Re: [Samba] Samba PDC group list empty
Hai, The debian 3.5.6 is buggy, use de 3.6.6 version from backports, fixed my problems also. Louis -Oorspronkelijk bericht- Van: andrej.si...@gmail.com [mailto:samba-boun...@lists.samba.org] Namens Andrej Šimko Verzonden: vrijdag 23 november 2012 9:11 Aan: samba@lists.samba.org Onderwerp: [Samba] Samba PDC group list empty Dear samba users, I have very strange problem. I have Samba PDC up and running, but only thing is missing. I cannot see any Domain Groups at all. Here is my config: Debian Squeeze: ii samba 2:3.5.6~dfsg-3squeeze8 SMB/CIFS file, print, and login server for Unix ii samba-common2:3.5.6~dfsg-3squeeze8 common files used by both the Samba server and client ii samba-common-bin2:3.5.6~dfsg-3squeeze8 common files used by both the Samba server and client ii samba-doc 2:3.5.6~dfsg-3squeeze8 Samba documentation /etc/samba/smb.conf [global] dos charset = CP852 unix charset = UTF8 display charset = UTF8 workgroup = EXAMPLE server string = %h server map to guest = Bad User passdb backend = ldapsam:ldap://127.0.0.1/ pam password change = Yes passwd program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* syslog = 0 time server = Yes log file = /var/log/samba/samba.log log level = 3 max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/smbldap-useradd -m %u -d /home/%u %u delete user script = /usr/sbin/smbldap-userdel %u -r %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u logon script = logon.bat domain logons = Yes os level = 10 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=admin,dc=example,dc=sk ldap delete dn = Yes ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap suffix = dc=example,dc=sk ldap ssl = no ldap user suffix = ou=Users panic action = /usr/share/samba/panic-action %d map acl inherit = Yes case sensitive = No hide unreadable = Yes map hidden = Yes map system = Yes [homes] comment = Home Directories valid users = %S read only = No create mask = 0644 directory mask = 0700 browseable = No path = /data/samba/homes [netlogon] comment = Network Logon Service path = /data/samba/netlogon read only = No guest ok = Yes locking = No share modes = No [profiles] comment = Users profiles path = /data/samba/profiles read only = No create mask = 0600 directory mask = 0700 hide files = /desktop.ini/ browseable = No /etc/nsswitch.conf # /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc Name Service Switch' for information about this file. passwd: compat ldap group: compat ldap shadow: compat ldap hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc:db files netgroup: nis /etc/ldap/ldap.conf # # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. host 127.0.0.1 base dc=example,dc=sk binddn cn=admin,dc=example,dc=sk bindpw secret bind_policy soft pam_password exop timelimit 15 nss_base_passwd ou=Users,dc=example,dc=sk nss_base_shadow ou=Users,dc=example,dc=sk nss_base_group ou=Groups,dc=example,dc=sk net getdomainsid SID for local machine HOST is: S-1-5-21-2242576961-186067218-2214866780 SID for domain EXAMPLE is: S-1-5-21-2390795950-2727105968-4008069955 net groupmap list Domain Admins (S-1-5-21-2390795950-2727105968-4008069955-512) - Domain Admins Domain Users (S-1-5-21-2390795950-2727105968-4008069955-513) - Domain Users Domain Guests (S-1-5-21-2390795950-2727105968-4008069955-514) - Domain Guests Domain Computers (S-1-5-21-2390795950-2727105968-4008069955-515) - Domain Computers Administrators (S-1-5-32-544) - Administrators Account Operators (S-1-5-32-548) - Account Operators Print Operators (S-1-5-32-550) - Print Operators Backup Operators (S-1-5-32-551) - Backup Operators Replicators (S-1-5-32-552) - Replicators The strange thing is, if I try on Win XP to search groups, i see in logs: smbldap_search_paged: base = [dc=example,dc=sk], filter = [((objectclass=sambaGroupMapping)(sambaGroupType=2)(sambaSID=S -1-5-21-2390795950-2727105968-4008069955*))],scope = [2], pagesize = [1024] smbldap_search_paged: base = [dc=example,dc=sk], filter =
Re: [Samba] cannot modify files on client
hi again, thank you for answer. On 25.11.2012 20:01, Gary Dale wrote: When you are using samba to connect, the user, group and file permission get passed through it. Rather than trying to force a particular user, try mapping the Windows (samba) user to the local (server) user tommy. I added in [global] username map, but it do not work. [global] workgroup=WORKGROUP security=share username map = /etc/samba/users.map [bilder] path=/var/lib/export #force user=tommy #force group=users valid users=tommy write list=tommy with tommy = dih in file /etc/samba/users.map (dih is user on linux client). What can I do to map uid and gid to client? With regards Dietrich On 25/11/12 10:10 AM, Dietrich Hentschel wrote: Hi, I want connect a linux client to linux server to modify files. On my server: password file: tommy:x:1002:100:Tommy:/home/tommy:/bin/sh smb.conf: [global] workgroup=WORKGROUP security=share [bilder] path=/var/lib/export force user=tommy force group=users valid users=tommy write list=tommy On client: mount.cifs //DESKTOP/bilder /home/dih/tommy/ -o user=tommy I see the files on root: -rwxr-xr-x 1 1002 users 628 Nov 11 19:15 configure.sh -rw-r--r-- 1 1002 users 0 Nov 25 11:33 d -rw-r--r-- 1 1002 users 0 Nov 25 12:49 dd -rwxr--r-- 1 1002 users 753647 Nov 22 19:48 p6140385.jpg -rwxr-xr-x 1 1002 users 720 Nov 19 14:29 photo-ma I can touch x without trouble and have uid 1002: -rw-r--r-- 1 1002 users 0 Nov 25 16:02 x I have no user on uid 1002. I want modify the files not on root but have wrong permissions. Can someone help me. With regards Dietrich -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cannot modify files on client
On Mon, Nov 26, 2012 at 12:06:50PM +0100, Dietrich Hentschel wrote: hi again, thank you for answer. On 25.11.2012 20:01, Gary Dale wrote: When you are using samba to connect, the user, group and file permission get passed through it. Rather than trying to force a particular user, try mapping the Windows (samba) user to the local (server) user tommy. I added in [global] username map, but it do not work. [global] workgroup=WORKGROUP security=share If possible, avoid security=share. This is deprecated for a while now. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 on CentOS 6.3 - IPTABLES how-to???
Hello, I do appologize if this is something that was already discussed somewhere else... but for now I was not able to find the appropriate How-To. Would anybody know what the IPTABLES entries are to have working Samba4 Domain Controller? I tried the following: -A INPUT -p tcp -m state --state NEW -m tcp --dport 88 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 749 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 88 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 389 -j ACCEPT -A INPUT -d SERVERIP/32 -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -d SERVERIP/32 -p udp -m udp --sport 53 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p udp -m udp --dport 137 -j ACCEPT -A INPUT -p udp -m udp --dport 138 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT With the above I was not able to connect via remote Administration tools to the Active Directory Service. Does anybody have a comprehensive list of ports/protocols one has to open in IPTABLES to get DNS, Samba, Fileshares, Active Directory, etc. working? Cheers thank you very much for your help! Best, Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 on CentOS 6.3 - IPTABLES how-to???
On 26.11.2012 14:39, Andreas Krupp wrote: With the above I was not able to connect via remote Administration tools to the Active Directory Service. Does anybody have a comprehensive list of ports/protocols one has to open in IPTABLES to get DNS, Samba, Fileshares, Active Directory, etc. working? Cheers thank you very much for your help! Best, Andreas Here is the official list: http://support.microsoft.com/kb/832017 Executive summary: It's hopeless. With so many RPC-based services that use dynamically assigned port numbers, you can't effectively put a packet filter between domain controller and the client. -- Mit freundlichen Grüßen Sven Tegethoff EDV-Team _ UDO BÄR GmbH Co. KG Fürstenstraße 18 47051 Duisburg Tel.: +49 (0) 203 28117-142 Fax: +49 (0) 203 28117-151 E-Mail: tegeth...@udobaer.de Ust.-Idnr.: DE119562189, HRA 6056, Sitz der Gesellschaft: Duisburg, Gerichtsstand: Duisburg Geschäftsführer: Bodo Badnowitz, Jürgen Dietz Ein Unternehmen der BTI Gruppe: www.bti-group.com Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Local Administrator access
Hi, I have a windows 7 machine withouth local administrator account. I need to create such an account. I can log in to the machine with a user on my samba domain. What do I need to do in order to get administrator access, or access to create an local administrator account? I have tried to do this: [root@float samba]# net rpc group addmem Administrators 'DOMAIN\username' Enter root's password: Could not add SKOLELINUX\knobo to Administrators: NT_STATUS_NO_SUCH_ALIAS I have tried to give some rights this way: net rpc rights grant 'DOMAIN\username' SeMachineAccountPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege SeSecurityPrivilege SeUndockPrivilege SeImpersonatePrivilege SeCreateGlobalPrivilege SePrintOperatorPrivilege SeCreateGlobalPrivilege SeEnableDelegationPrivilege SeUndockPrivilege SeTakeOwnershipPrivilege And it does what I tell it: [root@float samba]# net rpc rights list knobo Enter root's password: SeMachineAccountPrivilege SeTakeOwnershipPrivilege SeRemoteShutdownPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege SeSecurityPrivilege SeSystemProfilePrivilege SeUndockPrivilege SeImpersonatePrivilege SeCreateGlobalPrivilege SeEnableDelegationPrivilege But I'm still promptet for username and password, when I try to access the user accounts in windows 7. Any suggestions? Regards -- Knut Olav Bøhmer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Local Administrator access
With Windows7, the 1st account you create during the initial setup is typically a member of the local admin group. The actual Administrator account is normally disabled. Did this 1st account get deleted? When you joined the domain, the Domain Admin's groups should have been added to the local Admin group. This can get messed up if your group mappings are not set up correctly. Also, I think when running the net command you may want to use -U Administrator to use the credentials of your domain Administrator account (assuming one has been defined.) In my setup the unix root does not have a samba account. On 11/26/12 10:03, Knut Olav Bøhmer wrote: Hi, I have a windows 7 machine withouth local administrator account. I need to create such an account. I can log in to the machine with a user on my samba domain. What do I need to do in order to get administrator access, or access to create an local administrator account? I have tried to do this: [root@float samba]# net rpc group addmem Administrators 'DOMAIN\username' Enter root's password: Could not add SKOLELINUX\knobo to Administrators: NT_STATUS_NO_SUCH_ALIAS I have tried to give some rights this way: net rpc rights grant 'DOMAIN\username' SeMachineAccountPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege SeSecurityPrivilege SeUndockPrivilege SeImpersonatePrivilege SeCreateGlobalPrivilege SePrintOperatorPrivilege SeCreateGlobalPrivilege SeEnableDelegationPrivilege SeUndockPrivilege SeTakeOwnershipPrivilege And it does what I tell it: [root@float samba]# net rpc rights list knobo Enter root's password: SeMachineAccountPrivilege SeTakeOwnershipPrivilege SeRemoteShutdownPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege SeSecurityPrivilege SeSystemProfilePrivilege SeUndockPrivilege SeImpersonatePrivilege SeCreateGlobalPrivilege SeEnableDelegationPrivilege But I'm still promptet for username and password, when I try to access the user accounts in windows 7. Any suggestions? Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] S4 Bind vs Internal DNS
Hello, What are the benefits of using BIND instead of Samba's internal DNS server? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Timeout option for smblcient
Hi there, I have huge problems with backing up a quite large Windows share with Amanda and smbclient. Could you please tell me how to increase any timeout value smbclient is using? I have about 93000 files in that share and Windows needs some time to report it to the smblcient it seems. So Im not quite familiar with building things from source, but maybe there is a way for me to increase it anyway? Greetings -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Local Administrator access
Have you tried logging into the PC using the samba domain administrator account? Assuming the PC was properly joined to the domain then you should be able to configure the local accounts and groups. You can create domain group that is then a member of the PC's local administrator group. This will allow you do defined samba users who are PC administrators but NOT domain administrators. Whomever joins a PC to a domain needs to be both a local administrator on that computer and (in most cases) have domain administrator credentials. (If the machine account was created in advance then the domain administrator credentials should not be needed.) Are you sure the PC was joined to the domain? On 11/26/12 10:51, Knut Olav Bøhmer wrote: 2012/11/26 Gaiseric Vandal gaiseric.van...@gmail.com mailto:gaiseric.van...@gmail.com With Windows7, the 1st account you create during the initial setup is typically a member of the local admin group. The actual Administrator account is normally disabled. Did this 1st account get deleted? I did not install the computer. How can I find out if there is such a user? But, I don't have the password anyway. When you joined the domain, the Domain Admin's groups should have been added to the local Admin group. Ok, so the trick is to get my user a member of the Domain Admins group. This can get messed up if your group mappings are not set up correctly. Also, I think when running the net command you may want to use -U Administrator to use the credentials of your domain Administrator account (assuming one has been defined.) In my setup the unix root does not have a samba account. On 11/26/12 10:03, Knut Olav Bøhmer wrote: Hi, I have a windows 7 machine withouth local administrator account. I need to create such an account. I can log in to the machine with a user on my samba domain. What do I need to do in order to get administrator access, or access to create an local administrator account? I have tried to do this: [root@float samba]# net rpc group addmem Administrators 'DOMAIN\username' Enter root's password: Could not add SKOLELINUX\knobo to Administrators: NT_STATUS_NO_SUCH_ALIAS I have tried to give some rights this way: net rpc rights grant 'DOMAIN\username' SeMachineAccountPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege SeSecurityPrivilege SeUndockPrivilege SeImpersonatePrivilege SeCreateGlobalPrivilege SePrintOperatorPrivilege SeCreateGlobalPrivilege SeEnableDelegationPrivilege SeUndockPrivilege SeTakeOwnershipPrivilege And it does what I tell it: [root@float samba]# net rpc rights list knobo Enter root's password: SeMachineAccountPrivilege SeTakeOwnershipPrivilege SeRemoteShutdownPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege SeSecurityPrivilege SeSystemProfilePrivilege SeUndockPrivilege SeImpersonatePrivilege SeCreateGlobalPrivilege SeEnableDelegationPrivilege But I'm still promptet for username and password, when I try to access the user accounts in windows 7. Any suggestions? Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Knut Olav Bøhmer 41 000 108 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Trouble with file shares on Samba 4
Hello all, I have a Samba 4 system setup with 4.0.0-rc5 working as an Active Directory controller for a set of seven Win7 computers, and most things are working. However, file shares are not. In all cases, if I add users to Domain Admins, they can access the shares. In all cases, if users are not in Domain Admins, they cannot access the shares. I've added users to groups that (according to Windows) are allowed to read and write the shares. However, the users themselves get zero permissions unless they're in Domain Admins. I've even tried adding users *directly* to the ACLs for the shares, thinking that surely if they appear in the list directly, they will be able to access the shares. This is not, however, the case. Any assistance or advice on what to look for would be awesome. Thanks, Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] S4 Bind vs Internal DNS
On 11/26/12, Thomas Simmons twsn...@gmail.com wrote: What are the benefits of using BIND instead of Samba's internal DNS server? You can use additional resource types like SPF or SSHFP. You can use different views for different clients. It's much easier to update zone using good old shared key than using wrapper (isc dhcpd knows nothing about kerberos). Bind is known to *x admins and it's rather stable, samba's internal dns is new and possibly buggy :) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 on CentOS 6.3 - IPTABLES how-to???
Hi, Here is an extract from my post on installing Samba4 on CentOS6. I have iptables working - I used netstat and Wireshark to monitor the packets. - The ports needed are: 53, TCP UDP (DNS) 88, TCP UDP (Kerberos authentication) 135, TCP (MS RPC) 137, UDP (NetBIOS name service) 138, UDP (NetBIOS datagram service) 139, TCP (NetBIOS session service) 389, TCP UDP (LDAP) 445, TCP (MS-DS AD) 464, TCP UDP (Kerberos change/set password) 1024, TCP (this is a strange one but AD is using it) Add these to iptables: # iptables -A INPUT -p tcp --dport 53 -j ACCEPT # iptables -A INPUT -p udp --dport 53 -j ACCEPT # iptables -A INPUT -p udp --dport 137:138 -j ACCEPT # iptables -A INPUT -p tcp --dport 139 -j ACCEPT # iptables -A INPUT -p tcp --dport 445 -j ACCEPT # iptables -A INPUT -p tcp --dport 135 -j ACCEPT # iptables -A INPUT -p tcp --dport 88 -j ACCEPT # iptables -A INPUT -p udp --dport 88 -j ACCEPT # iptables -A INPUT -p tcp --dport 464 -j ACCEPT # iptables -A INPUT -p tcp --dport 389 -j ACCEPT # iptables -A INPUT -p udp --dport 389 -j ACCEPT # iptables -A INPUT -p tcp --dport 1024 -j ACCEPT - Looking at your rules, they are close to this. I believe it's the missing RPC (135) that's blocking RSAT. Cheers, Stephen Jones Lloyd Systems Engineering On Tue, Nov 27, 2012, at 12:39 AM, Andreas Krupp wrote: Hello, I do appologize if this is something that was already discussed somewhere else... but for now I was not able to find the appropriate How-To. Would anybody know what the IPTABLES entries are to have working Samba4 Domain Controller? I tried the following: -A INPUT -p tcp -m state --state NEW -m tcp --dport 88 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 749 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 88 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 389 -j ACCEPT -A INPUT -d SERVERIP/32 -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -d SERVERIP/32 -p udp -m udp --sport 53 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p udp -m udp --dport 137 -j ACCEPT -A INPUT -p udp -m udp --dport 138 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT With the above I was not able to connect via remote Administration tools to the Active Directory Service. Does anybody have a comprehensive list of ports/protocols one has to open in IPTABLES to get DNS, Samba, Fileshares, Active Directory, etc. working? Cheers thank you very much for your help! Best, Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] VFS ACL with SMB2
On Wed, Nov 21, 2012 at 09:53:53AM +0100, Adrian Berlin wrote: Hi! Thanks for reply. Debug file with level 10 attached. I didn't say post to the list (it got stripped anyway :-). I said log a bug and attach the log there. Hope this helps, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Press around releasing Samba4.
Hi all, It's getting close to Samba4 release time, and we need to have a good press release to generate excitement around all our new features ! So I was wondering if people who have been working with the Samba4 code and have nice things to say about it for themselves or their companies would be willing to send me some quotes I can use for the press release ? Remember, if this is on behalf of your company or organization you'll probably need to get permission for your PR department (unless you are the President or CEO :-) before we can use the quote in the press release. Please send the quotes directly to me j...@samba.org (unless you're happy to send to the lists). Thanks in advance, and I hope Samba4 works well for everyone, as we've had a lot of fun developing it ! Cheers, Jeremy Allison, Samba Team. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Trouble with file shares on Samba 4
On 11/26/2012 11:07 AM, Michael B. Trausch wrote: Any assistance or advice on what to look for would be awesome. One additional note that I've been able to put together. Windows reports that the permissions that I've set on the server match my expectations of what Windows thinks the permissions should be. That is, I added ACLs to allow user X to access the share with Full Control, and Windows see this. Windows attempts to access the share, but then says that access is denied. Windows won't even show space utilization on the share, though Windows *can* see the ACLs and, again, they match what we think they should be. I am _not_ an expert on Samba 4. I do know that this functionality worked in a beta release, though I don't recall which one. I'm actually in the process of setting up a test network to replicate the problem, as I cannot officially submit a bug report based on the network I'm discussing at present. I fully expect to be able to have enough information within 24 hours to create a bug report. I also plan on testing with git master to see if anything changed since rc5 that might fix the problem, but it essentially seems that while the permissions are correct, they're not being correctly interpreted or honored. --- MIke -- Michael B. Trausch President, Naunet Corporation Web: https://www.naunetcorp.com Telephone: +1-678-287-0693 signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] S4 Bind vs Internal DNS
On 11/26/2012 09:09 AM, Hleb Valoshka wrote: On 11/26/12, Thomas Simmons twsn...@gmail.com wrote: What are the benefits of using BIND instead of Samba's internal DNS server? You can use additional resource types like SPF or SSHFP. You can use different views for different clients. It's much easier to update zone using good old shared key than using wrapper (isc dhcpd knows nothing about kerberos). Bind is known to *x admins and it's rather stable, samba's internal dns is new and possibly buggy :) Well you have to take in account that the bind that you need for AD is 9.8 and that you need the dlz plugin, I'm not sure that for zone managed by dlz you can do shared key update (from isc dhcp) you have to know that the code for dlz is also quite new and so potentially buggy as well. Things that you can do with bind: * zone transfer (having slaves of your dlz managed zone, TBC) I would say that I think that bind is more robust than samba's DNS server but that has to be proved. Matthieu -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8336061 s4:torture/rpc/handles: try to make all assoc_group tests less flakey from e4218e4 configure(waf): Fail configure --with-ads if ads support is not available http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8336061096c259f5c3c93f869ff51bf4daab3fdc Author: Stefan Metzmacher me...@samba.org Date: Sat Nov 24 11:28:57 2012 +0100 s4:torture/rpc/handles: try to make all assoc_group tests less flakey Just incrementing the assoc_group_id makes it too likely to hit a number that is already in use. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Autobuild-User(master): Michael Adam ob...@samba.org Autobuild-Date(master): Mon Nov 26 13:53:22 CET 2012 on sn-devel-104 --- Summary of changes: source4/torture/rpc/handles.c |5 + 1 files changed, 5 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/handles.c b/source4/torture/rpc/handles.c index 3fdce56..5c08a5f 100644 --- a/source4/torture/rpc/handles.c +++ b/source4/torture/rpc/handles.c @@ -471,6 +471,11 @@ static bool test_handles_mixed_shared(struct torture_context *torture) torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL, opening lsa pipe4); + /* +* We use ~assoc_group_id instead of p1-assoc_group_id, because +* this way we are less likely to use an id which is already in use. +*/ + assoc_group_id = ~assoc_group_id; torture_comment(torture, connect samr pipe5 with assoc_group_id[0x%08X]- should fail\n, ++assoc_group_id); status = torture_rpc_connection_transport(torture, p5, ndr_table_samr, transport, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 92c3c86 WHATSNEW: Update changes since rc5. via ac0623c s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426) via 4760b8f waf: Disable ntdb by default. via 76106a3 s4:samba-tool/testparm: report a CommandError if loading of the config file fails via 48ec9ca build: Do not install testing binaries via 256eedd packaging: Remove long-gone --disable-merged-build from RHEL-CTDB packaging via 428c170 build: Remove --enable-smbtorture, require bin/smbtorture (from waf) for make test via 0519b9b build: Be consistent with the name of smbtorture binaries via 68e6eda torture: remove source3 locktest and masktest via 2a2480f build: Use ntlm_auth from source3 as the only ntlm_auth installed on the system via 3e042a9 lib/replace: Do not use STRERROR_R_PROTO_COMPATIBLE as only roken.h sets this from 2b130b4 WHATSNEW: Update changes since rc5. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 92c3c8690c150119d8f3ff2e26979b9d9038f939 Author: Karolin Seeger ksee...@samba.org Date: Mon Nov 26 12:50:06 2012 +0100 WHATSNEW: Update changes since rc5. Karolin Autobuild-User(v4-0-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-0-test): Mon Nov 26 14:30:07 CET 2012 on sn-devel-104 commit ac0623cab847a4df9c5cd35442e9be8924d9e261 Author: Günther Deschner g...@samba.org Date: Fri Nov 23 13:19:53 2012 +0100 s3-rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port(). (bug #9426) The server name type (0x20) is much more likely to be available in the name cache, as this type gets stored by winbind itself - the primary user of the ncacn_ip_tcp code currently. Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Nov 23 16:30:57 CET 2012 on sn-devel-104 (cherry picked from commit 2032f2746d70bbebd1af26a7a046eb1cc61ac175) commit 4760b8f7b256922d81bd84250dae70d7da740450 Author: Karolin Seeger ksee...@samba.org Date: Fri Nov 23 12:33:37 2012 +0100 waf: Disable ntdb by default. Disable ntdb by default for 4.0 as it is not used yet. Karolin Signed-off-by: Karolin Seeger ksee...@samba.org Fix bug #9425 - Do not build ntdb by default. commit 76106a30452c964066e3c522a9f1fefbc2dd14f7 Author: Stefan Metzmacher me...@samba.org Date: Fri Nov 9 09:01:29 2012 +0100 s4:samba-tool/testparm: report a CommandError if loading of the config file fails Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org (cherry picked from commit 11f5d54cbb10fd5c5f0e1718427609709c3476f4) Fix bug #9373 - Output of 'samba-tool' does not look very nice. commit 48ec9ca6f2e9b06955976b35f8a0028f094589c9 Author: Andrew Bartlett abart...@samba.org Date: Wed Nov 21 20:20:46 2012 +1100 build: Do not install testing binaries These binaries are for developer or selftest use, and are not supported for installation onto the system. The autoconf build does not install these binaries, and so neither should the waf build. Andrew Bartlett Reviewed-by: Andreas Schneider a...@samba.org Autobuild-User(master): Andreas Schneider a...@cryptomilk.org Autobuild-Date(master): Thu Nov 22 12:00:36 CET 2012 on sn-devel-104 (cherry-pick from f22e15d9d5a3d4744982265363c357ef277ba31e) The last 7 patches address bug #9421 - Build fixes for samba4. commit 256eeddbd00bcfd68deda4a3ea75f435489ffd01 Author: Andrew Bartlett abart...@samba.org Date: Wed Nov 21 19:52:50 2012 +1100 packaging: Remove long-gone --disable-merged-build from RHEL-CTDB packaging Reviewed-by: Andreas Schneider a...@samba.org (cherry-picked from 895cc9a9157d51f768d35f888795e8af7efed781) commit 428c17039214f6f4f2fe6ed7a5515f1662f63fe8 Author: Andrew Bartlett abart...@samba.org Date: Wed Nov 21 17:52:35 2012 +1100 build: Remove --enable-smbtorture, require bin/smbtorture (from waf) for make test This simply moves this to being a side-effect of --enable-selftest. The flag was renamed from --enable-smbtorture4 in a recent patch. Make test now relies on smbtorture4, and so this code to make the dependency optional for the tests is not required any more. Andrew Bartlett Reviewed-by: Andreas Schneider a...@samba.org (cherry-picked from 7626b5d9045c2b490b38dee7dd45ba7763740f83) commit 0519b9b4fa5b4a6c08113552848d6888ac64d202 Author: Andrew Bartlett abart...@samba.org Date: Wed Nov 21 16:32:38 2012 +1100 build: Be consistent with the name of smbtorture binaries
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b11ba24 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) from 8336061 s4:torture/rpc/handles: try to make all assoc_group tests less flakey http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b11ba248837ae9bf1df1c5ae1ca1768d57e582bb Author: Günther Deschner g...@samba.org Date: Fri Nov 23 18:15:30 2012 +0100 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) Guenther Signed-off-by: Günther Deschner g...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Mon Nov 26 17:36:20 CET 2012 on sn-devel-104 --- Summary of changes: source3/rpc_client/cli_pipe.c | 23 --- source3/rpc_client/cli_pipe.h |1 + source3/torture/rpc_open_tcp.c |3 ++- 3 files changed, 19 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index f8c7b24..61e6cce 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2420,6 +2420,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain, * Create an rpc pipe client struct, connecting to a tcp port. */ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, + const struct sockaddr_storage *ss_addr, uint16_t port, const struct ndr_syntax_id *abstract_syntax, struct rpc_pipe_client **presult) @@ -2448,9 +2449,13 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, result-max_xmit_frag = RPC_MAX_PDU_FRAG_LEN; result-max_recv_frag = RPC_MAX_PDU_FRAG_LEN; - if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) { - status = NT_STATUS_NOT_FOUND; - goto fail; + if (ss_addr == NULL) { + if (!resolve_name(host, addr, NBT_NAME_SERVER, false)) { + status = NT_STATUS_NOT_FOUND; + goto fail; + } + } else { + addr = *ss_addr; } status = open_socket_out(addr, port, 60*1000, fd); @@ -2487,6 +2492,7 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, * target host. */ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, + const struct sockaddr_storage *addr, const struct ndr_syntax_id *abstract_syntax, uint16_t *pport) { @@ -2517,7 +2523,7 @@ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, } /* open the connection to the endpoint mapper */ - status = rpc_pipe_open_tcp_port(tmp_ctx, host, 135, + status = rpc_pipe_open_tcp_port(tmp_ctx, host, addr, 135, ndr_table_epmapper.syntax_id, epm_pipe); @@ -2631,18 +2637,19 @@ done: * host. */ NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, const char *host, + const struct sockaddr_storage *addr, const struct ndr_syntax_id *abstract_syntax, struct rpc_pipe_client **presult) { NTSTATUS status; uint16_t port = 0; - status = rpc_pipe_get_tcp_port(host, abstract_syntax, port); + status = rpc_pipe_get_tcp_port(host, addr, abstract_syntax, port); if (!NT_STATUS_IS_OK(status)) { return status; } - return rpc_pipe_open_tcp_port(mem_ctx, host, port, + return rpc_pipe_open_tcp_port(mem_ctx, host, addr, port, abstract_syntax, presult); } @@ -2816,7 +2823,9 @@ static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli, { switch (transport) { case NCACN_IP_TCP: - return rpc_pipe_open_tcp(NULL, smbXcli_conn_remote_name(cli-conn), + return rpc_pipe_open_tcp(NULL, +smbXcli_conn_remote_name(cli-conn), + smbXcli_conn_remote_sockaddr(cli-conn), interface, presult); case NCACN_NP: return rpc_pipe_open_np(cli, interface, presult); diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h index 3984cf0..343bd0a 100644 --- a/source3/rpc_client/cli_pipe.h +++ b/source3/rpc_client/cli_pipe.h @@ -66,6 +66,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, NTSTATUS
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 994eec4 s3: Fix Coverity ID 741407 -- resource leak from b11ba24 s3-rpc_client: try to use socket_addr if available in rpc_pipe_open_tcp() (bug #9426) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 994eec4d5861c0027b4f863baf095d95ce22c695 Author: Volker Lendecke v...@samba.org Date: Sun Nov 25 10:19:23 2012 +0100 s3: Fix Coverity ID 741407 -- resource leak Reviewed-by: Michael Adam ob...@samba.org Autobuild-User(master): Michael Adam ob...@samba.org Autobuild-Date(master): Mon Nov 26 19:20:05 CET 2012 on sn-devel-104 --- Summary of changes: source3/lib/util_sock.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 7fcb9c4..2063a58 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -853,6 +853,7 @@ int open_udp_socket(const char *host, int port) salen = sizeof(struct sockaddr_in); } else { DEBUG(1, (unknown socket family %d, ss.ss_family)); + close(res); return -1; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ed68f75 s3: Do not free a string where we should not via db68915 s3: Do not free a string where we should not from 994eec4 s3: Fix Coverity ID 741407 -- resource leak http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ed68f75b676a6b1d08f9668d29ff6d09f558fbe6 Author: Volker Lendecke v...@samba.org Date: Sun Nov 25 14:19:32 2012 + s3: Do not free a string where we should not Reviewed by: Jeremy Allison j...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Mon Nov 26 22:03:05 CET 2012 on sn-devel-104 commit db68915a4eaaedede9dac77c6c748718ce156139 Author: Volker Lendecke v...@samba.org Date: Sun Nov 25 14:19:32 2012 + s3: Do not free a string where we should not Reviewed by: Jeremy Allison j...@samba.org --- Summary of changes: source3/winbindd/winbindd_cache.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index 517a302..e3406a5 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -1114,7 +1114,7 @@ NTSTATUS resolve_username_to_alias( TALLOC_CTX *mem_ctx, if ( (upper_name = SMB_STRDUP(name)) == NULL ) return NT_STATUS_NO_MEMORY; if (!strupper_m(upper_name)) { - SAFE_FREE(name); + SAFE_FREE(upper_name); return NT_STATUS_INVALID_PARAMETER; } @@ -1192,7 +1192,7 @@ NTSTATUS resolve_alias_to_username( TALLOC_CTX *mem_ctx, if ( (upper_name = SMB_STRDUP(alias)) == NULL ) return NT_STATUS_NO_MEMORY; if (!strupper_m(upper_name)) { - SAFE_FREE(alias); + SAFE_FREE(upper_name); return NT_STATUS_INVALID_PARAMETER; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5f2edd1 s3: Fix bug 9428 -- inotify detection broken from ed68f75 s3: Do not free a string where we should not http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f2edd13efd447df0500952a0946188432453eb7 Author: Volker Lendecke v...@samba.org Date: Sat Nov 24 11:39:02 2012 +0100 s3: Fix bug 9428 -- inotify detection broken Reviewed by: Jeremy Allison j...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Tue Nov 27 01:20:24 CET 2012 on sn-devel-104 --- Summary of changes: source3/configure.in |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index b74b4c2..bd3bffe 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -2509,7 +2509,7 @@ fi AC_CHECK_HEADER(sys/inotify.h) -if test xac_cv_header_sys_inotify_h = xyes; then +if test x$ac_cv_header_sys_inotify_h = xyes; then AC_DEFINE(HAVE_INOTIFY,1,[For inotify support]) fi -- Samba Shared Repository
[SCM] CTDB repository - branch 1.2.40 updated - ctdb-1.2.54-7-g8b2d844
The branch, 1.2.40 has been updated via 8b2d84482bacd3b31db013496ce82c2e7b730e86 (commit) via e78e37205308e1507a2cf86a655a95893a7cd413 (commit) via cfb85046e6ed87bf01c3abe8cc908a6d2be741e1 (commit) via 5c44156d1aea799f1d6655dd0237e01c49027b82 (commit) via bde1c733fc8c4009202bf185452914f17631c1e7 (commit) via 6479566a0a104b903f499979db594541ffc00a1f (commit) via 5205d545e8d8c72d73b9d5fd148df6de30392fc8 (commit) from b7467294465b6225982c90315df20a8699ccf812 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=1.2.40 - Log - commit 8b2d84482bacd3b31db013496ce82c2e7b730e86 Author: Amitay Isaacs ami...@gmail.com Date: Tue Nov 27 15:50:54 2012 +1100 New version 1.2.55 Signed-off-by: Amitay Isaacs ami...@gmail.com commit e78e37205308e1507a2cf86a655a95893a7cd413 Author: Amitay Isaacs ami...@gmail.com Date: Thu Nov 22 14:37:45 2012 +1100 Revert when creating/adding a public ip, set the initial interface to be the first interface specified This reverts commit 4308935ba48ac7a29e7523315acf580019715f0f. When IP is added to a node on a new interface for the first time, vnn-iface gets set to the first interface defined for that IP. This actually causes problem in ctdb_vnn_assign_iface(). Since vnn-iface is set it takes an early exit without updating vnn-pnn. This results in IP being hosted on the node, but CTDB still thinks it's unassigned. Signed-off-by: Amitay Isaacs ami...@gmail.com commit cfb85046e6ed87bf01c3abe8cc908a6d2be741e1 Author: Martin Schwenke mar...@meltin.net Date: Fri Nov 16 20:21:15 2012 +1100 Eventscripts: 10.interface should list configured interfaces The current code lists available interfaces. If IPs are configured in some other way than the public addresses file (e.g. ctdb addip) and their interfaces default to being marked down then, since down interfaces are not available, these interfaces can never be marked up. The configured interfaces should be listed instead. Signed-off-by: Martin Schwenke mar...@meltin.net Cherry-pick-from: d8f010355b715e49709836e057a5d0f110919897 Conflicts: config/events.d/10.interface commit 5c44156d1aea799f1d6655dd0237e01c49027b82 Author: Martin Schwenke mar...@meltin.net Date: Fri Nov 16 19:43:14 2012 +1100 ctdbd: Make the link status of new interfaces more flexible Neither up nor down is a good default value for the link status of a new interface. Up means that IPs can be assigned to interfaces before the true state is known and they can move away quickly if the interface is actually down. Down means that IPs can't be assigned to an interface for a variable amount of time - until a monitor cycle occurs - and this can result in imbalanced IPs. This is a neat compromise. Before the startup event completes, IPs can't be assigned to interfaces because all interfaces begin in a down state. As soon as the startup event completes, IPs can be allocated to any interface that has been marked up by the eventscript. Later, during normal operation, newly added IPs can be assigned to new interfaces immediately. The IPs will still move away if an interface is noticed to be down in the next monitor cycle, but that is the exception rather than the rule. Signed-off-by: Martin Schwenke mar...@meltin.net Cherry-pick-from: 9275a69a414482f1053ae14528d5972575b9214e commit bde1c733fc8c4009202bf185452914f17631c1e7 Author: Amitay Isaacs ami...@gmail.com Date: Tue Nov 6 17:06:54 2012 +1100 tools/ctdb: Do not use function return value as pnn This fixes the wrong code where same variable 'ret' is used to track the pnn and the return value of a function call. Signed-off-by: Amitay Isaacs ami...@gmail.com Cherry-pick-from: 718233c445cd6627ab3962b6565c2655f1f8efd0 commit 6479566a0a104b903f499979db594541ffc00a1f Author: Amitay Isaacs ami...@gmail.com Date: Tue Oct 23 16:23:12 2012 +1100 recoverd: Track the nodes that fail takeover run and set culprit count If any of the nodes fail takeover run (either due to timeout or failure to complete within takeover_timeout interval) from main loop, recovery master will give up trying takeover run with following message: Unable to setup public takeover addresses. Try again later And as a side-effect the monitoring is disabled on all the nodes. Before ctdb_takeover_run() is called from main loop, monitoring get disabled via startrecovery event. Since ctdb_takeover_run() fails, it never runs recovered event and monitoring does not get re-enabled. In main_loop, ctdb_takeover_run() is called with a takeover_fail_callback. This callback will get called if any of the nodes fail in handling
[SCM] CTDB repository - annotated tag ctdb-1.2.55 created - ctdb-1.2.55
The annotated tag, ctdb-1.2.55 has been created at 76b3981cd47807b493ff3f10cc681846b57ea32e (tag) tagging 8b2d84482bacd3b31db013496ce82c2e7b730e86 (commit) replaces ctdb-1.2.54 tagged by Amitay Isaacs on Tue Nov 27 15:51:18 2012 +1100 - Log - new version 1.2.55 Amitay Isaacs (5): daemon: Do not ignore timed out monitor events recoverd: Track the nodes that fail takeover run and set culprit count tools/ctdb: Do not use function return value as pnn Revert when creating/adding a public ip, set the initial interface to be the first interface specified New version 1.2.55 Martin Schwenke (2): ctdbd: Make the link status of new interfaces more flexible Eventscripts: 10.interface should list configured interfaces --- -- CTDB repository
[SCM] CTDB repository - branch master updated - ctdb-2.0-13-g9a02f61
The branch, master has been updated via 9a02f61547ddf74629aca21639d8fb61c1df7cbb (commit) from d05faf294e58e22ae3fbc76162258f1ae8178129 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 9a02f61547ddf74629aca21639d8fb61c1df7cbb Author: Volker Lendecke v...@samba.org Date: Thu Nov 22 15:27:51 2012 +0100 vacuum: Avoid some tallocs in ctdb recovery In a heavily loaded and volatile database a lot of SCHEDULE_FOR_DELETION requests can come in between fast vacuuming runs. This can lead to significant ctdb cpu load due to the cost of doing talloc_free. This reduces the number of objects a bit by coalescing the two objects of delete_record_data into one. It will also avoid having to allocate another talloc header for a SCHEDULE_FOR_DELETION key. Not the full fix for this problem, but it might contribute a bit. --- Summary of changes: server/ctdb_vacuum.c | 14 -- 1 files changed, 8 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/server/ctdb_vacuum.c b/server/ctdb_vacuum.c index 7f6a8f5..4a000b0 100644 --- a/server/ctdb_vacuum.c +++ b/server/ctdb_vacuum.c @@ -91,6 +91,7 @@ struct delete_record_data { struct ctdb_db_context *ctdb_db; struct ctdb_ltdb_header hdr; TDB_DATA key; + uint8_t keydata[1]; }; struct delete_records_list { @@ -108,21 +109,22 @@ static int insert_delete_record_data_into_tree(struct ctdb_context *ctdb, { struct delete_record_data *dd; uint32_t hash; + size_t len; - dd = talloc_zero(tree, struct delete_record_data); + len = offsetof(struct delete_record_data, keydata) + key.dsize; + + dd = (struct delete_record_data *)talloc_size(tree, len); if (dd == NULL) { DEBUG(DEBUG_ERR,(__location__ Out of memory\n)); return -1; } + talloc_set_name_const(dd, struct delete_record_data); dd-ctdb = ctdb; dd-ctdb_db = ctdb_db; dd-key.dsize = key.dsize; - dd-key.dptr = talloc_memdup(dd, key.dptr, key.dsize); - if (dd-key.dptr == NULL) { - DEBUG(DEBUG_ERR,(__location__ Out of memory\n)); - return -1; - } + dd-key.dptr = dd-keydata; + memcpy(dd-keydata, key.dptr, key.dsize); dd-hdr = *hdr; -- CTDB repository
[SCM] CTDB repository - branch master updated - ctdb-2.0-14-g905cd12
The branch, master has been updated via 905cd1293aa97dc7839a59b4f68eca02981f0891 (commit) from 9a02f61547ddf74629aca21639d8fb61c1df7cbb (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 905cd1293aa97dc7839a59b4f68eca02981f0891 Author: Martin Schwenke mar...@meltin.net Date: Fri Nov 23 12:51:47 2012 +1100 Git should ignore generated include/version.h file Signed-off-by: Martin Schwenke mar...@meltin.net --- Summary of changes: .gitignore |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/.gitignore b/.gitignore index 77ffc3b..6a71e4d 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,4 @@ tests/takeover/ctdb_takeover.pyc tests/eventscripts/var tests/eventscripts/etc/iproute2 tests/eventscripts/etc-ctdb/policy_routing +include/version.h -- CTDB repository