[SCM] Samba Shared Repository - branch master updated
Volker Lendecke
vlendec at samba.org
Wed Jan 18 08:22:02 MST 2012
The branch, master has been updated
via d2bf6af s3: Use lock_order for setting the db priority
via d2068d3 s3: Pass down lock_order to db_open_ctdb
via b9e8060 Revert "Fix bug #8175 - smbd deadlock."
via cf77a21 s3: Change locking order between brlock and locking
via 333c923 s3: Enforce a lock order in dbwrap
via 45e61fc s3: Add a "lock_order" argument to db_open
from e75c436 s3-passdb: trying to decouple passdb and secrets a little.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d2bf6af1651c44b29d69be6944cd6148d90caed0
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jan 16 13:42:52 2012 +0100
s3: Use lock_order for setting the db priority
Autobuild-User: Volker Lendecke <vlendec at samba.org>
Autobuild-Date: Wed Jan 18 16:21:52 CET 2012 on sn-devel-104
commit d2068d33a4adcb10037c63c092669efe7f077b8e
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jan 16 12:50:44 2012 +0100
s3: Pass down lock_order to db_open_ctdb
commit b9e806050f65b3f787a797c125131200e59304d2
Author: Volker Lendecke <vl at samba.org>
Date: Fri Jan 13 14:10:44 2012 +0100
Revert "Fix bug #8175 - smbd deadlock."
This reverts commit 5a2b5b6cfed74e0e9c2965525995f64cdad7b7c9.
commit cf77a21c633807b178fb716dba7a6284cca58511
Author: Volker Lendecke <vl at samba.org>
Date: Fri Jan 13 13:26:41 2012 +0100
s3: Change locking order between brlock and locking
But 8175 was fixed in a way that brlock.tdb was always locked before
locking.tdb. This patch fixes the bug in a different way. locking.tdb
is the central tdb for files and should always be locked first.
This patch solves the problem by postponing the level2 break messages,
which are async anyway.
commit 333c92384b0680b8f8e5198dd68d49b249b34ec7
Author: Volker Lendecke <vl at samba.org>
Date: Sun Jan 8 19:04:39 2012 +0100
s3: Enforce a lock order in dbwrap
This makes sure we do not deadlock from doing two dbwrap_fetch_locked in two
processes in different orders. At open time, we assign a strict order to all
databases. lock_order 1 will be locked first, lock_order 2 second. No two
records of the same lock order may be locked at the same time.
commit 45e61fcf61ed9863fbe2b116fe0763fc139bbe0d
Author: Volker Lendecke <vl at samba.org>
Date: Fri Jan 6 17:19:54 2012 +0100
s3: Add a "lock_order" argument to db_open
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
-----------------------------------------------------------------------
Summary of changes:
source3/groupdb/mapping_tdb.c | 3 +-
source3/lib/conn_tdb.c | 3 +-
source3/lib/dbwrap/dbwrap.c | 81 +++++++++++++++++++++++++++++-
source3/lib/dbwrap/dbwrap_ctdb.c | 24 ++++++++-
source3/lib/dbwrap/dbwrap_ctdb.h | 5 ++-
source3/lib/dbwrap/dbwrap_open.c | 25 ++++++++-
source3/lib/dbwrap/dbwrap_open.h | 8 +++-
source3/lib/dbwrap/dbwrap_private.h | 3 +
source3/lib/dbwrap/dbwrap_rbt.c | 1 +
source3/lib/g_lock.c | 3 +-
source3/lib/serverid.c | 3 +-
source3/lib/sessionid_tdb.c | 3 +-
source3/lib/sharesec.c | 3 +-
source3/locking/brlock.c | 3 +-
source3/locking/share_mode_lock.c | 3 +-
source3/modules/nfs4_acls.c | 3 +-
source3/modules/vfs_acl_tdb.c | 3 +-
source3/modules/vfs_xattr_tdb.c | 3 +-
source3/passdb/account_pol.c | 5 +-
source3/passdb/pdb_tdb.c | 9 ++-
source3/passdb/secrets.c | 3 +-
source3/printing/printer_list.c | 2 +-
source3/registry/reg_backend_db.c | 9 ++-
source3/smbd/notify_internal.c | 6 ++-
source3/smbd/open.c | 94 ++++++++++-------------------------
source3/smbd/oplock.c | 66 +++++++++++++++++++++---
source3/torture/torture.c | 2 +-
source3/utils/dbwrap_tool.c | 3 +-
source3/utils/dbwrap_torture.c | 3 +-
source3/utils/net_idmap.c | 12 +++--
source3/utils/net_idmap_check.c | 3 +-
source3/utils/net_registry_check.c | 6 ++-
source3/utils/status.c | 3 +-
source3/winbindd/idmap_autorid.c | 3 +-
source3/winbindd/idmap_tdb.c | 3 +-
source3/winbindd/idmap_tdb2.c | 3 +-
36 files changed, 294 insertions(+), 121 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c
index 1dea9e4..088874f 100644
--- a/source3/groupdb/mapping_tdb.c
+++ b/source3/groupdb/mapping_tdb.c
@@ -53,7 +53,8 @@ static bool init_group_mapping(void)
}
db = db_open(NULL, state_path("group_mapping.tdb"), 0,
- TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ TDB_DEFAULT, O_RDWR|O_CREAT, 0600,
+ DBWRAP_LOCK_ORDER_1);
if (db == NULL) {
DEBUG(0, ("Failed to open group mapping database: %s\n",
strerror(errno)));
diff --git a/source3/lib/conn_tdb.c b/source3/lib/conn_tdb.c
index f600871..9b0a07a 100644
--- a/source3/lib/conn_tdb.c
+++ b/source3/lib/conn_tdb.c
@@ -36,7 +36,8 @@ static struct db_context *connections_db_ctx(bool rw)
open_flags = rw ? (O_RDWR|O_CREAT) : O_RDONLY;
db_ctx = db_open(NULL, lock_path("connections.tdb"), 0,
- TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH|TDB_DEFAULT, open_flags, 0644);
+ TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH|TDB_DEFAULT,
+ open_flags, 0644, DBWRAP_LOCK_ORDER_1);
return db_ctx;
}
diff --git a/source3/lib/dbwrap/dbwrap.c b/source3/lib/dbwrap/dbwrap.c
index c551bfd..e443fa5 100644
--- a/source3/lib/dbwrap/dbwrap.c
+++ b/source3/lib/dbwrap/dbwrap.c
@@ -75,11 +75,90 @@ NTSTATUS dbwrap_record_delete(struct db_record *rec)
return rec->delete_rec(rec);
}
+struct dbwrap_lock_order_state {
+ uint8_t *plock_order_mask;
+ uint8_t bitmask;
+};
+
+static int dbwrap_lock_order_state_destructor(
+ struct dbwrap_lock_order_state *s)
+{
+ *s->plock_order_mask &= ~s->bitmask;
+ return 0;
+}
+
+static struct dbwrap_lock_order_state *dbwrap_check_lock_order(
+ struct db_context *db, TALLOC_CTX *mem_ctx)
+{
+ /*
+ * Store the lock_order of currently locked records as bits in
+ * "lock_order_mask". We only use levels 1,2,3 right now, so a
+ * single uint8_t is enough.
+ */
+ static uint8_t lock_order_mask;
+
+ struct dbwrap_lock_order_state *state;
+ uint8_t idx;
+ int used;
+
+ if (db->lock_order == 0) {
+ /*
+ * lock order 0 is for example for dbwrap_rbt without
+ * real locking. Return state nevertheless to avoid
+ * special cases.
+ */
+ return talloc(mem_ctx, struct dbwrap_lock_order_state);
+ }
+
+ /*
+ * We fill bits from the high bits, to be able to use
+ * "ffs(lock_order_mask)"
+ */
+ idx = sizeof(lock_order_mask)*8 - db->lock_order;
+
+ used = ffs(lock_order_mask);
+
+ DEBUG(1, ("used=%d, lock_order=%d, idx=%d\n", used,
+ (int)db->lock_order, (int)idx));
+
+ if ((used != 0) && (used-1 <= idx)) {
+ DEBUG(0, ("Lock order violation: Trying %d, order_mask=%x\n",
+ (int)db->lock_order, (int)lock_order_mask));
+ return NULL;
+ }
+
+ state = talloc(mem_ctx, struct dbwrap_lock_order_state);
+ if (state == NULL) {
+ DEBUG(1, ("talloc failed\n"));
+ return NULL;
+ }
+ state->bitmask = 1 << idx;
+ state->plock_order_mask = &lock_order_mask;
+
+ talloc_set_destructor(state, dbwrap_lock_order_state_destructor);
+ lock_order_mask |= state->bitmask;
+
+ return state;
+}
+
struct db_record *dbwrap_fetch_locked(struct db_context *db,
TALLOC_CTX *mem_ctx,
TDB_DATA key)
{
- return db->fetch_locked(db, mem_ctx, key);
+ struct db_record *rec;
+ struct dbwrap_lock_order_state *lock_order;
+
+ lock_order = dbwrap_check_lock_order(db, talloc_tos());
+ if (lock_order == NULL) {
+ return NULL;
+ }
+ rec = db->fetch_locked(db, mem_ctx, key);
+ if (rec == NULL) {
+ TALLOC_FREE(lock_order);
+ return NULL;
+ }
+ (void)talloc_steal(rec, lock_order);
+ return rec;
}
struct dbwrap_fetch_state {
diff --git a/source3/lib/dbwrap/dbwrap_ctdb.c b/source3/lib/dbwrap/dbwrap_ctdb.c
index 0acaf67..3c1ab44 100644
--- a/source3/lib/dbwrap/dbwrap_ctdb.c
+++ b/source3/lib/dbwrap/dbwrap_ctdb.c
@@ -1431,13 +1431,17 @@ static int db_ctdb_get_flags(struct db_context *db)
struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
const char *name,
int hash_size, int tdb_flags,
- int open_flags, mode_t mode)
+ int open_flags, mode_t mode,
+ enum dbwrap_lock_order lock_order)
{
struct db_context *result;
struct db_ctdb_ctx *db_ctdb;
char *db_path;
struct ctdbd_connection *conn;
struct loadparm_context *lp_ctx;
+ struct ctdb_db_priority prio;
+ NTSTATUS status;
+ int cstatus;
if (!lp_clustering()) {
DEBUG(10, ("Clustering disabled -- no ctdb\n"));
@@ -1484,6 +1488,21 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
chmod(db_path, mode);
}
+ prio.db_id = db_ctdb->db_id;
+ prio.priority = lock_order;
+
+ status = ctdbd_control_local(
+ conn, CTDB_CONTROL_SET_DB_PRIORITY, 0, 0,
+ make_tdb_data((uint8_t *)&prio, sizeof(prio)),
+ NULL, NULL, &cstatus);
+
+ if (!NT_STATUS_IS_OK(status) || (cstatus != 0)) {
+ DEBUG(1, ("CTDB_CONTROL_SET_DB_PRIORITY failed: %s, %d\n",
+ nt_errstr(status), cstatus));
+ TALLOC_FREE(result);
+ return NULL;
+ }
+
lp_ctx = loadparm_init_s3(db_path, loadparm_s3_context());
db_ctdb->wtdb = tdb_wrap_open(db_ctdb, db_path, hash_size, tdb_flags,
@@ -1528,7 +1547,8 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
const char *name,
int hash_size, int tdb_flags,
- int open_flags, mode_t mode)
+ int open_flags, mode_t mode,
+ enum dbwrap_lock_order lock_order)
{
DEBUG(3, ("db_open_ctdb: no cluster support!\n"));
return NULL;
diff --git a/source3/lib/dbwrap/dbwrap_ctdb.h b/source3/lib/dbwrap/dbwrap_ctdb.h
index 7898818..bfbe3bd 100644
--- a/source3/lib/dbwrap/dbwrap_ctdb.h
+++ b/source3/lib/dbwrap/dbwrap_ctdb.h
@@ -23,11 +23,14 @@
#include <talloc.h>
+#include "dbwrap/dbwrap_private.h"
+
struct db_context;
struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
const char *name,
int hash_size, int tdb_flags,
- int open_flags, mode_t mode);
+ int open_flags, mode_t mode,
+ enum dbwrap_lock_order lock_order);
#endif /* __DBWRAP_CTDB_H__ */
diff --git a/source3/lib/dbwrap/dbwrap_open.c b/source3/lib/dbwrap/dbwrap_open.c
index 6b8be2d..7315296 100644
--- a/source3/lib/dbwrap/dbwrap_open.c
+++ b/source3/lib/dbwrap/dbwrap_open.c
@@ -62,11 +62,26 @@ bool db_is_local(const char *name)
struct db_context *db_open(TALLOC_CTX *mem_ctx,
const char *name,
int hash_size, int tdb_flags,
- int open_flags, mode_t mode)
+ int open_flags, mode_t mode,
+ enum dbwrap_lock_order lock_order)
{
struct db_context *result = NULL;
#ifdef CLUSTER_SUPPORT
- const char *sockname = lp_ctdbd_socket();
+ const char *sockname;
+#endif
+
+ if ((lock_order != DBWRAP_LOCK_ORDER_1) &&
+ (lock_order != DBWRAP_LOCK_ORDER_2)) {
+ /*
+ * Only allow 2 levels. ctdb gives us 3, and we will
+ * have the watchers database soon.
+ */
+ errno = EINVAL;
+ return NULL;
+ }
+
+#ifdef CLUSTER_SUPPORT
+ sockname = lp_ctdbd_socket();
if(!sockname || !*sockname) {
sockname = CTDB_PATH;
@@ -91,7 +106,8 @@ struct db_context *db_open(TALLOC_CTX *mem_ctx,
/* allow ctdb for individual databases to be disabled */
if (lp_parm_bool(-1, "ctdb", partname, True)) {
result = db_open_ctdb(mem_ctx, partname, hash_size,
- tdb_flags, open_flags, mode);
+ tdb_flags, open_flags, mode,
+ lock_order);
if (result == NULL) {
DEBUG(0,("failed to attach to ctdb %s\n",
partname));
@@ -109,5 +125,8 @@ struct db_context *db_open(TALLOC_CTX *mem_ctx,
result = db_open_tdb(mem_ctx, name, hash_size,
tdb_flags, open_flags, mode);
}
+ if (result != NULL) {
+ result->lock_order = lock_order;
+ }
return result;
}
diff --git a/source3/lib/dbwrap/dbwrap_open.h b/source3/lib/dbwrap/dbwrap_open.h
index 5a172a4..2763ef2 100644
--- a/source3/lib/dbwrap/dbwrap_open.h
+++ b/source3/lib/dbwrap/dbwrap_open.h
@@ -29,6 +29,11 @@ struct db_context;
*/
bool db_is_local(const char *name);
+enum dbwrap_lock_order {
+ DBWRAP_LOCK_ORDER_1 = 1,
+ DBWRAP_LOCK_ORDER_2 = 2
+};
+
/**
* Convenience function that will determine whether to
* open a tdb database via the tdb backend or via the ctdb
@@ -38,6 +43,7 @@ bool db_is_local(const char *name);
struct db_context *db_open(TALLOC_CTX *mem_ctx,
const char *name,
int hash_size, int tdb_flags,
- int open_flags, mode_t mode);
+ int open_flags, mode_t mode,
+ enum dbwrap_lock_order lock_order);
#endif /* __DBWRAP_OPEN_H__ */
diff --git a/source3/lib/dbwrap/dbwrap_private.h b/source3/lib/dbwrap/dbwrap_private.h
index 4806618..111f02d 100644
--- a/source3/lib/dbwrap/dbwrap_private.h
+++ b/source3/lib/dbwrap/dbwrap_private.h
@@ -23,6 +23,8 @@
#ifndef __DBWRAP_PRIVATE_H__
#define __DBWRAP_PRIVATE_H__
+#include "dbwrap/dbwrap_open.h"
+
struct db_record {
TDB_DATA key, value;
NTSTATUS (*store)(struct db_record *rec, TDB_DATA data, int flag);
@@ -54,6 +56,7 @@ struct db_context {
int (*exists)(struct db_context *db,TDB_DATA key);
int (*wipe)(struct db_context *db);
void *private_data;
+ enum dbwrap_lock_order lock_order;
bool persistent;
};
diff --git a/source3/lib/dbwrap/dbwrap_rbt.c b/source3/lib/dbwrap/dbwrap_rbt.c
index 2460418..4fbb0bc 100644
--- a/source3/lib/dbwrap/dbwrap_rbt.c
+++ b/source3/lib/dbwrap/dbwrap_rbt.c
@@ -435,6 +435,7 @@ struct db_context *db_open_rbt(TALLOC_CTX *mem_ctx)
result->exists = db_rbt_exists;
result->wipe = db_rbt_wipe;
result->parse_record = db_rbt_parse_record;
+ result->lock_order = 0;
return result;
}
diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c
index 5616170..1fd8ae9 100644
--- a/source3/lib/g_lock.c
+++ b/source3/lib/g_lock.c
@@ -60,7 +60,8 @@ struct g_lock_ctx *g_lock_ctx_init(TALLOC_CTX *mem_ctx,
result->db = db_open(result, lock_path("g_lock.tdb"), 0,
TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH,
- O_RDWR|O_CREAT, 0600);
+ O_RDWR|O_CREAT, 0600,
+ DBWRAP_LOCK_ORDER_2);
if (result->db == NULL) {
DEBUG(1, ("g_lock_init: Could not open g_lock.tdb\n"));
TALLOC_FREE(result);
diff --git a/source3/lib/serverid.c b/source3/lib/serverid.c
index 6d8a3c0..6a8083a 100644
--- a/source3/lib/serverid.c
+++ b/source3/lib/serverid.c
@@ -76,7 +76,8 @@ static struct db_context *serverid_db(void)
return db;
}
db = db_open(NULL, lock_path("serverid.tdb"), 0,
- TDB_DEFAULT|TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH, O_RDWR|O_CREAT, 0644);
+ TDB_DEFAULT|TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH,
+ O_RDWR|O_CREAT, 0644, DBWRAP_LOCK_ORDER_2);
return db;
}
diff --git a/source3/lib/sessionid_tdb.c b/source3/lib/sessionid_tdb.c
index 6fd3bbc..5782c9a 100644
--- a/source3/lib/sessionid_tdb.c
+++ b/source3/lib/sessionid_tdb.c
@@ -34,7 +34,8 @@ static struct db_context *session_db_ctx(void)
session_db_ctx_ptr = db_open(NULL, lock_path("sessionid.tdb"), 0,
TDB_CLEAR_IF_FIRST|TDB_DEFAULT|TDB_INCOMPATIBLE_HASH,
- O_RDWR | O_CREAT, 0644);
+ O_RDWR | O_CREAT, 0644,
+ DBWRAP_LOCK_ORDER_1);
return session_db_ctx_ptr;
}
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index 2c324cf..cb8993c 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -148,7 +148,8 @@ bool share_info_db_init(void)
}
share_db = db_open(NULL, state_path("share_info.tdb"), 0,
- TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ TDB_DEFAULT, O_RDWR|O_CREAT, 0600,
+ DBWRAP_LOCK_ORDER_1);
if (share_db == NULL) {
DEBUG(0,("Failed to open share info database %s (%s)\n",
state_path("share_info.tdb"), strerror(errno) ));
diff --git a/source3/locking/brlock.c b/source3/locking/brlock.c
index a33d809..289e5d1 100644
--- a/source3/locking/brlock.c
+++ b/source3/locking/brlock.c
@@ -290,7 +290,8 @@ void brl_init(bool read_only)
brlock_db = db_open(NULL, lock_path("brlock.tdb"),
lp_open_files_db_hash_size(), tdb_flags,
- read_only?O_RDONLY:(O_RDWR|O_CREAT), 0644 );
+ read_only?O_RDONLY:(O_RDWR|O_CREAT), 0644,
+ DBWRAP_LOCK_ORDER_2);
if (!brlock_db) {
DEBUG(0,("Failed to open byte range locking database %s\n",
lock_path("brlock.tdb")));
diff --git a/source3/locking/share_mode_lock.c b/source3/locking/share_mode_lock.c
index 002a399..6bc055f 100644
--- a/source3/locking/share_mode_lock.c
+++ b/source3/locking/share_mode_lock.c
@@ -65,7 +65,8 @@ static bool locking_init_internal(bool read_only)
lock_db = db_open(NULL, lock_path("locking.tdb"),
lp_open_files_db_hash_size(),
TDB_DEFAULT|TDB_VOLATILE|TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH,
- read_only?O_RDONLY:O_RDWR|O_CREAT, 0644);
+ read_only?O_RDONLY:O_RDWR|O_CREAT, 0644,
+ DBWRAP_LOCK_ORDER_1);
if (!lock_db) {
DEBUG(0,("ERROR: Failed to initialise locking database\n"));
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index b4715af..bd3c7fa 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -590,7 +590,8 @@ static bool nfs4_map_sid(smbacl4_vfs_params *params, const struct dom_sid *src,
become_root();
mapping_db = db_open(NULL, dbname, 0, TDB_DEFAULT,
- O_RDONLY, 0600);
+ O_RDONLY, 0600,
+ DBWRAP_LOCK_ORDER_1);
unbecome_root();
if (mapping_db == NULL) {
diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index 67d0540..f68afd8 100644
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -59,7 +59,8 @@ static bool acl_tdb_init(void)
}
become_root();
- acl_db = db_open(NULL, dbname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ acl_db = db_open(NULL, dbname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600,
+ DBWRAP_LOCK_ORDER_1);
unbecome_root();
if (acl_db == NULL) {
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 8f367f3..f00caa4 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -601,7 +601,8 @@ static bool xattr_tdb_init(int snum, struct db_context **p_db)
/* now we know dbname is not NULL */
become_root();
- db = db_open(NULL, dbname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ db = db_open(NULL, dbname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600,
+ DBWRAP_LOCK_ORDER_2);
unbecome_root();
if (db == NULL) {
diff --git a/source3/passdb/account_pol.c b/source3/passdb/account_pol.c
index a32d075..4cb185c 100644
--- a/source3/passdb/account_pol.c
+++ b/source3/passdb/account_pol.c
@@ -220,12 +220,13 @@ bool init_account_policy(void)
}
db = db_open(NULL, state_path("account_policy.tdb"), 0, TDB_DEFAULT,
- O_RDWR, 0600);
+ O_RDWR, 0600, DBWRAP_LOCK_ORDER_1);
if (db == NULL) { /* the account policies files does not exist or open
* failed, try to create a new one */
db = db_open(NULL, state_path("account_policy.tdb"), 0,
- TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ TDB_DEFAULT, O_RDWR|O_CREAT, 0600,
+ DBWRAP_LOCK_ORDER_1);
if (db == NULL) {
DEBUG(0,("Failed to open account policy database\n"));
return False;
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 01c0def..a090fcd 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -224,7 +224,8 @@ static bool tdbsam_convert_backup(const char *dbname, struct db_context **pp_db)
* it to stay around after we return from here. */
tmp_db = db_open(NULL, tmp_fname, 0,
- TDB_DEFAULT, O_CREAT|O_RDWR, 0600);
+ TDB_DEFAULT, O_CREAT|O_RDWR, 0600,
+ DBWRAP_LOCK_ORDER_1);
if (tmp_db == NULL) {
DEBUG(0, ("tdbsam_convert_backup: Failed to create backup TDB passwd "
"[%s]\n", tmp_fname));
@@ -290,7 +291,8 @@ static bool tdbsam_convert_backup(const char *dbname, struct db_context **pp_db)
/* re-open the converted TDB */
orig_db = db_open(NULL, dbname, 0,
- TDB_DEFAULT, O_CREAT|O_RDWR, 0600);
+ TDB_DEFAULT, O_CREAT|O_RDWR, 0600,
+ DBWRAP_LOCK_ORDER_1);
if (orig_db == NULL) {
DEBUG(0, ("tdbsam_convert_backup: Failed to re-open "
"converted passdb TDB [%s]\n", dbname));
@@ -440,7 +442,8 @@ static bool tdbsam_open( const char *name )
/* Try to open tdb passwd. Create a new one if necessary */
- db_sam = db_open(NULL, name, 0, TDB_DEFAULT, O_CREAT|O_RDWR, 0600);
+ db_sam = db_open(NULL, name, 0, TDB_DEFAULT, O_CREAT|O_RDWR, 0600,
+ DBWRAP_LOCK_ORDER_1);
if (db_sam == NULL) {
DEBUG(0, ("tdbsam_open: Failed to open/create TDB passwd "
"[%s]\n", name));
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index e40095d..bd6be35 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -75,7 +75,8 @@ bool secrets_init_path(const char *private_dir)
}
db_ctx = db_open(NULL, fname, 0,
- TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ TDB_DEFAULT, O_RDWR|O_CREAT, 0600,
+ DBWRAP_LOCK_ORDER_1);
--
Samba Shared Repository
More information about the samba-cvs
mailing list