-rangesize = lp_parm_int(-1, config_option, rangesize, 10); if (config-rangesize 2000) { DEBUG(1, (autorid rangesize must be at least 2000\n)); @@ -480,7 +498,7 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) config-minvalue, config-rangesize, config-maxranges)); /* read previously stored config and current HWM */ - storedconfig = idmap_autorid_loadconfig(talloc_tos()); + storedconfig = idmap_autorid_loadconfig(frame); if (!dbwrap_fetch_uint32(autorid_db, HWM, hwm)) { DEBUG(1, (Fatal error while fetching current @@ -530,8 +548,7 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) return NT_STATUS_OK; error: - talloc_free(config); -
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 664e45a Revert Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. from 5c19b41 s3:idmap_ldap: allow creation of ldap stored mappings for explicitly configured domains. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 664e45ad111ed67b16c0e07b7c2362457d5312c2 Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 7 19:52:06 2011 +0200 Revert Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. This reverts commit 6df3ff20620b3262ff232a478312c61a207ed4ff. --- Summary of changes: auth/auth_sam_reply.h | 19 examples/libsmbclient/get_auth_data_fn.h |3 - lib/compression/mszip.h |3 - lib/crypto/arcfour.h | 19 lib/crypto/crc32.h| 22 - lib/crypto/md4.h | 22 - lib/crypto/md5.h | 19 lib/replace/hdr_replace.h | 25 --- lib/replace/replace-test.h| 19 lib/replace/system/readline.h |2 - lib/replace/win32_replace.h | 19 lib/talloc/talloc_testsuite.h | 19 lib/util/data_blob.h |2 - lib/util/time.h |2 - lib/util/util_ldb.h | 18 lib/util/util_tdb.h | 19 lib/util/wrap_xattr.h | 19 libcli/auth/libcli_auth.h |2 - libcli/auth/msrpc_parse.h | 19 libcli/auth/proto.h | 19 libcli/ldap/ldap_ndr.h| 19 libcli/nbt/nbt_proto.h| 19 libcli/netlogon/ndr_netlogon_proto.h | 19 libcli/netlogon/netlogon_proto.h | 19 libcli/smbreadline/smbreadline.h | 19 libcli/util/error.h |2 - libds/common/flag_mapping.h | 19 librpc/idl/idl_types.h| 23 -- librpc/ndr/ndr_backupkey.h| 22 - librpc/ndr/ndr_compression.h | 19 librpc/ndr/ndr_dns.h | 23 -- librpc/ndr/ndr_spoolss_buf.h | 19 librpc/ndr/ndr_table.h| 19 nsswitch/pam_winbind.h| 22 +- nsswitch/winbind_client.h | 22 - source3/auth/proto.h | 35 --- source3/groupdb/proto.h | 26 --- source3/include/ads.h | 20 - source3/include/krb5_env.h| 23 -- source3/include/krb5_protos.h | 23 -- source3/include/mangle.h | 20 - source3/include/smb_krb5.h| 19 source3/include/smb_ldap.h| 19 source3/intl/lang_tdb.h | 22 - source3/lib/eventlog/proto.h | 26 --- source3/lib/idmap_cache.h | 24 -- source3/lib/netapi/examples/common.h | 23 +- source3/lib/netapi/libnetapi.h| 19 source3/lib/privileges.h | 23 -- source3/libads/ads_ldap_protos.h | 23 -- source3/libads/ads_proto.h| 35 --- source3/libads/ads_status.h | 19 source3/libads/cldap.h| 23 -- source3/libads/kerberos_proto.h | 33 -- source3/libads/ldap_schema.h | 23 -- source3/libgpo/gpo_proto.h| 23 -- source3/libnet/libnet_join.h | 23 -- source3/librpc/ndr/util.h | 21 - source3/libsmb/clidgram.h | 23 -- source3/libsmb/errormap_wbc.h | 23 -- source3/libsmb/libsmb.h |2 - source3/libsmb/nmblib.h | 23 -- source3/libsmb/proto.h
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 8db38ec WHATSNEW: Update changes since rc1. from 664e45a Revert Fix bug 8196 - Many (newer) header files don't have copyright / GPL header comments. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 8db38ec99bcecd80b892f26cf676acb13292c20e Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 7 20:12:24 2011 +0200 WHATSNEW: Update changes since rc1. Karolin --- Summary of changes: WHATSNEW.txt |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index ec1d3fa..c3c514c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -255,6 +255,10 @@ o Andreas Schneider a...@samba.org Changes since 3.6.0rc1 -- +o Michael Adam ob...@samba.org +* BUG 8200: Add support for multiple writeable ldap idmap domains. + + o Jeremy Allison j...@samba.org * BUG 6911: Fix Kerberos authentication from Vista to Samba. * BUG 7054: Fix X account flag when pwdlastset is 0. @@ -266,9 +270,11 @@ o Jeremy Allison j...@samba.org * BUG 8156: Fix 'net ads join' using the user's Kerberos ticket. * BUG 8157: Fix parsing a cups printcap file. * BUG 8163: Fix our asn.1 parser to handle negative numbers. +* BUG 8175: Fix smbd deadlock. * BUG 8191: Split the ACE flag mapping between nfs4 and Windows into two separate functions. * BUG 8197: Winbind does not properly detect when a DC connection is dead. +* BUG 8203: Winbind needs to reset the DC connection if an RPC times out. o Christian Ambach a...@samba.org -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag release-3-6-0rc2 created
The annotated tag, release-3-6-0rc2 has been created at cfd35c40cee3adbb17743b98f0f7038077c2861e (tag) tagging 314f161c00cfe3957f10b0f6f24adab737dfbe88 (commit) replaces release-3-6-0rc1 tagged by Karolin Seeger on Tue Jun 7 20:15:09 2011 +0200 - Log - tag release-3-6-0rc2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.15 (GNU/Linux) iD8DBQBN7msSbzORW2Vot+oRAgjOAJ97H2XlWAwsicLBvoXcNBihkpdwZACgiYlA iRvvnlcL0mMrH4CGF600szY= =m2mH -END PGP SIGNATURE- Andreas Schneider (1): s3-epmapper: Fixed endpoint registration. Andrew Bartlett (7): ncalrpc: Force ncalrpc dir to be mode 755 in all users docs: Rewrite 'password server' documentation docs: Clarify the 'security=server' fails for NTLMv2 s3-param Deprecate a number of security parameters for 3.6 s3-param Depricate 'password server = foo:12389' syntax s3-testparm Warn about incorrect use of 'password server' s3-docs Add documentation for ncalrpc dir Benjamin Brunner (1): s3-docs: Fix some typos. Björn Jacke (1): replace: remove waring if IOV_MAX is not defined Christian Ambach (1): Fix Bug 8152 - smbd crash in release_ip() Gregor Beck (3): s3:smbcacls: fix parsing of multiple flags nfs4_acls: pass ACE_FLAG_INHERITED_ACE up to the client nfs4_acls: pass ACE_FLAG_INHERITED_ACE down from the client Holger Hetterich (2): Make protocol version 2 the default protocol, and only run on version 1 if V1 is explcitly given as a module option. Actually make use of the SMBTA_SUBRELEASE define in smb_traffic_analyzer.h. This will allow to introduce new features or fixes into the protocol after the 3.6.0 release. The client software is designed to take care for the subrelease number. Jeremy Allison (16): Fix bug #8144 - touch /mnt/newfile fails to set timestamp with CIFS client. Fix bug 8153 found when building on an IPv6-only system by Kai Blin. Optimization. If the attributes passed to can_rename() include both FILE_ATTRIBUTE_HIDDEN and FILE_ATTRIBUTE_SYSTEM then there's no point in reading the source DOS attribute, as we're not going to deny the rename on attribute match. Fix bug 8133 - strange behavior for the file (whose filename first character is period ) in SMB2 case. Patch for bug #8156 - net ads join fails to use the user's kerberos ticket. Fix bug #8157 - std_pcap_cache_reload() fails to parse a cups printcap file correctly. Fix bug #8150 - Ban 'dos charset = utf8' Fix bug #7054 - X account flag does not work when pwdlastset is 0. Fix our asn.1 parser to handle negative numbers. Fix bug #6911 - Kerberos authentication from vista to samba fails when security blob size is greater than 16 kB Split the ACE flag mapping between nfs4 and Windows into two separate functions rather than trying to do it inline. Allows us to carefully control what flags are mapped to what in one place. Modification to bug #8191 - vfs_gpfs dosn't honor ACE_FLAG_INHERITED_ACE Fix the poll() backend to correctly respond to POLLHUP|POLLERR returns on a fd selected for TEVENT_FD_WRITE only. Add the same fix to the S3 event backend as the previous commit added to the tevent poll backend. Fix bug #8197 - winbind does not properly detect when a DC connection is dead. Fix bug #8175 - smbd deadlock. Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out. Jim McDonough (1): s3-winbind: BUG 8166 - Don't lockout users when offline. Karolin Seeger (8): VERSION: Bump version up to 3.6.0rc2. WHATSNEW: Start release notes. WHATSNEW: Start adding changes since rc1. WHATSNEW: Update changes since rc1. s3-docs: Fix version. WHATSNEW: Update changes since 3.6.0rc1. WHATSNEW: Add another change since rc1. WHATSNEW: Update changes since rc1. Luk Claes (23): idmap_ad.8: use new syntax in ad backend example idmap_adex.8: Use new syntax in adex backend example idmap_hash.8: Use new syntax for hash backend idmap_nss.8: Use new syntax for nss backend idmap_rid.8: Use new syntax in rid backend example idmap_autorid.8: Use new syntax in autorid backend examples idmap_autorid.8: Avoid confusion with idmap uid and idmap gid options wbinfo.1: Avoid confusion with idmap uid option winbindd.8: Use new syntax in example idmap_tdb2.8: Use new syntax in example idmap_tdb2.8: Remove part about alloc backend idmap_tdb2.8: Avoid confusion with idmap uid and idmap gid options idmap_tdb2.8: Remove mentioning of deprecated idmap uid and idmap gid options as fallback idmap_ldap.8: Rework example to use new idmap syntax idmap_ldap.8: Remove references to idmap alloc backend idmap_ldap.8: Backend is not only used for searching idmap_ldap.8:
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c3ac298 s3:libsmb/cli_np_tstream: use larger buffers to avoid a bug NT4 servers (bug #8195) from cd8dc47 s3:idmap_autorid: fail initialization if the domain is not * http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c3ac298a1fe4f5cada6d09376e2d4a3df271a093 Author: Stefan Metzmacher me...@samba.org Date: Tue Jun 7 18:27:41 2011 +0200 s3:libsmb/cli_np_tstream: use larger buffers to avoid a bug NT4 servers (bug #8195) NT4 servers return NT_STATUS_PIPE_BUSY if we try a SMBtrans and the SMBwriteX before hasn't transmited the whole DCERPC fragment. W2K and above is happy with that. As a result we try to match the behavior of Windows and older Samba clients, they use write and read buffers of 4280 bytes instead of 1024 bytes. On Windows only the SMBtrans based read uses 1024 (while we also use 4280 there). metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue Jun 7 20:25:32 CEST 2011 on sn-devel-104 --- Summary of changes: source3/libsmb/cli_np_tstream.c | 19 +-- 1 files changed, 17 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cli_np_tstream.c b/source3/libsmb/cli_np_tstream.c index ba37ea5..5e11a92 100644 --- a/source3/libsmb/cli_np_tstream.c +++ b/source3/libsmb/cli_np_tstream.c @@ -28,9 +28,24 @@ static const struct tstream_context_ops tstream_cli_np_ops; /* - * Window uses 1024 hardcoded for read size and trans max data + * Windows uses 4280 (the max xmit/recv size negotiated on DCERPC). + * This is fits into the max_xmit negotiated at the SMB layer. + * + * On the sending side they may use SMBtranss if the request does not + * fit into a single SMBtrans call. + * + * Windows uses 1024 as max data size of a SMBtrans request and then + * possibly reads the rest of the DCERPC fragment (up to 3256 bytes) + * via a SMBreadX. + * + * For now we just ask for the full 4280 bytes (max data size) in the SMBtrans + * request to get the whole fragment at once (like samba 3.5.x and below did. + * + * It is important that we use do SMBwriteX with the size of a full fragment, + * otherwise we may get NT_STATUS_PIPE_BUSY on the SMBtrans request + * from NT4 servers. (See bug #8195) */ -#define TSTREAM_CLI_NP_BUF_SIZE 1024 +#define TSTREAM_CLI_NP_BUF_SIZE 4280 struct tstream_cli_np { struct cli_state *cli; -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via d8da42e Announce Samba 3.6.0rc2. from a3e4abb Added Univention entry to verdors list. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit d8da42ed967bfe5f2e16ccabd48cc7c211a4a175 Author: Karolin Seeger ksee...@samba.org Date: Tue Jun 7 20:39:57 2011 +0200 Announce Samba 3.6.0rc2. Karolin --- Summary of changes: generated_news/latest_10_bodies.html| 35 +- generated_news/latest_10_headlines.html |4 +- generated_news/latest_2_bodies.html | 26 +++--- 3 files changed, 35 insertions(+), 30 deletions(-) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index 50f4a51..5b45b32 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,23 @@ + h5a name=3.6.0rc27 June 2011/a/h5 + p class=headlineSamba 3.6.0rc2 Available for Download/p + pSamba 3.6.0rc2 is available for download. This is the + first release candidate of the next upgrade production release version of Samba 3.6.0. + It is intended for btesting purposes only/b. Please test and + a href=https://bugzilla.samba.org/;report any bugs that you + find/a. Please read the changes in the + a href=http://samba.org/samba/ftp/rc/WHATSNEW-3-6-0rc2.txt;Release Notes/a + for details on new features and difference in behavior from + previous releases./p + + pThe a href=http://samba.org/samba/ftp/rc/samba-3.6.0rc2.tar.gz;Samba 3.6.0rc2 + source code/a can be downloaded now. The a + href=http://samba.org/samba/ftp/rc/samba-3.6.0rc2.tar.asc;GnuPG + signature is for the emun/emcompressed tarball/a. + Precompiled packages will + be made available on a volunteer basis and can be found in the + a href=http://samba.org/samba/ftp/Binary_Packages/;Binary_Packages download area/a./p + + h5a name=3.6.0rc117 May 2011/a/h5 p class=headlineSamba 3.6.0rc1 Available for Download/p pSamba 3.6.0rc1 is available for download. This is the @@ -123,18 +143,3 @@ against Samba 3.4.10/a is also available. See a href=http://samba.org/samba/history/samba-3.4.11.html;the release notes for more info/a./p - - -h5a name=3.4.10 22 January 2011/a/h5 -p class=headlineSamba 3.4.10 Available for Download/p -pThis is the latest stable release of the Samba 3.4 series./p - -pThe uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -a href=http://samba.org/samba/ftp/stable/samba-3.4.10.tar.gz;downloaded -now/a. A a -href=http://samba.org/samba/ftp/patches/patch-3.4.9-3.4.10.diffs.gz;patch -against -Samba 3.4.9/a is also available. See a -href=http://samba.org/samba/history/samba-3.4.10.html;the -release notes for more info/a./p diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index e80df71..e91199c 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,6 @@ ul + li 7 June 2011 a href=#3.6.0rc2Samba 3.6.0rc2 Available for Download/a/li + li 17 May 2011 a href=#3.6.0rc1Samba 3.6.0rc1 Available for Download/a/li li 26 April 2011 a href=#3.6.0pre3Samba 3.6.0pre3 Available for Download/a/li @@ -16,6 +18,4 @@ li 28 February 2011 a href=#3.3.15Samba 3.3.15 Available for Download/a/li li 23 January 2011 a href=#3.4.11Samba 3.4.11 Available for Download/a/li - - li 22 January 2011 a href=#3.4.10Samba 3.4.10 Available for Download/a/li /ul diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index 368bd1c..97b91b1 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,36 +1,36 @@ - h5a name=3.6.0rc117 May 2011/a/h5 - p class=headlineSamba 3.6.0rc1 Available for Download/p - pSamba 3.6.0rc1 is available for download. This is the + h5a name=3.6.0rc27 June 2011/a/h5 + p class=headlineSamba 3.6.0rc2 Available for Download/p + pSamba 3.6.0rc2 is available for download. This is the first release candidate of the next upgrade production release version of Samba 3.6.0. It is intended for btesting purposes only/b. Please test and a href=https://bugzilla.samba.org/;report any bugs that you find/a. Please read the changes in the - a href=http://samba.org/samba/ftp/rc/WHATSNEW-3-6-0rc1.txt;Release Notes/a + a href=http://samba.org/samba/ftp/rc/WHATSNEW-3-6-0rc2.txt;Release Notes/a for details on new features and difference in behavior from previous releases./p - pThe a href=http://samba.org/samba/ftp/rc/samba-3.6.0rc1.tar.gz;Samba 3.6.0rc1 + pThe a
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aff6c52 Fix re-opened bug 8083 - inherit owner = yes doesn't interact correctly with vfs_acl_xattr or vfs_acl_tdb module. from c3ac298 s3:libsmb/cli_np_tstream: use larger buffers to avoid a bug NT4 servers (bug #8195) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aff6c52370f853d447fc089796b0e4aa29c24d75 Author: Jeremy Allison j...@samba.org Date: Tue Jun 7 11:54:35 2011 -0700 Fix re-opened bug 8083 - inherit owner = yes doesn't interact correctly with vfs_acl_xattr or vfs_acl_tdb module. Fix incorrect interaction when all of inherit permissions = yes inherit acls = yes inherit owner = yes are set. Found by Björn Jacke. Thanks Björn ! Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Tue Jun 7 22:32:18 CEST 2011 on sn-devel-104 --- Summary of changes: source3/modules/vfs_acl_common.c | 21 + 1 files changed, 17 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index a177146..fc9c3cd 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -448,10 +448,14 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, struct security_descriptor *psd = NULL; struct dom_sid *owner_sid = NULL; struct dom_sid *group_sid = NULL; + uint32_t security_info_sent = (SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL); bool inherit_owner = lp_inherit_owner(SNUM(handle-conn)); + bool inheritable_components = sd_has_inheritable_components(parent_desc, + is_directory); size_t size; - if (!sd_has_inheritable_components(parent_desc, is_directory)) { + if (!inheritable_components !inherit_owner) { + /* Nothing to inherit and not setting owner. */ return NT_STATUS_OK; } @@ -487,6 +491,17 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, return status; } + /* If inheritable_components == false, + se_create_child_secdesc() + creates a security desriptor with a NULL dacl + entry, but with SEC_DESC_DACL_PRESENT. We need + to remove that flag. */ + + if (!inheritable_components) { + security_info_sent = ~SECINFO_DACL; + psd-type = ~SEC_DESC_DACL_PRESENT; + } + if (DEBUGLEVEL = 10) { DEBUG(10,(inherit_new_acl: child acl for %s is:\n, fsp_str_dbg(fsp) )); @@ -498,9 +513,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, become_root(); } status = SMB_VFS_FSET_NT_ACL(fsp, - (SECINFO_OWNER | -SECINFO_GROUP | -SECINFO_DACL), + security_info_sent, psd); if (inherit_owner) { unbecome_root(); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5fb2781 Part 3 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs via 40c54a7 Part 2 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs via cabed2f Part 1 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs from aff6c52 Fix re-opened bug 8083 - inherit owner = yes doesn't interact correctly with vfs_acl_xattr or vfs_acl_tdb module. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5fb27814ad5566b264acf0f014d1721afc39b176 Author: Jeremy Allison j...@samba.org Date: Tue Jun 7 16:55:20 2011 -0700 Part 3 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs When changing ownership on a new file make sure we must have a valid stat struct before making the inheritance calls (as they may look at it), and if we make changes we must have a valid stat struct after them. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Wed Jun 8 03:07:04 CEST 2011 on sn-devel-104 commit 40c54a736dff751dcdc66d6cd5c5d2307aeda75c Author: Jeremy Allison j...@samba.org Date: Tue Jun 7 16:48:14 2011 -0700 Part 2 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs When changing ownership on a new file make sure we also change the returned stat struct to have the correct uid. commit cabed2fb179ea38ac93f8b9872dc3be7825d13f8 Author: Jeremy Allison j...@samba.org Date: Tue Jun 7 16:42:02 2011 -0700 Part 1 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs When changing ownership on a new directory make sure we also change the returned stat struct to have the correct uid. --- Summary of changes: source3/smbd/open.c | 64 +- 1 files changed, 47 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d4b0934..3603a81 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -241,6 +241,8 @@ void change_file_owner_to_parent(connection_struct *conn, DEBUG(10,(change_file_owner_to_parent: changed new file %s to parent directory uid %u.\n, fsp_str_dbg(fsp), (unsigned int)smb_fname_parent-st.st_ex_uid)); + /* Ensure the uid entry is updated. */ + fsp-fsp_name-st.st_ex_uid = smb_fname_parent-st.st_ex_uid; } TALLOC_FREE(smb_fname_parent); @@ -350,6 +352,8 @@ NTSTATUS change_dir_owner_to_parent(connection_struct *conn, DEBUG(10,(change_dir_owner_to_parent: changed ownership of new directory %s to parent directory uid %u.\n, fname, (unsigned int)smb_fname_parent-st.st_ex_uid )); + /* Ensure the uid entry is updated. */ + psbuf-st_ex_uid = smb_fname_parent-st.st_ex_uid; } chdir: @@ -378,6 +382,7 @@ static NTSTATUS open_file(files_struct *fsp, int accmode = (flags O_ACCMODE); int local_flags = flags; bool file_existed = VALID_STAT(fsp-fsp_name-st); + bool file_created = false; fsp-fh-fd = -1; errno = EPERM; @@ -477,23 +482,7 @@ static NTSTATUS open_file(files_struct *fsp, } if ((local_flags O_CREAT) !file_existed) { - - /* Inherit the ACL if required */ - if (lp_inherit_perms(SNUM(conn))) { - inherit_access_posix_acl(conn, parent_dir, -smb_fname-base_name, -unx_mode); - } - - /* Change the owner if required. */ - if (lp_inherit_owner(SNUM(conn))) { - change_file_owner_to_parent(conn, parent_dir, - fsp); - } - - notify_fname(conn, NOTIFY_ACTION_ADDED, -FILE_NOTIFY_CHANGE_FILE_NAME, -smb_fname-base_name); + file_created = true; } } else { @@ -603,6 +592,47 @@ static NTSTATUS open_file(files_struct *fsp, fd_close(fsp); return status; } + + if (file_created) { +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c790213 s4-gensec bring GSS_S_CONTEXT_EXPIRED into it's own error handler via 9cf686f s4-credentials Don't use expired Kerberos or GSSAPI credentials via 8dbab93 s4-credentials Allow use of file-based credentials caches for debugging. from 5fb2781 Part 3 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c79021382b3feda518440f7627a78959b96d0619 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 8 08:55:19 2011 +1000 s4-gensec bring GSS_S_CONTEXT_EXPIRED into it's own error handler This allows us to print much more debugging in this critical situation. Andrew Bartlett Autobuild-User: Andrew Bartlett abart...@samba.org Autobuild-Date: Wed Jun 8 04:19:58 CEST 2011 on sn-devel-104 commit 9cf686f56fa50932a67f80a455c36025ca3470db Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 8 08:53:16 2011 +1000 s4-credentials Don't use expired Kerberos or GSSAPI credentials In a long-lived credentials cache situation, we may need to refetch the ticket after (say) 10 hours. This code should help that happen, by checking the lifetime before returning any credentials cache or GSSAPI credentials. Andrew Bartlett commit 8dbab93f28d8ddbce8f44116f45a107a05a59a15 Author: Andrew Bartlett abart...@samba.org Date: Wed Jun 8 08:51:56 2011 +1000 s4-credentials Allow use of file-based credentials caches for debugging. This means that we will leave a slew of file based credentials caches in /tmp, which should give some clues to the administrator or developer via klist as to what has gone wrong. Andrew Bartlett --- Summary of changes: source4/auth/credentials/credentials_krb5.c | 73 --- source4/auth/gensec/gensec_gssapi.c | 59 + 2 files changed, 125 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c index bfba167..26fa809 100644 --- a/source4/auth/credentials/credentials_krb5.c +++ b/source4/auth/credentials/credentials_krb5.c @@ -235,9 +235,15 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred, if (!ccache_name) { must_free_cc_name = true; - ccache_name = talloc_asprintf(ccc, MEMORY:%p, - ccc); - + + if (lpcfg_parm_bool(lp_ctx, NULL, credentials, krb5_cc_file, false)) { + ccache_name = talloc_asprintf(ccc, FILE:/tmp/krb5_cc_samba_%u_%p, + (unsigned int)getpid(), ccc); + } else { + ccache_name = talloc_asprintf(ccc, MEMORY:%p, + ccc); + } + if (!ccache_name) { talloc_free(ccc); (*error_string) = strerror(ENOMEM); @@ -288,8 +294,38 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct cli_credentials *cred, if (cred-ccache_obtained = cred-ccache_threshold cred-ccache_obtained CRED_UNINITIALISED) { - *ccc = cred-ccache; - return 0; + time_t lifetime; + bool expired = false; + ret = krb5_cc_get_lifetime(cred-ccache-smb_krb5_context-krb5_context, + cred-ccache-ccache, lifetime); + if (ret == KRB5_CC_END) { + /* If we have a particular ccache set, without +* an initial ticket, then assume there is a +* good reason */ + } else if (ret == 0) { + if (lifetime == 0) { + DEBUG(3, (Ticket in credentials cache for %s expired, will refresh\n, + cli_credentials_get_principal(cred, cred))); + expired = true; + } else if (lifetime 300) { + DEBUG(3, (Ticket in credentials cache for %s will shortly expire (%u secs), will refresh\n, + cli_credentials_get_principal(cred, cred), (unsigned int)lifetime)); + expired = true; + } + } else { + (*error_string) = talloc_asprintf(cred, failed to get ccache lifetime: %s\n, +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4afe426 s4-ipv6: fill in pdc_ip in DsRGetDCNameEx2 via e14538d s4-wins: ensure we only use IPv4 for WINS owner via 79ef434 s4-interface: raise the debug level for interface discovery from c790213 s4-gensec bring GSS_S_CONTEXT_EXPIRED into it's own error handler http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4afe426877fed3ed4d1dae4a8d96dce3f4983b91 Author: Andrew Tridgell tri...@samba.org Date: Wed Jun 8 11:49:24 2011 +1000 s4-ipv6: fill in pdc_ip in DsRGetDCNameEx2 this may be different from the CLDAP response, as it can be IPv6 Autobuild-User: Andrew Tridgell tri...@samba.org Autobuild-Date: Wed Jun 8 06:07:29 CEST 2011 on sn-devel-104 commit e14538d9394fc5d21a5e3ec34574b9fb5c468ba2 Author: Andrew Tridgell tri...@samba.org Date: Wed Jun 8 10:42:02 2011 +1000 s4-wins: ensure we only use IPv4 for WINS owner commit 79ef434b900288f23f352dcce083c37308baef2d Author: Andrew Tridgell tri...@samba.org Date: Wed Jun 8 10:41:38 2011 +1000 s4-interface: raise the debug level for interface discovery --- Summary of changes: source4/lib/socket/interface.c|6 +++--- source4/nbt_server/wins/wins_ldb.c|2 +- source4/nbt_server/wins/winsserver.c |2 +- source4/rpc_server/netlogon/dcerpc_netlogon.c | 15 --- 4 files changed, 17 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/lib/socket/interface.c b/source4/lib/socket/interface.c index 9cb8f5e..d5b610f 100644 --- a/source4/lib/socket/interface.c +++ b/source4/lib/socket/interface.c @@ -116,18 +116,18 @@ static void add_interface(TALLOC_CTX *mem_ctx, const struct iface_struct *ifs, s /* keep string versions too, to avoid people tripping over the implied static in inet_ntoa() */ print_sockaddr(addr, sizeof(addr), iface-ip); - DEBUG(2,(added interface %s ip=%s , + DEBUG(4,(added interface %s ip=%s , iface-name, addr)); iface-ip_s = talloc_strdup(iface, addr); print_sockaddr(addr, sizeof(addr), iface-bcast); - DEBUG(2,(bcast=%s , addr)); + DEBUG(4,(bcast=%s , addr)); iface-bcast_s = talloc_strdup(iface, addr); print_sockaddr(addr, sizeof(addr), iface-netmask); - DEBUG(2,(netmask=%s\n, addr)); + DEBUG(4,(netmask=%s\n, addr)); iface-nmask_s = talloc_strdup(iface, addr); /* diff --git a/source4/nbt_server/wins/wins_ldb.c b/source4/nbt_server/wins/wins_ldb.c index 6519f9e..304c98d 100644 --- a/source4/nbt_server/wins/wins_ldb.c +++ b/source4/nbt_server/wins/wins_ldb.c @@ -93,7 +93,7 @@ static int wins_ldb_init(struct ldb_module *module) if (!owner) { struct interface *ifaces; load_interface_list(module, lp_ctx, ifaces); - owner = iface_list_n_ip(ifaces, 0); + owner = iface_list_first_v4(ifaces); if (!owner) { owner = 0.0.0.0; } diff --git a/source4/nbt_server/wins/winsserver.c b/source4/nbt_server/wins/winsserver.c index 604c86e..5f1f417 100644 --- a/source4/nbt_server/wins/winsserver.c +++ b/source4/nbt_server/wins/winsserver.c @@ -1058,7 +1058,7 @@ NTSTATUS nbtd_winsserver_init(struct nbtd_server *nbtsrv) if (owner == NULL) { struct interface *ifaces; load_interface_list(nbtsrv-task, nbtsrv-task-lp_ctx, ifaces); - owner = iface_list_n_ip(ifaces, 0); + owner = iface_list_first_v4(ifaces); } nbtsrv-winssrv-wins_db = winsdb_connect(nbtsrv-winssrv, nbtsrv-task-event_ctx, diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 8964c1d..d5a7eeb 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -37,6 +37,7 @@ #include lib/tsocket/tsocket.h #include librpc/gen_ndr/ndr_netlogon.h #include librpc/gen_ndr/ndr_irpc.h +#include lib/socket/netif.h struct netlogon_server_pipe_state { struct netr_Credential client_challenge; @@ -1233,6 +1234,7 @@ static NTSTATUS dcesrv_netr_NetrEnumerateTrustedDomains(struct dcesrv_call_state static NTSTATUS dcesrv_netr_LogonGetCapabilities(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct netr_LogonGetCapabilities *r) { + /* we don't support AES yet */ return NT_STATUS_NOT_IMPLEMENTED; } @@ -1710,6 +1712,8 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call, NTSTATUS status; const char *dc_name = NULL; const char *domain_name = NULL; + struct
[SCM] CTDB repository - branch 1.2 updated - ctdb-1.9.1-440-gbfffe06
The branch, 1.2 has been updated via bfffe067a8152145ef54482dccb49529c6a4827f (commit) via d7ab0958609264df36b7db5591d7013c0d9f95d2 (commit) via 8f75f620f97672ad9ee65cb8d9c10d1916413ffb (commit) via 9051032bc1bdb1d26902800409a248c44836da58 (commit) via a9caac9eeed27d6d5efd22926a962a25d1a5ef7f (commit) via 19a41fdc40fada29046d102de34d6fbe0c7a3768 (commit) via 8df10dfdbd9b19514caadf236c34eadcb07419f7 (commit) from ee5e90f5ad43be8e3b0b3f0aa00e6fc0be982099 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.2 - Log - commit bfffe067a8152145ef54482dccb49529c6a4827f Author: Martin Schwenke mar...@meltin.net Date: Mon May 23 15:33:12 2011 +1000 onnode: fix natgwlist nodespec This hasn't worked for a while if ever. We treat this case specially because the output has 2 works on the 1st line. We also handle the error case where /etc/ctdb_natgw_nodes exists but none of the other $NATGW_* configuration is done. Signed-off-by: Martin Schwenke mar...@meltin.net commit d7ab0958609264df36b7db5591d7013c0d9f95d2 Author: Martin Schwenke mar...@meltin.net Date: Mon May 23 15:24:52 2011 +1000 onnode: fix get_nodes_with_status() Setting IFS and looping though items with colons in them doesn't work. Change this to read through the output line by line. The header line needs to be thrown away by throwing away everything up to the 1st newline. Keep stderr from the ctdb status command, otherwise debugging is impossible. On error, append any output from ctdb to onnode's error message. Signed-off-by: Martin Schwenke mar...@meltin.net commit 8f75f620f97672ad9ee65cb8d9c10d1916413ffb Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 14:26:55 2011 +1000 onnode: Remove an unnecessary comment. The comment about $CTDB_NODES_SOCKETS is meaningless. The code ti refers to works just find with $CTDB_NODES_SOCKETS. Signed-off-by: Martin Schwenke mar...@meltin.net commit 9051032bc1bdb1d26902800409a248c44836da58 Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 14:24:30 2011 +1000 onnode: Future-proof get_nodes_with_status(). The current code requires knowledge of the number of status bits output by ctdb status -Y. This changes the code to be completely general. Signed-off-by: Martin Schwenke mar...@meltin.net commit a9caac9eeed27d6d5efd22926a962a25d1a5ef7f Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 13:25:08 2011 +1000 onnode: Exit with error for unknown command-line flags. Use of local was masking errors in command-line processing. Signed-off-by: Martin Schwenke mar...@meltin.net commit 19a41fdc40fada29046d102de34d6fbe0c7a3768 Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 13:20:51 2011 +1000 onnode: Be defensive when listing IPs of nodes with designated status. The current version gives the last item left after stripping the known fields. If an insufficent number of status fields is stripped then this would return a residual status field value, which turned out to be a valid IP address for localhost... so no error occurs. This change means that the node number is stripped and any residual status field value will stay appended, causing an error the first time this command is tested. Signed-off-by: Martin Schwenke mar...@meltin.net commit 8df10dfdbd9b19514caadf236c34eadcb07419f7 Author: Martin Schwenke mar...@meltin.net Date: Tue May 17 13:18:11 2011 +1000 onnode - Fix long standing bug in onnode healthy/ok/connected/con. When the output of ctdb status -Y changed to add an extra status column we didn't fix onnode. This adds a match for the extra column. Signed-off-by: Martin Schwenke mar...@meltin.net --- Summary of changes: tools/onnode | 93 +++-- 1 files changed, 57 insertions(+), 36 deletions(-) Changeset truncated at 500 lines: diff --git a/tools/onnode b/tools/onnode index fa61b47..804ab09 100755 --- a/tools/onnode +++ b/tools/onnode @@ -70,7 +70,9 @@ parse_options () # $POSIXLY_CORRECT means that the command passed to onnode can # take options and getopt won't reorder things to make them # options ot onnode. -local temp=$(POSIXLY_CORRECT=1 getopt -n $prog -o cf:hno:pqv -l help -- $@) +local temp +# Not on the previous line - local returns 0! +temp=$(POSIXLY_CORRECT=1 getopt -n $prog -o cf:hno:pqv -l help -- $@) [ $? != 0 ] usage @@ -136,44 +138,47 @@ get_nodes_with_status () local all_nodes=$1 local status=$2 -local bits -case $status in - healthy) - bits=0:0:0:0:0 -