[SCM] Samba Shared Repository - branch master updated
Matthieu Patou
mat at samba.org
Sat Jul 3 14:18:13 MDT 2010
Matthias,
On 03/07/2010 18:13, Matthias Dieter WallnXXfer wrote:
> The branch, master has been updated
> via 518232d... s4:kinit blackbox test - set/reset also here the "minPwdAge"
> via f41d9eb... s4:dsdb/tests/python/ldap_schema.py - remove a now useless "schemaUpdateNow" request
> via 465c601... s4:urgent_replication.py test - remove unneeded "relax" control parameters
Are you sure that this control was really unneeded ?
> via 326aac0... s4:schema_load LDB module - fix a segfault condition on schema refresh
> via 02eab66... s4:schema_set.c - Fix a comment
> via d1ee7ab... s4:dsdb_schema_set_attributes - remove unneeded filter criterias
> via 368aa25... s4:dsdb_module_load_partition_usn - check for "res->count" equal/unequal to 1
> via 4df9757... s4:schema_set.c - fix typo
> via de81160... s4:schema_load.c - jump to "failed" on an error condition
> from 43b0c31... s4:setup/provision_basedn_modify.ldif - set "minPwdAge" to the right value
>
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
>
>
> - Log -----------------------------------------------------------------
> commit 518232d4578d700f5f5ea1609275a6cd1de3a1e7
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 15:52:00 2010 +0200
>
> s4:kinit blackbox test - set/reset also here the "minPwdAge"
>
> commit f41d9eb8dc5cf63625260ce577548b0471fc84c8
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 15:37:45 2010 +0200
>
> s4:dsdb/tests/python/ldap_schema.py - remove a now useless "schemaUpdateNow" request
>
> "schemaUpdateNow" on s4 is now a non-op and therefore not strictly needed anymore.
>
> commit 465c601071df9de9f15f65bdad3355a77cdc1d59
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 14:52:18 2010 +0200
>
> s4:urgent_replication.py test - remove unneeded "relax" control parameters
>
> commit 326aac06f52a1e4d37449622e02d561ee12608cf
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 14:33:23 2010 +0200
>
> s4:schema_load LDB module - fix a segfault condition on schema refresh
>
> The schema refresh operation itself starts requests from the top of the LDB
> modules stack (see call "dsdb_schema_set_attributes" - search operations).
> This doesn't work well when these do perform "dsdb_get_schema" calls. Since the
> new schema isn't marked as "refreshed" atm (but in fact it still is - we didn't
> terminate the reload/refresh yet) we could perform other calls to
> "dsdb_schema_refresh" and run into serious trouble (segfault).
>
> commit 02eab6602640e73f295a37019c0989dbd799229b
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 14:07:44 2010 +0200
>
> s4:schema_set.c - Fix a comment
>
> commit d1ee7ab16ee2993e12dad2a3eed2f1719fae11d7
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 14:05:04 2010 +0200
>
> s4:dsdb_schema_set_attributes - remove unneeded filter criterias
>
> We already choose the right entry by specifying the right basedn with scope
> "LDB_SCOPE_BASE".
>
> commit 368aa25f7c1a2b8c05780479b1e03a2632c42d11
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 12:47:46 2010 +0200
>
> s4:dsdb_module_load_partition_usn - check for "res->count" equal/unequal to 1
>
> commit 4df9757b48d72f0fd33ef6b7b4e359d6baa9b44f
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 12:36:34 2010 +0200
>
> s4:schema_set.c - fix typo
>
> commit de81160e754cfb65a471f29e03b6e1f1c1461eb2
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date: Sat Jul 3 12:35:16 2010 +0200
>
> s4:schema_load.c - jump to "failed" on an error condition
>
> -----------------------------------------------------------------------
>
> Summary of changes:
> source4/dsdb/samdb/ldb_modules/schema_load.c | 10 +++++++---
> source4/dsdb/samdb/ldb_modules/util.c | 2 +-
> source4/dsdb/schema/schema_set.c | 13 +++++++++----
> source4/dsdb/tests/python/ldap_schema.py | 10 ----------
> source4/dsdb/tests/python/urgent_replication.py | 4 ++--
> testprogs/blackbox/test_kinit.sh | 7 +++++++
> 6 files changed, 26 insertions(+), 20 deletions(-)
>
>
> Changeset truncated at 500 lines:
>
> diff --git a/source4/dsdb/samdb/ldb_modules/schema_load.c b/source4/dsdb/samdb/ldb_modules/schema_load.c
> index cffe529..30aafdb 100644
> --- a/source4/dsdb/samdb/ldb_modules/schema_load.c
> +++ b/source4/dsdb/samdb/ldb_modules/schema_load.c
> @@ -224,19 +224,23 @@ static int dsdb_schema_from_db(struct ldb_module *module, struct ldb_dn *schema_
> goto failed;
> }
>
> + (*schema)->refresh_in_progress = true;
> (*schema)->refresh_fn = dsdb_schema_refresh;
> (*schema)->loaded_from_module = module;
> (*schema)->loaded_usn = current_usn;
>
> - /* dsdb_set_schema() steal schema into the ldb_context */
> + /* "dsdb_set_schema()" steals schema into the ldb_context */
> ret = dsdb_set_schema(ldb, (*schema));
>
> + if (*schema != NULL) {
> + (*schema)->refresh_in_progress = false;
> + }
> +
> if (ret != LDB_SUCCESS) {
> ldb_debug_set(ldb, LDB_DEBUG_FATAL,
> "schema_load_init: dsdb_set_schema() failed: %d:%s: %s",
> ret, ldb_strerror(ret), ldb_errstring(ldb));
> - talloc_free(tmp_ctx);
> - return ret;
> + goto failed;
> }
>
> /* Ensure this module won't go away before the callback */
> diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
> index ae08c00..48e195b 100644
> --- a/source4/dsdb/samdb/ldb_modules/util.c
> +++ b/source4/dsdb/samdb/ldb_modules/util.c
> @@ -779,7 +779,7 @@ int dsdb_module_load_partition_usn(struct ldb_module *module, struct ldb_dn *dn,
> return ret;
> }
>
> - if (res->count< 1) {
> + if (res->count != 1) {
> *uSN = 0;
> if (urgent_uSN) {
> *urgent_uSN = 0;
> diff --git a/source4/dsdb/schema/schema_set.c b/source4/dsdb/schema/schema_set.c
> index e09d207..1dcb4f8 100644
> --- a/source4/dsdb/schema/schema_set.c
> +++ b/source4/dsdb/schema/schema_set.c
> @@ -125,7 +125,8 @@ static int dsdb_schema_set_attributes(struct ldb_context *ldb, struct dsdb_schem
> }
>
> /* Try to avoid churning the attributes too much - we only want to do this if they have changed */
> - ret = ldb_search(ldb, mem_ctx,&res, msg->dn, LDB_SCOPE_BASE, NULL, "dn=%s", ldb_dn_get_linearized(msg->dn));
> + ret = ldb_search(ldb, mem_ctx,&res, msg->dn, LDB_SCOPE_BASE, NULL,
> + NULL);
> if (ret == LDB_ERR_NO_SUCH_OBJECT) {
> ret = ldb_add(ldb, msg);
> } else if (ret != LDB_SUCCESS) {
> @@ -154,7 +155,8 @@ static int dsdb_schema_set_attributes(struct ldb_context *ldb, struct dsdb_schem
>
> /* Now write out the indexs, as found in the schema (if they have changed) */
>
> - ret = ldb_search(ldb, mem_ctx,&res_idx, msg_idx->dn, LDB_SCOPE_BASE, NULL, "dn=%s", ldb_dn_get_linearized(msg_idx->dn));
> + ret = ldb_search(ldb, mem_ctx,&res_idx, msg_idx->dn, LDB_SCOPE_BASE,
> + NULL, NULL);
> if (ret == LDB_ERR_NO_SUCH_OBJECT) {
> ret = ldb_add(ldb, msg_idx);
> } else if (ret != LDB_SUCCESS) {
> @@ -385,7 +387,9 @@ int dsdb_set_schema(struct ldb_context *ldb, struct dsdb_schema *schema)
> if (ret != LDB_SUCCESS) {
> return ret;
> }
> - /* Remove the refernece to the schema we just overwrote - if there was none, NULL is harmless here */
> +
> + /* Remove the reference to the schema we just overwrote - if there was
> + * none, NULL is harmless here */
> if (old_schema != schema) {
> talloc_unlink(ldb, old_schema);
> talloc_steal(ldb, schema);
> @@ -424,7 +428,8 @@ int dsdb_reference_schema(struct ldb_context *ldb, struct dsdb_schema *schema,
> return ret;
> }
>
> - /* Remove the refernece to the schema we just overwrote - if there was none, NULL is harmless here */
> + /* Remove the reference to the schema we just overwrote - if there was
> + * none, NULL is harmless here */
> talloc_unlink(ldb, old_schema);
>
> if (talloc_reference(ldb, schema) == NULL) {
> diff --git a/source4/dsdb/tests/python/ldap_schema.py b/source4/dsdb/tests/python/ldap_schema.py
> index 270e22a..4f17dd8 100755
> --- a/source4/dsdb/tests/python/ldap_schema.py
> +++ b/source4/dsdb/tests/python/ldap_schema.py
> @@ -118,16 +118,6 @@ systemOnly: FALSE
> self.assertEquals(res[0]["lDAPDisplayName"][0], attr_ldap_display_name)
> self.assertTrue("schemaIDGUID" in res[0])
>
> - # Samba requires a "schemaUpdateNow" here.
> - # TODO: remove this when Samba is fixed
> - ldif = """
> -dn:
> -changetype: modify
> -add: schemaUpdateNow
> -schemaUpdateNow: 1
> -"""
> - self.ldb.modify_ldif(ldif)
> -
> class_name = "test-Class" + time.strftime("%s", time.gmtime())
> class_ldap_display_name = class_name.replace("-", "")
>
> diff --git a/source4/dsdb/tests/python/urgent_replication.py b/source4/dsdb/tests/python/urgent_replication.py
> index 5e9f4ad..092466d 100755
> --- a/source4/dsdb/tests/python/urgent_replication.py
> +++ b/source4/dsdb/tests/python/urgent_replication.py
> @@ -183,7 +183,7 @@ systemOnly: FALSE
> searchFlags: 8
> lDAPDisplayName: test attributeSchema
> name: test attributeSchema
> -systemFlags: 0""", ["relax:0"]);
> +systemFlags: 0""");
>
> # urgent replication should be enabled when creating
> res = self.ldb.load_partition_usn("cn=Schema,cn=Configuration," + self.base_dn)
> @@ -226,7 +226,7 @@ systemMustContain: msDFS-SchemaMajorVersion
> defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCD
> CLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)
> systemFlags: 16
> -defaultHidingValue: TRUE""", ["relax:0"]);
> +defaultHidingValue: TRUE""");
>
> # urgent replication should be enabled when creating
> res = self.ldb.load_partition_usn("cn=Schema,cn=Configuration," + self.base_dn)
> diff --git a/testprogs/blackbox/test_kinit.sh b/testprogs/blackbox/test_kinit.sh
> index 0373452..a32d167 100755
> --- a/testprogs/blackbox/test_kinit.sh
> +++ b/testprogs/blackbox/test_kinit.sh
> @@ -51,9 +51,14 @@ test_smbclient() {
>
> enctype="-e $ENCTYPE"
>
> +PWSETCONFIG="-H ldap://$SERVER -U$USERNAME%$PASSWORD"
> +export PWSETCONFIG
> +
> KRB5CCNAME="$PREFIX/tmpccache"
> export KRB5CCNAME
>
> +testit "reset password policies beside of minimum password age of 0 days" $VALGRIND $net pwsettings $PWSETCONFIG set --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
> +
> echo $PASSWORD> ./tmppassfile
> #testit "kinit with keytab" $samba4kinit $enctype --keytab=$PREFIX/dc/private/secrets.keytab $SERVER\$@$REALM || failed=`expr $failed + 1`
> testit "kinit with password" $samba4kinit $enctype --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1`
> @@ -165,5 +170,7 @@ rm -f $KRB5CCNAME
> testit "kinit with machineaccountccache script" $machineaccountccache $CONFIGURATTION $KRB5CCNAME || failed=`expr $failed + 1`
> test_smbclient "Test machine account login with kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1`
>
> +testit "reset password policies" $VALGRIND $net pwsettings $PWSETCONFIG set --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
> +
> rm -f $PREFIX/tmpccache tmpccfile tmppassfile tmpuserpassfile tmpuserccache tmpkpasswdscript
> exit $failed
>
>
--
Matthieu Patou
Samba Team http://samba.org
More information about the samba-cvs
mailing list