[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Wed Sep 1 18:41:49 MDT 2010
The branch, master has been updated
via 768475d s4:dsdb Fix attribute being searched for in dereference against Fedora DS
via 68c61df s4:dsdb Make the dereference control critical if input is critical
via 379d073 s4:dsdb Don't reload the schema against OpenLDAP backend
via 896553a s4:provision Allow OpenLDAP backend to provision again
via 9aae504 s4:provision Improved error handling in provisionbackend
from 97246f7 s4-test-dssync: Print the reason for skipping FetchNT4Data test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 768475d5716faaf3e730404d44d68f7a3250d861
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Jul 11 23:11:09 2010 +1000
s4:dsdb Fix attribute being searched for in dereference against Fedora DS
The problem here is that these attributes are not mapped in the
simple_ldap_map, and they were changed a while back.
Andrew Bartlett
commit 68c61dfa3fa925c63247bef83f10dfa2efa458e6
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Jul 11 23:08:46 2010 +1000
s4:dsdb Make the dereference control critical if input is critical
This helps us ensure that the backend knows about and respects the
dereference control if our caller has asked that the extended DN control
be considered critical.
Andrew Bartlett
commit 379d073444f7acafb6e5761dd667073ad7371771
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Jul 11 23:07:06 2010 +1000
s4:dsdb Don't reload the schema against OpenLDAP backend
The schema should be considered read-only when we are using the OL
backend, as we can't update the backend schema in real time anyway.
Andrew Bartlett
commit 896553a1a85f541f72ab6b45e71d89d00e727791
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jul 8 11:44:13 2010 +1000
s4:provision Allow OpenLDAP backend to provision again
OpenLDAP does not have any post-setup requirements at the moment.
Andrew Bartlett
commit 9aae50443df5471b91e4d829c0ca0285adeb71bb
Author: Zahari Zahariev <zahari.zahariev at postpath.com>
Date: Sat Jul 3 21:43:42 2010 +0300
s4:provision Improved error handling in provisionbackend
When using OpenLDAP as a backend with Samba4 we get failure during
provision and this patch will help better determining the real error.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/extended_dn_out.c | 6 ++++--
source4/dsdb/samdb/ldb_modules/samba_dsdb.c | 4 ++++
source4/dsdb/samdb/ldb_modules/schema_load.c | 12 +++++++++---
source4/scripting/python/samba/provisionbackend.py | 7 +++++--
4 files changed, 22 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn_out.c b/source4/dsdb/samdb/ldb_modules/extended_dn_out.c
index ba4054a..07c0bff 100644
--- a/source4/dsdb/samdb/ldb_modules/extended_dn_out.c
+++ b/source4/dsdb/samdb/ldb_modules/extended_dn_out.c
@@ -549,6 +549,7 @@ static int extended_dn_out_search(struct ldb_module *module, struct ldb_request
const char * const *const_attrs;
struct ldb_context *ldb = ldb_module_get_ctx(module);
int ret;
+ bool critical;
struct extended_dn_out_private *p = talloc_get_type(ldb_module_get_private(module), struct extended_dn_out_private);
@@ -646,6 +647,7 @@ static int extended_dn_out_search(struct ldb_module *module, struct ldb_request
/* mark extended DN and storage format controls as done */
if (control) {
+ critical = control->critical;
control->critical = 0;
}
@@ -659,7 +661,7 @@ static int extended_dn_out_search(struct ldb_module *module, struct ldb_request
if (control && p && p->dereference && p->dereference_control) {
ret = ldb_request_add_control(down_req,
DSDB_OPENLDAP_DEREFERENCE_CONTROL,
- false, p->dereference_control);
+ critical, p->dereference_control);
if (ret != LDB_SUCCESS) {
return ret;
}
@@ -824,7 +826,7 @@ static int extended_dn_out_fds_init(struct ldb_module *module)
{
static const char *attrs[] = {
"nsUniqueId",
- "objectSID",
+ "sambaSID",
NULL
};
diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
index 82f5ec3..cdfc8d7 100644
--- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
+++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
@@ -260,6 +260,10 @@ static int samba_dsdb_init(struct ldb_module *module)
backend_modules = openldap_backend_modules;
extended_dn_module = extended_dn_module_openldap;
}
+ ret = ldb_set_opaque(ldb, "readOnlySchema", (void*)1);
+ if (ret != LDB_SUCCESS) {
+ ldb_set_errstring(ldb, "Failed to set readOnlySchema opaque");
+ }
}
#define CHECK_MODULE_LIST \
diff --git a/source4/dsdb/samdb/ldb_modules/schema_load.c b/source4/dsdb/samdb/ldb_modules/schema_load.c
index 1542018..28c0209 100644
--- a/source4/dsdb/samdb/ldb_modules/schema_load.c
+++ b/source4/dsdb/samdb/ldb_modules/schema_load.c
@@ -225,9 +225,15 @@ static int dsdb_schema_from_db(struct ldb_module *module, struct ldb_dn *schema_
}
(*schema)->refresh_in_progress = true;
- (*schema)->refresh_fn = dsdb_schema_refresh;
- (*schema)->loaded_from_module = module;
- (*schema)->loaded_usn = current_usn;
+
+ /* If we have the readOnlySchema opaque, then don't check for
+ * runtime schema updates, as they are not permitted (we would
+ * have to update the backend server schema too */
+ if (!ldb_get_opaque(ldb, "readOnlySchema")) {
+ (*schema)->refresh_fn = dsdb_schema_refresh;
+ (*schema)->loaded_from_module = module;
+ (*schema)->loaded_usn = current_usn;
+ }
/* "dsdb_set_schema()" steals schema into the ldb_context */
ret = dsdb_set_schema(ldb, (*schema));
diff --git a/source4/scripting/python/samba/provisionbackend.py b/source4/scripting/python/samba/provisionbackend.py
index ccb793f..7a36bdc 100644
--- a/source4/scripting/python/samba/provisionbackend.py
+++ b/source4/scripting/python/samba/provisionbackend.py
@@ -273,6 +273,8 @@ class LDAPBackend(ProvisionBackend):
# and now wait for it to die
self.slapd.communicate()
+ def post_setup(self):
+ pass
class OpenLDAPBackend(LDAPBackend):
@@ -538,11 +540,12 @@ class OpenLDAPBackend(LDAPBackend):
if not os.path.isdir(self.olcdir):
os.makedirs(self.olcdir, 0770)
- retcode = subprocess.call([self.slapd_path, "-Ttest", "-n", "0",
- "-f", self.slapdconf, "-F", self.olcdir], close_fds=True,
+ slapd_cmd = [self.slapd_path, "-Ttest", "-n", "0", "-f", self.slapdconf, "-F", self.olcdir]
+ retcode = subprocess.call(slapd_cmd, close_fds=True,
shell=False)
if retcode != 0:
+ self.logger.error("conversion from slapd.conf to cn=config failed slapd started with: %s" % "\'" + "\' \'".join(slapd_cmd) + "\'")
raise ProvisioningError("conversion from slapd.conf to cn=config failed")
if not os.path.exists(os.path.join(self.olcdir, "cn=config.ldif")):
--
Samba Shared Repository
More information about the samba-cvs
mailing list