[SCM] Samba Shared Repository - branch master updated

Matthieu Patou mat at samba.org
Fri Dec 23 01:31:03 MST 2011


The branch, master has been updated
       via  601f382 s4:drsuapi/getncchanges: the default for isRecycled is FALSE
       via  7d13f7d s4-drsuapi: we store boolean in upppercase so we need to test them in uppercase
       via  34d549d s4-kcc: Remove also deleted objects that are not in the Deleted Object container
       via  ea9fb5c s4-ldb: Add isRecycled when is defined in the schema
      from  271c7d9 s4:rpc-dnsserver: Set the rank for the new DNS record correctly

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 601f3822d5c86f30aff185bc2a5ed7d4803cac51
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Nov 15 12:42:22 2011 +0100

    s4:drsuapi/getncchanges: the default for isRecycled is FALSE
    
    metze
    
    Autobuild-User: Matthieu Patou <mat at samba.org>
    Autobuild-Date: Fri Dec 23 09:30:09 CET 2011 on sn-devel-104

commit 7d13f7d4a1c01513702beeb4f62892a86238b283
Author: Matthieu Patou <mat at matws.net>
Date:   Mon Nov 14 18:32:41 2011 +0100

    s4-drsuapi: we store boolean in upppercase so we need to test them in uppercase
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 34d549de34a10129dfb1d3a2f788f15c8110d3d4
Author: Matthieu Patou <mat at matws.net>
Date:   Tue Nov 15 12:38:51 2011 +0100

    s4-kcc: Remove also deleted objects that are not in the Deleted Object container
    
    For the configuration container we do a full scan at every run of the
    kcc-delete service. For the base DN we introduce a new parameter that
    avoid the full scan to kick just when samba starts.
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit ea9fb5cad84595aca3544df521607616aec9041d
Author: Matthieu Patou <mat at matws.net>
Date:   Tue Nov 1 23:12:47 2011 +0100

    s4-ldb: Add isRecycled when is defined in the schema
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/kcc/kcc_deleted.c                  |   38 +++++++++++++++++++++-
 source4/dsdb/kcc/kcc_service.h                  |    2 +
 source4/dsdb/samdb/ldb_modules/repl_meta_data.c |   12 +++++--
 source4/rpc_server/drsuapi/getncchanges.c       |    8 ++--
 4 files changed, 51 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/kcc/kcc_deleted.c b/source4/dsdb/kcc/kcc_deleted.c
index 5d2585d..0e1a428 100644
--- a/source4/dsdb/kcc/kcc_deleted.c
+++ b/source4/dsdb/kcc/kcc_deleted.c
@@ -44,8 +44,12 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
 	struct kccsrv_partition *part;
 	int ret;
 	uint32_t tombstoneLifetime;
+	bool do_fs = false;
 
+	time_t interval = lpcfg_parm_int(s->task->lp_ctx, NULL, "kccsrv",
+						    "check_deleted_full_scan_interval", 86400);
 	time_t t = time(NULL);
+
 	if (t - s->last_deleted_check < lpcfg_parm_int(s->task->lp_ctx, NULL, "kccsrv",
 						    "check_deleted_interval", 600)) {
 		return NT_STATUS_OK;
@@ -57,6 +61,22 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
 		DEBUG(1,(__location__ ": Failed to get tombstone lifetime\n"));
 		return NT_STATUS_INTERNAL_DB_CORRUPTION;
 	}
+	if (s->last_full_scan_deleted_check > 0 && ((t - s->last_full_scan_deleted_check) > interval )) {
+		do_fs = true;
+		s->last_full_scan_deleted_check = t;
+	}
+
+	if (s->last_full_scan_deleted_check == 0) {
+		/*
+		 * If we never made a full scan set the last full scan event to be in the past
+		 * and that 9/10 of the full scan interval has already passed.
+		 * This is done to avoid the full scan to fire just at the begining of samba
+		 * or a couple of minutes after the start.
+		 * With this "setup" and default values of interval, the full scan will fire
+		 * 2.4 hours after the start of samba
+		 */
+		s->last_full_scan_deleted_check = t - ((9 * interval) / 10);
+	}
 
 	for (part=s->partitions; part; part=part->next) {
 		struct ldb_dn *do_dn;
@@ -70,8 +90,18 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
 			   container */
 			continue;
 		}
-		ret = dsdb_search(s->samdb, do_dn, &res, do_dn, LDB_SCOPE_ONELEVEL, attrs,
-				  DSDB_SEARCH_SHOW_RECYCLED, NULL);
+
+		if (!do_fs && ldb_dn_compare(ldb_get_config_basedn(s->samdb), part->dn)) {
+			ret = dsdb_search(s->samdb, do_dn, &res, do_dn, LDB_SCOPE_ONELEVEL, attrs,
+					DSDB_SEARCH_SHOW_RECYCLED, NULL);
+		} else {
+			if (do_fs) {
+				DEBUG(1, ("Doing a full scan on %s and looking for deleted object\n",
+						ldb_dn_get_linearized(part->dn)));
+			}
+			ret = dsdb_search(s->samdb, part->dn, &res, part->dn, LDB_SCOPE_SUBTREE, attrs,
+					DSDB_SEARCH_SHOW_RECYCLED, "(isDeleted=TRUE)");
+		}
 
 		if (ret != LDB_SUCCESS) {
 			DEBUG(1,(__location__ ": Failed to search for deleted objects in %s\n",
@@ -84,6 +114,10 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
 			const char *tstring;
 			time_t whenChanged = 0;
 
+			if (ldb_dn_compare(do_dn, res->msgs[i]->dn) == 0) {
+				/* Skip the Deleted Object Container */
+				continue;
+			}
 			tstring = ldb_msg_find_attr_as_string(res->msgs[i], "whenChanged", NULL);
 			if (tstring) {
 				whenChanged = ldb_string_to_time(tstring);
diff --git a/source4/dsdb/kcc/kcc_service.h b/source4/dsdb/kcc/kcc_service.h
index 1e6d35e..b3ba226 100644
--- a/source4/dsdb/kcc/kcc_service.h
+++ b/source4/dsdb/kcc/kcc_service.h
@@ -88,6 +88,8 @@ struct kccsrv_service {
 
 	time_t last_deleted_check;
 
+	time_t last_full_scan_deleted_check;
+
 	bool am_rodc;
 
 	/* run new samba_kcc topology generator code */
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index eb5d036..daca5da 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -3008,9 +3008,15 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req)
 	case OBJECT_RECYCLED:
 	case OBJECT_TOMBSTONE:
 
-		/* we also mark it as recycled, meaning this object can't be
-		   recovered (we are stripping its attributes) */
-		if (functional_level >= DS_DOMAIN_FUNCTION_2008_R2) {
+		/*
+		 * we also mark it as recycled, meaning this object can't be
+		 * recovered (we are stripping its attributes).
+		 * This is done only if we have this schema object of course ...
+		 * This behavior is identical to the one of Windows 2008R2 which
+		 * always set the isRecycled attribute, even if the recycle-bin is
+		 * not activated and what ever the forest level is.
+		 */
+		if (dsdb_attribute_by_lDAPDisplayName(schema, "isRecycled") != NULL) {
 			ret = ldb_msg_add_string(msg, "isRecycled", "TRUE");
 			if (ret != LDB_SUCCESS) {
 				DEBUG(0,(__location__ ": Failed to add isRecycled string to the msg\n"));
diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index f6e4573..07e64d3 100644
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -375,15 +375,15 @@ static WERROR get_nc_changes_add_la(TALLOC_CTX *mem_ctx,
 		int ret;
 		const char *v;
 
-		v = ldb_msg_find_attr_as_string(msg, "isDeleted", "false");
-		if (strncasecmp(v, "true", 4) == 0) {
+		v = ldb_msg_find_attr_as_string(msg, "isDeleted", "FALSE");
+		if (strncmp(v, "TRUE", 4) == 0) {
 			/*
 			  * Note: we skip the transmition of the deleted link even if the other part used to
 			  * know about it because when we transmit the deletion of the object, the link will
 			  * be deleted too due to deletion of object where link points and Windows do so.
 			  */
 			if (dsdb_functional_level(sam_ctx) >= DS_DOMAIN_FUNCTION_2008_R2) {
-				v = ldb_msg_find_attr_as_string(msg, "isRecycled", "true");
+				v = ldb_msg_find_attr_as_string(msg, "isRecycled", "FALSE");
 				/*
 				 * On Windows 2008R2 isRecycled is always present even if FL or DL are < FL 2K8R2
 				 * if it join an existing domain with deleted objets, it firsts impose to have a
@@ -396,7 +396,7 @@ static WERROR get_nc_changes_add_la(TALLOC_CTX *mem_ctx,
 				 * For this kind of forest level we do not return the link if the object is recycled
 				 * (isRecycled = true).
 				 */
-				if (strncasecmp(v, "true", 4) == 0) {
+				if (strncmp(v, "TRUE", 4) == 0) {
 					DEBUG(2, (" object %s is recycled, not returning linked attribute !\n",
 								ldb_dn_get_linearized(msg->dn)));
 					return WERR_OK;


-- 
Samba Shared Repository


More information about the samba-cvs mailing list